commit 602c52cad486516defc9d5ed375effd74cfe4529 Author: Nick Mathewson nickm@torproject.org Date: Fri Jul 28 10:02:38 2017 -0400

Coverity deadcode shenanigans on BUG() macro.

We don't actually want Coverity to complain when a BUG() check can never fail, since such checks can prevent us from introducing bugs later on.

Closes ticket 23054. Closes CID 1415720, 1415724. --- changes/bug23054 | 4 ++++ src/common/util_bug.c | 4 ++++ src/common/util_bug.h | 5 ++++- 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/changes/bug23054 b/changes/bug23054 new file mode 100644 index 000000000..39006cd80 --- /dev/null +++ b/changes/bug23054 @@ -0,0 +1,4 @@ + o Minor features (static analysis): + - The BUG() macro has been changed slightly so that Coverity no + longer complains about dead code if the bug is impossible. Closes + ticket 23054. diff --git a/src/common/util_bug.c b/src/common/util_bug.c index 3d990e370..cc1ac2ff8 100644 --- a/src/common/util_bug.c +++ b/src/common/util_bug.c @@ -13,6 +13,10 @@ #include "backtrace.h" #include "container.h"

+#ifdef __COVERITY__ +int bug_macro_deadcode_dummy__ = 0; +#endif + #ifdef TOR_UNIT_TESTS static void (*failed_assertion_cb)(void) = NULL; static int n_bugs_to_capture = 0; diff --git a/src/common/util_bug.h b/src/common/util_bug.h index ae7e7a37f..de39317d1 100644 --- a/src/common/util_bug.h +++ b/src/common/util_bug.h @@ -59,10 +59,13 @@ */

#ifdef __COVERITY__ +extern int bug_macro_deadcode_dummy__; #undef BUG // Coverity defines this in global headers; let's override it. This is a // magic coverity-only preprocessor thing. -#nodef BUG(x) ((x)?(__coverity_panic__(),1):0) +// We use this "deadcode_dummy__" trick to prevent coverity from +// complaining about unreachable bug cases. +#nodef BUG(x) ((x)?(__coverity_panic__(),1):(0+bug_macro_deadcode_dummy__)) #endif

#if defined(__COVERITY__) || defined(__clang_analyzer__)