mirror of
https://github.com/github/codeql.git
synced 2026-04-30 03:05:15 +02:00
C++: add AliasedDefinition for aliased SSA
This commit is contained in:
Robert Marsh
committed by
Dave Bartolomeo
Dave Bartolomeo
parent
3ee033d96e
commit
799eb06eea
@@ -54,6 +54,7 @@ private newtype TOpcode =
|
||||
TUnwind() or
|
||||
TUnmodeledDefinition() or
|
||||
TUnmodeledUse() or
|
||||
TAliasedDefinition() or
|
||||
TPhi() or
|
||||
TVarArgsStart() or
|
||||
TVarArgsEnd() or
|
||||
@@ -180,6 +181,7 @@ module Opcode {
|
||||
class Unwind extends Opcode, TUnwind { override final string toString() { result = "Unwind" } }
|
||||
class UnmodeledDefinition extends Opcode, TUnmodeledDefinition { override final string toString() { result = "UnmodeledDefinition" } }
|
||||
class UnmodeledUse extends Opcode, TUnmodeledUse { override final string toString() { result = "UnmodeledUse" } }
|
||||
class AliasedDefinition extends Opcode, TAliasedDefinition { override final string toString() { result = "AliasedDefinition" } }
|
||||
class Phi extends Opcode, TPhi { override final string toString() { result = "Phi" } }
|
||||
class VarArgsStart extends BuiltInOpcode, TVarArgsStart { override final string toString() { result = "VarArgsStart" } }
|
||||
class VarArgsEnd extends BuiltInOpcode, TVarArgsEnd { override final string toString() { result = "VarArgsEnd" } }
|
||||
|
||||
@@ -1322,6 +1322,16 @@ class UnmodeledDefinitionInstruction extends Instruction {
|
||||
}
|
||||
}
|
||||
|
||||
class AliasedDefinitionInstruction extends Instruction {
|
||||
AliasedDefinitionInstruction() {
|
||||
opcode instanceof Opcode::AliasedDefinition
|
||||
}
|
||||
|
||||
override final MemoryAccessKind getResultMemoryAccess() {
|
||||
result instanceof EscapedMemoryAccess
|
||||
}
|
||||
}
|
||||
|
||||
class UnmodeledUseInstruction extends Instruction {
|
||||
UnmodeledUseInstruction() {
|
||||
opcode instanceof Opcode::UnmodeledUse
|
||||
|
||||
@@ -93,7 +93,8 @@ private newtype TMemoryAccess =
|
||||
)
|
||||
}
|
||||
or
|
||||
TUnknownMemoryAccess(UnknownVirtualVariable uvv)
|
||||
TUnknownMemoryAccess(UnknownVirtualVariable uvv) or
|
||||
TTotalUnknownMemoryAccess(UnknownVirtualVariable uvv)
|
||||
|
||||
private VariableMemoryAccess getVariableMemoryAccess(IRVariable var, IntValue offset, IntValue size) {
|
||||
result.getVirtualVariable() = getVirtualVariable(var) and
|
||||
@@ -170,6 +171,26 @@ class UnknownMemoryAccess extends TUnknownMemoryAccess, MemoryAccess {
|
||||
}
|
||||
}
|
||||
|
||||
class TotalUnknownMemoryAccess extends TTotalUnknownMemoryAccess, MemoryAccess {
|
||||
UnknownVirtualVariable vvar;
|
||||
|
||||
TotalUnknownMemoryAccess() {
|
||||
this = TTotalUnknownMemoryAccess(vvar)
|
||||
}
|
||||
|
||||
final override string toString() {
|
||||
result = vvar.toString()
|
||||
}
|
||||
|
||||
final override VirtualVariable getVirtualVariable() {
|
||||
result = vvar
|
||||
}
|
||||
|
||||
Type getType() {
|
||||
result instanceof UnknownType
|
||||
}
|
||||
}
|
||||
|
||||
Overlap getOverlap(MemoryAccess def, MemoryAccess use) {
|
||||
def instanceof VariableMemoryAccess and
|
||||
def = use and
|
||||
@@ -200,10 +221,16 @@ Overlap getOverlap(MemoryAccess def, MemoryAccess use) {
|
||||
)
|
||||
or
|
||||
exists(UnknownVirtualVariable uvv |
|
||||
uvv = def.getVirtualVariable() and
|
||||
def = TUnknownMemoryAccess(uvv) and
|
||||
uvv = use.getVirtualVariable() and
|
||||
result instanceof MayPartiallyOverlap
|
||||
)
|
||||
or
|
||||
exists(UnknownVirtualVariable uvv |
|
||||
def = TTotalUnknownMemoryAccess(uvv) and
|
||||
uvv = use.getVirtualVariable() and
|
||||
result instanceof MustTotallyOverlap
|
||||
)
|
||||
}
|
||||
|
||||
MemoryAccess getResultMemoryAccess(Instruction instr) {
|
||||
@@ -215,8 +242,14 @@ MemoryAccess getResultMemoryAccess(Instruction instr) {
|
||||
resultPointsTo(instr.getAnOperand().(AddressOperand).getDefinitionInstruction(), var, i) and
|
||||
result = getVariableMemoryAccess(var, i, instr.getResultSize())
|
||||
)
|
||||
else
|
||||
result = TUnknownMemoryAccess(TUnknownVirtualVariable(instr.getFunctionIR()))
|
||||
else (
|
||||
result = TUnknownMemoryAccess(TUnknownVirtualVariable(instr.getFunctionIR())) and
|
||||
not instr instanceof UnmodeledDefinitionInstruction and
|
||||
not instr instanceof AliasedDefinitionInstruction
|
||||
or
|
||||
result = TTotalUnknownMemoryAccess(TUnknownVirtualVariable(instr.getFunctionIR())) and
|
||||
instr instanceof AliasedDefinitionInstruction
|
||||
)
|
||||
}
|
||||
|
||||
MemoryAccess getOperandMemoryAccess(Operand operand) {
|
||||
@@ -228,6 +261,8 @@ MemoryAccess getOperandMemoryAccess(Operand operand) {
|
||||
resultPointsTo(operand.getAddressOperand().getDefinitionInstruction(), var, i) and
|
||||
result = getVariableMemoryAccess(var, i, operand.getDefinitionInstruction().getResultSize())
|
||||
)
|
||||
else
|
||||
result = TUnknownMemoryAccess(TUnknownVirtualVariable(operand.getInstruction().getFunctionIR()))
|
||||
else (
|
||||
result = TUnknownMemoryAccess(TUnknownVirtualVariable(operand.getInstruction().getFunctionIR())) and
|
||||
not operand.getInstruction() instanceof UnmodeledUseInstruction
|
||||
)
|
||||
}
|
||||
|
||||
@@ -157,7 +157,7 @@ cached private module Cached {
|
||||
else
|
||||
result = getPhiInstruction(instruction.getFunction(), defBlock, vvar)
|
||||
)
|
||||
)
|
||||
)
|
||||
else (
|
||||
result = instruction.getFunctionIR().getUnmodeledDefinitionInstruction()
|
||||
)
|
||||
|
||||
@@ -1322,6 +1322,16 @@ class UnmodeledDefinitionInstruction extends Instruction {
|
||||
}
|
||||
}
|
||||
|
||||
class AliasedDefinitionInstruction extends Instruction {
|
||||
AliasedDefinitionInstruction() {
|
||||
opcode instanceof Opcode::AliasedDefinition
|
||||
}
|
||||
|
||||
override final MemoryAccessKind getResultMemoryAccess() {
|
||||
result instanceof EscapedMemoryAccess
|
||||
}
|
||||
}
|
||||
|
||||
class UnmodeledUseInstruction extends Instruction {
|
||||
UnmodeledUseInstruction() {
|
||||
opcode instanceof Opcode::UnmodeledUse
|
||||
|
||||
@@ -40,6 +40,7 @@ newtype TInstructionTag =
|
||||
ExitFunctionTag() or
|
||||
UnmodeledDefinitionTag() or
|
||||
UnmodeledUseTag() or
|
||||
AliasedDefinitionTag() or
|
||||
SwitchBranchTag() or
|
||||
CallTargetTag() or
|
||||
CallTag() or
|
||||
|
||||
@@ -76,6 +76,9 @@ class TranslatedFunction extends TranslatedElement,
|
||||
(
|
||||
(
|
||||
tag = EnterFunctionTag() and
|
||||
result = getInstruction(AliasedDefinitionTag())
|
||||
) or (
|
||||
tag = AliasedDefinitionTag() and
|
||||
result = getInstruction(UnmodeledDefinitionTag())
|
||||
) or
|
||||
(
|
||||
@@ -153,6 +156,12 @@ class TranslatedFunction extends TranslatedElement,
|
||||
resultType instanceof UnknownType and
|
||||
isGLValue = false
|
||||
) or
|
||||
(
|
||||
tag = AliasedDefinitionTag() and
|
||||
opcode instanceof Opcode::AliasedDefinition and
|
||||
resultType instanceof UnknownType and
|
||||
isGLValue = false
|
||||
) or
|
||||
(
|
||||
tag = InitializeThisTag() and
|
||||
opcode instanceof Opcode::InitializeThis and
|
||||
|
||||
@@ -1322,6 +1322,16 @@ class UnmodeledDefinitionInstruction extends Instruction {
|
||||
}
|
||||
}
|
||||
|
||||
class AliasedDefinitionInstruction extends Instruction {
|
||||
AliasedDefinitionInstruction() {
|
||||
opcode instanceof Opcode::AliasedDefinition
|
||||
}
|
||||
|
||||
override final MemoryAccessKind getResultMemoryAccess() {
|
||||
result instanceof EscapedMemoryAccess
|
||||
}
|
||||
}
|
||||
|
||||
class UnmodeledUseInstruction extends Instruction {
|
||||
UnmodeledUseInstruction() {
|
||||
opcode instanceof Opcode::UnmodeledUse
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user