C++/C#: Conflated memory as IR dump annotation

Removes the IR consistency checks for conflated memory and marks
instructions that have a conflated result with a percent sign (%)
instead. This avoids reimplementing part of the alias analysis logic
in the consistency check.

Author: Robert Marsh

cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/IRConsistency.qll

@@ -441,30 +441,6 @@ module InstructionConsistency {
     isOnAliasedDefinitionChain(instr.(PhiInstruction).getAnInputOperand().getAnyDef())
   }
 
-  private predicate shouldBeConflated(Instruction instr) { isOnAliasedDefinitionChain(instr) }
-
-  query predicate notMarkedAsConflated(
-    Instruction instr, string message, OptionalIRFunction irFunc, string irFuncText
-  ) {
-    shouldBeConflated(instr) and
-    not instr.isResultConflated() and
-    message =
-      "Instruction '" + instr.toString() +
-        "' should be marked as having a conflated result in function '$@'." and
-    irFunc = getInstructionIRFunction(instr, irFuncText)
-  }
-
-  query predicate wronglyMarkedAsConflated(
-    Instruction instr, string message, OptionalIRFunction irFunc, string irFuncText
-  ) {
-    instr.isResultConflated() and
-    not shouldBeConflated(instr) and
-    message =
-      "Instruction '" + instr.toString() +
-        "' should not be marked as having a conflated result in function '$@'." and
-    irFunc = getInstructionIRFunction(instr, irFuncText)
-  }
-
   query predicate invalidOverlap(
     MemoryOperand useOperand, string message, OptionalIRFunction irFunc, string irFuncText
   ) {

cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll

@@ -92,6 +92,13 @@ class Instruction extends Construction::TStageInstruction {
       else result = "r"
   }
 
+  private string getConflationPrefix() {
+    shouldGenerateDumpStrings() and
+    if isResultConflated()
+    then result = "%"
+    else result = ""
+  }
+
   /**
    * Gets the zero-based index of this instruction within its block. This is
    * used by debugging and printing code only.
@@ -143,7 +150,7 @@ class Instruction extends Construction::TStageInstruction {
    */
   final string getResultString() {
     shouldGenerateDumpStrings() and
-    result = getResultId() + "(" + getResultLanguageType().getDumpString() + ")"
+    result = getConflationPrefix() + getResultId() + "(" + getResultLanguageType().getDumpString() + ")"
   }
 
   /**

cpp/ql/src/semmle/code/cpp/ir/implementation/raw/IRConsistency.qll

@@ -441,30 +441,6 @@ module InstructionConsistency {
     isOnAliasedDefinitionChain(instr.(PhiInstruction).getAnInputOperand().getAnyDef())
   }
 
-  private predicate shouldBeConflated(Instruction instr) { isOnAliasedDefinitionChain(instr) }
-
-  query predicate notMarkedAsConflated(
-    Instruction instr, string message, OptionalIRFunction irFunc, string irFuncText
-  ) {
-    shouldBeConflated(instr) and
-    not instr.isResultConflated() and
-    message =
-      "Instruction '" + instr.toString() +
-        "' should be marked as having a conflated result in function '$@'." and
-    irFunc = getInstructionIRFunction(instr, irFuncText)
-  }
-
-  query predicate wronglyMarkedAsConflated(
-    Instruction instr, string message, OptionalIRFunction irFunc, string irFuncText
-  ) {
-    instr.isResultConflated() and
-    not shouldBeConflated(instr) and
-    message =
-      "Instruction '" + instr.toString() +
-        "' should not be marked as having a conflated result in function '$@'." and
-    irFunc = getInstructionIRFunction(instr, irFuncText)
-  }
-
   query predicate invalidOverlap(
     MemoryOperand useOperand, string message, OptionalIRFunction irFunc, string irFuncText
   ) {

cpp/ql/src/semmle/code/cpp/ir/implementation/raw/Instruction.qll

@@ -92,6 +92,13 @@ class Instruction extends Construction::TStageInstruction {
       else result = "r"
   }
 
+  private string getConflationPrefix() {
+    shouldGenerateDumpStrings() and
+    if isResultConflated()
+    then result = "%"
+    else result = ""
+  }
+
   /**
    * Gets the zero-based index of this instruction within its block. This is
    * used by debugging and printing code only.
@@ -143,7 +150,7 @@ class Instruction extends Construction::TStageInstruction {
    */
   final string getResultString() {
     shouldGenerateDumpStrings() and
-    result = getResultId() + "(" + getResultLanguageType().getDumpString() + ")"
+    result = getConflationPrefix() + getResultId() + "(" + getResultLanguageType().getDumpString() + ")"
   }
 
   /**

cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/IRConsistency.qll

@@ -441,30 +441,6 @@ module InstructionConsistency {
     isOnAliasedDefinitionChain(instr.(PhiInstruction).getAnInputOperand().getAnyDef())
   }
 
-  private predicate shouldBeConflated(Instruction instr) { isOnAliasedDefinitionChain(instr) }
-
-  query predicate notMarkedAsConflated(
-    Instruction instr, string message, OptionalIRFunction irFunc, string irFuncText
-  ) {
-    shouldBeConflated(instr) and
-    not instr.isResultConflated() and
-    message =
-      "Instruction '" + instr.toString() +
-        "' should be marked as having a conflated result in function '$@'." and
-    irFunc = getInstructionIRFunction(instr, irFuncText)
-  }
-
-  query predicate wronglyMarkedAsConflated(
-    Instruction instr, string message, OptionalIRFunction irFunc, string irFuncText
-  ) {
-    instr.isResultConflated() and
-    not shouldBeConflated(instr) and
-    message =
-      "Instruction '" + instr.toString() +
-        "' should not be marked as having a conflated result in function '$@'." and
-    irFunc = getInstructionIRFunction(instr, irFuncText)
-  }
-
   query predicate invalidOverlap(
     MemoryOperand useOperand, string message, OptionalIRFunction irFunc, string irFuncText
   ) {

cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll

@@ -92,6 +92,13 @@ class Instruction extends Construction::TStageInstruction {
       else result = "r"
   }
 
+  private string getConflationPrefix() {
+    shouldGenerateDumpStrings() and
+    if isResultConflated()
+    then result = "%"
+    else result = ""
+  }
+
   /**
    * Gets the zero-based index of this instruction within its block. This is
    * used by debugging and printing code only.
@@ -143,7 +150,7 @@ class Instruction extends Construction::TStageInstruction {
    */
   final string getResultString() {
     shouldGenerateDumpStrings() and
-    result = getResultId() + "(" + getResultLanguageType().getDumpString() + ")"
+    result = getConflationPrefix() + getResultId() + "(" + getResultLanguageType().getDumpString() + ")"
   }
 
   /**

cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency.expected

@@ -21,9 +21,6 @@ lostReachability
 backEdgeCountMismatch
 useNotDominatedByDefinition
 switchInstructionWithoutDefaultEdge
-notMarkedAsConflated
-| ir.cpp:1237:5:1237:25 | Phi: return ... | Instruction 'Phi: return ...' should be marked as having a conflated result in function '$@'. | ir.cpp:1231:5:1231:19 | int staticLocalInit(int) | int staticLocalInit(int) |
-wronglyMarkedAsConflated
 invalidOverlap
 nonUniqueEnclosingIRFunction
 missingCanonicalLanguageType

cpp/ql/test/library-tests/ir/ir/aliased_ssa_consistency_unsound.expected

@@ -21,9 +21,6 @@ lostReachability
 backEdgeCountMismatch
 useNotDominatedByDefinition
 switchInstructionWithoutDefaultEdge
-notMarkedAsConflated
-| ir.cpp:1237:5:1237:25 | Phi: return ... | Instruction 'Phi: return ...' should be marked as having a conflated result in function '$@'. | ir.cpp:1231:5:1231:19 | int staticLocalInit(int) | int staticLocalInit(int) |
-wronglyMarkedAsConflated
 invalidOverlap
 nonUniqueEnclosingIRFunction
 missingCanonicalLanguageType

cpp/ql/test/library-tests/ir/ir/raw_consistency.expected

@@ -21,8 +21,6 @@ lostReachability
 backEdgeCountMismatch
 useNotDominatedByDefinition
 switchInstructionWithoutDefaultEdge
-notMarkedAsConflated
-wronglyMarkedAsConflated
 invalidOverlap
 nonUniqueEnclosingIRFunction
 missingCanonicalLanguageType