@@ -155,15 +155,7 @@ predicate operandIsPropagated(Operand operand, IntValue bitOffset) {
155155 // The operand is used in a function call from which the operand does not escape
156156 exists ( CallInstruction ci , FunctionIR f , Instruction init |
157157 ci = operand .getUseInstruction ( ) and
158- f .getFunction ( ) = ci .getStaticCallTarget ( ) and
159- (
160- init .( InitializeParameterInstruction ) .getParameter ( ) = f .getFunction ( ) .getParameter ( operand .( PositionalArgumentOperand ) .getIndex ( ) )
161- or
162- init instanceof InitializeThisInstruction and
163- init .getEnclosingFunctionIR ( ) = f and
164- operand instanceof ThisArgumentOperand
165- ) and
166- not exists ( f .getFunction ( ) .getAnOverload ( ) ) and
158+ isArgumentForParameter ( ci , operand , init ) and
167159 not resultEscapesNonReturn ( init ) and
168160 (
169161 not resultReturned ( init )
@@ -186,24 +178,16 @@ predicate operandEscapesNonReturn(Operand operand) {
186178 not resultEscapesNonReturn ( operand .getUseInstruction ( ) )
187179 or
188180 // The operand is used in a function call from which the operand does not escape
189- exists ( CallInstruction ci , FunctionIR f , Instruction init |
190- ci = operand .getUseInstruction ( ) and
191- f .getFunction ( ) = ci .getStaticCallTarget ( ) and
192- (
193- init .( InitializeParameterInstruction ) .getParameter ( ) = f .getFunction ( ) .getParameter ( operand .( PositionalArgumentOperand ) .getIndex ( ) )
194- or
195- init instanceof InitializeThisInstruction and
196- init .getEnclosingFunctionIR ( ) = f and
197- operand instanceof ThisArgumentOperand
198- ) and
199- not exists ( f .getFunction ( ) .getAnOverload ( ) ) and
181+ exists ( CallInstruction ci , Instruction init |
182+ isArgumentForParameter ( ci , operand , init ) and
200183 not resultEscapesNonReturn ( init ) and
201184 not resultEscapesNonReturn ( ci )
202185 ) or
203186 operand instanceof ReturnValueOperand
204187 )
205188}
206189
190+
207191predicate operandReturned ( Operand operand ) {
208192 // The address is propagated to the result of the instruction, and that result itself is returned
209193 operandIsPropagated ( operand , _) and resultReturned ( operand .getUseInstruction ( ) )
@@ -217,16 +201,9 @@ predicate operandReturned(Operand operand) {
217201 resultReturned ( ci )
218202 )
219203 or
220- exists ( CallInstruction ci , FunctionIR f , Instruction init |
204+ exists ( CallInstruction ci , Instruction init |
221205 ci = operand .getUseInstruction ( ) and
222- f .getFunction ( ) = ci .getStaticCallTarget ( ) and
223- (
224- init .( InitializeParameterInstruction ) .getParameter ( ) = f .getFunction ( ) .getParameter ( operand .( PositionalArgumentOperand ) .getIndex ( ) )
225- or
226- init instanceof InitializeThisInstruction and
227- init .getEnclosingFunctionIR ( ) = f and
228- operand instanceof ThisArgumentOperand
229- ) and
206+ isArgumentForParameter ( ci , operand , init ) and
230207 resultReturned ( init ) and
231208 resultReturned ( ci )
232209 )
@@ -235,6 +212,21 @@ predicate operandReturned(Operand operand) {
235212 operand instanceof ReturnValueOperand
236213}
237214
215+ predicate isArgumentForParameter ( CallInstruction ci , Operand operand , Instruction init ) {
216+ exists ( Function f |
217+ ci = operand .getUseInstruction ( ) and
218+ f = ci .getStaticCallTarget ( ) and
219+ (
220+ init .( InitializeParameterInstruction ) .getParameter ( ) = f .getParameter ( operand .( PositionalArgumentOperand ) .getIndex ( ) )
221+ or
222+ init instanceof InitializeThisInstruction and
223+ init .getEnclosingFunction ( ) = f and
224+ operand instanceof ThisArgumentOperand
225+ ) and
226+ not f .isVirtual ( )
227+ )
228+ }
229+
238230predicate resultReturned ( Instruction instr ) {
239231 operandReturned ( instr .getAUse ( ) )
240232}
0 commit comments