Hey guys,
I found that the definition and usage of macro `CALLPTR` may be
problematic. Its definition is,
54 #define CALLPTR(q, f, arg...)
\
55 ((q->int_ops->f) ? q->int_ops->f(arg) : NULL)
, which means it can evaluate to NULL. It has two occurrences: one in
line 839 and the other is line 856. It appears to me that it's very
likely that there will be invalid memory accesses if `CALLPTR` evaluates
to NULL since there is no NULL test in either location. In other words,
programmers' assumption suggest the else branch of the conditional
expression dead. Please let me know if makes sense or not.
Thanks for your time and I am looking forward to your reply.
Best,
Shaobo
