hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixed PR errors

Browse Source
This commit is contained in:
AndreiDiaconu1
2019-08-28 12:13:09 +01:00
parent c74898ec9f
commit 66948b4f57
28 changed files with 1698 additions and 1967 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
csharp/ql/src/semmle/code/csharp/ir/Util.qll
View File

@@ -1,4 +1,4 @@
/*
/**
* Temporary file that has stubs for various functionalities in the IR conversion.
*/

55
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/Instruction.qll
View File

@@ -215,6 +215,55 @@ module InstructionSanity {
) and
fromInstr != fromBlock
}
/**
* Gets the point in the function at which the specified operand is evaluated. For most operands,
* this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
* of evaluation is at the end of the corresponding predecessor block.
*/
private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
(
block = operand.(PhiInputOperand).getPredecessorBlock() and
index = block.getInstructionCount()
) or
exists (Instruction use |
use = operand.(NonPhiOperand).getUse() and
block.getInstruction(index) = use
)
}
/**
* Holds if `useOperand` has a definition that does not dominate the use.
*/
query predicate useNotDominatedByDefinition(Operand useOperand, string message, IRFunction func,
string funcText) {
exists (IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
not useOperand.getUse() instanceof UnmodeledUseInstruction and
pointOfEvaluation(useOperand, useBlock, useIndex) and
defInstr = useOperand.getAnyDef() and
(
(
defInstr instanceof PhiInstruction and
defBlock = defInstr.getBlock() and
defIndex = -1
)
or
defBlock.getInstruction(defIndex) = defInstr
) and
not (
defBlock.strictlyDominates(useBlock) or
(
defBlock = useBlock and
defIndex < useIndex
)
) and
message = "Operand '" + useOperand.toString() +
"' is not dominated by its definition in function '$@'." and
func = useOperand.getEnclosingIRFunction() and
funcText = Language::getIdentityString(func.getFunction())
)
}
}
/**
@@ -618,7 +667,7 @@ class FieldInstruction extends Instruction {
}
override final string getImmediateString() {
result = field.getQualifiedNameWithTypes()
result = field.toString()
}
final Language::Field getField() {
@@ -634,7 +683,7 @@ class FunctionInstruction extends Instruction {
}
override final string getImmediateString() {
result = funcSymbol.getQualifiedNameWithTypes()
result = funcSymbol.toString()
}
final Language::Function getFunctionSymbol() {
@@ -1594,7 +1643,7 @@ class CatchByTypeInstruction extends CatchInstruction {
}
final override string getImmediateString() {
result = exceptionType.getQualifiedNameWithTypes()
result = exceptionType.toString()
}
/**

3
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/IRConstruction.qll
View File

@@ -69,7 +69,8 @@ cached private module Cached {
getInstructionTag(instruction), tag)
}
cached Instruction getMemoryOperandDefinition(Instruction instruction, MemoryOperandTag tag, MustTotallyOverlap overlap) {
cached Instruction getMemoryOperandDefinition(Instruction instruction, MemoryOperandTag tag, Overlap overlap) {
overlap instanceof MustTotallyOverlap and
result = getInstructionTranslatedElement(instruction).getInstructionOperand(
getInstructionTag(instruction), tag)
}

4
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/InstructionTag.qll
View File

@@ -78,10 +78,10 @@ newtype TInstructionTag =
NewObjTag() or
// TODO: remove the need for indexing
PointerAddTag(int index) {
index in [0 .. 255]
index in [0 .. 255]
} or
ElementsAddressTag(int index) {
index in [0 .. 255]
index in [0 .. 255]
} or
ConvertTag() or
GeneratedNEQTag() or

128
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/TranslatedCall.qll
View File

@@ -18,17 +18,16 @@ abstract class TranslatedCall extends TranslatedExpr {
// The qualifier is evaluated before the call target, because the value of
// the call target may depend on the value of the qualifier for virtual
// calls.
id = -2 and result = getQualifier()
or
id = -1 and result = getCallTarget()
or
result = getArgument(id)
id = -2 and result = this.getQualifier() or
id = -1 and result = this.getCallTarget() or
result = this.getArgument(id)
}
final override Instruction getFirstInstruction() {
if exists(getQualifier())
then result = getQualifier().getFirstInstruction()
else result = getFirstCallTargetInstruction()
override final Instruction getFirstInstruction() {
if exists(this.getQualifier()) then
result = this.getQualifier().getFirstInstruction()
else
result = this.getFirstCallTargetInstruction()
}
override predicate hasInstruction(
@@ -60,20 +59,19 @@ abstract class TranslatedCall extends TranslatedExpr {
override Instruction getChildSuccessor(TranslatedElement child) {
(
child = getQualifier() and
result = getFirstCallTargetInstruction()
)
or
child = this.getQualifier() and
result = this.getFirstCallTargetInstruction()
) or
(
child = getCallTarget() and
result = getFirstArgumentOrCallInstruction()
)
or
child = this.getCallTarget() and
result = this.getFirstArgumentOrCallInstruction()
) or
exists(int argIndex |
child = getArgument(argIndex) and
if exists(getArgument(argIndex + 1))
then result = getArgument(argIndex + 1).getFirstInstruction()
else result = getInstruction(CallTag())
child = this.getArgument(argIndex) and
if exists(this.getArgument(argIndex + 1)) then
result = this.getArgument(argIndex + 1).getFirstInstruction()
else
result = this.getInstruction(CallTag())
)
}
@@ -82,15 +80,15 @@ abstract class TranslatedCall extends TranslatedExpr {
(
(
tag = CallTag() and
if hasSideEffect()
then result = getInstruction(CallSideEffectTag())
else result = getParent().getChildSuccessor(this)
)
or
if this.hasSideEffect() then
result = this.getInstruction(CallSideEffectTag())
else
result = this.getParent().getChildSuccessor(this)
) or
(
hasSideEffect() and
this.hasSideEffect() and
tag = CallSideEffectTag() and
result = getParent().getChildSuccessor(this)
result = this.getParent().getChildSuccessor(this)
)
)
}
@@ -98,16 +96,27 @@ abstract class TranslatedCall extends TranslatedExpr {
override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) {
tag = CallTag() and
(
operandTag instanceof CallTargetOperandTag and
result = getCallTargetResult()
or
operandTag instanceof ThisArgumentOperandTag and
result = getQualifierResult()
or
exists(PositionalArgumentOperandTag argTag |
argTag = operandTag and
result = getArgument(argTag.getArgIndex()).getResult()
tag = CallTag() and
(
(
operandTag instanceof CallTargetOperandTag and
result = this.getCallTargetResult()
) or
(
operandTag instanceof ThisArgumentOperandTag and
result = this.getQualifierResult()
) or
exists(PositionalArgumentOperandTag argTag |
argTag = operandTag and
result = this.getArgument(argTag.getArgIndex()).getResult()
)
)
) or
(
tag = CallSideEffectTag() and
this.hasSideEffect() and
operandTag instanceof SideEffectOperandTag and
result = this.getEnclosingFunction().getUnmodeledDefinitionInstruction()
)
or
tag = CallSideEffectTag() and
@@ -118,12 +127,14 @@ abstract class TranslatedCall extends TranslatedExpr {
final override Type getInstructionOperandType(InstructionTag tag, TypedOperandTag operandTag) {
tag = CallSideEffectTag() and
hasSideEffect() and
this.hasSideEffect() and
operandTag instanceof SideEffectOperandTag and
result instanceof Language::UnknownType
}
final override Instruction getResult() { result = getInstruction(CallTag()) }
override final Instruction getResult() {
result = this.getInstruction(CallTag())
}
/**
* Gets the result type of the call.
@@ -133,7 +144,9 @@ abstract class TranslatedCall extends TranslatedExpr {
/**
* Holds if the call has a `this` argument.
*/
predicate hasQualifier() { exists(getQualifier()) }
predicate hasQualifier() {
exists(this.getQualifier())
}
/**
* Gets the `TranslatedExpr` for the indirect target of the call, if any.
@@ -146,7 +159,9 @@ abstract class TranslatedCall extends TranslatedExpr {
* it can be overridden by a subclass for cases where there is a call target
* that is not computed from an expression (e.g. a direct call).
*/
Instruction getFirstCallTargetInstruction() { result = getCallTarget().getFirstInstruction() }
Instruction getFirstCallTargetInstruction() {
result = this.getCallTarget().getFirstInstruction()
}
/**
* Gets the instruction whose result value is the target of the call. By
@@ -154,7 +169,9 @@ abstract class TranslatedCall extends TranslatedExpr {
* overridden by a subclass for cases where there is a call target that is not
* computed from an expression (e.g. a direct call).
*/
Instruction getCallTargetResult() { result = getCallTarget().getResult() }
Instruction getCallTargetResult() {
result = this.getCallTarget().getResult()
}
/**
* Gets the `TranslatedExpr` for the qualifier of the call (i.e. the value
@@ -168,7 +185,9 @@ abstract class TranslatedCall extends TranslatedExpr {
* overridden by a subclass for cases where there is a `this` argument that is
* not computed from a child expression (e.g. a constructor call).
*/
Instruction getQualifierResult() { result = getQualifier().getResult() }
Instruction getQualifierResult() {
result = this.getQualifier().getResult()
}
/**
* Gets the argument with the specified `index`. Does not include the `this`
@@ -181,9 +200,10 @@ abstract class TranslatedCall extends TranslatedExpr {
* argument. Otherwise, returns the call instruction.
*/
final Instruction getFirstArgumentOrCallInstruction() {
if hasArguments()
then result = getArgument(0).getFirstInstruction()
else result = getInstruction(CallTag())
if this.hasArguments() then
result = this.getArgument(0).getFirstInstruction()
else
result = this.getInstruction(CallTag())
}
/**
@@ -199,9 +219,9 @@ abstract class TranslatedCall extends TranslatedExpr {
private predicate hasSideEffect() { hasReadSideEffect() or hasWriteSideEffect() }
override Instruction getPrimaryInstructionForSideEffect(InstructionTag tag) {
hasSideEffect() and
tag = CallSideEffectTag() and
result = getResult()
this.hasSideEffect() and
tag = CallSideEffectTag() and
result = this.getResult()
}
}
@@ -211,10 +231,10 @@ abstract class TranslatedCall extends TranslatedExpr {
*/
abstract class TranslatedDirectCall extends TranslatedCall {
final override Instruction getFirstCallTargetInstruction() {
result = getInstruction(CallTargetTag())
result = this.getInstruction(CallTargetTag())
}
final override Instruction getCallTargetResult() { result = getInstruction(CallTargetTag()) }
final override Instruction getCallTargetResult() { result = this.getInstruction(CallTargetTag()) }
override predicate hasInstruction(
Opcode opcode, InstructionTag tag, Type resultType, boolean isLValue
@@ -232,7 +252,7 @@ abstract class TranslatedDirectCall extends TranslatedCall {
or
tag = CallTargetTag() and
kind instanceof GotoEdge and
result = getFirstArgumentOrCallInstruction()
result = this.getFirstArgumentOrCallInstruction()
}
}
@@ -242,7 +262,7 @@ abstract class TranslatedDirectCall extends TranslatedCall {
abstract class TranslatedCallExpr extends TranslatedNonConstantExpr, TranslatedCall {
override Call expr;
override Type getCallResultType() { result = getResultType() }
override Type getCallResultType() { result = this.getResultType() }
final override predicate hasArguments() { exists(expr.getArgument(0)) }
@@ -290,7 +310,7 @@ class TranslatedConstructorCall extends TranslatedFunctionCall {
// We must retrieve the qualifier from the context the
// constructor call happened
exists(StructorCallContext context |
context = getParent() and
context = this.getParent() and
result = context.getReceiver()
)
}

62
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/TranslatedCondition.qll
View File

@@ -28,7 +28,7 @@ abstract class TranslatedCondition extends TranslatedElement {
}
final ConditionContext getConditionContext() {
result = getParent()
result = this.getParent()
}
final Expr getExpr() {
@@ -51,11 +51,11 @@ abstract class TranslatedFlexibleCondition extends TranslatedCondition,
}
override final TranslatedElement getChild(int id) {
id = 0 and result = getOperand()
id = 0 and result = this.getOperand()
}
override final Instruction getFirstInstruction() {
result = getOperand().getFirstInstruction()
result = this.getOperand().getFirstInstruction()
}
override final predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -79,13 +79,13 @@ class TranslatedParenthesisCondition extends TranslatedFlexibleCondition {
override ParenthesizedExpr expr;
final override Instruction getChildTrueSuccessor(TranslatedCondition child) {
child = getOperand() and
result = getConditionContext().getChildTrueSuccessor(this)
child = this.getOperand() and
result = this.getConditionContext().getChildTrueSuccessor(this)
}
final override Instruction getChildFalseSuccessor(TranslatedCondition child) {
child = getOperand() and
result = getConditionContext().getChildFalseSuccessor(this)
child = this.getOperand() and
result = this.getConditionContext().getChildFalseSuccessor(this)
}
final override TranslatedCondition getOperand() {
@@ -97,13 +97,13 @@ class TranslatedNotCondition extends TranslatedFlexibleCondition {
override LogicalNotExpr expr;
override Instruction getChildTrueSuccessor(TranslatedCondition child) {
child = getOperand() and
result = getConditionContext().getChildFalseSuccessor(this)
child = this.getOperand() and
result = this.getConditionContext().getChildFalseSuccessor(this)
}
override Instruction getChildFalseSuccessor(TranslatedCondition child) {
child = getOperand() and
result = getConditionContext().getChildTrueSuccessor(this)
child = this.getOperand() and
result = this.getConditionContext().getChildTrueSuccessor(this)
}
override TranslatedCondition getOperand() {
@@ -127,12 +127,12 @@ abstract class TranslatedBinaryLogicalOperation extends
override BinaryLogicalOperation expr;
override final TranslatedElement getChild(int id) {
id = 0 and result = getLeftOperand() or
id = 1 and result = getRightOperand()
id = 0 and result = this.getLeftOperand() or
id = 1 and result = this.getRightOperand()
}
override final Instruction getFirstInstruction() {
result = getLeftOperand().getFirstInstruction()
result = this.getLeftOperand().getFirstInstruction()
}
override final predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -154,8 +154,8 @@ abstract class TranslatedBinaryLogicalOperation extends
}
final TranslatedCondition getAnOperand() {
result = getLeftOperand() or
result = getRightOperand()
result = this.getLeftOperand() or
result = this.getRightOperand()
}
}
@@ -166,18 +166,18 @@ class TranslatedLogicalAndExpr extends TranslatedBinaryLogicalOperation {
override Instruction getChildTrueSuccessor(TranslatedCondition child) {
(
child = getLeftOperand() and
result = getRightOperand().getFirstInstruction()
child = this.getLeftOperand() and
result = this.getRightOperand().getFirstInstruction()
) or
(
child = getRightOperand() and
result = getConditionContext().getChildTrueSuccessor(this)
child = this.getRightOperand() and
result = this.getConditionContext().getChildTrueSuccessor(this)
)
}
override Instruction getChildFalseSuccessor(TranslatedCondition child) {
child = getAnOperand() and
result = getConditionContext().getChildFalseSuccessor(this)
child = this.getAnOperand() and
result = this.getConditionContext().getChildFalseSuccessor(this)
}
}
@@ -186,17 +186,17 @@ class TranslatedLogicalOrExpr extends TranslatedBinaryLogicalOperation {
override Instruction getChildTrueSuccessor(TranslatedCondition child) {
child = getAnOperand() and
result = getConditionContext().getChildTrueSuccessor(this)
result = this.getConditionContext().getChildTrueSuccessor(this)
}
override Instruction getChildFalseSuccessor(TranslatedCondition child) {
(
child = getLeftOperand() and
child = this.getLeftOperand() and
result = getRightOperand().getFirstInstruction()
) or
(
child = getRightOperand() and
result = getConditionContext().getChildFalseSuccessor(this)
child = this.getRightOperand() and
result = this.getConditionContext().getChildFalseSuccessor(this)
)
}
}
@@ -212,7 +212,7 @@ class TranslatedValueCondition extends TranslatedCondition,
}
override Instruction getFirstInstruction() {
result = getValueExpr().getFirstInstruction()
result = this.getValueExpr().getFirstInstruction()
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -225,7 +225,7 @@ class TranslatedValueCondition extends TranslatedCondition,
override Instruction getChildSuccessor(TranslatedElement child) {
child = getValueExpr() and
result = getInstruction(ValueConditionConditionalBranchTag())
result = this.getInstruction(ValueConditionConditionalBranchTag())
}
override Instruction getInstructionSuccessor(InstructionTag tag,
@@ -234,11 +234,11 @@ class TranslatedValueCondition extends TranslatedCondition,
(
(
kind instanceof TrueEdge and
result = getConditionContext().getChildTrueSuccessor(this)
result = this.getConditionContext().getChildTrueSuccessor(this)
) or
(
kind instanceof FalseEdge and
result = getConditionContext().getChildFalseSuccessor(this)
result = this.getConditionContext().getChildFalseSuccessor(this)
)
)
}
@@ -247,7 +247,7 @@ class TranslatedValueCondition extends TranslatedCondition,
OperandTag operandTag) {
tag = ValueConditionConditionalBranchTag() and
operandTag instanceof ConditionOperandTag and
result = getValueExpr().getResult()
result = this.getValueExpr().getResult()
}
private TranslatedExpr getValueExpr() {

45
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll → csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/TranslatedDeclaration.qll
View File

@@ -9,7 +9,7 @@ private import TranslatedInitialization
private import semmle.code.csharp.ir.internal.IRCSharpLanguage as Language
/**
* Gets the `TranslatedDeclarationEntry` that represents the declaration
* Gets the `TranslatedDeclaration` that represents the declaration
* `entry`.
*/
TranslatedLocalDeclaration getTranslatedLocalDeclaration(LocalVariableDeclExpr declExpr) {
@@ -19,11 +19,11 @@ TranslatedLocalDeclaration getTranslatedLocalDeclaration(LocalVariableDeclExpr d
/**
* Represents the IR translation of a declaration within the body of a function.
*/
abstract class TranslatedLocalDeclaration extends TranslatedElement, TTranslatedDeclarationEntry {
abstract class TranslatedLocalDeclaration extends TranslatedElement, TTranslatedDeclaration {
LocalVariableDeclExpr expr;
TranslatedLocalDeclaration() {
this = TTranslatedDeclarationEntry(expr)
this = TTranslatedDeclaration(expr)
}
override final Callable getFunction() {
@@ -52,11 +52,11 @@ class TranslatedLocalVariableDeclaration extends TranslatedLocalDeclaration,
}
override TranslatedElement getChild(int id) {
id = 0 and result = getInitialization()
id = 0 and result = this.getInitialization()
}
override Instruction getFirstInstruction() {
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -68,7 +68,7 @@ class TranslatedLocalVariableDeclaration extends TranslatedLocalDeclaration,
isLValue = true
) or
(
hasUninitializedInstruction() and
this.hasUninitializedInstruction() and
tag = InitializerStoreTag() and
opcode instanceof Opcode::Uninitialized and
resultType = getVariableType(var) and
@@ -81,48 +81,47 @@ class TranslatedLocalVariableDeclaration extends TranslatedLocalDeclaration,
(
tag = InitializerVariableAddressTag() and
kind instanceof GotoEdge and
if hasUninitializedInstruction() then
result = getInstruction(InitializerStoreTag())
if this.hasUninitializedInstruction() then
result = this.getInstruction(InitializerStoreTag())
else
if isInitializedByExpr() then
if this.isInitializedByExpr() then
// initialization is done by the expression
result = getParent().getChildSuccessor(this)
result = this.getParent().getChildSuccessor(this)
else
result = getInitialization().getFirstInstruction()
result = this.getInitialization().getFirstInstruction()
) or
(
hasUninitializedInstruction() and
this.hasUninitializedInstruction() and
kind instanceof GotoEdge and
tag = InitializerStoreTag() and
(
result = getInitialization().getFirstInstruction() or
not exists(getInitialization()) and result = getParent().getChildSuccessor(this)
result = this.getInitialization().getFirstInstruction() or
not exists(this.getInitialization()) and result = this.getParent().getChildSuccessor(this)
)
)
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getInitialization() and result = getParent().getChildSuccessor(this)
child = this.getInitialization() and result = this.getParent().getChildSuccessor(this)
}
override IRVariable getInstructionVariable(InstructionTag tag) {
(
tag = InitializerVariableAddressTag() or
hasUninitializedInstruction() and tag = InitializerStoreTag()
this.hasUninitializedInstruction() and tag = InitializerStoreTag()
) and
result = getIRUserVariable(getFunction(), var)
}
override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) {
hasUninitializedInstruction() and
this.hasUninitializedInstruction() and
tag = InitializerStoreTag() and
operandTag instanceof AddressOperandTag and
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
}
override Instruction getTargetAddress() {
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
}
override Type getTargetType() {
@@ -141,10 +140,10 @@ class TranslatedLocalVariableDeclaration extends TranslatedLocalDeclaration,
private predicate hasUninitializedInstruction() {
(
not exists(getInitialization()) or
getInitialization() instanceof TranslatedListInitialization
not exists(this.getInitialization()) or
this.getInitialization() instanceof TranslatedListInitialization
) and
not isInitializedByExpr()
not this.isInitializedByExpr()
}
/**

74
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/TranslatedElement.qll
View File

@@ -55,17 +55,6 @@ private predicate ignoreExprAndDescendants(Expr expr) {
// constant value.
isIRConstant(getRealParent(expr))
or
// The `DestructorCall` node for a `DestructorFieldDestruction` has a `FieldAccess`
// node as its qualifier, but that `FieldAccess` does not have a child of its own.
// We'll ignore that `FieldAccess`, and supply the receiver as part of the calling
// context, much like we do with constructor calls.
// TODO: Deal with C# finalizers and Dispose methods at some point
// expr.getParent().(DestructorCall).getParent() instanceof DestructorFieldDestruction or
// exists(NewArrayExpr newExpr |
// // REVIEW: Ignore initializers for `NewArrayExpr` until we determine how to
// // represent them.
// newExpr.getInitializer().getFullyConverted() = expr
// ) or
ignoreExprAndDescendants(getRealParent(expr)) // recursive case
}
@@ -74,11 +63,6 @@ private predicate ignoreExprAndDescendants(Expr expr) {
* purposes of IR generation.
*/
private predicate ignoreExprOnly(Expr expr) {
// exists(NewOrNewArrayExpr newExpr |
// // Ignore the allocator call, because we always synthesize it. Don't ignore
// // its arguments, though, because we use them as part of the synthesis.
// newExpr.getAllocatorCall() = expr
// ) or
not translateFunction(expr.getEnclosingCallable())
or
// Ignore size of arrays when translating
@@ -95,30 +79,6 @@ private predicate ignoreExpr(Expr expr) {
ignoreExprAndDescendants(expr)
}
// TODO: Probably ok to ignore for now
///**
// * Holds if `func` contains an AST that cannot be translated into IR. This is mostly used to work
// * around extractor bugs. Once the relevant extractor bugs are fixed, this predicate can be removed.
// */
//private predicate isInvalidFunction(Callable callable) {
// exists(Literal literal |
// // Constructor field inits within a compiler-generated copy constructor have a source expression
// // that is a `Literal` with no value.
// literal = callable.(Constructor).getInitializer().(ConstructorFieldInit).getExpr() and
// not exists(literal.getValue())
// ) or
// exists(ThisExpr thisExpr |
// // An instantiation of a member function template is not treated as a `MemberFunction` if it has
// // only non-type template arguments.
// thisExpr.getEnclosingFunction() = callable and
// not callable instanceof Member
// ) or
// exists(Expr expr |
// // Expression missing a type.
// expr.getEnclosingFunction() = callable and
// not exists(expr.getType())
// )
//}
/**
* Holds if `func` should be translated to IR.
*/
@@ -245,23 +205,23 @@ newtype TTranslatedElement =
)
or
// Then treat more complex ones
exists(ObjectCreation objCreation | objCreation = expr)
expr instanceof ObjectCreation
or
exists(ArrayInitializer arrInit | arrInit = expr)
expr instanceof ArrayInitializer
or
exists(ObjectInitializer objInit | objInit = expr)
expr instanceof ObjectInitializer
or
exists(CollectionInitializer colInit | colInit.getAnElementInitializer() = expr)
expr = any(ThrowExpr throw).getExpr()
or
exists(ReturnStmt returnStmt | returnStmt.getExpr() = expr)
expr = any(CollectionInitializer colInit).getAnElementInitializer()
or
exists(ThrowExpr throw | throw.getExpr() = expr)
expr = any(ReturnStmt returnStmt).getExpr()
or
exists(ArrayInitializer arrInit | arrInit.getAnElement() = expr)
expr = any(ArrayInitializer arrInit).getAnElement()
or
exists(LambdaExpr lambda | lambda.getSourceDeclaration() = expr)
expr = any(LambdaExpr lambda).getSourceDeclaration()
or
exists(AnonymousMethodExpr anonMethExpr | anonMethExpr.getSourceDeclaration() = expr)
expr = any(AnonymousMethodExpr anonMethExpr).getSourceDeclaration()
)
} or
// The initialization of an array element via a member of an initializer list.
@@ -294,7 +254,7 @@ newtype TTranslatedElement =
)
} or
// A local declaration
TTranslatedDeclarationEntry(LocalVariableDeclExpr entry)
TTranslatedDeclaration(LocalVariableDeclExpr entry)
/**
* Gets the index of the first explicitly initialized element in `initList`
@@ -361,7 +321,7 @@ abstract class TranslatedElement extends TTranslatedElement {
/**
* Get the immediate child elements of this element.
*/
final TranslatedElement getAChild() { result = getChild(_) }
final TranslatedElement getAChild() { result = this.getChild(_) }
/**
* Gets the immediate child element of this element. The `id` is unique
@@ -374,11 +334,11 @@ abstract class TranslatedElement extends TTranslatedElement {
* Gets the an identifier string for the element. This string is unique within
* the scope of the element's function.
*/
final string getId() { result = getUniqueId().toString() }
final string getId() { result = this.getUniqueId().toString() }
private TranslatedElement getChildByRank(int rankIndex) {
result = rank[rankIndex + 1](TranslatedElement child, int id |
child = getChild(id)
child = this.getChild(id)
|
child order by id
)
@@ -387,15 +347,15 @@ abstract class TranslatedElement extends TTranslatedElement {
language[monotonicAggregates]
private int getDescendantCount() {
result = 1 +
sum(TranslatedElement child | child = getChildByRank(_) | child.getDescendantCount())
sum(TranslatedElement child | child = this.getChildByRank(_) | child.getDescendantCount())
}
private int getUniqueId() {
if not exists(getParent())
if not exists(this.getParent())
then result = 0
else
exists(TranslatedElement parent |
parent = getParent() and
parent = this.getParent() and
if this = parent.getChildByRank(0)
then result = 1 + parent.getUniqueId()
else
@@ -553,7 +513,7 @@ abstract class TranslatedElement extends TTranslatedElement {
final IRTempVariable getTempVariable(TempVariableTag tag) {
result.getAST() = getAST() and
result.getTag() = tag and
hasTempVariable(tag, _)
this.hasTempVariable(tag, _)
}
/**

935
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/TranslatedExpr.qll
View File

File diff suppressed because it is too large Load Diff

99
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/TranslatedFunction.qll
View File

@@ -19,7 +19,7 @@ TranslatedFunction getTranslatedFunction(Callable callable) {
}
/**
* Represents the IR translation of a function. This is the root elements for
* Represents the IR translation of a function. This is the root element for
* all other elements associated with this function.
*/
class TranslatedFunction extends TranslatedElement,
@@ -46,9 +46,9 @@ class TranslatedFunction extends TranslatedElement,
}
override final TranslatedElement getChild(int id) {
id = -2 and result = getConstructorInitializer() or
id = -1 and result = getBody() or
id >= 0 and result = getParameter(id)
id = -2 and result = this.getConstructorInitializer() or
id = -1 and result = this.getBody() or
result = this.getParameter(id)
}
private final TranslatedConstructorInitializer getConstructorInitializer() {
@@ -66,7 +66,7 @@ class TranslatedFunction extends TranslatedElement,
}
override final Instruction getFirstInstruction() {
result = getInstruction(EnterFunctionTag())
result = this.getInstruction(EnterFunctionTag())
}
override final Instruction getInstructionSuccessor(InstructionTag tag,
@@ -75,67 +75,67 @@ class TranslatedFunction extends TranslatedElement,
(
(
tag = EnterFunctionTag() and
result = getInstruction(AliasedDefinitionTag())
result = this.getInstruction(AliasedDefinitionTag())
) or (
tag = AliasedDefinitionTag() and
result = getInstruction(UnmodeledDefinitionTag())
result = this.getInstruction(UnmodeledDefinitionTag())
) or
(
tag = UnmodeledDefinitionTag() and
if exists(getThisType()) then
result = getInstruction(InitializeThisTag())
result = this.getInstruction(InitializeThisTag())
else if exists(getParameter(0)) then
result = getParameter(0).getFirstInstruction()
result = this.getParameter(0).getFirstInstruction()
else
result = getBody().getFirstInstruction()
result = this.getBody().getFirstInstruction()
) or
(
tag = InitializeThisTag() and
if exists(getParameter(0)) then
result = getParameter(0).getFirstInstruction()
result = this.getParameter(0).getFirstInstruction()
else
if (exists(getConstructorInitializer())) then
result = getConstructorInitializer().getFirstInstruction()
result = this.getConstructorInitializer().getFirstInstruction()
else
result = getBody().getFirstInstruction()
result = this.getBody().getFirstInstruction()
) or
(
tag = ReturnValueAddressTag() and
result = getInstruction(ReturnTag())
result = this.getInstruction(ReturnTag())
) or
(
tag = ReturnTag() and
result = getInstruction(UnmodeledUseTag())
result = this.getInstruction(UnmodeledUseTag())
) or
(
tag = UnwindTag() and
result = getInstruction(UnmodeledUseTag())
result = this.getInstruction(UnmodeledUseTag())
) or
(
tag = UnmodeledUseTag() and
result = getInstruction(ExitFunctionTag())
result = this.getInstruction(ExitFunctionTag())
)
)
}
override final Instruction getChildSuccessor(TranslatedElement child) {
exists(int paramIndex |
child = getParameter(paramIndex) and
child = this.getParameter(paramIndex) and
if exists(callable.getParameter(paramIndex + 1)) then
result = getParameter(paramIndex + 1).getFirstInstruction()
result = this.getParameter(paramIndex + 1).getFirstInstruction()
else
if (exists(getConstructorInitializer())) then
result = getConstructorInitializer().getFirstInstruction()
result = this.getConstructorInitializer().getFirstInstruction()
else
result = getBody().getFirstInstruction()
result = this.getBody().getFirstInstruction()
) or
(
child = getConstructorInitializer() and
result = getBody().getFirstInstruction()
child = this.getConstructorInitializer() and
result = this.getBody().getFirstInstruction()
) or
(
child = getBody() and
result = getReturnSuccessorInstruction()
child = this.getBody() and
result = this.getReturnSuccessorInstruction()
)
}
@@ -169,7 +169,7 @@ class TranslatedFunction extends TranslatedElement,
(
tag = ReturnValueAddressTag() and
opcode instanceof Opcode::VariableAddress and
resultType = getReturnType() and
resultType = this.getReturnType() and
not resultType instanceof VoidType and
isLValue = true
) or
@@ -177,7 +177,7 @@ class TranslatedFunction extends TranslatedElement,
tag = ReturnTag() and
resultType instanceof VoidType and
isLValue = false and
if getReturnType() instanceof VoidType then
if this.getReturnType() instanceof VoidType then
opcode instanceof Opcode::ReturnVoid
else
opcode instanceof Opcode::ReturnValue
@@ -214,7 +214,7 @@ class TranslatedFunction extends TranslatedElement,
}
override final Instruction getExceptionSuccessorInstruction() {
result = getInstruction(UnwindTag())
result = this.getInstruction(UnwindTag())
}
override final Instruction getInstructionOperand(InstructionTag tag,
@@ -232,11 +232,11 @@ class TranslatedFunction extends TranslatedElement,
) or
(
tag = ReturnTag() and
not getReturnType() instanceof VoidType and
not this.getReturnType() instanceof VoidType and
(
(
operandTag instanceof AddressOperandTag and
result = getInstruction(ReturnValueAddressTag())
result = this.getInstruction(ReturnValueAddressTag())
) or
(
operandTag instanceof LoadOperandTag and
@@ -249,19 +249,19 @@ class TranslatedFunction extends TranslatedElement,
override final Type getInstructionOperandType(InstructionTag tag,
TypedOperandTag operandTag) {
tag = ReturnTag() and
not getReturnType() instanceof VoidType and
not this.getReturnType() instanceof VoidType and
operandTag instanceof LoadOperandTag and
result = getReturnType()
result = this.getReturnType()
}
override final IRVariable getInstructionVariable(InstructionTag tag) {
tag = ReturnValueAddressTag() and
result = getReturnVariable()
result = this.getReturnVariable()
}
override final predicate hasTempVariable(TempVariableTag tag, Type type) {
tag = ReturnValueTempVar() and
type = getReturnType() and
type = this.getReturnType() and
not type instanceof VoidType
}
@@ -270,10 +270,10 @@ class TranslatedFunction extends TranslatedElement,
* statement. In C#, this should be the instruction which generates `VariableAddress[#return]`.
*/
final Instruction getReturnSuccessorInstruction() {
if getReturnType() instanceof VoidType then
result = getInstruction(ReturnTag())
if this.getReturnType() instanceof VoidType then
result = this.getInstruction(ReturnTag())
else
result = getInstruction(ReturnValueAddressTag())
result = this.getInstruction(ReturnValueAddressTag())
}
/**
@@ -287,7 +287,7 @@ class TranslatedFunction extends TranslatedElement,
* Gets the single `UnmodeledDefinition` instruction for this function.
*/
final Instruction getUnmodeledDefinitionInstruction() {
result = getInstruction(UnmodeledDefinitionTag())
result = this.getInstruction(UnmodeledDefinitionTag())
}
/**
@@ -295,7 +295,7 @@ class TranslatedFunction extends TranslatedElement,
* if the function is an instance member function, constructor, or destructor.
*/
final Instruction getInitializeThisInstruction() {
result = getInstruction(InitializeThisTag())
result = this.getInstruction(InitializeThisTag())
}
/**
@@ -303,7 +303,18 @@ class TranslatedFunction extends TranslatedElement,
* Holds only if the function is an instance member function, constructor, or destructor.
*/
final Type getThisType() {
result = callable.getDeclaringType()
// `callable` is a user declared member and it is not static
(
callable instanceof Member and
not callable.(Member).isStatic() and
result = callable.getDeclaringType()
) or
// `callable` is a compiler generated accessor
(
callable instanceof Accessor and
not callable.(Accessor).isStatic() and
result = callable.getDeclaringType()
)
}
/**
@@ -361,7 +372,7 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter {
}
override final Instruction getFirstInstruction() {
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
}
override final TranslatedElement getChild(int id) {
@@ -374,11 +385,11 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter {
(
(
tag = InitializerVariableAddressTag() and
result = getInstruction(InitializerStoreTag())
result = this.getInstruction(InitializerStoreTag())
) or
(
tag = InitializerStoreTag() and
result = getParent().getChildSuccessor(this)
result = this.getParent().getChildSuccessor(this)
)
)
}
@@ -417,7 +428,7 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter {
(
(
operandTag instanceof AddressOperandTag and
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
)
)
}

238
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/TranslatedInitialization.qll
View File

@@ -62,7 +62,9 @@ abstract class TranslatedInitialization extends TranslatedElement, TTranslatedIn
* Gets the initialization context that describes the location being
* initialized.
*/
final InitializationContext getContext() { result = getParent() }
final InitializationContext getContext() {
result = this.getParent()
}
final TranslatedFunction getEnclosingFunction() {
result = getTranslatedFunction(expr.getEnclosingCallable())
@@ -74,17 +76,16 @@ abstract class TranslatedInitialization extends TranslatedElement, TTranslatedIn
*/
abstract class TranslatedListInitialization extends TranslatedInitialization, InitializationContext {
override Instruction getFirstInstruction() {
result = getChild(0).getFirstInstruction()
or
not exists(getChild(0)) and result = getParent().getChildSuccessor(this)
result = this.getChild(0).getFirstInstruction() or
not exists(this.getChild(0)) and result = this.getParent().getChildSuccessor(this)
}
override Instruction getChildSuccessor(TranslatedElement child) {
exists(int index |
child = getChild(index) and
if exists(getChild(index + 1))
then result = getChild(index + 1).getFirstInstruction()
else result = getParent().getChildSuccessor(this)
child = this.getChild(index) and
if exists(this.getChild(index + 1))
then result = this.getChild(index + 1).getFirstInstruction()
else result = this.getParent().getChildSuccessor(this)
)
}
@@ -96,27 +97,11 @@ abstract class TranslatedListInitialization extends TranslatedInitialization, In
final override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { none() }
override Instruction getTargetAddress() { result = getContext().getTargetAddress() }
override Instruction getTargetAddress() { result = this.getContext().getTargetAddress() }
override Type getTargetType() { result = getContext().getTargetType() }
override Type getTargetType() { result = this.getContext().getTargetType() }
}
///**
// * Represents the IR translation of an initialization of an object from an
// * initializer list.
// */
//class TranslatedObjectInitializerInitialization extends TranslatedListInitialization {
// override ObjectInitializer expr;
//
// override TranslatedElement getChild(int id) {
// exists(AssignExpr assign |
// result = getTranslatedExpr(assign) and
// expr.getAChild() = assign and
// assign.getIndex() = id
// )
// }
//}
/**
* Represents the IR translation of an initialization of an array from an
* initializer list.
@@ -148,37 +133,37 @@ class TranslatedDirectInitialization extends TranslatedInitialization {
not expr instanceof StringLiteral
}
override TranslatedElement getChild(int id) { id = 0 and result = getInitializer() }
override TranslatedElement getChild(int id) { id = 0 and result = this.getInitializer() }
override Instruction getFirstInstruction() { result = getInitializer().getFirstInstruction() }
override Instruction getFirstInstruction() { result = this.getInitializer().getFirstInstruction() }
override predicate hasInstruction(
Opcode opcode, InstructionTag tag, Type resultType, boolean isLValue
) {
tag = InitializerStoreTag() and
opcode instanceof Opcode::Store and
resultType = getContext().getTargetType() and
resultType = this.getContext().getTargetType() and
isLValue = false
}
override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) {
tag = InitializerStoreTag() and
result = getParent().getChildSuccessor(this) and
result = this.getParent().getChildSuccessor(this) and
kind instanceof GotoEdge
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getInitializer() and result = getInstruction(InitializerStoreTag())
child = this.getInitializer() and result = this.getInstruction(InitializerStoreTag())
}
override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) {
tag = InitializerStoreTag() and
(
operandTag instanceof AddressOperandTag and
result = getContext().getTargetAddress()
result = this.getContext().getTargetAddress()
or
operandTag instanceof StoreValueOperandTag and
result = getInitializer().getResult()
result = this.getInitializer().getResult()
)
}
@@ -196,8 +181,8 @@ class TranslatedObjectInitialization extends TranslatedInitialization,
override ObjectCreation expr;
override TranslatedElement getChild(int id) {
id = 0 and result = getConstructorCall() or
id = 1 and result = getInitializerExpr()
id = 0 and result = this.getConstructorCall() or
id = 1 and result = this.getInitializerExpr()
}
override predicate hasInstruction(
@@ -228,13 +213,13 @@ class TranslatedObjectInitialization extends TranslatedInitialization,
// crudely represent conversions. Could
// be useful to represent the whole chain of conversions
opcode instanceof Opcode::Convert and
resultType = getContext().getTargetType() and
resultType = this.getContext().getTargetType() and
isLValue = false
)
}
override final Instruction getFirstInstruction() {
result = getInstruction(NewObjTag())
result = this.getInstruction(NewObjTag())
}
override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) {
@@ -242,38 +227,38 @@ class TranslatedObjectInitialization extends TranslatedInitialization,
(
(
tag = NewObjTag() and
result = getConstructorCall().getFirstInstruction()
result = this.getConstructorCall().getFirstInstruction()
)
or
(
tag = InitializerStoreTag() and
result = getParent().getChildSuccessor(this)
result = this.getParent().getChildSuccessor(this)
)
or
(
tag = AssignmentConvertRightTag() and
result = getInstruction(InitializerStoreTag())
result = this.getInstruction(InitializerStoreTag())
)
)
}
override Instruction getChildSuccessor(TranslatedElement child) {
(
child = getConstructorCall() and
if (exists(getInitializerExpr())) then
result = getInitializerExpr().getFirstInstruction()
child = this.getConstructorCall() and
if (exists(this.getInitializerExpr())) then
result = this.getInitializerExpr().getFirstInstruction()
else
if needsConversion() then
result = getInstruction(AssignmentConvertRightTag())
if this.needsConversion() then
result = this.getInstruction(AssignmentConvertRightTag())
else
result = getInstruction(InitializerStoreTag())
result = this.getInstruction(InitializerStoreTag())
) or
(
child = getInitializerExpr() and
if (needsConversion()) then
result = getInstruction(AssignmentConvertRightTag())
child = this.getInitializerExpr() and
if this.needsConversion() then
result = this.getInstruction(AssignmentConvertRightTag())
else
result = getInstruction(InitializerStoreTag())
result = this.getInstruction(InitializerStoreTag())
)
}
@@ -283,21 +268,21 @@ class TranslatedObjectInitialization extends TranslatedInitialization,
(
(
operandTag instanceof AddressOperandTag and
result = getParent().(InitializationContext).getTargetAddress()
result = this.getParent().(InitializationContext).getTargetAddress()
) or
(
operandTag instanceof StoreValueOperandTag and
if (needsConversion()) then
result = getInstruction(AssignmentConvertRightTag())
result = this.getInstruction(AssignmentConvertRightTag())
else
result = getInstruction(NewObjTag())
result = this.getInstruction(NewObjTag())
)
)
) or
(
tag = AssignmentConvertRightTag() and
operandTag instanceof UnaryOperandTag and
result = getInstruction(NewObjTag())
result = this.getInstruction(NewObjTag())
)
}
@@ -311,17 +296,17 @@ class TranslatedObjectInitialization extends TranslatedInitialization,
override Instruction getReceiver() {
// The newly allocated object will be the target of the constructor call
result = getInstruction(NewObjTag())
result = this.getInstruction(NewObjTag())
}
private predicate needsConversion() {
expr.getType() != getContext().getTargetType()
expr.getType() != this.getContext().getTargetType()
}
}
private string getZeroValue(Type type) {
if type instanceof FloatingPointType then result = "0.0" else result = "0"
}
//private string getZeroValue(Type type) {
// if type instanceof FloatingPointType then result = "0.0" else result = "0"
//}
/**
* Represents the IR translation of the initialization of an array element from
@@ -340,7 +325,7 @@ abstract class TranslatedElementInitialization extends TranslatedElement {
final override Callable getFunction() { result = initList.getEnclosingCallable() }
final override Instruction getFirstInstruction() { result = getInstruction(getElementIndexTag()) }
final override Instruction getFirstInstruction() { result = this.getInstruction(getElementIndexTag()) }
override predicate hasInstruction(
Opcode opcode, InstructionTag tag, Type resultType, boolean isLValue
@@ -358,7 +343,7 @@ abstract class TranslatedElementInitialization extends TranslatedElement {
override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) {
tag = getElementIndexTag() and
result = getInstruction(getElementAddressTag()) and
result = this.getInstruction(getElementAddressTag()) and
kind instanceof GotoEdge
}
@@ -366,10 +351,10 @@ abstract class TranslatedElementInitialization extends TranslatedElement {
tag = getElementAddressTag() and
(
operandTag instanceof LeftOperandTag and
result = getParent().(InitializationContext).getTargetAddress()
result = this.getParent().(InitializationContext).getTargetAddress()
or
operandTag instanceof RightOperandTag and
result = getInstruction(getElementIndexTag())
result = this.getInstruction(getElementIndexTag())
)
}
@@ -405,7 +390,7 @@ class TranslatedExplicitElementInitialization extends TranslatedElementInitializ
this = TTranslatedExplicitElementInitialization(initList, elementIndex)
}
override Instruction getTargetAddress() { result = getInstruction(getElementAddressTag()) }
override Instruction getTargetAddress() { result = this.getInstruction(getElementAddressTag()) }
override Type getTargetType() { result = getElementType() }
@@ -413,15 +398,15 @@ class TranslatedExplicitElementInitialization extends TranslatedElementInitializ
result = TranslatedElementInitialization.super.getInstructionSuccessor(tag, kind)
or
tag = getElementAddressTag() and
result = getInitialization().getFirstInstruction() and
result = this.getInitialization().getFirstInstruction() and
kind instanceof GotoEdge
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getInitialization() and result = getParent().getChildSuccessor(this)
child = this.getInitialization() and result = this.getParent().getChildSuccessor(this)
}
override TranslatedElement getChild(int id) { id = 0 and result = getInitialization() }
override TranslatedElement getChild(int id) { id = 0 and result = this.getInitialization() }
override int getElementIndex() { result = elementIndex }
@@ -430,101 +415,6 @@ class TranslatedExplicitElementInitialization extends TranslatedElementInitializ
}
}
/**
* Represents the IR translation of the initialization of a range of array
* elements without corresponding elements in the initializer list.
*/
class TranslatedElementValueInitialization extends TranslatedElementInitialization,
TTranslatedElementValueInitialization {
int elementIndex;
int elementCount;
TranslatedElementValueInitialization() {
this = TTranslatedElementValueInitialization(initList, elementIndex, elementCount)
}
override predicate hasInstruction(
Opcode opcode, InstructionTag tag, Type resultType, boolean isLValue
) {
TranslatedElementInitialization.super.hasInstruction(opcode, tag, resultType, isLValue)
or
tag = getElementDefaultValueTag() and
opcode instanceof Opcode::Constant and
resultType = getDefaultValueType() and
isLValue = false
or
tag = getElementDefaultValueStoreTag() and
opcode instanceof Opcode::Store and
resultType = getDefaultValueType() and
isLValue = false
}
override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) {
result = TranslatedElementInitialization.super.getInstructionSuccessor(tag, kind)
or
kind instanceof GotoEdge and
(
tag = getElementAddressTag() and
result = getInstruction(getElementDefaultValueTag())
or
tag = getElementDefaultValueTag() and
result = getInstruction(getElementDefaultValueStoreTag())
or
tag = getElementDefaultValueStoreTag() and
result = getParent().getChildSuccessor(this)
)
}
override string getInstructionConstantValue(InstructionTag tag) {
result = TranslatedElementInitialization.super.getInstructionConstantValue(tag)
or
tag = getElementDefaultValueTag() and
result = getZeroValue(getElementType())
}
override int getInstructionResultSize(InstructionTag tag) {
elementCount > 1 and
(
tag = getElementDefaultValueTag() or
tag = getElementDefaultValueStoreTag()
) and
// TODO: Memory model C#
result = 8 //elementCount * getElementType().getSize()
}
override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) {
result = TranslatedElementInitialization.super.getInstructionOperand(tag, operandTag)
or
tag = getElementDefaultValueStoreTag() and
(
operandTag instanceof AddressOperandTag and
result = getInstruction(getElementAddressTag())
or
operandTag instanceof StoreValueOperandTag and
result = getInstruction(getElementDefaultValueTag())
)
}
override Instruction getChildSuccessor(TranslatedElement child) { none() }
override TranslatedElement getChild(int id) { none() }
override int getElementIndex() { result = elementIndex }
private InstructionTag getElementDefaultValueTag() {
result = InitializerElementDefaultValueTag(elementIndex)
}
private InstructionTag getElementDefaultValueStoreTag() {
result = InitializerElementDefaultValueStoreTag(elementIndex)
}
private Type getDefaultValueType() {
if elementCount = 1 then result = getElementType() else result instanceof UnknownType
}
}
// TODO: Possibly refactor into something simpler
abstract class TranslatedConstructorCallFromConstructor extends TranslatedElement, StructorCallContext {
Call call;
@@ -534,17 +424,17 @@ abstract class TranslatedConstructorCallFromConstructor extends TranslatedElemen
}
final override TranslatedElement getChild(int id) {
id = 0 and result = getStructorCall()
id = 0 and result = this.getConstructorCall()
}
final override Callable getFunction() { result = call.getEnclosingCallable() }
final override Instruction getChildSuccessor(TranslatedElement child) {
child = getStructorCall() and
result = getParent().getChildSuccessor(this)
child = this.getConstructorCall() and
result = this.getParent().getChildSuccessor(this)
}
final TranslatedExpr getStructorCall() { result = getTranslatedExpr(call) }
final TranslatedExpr getConstructorCall() { result = getTranslatedExpr(call) }
}
@@ -569,15 +459,15 @@ class TranslatedConstructorInitializer extends TranslatedConstructorCallFromCons
override Instruction getFirstInstruction() {
if (needsConversion()) then
result = getInstruction(OnlyInstructionTag())
result = this.getInstruction(OnlyInstructionTag())
else
result = getStructorCall().getFirstInstruction()
result = this.getConstructorCall().getFirstInstruction()
}
override predicate hasInstruction(
Opcode opcode, InstructionTag tag, Type resultType, boolean isLValue
) {
needsConversion() and
this.needsConversion() and
tag = OnlyInstructionTag() and
opcode instanceof Opcode::Convert and
resultType = call.getTarget().getDeclaringType() and
@@ -587,12 +477,12 @@ class TranslatedConstructorInitializer extends TranslatedConstructorCallFromCons
override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) {
tag = OnlyInstructionTag() and
kind instanceof GotoEdge and
result = getStructorCall().getFirstInstruction()
result = this.getConstructorCall().getFirstInstruction()
}
override Instruction getReceiver() {
if (needsConversion()) then
result = getInstruction(OnlyInstructionTag())
if this.needsConversion() then
result = this.getInstruction(OnlyInstructionTag())
else
result = getTranslatedFunction(getFunction()).getInitializeThisInstruction()
}
@@ -604,7 +494,7 @@ class TranslatedConstructorInitializer extends TranslatedConstructorCallFromCons
}
predicate needsConversion() {
call.getTarget().getDeclaringType() != getFunction().getDeclaringType()
call.getTarget().getDeclaringType() != this.getFunction().getDeclaringType()
}
override predicate getInstructionInheritance(
@@ -612,6 +502,6 @@ class TranslatedConstructorInitializer extends TranslatedConstructorCallFromCons
) {
tag = OnlyInstructionTag() and
baseClass = call.getTarget().getDeclaringType() and
derivedClass = getFunction().getDeclaringType()
derivedClass = this.getFunction().getDeclaringType()
}
}

246
csharp/ql/src/semmle/code/csharp/ir/implementation/raw/internal/TranslatedStmt.qll
View File

@@ -3,7 +3,7 @@ private import semmle.code.csharp.ir.internal.TempVariableTag
private import semmle.code.csharp.ir.implementation.internal.OperandTag
private import InstructionTag
private import TranslatedCondition
private import TranslatedDeclarationEntry
private import TranslatedDeclaration
private import TranslatedElement
private import TranslatedExpr
private import TranslatedFunction
@@ -47,7 +47,7 @@ class TranslatedEmptyStmt extends TranslatedStmt {
}
override Instruction getFirstInstruction() {
result = getInstruction(OnlyInstructionTag())
result = this.getInstruction(OnlyInstructionTag())
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -61,7 +61,7 @@ class TranslatedEmptyStmt extends TranslatedStmt {
override Instruction getInstructionSuccessor(InstructionTag tag,
EdgeKind kind) {
tag = OnlyInstructionTag() and
result = getParent().getChildSuccessor(this) and
result = this.getParent().getChildSuccessor(this) and
kind instanceof GotoEdge
}
@@ -74,7 +74,7 @@ class TranslatedDeclStmt extends TranslatedStmt {
override LocalVariableDeclStmt stmt;
override TranslatedElement getChild(int id) {
result = getLocalDeclaration(id)
result = this.getLocalDeclaration(id)
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -83,7 +83,7 @@ class TranslatedDeclStmt extends TranslatedStmt {
}
override Instruction getFirstInstruction() {
result = getLocalDeclaration(0).getFirstInstruction() //REVIEW: Empty?
result = this.getLocalDeclaration(0).getFirstInstruction()
}
private int getChildCount() {
@@ -101,11 +101,11 @@ class TranslatedDeclStmt extends TranslatedStmt {
override Instruction getChildSuccessor(TranslatedElement child) {
exists(int index |
child = getLocalDeclaration(index) and
child = this.getLocalDeclaration(index) and
if index = (getChildCount() - 1) then
result = getParent().getChildSuccessor(this)
result = this.getParent().getChildSuccessor(this)
else
result = getLocalDeclaration(index + 1).getFirstInstruction()
result = this.getLocalDeclaration(index + 1).getFirstInstruction()
)
}
}
@@ -118,7 +118,7 @@ class TranslatedExprStmt extends TranslatedStmt {
}
override TranslatedElement getChild(int id) {
id = 0 and result = getExpr()
id = 0 and result = this.getExpr()
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -127,7 +127,7 @@ class TranslatedExprStmt extends TranslatedStmt {
}
override Instruction getFirstInstruction() {
result = getExpr().getFirstInstruction()
result = this.getExpr().getFirstInstruction()
}
override Instruction getInstructionSuccessor(InstructionTag tag,
@@ -136,8 +136,8 @@ class TranslatedExprStmt extends TranslatedStmt {
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getExpr() and
result = getParent().getChildSuccessor(this)
child = this.getExpr() and
result = this.getParent().getChildSuccessor(this)
}
}
@@ -161,11 +161,11 @@ class TranslatedExprStmtAccessorSet extends TranslatedExprStmt {
}
override TranslatedElement getChild(int id) {
id = 0 and result = getExpr()
id = 0 and result = this.getExpr()
}
override Instruction getFirstInstruction() {
result = getExpr().getFirstInstruction()
result = this.getExpr().getFirstInstruction()
}
override Instruction getInstructionSuccessor(InstructionTag tag,
@@ -174,8 +174,8 @@ class TranslatedExprStmtAccessorSet extends TranslatedExprStmt {
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getExpr() and
result = getParent().getChildSuccessor(this)
child = this.getExpr() and
result = this.getParent().getChildSuccessor(this)
}
}
@@ -194,44 +194,44 @@ class TranslatedReturnValueStmt extends TranslatedReturnStmt,
}
override TranslatedElement getChild(int id) {
id = 0 and result = getInitialization()
id = 0 and result = this.getInitialization()
}
override Instruction getFirstInstruction() {
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
Type resultType, boolean isLValue) {
tag = InitializerVariableAddressTag() and
opcode instanceof Opcode::VariableAddress and
resultType = getEnclosingFunction().getReturnVariable().getType() and
resultType = this.getEnclosingFunction().getReturnVariable().getType() and
isLValue = true
}
override Instruction getInstructionSuccessor(InstructionTag tag,
EdgeKind kind) {
tag = InitializerVariableAddressTag() and
result = getInitialization().getFirstInstruction() and
result = this.getInitialization().getFirstInstruction() and
kind instanceof GotoEdge
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getInitialization() and
result = getEnclosingFunction().getReturnSuccessorInstruction()
child = this.getInitialization() and
result = this.getEnclosingFunction().getReturnSuccessorInstruction()
}
override IRVariable getInstructionVariable(InstructionTag tag) {
tag = InitializerVariableAddressTag() and
result = getEnclosingFunction().getReturnVariable()
result = this.getEnclosingFunction().getReturnVariable()
}
override Instruction getTargetAddress() {
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
}
override Type getTargetType() {
result = getEnclosingFunction().getReturnVariable().getType()
result = this.getEnclosingFunction().getReturnVariable().getType()
}
TranslatedInitialization getInitialization() {
@@ -250,7 +250,7 @@ class TranslatedReturnVoidStmt extends TranslatedReturnStmt {
}
override Instruction getFirstInstruction() {
result = getInstruction(OnlyInstructionTag())
result = this.getInstruction(OnlyInstructionTag())
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -264,7 +264,7 @@ class TranslatedReturnVoidStmt extends TranslatedReturnStmt {
override Instruction getInstructionSuccessor(InstructionTag tag,
EdgeKind kind) {
tag = OnlyInstructionTag() and
result = getEnclosingFunction().getReturnSuccessorInstruction() and
result = this.getEnclosingFunction().getReturnSuccessorInstruction() and
kind instanceof GotoEdge
}
@@ -282,9 +282,9 @@ class TranslatedTryStmt extends TranslatedStmt {
override TryStmt stmt;
override TranslatedElement getChild(int id) {
id = 0 and result = getBody() or
id = 1 and result = getFinally() or
result = getCatchClause(id - 2)
id = 0 and result = this.getBody() or
id = 1 and result = this.getFinally() or
result = this.getCatchClause(id - 2)
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -298,31 +298,31 @@ class TranslatedTryStmt extends TranslatedStmt {
}
override Instruction getFirstInstruction() {
result = getBody().getFirstInstruction()
result = this.getBody().getFirstInstruction()
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getCatchClause(_) and result = getFinally().getFirstInstruction() or
child = getBody() and result = getFinally().getFirstInstruction() or
child = getFinally() and result = getParent().getChildSuccessor(this)
child = this.getCatchClause(_) and result = this.getFinally().getFirstInstruction() or
child = this.getBody() and result = this.getFinally().getFirstInstruction() or
child = this.getFinally() and result = this.getParent().getChildSuccessor(this)
}
final Instruction getNextHandler(TranslatedClause clause) {
exists(int index |
clause = getCatchClause(index) and
result = getCatchClause(index + 1).getFirstInstruction()
clause = this.getCatchClause(index) and
result = this.getCatchClause(index + 1).getFirstInstruction()
) or
(
// The last catch clause flows to the exception successor of the parent
// of the `try`, because the exception successor of the `try` itself is
// the first catch clause.
clause = getCatchClause(count(stmt.getACatchClause()) - 1) and
result = getParent().getExceptionSuccessorInstruction()
clause = this.getCatchClause(count(stmt.getACatchClause()) - 1) and
result = this.getParent().getExceptionSuccessorInstruction()
)
}
override final Instruction getExceptionSuccessorInstruction() {
result = getCatchClause(0).getFirstInstruction()
result = this.getCatchClause(0).getFirstInstruction()
}
private TranslatedClause getCatchClause(int index) {
@@ -342,7 +342,7 @@ class TranslatedBlock extends TranslatedStmt {
override BlockStmt stmt;
override TranslatedElement getChild(int id) {
result = getStmt(id)
result = this.getStmt(id)
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -356,13 +356,13 @@ class TranslatedBlock extends TranslatedStmt {
override Instruction getFirstInstruction() {
if isEmpty() then
result = getInstruction(OnlyInstructionTag())
result = this.getInstruction(OnlyInstructionTag())
else
result = getStmt(0).getFirstInstruction()
result = this.getStmt(0).getFirstInstruction()
}
private predicate isEmpty() {
not exists(stmt.getStmt(0))
stmt.isEmpty()
}
private TranslatedStmt getStmt(int index) {
@@ -376,17 +376,17 @@ class TranslatedBlock extends TranslatedStmt {
override Instruction getInstructionSuccessor(InstructionTag tag,
EdgeKind kind) {
tag = OnlyInstructionTag() and
result = getParent().getChildSuccessor(this) and
result = this.getParent().getChildSuccessor(this) and
kind instanceof GotoEdge
}
override Instruction getChildSuccessor(TranslatedElement child) {
exists(int index |
child = getStmt(index) and
child = this.getStmt(index) and
if index = (getStmtCount() - 1) then
result = getParent().getChildSuccessor(this)
result = this.getParent().getChildSuccessor(this)
else
result = getStmt(index + 1).getFirstInstruction()
result = this.getStmt(index + 1).getFirstInstruction()
)
}
}
@@ -398,21 +398,21 @@ abstract class TranslatedClause extends TranslatedStmt {
override CatchClause stmt;
override TranslatedElement getChild(int id) {
id = 1 and result = getBlock()
id = 1 and result = this.getBlock()
}
override Instruction getFirstInstruction() {
result = getInstruction(CatchTag())
result = this.getInstruction(CatchTag())
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getBlock() and result = getParent().getChildSuccessor(this)
child = this.getBlock() and result = this.getParent().getChildSuccessor(this)
}
override Instruction getExceptionSuccessorInstruction() {
// A throw from within a `catch` block flows to the handler for the parent of
// the `try`.
result = getParent().getParent().getExceptionSuccessorInstruction()
result = this.getParent().getParent().getExceptionSuccessorInstruction()
}
TranslatedStmt getBlock() {
@@ -444,7 +444,7 @@ class TranslatedCatchByTypeClause extends TranslatedClause {
override Instruction getChildSuccessor(TranslatedElement child) {
result = super.getChildSuccessor(child) or
child = getParameter() and result = getBlock().getFirstInstruction()
child = getParameter() and result = this.getBlock().getFirstInstruction()
}
override Instruction getInstructionSuccessor(InstructionTag tag,
@@ -457,7 +457,7 @@ class TranslatedCatchByTypeClause extends TranslatedClause {
) or
(
kind instanceof ExceptionEdge and
result = getParent().(TranslatedTryStmt).getNextHandler(this)
result = this.getParent().(TranslatedTryStmt).getNextHandler(this)
)
)
}
@@ -492,7 +492,7 @@ class TranslatedGeneralCatchClause extends TranslatedClause {
EdgeKind kind) {
tag = CatchTag() and
kind instanceof GotoEdge and
result = getBlock().getFirstInstruction()
result = this.getBlock().getFirstInstruction()
}
}
@@ -509,11 +509,11 @@ class TranslatedThrowExceptionStmt extends TranslatedStmt, InitializationContext
}
override TranslatedElement getChild(int id) {
id = 0 and result = getInitialization()
id = 0 and result = this.getInitialization()
}
override Instruction getFirstInstruction() {
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -528,7 +528,7 @@ class TranslatedThrowExceptionStmt extends TranslatedStmt, InitializationContext
(
tag = InitializerVariableAddressTag() and
opcode instanceof Opcode::VariableAddress and
resultType = getExceptionType() and
resultType = this.getExceptionType() and
isLValue = true
)
}
@@ -538,19 +538,19 @@ class TranslatedThrowExceptionStmt extends TranslatedStmt, InitializationContext
(
tag = ThrowTag() and
kind instanceof ExceptionEdge and
result = getParent().getExceptionSuccessorInstruction()
result = this.getParent().getExceptionSuccessorInstruction()
)
or
(
tag = InitializerVariableAddressTag() and
result = getInitialization().getFirstInstruction() and
result = this.getInitialization().getFirstInstruction() and
kind instanceof GotoEdge
)
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getInitialization() and
result = getInstruction(ThrowTag())
child = this.getInitialization() and
result = this.getInstruction(ThrowTag())
}
override IRVariable getInstructionVariable(InstructionTag tag) {
@@ -561,7 +561,7 @@ class TranslatedThrowExceptionStmt extends TranslatedStmt, InitializationContext
override final predicate hasTempVariable(TempVariableTag tag, Type type) {
tag = ThrowTempVar() and
type = getExceptionType()
type = this.getExceptionType()
}
override final Instruction getInstructionOperand(InstructionTag tag,
@@ -570,7 +570,7 @@ class TranslatedThrowExceptionStmt extends TranslatedStmt, InitializationContext
(
(
operandTag instanceof AddressOperandTag and
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
) or
(
operandTag instanceof LoadOperandTag and
@@ -583,15 +583,15 @@ class TranslatedThrowExceptionStmt extends TranslatedStmt, InitializationContext
TypedOperandTag operandTag) {
tag = ThrowTag() and
operandTag instanceof LoadOperandTag and
result = getExceptionType()
result = this.getExceptionType()
}
override Instruction getTargetAddress() {
result = getInstruction(InitializerVariableAddressTag())
result = this.getInstruction(InitializerVariableAddressTag())
}
override Type getTargetType() {
result = getExceptionType()
result = this.getExceptionType()
}
TranslatedInitialization getInitialization() {
@@ -619,7 +619,7 @@ class TranslatedEmptyThrowStmt extends TranslatedStmt {
}
override Instruction getFirstInstruction() {
result = getInstruction(ThrowTag())
result = this.getInstruction(ThrowTag())
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -634,7 +634,7 @@ class TranslatedEmptyThrowStmt extends TranslatedStmt {
EdgeKind kind) {
tag = ThrowTag() and
kind instanceof ExceptionEdge and
result = getParent().getExceptionSuccessorInstruction()
result = this.getParent().getExceptionSuccessorInstruction()
}
override Instruction getChildSuccessor(TranslatedElement child) {
@@ -647,13 +647,13 @@ class TranslatedIfStmt extends TranslatedStmt, ConditionContext {
override Instruction getFirstInstruction() {
result = getCondition().getFirstInstruction()
result = this.getCondition().getFirstInstruction()
}
override TranslatedElement getChild(int id) {
id = 0 and result = getCondition() or
id = 1 and result = getThen() or
id = 2 and result = getElse()
id = 0 and result = this.getCondition() or
id = 1 and result = this.getThen() or
id = 2 and result = this.getElse()
}
private TranslatedCondition getCondition() {
@@ -678,21 +678,21 @@ class TranslatedIfStmt extends TranslatedStmt, ConditionContext {
}
override Instruction getChildTrueSuccessor(TranslatedCondition child) {
child = getCondition() and
result = getThen().getFirstInstruction()
child = this.getCondition() and
result = this.getThen().getFirstInstruction()
}
override Instruction getChildFalseSuccessor(TranslatedCondition child) {
child = getCondition() and
if hasElse() then
result = getElse().getFirstInstruction()
child = this.getCondition() and
if this.hasElse() then
result = this.getElse().getFirstInstruction()
else
result = getParent().getChildSuccessor(this)
result = this.getParent().getChildSuccessor(this)
}
override Instruction getChildSuccessor(TranslatedElement child) {
(child = getThen() or child = getElse()) and
result = getParent().getChildSuccessor(this)
(child = this.getThen() or child = this.getElse()) and
result = this.getParent().getChildSuccessor(this)
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -716,7 +716,7 @@ abstract class TranslatedLoop extends TranslatedStmt, ConditionContext {
if hasCondition() then
result = getCondition().getFirstInstruction()
else
result = getBody().getFirstInstruction()
result = this.getBody().getFirstInstruction()
}
final predicate hasCondition() {
@@ -724,8 +724,8 @@ abstract class TranslatedLoop extends TranslatedStmt, ConditionContext {
}
override TranslatedElement getChild(int id) {
id = 0 and result = getCondition() or
id = 1 and result = getBody()
id = 0 and result = this.getCondition() or
id = 1 and result = this.getBody()
}
override predicate hasInstruction(Opcode opcode, InstructionTag tag,
@@ -739,11 +739,11 @@ abstract class TranslatedLoop extends TranslatedStmt, ConditionContext {
}
override final Instruction getChildTrueSuccessor(TranslatedCondition child) {
child = getCondition() and result = getBody().getFirstInstruction()
child = this.getCondition() and result = this.getBody().getFirstInstruction()
}
override final Instruction getChildFalseSuccessor(TranslatedCondition child) {
child = getCondition() and result = getParent().getChildSuccessor(this)
child = this.getCondition() and result = this.getParent().getChildSuccessor(this)
}
}
@@ -753,11 +753,11 @@ class TranslatedWhileStmt extends TranslatedLoop {
}
override Instruction getFirstInstruction() {
result = getFirstConditionInstruction()
result = this.getFirstConditionInstruction()
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getBody() and result = getFirstConditionInstruction()
child = this.getBody() and result = this.getFirstConditionInstruction()
}
}
@@ -767,11 +767,11 @@ class TranslatedDoStmt extends TranslatedLoop {
}
override Instruction getFirstInstruction() {
result = getBody().getFirstInstruction()
result = this.getBody().getFirstInstruction()
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getBody() and result = getFirstConditionInstruction()
child = this.getBody() and result = this.getFirstConditionInstruction()
}
}
@@ -779,10 +779,10 @@ class TranslatedForStmt extends TranslatedLoop {
override ForStmt stmt;
override TranslatedElement getChild(int id) {
id = 0 and result = getDeclAndInit() or
id = 1 and result = getCondition() or
id = 2 and result = getUpdate() or
id = 3 and result = getBody()
id = 0 and result = this.getDeclAndInit() or
id = 1 and result = this.getCondition() or
id = 2 and result = this.getUpdate() or
id = 3 and result = this.getBody()
}
private TranslatedLocalDeclaration getDeclAndInit() {
@@ -802,25 +802,25 @@ class TranslatedForStmt extends TranslatedLoop {
}
override Instruction getFirstInstruction() {
if hasInitialization() then
result = getDeclAndInit().getFirstInstruction()
if this.hasInitialization() then
result = this.getDeclAndInit().getFirstInstruction()
else
result = getFirstConditionInstruction()
result = this.getFirstConditionInstruction()
}
override Instruction getChildSuccessor(TranslatedElement child) {
(
child = getDeclAndInit() and
result = getFirstConditionInstruction()
child = this.getDeclAndInit() and
result = this.getFirstConditionInstruction()
) or
(
child = getBody() and
if hasUpdate() then
result = getUpdate().getFirstInstruction()
child = this.getBody() and
if this.hasUpdate() then
result = this.getUpdate().getFirstInstruction()
else
result = getFirstConditionInstruction()
result = this.getFirstConditionInstruction()
) or
child = getUpdate() and result = getFirstConditionInstruction()
child = this.getUpdate() and result = this.getFirstConditionInstruction()
}
}
@@ -829,7 +829,7 @@ class TranslatedForStmt extends TranslatedLoop {
*/
abstract class TranslatedSpecificJump extends TranslatedStmt {
override Instruction getFirstInstruction() {
result = getInstruction(OnlyInstructionTag())
result = this.getInstruction(OnlyInstructionTag())
}
override TranslatedElement getChild(int id) {
@@ -861,14 +861,14 @@ class TranslatedBreakStmt extends TranslatedSpecificJump {
EdgeKind kind) {
tag = OnlyInstructionTag() and
kind instanceof GotoEdge and
result = getEnclosingLoopOrSwitchNextInstr(stmt)
result = this.getEnclosingLoopOrSwitchNextInstr(stmt)
}
private Instruction getEnclosingLoopOrSwitchNextInstr(Stmt crtStmt) {
if (crtStmt instanceof LoopStmt or crtStmt instanceof SwitchStmt) then
result = getTranslatedStmt(crtStmt).getParent().getChildSuccessor(getTranslatedStmt(crtStmt))
else
result = getEnclosingLoopOrSwitchNextInstr(crtStmt.getParent())
result = this.getEnclosingLoopOrSwitchNextInstr(crtStmt.getParent())
}
}
@@ -890,7 +890,7 @@ class TranslatedGotoCaseStmt extends TranslatedSpecificJump {
EdgeKind kind) {
tag = OnlyInstructionTag() and
kind instanceof GotoEdge and
result = getCase(stmt, stmt.getExpr()).getFirstInstruction()
result = this.getCase(stmt, stmt.getExpr()).getFirstInstruction()
}
private TranslatedStmt getCase(Stmt crtStmt, Expr expr) {
@@ -903,7 +903,7 @@ class TranslatedGotoCaseStmt extends TranslatedSpecificJump {
result = getTranslatedStmt(caseStmt)
)
else
result = getCase(crtStmt.getParent(), expr)
result = this.getCase(crtStmt.getParent(), expr)
}
}
@@ -924,7 +924,7 @@ class TranslatedGotoDefaultStmt extends TranslatedSpecificJump {
result = getTranslatedStmt(caseStmt)
)
else
result = getDefaultCase(crtStmt.getParent())
result = this.getDefaultCase(crtStmt.getParent())
}
}
@@ -936,7 +936,7 @@ class TranslatedSwitchStmt extends TranslatedStmt {
}
override Instruction getFirstInstruction() {
result = getSwitchExpr().getFirstInstruction()
result = this.getSwitchExpr().getFirstInstruction()
}
override TranslatedElement getChild(int id) {
@@ -963,9 +963,19 @@ class TranslatedSwitchStmt extends TranslatedStmt {
OperandTag operandTag) {
tag = SwitchBranchTag() and
operandTag instanceof ConditionOperandTag and
result = getSwitchExpr().getResult()
result = this.getSwitchExpr().getResult()
}
override Instruction getInstructionSuccessor(InstructionTag tag,
EdgeKind kind) {
tag = SwitchBranchTag() and
exists(CaseStmt caseStmt |
caseStmt = stmt.getACase() and
kind = this.getCaseEdge(caseStmt) and
result = getTranslatedStmt(caseStmt).getFirstInstruction()
)
}
private EdgeKind getCaseEdge(CaseStmt caseStmt) {
if caseStmt instanceof DefaultCase then
result instanceof DefaultEdge
@@ -975,24 +985,14 @@ class TranslatedSwitchStmt extends TranslatedStmt {
hasCaseEdge(caseStmt, edge.getMinValue(), edge.getMinValue())
)
}
override Instruction getInstructionSuccessor(InstructionTag tag,
EdgeKind kind) {
tag = SwitchBranchTag() and
exists(CaseStmt caseStmt |
caseStmt = stmt.getACase() and
kind = getCaseEdge(caseStmt) and
result = getTranslatedStmt(caseStmt).getFirstInstruction()
)
}
override Instruction getChildSuccessor(TranslatedElement child) {
child = getSwitchExpr() and result = getInstruction(SwitchBranchTag()) or
child = this.getSwitchExpr() and result = this.getInstruction(SwitchBranchTag()) or
exists(int index, int numStmts |
numStmts = count(stmt.getAChild()) and
child = getTranslatedStmt(stmt.getChild(index)) and
if index = (numStmts - 1) then
result = getParent().getChildSuccessor(this)
result = this.getParent().getChildSuccessor(this)
else
result = getTranslatedStmt(stmt.getChild(index + 1)).getFirstInstruction()
)

7
csharp/ql/src/semmle/code/csharp/ir/internal/IRCSharpLanguage.qll
View File

@@ -6,7 +6,6 @@ class Location = CSharp::Location;
class AST = CSharp::Element;
class Type = CSharp::Type;
//REVIEW: This might not exist in the database.
class UnknownType = CSharp::NullType;
class VoidType = CSharp::VoidType;
class IntegralType = CSharp::IntegralType;
@@ -54,12 +53,10 @@ class Field = CSharp::Field;
// TODO: Remove necessity for these.
class Expr = CSharp::Expr;
class Class = CSharp::RefType; // Used for inheritance conversions
class Class = CSharp::ValueOrRefType; // Used for inheritance conversions
string getIdentityString(Function func) {
// REVIEW: Is this enough to make it unique?
// result = func.getQualifiedName()
result = func.getName()
result = func.getLabel()
}
predicate hasCaseEdge(string minValue, string maxValue) {

15
csharp/ql/src/semmle/code/csharp/ir/internal/TIRVariable.qll
View File

@@ -2,25 +2,14 @@ private import csharp
private import semmle.code.csharp.ir.implementation.TempVariableTag
private import semmle.code.csharp.ir.implementation.raw.internal.IRConstruction as Construction
private import semmle.code.csharp.ir.Util
private import IRCSharpLanguage as Language
newtype TIRVariable =
TIRAutomaticUserVariable(LocalScopeVariable var, Callable callable) {
Construction::functionHasIR(callable) and
var.getCallable() = callable
} or
TIRStaticUserVariable(Variable var, Callable callable) {
Construction::functionHasIR(callable) and
// TODO: CHECK FOR CORRESPONDENCE HERE
// (
// var instanceof GlobalOrNamespaceVariable or
// var instanceof MemberVariable and not var instanceof Field
// ) and
exists(VariableAccess access |
access.getTarget() = var and
access.getEnclosingCallable() = callable
)
} or
TIRTempVariable(Callable callable, Locatable ast, TempVariableTag tag, Type type) {
TIRTempVariable(Callable callable, Language::AST ast, TempVariableTag tag, Type type) {
Construction::hasTempVariable(callable, ast, tag, type)
}

6
csharp/ql/test/library-tests/ir/ir/array.cs
View File

@@ -1,12 +1,14 @@
public class ArrayTest {
public void one_dim_init_acc() {
public void one_dim_init_acc()
{
int[] one_dim = {100, 101, 102};
one_dim[0] = 1000;
one_dim[1] = one_dim[0];
one_dim[1] = 1003;
}
public void twod_and_init_acc() {
public void twod_and_init_acc()
{
int[,] a = { {100, 101}, {102, 103} };
int[,] b = new int[5, 5];
int[,] c = new int[2, 2] { {100, 101}, {102, 103} };

14
csharp/ql/test/library-tests/ir/ir/casts.cs
View File

@@ -1,13 +1,15 @@
public class Casts_A {
public class Casts_A
{
}
public class Casts_B : Casts_A {
public class Casts_B : Casts_A
{
}
public class Casts {
public static void Main() {
public class Casts
{
public static void Main()
{
Casts_A Aobj = new Casts_A();
Casts_B bobjCE = (Casts_B) Aobj;
Casts_B bobjAS = Aobj as Casts_B;

2
csharp/ql/test/library-tests/ir/ir/constructor_init.cs
View File

@@ -28,7 +28,7 @@ public class DerivedClass : BaseClass
static void Main()
{
DerivedClass obj1= new DerivedClass();
DerivedClass obj1 = new DerivedClass();
DerivedClass obj2 = new DerivedClass(1);
DerivedClass obj3 = new DerivedClass(1, 2);
}

6
csharp/ql/test/library-tests/ir/ir/crement.cs
View File

@@ -1,5 +1,7 @@
class CrementOpsTest {
public static void Main() {
class CrementOpsTest
{
public static void Main()
{
int x = 10;
int a = x++;
int b = --x;

9
csharp/ql/test/library-tests/ir/ir/func_with_param_call.cs
View File

@@ -1,11 +1,14 @@
using System;
public class test_call_with_param {
public static int f(int x, int y) {
public class test_call_with_param
{
public static int f(int x, int y)
{
return x + y;
}
public static int g() {
public static int g()
{
return f(2, 3);
}
}

19
csharp/ql/test/library-tests/ir/ir/isexpr.cs
View File

@@ -1,17 +1,22 @@
public class Is_A {
public class Is_A
{
public int x;
}
public class IsExpr {
public static void Main() {
public class IsExpr
{
public static void Main()
{
Is_A obj = null;
object o = obj;
if (o is Is_A tmp) {
if (o is Is_A tmp)
{
int res = tmp.x;
}
// if (o is Is_A) {
//
// }
if (o is Is_A)
{
}
}
}

15
csharp/ql/test/library-tests/ir/ir/obj_creation.cs
View File

@@ -1,16 +1,21 @@
public class ObjCreation {
public class MyClass {
public class ObjCreation
{
public class MyClass
{
public int x;
public MyClass() {
public MyClass()
{
}
public MyClass(int _x) {
public MyClass(int _x)
{
x = _x;
}
}
public static void Main() {
public static void Main()
{
MyClass obj = new MyClass(100);
MyClass obj_initlist = new MyClass { x = 101 };
int a = obj.x;

28
csharp/ql/test/library-tests/ir/ir/prop.cs
View File

@@ -1,24 +1,32 @@
class Geeks {
private int roll_no;
class PropClass
{
private int prop;
public int Roll_no
public int Prop
{
get
{
return roll_no;
return func();
}
set
{
roll_no = value;
prop = value;
}
}
private int func()
{
return 0;
}
}
class Prog {
public static void Main() {
Geeks obj = new Geeks();
obj.Roll_no = 5;
int x = obj.Roll_no;
class Prog
{
public static void Main()
{
PropClass obj = new PropClass();
obj.Prop = 5;
int x = obj.Prop;
}
}

1599
csharp/ql/test/library-tests/ir/ir/raw_ir.expected
View File

File diff suppressed because it is too large Load Diff

1
csharp/ql/test/library-tests/ir/ir/raw_ir_sanity.expected
View File

@@ -12,3 +12,4 @@ instructionWithoutUniqueBlock
containsLoopOfForwardEdges
lostReachability
backEdgeCountMismatch
useNotDominatedByDefinition

9
csharp/ql/test/library-tests/ir/ir/simple_call.cs
View File

@@ -1,11 +1,14 @@
using System;
public class test_simple_call {
public static int f() {
public class test_simple_call
{
public static int f()
{
return 0;
}
public static int g() {
public int g()
{
return f();
}
}

8
csharp/ql/test/library-tests/ir/ir/simple_function.cs
View File

@@ -1,7 +1,9 @@
using System;
public class test_simple_function {
public static int f() {
public class test_simple_function
{
public static int f()
{
return 0;
}
}
}

30
csharp/ql/test/library-tests/ir/ir/stmts.cs
View File

@@ -1,21 +1,26 @@
using System;
public class test_stmts {
public static int ifStmt(int x) {
public class test_stmts
{
public static int ifStmt(int x)
{
if (x == 5)
return 0;
else
return 1;
}
public static void whileStmt(int x) {
public static void whileStmt(int x)
{
int i = 0;
while (i < 10) {
while (i < 10)
{
x = x + 1;
}
}
public static int switchStmt() {
public static int switchStmt()
{
object caseSwitch = new object();
int select = 0;
@@ -38,7 +43,8 @@ public class test_stmts {
}
public static void tryCatchFinally() {
public static void tryCatchFinally()
{
int x = 5;
try
{
@@ -59,16 +65,20 @@ public class test_stmts {
}
}
public static void forStmt() {
public static void forStmt()
{
int x = 0;
for (int i = 0; i <= 10; i++) {
for (int i = 0; i <= 10; i++)
{
x = x - 1;
}
}
public static void doWhile() {
public static void doWhile()
{
int x = 0;
do {
do
{
x = x + 1;
}
while (x < 10);

6
csharp/ql/test/library-tests/ir/ir/variables.cs
View File

@@ -1,7 +1,9 @@
using System;
public class test_variables {
public static void f() {
public class test_variables
{
public static void f()
{
int x, y = 5;
x = 4;
x = y;