This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
clang-tools-extra/clangd/
-
clangd/
-
IncludeCleaner.cpp
-
unittests/
2/4
IncludeCleanerTests.cpp

Differential D147686

[clangd] Fix a nullptr-dereference crash in computeIncludeCleanerFindings.
ClosedPublic

Authored by hokein on Apr 6 2023, 1:14 AM.

Download Raw Diff

Details

Reviewers

kadircet

Commits

rG2524000187fc: [clangd] Fix a nullptr-dereference crash in computeIncludeCleanerFindings.

Summary

Be more robust, we shuold not crash when we cannot find the corresponding token from the
tokenbuffer.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

hokein created this revision.Apr 6 2023, 1:14 AM

Herald added a project: Restricted Project. · View Herald TranscriptApr 6 2023, 1:14 AM

Herald added a subscriber: arphaman. · View Herald Transcript

hokein requested review of this revision.Apr 6 2023, 1:14 AM

Herald added a project: Restricted Project. · View Herald TranscriptApr 6 2023, 1:14 AM

Herald added subscribers: MaskRay, ilya-biryukov. · View Herald Transcript

add a comment.

Harbormaster completed remote builds in B223943: Diff 511319.Apr 6 2023, 1:47 AM

could you give some more details about the crash, so that we actually now where to fix it? e.g. is it token buffers missing the spelled token at that offset somehow ? or is it AST reporting a weird source locations for user-defined literals and we need to do some sort of post processing (or maybe it should've been filtered all together). as doing it like this will imply us completely eating such diagnostics.

In D147686#4248330, @kadircet wrote:

could you give some more details about the crash, so that we actually now where to fix it? e.g. is it token buffers missing the spelled token at that offset somehow ? or is it AST reporting a weird source locations for user-defined literals and we need to do some sort of post processing (or maybe it should've been filtered all together). as doing it like this will imply us completely eating such diagnostics.

sorry, for not giving more details. See the other comment.

clang-tools-extra/clangd/unittests/IncludeCleanerTests.cpp
421	here is the `UserDefinedLiteral` AST node: `-UserDefinedLiteral 0x5556682e4500 <line:46:3> 'int' \|-ImplicitCastExpr 0x5556682e44e8 <col:4> 'int (*)(unsigned long long)' <FunctionToPointerDecay> \| `-DeclRefExpr 0x5556682e44a0 <col:4> 'int (unsigned long long)' lvalue Function 0x5556682e4290 'operator""s' 'int (unsigned long long)' `-IntegerLiteral 0x5556682e4480 <col:3> 'unsigned long long' 1 The source location of the `UserDefinedLiteral` points to `^1s`, while the source location of the inner `DeclRefExpr` points to `1^s` (1 offset shift). In the token buffer, we only have a single spelled token `1s`, thus `AST.getTokens().spelledTokenAt` can not find any token that starts at `1^s` source loc.
429	T

kadircet added inline comments.Apr 13 2023, 12:03 AM

clang-tools-extra/clangd/unittests/IncludeCleanerTests.cpp
421	thanks, that makes sense! then instead of "suppressing" these, can we use `spelledTokensTouching().front()` (and asserting that it isn't empty?)

use syntax::spelledTokensTouching.

clang-tools-extra/clangd/unittests/IncludeCleanerTests.cpp
421	Thanks, this is a good idea. But we have to use the `back()`, for the case `ns::^abc` (we want to point to `abc`, not the `::`).

kadircet accepted this revision.Apr 13 2023, 3:07 AM

This revision is now accepted and ready to land.Apr 13 2023, 3:07 AM

This revision was landed with ongoing or failed builds.Apr 13 2023, 3:17 AM

Closed by commit rG2524000187fc: [clangd] Fix a nullptr-dereference crash in computeIncludeCleanerFindings. (authored by hokein). · Explain Why

This revision was automatically updated to reflect the committed changes.

hokein added a commit: rG2524000187fc: [clangd] Fix a nullptr-dereference crash in computeIncludeCleanerFindings..

Harbormaster completed remote builds in B225282: Diff 513134.Apr 13 2023, 3:36 AM

Revision Contents

Path

Size

clang-tools-extra/

clangd/

IncludeCleaner.cpp

11 lines

unittests/

IncludeCleanerTests.cpp

22 lines

Diff 513147

clang-tools-extra/clangd/IncludeCleaner.cpp

Show First 20 Lines • Show All 399 Lines • ▼ Show 20 Lines	include_cleaner::walkUsed(
// file.		// file.
// FIXME: Use presumed locations to map such usages back to patched		// FIXME: Use presumed locations to map such usages back to patched
// locations safely.		// locations safely.
auto Loc = SM.getFileLoc(Ref.RefLocation);		auto Loc = SM.getFileLoc(Ref.RefLocation);
// File locations can be outside of the main file if macro is expanded		// File locations can be outside of the main file if macro is expanded
// through an #include.		// through an #include.
while (SM.getFileID(Loc) != SM.getMainFileID())		while (SM.getFileID(Loc) != SM.getMainFileID())
Loc = SM.getIncludeLoc(SM.getFileID(Loc));		Loc = SM.getIncludeLoc(SM.getFileID(Loc));
const auto *Token = AST.getTokens().spelledTokenAt(Loc);		auto TouchingTokens =
MissingIncludeDiagInfo DiagInfo{Ref.Target, Token->range(SM),		syntax::spelledTokensTouching(Loc, AST.getTokens());
Providers};		assert(!TouchingTokens.empty());
		// Loc points to the start offset of the ref token, here we use the last
		// element of the TouchingTokens, e.g. avoid getting the "::" for
		// "ns::^abc".
		MissingIncludeDiagInfo DiagInfo{
		Ref.Target, TouchingTokens.back().range(SM), Providers};
MissingIncludes.push_back(std::move(DiagInfo));		MissingIncludes.push_back(std::move(DiagInfo));
});		});
std::vector<const Inclusion *> UnusedIncludes =		std::vector<const Inclusion *> UnusedIncludes =
getUnused(AST, Used, /ReferencedPublicHeaders/ {});		getUnused(AST, Used, /ReferencedPublicHeaders/ {});
return {std::move(UnusedIncludes), std::move(MissingIncludes)};		return {std::move(UnusedIncludes), std::move(MissingIncludes)};
}		}

std::vector<Diag> issueIncludeCleanerDiagnostics(ParsedAST &AST,		std::vector<Diag> issueIncludeCleanerDiagnostics(ParsedAST &AST,
Show All 25 Lines

clang-tools-extra/clangd/unittests/IncludeCleanerTests.cpp

Show First 20 Lines • Show All 407 Lines • ▼ Show 20 Lines	)cpp");
auto RefRange = Findings.front().SymRefRange;		auto RefRange = Findings.front().SymRefRange;
auto &SM = AST.getSourceManager();		auto &SM = AST.getSourceManager();
EXPECT_EQ(RefRange.file(), SM.getMainFileID());		EXPECT_EQ(RefRange.file(), SM.getMainFileID());
// FIXME: Point at the spelling location, rather than the include.		// FIXME: Point at the spelling location, rather than the include.
EXPECT_EQ(halfOpenToRange(SM, RefRange.toCharRange(SM)), MainFile.range());		EXPECT_EQ(halfOpenToRange(SM, RefRange.toCharRange(SM)), MainFile.range());
EXPECT_EQ(RefRange, Findings[1].SymRefRange);		EXPECT_EQ(RefRange, Findings[1].SymRefRange);
}		}

		TEST(IncludeCleaner, NoCrash) {
		TestTU TU;
		Annotations MainCode(R"cpp(
		#include "all.h"
		void test() {
		[[1s]];
		hokeinAuthorUnsubmitted Done Reply Inline Actions here is the `UserDefinedLiteral` AST node: `-UserDefinedLiteral 0x5556682e4500 <line:46:3> 'int' \|-ImplicitCastExpr 0x5556682e44e8 <col:4> 'int ()(unsigned long long)' <FunctionToPointerDecay> \| `-DeclRefExpr 0x5556682e44a0 <col:4> 'int (unsigned long long)' lvalue Function 0x5556682e4290 'operator""s' 'int (unsigned long long)' `-IntegerLiteral 0x5556682e4480 <col:3> 'unsigned long long' 1 The source location of the `UserDefinedLiteral` points to `^1s`, while the source location of the inner `DeclRefExpr` points to `1^s` (1 offset shift). In the token buffer, we only have a single spelled token `1s`, thus `AST.getTokens().spelledTokenAt` can not find any token that starts at `1^s` source loc. hokein:* here is the `UserDefinedLiteral` AST node: ``` `-UserDefinedLiteral 0x5556682e4500 <line:46:3>…
		kadircetUnsubmitted Not Done Reply Inline Actions thanks, that makes sense! then instead of "suppressing" these, can we use `spelledTokensTouching().front()` (and asserting that it isn't empty?) kadircet: thanks, that makes sense! then instead of "suppressing" these, can we use…
		hokeinAuthorUnsubmitted Done Reply Inline Actions Thanks, this is a good idea. But we have to use the `back()`, for the case `ns::^abc` (we want to point to `abc`, not the `::`). hokein: Thanks, this is a good idea. But we have to use the `back()`, for the case `ns::^abc` (we want…
		}
		)cpp");
		TU.Code = MainCode.code();
		TU.AdditionalFiles["foo.h"] =
		guard("int operator\"\"s(unsigned long long) { return 0; }");
		TU.AdditionalFiles["all.h"] = guard("#include \"foo.h\"");
		ParsedAST AST = TU.build();
		const auto &MissingIncludes =
		hokeinAuthorUnsubmitted Not Done Reply Inline Actions T hokein: T
		computeIncludeCleanerFindings(AST).MissingIncludes;
		EXPECT_THAT(MissingIncludes, testing::SizeIs(1));
		auto &SM = AST.getSourceManager();
		EXPECT_EQ(
		halfOpenToRange(SM, MissingIncludes.front().SymRefRange.toCharRange(SM)),
		MainCode.range());
		}

} // namespace		} // namespace
} // namespace clangd		} // namespace clangd
} // namespace clang		} // namespace clang