lib: another attempt at Coverity false positives

Typesafe hash tables do this: assume((tabshift) >= 2 && (tabshift) <= 33); (val) >> (33 - (tabshift)); Sadly, Coverity currently ignores assume() and says: [...] right shifting by more than 31 bits has undefined behavior. The shift amount, "33 - h->hh.tabshift", is 33. Let's see if Coverity understands this can't happen... Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2025-08-06 07:27:09 +00:00 · 2023-09-14 11:43:56 +02:00 · 2023-09-14 11:43:56 +02:00 · 71510e531d
commit 71510e531d
parent 75dbd45c55
1 changed files with 8 additions and 0 deletions
--- a/lib/compiler.h
+++ b/lib/compiler.h
@ -122,6 +122,14 @@ extern "C" {
 #define assume(x)
 #endif

+#ifdef __COVERITY__
+/* __coverity_panic__() is named a bit poorly, it's essentially the same as
+ * __builtin_unreachable().  Used to eliminate false positives.
+ */
+#undef assume
+#define assume(x) do { if (!(x)) __coverity_panic__(); } while (0)
+#endif
+
 /* for helper functions defined inside macros */
 #define macro_inline	static inline __attribute__((unused))
 #define macro_pure	static inline __attribute__((unused, pure))