C++: IR DataFlow::Node.toString consistency

jbj · jbj · commit 7cfbe88e7bdd · 2019-09-13T14:33:31.000+02:00
The `toString` for IR data-flow nodes are now similar to AST data-flow
nodes. This should make it easier to use the IR as a drop-in replacement
in the future. There are still differences because the IR data flow
library takes conversions into account.

I did not attempt to align the new nodes we use for field flow. That can
come later, when we add field flow to IR data flow.
diff --git a/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
@@ -84,7 +84,11 @@ class Node extends TIRDataFlowNode {
     this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn)
   }
 
-  string toString() { result = instr.toString() }
+  string toString() {
+    // This predicate is overridden in subclasses. This default implementation
+    // does not use `Instruction.toString` because that's expensive to compute.
+    result = this.asInstruction().getOpcode().toString()
+  }
 }
 
 /**
@@ -106,6 +110,8 @@ class ExprNode extends Node {
    * expression may be a `Conversion`.
    */
   Expr getConvertedExpr() { result = this.asConvertedExpr() }
+
+  override string toString() { result = this.asConvertedExpr().toString() }
 }
 
 /**
@@ -122,6 +128,14 @@ class ParameterNode extends Node {
   predicate isParameterOf(Function f, int i) { f.getParameter(i) = instr.getParameter() }
 
   Parameter getParameter() { result = instr.getParameter() }
+
+  override string toString() { result = instr.getParameter().toString() }
+}
+
+private class ThisParameterNode extends Node {
+  override InitializeThisInstruction instr;
+
+  override string toString() { result = "this" }
 }
 
 /**
@@ -132,6 +146,8 @@ class UninitializedNode extends Node {
   override UninitializedInstruction instr;
 
   LocalVariable getLocalVariable() { result = instr.getLocalVariable() }
+
+  override string toString() { result = this.getLocalVariable().toString() }
 }
 
 /**
diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test_ir.expected b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test_ir.expected
@@ -1,44 +1,44 @@
-| acrossLinkTargets.cpp:12:8:12:8 | Convert: (int)... | acrossLinkTargets.cpp:19:27:19:32 | Call: call to source |
-| acrossLinkTargets.cpp:12:8:12:8 | Load: x | acrossLinkTargets.cpp:19:27:19:32 | Call: call to source |
-| clang.cpp:18:8:18:19 | Convert: (const int *)... | clang.cpp:12:9:12:20 | InitializeParameter: sourceArray1 |
-| clang.cpp:18:8:18:19 | Load: sourceArray1 | clang.cpp:12:9:12:20 | InitializeParameter: sourceArray1 |
-| clang.cpp:37:10:37:11 | Load: m2 | clang.cpp:34:32:34:37 | Call: call to source |
-| clang.cpp:41:18:41:19 | Load: m2 | clang.cpp:39:42:39:47 | Call: call to source |
-| clang.cpp:45:17:45:18 | Load: m2 | clang.cpp:43:35:43:40 | Call: call to source |
-| test.cpp:7:8:7:9 | Load: t1 | test.cpp:6:12:6:17 | Call: call to source |
-| test.cpp:9:8:9:9 | Load: t1 | test.cpp:6:12:6:17 | Call: call to source |
-| test.cpp:10:8:10:9 | Load: t2 | test.cpp:6:12:6:17 | Call: call to source |
-| test.cpp:15:8:15:9 | Load: t2 | test.cpp:6:12:6:17 | Call: call to source |
-| test.cpp:26:8:26:9 | Load: t1 | test.cpp:6:12:6:17 | Call: call to source |
-| test.cpp:30:8:30:8 | Load: t | test.cpp:35:10:35:15 | Call: call to source |
-| test.cpp:31:8:31:8 | Load: c | test.cpp:36:13:36:18 | Call: call to source |
-| test.cpp:58:10:58:10 | Load: t | test.cpp:50:14:50:19 | Call: call to source |
-| test.cpp:71:8:71:9 | Load: x4 | test.cpp:66:30:66:36 | InitializeParameter: source1 |
-| test.cpp:76:8:76:9 | Load: u1 | test.cpp:75:7:75:8 | Uninitialized: definition of u1 |
-| test.cpp:84:8:84:18 | Load: ... ? ... : ... | test.cpp:83:7:83:8 | Uninitialized: definition of u2 |
-| test.cpp:86:8:86:9 | Load: i1 | test.cpp:83:7:83:8 | Uninitialized: definition of u2 |
-| test.cpp:90:8:90:14 | Load: source1 | test.cpp:89:28:89:34 | InitializeParameter: source1 |
-| test.cpp:92:8:92:14 | Load: source1 | test.cpp:89:28:89:34 | InitializeParameter: source1 |
-| test.cpp:110:10:110:12 | Load: (reference dereference) | test.cpp:109:9:109:14 | Call: call to source |
-| test.cpp:140:8:140:8 | Load: y | test.cpp:138:27:138:32 | Call: call to source |
-| test.cpp:144:8:144:8 | Load: s | test.cpp:151:33:151:38 | Call: call to source |
-| test.cpp:152:8:152:8 | Load: y | test.cpp:151:33:151:38 | Call: call to source |
-| test.cpp:157:8:157:8 | Load: x | test.cpp:164:34:164:39 | Call: call to source |
-| test.cpp:165:8:165:8 | Load: y | test.cpp:164:34:164:39 | Call: call to source |
-| test.cpp:178:8:178:8 | Load: y | test.cpp:171:11:171:16 | Call: call to source |
-| test.cpp:260:12:260:12 | Load: x | test.cpp:245:14:245:19 | Call: call to source |
-| test.cpp:266:12:266:12 | Load: x | test.cpp:265:22:265:27 | Call: call to source |
-| test.cpp:289:14:289:14 | Load: x | test.cpp:305:17:305:22 | Call: call to source |
-| test.cpp:318:7:318:7 | Load: x | test.cpp:314:4:314:9 | Call: call to source |
-| test.cpp:450:9:450:22 | CopyValue: (statement expression) | test.cpp:449:26:449:32 | InitializeParameter: source1 |
-| test.cpp:461:8:461:12 | Load: local | test.cpp:449:26:449:32 | InitializeParameter: source1 |
-| true_upon_entry.cpp:13:8:13:8 | Load: x | true_upon_entry.cpp:9:11:9:16 | Call: call to source |
-| true_upon_entry.cpp:21:8:21:8 | Load: x | true_upon_entry.cpp:17:11:17:16 | Call: call to source |
-| true_upon_entry.cpp:29:8:29:8 | Load: x | true_upon_entry.cpp:27:9:27:14 | Call: call to source |
-| true_upon_entry.cpp:39:8:39:8 | Load: x | true_upon_entry.cpp:33:11:33:16 | Call: call to source |
-| true_upon_entry.cpp:49:8:49:8 | Load: x | true_upon_entry.cpp:43:11:43:16 | Call: call to source |
-| true_upon_entry.cpp:57:8:57:8 | Load: x | true_upon_entry.cpp:54:11:54:16 | Call: call to source |
-| true_upon_entry.cpp:66:8:66:8 | Load: x | true_upon_entry.cpp:62:11:62:16 | Call: call to source |
-| true_upon_entry.cpp:78:8:78:8 | Load: x | true_upon_entry.cpp:70:11:70:16 | Call: call to source |
-| true_upon_entry.cpp:86:8:86:8 | Load: x | true_upon_entry.cpp:83:11:83:16 | Call: call to source |
-| true_upon_entry.cpp:105:8:105:8 | Load: x | true_upon_entry.cpp:98:11:98:16 | Call: call to source |
+| acrossLinkTargets.cpp:12:8:12:8 | (int)... | acrossLinkTargets.cpp:19:27:19:32 | call to source |
+| acrossLinkTargets.cpp:12:8:12:8 | x | acrossLinkTargets.cpp:19:27:19:32 | call to source |
+| clang.cpp:18:8:18:19 | (const int *)... | clang.cpp:12:9:12:20 | sourceArray1 |
+| clang.cpp:18:8:18:19 | sourceArray1 | clang.cpp:12:9:12:20 | sourceArray1 |
+| clang.cpp:37:10:37:11 | m2 | clang.cpp:34:32:34:37 | call to source |
+| clang.cpp:41:18:41:19 | m2 | clang.cpp:39:42:39:47 | call to source |
+| clang.cpp:45:17:45:18 | m2 | clang.cpp:43:35:43:40 | call to source |
+| test.cpp:7:8:7:9 | t1 | test.cpp:6:12:6:17 | call to source |
+| test.cpp:9:8:9:9 | t1 | test.cpp:6:12:6:17 | call to source |
+| test.cpp:10:8:10:9 | t2 | test.cpp:6:12:6:17 | call to source |
+| test.cpp:15:8:15:9 | t2 | test.cpp:6:12:6:17 | call to source |
+| test.cpp:26:8:26:9 | t1 | test.cpp:6:12:6:17 | call to source |
+| test.cpp:30:8:30:8 | t | test.cpp:35:10:35:15 | call to source |
+| test.cpp:31:8:31:8 | c | test.cpp:36:13:36:18 | call to source |
+| test.cpp:58:10:58:10 | t | test.cpp:50:14:50:19 | call to source |
+| test.cpp:71:8:71:9 | x4 | test.cpp:66:30:66:36 | source1 |
+| test.cpp:76:8:76:9 | u1 | test.cpp:75:7:75:8 | u1 |
+| test.cpp:84:8:84:18 | ... ? ... : ... | test.cpp:83:7:83:8 | u2 |
+| test.cpp:86:8:86:9 | i1 | test.cpp:83:7:83:8 | u2 |
+| test.cpp:90:8:90:14 | source1 | test.cpp:89:28:89:34 | source1 |
+| test.cpp:92:8:92:14 | source1 | test.cpp:89:28:89:34 | source1 |
+| test.cpp:110:10:110:12 | (reference dereference) | test.cpp:109:9:109:14 | call to source |
+| test.cpp:140:8:140:8 | y | test.cpp:138:27:138:32 | call to source |
+| test.cpp:144:8:144:8 | s | test.cpp:151:33:151:38 | call to source |
+| test.cpp:152:8:152:8 | y | test.cpp:151:33:151:38 | call to source |
+| test.cpp:157:8:157:8 | x | test.cpp:164:34:164:39 | call to source |
+| test.cpp:165:8:165:8 | y | test.cpp:164:34:164:39 | call to source |
+| test.cpp:178:8:178:8 | y | test.cpp:171:11:171:16 | call to source |
+| test.cpp:260:12:260:12 | x | test.cpp:245:14:245:19 | call to source |
+| test.cpp:266:12:266:12 | x | test.cpp:265:22:265:27 | call to source |
+| test.cpp:289:14:289:14 | x | test.cpp:305:17:305:22 | call to source |
+| test.cpp:318:7:318:7 | x | test.cpp:314:4:314:9 | call to source |
+| test.cpp:450:9:450:22 | (statement expression) | test.cpp:449:26:449:32 | source1 |
+| test.cpp:461:8:461:12 | local | test.cpp:449:26:449:32 | source1 |
+| true_upon_entry.cpp:13:8:13:8 | x | true_upon_entry.cpp:9:11:9:16 | call to source |
+| true_upon_entry.cpp:21:8:21:8 | x | true_upon_entry.cpp:17:11:17:16 | call to source |
+| true_upon_entry.cpp:29:8:29:8 | x | true_upon_entry.cpp:27:9:27:14 | call to source |
+| true_upon_entry.cpp:39:8:39:8 | x | true_upon_entry.cpp:33:11:33:16 | call to source |
+| true_upon_entry.cpp:49:8:49:8 | x | true_upon_entry.cpp:43:11:43:16 | call to source |
+| true_upon_entry.cpp:57:8:57:8 | x | true_upon_entry.cpp:54:11:54:16 | call to source |
+| true_upon_entry.cpp:66:8:66:8 | x | true_upon_entry.cpp:62:11:62:16 | call to source |
+| true_upon_entry.cpp:78:8:78:8 | x | true_upon_entry.cpp:70:11:70:16 | call to source |
+| true_upon_entry.cpp:86:8:86:8 | x | true_upon_entry.cpp:83:11:83:16 | call to source |
+| true_upon_entry.cpp:105:8:105:8 | x | true_upon_entry.cpp:98:11:98:16 | call to source |
diff --git a/cpp/ql/test/library-tests/dataflow/taint-tests/test_ir.expected b/cpp/ql/test/library-tests/dataflow/taint-tests/test_ir.expected
@@ -1,11 +1,13 @@
-| taint.cpp:8:8:8:13 | Load: clean1 | taint.cpp:4:27:4:33 | InitializeParameter: source1 |
-| taint.cpp:16:8:16:14 | Load: source1 | taint.cpp:12:22:12:27 | Call: call to source |
-| taint.cpp:17:8:17:16 | Add: ++ ... | taint.cpp:12:22:12:27 | Call: call to source |
-| taint.cpp:109:7:109:13 | Load: access to array | taint.cpp:105:12:105:17 | Call: call to source |
-| taint.cpp:129:7:129:9 | Load: * ... | taint.cpp:120:11:120:16 | Call: call to source |
-| taint.cpp:130:7:130:9 | Load: * ... | taint.cpp:127:8:127:13 | Call: call to source |
-| taint.cpp:134:7:134:9 | Load: * ... | taint.cpp:120:11:120:16 | Call: call to source |
-| taint.cpp:151:7:151:12 | Call: call to select | taint.cpp:151:20:151:25 | Call: call to source |
-| taint.cpp:167:8:167:13 | Call: call to source | taint.cpp:167:8:167:13 | Call: call to source |
-| taint.cpp:168:8:168:14 | Load: tainted | taint.cpp:164:19:164:24 | Call: call to source |
-| taint.cpp:210:7:210:7 | Load: x | taint.cpp:207:6:207:11 | Call: call to source |
+| taint.cpp:8:8:8:13 | clean1 | taint.cpp:4:27:4:33 | source1 |
+| taint.cpp:16:8:16:14 | source1 | taint.cpp:12:22:12:27 | ... = ... |
+| taint.cpp:16:8:16:14 | source1 | taint.cpp:12:22:12:27 | call to source |
+| taint.cpp:17:8:17:16 | ++ ... | taint.cpp:12:22:12:27 | ... = ... |
+| taint.cpp:17:8:17:16 | ++ ... | taint.cpp:12:22:12:27 | call to source |
+| taint.cpp:109:7:109:13 | access to array | taint.cpp:105:12:105:17 | call to source |
+| taint.cpp:129:7:129:9 | * ... | taint.cpp:120:11:120:16 | call to source |
+| taint.cpp:130:7:130:9 | * ... | taint.cpp:127:8:127:13 | call to source |
+| taint.cpp:134:7:134:9 | * ... | taint.cpp:120:11:120:16 | call to source |
+| taint.cpp:151:7:151:12 | call to select | taint.cpp:151:20:151:25 | call to source |
+| taint.cpp:167:8:167:13 | call to source | taint.cpp:167:8:167:13 | call to source |
+| taint.cpp:168:8:168:14 | tainted | taint.cpp:164:19:164:24 | call to source |
+| taint.cpp:210:7:210:7 | x | taint.cpp:207:6:207:11 | call to source |
