From 32b9edeb91a7d9b9752083622d1ce400f45e42ea Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 25 Jul 2017 10:14:24 -0400 Subject: [PATCH] Fix build warnings from Coverity related to our BUG macro In the Linux kernel, the BUG() macro causes an instant panic. Our BUG() macro is different, however: it generates a nonfatal assertion failure, and is usable as an expression. Additionally, this patch tells util_bug.h to make all assertion failures into fatal conditions when we're building with a static analysis tool, so that the analysis tool can look for instances where they're reachable. Fixes bug 23030. --- changes/bug23030_029 | 7 +++++++ src/common/util_bug.h | 13 +++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 changes/bug23030_029 diff --git a/changes/bug23030_029 b/changes/bug23030_029 new file mode 100644 index 000000000..89a1b507d --- /dev/null +++ b/changes/bug23030_029 @@ -0,0 +1,7 @@ + o Minor bugfixes (coverity builds): + - Avoid Coverity build warnings related to our BUG() macro. By + default, Coverity treats BUG() as the Linux kernel does: an + instant abort(). We need to override that so our BUG() macro + doesn't prevent Coverity from analyzing functions that use it. + Fixes bug 23030; bugfix on 0.2.9.1-alpha. + diff --git a/src/common/util_bug.h b/src/common/util_bug.h index e02778110..069580691 100644 --- a/src/common/util_bug.h +++ b/src/common/util_bug.h @@ -58,6 +58,19 @@ * return -1; */ +#ifdef __COVERITY__ +#undef BUG +// Coverity defines this in global headers; let's override it. This is a +// magic coverity-only preprocessor thing. +#nodef BUG(x) ((x)?(__coverity_panic__(),1):0) +#endif + +#if defined(__COVERITY__) || defined(__clang_analyzer__) +// We're running with a static analysis tool: let's treat even nonfatal +// assertion failures as something that we need to avoid. +#define ALL_BUGS_ARE_FATAL +#endif + #ifdef ALL_BUGS_ARE_FATAL #define tor_assert_nonfatal_unreached() tor_assert(0) #define tor_assert_nonfatal(cond) tor_assert((cond))