forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 21
Expand file tree
/
Copy pathtest.ql
More file actions
61 lines (53 loc) · 2.14 KB
/
test.ql
File metadata and controls
61 lines (53 loc) · 2.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
import cpp
import semmle.code.cpp.dataflow.new.DataFlow
import semmle.code.cpp.controlflow.IRGuards
import utils.test.InlineExpectationsTest
import semmle.code.cpp.dataflow.ExternalFlow
predicate instructionGuardChecks(IRGuardCondition gc, Instruction checked, boolean branch) {
exists(CallInstruction call |
call.getStaticCallTarget().hasName("checkArgument") and
checked = call.getAnArgument() and
gc.comparesEq(call.getAUse(), 0, false, any(GuardValue bv | bv.asBooleanValue() = branch))
)
}
module BarrierGuard = DataFlow::InstructionBarrierGuard<instructionGuardChecks/3>;
predicate indirectBarrierGuard(DataFlow::Node node, string s) {
// This any(...) could technically be removed, but it helps us verify that we don't
// accidentially change the API of this predicate (for instance, by having
// the column be a unit parameter).
node = BarrierGuard::getAnIndirectBarrierNode(any(int indirectionIndex)) and
if node.isGLValue()
then s = "glval<" + node.getType().toString().replaceAll(" ", "") + ">"
else s = node.getType().toString().replaceAll(" ", "")
}
predicate barrierGuard(DataFlow::Node node, string s) {
node = BarrierGuard::getABarrierNode() and
if node.isGLValue()
then s = "glval<" + node.getType().toString().replaceAll(" ", "") + ">"
else s = node.getType().toString().replaceAll(" ", "")
}
predicate externalBarrierGuard(DataFlow::Node node, string s) {
barrierNode(node, "test-barrier") and
if node.isGLValue()
then s = "glval<" + node.getType().toString().replaceAll(" ", "") + ">"
else s = node.getType().toString().replaceAll(" ", "")
}
module Test implements TestSig {
string getARelevantTag() { result = ["barrier", "indirect_barrier", "external"] }
predicate hasActualResult(Location location, string element, string tag, string value) {
exists(DataFlow::Node node |
indirectBarrierGuard(node, value) and
tag = "indirect_barrier"
or
barrierGuard(node, value) and
tag = "barrier"
or
externalBarrierGuard(node, value) and
tag = "external"
|
element = node.toString() and
location = node.getLocation()
)
}
}
import MakeTest<Test>