search

Fraunhofer-AISEC / cpg

A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.
https://fraunhofer-aisec.github.io/cpg/
Apache License 2.0
265 stars 61 forks source link

NullPointerException in CDT #1596

Open peckto opened 1 month ago

peckto commented 1 month ago

Stack trace

java.util.concurrent.ExecutionException: java.lang.NullPointerException: Cannot invoke "org.eclipse.cdt.core.CCorePlugin.getLog()" because the return value of "org.eclipse.cdt.core.CCorePlugin.getDefault()" is null
    at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:396)
    at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2073)
    at de.fraunhofer.aisec.cpg_vis_neo4j.Application.call(Application.kt:611)
    at de.fraunhofer.aisec.cpg_vis_neo4j.Application.call(Application.kt:88)
    at picocli.CommandLine.executeUserObject(CommandLine.java:2041)
    at picocli.CommandLine.access$1500(CommandLine.java:148)
    at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2461)
    at picocli.CommandLine$RunLast.handle(CommandLine.java:2453)
    at picocli.CommandLine$RunLast.handle(CommandLine.java:2415)
    at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2273)
    at picocli.CommandLine$RunLast.execute(CommandLine.java:2417)
    at picocli.CommandLine.execute(CommandLine.java:2170)
    at de.fraunhofer.aisec.cpg_vis_neo4j.ApplicationKt.main(Application.kt:652)
Caused by: java.lang.NullPointerException: Cannot invoke "org.eclipse.cdt.core.CCorePlugin.getLog()" because the return value of "org.eclipse.cdt.core.CCorePlugin.getDefault()" is null
    at org.eclipse.cdt.core.CCorePlugin.log(CCorePlugin.java:1612)
    at org.eclipse.cdt.core.CCorePlugin.log(CCorePlugin.java:1591)
    at org.eclipse.cdt.core.CCorePlugin.log(CCorePlugin.java:1578)
    at org.eclipse.cdt.internal.core.dom.parser.ASTAmbiguousNode.logAmbiguousNodeError(ASTAmbiguousNode.java:191)
    at org.eclipse.cdt.internal.core.dom.parser.ASTAmbiguousNode.getEvaluation(ASTAmbiguousNode.java:181)
    at org.eclipse.cdt.internal.core.dom.parser.cpp.semantics.LookupData.setFunctionArguments(LookupData.java:529)
    at org.eclipse.cdt.internal.core.dom.parser.cpp.semantics.CPPSemantics.createLookupData(CPPSemantics.java:1163)
    at org.eclipse.cdt.internal.core.dom.parser.cpp.semantics.CPPSemantics.resolveBinding(CPPSemantics.java:373)
    at org.eclipse.cdt.internal.core.dom.parser.cpp.semantics.CPPVisitor.resolveBinding(CPPVisitor.java:1528)
    at org.eclipse.cdt.internal.core.dom.parser.cpp.semantics.CPPVisitor.createBinding(CPPVisitor.java:349)
    at org.eclipse.cdt.internal.core.dom.parser.cpp.CPPASTName.createIntermediateBinding(CPPASTName.java:67)
    at org.eclipse.cdt.internal.core.dom.parser.cpp.CPPASTNameBase.resolvePreBinding(CPPASTNameBase.java:98)
    at org.eclipse.cdt.internal.core.dom.parser.cpp.CPPASTFunctionCallExpression.checkForExplicitTypeConversion(CPPASTFunctionCallExpression.java:325)
    at org.eclipse.cdt.internal.core.dom.parser.cpp.CPPASTFunctionCallExpression.computeEvaluation(CPPASTFunctionCallExpression.java:304)
[...]

Code of interest

#include <typeinfo>
#include <cstdio>

class Bar
{
public:
    template<typename T>
    auto foo()
    {
        return foo<T>(0);
    }

    template<typename T>
    auto foo(std::size_t index)
    {
        return foo(typeid(T), index);
    }

    auto foo(std::type_info t, std::size_t index) {
        return index;
    }
};

Extensions to the library, e.g. added or changed LanguageFrontends or Passes

No

Changes to the configuration

$ cpg-neo4j  poc_cdt_npe.cpp

Details

The code compiles fine with gcc, but fails with clang:

poc_cdt_npe.cpp:16:16: error: function 'foo' with deduced return type cannot be used before it is defined
   16 |         return foo(typeid(T), index);
      |                ^
poc_cdt_npe.cpp:19:10: note: 'foo' declared here
   19 |     auto foo(std::type_info t, std::size_t index) {
      |          ^

If the order of the declarations is changed, the bug does not appear. CDT is also happy, if the function return type is specified. Interesting enough, that gcc does not complain. Still, CDT should not crash in any case.

oxisto commented 2 weeks ago

I did some investigating and it seems that CDT wants to log that it cannot resolve this ambiguous node here. Unfortunately, it seems that its logging infrastructure comes from the eclipse editor / OSGi environment and we are not setting this up, but rather just (mis)using the CDT classes directly. Therefore it fails to find the logger. I will try to circumvent this somehow.