C++: Generate additional loads for non-reference structured bindings

jketema · jketema · commit 6515e77c0e4b · 2022-02-27T21:13:48.000+01:00
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/InstructionTag.qll
@@ -71,7 +71,8 @@ newtype TInstructionTag =
   AsmTag() or
   AsmInputTag(int elementIndex) { exists(AsmStmt asm | exists(asm.getChild(elementIndex))) } or
   ThisAddressTag() or
-  ThisLoadTag()
+  ThisLoadTag() or
+  StructuredBindingAccessTag()
 
 class InstructionTag extends TInstructionTag {
   final string toString() { result = "Tag" }
@@ -221,4 +222,6 @@ string getInstructionTagId(TInstructionTag tag) {
   tag = ThisAddressTag() and result = "ThisAddress"
   or
   tag = ThisLoadTag() and result = "ThisLoad"
+  or
+  tag = StructuredBindingAccessTag() and result = "StructuredBindingAccess"
 }
diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
@@ -3,6 +3,7 @@ private import semmle.code.cpp.ir.implementation.IRType
 private import semmle.code.cpp.ir.implementation.Opcode
 private import semmle.code.cpp.ir.implementation.internal.OperandTag
 private import semmle.code.cpp.ir.internal.CppType
+private import semmle.code.cpp.ir.internal.IRUtilities
 private import semmle.code.cpp.ir.internal.TempVariableTag
 private import InstructionTag
 private import TranslatedCondition
@@ -813,7 +814,9 @@ abstract class TranslatedVariableAccess extends TranslatedNonConstantExpr {
 }
 
 class TranslatedNonFieldVariableAccess extends TranslatedVariableAccess {
-  TranslatedNonFieldVariableAccess() { not expr instanceof FieldAccess }
+  TranslatedNonFieldVariableAccess() {
+    not expr instanceof FieldAccess and not isNonReferenceStructuredBinding(expr.getTarget())
+  }
 
   override Instruction getFirstInstruction() {
     if exists(this.getQualifier())
@@ -860,6 +863,61 @@ class TranslatedFieldAccess extends TranslatedVariableAccess {
   }
 }
 
+class TranslatedStructuredBindingVariableAccess extends TranslatedNonConstantExpr {
+  override VariableAccess expr;
+
+  TranslatedStructuredBindingVariableAccess() { isNonReferenceStructuredBinding(expr.getTarget()) }
+
+  override Instruction getFirstInstruction() {
+    // Structured bindings cannot be qualified.
+    result = this.getInstruction(StructuredBindingAccessTag())
+  }
+
+  override TranslatedElement getChild(int id) {
+    // Structured bindings cannot be qualified.
+    none()
+  }
+
+  override Instruction getResult() { result = this.getInstruction(LoadTag()) }
+
+  override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) {
+    tag = StructuredBindingAccessTag() and
+    kind instanceof GotoEdge and
+    result = this.getInstruction(LoadTag())
+    or
+    tag = LoadTag() and
+    kind instanceof GotoEdge and
+    result = this.getParent().getChildSuccessor(this)
+  }
+
+  override Instruction getChildSuccessor(TranslatedElement child) { none() }
+
+  override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) {
+    tag = StructuredBindingAccessTag() and
+    opcode instanceof Opcode::VariableAddress and
+    resultType = getTypeForGLValue(this.getReferenceType())
+    or
+    tag = LoadTag() and
+    opcode instanceof Opcode::Load and
+    resultType = getTypeForPRValue(this.getReferenceType())
+  }
+
+  private Type getReferenceType() {
+    result.(ReferenceType).getBaseType() = expr.getUnderlyingType()
+  }
+
+  override Instruction getInstructionRegisterOperand(InstructionTag tag, OperandTag operandTag) {
+    tag = LoadTag() and
+    operandTag instanceof AddressOperandTag and
+    result = this.getInstruction(StructuredBindingAccessTag())
+  }
+
+  override IRVariable getInstructionVariable(InstructionTag tag) {
+    tag = StructuredBindingAccessTag() and
+    result = getIRUserVariable(expr.getEnclosingFunction(), expr.getTarget())
+  }
+}
+
 class TranslatedFunctionAccess extends TranslatedNonConstantExpr {
   override FunctionAccess expr;
 
diff --git a/cpp/ql/test/library-tests/ir/ir/operand_locations.expected b/cpp/ql/test/library-tests/ir/ir/operand_locations.expected
@@ -6694,16 +6694,22 @@
 | ir.cpp:1466:26:1466:27 | StoreValue | r1466_3 |
 | ir.cpp:1466:26:1466:27 | Unary | r1466_2 |
 | ir.cpp:1467:9:1467:10 | Address | &:r1467_2 |
-| ir.cpp:1467:9:1467:14 | ChiPartial | partial:m1467_3 |
-| ir.cpp:1467:9:1467:14 | ChiTotal | total:m0_14 |
+| ir.cpp:1467:9:1467:10 | Address | &:r1467_3 |
+| ir.cpp:1467:9:1467:10 | Load | m0_14 |
+| ir.cpp:1467:9:1467:14 | ChiPartial | partial:m1467_4 |
+| ir.cpp:1467:9:1467:14 | ChiTotal | total:m1463_12 |
 | ir.cpp:1467:14:1467:14 | StoreValue | r1467_1 |
 | ir.cpp:1468:14:1468:16 | Address | &:r1468_1 |
-| ir.cpp:1468:20:1468:21 | StoreValue | r1468_3 |
-| ir.cpp:1468:20:1468:21 | Unary | r1468_2 |
+| ir.cpp:1468:20:1468:21 | Address | &:r1468_2 |
+| ir.cpp:1468:20:1468:21 | Load | m0_14 |
+| ir.cpp:1468:20:1468:21 | StoreValue | r1468_4 |
+| ir.cpp:1468:20:1468:21 | Unary | r1468_3 |
 | ir.cpp:1469:13:1469:13 | Address | &:r1469_1 |
 | ir.cpp:1469:17:1469:18 | Address | &:r1469_2 |
-| ir.cpp:1469:17:1469:18 | Load | m1467_3 |
-| ir.cpp:1469:17:1469:18 | StoreValue | r1469_3 |
+| ir.cpp:1469:17:1469:18 | Address | &:r1469_3 |
+| ir.cpp:1469:17:1469:18 | Load | m0_14 |
+| ir.cpp:1469:17:1469:18 | Load | m1467_4 |
+| ir.cpp:1469:17:1469:18 | StoreValue | r1469_4 |
 | ir.cpp:1473:15:1473:36 | Address | &:r1473_1 |
 | ir.cpp:1473:40:1473:41 | StoreValue | r1473_3 |
 | ir.cpp:1473:40:1473:41 | Unary | r1473_2 |
@@ -6730,7 +6736,7 @@
 | ir.cpp:1476:9:1476:10 | Load | m1475_9 |
 | ir.cpp:1476:9:1476:10 | Unary | r1476_3 |
 | ir.cpp:1476:9:1476:14 | ChiPartial | partial:m1476_5 |
-| ir.cpp:1476:9:1476:14 | ChiTotal | total:m1463_12 |
+| ir.cpp:1476:9:1476:14 | ChiTotal | total:m1467_5 |
 | ir.cpp:1476:14:1476:14 | StoreValue | r1476_1 |
 | ir.cpp:1477:14:1477:16 | Address | &:r1477_1 |
 | ir.cpp:1477:20:1477:21 | Address | &:r1477_2 |
@@ -6809,35 +6815,53 @@
 | ir.cpp:1503:47:1503:47 | Unary | r1503_34 |
 | ir.cpp:1503:47:1503:47 | Unary | r1503_38 |
 | ir.cpp:1504:9:1504:9 | Address | &:r1504_2 |
+| ir.cpp:1504:9:1504:9 | Address | &:r1504_3 |
+| ir.cpp:1504:9:1504:9 | Load | m1503_12 |
+| ir.cpp:1504:9:1504:15 | ChiPartial | partial:m1504_4 |
+| ir.cpp:1504:9:1504:15 | ChiTotal | total:m1503_4 |
 | ir.cpp:1504:13:1504:15 | StoreValue | r1504_1 |
 | ir.cpp:1505:17:1505:18 | Address | &:r1505_1 |
-| ir.cpp:1505:22:1505:22 | StoreValue | r1505_3 |
-| ir.cpp:1505:22:1505:22 | Unary | r1505_2 |
+| ir.cpp:1505:22:1505:22 | Address | &:r1505_2 |
+| ir.cpp:1505:22:1505:22 | Load | m1503_12 |
+| ir.cpp:1505:22:1505:22 | StoreValue | r1505_4 |
+| ir.cpp:1505:22:1505:22 | Unary | r1505_3 |
 | ir.cpp:1506:13:1506:13 | Address | &:r1506_1 |
 | ir.cpp:1506:17:1506:17 | Address | &:r1506_2 |
-| ir.cpp:1506:17:1506:17 | Load | ~m1503_8 |
-| ir.cpp:1506:17:1506:17 | StoreValue | r1506_3 |
+| ir.cpp:1506:17:1506:17 | Address | &:r1506_3 |
+| ir.cpp:1506:17:1506:17 | Load | m1503_8 |
+| ir.cpp:1506:17:1506:17 | Load | ~m1503_4 |
+| ir.cpp:1506:17:1506:17 | StoreValue | r1506_4 |
 | ir.cpp:1507:9:1507:9 | Address | &:r1507_2 |
-| ir.cpp:1507:9:1507:13 | ChiPartial | partial:m1507_3 |
-| ir.cpp:1507:9:1507:13 | ChiTotal | total:m1503_22 |
+| ir.cpp:1507:9:1507:9 | Address | &:r1507_3 |
+| ir.cpp:1507:9:1507:9 | Load | m1503_22 |
+| ir.cpp:1507:9:1507:13 | ChiPartial | partial:m1507_4 |
+| ir.cpp:1507:9:1507:13 | ChiTotal | total:m1500_6 |
 | ir.cpp:1507:13:1507:13 | StoreValue | r1507_1 |
-| ir.cpp:1508:9:1508:10 | Address | &:r1508_4 |
-| ir.cpp:1508:9:1508:14 | ChiPartial | partial:m1508_5 |
-| ir.cpp:1508:9:1508:14 | ChiTotal | total:m1503_4 |
+| ir.cpp:1508:9:1508:10 | Address | &:r1508_5 |
+| ir.cpp:1508:9:1508:14 | ChiPartial | partial:m1508_6 |
+| ir.cpp:1508:9:1508:14 | ChiTotal | total:m1507_5 |
 | ir.cpp:1508:10:1508:10 | Address | &:r1508_2 |
+| ir.cpp:1508:10:1508:10 | Address | &:r1508_3 |
 | ir.cpp:1508:10:1508:10 | Load | m1503_26 |
-| ir.cpp:1508:10:1508:10 | Unary | r1508_3 |
+| ir.cpp:1508:10:1508:10 | Load | ~m1503_4 |
+| ir.cpp:1508:10:1508:10 | Unary | r1508_4 |
 | ir.cpp:1508:14:1508:14 | StoreValue | r1508_1 |
 | ir.cpp:1509:14:1509:15 | Address | &:r1509_1 |
-| ir.cpp:1509:19:1509:19 | StoreValue | r1509_3 |
-| ir.cpp:1509:19:1509:19 | Unary | r1509_2 |
+| ir.cpp:1509:19:1509:19 | Address | &:r1509_2 |
+| ir.cpp:1509:19:1509:19 | Load | m1503_22 |
+| ir.cpp:1509:19:1509:19 | StoreValue | r1509_4 |
+| ir.cpp:1509:19:1509:19 | Unary | r1509_3 |
 | ir.cpp:1510:14:1510:15 | Address | &:r1510_1 |
-| ir.cpp:1510:19:1510:20 | StoreValue | r1510_3 |
-| ir.cpp:1510:20:1510:20 | Unary | r1510_2 |
+| ir.cpp:1510:19:1510:20 | StoreValue | r1510_4 |
+| ir.cpp:1510:20:1510:20 | Address | &:r1510_2 |
+| ir.cpp:1510:20:1510:20 | Load | m1503_22 |
+| ir.cpp:1510:20:1510:20 | Unary | r1510_3 |
 | ir.cpp:1511:13:1511:13 | Address | &:r1511_1 |
 | ir.cpp:1511:17:1511:17 | Address | &:r1511_2 |
-| ir.cpp:1511:17:1511:17 | Load | m1507_3 |
-| ir.cpp:1511:17:1511:17 | StoreValue | r1511_3 |
+| ir.cpp:1511:17:1511:17 | Address | &:r1511_3 |
+| ir.cpp:1511:17:1511:17 | Load | m1503_22 |
+| ir.cpp:1511:17:1511:17 | Load | ~m1508_7 |
+| ir.cpp:1511:17:1511:17 | StoreValue | r1511_4 |
 | ir.cpp:1515:14:1515:35 | Address | &:r1515_1 |
 | ir.cpp:1515:39:1515:39 | Address | &:r1515_2 |
 | ir.cpp:1515:39:1515:39 | Load | m1500_8 |
@@ -6885,7 +6909,7 @@
 | ir.cpp:1524:9:1524:9 | Load | m1519_7 |
 | ir.cpp:1524:9:1524:9 | Unary | r1524_3 |
 | ir.cpp:1524:9:1524:13 | ChiPartial | partial:m1524_5 |
-| ir.cpp:1524:9:1524:13 | ChiTotal | total:m1500_6 |
+| ir.cpp:1524:9:1524:13 | ChiTotal | total:m1508_7 |
 | ir.cpp:1524:13:1524:13 | StoreValue | r1524_1 |
 | ir.cpp:1525:9:1525:10 | Address | &:r1525_5 |
 | ir.cpp:1525:9:1525:14 | ChiPartial | partial:m1525_6 |
diff --git a/cpp/ql/test/library-tests/ir/ir/raw_ir.expected b/cpp/ql/test/library-tests/ir/ir/raw_ir.expected
