mirror of
https://github.com/github/codeql.git
synced 2026-04-30 19:26:02 +02:00
Merge remote-tracking branch 'upstream/master' into DefaultTaintTracking-Configuration
This commit is contained in:
Jonas Jensen
@@ -143,3 +143,9 @@ void multidimensionalNew(int x, int y) {
|
||||
auto p2 = new char[20][20];
|
||||
auto p3 = new char[x][30][30];
|
||||
}
|
||||
|
||||
void directOperatorCall() {
|
||||
void *ptr;
|
||||
ptr = operator new(sizeof(int));
|
||||
operator delete(ptr);
|
||||
}
|
||||
|
||||
@@ -1,28 +1,28 @@
|
||||
newExprs
|
||||
| allocators.cpp:49:3:49:9 | new | int | operator new(unsigned long) -> void * | 4 | 4 | |
|
||||
| allocators.cpp:50:3:50:15 | new | int | operator new(size_t, float) -> void * | 4 | 4 | |
|
||||
| allocators.cpp:51:3:51:11 | new | int | operator new(unsigned long) -> void * | 4 | 4 | |
|
||||
| allocators.cpp:52:3:52:14 | new | String | operator new(unsigned long) -> void * | 8 | 8 | |
|
||||
| allocators.cpp:53:3:53:27 | new | String | operator new(size_t, float) -> void * | 8 | 8 | |
|
||||
| allocators.cpp:54:3:54:17 | new | Overaligned | operator new(unsigned long, align_val_t) -> void * | 256 | 128 | aligned |
|
||||
| allocators.cpp:55:3:55:25 | new | Overaligned | operator new(size_t, align_val_t, float) -> void * | 256 | 128 | aligned |
|
||||
| allocators.cpp:107:3:107:18 | new | FailedInit | FailedInit::operator new(size_t) -> void * | 1 | 1 | |
|
||||
| allocators.cpp:109:3:109:35 | new | FailedInitOveraligned | FailedInitOveraligned::operator new(size_t, align_val_t, float) -> void * | 128 | 128 | aligned |
|
||||
| allocators.cpp:129:3:129:21 | new | int | operator new(size_t, void *) -> void * | 4 | 4 | |
|
||||
| allocators.cpp:135:3:135:26 | new | int | operator new(size_t, const nothrow_t &) -> void * | 4 | 4 | |
|
||||
| allocators.cpp:49:3:49:9 | new | int | operator new(unsigned long) -> void * | 4 | 4 | | |
|
||||
| allocators.cpp:50:3:50:15 | new | int | operator new(size_t, float) -> void * | 4 | 4 | | |
|
||||
| allocators.cpp:51:3:51:11 | new | int | operator new(unsigned long) -> void * | 4 | 4 | | |
|
||||
| allocators.cpp:52:3:52:14 | new | String | operator new(unsigned long) -> void * | 8 | 8 | | |
|
||||
| allocators.cpp:53:3:53:27 | new | String | operator new(size_t, float) -> void * | 8 | 8 | | |
|
||||
| allocators.cpp:54:3:54:17 | new | Overaligned | operator new(unsigned long, align_val_t) -> void * | 256 | 128 | aligned | |
|
||||
| allocators.cpp:55:3:55:25 | new | Overaligned | operator new(size_t, align_val_t, float) -> void * | 256 | 128 | aligned | |
|
||||
| allocators.cpp:107:3:107:18 | new | FailedInit | FailedInit::operator new(size_t) -> void * | 1 | 1 | | |
|
||||
| allocators.cpp:109:3:109:35 | new | FailedInitOveraligned | FailedInitOveraligned::operator new(size_t, align_val_t, float) -> void * | 128 | 128 | aligned | |
|
||||
| allocators.cpp:129:3:129:21 | new | int | operator new(size_t, void *) -> void * | 4 | 4 | | & ... |
|
||||
| allocators.cpp:135:3:135:26 | new | int | operator new(size_t, const nothrow_t &) -> void * | 4 | 4 | | |
|
||||
newArrayExprs
|
||||
| allocators.cpp:68:3:68:12 | new[] | int[] | int | operator new[](unsigned long) -> void * | 4 | 4 | | n |
|
||||
| allocators.cpp:69:3:69:18 | new[] | int[] | int | operator new[](size_t, float) -> void * | 4 | 4 | | n |
|
||||
| allocators.cpp:70:3:70:15 | new[] | String[] | String | operator new[](unsigned long) -> void * | 8 | 8 | | n |
|
||||
| allocators.cpp:71:3:71:20 | new[] | Overaligned[] | Overaligned | operator new[](unsigned long, align_val_t) -> void * | 256 | 128 | aligned | n |
|
||||
| allocators.cpp:72:3:72:16 | new[] | String[10] | String | operator new[](unsigned long) -> void * | 8 | 8 | | |
|
||||
| allocators.cpp:108:3:108:19 | new[] | FailedInit[] | FailedInit | FailedInit::operator new[](size_t) -> void * | 1 | 1 | | n |
|
||||
| allocators.cpp:110:3:110:37 | new[] | FailedInitOveraligned[10] | FailedInitOveraligned | FailedInitOveraligned::operator new[](size_t, align_val_t, float) -> void * | 128 | 128 | aligned | |
|
||||
| allocators.cpp:132:3:132:17 | new[] | int[1] | int | operator new[](size_t, void *) -> void * | 4 | 4 | | |
|
||||
| allocators.cpp:136:3:136:26 | new[] | int[2] | int | operator new[](size_t, const nothrow_t &) -> void * | 4 | 4 | | |
|
||||
| allocators.cpp:142:13:142:27 | new[] | char[][10] | char[10] | operator new[](unsigned long) -> void * | 10 | 1 | | x |
|
||||
| allocators.cpp:143:13:143:28 | new[] | char[20][20] | char[20] | operator new[](unsigned long) -> void * | 20 | 1 | | |
|
||||
| allocators.cpp:144:13:144:31 | new[] | char[][30][30] | char[30][30] | operator new[](unsigned long) -> void * | 900 | 1 | | x |
|
||||
| allocators.cpp:68:3:68:12 | new[] | int[] | int | operator new[](unsigned long) -> void * | 4 | 4 | | n | |
|
||||
| allocators.cpp:69:3:69:18 | new[] | int[] | int | operator new[](size_t, float) -> void * | 4 | 4 | | n | |
|
||||
| allocators.cpp:70:3:70:15 | new[] | String[] | String | operator new[](unsigned long) -> void * | 8 | 8 | | n | |
|
||||
| allocators.cpp:71:3:71:20 | new[] | Overaligned[] | Overaligned | operator new[](unsigned long, align_val_t) -> void * | 256 | 128 | aligned | n | |
|
||||
| allocators.cpp:72:3:72:16 | new[] | String[10] | String | operator new[](unsigned long) -> void * | 8 | 8 | | | |
|
||||
| allocators.cpp:108:3:108:19 | new[] | FailedInit[] | FailedInit | FailedInit::operator new[](size_t) -> void * | 1 | 1 | | n | |
|
||||
| allocators.cpp:110:3:110:37 | new[] | FailedInitOveraligned[10] | FailedInitOveraligned | FailedInitOveraligned::operator new[](size_t, align_val_t, float) -> void * | 128 | 128 | aligned | | |
|
||||
| allocators.cpp:132:3:132:17 | new[] | int[1] | int | operator new[](size_t, void *) -> void * | 4 | 4 | | | buf |
|
||||
| allocators.cpp:136:3:136:26 | new[] | int[2] | int | operator new[](size_t, const nothrow_t &) -> void * | 4 | 4 | | | |
|
||||
| allocators.cpp:142:13:142:27 | new[] | char[][10] | char[10] | operator new[](unsigned long) -> void * | 10 | 1 | | x | |
|
||||
| allocators.cpp:143:13:143:28 | new[] | char[20][20] | char[20] | operator new[](unsigned long) -> void * | 20 | 1 | | | |
|
||||
| allocators.cpp:144:13:144:31 | new[] | char[][30][30] | char[30][30] | operator new[](unsigned long) -> void * | 900 | 1 | | x | |
|
||||
newExprDeallocators
|
||||
| allocators.cpp:52:3:52:14 | new | String | operator delete(void *, unsigned long) -> void | 8 | 8 | sized |
|
||||
| allocators.cpp:53:3:53:27 | new | String | operator delete(void *, float) -> void | 8 | 8 | |
|
||||
@@ -46,3 +46,65 @@ deleteArrayExprs
|
||||
| allocators.cpp:81:3:81:45 | delete[] | Overaligned | operator delete[](void *, unsigned long, align_val_t) -> void | 256 | 128 | sized aligned |
|
||||
| allocators.cpp:82:3:82:49 | delete[] | PolymorphicBase | operator delete[](void *, unsigned long) -> void | 8 | 8 | sized |
|
||||
| allocators.cpp:83:3:83:23 | delete[] | int | operator delete[](void *, unsigned long) -> void | 4 | 4 | sized |
|
||||
allocationFunctions
|
||||
| allocators.cpp:7:7:7:18 | operator new | getSizeArg = 0, requiresDealloc |
|
||||
| allocators.cpp:8:7:8:20 | operator new[] | getSizeArg = 0, requiresDealloc |
|
||||
| allocators.cpp:9:7:9:18 | operator new | getSizeArg = 0, requiresDealloc |
|
||||
| allocators.cpp:10:7:10:20 | operator new[] | getSizeArg = 0, requiresDealloc |
|
||||
| allocators.cpp:121:7:121:18 | operator new | getPlacementArgument = 1, getSizeArg = 0 |
|
||||
| allocators.cpp:122:7:122:20 | operator new[] | getPlacementArgument = 1, getSizeArg = 0 |
|
||||
| allocators.cpp:123:7:123:18 | operator new | getSizeArg = 0, requiresDealloc |
|
||||
| allocators.cpp:124:7:124:20 | operator new[] | getSizeArg = 0, requiresDealloc |
|
||||
| file://:0:0:0:0 | operator new | getSizeArg = 0, requiresDealloc |
|
||||
| file://:0:0:0:0 | operator new | getSizeArg = 0, requiresDealloc |
|
||||
| file://:0:0:0:0 | operator new[] | getSizeArg = 0, requiresDealloc |
|
||||
| file://:0:0:0:0 | operator new[] | getSizeArg = 0, requiresDealloc |
|
||||
allocationExprs
|
||||
| allocators.cpp:49:3:49:9 | new | getSizeBytes = 4, requiresDealloc |
|
||||
| allocators.cpp:50:3:50:15 | new | getSizeBytes = 4, requiresDealloc |
|
||||
| allocators.cpp:51:3:51:11 | new | getSizeBytes = 4, requiresDealloc |
|
||||
| allocators.cpp:52:3:52:14 | new | getSizeBytes = 8, requiresDealloc |
|
||||
| allocators.cpp:53:3:53:27 | new | getSizeBytes = 8, requiresDealloc |
|
||||
| allocators.cpp:54:3:54:17 | new | getSizeBytes = 256, requiresDealloc |
|
||||
| allocators.cpp:55:3:55:25 | new | getSizeBytes = 256, requiresDealloc |
|
||||
| allocators.cpp:68:3:68:12 | new[] | getSizeExpr = n, getSizeMult = 4, requiresDealloc |
|
||||
| allocators.cpp:69:3:69:18 | new[] | getSizeExpr = n, getSizeMult = 4, requiresDealloc |
|
||||
| allocators.cpp:70:3:70:15 | new[] | getSizeExpr = n, getSizeMult = 8, requiresDealloc |
|
||||
| allocators.cpp:71:3:71:20 | new[] | getSizeExpr = n, getSizeMult = 256, requiresDealloc |
|
||||
| allocators.cpp:72:3:72:16 | new[] | getSizeBytes = 80, requiresDealloc |
|
||||
| allocators.cpp:107:3:107:18 | new | getSizeBytes = 1, requiresDealloc |
|
||||
| allocators.cpp:108:3:108:19 | new[] | getSizeExpr = n, getSizeMult = 1, requiresDealloc |
|
||||
| allocators.cpp:109:3:109:35 | new | getSizeBytes = 128, requiresDealloc |
|
||||
| allocators.cpp:110:3:110:37 | new[] | getSizeBytes = 1280, requiresDealloc |
|
||||
| allocators.cpp:129:3:129:21 | new | getSizeBytes = 4 |
|
||||
| allocators.cpp:132:3:132:17 | new[] | getSizeBytes = 4 |
|
||||
| allocators.cpp:135:3:135:26 | new | getSizeBytes = 4, requiresDealloc |
|
||||
| allocators.cpp:136:3:136:26 | new[] | getSizeBytes = 8, requiresDealloc |
|
||||
| allocators.cpp:142:13:142:27 | new[] | getSizeExpr = x, getSizeMult = 10, requiresDealloc |
|
||||
| allocators.cpp:143:13:143:28 | new[] | getSizeBytes = 400, requiresDealloc |
|
||||
| allocators.cpp:144:13:144:31 | new[] | getSizeExpr = x, getSizeMult = 900, requiresDealloc |
|
||||
| allocators.cpp:149:8:149:19 | call to operator new | getSizeBytes = 4, getSizeExpr = sizeof(int), getSizeMult = 1, requiresDealloc |
|
||||
deallocationFunctions
|
||||
| allocators.cpp:11:6:11:20 | operator delete | getFreedArg = 0 |
|
||||
| allocators.cpp:12:6:12:22 | operator delete[] | getFreedArg = 0 |
|
||||
| allocators.cpp:13:6:13:20 | operator delete | getFreedArg = 0 |
|
||||
| allocators.cpp:14:6:14:22 | operator delete[] | getFreedArg = 0 |
|
||||
| file://:0:0:0:0 | operator delete | getFreedArg = 0 |
|
||||
| file://:0:0:0:0 | operator delete | getFreedArg = 0 |
|
||||
| file://:0:0:0:0 | operator delete | getFreedArg = 0 |
|
||||
| file://:0:0:0:0 | operator delete[] | getFreedArg = 0 |
|
||||
| file://:0:0:0:0 | operator delete[] | getFreedArg = 0 |
|
||||
deallocationExprs
|
||||
| allocators.cpp:59:3:59:35 | delete | getFreedExpr = 0 |
|
||||
| allocators.cpp:60:3:60:38 | delete | getFreedExpr = 0 |
|
||||
| allocators.cpp:61:3:61:44 | delete | getFreedExpr = 0 |
|
||||
| allocators.cpp:62:3:62:43 | delete | getFreedExpr = 0 |
|
||||
| allocators.cpp:63:3:63:47 | delete | getFreedExpr = 0 |
|
||||
| allocators.cpp:64:3:64:44 | delete | getFreedExpr = 0 |
|
||||
| allocators.cpp:78:3:78:37 | delete[] | getFreedExpr = 0 |
|
||||
| allocators.cpp:79:3:79:40 | delete[] | getFreedExpr = 0 |
|
||||
| allocators.cpp:80:3:80:46 | delete[] | getFreedExpr = 0 |
|
||||
| allocators.cpp:81:3:81:45 | delete[] | getFreedExpr = 0 |
|
||||
| allocators.cpp:82:3:82:49 | delete[] | getFreedExpr = 0 |
|
||||
| allocators.cpp:83:3:83:23 | delete[] | getFreedExpr = call to GetPointer |
|
||||
| allocators.cpp:150:2:150:16 | call to operator delete | getFreedExpr = ptr |
|
||||
|
||||
@@ -1,6 +1,9 @@
|
||||
import default
|
||||
import semmle.code.cpp.models.implementations.Allocation
|
||||
|
||||
query predicate newExprs(NewExpr expr, string type, string sig, int size, int alignment, string form) {
|
||||
query predicate newExprs(
|
||||
NewExpr expr, string type, string sig, int size, int alignment, string form, string placement
|
||||
) {
|
||||
exists(Function allocator, Type allocatedType |
|
||||
expr.getAllocator() = allocator and
|
||||
sig = allocator.getFullSignature() and
|
||||
@@ -8,13 +11,16 @@ query predicate newExprs(NewExpr expr, string type, string sig, int size, int al
|
||||
type = allocatedType.toString() and
|
||||
size = allocatedType.getSize() and
|
||||
alignment = allocatedType.getAlignment() and
|
||||
if expr.hasAlignedAllocation() then form = "aligned" else form = ""
|
||||
(if expr.hasAlignedAllocation() then form = "aligned" else form = "") and
|
||||
if exists(expr.getPlacementPointer())
|
||||
then placement = expr.getPlacementPointer().toString()
|
||||
else placement = ""
|
||||
)
|
||||
}
|
||||
|
||||
query predicate newArrayExprs(
|
||||
NewArrayExpr expr, string t1, string t2, string sig, int size, int alignment, string form,
|
||||
string extents
|
||||
string extents, string placement
|
||||
) {
|
||||
exists(Function allocator, Type arrayType, Type elementType |
|
||||
expr.getAllocator() = allocator and
|
||||
@@ -26,7 +32,10 @@ query predicate newArrayExprs(
|
||||
size = elementType.getSize() and
|
||||
alignment = elementType.getAlignment() and
|
||||
(if expr.hasAlignedAllocation() then form = "aligned" else form = "") and
|
||||
extents = concat(Expr e | e = expr.getExtent() | e.toString(), ", ")
|
||||
extents = concat(Expr e | e = expr.getExtent() | e.toString(), ", ") and
|
||||
if exists(expr.getPlacementPointer())
|
||||
then placement = expr.getPlacementPointer().toString()
|
||||
else placement = ""
|
||||
)
|
||||
}
|
||||
|
||||
@@ -101,3 +110,54 @@ query predicate deleteArrayExprs(
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
string describeAllocationFunction(AllocationFunction f) {
|
||||
result = "getSizeArg = " + f.getSizeArg().toString()
|
||||
or
|
||||
result = "getSizeMult = " + f.getSizeMult().toString()
|
||||
or
|
||||
result = "getReallocPtrArg = " + f.getReallocPtrArg().toString()
|
||||
or
|
||||
f.requiresDealloc() and
|
||||
result = "requiresDealloc"
|
||||
or
|
||||
result =
|
||||
"getPlacementArgument = " + f.(OperatorNewAllocationFunction).getPlacementArgument().toString()
|
||||
}
|
||||
|
||||
query predicate allocationFunctions(AllocationFunction f, string descr) {
|
||||
descr = concat(describeAllocationFunction(f), ", ")
|
||||
}
|
||||
|
||||
string describeAllocationExpr(AllocationExpr e) {
|
||||
result = "getSizeExpr = " + e.getSizeExpr().toString()
|
||||
or
|
||||
result = "getSizeMult = " + e.getSizeMult().toString()
|
||||
or
|
||||
result = "getSizeBytes = " + e.getSizeBytes().toString()
|
||||
or
|
||||
result = "getReallocPtr = " + e.getReallocPtr().toString()
|
||||
or
|
||||
e.requiresDealloc() and
|
||||
result = "requiresDealloc"
|
||||
}
|
||||
|
||||
query predicate allocationExprs(AllocationExpr e, string descr) {
|
||||
descr = concat(describeAllocationExpr(e), ", ")
|
||||
}
|
||||
|
||||
string describeDeallocationFunction(DeallocationFunction f) {
|
||||
result = "getFreedArg = " + f.getFreedArg().toString()
|
||||
}
|
||||
|
||||
query predicate deallocationFunctions(DeallocationFunction f, string descr) {
|
||||
descr = concat(describeDeallocationFunction(f), ", ")
|
||||
}
|
||||
|
||||
string describeDeallocationExpr(DeallocationExpr e) {
|
||||
result = "getFreedExpr = " + e.getFreedExpr().toString()
|
||||
}
|
||||
|
||||
query predicate deallocationExprs(DeallocationExpr e, string descr) {
|
||||
descr = concat(describeDeallocationExpr(e), ", ")
|
||||
}
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
| allocators.cpp:129:3:129:21 | new | allocators.cpp:129:7:129:13 | & ... |
|
||||
| allocators.cpp:132:3:132:17 | new[] | allocators.cpp:132:7:132:9 | buf |
|
||||
@@ -1,4 +0,0 @@
|
||||
import cpp
|
||||
|
||||
from NewOrNewArrayExpr new
|
||||
select new, new.getPlacementPointer() as placement
|
||||
@@ -73,3 +73,18 @@
|
||||
| test.cpp:100:17:100:22 | buffer | test.cpp:93:18:93:18 | s | |
|
||||
| test.cpp:100:17:100:22 | buffer | test.cpp:97:7:97:12 | buffer | |
|
||||
| test.cpp:100:17:100:22 | buffer | test.cpp:100:17:100:22 | buffer | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:8:24:8:25 | s1 | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:11:20:11:21 | s1 | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:11:36:11:37 | s2 | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:106:17:106:24 | userName | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:106:28:106:33 | call to getenv | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:106:28:106:46 | (const char *)... | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:108:8:108:11 | copy | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:109:2:109:7 | call to strcpy | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:109:9:109:12 | copy | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:109:15:109:22 | userName | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:6:111:27 | ! ... | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:7:111:12 | call to strcmp | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:7:111:27 | (bool)... | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:14:111:17 | (const char *)... | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:14:111:17 | copy | |
|
||||
|
||||
@@ -14,3 +14,6 @@
|
||||
| test.cpp:100:12:100:15 | call to gets | test.cpp:100:2:100:8 | pointer | AST only |
|
||||
| test.cpp:100:17:100:22 | buffer | test.cpp:97:7:97:12 | buffer | AST only |
|
||||
| test.cpp:100:17:100:22 | buffer | test.cpp:100:17:100:22 | array to pointer conversion | IR only |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:11:20:11:21 | s1 | AST only |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:108:8:108:11 | copy | AST only |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:109:9:109:12 | copy | AST only |
|
||||
|
||||
@@ -57,3 +57,15 @@
|
||||
| test.cpp:100:17:100:22 | buffer | test.cpp:93:18:93:18 | s | |
|
||||
| test.cpp:100:17:100:22 | buffer | test.cpp:100:17:100:22 | array to pointer conversion | |
|
||||
| test.cpp:100:17:100:22 | buffer | test.cpp:100:17:100:22 | buffer | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:8:24:8:25 | s1 | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:11:36:11:37 | s2 | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:106:17:106:24 | userName | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:106:28:106:33 | call to getenv | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:106:28:106:46 | (const char *)... | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:109:2:109:7 | call to strcpy | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:109:15:109:22 | userName | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:6:111:27 | ! ... | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:7:111:12 | call to strcmp | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:7:111:27 | (bool)... | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:14:111:17 | (const char *)... | |
|
||||
| test.cpp:106:28:106:33 | call to getenv | test.cpp:111:14:111:17 | copy | |
|
||||
|
||||
@@ -99,3 +99,16 @@ void test_gets()
|
||||
|
||||
pointer = gets(buffer);
|
||||
}
|
||||
|
||||
const char *alias_global_new;
|
||||
|
||||
void newBuffer() {
|
||||
const char *userName = getenv("USER_NAME");
|
||||
char *alias = new char[4096];
|
||||
char *copy = new char[4096];
|
||||
strcpy(copy, userName);
|
||||
alias_global_new = alias; // to force a Chi node on all aliased memory
|
||||
if (!strcmp(copy, "admin")) { // copy should be tainted
|
||||
isAdmin = true;
|
||||
}
|
||||
}
|
||||
@@ -105,6 +105,53 @@
|
||||
| format.cpp:130:23:130:23 | 0 | format.cpp:130:21:130:24 | {...} | TAINT |
|
||||
| format.cpp:131:39:131:45 | ref arg & ... | format.cpp:132:8:132:13 | buffer | |
|
||||
| format.cpp:131:40:131:45 | buffer | format.cpp:131:39:131:45 | & ... | |
|
||||
| stl.cpp:67:12:67:17 | call to source | stl.cpp:71:7:71:7 | a | |
|
||||
| stl.cpp:68:16:68:20 | 123 | stl.cpp:68:16:68:21 | call to basic_string | TAINT |
|
||||
| stl.cpp:68:16:68:21 | call to basic_string | stl.cpp:72:7:72:7 | b | |
|
||||
| stl.cpp:68:16:68:21 | call to basic_string | stl.cpp:74:7:74:7 | b | |
|
||||
| stl.cpp:69:16:69:21 | call to source | stl.cpp:69:16:69:24 | call to basic_string | TAINT |
|
||||
| stl.cpp:69:16:69:24 | call to basic_string | stl.cpp:73:7:73:7 | c | |
|
||||
| stl.cpp:69:16:69:24 | call to basic_string | stl.cpp:75:7:75:7 | c | |
|
||||
| stl.cpp:74:7:74:7 | b | stl.cpp:74:9:74:13 | call to c_str | TAINT |
|
||||
| stl.cpp:75:7:75:7 | c | stl.cpp:75:9:75:13 | call to c_str | TAINT |
|
||||
| stl.cpp:80:20:80:22 | call to basic_stringstream | stl.cpp:83:2:83:4 | ss1 | |
|
||||
| stl.cpp:80:20:80:22 | call to basic_stringstream | stl.cpp:89:7:89:9 | ss1 | |
|
||||
| stl.cpp:80:20:80:22 | call to basic_stringstream | stl.cpp:94:7:94:9 | ss1 | |
|
||||
| stl.cpp:80:25:80:27 | call to basic_stringstream | stl.cpp:84:2:84:4 | ss2 | |
|
||||
| stl.cpp:80:25:80:27 | call to basic_stringstream | stl.cpp:90:7:90:9 | ss2 | |
|
||||
| stl.cpp:80:25:80:27 | call to basic_stringstream | stl.cpp:95:7:95:9 | ss2 | |
|
||||
| stl.cpp:80:30:80:32 | call to basic_stringstream | stl.cpp:85:2:85:4 | ss3 | |
|
||||
| stl.cpp:80:30:80:32 | call to basic_stringstream | stl.cpp:91:7:91:9 | ss3 | |
|
||||
| stl.cpp:80:30:80:32 | call to basic_stringstream | stl.cpp:96:7:96:9 | ss3 | |
|
||||
| stl.cpp:80:35:80:37 | call to basic_stringstream | stl.cpp:86:2:86:4 | ss4 | |
|
||||
| stl.cpp:80:35:80:37 | call to basic_stringstream | stl.cpp:92:7:92:9 | ss4 | |
|
||||
| stl.cpp:80:35:80:37 | call to basic_stringstream | stl.cpp:97:7:97:9 | ss4 | |
|
||||
| stl.cpp:80:40:80:42 | call to basic_stringstream | stl.cpp:87:2:87:4 | ss5 | |
|
||||
| stl.cpp:80:40:80:42 | call to basic_stringstream | stl.cpp:93:7:93:9 | ss5 | |
|
||||
| stl.cpp:80:40:80:42 | call to basic_stringstream | stl.cpp:98:7:98:9 | ss5 | |
|
||||
| stl.cpp:81:16:81:21 | call to source | stl.cpp:81:16:81:24 | call to basic_string | TAINT |
|
||||
| stl.cpp:81:16:81:24 | call to basic_string | stl.cpp:87:9:87:9 | t | |
|
||||
| stl.cpp:83:2:83:4 | ref arg ss1 | stl.cpp:89:7:89:9 | ss1 | |
|
||||
| stl.cpp:83:2:83:4 | ref arg ss1 | stl.cpp:94:7:94:9 | ss1 | |
|
||||
| stl.cpp:84:2:84:4 | ref arg ss2 | stl.cpp:90:7:90:9 | ss2 | |
|
||||
| stl.cpp:84:2:84:4 | ref arg ss2 | stl.cpp:95:7:95:9 | ss2 | |
|
||||
| stl.cpp:85:2:85:4 | ref arg ss3 | stl.cpp:91:7:91:9 | ss3 | |
|
||||
| stl.cpp:85:2:85:4 | ref arg ss3 | stl.cpp:96:7:96:9 | ss3 | |
|
||||
| stl.cpp:86:2:86:4 | ref arg ss4 | stl.cpp:92:7:92:9 | ss4 | |
|
||||
| stl.cpp:86:2:86:4 | ref arg ss4 | stl.cpp:97:7:97:9 | ss4 | |
|
||||
| stl.cpp:87:2:87:4 | ref arg ss5 | stl.cpp:93:7:93:9 | ss5 | |
|
||||
| stl.cpp:87:2:87:4 | ref arg ss5 | stl.cpp:98:7:98:9 | ss5 | |
|
||||
| stl.cpp:101:32:101:37 | source | stl.cpp:106:9:106:14 | source | |
|
||||
| stl.cpp:103:20:103:22 | call to basic_stringstream | stl.cpp:105:2:105:4 | ss1 | |
|
||||
| stl.cpp:103:20:103:22 | call to basic_stringstream | stl.cpp:108:7:108:9 | ss1 | |
|
||||
| stl.cpp:103:20:103:22 | call to basic_stringstream | stl.cpp:110:7:110:9 | ss1 | |
|
||||
| stl.cpp:103:25:103:27 | call to basic_stringstream | stl.cpp:106:2:106:4 | ss2 | |
|
||||
| stl.cpp:103:25:103:27 | call to basic_stringstream | stl.cpp:109:7:109:9 | ss2 | |
|
||||
| stl.cpp:103:25:103:27 | call to basic_stringstream | stl.cpp:111:7:111:9 | ss2 | |
|
||||
| stl.cpp:105:2:105:4 | ss1 [post update] | stl.cpp:108:7:108:9 | ss1 | |
|
||||
| stl.cpp:105:2:105:4 | ss1 [post update] | stl.cpp:110:7:110:9 | ss1 | |
|
||||
| stl.cpp:106:2:106:4 | ss2 [post update] | stl.cpp:109:7:109:9 | ss2 | |
|
||||
| stl.cpp:106:2:106:4 | ss2 [post update] | stl.cpp:111:7:111:9 | ss2 | |
|
||||
| taint.cpp:4:27:4:33 | source1 | taint.cpp:6:13:6:19 | source1 | |
|
||||
| taint.cpp:4:40:4:45 | clean1 | taint.cpp:5:8:5:13 | clean1 | |
|
||||
| taint.cpp:4:40:4:45 | clean1 | taint.cpp:6:3:6:8 | clean1 | |
|
||||
@@ -512,3 +559,20 @@
|
||||
| taint.cpp:444:7:444:7 | d [post update] | taint.cpp:447:7:447:7 | d | |
|
||||
| taint.cpp:445:2:445:2 | d [post update] | taint.cpp:446:7:446:7 | d | |
|
||||
| taint.cpp:445:2:445:2 | d [post update] | taint.cpp:447:7:447:7 | d | |
|
||||
| taint.cpp:452:16:452:16 | a | taint.cpp:454:10:454:10 | a | |
|
||||
| taint.cpp:452:24:452:24 | b | taint.cpp:455:6:455:6 | b | |
|
||||
| taint.cpp:454:10:454:10 | a | taint.cpp:456:6:456:6 | c | |
|
||||
| taint.cpp:455:6:455:6 | b | taint.cpp:452:16:452:16 | a | |
|
||||
| taint.cpp:455:6:455:6 | b | taint.cpp:455:2:455:6 | ... = ... | |
|
||||
| taint.cpp:456:6:456:6 | c | taint.cpp:452:24:452:24 | b | |
|
||||
| taint.cpp:456:6:456:6 | c | taint.cpp:456:2:456:6 | ... = ... | |
|
||||
| taint.cpp:462:6:462:11 | call to source | taint.cpp:462:2:462:13 | ... = ... | |
|
||||
| taint.cpp:462:6:462:11 | call to source | taint.cpp:465:7:465:7 | x | |
|
||||
| taint.cpp:462:6:462:11 | call to source | taint.cpp:468:7:468:7 | x | |
|
||||
| taint.cpp:462:6:462:11 | call to source | taint.cpp:470:7:470:7 | x | |
|
||||
| taint.cpp:463:6:463:6 | 0 | taint.cpp:463:2:463:6 | ... = ... | |
|
||||
| taint.cpp:463:6:463:6 | 0 | taint.cpp:466:7:466:7 | y | |
|
||||
| taint.cpp:463:6:463:6 | 0 | taint.cpp:468:10:468:10 | y | |
|
||||
| taint.cpp:463:6:463:6 | 0 | taint.cpp:471:7:471:7 | y | |
|
||||
| taint.cpp:468:7:468:7 | ref arg x | taint.cpp:470:7:470:7 | x | |
|
||||
| taint.cpp:468:10:468:10 | ref arg y | taint.cpp:471:7:471:7 | y | |
|
||||
|
||||
112
cpp/ql/test/library-tests/dataflow/taint-tests/stl.cpp
Normal file
112
cpp/ql/test/library-tests/dataflow/taint-tests/stl.cpp
Normal file
@@ -0,0 +1,112 @@
|
||||
|
||||
typedef unsigned long size_t;
|
||||
|
||||
namespace std
|
||||
{
|
||||
template<class charT> struct char_traits;
|
||||
|
||||
typedef size_t streamsize;
|
||||
|
||||
template <class T> class allocator {
|
||||
public:
|
||||
allocator() throw();
|
||||
};
|
||||
|
||||
template<class charT, class traits = char_traits<charT>, class Allocator = allocator<charT> >
|
||||
class basic_string {
|
||||
public:
|
||||
explicit basic_string(const Allocator& a = Allocator());
|
||||
basic_string(const charT* s, const Allocator& a = Allocator());
|
||||
|
||||
const charT* c_str() const;
|
||||
};
|
||||
|
||||
typedef basic_string<char> string;
|
||||
|
||||
template <class charT, class traits = char_traits<charT> >
|
||||
class basic_istream /*: virtual public basic_ios<charT,traits> - not needed for this test */ {
|
||||
public:
|
||||
basic_istream<charT,traits>& operator>>(int& n);
|
||||
};
|
||||
|
||||
template <class charT, class traits = char_traits<charT> >
|
||||
class basic_ostream /*: virtual public basic_ios<charT,traits> - not needed for this test */ {
|
||||
public:
|
||||
typedef charT char_type;
|
||||
basic_ostream<charT,traits>& write(const char_type* s, streamsize n);
|
||||
|
||||
basic_ostream<charT, traits>& operator<<(int n);
|
||||
};
|
||||
|
||||
template<class charT, class traits> basic_ostream<charT,traits>& operator<<(basic_ostream<charT,traits>&, const charT*);
|
||||
template<class charT, class traits, class Allocator> basic_ostream<charT, traits>& operator<<(basic_ostream<charT, traits>& os, const basic_string<charT, traits, Allocator>& str);
|
||||
|
||||
template<class charT, class traits = char_traits<charT>>
|
||||
class basic_iostream : public basic_istream<charT, traits>, public basic_ostream<charT, traits> {
|
||||
public:
|
||||
};
|
||||
|
||||
template<class charT, class traits = char_traits<charT>, class Allocator = allocator<charT>>
|
||||
class basic_stringstream : public basic_iostream<charT, traits> {
|
||||
public:
|
||||
explicit basic_stringstream(/*ios_base::openmode which = ios_base::out|ios_base::in - not needed for this test*/);
|
||||
|
||||
basic_string<charT, traits, Allocator> str() const;
|
||||
};
|
||||
|
||||
using stringstream = basic_stringstream<char>;
|
||||
}
|
||||
|
||||
char *source();
|
||||
void sink(const char *s) {};
|
||||
void sink(const std::string &s) {};
|
||||
void sink(const std::stringstream &s) {};
|
||||
|
||||
void test_string()
|
||||
{
|
||||
char *a = source();
|
||||
std::string b("123");
|
||||
std::string c(source());
|
||||
|
||||
sink(a); // tainted
|
||||
sink(b);
|
||||
sink(c); // tainted
|
||||
sink(b.c_str());
|
||||
sink(c.c_str()); // tainted
|
||||
}
|
||||
|
||||
void test_stringstream()
|
||||
{
|
||||
std::stringstream ss1, ss2, ss3, ss4, ss5;
|
||||
std::string t(source());
|
||||
|
||||
ss1 << "1234";
|
||||
ss2 << source();
|
||||
ss3 << "123" << source();
|
||||
ss4 << source() << "456";
|
||||
ss5 << t;
|
||||
|
||||
sink(ss1);
|
||||
sink(ss2); // tainted [NOT DETECTED]
|
||||
sink(ss3); // tainted [NOT DETECTED]
|
||||
sink(ss4); // tainted [NOT DETECTED]
|
||||
sink(ss5); // tainted [NOT DETECTED]
|
||||
sink(ss1.str());
|
||||
sink(ss2.str()); // tainted [NOT DETECTED]
|
||||
sink(ss3.str()); // tainted [NOT DETECTED]
|
||||
sink(ss4.str()); // tainted [NOT DETECTED]
|
||||
sink(ss5.str()); // tainted [NOT DETECTED]
|
||||
}
|
||||
|
||||
void test_stringstream_int(int source)
|
||||
{
|
||||
std::stringstream ss1, ss2;
|
||||
|
||||
ss1 << 1234;
|
||||
ss2 << source;
|
||||
|
||||
sink(ss1);
|
||||
sink(ss2); // tainted [NOT DETECTED]
|
||||
sink(ss1.str());
|
||||
sink(ss2.str()); // tainted [NOT DETECTED]
|
||||
}
|
||||
@@ -195,7 +195,7 @@ void test_memcpy(int *source) {
|
||||
sink(x);
|
||||
}
|
||||
|
||||
// --- swap ---
|
||||
// --- std::swap ---
|
||||
|
||||
namespace std {
|
||||
template<class T> constexpr void swap(T& a, T& b);
|
||||
@@ -446,3 +446,27 @@ void test_qualifiers()
|
||||
sink(d); // tainted
|
||||
sink(d.getString()); // tainted
|
||||
}
|
||||
|
||||
// --- non-standard swap ---
|
||||
|
||||
void swop(int &a, int &b)
|
||||
{
|
||||
int c = a;
|
||||
a = b;
|
||||
b = c;
|
||||
}
|
||||
|
||||
void test_swop() {
|
||||
int x, y;
|
||||
|
||||
x = source();
|
||||
y = 0;
|
||||
|
||||
sink(x); // tainted
|
||||
sink(y); // clean
|
||||
|
||||
swop(x, y);
|
||||
|
||||
sink(x); // clean [FALSE POSITIVE]
|
||||
sink(y); // tainted
|
||||
}
|
||||
|
||||
@@ -8,6 +8,9 @@
|
||||
| format.cpp:96:8:96:13 | buffer | format.cpp:95:30:95:43 | call to source |
|
||||
| format.cpp:101:8:101:13 | buffer | format.cpp:100:31:100:45 | call to source |
|
||||
| format.cpp:106:8:106:14 | wbuffer | format.cpp:105:38:105:52 | call to source |
|
||||
| stl.cpp:71:7:71:7 | a | stl.cpp:67:12:67:17 | call to source |
|
||||
| stl.cpp:73:7:73:7 | c | stl.cpp:69:16:69:21 | call to source |
|
||||
| stl.cpp:75:9:75:13 | call to c_str | stl.cpp:69:16:69:21 | call to source |
|
||||
| taint.cpp:8:8:8:13 | clean1 | taint.cpp:4:27:4:33 | source1 |
|
||||
| taint.cpp:16:8:16:14 | source1 | taint.cpp:12:22:12:27 | call to source |
|
||||
| taint.cpp:17:8:17:16 | ++ ... | taint.cpp:12:22:12:27 | call to source |
|
||||
@@ -58,3 +61,6 @@
|
||||
| taint.cpp:439:10:439:18 | call to getMember | taint.cpp:437:15:437:20 | call to source |
|
||||
| taint.cpp:446:7:446:7 | d | taint.cpp:445:14:445:28 | call to source |
|
||||
| taint.cpp:447:9:447:17 | call to getString | taint.cpp:445:14:445:28 | call to source |
|
||||
| taint.cpp:465:7:465:7 | x | taint.cpp:462:6:462:11 | call to source |
|
||||
| taint.cpp:470:7:470:7 | x | taint.cpp:462:6:462:11 | call to source |
|
||||
| taint.cpp:471:7:471:7 | y | taint.cpp:462:6:462:11 | call to source |
|
||||
|
||||
@@ -8,6 +8,8 @@
|
||||
| format.cpp:96:8:96:13 | format.cpp:95:30:95:43 | AST only |
|
||||
| format.cpp:101:8:101:13 | format.cpp:100:31:100:45 | AST only |
|
||||
| format.cpp:106:8:106:14 | format.cpp:105:38:105:52 | AST only |
|
||||
| stl.cpp:73:7:73:7 | stl.cpp:69:16:69:21 | AST only |
|
||||
| stl.cpp:75:9:75:13 | stl.cpp:69:16:69:21 | AST only |
|
||||
| taint.cpp:41:7:41:13 | taint.cpp:35:12:35:17 | AST only |
|
||||
| taint.cpp:42:7:42:13 | taint.cpp:35:12:35:17 | AST only |
|
||||
| taint.cpp:43:7:43:13 | taint.cpp:37:22:37:27 | AST only |
|
||||
@@ -42,3 +44,4 @@
|
||||
| taint.cpp:439:10:439:18 | taint.cpp:437:15:437:20 | AST only |
|
||||
| taint.cpp:446:7:446:7 | taint.cpp:445:14:445:28 | AST only |
|
||||
| taint.cpp:447:9:447:17 | taint.cpp:445:14:445:28 | AST only |
|
||||
| taint.cpp:471:7:471:7 | taint.cpp:462:6:462:11 | AST only |
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
| stl.cpp:71:7:71:7 | (const char *)... | stl.cpp:67:12:67:17 | call to source |
|
||||
| stl.cpp:71:7:71:7 | a | stl.cpp:67:12:67:17 | call to source |
|
||||
| taint.cpp:8:8:8:13 | clean1 | taint.cpp:4:27:4:33 | source1 |
|
||||
| taint.cpp:16:8:16:14 | source1 | taint.cpp:12:22:12:27 | call to source |
|
||||
| taint.cpp:17:8:17:16 | ++ ... | taint.cpp:12:22:12:27 | call to source |
|
||||
@@ -20,3 +22,5 @@
|
||||
| taint.cpp:382:7:382:7 | a | taint.cpp:377:23:377:28 | source |
|
||||
| taint.cpp:429:7:429:7 | b | taint.cpp:428:13:428:18 | call to source |
|
||||
| taint.cpp:430:9:430:14 | member | taint.cpp:428:13:428:18 | call to source |
|
||||
| taint.cpp:465:7:465:7 | x | taint.cpp:462:6:462:11 | call to source |
|
||||
| taint.cpp:470:7:470:7 | x | taint.cpp:462:6:462:11 | call to source |
|
||||
|
||||
@@ -4664,58 +4664,65 @@ ir.cpp:
|
||||
# 950| r950_2(unsigned long) = Constant[4] :
|
||||
# 950| r950_3(void *) = Call : func:r950_1, 0:r950_2
|
||||
# 950| mu950_4(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 950| r950_5(int *) = Convert : r950_3
|
||||
# 950| mu950_5(unknown) = ^InitializeDynamicAllocation : &:r950_3
|
||||
# 950| r950_6(int *) = Convert : r950_3
|
||||
# 951| r951_1(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 951| r951_2(unsigned long) = Constant[4] :
|
||||
# 951| r951_3(float) = Constant[1.0] :
|
||||
# 951| r951_4(void *) = Call : func:r951_1, 0:r951_2, 1:r951_3
|
||||
# 951| mu951_5(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 951| r951_6(int *) = Convert : r951_4
|
||||
# 951| mu951_6(unknown) = ^InitializeDynamicAllocation : &:r951_4
|
||||
# 951| r951_7(int *) = Convert : r951_4
|
||||
# 952| r952_1(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 952| r952_2(unsigned long) = Constant[4] :
|
||||
# 952| r952_3(void *) = Call : func:r952_1, 0:r952_2
|
||||
# 952| mu952_4(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 952| r952_5(int *) = Convert : r952_3
|
||||
# 952| r952_6(int) = Constant[0] :
|
||||
# 952| mu952_7(int) = Store : &:r952_5, r952_6
|
||||
# 952| mu952_5(unknown) = ^InitializeDynamicAllocation : &:r952_3
|
||||
# 952| r952_6(int *) = Convert : r952_3
|
||||
# 952| r952_7(int) = Constant[0] :
|
||||
# 952| mu952_8(int) = Store : &:r952_6, r952_7
|
||||
# 953| r953_1(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 953| r953_2(unsigned long) = Constant[8] :
|
||||
# 953| r953_3(void *) = Call : func:r953_1, 0:r953_2
|
||||
# 953| mu953_4(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 953| r953_5(String *) = Convert : r953_3
|
||||
# 953| r953_6(glval<unknown>) = FunctionAddress[String] :
|
||||
# 953| v953_7(void) = Call : func:r953_6, this:r953_5
|
||||
# 953| mu953_8(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 953| mu953_9(String) = ^IndirectMayWriteSideEffect[-1] : &:r953_5
|
||||
# 953| mu953_5(unknown) = ^InitializeDynamicAllocation : &:r953_3
|
||||
# 953| r953_6(String *) = Convert : r953_3
|
||||
# 953| r953_7(glval<unknown>) = FunctionAddress[String] :
|
||||
# 953| v953_8(void) = Call : func:r953_7, this:r953_6
|
||||
# 953| mu953_9(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 953| mu953_10(String) = ^IndirectMayWriteSideEffect[-1] : &:r953_6
|
||||
# 954| r954_1(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 954| r954_2(unsigned long) = Constant[8] :
|
||||
# 954| r954_3(float) = Constant[1.0] :
|
||||
# 954| r954_4(void *) = Call : func:r954_1, 0:r954_2, 1:r954_3
|
||||
# 954| mu954_5(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 954| r954_6(String *) = Convert : r954_4
|
||||
# 954| r954_7(glval<unknown>) = FunctionAddress[String] :
|
||||
# 954| r954_8(glval<char[6]>) = StringConstant["hello"] :
|
||||
# 954| r954_9(char *) = Convert : r954_8
|
||||
# 954| v954_10(void) = Call : func:r954_7, this:r954_6, 0:r954_9
|
||||
# 954| mu954_11(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 954| mu954_12(String) = ^IndirectMayWriteSideEffect[-1] : &:r954_6
|
||||
# 954| v954_13(void) = ^BufferReadSideEffect[0] : &:r954_9, ~mu949_4
|
||||
# 954| mu954_14(unknown) = ^BufferMayWriteSideEffect[0] : &:r954_9
|
||||
# 954| mu954_6(unknown) = ^InitializeDynamicAllocation : &:r954_4
|
||||
# 954| r954_7(String *) = Convert : r954_4
|
||||
# 954| r954_8(glval<unknown>) = FunctionAddress[String] :
|
||||
# 954| r954_9(glval<char[6]>) = StringConstant["hello"] :
|
||||
# 954| r954_10(char *) = Convert : r954_9
|
||||
# 954| v954_11(void) = Call : func:r954_8, this:r954_7, 0:r954_10
|
||||
# 954| mu954_12(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 954| mu954_13(String) = ^IndirectMayWriteSideEffect[-1] : &:r954_7
|
||||
# 954| v954_14(void) = ^BufferReadSideEffect[0] : &:r954_10, ~mu949_4
|
||||
# 954| mu954_15(unknown) = ^BufferMayWriteSideEffect[0] : &:r954_10
|
||||
# 955| r955_1(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 955| r955_2(unsigned long) = Constant[256] :
|
||||
# 955| r955_3(align_val_t) = Constant[128] :
|
||||
# 955| r955_4(void *) = Call : func:r955_1, 0:r955_2, 1:r955_3
|
||||
# 955| mu955_5(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 955| r955_6(Overaligned *) = Convert : r955_4
|
||||
# 955| mu955_6(unknown) = ^InitializeDynamicAllocation : &:r955_4
|
||||
# 955| r955_7(Overaligned *) = Convert : r955_4
|
||||
# 956| r956_1(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 956| r956_2(unsigned long) = Constant[256] :
|
||||
# 956| r956_3(align_val_t) = Constant[128] :
|
||||
# 956| r956_4(float) = Constant[1.0] :
|
||||
# 956| r956_5(void *) = Call : func:r956_1, 0:r956_2, 1:r956_3, 2:r956_4
|
||||
# 956| mu956_6(unknown) = ^CallSideEffect : ~mu949_4
|
||||
# 956| r956_7(Overaligned *) = Convert : r956_5
|
||||
# 956| r956_8(Overaligned) = Constant[0] :
|
||||
# 956| mu956_9(Overaligned) = Store : &:r956_7, r956_8
|
||||
# 956| mu956_7(unknown) = ^InitializeDynamicAllocation : &:r956_5
|
||||
# 956| r956_8(Overaligned *) = Convert : r956_5
|
||||
# 956| r956_9(Overaligned) = Constant[0] :
|
||||
# 956| mu956_10(Overaligned) = Store : &:r956_8, r956_9
|
||||
# 957| v957_1(void) = NoOp :
|
||||
# 949| v949_5(void) = ReturnVoid :
|
||||
# 949| v949_6(void) = UnmodeledUse : mu*
|
||||
@@ -4724,85 +4731,93 @@ ir.cpp:
|
||||
|
||||
# 959| void OperatorNewArray(int)
|
||||
# 959| Block 0
|
||||
# 959| v959_1(void) = EnterFunction :
|
||||
# 959| mu959_2(unknown) = AliasedDefinition :
|
||||
# 959| mu959_3(unknown) = InitializeNonLocal :
|
||||
# 959| mu959_4(unknown) = UnmodeledDefinition :
|
||||
# 959| r959_5(glval<int>) = VariableAddress[n] :
|
||||
# 959| mu959_6(int) = InitializeParameter[n] : &:r959_5
|
||||
# 960| r960_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 960| r960_2(unsigned long) = Constant[40] :
|
||||
# 960| r960_3(void *) = Call : func:r960_1, 0:r960_2
|
||||
# 960| mu960_4(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 960| r960_5(int *) = Convert : r960_3
|
||||
# 961| r961_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 961| r961_2(glval<int>) = VariableAddress[n] :
|
||||
# 961| r961_3(int) = Load : &:r961_2, ~mu959_4
|
||||
# 961| r961_4(unsigned long) = Convert : r961_3
|
||||
# 961| r961_5(unsigned long) = Constant[4] :
|
||||
# 961| r961_6(unsigned long) = Mul : r961_4, r961_5
|
||||
# 961| r961_7(void *) = Call : func:r961_1, 0:r961_6
|
||||
# 961| mu961_8(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 961| r961_9(int *) = Convert : r961_7
|
||||
# 962| r962_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 962| r962_2(glval<int>) = VariableAddress[n] :
|
||||
# 962| r962_3(int) = Load : &:r962_2, ~mu959_4
|
||||
# 962| r962_4(unsigned long) = Convert : r962_3
|
||||
# 962| r962_5(unsigned long) = Constant[4] :
|
||||
# 962| r962_6(unsigned long) = Mul : r962_4, r962_5
|
||||
# 962| r962_7(float) = Constant[1.0] :
|
||||
# 962| r962_8(void *) = Call : func:r962_1, 0:r962_6, 1:r962_7
|
||||
# 962| mu962_9(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 962| r962_10(int *) = Convert : r962_8
|
||||
# 963| r963_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 963| r963_2(glval<int>) = VariableAddress[n] :
|
||||
# 963| r963_3(int) = Load : &:r963_2, ~mu959_4
|
||||
# 963| r963_4(unsigned long) = Convert : r963_3
|
||||
# 963| r963_5(unsigned long) = Constant[8] :
|
||||
# 963| r963_6(unsigned long) = Mul : r963_4, r963_5
|
||||
# 963| r963_7(void *) = Call : func:r963_1, 0:r963_6
|
||||
# 963| mu963_8(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 963| r963_9(String *) = Convert : r963_7
|
||||
# 964| r964_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 964| r964_2(glval<int>) = VariableAddress[n] :
|
||||
# 964| r964_3(int) = Load : &:r964_2, ~mu959_4
|
||||
# 964| r964_4(unsigned long) = Convert : r964_3
|
||||
# 964| r964_5(unsigned long) = Constant[256] :
|
||||
# 964| r964_6(unsigned long) = Mul : r964_4, r964_5
|
||||
# 964| r964_7(align_val_t) = Constant[128] :
|
||||
# 964| r964_8(void *) = Call : func:r964_1, 0:r964_6, 1:r964_7
|
||||
# 964| mu964_9(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 964| r964_10(Overaligned *) = Convert : r964_8
|
||||
# 965| r965_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 965| r965_2(unsigned long) = Constant[2560] :
|
||||
# 965| r965_3(align_val_t) = Constant[128] :
|
||||
# 965| r965_4(float) = Constant[1.0] :
|
||||
# 965| r965_5(void *) = Call : func:r965_1, 0:r965_2, 1:r965_3, 2:r965_4
|
||||
# 965| mu965_6(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 965| r965_7(Overaligned *) = Convert : r965_5
|
||||
# 966| r966_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 966| r966_2(glval<int>) = VariableAddress[n] :
|
||||
# 966| r966_3(int) = Load : &:r966_2, ~mu959_4
|
||||
# 966| r966_4(unsigned long) = Convert : r966_3
|
||||
# 966| r966_5(unsigned long) = Constant[1] :
|
||||
# 966| r966_6(unsigned long) = Mul : r966_4, r966_5
|
||||
# 966| r966_7(void *) = Call : func:r966_1, 0:r966_6
|
||||
# 966| mu966_8(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 966| r966_9(DefaultCtorWithDefaultParam *) = Convert : r966_7
|
||||
# 967| r967_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 967| r967_2(glval<int>) = VariableAddress[n] :
|
||||
# 967| r967_3(int) = Load : &:r967_2, ~mu959_4
|
||||
# 967| r967_4(unsigned long) = Convert : r967_3
|
||||
# 967| r967_5(unsigned long) = Constant[4] :
|
||||
# 967| r967_6(unsigned long) = Mul : r967_4, r967_5
|
||||
# 967| r967_7(void *) = Call : func:r967_1, 0:r967_6
|
||||
# 967| mu967_8(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 967| r967_9(int *) = Convert : r967_7
|
||||
# 968| v968_1(void) = NoOp :
|
||||
# 959| v959_7(void) = ReturnVoid :
|
||||
# 959| v959_8(void) = UnmodeledUse : mu*
|
||||
# 959| v959_9(void) = AliasedUse : ~mu959_4
|
||||
# 959| v959_10(void) = ExitFunction :
|
||||
# 959| v959_1(void) = EnterFunction :
|
||||
# 959| mu959_2(unknown) = AliasedDefinition :
|
||||
# 959| mu959_3(unknown) = InitializeNonLocal :
|
||||
# 959| mu959_4(unknown) = UnmodeledDefinition :
|
||||
# 959| r959_5(glval<int>) = VariableAddress[n] :
|
||||
# 959| mu959_6(int) = InitializeParameter[n] : &:r959_5
|
||||
# 960| r960_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 960| r960_2(unsigned long) = Constant[40] :
|
||||
# 960| r960_3(void *) = Call : func:r960_1, 0:r960_2
|
||||
# 960| mu960_4(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 960| mu960_5(unknown) = ^InitializeDynamicAllocation : &:r960_3
|
||||
# 960| r960_6(int *) = Convert : r960_3
|
||||
# 961| r961_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 961| r961_2(glval<int>) = VariableAddress[n] :
|
||||
# 961| r961_3(int) = Load : &:r961_2, ~mu959_4
|
||||
# 961| r961_4(unsigned long) = Convert : r961_3
|
||||
# 961| r961_5(unsigned long) = Constant[4] :
|
||||
# 961| r961_6(unsigned long) = Mul : r961_4, r961_5
|
||||
# 961| r961_7(void *) = Call : func:r961_1, 0:r961_6
|
||||
# 961| mu961_8(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 961| mu961_9(unknown) = ^InitializeDynamicAllocation : &:r961_7
|
||||
# 961| r961_10(int *) = Convert : r961_7
|
||||
# 962| r962_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 962| r962_2(glval<int>) = VariableAddress[n] :
|
||||
# 962| r962_3(int) = Load : &:r962_2, ~mu959_4
|
||||
# 962| r962_4(unsigned long) = Convert : r962_3
|
||||
# 962| r962_5(unsigned long) = Constant[4] :
|
||||
# 962| r962_6(unsigned long) = Mul : r962_4, r962_5
|
||||
# 962| r962_7(float) = Constant[1.0] :
|
||||
# 962| r962_8(void *) = Call : func:r962_1, 0:r962_6, 1:r962_7
|
||||
# 962| mu962_9(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 962| mu962_10(unknown) = ^InitializeDynamicAllocation : &:r962_8
|
||||
# 962| r962_11(int *) = Convert : r962_8
|
||||
# 963| r963_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 963| r963_2(glval<int>) = VariableAddress[n] :
|
||||
# 963| r963_3(int) = Load : &:r963_2, ~mu959_4
|
||||
# 963| r963_4(unsigned long) = Convert : r963_3
|
||||
# 963| r963_5(unsigned long) = Constant[8] :
|
||||
# 963| r963_6(unsigned long) = Mul : r963_4, r963_5
|
||||
# 963| r963_7(void *) = Call : func:r963_1, 0:r963_6
|
||||
# 963| mu963_8(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 963| mu963_9(unknown) = ^InitializeDynamicAllocation : &:r963_7
|
||||
# 963| r963_10(String *) = Convert : r963_7
|
||||
# 964| r964_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 964| r964_2(glval<int>) = VariableAddress[n] :
|
||||
# 964| r964_3(int) = Load : &:r964_2, ~mu959_4
|
||||
# 964| r964_4(unsigned long) = Convert : r964_3
|
||||
# 964| r964_5(unsigned long) = Constant[256] :
|
||||
# 964| r964_6(unsigned long) = Mul : r964_4, r964_5
|
||||
# 964| r964_7(align_val_t) = Constant[128] :
|
||||
# 964| r964_8(void *) = Call : func:r964_1, 0:r964_6, 1:r964_7
|
||||
# 964| mu964_9(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 964| mu964_10(unknown) = ^InitializeDynamicAllocation : &:r964_8
|
||||
# 964| r964_11(Overaligned *) = Convert : r964_8
|
||||
# 965| r965_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 965| r965_2(unsigned long) = Constant[2560] :
|
||||
# 965| r965_3(align_val_t) = Constant[128] :
|
||||
# 965| r965_4(float) = Constant[1.0] :
|
||||
# 965| r965_5(void *) = Call : func:r965_1, 0:r965_2, 1:r965_3, 2:r965_4
|
||||
# 965| mu965_6(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 965| mu965_7(unknown) = ^InitializeDynamicAllocation : &:r965_5
|
||||
# 965| r965_8(Overaligned *) = Convert : r965_5
|
||||
# 966| r966_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 966| r966_2(glval<int>) = VariableAddress[n] :
|
||||
# 966| r966_3(int) = Load : &:r966_2, ~mu959_4
|
||||
# 966| r966_4(unsigned long) = Convert : r966_3
|
||||
# 966| r966_5(unsigned long) = Constant[1] :
|
||||
# 966| r966_6(unsigned long) = Mul : r966_4, r966_5
|
||||
# 966| r966_7(void *) = Call : func:r966_1, 0:r966_6
|
||||
# 966| mu966_8(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 966| mu966_9(unknown) = ^InitializeDynamicAllocation : &:r966_7
|
||||
# 966| r966_10(DefaultCtorWithDefaultParam *) = Convert : r966_7
|
||||
# 967| r967_1(glval<unknown>) = FunctionAddress[operator new[]] :
|
||||
# 967| r967_2(glval<int>) = VariableAddress[n] :
|
||||
# 967| r967_3(int) = Load : &:r967_2, ~mu959_4
|
||||
# 967| r967_4(unsigned long) = Convert : r967_3
|
||||
# 967| r967_5(unsigned long) = Constant[4] :
|
||||
# 967| r967_6(unsigned long) = Mul : r967_4, r967_5
|
||||
# 967| r967_7(void *) = Call : func:r967_1, 0:r967_6
|
||||
# 967| mu967_8(unknown) = ^CallSideEffect : ~mu959_4
|
||||
# 967| mu967_9(unknown) = ^InitializeDynamicAllocation : &:r967_7
|
||||
# 967| r967_10(int *) = Convert : r967_7
|
||||
# 968| v968_1(void) = NoOp :
|
||||
# 959| v959_7(void) = ReturnVoid :
|
||||
# 959| v959_8(void) = UnmodeledUse : mu*
|
||||
# 959| v959_9(void) = AliasedUse : ~mu959_4
|
||||
# 959| v959_10(void) = ExitFunction :
|
||||
|
||||
# 970| int designatedInit()
|
||||
# 970| Block 0
|
||||
@@ -6498,12 +6513,13 @@ perf-regression.cpp:
|
||||
# 10| r10_3(unsigned long) = Constant[1073741824] :
|
||||
# 10| r10_4(void *) = Call : func:r10_2, 0:r10_3
|
||||
# 10| mu10_5(unknown) = ^CallSideEffect : ~mu9_4
|
||||
# 10| r10_6(Big *) = Convert : r10_4
|
||||
# 10| r10_7(glval<unknown>) = FunctionAddress[Big] :
|
||||
# 10| v10_8(void) = Call : func:r10_7, this:r10_6
|
||||
# 10| mu10_9(unknown) = ^CallSideEffect : ~mu9_4
|
||||
# 10| mu10_10(Big) = ^IndirectMayWriteSideEffect[-1] : &:r10_6
|
||||
# 10| mu10_11(Big *) = Store : &:r10_1, r10_6
|
||||
# 10| mu10_6(unknown) = ^InitializeDynamicAllocation : &:r10_4
|
||||
# 10| r10_7(Big *) = Convert : r10_4
|
||||
# 10| r10_8(glval<unknown>) = FunctionAddress[Big] :
|
||||
# 10| v10_9(void) = Call : func:r10_8, this:r10_7
|
||||
# 10| mu10_10(unknown) = ^CallSideEffect : ~mu9_4
|
||||
# 10| mu10_11(Big) = ^IndirectMayWriteSideEffect[-1] : &:r10_7
|
||||
# 10| mu10_12(Big *) = Store : &:r10_1, r10_7
|
||||
# 12| r12_1(glval<int>) = VariableAddress[#return] :
|
||||
# 12| r12_2(int) = Constant[0] :
|
||||
# 12| mu12_3(int) = Store : &:r12_1, r12_2
|
||||
|
||||
@@ -1162,17 +1162,19 @@ ssa.cpp:
|
||||
# 248| r248_8(void *) = Call : func:r248_2, 0:r248_7
|
||||
# 248| m248_9(unknown) = ^CallSideEffect : ~m247_10
|
||||
# 248| m248_10(unknown) = Chi : total:m247_10, partial:m248_9
|
||||
# 248| r248_11(char *) = Convert : r248_8
|
||||
# 248| m248_12(char *) = Store : &:r248_1, r248_11
|
||||
# 248| m248_11(unknown) = ^InitializeDynamicAllocation : &:r248_8
|
||||
# 248| m248_12(unknown) = Chi : total:m248_10, partial:m248_11
|
||||
# 248| r248_13(char *) = Convert : r248_8
|
||||
# 248| m248_14(char *) = Store : &:r248_1, r248_13
|
||||
# 249| r249_1(char) = Constant[97] :
|
||||
# 249| r249_2(glval<char *>) = VariableAddress[src] :
|
||||
# 249| r249_3(char *) = Load : &:r249_2, m247_7
|
||||
# 249| r249_4(glval<char>) = CopyValue : r249_3
|
||||
# 249| m249_5(char) = Store : &:r249_4, r249_1
|
||||
# 249| m249_6(unknown) = Chi : total:m248_10, partial:m249_5
|
||||
# 249| m249_6(unknown) = Chi : total:m248_12, partial:m249_5
|
||||
# 250| r250_1(glval<unknown>) = FunctionAddress[memcpy] :
|
||||
# 250| r250_2(glval<char *>) = VariableAddress[dst] :
|
||||
# 250| r250_3(char *) = Load : &:r250_2, m248_12
|
||||
# 250| r250_3(char *) = Load : &:r250_2, m248_14
|
||||
# 250| r250_4(void *) = Convert : r250_3
|
||||
# 250| r250_5(glval<char *>) = VariableAddress[src] :
|
||||
# 250| r250_6(char *) = Load : &:r250_5, m247_7
|
||||
@@ -1185,7 +1187,7 @@ ssa.cpp:
|
||||
# 250| m250_13(unknown) = Chi : total:m249_6, partial:m250_12
|
||||
# 251| r251_1(glval<char *>) = VariableAddress[#return] :
|
||||
# 251| r251_2(glval<char *>) = VariableAddress[dst] :
|
||||
# 251| r251_3(char *) = Load : &:r251_2, m248_12
|
||||
# 251| r251_3(char *) = Load : &:r251_2, m248_14
|
||||
# 251| m251_4(char *) = Store : &:r251_1, r251_3
|
||||
# 247| v247_13(void) = ReturnIndirection : &:r247_8, ~m250_13
|
||||
# 247| r247_14(glval<char *>) = VariableAddress[#return] :
|
||||
@@ -1345,3 +1347,139 @@ ssa.cpp:
|
||||
# 275| v275_13(void) = UnmodeledUse : mu*
|
||||
# 275| v275_14(void) = AliasedUse : ~m281_2
|
||||
# 275| v275_15(void) = ExitFunction :
|
||||
|
||||
# 286| void A::A(int)
|
||||
# 286| Block 0
|
||||
# 286| v286_1(void) = EnterFunction :
|
||||
# 286| m286_2(unknown) = AliasedDefinition :
|
||||
# 286| m286_3(unknown) = InitializeNonLocal :
|
||||
# 286| m286_4(unknown) = Chi : total:m286_2, partial:m286_3
|
||||
# 286| mu286_5(unknown) = UnmodeledDefinition :
|
||||
# 286| r286_6(glval<A>) = InitializeThis :
|
||||
# 286| r286_7(glval<int>) = VariableAddress[x] :
|
||||
# 286| m286_8(int) = InitializeParameter[x] : &:r286_7
|
||||
# 286| v286_9(void) = NoOp :
|
||||
# 286| v286_10(void) = ReturnVoid :
|
||||
# 286| v286_11(void) = UnmodeledUse : mu*
|
||||
# 286| v286_12(void) = AliasedUse : m286_3
|
||||
# 286| v286_13(void) = ExitFunction :
|
||||
|
||||
# 287| void A::A(A*)
|
||||
# 287| Block 0
|
||||
# 287| v287_1(void) = EnterFunction :
|
||||
# 287| m287_2(unknown) = AliasedDefinition :
|
||||
# 287| m287_3(unknown) = InitializeNonLocal :
|
||||
# 287| m287_4(unknown) = Chi : total:m287_2, partial:m287_3
|
||||
# 287| mu287_5(unknown) = UnmodeledDefinition :
|
||||
# 287| r287_6(glval<A>) = InitializeThis :
|
||||
# 287| r287_7(glval<A *>) = VariableAddress[p#0] :
|
||||
# 287| m287_8(A *) = InitializeParameter[p#0] : &:r287_7
|
||||
# 287| r287_9(A *) = Load : &:r287_7, m287_8
|
||||
# 287| m287_10(unknown) = InitializeIndirection[p#0] : &:r287_9
|
||||
# 287| v287_11(void) = NoOp :
|
||||
# 287| v287_12(void) = ReturnIndirection : &:r287_9, m287_10
|
||||
# 287| v287_13(void) = ReturnVoid :
|
||||
# 287| v287_14(void) = UnmodeledUse : mu*
|
||||
# 287| v287_15(void) = AliasedUse : m287_3
|
||||
# 287| v287_16(void) = ExitFunction :
|
||||
|
||||
# 288| void A::A()
|
||||
# 288| Block 0
|
||||
# 288| v288_1(void) = EnterFunction :
|
||||
# 288| m288_2(unknown) = AliasedDefinition :
|
||||
# 288| m288_3(unknown) = InitializeNonLocal :
|
||||
# 288| m288_4(unknown) = Chi : total:m288_2, partial:m288_3
|
||||
# 288| mu288_5(unknown) = UnmodeledDefinition :
|
||||
# 288| r288_6(glval<A>) = InitializeThis :
|
||||
# 288| v288_7(void) = NoOp :
|
||||
# 288| v288_8(void) = ReturnVoid :
|
||||
# 288| v288_9(void) = UnmodeledUse : mu*
|
||||
# 288| v288_10(void) = AliasedUse : m288_3
|
||||
# 288| v288_11(void) = ExitFunction :
|
||||
|
||||
# 291| Point* NewAliasing(int)
|
||||
# 291| Block 0
|
||||
# 291| v291_1(void) = EnterFunction :
|
||||
# 291| m291_2(unknown) = AliasedDefinition :
|
||||
# 291| m291_3(unknown) = InitializeNonLocal :
|
||||
# 291| m291_4(unknown) = Chi : total:m291_2, partial:m291_3
|
||||
# 291| mu291_5(unknown) = UnmodeledDefinition :
|
||||
# 291| r291_6(glval<int>) = VariableAddress[x] :
|
||||
# 291| m291_7(int) = InitializeParameter[x] : &:r291_6
|
||||
# 292| r292_1(glval<Point *>) = VariableAddress[p] :
|
||||
# 292| r292_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 292| r292_3(unsigned long) = Constant[8] :
|
||||
# 292| r292_4(void *) = Call : func:r292_2, 0:r292_3
|
||||
# 292| m292_5(unknown) = ^CallSideEffect : ~m291_4
|
||||
# 292| m292_6(unknown) = Chi : total:m291_4, partial:m292_5
|
||||
# 292| m292_7(unknown) = ^InitializeDynamicAllocation : &:r292_4
|
||||
# 292| r292_8(Point *) = Convert : r292_4
|
||||
# 292| m292_9(Point *) = Store : &:r292_1, r292_8
|
||||
# 293| r293_1(glval<Point *>) = VariableAddress[q] :
|
||||
# 293| r293_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 293| r293_3(unsigned long) = Constant[8] :
|
||||
# 293| r293_4(void *) = Call : func:r293_2, 0:r293_3
|
||||
# 293| m293_5(unknown) = ^CallSideEffect : ~m292_6
|
||||
# 293| m293_6(unknown) = Chi : total:m292_6, partial:m293_5
|
||||
# 293| m293_7(unknown) = ^InitializeDynamicAllocation : &:r293_4
|
||||
# 293| r293_8(Point *) = Convert : r293_4
|
||||
# 293| m293_9(Point *) = Store : &:r293_1, r293_8
|
||||
# 294| r294_1(glval<int>) = VariableAddress[j] :
|
||||
# 294| r294_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 294| r294_3(unsigned long) = Constant[4] :
|
||||
# 294| r294_4(void *) = Call : func:r294_2, 0:r294_3
|
||||
# 294| m294_5(unknown) = ^CallSideEffect : ~m293_6
|
||||
# 294| m294_6(unknown) = Chi : total:m293_6, partial:m294_5
|
||||
# 294| m294_7(unknown) = ^InitializeDynamicAllocation : &:r294_4
|
||||
# 294| r294_8(A *) = Convert : r294_4
|
||||
# 294| r294_9(glval<unknown>) = FunctionAddress[A] :
|
||||
# 294| r294_10(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 294| r294_11(unsigned long) = Constant[4] :
|
||||
# 294| r294_12(void *) = Call : func:r294_10, 0:r294_11
|
||||
# 294| m294_13(unknown) = ^CallSideEffect : ~m294_6
|
||||
# 294| m294_14(unknown) = Chi : total:m294_6, partial:m294_13
|
||||
# 294| m294_15(unknown) = ^InitializeDynamicAllocation : &:r294_12
|
||||
# 294| r294_16(A *) = Convert : r294_12
|
||||
# 294| r294_17(glval<unknown>) = FunctionAddress[A] :
|
||||
# 294| r294_18(glval<int>) = VariableAddress[x] :
|
||||
# 294| r294_19(int) = Load : &:r294_18, m291_7
|
||||
# 294| v294_20(void) = Call : func:r294_17, this:r294_16, 0:r294_19
|
||||
# 294| m294_21(unknown) = ^CallSideEffect : ~m294_14
|
||||
# 294| m294_22(unknown) = Chi : total:m294_14, partial:m294_21
|
||||
# 294| m294_23(A) = ^IndirectMayWriteSideEffect[-1] : &:r294_16
|
||||
# 294| m294_24(unknown) = Chi : total:m294_15, partial:m294_23
|
||||
# 294| v294_25(void) = Call : func:r294_9, this:r294_8, 0:r294_16
|
||||
# 294| m294_26(unknown) = ^CallSideEffect : ~m294_22
|
||||
# 294| m294_27(unknown) = Chi : total:m294_22, partial:m294_26
|
||||
# 294| m294_28(A) = ^IndirectMayWriteSideEffect[-1] : &:r294_8
|
||||
# 294| m294_29(unknown) = Chi : total:m294_7, partial:m294_28
|
||||
# 294| v294_30(void) = ^BufferReadSideEffect[0] : &:r294_16, ~m294_24
|
||||
# 294| m294_31(unknown) = ^BufferMayWriteSideEffect[0] : &:r294_16
|
||||
# 294| m294_32(unknown) = Chi : total:m294_24, partial:m294_31
|
||||
# 294| r294_33(glval<int>) = FieldAddress[i] : r294_8
|
||||
# 294| r294_34(int) = Load : &:r294_33, ~m294_29
|
||||
# 294| m294_35(int) = Store : &:r294_1, r294_34
|
||||
# 295| r295_1(glval<A *>) = VariableAddress[a] :
|
||||
# 295| r295_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 295| r295_3(unsigned long) = Constant[4] :
|
||||
# 295| r295_4(void *) = Call : func:r295_2, 0:r295_3
|
||||
# 295| m295_5(unknown) = ^CallSideEffect : ~m294_27
|
||||
# 295| m295_6(unknown) = Chi : total:m294_27, partial:m295_5
|
||||
# 295| m295_7(unknown) = ^InitializeDynamicAllocation : &:r295_4
|
||||
# 295| r295_8(A *) = Convert : r295_4
|
||||
# 295| r295_9(glval<unknown>) = FunctionAddress[A] :
|
||||
# 295| v295_10(void) = Call : func:r295_9, this:r295_8
|
||||
# 295| m295_11(unknown) = ^CallSideEffect : ~m295_6
|
||||
# 295| m295_12(unknown) = Chi : total:m295_6, partial:m295_11
|
||||
# 295| m295_13(A) = ^IndirectMayWriteSideEffect[-1] : &:r295_8
|
||||
# 295| m295_14(unknown) = Chi : total:m295_7, partial:m295_13
|
||||
# 295| m295_15(A *) = Store : &:r295_1, r295_8
|
||||
# 296| r296_1(glval<Point *>) = VariableAddress[#return] :
|
||||
# 296| r296_2(glval<Point *>) = VariableAddress[p] :
|
||||
# 296| r296_3(Point *) = Load : &:r296_2, m292_9
|
||||
# 296| m296_4(Point *) = Store : &:r296_1, r296_3
|
||||
# 291| r291_8(glval<Point *>) = VariableAddress[#return] :
|
||||
# 291| v291_9(void) = ReturnValue : &:r291_8, m296_4
|
||||
# 291| v291_10(void) = UnmodeledUse : mu*
|
||||
# 291| v291_11(void) = AliasedUse : ~m295_12
|
||||
# 291| v291_12(void) = ExitFunction :
|
||||
|
||||
@@ -1154,8 +1154,9 @@ ssa.cpp:
|
||||
# 248| r248_8(void *) = Call : func:r248_2, 0:r248_7
|
||||
# 248| m248_9(unknown) = ^CallSideEffect : ~m247_4
|
||||
# 248| m248_10(unknown) = Chi : total:m247_4, partial:m248_9
|
||||
# 248| r248_11(char *) = Convert : r248_8
|
||||
# 248| m248_12(char *) = Store : &:r248_1, r248_11
|
||||
# 248| m248_11(unknown) = ^InitializeDynamicAllocation : &:r248_8
|
||||
# 248| r248_12(char *) = Convert : r248_8
|
||||
# 248| m248_13(char *) = Store : &:r248_1, r248_12
|
||||
# 249| r249_1(char) = Constant[97] :
|
||||
# 249| r249_2(glval<char *>) = VariableAddress[src] :
|
||||
# 249| r249_3(char *) = Load : &:r249_2, m247_7
|
||||
@@ -1164,7 +1165,7 @@ ssa.cpp:
|
||||
# 249| m249_6(unknown) = Chi : total:m247_9, partial:m249_5
|
||||
# 250| r250_1(glval<unknown>) = FunctionAddress[memcpy] :
|
||||
# 250| r250_2(glval<char *>) = VariableAddress[dst] :
|
||||
# 250| r250_3(char *) = Load : &:r250_2, m248_12
|
||||
# 250| r250_3(char *) = Load : &:r250_2, m248_13
|
||||
# 250| r250_4(void *) = Convert : r250_3
|
||||
# 250| r250_5(glval<char *>) = VariableAddress[src] :
|
||||
# 250| r250_6(char *) = Load : &:r250_5, m247_7
|
||||
@@ -1174,16 +1175,16 @@ ssa.cpp:
|
||||
# 250| r250_10(void *) = Call : func:r250_1, 0:r250_4, 1:r250_7, 2:r250_9
|
||||
# 250| v250_11(void) = ^SizedBufferReadSideEffect[1] : &:r250_7, r250_9, ~m249_6
|
||||
# 250| m250_12(unknown) = ^SizedBufferMustWriteSideEffect[0] : &:r250_4, r250_9
|
||||
# 250| m250_13(unknown) = Chi : total:m248_10, partial:m250_12
|
||||
# 250| m250_13(unknown) = Chi : total:m248_11, partial:m250_12
|
||||
# 251| r251_1(glval<char *>) = VariableAddress[#return] :
|
||||
# 251| r251_2(glval<char *>) = VariableAddress[dst] :
|
||||
# 251| r251_3(char *) = Load : &:r251_2, m248_12
|
||||
# 251| r251_3(char *) = Load : &:r251_2, m248_13
|
||||
# 251| m251_4(char *) = Store : &:r251_1, r251_3
|
||||
# 247| v247_12(void) = ReturnIndirection : &:r247_8, m249_6
|
||||
# 247| r247_13(glval<char *>) = VariableAddress[#return] :
|
||||
# 247| v247_14(void) = ReturnValue : &:r247_13, m251_4
|
||||
# 247| v247_15(void) = UnmodeledUse : mu*
|
||||
# 247| v247_16(void) = AliasedUse : ~m250_13
|
||||
# 247| v247_16(void) = AliasedUse : ~m248_10
|
||||
# 247| v247_17(void) = ExitFunction :
|
||||
|
||||
# 254| char StringLiteralAliasing2(bool)
|
||||
@@ -1334,3 +1335,139 @@ ssa.cpp:
|
||||
# 275| v275_13(void) = UnmodeledUse : mu*
|
||||
# 275| v275_14(void) = AliasedUse : ~m277_5
|
||||
# 275| v275_15(void) = ExitFunction :
|
||||
|
||||
# 286| void A::A(int)
|
||||
# 286| Block 0
|
||||
# 286| v286_1(void) = EnterFunction :
|
||||
# 286| m286_2(unknown) = AliasedDefinition :
|
||||
# 286| m286_3(unknown) = InitializeNonLocal :
|
||||
# 286| m286_4(unknown) = Chi : total:m286_2, partial:m286_3
|
||||
# 286| mu286_5(unknown) = UnmodeledDefinition :
|
||||
# 286| r286_6(glval<A>) = InitializeThis :
|
||||
# 286| r286_7(glval<int>) = VariableAddress[x] :
|
||||
# 286| m286_8(int) = InitializeParameter[x] : &:r286_7
|
||||
# 286| v286_9(void) = NoOp :
|
||||
# 286| v286_10(void) = ReturnVoid :
|
||||
# 286| v286_11(void) = UnmodeledUse : mu*
|
||||
# 286| v286_12(void) = AliasedUse : m286_3
|
||||
# 286| v286_13(void) = ExitFunction :
|
||||
|
||||
# 287| void A::A(A*)
|
||||
# 287| Block 0
|
||||
# 287| v287_1(void) = EnterFunction :
|
||||
# 287| m287_2(unknown) = AliasedDefinition :
|
||||
# 287| m287_3(unknown) = InitializeNonLocal :
|
||||
# 287| m287_4(unknown) = Chi : total:m287_2, partial:m287_3
|
||||
# 287| mu287_5(unknown) = UnmodeledDefinition :
|
||||
# 287| r287_6(glval<A>) = InitializeThis :
|
||||
# 287| r287_7(glval<A *>) = VariableAddress[p#0] :
|
||||
# 287| m287_8(A *) = InitializeParameter[p#0] : &:r287_7
|
||||
# 287| r287_9(A *) = Load : &:r287_7, m287_8
|
||||
# 287| m287_10(unknown) = InitializeIndirection[p#0] : &:r287_9
|
||||
# 287| v287_11(void) = NoOp :
|
||||
# 287| v287_12(void) = ReturnIndirection : &:r287_9, m287_10
|
||||
# 287| v287_13(void) = ReturnVoid :
|
||||
# 287| v287_14(void) = UnmodeledUse : mu*
|
||||
# 287| v287_15(void) = AliasedUse : m287_3
|
||||
# 287| v287_16(void) = ExitFunction :
|
||||
|
||||
# 288| void A::A()
|
||||
# 288| Block 0
|
||||
# 288| v288_1(void) = EnterFunction :
|
||||
# 288| m288_2(unknown) = AliasedDefinition :
|
||||
# 288| m288_3(unknown) = InitializeNonLocal :
|
||||
# 288| m288_4(unknown) = Chi : total:m288_2, partial:m288_3
|
||||
# 288| mu288_5(unknown) = UnmodeledDefinition :
|
||||
# 288| r288_6(glval<A>) = InitializeThis :
|
||||
# 288| v288_7(void) = NoOp :
|
||||
# 288| v288_8(void) = ReturnVoid :
|
||||
# 288| v288_9(void) = UnmodeledUse : mu*
|
||||
# 288| v288_10(void) = AliasedUse : m288_3
|
||||
# 288| v288_11(void) = ExitFunction :
|
||||
|
||||
# 291| Point* NewAliasing(int)
|
||||
# 291| Block 0
|
||||
# 291| v291_1(void) = EnterFunction :
|
||||
# 291| m291_2(unknown) = AliasedDefinition :
|
||||
# 291| m291_3(unknown) = InitializeNonLocal :
|
||||
# 291| m291_4(unknown) = Chi : total:m291_2, partial:m291_3
|
||||
# 291| mu291_5(unknown) = UnmodeledDefinition :
|
||||
# 291| r291_6(glval<int>) = VariableAddress[x] :
|
||||
# 291| m291_7(int) = InitializeParameter[x] : &:r291_6
|
||||
# 292| r292_1(glval<Point *>) = VariableAddress[p] :
|
||||
# 292| r292_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 292| r292_3(unsigned long) = Constant[8] :
|
||||
# 292| r292_4(void *) = Call : func:r292_2, 0:r292_3
|
||||
# 292| m292_5(unknown) = ^CallSideEffect : ~m291_4
|
||||
# 292| m292_6(unknown) = Chi : total:m291_4, partial:m292_5
|
||||
# 292| m292_7(unknown) = ^InitializeDynamicAllocation : &:r292_4
|
||||
# 292| r292_8(Point *) = Convert : r292_4
|
||||
# 292| m292_9(Point *) = Store : &:r292_1, r292_8
|
||||
# 293| r293_1(glval<Point *>) = VariableAddress[q] :
|
||||
# 293| r293_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 293| r293_3(unsigned long) = Constant[8] :
|
||||
# 293| r293_4(void *) = Call : func:r293_2, 0:r293_3
|
||||
# 293| m293_5(unknown) = ^CallSideEffect : ~m292_6
|
||||
# 293| m293_6(unknown) = Chi : total:m292_6, partial:m293_5
|
||||
# 293| m293_7(unknown) = ^InitializeDynamicAllocation : &:r293_4
|
||||
# 293| r293_8(Point *) = Convert : r293_4
|
||||
# 293| m293_9(Point *) = Store : &:r293_1, r293_8
|
||||
# 294| r294_1(glval<int>) = VariableAddress[j] :
|
||||
# 294| r294_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 294| r294_3(unsigned long) = Constant[4] :
|
||||
# 294| r294_4(void *) = Call : func:r294_2, 0:r294_3
|
||||
# 294| m294_5(unknown) = ^CallSideEffect : ~m293_6
|
||||
# 294| m294_6(unknown) = Chi : total:m293_6, partial:m294_5
|
||||
# 294| m294_7(unknown) = ^InitializeDynamicAllocation : &:r294_4
|
||||
# 294| r294_8(A *) = Convert : r294_4
|
||||
# 294| r294_9(glval<unknown>) = FunctionAddress[A] :
|
||||
# 294| r294_10(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 294| r294_11(unsigned long) = Constant[4] :
|
||||
# 294| r294_12(void *) = Call : func:r294_10, 0:r294_11
|
||||
# 294| m294_13(unknown) = ^CallSideEffect : ~m294_6
|
||||
# 294| m294_14(unknown) = Chi : total:m294_6, partial:m294_13
|
||||
# 294| m294_15(unknown) = ^InitializeDynamicAllocation : &:r294_12
|
||||
# 294| r294_16(A *) = Convert : r294_12
|
||||
# 294| r294_17(glval<unknown>) = FunctionAddress[A] :
|
||||
# 294| r294_18(glval<int>) = VariableAddress[x] :
|
||||
# 294| r294_19(int) = Load : &:r294_18, m291_7
|
||||
# 294| v294_20(void) = Call : func:r294_17, this:r294_16, 0:r294_19
|
||||
# 294| m294_21(unknown) = ^CallSideEffect : ~m294_14
|
||||
# 294| m294_22(unknown) = Chi : total:m294_14, partial:m294_21
|
||||
# 294| m294_23(A) = ^IndirectMayWriteSideEffect[-1] : &:r294_16
|
||||
# 294| m294_24(unknown) = Chi : total:m294_15, partial:m294_23
|
||||
# 294| v294_25(void) = Call : func:r294_9, this:r294_8, 0:r294_16
|
||||
# 294| m294_26(unknown) = ^CallSideEffect : ~m294_22
|
||||
# 294| m294_27(unknown) = Chi : total:m294_22, partial:m294_26
|
||||
# 294| m294_28(A) = ^IndirectMayWriteSideEffect[-1] : &:r294_8
|
||||
# 294| m294_29(unknown) = Chi : total:m294_7, partial:m294_28
|
||||
# 294| v294_30(void) = ^BufferReadSideEffect[0] : &:r294_16, ~m294_24
|
||||
# 294| m294_31(unknown) = ^BufferMayWriteSideEffect[0] : &:r294_16
|
||||
# 294| m294_32(unknown) = Chi : total:m294_24, partial:m294_31
|
||||
# 294| r294_33(glval<int>) = FieldAddress[i] : r294_8
|
||||
# 294| r294_34(int) = Load : &:r294_33, ~m294_29
|
||||
# 294| m294_35(int) = Store : &:r294_1, r294_34
|
||||
# 295| r295_1(glval<A *>) = VariableAddress[a] :
|
||||
# 295| r295_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 295| r295_3(unsigned long) = Constant[4] :
|
||||
# 295| r295_4(void *) = Call : func:r295_2, 0:r295_3
|
||||
# 295| m295_5(unknown) = ^CallSideEffect : ~m294_27
|
||||
# 295| m295_6(unknown) = Chi : total:m294_27, partial:m295_5
|
||||
# 295| m295_7(unknown) = ^InitializeDynamicAllocation : &:r295_4
|
||||
# 295| r295_8(A *) = Convert : r295_4
|
||||
# 295| r295_9(glval<unknown>) = FunctionAddress[A] :
|
||||
# 295| v295_10(void) = Call : func:r295_9, this:r295_8
|
||||
# 295| m295_11(unknown) = ^CallSideEffect : ~m295_6
|
||||
# 295| m295_12(unknown) = Chi : total:m295_6, partial:m295_11
|
||||
# 295| m295_13(A) = ^IndirectMayWriteSideEffect[-1] : &:r295_8
|
||||
# 295| m295_14(unknown) = Chi : total:m295_7, partial:m295_13
|
||||
# 295| m295_15(A *) = Store : &:r295_1, r295_8
|
||||
# 296| r296_1(glval<Point *>) = VariableAddress[#return] :
|
||||
# 296| r296_2(glval<Point *>) = VariableAddress[p] :
|
||||
# 296| r296_3(Point *) = Load : &:r296_2, m292_9
|
||||
# 296| m296_4(Point *) = Store : &:r296_1, r296_3
|
||||
# 291| r291_8(glval<Point *>) = VariableAddress[#return] :
|
||||
# 291| v291_9(void) = ReturnValue : &:r291_8, m296_4
|
||||
# 291| v291_10(void) = UnmodeledUse : mu*
|
||||
# 291| v291_11(void) = AliasedUse : ~m295_12
|
||||
# 291| v291_12(void) = ExitFunction :
|
||||
|
||||
@@ -280,3 +280,18 @@ void EscapedButNotConflated(bool c, Point p, int x1) {
|
||||
}
|
||||
int x = a.x; // The phi node here is not conflated
|
||||
}
|
||||
|
||||
struct A {
|
||||
int i;
|
||||
A(int x) {}
|
||||
A(A*) {}
|
||||
A() {}
|
||||
};
|
||||
|
||||
Point *NewAliasing(int x) {
|
||||
Point* p = new Point;
|
||||
Point* q = new Point;
|
||||
int j = new A(new A(x))->i;
|
||||
A* a = new A;
|
||||
return p;
|
||||
}
|
||||
@@ -1074,8 +1074,9 @@ ssa.cpp:
|
||||
# 248| r248_7(unsigned long) = Mul : r248_5, r248_6
|
||||
# 248| r248_8(void *) = Call : func:r248_2, 0:r248_7
|
||||
# 248| mu248_9(unknown) = ^CallSideEffect : ~mu247_4
|
||||
# 248| r248_10(char *) = Convert : r248_8
|
||||
# 248| m248_11(char *) = Store : &:r248_1, r248_10
|
||||
# 248| mu248_10(unknown) = ^InitializeDynamicAllocation : &:r248_8
|
||||
# 248| r248_11(char *) = Convert : r248_8
|
||||
# 248| m248_12(char *) = Store : &:r248_1, r248_11
|
||||
# 249| r249_1(char) = Constant[97] :
|
||||
# 249| r249_2(glval<char *>) = VariableAddress[src] :
|
||||
# 249| r249_3(char *) = Load : &:r249_2, m247_6
|
||||
@@ -1083,7 +1084,7 @@ ssa.cpp:
|
||||
# 249| mu249_5(char) = Store : &:r249_4, r249_1
|
||||
# 250| r250_1(glval<unknown>) = FunctionAddress[memcpy] :
|
||||
# 250| r250_2(glval<char *>) = VariableAddress[dst] :
|
||||
# 250| r250_3(char *) = Load : &:r250_2, m248_11
|
||||
# 250| r250_3(char *) = Load : &:r250_2, m248_12
|
||||
# 250| r250_4(void *) = Convert : r250_3
|
||||
# 250| r250_5(glval<char *>) = VariableAddress[src] :
|
||||
# 250| r250_6(char *) = Load : &:r250_5, m247_6
|
||||
@@ -1095,7 +1096,7 @@ ssa.cpp:
|
||||
# 250| mu250_12(unknown) = ^SizedBufferMustWriteSideEffect[0] : &:r250_4, r250_9
|
||||
# 251| r251_1(glval<char *>) = VariableAddress[#return] :
|
||||
# 251| r251_2(glval<char *>) = VariableAddress[dst] :
|
||||
# 251| r251_3(char *) = Load : &:r251_2, m248_11
|
||||
# 251| r251_3(char *) = Load : &:r251_2, m248_12
|
||||
# 251| m251_4(char *) = Store : &:r251_1, r251_3
|
||||
# 247| v247_11(void) = ReturnIndirection : &:r247_7, ~mu247_4
|
||||
# 247| r247_12(glval<char *>) = VariableAddress[#return] :
|
||||
@@ -1238,3 +1239,123 @@ ssa.cpp:
|
||||
# 275| v275_12(void) = UnmodeledUse : mu*
|
||||
# 275| v275_13(void) = AliasedUse : ~mu275_4
|
||||
# 275| v275_14(void) = ExitFunction :
|
||||
|
||||
# 286| void A::A(int)
|
||||
# 286| Block 0
|
||||
# 286| v286_1(void) = EnterFunction :
|
||||
# 286| mu286_2(unknown) = AliasedDefinition :
|
||||
# 286| mu286_3(unknown) = InitializeNonLocal :
|
||||
# 286| mu286_4(unknown) = UnmodeledDefinition :
|
||||
# 286| r286_5(glval<A>) = InitializeThis :
|
||||
# 286| r286_6(glval<int>) = VariableAddress[x] :
|
||||
# 286| m286_7(int) = InitializeParameter[x] : &:r286_6
|
||||
# 286| v286_8(void) = NoOp :
|
||||
# 286| v286_9(void) = ReturnVoid :
|
||||
# 286| v286_10(void) = UnmodeledUse : mu*
|
||||
# 286| v286_11(void) = AliasedUse : ~mu286_4
|
||||
# 286| v286_12(void) = ExitFunction :
|
||||
|
||||
# 287| void A::A(A*)
|
||||
# 287| Block 0
|
||||
# 287| v287_1(void) = EnterFunction :
|
||||
# 287| mu287_2(unknown) = AliasedDefinition :
|
||||
# 287| mu287_3(unknown) = InitializeNonLocal :
|
||||
# 287| mu287_4(unknown) = UnmodeledDefinition :
|
||||
# 287| r287_5(glval<A>) = InitializeThis :
|
||||
# 287| r287_6(glval<A *>) = VariableAddress[p#0] :
|
||||
# 287| m287_7(A *) = InitializeParameter[p#0] : &:r287_6
|
||||
# 287| r287_8(A *) = Load : &:r287_6, m287_7
|
||||
# 287| mu287_9(unknown) = InitializeIndirection[p#0] : &:r287_8
|
||||
# 287| v287_10(void) = NoOp :
|
||||
# 287| v287_11(void) = ReturnIndirection : &:r287_8, ~mu287_4
|
||||
# 287| v287_12(void) = ReturnVoid :
|
||||
# 287| v287_13(void) = UnmodeledUse : mu*
|
||||
# 287| v287_14(void) = AliasedUse : ~mu287_4
|
||||
# 287| v287_15(void) = ExitFunction :
|
||||
|
||||
# 288| void A::A()
|
||||
# 288| Block 0
|
||||
# 288| v288_1(void) = EnterFunction :
|
||||
# 288| mu288_2(unknown) = AliasedDefinition :
|
||||
# 288| mu288_3(unknown) = InitializeNonLocal :
|
||||
# 288| mu288_4(unknown) = UnmodeledDefinition :
|
||||
# 288| r288_5(glval<A>) = InitializeThis :
|
||||
# 288| v288_6(void) = NoOp :
|
||||
# 288| v288_7(void) = ReturnVoid :
|
||||
# 288| v288_8(void) = UnmodeledUse : mu*
|
||||
# 288| v288_9(void) = AliasedUse : ~mu288_4
|
||||
# 288| v288_10(void) = ExitFunction :
|
||||
|
||||
# 291| Point* NewAliasing(int)
|
||||
# 291| Block 0
|
||||
# 291| v291_1(void) = EnterFunction :
|
||||
# 291| mu291_2(unknown) = AliasedDefinition :
|
||||
# 291| mu291_3(unknown) = InitializeNonLocal :
|
||||
# 291| mu291_4(unknown) = UnmodeledDefinition :
|
||||
# 291| r291_5(glval<int>) = VariableAddress[x] :
|
||||
# 291| m291_6(int) = InitializeParameter[x] : &:r291_5
|
||||
# 292| r292_1(glval<Point *>) = VariableAddress[p] :
|
||||
# 292| r292_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 292| r292_3(unsigned long) = Constant[8] :
|
||||
# 292| r292_4(void *) = Call : func:r292_2, 0:r292_3
|
||||
# 292| mu292_5(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 292| mu292_6(unknown) = ^InitializeDynamicAllocation : &:r292_4
|
||||
# 292| r292_7(Point *) = Convert : r292_4
|
||||
# 292| m292_8(Point *) = Store : &:r292_1, r292_7
|
||||
# 293| r293_1(glval<Point *>) = VariableAddress[q] :
|
||||
# 293| r293_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 293| r293_3(unsigned long) = Constant[8] :
|
||||
# 293| r293_4(void *) = Call : func:r293_2, 0:r293_3
|
||||
# 293| mu293_5(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 293| mu293_6(unknown) = ^InitializeDynamicAllocation : &:r293_4
|
||||
# 293| r293_7(Point *) = Convert : r293_4
|
||||
# 293| m293_8(Point *) = Store : &:r293_1, r293_7
|
||||
# 294| r294_1(glval<int>) = VariableAddress[j] :
|
||||
# 294| r294_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 294| r294_3(unsigned long) = Constant[4] :
|
||||
# 294| r294_4(void *) = Call : func:r294_2, 0:r294_3
|
||||
# 294| mu294_5(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 294| mu294_6(unknown) = ^InitializeDynamicAllocation : &:r294_4
|
||||
# 294| r294_7(A *) = Convert : r294_4
|
||||
# 294| r294_8(glval<unknown>) = FunctionAddress[A] :
|
||||
# 294| r294_9(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 294| r294_10(unsigned long) = Constant[4] :
|
||||
# 294| r294_11(void *) = Call : func:r294_9, 0:r294_10
|
||||
# 294| mu294_12(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 294| mu294_13(unknown) = ^InitializeDynamicAllocation : &:r294_11
|
||||
# 294| r294_14(A *) = Convert : r294_11
|
||||
# 294| r294_15(glval<unknown>) = FunctionAddress[A] :
|
||||
# 294| r294_16(glval<int>) = VariableAddress[x] :
|
||||
# 294| r294_17(int) = Load : &:r294_16, m291_6
|
||||
# 294| v294_18(void) = Call : func:r294_15, this:r294_14, 0:r294_17
|
||||
# 294| mu294_19(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 294| mu294_20(A) = ^IndirectMayWriteSideEffect[-1] : &:r294_14
|
||||
# 294| v294_21(void) = Call : func:r294_8, this:r294_7, 0:r294_14
|
||||
# 294| mu294_22(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 294| mu294_23(A) = ^IndirectMayWriteSideEffect[-1] : &:r294_7
|
||||
# 294| v294_24(void) = ^BufferReadSideEffect[0] : &:r294_14, ~mu291_4
|
||||
# 294| mu294_25(unknown) = ^BufferMayWriteSideEffect[0] : &:r294_14
|
||||
# 294| r294_26(glval<int>) = FieldAddress[i] : r294_7
|
||||
# 294| r294_27(int) = Load : &:r294_26, ~mu291_4
|
||||
# 294| m294_28(int) = Store : &:r294_1, r294_27
|
||||
# 295| r295_1(glval<A *>) = VariableAddress[a] :
|
||||
# 295| r295_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 295| r295_3(unsigned long) = Constant[4] :
|
||||
# 295| r295_4(void *) = Call : func:r295_2, 0:r295_3
|
||||
# 295| mu295_5(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 295| mu295_6(unknown) = ^InitializeDynamicAllocation : &:r295_4
|
||||
# 295| r295_7(A *) = Convert : r295_4
|
||||
# 295| r295_8(glval<unknown>) = FunctionAddress[A] :
|
||||
# 295| v295_9(void) = Call : func:r295_8, this:r295_7
|
||||
# 295| mu295_10(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 295| mu295_11(A) = ^IndirectMayWriteSideEffect[-1] : &:r295_7
|
||||
# 295| m295_12(A *) = Store : &:r295_1, r295_7
|
||||
# 296| r296_1(glval<Point *>) = VariableAddress[#return] :
|
||||
# 296| r296_2(glval<Point *>) = VariableAddress[p] :
|
||||
# 296| r296_3(Point *) = Load : &:r296_2, m292_8
|
||||
# 296| m296_4(Point *) = Store : &:r296_1, r296_3
|
||||
# 291| r291_7(glval<Point *>) = VariableAddress[#return] :
|
||||
# 291| v291_8(void) = ReturnValue : &:r291_7, m296_4
|
||||
# 291| v291_9(void) = UnmodeledUse : mu*
|
||||
# 291| v291_10(void) = AliasedUse : ~mu291_4
|
||||
# 291| v291_11(void) = ExitFunction :
|
||||
|
||||
@@ -1074,8 +1074,9 @@ ssa.cpp:
|
||||
# 248| r248_7(unsigned long) = Mul : r248_5, r248_6
|
||||
# 248| r248_8(void *) = Call : func:r248_2, 0:r248_7
|
||||
# 248| mu248_9(unknown) = ^CallSideEffect : ~mu247_4
|
||||
# 248| r248_10(char *) = Convert : r248_8
|
||||
# 248| m248_11(char *) = Store : &:r248_1, r248_10
|
||||
# 248| mu248_10(unknown) = ^InitializeDynamicAllocation : &:r248_8
|
||||
# 248| r248_11(char *) = Convert : r248_8
|
||||
# 248| m248_12(char *) = Store : &:r248_1, r248_11
|
||||
# 249| r249_1(char) = Constant[97] :
|
||||
# 249| r249_2(glval<char *>) = VariableAddress[src] :
|
||||
# 249| r249_3(char *) = Load : &:r249_2, m247_6
|
||||
@@ -1083,7 +1084,7 @@ ssa.cpp:
|
||||
# 249| mu249_5(char) = Store : &:r249_4, r249_1
|
||||
# 250| r250_1(glval<unknown>) = FunctionAddress[memcpy] :
|
||||
# 250| r250_2(glval<char *>) = VariableAddress[dst] :
|
||||
# 250| r250_3(char *) = Load : &:r250_2, m248_11
|
||||
# 250| r250_3(char *) = Load : &:r250_2, m248_12
|
||||
# 250| r250_4(void *) = Convert : r250_3
|
||||
# 250| r250_5(glval<char *>) = VariableAddress[src] :
|
||||
# 250| r250_6(char *) = Load : &:r250_5, m247_6
|
||||
@@ -1095,7 +1096,7 @@ ssa.cpp:
|
||||
# 250| mu250_12(unknown) = ^SizedBufferMustWriteSideEffect[0] : &:r250_4, r250_9
|
||||
# 251| r251_1(glval<char *>) = VariableAddress[#return] :
|
||||
# 251| r251_2(glval<char *>) = VariableAddress[dst] :
|
||||
# 251| r251_3(char *) = Load : &:r251_2, m248_11
|
||||
# 251| r251_3(char *) = Load : &:r251_2, m248_12
|
||||
# 251| m251_4(char *) = Store : &:r251_1, r251_3
|
||||
# 247| v247_11(void) = ReturnIndirection : &:r247_7, ~mu247_4
|
||||
# 247| r247_12(glval<char *>) = VariableAddress[#return] :
|
||||
@@ -1238,3 +1239,123 @@ ssa.cpp:
|
||||
# 275| v275_12(void) = UnmodeledUse : mu*
|
||||
# 275| v275_13(void) = AliasedUse : ~mu275_4
|
||||
# 275| v275_14(void) = ExitFunction :
|
||||
|
||||
# 286| void A::A(int)
|
||||
# 286| Block 0
|
||||
# 286| v286_1(void) = EnterFunction :
|
||||
# 286| mu286_2(unknown) = AliasedDefinition :
|
||||
# 286| mu286_3(unknown) = InitializeNonLocal :
|
||||
# 286| mu286_4(unknown) = UnmodeledDefinition :
|
||||
# 286| r286_5(glval<A>) = InitializeThis :
|
||||
# 286| r286_6(glval<int>) = VariableAddress[x] :
|
||||
# 286| m286_7(int) = InitializeParameter[x] : &:r286_6
|
||||
# 286| v286_8(void) = NoOp :
|
||||
# 286| v286_9(void) = ReturnVoid :
|
||||
# 286| v286_10(void) = UnmodeledUse : mu*
|
||||
# 286| v286_11(void) = AliasedUse : ~mu286_4
|
||||
# 286| v286_12(void) = ExitFunction :
|
||||
|
||||
# 287| void A::A(A*)
|
||||
# 287| Block 0
|
||||
# 287| v287_1(void) = EnterFunction :
|
||||
# 287| mu287_2(unknown) = AliasedDefinition :
|
||||
# 287| mu287_3(unknown) = InitializeNonLocal :
|
||||
# 287| mu287_4(unknown) = UnmodeledDefinition :
|
||||
# 287| r287_5(glval<A>) = InitializeThis :
|
||||
# 287| r287_6(glval<A *>) = VariableAddress[p#0] :
|
||||
# 287| m287_7(A *) = InitializeParameter[p#0] : &:r287_6
|
||||
# 287| r287_8(A *) = Load : &:r287_6, m287_7
|
||||
# 287| mu287_9(unknown) = InitializeIndirection[p#0] : &:r287_8
|
||||
# 287| v287_10(void) = NoOp :
|
||||
# 287| v287_11(void) = ReturnIndirection : &:r287_8, ~mu287_4
|
||||
# 287| v287_12(void) = ReturnVoid :
|
||||
# 287| v287_13(void) = UnmodeledUse : mu*
|
||||
# 287| v287_14(void) = AliasedUse : ~mu287_4
|
||||
# 287| v287_15(void) = ExitFunction :
|
||||
|
||||
# 288| void A::A()
|
||||
# 288| Block 0
|
||||
# 288| v288_1(void) = EnterFunction :
|
||||
# 288| mu288_2(unknown) = AliasedDefinition :
|
||||
# 288| mu288_3(unknown) = InitializeNonLocal :
|
||||
# 288| mu288_4(unknown) = UnmodeledDefinition :
|
||||
# 288| r288_5(glval<A>) = InitializeThis :
|
||||
# 288| v288_6(void) = NoOp :
|
||||
# 288| v288_7(void) = ReturnVoid :
|
||||
# 288| v288_8(void) = UnmodeledUse : mu*
|
||||
# 288| v288_9(void) = AliasedUse : ~mu288_4
|
||||
# 288| v288_10(void) = ExitFunction :
|
||||
|
||||
# 291| Point* NewAliasing(int)
|
||||
# 291| Block 0
|
||||
# 291| v291_1(void) = EnterFunction :
|
||||
# 291| mu291_2(unknown) = AliasedDefinition :
|
||||
# 291| mu291_3(unknown) = InitializeNonLocal :
|
||||
# 291| mu291_4(unknown) = UnmodeledDefinition :
|
||||
# 291| r291_5(glval<int>) = VariableAddress[x] :
|
||||
# 291| m291_6(int) = InitializeParameter[x] : &:r291_5
|
||||
# 292| r292_1(glval<Point *>) = VariableAddress[p] :
|
||||
# 292| r292_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 292| r292_3(unsigned long) = Constant[8] :
|
||||
# 292| r292_4(void *) = Call : func:r292_2, 0:r292_3
|
||||
# 292| mu292_5(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 292| mu292_6(unknown) = ^InitializeDynamicAllocation : &:r292_4
|
||||
# 292| r292_7(Point *) = Convert : r292_4
|
||||
# 292| m292_8(Point *) = Store : &:r292_1, r292_7
|
||||
# 293| r293_1(glval<Point *>) = VariableAddress[q] :
|
||||
# 293| r293_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 293| r293_3(unsigned long) = Constant[8] :
|
||||
# 293| r293_4(void *) = Call : func:r293_2, 0:r293_3
|
||||
# 293| mu293_5(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 293| mu293_6(unknown) = ^InitializeDynamicAllocation : &:r293_4
|
||||
# 293| r293_7(Point *) = Convert : r293_4
|
||||
# 293| m293_8(Point *) = Store : &:r293_1, r293_7
|
||||
# 294| r294_1(glval<int>) = VariableAddress[j] :
|
||||
# 294| r294_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 294| r294_3(unsigned long) = Constant[4] :
|
||||
# 294| r294_4(void *) = Call : func:r294_2, 0:r294_3
|
||||
# 294| mu294_5(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 294| mu294_6(unknown) = ^InitializeDynamicAllocation : &:r294_4
|
||||
# 294| r294_7(A *) = Convert : r294_4
|
||||
# 294| r294_8(glval<unknown>) = FunctionAddress[A] :
|
||||
# 294| r294_9(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 294| r294_10(unsigned long) = Constant[4] :
|
||||
# 294| r294_11(void *) = Call : func:r294_9, 0:r294_10
|
||||
# 294| mu294_12(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 294| mu294_13(unknown) = ^InitializeDynamicAllocation : &:r294_11
|
||||
# 294| r294_14(A *) = Convert : r294_11
|
||||
# 294| r294_15(glval<unknown>) = FunctionAddress[A] :
|
||||
# 294| r294_16(glval<int>) = VariableAddress[x] :
|
||||
# 294| r294_17(int) = Load : &:r294_16, m291_6
|
||||
# 294| v294_18(void) = Call : func:r294_15, this:r294_14, 0:r294_17
|
||||
# 294| mu294_19(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 294| mu294_20(A) = ^IndirectMayWriteSideEffect[-1] : &:r294_14
|
||||
# 294| v294_21(void) = Call : func:r294_8, this:r294_7, 0:r294_14
|
||||
# 294| mu294_22(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 294| mu294_23(A) = ^IndirectMayWriteSideEffect[-1] : &:r294_7
|
||||
# 294| v294_24(void) = ^BufferReadSideEffect[0] : &:r294_14, ~mu291_4
|
||||
# 294| mu294_25(unknown) = ^BufferMayWriteSideEffect[0] : &:r294_14
|
||||
# 294| r294_26(glval<int>) = FieldAddress[i] : r294_7
|
||||
# 294| r294_27(int) = Load : &:r294_26, ~mu291_4
|
||||
# 294| m294_28(int) = Store : &:r294_1, r294_27
|
||||
# 295| r295_1(glval<A *>) = VariableAddress[a] :
|
||||
# 295| r295_2(glval<unknown>) = FunctionAddress[operator new] :
|
||||
# 295| r295_3(unsigned long) = Constant[4] :
|
||||
# 295| r295_4(void *) = Call : func:r295_2, 0:r295_3
|
||||
# 295| mu295_5(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 295| mu295_6(unknown) = ^InitializeDynamicAllocation : &:r295_4
|
||||
# 295| r295_7(A *) = Convert : r295_4
|
||||
# 295| r295_8(glval<unknown>) = FunctionAddress[A] :
|
||||
# 295| v295_9(void) = Call : func:r295_8, this:r295_7
|
||||
# 295| mu295_10(unknown) = ^CallSideEffect : ~mu291_4
|
||||
# 295| mu295_11(A) = ^IndirectMayWriteSideEffect[-1] : &:r295_7
|
||||
# 295| m295_12(A *) = Store : &:r295_1, r295_7
|
||||
# 296| r296_1(glval<Point *>) = VariableAddress[#return] :
|
||||
# 296| r296_2(glval<Point *>) = VariableAddress[p] :
|
||||
# 296| r296_3(Point *) = Load : &:r296_2, m292_8
|
||||
# 296| m296_4(Point *) = Store : &:r296_1, r296_3
|
||||
# 291| r291_7(glval<Point *>) = VariableAddress[#return] :
|
||||
# 291| v291_8(void) = ReturnValue : &:r291_7, m296_4
|
||||
# 291| v291_9(void) = UnmodeledUse : mu*
|
||||
# 291| v291_10(void) = AliasedUse : ~mu291_4
|
||||
# 291| v291_11(void) = ExitFunction :
|
||||
|
||||
@@ -49,6 +49,7 @@ missingOperandType
|
||||
duplicateChiOperand
|
||||
sideEffectWithoutPrimary
|
||||
instructionWithoutSuccessor
|
||||
| CPP-309.cpp:7:5:7:20 | InitializeDynamicAllocation: new[] |
|
||||
| VacuousDestructorCall.cpp:2:29:2:29 | InitializeIndirection: y |
|
||||
| VacuousDestructorCall.cpp:3:3:3:3 | VariableAddress: x |
|
||||
| VacuousDestructorCall.cpp:4:3:4:3 | Load: y |
|
||||
@@ -57,6 +58,7 @@ instructionWithoutSuccessor
|
||||
| condition_decls.cpp:26:23:26:24 | IndirectMayWriteSideEffect: call to BoxedInt |
|
||||
| condition_decls.cpp:41:22:41:23 | IndirectMayWriteSideEffect: call to BoxedInt |
|
||||
| condition_decls.cpp:48:52:48:53 | IndirectMayWriteSideEffect: call to BoxedInt |
|
||||
| cpp17.cpp:15:5:15:45 | InitializeDynamicAllocation: new |
|
||||
| cpp17.cpp:15:11:15:21 | Convert: (void *)... |
|
||||
| file://:0:0:0:0 | CompareNE: (bool)... |
|
||||
| file://:0:0:0:0 | CompareNE: (bool)... |
|
||||
|
||||
@@ -5,3 +5,4 @@
|
||||
import semmle.code.cpp.ir.PrintIR
|
||||
import semmle.code.cpp.ir.IR
|
||||
import semmle.code.cpp.ir.ValueNumbering
|
||||
import semmle.code.cpp.ir.implementation.aliased_ssa.gvn.PrintValueNumbering
|
||||
|
||||
@@ -4,9 +4,9 @@
|
||||
| test.c:25:9:25:14 | ExprStmt | Function f4 should return a value of type int but does not return a value here |
|
||||
| test.c:39:9:39:14 | ExprStmt | Function f6 should return a value of type int but does not return a value here |
|
||||
| test.cpp:16:1:18:1 | { ... } | Function g2 should return a value of type MyValue but does not return a value here |
|
||||
| test.cpp:48:2:48:26 | if (...) ... | Function g7 should return a value of type MyValue but does not return a value here |
|
||||
| test.cpp:52:1:52:1 | return ... | Function g7 should return a value of type MyValue but does not return a value here |
|
||||
| test.cpp:74:1:76:1 | { ... } | Function g10 should return a value of type second but does not return a value here |
|
||||
| test.cpp:86:1:88:1 | { ... } | Function g12 should return a value of type second but does not return a value here |
|
||||
| test.cpp:108:2:111:2 | if (...) ... | Function g14 should return a value of type int but does not return a value here |
|
||||
| test.cpp:112:1:112:1 | return ... | Function g14 should return a value of type int but does not return a value here |
|
||||
| test.cpp:134:2:134:36 | ExprStmt | Function g16 should return a value of type int but does not return a value here |
|
||||
| test.cpp:141:3:141:37 | ExprStmt | Function g17 should return a value of type int but does not return a value here |
|
||||
|
||||
@@ -48,7 +48,7 @@ MyValue g7(bool c)
|
||||
if (c) return MyValue(7);
|
||||
DONOTHING
|
||||
DONOTHING
|
||||
// BAD [the alert here is unfortunately placed]
|
||||
// BAD
|
||||
}
|
||||
|
||||
typedef void MYVOID;
|
||||
|
||||
Reference in New Issue
Block a user