C++ IR: Support __builtin_addressof

jbj · jbj · commit 4b4e7caf9ff3 · 2019-07-05T11:05:00.000+02:00
diff --git a/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll b/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
@@ -727,7 +727,8 @@ class TranslatedTransparentUnaryOperation extends TranslatedTransparentExpr {
       expr instanceof PointerDereferenceExpr or
       // &x is the same as x. &x isn't loadable, but is included
       // here to avoid having two nearly identical classes.
-      expr instanceof AddressOfExpr
+      expr instanceof AddressOfExpr or
+      expr instanceof BuiltInOperationBuiltInAddressOf
     )
   }
 
diff --git a/cpp/ql/test/library-tests/ir/ir/PrintAST.expected b/cpp/ql/test/library-tests/ir/ir/PrintAST.expected
@@ -174,6 +174,17 @@ bad_asts.cpp:
 #   27|                   Type = const Point &
 #   27|                   ValueCategory = prvalue(load)
 #   28|     1: return ...
+clang.cpp:
+#    5| int* globalIntAddress()
+#    5|   params: 
+#    5|   body: { ... }
+#    6|     0: return ...
+#    6|       0: __builtin_addressof ...
+#    6|           Type = int *
+#    6|           ValueCategory = prvalue
+#    6|         0: globalInt
+#    6|             Type = int
+#    6|             ValueCategory = lvalue
 ir.cpp:
 #    1| void Constants()
 #    1|   params: 
diff --git a/cpp/ql/test/library-tests/ir/ir/clang.cpp b/cpp/ql/test/library-tests/ir/ir/clang.cpp
@@ -0,0 +1,7 @@
+// semmle-extractor-options: --clang
+
+int globalInt;
+
+int *globalIntAddress() {
+  return __builtin_addressof(globalInt);
+}
diff --git a/cpp/ql/test/library-tests/ir/ir/raw_ir.expected b/cpp/ql/test/library-tests/ir/ir/raw_ir.expected
@@ -48,6 +48,20 @@ bad_asts.cpp:
 #   26|     v0_13(void)          = UnmodeledUse           : mu*
 #   26|     v0_14(void)          = ExitFunction           : 
 
+clang.cpp:
+#    5| int* globalIntAddress()
+#    5|   Block 0
+#    5|     v0_0(void)         = EnterFunction              : 
+#    5|     mu0_1(unknown)     = AliasedDefinition          : 
+#    5|     mu0_2(unknown)     = UnmodeledDefinition        : 
+#    6|     r0_3(glval<int *>) = VariableAddress[#return]   : 
+#    6|     r0_4(glval<int>)   = VariableAddress[globalInt] : 
+#    6|     mu0_5(int *)       = Store                      : &:r0_3, r0_4
+#    5|     r0_6(glval<int *>) = VariableAddress[#return]   : 
+#    5|     v0_7(void)         = ReturnValue                : &:r0_6, ~mu0_2
+#    5|     v0_8(void)         = UnmodeledUse               : mu*
+#    5|     v0_9(void)         = ExitFunction               : 
+
 ir.cpp:
 #    1| void Constants()
 #    1|   Block 0

Original file line number	Diff line number	Diff line change
`@@ -727,7 +727,8 @@ class TranslatedTransparentUnaryOperation extends TranslatedTransparentExpr {`
`727`	`727`	`expr instanceof PointerDereferenceExpr or`
`728`	`728`	`// &x is the same as x. &x isn't loadable, but is included`
`729`	`729`	`// here to avoid having two nearly identical classes.`
`730`		`- expr instanceof AddressOfExpr`
	`730`	`+ expr instanceof AddressOfExpr or`
	`731`	`+ expr instanceof BuiltInOperationBuiltInAddressOf`
`731`	`732`	`)`
`732`	`733`	`}`
`733`	`734`