Bug Summary

File:build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/clang-tools-extra/clang-query/QueryParser.cpp
Warning:line 361, column 1
Potential leak of memory pointed to by 'Q.Obj'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name QueryParser.cpp -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -mframe-pointer=none -relaxed-aliasing -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -ffunction-sections -fdata-sections -fcoverage-compilation-dir=/build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/build-llvm/tools/clang/stage2-bins -resource-dir /usr/lib/llvm-15/lib/clang/15.0.0 -D _DEBUG -D _GNU_SOURCE -D __STDC_CONSTANT_MACROS -D __STDC_FORMAT_MACROS -D __STDC_LIMIT_MACROS -I tools/clang/tools/extra/clang-query -I /build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/clang-tools-extra/clang-query -I /build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/clang/include -I tools/clang/include -I include -I /build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/llvm/include -D _FORTIFY_SOURCE=2 -D NDEBUG -U NDEBUG -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../include/x86_64-linux-gnu/c++/10 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/backward -internal-isystem /usr/lib/llvm-15/lib/clang/15.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fmacro-prefix-map=/build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/build-llvm/tools/clang/stage2-bins=build-llvm/tools/clang/stage2-bins -fmacro-prefix-map=/build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/= -fcoverage-prefix-map=/build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/build-llvm/tools/clang/stage2-bins=build-llvm/tools/clang/stage2-bins -fcoverage-prefix-map=/build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/= -O3 -Wno-unused-command-line-argument -Wno-unused-parameter -Wwrite-strings -Wno-missing-field-initializers -Wno-long-long -Wno-maybe-uninitialized -Wno-class-memaccess -Wno-redundant-move -Wno-pessimizing-move -Wno-noexcept-type -Wno-comment -std=c++14 -fdeprecated-macro -fdebug-compilation-dir=/build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/build-llvm/tools/clang/stage2-bins -fdebug-prefix-map=/build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/build-llvm/tools/clang/stage2-bins=build-llvm/tools/clang/stage2-bins -fdebug-prefix-map=/build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/= -ferror-limit 19 -fvisibility-inlines-hidden -stack-protector 2 -fgnuc-version=4.2.1 -fcolor-diagnostics -vectorize-loops -vectorize-slp -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2022-04-17-232754-135872-1 -x c++ /build/llvm-toolchain-snapshot-15~++20220417100927+b27430f9f46b/clang-tools-extra/clang-query/QueryParser.cpp
1//===---- QueryParser.cpp - clang-query command parser --------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#include "QueryParser.h"
10#include "Query.h"
11#include "QuerySession.h"
12#include "clang/ASTMatchers/Dynamic/Parser.h"
13#include "clang/Basic/CharInfo.h"
14#include "clang/Tooling/NodeIntrospection.h"
15#include "llvm/ADT/StringRef.h"
16#include "llvm/ADT/StringSwitch.h"
17#include <set>
18
19using namespace llvm;
20using namespace clang::ast_matchers::dynamic;
21
22namespace clang {
23namespace query {
24
25// Lex any amount of whitespace followed by a "word" (any sequence of
26// non-whitespace characters) from the start of region [Begin,End). If no word
27// is found before End, return StringRef(). Begin is adjusted to exclude the
28// lexed region.
29StringRef QueryParser::lexWord() {
30 Line = Line.drop_while([](char c) {
31 // Don't trim newlines.
32 return StringRef(" \t\v\f\r").contains(c);
33 });
34
35 if (Line.empty())
36 // Even though the Line is empty, it contains a pointer and
37 // a (zero) length. The pointer is used in the LexOrCompleteWord
38 // code completion.
39 return Line;
40
41 StringRef Word;
42 if (Line.front() == '#')
43 Word = Line.substr(0, 1);
44 else
45 Word = Line.take_until(isWhitespace);
46
47 Line = Line.drop_front(Word.size());
48 return Word;
49}
50
51// This is the StringSwitch-alike used by lexOrCompleteWord below. See that
52// function for details.
53template <typename T> struct QueryParser::LexOrCompleteWord {
54 StringRef Word;
55 StringSwitch<T> Switch;
56
57 QueryParser *P;
58 // Set to the completion point offset in Word, or StringRef::npos if
59 // completion point not in Word.
60 size_t WordCompletionPos;
61
62 // Lexes a word and stores it in Word. Returns a LexOrCompleteWord<T> object
63 // that can be used like a llvm::StringSwitch<T>, but adds cases as possible
64 // completions if the lexed word contains the completion point.
65 LexOrCompleteWord(QueryParser *P, StringRef &OutWord)
66 : Word(P->lexWord()), Switch(Word), P(P),
67 WordCompletionPos(StringRef::npos) {
68 OutWord = Word;
69 if (P->CompletionPos && P->CompletionPos <= Word.data() + Word.size()) {
70 if (P->CompletionPos < Word.data())
71 WordCompletionPos = 0;
72 else
73 WordCompletionPos = P->CompletionPos - Word.data();
74 }
75 }
76
77 LexOrCompleteWord &Case(llvm::StringLiteral CaseStr, const T &Value,
78 bool IsCompletion = true) {
79
80 if (WordCompletionPos == StringRef::npos)
81 Switch.Case(CaseStr, Value);
82 else if (CaseStr.size() != 0 && IsCompletion && WordCompletionPos <= CaseStr.size() &&
83 CaseStr.substr(0, WordCompletionPos) ==
84 Word.substr(0, WordCompletionPos))
85 P->Completions.push_back(LineEditor::Completion(
86 (CaseStr.substr(WordCompletionPos) + " ").str(),
87 std::string(CaseStr)));
88 return *this;
89 }
90
91 T Default(T Value) { return Switch.Default(Value); }
92};
93
94QueryRef QueryParser::parseSetBool(bool QuerySession::*Var) {
95 StringRef ValStr;
96 unsigned Value = LexOrCompleteWord<unsigned>(this, ValStr)
97 .Case("false", 0)
98 .Case("true", 1)
99 .Default(~0u);
100 if (Value == ~0u) {
101 return new InvalidQuery("expected 'true' or 'false', got '" + ValStr + "'");
102 }
103 return new SetQuery<bool>(Var, Value);
104}
105
106template <typename QueryType> QueryRef QueryParser::parseSetOutputKind() {
107 StringRef ValStr;
108 bool HasIntrospection = tooling::NodeIntrospection::hasIntrospectionSupport();
109 unsigned OutKind =
110 LexOrCompleteWord<unsigned>(this, ValStr)
111 .Case("diag", OK_Diag)
112 .Case("print", OK_Print)
113 .Case("detailed-ast", OK_DetailedAST)
114 .Case("srcloc", OK_SrcLoc, /*IsCompletion=*/HasIntrospection)
115 .Case("dump", OK_DetailedAST)
116 .Default(~0u);
117 if (OutKind == ~0u) {
118 return new InvalidQuery("expected 'diag', 'print', 'detailed-ast'" +
119 StringRef(HasIntrospection ? ", 'srcloc'" : "") +
120 " or 'dump', got '" + ValStr + "'");
121 }
122
123 switch (OutKind) {
124 case OK_DetailedAST:
125 return new QueryType(&QuerySession::DetailedASTOutput);
126 case OK_Diag:
127 return new QueryType(&QuerySession::DiagOutput);
128 case OK_Print:
129 return new QueryType(&QuerySession::PrintOutput);
130 case OK_SrcLoc:
131 if (HasIntrospection)
132 return new QueryType(&QuerySession::SrcLocOutput);
133 return new InvalidQuery("'srcloc' output support is not available.");
134 }
135
136 llvm_unreachable("Invalid output kind")::llvm::llvm_unreachable_internal("Invalid output kind", "clang-tools-extra/clang-query/QueryParser.cpp"
, 136);
137}
138
139QueryRef QueryParser::parseSetTraversalKind(TraversalKind QuerySession::*Var) {
140 StringRef ValStr;
141 unsigned Value =
142 LexOrCompleteWord<unsigned>(this, ValStr)
143 .Case("AsIs", TK_AsIs)
144 .Case("IgnoreUnlessSpelledInSource", TK_IgnoreUnlessSpelledInSource)
145 .Default(~0u);
146 if (Value == ~0u) {
8
Taking true branch
147 return new InvalidQuery("expected traversal kind, got '" + ValStr + "'");
9
Memory is allocated
148 }
149 return new SetQuery<TraversalKind>(Var, static_cast<TraversalKind>(Value));
150}
151
152QueryRef QueryParser::endQuery(QueryRef Q) {
153 StringRef Extra = Line;
154 StringRef ExtraTrimmed = Extra.drop_while(
155 [](char c) { return StringRef(" \t\v\f\r").contains(c); });
156
157 if ((!ExtraTrimmed.empty() && ExtraTrimmed[0] == '\n') ||
158 (ExtraTrimmed.size() >= 2 && ExtraTrimmed[0] == '\r' &&
159 ExtraTrimmed[1] == '\n'))
160 Q->RemainingContent = Extra;
161 else {
162 StringRef TrailingWord = lexWord();
163 if (!TrailingWord.empty() && TrailingWord.front() == '#') {
164 Line = Line.drop_until([](char c) { return c == '\n'; });
165 Line = Line.drop_while([](char c) { return c == '\n'; });
166 return endQuery(Q);
167 }
168 if (!TrailingWord.empty()) {
169 return new InvalidQuery("unexpected extra input: '" + Extra + "'");
170 }
171 }
172 return Q;
173}
174
175namespace {
176
177enum ParsedQueryKind {
178 PQK_Invalid,
179 PQK_Comment,
180 PQK_NoOp,
181 PQK_Help,
182 PQK_Let,
183 PQK_Match,
184 PQK_Set,
185 PQK_Unlet,
186 PQK_Quit,
187 PQK_Enable,
188 PQK_Disable
189};
190
191enum ParsedQueryVariable {
192 PQV_Invalid,
193 PQV_Output,
194 PQV_BindRoot,
195 PQV_PrintMatcher,
196 PQV_Traversal
197};
198
199QueryRef makeInvalidQueryFromDiagnostics(const Diagnostics &Diag) {
200 std::string ErrStr;
201 llvm::raw_string_ostream OS(ErrStr);
202 Diag.printToStreamFull(OS);
203 return new InvalidQuery(OS.str());
204}
205
206} // namespace
207
208QueryRef QueryParser::completeMatcherExpression() {
209 std::vector<MatcherCompletion> Comps = Parser::completeExpression(
210 Line, CompletionPos - Line.begin(), nullptr, &QS.NamedValues);
211 for (auto I = Comps.begin(), E = Comps.end(); I != E; ++I) {
212 Completions.push_back(LineEditor::Completion(I->TypedText, I->MatcherDecl));
213 }
214 return QueryRef();
215}
216
217QueryRef QueryParser::doParse() {
218 StringRef CommandStr;
219 ParsedQueryKind QKind = LexOrCompleteWord<ParsedQueryKind>(this, CommandStr)
220 .Case("", PQK_NoOp)
221 .Case("#", PQK_Comment, /*IsCompletion=*/false)
222 .Case("help", PQK_Help)
223 .Case("l", PQK_Let, /*IsCompletion=*/false)
224 .Case("let", PQK_Let)
225 .Case("m", PQK_Match, /*IsCompletion=*/false)
226 .Case("match", PQK_Match)
227 .Case("q", PQK_Quit, /*IsCompletion=*/false)
228 .Case("quit", PQK_Quit)
229 .Case("set", PQK_Set)
230 .Case("enable", PQK_Enable)
231 .Case("disable", PQK_Disable)
232 .Case("unlet", PQK_Unlet)
233 .Default(PQK_Invalid);
234
235 switch (QKind) {
2
Control jumps to 'case PQK_Set:' at line 290
236 case PQK_Comment:
237 case PQK_NoOp:
238 Line = Line.drop_until([](char c) { return c == '\n'; });
239 Line = Line.drop_while([](char c) { return c == '\n'; });
240 if (Line.empty())
241 return new NoOpQuery;
242 return doParse();
243
244 case PQK_Help:
245 return endQuery(new HelpQuery);
246
247 case PQK_Quit:
248 return endQuery(new QuitQuery);
249
250 case PQK_Let: {
251 StringRef Name = lexWord();
252
253 if (Name.empty())
254 return new InvalidQuery("expected variable name");
255
256 if (CompletionPos)
257 return completeMatcherExpression();
258
259 Diagnostics Diag;
260 ast_matchers::dynamic::VariantValue Value;
261 if (!Parser::parseExpression(Line, nullptr, &QS.NamedValues, &Value,
262 &Diag)) {
263 return makeInvalidQueryFromDiagnostics(Diag);
264 }
265
266 auto *Q = new LetQuery(Name, Value);
267 Q->RemainingContent = Line;
268 return Q;
269 }
270
271 case PQK_Match: {
272 if (CompletionPos)
273 return completeMatcherExpression();
274
275 Diagnostics Diag;
276 auto MatcherSource = Line.ltrim();
277 auto OrigMatcherSource = MatcherSource;
278 Optional<DynTypedMatcher> Matcher = Parser::parseMatcherExpression(
279 MatcherSource, nullptr, &QS.NamedValues, &Diag);
280 if (!Matcher) {
281 return makeInvalidQueryFromDiagnostics(Diag);
282 }
283 auto ActualSource = OrigMatcherSource.slice(0, OrigMatcherSource.size() -
284 MatcherSource.size());
285 auto *Q = new MatchQuery(ActualSource, *Matcher);
286 Q->RemainingContent = MatcherSource;
287 return Q;
288 }
289
290 case PQK_Set: {
291 StringRef VarStr;
292 ParsedQueryVariable Var =
293 LexOrCompleteWord<ParsedQueryVariable>(this, VarStr)
294 .Case("output", PQV_Output)
295 .Case("bind-root", PQV_BindRoot)
296 .Case("print-matcher", PQV_PrintMatcher)
297 .Case("traversal", PQV_Traversal)
298 .Default(PQV_Invalid);
299 if (VarStr.empty())
3
Assuming the condition is false
4
Taking false branch
300 return new InvalidQuery("expected variable name");
301 if (Var
4.1
'Var' is not equal to PQV_Invalid
 == PQV_Invalid)
5
Taking false branch
302 return new InvalidQuery("unknown variable: '" + VarStr + "'");
303
304 QueryRef Q;
305 switch (Var) {
6
Control jumps to 'case PQV_Traversal:' at line 315
306 case PQV_Output:
307 Q = parseSetOutputKind<SetExclusiveOutputQuery>();
308 break;
309 case PQV_BindRoot:
310 Q = parseSetBool(&QuerySession::BindRoot);
311 break;
312 case PQV_PrintMatcher:
313 Q = parseSetBool(&QuerySession::PrintMatcher);
314 break;
315 case PQV_Traversal:
316 Q = parseSetTraversalKind(&QuerySession::TK);
7
Calling 'QueryParser::parseSetTraversalKind'
10
Returned allocated memory
317 break;
318 case PQV_Invalid:
319 llvm_unreachable("Invalid query kind")::llvm::llvm_unreachable_internal("Invalid query kind", "clang-tools-extra/clang-query/QueryParser.cpp"
, 319);
320 }
321
322 return endQuery(Q);
11
 Execution continues on line 322
323 }
324 case PQK_Enable:
325 case PQK_Disable: {
326 StringRef VarStr;
327 ParsedQueryVariable Var =
328 LexOrCompleteWord<ParsedQueryVariable>(this, VarStr)
329 .Case("output", PQV_Output)
330 .Default(PQV_Invalid);
331 if (VarStr.empty())
332 return new InvalidQuery("expected variable name");
333 if (Var == PQV_Invalid)
334 return new InvalidQuery("unknown variable: '" + VarStr + "'");
335
336 QueryRef Q;
337
338 if (QKind == PQK_Enable)
339 Q = parseSetOutputKind<EnableOutputQuery>();
340 else if (QKind == PQK_Disable)
341 Q = parseSetOutputKind<DisableOutputQuery>();
342 else
343 llvm_unreachable("Invalid query kind")::llvm::llvm_unreachable_internal("Invalid query kind", "clang-tools-extra/clang-query/QueryParser.cpp"
, 343);
344 return endQuery(Q);
345 }
346
347 case PQK_Unlet: {
348 StringRef Name = lexWord();
349
350 if (Name.empty())
351 return new InvalidQuery("expected variable name");
352
353 return endQuery(new LetQuery(Name, VariantValue()));
354 }
355
356 case PQK_Invalid:
357 return new InvalidQuery("unknown command: " + CommandStr);
358 }
359
360 llvm_unreachable("Invalid query kind")::llvm::llvm_unreachable_internal("Invalid query kind", "clang-tools-extra/clang-query/QueryParser.cpp"
, 360);
361}
12
Potential leak of memory pointed to by 'Q.Obj'
362
363QueryRef QueryParser::parse(StringRef Line, const QuerySession &QS) {
364 return QueryParser(Line, QS).doParse();
365}
366
367std::vector<LineEditor::Completion>
368QueryParser::complete(StringRef Line, size_t Pos, const QuerySession &QS) {
369 QueryParser P(Line, QS);
370 P.CompletionPos = Line.data() + Pos;
371
372 P.doParse();
1
Calling 'QueryParser::doParse'
373 return P.Completions;
374}
375
376} // namespace query
377} // namespace clang