[patch] Clang Analyzer: Spurious Warnings 2
After #13036 (moved) was committed, clang --analyze continued to produce 2 existing NULL pointer dereference warnings; and 1 new uninitialised variable warning. I am compiling tor from git source on OS X.
== 01-in6-addr32-not-null.patch
The NULL pointer warnings on the return value of tor_addr_to_in6_addr32() are incorrect. But clang can't work this out itself due to limited analysis depth. To teach the analyser that the return value is safe to dereference, I applied tor_assert to the return value. This assert can optionally be wrapped in:
#if !defined(__clang_analyzer__) || PARANOIA
or similar, if performance is an issue in this code. The assertion silences the spurious warning.
== 02-dirserv-init-msg.patch
At this point in the code, msg has been set to a string constant. But the tor code checks that msg is not NULL, and the redundant NULL check confuses the analyser:
log_info(LD_DIRSERV, "Router %s is now rejected: %s",
description, msg?msg:"");
To avoid this spurious warning, the patch initialises msg to NULL.
== clang --analyze clean!
Once these patches are applied, tor is clang --analyze clean, except for dead stores. (Which I trust the optimiser to remove in most cases.)
== git version
These warnings occur in the git source of tor 0.2.6.?-alpha around 14 September 2014 e.g. commit d6b2a1709d28c656dadc019fb24145e6ac400771