Merge pull request #2154 from rdmarsh2/rdmarsh/cpp/ir-callee-side-effects

C++: add InitializeIndirection for pointer params

csharp/ql/src/semmle/code/csharp/ir/implementation/Opcode.qll

@@ -3,11 +3,13 @@ private newtype TOpcode =
   TUninitialized() or
   TError() or
   TInitializeParameter() or
+  TInitializeIndirection() or
   TInitializeThis() or
   TEnterFunction() or
   TExitFunction() or
   TReturnValue() or
   TReturnVoid() or
+  TReturnIndirection() or
   TCopyValue() or
   TLoad() or
   TStore() or
@@ -180,6 +182,10 @@ module Opcode {
     final override string toString() { result = "InitializeParameter" }
   }
 
+  class InitializeIndirection extends MemoryAccessOpcode, TInitializeIndirection {
+    final override string toString() { result = "InitializeIndirection" }
+  }
+
   class InitializeThis extends Opcode, TInitializeThis {
     final override string toString() { result = "InitializeThis" }
   }
@@ -200,6 +206,10 @@ module Opcode {
     final override string toString() { result = "ReturnVoid" }
   }
 
+  class ReturnIndirection extends MemoryAccessOpcode, TReturnIndirection {
+    final override string toString() { result = "ReturnIndirection" }
+  }
+
   class CopyValue extends UnaryOpcode, CopyOpcode, TCopyValue {
     final override string toString() { result = "CopyValue" }
   }

csharp/ql/src/semmle/code/csharp/ir/implementation/raw/Instruction.qll

@@ -51,6 +51,7 @@ module InstructionSanity {
           opcode instanceof ReadSideEffectOpcode or
           opcode instanceof Opcode::InlineAsm or
           opcode instanceof Opcode::CallSideEffect or
+          opcode instanceof Opcode::ReturnIndirection or
           opcode instanceof Opcode::AliasedUse
         ) and
         tag instanceof SideEffectOperandTag
@@ -713,6 +714,14 @@ class InitializeParameterInstruction extends VariableInstruction {
   final override MemoryAccessKind getResultMemoryAccess() { result instanceof IndirectMemoryAccess }
 }
 
+class InitializeIndirectionInstruction extends VariableInstruction {
+  InitializeIndirectionInstruction() { getOpcode() instanceof Opcode::InitializeIndirection }
+
+  final Language::Parameter getParameter() { result = var.(IRUserVariable).getVariable() }
+
+  final override MemoryAccessKind getResultMemoryAccess() { result instanceof IndirectMemoryAccess }
+}
+
 /**
  * An instruction that initializes the `this` pointer parameter of the enclosing function.
  */
@@ -773,6 +782,18 @@ class ReturnValueInstruction extends ReturnInstruction {
   final Instruction getReturnValue() { result = getReturnValueOperand().getDef() }
 }
 
+class ReturnIndirectionInstruction extends Instruction {
+  ReturnIndirectionInstruction() { getOpcode() instanceof Opcode::ReturnIndirection }
+
+  final SideEffectOperand getSideEffectOperand() { result = getAnOperand() }
+
+  final Instruction getSideEffect() { result = getSideEffectOperand().getDef() }
+
+  final AddressOperand getSourceAddressOperand() { result = getAnOperand() }
+
+  final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() }
+}
+
 class CopyInstruction extends Instruction {
   CopyInstruction() { getOpcode() instanceof CopyOpcode }
 

csharp/ql/src/semmle/code/csharp/ir/implementation/raw/Operand.qll

@@ -410,6 +410,9 @@ class SideEffectOperand extends TypedOperand {
     or
     useInstr instanceof BufferMayWriteSideEffectInstruction and
     result instanceof BufferMemoryAccess
+    or
+    useInstr instanceof ReturnIndirectionInstruction and
+    result instanceof BufferMemoryAccess
   }
 
   final override predicate hasMayMemoryAccess() {

csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/Instruction.qll

@@ -51,6 +51,7 @@ module InstructionSanity {
           opcode instanceof ReadSideEffectOpcode or
           opcode instanceof Opcode::InlineAsm or
           opcode instanceof Opcode::CallSideEffect or
+          opcode instanceof Opcode::ReturnIndirection or
           opcode instanceof Opcode::AliasedUse
         ) and
         tag instanceof SideEffectOperandTag
@@ -713,6 +714,14 @@ class InitializeParameterInstruction extends VariableInstruction {
   final override MemoryAccessKind getResultMemoryAccess() { result instanceof IndirectMemoryAccess }
 }
 
+class InitializeIndirectionInstruction extends VariableInstruction {
+  InitializeIndirectionInstruction() { getOpcode() instanceof Opcode::InitializeIndirection }
+
+  final Language::Parameter getParameter() { result = var.(IRUserVariable).getVariable() }
+
+  final override MemoryAccessKind getResultMemoryAccess() { result instanceof IndirectMemoryAccess }
+}
+
 /**
  * An instruction that initializes the `this` pointer parameter of the enclosing function.
  */
@@ -773,6 +782,18 @@ class ReturnValueInstruction extends ReturnInstruction {
   final Instruction getReturnValue() { result = getReturnValueOperand().getDef() }
 }
 
+class ReturnIndirectionInstruction extends Instruction {
+  ReturnIndirectionInstruction() { getOpcode() instanceof Opcode::ReturnIndirection }
+
+  final SideEffectOperand getSideEffectOperand() { result = getAnOperand() }
+
+  final Instruction getSideEffect() { result = getSideEffectOperand().getDef() }
+
+  final AddressOperand getSourceAddressOperand() { result = getAnOperand() }
+
+  final Instruction getSourceAddress() { result = getSourceAddressOperand().getDef() }
+}
+
 class CopyInstruction extends Instruction {
   CopyInstruction() { getOpcode() instanceof CopyOpcode }
 

csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/Operand.qll

@@ -410,6 +410,9 @@ class SideEffectOperand extends TypedOperand {
     or
     useInstr instanceof BufferMayWriteSideEffectInstruction and
     result instanceof BufferMemoryAccess
+    or
+    useInstr instanceof ReturnIndirectionInstruction and
+    result instanceof BufferMemoryAccess
   }
 
   final override predicate hasMayMemoryAccess() {