C++: Improve IRGuads logic for 'unlikely' expressions.

Author: MathiasVP

cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll

@@ -965,6 +965,14 @@ private module Cached {
     compares_eq(test.(BuiltinExpectCallValueNumber).getCondition(), left, right, k, areEqual, value)
   }
 
+  private predicate isConvertedBool(Instruction instr) {
+    instr.getResultIRType() instanceof IRBooleanType
+    or
+    isConvertedBool(instr.(ConvertInstruction).getUnary())
+    or
+    isConvertedBool(instr.(BuiltinExpectCallInstruction).getCondition())
+  }
+
   /**
    * Holds if `op == k` is `areEqual` given that `test` is equal to `value`.
    */
@@ -995,6 +1003,20 @@ private module Cached {
       k = k1 + k2
     )
     or
+    exists(CompareValueNumber cmp, Operand left, Operand right, AbstractValue v |
+      test = cmp and
+      cmp.hasOperands(left, right) and
+      isConvertedBool(left.getDef()) and
+      int_value(right.getDef()) = 0 and
+      unary_compares_eq(valueNumberOfOperand(left), op, k, areEqual, v)
+    |
+      cmp instanceof CompareNEValueNumber and
+      v = value
+      or
+      cmp instanceof CompareEQValueNumber and
+      v.getDualValue() = value
+    )
+    or
     unary_compares_eq(test.(BuiltinExpectCallValueNumber).getCondition(), op, k, areEqual, value)
   }