[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Report 2 UBSan bugs found by an automatic tool
|
From: |
He Jingxuan |
|
Subject: |
Re: Report 2 UBSan bugs found by an automatic tool |
|
Date: |
Thu, 29 Jul 2021 08:40:55 +0000 |
Hi,
Any updates on these bugs?
Best,
Jingxuan
> On 3 Jul 2021, at 18:00, Tavian Barnes <tavianator@tavianator.com> wrote:
>
> On Sat, 3 Jul 2021 at 11:50, Bernhard Voelker <mail@bernhard-voelker.de>
> wrote:
>>
>> Hi James,
>>
>> On 6/30/21 7:23 PM, He Jingxuan wrote:
>>> ...
>>> bug 1 command: find -H - -delete
>>> relevant error message: ../../find/tree.c:538:23: runtime error: member
>>> access within null pointer of type 'struct predicate’
>>
>> This is in consider_arm_swap().
>> ...
>>
>> Although I think the first one is a false positive, because the code always
>> ensures
>> that the left arm is filled, - and considering the other open bugs related
>> to CBO -,
>> maybe it's time to remove that code?
>
> It's not a false positive:
>
> $ git diff
> diff --git a/find/tree.c b/find/tree.c
> index 1b33edc7..771b92b2 100644
> --- a/find/tree.c
> +++ b/find/tree.c
> @@ -535,6 +535,7 @@ consider_arm_swap (struct predicate *p)
> reason = "Left arm has no child on RHS";
> }
> pr = &p->pred_right;
> + assert(p->pred_left);
> pl = &p->pred_left->pred_right;
>
> if (!reason)
> $ make
> ...
> $ ./find/find nothing -delete
> find: tree.c:538: consider_arm_swap: Assertion `p->pred_left' failed.
> [2] 94356 abort (core dumped) ./find/find nothing -delete
>
> --
> Tavian Barnes