C++: Make InitializeParameter and Uninitialized return memory results

cpp/ql/src/semmle/code/cpp/ir/internal/Instruction.qll

@@ -545,6 +545,10 @@ class InitializeParameterInstruction extends VariableInstruction {
   final Parameter getParameter() {
     result = var.(IRUserVariable).getVariable()
   }
+
+  override final MemoryAccessKind getResultMemoryAccess() {
+    result instanceof IndirectMemoryAccess
+  }
 }
 
 class FieldAddressInstruction extends FieldInstruction {
@@ -561,6 +565,10 @@ class UninitializedInstruction extends Instruction {
   UninitializedInstruction() {
     opcode instanceof Opcode::Uninitialized
   }
+
+  override final MemoryAccessKind getResultMemoryAccess() {
+    result instanceof IndirectMemoryAccess
+  }
 }
 
 class NoOpInstruction extends Instruction {

cpp/ql/src/semmle/code/cpp/ir/internal/InstructionTag.qll

@@ -17,8 +17,6 @@ private predicate elementIsInitialized(int elementIndex) {
 
 newtype TInstructionTag =
   OnlyInstructionTag() or  // Single instruction (not including implicit Load)
-  InitializerUninitializedTag() or  // Source expression of initializer
-  ParameterInitializerTag() or
   InitializeThisTag() or
   InitializerVariableAddressTag() or
   InitializerLoadStringTag() or
@@ -88,8 +86,6 @@ newtype TInstructionTag =
  */
 string getInstructionTagId(TInstructionTag tag) {
   tag = OnlyInstructionTag() and result = "Only" or  // Single instruction (not including implicit Load)
-  tag = InitializerUninitializedTag() and result = "InitUninit" or  // Source expression of initializer
-  tag = ParameterInitializerTag() and result = "ParamInit" or
   tag = InitializerVariableAddressTag() and result = "InitVarAddr" or
   tag = InitializerStoreTag() and result = "InitStore" or
   tag = AssignOperationLoadTag() and result = "AssignOpLoad" or

cpp/ql/src/semmle/code/cpp/ir/internal/Opcode.qll

@@ -92,8 +92,8 @@ abstract class BuiltInOpcode extends Opcode {}
 
 module Opcode {
   class NoOp extends Opcode, TNoOp { override final string toString() { result = "NoOp" } }
-  class Uninitialized extends Opcode, TUninitialized { override final string toString() { result = "Uninitialized" } }
-  class InitializeParameter extends Opcode, TInitializeParameter { override final string toString() { result = "InitializeParameter" } }
+  class Uninitialized extends MemoryAccessOpcode, TUninitialized { override final string toString() { result = "Uninitialized" } }
+  class InitializeParameter extends MemoryAccessOpcode, TInitializeParameter { override final string toString() { result = "InitializeParameter" } }
   class InitializeThis extends Opcode, TInitializeThis { override final string toString() { result = "InitializeThis" } }
   class EnterFunction extends Opcode, TEnterFunction { override final string toString() { result = "EnterFunction" } }
   class ExitFunction extends Opcode, TExitFunction { override final string toString() { result = "ExitFunction" } }

cpp/ql/src/semmle/code/cpp/ir/internal/TranslatedDeclarationEntry.qll

@@ -98,8 +98,8 @@ abstract class TranslatedVariableDeclaration extends
 
 /**
  * Represents the IR translation of a local variable with no initializer. The
- * generated IR stores the result of an `Uninitialized` instruction into the
- * variable.
+ * generated IR stores into the variable using an `Uninitialized` instruction,
+ * rather than a `Store`.
  */
 class TranslatedUninitializedVariable extends
   TranslatedVariableDeclaration {
@@ -127,12 +127,6 @@ class TranslatedUninitializedVariable extends
     ) or
     ( 
       tag = InitializerStoreTag() and
-      opcode instanceof Opcode::Store and
-      resultType = var.getType().getUnspecifiedType() and
-      isGLValue = false
-    ) or
-    (
-      tag = InitializerUninitializedTag() and
       opcode instanceof Opcode::Uninitialized and
       resultType = var.getType().getUnspecifiedType() and
       isGLValue = false
@@ -145,10 +139,6 @@ class TranslatedUninitializedVariable extends
     (
       (
         tag = InitializerVariableAddressTag() and
-        result = getInstruction(InitializerUninitializedTag())
-      ) or
-      (
-        tag = InitializerUninitializedTag() and
         result = getInstruction(InitializerStoreTag())
       ) or
       (
@@ -169,11 +159,7 @@ class TranslatedUninitializedVariable extends
       (
         operandTag instanceof LoadStoreAddressOperand and
         result = getInstruction(InitializerVariableAddressTag())
-      ) or
-      (
-        operandTag instanceof CopySourceOperand and
-        result = getInstruction(InitializerUninitializedTag())
-      )
+      ) 
     )
   }
 

cpp/ql/src/semmle/code/cpp/ir/internal/TranslatedFunction.qll

@@ -323,7 +323,7 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter {
   }
 
   override final Instruction getFirstInstruction() {
-    result = getInstruction(ParameterInitializerTag())
+    result = getInstruction(InitializerVariableAddressTag())
   }
 
   override final TranslatedElement getChild(int id) {
@@ -334,10 +334,6 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter {
     EdgeKind kind) {
     kind instanceof GotoEdge and
     (
-      (
-        tag = ParameterInitializerTag() and
-        result = getInstruction(InitializerVariableAddressTag())
-      ) or
       (
         tag = InitializerVariableAddressTag() and
         result = getInstruction(InitializerStoreTag())
@@ -355,12 +351,6 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter {
 
   override final predicate hasInstruction(Opcode opcode, InstructionTag tag,
     Type resultType, boolean isGLValue) {
-    (
-      tag = ParameterInitializerTag() and
-      opcode instanceof Opcode::InitializeParameter and
-      resultType = param.getType().getUnspecifiedType() and
-      isGLValue = false
-    ) or
     (
       tag = InitializerVariableAddressTag() and
       opcode instanceof Opcode::VariableAddress and
@@ -369,15 +359,15 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter {
     ) or
     (
       tag = InitializerStoreTag() and
-      opcode instanceof Opcode::Store and
+      opcode instanceof Opcode::InitializeParameter and
       resultType = param.getType().getUnspecifiedType() and
       isGLValue = false
     )
   }
 
   override final IRVariable getInstructionVariable(InstructionTag tag) {
     (
-      tag = ParameterInitializerTag() or
+      tag = InitializerStoreTag() or
       tag = InitializerVariableAddressTag()
     ) and
     result = getIRUserVariable(getFunction(), param)
@@ -390,10 +380,6 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter {
       (
         operandTag instanceof LoadStoreAddressOperand and
         result = getInstruction(InitializerVariableAddressTag())
-      ) or
-      (
-        operandTag instanceof CopySourceOperand and
-        result = getInstruction(ParameterInitializerTag())
       )
     )
   }

cpp/ql/src/semmle/code/cpp/ssa/internal/aliased_ssa/Instruction.qll

@@ -545,6 +545,10 @@ class InitializeParameterInstruction extends VariableInstruction {
   final Parameter getParameter() {
     result = var.(IRUserVariable).getVariable()
   }
+
+  override final MemoryAccessKind getResultMemoryAccess() {
+    result instanceof IndirectMemoryAccess
+  }
 }
 
 class FieldAddressInstruction extends FieldInstruction {
@@ -561,6 +565,10 @@ class UninitializedInstruction extends Instruction {
   UninitializedInstruction() {
     opcode instanceof Opcode::Uninitialized
   }
+
+  override final MemoryAccessKind getResultMemoryAccess() {
+    result instanceof IndirectMemoryAccess
+  }
 }
 
 class NoOpInstruction extends Instruction {

cpp/ql/src/semmle/code/cpp/ssa/internal/ssa/Instruction.qll

@@ -545,6 +545,10 @@ class InitializeParameterInstruction extends VariableInstruction {
   final Parameter getParameter() {
     result = var.(IRUserVariable).getVariable()
   }
+
+  override final MemoryAccessKind getResultMemoryAccess() {
+    result instanceof IndirectMemoryAccess
+  }
 }
 
 class FieldAddressInstruction extends FieldInstruction {
@@ -561,6 +565,10 @@ class UninitializedInstruction extends Instruction {
   UninitializedInstruction() {
     opcode instanceof Opcode::Uninitialized
   }
+
+  override final MemoryAccessKind getResultMemoryAccess() {
+    result instanceof IndirectMemoryAccess
+  }
 }
 
 class NoOpInstruction extends Instruction {