hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

C++: Add more sizeof VLA tests

Browse Source
This commit is contained in:
Jeroen Ketema
2025-09-02 10:48:12 +02:00
parent f68d3477d4
commit 8a7553232f
9 changed files with 209 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
cpp/ql/test/library-tests/ir/ir/PrintAST.expected
View File

@@ -24996,6 +24996,101 @@ ir.cpp:
# 2811| Type = [CTypedefType,Size_t] size_t
# 2811| Value = [CStyleCast] 0
# 2811| ValueCategory = prvalue
# 2814| [TopLevelFunction] void vla_sizeof_test4(int, size_t)
# 2814| <params>:
# 2814| getParameter(0): [Parameter] len1
# 2814| Type = [IntType] int
# 2814| getParameter(1): [Parameter] len2
# 2814| Type = [CTypedefType,Size_t] size_t
# 2814| getEntryPoint(): [BlockStmt] { ... }
# 2815| getStmt(0): [DeclStmt] declaration
# 2815| getDeclarationEntry(0): [VariableDeclarationEntry] definition of tmp1
# 2815| Type = [ArrayType] int[][]
# 2815| getStmt(1): [VlaDimensionStmt] VLA dimension size
# 2815| getDimensionExpr(): [VariableAccess] len1
# 2815| Type = [IntType] int
# 2815| ValueCategory = prvalue(load)
# 2815| getStmt(2): [VlaDimensionStmt] VLA dimension size
# 2815| getDimensionExpr(): [VariableAccess] len2
# 2815| Type = [CTypedefType,Size_t] size_t
# 2815| ValueCategory = prvalue(load)
# 2815| getStmt(3): [VlaDeclStmt] VLA declaration
# 2816| getStmt(4): [DeclStmt] declaration
# 2816| getDeclarationEntry(0): [VariableDeclarationEntry] definition of z
# 2816| Type = [CTypedefType,Size_t] size_t
# 2816| getVariable().getInitializer(): [Initializer] initializer for z
# 2816| getExpr(): [SizeofExprOperator] sizeof(<expr>)
# 2816| Type = [LongType] unsigned long
# 2816| ValueCategory = prvalue
# 2816| getExprOperand(): [ArrayExpr] access to array
# 2816| Type = [ArrayType] int[]
# 2816| ValueCategory = lvalue
# 2816| getArrayBase(): [VariableAccess] tmp1
# 2816| Type = [ArrayType] int[][]
# 2816| ValueCategory = lvalue
# 2816| getArrayOffset(): [Literal] 1
# 2816| Type = [IntType] int
# 2816| Value = [Literal] 1
# 2816| ValueCategory = prvalue
# 2816| getArrayBase().getFullyConverted(): [ArrayToPointerConversion] array to pointer conversion
# 2816| Type = [PointerType] int(*)[]
# 2816| ValueCategory = prvalue
# 2816| getExprOperand().getFullyConverted(): [ParenthesisExpr] (...)
# 2816| Type = [ArrayType] int[]
# 2816| ValueCategory = lvalue
# 2817| getStmt(5): [ReturnStmt] return ...
# 2819| [TopLevelFunction] void vla_sizeof_test5(int, size_t)
# 2819| <params>:
# 2819| getParameter(0): [Parameter] len1
# 2819| Type = [IntType] int
# 2819| getParameter(1): [Parameter] len2
# 2819| Type = [CTypedefType,Size_t] size_t
# 2819| getEntryPoint(): [BlockStmt] { ... }
# 2820| getStmt(0): [DeclStmt] declaration
# 2820| getDeclarationEntry(0): [VariableDeclarationEntry] definition of tmp1
# 2820| Type = [ArrayType] int[][]
# 2820| getStmt(1): [VlaDimensionStmt] VLA dimension size
# 2820| getDimensionExpr(): [VariableAccess] len1
# 2820| Type = [IntType] int
# 2820| ValueCategory = prvalue(load)
# 2820| getStmt(2): [VlaDimensionStmt] VLA dimension size
# 2820| getDimensionExpr(): [VariableAccess] len2
# 2820| Type = [CTypedefType,Size_t] size_t
# 2820| ValueCategory = prvalue(load)
# 2820| getStmt(3): [VlaDeclStmt] VLA declaration
# 2821| getStmt(4): [DeclStmt] declaration
# 2821| getDeclarationEntry(0): [VariableDeclarationEntry] definition of z
# 2821| Type = [CTypedefType,Size_t] size_t
# 2821| getVariable().getInitializer(): [Initializer] initializer for z
# 2821| getExpr(): [SizeofExprOperator] sizeof(<expr>)
# 2821| Type = [LongType] unsigned long
# 2821| ValueCategory = prvalue
# 2821| getExprOperand(): [ArrayExpr] access to array
# 2821| Type = [ArrayType] int[]
# 2821| ValueCategory = lvalue
# 2821| getArrayBase(): [PointerDereferenceExpr] * ...
# 2821| Type = [ArrayType] int[][]
# 2821| ValueCategory = lvalue
# 2821| getOperand(): [AddressOfExpr] & ...
# 2821| Type = [PointerType] int(*)[][]
# 2821| ValueCategory = prvalue
# 2821| getOperand(): [VariableAccess] tmp1
# 2821| Type = [ArrayType] int[][]
# 2821| ValueCategory = lvalue
# 2821| getArrayOffset(): [Literal] 1
# 2821| Type = [IntType] int
# 2821| Value = [Literal] 1
# 2821| ValueCategory = prvalue
# 2821| getArrayBase().getFullyConverted(): [ParenthesisExpr] (...)
# 2821| Type = [PointerType] int(*)[]
# 2821| ValueCategory = prvalue
# 2821| getExpr(): [ArrayToPointerConversion] array to pointer conversion
# 2821| Type = [PointerType] int(*)[]
# 2821| ValueCategory = prvalue
# 2821| getExprOperand().getFullyConverted(): [ParenthesisExpr] (...)
# 2821| Type = [ArrayType] int[]
# 2821| ValueCategory = lvalue
# 2822| getStmt(5): [ReturnStmt] return ...
ir23.cpp:
# 1| [TopLevelFunction] bool consteval_1()
# 1| <params>:

46
cpp/ql/test/library-tests/ir/ir/aliased_ir.expected
View File

@@ -20617,6 +20617,52 @@ ir.cpp:
# 2811| m2811_3(unsigned long) = Store[#return] : &:r2811_1, r2811_2
#-----| Goto -> Block 1
# 2814| void vla_sizeof_test4(int, size_t)
# 2814| Block 0
# 2814| v2814_1(void) = EnterFunction :
# 2814| m2814_2(unknown) = AliasedDefinition :
# 2814| m2814_3(unknown) = InitializeNonLocal :
# 2814| m2814_4(unknown) = Chi : total:m2814_2, partial:m2814_3
# 2814| r2814_5(glval<int>) = VariableAddress[len1] :
# 2814| m2814_6(int) = InitializeParameter[len1] : &:r2814_5
# 2814| r2814_7(glval<unsigned long>) = VariableAddress[len2] :
# 2814| m2814_8(unsigned long) = InitializeParameter[len2] : &:r2814_7
# 2815| r2815_1(glval<int[][]>) = VariableAddress[tmp1] :
# 2815| m2815_2(int[][]) = Uninitialized[tmp1] : &:r2815_1
# 2815| r2815_3(glval<int>) = VariableAddress[len1] :
# 2815| r2815_4(int) = Load[len1] : &:r2815_3, m2814_6
# 2815| r2815_5(glval<unsigned long>) = VariableAddress[len2] :
# 2815| r2815_6(unsigned long) = Load[len2] : &:r2815_5, m2814_8
# 2815| v2815_7(void) = NoOp :
# 2816| r2816_1(glval<unsigned long>) = VariableAddress[z] :
# 2816| r2816_2(unsigned long) = Constant[4] :
# 2816| r2816_3(unsigned long) = CopyValue : r2815_6
# 2816| r2816_4(unsigned long) = Mul : r2816_2, r2816_3
# 2816| m2816_5(unsigned long) = Store[z] : &:r2816_1, r2816_4
# 2817| v2817_1(void) = NoOp :
# 2814| v2814_9(void) = ReturnVoid :
# 2814| v2814_10(void) = AliasedUse : m2814_3
# 2814| v2814_11(void) = ExitFunction :
# 2819| void vla_sizeof_test5(int, size_t)
# 2819| Block 0
# 2819| v2819_1(void) = EnterFunction :
# 2819| m2819_2(unknown) = AliasedDefinition :
# 2819| m2819_3(unknown) = InitializeNonLocal :
# 2819| m2819_4(unknown) = Chi : total:m2819_2, partial:m2819_3
# 2819| r2819_5(glval<int>) = VariableAddress[len1] :
# 2819| m2819_6(int) = InitializeParameter[len1] : &:r2819_5
# 2819| r2819_7(glval<unsigned long>) = VariableAddress[len2] :
# 2819| m2819_8(unsigned long) = InitializeParameter[len2] : &:r2819_7
# 2820| r2820_1(glval<int[][]>) = VariableAddress[tmp1] :
# 2820| m2820_2(int[][]) = Uninitialized[tmp1] : &:r2820_1
# 2820| r2820_3(glval<int>) = VariableAddress[len1] :
# 2820| r2820_4(int) = Load[len1] : &:r2820_3, m2819_6
# 2820| r2820_5(glval<unsigned long>) = VariableAddress[len2] :
# 2820| r2820_6(unsigned long) = Load[len2] : &:r2820_5, m2819_8
# 2820| v2820_7(void) = NoOp :
# 2821| r2821_1(glval<unsigned long>) = VariableAddress[z] :
ir23.cpp:
# 1| bool consteval_1()
# 1| Block 0

1
cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected
View File

@@ -6,6 +6,7 @@ missingOperandType
duplicateChiOperand
sideEffectWithoutPrimary
instructionWithoutSuccessor
| ir.cpp:2821:10:2821:10 | VariableAddress: definition of z | Instruction 'VariableAddress: definition of z' has no successors in function '$@'. | ir.cpp:2819:6:2819:21 | void vla_sizeof_test5(int, size_t) | void vla_sizeof_test5(int, size_t) |
ambiguousSuccessors
unexplainedLoop
unnecessaryPhiInstruction

1
cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected
View File

@@ -6,6 +6,7 @@ missingOperandType
duplicateChiOperand
sideEffectWithoutPrimary
instructionWithoutSuccessor
| ir.cpp:2821:10:2821:10 | VariableAddress: definition of z | Instruction 'VariableAddress: definition of z' has no successors in function '$@'. | ir.cpp:2819:6:2819:21 | void vla_sizeof_test5(int, size_t) | void vla_sizeof_test5(int, size_t) |
ambiguousSuccessors
unexplainedLoop
unnecessaryPhiInstruction

10
cpp/ql/test/library-tests/ir/ir/ir.cpp
View File

@@ -2811,4 +2811,14 @@ size_t vla_sizeof_test3(int len1, size_t len2, char len3, bool b) {
return 0;
}
void vla_sizeof_test4(int len1, size_t len2) {
int tmp1[len1][len2];
size_t z = sizeof(1[tmp1]);
}
void vla_sizeof_test5(int len1, size_t len2) {
int tmp1[len1][len2];
size_t z = sizeof((*&tmp1)[1]);
}
// semmle-extractor-options: -std=c++20 --clang

3
cpp/ql/test/library-tests/ir/ir/raw_consistency.expected
View File

@@ -1,4 +1,5 @@
missingOperand
| ir.cpp:2821:14:2821:32 | Store: sizeof(<expr>) | Instruction 'Store' is missing an expected operand with tag 'StoreValue' in function '$@'. | ir.cpp:2819:6:2819:21 | void vla_sizeof_test5(int, size_t) | void vla_sizeof_test5(int, size_t) |
unexpectedOperand
duplicateOperand
missingPhiOperand
@@ -6,6 +7,7 @@ missingOperandType
duplicateChiOperand
sideEffectWithoutPrimary
instructionWithoutSuccessor
| ir.cpp:2821:10:2821:10 | VariableAddress: definition of z | Instruction 'VariableAddress: definition of z' has no successors in function '$@'. | ir.cpp:2819:6:2819:21 | void vla_sizeof_test5(int, size_t) | void vla_sizeof_test5(int, size_t) |
ambiguousSuccessors
unexplainedLoop
unnecessaryPhiInstruction
@@ -21,6 +23,7 @@ lostReachability
backEdgeCountMismatch
useNotDominatedByDefinition
| ir.cpp:1535:8:1535:8 | Unary | Operand 'Unary' is not dominated by its definition in function '$@'. | ir.cpp:1535:8:1535:8 | void StructuredBindingDataMemberStruct::StructuredBindingDataMemberStruct() | void StructuredBindingDataMemberStruct::StructuredBindingDataMemberStruct() |
| ir.cpp:2821:10:2821:10 | Address | Operand 'Address' is not dominated by its definition in function '$@'. | ir.cpp:2819:6:2819:21 | void vla_sizeof_test5(int, size_t) | void vla_sizeof_test5(int, size_t) |
switchInstructionWithoutDefaultEdge
notMarkedAsConflated
wronglyMarkedAsConflated

51
cpp/ql/test/library-tests/ir/ir/raw_ir.expected
View File

@@ -18760,6 +18760,57 @@ ir.cpp:
# 2811| mu2811_3(unsigned long) = Store[#return] : &:r2811_1, r2811_2
#-----| Goto -> Block 1
# 2814| void vla_sizeof_test4(int, size_t)
# 2814| Block 0
# 2814| v2814_1(void) = EnterFunction :
# 2814| mu2814_2(unknown) = AliasedDefinition :
# 2814| mu2814_3(unknown) = InitializeNonLocal :
# 2814| r2814_4(glval<int>) = VariableAddress[len1] :
# 2814| mu2814_5(int) = InitializeParameter[len1] : &:r2814_4
# 2814| r2814_6(glval<unsigned long>) = VariableAddress[len2] :
# 2814| mu2814_7(unsigned long) = InitializeParameter[len2] : &:r2814_6
# 2815| r2815_1(glval<int[][]>) = VariableAddress[tmp1] :
# 2815| mu2815_2(int[][]) = Uninitialized[tmp1] : &:r2815_1
# 2815| r2815_3(glval<int>) = VariableAddress[len1] :
# 2815| r2815_4(int) = Load[len1] : &:r2815_3, ~m?
# 2815| r2815_5(glval<unsigned long>) = VariableAddress[len2] :
# 2815| r2815_6(unsigned long) = Load[len2] : &:r2815_5, ~m?
# 2815| v2815_7(void) = NoOp :
# 2816| r2816_1(glval<unsigned long>) = VariableAddress[z] :
# 2816| r2816_2(unsigned long) = Constant[4] :
# 2816| r2816_3(unsigned long) = CopyValue : r2815_6
# 2816| r2816_4(unsigned long) = Mul : r2816_2, r2816_3
# 2816| mu2816_5(unsigned long) = Store[z] : &:r2816_1, r2816_4
# 2817| v2817_1(void) = NoOp :
# 2814| v2814_8(void) = ReturnVoid :
# 2814| v2814_9(void) = AliasedUse : ~m?
# 2814| v2814_10(void) = ExitFunction :
# 2819| void vla_sizeof_test5(int, size_t)
# 2819| Block 0
# 2819| v2819_1(void) = EnterFunction :
# 2819| mu2819_2(unknown) = AliasedDefinition :
# 2819| mu2819_3(unknown) = InitializeNonLocal :
# 2819| r2819_4(glval<int>) = VariableAddress[len1] :
# 2819| mu2819_5(int) = InitializeParameter[len1] : &:r2819_4
# 2819| r2819_6(glval<unsigned long>) = VariableAddress[len2] :
# 2819| mu2819_7(unsigned long) = InitializeParameter[len2] : &:r2819_6
# 2820| r2820_1(glval<int[][]>) = VariableAddress[tmp1] :
# 2820| mu2820_2(int[][]) = Uninitialized[tmp1] : &:r2820_1
# 2820| r2820_3(glval<int>) = VariableAddress[len1] :
# 2820| r2820_4(int) = Load[len1] : &:r2820_3, ~m?
# 2820| r2820_5(glval<unsigned long>) = VariableAddress[len2] :
# 2820| r2820_6(unsigned long) = Load[len2] : &:r2820_5, ~m?
# 2820| v2820_7(void) = NoOp :
# 2821| r2821_1(glval<unsigned long>) = VariableAddress[z] :
# 2821| Block 1
# 2821| mu2821_2(unsigned long) = Store[z] : &:r2821_1
# 2822| v2822_1(void) = NoOp :
# 2819| v2819_8(void) = ReturnVoid :
# 2819| v2819_9(void) = AliasedUse : ~m?
# 2819| v2819_10(void) = ExitFunction :
ir23.cpp:
# 1| bool consteval_1()
# 1| Block 0

1
cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency.expected
View File

@@ -6,6 +6,7 @@ missingOperandType
duplicateChiOperand
sideEffectWithoutPrimary
instructionWithoutSuccessor
| ir.cpp:2821:10:2821:10 | VariableAddress: definition of z | Instruction 'VariableAddress: definition of z' has no successors in function '$@'. | ir.cpp:2819:6:2819:21 | void vla_sizeof_test5(int, size_t) | void vla_sizeof_test5(int, size_t) |
ambiguousSuccessors
unexplainedLoop
unnecessaryPhiInstruction

1
cpp/ql/test/library-tests/ir/ir/unaliased_ssa_consistency_unsound.expected
View File

@@ -6,6 +6,7 @@ missingOperandType
duplicateChiOperand
sideEffectWithoutPrimary
instructionWithoutSuccessor
| ir.cpp:2821:10:2821:10 | VariableAddress: definition of z | Instruction 'VariableAddress: definition of z' has no successors in function '$@'. | ir.cpp:2819:6:2819:21 | void vla_sizeof_test5(int, size_t) | void vla_sizeof_test5(int, size_t) |
ambiguousSuccessors
unexplainedLoop
unnecessaryPhiInstruction