Re: [PATCH v2 07/10] tailq: fix cast macro for null pointer

Wed, 16 Jul 2025 01:25:59 -0700 

On Mon, Jun 30, 2025 at 6:06 PM Marat Khalili <marat.khal...@huawei.com> wrote:
>
> > -----Original Message-----
> > From: David Marchand <david.march...@redhat.com>
> > Sent: Monday 23 June 2025 14:53
> > To: dev@dpdk.org
> > Cc: sta...@dpdk.org; Bruce Richardson <bruce.richard...@intel.com>; Tyler
> > Retzlaff <roret...@linux.microsoft.com>; Neil Horman
> > <nhor...@tuxdriver.com>
> > Subject: [PATCH v2 07/10] tailq: fix cast macro for null pointer
> >
> > Doing arithmetics with the NULL pointer is undefined.
> >
> > Caught by UBSan:
> >
> > ../app/test/test_tailq.c:111:9: runtime error:
> >       member access within null pointer of type 'struct rte_tailq_head'
> >
> > Fixes: f6b4f6c9c123 ("tailq: use a single cast macro")
> > Cc: sta...@dpdk.org
> >
> > Signed-off-by: David Marchand <david.march...@redhat.com>
> > Acked-by: Bruce Richardson <bruce.richard...@intel.com>
> > ---
> >  lib/eal/include/rte_tailq.h | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/lib/eal/include/rte_tailq.h b/lib/eal/include/rte_tailq.h
> > index 89f7ef2134..c23df77d96 100644
> > --- a/lib/eal/include/rte_tailq.h
> > +++ b/lib/eal/include/rte_tailq.h
> > @@ -54,7 +54,7 @@ struct rte_tailq_elem {
> >   * Return the first tailq entry cast to the right struct.
> >   */
> >  #define RTE_TAILQ_CAST(tailq_entry, struct_name) \
> > -     (struct struct_name *)&(tailq_entry)->tailq_head
> > +     (tailq_entry == NULL ? NULL : (struct struct_name *)&(tailq_entry)-
> > >tailq_head)
> >
> >  /**
> >   * Utility macro to make looking up a tailqueue for a particular struct 
> > easier.
>
> First tailq_entry is missing parentheses. Also, it is worrying that we now 
> use macro argument twice. E.g. RTE_TAILQ_LOOKUP may become twice slower as a 
> result.
>
> Could we perhaps simplify the macro to `(struct struct_name *)(tailq_entry)`. 
> I tried to find or understand the reasons behind the original construction, 
> but could not.

Thanks for the comment, it made me relookup at this code.

I realise this macro should be called with a correct object in the first place.
Instead the lookup macro itself is the part that is undefined behavior
(wrt comment in case of an error).


-- 
David Marchand

Reply via email to