Recently I was told that ASSERT() calls to check whether a variable is NULL breaks the Clang Static Analyzer in terms of generating wrong warnings. The reason is that, when a variable/parameter is checked for NULL, this analyzer assumes that it can be. As it doesn't support EDK2 ASSERTs, but only compiler-provided asserts, to it, the ASSERT() call is a simple if-check (-> triggers NULL warnings) which does return to normal code flow (-> any further usages may be dereferencing NULL). This behavior is documented here: http://clang-analyzer.llvm.org/faq.html#null_pointer
To make clear that EDK2 ASSERT() calls are indeed asserts, in my opinion, CpuDeadLoop() should be flagged as 'noreturn' (it indeed should never return) and Breakpoint() as 'analyzer_noreturn' (it may return, but the analyzer doesn't have to care as the debugger is invoked). If I didn't understand the documentation incorrectly, this should fix the issue described in the first paragraph. If you have experience with the Clang Static Analyzer or even this specific issue, I would be happy if you would share your opinion of the concern. Regards, Marvin. _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
