From 5e27caa60c4ccf257c0dca64883cdf672d8d8ce4 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 15 Jan 2020 10:21:18 -0500
Subject: [PATCH] compat_compiler: add a macro to prevent coverity deadcode
 warnings.

The POSSIBLE(e) macro evaluates to the value of (e), but does so in
a way that a static analyzer will not conclude that (e) is
impossible.  We can use this when we expect our regular compilers to
eliminate deadcode, but we don't want coverity to complain about it.

Part of a fix for 32960.
---
 src/lib/cc/compat_compiler.h | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/lib/cc/compat_compiler.h b/src/lib/cc/compat_compiler.h
index 47782fda08..907622f942 100644
--- a/src/lib/cc/compat_compiler.h
+++ b/src/lib/cc/compat_compiler.h
@@ -227,4 +227,17 @@
 #define EAT_SEMICOLON                                   \
   struct dummy_semicolon_eater__
 
+/**
+ * Tell our static analysis tool to believe that (clang's scan-build or
+ * coverity scan) that an expression might be true.  We use this to suppress
+ * dead-code warnings.
+ **/
+#if defined(__COVERITY__) || defined(__clang_analyzer__)
+/* By calling getenv, we force the analyzer not to conclude that 'expr' is
+ * false. */
+#define POSSIBLE(expr) ((expr) || getenv("STATIC_ANALYZER_DEADCODE_DUMMY_"))
+#else
+#define POSSIBLE(expr) (expr)
+#endif
+
 #endif /* !defined(TOR_COMPAT_COMPILER_H) */