C++: remove side effect operands from non-reads

Author: rdmarsh2

cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll

@@ -48,8 +48,8 @@ module InstructionSanity {
         or
         (
           opcode instanceof ReadSideEffectOpcode or
-          opcode instanceof MayWriteSideEffectOpcode or
-          opcode instanceof Opcode::InlineAsm
+          opcode instanceof Opcode::InlineAsm or
+          opcode instanceof Opcode::CallSideEffect
         ) and
         tag instanceof SideEffectOperandTag
       )

cpp/ql/src/semmle/code/cpp/ir/implementation/raw/Instruction.qll

@@ -48,8 +48,8 @@ module InstructionSanity {
         or
         (
           opcode instanceof ReadSideEffectOpcode or
-          opcode instanceof MayWriteSideEffectOpcode or
-          opcode instanceof Opcode::InlineAsm
+          opcode instanceof Opcode::InlineAsm or
+          opcode instanceof Opcode::CallSideEffect
         ) and
         tag instanceof SideEffectOperandTag
       )

cpp/ql/src/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll

@@ -449,12 +449,7 @@ class TranslatedSideEffect extends TranslatedElement, TTranslatedArgumentSideEff
     or
     tag instanceof OnlyInstructionTag and
     operandTag instanceof SideEffectOperandTag and
-    not call.getTarget().(SideEffectFunction).hasSpecificWriteSideEffect(index, _, true) and
-    result = getEnclosingFunction().getUnmodeledDefinitionInstruction()
-    or
-    tag instanceof OnlyInstructionTag and
-    operandTag instanceof SideEffectOperandTag and
-    call.getTarget().(SideEffectFunction).hasSpecificReadSideEffect(index, _) and
+    not isWrite() and
     result = getEnclosingFunction().getUnmodeledDefinitionInstruction()
     or
     tag instanceof OnlyInstructionTag and

cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll

@@ -48,8 +48,8 @@ module InstructionSanity {
         or
         (
           opcode instanceof ReadSideEffectOpcode or
-          opcode instanceof MayWriteSideEffectOpcode or
-          opcode instanceof Opcode::InlineAsm
+          opcode instanceof Opcode::InlineAsm or
+          opcode instanceof Opcode::CallSideEffect
         ) and
         tag instanceof SideEffectOperandTag
       )

cpp/ql/test/library-tests/ir/ir/raw_ir.expected

@@ -328,7 +328,7 @@ ssa.cpp:
 #   97|     m0_14(unknown)        = ^CallSideEffect              : ~m0_5
 #   97|     m0_15(unknown)        = Chi                          : total:m0_5, partial:m0_14
 #   97|     v0_16(void)           = ^IndirectReadSideEffect[0]   : &:r0_12, ~m0_15
-#   97|     m0_17(unknown)        = ^BufferMayWriteSideEffect[0] : &:r0_12, ~m0_15
+#   97|     m0_17(unknown)        = ^BufferMayWriteSideEffect[0] : &:r0_12
 #   97|     m0_18(unknown)        = Chi                          : total:m0_15, partial:m0_17
 #   98|     v0_19(void)           = NoOp                         : 
 #   95|     v0_20(void)           = ReturnVoid                   : 
@@ -382,7 +382,7 @@ ssa.cpp:
 #  108|     m0_20(unknown)        = ^CallSideEffect              : ~m0_5
 #  108|     m0_21(unknown)        = Chi                          : total:m0_5, partial:m0_20
 #  108|     v0_22(void)           = ^IndirectReadSideEffect[0]   : &:r0_18, ~m0_21
-#  108|     m0_23(unknown)        = ^BufferMayWriteSideEffect[0] : &:r0_18, ~m0_21
+#  108|     m0_23(unknown)        = ^BufferMayWriteSideEffect[0] : &:r0_18
 #  108|     m0_24(unknown)        = Chi                          : total:m0_21, partial:m0_23
 #  109|     v0_25(void)           = NoOp                         : 
 #  105|     v0_26(void)           = ReturnVoid                   : 
@@ -452,7 +452,7 @@ ssa.cpp:
 #  119|     m0_28(unknown)        = ^CallSideEffect              : ~m0_19
 #  119|     m0_29(unknown)        = Chi                          : total:m0_19, partial:m0_28
 #  119|     v0_30(void)           = ^IndirectReadSideEffect[0]   : &:r0_26, ~m0_29
-#  119|     m0_31(unknown)        = ^BufferMayWriteSideEffect[0] : &:r0_26, ~m0_29
+#  119|     m0_31(unknown)        = ^BufferMayWriteSideEffect[0] : &:r0_26
 #  119|     m0_32(unknown)        = Chi                          : total:m0_29, partial:m0_31
 #  120|     v0_33(void)           = NoOp                         : 
 #  116|     v0_34(void)           = ReturnVoid                   : 

cpp/ql/test/library-tests/ir/ssa/aliased_ssa_ir.expected

@@ -327,7 +327,7 @@ ssa.cpp:
 #   97|     v0_12(void)          = Call                         : func:r0_9, 0:r0_11
 #   97|     mu0_13(unknown)      = ^CallSideEffect              : ~mu0_2
 #   97|     v0_14(void)          = ^IndirectReadSideEffect[0]   : &:r0_11, ~mu0_2
-#   97|     mu0_15(unknown)      = ^BufferMayWriteSideEffect[0] : &:r0_11, ~mu0_2
+#   97|     mu0_15(unknown)      = ^BufferMayWriteSideEffect[0] : &:r0_11
 #   98|     v0_16(void)          = NoOp                         : 
 #   95|     v0_17(void)          = ReturnVoid                   : 
 #   95|     v0_18(void)          = UnmodeledUse                 : mu*
@@ -378,7 +378,7 @@ ssa.cpp:
 #  108|     v0_18(void)           = Call                         : func:r0_15, 0:r0_17
 #  108|     mu0_19(unknown)       = ^CallSideEffect              : ~mu0_2
 #  108|     v0_20(void)           = ^IndirectReadSideEffect[0]   : &:r0_17, ~mu0_2
-#  108|     mu0_21(unknown)       = ^BufferMayWriteSideEffect[0] : &:r0_17, ~mu0_2
+#  108|     mu0_21(unknown)       = ^BufferMayWriteSideEffect[0] : &:r0_17
 #  109|     v0_22(void)           = NoOp                         : 
 #  105|     v0_23(void)           = ReturnVoid                   : 
 #  105|     v0_24(void)           = UnmodeledUse                 : mu*
@@ -441,7 +441,7 @@ ssa.cpp:
 #  119|     v0_24(void)           = Call                         : func:r0_21, 0:r0_23
 #  119|     mu0_25(unknown)       = ^CallSideEffect              : ~mu0_2
 #  119|     v0_26(void)           = ^IndirectReadSideEffect[0]   : &:r0_23, ~mu0_2
-#  119|     mu0_27(unknown)       = ^BufferMayWriteSideEffect[0] : &:r0_23, ~mu0_2
+#  119|     mu0_27(unknown)       = ^BufferMayWriteSideEffect[0] : &:r0_23
 #  120|     v0_28(void)           = NoOp                         : 
 #  116|     v0_29(void)           = ReturnVoid                   : 
 #  116|     v0_30(void)           = UnmodeledUse                 : mu*

cpp/ql/test/library-tests/ir/ssa/unaliased_ssa_ir.expected

@@ -1,5 +1,9 @@
 missingOperand
 | misc.c:125:5:125:11 | CopyValue: (statement expression) | Instruction 'CopyValue' is missing an expected operand with tag 'Unary' in function '$@'. | misc.c:97:6:97:10 | IR: misc3 | void misc3() |
+| parameterinitializer.cpp:27:3:27:6 | IndirectReadSideEffect: my_c | Instruction 'IndirectReadSideEffect' is missing an expected operand with tag 'SideEffect' in function '$@'. | allocators.cpp:14:5:14:8 | IR: main | int main() |
+| parameterinitializer.cpp:27:3:27:6 | IndirectReadSideEffect: my_c | Instruction 'IndirectReadSideEffect' is missing an expected operand with tag 'SideEffect' in function '$@'. | no_dynamic_init.cpp:9:5:9:8 | IR: main | int main() |
+| parameterinitializer.cpp:27:3:27:6 | IndirectReadSideEffect: my_c | Instruction 'IndirectReadSideEffect' is missing an expected operand with tag 'SideEffect' in function '$@'. | parameterinitializer.cpp:18:5:18:8 | IR: main | int main() |
+| parameterinitializer.cpp:27:3:27:6 | IndirectReadSideEffect: my_c | Instruction 'IndirectReadSideEffect' is missing an expected operand with tag 'SideEffect' in function '$@'. | stream_it.cpp:16:5:16:8 | IR: main | int main() |
 | try_catch.cpp:13:5:13:16 | ThrowValue: throw ... | Instruction 'ThrowValue' is missing an expected operand with tag 'Load' in function '$@'. | try_catch.cpp:11:6:11:17 | IR: bypass_catch | void bypass_catch() |
 unexpectedOperand
 duplicateOperand

cpp/ql/test/library-tests/syntax-zoo/aliased_ssa_sanity.expected

@@ -27,7 +27,7 @@ instructionWithoutSuccessor
 | assume0.cpp:7:2:7:2 | CallSideEffect: call to f |
 | assume0.cpp:9:11:9:11 | Constant: (bool)... |
 | condition_decls.cpp:16:19:16:20 | CallSideEffect: call to BoxedInt |
-| condition_decls.cpp:26:19:26:19 | CallSideEffect: call to operator int |
+| condition_decls.cpp:26:19:26:20 | IndirectMayWriteSideEffect: bi |
 | condition_decls.cpp:26:23:26:24 | CallSideEffect: call to BoxedInt |
 | condition_decls.cpp:41:22:41:23 | CallSideEffect: call to BoxedInt |
 | condition_decls.cpp:48:52:48:53 | CallSideEffect: call to BoxedInt |
@@ -614,12 +614,14 @@ useNotDominatedByDefinition
 | assume0.cpp:11:2:11:2 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | assume0.cpp:5:6:5:6 | IR: h | void h() |
 | condition_decls.cpp:16:15:16:15 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | condition_decls.cpp:15:6:15:17 | IR: if_decl_bind | void if_decl_bind(int) |
 | condition_decls.cpp:16:15:16:16 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:15:6:15:17 | IR: if_decl_bind | void if_decl_bind(int) |
+| condition_decls.cpp:16:15:16:16 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | condition_decls.cpp:15:6:15:17 | IR: if_decl_bind | void if_decl_bind(int) |
 | condition_decls.cpp:17:5:17:15 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:15:6:15:17 | IR: if_decl_bind | void if_decl_bind(int) |
 | condition_decls.cpp:17:11:17:15 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:15:6:15:17 | IR: if_decl_bind | void if_decl_bind(int) |
 | condition_decls.cpp:20:5:20:15 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:15:6:15:17 | IR: if_decl_bind | void if_decl_bind(int) |
 | condition_decls.cpp:20:11:20:15 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:15:6:15:17 | IR: if_decl_bind | void if_decl_bind(int) |
 | condition_decls.cpp:26:19:26:19 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | condition_decls.cpp:25:6:25:21 | IR: switch_decl_bind | void switch_decl_bind(int) |
 | condition_decls.cpp:26:19:26:20 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:25:6:25:21 | IR: switch_decl_bind | void switch_decl_bind(int) |
+| condition_decls.cpp:26:19:26:20 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | condition_decls.cpp:25:6:25:21 | IR: switch_decl_bind | void switch_decl_bind(int) |
 | condition_decls.cpp:28:5:28:15 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:25:6:25:21 | IR: switch_decl_bind | void switch_decl_bind(int) |
 | condition_decls.cpp:28:11:28:15 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:25:6:25:21 | IR: switch_decl_bind | void switch_decl_bind(int) |
 | condition_decls.cpp:31:5:31:15 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:25:6:25:21 | IR: switch_decl_bind | void switch_decl_bind(int) |
@@ -628,14 +630,17 @@ useNotDominatedByDefinition
 | condition_decls.cpp:34:9:34:13 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:25:6:25:21 | IR: switch_decl_bind | void switch_decl_bind(int) |
 | condition_decls.cpp:41:18:41:18 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | condition_decls.cpp:40:6:40:20 | IR: while_decl_bind | void while_decl_bind(int) |
 | condition_decls.cpp:41:18:41:19 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:40:6:40:20 | IR: while_decl_bind | void while_decl_bind(int) |
+| condition_decls.cpp:41:18:41:19 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | condition_decls.cpp:40:6:40:20 | IR: while_decl_bind | void while_decl_bind(int) |
 | condition_decls.cpp:42:5:42:7 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:40:6:40:20 | IR: while_decl_bind | void while_decl_bind(int) |
 | condition_decls.cpp:44:3:44:5 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:40:6:40:20 | IR: while_decl_bind | void while_decl_bind(int) |
 | condition_decls.cpp:48:48:48:48 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | condition_decls.cpp:47:6:47:18 | IR: for_decl_bind | void for_decl_bind(int) |
 | condition_decls.cpp:48:48:48:49 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:47:6:47:18 | IR: for_decl_bind | void for_decl_bind(int) |
+| condition_decls.cpp:48:48:48:49 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | condition_decls.cpp:47:6:47:18 | IR: for_decl_bind | void for_decl_bind(int) |
 | condition_decls.cpp:48:56:48:61 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:47:6:47:18 | IR: for_decl_bind | void for_decl_bind(int) |
 | condition_decls.cpp:49:5:49:7 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:47:6:47:18 | IR: for_decl_bind | void for_decl_bind(int) |
 | condition_decls.cpp:51:3:51:5 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | condition_decls.cpp:47:6:47:18 | IR: for_decl_bind | void for_decl_bind(int) |
 | cpp11.cpp:28:21:28:21 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | cpp11.cpp:27:7:27:14 | IR: getFirst | int range_based_for_11::getFirst() |
+| file://:0:0:0:0 | Operand | Operand 'Operand' is not dominated by its definition in function '$@'. | cpp11.cpp:27:7:27:14 | IR: getFirst | int range_based_for_11::getFirst() |
 | misc.c:68:16:68:16 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | misc.c:16:6:16:10 | IR: misc1 | void misc1(int, int) |
 | misc.c:70:13:70:15 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | misc.c:16:6:16:10 | IR: misc1 | void misc1(int, int) |
 | misc.c:72:11:72:11 | Load | Operand 'Load' is not dominated by its definition in function '$@'. | misc.c:16:6:16:10 | IR: misc1 | void misc1(int, int) |

cpp/ql/test/library-tests/syntax-zoo/raw_sanity.expected

@@ -1,5 +1,9 @@
 missingOperand
 | misc.c:125:5:125:11 | CopyValue: (statement expression) | Instruction 'CopyValue' is missing an expected operand with tag 'Unary' in function '$@'. | misc.c:97:6:97:10 | IR: misc3 | void misc3() |
+| parameterinitializer.cpp:27:3:27:6 | IndirectReadSideEffect: my_c | Instruction 'IndirectReadSideEffect' is missing an expected operand with tag 'SideEffect' in function '$@'. | allocators.cpp:14:5:14:8 | IR: main | int main() |
+| parameterinitializer.cpp:27:3:27:6 | IndirectReadSideEffect: my_c | Instruction 'IndirectReadSideEffect' is missing an expected operand with tag 'SideEffect' in function '$@'. | no_dynamic_init.cpp:9:5:9:8 | IR: main | int main() |
+| parameterinitializer.cpp:27:3:27:6 | IndirectReadSideEffect: my_c | Instruction 'IndirectReadSideEffect' is missing an expected operand with tag 'SideEffect' in function '$@'. | parameterinitializer.cpp:18:5:18:8 | IR: main | int main() |
+| parameterinitializer.cpp:27:3:27:6 | IndirectReadSideEffect: my_c | Instruction 'IndirectReadSideEffect' is missing an expected operand with tag 'SideEffect' in function '$@'. | stream_it.cpp:16:5:16:8 | IR: main | int main() |
 | try_catch.cpp:13:5:13:16 | ThrowValue: throw ... | Instruction 'ThrowValue' is missing an expected operand with tag 'Load' in function '$@'. | try_catch.cpp:11:6:11:17 | IR: bypass_catch | void bypass_catch() |
 unexpectedOperand
 duplicateOperand