Guards: Support disjunctive implications. #20826
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR extends the Guards library to support disjunctive implications, enabling analysis of patterns where a disjunction constrains one alternative, allowing the other alternative to be inferred. The key pattern is: if b = x == v1 || g and b is true, then within a nested condition where x == v2 (with v1 and v2 disjoint), g must hold.
- Adds a new
DisjunctiveGuardmodule to compute disjunctive guard implications - Integrates the new disjunctive analysis into the existing guard implication transitive closure
- Adds test case demonstrating the fix for nullness false positives in Java
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| shared/controlflow/codeql/controlflow/Guards.qll | Implements the disjunctive guard implication logic and integrates it into the guard control flow analysis |
| java/ql/test/query-tests/Nullness/C.java | Adds test case ex19 demonstrating the disjunctive nullness pattern that should now be handled correctly |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Dca:
|
|
There's a C# qltest that's weird - I strongly suspect that it's splitting which confuses things. Luckily that doesn't seem to affect actual query results, so I guess we can just accept the qltest weirdness for now. |
|
I've added a commit accepting the qltest. |
|
I've also added a change note for C#, but not for the other languages as the possible changes there seemed too minor. |
2 participants
This PR adds the following pattern to the set of implications in the Guards library.
This pattern was observed in several nullness false positives for C#, which now ought to be fixed by this change.