Draft: Fix invalid dereference in memsafety-broom/linux-hlist*.yml
This MR fixes invalid dereferences and adds the original benchmarks with the changed verdict for the following tasks :
memsafety-broom/linux-hlist-fst-data.yml
memsafety-broom/linux-hlist-lst-data.yml
memsafety-broom/linux-hlist-middle-data.yml
We found a counterexample for each of the 3 tasks:
- The loop in
create
is never entered, sohead->first
isNULL
inloop
- Therefore we end up in the "else"-part of the conditional statement (in the loop initializer) that yields
((void *)0)
. - This means
now
is initialized with the null-pointer andnow->data
is an invalid dereference. (Note: The value ofnow->data
is not actually used, so it is possible that a compiler just removes this statement, but this should be undefined behavior nevertheless)
Our proposed fix for this problem is to use the macro hlist_for_each_entry_safe
(and adapt the preprocessed file accordingly) also in loop
, which should eliminate this issue.