>From `man gcc`:
> passing 0 as the argument to "__builtin_ctz" or
> "__builtin_clz" invokes undefined behavior
This patch fixes an instance of this that occurs when HAProxy processes
HTTP/1 requests, which may cause UBSan to trip. It also proactively
fixes a second instance of this that I have not seen trip UBSan.
---
include/import/eb32tree.h | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/include/import/eb32tree.h b/include/import/eb32tree.h
index 1c03fc1ed..912c3fe92 100644
--- a/include/import/eb32tree.h
+++ b/include/import/eb32tree.h
@@ -301,9 +301,6 @@ __eb32_insert(struct eb_root *root, struct eb32_node *new) {
* would sit on different branches).
*/
- // note that if EB_NODE_BITS > 1, we should check that it's still >= 0
- new->node.bit = flsnz(new->key ^ old->key) - EB_NODE_BITS;
-
if (new->key == old->key) {
new->node.bit = -1; /* mark as new dup tree, just in case */
@@ -321,6 +318,9 @@ __eb32_insert(struct eb_root *root, struct eb32_node *new) {
return container_of(ret, struct eb32_node, node);
}
/* otherwise fall through */
+ } else {
+ // note that if EB_NODE_BITS > 1, we should check that it's
still >= 0
+ new->node.bit = flsnz(new->key ^ old->key) - EB_NODE_BITS;
}
if (new->key >= old->key) {
@@ -434,9 +434,6 @@ __eb32i_insert(struct eb_root *root, struct eb32_node *new)
{
* would sit on different branches).
*/
- // note that if EB_NODE_BITS > 1, we should check that it's still >= 0
- new->node.bit = flsnz(new->key ^ old->key) - EB_NODE_BITS;
-
if (new->key == old->key) {
new->node.bit = -1; /* mark as new dup tree, just in case */
@@ -453,7 +450,9 @@ __eb32i_insert(struct eb_root *root, struct eb32_node *new)
{
ret = eb_insert_dup(&old->node, &new->node);
return container_of(ret, struct eb32_node, node);
}
- /* otherwise fall through */
+ } else {
+ // note that if EB_NODE_BITS > 1, we should check that it's
still >= 0
+ new->node.bit = flsnz(new->key ^ old->key) - EB_NODE_BITS;
}
if ((s32)new->key >= (s32)old->key) {
--
2.50.1
