-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathIR.qll
More file actions
1598 lines (1259 loc) · 51.3 KB
/
IR.qll
File metadata and controls
1598 lines (1259 loc) · 51.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
/**
* Provides classes and predicates for working with an intermediate representation (IR) of Go
* programs that is used as the foundation of the control flow and data flow graphs.
*
* In the IR, the program is represented as a set of instructions, which correspond to expressions
* and statements that compute a value or perform an operation (as opposed to providing syntactic
* structure or type information).
*
* Each instruction is also a control-flow node, but there are control-flow nodes that are not
* instructions (synthetic entry and exit nodes, as well as no-op skip nodes).
*/
overlay[local]
module;
import go
private import semmle.go.controlflow.ControlFlowGraphImpl
/** Provides predicates and classes for working with IR constructs. */
module IR {
/**
* An IR instruction.
*/
class Instruction extends ControlFlow::Node {
Instruction() {
this instanceof MkExprNode or
this instanceof MkLiteralElementInitNode or
this instanceof MkImplicitLiteralElementIndex or
this instanceof MkAssignNode or
this instanceof MkCompoundAssignRhsNode or
this instanceof MkExtractNode or
this instanceof MkZeroInitNode or
this instanceof MkFuncDeclNode or
this instanceof MkDeferNode or
this instanceof MkGoNode or
this instanceof MkConditionGuardNode or
this instanceof MkIncDecNode or
this instanceof MkIncDecRhs or
this instanceof MkImplicitOne or
this instanceof MkReturnNode or
this instanceof MkResultWriteNode or
this instanceof MkResultReadNode or
this instanceof MkSelectNode or
this instanceof MkSendNode or
this instanceof MkParameterInit or
this instanceof MkArgumentNode or
this instanceof MkResultInit or
this instanceof MkNextNode or
this instanceof MkImplicitTrue or
this instanceof MkCaseCheckNode or
this instanceof MkTypeSwitchImplicitVariable or
this instanceof MkImplicitLowerSliceBound or
this instanceof MkImplicitUpperSliceBound or
this instanceof MkImplicitMaxSliceBound or
this instanceof MkImplicitDeref or
this instanceof MkImplicitFieldSelection
}
/** Holds if this instruction reads the value of variable or constant `v`. */
predicate reads(ValueEntity v) { this.readsField(_, v) or this.readsMethod(_, v) }
/** Holds if this instruction updates variable or constant `v` to the value of `rhs`. */
predicate writes(ValueEntity v, Instruction rhs) { this.writesField(_, v, rhs) }
/** Holds if this instruction reads the value of field `f` on the value of `base`. */
predicate readsField(Instruction base, Field f) { none() }
/** Holds if this instruction updates the value of field `f` on the value of `base`. */
predicate writesField(Instruction base, Field f, Instruction rhs) { none() }
/** Holds if this instruction looks up method `m` on the value of `receiver`. */
predicate readsMethod(Instruction receiver, Method m) { none() }
/** Holds if this instruction reads the value of element `index` on the value of `base`. */
predicate readsElement(Instruction base, Instruction index) { none() }
/** Holds if this instruction updates the value of element `index` on the value of `base`. */
predicate writesElement(Instruction base, Instruction index) { none() }
/** Gets the type of the result of this instruction, if any. */
Type getResultType() { none() }
/** Gets the float value of the result of this instruction, if it can be determined. */
float getFloatValue() { none() }
/** Gets the int value of the result of this instruction, if it can be determined. */
int getIntValue() { none() }
/**
* Holds if the complex value of the result of this instruction has real part `real` and
* imaginary part `imag`.
*/
predicate hasComplexValue(float real, float imag) { none() }
/** Gets either `getFloatValue` or `getIntValue` */
float getNumericValue() { result = this.getFloatValue() or result = this.getIntValue() }
/**
* Gets the string representation of the exact value of the result of this instruction,
* if any.
*
* For example, for the constant 3.141592653589793238462, this will
* result in 1570796326794896619231/500000000000000000000
*/
string getExactValue() { none() }
/** Gets the string value of the result of this instruction, if it can be determined. */
string getStringValue() { none() }
/** Gets the Boolean value of the result of this instruction, if it can be determined. */
boolean getBoolValue() { none() }
/** Holds if the result of this instruction is known at compile time. */
predicate isConst() { none() }
/**
* Holds if the result of this instruction is known at compile time, and is guaranteed not to
* depend on the platform where it is evaluated.
*/
predicate isPlatformIndependentConstant() { none() }
/** Gets a textual representation of the kind of this instruction. */
string getInsnKind() {
this instanceof MkExprNode and result = "expression"
or
this instanceof MkLiteralElementInitNode and result = "element init"
or
this instanceof MkImplicitLiteralElementIndex and result = "element index"
or
this instanceof MkAssignNode and result = "assignment"
or
this instanceof MkCompoundAssignRhsNode and result = "right-hand side of compound assignment"
or
this instanceof MkExtractNode and result = "tuple element extraction"
or
this instanceof MkZeroInitNode and result = "zero value"
or
this instanceof MkFuncDeclNode and result = "function declaration"
or
this instanceof MkDeferNode and result = "defer"
or
this instanceof MkGoNode and result = "go"
or
this instanceof MkConditionGuardNode and result = "condition guard"
or
this instanceof MkIncDecNode and result = "increment/decrement"
or
this instanceof MkIncDecRhs and result = "right-hand side of increment/decrement"
or
this instanceof MkImplicitOne and result = "implicit 1"
or
this instanceof MkReturnNode and result = "return"
or
this instanceof MkResultWriteNode and result = "result write"
or
this instanceof MkResultReadNode and result = "result read"
or
this instanceof MkSelectNode and result = "select"
or
this instanceof MkSendNode and result = "send"
or
this instanceof MkParameterInit and result = "parameter initialization"
or
this instanceof MkArgumentNode and result = "argument"
or
this instanceof MkResultInit and result = "result initialization"
or
this instanceof MkNextNode and result = "next key-value pair"
or
this instanceof MkImplicitTrue and result = "implicit true"
or
this instanceof MkCaseCheckNode and result = "case"
or
this instanceof MkTypeSwitchImplicitVariable and
result = "type switch implicit variable declaration"
or
this instanceof MkImplicitLowerSliceBound and result = "implicit lower bound"
or
this instanceof MkImplicitUpperSliceBound and result = "implicit upper bound"
or
this instanceof MkImplicitMaxSliceBound and result = "implicit maximum"
or
this instanceof MkImplicitDeref and result = "implicit dereference"
or
this instanceof MkImplicitFieldSelection and result = "implicit field selection"
}
}
/**
* An IR instruction representing the evaluation of an expression.
*/
class EvalInstruction extends Instruction, MkExprNode {
Expr e;
EvalInstruction() { this = MkExprNode(e) }
/** Gets the expression underlying this instruction. */
Expr getExpr() { result = e }
override predicate reads(ValueEntity v) { e = v.getAReference() }
override Type getResultType() { result = e.getType() }
override ControlFlow::Root getRoot() { result.isRootOf(e) }
override float getFloatValue() { result = e.getFloatValue() }
override int getIntValue() { result = e.getIntValue() }
override predicate hasComplexValue(float real, float imag) { e.hasComplexValue(real, imag) }
override string getExactValue() { result = e.getExactValue() }
override string getStringValue() { result = e.getStringValue() }
override boolean getBoolValue() { result = e.getBoolValue() }
override predicate isConst() { e.isConst() }
override predicate isPlatformIndependentConstant() { e.isPlatformIndependentConstant() }
override string toString() { result = e.toString() }
override Location getLocation() { result = e.getLocation() }
}
/**
* An IR instruction that reads the value of a variable, constant, field or array element,
* or refers to a function.
*/
class ReadInstruction extends Instruction {
ReadInstruction() {
exists(Expr e | e = this.(EvalInstruction).getExpr() |
(e instanceof ValueName or e instanceof IndexExpr) and
e.(ReferenceExpr).isRvalue()
)
or
this instanceof ReadResultInstruction
or
this instanceof MkImplicitFieldSelection
}
}
/**
* Gets the effective base of a selector, index or slice expression, taking implicit dereferences
* and implicit field reads into account.
*
* For a selector expression `b.f`, this could be the implicit dereference `*b`, or the implicit
* field access `b.Embedded` if the field `f` is promoted from an embedded type `Embedded`, or a
* combination of both `*(b.Embedded)`, or simply `b` if neither case applies.
*/
private Instruction selectorBase(Expr e) {
exists(ImplicitFieldReadInstruction fri | fri.getSelectorExpr() = e and fri.getIndex() = 1 |
result = fri
)
or
not exists(ImplicitFieldReadInstruction fri | fri.getSelectorExpr() = e and fri.getIndex() = 1) and
exists(Expr base |
base = e.(SelectorExpr).getBase()
or
base = e.(IndexExpr).getBase()
or
base = e.(SliceExpr).getBase()
|
result = MkImplicitDeref(base)
or
not exists(MkImplicitDeref(base)) and
result = evalExprInstruction(base)
)
}
/**
* An IR instruction that reads a component from a composite object.
*
* This is either a field of a struct, or an element of an array, map, slice or string.
*/
class ComponentReadInstruction extends ReadInstruction {
ComponentReadInstruction() {
exists(Expr e | e = this.(EvalInstruction).getExpr() |
e instanceof IndexExpr
or
e.(SelectorExpr).getBase() instanceof ValueExpr and
not e.(SelectorExpr).getSelector() = any(Method method).getAReference()
)
or
this instanceof MkImplicitFieldSelection
}
/** Gets the instruction computing the base value on which the field or element is read. */
Instruction getBase() {
result = this.(ImplicitFieldReadInstruction).getBaseInstruction()
or
result = selectorBase(this.(EvalInstruction).getExpr())
}
}
/**
* An IR instruction that reads the value of a field.
*
* On databases with incomplete type information, method expressions may sometimes be
* misclassified as field reads.
*/
class FieldReadInstruction extends ComponentReadInstruction {
SelectorExpr e;
int index;
Field field;
FieldReadInstruction() {
e = this.(EvalInstruction).getExpr() and
index = 0 and
field.getAReference() = e.getSelector()
or
this = MkImplicitFieldSelection(e, index, field)
}
/** Gets the `SelectorExpr` of this field read. */
SelectorExpr getSelectorExpr() { result = e }
/** Gets the index of this field read. */
int getIndex() { result = index }
/** Gets the field being read. */
Field getField() { result = field }
Instruction getBaseInstruction() {
exists(ImplicitFieldReadInstruction fri |
fri.getSelectorExpr() = e and fri.getIndex() = pragma[only_bind_into](index + 1)
|
result = fri
)
or
not exists(ImplicitFieldReadInstruction fri |
fri.getSelectorExpr() = e and fri.getIndex() = pragma[only_bind_into](index + 1)
) and
(
result = MkImplicitDeref(e.getBase())
or
not exists(MkImplicitDeref(e.getBase())) and
result = evalExprInstruction(e.getBase())
)
}
override predicate readsField(Instruction base, Field f) {
base = this.getBaseInstruction() and f = field
}
}
/**
* An IR instruction for an implicit field read as part of reading a
* promoted field.
*
* If the field that is being implicitly read has a pointer type then this
* instruction represents an implicit dereference of it.
*/
class ImplicitFieldReadInstruction extends FieldReadInstruction, MkImplicitFieldSelection {
ImplicitFieldReadInstruction() { this = MkImplicitFieldSelection(e, index, field) }
override predicate reads(ValueEntity v) { v = field }
override Type getResultType() { result = lookThroughPointerType(field.getType()) }
override ControlFlow::Root getRoot() { result.isRootOf(e) }
override string toString() { result = "implicit read of field " + field.toString() }
override Location getLocation() { result = e.getBase().getLocation() }
}
/**
* An IR instruction that looks up a method.
*/
class MethodReadInstruction extends ReadInstruction, EvalInstruction {
Method method;
override SelectorExpr e;
MethodReadInstruction() { e.getSelector() = method.getAReference() }
/** Gets the instruction computing the receiver value on which the method is looked up. */
Instruction getReceiver() { result = selectorBase(e) }
/** Gets the method being looked up. */
Method getMethod() { result = method }
override predicate readsMethod(Instruction receiver, Method m) {
receiver = this.getReceiver() and m = this.getMethod()
}
}
/**
* An IR instruction that reads an element of an array, slice, map or string.
*/
class ElementReadInstruction extends ComponentReadInstruction, EvalInstruction {
override IndexExpr e;
/** Gets the instruction computing the index of the element being looked up. */
Instruction getIndex() { result = evalExprInstruction(e.getIndex()) }
override predicate readsElement(Instruction base, Instruction index) {
base = this.getBase() and index = this.getIndex()
}
}
/**
* An IR instruction that constructs a slice.
*/
class SliceInstruction extends EvalInstruction {
override SliceExpr e;
/** Gets the instruction computing the base value from which the slice is constructed. */
Instruction getBase() { result = selectorBase(e) }
/** Gets the instruction computing the lower bound of the slice. */
Instruction getLow() {
result = evalExprInstruction(e.getLow()) or
result = implicitLowerSliceBoundInstruction(e)
}
/** Gets the instruction computing the upper bound of the slice. */
Instruction getHigh() {
result = evalExprInstruction(e.getHigh()) or
result = implicitUpperSliceBoundInstruction(e)
}
/** Gets the instruction computing the capacity of the slice. */
Instruction getMax() {
result = evalExprInstruction(e.getMax()) or
result = implicitMaxSliceBoundInstruction(e)
}
}
/**
* An IR instruction that writes a memory location.
*/
class WriteInstruction extends Instruction {
WriteTarget lhs;
Boolean initialization;
WriteInstruction() {
(
lhs = MkLhs(this, _)
or
lhs = MkResultWriteTarget(this)
) and
initialization = false
or
lhs = MkLiteralElementTarget(this) and initialization = true
}
/** Gets the target to which this instruction writes. */
WriteTarget getLhs() { result = lhs }
/** Holds if this instruction initializes a literal. */
predicate isInitialization() { initialization = true }
/** Gets the instruction computing the value this instruction writes. */
Instruction getRhs() { none() }
override predicate writes(ValueEntity v, Instruction rhs) {
this.getLhs().refersTo(v) and
rhs = this.getRhs()
}
}
/**
* An IR instruction that initializes a component of a composite literal.
*/
class InitLiteralComponentInstruction extends WriteInstruction, MkLiteralElementInitNode {
CompositeLit lit;
int i;
Expr elt;
InitLiteralComponentInstruction() {
this = MkLiteralElementInitNode(elt) and elt = lit.getElement(i)
}
/** Gets the instruction allocating the composite literal. */
Instruction getBase() { result = evalExprInstruction(lit) }
override Instruction getRhs() {
result = evalExprInstruction(elt) or
result = evalExprInstruction(elt.(KeyValueExpr).getValue())
}
override ControlFlow::Root getRoot() { result.isRootOf(elt) }
override string toString() { result = "init of " + elt }
override Location getLocation() { result = elt.getLocation() }
}
/**
* An IR instruction that initializes a field of a struct literal.
*/
class InitLiteralStructFieldInstruction extends InitLiteralComponentInstruction {
override StructLit lit;
/** Gets the name of the initialized field. */
pragma[nomagic]
string getFieldName() {
if elt instanceof KeyValueExpr
then result = elt.(KeyValueExpr).getKey().(Ident).getName()
else pragma[only_bind_out](lit.getStructType()).hasOwnField(i, result, _, _)
}
/** Gets the initialized field. */
Field getField() {
result.getDeclaringType() = lit.getStructType() and
result.getName() = this.getFieldName()
}
}
/**
* An IR instruction that initializes an element of an array, slice or map literal.
*/
class InitLiteralElementInstruction extends InitLiteralComponentInstruction {
Type literalType;
InitLiteralElementInstruction() {
literalType = lit.getType().getUnderlyingType() and
(
literalType instanceof ArrayType or
literalType instanceof SliceType or
literalType instanceof MapType
)
}
/** Gets the instruction computing the index of the initialized element. */
Instruction getIndex() {
result = evalExprInstruction(elt.(KeyValueExpr).getKey())
or
result = MkImplicitLiteralElementIndex(elt)
}
}
/**
* An IR instruction that initializes an element of an array literal.
*/
class InitLiteralArrayElementInstruction extends InitLiteralElementInstruction {
override ArrayType literalType;
}
/**
* An IR instruction that initializes an element of a slice literal.
*/
class InitLiteralSliceElementInstruction extends InitLiteralElementInstruction {
override SliceType literalType;
}
/**
* An IR instruction that initializes an element of a map literal.
*/
class InitLiteralMapElementInstruction extends InitLiteralElementInstruction {
override MapType literalType;
}
/**
* An IR instruction that writes to a field.
*/
class FieldWriteInstruction extends WriteInstruction {
override FieldTarget lhs;
/** Gets the instruction computing the base value on which the field is written. */
Instruction getBase() { result = lhs.getBase() }
/** Gets the field being written. */
Field getField() { result = lhs.getField() }
override predicate writesField(Instruction base, Field f, Instruction rhs) {
this.getBase() = base and
this.getField() = f and
this.getRhs() = rhs
}
}
/**
* An IR instruction that writes to an element of an array, slice, or map.
*/
class ElementWriteInstruction extends WriteInstruction {
override ElementTarget lhs;
/** Gets the instruction computing the base value on which the field is written. */
Instruction getBase() { result = lhs.getBase() }
/** Gets the instruction computing the element index being written. */
Instruction getIndex() { result = lhs.getIndex() }
override predicate writesElement(Instruction base, Instruction index) {
this.getBase() = base and
this.getIndex() = index
}
}
/** Holds if `lit` does not specify any explicit keys. */
private predicate noExplicitKeys(CompositeLit lit) {
not lit.getAnElement() instanceof KeyValueExpr
}
/** Gets the index of the `i`th element in (array or slice) literal `lit`. */
private int getElementIndex(CompositeLit lit, int i) {
(
lit.getType().getUnderlyingType() instanceof ArrayType or
lit.getType().getUnderlyingType() instanceof SliceType
) and
exists(Expr elt | elt = lit.getElement(i) |
// short-circuit computation for literals without any explicit keys
noExplicitKeys(lit) and result = i
or
result = elt.(KeyValueExpr).getKey().getIntValue()
or
not elt instanceof KeyValueExpr and
(
i = 0 and result = 0
or
result = getElementIndex(lit, i - 1) + 1
)
)
}
/**
* An IR instruction computing the implicit index of an element in an array or slice literal.
*/
class ImplicitLiteralElementIndexInstruction extends Instruction, MkImplicitLiteralElementIndex {
Expr elt;
ImplicitLiteralElementIndexInstruction() { this = MkImplicitLiteralElementIndex(elt) }
override Type getResultType() { result instanceof IntType }
override ControlFlow::Root getRoot() { result.isRootOf(elt) }
override int getIntValue() {
exists(CompositeLit lit, int i | elt = lit.getElement(i) | result = getElementIndex(lit, i))
}
override string getStringValue() { none() }
override string getExactValue() { result = this.getIntValue().toString() }
override predicate isPlatformIndependentConstant() { any() }
override predicate isConst() { any() }
override string toString() { result = "element index" }
override Location getLocation() { result = elt.getLocation() }
}
/**
* An instruction assigning to a variable or field.
*/
class AssignInstruction extends WriteInstruction, MkAssignNode {
AstNode assgn;
int i;
AssignInstruction() { this = MkAssignNode(assgn, i) }
override Instruction getRhs() {
exists(SimpleAssignStmt a | a = assgn |
a.getNumLhs() = a.getNumRhs() and
result = evalExprInstruction(a.getRhs(i))
)
or
exists(ValueSpec spec | spec = assgn |
spec.getNumName() = spec.getNumInit() and
result = evalExprInstruction(spec.getInit(i))
or
result = MkZeroInitNode(any(ValueEntity v | spec.getNameExpr(i) = v.getDeclaration()))
)
or
result = MkCompoundAssignRhsNode(assgn)
or
result = MkExtractNode(assgn, i)
}
override ControlFlow::Root getRoot() { result.isRootOf(assgn) }
override string toString() { result = "assignment to " + this.getLhs() }
override Location getLocation() { result = this.getLhs().getLocation() }
}
/** An instruction computing the value of the right-hand side of a compound assignment. */
class EvalCompoundAssignRhsInstruction extends Instruction, MkCompoundAssignRhsNode {
CompoundAssignStmt assgn;
EvalCompoundAssignRhsInstruction() { this = MkCompoundAssignRhsNode(assgn) }
/** Gets the underlying assignment of this instruction. */
CompoundAssignStmt getAssignment() { result = assgn }
override Type getResultType() { result = assgn.getRhs().getType() }
override ControlFlow::Root getRoot() { result.isRootOf(assgn) }
override string toString() { result = assgn.toString() }
override Location getLocation() { result = assgn.getLocation() }
}
/**
* An instruction selecting one of multiple values returned by a function, or either the key
* or the value of the iterator in a range loop, or the result or success value from a type
* assertion.
*/
class ExtractTupleElementInstruction extends Instruction, MkExtractNode {
AstNode s;
int i;
ExtractTupleElementInstruction() { this = MkExtractNode(s, i) }
/** Gets the instruction computing the tuple value from which one value is extracted. */
Instruction getBase() {
exists(Expr baseExpr |
baseExpr = s.(Assignment).getRhs() or
baseExpr = s.(ValueSpec).getInit()
|
result = evalExprInstruction(baseExpr)
)
or
result = MkNextNode(s)
or
result = evalExprInstruction(s.(ReturnStmt).getExpr())
or
result = evalExprInstruction(s.(CallExpr).getArgument(0).stripParens())
}
/** Holds if this extracts the `idx`th value of the result of `base`. */
predicate extractsElement(Instruction base, int idx) { base = this.getBase() and idx = i }
override Type getResultType() {
exists(Expr e | this.getBase() = evalExprInstruction(e) |
result = e.getType().(TupleType).getComponentType(pragma[only_bind_into](i))
)
or
exists(Type rangeType | rangeType = s.(RangeStmt).getDomain().getType().getUnderlyingType() |
exists(Type baseType |
baseType = rangeType.(ArrayType).getElementType() or
baseType =
rangeType.(PointerType).getBaseType().getUnderlyingType().(ArrayType).getElementType() or
baseType = rangeType.(SliceType).getElementType()
|
i = 0 and
result instanceof IntType
or
i = 1 and
result = baseType
)
or
rangeType instanceof StringType and
(
i = 0 and
result instanceof IntType
or
result = Builtin::rune().getType()
)
or
exists(MapType map | map = rangeType |
i = 0 and
result = map.getKeyType()
or
i = 1 and
result = map.getValueType()
)
or
i = 0 and
result = rangeType.(RecvChanType).getElementType()
or
i = 0 and
result = rangeType.(SendRecvChanType).getElementType()
)
}
override ControlFlow::Root getRoot() { result.isRootOf(s) }
override string toString() { result = s + "[" + i + "]" }
override Location getLocation() { result = s.getLocation() }
}
/**
* An instruction that computes the zero value for a variable or constant.
*/
class EvalImplicitInitInstruction extends Instruction, MkZeroInitNode {
ValueEntity v;
EvalImplicitInitInstruction() { this = MkZeroInitNode(v) }
override Type getResultType() { result = v.getType() }
override ControlFlow::Root getRoot() { result.isRootOf(v.getDeclaration()) }
override int getIntValue() {
v.getType().getUnderlyingType() instanceof IntegerType and result = 0
}
override float getFloatValue() {
v.getType().getUnderlyingType() instanceof FloatType and result = 0.0
}
override string getStringValue() {
v.getType().getUnderlyingType() instanceof StringType and result = ""
}
override boolean getBoolValue() {
v.getType().getUnderlyingType() instanceof BoolType and result = false
}
override string getExactValue() {
result = this.getIntValue().toString() or
result = this.getFloatValue().toString() or
result = this.getStringValue().toString() or
result = this.getBoolValue().toString()
}
override predicate isConst() { any() }
override predicate isPlatformIndependentConstant() { any() }
override string toString() { result = "zero value for " + v }
override Location getLocation() { result = v.getDeclaration().getLocation() }
}
/**
* An instruction that corresponds to the declaration of a function.
*/
class DeclareFunctionInstruction extends Instruction, MkFuncDeclNode {
FuncDecl fd;
DeclareFunctionInstruction() { this = MkFuncDeclNode(fd) }
override Type getResultType() { result = fd.getType() }
override string toString() { result = fd.toString() }
override Location getLocation() { result = fd.getLocation() }
}
/**
* An instruction that corresponds to a `defer` statement.
*/
class DeferInstruction extends Instruction, MkDeferNode {
DeferStmt defer;
DeferInstruction() { this = MkDeferNode(defer) }
override ControlFlow::Root getRoot() { result.isRootOf(defer) }
override string toString() { result = defer.toString() }
override Location getLocation() { result = defer.getLocation() }
}
/**
* An instruction that corresponds to a `go` statement.
*/
class GoInstruction extends Instruction, MkGoNode {
GoStmt go;
GoInstruction() { this = MkGoNode(go) }
override ControlFlow::Root getRoot() { result.isRootOf(go) }
override string toString() { result = go.toString() }
override Location getLocation() { result = go.getLocation() }
}
/**
* An instruction that corresponds to an increment or decrement statement.
*/
class IncDecInstruction extends WriteInstruction, MkIncDecNode {
IncDecStmt ids;
IncDecInstruction() { this = MkIncDecNode(ids) }
override Instruction getRhs() { result = MkIncDecRhs(ids) }
override ControlFlow::Root getRoot() { result.isRootOf(ids) }
override string toString() { result = ids.toString() }
override Location getLocation() { result = ids.getLocation() }
}
/**
* An instruction that computes the (implicit) right-hand side of an increment or
* decrement statement.
*/
class EvalIncDecRhsInstruction extends Instruction, MkIncDecRhs {
IncDecStmt ids;
EvalIncDecRhsInstruction() { this = MkIncDecRhs(ids) }
/** Gets the corresponding increment or decrement statement. */
IncDecStmt getStmt() { result = ids }
override Type getResultType() { result = ids.getOperand().getType() }
override ControlFlow::Root getRoot() { result.isRootOf(ids) }
override string toString() { result = "rhs of " + ids }
override Location getLocation() { result = ids.getLocation() }
}
/**
* An instruction computing the implicit operand `1` in an increment or decrement statement.
*/
class EvalImplicitOneInstruction extends Instruction, MkImplicitOne {
IncDecStmt ids;
EvalImplicitOneInstruction() { this = MkImplicitOne(ids) }
/** Gets the corresponding increment or decrement statement. */
IncDecStmt getStmt() { result = ids }
override Type getResultType() { result = ids.getOperand().getType() }
override ControlFlow::Root getRoot() { result.isRootOf(ids) }
override int getIntValue() { result = 1 }
override string getExactValue() { result = "1" }
override predicate isConst() { any() }
override predicate isPlatformIndependentConstant() { any() }
override string toString() { result = "1" }
override Location getLocation() { result = ids.getLocation() }
}
/**
* An instruction corresponding to a return from a function.
*/
class ReturnInstruction extends Instruction, MkReturnNode {
ReturnStmt ret;
ReturnInstruction() { this = MkReturnNode(ret) }
/** Gets the corresponding `ReturnStmt`. */
ReturnStmt getReturnStmt() { result = ret }
/** Holds if this statement returns multiple results. */
predicate returnsMultipleResults() { exists(MkExtractNode(ret, _)) or ret.getNumExpr() > 1 }
/** Gets the instruction whose result is the (unique) result returned by this statement. */
Instruction getResult() {
not this.returnsMultipleResults() and
result = evalExprInstruction(ret.getExpr())
}
/** Gets the instruction whose result is the `i`th result returned by this statement. */
Instruction getResult(int i) {
result = MkExtractNode(ret, i)
or
not exists(MkExtractNode(ret, _)) and
result = evalExprInstruction(ret.getExpr(i))
}
override ControlFlow::Root getRoot() { result.isRootOf(ret) }
override string toString() { result = ret.toString() }
override Location getLocation() { result = ret.getLocation() }
}
/**
* An instruction that represents the implicit assignment to a result variable
* performed by a return statement.
*/
class WriteResultInstruction extends WriteInstruction, MkResultWriteNode {
ResultVariable var;
int i;
ReturnInstruction ret;
WriteResultInstruction() {
exists(ReturnStmt retstmt |
this = MkResultWriteNode(var, i, retstmt) and
ret = MkReturnNode(retstmt)
)
}
override Instruction getRhs() { result = ret.getResult(i) }
/** Gets the result variable being assigned. */
ResultVariable getResultVariable() { result = var }
override Type getResultType() { result = var.getType() }
override ControlFlow::Root getRoot() { var = result.(FuncDef).getAResultVar() }
override string toString() { result = "implicit write of " + var }
override Location getLocation() { result = ret.getResult(i).getLocation() }
}
/**
* An instruction that reads the final value of a result variable upon returning