Skip to content

Go: Fix some Ql4Ql violations. #20327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Sep 2, 2025
+163 −174
Merged

Go: Fix some Ql4Ql violations. #20327

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ea664e0
Go: Fix some Ql4Ql violations.
michaelnebel Sep 1, 2025
d0323a6
Fix one more violation.
michaelnebel Sep 2, 2025
55e5281
Go: Fix a couple more spelling errors.
michaelnebel Sep 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions go/ql/lib/semmle/go/StringOps.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -306,11 +306,12 @@ module StringOps {
*/
class StringFormatCall extends DataFlow::CallNode {
string fmt;
Range f;

StringFormatCall() {
this = f.getACall() and
fmt = this.getArgument(f.getFormatStringIndex()).getStringValue() and
exists(Range f |
this = f.getACall() and
fmt = this.getArgument(f.getFormatStringIndex()).getStringValue()
) and
fmt.regexpMatch(getFormatComponentRegex() + "*")
}

Expand Down
4 changes: 2 additions & 2 deletions go/ql/lib/semmle/go/dataflow/internal/DataFlowUtil.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -367,7 +367,7 @@ module BarrierGuard<guardChecksSig/3 guardChecks> {
}

/**
* Holds if `guard` marks a point in the control-flow graph where this node
* Holds if `guard` marks a point in the control-flow graph where `g`
* is known to validate `nd`, which is represented by `ap`.
*
* This predicate exists to enforce a good join order in `getAGuardedNode`.
Expand All @@ -378,7 +378,7 @@ module BarrierGuard<guardChecksSig/3 guardChecks> {
}

/**
* Holds if `guard` marks a point in the control-flow graph where this node
* Holds if `guard` marks a point in the control-flow graph where `g`
* is known to validate `nd`.
*/
private predicate guards(Node g, ControlFlow::ConditionGuardNode guard, Node nd) {
Expand Down
312 changes: 150 additions & 162 deletions go/ql/src/experimental/IntegerOverflow/RangeAnalysis.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -347,183 +347,171 @@ float getALowerBound(Expr expr) {
* Gets a possible upper bound of SSA definition `def`.
*/
float getAnSsaUpperBound(SsaDefinition def) {
if recursiveSelfDef(def)
then none()
else (
if def instanceof SsaExplicitDefinition
then
exists(SsaExplicitDefinition explicitDef | explicitDef = def |
//SSA definition coresponding to a `SimpleAssignStmt`
if explicitDef.getInstruction() instanceof IR::AssignInstruction
then
exists(IR::AssignInstruction assignInstr, SimpleAssignStmt simpleAssign |
assignInstr = explicitDef.getInstruction() and
assignInstr.getRhs().(IR::EvalInstruction).getExpr() = simpleAssign.getRhs() and
result = getAnUpperBound(simpleAssign.getRhs())
)
or
//SSA definition coresponding to a ValueSpec(used in a variable declaration)
exists(IR::AssignInstruction declInstr, ValueSpec vs, int i, Expr init |
declInstr = explicitDef.getInstruction() and
declInstr = IR::initInstruction(vs, i) and
init = vs.getInit(i) and
result = getAnUpperBound(init)
)
or
//SSA definition coresponding to an `AddAssignStmt` (x += y) or `SubAssignStmt` (x -= y)
exists(
IR::AssignInstruction assignInstr, SsaExplicitDefinition prevDef,
CompoundAssignStmt compoundAssign, float prevBound, float delta
|
assignInstr = explicitDef.getInstruction() and
getAUse(prevDef) = compoundAssign.getLhs() and
assignInstr = IR::assignInstruction(compoundAssign, 0) and
prevBound = getAnSsaUpperBound(prevDef) and
if compoundAssign instanceof AddAssignStmt
then
delta = getAnUpperBound(compoundAssign.getRhs()) and
result = addRoundingUp(prevBound, delta)
else
if compoundAssign instanceof SubAssignStmt
then
delta = getALowerBound(compoundAssign.getRhs()) and
result = addRoundingUp(prevBound, -delta)
else none()
not recursiveSelfDef(def) and
(
def instanceof SsaExplicitDefinition and
exists(SsaExplicitDefinition explicitDef | explicitDef = def |
//SSA definition coresponding to a `SimpleAssignStmt`
Copy link
Preview

Copilot AI Sep 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Misspelling: 'coresponding' should be 'corresponding'.

Copilot uses AI. Check for mistakes.

if explicitDef.getInstruction() instanceof IR::AssignInstruction
then
exists(IR::AssignInstruction assignInstr, SimpleAssignStmt simpleAssign |
assignInstr = explicitDef.getInstruction() and
assignInstr.getRhs().(IR::EvalInstruction).getExpr() = simpleAssign.getRhs() and
result = getAnUpperBound(simpleAssign.getRhs())
)
or
//SSA definition coresponding to a ValueSpec(used in a variable declaration)
exists(IR::AssignInstruction declInstr, ValueSpec vs, int i, Expr init |
declInstr = explicitDef.getInstruction() and
declInstr = IR::initInstruction(vs, i) and
init = vs.getInit(i) and
result = getAnUpperBound(init)
)
or
//SSA definition coresponding to an `AddAssignStmt` (x += y) or `SubAssignStmt` (x -= y)
exists(
IR::AssignInstruction assignInstr, SsaExplicitDefinition prevDef,
CompoundAssignStmt compoundAssign, float prevBound, float delta
|
assignInstr = explicitDef.getInstruction() and
getAUse(prevDef) = compoundAssign.getLhs() and
assignInstr = IR::assignInstruction(compoundAssign, 0) and
prevBound = getAnSsaUpperBound(prevDef) and
(
compoundAssign instanceof AddAssignStmt and
delta = getAnUpperBound(compoundAssign.getRhs()) and
result = addRoundingUp(prevBound, delta)
or
compoundAssign instanceof SubAssignStmt and
delta = getALowerBound(compoundAssign.getRhs()) and
result = addRoundingUp(prevBound, -delta)
)
else
//SSA definition coresponding to an `IncDecStmt`
if explicitDef.getInstruction() instanceof IR::IncDecInstruction
then
exists(IncDecStmt incOrDec, IR::IncDecInstruction instr, float exprLB |
instr = explicitDef.getInstruction() and
exprLB = getAnUpperBound(incOrDec.getOperand()) and
instr.getRhs().(IR::EvalIncDecRhsInstruction).getStmt() = incOrDec and
(
//IncStmt(x++)
exists(IncStmt inc |
inc = incOrDec and
result = addRoundingUp(exprLB, 1)
)
or
//DecStmt(x--)
exists(DecStmt dec |
dec = incOrDec and
result = addRoundingUp(exprLB, -1)
)
)
else
//SSA definition coresponding to an `IncDecStmt`
if explicitDef.getInstruction() instanceof IR::IncDecInstruction
then
exists(IncDecStmt incOrDec, IR::IncDecInstruction instr, float exprLB |
instr = explicitDef.getInstruction() and
exprLB = getAnUpperBound(incOrDec.getOperand()) and
instr.getRhs().(IR::EvalIncDecRhsInstruction).getStmt() = incOrDec and
(
//IncStmt(x++)
exists(IncStmt inc |
inc = incOrDec and
result = addRoundingUp(exprLB, 1)
)
)
else
//SSA definition coreponding to the init of the parameter
if explicitDef.getInstruction() instanceof IR::InitParameterInstruction
then
exists(IR::InitParameterInstruction instr, Parameter p |
instr = explicitDef.getInstruction() and
IR::initParamInstruction(p) = instr and
result = typeMaxValue(p.getType())
or
//DecStmt(x--)
exists(DecStmt dec |
dec = incOrDec and
result = addRoundingUp(exprLB, -1)
)
else none()
)
else
//this SSA definition is a phi node.
if def instanceof SsaPhiNode
then
exists(SsaPhiNode phi |
phi = def and
result = getAnSsaUpperBound(phi.getAnInput().getDefinition())
)
)
else (
//SSA definition coreponding to the init of the parameter
Copy link
Preview

Copilot AI Sep 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Misspelling: 'coreponding' should be 'corresponding'.

Copilot uses AI. Check for mistakes.

explicitDef.getInstruction() instanceof IR::InitParameterInstruction and
exists(IR::InitParameterInstruction instr, Parameter p |
instr = explicitDef.getInstruction() and
IR::initParamInstruction(p) = instr and
result = typeMaxValue(p.getType())
)
)
else none()
)
or
//this SSA definition is a phi node.
def instanceof SsaPhiNode and
exists(SsaPhiNode phi |
phi = def and
result = getAnSsaUpperBound(phi.getAnInput().getDefinition())
)
)
}

/**
* Gets a possible lower bound of SSA definition `def`.
*/
float getAnSsaLowerBound(SsaDefinition def) {
if recursiveSelfDef(def)
then none()
else (
if def instanceof SsaExplicitDefinition
then
exists(SsaExplicitDefinition explicitDef | explicitDef = def |
if explicitDef.getInstruction() instanceof IR::AssignInstruction
then
//SimpleAssignStmt
exists(IR::AssignInstruction assignInstr, SimpleAssignStmt simpleAssign |
assignInstr = explicitDef.getInstruction() and
assignInstr.getRhs().(IR::EvalInstruction).getExpr() = simpleAssign.getRhs() and
result = getALowerBound(simpleAssign.getRhs())
)
or
//ValueSpec
exists(IR::AssignInstruction declInstr, ValueSpec vs, int i, Expr init |
declInstr = explicitDef.getInstruction() and
declInstr = IR::initInstruction(vs, i) and
init = vs.getInit(i) and
result = getALowerBound(init)
)
or
//AddAssignStmt(x += y)
exists(
IR::AssignInstruction assignInstr, SsaExplicitDefinition prevDef,
CompoundAssignStmt compoundAssign, float prevBound, float delta
|
assignInstr = explicitDef.getInstruction() and
getAUse(prevDef) = compoundAssign.getLhs() and
assignInstr = IR::assignInstruction(compoundAssign, 0) and
prevBound = getAnSsaLowerBound(prevDef) and
if compoundAssign instanceof AddAssignStmt
then
delta = getALowerBound(compoundAssign.getRhs()) and
result = addRoundingDown(prevBound, delta)
else
if compoundAssign instanceof SubAssignStmt
then
delta = getAnUpperBound(compoundAssign.getRhs()) and
result = addRoundingDown(prevBound, -delta)
else none()
not recursiveSelfDef(def) and
(
def instanceof SsaExplicitDefinition and
exists(SsaExplicitDefinition explicitDef | explicitDef = def |
if explicitDef.getInstruction() instanceof IR::AssignInstruction
then
//SimpleAssignStmt
exists(IR::AssignInstruction assignInstr, SimpleAssignStmt simpleAssign |
assignInstr = explicitDef.getInstruction() and
assignInstr.getRhs().(IR::EvalInstruction).getExpr() = simpleAssign.getRhs() and
result = getALowerBound(simpleAssign.getRhs())
)
or
//ValueSpec
exists(IR::AssignInstruction declInstr, ValueSpec vs, int i, Expr init |
declInstr = explicitDef.getInstruction() and
declInstr = IR::initInstruction(vs, i) and
init = vs.getInit(i) and
result = getALowerBound(init)
)
or
//AddAssignStmt(x += y)
exists(
IR::AssignInstruction assignInstr, SsaExplicitDefinition prevDef,
CompoundAssignStmt compoundAssign, float prevBound, float delta
|
assignInstr = explicitDef.getInstruction() and
getAUse(prevDef) = compoundAssign.getLhs() and
assignInstr = IR::assignInstruction(compoundAssign, 0) and
prevBound = getAnSsaLowerBound(prevDef) and
(
compoundAssign instanceof AddAssignStmt and
delta = getALowerBound(compoundAssign.getRhs()) and
result = addRoundingDown(prevBound, delta)
or
compoundAssign instanceof SubAssignStmt and
delta = getAnUpperBound(compoundAssign.getRhs()) and
result = addRoundingDown(prevBound, -delta)
)
else
//IncDecStmt
if explicitDef.getInstruction() instanceof IR::IncDecInstruction
then
exists(IncDecStmt incOrDec, IR::IncDecInstruction instr, float exprLB |
instr = explicitDef.getInstruction() and
exprLB = getALowerBound(incOrDec.getOperand()) and
instr.getRhs().(IR::EvalIncDecRhsInstruction).getStmt() = incOrDec and
(
//IncStmt(x++)
exists(IncStmt inc |
inc = incOrDec and
result = addRoundingDown(exprLB, 1)
)
or
//DecStmt(x--)
exists(DecStmt dec |
dec = incOrDec and
result = addRoundingDown(exprLB, -1)
)
)
else
//IncDecStmt
if explicitDef.getInstruction() instanceof IR::IncDecInstruction
then
exists(IncDecStmt incOrDec, IR::IncDecInstruction instr, float exprLB |
instr = explicitDef.getInstruction() and
exprLB = getALowerBound(incOrDec.getOperand()) and
instr.getRhs().(IR::EvalIncDecRhsInstruction).getStmt() = incOrDec and
(
//IncStmt(x++)
exists(IncStmt inc |
inc = incOrDec and
result = addRoundingDown(exprLB, 1)
)
)
else
//init of the function parameter
if explicitDef.getInstruction() instanceof IR::InitParameterInstruction
then
exists(IR::InitParameterInstruction instr, Parameter p |
instr = explicitDef.getInstruction() and
IR::initParamInstruction(p) = instr and
result = typeMinValue(p.getType())
or
//DecStmt(x--)
exists(DecStmt dec |
dec = incOrDec and
result = addRoundingDown(exprLB, -1)
)
else none()
)
else
//phi node
if def instanceof SsaPhiNode
then
exists(SsaPhiNode phi |
phi = def and
result = getAnSsaLowerBound(phi.getAnInput().getDefinition())
)
)
else (
//init of the function parameter
explicitDef.getInstruction() instanceof IR::InitParameterInstruction and
exists(IR::InitParameterInstruction instr, Parameter p |
instr = explicitDef.getInstruction() and
IR::initParamInstruction(p) = instr and
result = typeMinValue(p.getType())
)
)
else none()
)
or
//phi node
def instanceof SsaPhiNode and
exists(SsaPhiNode phi |
phi = def and
result = getAnSsaLowerBound(phi.getAnInput().getDefinition())
)
)
}

Expand Down