Bug Summary

File:tools/clang/lib/Lex/MacroArgs.cpp
Warning:line 71, column 15
Called C++ object pointer is null

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name MacroArgs.cpp -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-eagerly-assume -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -mrelocation-model pic -pic-level 2 -mthread-model posix -relaxed-aliasing -fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -momit-leaf-frame-pointer -ffunction-sections -fdata-sections -resource-dir /usr/lib/llvm-7/lib/clang/7.0.0 -D _DEBUG -D _GNU_SOURCE -D __STDC_CONSTANT_MACROS -D __STDC_FORMAT_MACROS -D __STDC_LIMIT_MACROS -I /build/llvm-toolchain-snapshot-7~svn329677/build-llvm/tools/clang/lib/Lex -I /build/llvm-toolchain-snapshot-7~svn329677/tools/clang/lib/Lex -I /build/llvm-toolchain-snapshot-7~svn329677/tools/clang/include -I /build/llvm-toolchain-snapshot-7~svn329677/build-llvm/tools/clang/include -I /build/llvm-toolchain-snapshot-7~svn329677/build-llvm/include -I /build/llvm-toolchain-snapshot-7~svn329677/include -U NDEBUG -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/7.3.0/../../../../include/c++/7.3.0 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/7.3.0/../../../../include/x86_64-linux-gnu/c++/7.3.0 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/7.3.0/../../../../include/x86_64-linux-gnu/c++/7.3.0 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/7.3.0/../../../../include/c++/7.3.0/backward -internal-isystem /usr/include/clang/7.0.0/include/ -internal-isystem /usr/local/include -internal-isystem /usr/lib/llvm-7/lib/clang/7.0.0/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -Wno-unused-parameter -Wwrite-strings -Wno-missing-field-initializers -Wno-long-long -Wno-maybe-uninitialized -Wno-comment -std=c++11 -fdeprecated-macro -fdebug-compilation-dir /build/llvm-toolchain-snapshot-7~svn329677/build-llvm/tools/clang/lib/Lex -ferror-limit 19 -fmessage-length 0 -fvisibility-inlines-hidden -fobjc-runtime=gcc -fno-common -fdiagnostics-show-option -vectorize-loops -vectorize-slp -analyzer-checker optin.performance.Padding -analyzer-output=html -analyzer-config stable-report-filename=true -o /tmp/scan-build-2018-04-11-031539-24776-1 -x c++ /build/llvm-toolchain-snapshot-7~svn329677/tools/clang/lib/Lex/MacroArgs.cpp
1//===--- MacroArgs.cpp - Formal argument info for Macros ------------------===//
2//
3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9//
10// This file implements the MacroArgs interface.
11//
12//===----------------------------------------------------------------------===//
13
14#include "clang/Lex/MacroArgs.h"
15#include "clang/Lex/LexDiagnostic.h"
16#include "clang/Lex/MacroInfo.h"
17#include "clang/Lex/Preprocessor.h"
18#include "llvm/ADT/SmallString.h"
19#include "llvm/Support/SaveAndRestore.h"
20#include <algorithm>
21
22using namespace clang;
23
24/// MacroArgs ctor function - This destroys the vector passed in.
25MacroArgs *MacroArgs::create(const MacroInfo *MI,
26 ArrayRef<Token> UnexpArgTokens,
27 bool VarargsElided, Preprocessor &PP) {
28 assert(MI->isFunctionLike() &&(static_cast <bool> (MI->isFunctionLike() &&
"Can't have args for an object-like macro!") ? void (0) : __assert_fail
("MI->isFunctionLike() && \"Can't have args for an object-like macro!\""
, "/build/llvm-toolchain-snapshot-7~svn329677/tools/clang/lib/Lex/MacroArgs.cpp"
, 29, __extension__ __PRETTY_FUNCTION__))
29 "Can't have args for an object-like macro!")(static_cast <bool> (MI->isFunctionLike() &&
"Can't have args for an object-like macro!") ? void (0) : __assert_fail
("MI->isFunctionLike() && \"Can't have args for an object-like macro!\""
, "/build/llvm-toolchain-snapshot-7~svn329677/tools/clang/lib/Lex/MacroArgs.cpp"
, 29, __extension__ __PRETTY_FUNCTION__));
30 MacroArgs **ResultEnt = nullptr;
31 unsigned ClosestMatch = ~0U;
32
33 // See if we have an entry with a big enough argument list to reuse on the
34 // free list. If so, reuse it.
35 for (MacroArgs **Entry = &PP.MacroArgCache; *Entry;
1
Loop condition is false. Execution continues on line 48
36 Entry = &(*Entry)->ArgCache) {
37 if ((*Entry)->NumUnexpArgTokens >= UnexpArgTokens.size() &&
38 (*Entry)->NumUnexpArgTokens < ClosestMatch) {
39 ResultEnt = Entry;
40
41 // If we have an exact match, use it.
42 if ((*Entry)->NumUnexpArgTokens == UnexpArgTokens.size())
43 break;
44 // Otherwise, use the best fit.
45 ClosestMatch = (*Entry)->NumUnexpArgTokens;
46 }
47 }
48 MacroArgs *Result;
49 if (!ResultEnt) {
2
Taking true branch
50 // Allocate memory for a MacroArgs object with the lexer tokens at the end,
51 // and construct the MacroArgs object.
52 Result = new (
3
Null pointer value stored to 'Result'
53 llvm::safe_malloc(totalSizeToAlloc<Token>(UnexpArgTokens.size())))
54 MacroArgs(UnexpArgTokens.size(), VarargsElided, MI->getNumParams());
55 } else {
56 Result = *ResultEnt;
57 // Unlink this node from the preprocessors singly linked list.
58 *ResultEnt = Result->ArgCache;
59 Result->NumUnexpArgTokens = UnexpArgTokens.size();
60 Result->VarargsElided = VarargsElided;
61 Result->NumMacroArgs = MI->getNumParams();
62 }
63
64 // Copy the actual unexpanded tokens to immediately after the result ptr.
65 if (!UnexpArgTokens.empty()) {
4
Assuming the condition is true
5
Taking true branch
66 static_assert(std::is_trivial<Token>::value,
67 "assume trivial copyability if copying into the "
68 "uninitialized array (as opposed to reusing a cached "
69 "MacroArgs)");
70 std::copy(UnexpArgTokens.begin(), UnexpArgTokens.end(),
71 Result->getTrailingObjects<Token>());
6
Called C++ object pointer is null
72 }
73
74 return Result;
75}
76
77/// destroy - Destroy and deallocate the memory for this object.
78///
79void MacroArgs::destroy(Preprocessor &PP) {
80 StringifiedArgs.clear();
81
82 // Don't clear PreExpArgTokens, just clear the entries. Clearing the entries
83 // would deallocate the element vectors.
84 for (unsigned i = 0, e = PreExpArgTokens.size(); i != e; ++i)
85 PreExpArgTokens[i].clear();
86
87 // Add this to the preprocessor's free list.
88 ArgCache = PP.MacroArgCache;
89 PP.MacroArgCache = this;
90}
91
92/// deallocate - This should only be called by the Preprocessor when managing
93/// its freelist.
94MacroArgs *MacroArgs::deallocate() {
95 MacroArgs *Next = ArgCache;
96
97 // Run the dtor to deallocate the vectors.
98 this->~MacroArgs();
99 // Release the memory for the object.
100 static_assert(std::is_trivially_destructible<Token>::value,
101 "assume trivially destructible and forego destructors");
102 free(this);
103
104 return Next;
105}
106
107
108/// getArgLength - Given a pointer to an expanded or unexpanded argument,
109/// return the number of tokens, not counting the EOF, that make up the
110/// argument.
111unsigned MacroArgs::getArgLength(const Token *ArgPtr) {
112 unsigned NumArgTokens = 0;
113 for (; ArgPtr->isNot(tok::eof); ++ArgPtr)
114 ++NumArgTokens;
115 return NumArgTokens;
116}
117
118
119/// getUnexpArgument - Return the unexpanded tokens for the specified formal.
120///
121const Token *MacroArgs::getUnexpArgument(unsigned Arg) const {
122
123 assert(Arg < getNumMacroArguments() && "Invalid arg #")(static_cast <bool> (Arg < getNumMacroArguments() &&
"Invalid arg #") ? void (0) : __assert_fail ("Arg < getNumMacroArguments() && \"Invalid arg #\""
, "/build/llvm-toolchain-snapshot-7~svn329677/tools/clang/lib/Lex/MacroArgs.cpp"
, 123, __extension__ __PRETTY_FUNCTION__));
124 // The unexpanded argument tokens start immediately after the MacroArgs object
125 // in memory.
126 const Token *Start = getTrailingObjects<Token>();
127 const Token *Result = Start;
128
129 // Scan to find Arg.
130 for (; Arg; ++Result) {
131 assert(Result < Start+NumUnexpArgTokens && "Invalid arg #")(static_cast <bool> (Result < Start+NumUnexpArgTokens
&& "Invalid arg #") ? void (0) : __assert_fail ("Result < Start+NumUnexpArgTokens && \"Invalid arg #\""
, "/build/llvm-toolchain-snapshot-7~svn329677/tools/clang/lib/Lex/MacroArgs.cpp"
, 131, __extension__ __PRETTY_FUNCTION__));
132 if (Result->is(tok::eof))
133 --Arg;
134 }
135 assert(Result < Start+NumUnexpArgTokens && "Invalid arg #")(static_cast <bool> (Result < Start+NumUnexpArgTokens
&& "Invalid arg #") ? void (0) : __assert_fail ("Result < Start+NumUnexpArgTokens && \"Invalid arg #\""
, "/build/llvm-toolchain-snapshot-7~svn329677/tools/clang/lib/Lex/MacroArgs.cpp"
, 135, __extension__ __PRETTY_FUNCTION__));
136 return Result;
137}
138
139// This function assumes that the variadic arguments are the tokens
140// corresponding to the last parameter (ellipsis) - and since tokens are
141// separated by the 'eof' token, if that is the only token corresponding to that
142// last parameter, we know no variadic arguments were supplied.
143bool MacroArgs::invokedWithVariadicArgument(const MacroInfo *const MI) const {
144 if (!MI->isVariadic())
145 return false;
146 const int VariadicArgIndex = getNumMacroArguments() - 1;
147 return getUnexpArgument(VariadicArgIndex)->isNot(tok::eof);
148}
149
150/// ArgNeedsPreexpansion - If we can prove that the argument won't be affected
151/// by pre-expansion, return false. Otherwise, conservatively return true.
152bool MacroArgs::ArgNeedsPreexpansion(const Token *ArgTok,
153 Preprocessor &PP) const {
154 // If there are no identifiers in the argument list, or if the identifiers are
155 // known to not be macros, pre-expansion won't modify it.
156 for (; ArgTok->isNot(tok::eof); ++ArgTok)
157 if (IdentifierInfo *II = ArgTok->getIdentifierInfo())
158 if (II->hasMacroDefinition())
159 // Return true even though the macro could be a function-like macro
160 // without a following '(' token, or could be disabled, or not visible.
161 return true;
162 return false;
163}
164
165/// getPreExpArgument - Return the pre-expanded form of the specified
166/// argument.
167const std::vector<Token> &MacroArgs::getPreExpArgument(unsigned Arg,
168 Preprocessor &PP) {
169 assert(Arg < getNumMacroArguments() && "Invalid argument number!")(static_cast <bool> (Arg < getNumMacroArguments() &&
"Invalid argument number!") ? void (0) : __assert_fail ("Arg < getNumMacroArguments() && \"Invalid argument number!\""
, "/build/llvm-toolchain-snapshot-7~svn329677/tools/clang/lib/Lex/MacroArgs.cpp"
, 169, __extension__ __PRETTY_FUNCTION__));
170
171 // If we have already computed this, return it.
172 if (PreExpArgTokens.size() < getNumMacroArguments())
173 PreExpArgTokens.resize(getNumMacroArguments());
174
175 std::vector<Token> &Result = PreExpArgTokens[Arg];
176 if (!Result.empty()) return Result;
177
178 SaveAndRestore<bool> PreExpandingMacroArgs(PP.InMacroArgPreExpansion, true);
179
180 const Token *AT = getUnexpArgument(Arg);
181 unsigned NumToks = getArgLength(AT)+1; // Include the EOF.
182
183 // Otherwise, we have to pre-expand this argument, populating Result. To do
184 // this, we set up a fake TokenLexer to lex from the unexpanded argument
185 // list. With this installed, we lex expanded tokens until we hit the EOF
186 // token at the end of the unexp list.
187 PP.EnterTokenStream(AT, NumToks, false /*disable expand*/,
188 false /*owns tokens*/);
189
190 // Lex all of the macro-expanded tokens into Result.
191 do {
192 Result.push_back(Token());
193 Token &Tok = Result.back();
194 PP.Lex(Tok);
195 } while (Result.back().isNot(tok::eof));
196
197 // Pop the token stream off the top of the stack. We know that the internal
198 // pointer inside of it is to the "end" of the token stream, but the stack
199 // will not otherwise be popped until the next token is lexed. The problem is
200 // that the token may be lexed sometime after the vector of tokens itself is
201 // destroyed, which would be badness.
202 if (PP.InCachingLexMode())
203 PP.ExitCachingLexMode();
204 PP.RemoveTopOfLexerStack();
205 return Result;
206}
207
208
209/// StringifyArgument - Implement C99 6.10.3.2p2, converting a sequence of
210/// tokens into the literal string token that should be produced by the C #
211/// preprocessor operator. If Charify is true, then it should be turned into
212/// a character literal for the Microsoft charize (#@) extension.
213///
214Token MacroArgs::StringifyArgument(const Token *ArgToks,
215 Preprocessor &PP, bool Charify,
216 SourceLocation ExpansionLocStart,
217 SourceLocation ExpansionLocEnd) {
218 Token Tok;
219 Tok.startToken();
220 Tok.setKind(Charify ? tok::char_constant : tok::string_literal);
221
222 const Token *ArgTokStart = ArgToks;
223
224 // Stringify all the tokens.
225 SmallString<128> Result;
226 Result += "\"";
227
228 bool isFirst = true;
229 for (; ArgToks->isNot(tok::eof); ++ArgToks) {
230 const Token &Tok = *ArgToks;
231 if (!isFirst && (Tok.hasLeadingSpace() || Tok.isAtStartOfLine()))
232 Result += ' ';
233 isFirst = false;
234
235 // If this is a string or character constant, escape the token as specified
236 // by 6.10.3.2p2.
237 if (tok::isStringLiteral(Tok.getKind()) || // "foo", u8R"x(foo)x"_bar, etc.
238 Tok.is(tok::char_constant) || // 'x'
239 Tok.is(tok::wide_char_constant) || // L'x'.
240 Tok.is(tok::utf8_char_constant) || // u8'x'.
241 Tok.is(tok::utf16_char_constant) || // u'x'.
242 Tok.is(tok::utf32_char_constant)) { // U'x'.
243 bool Invalid = false;
244 std::string TokStr = PP.getSpelling(Tok, &Invalid);
245 if (!Invalid) {
246 std::string Str = Lexer::Stringify(TokStr);
247 Result.append(Str.begin(), Str.end());
248 }
249 } else if (Tok.is(tok::code_completion)) {
250 PP.CodeCompleteNaturalLanguage();
251 } else {
252 // Otherwise, just append the token. Do some gymnastics to get the token
253 // in place and avoid copies where possible.
254 unsigned CurStrLen = Result.size();
255 Result.resize(CurStrLen+Tok.getLength());
256 const char *BufPtr = Result.data() + CurStrLen;
257 bool Invalid = false;
258 unsigned ActualTokLen = PP.getSpelling(Tok, BufPtr, &Invalid);
259
260 if (!Invalid) {
261 // If getSpelling returned a pointer to an already uniqued version of
262 // the string instead of filling in BufPtr, memcpy it onto our string.
263 if (ActualTokLen && BufPtr != &Result[CurStrLen])
264 memcpy(&Result[CurStrLen], BufPtr, ActualTokLen);
265
266 // If the token was dirty, the spelling may be shorter than the token.
267 if (ActualTokLen != Tok.getLength())
268 Result.resize(CurStrLen+ActualTokLen);
269 }
270 }
271 }
272
273 // If the last character of the string is a \, and if it isn't escaped, this
274 // is an invalid string literal, diagnose it as specified in C99.
275 if (Result.back() == '\\') {
276 // Count the number of consecutive \ characters. If even, then they are
277 // just escaped backslashes, otherwise it's an error.
278 unsigned FirstNonSlash = Result.size()-2;
279 // Guaranteed to find the starting " if nothing else.
280 while (Result[FirstNonSlash] == '\\')
281 --FirstNonSlash;
282 if ((Result.size()-1-FirstNonSlash) & 1) {
283 // Diagnose errors for things like: #define F(X) #X / F(\)
284 PP.Diag(ArgToks[-1], diag::pp_invalid_string_literal);
285 Result.pop_back(); // remove one of the \'s.
286 }
287 }
288 Result += '"';
289
290 // If this is the charify operation and the result is not a legal character
291 // constant, diagnose it.
292 if (Charify) {
293 // First step, turn double quotes into single quotes:
294 Result[0] = '\'';
295 Result[Result.size()-1] = '\'';
296
297 // Check for bogus character.
298 bool isBad = false;
299 if (Result.size() == 3)
300 isBad = Result[1] == '\''; // ''' is not legal. '\' already fixed above.
301 else
302 isBad = (Result.size() != 4 || Result[1] != '\\'); // Not '\x'
303
304 if (isBad) {
305 PP.Diag(ArgTokStart[0], diag::err_invalid_character_to_charify);
306 Result = "' '"; // Use something arbitrary, but legal.
307 }
308 }
309
310 PP.CreateString(Result, Tok,
311 ExpansionLocStart, ExpansionLocEnd);
312 return Tok;
313}
314
315/// getStringifiedArgument - Compute, cache, and return the specified argument
316/// that has been 'stringified' as required by the # operator.
317const Token &MacroArgs::getStringifiedArgument(unsigned ArgNo,
318 Preprocessor &PP,
319 SourceLocation ExpansionLocStart,
320 SourceLocation ExpansionLocEnd) {
321 assert(ArgNo < getNumMacroArguments() && "Invalid argument number!")(static_cast <bool> (ArgNo < getNumMacroArguments() &&
"Invalid argument number!") ? void (0) : __assert_fail ("ArgNo < getNumMacroArguments() && \"Invalid argument number!\""
, "/build/llvm-toolchain-snapshot-7~svn329677/tools/clang/lib/Lex/MacroArgs.cpp"
, 321, __extension__ __PRETTY_FUNCTION__));
322 if (StringifiedArgs.empty())
323 StringifiedArgs.resize(getNumMacroArguments(), {});
324
325 if (StringifiedArgs[ArgNo].isNot(tok::string_literal))
326 StringifiedArgs[ArgNo] = StringifyArgument(getUnexpArgument(ArgNo), PP,
327 /*Charify=*/false,
328 ExpansionLocStart,
329 ExpansionLocEnd);
330 return StringifiedArgs[ArgNo];
331}