View Help Online

Start here

Home
About Klocwork
What's new
Fixed issues
Release notes
Installation

Reference

C/C++ checkers
Java checkers
C# checkers
MISRA C 2004 checkers
MISRA C++ 2008 checkers
MISRA C 2012 checkers
MISRA C 2012 checkers with Amendment 1
Commands
Metrics
Troubleshooting
Reference

Product components

C/C++ Integration build analysis
Java Integration build analysis
Desktop analysis
Refactoring
Klocwork Static Code Analysis
Klocwork Code Review
Structure101
Tuning
Custom checkers

Coding environments

Visual Studio
Eclipse for C/C++
Eclipse for Java
IntelliJ IDEA
Other

Administration

Project configuration
Build configuration
Administration
Analysis performance
Server performance
Security/permissions
Licensing
Klocwork Static Code Analysis Web API
Klocwork Code Review Web API

Community

View help online
Visit RogueWave.com
Klocwork Support
Rogue Wave Videos

Legal

Legal information

UNREACH.GEN

Unreachable code

The UNREACH.GEN checker looks for unreachable statements in the code-any code that will never be executed. Usually the result of a logic error, unreachable code is often caused by life-cycle changes to a program or its expected runtime environment.

Vulnerability and risk

Unreachable code can cause unintended program behavior due to a mismatch between the code as written and the intended design. Dead code can also cause confusion during code maintenance or code review. In certain edge cases, the presence of unreachable code can lead to code vulnerabilities when that dead code is responsible for guarding specific resources or code branches.

Recommendations for fixing code flagged with an instance of UNREACH.GEN are hard to make, since the code may be unreachable because of an error, or simply because the developer wanted to write code as safely as possible and added extra code that in real life is unreachable.

Vulnerable code example 1

1    extern void exit(int);
2    int stub();
3
4    int demo_return_or_exit(int t) {
5        if (t > 0) {
6            return t + 1;
7        } else {
8            exit(22);
9        }
10       stub(); 
11       return t + 3;
12    }

In this example, Klocwork produces an unreachable code report to indicate that the call to the 'stub()' function in line 10 is unreachable. All the paths of the preceding if/else statement terminate the function. If the unreachable code is redundant, it can safely be removed. Alternatively, if any of the preceding terminating statements is misplaced, it can be removed or put into a conditional statement.

Vulnerable code example 2

1    extern void exit(int);
2    int stub();
3    
4    int demo_infeasible_if(int t) {
5        if (t > 0) {
6            if (t == 0) {
7                stub(); // <== unreachable
8            }
9        }
10       return t - 1;
11    }

In this case, Klocwork produces an unreachable code report to indicate that the call to the 'stub()' function in line 7 is unreachable, because it occurs on a path in which the conditions aren't feasible-'t' can never be equal to 0 on a path on which it's greater than 0. To fix the problem, the infeasible check and subsequent unreachable code can be removed if they're redundant. Alternatively, any incorrect path conditions can be changed.

Related checkers

External guidance

Extension

This checker can be extended. See Tuning C/C++ analysis for more information.

Parent topic: Unreachable code
Previous topic: INVARIANT_CONDITION.UNREACH
Next topic: UNREACH.SIZEOF

© Rogue Wave Software, Inc. All rights reserved. | Contact