The analyzer assumed that bootstrap_percent could be less than 0 when we call control_event_bootstrap_problem(), which would mean we're calling log_fn() with undefined values. The assert makes it clear this can't happen.
@@ -3931,6 +3931,9 @@ control_event_bootstrap_problem(const char *warn, int reason)
char buf[BOOTSTRAP_MSG_LEN];
const char *recommendation = "ignore";
+ /* bootstrap_percent must not be in "undefined" state here. */
+ tor_assert(status >= 0);
+
if (bootstrap_percent == 100)
return; /* already bootstrapped; nothing to be done here. */
Sebastian Hahn