Scripts and setup to print the IR graph

PrintIR-pkexec.ql

@@ -0,0 +1,29 @@
+/**
+ * @name Print Aliased SSA IR
+ * @description Outputs a representation of the Aliased SSA IR graph
+ * @id cpp/example/polkit-ir
+ * @kind graph
+ */
+
+// From PrintIR.qll:
+//     ...  For most uses, however, it is better to write a query
+//     that imports `PrintIR.qll`,
+//     extends `PrintIRConfiguration`,
+//     and overrides `shouldPrintFunction()` to select a subset of functions to dump.
+
+import semmle.code.cpp.ir.PrintIR
+import semmle.code.cpp.ir.internal.IRCppLanguage as Language
+
+class PkexecMainConfig extends PrintIRConfiguration  {
+  /** Gets a textual representation of this configuration. */
+  override string toString() { result = "PkexecMainConfig" }
+
+  /**
+   * Holds if the IR for `func` should be printed. By default, holds for all
+   * functions.
+   */
+  override predicate shouldPrintFunction(Language::Function func) { 
+    func.getName() = "main" and 
+    func.getLocation().getFile().getBaseName() = "pkexec.c"
+  }
+}

PrintIR.sh

@@ -0,0 +1,44 @@
+#
+# Print the IR representation of a function
+# 
+
+# Add codeql binary PATH
+export PATH=$HOME/local/codeql-2.7.6/codeql:"$PATH"
+
+#* Plain text dump of graph
+codeql database analyze                                 \
+       ./db/polkit-0.119.db                             \
+       ./PrintIR-pkexec.ql                              \
+       -j8 -v --ram=16000                               \
+       --search-path $HOME/local/codeql-2.7.6/ql        \
+       --format=graphtext                               \
+       --output=PrintIR-pkexec.graphtext
+
+# .txt file
+ls  PrintIR-pkexec.graphtext/cpp/example/polkit-ir.txt 
+
+#* Full dot graph 
+cd ~/local/codeql-sample-polkit/
+codeql database analyze                                 \
+       ./db/polkit-0.119.db                             \
+       ./PrintIR-pkexec.ql                              \
+       -j8 -v --ram=16000                               \
+       --search-path $HOME/local/codeql-2.7.6/ql        \
+       --format=dot                                     \
+       --output=PrintIR-pkexec.dot
+
+# Note: intermediate files are here:
+
+# Query-produced .bqrs file
+ls db/polkit-0.119.db/results/cpp-polkit-argv/
+
+# Query-produced .dot file
+ls PrintIR-pkexec.dot/cpp/example/polkit-ir.dot 
+
+# Generate SVG
+cd ~/local/codeql-sample-polkit/PrintIR-pkexec.dot/cpp/example/
+dot -Tsvg ./polkit-ir.dot > polkit-ir.svg
+# 
+# XX: dot output issue: https://github.slack.com/archives/CPCFXL8P3/p1646270812905149
+# 
+open -a safari ./print-ast.svg

qlpack.yml

@@ -1,6 +1,4 @@
+# This format is valid for codeql cli v2.7.6, but changes sometime after.
 name: cpp-polkit-argv
 version: 0.0.1
-dependencies:
-  # This uses the latest version of the codeql/cpp-all library.
-  # You may want to change to a more precise semver string.
-  codeql/cpp-all: "*"
+libraryPathDependencies: codeql-cpp