Merge pull request #2289 from jbj/ConvertToNonVirtualBaseInstruction

C++ IR: clearly distinguish between virtual and non-virtual base conversions

cpp/ql/src/semmle/code/cpp/ir/implementation/Opcode.qll

@@ -34,7 +34,7 @@ private newtype TOpcode =
   TPointerSub() or
   TPointerDiff() or
   TConvert() or
-  TConvertToBase() or
+  TConvertToNonVirtualBase() or
   TConvertToVirtualBase() or
   TConvertToDerived() or
   TCheckedConvertOrNull() or
@@ -110,6 +110,8 @@ abstract class RelationalOpcode extends CompareOpcode { }
 
 abstract class CopyOpcode extends Opcode { }
 
+abstract class ConvertToBaseOpcode extends UnaryOpcode { }
+
 abstract class MemoryAccessOpcode extends Opcode { }
 
 abstract class ReturnOpcode extends Opcode { }
@@ -302,11 +304,11 @@ module Opcode {
     final override string toString() { result = "Convert" }
   }
 
-  class ConvertToBase extends UnaryOpcode, TConvertToBase {
-    final override string toString() { result = "ConvertToBase" }
+  class ConvertToNonVirtualBase extends ConvertToBaseOpcode, TConvertToNonVirtualBase {
+    final override string toString() { result = "ConvertToNonVirtualBase" }
   }
 
-  class ConvertToVirtualBase extends UnaryOpcode, TConvertToVirtualBase {
+  class ConvertToVirtualBase extends ConvertToBaseOpcode, TConvertToVirtualBase {
     final override string toString() { result = "ConvertToVirtualBase" }
   }
 

cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll

@@ -981,14 +981,22 @@ class InheritanceConversionInstruction extends UnaryInstruction {
  * to the address of a direct non-virtual base class.
  */
 class ConvertToBaseInstruction extends InheritanceConversionInstruction {
-  ConvertToBaseInstruction() { getOpcode() instanceof Opcode::ConvertToBase }
+  ConvertToBaseInstruction() { getOpcode() instanceof ConvertToBaseOpcode }
+}
+
+/**
+ * Represents an instruction that converts from the address of a derived class
+ * to the address of a direct non-virtual base class.
+ */
+class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction {
+  ConvertToNonVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToNonVirtualBase }
 }
 
 /**
  * Represents an instruction that converts from the address of a derived class
  * to the address of a virtual base class.
  */
-class ConvertToVirtualBaseInstruction extends InheritanceConversionInstruction {
+class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction {
   ConvertToVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToVirtualBase }
 }
 

cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasAnalysis.qll

@@ -109,7 +109,7 @@ private predicate operandIsPropagated(Operand operand, IntValue bitOffset) {
     instr = operand.getUse() and
     (
       // Converting to a non-virtual base class adds the offset of the base class.
-      exists(ConvertToBaseInstruction convert |
+      exists(ConvertToNonVirtualBaseInstruction convert |
         convert = instr and
         bitOffset = Ints::mul(convert.getDerivation().getByteOffset(), 8)
       )

cpp/ql/src/semmle/code/cpp/ir/implementation/raw/Instruction.qll

@@ -981,14 +981,22 @@ class InheritanceConversionInstruction extends UnaryInstruction {
  * to the address of a direct non-virtual base class.
  */
 class ConvertToBaseInstruction extends InheritanceConversionInstruction {
-  ConvertToBaseInstruction() { getOpcode() instanceof Opcode::ConvertToBase }
+  ConvertToBaseInstruction() { getOpcode() instanceof ConvertToBaseOpcode }
+}
+
+/**
+ * Represents an instruction that converts from the address of a derived class
+ * to the address of a direct non-virtual base class.
+ */
+class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction {
+  ConvertToNonVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToNonVirtualBase }
 }
 
 /**
  * Represents an instruction that converts from the address of a derived class
  * to the address of a virtual base class.
  */
-class ConvertToVirtualBaseInstruction extends InheritanceConversionInstruction {
+class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction {
   ConvertToVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToVirtualBase }
 }
 

cpp/ql/src/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll

@@ -1038,7 +1038,7 @@ class TranslatedInheritanceConversion extends TranslatedSingleInstructionConvers
     then
       if expr.(BaseClassConversion).isVirtual()
       then result instanceof Opcode::ConvertToVirtualBase
-      else result instanceof Opcode::ConvertToBase
+      else result instanceof Opcode::ConvertToNonVirtualBase
     else result instanceof Opcode::ConvertToDerived
   }
 }

cpp/ql/src/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll

@@ -752,7 +752,7 @@ abstract class TranslatedBaseStructorCall extends TranslatedStructorCallFromStru
 
   final override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) {
     tag = OnlyInstructionTag() and
-    opcode instanceof Opcode::ConvertToBase and
+    opcode instanceof Opcode::ConvertToNonVirtualBase and
     resultType = getTypeForGLValue(call.getTarget().getDeclaringType())
   }
 

cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll

@@ -981,14 +981,22 @@ class InheritanceConversionInstruction extends UnaryInstruction {
  * to the address of a direct non-virtual base class.
  */
 class ConvertToBaseInstruction extends InheritanceConversionInstruction {
-  ConvertToBaseInstruction() { getOpcode() instanceof Opcode::ConvertToBase }
+  ConvertToBaseInstruction() { getOpcode() instanceof ConvertToBaseOpcode }
+}
+
+/**
+ * Represents an instruction that converts from the address of a derived class
+ * to the address of a direct non-virtual base class.
+ */
+class ConvertToNonVirtualBaseInstruction extends ConvertToBaseInstruction {
+  ConvertToNonVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToNonVirtualBase }
 }
 
 /**
  * Represents an instruction that converts from the address of a derived class
  * to the address of a virtual base class.
  */
-class ConvertToVirtualBaseInstruction extends InheritanceConversionInstruction {
+class ConvertToVirtualBaseInstruction extends ConvertToBaseInstruction {
   ConvertToVirtualBaseInstruction() { getOpcode() instanceof Opcode::ConvertToVirtualBase }
 }
 

cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/AliasAnalysis.qll

@@ -109,7 +109,7 @@ private predicate operandIsPropagated(Operand operand, IntValue bitOffset) {
     instr = operand.getUse() and
     (
       // Converting to a non-virtual base class adds the offset of the base class.
-      exists(ConvertToBaseInstruction convert |
+      exists(ConvertToNonVirtualBaseInstruction convert |
         convert = instr and
         bitOffset = Ints::mul(convert.getDerivation().getByteOffset(), 8)
       )

cpp/ql/test/library-tests/ir/escape/points_to.expected

@@ -35,15 +35,15 @@
 | escape.cpp:146:5:146:18 | CopyValue | no_Point+8:0 | no_Point+8:0 |
 | escape.cpp:146:7:146:17 | CopyValue | no_Point+8:0 | no_Point+8:0 |
 | escape.cpp:146:17:146:17 | FieldAddress[z] | no_Point+8:0 | no_Point+8:0 |
-| escape.cpp:149:5:149:14 | ConvertToBase[Derived : Intermediate1] | no_Derived+0:0 | no_Derived+0:0 |
-| escape.cpp:149:5:149:14 | ConvertToBase[Intermediate1 : Base] | no_Derived+0:0 | no_Derived+0:0 |
+| escape.cpp:149:5:149:14 | ConvertToNonVirtualBase[Derived : Intermediate1] | no_Derived+0:0 | no_Derived+0:0 |
+| escape.cpp:149:5:149:14 | ConvertToNonVirtualBase[Intermediate1 : Base] | no_Derived+0:0 | no_Derived+0:0 |
 | escape.cpp:149:16:149:16 | FieldAddress[b] | no_Derived+0:0 | no_Derived+0:0 |
-| escape.cpp:150:18:150:27 | ConvertToBase[Derived : Intermediate1] | no_Derived+0:0 | no_Derived+0:0 |
-| escape.cpp:150:18:150:27 | ConvertToBase[Intermediate1 : Base] | no_Derived+0:0 | no_Derived+0:0 |
+| escape.cpp:150:18:150:27 | ConvertToNonVirtualBase[Derived : Intermediate1] | no_Derived+0:0 | no_Derived+0:0 |
+| escape.cpp:150:18:150:27 | ConvertToNonVirtualBase[Intermediate1 : Base] | no_Derived+0:0 | no_Derived+0:0 |
 | escape.cpp:150:29:150:29 | FieldAddress[b] | no_Derived+0:0 | no_Derived+0:0 |
-| escape.cpp:151:5:151:14 | ConvertToBase[Derived : Intermediate2] | no_Derived+12:0 | no_Derived+12:0 |
+| escape.cpp:151:5:151:14 | ConvertToNonVirtualBase[Derived : Intermediate2] | no_Derived+12:0 | no_Derived+12:0 |
 | escape.cpp:151:16:151:17 | FieldAddress[i2] | no_Derived+16:0 | no_Derived+16:0 |
-| escape.cpp:152:19:152:28 | ConvertToBase[Derived : Intermediate2] | no_Derived+12:0 | no_Derived+12:0 |
+| escape.cpp:152:19:152:28 | ConvertToNonVirtualBase[Derived : Intermediate2] | no_Derived+12:0 | no_Derived+12:0 |
 | escape.cpp:152:30:152:31 | FieldAddress[i2] | no_Derived+16:0 | no_Derived+16:0 |
 | escape.cpp:155:17:155:30 | CopyValue | no_ssa_addrOf+0:0 | no_ssa_addrOf+0:0 |
 | escape.cpp:155:17:155:30 | Store | no_ssa_addrOf+0:0 | no_ssa_addrOf+0:0 |

cpp/ql/test/library-tests/valuenumbering/GlobalValueNumbering/ir_gvn.expected

@@ -700,65 +700,65 @@ test.cpp:
 
 #  104| int inheritanceConversions(Derived*)
 #  104|   Block 0
-#  104|     v0_0(void)              = EnterFunction                 : 
-#  104|     m0_1(unknown)           = AliasedDefinition             : 
+#  104|     v0_0(void)              = EnterFunction                           : 
+#  104|     m0_1(unknown)           = AliasedDefinition                       : 
 #  104|         valnum = unique
-#  104|     mu0_2(unknown)          = UnmodeledDefinition           : 
+#  104|     mu0_2(unknown)          = UnmodeledDefinition                     : 
 #  104|         valnum = unique
-#  104|     r0_3(glval<Derived *>)  = VariableAddress[pd]           : 
+#  104|     r0_3(glval<Derived *>)  = VariableAddress[pd]                     : 
 #  104|         valnum = r0_3
-#  104|     m0_4(Derived *)         = InitializeParameter[pd]       : &:r0_3
+#  104|     m0_4(Derived *)         = InitializeParameter[pd]                 : &:r0_3
 #  104|         valnum = m0_4
-#  105|     r0_5(glval<int>)        = VariableAddress[x]            : 
+#  105|     r0_5(glval<int>)        = VariableAddress[x]                      : 
 #  105|         valnum = unique
-#  105|     r0_6(glval<Derived *>)  = VariableAddress[pd]           : 
+#  105|     r0_6(glval<Derived *>)  = VariableAddress[pd]                     : 
 #  105|         valnum = r0_3
-#  105|     r0_7(Derived *)         = Load                          : &:r0_6, m0_4
+#  105|     r0_7(Derived *)         = Load                                    : &:r0_6, m0_4
 #  105|         valnum = m0_4
-#  105|     r0_8(Base *)            = ConvertToBase[Derived : Base] : r0_7
+#  105|     r0_8(Base *)            = ConvertToNonVirtualBase[Derived : Base] : r0_7
 #  105|         valnum = r0_8
-#  105|     r0_9(glval<int>)        = FieldAddress[b]               : r0_8
+#  105|     r0_9(glval<int>)        = FieldAddress[b]                         : r0_8
 #  105|         valnum = r0_9
-#  105|     r0_10(int)              = Load                          : &:r0_9, ~m0_1
+#  105|     r0_10(int)              = Load                                    : &:r0_9, ~m0_1
 #  105|         valnum = r0_10
-#  105|     m0_11(int)              = Store                         : &:r0_5, r0_10
+#  105|     m0_11(int)              = Store                                   : &:r0_5, r0_10
 #  105|         valnum = r0_10
-#  106|     r0_12(glval<Base *>)    = VariableAddress[pb]           : 
+#  106|     r0_12(glval<Base *>)    = VariableAddress[pb]                     : 
 #  106|         valnum = r0_12
-#  106|     r0_13(glval<Derived *>) = VariableAddress[pd]           : 
+#  106|     r0_13(glval<Derived *>) = VariableAddress[pd]                     : 
 #  106|         valnum = r0_3
-#  106|     r0_14(Derived *)        = Load                          : &:r0_13, m0_4
+#  106|     r0_14(Derived *)        = Load                                    : &:r0_13, m0_4
 #  106|         valnum = m0_4
-#  106|     r0_15(Base *)           = ConvertToBase[Derived : Base] : r0_14
+#  106|     r0_15(Base *)           = ConvertToNonVirtualBase[Derived : Base] : r0_14
 #  106|         valnum = r0_8
-#  106|     m0_16(Base *)           = Store                         : &:r0_12, r0_15
+#  106|     m0_16(Base *)           = Store                                   : &:r0_12, r0_15
 #  106|         valnum = r0_8
-#  107|     r0_17(glval<int>)       = VariableAddress[y]            : 
+#  107|     r0_17(glval<int>)       = VariableAddress[y]                      : 
 #  107|         valnum = r0_17
-#  107|     r0_18(glval<Base *>)    = VariableAddress[pb]           : 
+#  107|     r0_18(glval<Base *>)    = VariableAddress[pb]                     : 
 #  107|         valnum = r0_12
-#  107|     r0_19(Base *)           = Load                          : &:r0_18, m0_16
+#  107|     r0_19(Base *)           = Load                                    : &:r0_18, m0_16
 #  107|         valnum = r0_8
-#  107|     r0_20(glval<int>)       = FieldAddress[b]               : r0_19
+#  107|     r0_20(glval<int>)       = FieldAddress[b]                         : r0_19
 #  107|         valnum = r0_9
-#  107|     r0_21(int)              = Load                          : &:r0_20, ~m0_1
+#  107|     r0_21(int)              = Load                                    : &:r0_20, ~m0_1
 #  107|         valnum = r0_21
-#  107|     m0_22(int)              = Store                         : &:r0_17, r0_21
+#  107|     m0_22(int)              = Store                                   : &:r0_17, r0_21
 #  107|         valnum = r0_21
-#  109|     r0_23(glval<int>)       = VariableAddress[#return]      : 
+#  109|     r0_23(glval<int>)       = VariableAddress[#return]                : 
 #  109|         valnum = r0_23
-#  109|     r0_24(glval<int>)       = VariableAddress[y]            : 
+#  109|     r0_24(glval<int>)       = VariableAddress[y]                      : 
 #  109|         valnum = r0_17
-#  109|     r0_25(int)              = Load                          : &:r0_24, m0_22
+#  109|     r0_25(int)              = Load                                    : &:r0_24, m0_22
 #  109|         valnum = r0_21
-#  109|     m0_26(int)              = Store                         : &:r0_23, r0_25
+#  109|     m0_26(int)              = Store                                   : &:r0_23, r0_25
 #  109|         valnum = r0_21
-#  104|     r0_27(glval<int>)       = VariableAddress[#return]      : 
+#  104|     r0_27(glval<int>)       = VariableAddress[#return]                : 
 #  104|         valnum = r0_23
-#  104|     v0_28(void)             = ReturnValue                   : &:r0_27, m0_26
-#  104|     v0_29(void)             = UnmodeledUse                  : mu*
-#  104|     v0_30(void)             = AliasedUse                    : ~m0_1
-#  104|     v0_31(void)             = ExitFunction                  : 
+#  104|     v0_28(void)             = ReturnValue                             : &:r0_27, m0_26
+#  104|     v0_29(void)             = UnmodeledUse                            : mu*
+#  104|     v0_30(void)             = AliasedUse                              : ~m0_1
+#  104|     v0_31(void)             = ExitFunction                            : 
 
 #  112| void test06()
 #  112|   Block 0