lib: typesafe hash table breadcrumbs

Looking at the coverity report, it complains that tabshift could be zero, resulting in a uint32_t shifted by 33 (which is undefined.) As I was confused by the "+ 1", in addition to the SA assume(), leave some breadcumbs for next time this comes up. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
author: David Lamparter <equinox@opensourcerouting.org> 2023-04-21 16:15:11 +0200
committer: David Lamparter <equinox@opensourcerouting.org> 2023-04-21 16:27:21 +0200
commit: ae19023b8e00c6a8d4ae9d631d8db15fb4924800 (patch)
tree: d4f526fb9ad839daf853390adeb6b779fe553ce5 /lib/typesafe.c
parent: Merge pull request #13334 from louis-6wind/flexalgo-fixes (diff)
download: frr-ae19023b8e00c6a8d4ae9d631d8db15fb4924800.tar.xz
frr-ae19023b8e00c6a8d4ae9d631d8db15fb4924800.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/typesafe.c b/lib/typesafe.c
index 0da35d0f8..c07744798 100644
--- a/lib/typesafe.c
+++ b/lib/typesafe.c
@@ -85,6 +85,15 @@ void typesafe_hash_grow(struct thash_head *head)
 	uint32_t newsize = head->count, i, j;
 	uint8_t newshift, delta;
 
+	/* note hash_grow is called after head->count++, so newsize is
+	 * guaranteed to be >= 1.  So the minimum argument to builtin_ctz
+	 * below is 2, which returns 1, and that makes newshift >= 2.
+	 *
+	 * Calling hash_grow with a zero head->count would result in a
+	 * malformed hash table that has tabshift == 1.
+	 */
+	assert(head->count > 0);
+
 	hash_consistency_check(head);
 
 	newsize |= newsize >> 1;
author	David Lamparter <equinox@opensourcerouting.org>	2023-04-21 16:15:11 +0200
committer	David Lamparter <equinox@opensourcerouting.org>	2023-04-21 16:27:21 +0200
commit	ae19023b8e00c6a8d4ae9d631d8db15fb4924800 (patch)
tree	d4f526fb9ad839daf853390adeb6b779fe553ce5 /lib/typesafe.c
parent	Merge pull request #13334 from louis-6wind/flexalgo-fixes (diff)
download	frr-ae19023b8e00c6a8d4ae9d631d8db15fb4924800.tar.xz frr-ae19023b8e00c6a8d4ae9d631d8db15fb4924800.zip