Merge pull request #10305 from MathiasVP/ql-workaround-for-missing-decl-entries

C++: Synthesize `DeclarationEntry`s for IR construction

Author: rdmarsh2

cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll

@@ -13,8 +13,8 @@ private import TranslatedInitialization
  * Gets the `TranslatedDeclarationEntry` that represents the declaration
  * `entry`.
  */
-TranslatedDeclarationEntry getTranslatedDeclarationEntry(DeclarationEntry entry) {
-  result.getAst() = entry
+TranslatedDeclarationEntry getTranslatedDeclarationEntry(IRDeclarationEntry entry) {
+  result.getIRDeclarationEntry() = entry
 }
 
 /**
@@ -24,20 +24,22 @@ TranslatedDeclarationEntry getTranslatedDeclarationEntry(DeclarationEntry entry)
  * functions do not have a `TranslatedDeclarationEntry`.
  */
 abstract class TranslatedDeclarationEntry extends TranslatedElement, TTranslatedDeclarationEntry {
-  DeclarationEntry entry;
+  IRDeclarationEntry entry;
 
   TranslatedDeclarationEntry() { this = TTranslatedDeclarationEntry(entry) }
 
   final override Function getFunction() {
     exists(DeclStmt stmt |
-      stmt.getADeclarationEntry() = entry and
+      stmt = entry.getStmt() and
       result = stmt.getEnclosingFunction()
     )
   }
 
+  IRDeclarationEntry getIRDeclarationEntry() { result = entry }
+
   final override string toString() { result = entry.toString() }
 
-  final override Locatable getAst() { result = entry }
+  final override Locatable getAst() { result = entry.getAst() }
 
   /** DEPRECATED: Alias for getAst */
   deprecated override Locatable getAST() { result = getAst() }
@@ -216,7 +218,7 @@ class TranslatedStaticLocalVariableDeclarationEntry extends TranslatedDeclaratio
  */
 class TranslatedStaticLocalVariableInitialization extends TranslatedElement,
   TranslatedLocalVariableDeclaration, TTranslatedStaticLocalVariableInitialization {
-  VariableDeclarationEntry entry;
+  IRVariableDeclarationEntry entry;
   StaticLocalVariable var;
 
   TranslatedStaticLocalVariableInitialization() {
@@ -226,7 +228,7 @@ class TranslatedStaticLocalVariableInitialization extends TranslatedElement,
 
   final override string toString() { result = "init: " + entry.toString() }
 
-  final override Locatable getAst() { result = entry }
+  final override Locatable getAst() { result = entry.getAst() }
 
   /** DEPRECATED: Alias for getAst */
   deprecated override Locatable getAST() { result = getAst() }
@@ -236,40 +238,6 @@ class TranslatedStaticLocalVariableInitialization extends TranslatedElement,
   final override Function getFunction() { result = var.getFunction() }
 }
 
-/**
- * Gets the `TranslatedRangeBasedForVariableDeclaration` that represents the declaration of
- * `var`.
- */
-TranslatedRangeBasedForVariableDeclaration getTranslatedRangeBasedForVariableDeclaration(
-  LocalVariable var
-) {
-  result.getVariable() = var
-}
-
-/**
- * Represents the IR translation of a compiler-generated variable in a range-based `for` loop.
- */
-class TranslatedRangeBasedForVariableDeclaration extends TranslatedLocalVariableDeclaration,
-  TTranslatedRangeBasedForVariableDeclaration {
-  RangeBasedForStmt forStmt;
-  LocalVariable var;
-
-  TranslatedRangeBasedForVariableDeclaration() {
-    this = TTranslatedRangeBasedForVariableDeclaration(forStmt, var)
-  }
-
-  override string toString() { result = var.toString() }
-
-  override Locatable getAst() { result = var }
-
-  /** DEPRECATED: Alias for getAst */
-  deprecated override Locatable getAST() { result = getAst() }
-
-  override Function getFunction() { result = forStmt.getEnclosingFunction() }
-
-  override LocalVariable getVariable() { result = var }
-}
-
 TranslatedConditionDecl getTranslatedConditionDecl(ConditionDeclExpr expr) {
   result.getAst() = expr
 }

cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll

@@ -443,10 +443,10 @@ predicate hasTranslatedSyntheticTemporaryObject(Expr expr) {
  * necessary for automatic local variables, or for static local variables with dynamic
  * initialization.
  */
-private predicate translateDeclarationEntry(DeclarationEntry entry) {
+private predicate translateDeclarationEntry(IRDeclarationEntry entry) {
   exists(DeclStmt declStmt, LocalVariable var |
     translateStmt(declStmt) and
-    declStmt.getADeclarationEntry() = entry and
+    declStmt = entry.getStmt() and
     // Only declarations of local variables need to be translated to IR.
     var = entry.getDeclaration() and
     (
@@ -458,6 +458,102 @@ private predicate translateDeclarationEntry(DeclarationEntry entry) {
   )
 }
 
+private module IRDeclarationEntries {
+  private newtype TIRDeclarationEntry =
+    TPresentDeclarationEntry(DeclarationEntry entry) or
+    TMissingDeclarationEntry(DeclStmt stmt, Declaration d, int index) {
+      not exists(stmt.getDeclarationEntry(index)) and
+      stmt.getDeclaration(index) = d
+    }
+
+  /**
+   * An entity that represents a declaration entry in the database.
+   *
+   * This class exists to work around the fact that `DeclStmt`s in some cases
+   * do not have `DeclarationEntry`s. Currently, this is the case for:
+   * - `DeclStmt`s in template instantiations.
+   * - `DeclStmt`s that are generated by the desugaring of range-based for-loops.
+   *
+   * So instead, the IR works with `IRDeclarationEntry`s that synthesize missing
+   * `DeclarationEntry`s when there is no result for `DeclStmt::getDeclarationEntry`.
+   */
+  abstract class IRDeclarationEntry extends TIRDeclarationEntry {
+    /** Gets a string representation of this `IRDeclarationEntry`. */
+    abstract string toString();
+
+    /** Gets the `DeclStmt` that this `IRDeclarationEntry` belongs to. */
+    abstract DeclStmt getStmt();
+
+    /** Gets the `Declaration` declared by this `IRDeclarationEntry`. */
+    abstract Declaration getDeclaration();
+
+    /** Gets the AST represented by this `IRDeclarationEntry`. */
+    abstract Locatable getAst();
+
+    /**
+     * Holds if this `IRDeclarationEntry` is the `index`'th entry
+     * declared by the enclosing `DeclStmt`.
+     */
+    abstract predicate hasIndex(int index);
+  }
+
+  /** A `IRDeclarationEntry` for an existing `DeclarationEntry`. */
+  private class PresentDeclarationEntry extends IRDeclarationEntry, TPresentDeclarationEntry {
+    DeclarationEntry entry;
+
+    PresentDeclarationEntry() { this = TPresentDeclarationEntry(entry) }
+
+    override string toString() { result = entry.toString() }
+
+    override DeclStmt getStmt() { result.getADeclarationEntry() = entry }
+
+    override Declaration getDeclaration() { result = entry.getDeclaration() }
+
+    override Locatable getAst() { result = entry }
+
+    override predicate hasIndex(int index) { this.getStmt().getDeclarationEntry(index) = entry }
+  }
+
+  /**
+   * A synthesized `DeclarationEntry` that is created when a `DeclStmt` is missing a
+   * result for `DeclStmt::getDeclarationEntry`
+   */
+  private class MissingDeclarationEntry extends IRDeclarationEntry, TMissingDeclarationEntry {
+    DeclStmt stmt;
+    Declaration d;
+    int index;
+
+    MissingDeclarationEntry() { this = TMissingDeclarationEntry(stmt, d, index) }
+
+    override string toString() { result = "missing declaration of " + d.getName() }
+
+    override DeclStmt getStmt() { result = stmt }
+
+    override Declaration getDeclaration() { result = d }
+
+    override Locatable getAst() { result = stmt }
+
+    override predicate hasIndex(int idx) { idx = index }
+  }
+
+  /** A `IRDeclarationEntry` that represents an entry for a `Variable`. */
+  class IRVariableDeclarationEntry instanceof IRDeclarationEntry {
+    Variable v;
+
+    IRVariableDeclarationEntry() { super.getDeclaration() = v }
+
+    Variable getDeclaration() { result = v }
+
+    string toString() { result = super.toString() }
+
+    Locatable getAst() { result = super.getAst() }
+
+    DeclStmt getStmt() { result = super.getStmt() }
+  }
+}
+
+import IRDeclarationEntries
+
 newtype TTranslatedElement =
   // An expression that is not being consumed as a condition
   TTranslatedValueExpr(Expr expr) {
@@ -613,23 +709,13 @@ newtype TTranslatedElement =
     )
   } or
   // A local declaration
-  TTranslatedDeclarationEntry(DeclarationEntry entry) { translateDeclarationEntry(entry) } or
+  TTranslatedDeclarationEntry(IRDeclarationEntry entry) { translateDeclarationEntry(entry) } or
   // The dynamic initialization of a static local variable. This is a separate object from the
   // declaration entry.
-  TTranslatedStaticLocalVariableInitialization(DeclarationEntry entry) {
+  TTranslatedStaticLocalVariableInitialization(IRDeclarationEntry entry) {
     translateDeclarationEntry(entry) and
     entry.getDeclaration() instanceof StaticLocalVariable
   } or
-  // A compiler-generated variable to implement a range-based for loop. These don't have a
-  // `DeclarationEntry` in the database, so we have to go by the `Variable` itself.
-  TTranslatedRangeBasedForVariableDeclaration(RangeBasedForStmt forStmt, LocalVariable var) {
-    translateStmt(forStmt) and
-    (
-      var = forStmt.getRangeVariable() or
-      var = forStmt.getBeginEndDeclaration().getADeclaration() or
-      var = forStmt.getVariable()
-    )
-  } or
   // An allocator call in a `new` or `new[]` expression
   TTranslatedAllocatorCall(NewOrNewArrayExpr newExpr) { not ignoreExpr(newExpr) } or
   // An allocation size for a `new` or `new[]` expression

cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll

@@ -76,6 +76,13 @@ class TranslatedDeclStmt extends TranslatedStmt {
 
   private int getChildCount() { result = count(getDeclarationEntry(_)) }
 
+  IRDeclarationEntry getIRDeclarationEntry(int index) {
+    result.hasIndex(index) and
+    result.getStmt() = stmt
+  }
+
+  IRDeclarationEntry getAnIRDeclarationEntry() { result = this.getIRDeclarationEntry(_) }
+
   /**
    * Gets the `TranslatedDeclarationEntry` child at zero-based index `index`. Since not all
    * `DeclarationEntry` objects have a `TranslatedDeclarationEntry` (e.g. extern functions), we map
@@ -85,7 +92,7 @@ class TranslatedDeclStmt extends TranslatedStmt {
   private TranslatedDeclarationEntry getDeclarationEntry(int index) {
     result =
       rank[index + 1](TranslatedDeclarationEntry entry, int originalIndex |
-        entry = getTranslatedDeclarationEntry(stmt.getDeclarationEntry(originalIndex))
+        entry = getTranslatedDeclarationEntry(this.getIRDeclarationEntry(originalIndex))
       |
         entry order by originalIndex
       )
@@ -597,36 +604,32 @@ class TranslatedRangeBasedForStmt extends TranslatedStmt, ConditionContext {
   override RangeBasedForStmt stmt;
 
   override TranslatedElement getChild(int id) {
-    id = 0 and result = getRangeVariableDeclaration()
+    id = 0 and result = getRangeVariableDeclStmt()
     or
-    id = 1 and result = getBeginVariableDeclaration()
+    // Note: `__begin` and `__end` are declared by the same `DeclStmt`
+    id = 1 and result = getBeginEndVariableDeclStmt()
     or
-    id = 2 and result = getEndVariableDeclaration()
+    id = 2 and result = getCondition()
     or
-    id = 3 and result = getCondition()
+    id = 3 and result = getUpdate()
     or
-    id = 4 and result = getUpdate()
+    id = 4 and result = getVariableDeclStmt()
     or
-    id = 5 and result = getVariableDeclaration()
-    or
-    id = 6 and result = getBody()
+    id = 5 and result = getBody()
   }
 
   override Instruction getFirstInstruction() {
-    result = getRangeVariableDeclaration().getFirstInstruction()
+    result = getRangeVariableDeclStmt().getFirstInstruction()
   }
 
   override Instruction getChildSuccessor(TranslatedElement child) {
-    child = getRangeVariableDeclaration() and
-    result = getBeginVariableDeclaration().getFirstInstruction()
-    or
-    child = getBeginVariableDeclaration() and
-    result = getEndVariableDeclaration().getFirstInstruction()
+    child = getRangeVariableDeclStmt() and
+    result = getBeginEndVariableDeclStmt().getFirstInstruction()
     or
-    child = getEndVariableDeclaration() and
+    child = getBeginEndVariableDeclStmt() and
     result = getCondition().getFirstInstruction()
     or
-    child = getVariableDeclaration() and
+    child = getVariableDeclStmt() and
     result = getBody().getFirstInstruction()
     or
     child = getBody() and
@@ -643,23 +646,25 @@ class TranslatedRangeBasedForStmt extends TranslatedStmt, ConditionContext {
   override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { none() }
 
   override Instruction getChildTrueSuccessor(TranslatedCondition child) {
-    child = getCondition() and result = getVariableDeclaration().getFirstInstruction()
+    child = getCondition() and result = getVariableDeclStmt().getFirstInstruction()
   }
 
   override Instruction getChildFalseSuccessor(TranslatedCondition child) {
     child = getCondition() and result = getParent().getChildSuccessor(this)
   }
 
-  private TranslatedRangeBasedForVariableDeclaration getRangeVariableDeclaration() {
-    result = getTranslatedRangeBasedForVariableDeclaration(stmt.getRangeVariable())
-  }
-
-  private TranslatedRangeBasedForVariableDeclaration getBeginVariableDeclaration() {
-    result = getTranslatedRangeBasedForVariableDeclaration(stmt.getBeginVariable())
+  private TranslatedDeclStmt getRangeVariableDeclStmt() {
+    exists(IRVariableDeclarationEntry entry |
+      entry.getDeclaration() = stmt.getRangeVariable() and
+      result.getAnIRDeclarationEntry() = entry
+    )
   }
 
-  private TranslatedRangeBasedForVariableDeclaration getEndVariableDeclaration() {
-    result = getTranslatedRangeBasedForVariableDeclaration(stmt.getEndVariable())
+  private TranslatedDeclStmt getBeginEndVariableDeclStmt() {
+    exists(IRVariableDeclarationEntry entry |
+      entry.getStmt() = stmt.getBeginEndDeclaration() and
+      result.getAnIRDeclarationEntry() = entry
+    )
   }
 
   // Public for getInstructionBackEdgeSuccessor
@@ -672,8 +677,11 @@ class TranslatedRangeBasedForStmt extends TranslatedStmt, ConditionContext {
     result = getTranslatedExpr(stmt.getUpdate().getFullyConverted())
   }
 
-  private TranslatedRangeBasedForVariableDeclaration getVariableDeclaration() {
-    result = getTranslatedRangeBasedForVariableDeclaration(stmt.getVariable())
+  private TranslatedDeclStmt getVariableDeclStmt() {
+    exists(IRVariableDeclarationEntry entry |
+      entry.getDeclaration() = stmt.getVariable() and
+      result.getAnIRDeclarationEntry() = entry
+    )
   }
 
   private TranslatedStmt getBody() { result = getTranslatedStmt(stmt.getStmt()) }