C++: Update points_to tests to use new framework

cpp/ql/test/library-tests/ir/escape/points_to.expected

@@ -1,86 +0,0 @@
-| escape.cpp:111:18:111:21 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:115:19:115:28 | PointerAdd[4] | no_+0 | no_+0 |
-| escape.cpp:115:20:115:23 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:116:19:116:28 | PointerSub[4] | no_+0 | no_+0 |
-| escape.cpp:116:20:116:23 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:117:19:117:26 | PointerAdd[4] | no_+0 | no_+0 |
-| escape.cpp:117:23:117:26 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:118:9:118:12 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:120:12:120:15 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:123:14:123:17 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:124:15:124:18 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:127:9:127:12 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:129:12:129:15 | CopyValue | no_+0 | no_+0 |
-| escape.cpp:134:5:134:18 | Convert | no_Array+0 | no_Array+0 |
-| escape.cpp:134:11:134:18 | Convert | no_Array+0 | no_Array+0 |
-| escape.cpp:135:5:135:12 | Convert | no_Array+0 | no_Array+0 |
-| escape.cpp:135:5:135:15 | PointerAdd[4] | no_Array+20 | no_Array+20 |
-| escape.cpp:136:5:136:15 | PointerAdd[4] | no_Array+20 | no_Array+20 |
-| escape.cpp:136:7:136:14 | Convert | no_Array+0 | no_Array+0 |
-| escape.cpp:137:17:137:24 | Convert | no_Array+0 | no_Array+0 |
-| escape.cpp:137:17:137:27 | PointerAdd[4] | no_Array+20 | no_Array+20 |
-| escape.cpp:138:17:138:27 | PointerAdd[4] | no_Array+20 | no_Array+20 |
-| escape.cpp:138:19:138:26 | Convert | no_Array+0 | no_Array+0 |
-| escape.cpp:140:21:140:32 | FieldAddress[x] | no_Point+0 | no_Point+0 |
-| escape.cpp:140:21:140:32 | FieldAddress[y] | no_Point+4 | no_Point+4 |
-| escape.cpp:140:21:140:32 | FieldAddress[z] | no_Point+8 | no_Point+8 |
-| escape.cpp:141:27:141:27 | FieldAddress[x] | no_Point+0 | no_Point+0 |
-| escape.cpp:142:14:142:14 | FieldAddress[y] | no_Point+4 | no_Point+4 |
-| escape.cpp:143:19:143:27 | CopyValue | no_Point+0 | no_Point+0 |
-| escape.cpp:143:31:143:31 | FieldAddress[y] | no_Point+4 | no_Point+4 |
-| escape.cpp:144:6:144:14 | CopyValue | no_Point+0 | no_Point+0 |
-| escape.cpp:144:18:144:18 | FieldAddress[y] | no_Point+4 | no_Point+4 |
-| escape.cpp:145:20:145:30 | CopyValue | no_Point+8 | no_Point+8 |
-| escape.cpp:145:30:145:30 | FieldAddress[z] | no_Point+8 | no_Point+8 |
-| escape.cpp:146:5:146:18 | CopyValue | no_Point+8 | no_Point+8 |
-| escape.cpp:146:7:146:17 | CopyValue | no_Point+8 | no_Point+8 |
-| escape.cpp:146:17:146:17 | FieldAddress[z] | no_Point+8 | no_Point+8 |
-| escape.cpp:149:5:149:14 | ConvertToNonVirtualBase[Derived : Intermediate1] | no_Derived+0 | no_Derived+0 |
-| escape.cpp:149:5:149:14 | ConvertToNonVirtualBase[Intermediate1 : Base] | no_Derived+0 | no_Derived+0 |
-| escape.cpp:149:16:149:16 | FieldAddress[b] | no_Derived+0 | no_Derived+0 |
-| escape.cpp:150:18:150:27 | ConvertToNonVirtualBase[Derived : Intermediate1] | no_Derived+0 | no_Derived+0 |
-| escape.cpp:150:18:150:27 | ConvertToNonVirtualBase[Intermediate1 : Base] | no_Derived+0 | no_Derived+0 |
-| escape.cpp:150:29:150:29 | FieldAddress[b] | no_Derived+0 | no_Derived+0 |
-| escape.cpp:151:5:151:14 | ConvertToNonVirtualBase[Derived : Intermediate2] | no_Derived+12 | no_Derived+12 |
-| escape.cpp:151:16:151:17 | FieldAddress[i2] | no_Derived+16 | no_Derived+16 |
-| escape.cpp:152:19:152:28 | ConvertToNonVirtualBase[Derived : Intermediate2] | no_Derived+12 | no_Derived+12 |
-| escape.cpp:152:30:152:31 | FieldAddress[i2] | no_Derived+16 | no_Derived+16 |
-| escape.cpp:155:17:155:30 | CopyValue | no_ssa_addrOf+0 | no_ssa_addrOf+0 |
-| escape.cpp:155:17:155:30 | Store | no_ssa_addrOf+0 | no_ssa_addrOf+0 |
-| escape.cpp:158:17:158:28 | CopyValue | no_ssa_refTo+0 | no_ssa_refTo+0 |
-| escape.cpp:158:17:158:28 | Store | no_ssa_refTo+0 | no_ssa_refTo+0 |
-| escape.cpp:161:19:161:42 | Convert | no_ssa_refToArrayElement+0 | no_ssa_refToArrayElement+0 |
-| escape.cpp:161:19:161:45 | CopyValue | no_ssa_refToArrayElement+20 | no_ssa_refToArrayElement+20 |
-| escape.cpp:161:19:161:45 | PointerAdd[4] | no_ssa_refToArrayElement+20 | no_ssa_refToArrayElement+20 |
-| escape.cpp:161:19:161:45 | Store | no_ssa_refToArrayElement+20 | no_ssa_refToArrayElement+20 |
-| escape.cpp:164:24:164:40 | CopyValue | no_ssa_refToArray+0 | no_ssa_refToArray+0 |
-| escape.cpp:164:24:164:40 | Store | no_ssa_refToArray+0 | no_ssa_refToArray+0 |
-| escape.cpp:167:19:167:28 | CopyValue | passByPtr+0 | passByPtr+0 |
-| escape.cpp:170:21:170:29 | CopyValue | passByRef+0 | passByRef+0 |
-| escape.cpp:173:22:173:38 | CopyValue | no_ssa_passByPtr+0 | no_ssa_passByPtr+0 |
-| escape.cpp:176:24:176:39 | CopyValue | no_ssa_passByRef+0 | no_ssa_passByRef+0 |
-| escape.cpp:179:22:179:42 | CopyValue | no_ssa_passByPtr_ret+0 | no_ssa_passByPtr_ret+0 |
-| escape.cpp:182:24:182:43 | CopyValue | no_ssa_passByRef_ret+0 | no_ssa_passByRef_ret+0 |
-| escape.cpp:185:30:185:40 | CopyValue | passByPtr2+0 | passByPtr2+0 |
-| escape.cpp:188:32:188:41 | CopyValue | passByRef2+0 | passByRef2+0 |
-| escape.cpp:191:30:191:42 | Call | none | passByPtr3+0 |
-| escape.cpp:191:44:191:54 | CopyValue | passByPtr3+0 | passByPtr3+0 |
-| escape.cpp:194:32:194:46 | Call | none | passByRef3+0 |
-| escape.cpp:194:32:194:59 | CopyValue | none | passByRef3+0 |
-| escape.cpp:194:48:194:57 | CopyValue | passByRef3+0 | passByRef3+0 |
-| escape.cpp:199:17:199:34 | CopyValue | no_ssa_passByPtr4+0 | no_ssa_passByPtr4+0 |
-| escape.cpp:199:37:199:54 | CopyValue | no_ssa_passByPtr5+0 | no_ssa_passByPtr5+0 |
-| escape.cpp:202:5:202:19 | Call | none | passByRef6+0 |
-| escape.cpp:202:5:202:32 | CopyValue | none | passByRef6+0 |
-| escape.cpp:202:21:202:30 | CopyValue | passByRef6+0 | passByRef6+0 |
-| escape.cpp:205:5:205:19 | Call | none | no_ssa_passByRef7+0 |
-| escape.cpp:205:5:205:39 | CopyValue | none | no_ssa_passByRef7+0 |
-| escape.cpp:205:21:205:37 | CopyValue | no_ssa_passByRef7+0 | no_ssa_passByRef7+0 |
-| escape.cpp:209:14:209:25 | Call | none | no_ssa_c+0 |
-| escape.cpp:217:14:217:16 | CopyValue | c2+0 | c2+0 |
-| escape.cpp:221:8:221:19 | Call | none | c3+0 |
-| escape.cpp:225:17:225:28 | Call | none | c4+0 |
-| escape.cpp:247:2:247:27 | Store | condEscape1+0 | condEscape1+0 |
-| escape.cpp:247:16:247:27 | CopyValue | condEscape1+0 | condEscape1+0 |
-| escape.cpp:249:9:249:34 | Store | condEscape2+0 | condEscape2+0 |
-| escape.cpp:249:23:249:34 | CopyValue | condEscape2+0 | condEscape2+0 |

cpp/ql/test/library-tests/ir/escape/points_to.ql

@@ -1,35 +0,0 @@
-import default
-import semmle.code.cpp.ir.implementation.unaliased_ssa.internal.AliasAnalysis as RawAA
-import semmle.code.cpp.ir.implementation.raw.IR as Raw
-import semmle.code.cpp.ir.implementation.aliased_ssa.internal.AliasAnalysis as UnAA
-import semmle.code.cpp.ir.implementation.unaliased_ssa.IR as Un
-import semmle.code.cpp.ir.implementation.unaliased_ssa.internal.SSAConstruction
-import semmle.code.cpp.ir.internal.IntegerConstant
-
-from Raw::Instruction rawInstr, Un::Instruction unInstr, string rawPointsTo, string unPointsTo
-where
-  rawInstr = getOldInstruction(unInstr) and
-  not rawInstr instanceof Raw::VariableAddressInstruction and
-  (
-    exists(Variable var, int rawBitOffset, int unBitOffset |
-      RawAA::resultPointsTo(rawInstr, Raw::getIRUserVariable(_, var), rawBitOffset) and
-      rawPointsTo = var.toString() + getBitOffsetString(rawBitOffset) and
-      UnAA::resultPointsTo(unInstr, Un::getIRUserVariable(_, var), unBitOffset) and
-      unPointsTo = var.toString() + getBitOffsetString(unBitOffset)
-    )
-    or
-    exists(Variable var, int unBitOffset |
-      not RawAA::resultPointsTo(rawInstr, Raw::getIRUserVariable(_, var), _) and
-      rawPointsTo = "none" and
-      UnAA::resultPointsTo(unInstr, Un::getIRUserVariable(_, var), unBitOffset) and
-      unPointsTo = var.toString() + getBitOffsetString(unBitOffset)
-    )
-    or
-    exists(Variable var, int rawBitOffset |
-      RawAA::resultPointsTo(rawInstr, Raw::getIRUserVariable(_, var), rawBitOffset) and
-      rawPointsTo = var.toString() + getBitOffsetString(rawBitOffset) and
-      not UnAA::resultPointsTo(unInstr, Un::getIRUserVariable(_, var), _) and
-      unPointsTo = "none"
-    )
-  )
-select rawInstr.getLocation().toString(), rawInstr.getOperationString(), rawPointsTo, unPointsTo

cpp/ql/test/library-tests/ir/points_to/points_to.cpp

@@ -0,0 +1,87 @@
+struct Point {
+  int x;
+  int y;
+};
+
+struct Base1 {
+  int b1;
+};
+
+struct Base2 {
+  int b2;
+};
+
+struct DerivedSI : Base1 {
+  int dsi;
+};
+
+struct DerivedMI : Base1, Base2 {
+  int dmi;
+};
+
+struct DerivedVI : virtual Base1 {
+  int dvi;
+};
+
+void Locals() {
+  Point pt = {  //$ussa=pt
+    1,  //$ussa=pt[0..4)<int>
+    2  //$ussa=pt[4..8)<int>
+  };
+  int i = pt.x;  //$ussa=pt[0..4)<int>
+  i = pt.y;  //$ussa=pt[4..8)<int>
+  int* p = &pt.x;
+  i = *p;  //$ussa=pt[0..4)<int>
+  p = &pt.y;
+  i = *p;  //$ussa=pt[4..8)<int>
+}
+
+void PointsTo(
+  int a,         //$raw,ussa=a
+  Point& b,      //$raw,ussa=b $ussa=*b
+  Point* c,      //$raw,ussa=c $ussa=*c
+  int* d,        //$raw,ussa=d $ussa=*d
+  DerivedSI* e,  //$raw,ussa=e $ussa=*e
+  DerivedMI* f,  //$raw,ussa=f $ussa=*f
+  DerivedVI* g   //$raw,ussa=g $ussa=*g
+) {
+
+  int i = a;  //$raw,ussa=a
+  i = *&a;  //$raw,ussa=a
+  i = *(&a + 0);  //$raw,ussa=a
+  i = b.x;  //$raw,ussa=b $ussa=*b[0..4)<int>
+  i = b.y;  //$raw,ussa=b $ussa=*b[4..8)<int>
+  i = c->x;  //$raw,ussa=c $ussa=*c[0..4)<int>
+  i = c->y;  //$raw,ussa=c $ussa=*c[4..8)<int>
+  i = *d;  //$raw,ussa=d $ussa=*d[0..4)<int>
+  i = *(d + 0);  //$raw,ussa=d $ussa=*d[0..4)<int>
+  i = d[5];  //$raw,ussa=d $ussa=*d[20..24)<int>
+  i = 5[d];  //$raw,ussa=d $ussa=*d[20..24)<int>
+  i = d[a];  //$raw,ussa=d $raw,ussa=a $ussa=*d[?..?)<int>
+  i = a[d];  //$raw,ussa=d $raw,ussa=a $ussa=*d[?..?)<int>
+
+  int* p = &b.x;  //$raw,ussa=b
+  i = *p;  //$ussa=*b[0..4)<int>
+  p = &b.y;  //$raw,ussa=b
+  i = *p;  //$ussa=*b[4..8)<int>
+  p = &c->x;  //$raw,ussa=c
+  i = *p;  //$ussa=*c[0..4)<int>
+  p = &c->y;  //$raw,ussa=c
+  i = *p;  //$ussa=*c[4..8)<int>
+  p = &d[5];  //$raw,ussa=d
+  i = *p;  //$ussa=*d[20..24)<int>
+  p = &d[a];  //$raw,ussa=d $raw,ussa=a
+  i = *p;  //$ussa=*d[?..?)<int>
+
+  Point* q = &c[a];  //$raw,ussa=c $raw,ussa=a
+  i = q->x;  //$ussa=*c[?..?)<int>
+  i = q->y;  //$ussa=*c[?..?)<int>
+
+  i = e->b1;  //$raw,ussa=e $ussa=*e[0..4)<int>
+  i = e->dsi;  //$raw,ussa=e $ussa=*e[4..8)<int>
+  i = f->b1;  //$raw,ussa=f $ussa=*f[0..4)<int>
+  i = f->b2;  //$raw,ussa=f $ussa=*f[4..8)<int>
+  i = f->dmi;  //$raw,ussa=f $ussa=*f[8..12)<int>
+  i = g->b1;  //$raw,ussa=g $ussa=*g[?..?)<int>
+  i = g->dvi;  //$raw,ussa=g $ussa=*g[8..12)<int>
+}

cpp/ql/test/library-tests/ir/points_to/points_to.ql

@@ -0,0 +1,65 @@
+import cpp
+private import TestUtilities.InlineExpectationsTest
+private import semmle.code.cpp.ir.internal.IntegerConstant as Ints
+
+private predicate ignoreAllocation(string name) {
+  name = "i" or
+  name = "p" or
+  name = "q"
+}
+
+module Raw {
+  private import semmle.code.cpp.ir.implementation.raw.IR
+  private import semmle.code.cpp.ir.implementation.unaliased_ssa.internal.SimpleSSA
+
+  private MemoryLocation getAMemoryAccess(Instruction instr) {
+    result = getResultMemoryLocation(instr) or
+    result = getOperandMemoryLocation(instr.getAnOperand())
+  }
+
+  class RawPointsToTest extends InlineExpectationsTest {
+    RawPointsToTest() { this = "RawPointsToTest" }
+
+    override string getARelevantTag() { result = "raw" }
+
+    override predicate hasActualResult(Location location, string element, string tag, string value) {
+      exists(Instruction instr, MemoryLocation memLocation |
+        memLocation = getAMemoryAccess(instr) and
+        tag = "raw" and
+        not ignoreAllocation(memLocation.getAllocation().getAllocationString()) and
+        value = memLocation.toString() and
+        element = instr.toString() and
+        location = instr.getLocation()
+      )
+    }
+  }
+}
+
+module UnaliasedSSA {
+  private import semmle.code.cpp.ir.implementation.unaliased_ssa.IR
+  private import semmle.code.cpp.ir.implementation.aliased_ssa.internal.AliasedSSA
+
+  private MemoryLocation getAMemoryAccess(Instruction instr) {
+    result = getResultMemoryLocation(instr) or
+    result = getOperandMemoryLocation(instr.getAnOperand())
+  }
+
+  class UnaliasedSSAPointsToTest extends InlineExpectationsTest {
+    UnaliasedSSAPointsToTest() { this = "UnaliasedSSAPointsToTest" }
+
+    override string getARelevantTag() { result = "ussa" }
+
+    override predicate hasActualResult(Location location, string element, string tag, string value) {
+      exists(Instruction instr, MemoryLocation memLocation |
+        memLocation = getAMemoryAccess(instr) and
+        not memLocation instanceof AliasedVirtualVariable and
+        not memLocation instanceof AllNonLocalMemory and
+        tag = "ussa" and
+        not ignoreAllocation(memLocation.getAllocation().getAllocationString()) and
+        value = memLocation.toString() and
+        element = instr.toString() and
+        location = instr.getLocation()
+      )
+    }
+  }
+}