On 20.08.2025 20:05, Dmytro Prokopchuk1 wrote: > --- a/xen/common/efi/boot.c > +++ b/xen/common/efi/boot.c > @@ -852,7 +852,7 @@ static bool __init read_file(EFI_FILE_HANDLE dir_handle, > CHAR16 *name, > PrintErr(L" failed for "); > PrintErrMesg(name, ret); > > - /* not reached */ > + /* SAF-15-safe deliberately unreachable code */ > return false; > }
Much better (even if not tagged as v2). Yet then, did you consider alternatives? For example, with PrintErrMesg() properly annotated "noreturn", I'd kind of expect compilers to not object to the omission of the "return" statement here. This would then let us get away without a new SAF comment. While you explain in the SAF text why you retain the statement, I'm not convinced of code clarity suffering if it was deleted, as long as a suitable comment is still there. If PrintErrMesg() lost its "noreturn", surely compilers would then diagnose the lack of "return". Jan
