From 90e3aee65570ec35b8f3ca5e4b8d01c2e7a0fbfe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Thu, 14 Sep 2017 09:06:49 +0200
Subject: [PATCH] Workaround to silence the clang static analyzer.

---
 ChangeLog | 5 +++++
 ecc-mod.c | 8 +++++++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index b9f597a2..8c795096 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2017-09-14  Niels Möller  <nisse@lysator.liu.se>
+
+	* ecc-mod.c (ecc_mod): Workaround to silence a false positive from
+	the clang static analyzer.
+
 2017-09-12  Niels Möller  <nisse@lysator.liu.se>
 
 	* testsuite/testutils.h (mpn_zero_p): Avoid redefining mpn_zero_p
diff --git a/ecc-mod.c b/ecc-mod.c
index 5fee4c68..4e77f0c0 100644
--- a/ecc-mod.c
+++ b/ecc-mod.c
@@ -51,7 +51,7 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
   mp_size_t i;
   unsigned shift;
 
-  assert (sn > 0);
+  assert (bn < mn);
 
   /* FIXME: Could use mpn_addmul_2. */
   /* Eliminate sn limbs at a time */
@@ -72,6 +72,12 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
     }
   else
     {
+      /* The loop below always runs at least once. But the analyzer
+	 doesn't realize that, and complains about hi being used later
+	 on without a well defined value. */
+#ifdef __clang_analyzer__
+      hi = 0;
+#endif
       while (rn >= 2 * mn - bn)
 	{
 	  rn -= sn;
-- 
GitLab