C++: Fix API for guards.

MathiasVP · MathiasVP · commit 6ce3f35ef5ad · 2024-03-19T14:43:10.000Z
diff --git a/cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll b/cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll
@@ -138,9 +138,9 @@ class GuardCondition extends Expr {
   cached
   predicate ensuresEq(Expr left, Expr right, int k, BasicBlock block, boolean areEqual) { none() }
 
-  /** Holds if (determined by this guard) `e == k` evaluates to `areEqual` if this expression evaluates to `testIsTrue`. */
+  /** Holds if (determined by this guard) `e == k` evaluates to `areEqual` if this expression evaluates to `value`. */
   cached
-  predicate comparesEq(Expr e, int k, boolean areEqual, boolean testIsTrue) { none() }
+  predicate comparesEq(Expr e, int k, boolean areEqual, AbstractValue value) { none() }
 
   /**
    * Holds if (determined by this guard) `e == k` must be `areEqual` in `block`.
@@ -196,17 +196,18 @@ private class GuardConditionFromBinaryLogicalOperator extends GuardCondition {
     )
   }
 
-  override predicate comparesEq(Expr e, int k, boolean areEqual, boolean testIsTrue) {
-    exists(boolean partIsTrue, GuardCondition part |
-      this.(BinaryLogicalOperation).impliesValue(part, partIsTrue, testIsTrue)
+  override predicate comparesEq(Expr e, int k, boolean areEqual, AbstractValue value) {
+    exists(BooleanValue partValue, GuardCondition part |
+      this.(BinaryLogicalOperation)
+          .impliesValue(part, partValue.getValue(), value.(BooleanValue).getValue())
     |
-      part.comparesEq(e, k, areEqual, partIsTrue)
+      part.comparesEq(e, k, areEqual, partValue)
     )
   }
 
   override predicate ensuresEq(Expr e, int k, BasicBlock block, boolean areEqual) {
-    exists(boolean testIsTrue |
-      this.comparesEq(e, k, areEqual, testIsTrue) and this.controls(block, testIsTrue)
+    exists(AbstractValue value |
+      this.comparesEq(e, k, areEqual, value) and this.valueControls(block, value)
     )
   }
 }
@@ -270,18 +271,18 @@ private class GuardConditionFromIR extends GuardCondition {
     )
   }
 
-  override predicate comparesEq(Expr e, int k, boolean areEqual, boolean testIsTrue) {
+  override predicate comparesEq(Expr e, int k, boolean areEqual, AbstractValue value) {
     exists(Instruction i |
       i.getUnconvertedResultExpression() = e and
-      ir.comparesEq(i.getAUse(), k, areEqual, testIsTrue)
+      ir.comparesEq(i.getAUse(), k, areEqual, value)
     )
   }
 
   override predicate ensuresEq(Expr e, int k, BasicBlock block, boolean areEqual) {
-    exists(Instruction i, boolean testIsTrue |
+    exists(Instruction i, AbstractValue value |
       i.getUnconvertedResultExpression() = e and
-      ir.comparesEq(i.getAUse(), k, areEqual, testIsTrue) and
-      this.controls(block, testIsTrue)
+      ir.comparesEq(i.getAUse(), k, areEqual, value) and
+      this.valueControls(block, value)
     )
   }
 
@@ -492,19 +493,10 @@ class IRGuardCondition extends Instruction {
     )
   }
 
-  /** Holds if (determined by this guard) `op == k` evaluates to `areEqual` if this expression evaluates to `testIsTrue`. */
+  /** Holds if (determined by this guard) `op == k` evaluates to `areEqual` if this expression evaluates to `value`. */
   cached
-  predicate comparesEq(Operand op, int k, boolean areEqual, boolean testIsTrue) {
-    exists(MatchValue mv |
-      compares_eq(this, op, k, areEqual, mv) and
-      // A match value cannot be dualized, so `testIsTrue` is always true
-      testIsTrue = true
-    )
-    or
-    exists(BooleanValue bv |
-      compares_eq(this, op, k, areEqual, bv) and
-      bv.getValue() = testIsTrue
-    )
+  predicate comparesEq(Operand op, int k, boolean areEqual, AbstractValue value) {
+    compares_eq(this, op, k, areEqual, value)
   }
 
   /**

Original file line number	Diff line number	Diff line change
`@@ -138,9 +138,9 @@ class GuardCondition extends Expr {`
`138`	`138`	`cached`
`139`	`139`	`predicate ensuresEq(Expr left, Expr right, int k, BasicBlock block, boolean areEqual) { none() }`
`140`	`140`
`141`		- /** Holds if (determined by this guard) `e == k` evaluates to `areEqual` if this expression evaluates to `testIsTrue`. */
	`141`	+ /** Holds if (determined by this guard) `e == k` evaluates to `areEqual` if this expression evaluates to `value`. */
`142`	`142`	`cached`
`143`		`- predicate comparesEq(Expr e, int k, boolean areEqual, boolean testIsTrue) { none() }`
	`143`	`+ predicate comparesEq(Expr e, int k, boolean areEqual, AbstractValue value) { none() }`
`144`	`144`
`145`	`145`	`/**`
`146`	`146`	* Holds if (determined by this guard) `e == k` must be `areEqual` in `block`.
`@@ -196,17 +196,18 @@ private class GuardConditionFromBinaryLogicalOperator extends GuardCondition {`
`196`	`196`	`)`
`197`	`197`	`}`
`198`	`198`
`199`		`- override predicate comparesEq(Expr e, int k, boolean areEqual, boolean testIsTrue) {`
`200`		`- exists(boolean partIsTrue, GuardCondition part \|`
`201`		`- this.(BinaryLogicalOperation).impliesValue(part, partIsTrue, testIsTrue)`
	`199`	`+ override predicate comparesEq(Expr e, int k, boolean areEqual, AbstractValue value) {`
	`200`	`+ exists(BooleanValue partValue, GuardCondition part \|`
	`201`	`+ this.(BinaryLogicalOperation)`
	`202`	`+ .impliesValue(part, partValue.getValue(), value.(BooleanValue).getValue())`
`202`	`203`	`\|`
`203`		`- part.comparesEq(e, k, areEqual, partIsTrue)`
	`204`	`+ part.comparesEq(e, k, areEqual, partValue)`
`204`	`205`	`)`
`205`	`206`	`}`
`206`	`207`
`207`	`208`	`override predicate ensuresEq(Expr e, int k, BasicBlock block, boolean areEqual) {`
`208`		`- exists(boolean testIsTrue \|`
`209`		`- this.comparesEq(e, k, areEqual, testIsTrue) and this.controls(block, testIsTrue)`
	`209`	`+ exists(AbstractValue value \|`
	`210`	`+ this.comparesEq(e, k, areEqual, value) and this.valueControls(block, value)`
`210`	`211`	`)`
`211`	`212`	`}`
`212`	`213`	`}`
`@@ -270,18 +271,18 @@ private class GuardConditionFromIR extends GuardCondition {`
`270`	`271`	`)`
`271`	`272`	`}`
`272`	`273`
`273`		`- override predicate comparesEq(Expr e, int k, boolean areEqual, boolean testIsTrue) {`
	`274`	`+ override predicate comparesEq(Expr e, int k, boolean areEqual, AbstractValue value) {`
`274`	`275`	`exists(Instruction i \|`
`275`	`276`	`i.getUnconvertedResultExpression() = e and`
`276`		`- ir.comparesEq(i.getAUse(), k, areEqual, testIsTrue)`
	`277`	`+ ir.comparesEq(i.getAUse(), k, areEqual, value)`
`277`	`278`	`)`
`278`	`279`	`}`
`279`	`280`
`280`	`281`	`override predicate ensuresEq(Expr e, int k, BasicBlock block, boolean areEqual) {`
`281`		`- exists(Instruction i, boolean testIsTrue \|`
	`282`	`+ exists(Instruction i, AbstractValue value \|`
`282`	`283`	`i.getUnconvertedResultExpression() = e and`
`283`		`- ir.comparesEq(i.getAUse(), k, areEqual, testIsTrue) and`
`284`		`- this.controls(block, testIsTrue)`
	`284`	`+ ir.comparesEq(i.getAUse(), k, areEqual, value) and`
	`285`	`+ this.valueControls(block, value)`
`285`	`286`	`)`
`286`	`287`	`}`
`287`	`288`
`@@ -492,19 +493,10 @@ class IRGuardCondition extends Instruction {`
`492`	`493`	`)`
`493`	`494`	`}`
`494`	`495`
`495`		- /** Holds if (determined by this guard) `op == k` evaluates to `areEqual` if this expression evaluates to `testIsTrue`. */
	`496`	+ /** Holds if (determined by this guard) `op == k` evaluates to `areEqual` if this expression evaluates to `value`. */
`496`	`497`	`cached`
`497`		`- predicate comparesEq(Operand op, int k, boolean areEqual, boolean testIsTrue) {`
`498`		`- exists(MatchValue mv \|`
`499`		`- compares_eq(this, op, k, areEqual, mv) and`
`500`		- // A match value cannot be dualized, so `testIsTrue` is always true
`501`		`- testIsTrue = true`
`502`		`- )`
`503`		`- or`
`504`		`- exists(BooleanValue bv \|`
`505`		`- compares_eq(this, op, k, areEqual, bv) and`
`506`		`- bv.getValue() = testIsTrue`
`507`		`- )`
	`498`	`+ predicate comparesEq(Operand op, int k, boolean areEqual, AbstractValue value) {`
	`499`	`+ compares_eq(this, op, k, areEqual, value)`
`508`	`500`	`}`
`509`	`501`
`510`	`502`	`/**`