DataFlow: Add language-specific predicate for ignoring steps in flow-through calculation

[MathiasVP]

TLDR

This PR adds a language-level hook for excluding steps from the flow-through calculation. It's a no-op PR for all other languages than C/C++.

Slightly longer explanation

We have a well-known source of FPs in C/C++ caused by the following pattern:

void modify(int* q) { *q = source(); }

void modify_copy(int* p) {
  int x = *p;
  modify(&x);
}

void test() {
  int x;
  modify_copy(&x);
  sink(x); // we report flow from source to sink here.
}

This happens because we model each indirection of a parameter as a separate SSA variable, so dataflow really sees the above program as

void modify(int* q, int deref_q) { deref_q = source(); }

void modify_copy(int* p, int deref_p) {
  int x = deref_p;
  modify(&x, x);
}

void test() {
  int x;
  modify_copy(&x, x);
  sink(x); // we report flow from source to sink here.
}

and in the above program it's easy to see that there's a ReturnNodeExt generated that updates the parameter deref_p in modify_copy.

The problem is the SSA step generated by int x = *p; which should be treated special when generating flow-throughs since a subsequent update of x should not affect *p (which is currently what the flow-through summaries give us).

@aschackmull I'd like to hear if you have any problems with 748625c? I hope it's not controversial since:

• it's a no-op for all the other languages
• it's a very simple fix for a problem that's been observed quite often in C/C++

DCA looks good. I've verified that all the removed results are instances of the test_modify_copy_of_pointer testcase.

[owen-mc]

I love that this didn't ping all the language teams for review. Yay for properly shared code!

[MathiasVP]

I love that this didn't ping all the language teams for review. Yay for properly shared code!

Indeed 😂. Super happy about that as well!