[PATCH] tcg: Use uintptr_t in tcg_malloc implementation

Thu, 10 Jul 2025 15:52:27 -0700 

Avoid ubsan failure with clang-20,
  tcg.h:715:19: runtime error: applying non-zero offset 64 to null pointer
by not using pointers.

Cc: Ilya Leoshkevich <i...@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
---

Supercedes: 20250618183759.9197-1-...@linux.ibm.com
("[PATCH v2] tcg: Remove NULL arithmetic in tcg_malloc()")

Ilya, I think I prefer this solution to &dummy_pool.
What do you think?


r~

---
 include/tcg/tcg.h | 6 +++---
 tcg/tcg.c         | 9 +++++----
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index 125323f153..0c2a319c11 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -357,7 +357,7 @@ static inline TCGRegSet output_pref(const TCGOp *op, 
unsigned i)
 }
 
 struct TCGContext {
-    uint8_t *pool_cur, *pool_end;
+    uintptr_t pool_cur, pool_end;
     TCGPool *pool_first, *pool_current, *pool_first_large;
     int nb_labels;
     int nb_globals;
@@ -706,7 +706,7 @@ size_t tcg_nb_tbs(void);
 static inline void *tcg_malloc(int size)
 {
     TCGContext *s = tcg_ctx;
-    uint8_t *ptr, *ptr_end;
+    uintptr_t ptr, ptr_end;
 
     /* ??? This is a weak placeholder for minimum malloc alignment.  */
     size = QEMU_ALIGN_UP(size, 8);
@@ -717,7 +717,7 @@ static inline void *tcg_malloc(int size)
         return tcg_malloc_internal(tcg_ctx, size);
     } else {
         s->pool_cur = ptr_end;
-        return ptr;
+        return (void *)ptr;
     }
 }
 
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 50d40b9cbe..afac55a203 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -1331,8 +1331,9 @@ void *tcg_malloc_internal(TCGContext *s, int size)
         p = s->pool_current;
         if (!p) {
             p = s->pool_first;
-            if (!p)
+            if (!p) {
                 goto new_pool;
+            }
         } else {
             if (!p->next) {
             new_pool:
@@ -1351,8 +1352,8 @@ void *tcg_malloc_internal(TCGContext *s, int size)
         }
     }
     s->pool_current = p;
-    s->pool_cur = p->data + size;
-    s->pool_end = p->data + p->size;
+    s->pool_cur = (uintptr_t)p->data + size;
+    s->pool_end = (uintptr_t)p->data + p->size;
     return p->data;
 }
 
@@ -1364,7 +1365,7 @@ void tcg_pool_reset(TCGContext *s)
         g_free(p);
     }
     s->pool_first_large = NULL;
-    s->pool_cur = s->pool_end = NULL;
+    s->pool_cur = s->pool_end = 0;
     s->pool_current = NULL;
 }
 
-- 
2.43.0

Reply via email to