* [PATCH] gc: fix cast in compare_tasks_by_selection()
@ 2020-11-17 21:59 René Scharfe
  2020-11-17 22:30 ` Jeff King
  0 siblings, 1 reply; 2+ messages in thread
From: René Scharfe @ 2020-11-17 21:59 UTC (permalink / raw)
  To: Git Mailing List; +Cc: Derrick Stolee, Junio C Hamano
compare_tasks_by_selection() is used with QSORT and gets passed pointers
to the elements of "static struct maintenance_task tasks[]".  It casts
the *addresses* of these passed pointers to element pointers, though,
and thus effectively compares some unrelated values from the stack.  Fix
the casts to actually compare array elements.
Detected by USan (make SANITIZE=undefined test).
Signed-off-by: René Scharfe <l.s.r@web.de>
---
 builtin/gc.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/builtin/gc.c b/builtin/gc.c
index 5cd2a43f9f..986b760b30 100644
--- a/builtin/gc.c
+++ b/builtin/gc.c
@@ -1213,10 +1213,8 @@ static struct maintenance_task tasks[] = {
 static int compare_tasks_by_selection(const void *a_, const void *b_)
 {
-	const struct maintenance_task *a, *b;
-
-	a = (const struct maintenance_task *)&a_;
-	b = (const struct maintenance_task *)&b_;
+	const struct maintenance_task *a = a_;
+	const struct maintenance_task *b = b_;
 	return b->selected_order - a->selected_order;
 }
--
2.29.2
^ permalink raw reply related	[flat|nested] 2+ messages in thread- * Re: [PATCH] gc: fix cast in compare_tasks_by_selection()
  2020-11-17 21:59 [PATCH] gc: fix cast in compare_tasks_by_selection() René Scharfe
@ 2020-11-17 22:30 ` Jeff King
  0 siblings, 0 replies; 2+ messages in thread
From: Jeff King @ 2020-11-17 22:30 UTC (permalink / raw)
  To: René Scharfe; +Cc: Git Mailing List, Derrick Stolee, Junio C Hamano
On Tue, Nov 17, 2020 at 10:59:49PM +0100, René Scharfe wrote:
> compare_tasks_by_selection() is used with QSORT and gets passed pointers
> to the elements of "static struct maintenance_task tasks[]".  It casts
> the *addresses* of these passed pointers to element pointers, though,
> and thus effectively compares some unrelated values from the stack.  Fix
> the casts to actually compare array elements.
> 
> Detected by USan (make SANITIZE=undefined test).
I checked the caller here, and indeed, it's passing an array-of-struct
so your patch is doing the right thing (not that I doubted it, but
that's what review is for).
This qsort void-pointer convention seems to create a lot of confusion
(not just the lack of type-safety, but the fact that it's getting a
pointer to the element). I felt like we had a discussion about this a
while ago, and indeed, I found:
  https://lore.kernel.org/git/7b95417a-c8fb-4f1e-cb09-c36804a3a4d0@web.de/
The whole sub-thread is worth reading, but the macro you arrived at in:
  https://lore.kernel.org/git/c141fb44-904f-e8b6-119f-7d2d6bcfd81a@web.de/
seems pretty reasonable.
-Peff
^ permalink raw reply	[flat|nested] 2+ messages in thread 
end of thread, other threads:[~2020-11-17 22:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-11-17 21:59 [PATCH] gc: fix cast in compare_tasks_by_selection() René Scharfe
2020-11-17 22:30 ` Jeff King
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).