github
diff --git a/‎csharp/ql/src/semmle/code/csharp/controlflow/ControlFlowGraph.qll‎
Lines changed: 1 addition & 1 deletion b/‎csharp/ql/src/semmle/code/csharp/controlflow/ControlFlowGraph.qll‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎csharp/ql/src/semmle/code/csharp/controlflow/internal/Splitting.qll‎
Lines changed: 67 additions & 38 deletions b/‎csharp/ql/src/semmle/code/csharp/controlflow/internal/Splitting.qll‎
Lines changed: 67 additions & 38 deletions
diff --git a/‎csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected‎
Lines changed: 15 additions & 15 deletions b/‎csharp/ql/test/library-tests/controlflow/graph/BasicBlock.expected‎
Lines changed: 15 additions & 15 deletions
@@ -318,7 +318,7 @@ module ControlFlow {
 
     class BooleanSplit = BooleanSplitting::BooleanSplitImpl;
 
-    class LoopUnrollingSplit = LoopUnrollingSplitting::LoopUnrollingSplitImpl;
+    class LoopSplit = LoopSplitting::LoopSplitImpl;
   }
 
   class BasicBlock = BBs::BasicBlock;
 
@@ -30,7 +30,7 @@ private module Cached {
     TFinallySplitKind(int nestLevel) { nestLevel = FinallySplitting::nestLevel(_) } or
     TExceptionHandlerSplitKind() or
     TBooleanSplitKind(BooleanSplitting::BooleanSplitSubKind kind) { kind.startsSplit(_) } or
-    TLoopUnrollingSplitKind(LoopUnrollingSplitting::UnrollableLoopStmt loop)
+    TLoopSplitKind(LoopSplitting::AnalyzableLoopStmt loop)
 
   cached
   newtype TSplit =
@@ -43,7 +43,7 @@ private module Cached {
       kind.startsSplit(_) and
       (branch = true or branch = false)
     } or
-    TLoopUnrollingSplit(LoopUnrollingSplitting::UnrollableLoopStmt loop)
+    TLoopSplit(LoopSplitting::AnalyzableLoopStmt loop)
 
   cached
   newtype TSplits =
@@ -1109,7 +1109,7 @@ module BooleanSplitting {
   }
 }
 
-module LoopUnrollingSplitting {
+module LoopSplitting {
   private import semmle.code.csharp.controlflow.Guards as Guards
   private import PreBasicBlocks
   private import PreSsa
@@ -1125,51 +1125,78 @@ module LoopUnrollingSplitting {
   }
 
   /**
-   * A loop where the body is guaranteed to be executed at least once, and
-   * can therefore be unrolled in the control flow graph.
+   * A loop where the body is guaranteed to be executed at least once, and hence
+   * can be unrolled in the control flow graph, or where the body is guaranteed
+   * to never be executed, and hence can be removed from the control flow graph.
    */
-  abstract class UnrollableLoopStmt extends LoopStmt {
-    /** Holds if the step `pred --c--> succ` should start loop unrolling. */
-    abstract predicate startUnroll(ControlFlowElement pred, ControlFlowElement succ, Completion c);
+  abstract class AnalyzableLoopStmt extends LoopStmt {
+    /** Holds if the step `pred --c--> succ` should start the split. */
+    abstract predicate start(ControlFlowElement pred, ControlFlowElement succ, Completion c);
 
-    /** Holds if the step `pred --c--> succ` should stop loop unrolling. */
-    abstract predicate stopUnroll(ControlFlowElement pred, ControlFlowElement succ, Completion c);
+    /** Holds if the step `pred --c--> succ` should stop the split. */
+    abstract predicate stop(ControlFlowElement pred, ControlFlowElement succ, Completion c);
 
     /**
-     * Holds if any step `pred --c--> _` should be pruned from the unrolled loop
-     * (the loop condition evaluating to `false`).
+     * Holds if any step `pred --c--> _` should be pruned from the control flow graph.
      */
     abstract predicate pruneLoopCondition(ControlFlowElement pred, ConditionalCompletion c);
+
+    /**
+     * Holds if the body is guaranteed to be executed at least once. If not, the
+     * body is guaranteed to never be executed.
+     */
+    abstract predicate isUnroll();
   }
 
-  private class UnrollableForeachStmt extends UnrollableLoopStmt, ForeachStmt {
-    UnrollableForeachStmt() {
-      exists(Guards::AbstractValues::EmptyCollectionValue v | v.isNonEmpty() |
-        emptinessGuarded(_, this.getIterableExpr(), v)
-        or
-        this.getIterableExpr() = v.getAnExpr()
-      )
+  private class AnalyzableForeachStmt extends AnalyzableLoopStmt, ForeachStmt {
+    Guards::AbstractValues::EmptyCollectionValue v;
+
+    AnalyzableForeachStmt() {
+      /*
+       * We use `unique` to avoid degenerate cases like
+       * ```csharp
+       * if (xs.Length == 0)
+       *     return;
+       * if (xs.Length > 0)
+       *     return;
+       * foreach (var x in xs)
+       *     ....
+       * ```
+       * where the iterator expression `xs` is guarded by both an emptiness check
+       * and a non-emptiness check.
+       */
+
+      v =
+        unique(Guards::AbstractValues::EmptyCollectionValue v0 |
+          emptinessGuarded(_, this.getIterableExpr(), v0)
+          or
+          this.getIterableExpr() = v0.getAnExpr()
+        |
+          v0
+        )
     }
 
-    override predicate startUnroll(ControlFlowElement pred, ControlFlowElement succ, Completion c) {
+    override predicate start(ControlFlowElement pred, ControlFlowElement succ, Completion c) {
       pred = last(this.getIterableExpr(), c) and
       succ = this
     }
 
-    override predicate stopUnroll(ControlFlowElement pred, ControlFlowElement succ, Completion c) {
+    override predicate stop(ControlFlowElement pred, ControlFlowElement succ, Completion c) {
       pred = this and
       succ = succ(pred, c)
     }
 
     override predicate pruneLoopCondition(ControlFlowElement pred, ConditionalCompletion c) {
       pred = this and
-      c.(EmptinessCompletion).isEmpty()
+      c = any(EmptinessCompletion ec | if v.isEmpty() then not ec.isEmpty() else ec.isEmpty())
     }
+
+    override predicate isUnroll() { v.isNonEmpty() }
   }
 
   /**
-   * A split for loops where the body is guaranteed to be executed at least once, and
-   * can therefore be unrolled in the control flow graph. For example, in
+   * A split for loops where the body is guaranteed to be executed at least once, or
+   * guaranteed to never be executed. For example, in
    *
    * ```csharp
    * void M(string[] args)
@@ -1184,21 +1211,23 @@ module LoopUnrollingSplitting {
    * the `foreach` loop is guaranteed to be executed at least once, as a result of the
    * `args.Length == 0` check.
    */
-  class LoopUnrollingSplitImpl extends SplitImpl, TLoopUnrollingSplit {
-    UnrollableLoopStmt loop;
+  class LoopSplitImpl extends SplitImpl, TLoopSplit {
+    AnalyzableLoopStmt loop;
 
-    LoopUnrollingSplitImpl() { this = TLoopUnrollingSplit(loop) }
+    LoopSplitImpl() { this = TLoopSplit(loop) }
 
     override string toString() {
-      result = "unroll (line " + loop.getLocation().getStartLine() + ")"
+      if loop.isUnroll()
+      then result = "unroll (line " + loop.getLocation().getStartLine() + ")"
+      else result = "skip (line " + loop.getLocation().getStartLine() + ")"
     }
   }
 
-  private int getListOrder(UnrollableLoopStmt loop) {
+  private int getListOrder(AnalyzableLoopStmt loop) {
     exists(Callable c, int r | c = loop.getEnclosingCallable() |
       result = r + BooleanSplitting::getNextListOrder() - 1 and
       loop =
-        rank[r](UnrollableLoopStmt loop0 |
+        rank[r](AnalyzableLoopStmt loop0 |
           loop0.getEnclosingCallable() = c
         |
           loop0 order by loop0.getLocation().getStartLine(), loop0.getLocation().getStartColumn()
@@ -1210,21 +1239,21 @@ module LoopUnrollingSplitting {
     result = max(int i | i = getListOrder(_) + 1 or i = BooleanSplitting::getNextListOrder())
   }
 
-  private class LoopUnrollingSplitKind extends SplitKind, TLoopUnrollingSplitKind {
-    private UnrollableLoopStmt loop;
+  private class LoopSplitKind extends SplitKind, TLoopSplitKind {
+    private AnalyzableLoopStmt loop;
 
-    LoopUnrollingSplitKind() { this = TLoopUnrollingSplitKind(loop) }
+    LoopSplitKind() { this = TLoopSplitKind(loop) }
 
     override int getListOrder() { result = getListOrder(loop) }
 
     override string toString() { result = "Unroll" }
   }
 
-  private class LoopUnrollingSplitInternal extends SplitInternal, LoopUnrollingSplitImpl {
-    override LoopUnrollingSplitKind getKind() { result = TLoopUnrollingSplitKind(loop) }
+  private class LoopUnrollingSplitInternal extends SplitInternal, LoopSplitImpl {
+    override LoopSplitKind getKind() { result = TLoopSplitKind(loop) }
 
     override predicate hasEntry(ControlFlowElement pred, ControlFlowElement succ, Completion c) {
-      loop.startUnroll(pred, succ, c)
+      loop.start(pred, succ, c)
     }
 
     override predicate hasEntry(Callable pred, ControlFlowElement succ) { none() }
@@ -1241,7 +1270,7 @@ module LoopUnrollingSplitting {
 
     override predicate hasExit(ControlFlowElement pred, ControlFlowElement succ, Completion c) {
       this.appliesToPredecessor(pred, c) and
-      loop.stopUnroll(pred, succ, c)
+      loop.stop(pred, succ, c)
     }
 
     override Callable hasExit(ControlFlowElement pred, Completion c) {
@@ -1252,7 +1281,7 @@ module LoopUnrollingSplitting {
     override predicate hasSuccessor(ControlFlowElement pred, ControlFlowElement succ, Completion c) {
       this.appliesToPredecessor(pred, c) and
       succ = succ(pred, c) and
-      not loop.stopUnroll(pred, succ, c)
+      not loop.stop(pred, succ, c)
     }
   }
 }
 
@@ -419,39 +419,39 @@
 | LoopUnrolling.cs:7:10:7:11 | enter M1 | LoopUnrolling.cs:9:13:9:28 | ... == ... | 7 |
 | LoopUnrolling.cs:7:10:7:11 | exit M1 | LoopUnrolling.cs:7:10:7:11 | exit M1 | 1 |
 | LoopUnrolling.cs:10:13:10:19 | return ...; | LoopUnrolling.cs:10:13:10:19 | return ...; | 1 |
-| LoopUnrolling.cs:11:21:11:23 | String arg | LoopUnrolling.cs:11:9:12:35 | foreach (... ... in ...) ... | 5 |
-| LoopUnrolling.cs:11:28:11:31 | access to parameter args | LoopUnrolling.cs:11:9:12:35 | [unroll (line 11)] foreach (... ... in ...) ... | 2 |
+| LoopUnrolling.cs:11:22:11:24 | String arg | LoopUnrolling.cs:11:9:12:35 | foreach (... ... in ...) ... | 5 |
+| LoopUnrolling.cs:11:29:11:32 | access to parameter args | LoopUnrolling.cs:11:9:12:35 | [unroll (line 11)] foreach (... ... in ...) ... | 2 |
 | LoopUnrolling.cs:15:10:15:11 | enter M2 | LoopUnrolling.cs:18:9:19:33 | [unroll (line 18)] foreach (... ... in ...) ... | 11 |
 | LoopUnrolling.cs:15:10:15:11 | exit M2 | LoopUnrolling.cs:15:10:15:11 | exit M2 | 1 |
-| LoopUnrolling.cs:18:21:18:21 | String x | LoopUnrolling.cs:18:9:19:33 | foreach (... ... in ...) ... | 5 |
+| LoopUnrolling.cs:18:22:18:22 | String x | LoopUnrolling.cs:18:9:19:33 | foreach (... ... in ...) ... | 5 |
 | LoopUnrolling.cs:22:10:22:11 | enter M3 | LoopUnrolling.cs:24:29:24:32 | access to parameter args | 3 |
 | LoopUnrolling.cs:22:10:22:11 | exit M3 | LoopUnrolling.cs:22:10:22:11 | exit M3 | 1 |
 | LoopUnrolling.cs:24:9:26:40 | foreach (... ... in ...) ... | LoopUnrolling.cs:24:9:26:40 | foreach (... ... in ...) ... | 1 |
 | LoopUnrolling.cs:24:22:24:24 | Char arg | LoopUnrolling.cs:25:13:26:40 | [unroll (line 25)] foreach (... ... in ...) ... | 3 |
 | LoopUnrolling.cs:25:26:25:29 | Char arg0 | LoopUnrolling.cs:25:13:26:40 | foreach (... ... in ...) ... | 5 |
-| LoopUnrolling.cs:29:10:29:11 | enter M4 | LoopUnrolling.cs:32:26:32:27 | access to local variable xs | 7 |
-| LoopUnrolling.cs:29:10:29:11 | exit M4 | LoopUnrolling.cs:29:10:29:11 | exit M4 | 1 |
-| LoopUnrolling.cs:32:9:33:33 | foreach (... ... in ...) ... | LoopUnrolling.cs:32:9:33:33 | foreach (... ... in ...) ... | 1 |
-| LoopUnrolling.cs:32:21:32:21 | String x | LoopUnrolling.cs:33:13:33:32 | call to method WriteLine | 4 |
+| LoopUnrolling.cs:29:10:29:11 | enter M4 | LoopUnrolling.cs:29:10:29:11 | exit M4 | 9 |
 | LoopUnrolling.cs:36:10:36:11 | enter M5 | LoopUnrolling.cs:40:9:42:41 | [unroll (line 40)] foreach (... ... in ...) ... | 18 |
 | LoopUnrolling.cs:36:10:36:11 | exit M5 | LoopUnrolling.cs:36:10:36:11 | exit M5 | 1 |
 | LoopUnrolling.cs:40:9:42:41 | foreach (... ... in ...) ... | LoopUnrolling.cs:40:9:42:41 | foreach (... ... in ...) ... | 1 |
-| LoopUnrolling.cs:40:21:40:21 | String x | LoopUnrolling.cs:41:13:42:41 | [unroll (line 41)] foreach (... ... in ...) ... | 3 |
-| LoopUnrolling.cs:41:25:41:25 | String y | LoopUnrolling.cs:41:13:42:41 | foreach (... ... in ...) ... | 7 |
+| LoopUnrolling.cs:40:22:40:22 | String x | LoopUnrolling.cs:41:13:42:41 | [unroll (line 41)] foreach (... ... in ...) ... | 3 |
+| LoopUnrolling.cs:41:26:41:26 | String y | LoopUnrolling.cs:41:13:42:41 | foreach (... ... in ...) ... | 7 |
 | LoopUnrolling.cs:45:10:45:11 | enter M6 | LoopUnrolling.cs:49:9:52:9 | {...} | 13 |
-| LoopUnrolling.cs:50:13:50:17 | Label: | LoopUnrolling.cs:51:13:51:23 | goto ...; | 5 |
+| LoopUnrolling.cs:50:9:50:13 | Label: | LoopUnrolling.cs:51:13:51:23 | goto ...; | 5 |
 | LoopUnrolling.cs:55:10:55:11 | enter M7 | LoopUnrolling.cs:60:17:60:17 | access to parameter b | 15 |
 | LoopUnrolling.cs:55:10:55:11 | exit M7 | LoopUnrolling.cs:55:10:55:11 | exit M7 | 1 |
-| LoopUnrolling.cs:58:21:58:21 | [b (line 55): false] String x | LoopUnrolling.cs:60:17:60:17 | [b (line 55): false] access to parameter b | 4 |
-| LoopUnrolling.cs:58:21:58:21 | [b (line 55): true] String x | LoopUnrolling.cs:60:17:60:17 | [b (line 55): true] access to parameter b | 4 |
+| LoopUnrolling.cs:58:22:58:22 | [b (line 55): false] String x | LoopUnrolling.cs:60:17:60:17 | [b (line 55): false] access to parameter b | 4 |
+| LoopUnrolling.cs:58:22:58:22 | [b (line 55): true] String x | LoopUnrolling.cs:60:17:60:17 | [b (line 55): true] access to parameter b | 4 |
 | LoopUnrolling.cs:61:17:61:37 | [b (line 55): true] ...; | LoopUnrolling.cs:58:9:64:9 | [b (line 55): true] foreach (... ... in ...) ... | 9 |
 | LoopUnrolling.cs:62:13:63:37 | [b (line 55): false] if (...) ... | LoopUnrolling.cs:58:9:64:9 | [b (line 55): false] foreach (... ... in ...) ... | 3 |
 | LoopUnrolling.cs:67:10:67:11 | enter M8 | LoopUnrolling.cs:69:14:69:23 | call to method Any | 6 |
 | LoopUnrolling.cs:67:10:67:11 | exit M8 | LoopUnrolling.cs:67:10:67:11 | exit M8 | 1 |
 | LoopUnrolling.cs:70:13:70:19 | return ...; | LoopUnrolling.cs:70:13:70:19 | return ...; | 1 |
-| LoopUnrolling.cs:71:9:71:21 | ...; | LoopUnrolling.cs:72:28:72:31 | access to parameter args | 4 |
-| LoopUnrolling.cs:72:9:73:35 | foreach (... ... in ...) ... | LoopUnrolling.cs:72:9:73:35 | foreach (... ... in ...) ... | 1 |
-| LoopUnrolling.cs:72:21:72:23 | String arg | LoopUnrolling.cs:73:13:73:34 | call to method WriteLine | 4 |
+| LoopUnrolling.cs:71:9:71:21 | ...; | LoopUnrolling.cs:72:9:73:35 | [skip (line 72)] foreach (... ... in ...) ... | 5 |
+| LoopUnrolling.cs:76:10:76:11 | enter M9 | LoopUnrolling.cs:76:10:76:11 | exit M9 | 10 |
+| LoopUnrolling.cs:85:10:85:12 | enter M10 | LoopUnrolling.cs:85:10:85:12 | exit M10 | 10 |
+| LoopUnrolling.cs:94:10:94:12 | enter M11 | LoopUnrolling.cs:97:9:100:9 | [unroll (line 97)] foreach (... ... in ...) ... | 9 |
+| LoopUnrolling.cs:94:10:94:12 | exit M11 | LoopUnrolling.cs:94:10:94:12 | exit M11 | 1 |
+| LoopUnrolling.cs:97:22:97:22 | String x | LoopUnrolling.cs:97:9:100:9 | foreach (... ... in ...) ... | 6 |
 | MultiImplementationA.cs:6:22:6:31 | enter get_P1 | MultiImplementationA.cs:6:22:6:31 | enter get_P1 | 1 |
 | MultiImplementationA.cs:6:22:6:31 | enter get_P1 | MultiImplementationB.cs:3:22:3:22 | enter get_P1 | 1 |
 | MultiImplementationA.cs:6:22:6:31 | exit get_P1 | MultiImplementationA.cs:6:22:6:31 | exit get_P1 | 1 |
Original file line number	Diff line number	Diff line change
`@@ -318,7 +318,7 @@ module ControlFlow {`
`318`	`318`
`319`	`319`	`class BooleanSplit = BooleanSplitting::BooleanSplitImpl;`
`320`	`320`
`321`		`- class LoopUnrollingSplit = LoopUnrollingSplitting::LoopUnrollingSplitImpl;`
	`321`	`+ class LoopSplit = LoopSplitting::LoopSplitImpl;`
`322`	`322`	`}`
`323`	`323`
`324`	`324`	`class BasicBlock = BBs::BasicBlock;`