C++: Fix enclosing functions for static locals.

2025-12-23 04:06:37 +01:00 · 2023-04-24 17:15:48 +01:00
parent 9cc4bfec2a
commit 648c08bcd9
8 changed files with 78 additions and 26 deletions
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
@@ -180,7 +180,7 @@ abstract class TranslatedSideEffects extends TranslatedElement {
  /** DEPRECATED: Alias for getAst */
  deprecated override Locatable getAST() { result = getAst() }

-  final override Declaration getFunction() { result = getExpr().getEnclosingDeclaration() }
+  final override Declaration getFunction() { result = getEnclosingDeclaration(getExpr()) }

  final override TranslatedElement getChild(int i) {
    result =
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll
@@ -28,7 +28,7 @@ abstract class TranslatedCondition extends TranslatedElement {

  final Expr getExpr() { result = expr }

-  final override Function getFunction() { result = expr.getEnclosingFunction() }
+  final override Function getFunction() { result = getEnclosingFunction(expr) }

  final Type getResultType() { result = expr.getUnspecifiedType() }
 }
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll
@@ -28,9 +28,14 @@ abstract class TranslatedDeclarationEntry extends TranslatedElement, TTranslated

  TranslatedDeclarationEntry() { this = TTranslatedDeclarationEntry(entry) }

-  final override Function getFunction() {
-    exists(DeclStmt stmt |
-      stmt = entry.getStmt() and
+  final override Declaration getFunction() {
+    exists(DeclStmt stmt | stmt = entry.getStmt() |
+      result = entry.getDeclaration().(StaticInitializedStaticLocalVariable)
+      or
+      result = entry.getDeclaration().(GlobalOrNamespaceVariable)
+      or
+      not entry.getDeclaration() instanceof StaticInitializedStaticLocalVariable and
+      not entry.getDeclaration() instanceof GlobalOrNamespaceVariable and
      result = stmt.getEnclosingFunction()
    )
  }
@@ -237,7 +242,7 @@ class TranslatedStaticLocalVariableInitialization extends TranslatedElement,

  final override LocalVariable getVariable() { result = var }

-  final override Function getFunction() { result = var.getFunction() }
+  final override Declaration getFunction() { result = var.getFunction() }
 }

 TranslatedConditionDecl getTranslatedConditionDecl(ConditionDeclExpr expr) {
@@ -264,7 +269,7 @@ class TranslatedConditionDecl extends TranslatedLocalVariableDeclaration, TTrans
  /** DEPRECATED: Alias for getAst */
  deprecated override Locatable getAST() { result = getAst() }

-  override Function getFunction() { result = conditionDeclExpr.getEnclosingFunction() }
+  override Declaration getFunction() { result = getEnclosingFunction(conditionDeclExpr) }

  override LocalVariable getVariable() { result = conditionDeclExpr.getVariable() }
 }
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll
@@ -109,8 +109,8 @@ private predicate ignoreExprOnly(Expr expr) {
  // should not be translated.
  exists(NewOrNewArrayExpr new | expr = new.getAllocatorCall().getArgument(0))
  or
-  not translateFunction(expr.getEnclosingFunction()) and
-  not Raw::varHasIRFunc(expr.getEnclosingVariable())
+  not translateFunction(getEnclosingFunction(expr)) and
+  not Raw::varHasIRFunc(getEnclosingVariable(expr))
  or
  // We do not yet translate destructors properly, so for now we ignore the
  // destructor call. We do, however, translate the expression being
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
@@ -79,7 +79,7 @@ abstract class TranslatedExpr extends TranslatedElement {
  /** DEPRECATED: Alias for getAst */
  deprecated override Locatable getAST() { result = this.getAst() }

-  final override Declaration getFunction() { result = expr.getEnclosingDeclaration() }
+  final override Declaration getFunction() { result = getEnclosingDeclaration(expr) }

  /**
   * Gets the expression from which this `TranslatedExpr` is generated.
@@ -90,12 +90,57 @@ abstract class TranslatedExpr extends TranslatedElement {
   * Gets the `TranslatedFunction` containing this expression.
   */
  final TranslatedRootElement getEnclosingFunction() {
-    result = getTranslatedFunction(expr.getEnclosingFunction())
+    result = getTranslatedFunction(getEnclosingFunction(expr))
    or
-    result = getTranslatedVarInit(expr.getEnclosingVariable())
+    result = getTranslatedVarInit(getEnclosingVariable(expr))
  }
 }

+Function getEnclosingFunction(Expr e) {
+  not exists(getEnclosingVariable(e)) and
+  result = e.getEnclosingFunction()
+}
+
+Declaration getEnclosingDeclaration0(Expr e) {
+  result = getEnclosingDeclaration0(e.getParentWithConversions())
+  or
+  exists(Initializer i, Variable v |
+    i.getExpr().getFullyConverted() = e and
+    v = i.getDeclaration()
+  |
+    if v instanceof StaticInitializedStaticLocalVariable or v instanceof GlobalOrNamespaceVariable
+    then result = v
+    else result = e.getEnclosingDeclaration()
+  )
+}
+
+Declaration getEnclosingDeclaration(Expr e) {
+  result = getEnclosingDeclaration0(e)
+  or
+  not exists(getEnclosingDeclaration0(e)) and
+  result = e.getEnclosingDeclaration()
+}
+
+Variable getEnclosingVariable0(Expr e) {
+  result = getEnclosingVariable0(e.getParentWithConversions())
+  or
+  exists(Initializer i, Variable v |
+    i.getExpr().getFullyConverted() = e and
+    v = i.getDeclaration()
+  |
+    if v instanceof StaticInitializedStaticLocalVariable or v instanceof GlobalOrNamespaceVariable
+    then result = v
+    else result = e.getEnclosingVariable()
+  )
+}
+
+Variable getEnclosingVariable(Expr e) {
+  result = getEnclosingVariable0(e)
+  or
+  not exists(getEnclosingVariable0(e)) and
+  result = e.getEnclosingVariable()
+}
+
 /**
 * The IR translation of the "core"  part of an expression. This is the part of
 * the expression that produces the result value of the expression, before any
@@ -843,7 +888,7 @@ class TranslatedNonFieldVariableAccess extends TranslatedVariableAccess {

  override IRVariable getInstructionVariable(InstructionTag tag) {
    tag = OnlyInstructionTag() and
-    result = getIRUserVariable(expr.getEnclosingDeclaration(), expr.getTarget())
+    result = getIRUserVariable(getEnclosingDeclaration(expr), expr.getTarget())
  }
 }

@@ -2000,7 +2045,7 @@ class TranslatedDestructorFieldDestruction extends TranslatedNonConstantExpr, St
  final override Instruction getInstructionRegisterOperand(InstructionTag tag, OperandTag operandTag) {
    tag = OnlyInstructionTag() and
    operandTag instanceof UnaryOperandTag and
-    result = getTranslatedFunction(expr.getEnclosingFunction()).getInitializeThisInstruction()
+    result = getTranslatedFunction(getEnclosingFunction(expr)).getInitializeThisInstruction()
  }

  final override Field getInstructionField(InstructionTag tag) {
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
@@ -328,7 +328,7 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction {
      ) and
      exists(VariableAccess access |
        access.getTarget() = var and
-        access.getEnclosingFunction() = func
+        getEnclosingFunction(access) = func
      )
      or
      var.(LocalScopeVariable).getFunction() = func
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll
@@ -1,4 +1,5 @@
 import semmle.code.cpp.ir.implementation.raw.internal.TranslatedElement
+private import TranslatedExpr
 private import cpp
 private import semmle.code.cpp.ir.implementation.IRType
 private import semmle.code.cpp.ir.implementation.Opcode
@@ -117,7 +118,7 @@ class TranslatedStaticStorageDurationVarInit extends TranslatedRootElement,
      ) and
      exists(VariableAccess access |
        access.getTarget() = varUsed and
-        access.getEnclosingVariable() = var
+        getEnclosingVariable(access) = var
      )
      or
      var = varUsed
--- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll
+++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll
@@ -138,9 +138,9 @@ abstract class TranslatedInitialization extends TranslatedElement, TTranslatedIn
  final override string toString() { result = "init: " + expr.toString() }

  final override Declaration getFunction() {
-    result = expr.getEnclosingFunction() or
-    result = expr.getEnclosingVariable().(GlobalOrNamespaceVariable) or
-    result = expr.getEnclosingVariable().(StaticInitializedStaticLocalVariable)
+    result = getEnclosingFunction(expr) or
+    result = getEnclosingVariable(expr).(GlobalOrNamespaceVariable) or
+    result = getEnclosingVariable(expr).(StaticInitializedStaticLocalVariable)
  }

  final override Locatable getAst() { result = expr }
@@ -160,7 +160,7 @@ abstract class TranslatedInitialization extends TranslatedElement, TTranslatedIn
  final InitializationContext getContext() { result = getParent() }

  final TranslatedFunction getEnclosingFunction() {
-    result = getTranslatedFunction(expr.getEnclosingFunction())
+    result = getTranslatedFunction(this.getFunction())
  }
 }

@@ -494,8 +494,9 @@ abstract class TranslatedFieldInitialization extends TranslatedElement {
  deprecated override Locatable getAST() { result = getAst() }

  final override Declaration getFunction() {
-    result = ast.getEnclosingFunction() or
-    result = ast.getEnclosingVariable().(GlobalOrNamespaceVariable)
+    result = getEnclosingFunction(ast) or
+    result = getEnclosingVariable(ast).(GlobalOrNamespaceVariable) or
+    result = getEnclosingVariable(ast).(StaticInitializedStaticLocalVariable)
  }

  final override Instruction getFirstInstruction() { result = getInstruction(getFieldAddressTag()) }
@@ -652,11 +653,11 @@ abstract class TranslatedElementInitialization extends TranslatedElement {
  deprecated override Locatable getAST() { result = getAst() }

  final override Declaration getFunction() {
-    result = initList.getEnclosingFunction()
+    result = getEnclosingFunction(initList)
    or
-    result = initList.getEnclosingVariable().(GlobalOrNamespaceVariable)
+    result = getEnclosingVariable(initList).(GlobalOrNamespaceVariable)
    or
-    result = initList.getEnclosingVariable().(StaticInitializedStaticLocalVariable)
+    result = getEnclosingVariable(initList).(StaticInitializedStaticLocalVariable)
  }

  final override Instruction getFirstInstruction() { result = getInstruction(getElementIndexTag()) }
@@ -855,7 +856,7 @@ abstract class TranslatedStructorCallFromStructor extends TranslatedElement, Str
    result = getStructorCall()
  }

-  final override Function getFunction() { result = call.getEnclosingFunction() }
+  final override Function getFunction() { result = getEnclosingFunction(call) }

  final override Instruction getChildSuccessor(TranslatedElement child) {
    child = getStructorCall() and