Coverity deadcode shenanigans on BUG() macro.

We don't actually want Coverity to complain when a BUG() check can never fail, since such checks can prevent us from introducing bugs later on. Closes ticket 23054. Closes CID 1415720, 1415724.
2024-11-27 22:03:31 +01:00 · 2017-07-28 10:02:38 -04:00 · 2017-07-28 10:02:38 -04:00 · 602c52cad4
commit 602c52cad4
parent 5f0fa480dd
3 changed files with 12 additions and 1 deletions
--- a/changes/bug23054
+++ b/changes/bug23054
@ -0,0 +1,4 @@
+  o Minor features (static analysis):
+    - The BUG() macro has been changed slightly so that Coverity no
+      longer complains about dead code if the bug is impossible. Closes
+      ticket 23054.
--- a/src/common/util_bug.c
+++ b/src/common/util_bug.c
@ -13,6 +13,10 @@
 #include "backtrace.h"
 #include "container.h"

+#ifdef __COVERITY__
+int bug_macro_deadcode_dummy__ = 0;
+#endif
+
 #ifdef TOR_UNIT_TESTS
 static void (*failed_assertion_cb)(void) = NULL;
 static int n_bugs_to_capture = 0;
--- a/src/common/util_bug.h
+++ b/src/common/util_bug.h
@ -59,10 +59,13 @@
 */

 #ifdef __COVERITY__
+extern int bug_macro_deadcode_dummy__;
 #undef BUG
 // Coverity defines this in global headers; let's override it.  This is a
 // magic coverity-only preprocessor thing.
-#nodef BUG(x) ((x)?(__coverity_panic__(),1):0)
+// We use this "deadcode_dummy__" trick to prevent coverity from
+// complaining about unreachable bug cases.
+#nodef BUG(x) ((x)?(__coverity_panic__(),1):(0+bug_macro_deadcode_dummy__))
 #endif

 #if defined(__COVERITY__) || defined(__clang_analyzer__)