Re: [PATCH v1 1/2] libbpf: Fix strict aliasing violations in hashmap

[Yonghong Song]

On 3/20/26 7:44 PM, Ian Rogers wrote:
> The hashmap implementation contained strict aliasing violations.
> Specifically, the hashmap_cast_ptr(p) macro was casting pointers (such
> as void **) to long *, and these were subsequently dereferenced in
> functions like hashmap_insert(), hashmap_find(), and hashmap_delete().
>
> C's strict aliasing rules (C11 6.5/7) prohibit accessing an object
> through an lvalue of an incompatible type. Dereferencing a long * to
> write to a void * object is a violation, even if they share the same
> size, as they are not compatible types. This can lead to undefined
> behavior, especially with aggressive compiler optimizations.

Potentially this could be a concern. Did you actually find an issue
with it?

The linux kernel build has
   KBUILD_CFLAGS += -fno-strict-aliasing

The libbpf does not have this flag. Maybe we should add '-fno-strict-aliasing'
for libbpf as well? This way, we can avoid any future potential
'strict aliasing' issues.

Note that bpf program (tools/testing/selftests/bpf/Makefile)
also has '-fno-strict-alaising' flag.

> Fix this by:
> 1. Updating hashmap_insert(), hashmap_find(), and hashmap_delete() to
>     take void * for their output parameters (old_key, old_value, and
>     value).
> 2. Modifying the implementation to use memcpy() and memset() for
>     accessing these output parameters. Accessing an object as an array of
>     characters (as done by memcpy) is a permitted exception to the
>     strict aliasing rules.
> 3. Updating the hashmap_cast_ptr(p) macro to return void *, ensuring
>     compatibility with the new function signatures while preserving the
>     static assertion that ensures the pointed-to type matches the size of
>     a long.
>
> Input parameters (key and value) remain as long, as they involve value
> conversion rather than incompatible pointer dereferencing, which is safe
> under strict aliasing rules.
>
> Signed-off-by: Ian Rogers <irogers@xxxxxxxxxx>
> ---
>   tools/lib/bpf/hashmap.c | 21 +++++++++++----------
>   tools/lib/bpf/hashmap.h |  8 ++++----
>   2 files changed, 15 insertions(+), 14 deletions(-)
>
> diff --git a/tools/lib/bpf/hashmap.c b/tools/lib/bpf/hashmap.c
> index 140ee4055676..ef50d262a126 100644
> --- a/tools/lib/bpf/hashmap.c
> +++ b/tools/lib/bpf/hashmap.c
> @@ -8,6 +8,7 @@
>   #include <stdint.h>
>   #include <stdlib.h>
>   #include <stdio.h>
> +#include <string.h>
>   #include <errno.h>
>   #include <linux/err.h>
>   #include "hashmap.h"
> @@ -153,24 +154,24 @@ static bool hashmap_find_entry(const struct hashmap *map,
>   
>   int hashmap_insert(struct hashmap *map, long key, long value,
>   		   enum hashmap_insert_strategy strategy,
> -		   long *old_key, long *old_value)
> +		   void *old_key, void *old_value)
>   {
>   	struct hashmap_entry *entry;
>   	size_t h;
>   	int err;
>   
>   	if (old_key)
> -		*old_key = 0;
> +		memset(old_key, 0, sizeof(long));
>   	if (old_value)
> -		*old_value = 0;
> +		memset(old_value, 0, sizeof(long));
>   
>   	h = hash_bits(map->hash_fn(key, map->ctx), map->cap_bits);
>   	if (strategy != HASHMAP_APPEND &&
>   	    hashmap_find_entry(map, key, h, NULL, &entry)) {
>   		if (old_key)
> -			*old_key = entry->key;
> +			memcpy(old_key, &entry->key, sizeof(long));
>   		if (old_value)
> -			*old_value = entry->value;
> +			memcpy(old_value, &entry->value, sizeof(long));
>   
>   		if (strategy == HASHMAP_SET || strategy == HASHMAP_UPDATE) {
>   			entry->key = key;
> @@ -203,7 +204,7 @@ int hashmap_insert(struct hashmap *map, long key, long value,
>   	return 0;
>   }

[...]