Fun and games with, er, test coverage
Mar. 11th, 2007 11:02 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
ewxHere's some gcov output:
34: 599: switch(pflags & (SSH_FXF_CREAT|SSH_FXF_TRUNC|SSH_FXF_EXCL)) {
-: 600: case 0:
11: 601: flags |= SSH_FXF_OPEN_EXISTING;
11: 602: break;
-: 603: case SSH_FXF_TRUNC:
-: 604: /* The drafts demand that SSH_FXF_CREAT also be sent making this formally
-: 605: * invalid, though there doesn't seem any good reason for them to do so:
-: 606: * the client intent seems clear.*/
2: 607: flags |= SSH_FXF_TRUNCATE_EXISTING;
2: 608: break;
-: 609: case SSH_FXF_CREAT:
2: 610: flags |= SSH_FXF_OPEN_OR_CREATE;
2: 611: break;
-: 612: case SSH_FXF_CREAT|SSH_FXF_TRUNC:
17: 613: flags |= SSH_FXF_CREATE_TRUNCATE;
17: 614: break;
-: 615: case SSH_FXF_CREAT|SSH_FXF_EXCL:
-: 616: case SSH_FXF_CREAT|SSH_FXF_TRUNC|SSH_FXF_EXCL: /* nonsensical */
#####: 617: flags |= SSH_FXF_CREATE_NEW;
#####: 618: break;
-: 619: default:
#####: 620: return SSH_FX_BAD_MESSAGE;
-: 621: }
Why are lines 617 and 618 never executed (that's what the hash signs mean)? (If you saw the answer on IRC then you're not eligible l-) Here's a couple of wrong answers:
- Because the tests don't exercise that case. They do, via SSH_FXF_CREAT|SSH_FXF_EXCL.
- Because you turned optimization on, despite the gcov manual telling you not to. Nope, -O0 and other options exactly as required.
(620 isn't executed because the tests don't go there. Apart from the code being obviously correct, no working client is going to send the server there anyway, so I don't really care.)
(no subject)
Date: 2007-03-11 11:15 pm (UTC)(no subject)
Date: 2007-03-12 01:08 pm (UTC)(no subject)
Date: 2007-03-11 11:22 pm (UTC)And surely in security-critical code you have to test cases no working client is going to exercise, in case a malicious client decides to have a go?
And surely
Date: 2007-03-11 11:43 pm (UTC)(no subject)
Date: 2007-03-12 12:19 am (UTC)(no subject)
Date: 2007-03-12 11:08 am (UTC)I'm not sure _CREATE_NEW == 0 being the cause is consistent with -O0. Another possibility, that flags already has the _CREATE_NEW bit(s) set, would also require optimization for the compiler to discard the code.
(no subject)
Date: 2007-03-12 12:50 pm (UTC)And when I tried it (gcc 4.1.1) _CREATE_NEW == 0 said that the instruction corresponding to line 617 was executed even with -O2 (and even though -O2 doesn't appear to produce any code for that instruction).
What puzzles me is that the numbers don't add up: the switch instruction was executed 34 times but the various cases were only executed 32 times in total (which leads me to think that line 617 was executed twice).
(no subject)
Date: 2007-03-12 01:19 pm (UTC)Inspection of the code shows there's no instruction generated (in a simple test case - the code in question has been rearranged to confuse the profiler less, though the old arrangement is still there in bzr).
I tried a simpler test case and although inspection of the output reveals that no code is generated, the profiler does think the code ran.
1: 5:int main(void) { 1: 6: int x = 99; -: 7: 1: 8: f(); 1: 9: x |= 0; 1: 10: f(); 1: 11: return x; -: 12:}So perhaps in this case the profiler is being clever (or stupid in a way that gives superficially more correct results).
(no subject)
Date: 2007-03-16 10:09 pm (UTC)