C++: Initial attempt at IR-based value numbering

Author: dave-bartolomeo

config/identical-files.json

@@ -54,5 +54,10 @@
     "C++ SSA SSAConstruction": [
         "cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll",
         "cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll"
+    ],
+    "C++ IR ValueNumber": [
+        "cpp/ql/src/semmle/code/cpp/ir/implementation/raw/internal/gvn/ValueNumber.qll",
+        "cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/gvn/ValueNumber.qll",
+        "cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/internal/gvn/ValueNumber.qll"
     ]
 }

cpp/ql/src/semmle/code/cpp/ir/IR.md

@@ -0,0 +1,7 @@
+# The C/C++ Intermediate Representation
+
+## Introduction
+
+The Intermediate Representation (IR) library provides a representation of the semantics of the program, independent of the syntax used to express those semantics. The IR is similar in design to representations used in optimizing compilers, such as LLVM IR.
+
+## Memory Access

cpp/ql/src/semmle/code/cpp/ir/PrintIR.qll

@@ -0,0 +1 @@
+import implementation.aliased_ssa.PrintIR

cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/IR.qll

@@ -5,3 +5,30 @@ import IRVariable
 import OperandTag
 import semmle.code.cpp.ir.implementation.EdgeKind
 import semmle.code.cpp.ir.implementation.MemoryAccessKind
+
+private newtype TIRPropertyProvider = MkIRPropertyProvider()
+
+/**
+ * Class that provides additional properties to be dumped for IR instructions and blocks when using
+ * the PrintIR module. Libraries that compute additional facts about IR elements can extend the
+ * single instance of this class to specify the additional properties computed by the library.
+ */
+class IRPropertyProvider extends TIRPropertyProvider {
+  string toString() {
+    result = "IRPropertyProvider"
+  }
+
+  /**
+   * Gets the value of the property named `key` for the specified instruction.
+   */
+  string getInstructionProperty(Instruction instruction, string key) {
+    none()
+  }
+
+  /**
+   * Gets the value of the property named `key` for the specified block.
+   */
+  string getBlockProperty(IRBlock block, string key) {
+    none()
+  }
+}

cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll

@@ -301,6 +301,13 @@ class Instruction extends Construction::TInstruction {
     result = ast.getLocation()
   }
 
+  /**
+   * Gets the `Expr` whose results is computed by this instruction, if any.
+   */
+  final Expr getResultExpression() {
+    result = Construction::getInstructionResultExpression(this) 
+  }
+
   /**
    * Gets the type of the result produced by this instruction. If the
    * instruction does not produce a result, its result type will be `VoidType`.
@@ -554,6 +561,15 @@ class InitializeParameterInstruction extends VariableInstruction {
   }
 }
 
+/**
+ * An instruction that initializes the `this` pointer parameter of the enclosing function.
+ */
+class InitializeThisInstruction extends Instruction {
+  InitializeThisInstruction() {
+    opcode instanceof Opcode::InitializeThis
+  }
+}
+
 class FieldAddressInstruction extends FieldInstruction {
   FieldAddressInstruction() {
     opcode instanceof Opcode::FieldAddress

cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/PrintIR.qll

@@ -1,6 +1,18 @@
 private import IR
 import cpp
 
+private string getAdditionalInstructionProperty(Instruction instr, string key) {
+  exists(IRPropertyProvider provider |
+    result = provider.getInstructionProperty(instr, key)
+  )
+}
+
+private string getAdditionalBlockProperty(IRBlock block, string key) {
+  exists(IRPropertyProvider provider |
+    result = provider.getBlockProperty(block, key)
+  )
+}
+
 private newtype TPrintableIRNode =
   TPrintableFunctionIR(FunctionIR funcIR) or
   TPrintableIRBlock(IRBlock block) or
@@ -135,6 +147,11 @@ class PrintableIRBlock extends PrintableIRNode, TPrintableIRBlock {
     result.getFunctionIR() = block.getFunctionIR()
   }
 
+  override string getProperty(string key) {
+    result = PrintableIRNode.super.getProperty(key) or
+    result = getAdditionalBlockProperty(block, key)
+  }
+
   final IRBlock getBlock() {
     result = block
   }
@@ -185,6 +202,11 @@ class PrintableInstruction extends PrintableIRNode, TPrintableInstruction {
   final Instruction getInstruction() {
     result = instr
   }
+
+  override string getProperty(string key) {
+    result = PrintableIRNode.super.getProperty(key) or
+    result = getAdditionalInstructionProperty(instr, key)
+  }
 }
 
 private predicate columnWidths(IRBlock block, int resultWidth, int operationWidth) {

cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll

@@ -195,6 +195,10 @@ cached private module Cached {
     )
   }
 
+  cached Expr getInstructionResultExpression(Instruction instruction) {
+    result = getOldInstruction(instruction).getResultExpression()
+  }
+
   cached Instruction getInstructionSuccessor(Instruction instruction, EdgeKind kind) {
     result = getNewInstruction(getOldInstruction(instruction).getSuccessor(kind))
   }