Skip to content

C++: IR Alias Analysis for smart pointers #5737

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Apr 27, 2021
Merged

C++: IR Alias Analysis for smart pointers #5737

merged 12 commits into from
Apr 27, 2021

Conversation

dbartol
Copy link

@dbartol dbartol commented Apr 21, 2021

This PR brings IR alias analysis of smart pointers more-or-less up to parity with the analysis of raw pointers, at least when building aliased SSA. I recommend reviewing commit-by-commit.

  • Added CallInstruction::getAParameterSideEffect() to get the side effects for the specified parameter index.
  • Extended alias analysis to allow for the possibility that pointer flow propagated through a call might be via a side effect operand, and might be returned via a side effect result.
  • Moved memory.h into a shared include directory in the test tree, and added the necessary parts of utility.h and type_traits.h as well.
  • Extended the AliasFunction model to allow specifying pointer flow between arbitrary inputs and outputs. Note that pointer flow differs from data flow in that pointer flow is "must" flow, but data flow is "may" flow. We may want to consider consolidating these into a single model with a boolean parameter someday.
  • Extended the modeling of smart pointers to include std::weak_ptr
  • Extended the modeling of smart pointer unwrapper functions to provide the right pointer flow, side effects, and aliasing behavior.
  • Added models for smart pointer functions that initialize or assign a smart pointer.
  • Made the toString() of dynamic allocations stable, so that they can be used in inline expectations.

There are still some taint test failures, which are caused because I stopped excluding operator*() from the list of modeled unwrapper functions. This is being discussed on Slack.

@dbartol dbartol added the C++ label Apr 21, 2021
@dbartol dbartol requested a review from MathiasVP April 21, 2021 03:49
@github-actions github-actions bot added the C# label Apr 21, 2021
MathiasVP
MathiasVP reviewed Apr 21, 2021
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! I mostly have nitpicky comments.

Dave Bartolomeo added 2 commits April 21, 2021 12:12
C++: Remove unnecessary cast
0bc4b04
C++: Isolate models from AST dataflow's reference/object conflation
3832100 
`DataFlowFunction` models treat references a pointers - an explicit level of indirection. The AST dataflow library generally treats references as if they were the referred-to object. This commit removes a workaround in the dataflow model for unary `operator*` on smart pointers, and makes the AST dataflow library adjust the results of querying the model so that a returned reference only gets flow that was modeled as going to the dereference of the return value.

This fixes some missing flow in IR dataflow, and recovers some (presumably) missing reverse taint flow in AST taint tracking as well.
Dave Bartolomeo added 2 commits April 22, 2021 16:51
C++: Add {AllAliased} side effects for smart pointers
5d0a4ca 
Smart pointer constructors, assignments, and `reset()` can actually have fairly large side effects, especially with custom deleters, destructors for objects being destroyed, and so on. I've re-introduced `{AllAliased}` side effects for these functions. There was no immediate effect on analysis results.
Stub out additional bits of Alias model for C#
3b04bed
@dbartol dbartol marked this pull request as ready for review April 22, 2021 22:07
@dbartol dbartol requested review from a team as code owners April 22, 2021 22:07
@dbartol dbartol assigned dbartol and MathiasVP and unassigned dbartol Apr 22, 2021
@dbartol dbartol added the no-change-note-required This PR does not need a change note label Apr 22, 2021
MathiasVP
MathiasVP reviewed Apr 23, 2021
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changes LGTM!

If this PR only changed smart-pointer things I'd be happy to merge this now, but maybe it'd be good to run a CPP-differences to make sure that 3832100 didn't have any unfortunate consequences.

@MathiasVP
Copy link
Contributor

I've restarted the CPP-differences run: https://jenkins.internal.semmle.com/job/Changes/job/CPP-Differences/1945/

@MathiasVP
Copy link
Contributor

MathiasVP commented Apr 27, 2021
edited
Loading

https://jenkins.internal.semmle.com/job/Changes/job/CPP-Differences/1948 failed again with an error:

23:19:56  + python3 ../code/buildutils-internal/jenkins/Changes/make_metrics_dataset.py ../code
23:20:08  fatal: bad object 97a13c9642d336c5cea49b35f2be303d57ccb371

I see that 97a13c9 is the commit that's being compared in the CPP-differences run, but it's not the HEAD of this PR (which might be why the job is failing). I've started another CPP-differences that compares the latest-merged main to 3b04bed.

@dbartol
Copy link
Author

dbartol commented Apr 27, 2021

CPP-Differences shows no changes, and I didn't really expect any. I think we're good.

MathiasVP
MathiasVP approved these changes Apr 27, 2021
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM then!

@MathiasVP MathiasVP merged commit 0f141ed into github:main Apr 27, 2021
@MathiasVP MathiasVP mentioned this pull request Apr 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbj jbj jbj left review comments

@MathiasVP MathiasVP MathiasVP approved these changes

Assignees

@MathiasVP MathiasVP

Labels
C# C++ no-change-note-required This PR does not need a change note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dbartol @MathiasVP @jbj