This is an archive of the discontinued LLVM Phabricator instance.

Differential D153236

[NFC] Fix potential dereferencing of nullptr.
ClosedPublic

Authored by schittir on Jun 18 2023, 7:55 PM.

Details

Reviewers
aaron.ballman
tahonermann
erichkeane
Commits
rGd2fafa79ef08: [NFC] Fix potential dereferencing of nullptr.
Summary

Replace getAs with castAs and add assert if needed.

Diff Detail

Event Timeline

schittir created this revision.Jun 18 2023, 7:55 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 18 2023, 7:55 PM
schittir requested review of this revision.Jun 18 2023, 7:55 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 18 2023, 7:55 PM
Herald added a subscriber: cfe-commits. · View Herald Transcript
Harbormaster completed remote builds in B239702: Diff 532511.Jun 18 2023, 9:13 PM
schittir updated this revision to Diff 532528.Jun 18 2023, 9:28 PM

Fix typo

Harbormaster completed remote builds in B239716: Diff 532528.Jun 18 2023, 10:23 PM
Fznamznon added a subscriber: Fznamznon.Jun 19 2023, 4:04 AM
Fznamznon added inline comments.
clang/lib/Parse/ParseStmt.cpp
887 ↗(On Diff #532528)

The assert that looks like assert(x && "x should not be null") seems strange. Failed assert(x) implies that x should not be null. If there is a message, a message saying what is wrong and why is much more useful.

clang/lib/Sema/SemaExprObjC.cpp
2441

That seems to be a strange place before and after changes. With or without change, when ReceiverType.isNull() is true we just end up passing nullptr as receiverTypeInfo to the BuildClassMessage which doesn't seem to be checking its non-nullness before dereferencing it, even though its description says that receiverTypeInfo can be null.
I guess it is fine to pass nullptr to a function whose description says so, but the non-nullness check inside of it should be probably a bit more obvious than it is right now.

schittir added inline comments.Jun 20 2023, 9:08 AM
clang/lib/Parse/ParseStmt.cpp
887 ↗(On Diff #532528)

Would you suggest removing the message and changing it to

assert(DeepestParsedCaseStmt);

I am not sure what message would be useful here.

clang/lib/Sema/SemaExprObjC.cpp
2441

I see your point about passing ReceiverTypeInfo as nullptr to BuildClassMessage method - it seems ok to do that.
Would it make sense to add an assert(ReceiverTypeInfo); inside the method as way of making the non-nullness check more obvious?

aaron.ballman added inline comments.Jun 21 2023, 5:36 AM
clang/lib/Parse/ParseStmt.cpp
886–887 ↗(On Diff #532528)

The assert doesn't add much value, this seems to be a false positive in the analysis.

If we have no top-level case statement yet, then we get into the if branch on line 884, but that then sets DeepestParsedCaseStmt on line 890, and that must be non-null because we verified that Case is valid above on line 876. So by the time we get into the else branch, DeepestParsedCaseStmt must be nonnull.

I don't think changes are needed here at all; WDYT?

clang/lib/Sema/SemaExprObjC.cpp
2441

I think there's a different assertion needed here. The invariant that BuildClassMessage() has is that the first argument (the TypeSourceInfo * needs to be nonnull if the third argument (the SourceLocation) is invalid. So I think this assert should be:

assert(((isSuperReceiver && Loc.isValid()) || receiverTypeInfo) &&
       "Either the super receiver location needs to be valid or the receiver needs valid type source information");
clang/lib/Sema/SemaType.cpp
2710–2712

Slightly better fix so we don't do "isa" followed by "cast".

schittir updated this revision to Diff 533386.Jun 21 2023, 1:55 PM
schittir marked 3 inline comments as done.

Changes to address comments.

clang/lib/Parse/ParseStmt.cpp
886–887 ↗(On Diff #532528)

This makes sense. I didn't thoroughly consider the Case.isInvalid() check above in my analysis. Thank you for catching this! I removed this change.

Harbormaster completed remote builds in B240343: Diff 533386.Jun 21 2023, 9:26 PM
aaron.ballman accepted this revision.Jun 22 2023, 4:14 AM

LGTM!

This revision is now accepted and ready to land.Jun 22 2023, 4:14 AM
Closed by commit rGd2fafa79ef08: [NFC] Fix potential dereferencing of nullptr. (authored by schittir). · Explain WhyJun 22 2023, 9:53 AM
This revision was automatically updated to reflect the committed changes.
schittir added a commit: rGd2fafa79ef08: [NFC] Fix potential dereferencing of nullptr..
schittir added a comment.Jun 22 2023, 9:54 AM

Thank you @aaron.ballman and @Fznamznon for reviewing! I landed this patch with commit d2fafa79ef08f9ef9cd0108a6caa7fc61a31bdeb

Revision Contents

PathSize
clang/
lib/
Sema/
3 lines
7 lines
4 lines

Diff 533386

clang/lib/Sema/SemaExprObjC.cpp

Show First 20 LinesShow All 2,432 Lines▼ Show 20 LinesExprResult Sema::BuildClassMessageImplicit(QualType ReceiverType,
SourceLocation Loc, SourceLocation Loc,
Selector Sel, Selector Sel,
ObjCMethodDecl *Method, ObjCMethodDecl *Method,
MultiExprArg Args) { MultiExprArg Args) {
TypeSourceInfo *receiverTypeInfo = nullptr; TypeSourceInfo *receiverTypeInfo = nullptr;
if (!ReceiverType.isNull()) if (!ReceiverType.isNull())
receiverTypeInfo = Context.getTrivialTypeSourceInfo(ReceiverType); receiverTypeInfo = Context.getTrivialTypeSourceInfo(ReceiverType);
assert(((isSuperReceiver && Loc.isValid()) || receiverTypeInfo) &&
FznamznonUnsubmitted
Not Done
ReplyInline Actions

That seems to be a strange place before and after changes. With or without change, when ReceiverType.isNull() is true we just end up passing nullptr as receiverTypeInfo to the BuildClassMessage which doesn't seem to be checking its non-nullness before dereferencing it, even though its description says that receiverTypeInfo can be null.
I guess it is fine to pass nullptr to a function whose description says so, but the non-nullness check inside of it should be probably a bit more obvious than it is right now.

Fznamznon: That seems to be a strange place before and after changes. With or without change, when…
schittirAuthorUnsubmitted
Done
ReplyInline Actions

I see your point about passing ReceiverTypeInfo as nullptr to BuildClassMessage method - it seems ok to do that.
Would it make sense to add an assert(ReceiverTypeInfo); inside the method as way of making the non-nullness check more obvious?

schittir: I see your point about passing `ReceiverTypeInfo` as nullptr to `BuildClassMessage` method - it…
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

I think there's a different assertion needed here. The invariant that BuildClassMessage() has is that the first argument (the TypeSourceInfo * needs to be nonnull if the third argument (the SourceLocation) is invalid. So I think this assert should be:

assert(((isSuperReceiver && Loc.isValid()) || receiverTypeInfo) &&
       "Either the super receiver location needs to be valid or the receiver needs valid type source information");
aaron.ballman: I think there's a different assertion needed here. The invariant that `BuildClassMessage()` has…
"Either the super receiver location needs to be valid or the receiver "
"needs valid type source information");
return BuildClassMessage(receiverTypeInfo, ReceiverType, return BuildClassMessage(receiverTypeInfo, ReceiverType,
/*SuperLoc=*/isSuperReceiver ? Loc : SourceLocation(), /*SuperLoc=*/isSuperReceiver ? Loc : SourceLocation(),
Sel, Method, Loc, Loc, Loc, Args, Sel, Method, Loc, Loc, Loc, Args,
/*isImplicit=*/true); /*isImplicit=*/true);
} }
static void applyCocoaAPICheck(Sema &S, const ObjCMessageExpr *Msg, static void applyCocoaAPICheck(Sema &S, const ObjCMessageExpr *Msg,
unsigned DiagID, unsigned DiagID,
▲ Show 20 LinesShow All 2,311 LinesShow Last 20 Lines

clang/lib/Sema/SemaObjCProperty.cpp

Show First 20 LinesShow All 1,357 Lines▼ Show 20 Lines if (Synthesize) {
property->setPropertyIvarDecl(Ivar); property->setPropertyIvarDecl(Ivar);
QualType IvarType = Context.getCanonicalType(Ivar->getType()); QualType IvarType = Context.getCanonicalType(Ivar->getType());
// Check that type of property and its ivar are type compatible. // Check that type of property and its ivar are type compatible.
if (!Context.hasSameType(PropertyIvarType, IvarType)) { if (!Context.hasSameType(PropertyIvarType, IvarType)) {
if (isa<ObjCObjectPointerType>(PropertyIvarType) if (isa<ObjCObjectPointerType>(PropertyIvarType)
&& isa<ObjCObjectPointerType>(IvarType)) && isa<ObjCObjectPointerType>(IvarType))
compat = compat = Context.canAssignObjCInterfaces(
Context.canAssignObjCInterfaces( PropertyIvarType->castAs<ObjCObjectPointerType>(),
PropertyIvarType->getAs<ObjCObjectPointerType>(), IvarType->castAs<ObjCObjectPointerType>());
IvarType->getAs<ObjCObjectPointerType>());
else { else {
compat = (CheckAssignmentConstraints(PropertyIvarLoc, PropertyIvarType, compat = (CheckAssignmentConstraints(PropertyIvarLoc, PropertyIvarType,
IvarType) IvarType)
== Compatible); == Compatible);
} }
if (!compat) { if (!compat) {
Diag(PropertyDiagLoc, diag::err_property_ivar_type) Diag(PropertyDiagLoc, diag::err_property_ivar_type)
<< property->getDeclName() << PropType << property->getDeclName() << PropType
▲ Show 20 LinesShow All 1,441 LinesShow Last 20 Lines

clang/lib/Sema/SemaType.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 2,701 Lines▼ Show 20 LinesQualType Sema::BuildVectorType(QualType CurType, Expr *SizeExpr,
if ((!CurType->isDependentType() && if ((!CurType->isDependentType() &&
(!CurType->isBuiltinType() || CurType->isBooleanType() || (!CurType->isBuiltinType() || CurType->isBooleanType() ||
(!CurType->isIntegerType() && !CurType->isRealFloatingType())) && (!CurType->isIntegerType() && !CurType->isRealFloatingType())) &&
!CurType->isBitIntType()) || !CurType->isBitIntType()) ||
CurType->isArrayType()) { CurType->isArrayType()) {
Diag(AttrLoc, diag::err_attribute_invalid_vector_type) << CurType; Diag(AttrLoc, diag::err_attribute_invalid_vector_type) << CurType;
return QualType(); return QualType();
} }
// Only support _BitInt elements with byte-sized power of 2 NumBits. // Only support _BitInt elements with byte-sized power of 2 NumBits.
if (CurType->isBitIntType()) { if (const auto *BIT = CurType->getAs<BitIntType>()) {
unsigned NumBits = CurType->getAs<BitIntType>()->getNumBits(); unsigned NumBits = BIT->getNumBits();
aaron.ballmanUnsubmitted
Done
ReplyInline Actions
// Only support _BitInt elements with byte-sized power of 2 NumBits.
- if (CurType->isBitIntType()) {
- unsigned NumBits = CurType->castAs<BitIntType>()->getNumBits();
+ if (const auto *BIT = CurType->getAs<BitIntType>()) {
+ unsigned NumBits = BIT->getNumBits();
if (!llvm::isPowerOf2_32(NumBits) || NumBits < 8) {

Slightly better fix so we don't do "isa" followed by "cast".

aaron.ballman: Slightly better fix so we don't do "isa" followed by "cast".
if (!llvm::isPowerOf2_32(NumBits) || NumBits < 8) { if (!llvm::isPowerOf2_32(NumBits) || NumBits < 8) {
Diag(AttrLoc, diag::err_attribute_invalid_bitint_vector_type) Diag(AttrLoc, diag::err_attribute_invalid_bitint_vector_type)
<< (NumBits < 8); << (NumBits < 8);
return QualType(); return QualType();
} }
} }
if (SizeExpr->isTypeDependent() || SizeExpr->isValueDependent()) if (SizeExpr->isTypeDependent() || SizeExpr->isValueDependent())
▲ Show 20 LinesShow All 7,072 LinesShow Last 20 Lines