On 16/02/2025 10:23 am, Juergen Gross wrote: > The list_for_each_entry*() iterators are testing for having reached the > end of the list in a way which relies on undefined behavior: the > iterator (being a pointer to the struct of a list element) is advanced > and only then tested to have reached not the next element, but the list > head. This results in the list head being addressed via a list element > pointer, which is undefined, in case the list elements have a higher > alignment then the list head. > > Avoid that by testing for the end of the list before advancing the > iterator. In case of having reached the end of the list, set the > iterator to NULL and use that for stopping the loop. This has the > additional advantage of not leaking the iterator pointing to something > which isn't a list element past the loop. > > Reported-by: Andrew Cooper <[email protected]> > Signed-off-by: Juergen Gross <[email protected]>
I have to admit that my gut feeling is that this is vastly overcomplicated. It also further diverges from Linux. I couldn't find an obvious example of this kind of UBSAN failure in Linux which suggests to me that one of the differences might be relevant. I did start experimenting in this direction, but haven't finished. ~Andrew
