Gerd Hoffmann <kra...@redhat.com> writes:
>> > + assert(vs);
>> > return vnc_socket_local_addr("%s:%s", vs->lsock);
>> > }
>> >
>> >
>>
>> If you want, I can just silence the warning in Coverity.
>
> I think in the source code is better, human readers might wonder too.
>
> And in case the calling code ever changes behavior the assert will trap
> it (even though it is highly unlikely in this specific case).
I'm very much in favor of using assertions to guide Coverity. Besides
human readers, they may also help other static analyzers, including
optimizers.
Speaking of silencing defects: we could also explore use of code
annotations. Example given in the manual:
x = NULL;
...
// coverity[var_deref_op]
*x = 0;
The comment automatically classifies the FORWARD_NULL as intentional.
