diff --git a/cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/IRSanity.qll b/cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/IRSanity.qll
index de66a3c99dca..d07a99eab375 100644
--- a/cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/IRSanity.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/IRSanity.qll
@@ -1,3 +1,275 @@
 private import IR
-import InstructionSanity
-import IRTypeSanity
+import InstructionSanity // module is below
+import IRTypeSanity // module is in IRType.qll
+
+module InstructionSanity {
+  private import internal.InstructionImports as Imports
+  private import Imports::OperandTag
+  private import internal.IRInternal
+
+  /**
+   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
+   */
+  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
+    exists(OperandTag tag |
+      instr.getOpcode().hasOperand(tag) and
+      not exists(NonPhiOperand operand |
+        operand = instr.getAnOperand() and
+        operand.getOperandTag() = tag
+      ) and
+      message =
+        "Instruction '" + instr.getOpcode().toString() +
+          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
+   */
+  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
+    exists(NonPhiOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getOperandTag() = tag
+    ) and
+    not instr.getOpcode().hasOperand(tag) and
+    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
+    not (
+      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
+    ) and
+    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
+  }
+
+  /**
+   * Holds if instruction `instr` has multiple operands with tag `tag`.
+   */
+  query predicate duplicateOperand(
+    Instruction instr, string message, IRFunction func, string funcText
+  ) {
+    exists(OperandTag tag, int operandCount |
+      operandCount =
+        strictcount(NonPhiOperand operand |
+          operand = instr.getAnOperand() and
+          operand.getOperandTag() = tag
+        ) and
+      operandCount > 1 and
+      not tag instanceof UnmodeledUseOperandTag and
+      message =
+        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
+          " in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
+   * the predecessor block `pred`.
+   */
+  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
+    pred = instr.getBlock().getAPredecessor() and
+    not exists(PhiInputOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getPredecessorBlock() = pred
+    )
+  }
+
+  query predicate missingOperandType(Operand operand, string message) {
+    exists(Language::Function func, Instruction use |
+      not exists(operand.getType()) and
+      use = operand.getUse() and
+      func = use.getEnclosingFunction() and
+      message =
+        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
+          "' missing type in function '" + Language::getIdentityString(func) + "'."
+    )
+  }
+
+  query predicate duplicateChiOperand(
+    ChiInstruction chi, string message, IRFunction func, string funcText
+  ) {
+    chi.getTotal() = chi.getPartial() and
+    message =
+      "Chi instruction for " + chi.getPartial().toString() +
+        " has duplicate operands in function $@" and
+    func = chi.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  query predicate sideEffectWithoutPrimary(
+    SideEffectInstruction instr, string message, IRFunction func, string funcText
+  ) {
+    not exists(instr.getPrimaryInstruction()) and
+    message = "Side effect instruction missing primary instruction in function $@" and
+    func = instr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  /**
+   * Holds if an instruction, other than `ExitFunction`, has no successors.
+   */
+  query predicate instructionWithoutSuccessor(Instruction instr) {
+    not exists(instr.getASuccessor()) and
+    not instr instanceof ExitFunctionInstruction and
+    // Phi instructions aren't linked into the instruction-level flow graph.
+    not instr instanceof PhiInstruction and
+    not instr instanceof UnreachedInstruction
+  }
+
+  /**
+   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
+   * where `target` is among the targets of those edges.
+   */
+  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
+    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
+    n > 1 and
+    source.getSuccessor(kind) = target
+  }
+
+  /**
+   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
+   * contains no element that can cause loops.
+   */
+  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
+    exists(IRBlock block |
+      instr.getBlock() = block and
+      block.getEnclosingFunction() = f and
+      block.getASuccessor+() = block
+    ) and
+    not Language::hasPotentialLoop(f)
+  }
+
+  /**
+   * Holds if a `Phi` instruction is present in a block with fewer than two
+   * predecessors.
+   */
+  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
+    count(instr.getBlock().getAPredecessor()) < 2
+  }
+
+  /**
+   * Holds if operand `operand` consumes a value that was defined in
+   * a different function.
+   */
+  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
+    operand.getUse() = instr and
+    operand.getAnyDef() = defInstr and
+    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
+  }
+
+  /**
+   * Holds if instruction `instr` is not in exactly one block.
+   */
+  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
+    blockCount = count(instr.getBlock()) and
+    blockCount != 1
+  }
+
+  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
+    b1.getASuccessor() = b2 and
+    not b1.getBackEdgeSuccessor(_) = b2
+  }
+
+  /**
+   * Holds if `f` contains a loop in which no edge is a back edge.
+   *
+   * This check ensures we don't have too _few_ back edges.
+   */
+  query predicate containsLoopOfForwardEdges(IRFunction f) {
+    exists(IRBlock block |
+      forwardEdge+(block, block) and
+      block.getEnclosingIRFunction() = f
+    )
+  }
+
+  /**
+   * Holds if `block` is reachable from its function entry point but would not
+   * be reachable by traversing only forward edges. This check is skipped for
+   * functions containing `goto` statements as the property does not generally
+   * hold there.
+   *
+   * This check ensures we don't have too _many_ back edges.
+   */
+  query predicate lostReachability(IRBlock block) {
+    exists(IRFunction f, IRBlock entry |
+      entry = f.getEntryBlock() and
+      entry.getASuccessor+() = block and
+      not forwardEdge+(entry, block) and
+      not Language::hasGoto(f.getFunction())
+    )
+  }
+
+  /**
+   * Holds if the number of back edges differs between the `Instruction` graph
+   * and the `IRBlock` graph.
+   */
+  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
+    fromInstr =
+      count(Instruction i1, Instruction i2 |
+        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
+      ) and
+    fromBlock =
+      count(IRBlock b1, IRBlock b2 |
+        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
+      ) and
+    fromInstr != fromBlock
+  }
+
+  /**
+   * Gets the point in the function at which the specified operand is evaluated. For most operands,
+   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
+   * of evaluation is at the end of the corresponding predecessor block.
+   */
+  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
+    block = operand.(PhiInputOperand).getPredecessorBlock() and
+    index = block.getInstructionCount()
+    or
+    exists(Instruction use |
+      use = operand.(NonPhiOperand).getUse() and
+      block.getInstruction(index) = use
+    )
+  }
+
+  /**
+   * Holds if `useOperand` has a definition that does not dominate the use.
+   */
+  query predicate useNotDominatedByDefinition(
+    Operand useOperand, string message, IRFunction func, string funcText
+  ) {
+    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
+      not useOperand.getUse() instanceof UnmodeledUseInstruction and
+      not defInstr instanceof UnmodeledDefinitionInstruction and
+      pointOfEvaluation(useOperand, useBlock, useIndex) and
+      defInstr = useOperand.getAnyDef() and
+      (
+        defInstr instanceof PhiInstruction and
+        defBlock = defInstr.getBlock() and
+        defIndex = -1
+        or
+        defBlock.getInstruction(defIndex) = defInstr
+      ) and
+      not (
+        defBlock.strictlyDominates(useBlock)
+        or
+        defBlock = useBlock and
+        defIndex < useIndex
+      ) and
+      message =
+        "Operand '" + useOperand.toString() +
+          "' is not dominated by its definition in function '$@'." and
+      func = useOperand.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  query predicate switchInstructionWithoutDefaultEdge(
+    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
+  ) {
+    not exists(switchInstr.getDefaultSuccessor()) and
+    message =
+      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
+    func = switchInstr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+}
diff --git a/cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll b/cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll
index 2d414e0c46eb..72c8d7e3b95a 100644
--- a/cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll
@@ -10,274 +10,6 @@ import Imports::MemoryAccessKind
 import Imports::Opcode
 private import Imports::OperandTag
 
-module InstructionSanity {
-  /**
-   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
-   */
-  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
-    exists(OperandTag tag |
-      instr.getOpcode().hasOperand(tag) and
-      not exists(NonPhiOperand operand |
-        operand = instr.getAnOperand() and
-        operand.getOperandTag() = tag
-      ) and
-      message =
-        "Instruction '" + instr.getOpcode().toString() +
-          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
-   */
-  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
-    exists(NonPhiOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getOperandTag() = tag
-    ) and
-    not instr.getOpcode().hasOperand(tag) and
-    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
-    not (
-      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
-    ) and
-    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
-  }
-
-  /**
-   * Holds if instruction `instr` has multiple operands with tag `tag`.
-   */
-  query predicate duplicateOperand(
-    Instruction instr, string message, IRFunction func, string funcText
-  ) {
-    exists(OperandTag tag, int operandCount |
-      operandCount =
-        strictcount(NonPhiOperand operand |
-          operand = instr.getAnOperand() and
-          operand.getOperandTag() = tag
-        ) and
-      operandCount > 1 and
-      not tag instanceof UnmodeledUseOperandTag and
-      message =
-        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
-          " in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
-   * the predecessor block `pred`.
-   */
-  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
-    pred = instr.getBlock().getAPredecessor() and
-    not exists(PhiInputOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getPredecessorBlock() = pred
-    )
-  }
-
-  query predicate missingOperandType(Operand operand, string message) {
-    exists(Language::Function func, Instruction use |
-      not exists(operand.getType()) and
-      use = operand.getUse() and
-      func = use.getEnclosingFunction() and
-      message =
-        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
-          "' missing type in function '" + Language::getIdentityString(func) + "'."
-    )
-  }
-
-  query predicate duplicateChiOperand(
-    ChiInstruction chi, string message, IRFunction func, string funcText
-  ) {
-    chi.getTotal() = chi.getPartial() and
-    message =
-      "Chi instruction for " + chi.getPartial().toString() +
-        " has duplicate operands in function $@" and
-    func = chi.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  query predicate sideEffectWithoutPrimary(
-    SideEffectInstruction instr, string message, IRFunction func, string funcText
-  ) {
-    not exists(instr.getPrimaryInstruction()) and
-    message = "Side effect instruction missing primary instruction in function $@" and
-    func = instr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  /**
-   * Holds if an instruction, other than `ExitFunction`, has no successors.
-   */
-  query predicate instructionWithoutSuccessor(Instruction instr) {
-    not exists(instr.getASuccessor()) and
-    not instr instanceof ExitFunctionInstruction and
-    // Phi instructions aren't linked into the instruction-level flow graph.
-    not instr instanceof PhiInstruction and
-    not instr instanceof UnreachedInstruction
-  }
-
-  /**
-   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
-   * where `target` is among the targets of those edges.
-   */
-  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
-    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
-    n > 1 and
-    source.getSuccessor(kind) = target
-  }
-
-  /**
-   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
-   * contains no element that can cause loops.
-   */
-  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
-    exists(IRBlock block |
-      instr.getBlock() = block and
-      block.getEnclosingFunction() = f and
-      block.getASuccessor+() = block
-    ) and
-    not Language::hasPotentialLoop(f)
-  }
-
-  /**
-   * Holds if a `Phi` instruction is present in a block with fewer than two
-   * predecessors.
-   */
-  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
-    count(instr.getBlock().getAPredecessor()) < 2
-  }
-
-  /**
-   * Holds if operand `operand` consumes a value that was defined in
-   * a different function.
-   */
-  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
-    operand.getUse() = instr and
-    operand.getAnyDef() = defInstr and
-    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
-  }
-
-  /**
-   * Holds if instruction `instr` is not in exactly one block.
-   */
-  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
-    blockCount = count(instr.getBlock()) and
-    blockCount != 1
-  }
-
-  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
-    b1.getASuccessor() = b2 and
-    not b1.getBackEdgeSuccessor(_) = b2
-  }
-
-  /**
-   * Holds if `f` contains a loop in which no edge is a back edge.
-   *
-   * This check ensures we don't have too _few_ back edges.
-   */
-  query predicate containsLoopOfForwardEdges(IRFunction f) {
-    exists(IRBlock block |
-      forwardEdge+(block, block) and
-      block.getEnclosingIRFunction() = f
-    )
-  }
-
-  /**
-   * Holds if `block` is reachable from its function entry point but would not
-   * be reachable by traversing only forward edges. This check is skipped for
-   * functions containing `goto` statements as the property does not generally
-   * hold there.
-   *
-   * This check ensures we don't have too _many_ back edges.
-   */
-  query predicate lostReachability(IRBlock block) {
-    exists(IRFunction f, IRBlock entry |
-      entry = f.getEntryBlock() and
-      entry.getASuccessor+() = block and
-      not forwardEdge+(entry, block) and
-      not Language::hasGoto(f.getFunction())
-    )
-  }
-
-  /**
-   * Holds if the number of back edges differs between the `Instruction` graph
-   * and the `IRBlock` graph.
-   */
-  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
-    fromInstr =
-      count(Instruction i1, Instruction i2 |
-        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
-      ) and
-    fromBlock =
-      count(IRBlock b1, IRBlock b2 |
-        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
-      ) and
-    fromInstr != fromBlock
-  }
-
-  /**
-   * Gets the point in the function at which the specified operand is evaluated. For most operands,
-   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
-   * of evaluation is at the end of the corresponding predecessor block.
-   */
-  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
-    block = operand.(PhiInputOperand).getPredecessorBlock() and
-    index = block.getInstructionCount()
-    or
-    exists(Instruction use |
-      use = operand.(NonPhiOperand).getUse() and
-      block.getInstruction(index) = use
-    )
-  }
-
-  /**
-   * Holds if `useOperand` has a definition that does not dominate the use.
-   */
-  query predicate useNotDominatedByDefinition(
-    Operand useOperand, string message, IRFunction func, string funcText
-  ) {
-    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
-      not useOperand.getUse() instanceof UnmodeledUseInstruction and
-      not defInstr instanceof UnmodeledDefinitionInstruction and
-      pointOfEvaluation(useOperand, useBlock, useIndex) and
-      defInstr = useOperand.getAnyDef() and
-      (
-        defInstr instanceof PhiInstruction and
-        defBlock = defInstr.getBlock() and
-        defIndex = -1
-        or
-        defBlock.getInstruction(defIndex) = defInstr
-      ) and
-      not (
-        defBlock.strictlyDominates(useBlock)
-        or
-        defBlock = useBlock and
-        defIndex < useIndex
-      ) and
-      message =
-        "Operand '" + useOperand.toString() +
-          "' is not dominated by its definition in function '$@'." and
-      func = useOperand.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  query predicate switchInstructionWithoutDefaultEdge(
-    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
-  ) {
-    not exists(switchInstr.getDefaultSuccessor()) and
-    message =
-      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
-    func = switchInstr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-}
-
 /**
  * Gets an `Instruction` that is contained in `IRFunction`, and has a location with the specified
  * `File` and line number. Used for assigning register names when printing IR.
diff --git a/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/IRSanity.qll b/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/IRSanity.qll
index de66a3c99dca..d07a99eab375 100644
--- a/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/IRSanity.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/IRSanity.qll
@@ -1,3 +1,275 @@
 private import IR
-import InstructionSanity
-import IRTypeSanity
+import InstructionSanity // module is below
+import IRTypeSanity // module is in IRType.qll
+
+module InstructionSanity {
+  private import internal.InstructionImports as Imports
+  private import Imports::OperandTag
+  private import internal.IRInternal
+
+  /**
+   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
+   */
+  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
+    exists(OperandTag tag |
+      instr.getOpcode().hasOperand(tag) and
+      not exists(NonPhiOperand operand |
+        operand = instr.getAnOperand() and
+        operand.getOperandTag() = tag
+      ) and
+      message =
+        "Instruction '" + instr.getOpcode().toString() +
+          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
+   */
+  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
+    exists(NonPhiOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getOperandTag() = tag
+    ) and
+    not instr.getOpcode().hasOperand(tag) and
+    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
+    not (
+      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
+    ) and
+    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
+  }
+
+  /**
+   * Holds if instruction `instr` has multiple operands with tag `tag`.
+   */
+  query predicate duplicateOperand(
+    Instruction instr, string message, IRFunction func, string funcText
+  ) {
+    exists(OperandTag tag, int operandCount |
+      operandCount =
+        strictcount(NonPhiOperand operand |
+          operand = instr.getAnOperand() and
+          operand.getOperandTag() = tag
+        ) and
+      operandCount > 1 and
+      not tag instanceof UnmodeledUseOperandTag and
+      message =
+        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
+          " in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
+   * the predecessor block `pred`.
+   */
+  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
+    pred = instr.getBlock().getAPredecessor() and
+    not exists(PhiInputOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getPredecessorBlock() = pred
+    )
+  }
+
+  query predicate missingOperandType(Operand operand, string message) {
+    exists(Language::Function func, Instruction use |
+      not exists(operand.getType()) and
+      use = operand.getUse() and
+      func = use.getEnclosingFunction() and
+      message =
+        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
+          "' missing type in function '" + Language::getIdentityString(func) + "'."
+    )
+  }
+
+  query predicate duplicateChiOperand(
+    ChiInstruction chi, string message, IRFunction func, string funcText
+  ) {
+    chi.getTotal() = chi.getPartial() and
+    message =
+      "Chi instruction for " + chi.getPartial().toString() +
+        " has duplicate operands in function $@" and
+    func = chi.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  query predicate sideEffectWithoutPrimary(
+    SideEffectInstruction instr, string message, IRFunction func, string funcText
+  ) {
+    not exists(instr.getPrimaryInstruction()) and
+    message = "Side effect instruction missing primary instruction in function $@" and
+    func = instr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  /**
+   * Holds if an instruction, other than `ExitFunction`, has no successors.
+   */
+  query predicate instructionWithoutSuccessor(Instruction instr) {
+    not exists(instr.getASuccessor()) and
+    not instr instanceof ExitFunctionInstruction and
+    // Phi instructions aren't linked into the instruction-level flow graph.
+    not instr instanceof PhiInstruction and
+    not instr instanceof UnreachedInstruction
+  }
+
+  /**
+   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
+   * where `target` is among the targets of those edges.
+   */
+  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
+    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
+    n > 1 and
+    source.getSuccessor(kind) = target
+  }
+
+  /**
+   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
+   * contains no element that can cause loops.
+   */
+  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
+    exists(IRBlock block |
+      instr.getBlock() = block and
+      block.getEnclosingFunction() = f and
+      block.getASuccessor+() = block
+    ) and
+    not Language::hasPotentialLoop(f)
+  }
+
+  /**
+   * Holds if a `Phi` instruction is present in a block with fewer than two
+   * predecessors.
+   */
+  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
+    count(instr.getBlock().getAPredecessor()) < 2
+  }
+
+  /**
+   * Holds if operand `operand` consumes a value that was defined in
+   * a different function.
+   */
+  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
+    operand.getUse() = instr and
+    operand.getAnyDef() = defInstr and
+    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
+  }
+
+  /**
+   * Holds if instruction `instr` is not in exactly one block.
+   */
+  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
+    blockCount = count(instr.getBlock()) and
+    blockCount != 1
+  }
+
+  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
+    b1.getASuccessor() = b2 and
+    not b1.getBackEdgeSuccessor(_) = b2
+  }
+
+  /**
+   * Holds if `f` contains a loop in which no edge is a back edge.
+   *
+   * This check ensures we don't have too _few_ back edges.
+   */
+  query predicate containsLoopOfForwardEdges(IRFunction f) {
+    exists(IRBlock block |
+      forwardEdge+(block, block) and
+      block.getEnclosingIRFunction() = f
+    )
+  }
+
+  /**
+   * Holds if `block` is reachable from its function entry point but would not
+   * be reachable by traversing only forward edges. This check is skipped for
+   * functions containing `goto` statements as the property does not generally
+   * hold there.
+   *
+   * This check ensures we don't have too _many_ back edges.
+   */
+  query predicate lostReachability(IRBlock block) {
+    exists(IRFunction f, IRBlock entry |
+      entry = f.getEntryBlock() and
+      entry.getASuccessor+() = block and
+      not forwardEdge+(entry, block) and
+      not Language::hasGoto(f.getFunction())
+    )
+  }
+
+  /**
+   * Holds if the number of back edges differs between the `Instruction` graph
+   * and the `IRBlock` graph.
+   */
+  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
+    fromInstr =
+      count(Instruction i1, Instruction i2 |
+        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
+      ) and
+    fromBlock =
+      count(IRBlock b1, IRBlock b2 |
+        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
+      ) and
+    fromInstr != fromBlock
+  }
+
+  /**
+   * Gets the point in the function at which the specified operand is evaluated. For most operands,
+   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
+   * of evaluation is at the end of the corresponding predecessor block.
+   */
+  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
+    block = operand.(PhiInputOperand).getPredecessorBlock() and
+    index = block.getInstructionCount()
+    or
+    exists(Instruction use |
+      use = operand.(NonPhiOperand).getUse() and
+      block.getInstruction(index) = use
+    )
+  }
+
+  /**
+   * Holds if `useOperand` has a definition that does not dominate the use.
+   */
+  query predicate useNotDominatedByDefinition(
+    Operand useOperand, string message, IRFunction func, string funcText
+  ) {
+    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
+      not useOperand.getUse() instanceof UnmodeledUseInstruction and
+      not defInstr instanceof UnmodeledDefinitionInstruction and
+      pointOfEvaluation(useOperand, useBlock, useIndex) and
+      defInstr = useOperand.getAnyDef() and
+      (
+        defInstr instanceof PhiInstruction and
+        defBlock = defInstr.getBlock() and
+        defIndex = -1
+        or
+        defBlock.getInstruction(defIndex) = defInstr
+      ) and
+      not (
+        defBlock.strictlyDominates(useBlock)
+        or
+        defBlock = useBlock and
+        defIndex < useIndex
+      ) and
+      message =
+        "Operand '" + useOperand.toString() +
+          "' is not dominated by its definition in function '$@'." and
+      func = useOperand.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  query predicate switchInstructionWithoutDefaultEdge(
+    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
+  ) {
+    not exists(switchInstr.getDefaultSuccessor()) and
+    message =
+      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
+    func = switchInstr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+}
diff --git a/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/Instruction.qll b/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/Instruction.qll
index 2d414e0c46eb..72c8d7e3b95a 100644
--- a/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/Instruction.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/implementation/raw/Instruction.qll
@@ -10,274 +10,6 @@ import Imports::MemoryAccessKind
 import Imports::Opcode
 private import Imports::OperandTag
 
-module InstructionSanity {
-  /**
-   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
-   */
-  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
-    exists(OperandTag tag |
-      instr.getOpcode().hasOperand(tag) and
-      not exists(NonPhiOperand operand |
-        operand = instr.getAnOperand() and
-        operand.getOperandTag() = tag
-      ) and
-      message =
-        "Instruction '" + instr.getOpcode().toString() +
-          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
-   */
-  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
-    exists(NonPhiOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getOperandTag() = tag
-    ) and
-    not instr.getOpcode().hasOperand(tag) and
-    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
-    not (
-      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
-    ) and
-    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
-  }
-
-  /**
-   * Holds if instruction `instr` has multiple operands with tag `tag`.
-   */
-  query predicate duplicateOperand(
-    Instruction instr, string message, IRFunction func, string funcText
-  ) {
-    exists(OperandTag tag, int operandCount |
-      operandCount =
-        strictcount(NonPhiOperand operand |
-          operand = instr.getAnOperand() and
-          operand.getOperandTag() = tag
-        ) and
-      operandCount > 1 and
-      not tag instanceof UnmodeledUseOperandTag and
-      message =
-        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
-          " in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
-   * the predecessor block `pred`.
-   */
-  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
-    pred = instr.getBlock().getAPredecessor() and
-    not exists(PhiInputOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getPredecessorBlock() = pred
-    )
-  }
-
-  query predicate missingOperandType(Operand operand, string message) {
-    exists(Language::Function func, Instruction use |
-      not exists(operand.getType()) and
-      use = operand.getUse() and
-      func = use.getEnclosingFunction() and
-      message =
-        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
-          "' missing type in function '" + Language::getIdentityString(func) + "'."
-    )
-  }
-
-  query predicate duplicateChiOperand(
-    ChiInstruction chi, string message, IRFunction func, string funcText
-  ) {
-    chi.getTotal() = chi.getPartial() and
-    message =
-      "Chi instruction for " + chi.getPartial().toString() +
-        " has duplicate operands in function $@" and
-    func = chi.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  query predicate sideEffectWithoutPrimary(
-    SideEffectInstruction instr, string message, IRFunction func, string funcText
-  ) {
-    not exists(instr.getPrimaryInstruction()) and
-    message = "Side effect instruction missing primary instruction in function $@" and
-    func = instr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  /**
-   * Holds if an instruction, other than `ExitFunction`, has no successors.
-   */
-  query predicate instructionWithoutSuccessor(Instruction instr) {
-    not exists(instr.getASuccessor()) and
-    not instr instanceof ExitFunctionInstruction and
-    // Phi instructions aren't linked into the instruction-level flow graph.
-    not instr instanceof PhiInstruction and
-    not instr instanceof UnreachedInstruction
-  }
-
-  /**
-   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
-   * where `target` is among the targets of those edges.
-   */
-  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
-    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
-    n > 1 and
-    source.getSuccessor(kind) = target
-  }
-
-  /**
-   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
-   * contains no element that can cause loops.
-   */
-  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
-    exists(IRBlock block |
-      instr.getBlock() = block and
-      block.getEnclosingFunction() = f and
-      block.getASuccessor+() = block
-    ) and
-    not Language::hasPotentialLoop(f)
-  }
-
-  /**
-   * Holds if a `Phi` instruction is present in a block with fewer than two
-   * predecessors.
-   */
-  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
-    count(instr.getBlock().getAPredecessor()) < 2
-  }
-
-  /**
-   * Holds if operand `operand` consumes a value that was defined in
-   * a different function.
-   */
-  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
-    operand.getUse() = instr and
-    operand.getAnyDef() = defInstr and
-    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
-  }
-
-  /**
-   * Holds if instruction `instr` is not in exactly one block.
-   */
-  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
-    blockCount = count(instr.getBlock()) and
-    blockCount != 1
-  }
-
-  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
-    b1.getASuccessor() = b2 and
-    not b1.getBackEdgeSuccessor(_) = b2
-  }
-
-  /**
-   * Holds if `f` contains a loop in which no edge is a back edge.
-   *
-   * This check ensures we don't have too _few_ back edges.
-   */
-  query predicate containsLoopOfForwardEdges(IRFunction f) {
-    exists(IRBlock block |
-      forwardEdge+(block, block) and
-      block.getEnclosingIRFunction() = f
-    )
-  }
-
-  /**
-   * Holds if `block` is reachable from its function entry point but would not
-   * be reachable by traversing only forward edges. This check is skipped for
-   * functions containing `goto` statements as the property does not generally
-   * hold there.
-   *
-   * This check ensures we don't have too _many_ back edges.
-   */
-  query predicate lostReachability(IRBlock block) {
-    exists(IRFunction f, IRBlock entry |
-      entry = f.getEntryBlock() and
-      entry.getASuccessor+() = block and
-      not forwardEdge+(entry, block) and
-      not Language::hasGoto(f.getFunction())
-    )
-  }
-
-  /**
-   * Holds if the number of back edges differs between the `Instruction` graph
-   * and the `IRBlock` graph.
-   */
-  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
-    fromInstr =
-      count(Instruction i1, Instruction i2 |
-        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
-      ) and
-    fromBlock =
-      count(IRBlock b1, IRBlock b2 |
-        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
-      ) and
-    fromInstr != fromBlock
-  }
-
-  /**
-   * Gets the point in the function at which the specified operand is evaluated. For most operands,
-   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
-   * of evaluation is at the end of the corresponding predecessor block.
-   */
-  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
-    block = operand.(PhiInputOperand).getPredecessorBlock() and
-    index = block.getInstructionCount()
-    or
-    exists(Instruction use |
-      use = operand.(NonPhiOperand).getUse() and
-      block.getInstruction(index) = use
-    )
-  }
-
-  /**
-   * Holds if `useOperand` has a definition that does not dominate the use.
-   */
-  query predicate useNotDominatedByDefinition(
-    Operand useOperand, string message, IRFunction func, string funcText
-  ) {
-    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
-      not useOperand.getUse() instanceof UnmodeledUseInstruction and
-      not defInstr instanceof UnmodeledDefinitionInstruction and
-      pointOfEvaluation(useOperand, useBlock, useIndex) and
-      defInstr = useOperand.getAnyDef() and
-      (
-        defInstr instanceof PhiInstruction and
-        defBlock = defInstr.getBlock() and
-        defIndex = -1
-        or
-        defBlock.getInstruction(defIndex) = defInstr
-      ) and
-      not (
-        defBlock.strictlyDominates(useBlock)
-        or
-        defBlock = useBlock and
-        defIndex < useIndex
-      ) and
-      message =
-        "Operand '" + useOperand.toString() +
-          "' is not dominated by its definition in function '$@'." and
-      func = useOperand.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  query predicate switchInstructionWithoutDefaultEdge(
-    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
-  ) {
-    not exists(switchInstr.getDefaultSuccessor()) and
-    message =
-      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
-    func = switchInstr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-}
-
 /**
  * Gets an `Instruction` that is contained in `IRFunction`, and has a location with the specified
  * `File` and line number. Used for assigning register names when printing IR.
diff --git a/cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/IRSanity.qll b/cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/IRSanity.qll
index de66a3c99dca..d07a99eab375 100644
--- a/cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/IRSanity.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/IRSanity.qll
@@ -1,3 +1,275 @@
 private import IR
-import InstructionSanity
-import IRTypeSanity
+import InstructionSanity // module is below
+import IRTypeSanity // module is in IRType.qll
+
+module InstructionSanity {
+  private import internal.InstructionImports as Imports
+  private import Imports::OperandTag
+  private import internal.IRInternal
+
+  /**
+   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
+   */
+  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
+    exists(OperandTag tag |
+      instr.getOpcode().hasOperand(tag) and
+      not exists(NonPhiOperand operand |
+        operand = instr.getAnOperand() and
+        operand.getOperandTag() = tag
+      ) and
+      message =
+        "Instruction '" + instr.getOpcode().toString() +
+          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
+   */
+  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
+    exists(NonPhiOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getOperandTag() = tag
+    ) and
+    not instr.getOpcode().hasOperand(tag) and
+    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
+    not (
+      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
+    ) and
+    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
+  }
+
+  /**
+   * Holds if instruction `instr` has multiple operands with tag `tag`.
+   */
+  query predicate duplicateOperand(
+    Instruction instr, string message, IRFunction func, string funcText
+  ) {
+    exists(OperandTag tag, int operandCount |
+      operandCount =
+        strictcount(NonPhiOperand operand |
+          operand = instr.getAnOperand() and
+          operand.getOperandTag() = tag
+        ) and
+      operandCount > 1 and
+      not tag instanceof UnmodeledUseOperandTag and
+      message =
+        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
+          " in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
+   * the predecessor block `pred`.
+   */
+  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
+    pred = instr.getBlock().getAPredecessor() and
+    not exists(PhiInputOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getPredecessorBlock() = pred
+    )
+  }
+
+  query predicate missingOperandType(Operand operand, string message) {
+    exists(Language::Function func, Instruction use |
+      not exists(operand.getType()) and
+      use = operand.getUse() and
+      func = use.getEnclosingFunction() and
+      message =
+        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
+          "' missing type in function '" + Language::getIdentityString(func) + "'."
+    )
+  }
+
+  query predicate duplicateChiOperand(
+    ChiInstruction chi, string message, IRFunction func, string funcText
+  ) {
+    chi.getTotal() = chi.getPartial() and
+    message =
+      "Chi instruction for " + chi.getPartial().toString() +
+        " has duplicate operands in function $@" and
+    func = chi.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  query predicate sideEffectWithoutPrimary(
+    SideEffectInstruction instr, string message, IRFunction func, string funcText
+  ) {
+    not exists(instr.getPrimaryInstruction()) and
+    message = "Side effect instruction missing primary instruction in function $@" and
+    func = instr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  /**
+   * Holds if an instruction, other than `ExitFunction`, has no successors.
+   */
+  query predicate instructionWithoutSuccessor(Instruction instr) {
+    not exists(instr.getASuccessor()) and
+    not instr instanceof ExitFunctionInstruction and
+    // Phi instructions aren't linked into the instruction-level flow graph.
+    not instr instanceof PhiInstruction and
+    not instr instanceof UnreachedInstruction
+  }
+
+  /**
+   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
+   * where `target` is among the targets of those edges.
+   */
+  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
+    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
+    n > 1 and
+    source.getSuccessor(kind) = target
+  }
+
+  /**
+   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
+   * contains no element that can cause loops.
+   */
+  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
+    exists(IRBlock block |
+      instr.getBlock() = block and
+      block.getEnclosingFunction() = f and
+      block.getASuccessor+() = block
+    ) and
+    not Language::hasPotentialLoop(f)
+  }
+
+  /**
+   * Holds if a `Phi` instruction is present in a block with fewer than two
+   * predecessors.
+   */
+  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
+    count(instr.getBlock().getAPredecessor()) < 2
+  }
+
+  /**
+   * Holds if operand `operand` consumes a value that was defined in
+   * a different function.
+   */
+  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
+    operand.getUse() = instr and
+    operand.getAnyDef() = defInstr and
+    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
+  }
+
+  /**
+   * Holds if instruction `instr` is not in exactly one block.
+   */
+  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
+    blockCount = count(instr.getBlock()) and
+    blockCount != 1
+  }
+
+  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
+    b1.getASuccessor() = b2 and
+    not b1.getBackEdgeSuccessor(_) = b2
+  }
+
+  /**
+   * Holds if `f` contains a loop in which no edge is a back edge.
+   *
+   * This check ensures we don't have too _few_ back edges.
+   */
+  query predicate containsLoopOfForwardEdges(IRFunction f) {
+    exists(IRBlock block |
+      forwardEdge+(block, block) and
+      block.getEnclosingIRFunction() = f
+    )
+  }
+
+  /**
+   * Holds if `block` is reachable from its function entry point but would not
+   * be reachable by traversing only forward edges. This check is skipped for
+   * functions containing `goto` statements as the property does not generally
+   * hold there.
+   *
+   * This check ensures we don't have too _many_ back edges.
+   */
+  query predicate lostReachability(IRBlock block) {
+    exists(IRFunction f, IRBlock entry |
+      entry = f.getEntryBlock() and
+      entry.getASuccessor+() = block and
+      not forwardEdge+(entry, block) and
+      not Language::hasGoto(f.getFunction())
+    )
+  }
+
+  /**
+   * Holds if the number of back edges differs between the `Instruction` graph
+   * and the `IRBlock` graph.
+   */
+  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
+    fromInstr =
+      count(Instruction i1, Instruction i2 |
+        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
+      ) and
+    fromBlock =
+      count(IRBlock b1, IRBlock b2 |
+        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
+      ) and
+    fromInstr != fromBlock
+  }
+
+  /**
+   * Gets the point in the function at which the specified operand is evaluated. For most operands,
+   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
+   * of evaluation is at the end of the corresponding predecessor block.
+   */
+  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
+    block = operand.(PhiInputOperand).getPredecessorBlock() and
+    index = block.getInstructionCount()
+    or
+    exists(Instruction use |
+      use = operand.(NonPhiOperand).getUse() and
+      block.getInstruction(index) = use
+    )
+  }
+
+  /**
+   * Holds if `useOperand` has a definition that does not dominate the use.
+   */
+  query predicate useNotDominatedByDefinition(
+    Operand useOperand, string message, IRFunction func, string funcText
+  ) {
+    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
+      not useOperand.getUse() instanceof UnmodeledUseInstruction and
+      not defInstr instanceof UnmodeledDefinitionInstruction and
+      pointOfEvaluation(useOperand, useBlock, useIndex) and
+      defInstr = useOperand.getAnyDef() and
+      (
+        defInstr instanceof PhiInstruction and
+        defBlock = defInstr.getBlock() and
+        defIndex = -1
+        or
+        defBlock.getInstruction(defIndex) = defInstr
+      ) and
+      not (
+        defBlock.strictlyDominates(useBlock)
+        or
+        defBlock = useBlock and
+        defIndex < useIndex
+      ) and
+      message =
+        "Operand '" + useOperand.toString() +
+          "' is not dominated by its definition in function '$@'." and
+      func = useOperand.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  query predicate switchInstructionWithoutDefaultEdge(
+    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
+  ) {
+    not exists(switchInstr.getDefaultSuccessor()) and
+    message =
+      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
+    func = switchInstr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+}
diff --git a/cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll b/cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll
index 2d414e0c46eb..72c8d7e3b95a 100644
--- a/cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll
+++ b/cpp/ql/src/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll
@@ -10,274 +10,6 @@ import Imports::MemoryAccessKind
 import Imports::Opcode
 private import Imports::OperandTag
 
-module InstructionSanity {
-  /**
-   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
-   */
-  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
-    exists(OperandTag tag |
-      instr.getOpcode().hasOperand(tag) and
-      not exists(NonPhiOperand operand |
-        operand = instr.getAnOperand() and
-        operand.getOperandTag() = tag
-      ) and
-      message =
-        "Instruction '" + instr.getOpcode().toString() +
-          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
-   */
-  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
-    exists(NonPhiOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getOperandTag() = tag
-    ) and
-    not instr.getOpcode().hasOperand(tag) and
-    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
-    not (
-      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
-    ) and
-    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
-  }
-
-  /**
-   * Holds if instruction `instr` has multiple operands with tag `tag`.
-   */
-  query predicate duplicateOperand(
-    Instruction instr, string message, IRFunction func, string funcText
-  ) {
-    exists(OperandTag tag, int operandCount |
-      operandCount =
-        strictcount(NonPhiOperand operand |
-          operand = instr.getAnOperand() and
-          operand.getOperandTag() = tag
-        ) and
-      operandCount > 1 and
-      not tag instanceof UnmodeledUseOperandTag and
-      message =
-        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
-          " in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
-   * the predecessor block `pred`.
-   */
-  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
-    pred = instr.getBlock().getAPredecessor() and
-    not exists(PhiInputOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getPredecessorBlock() = pred
-    )
-  }
-
-  query predicate missingOperandType(Operand operand, string message) {
-    exists(Language::Function func, Instruction use |
-      not exists(operand.getType()) and
-      use = operand.getUse() and
-      func = use.getEnclosingFunction() and
-      message =
-        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
-          "' missing type in function '" + Language::getIdentityString(func) + "'."
-    )
-  }
-
-  query predicate duplicateChiOperand(
-    ChiInstruction chi, string message, IRFunction func, string funcText
-  ) {
-    chi.getTotal() = chi.getPartial() and
-    message =
-      "Chi instruction for " + chi.getPartial().toString() +
-        " has duplicate operands in function $@" and
-    func = chi.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  query predicate sideEffectWithoutPrimary(
-    SideEffectInstruction instr, string message, IRFunction func, string funcText
-  ) {
-    not exists(instr.getPrimaryInstruction()) and
-    message = "Side effect instruction missing primary instruction in function $@" and
-    func = instr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  /**
-   * Holds if an instruction, other than `ExitFunction`, has no successors.
-   */
-  query predicate instructionWithoutSuccessor(Instruction instr) {
-    not exists(instr.getASuccessor()) and
-    not instr instanceof ExitFunctionInstruction and
-    // Phi instructions aren't linked into the instruction-level flow graph.
-    not instr instanceof PhiInstruction and
-    not instr instanceof UnreachedInstruction
-  }
-
-  /**
-   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
-   * where `target` is among the targets of those edges.
-   */
-  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
-    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
-    n > 1 and
-    source.getSuccessor(kind) = target
-  }
-
-  /**
-   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
-   * contains no element that can cause loops.
-   */
-  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
-    exists(IRBlock block |
-      instr.getBlock() = block and
-      block.getEnclosingFunction() = f and
-      block.getASuccessor+() = block
-    ) and
-    not Language::hasPotentialLoop(f)
-  }
-
-  /**
-   * Holds if a `Phi` instruction is present in a block with fewer than two
-   * predecessors.
-   */
-  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
-    count(instr.getBlock().getAPredecessor()) < 2
-  }
-
-  /**
-   * Holds if operand `operand` consumes a value that was defined in
-   * a different function.
-   */
-  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
-    operand.getUse() = instr and
-    operand.getAnyDef() = defInstr and
-    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
-  }
-
-  /**
-   * Holds if instruction `instr` is not in exactly one block.
-   */
-  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
-    blockCount = count(instr.getBlock()) and
-    blockCount != 1
-  }
-
-  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
-    b1.getASuccessor() = b2 and
-    not b1.getBackEdgeSuccessor(_) = b2
-  }
-
-  /**
-   * Holds if `f` contains a loop in which no edge is a back edge.
-   *
-   * This check ensures we don't have too _few_ back edges.
-   */
-  query predicate containsLoopOfForwardEdges(IRFunction f) {
-    exists(IRBlock block |
-      forwardEdge+(block, block) and
-      block.getEnclosingIRFunction() = f
-    )
-  }
-
-  /**
-   * Holds if `block` is reachable from its function entry point but would not
-   * be reachable by traversing only forward edges. This check is skipped for
-   * functions containing `goto` statements as the property does not generally
-   * hold there.
-   *
-   * This check ensures we don't have too _many_ back edges.
-   */
-  query predicate lostReachability(IRBlock block) {
-    exists(IRFunction f, IRBlock entry |
-      entry = f.getEntryBlock() and
-      entry.getASuccessor+() = block and
-      not forwardEdge+(entry, block) and
-      not Language::hasGoto(f.getFunction())
-    )
-  }
-
-  /**
-   * Holds if the number of back edges differs between the `Instruction` graph
-   * and the `IRBlock` graph.
-   */
-  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
-    fromInstr =
-      count(Instruction i1, Instruction i2 |
-        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
-      ) and
-    fromBlock =
-      count(IRBlock b1, IRBlock b2 |
-        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
-      ) and
-    fromInstr != fromBlock
-  }
-
-  /**
-   * Gets the point in the function at which the specified operand is evaluated. For most operands,
-   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
-   * of evaluation is at the end of the corresponding predecessor block.
-   */
-  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
-    block = operand.(PhiInputOperand).getPredecessorBlock() and
-    index = block.getInstructionCount()
-    or
-    exists(Instruction use |
-      use = operand.(NonPhiOperand).getUse() and
-      block.getInstruction(index) = use
-    )
-  }
-
-  /**
-   * Holds if `useOperand` has a definition that does not dominate the use.
-   */
-  query predicate useNotDominatedByDefinition(
-    Operand useOperand, string message, IRFunction func, string funcText
-  ) {
-    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
-      not useOperand.getUse() instanceof UnmodeledUseInstruction and
-      not defInstr instanceof UnmodeledDefinitionInstruction and
-      pointOfEvaluation(useOperand, useBlock, useIndex) and
-      defInstr = useOperand.getAnyDef() and
-      (
-        defInstr instanceof PhiInstruction and
-        defBlock = defInstr.getBlock() and
-        defIndex = -1
-        or
-        defBlock.getInstruction(defIndex) = defInstr
-      ) and
-      not (
-        defBlock.strictlyDominates(useBlock)
-        or
-        defBlock = useBlock and
-        defIndex < useIndex
-      ) and
-      message =
-        "Operand '" + useOperand.toString() +
-          "' is not dominated by its definition in function '$@'." and
-      func = useOperand.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  query predicate switchInstructionWithoutDefaultEdge(
-    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
-  ) {
-    not exists(switchInstr.getDefaultSuccessor()) and
-    message =
-      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
-    func = switchInstr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-}
-
 /**
  * Gets an `Instruction` that is contained in `IRFunction`, and has a location with the specified
  * `File` and line number. Used for assigning register names when printing IR.
diff --git a/csharp/ql/src/semmle/code/csharp/ir/implementation/raw/IRSanity.qll b/csharp/ql/src/semmle/code/csharp/ir/implementation/raw/IRSanity.qll
index de66a3c99dca..d07a99eab375 100644
--- a/csharp/ql/src/semmle/code/csharp/ir/implementation/raw/IRSanity.qll
+++ b/csharp/ql/src/semmle/code/csharp/ir/implementation/raw/IRSanity.qll
@@ -1,3 +1,275 @@
 private import IR
-import InstructionSanity
-import IRTypeSanity
+import InstructionSanity // module is below
+import IRTypeSanity // module is in IRType.qll
+
+module InstructionSanity {
+  private import internal.InstructionImports as Imports
+  private import Imports::OperandTag
+  private import internal.IRInternal
+
+  /**
+   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
+   */
+  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
+    exists(OperandTag tag |
+      instr.getOpcode().hasOperand(tag) and
+      not exists(NonPhiOperand operand |
+        operand = instr.getAnOperand() and
+        operand.getOperandTag() = tag
+      ) and
+      message =
+        "Instruction '" + instr.getOpcode().toString() +
+          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
+   */
+  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
+    exists(NonPhiOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getOperandTag() = tag
+    ) and
+    not instr.getOpcode().hasOperand(tag) and
+    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
+    not (
+      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
+    ) and
+    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
+  }
+
+  /**
+   * Holds if instruction `instr` has multiple operands with tag `tag`.
+   */
+  query predicate duplicateOperand(
+    Instruction instr, string message, IRFunction func, string funcText
+  ) {
+    exists(OperandTag tag, int operandCount |
+      operandCount =
+        strictcount(NonPhiOperand operand |
+          operand = instr.getAnOperand() and
+          operand.getOperandTag() = tag
+        ) and
+      operandCount > 1 and
+      not tag instanceof UnmodeledUseOperandTag and
+      message =
+        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
+          " in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
+   * the predecessor block `pred`.
+   */
+  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
+    pred = instr.getBlock().getAPredecessor() and
+    not exists(PhiInputOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getPredecessorBlock() = pred
+    )
+  }
+
+  query predicate missingOperandType(Operand operand, string message) {
+    exists(Language::Function func, Instruction use |
+      not exists(operand.getType()) and
+      use = operand.getUse() and
+      func = use.getEnclosingFunction() and
+      message =
+        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
+          "' missing type in function '" + Language::getIdentityString(func) + "'."
+    )
+  }
+
+  query predicate duplicateChiOperand(
+    ChiInstruction chi, string message, IRFunction func, string funcText
+  ) {
+    chi.getTotal() = chi.getPartial() and
+    message =
+      "Chi instruction for " + chi.getPartial().toString() +
+        " has duplicate operands in function $@" and
+    func = chi.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  query predicate sideEffectWithoutPrimary(
+    SideEffectInstruction instr, string message, IRFunction func, string funcText
+  ) {
+    not exists(instr.getPrimaryInstruction()) and
+    message = "Side effect instruction missing primary instruction in function $@" and
+    func = instr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  /**
+   * Holds if an instruction, other than `ExitFunction`, has no successors.
+   */
+  query predicate instructionWithoutSuccessor(Instruction instr) {
+    not exists(instr.getASuccessor()) and
+    not instr instanceof ExitFunctionInstruction and
+    // Phi instructions aren't linked into the instruction-level flow graph.
+    not instr instanceof PhiInstruction and
+    not instr instanceof UnreachedInstruction
+  }
+
+  /**
+   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
+   * where `target` is among the targets of those edges.
+   */
+  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
+    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
+    n > 1 and
+    source.getSuccessor(kind) = target
+  }
+
+  /**
+   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
+   * contains no element that can cause loops.
+   */
+  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
+    exists(IRBlock block |
+      instr.getBlock() = block and
+      block.getEnclosingFunction() = f and
+      block.getASuccessor+() = block
+    ) and
+    not Language::hasPotentialLoop(f)
+  }
+
+  /**
+   * Holds if a `Phi` instruction is present in a block with fewer than two
+   * predecessors.
+   */
+  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
+    count(instr.getBlock().getAPredecessor()) < 2
+  }
+
+  /**
+   * Holds if operand `operand` consumes a value that was defined in
+   * a different function.
+   */
+  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
+    operand.getUse() = instr and
+    operand.getAnyDef() = defInstr and
+    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
+  }
+
+  /**
+   * Holds if instruction `instr` is not in exactly one block.
+   */
+  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
+    blockCount = count(instr.getBlock()) and
+    blockCount != 1
+  }
+
+  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
+    b1.getASuccessor() = b2 and
+    not b1.getBackEdgeSuccessor(_) = b2
+  }
+
+  /**
+   * Holds if `f` contains a loop in which no edge is a back edge.
+   *
+   * This check ensures we don't have too _few_ back edges.
+   */
+  query predicate containsLoopOfForwardEdges(IRFunction f) {
+    exists(IRBlock block |
+      forwardEdge+(block, block) and
+      block.getEnclosingIRFunction() = f
+    )
+  }
+
+  /**
+   * Holds if `block` is reachable from its function entry point but would not
+   * be reachable by traversing only forward edges. This check is skipped for
+   * functions containing `goto` statements as the property does not generally
+   * hold there.
+   *
+   * This check ensures we don't have too _many_ back edges.
+   */
+  query predicate lostReachability(IRBlock block) {
+    exists(IRFunction f, IRBlock entry |
+      entry = f.getEntryBlock() and
+      entry.getASuccessor+() = block and
+      not forwardEdge+(entry, block) and
+      not Language::hasGoto(f.getFunction())
+    )
+  }
+
+  /**
+   * Holds if the number of back edges differs between the `Instruction` graph
+   * and the `IRBlock` graph.
+   */
+  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
+    fromInstr =
+      count(Instruction i1, Instruction i2 |
+        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
+      ) and
+    fromBlock =
+      count(IRBlock b1, IRBlock b2 |
+        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
+      ) and
+    fromInstr != fromBlock
+  }
+
+  /**
+   * Gets the point in the function at which the specified operand is evaluated. For most operands,
+   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
+   * of evaluation is at the end of the corresponding predecessor block.
+   */
+  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
+    block = operand.(PhiInputOperand).getPredecessorBlock() and
+    index = block.getInstructionCount()
+    or
+    exists(Instruction use |
+      use = operand.(NonPhiOperand).getUse() and
+      block.getInstruction(index) = use
+    )
+  }
+
+  /**
+   * Holds if `useOperand` has a definition that does not dominate the use.
+   */
+  query predicate useNotDominatedByDefinition(
+    Operand useOperand, string message, IRFunction func, string funcText
+  ) {
+    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
+      not useOperand.getUse() instanceof UnmodeledUseInstruction and
+      not defInstr instanceof UnmodeledDefinitionInstruction and
+      pointOfEvaluation(useOperand, useBlock, useIndex) and
+      defInstr = useOperand.getAnyDef() and
+      (
+        defInstr instanceof PhiInstruction and
+        defBlock = defInstr.getBlock() and
+        defIndex = -1
+        or
+        defBlock.getInstruction(defIndex) = defInstr
+      ) and
+      not (
+        defBlock.strictlyDominates(useBlock)
+        or
+        defBlock = useBlock and
+        defIndex < useIndex
+      ) and
+      message =
+        "Operand '" + useOperand.toString() +
+          "' is not dominated by its definition in function '$@'." and
+      func = useOperand.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  query predicate switchInstructionWithoutDefaultEdge(
+    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
+  ) {
+    not exists(switchInstr.getDefaultSuccessor()) and
+    message =
+      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
+    func = switchInstr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+}
diff --git a/csharp/ql/src/semmle/code/csharp/ir/implementation/raw/Instruction.qll b/csharp/ql/src/semmle/code/csharp/ir/implementation/raw/Instruction.qll
index 2d414e0c46eb..72c8d7e3b95a 100644
--- a/csharp/ql/src/semmle/code/csharp/ir/implementation/raw/Instruction.qll
+++ b/csharp/ql/src/semmle/code/csharp/ir/implementation/raw/Instruction.qll
@@ -10,274 +10,6 @@ import Imports::MemoryAccessKind
 import Imports::Opcode
 private import Imports::OperandTag
 
-module InstructionSanity {
-  /**
-   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
-   */
-  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
-    exists(OperandTag tag |
-      instr.getOpcode().hasOperand(tag) and
-      not exists(NonPhiOperand operand |
-        operand = instr.getAnOperand() and
-        operand.getOperandTag() = tag
-      ) and
-      message =
-        "Instruction '" + instr.getOpcode().toString() +
-          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
-   */
-  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
-    exists(NonPhiOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getOperandTag() = tag
-    ) and
-    not instr.getOpcode().hasOperand(tag) and
-    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
-    not (
-      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
-    ) and
-    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
-  }
-
-  /**
-   * Holds if instruction `instr` has multiple operands with tag `tag`.
-   */
-  query predicate duplicateOperand(
-    Instruction instr, string message, IRFunction func, string funcText
-  ) {
-    exists(OperandTag tag, int operandCount |
-      operandCount =
-        strictcount(NonPhiOperand operand |
-          operand = instr.getAnOperand() and
-          operand.getOperandTag() = tag
-        ) and
-      operandCount > 1 and
-      not tag instanceof UnmodeledUseOperandTag and
-      message =
-        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
-          " in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
-   * the predecessor block `pred`.
-   */
-  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
-    pred = instr.getBlock().getAPredecessor() and
-    not exists(PhiInputOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getPredecessorBlock() = pred
-    )
-  }
-
-  query predicate missingOperandType(Operand operand, string message) {
-    exists(Language::Function func, Instruction use |
-      not exists(operand.getType()) and
-      use = operand.getUse() and
-      func = use.getEnclosingFunction() and
-      message =
-        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
-          "' missing type in function '" + Language::getIdentityString(func) + "'."
-    )
-  }
-
-  query predicate duplicateChiOperand(
-    ChiInstruction chi, string message, IRFunction func, string funcText
-  ) {
-    chi.getTotal() = chi.getPartial() and
-    message =
-      "Chi instruction for " + chi.getPartial().toString() +
-        " has duplicate operands in function $@" and
-    func = chi.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  query predicate sideEffectWithoutPrimary(
-    SideEffectInstruction instr, string message, IRFunction func, string funcText
-  ) {
-    not exists(instr.getPrimaryInstruction()) and
-    message = "Side effect instruction missing primary instruction in function $@" and
-    func = instr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  /**
-   * Holds if an instruction, other than `ExitFunction`, has no successors.
-   */
-  query predicate instructionWithoutSuccessor(Instruction instr) {
-    not exists(instr.getASuccessor()) and
-    not instr instanceof ExitFunctionInstruction and
-    // Phi instructions aren't linked into the instruction-level flow graph.
-    not instr instanceof PhiInstruction and
-    not instr instanceof UnreachedInstruction
-  }
-
-  /**
-   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
-   * where `target` is among the targets of those edges.
-   */
-  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
-    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
-    n > 1 and
-    source.getSuccessor(kind) = target
-  }
-
-  /**
-   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
-   * contains no element that can cause loops.
-   */
-  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
-    exists(IRBlock block |
-      instr.getBlock() = block and
-      block.getEnclosingFunction() = f and
-      block.getASuccessor+() = block
-    ) and
-    not Language::hasPotentialLoop(f)
-  }
-
-  /**
-   * Holds if a `Phi` instruction is present in a block with fewer than two
-   * predecessors.
-   */
-  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
-    count(instr.getBlock().getAPredecessor()) < 2
-  }
-
-  /**
-   * Holds if operand `operand` consumes a value that was defined in
-   * a different function.
-   */
-  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
-    operand.getUse() = instr and
-    operand.getAnyDef() = defInstr and
-    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
-  }
-
-  /**
-   * Holds if instruction `instr` is not in exactly one block.
-   */
-  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
-    blockCount = count(instr.getBlock()) and
-    blockCount != 1
-  }
-
-  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
-    b1.getASuccessor() = b2 and
-    not b1.getBackEdgeSuccessor(_) = b2
-  }
-
-  /**
-   * Holds if `f` contains a loop in which no edge is a back edge.
-   *
-   * This check ensures we don't have too _few_ back edges.
-   */
-  query predicate containsLoopOfForwardEdges(IRFunction f) {
-    exists(IRBlock block |
-      forwardEdge+(block, block) and
-      block.getEnclosingIRFunction() = f
-    )
-  }
-
-  /**
-   * Holds if `block` is reachable from its function entry point but would not
-   * be reachable by traversing only forward edges. This check is skipped for
-   * functions containing `goto` statements as the property does not generally
-   * hold there.
-   *
-   * This check ensures we don't have too _many_ back edges.
-   */
-  query predicate lostReachability(IRBlock block) {
-    exists(IRFunction f, IRBlock entry |
-      entry = f.getEntryBlock() and
-      entry.getASuccessor+() = block and
-      not forwardEdge+(entry, block) and
-      not Language::hasGoto(f.getFunction())
-    )
-  }
-
-  /**
-   * Holds if the number of back edges differs between the `Instruction` graph
-   * and the `IRBlock` graph.
-   */
-  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
-    fromInstr =
-      count(Instruction i1, Instruction i2 |
-        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
-      ) and
-    fromBlock =
-      count(IRBlock b1, IRBlock b2 |
-        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
-      ) and
-    fromInstr != fromBlock
-  }
-
-  /**
-   * Gets the point in the function at which the specified operand is evaluated. For most operands,
-   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
-   * of evaluation is at the end of the corresponding predecessor block.
-   */
-  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
-    block = operand.(PhiInputOperand).getPredecessorBlock() and
-    index = block.getInstructionCount()
-    or
-    exists(Instruction use |
-      use = operand.(NonPhiOperand).getUse() and
-      block.getInstruction(index) = use
-    )
-  }
-
-  /**
-   * Holds if `useOperand` has a definition that does not dominate the use.
-   */
-  query predicate useNotDominatedByDefinition(
-    Operand useOperand, string message, IRFunction func, string funcText
-  ) {
-    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
-      not useOperand.getUse() instanceof UnmodeledUseInstruction and
-      not defInstr instanceof UnmodeledDefinitionInstruction and
-      pointOfEvaluation(useOperand, useBlock, useIndex) and
-      defInstr = useOperand.getAnyDef() and
-      (
-        defInstr instanceof PhiInstruction and
-        defBlock = defInstr.getBlock() and
-        defIndex = -1
-        or
-        defBlock.getInstruction(defIndex) = defInstr
-      ) and
-      not (
-        defBlock.strictlyDominates(useBlock)
-        or
-        defBlock = useBlock and
-        defIndex < useIndex
-      ) and
-      message =
-        "Operand '" + useOperand.toString() +
-          "' is not dominated by its definition in function '$@'." and
-      func = useOperand.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  query predicate switchInstructionWithoutDefaultEdge(
-    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
-  ) {
-    not exists(switchInstr.getDefaultSuccessor()) and
-    message =
-      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
-    func = switchInstr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-}
-
 /**
  * Gets an `Instruction` that is contained in `IRFunction`, and has a location with the specified
  * `File` and line number. Used for assigning register names when printing IR.
diff --git a/csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/IRSanity.qll b/csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/IRSanity.qll
index de66a3c99dca..d07a99eab375 100644
--- a/csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/IRSanity.qll
+++ b/csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/IRSanity.qll
@@ -1,3 +1,275 @@
 private import IR
-import InstructionSanity
-import IRTypeSanity
+import InstructionSanity // module is below
+import IRTypeSanity // module is in IRType.qll
+
+module InstructionSanity {
+  private import internal.InstructionImports as Imports
+  private import Imports::OperandTag
+  private import internal.IRInternal
+
+  /**
+   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
+   */
+  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
+    exists(OperandTag tag |
+      instr.getOpcode().hasOperand(tag) and
+      not exists(NonPhiOperand operand |
+        operand = instr.getAnOperand() and
+        operand.getOperandTag() = tag
+      ) and
+      message =
+        "Instruction '" + instr.getOpcode().toString() +
+          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
+   */
+  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
+    exists(NonPhiOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getOperandTag() = tag
+    ) and
+    not instr.getOpcode().hasOperand(tag) and
+    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
+    not (
+      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
+    ) and
+    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
+  }
+
+  /**
+   * Holds if instruction `instr` has multiple operands with tag `tag`.
+   */
+  query predicate duplicateOperand(
+    Instruction instr, string message, IRFunction func, string funcText
+  ) {
+    exists(OperandTag tag, int operandCount |
+      operandCount =
+        strictcount(NonPhiOperand operand |
+          operand = instr.getAnOperand() and
+          operand.getOperandTag() = tag
+        ) and
+      operandCount > 1 and
+      not tag instanceof UnmodeledUseOperandTag and
+      message =
+        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
+          " in function '$@'." and
+      func = instr.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  /**
+   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
+   * the predecessor block `pred`.
+   */
+  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
+    pred = instr.getBlock().getAPredecessor() and
+    not exists(PhiInputOperand operand |
+      operand = instr.getAnOperand() and
+      operand.getPredecessorBlock() = pred
+    )
+  }
+
+  query predicate missingOperandType(Operand operand, string message) {
+    exists(Language::Function func, Instruction use |
+      not exists(operand.getType()) and
+      use = operand.getUse() and
+      func = use.getEnclosingFunction() and
+      message =
+        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
+          "' missing type in function '" + Language::getIdentityString(func) + "'."
+    )
+  }
+
+  query predicate duplicateChiOperand(
+    ChiInstruction chi, string message, IRFunction func, string funcText
+  ) {
+    chi.getTotal() = chi.getPartial() and
+    message =
+      "Chi instruction for " + chi.getPartial().toString() +
+        " has duplicate operands in function $@" and
+    func = chi.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  query predicate sideEffectWithoutPrimary(
+    SideEffectInstruction instr, string message, IRFunction func, string funcText
+  ) {
+    not exists(instr.getPrimaryInstruction()) and
+    message = "Side effect instruction missing primary instruction in function $@" and
+    func = instr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+
+  /**
+   * Holds if an instruction, other than `ExitFunction`, has no successors.
+   */
+  query predicate instructionWithoutSuccessor(Instruction instr) {
+    not exists(instr.getASuccessor()) and
+    not instr instanceof ExitFunctionInstruction and
+    // Phi instructions aren't linked into the instruction-level flow graph.
+    not instr instanceof PhiInstruction and
+    not instr instanceof UnreachedInstruction
+  }
+
+  /**
+   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
+   * where `target` is among the targets of those edges.
+   */
+  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
+    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
+    n > 1 and
+    source.getSuccessor(kind) = target
+  }
+
+  /**
+   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
+   * contains no element that can cause loops.
+   */
+  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
+    exists(IRBlock block |
+      instr.getBlock() = block and
+      block.getEnclosingFunction() = f and
+      block.getASuccessor+() = block
+    ) and
+    not Language::hasPotentialLoop(f)
+  }
+
+  /**
+   * Holds if a `Phi` instruction is present in a block with fewer than two
+   * predecessors.
+   */
+  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
+    count(instr.getBlock().getAPredecessor()) < 2
+  }
+
+  /**
+   * Holds if operand `operand` consumes a value that was defined in
+   * a different function.
+   */
+  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
+    operand.getUse() = instr and
+    operand.getAnyDef() = defInstr and
+    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
+  }
+
+  /**
+   * Holds if instruction `instr` is not in exactly one block.
+   */
+  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
+    blockCount = count(instr.getBlock()) and
+    blockCount != 1
+  }
+
+  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
+    b1.getASuccessor() = b2 and
+    not b1.getBackEdgeSuccessor(_) = b2
+  }
+
+  /**
+   * Holds if `f` contains a loop in which no edge is a back edge.
+   *
+   * This check ensures we don't have too _few_ back edges.
+   */
+  query predicate containsLoopOfForwardEdges(IRFunction f) {
+    exists(IRBlock block |
+      forwardEdge+(block, block) and
+      block.getEnclosingIRFunction() = f
+    )
+  }
+
+  /**
+   * Holds if `block` is reachable from its function entry point but would not
+   * be reachable by traversing only forward edges. This check is skipped for
+   * functions containing `goto` statements as the property does not generally
+   * hold there.
+   *
+   * This check ensures we don't have too _many_ back edges.
+   */
+  query predicate lostReachability(IRBlock block) {
+    exists(IRFunction f, IRBlock entry |
+      entry = f.getEntryBlock() and
+      entry.getASuccessor+() = block and
+      not forwardEdge+(entry, block) and
+      not Language::hasGoto(f.getFunction())
+    )
+  }
+
+  /**
+   * Holds if the number of back edges differs between the `Instruction` graph
+   * and the `IRBlock` graph.
+   */
+  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
+    fromInstr =
+      count(Instruction i1, Instruction i2 |
+        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
+      ) and
+    fromBlock =
+      count(IRBlock b1, IRBlock b2 |
+        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
+      ) and
+    fromInstr != fromBlock
+  }
+
+  /**
+   * Gets the point in the function at which the specified operand is evaluated. For most operands,
+   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
+   * of evaluation is at the end of the corresponding predecessor block.
+   */
+  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
+    block = operand.(PhiInputOperand).getPredecessorBlock() and
+    index = block.getInstructionCount()
+    or
+    exists(Instruction use |
+      use = operand.(NonPhiOperand).getUse() and
+      block.getInstruction(index) = use
+    )
+  }
+
+  /**
+   * Holds if `useOperand` has a definition that does not dominate the use.
+   */
+  query predicate useNotDominatedByDefinition(
+    Operand useOperand, string message, IRFunction func, string funcText
+  ) {
+    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
+      not useOperand.getUse() instanceof UnmodeledUseInstruction and
+      not defInstr instanceof UnmodeledDefinitionInstruction and
+      pointOfEvaluation(useOperand, useBlock, useIndex) and
+      defInstr = useOperand.getAnyDef() and
+      (
+        defInstr instanceof PhiInstruction and
+        defBlock = defInstr.getBlock() and
+        defIndex = -1
+        or
+        defBlock.getInstruction(defIndex) = defInstr
+      ) and
+      not (
+        defBlock.strictlyDominates(useBlock)
+        or
+        defBlock = useBlock and
+        defIndex < useIndex
+      ) and
+      message =
+        "Operand '" + useOperand.toString() +
+          "' is not dominated by its definition in function '$@'." and
+      func = useOperand.getEnclosingIRFunction() and
+      funcText = Language::getIdentityString(func.getFunction())
+    )
+  }
+
+  query predicate switchInstructionWithoutDefaultEdge(
+    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
+  ) {
+    not exists(switchInstr.getDefaultSuccessor()) and
+    message =
+      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
+    func = switchInstr.getEnclosingIRFunction() and
+    funcText = Language::getIdentityString(func.getFunction())
+  }
+}
diff --git a/csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/Instruction.qll b/csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/Instruction.qll
index 2d414e0c46eb..72c8d7e3b95a 100644
--- a/csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/Instruction.qll
+++ b/csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/Instruction.qll
@@ -10,274 +10,6 @@ import Imports::MemoryAccessKind
 import Imports::Opcode
 private import Imports::OperandTag
 
-module InstructionSanity {
-  /**
-   * Holds if instruction `instr` is missing an expected operand with tag `tag`.
-   */
-  query predicate missingOperand(Instruction instr, string message, IRFunction func, string funcText) {
-    exists(OperandTag tag |
-      instr.getOpcode().hasOperand(tag) and
-      not exists(NonPhiOperand operand |
-        operand = instr.getAnOperand() and
-        operand.getOperandTag() = tag
-      ) and
-      message =
-        "Instruction '" + instr.getOpcode().toString() +
-          "' is missing an expected operand with tag '" + tag.toString() + "' in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if instruction `instr` has an unexpected operand with tag `tag`.
-   */
-  query predicate unexpectedOperand(Instruction instr, OperandTag tag) {
-    exists(NonPhiOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getOperandTag() = tag
-    ) and
-    not instr.getOpcode().hasOperand(tag) and
-    not (instr instanceof CallInstruction and tag instanceof ArgumentOperandTag) and
-    not (
-      instr instanceof BuiltInOperationInstruction and tag instanceof PositionalArgumentOperandTag
-    ) and
-    not (instr instanceof InlineAsmInstruction and tag instanceof AsmOperandTag)
-  }
-
-  /**
-   * Holds if instruction `instr` has multiple operands with tag `tag`.
-   */
-  query predicate duplicateOperand(
-    Instruction instr, string message, IRFunction func, string funcText
-  ) {
-    exists(OperandTag tag, int operandCount |
-      operandCount =
-        strictcount(NonPhiOperand operand |
-          operand = instr.getAnOperand() and
-          operand.getOperandTag() = tag
-        ) and
-      operandCount > 1 and
-      not tag instanceof UnmodeledUseOperandTag and
-      message =
-        "Instruction has " + operandCount + " operands with tag '" + tag.toString() + "'" +
-          " in function '$@'." and
-      func = instr.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  /**
-   * Holds if `Phi` instruction `instr` is missing an operand corresponding to
-   * the predecessor block `pred`.
-   */
-  query predicate missingPhiOperand(PhiInstruction instr, IRBlock pred) {
-    pred = instr.getBlock().getAPredecessor() and
-    not exists(PhiInputOperand operand |
-      operand = instr.getAnOperand() and
-      operand.getPredecessorBlock() = pred
-    )
-  }
-
-  query predicate missingOperandType(Operand operand, string message) {
-    exists(Language::Function func, Instruction use |
-      not exists(operand.getType()) and
-      use = operand.getUse() and
-      func = use.getEnclosingFunction() and
-      message =
-        "Operand '" + operand.toString() + "' of instruction '" + use.getOpcode().toString() +
-          "' missing type in function '" + Language::getIdentityString(func) + "'."
-    )
-  }
-
-  query predicate duplicateChiOperand(
-    ChiInstruction chi, string message, IRFunction func, string funcText
-  ) {
-    chi.getTotal() = chi.getPartial() and
-    message =
-      "Chi instruction for " + chi.getPartial().toString() +
-        " has duplicate operands in function $@" and
-    func = chi.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  query predicate sideEffectWithoutPrimary(
-    SideEffectInstruction instr, string message, IRFunction func, string funcText
-  ) {
-    not exists(instr.getPrimaryInstruction()) and
-    message = "Side effect instruction missing primary instruction in function $@" and
-    func = instr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-
-  /**
-   * Holds if an instruction, other than `ExitFunction`, has no successors.
-   */
-  query predicate instructionWithoutSuccessor(Instruction instr) {
-    not exists(instr.getASuccessor()) and
-    not instr instanceof ExitFunctionInstruction and
-    // Phi instructions aren't linked into the instruction-level flow graph.
-    not instr instanceof PhiInstruction and
-    not instr instanceof UnreachedInstruction
-  }
-
-  /**
-   * Holds if there are multiple (`n`) edges of kind `kind` from `source`,
-   * where `target` is among the targets of those edges.
-   */
-  query predicate ambiguousSuccessors(Instruction source, EdgeKind kind, int n, Instruction target) {
-    n = strictcount(Instruction t | source.getSuccessor(kind) = t) and
-    n > 1 and
-    source.getSuccessor(kind) = target
-  }
-
-  /**
-   * Holds if `instr` in `f` is part of a loop even though the AST of `f`
-   * contains no element that can cause loops.
-   */
-  query predicate unexplainedLoop(Language::Function f, Instruction instr) {
-    exists(IRBlock block |
-      instr.getBlock() = block and
-      block.getEnclosingFunction() = f and
-      block.getASuccessor+() = block
-    ) and
-    not Language::hasPotentialLoop(f)
-  }
-
-  /**
-   * Holds if a `Phi` instruction is present in a block with fewer than two
-   * predecessors.
-   */
-  query predicate unnecessaryPhiInstruction(PhiInstruction instr) {
-    count(instr.getBlock().getAPredecessor()) < 2
-  }
-
-  /**
-   * Holds if operand `operand` consumes a value that was defined in
-   * a different function.
-   */
-  query predicate operandAcrossFunctions(Operand operand, Instruction instr, Instruction defInstr) {
-    operand.getUse() = instr and
-    operand.getAnyDef() = defInstr and
-    instr.getEnclosingIRFunction() != defInstr.getEnclosingIRFunction()
-  }
-
-  /**
-   * Holds if instruction `instr` is not in exactly one block.
-   */
-  query predicate instructionWithoutUniqueBlock(Instruction instr, int blockCount) {
-    blockCount = count(instr.getBlock()) and
-    blockCount != 1
-  }
-
-  private predicate forwardEdge(IRBlock b1, IRBlock b2) {
-    b1.getASuccessor() = b2 and
-    not b1.getBackEdgeSuccessor(_) = b2
-  }
-
-  /**
-   * Holds if `f` contains a loop in which no edge is a back edge.
-   *
-   * This check ensures we don't have too _few_ back edges.
-   */
-  query predicate containsLoopOfForwardEdges(IRFunction f) {
-    exists(IRBlock block |
-      forwardEdge+(block, block) and
-      block.getEnclosingIRFunction() = f
-    )
-  }
-
-  /**
-   * Holds if `block` is reachable from its function entry point but would not
-   * be reachable by traversing only forward edges. This check is skipped for
-   * functions containing `goto` statements as the property does not generally
-   * hold there.
-   *
-   * This check ensures we don't have too _many_ back edges.
-   */
-  query predicate lostReachability(IRBlock block) {
-    exists(IRFunction f, IRBlock entry |
-      entry = f.getEntryBlock() and
-      entry.getASuccessor+() = block and
-      not forwardEdge+(entry, block) and
-      not Language::hasGoto(f.getFunction())
-    )
-  }
-
-  /**
-   * Holds if the number of back edges differs between the `Instruction` graph
-   * and the `IRBlock` graph.
-   */
-  query predicate backEdgeCountMismatch(Language::Function f, int fromInstr, int fromBlock) {
-    fromInstr =
-      count(Instruction i1, Instruction i2 |
-        i1.getEnclosingFunction() = f and i1.getBackEdgeSuccessor(_) = i2
-      ) and
-    fromBlock =
-      count(IRBlock b1, IRBlock b2 |
-        b1.getEnclosingFunction() = f and b1.getBackEdgeSuccessor(_) = b2
-      ) and
-    fromInstr != fromBlock
-  }
-
-  /**
-   * Gets the point in the function at which the specified operand is evaluated. For most operands,
-   * this is at the instruction that consumes the use. For a `PhiInputOperand`, the effective point
-   * of evaluation is at the end of the corresponding predecessor block.
-   */
-  private predicate pointOfEvaluation(Operand operand, IRBlock block, int index) {
-    block = operand.(PhiInputOperand).getPredecessorBlock() and
-    index = block.getInstructionCount()
-    or
-    exists(Instruction use |
-      use = operand.(NonPhiOperand).getUse() and
-      block.getInstruction(index) = use
-    )
-  }
-
-  /**
-   * Holds if `useOperand` has a definition that does not dominate the use.
-   */
-  query predicate useNotDominatedByDefinition(
-    Operand useOperand, string message, IRFunction func, string funcText
-  ) {
-    exists(IRBlock useBlock, int useIndex, Instruction defInstr, IRBlock defBlock, int defIndex |
-      not useOperand.getUse() instanceof UnmodeledUseInstruction and
-      not defInstr instanceof UnmodeledDefinitionInstruction and
-      pointOfEvaluation(useOperand, useBlock, useIndex) and
-      defInstr = useOperand.getAnyDef() and
-      (
-        defInstr instanceof PhiInstruction and
-        defBlock = defInstr.getBlock() and
-        defIndex = -1
-        or
-        defBlock.getInstruction(defIndex) = defInstr
-      ) and
-      not (
-        defBlock.strictlyDominates(useBlock)
-        or
-        defBlock = useBlock and
-        defIndex < useIndex
-      ) and
-      message =
-        "Operand '" + useOperand.toString() +
-          "' is not dominated by its definition in function '$@'." and
-      func = useOperand.getEnclosingIRFunction() and
-      funcText = Language::getIdentityString(func.getFunction())
-    )
-  }
-
-  query predicate switchInstructionWithoutDefaultEdge(
-    SwitchInstruction switchInstr, string message, IRFunction func, string funcText
-  ) {
-    not exists(switchInstr.getDefaultSuccessor()) and
-    message =
-      "SwitchInstruction " + switchInstr.toString() + " without a DefaultEdge in function '$@'." and
-    func = switchInstr.getEnclosingIRFunction() and
-    funcText = Language::getIdentityString(func.getFunction())
-  }
-}
-
 /**
  * Gets an `Instruction` that is contained in `IRFunction`, and has a location with the specified
  * `File` and line number. Used for assigning register names when printing IR.