Skip to content

Commit fdf4e83

Browse files
committed
C++: Solve tuple count bulge that may affect performance.
1 parent 7d630c4 commit fdf4e83

File tree

1 file changed

+8
-4
lines changed

1 file changed

+8
-4
lines changed

cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -171,13 +171,18 @@ private predicate hasUpperBoundsCheck(Variable var) {
171171
)
172172
}
173173

174+
private predicate nodeIsBarrierEqualityCandidate(DataFlow::Node node, Operand access, Variable checkedVar) {
175+
readsVariable(node.asInstruction(), checkedVar) and
176+
any(IRGuardCondition guard).ensuresEq(access, _, _, node.asInstruction().getBlock(), true)
177+
}
178+
174179
private predicate nodeIsBarrier(DataFlow::Node node) {
175180
exists(Variable checkedVar |
176181
readsVariable(node.asInstruction(), checkedVar) and
177182
hasUpperBoundsCheck(checkedVar)
178183
)
179184
or
180-
exists(Variable checkedVar, IRGuardCondition guard, Operand access, Operand other |
185+
exists(Variable checkedVar, Operand access |
181186
/*
182187
* This node is guarded by a condition that forces the accessed variable
183188
* to equal something else. For example:
@@ -189,9 +194,8 @@ private predicate nodeIsBarrier(DataFlow::Node node) {
189194
* ```
190195
*/
191196

192-
readsVariable(node.asInstruction(), checkedVar) and
193-
readsVariable(access.getDef(), checkedVar) and
194-
guard.ensuresEq(access, other, _, node.asInstruction().getBlock(), true)
197+
nodeIsBarrierEqualityCandidate(node, access, checkedVar) and
198+
readsVariable(access.getDef(), checkedVar)
195199
)
196200
}
197201

0 commit comments

Comments
 (0)