[email protected] (Niels Möller) writes:
> Rewriting using do {} while loop would make some sense, to make it clear
> both to the analyzer and to humans that loops are intended to run at
> least once.
With the below patch, the static analyzer stops complaining when I run
it locally. I still get two reports for --enable-mini-gmp, though, for
the tq adjustments in mpz_div_qr, which I think are false positives. I'm
running scan-build from debian's clang-3.9 package.
Question is if the patch is more or less ugly than adding an
#ifdef __clang_analyzer__
hi = 0;
#endif
at the top of the function. Personally, I find the do {... } while style
a bit unusual and disturbing here.
Regards,
/Niels
diff --git a/ecc-mod.c b/ecc-mod.c
index 5fee4c6..7a58462 100644
--- a/ecc-mod.c
+++ b/ecc-mod.c
@@ -51,7 +51,7 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
mp_size_t i;
unsigned shift;
- assert (sn > 0);
+ assert (bn < mn);
/* FIXME: Could use mpn_addmul_2. */
/* Eliminate sn limbs at a time */
@@ -59,7 +59,7 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
{
/* Multiply sn + 1 limbs at a time, so we get a mn+1 limb
product. Then we can absorb the carry in the high limb */
- while (rn > 2 * mn - bn)
+ do
{
rn -= sn;
@@ -68,11 +68,13 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
rp[rn-1] = rp[rn+sn-1]
+ mpn_add_n (rp + rn - sn - 1, rp + rn - sn - 1, rp + rn - 1, sn);
}
+ while (rn > 2 * mn - bn);
+
goto final_limbs;
}
else
{
- while (rn >= 2 * mn - bn)
+ do
{
rn -= sn;
@@ -83,6 +85,7 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp)
hi = cnd_add_n (hi, rp + rn - mn, m->B, mn);
assert (hi == 0);
}
+ while (rn >= 2 * mn - bn);
}
if (rn > mn)
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
_______________________________________________
nettle-bugs mailing list
[email protected]
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
