Skip to content

Dataflow perf investigations #15444

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 19 commits into
base: main
Choose a base branch
from
+1,277 −414
Draft

Dataflow perf investigations #15444

Changes from 1 commit
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
773b1c6
Add more pruning stages
hvitved Jan 24, 2024
92b37ce
temp
hvitved Jan 24, 2024
38dba58
temp2
hvitved Jan 25, 2024
8aa1960
temp
hvitved Jan 25, 2024
f205d0a
temp2
hvitved Jan 26, 2024
349f2a6
Dummy change to trigger CI
hvitved Jan 26, 2024
3533b6a
temp
hvitved Jan 29, 2024
d34dfaa
temp
hvitved Jan 29, 2024
93f62de
temp
hvitved Feb 1, 2024
963c4a1
debug
hvitved Feb 2, 2024
fff4e2d
debug
hvitved Feb 7, 2024
bc4462e
works
hvitved Feb 8, 2024
aae8079
temp
hvitved Feb 9, 2024
705243b
temp
hvitved Feb 9, 2024
7766b70
temp
hvitved Feb 12, 2024
98503b6
debug
hvitved Feb 13, 2024
4cbea36
branch limit
hvitved Feb 13, 2024
276a4dc
debug
hvitved Feb 13, 2024
f8347e9
temp
hvitved Feb 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
temp
  • Loading branch information
@hvitved
hvitved committed Feb 21, 2024
commit 7766b709a913498afcb5a26d4c53672f16b4e994
133 changes: 84 additions & 49 deletions shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1310,7 +1310,7 @@ module MakeImpl<InputSig Lang> {
PrevStage::revFlow(node) and result = getTyp(node.getDataFlowType())
}

pragma[inline]
pragma[nomagic]
private predicate flowThroughOutOfCall(
DataFlowCall call, CcCall ccc, RetNodeEx ret, ReturnKindExt kind, NodeEx out,
boolean allowsFieldFlow, ApApprox argApa, ApApprox apa
Expand All @@ -1321,14 +1321,13 @@ module MakeImpl<InputSig Lang> {
matchesCall(ccc, call)
}

pragma[nomagic]
private predicate flowThroughOutOfCall(
DataFlowCall call, CcCall ccc, ReturnKindExt kind, NodeEx out, boolean allowsFieldFlow,
ApApprox argApa, ApApprox apa
) {
flowThroughOutOfCall(call, ccc, _, kind, out, allowsFieldFlow, argApa, apa)
}

// pragma[nomagic]
// private predicate flowThroughOutOfCall(
// DataFlowCall call, CcCall ccc, ReturnKindExt kind, NodeEx out, boolean allowsFieldFlow,
// ApApprox argApa, ApApprox apa
// ) {
// flowThroughOutOfCall(call, ccc, _, kind, out, allowsFieldFlow, argApa, apa)
// }
/**
* Holds if `node` is reachable with access path `ap` from a source.
*
Expand Down Expand Up @@ -1441,10 +1440,10 @@ module MakeImpl<InputSig Lang> {
)
or
// flow into a callable
exists(boolean inSummaryCtx |
fwdFlowIn(node, apa, state, cc, t, origT, ap, inSummaryCtx)
exists(boolean inSummaryCtx, boolean allowsFlowThrough |
fwdFlowIn(node, apa, state, cc, t, origT, ap, inSummaryCtx, allowsFlowThrough)
|
PrevStage::parameterMayFlowThrough(node, apa) and
allowsFlowThrough = true and
summaryCtx = TParamNodeSome(node.asNode()) and
argT = ArgTypOption::some(toArgTyp(t)) and
argAp = apSome(ap)
Expand All @@ -1468,9 +1467,8 @@ module MakeImpl<InputSig Lang> {
ApApprox innerArgApa
|
fwdFlowThrough(call, cc, state, ccc, summaryCtx, argT, argAp, t, origT, ap, apa, ret,
innerArgApa) and
flowThroughOutOfCall(call, ccc, ret, _, node, allowsFieldFlow, innerArgApa, apa) and
if allowsFieldFlow = false then ap instanceof ApNil else any()
innerArgApa, allowsFieldFlow) and
flowThroughOutOfCall(call, ccc, ret, _, node, allowsFieldFlow, innerArgApa, apa)
)
}

Expand Down Expand Up @@ -1606,10 +1604,14 @@ module MakeImpl<InputSig Lang> {
}

private signature module FwdFlowInInputSig {
default predicate callRestriction(DataFlowCall call) { any() }

bindingset[p, apa]
default predicate parameterRestriction(ParamNodeEx p, ApApprox apa) { any() }
// default predicate callRestriction(DataFlowCall call) { any() }
// bindingset[p, apa]
// default predicate parameterRestriction(ParamNodeEx p, ApApprox apa) { any() }
default predicate restriction(
DataFlowCall call, ParamNodeEx p, ApApprox apa, boolean allowsFieldFlow
) {
PrevStage::callEdgeArgParam(call, _, _, p, allowsFieldFlow, apa)
}
}

/**
Expand All @@ -1630,9 +1632,13 @@ module MakeImpl<InputSig Lang> {
DataFlowCall call, DataFlowCallable c, ArgNodeEx arg, ParamNodeEx p,
boolean allowsFieldFlow, ApApprox apa
) {
PrevStage::callEdgeArgParam(call, c, arg, p, allowsFieldFlow, apa) and
I::callRestriction(call) and
I::parameterRestriction(p, apa)
exists(boolean allowsFieldFlow1, boolean allowsFieldFlow2 |
PrevStage::callEdgeArgParam(call, c, arg, p, allowsFieldFlow1, apa) and
I::restriction(call, p, apa, allowsFieldFlow2) and
allowsFieldFlow = allowsFieldFlow1.booleanAnd(allowsFieldFlow2)
)
// I::callRestriction(call) and
// I::parameterRestriction(p, apa)
}

pragma[nomagic]
Expand Down Expand Up @@ -1767,15 +1773,40 @@ module MakeImpl<InputSig Lang> {

private module FwdFlowInNoRestriction implements FwdFlowInInputSig { }

pragma[nomagic]
private predicate flowThroughOutOfCall(
DataFlowCall call, ParamNodeEx p, ApApprox apa, boolean allowsFieldFlow
) {
PrevStage::parameterMayFlowThrough(p, apa) and
flowThroughOutOfCall(call, _, _, _, _, allowsFieldFlow, apa, _) and
PrevStage::callEdgeArgParam(call, _, _, p, _, apa)
}

bindingset[call, p, ap, apa]
pragma[inline_late]
private predicate fwdFlowInFlowThroughAllowed(
DataFlowCall call, ParamNodeEx p, Ap ap, ApApprox apa
) {
exists(boolean allowsFieldFlow |
flowThroughOutOfCall(call, p, apa, allowsFieldFlow) and
if allowsFieldFlow = false then ap instanceof ApNil else any()
)
}

pragma[nomagic]
private predicate fwdFlowIn(
ParamNodeEx p, ApApprox apa, FlowState state, CcCall innercc, Typ t, TypOption origT,
Ap ap, boolean inSummaryCtx
Ap ap, boolean inSummaryCtx, boolean allowsFlowThrough
) {
exists(ParamNodeOption summaryCtx |
FwdFlowIn<FwdFlowInNoRestriction>::fwdFlowIn(_, _, p, state, _, innercc, summaryCtx, _,
_, t, origT, ap, apa, _) and
exists(DataFlowCall call, ParamNodeOption summaryCtx |
FwdFlowIn<FwdFlowInNoRestriction>::fwdFlowIn(call, _, p, state, _, innercc, summaryCtx,
_, _, t, origT, ap, apa, _) and
if summaryCtx = TParamNodeNone() then inSummaryCtx = false else inSummaryCtx = true
|
allowsFlowThrough = false
or
allowsFlowThrough = true and
fwdFlowInFlowThroughAllowed(call, p, ap, apa)
)
}

Expand Down Expand Up @@ -1947,16 +1978,18 @@ module MakeImpl<InputSig Lang> {
pragma[nomagic]
private predicate fwdFlowRetFromArg(
RetNodeEx ret, FlowState state, CcCall ccc, ParamNodeEx summaryCtx, ArgTyp argT, Ap argAp,
ApApprox argApa, Typ t, TypOption origT, Ap ap, ApApprox apa
ApApprox argApa, Typ t, TypOption origT, Ap ap, ApApprox apa, boolean allowsFieldFlow
) {
exists(DataFlowCall call, ReturnKindExt kind, boolean allowsFieldFlow |
exists(DataFlowCall call, ReturnKindExt kind |

Check warning

Code scanning / CodeQL

Omittable 'exists' variable

This exists variable can be omitted by using a don't-care expression [in this argument](1).
fwdFlow(pragma[only_bind_into](ret), state, ccc,
TParamNodeSome(pragma[only_bind_into](summaryCtx.asNode())), ArgTypOption::some(argT),
pragma[only_bind_into](apSome(argAp)), t, origT, ap, pragma[only_bind_into](apa)) and
parameterFlowThroughAllowed(summaryCtx, kind) and
argApa = getApprox(argAp) and
flowThroughOutOfCall(call, ccc, ret, kind, _, allowsFieldFlow, argApa, apa) and
if allowsFieldFlow = false then ap instanceof ApNil else any()
if allowsFieldFlow = false
then ap instanceof ApNil and argAp instanceof ApNil
else any()
)
}

Expand All @@ -1965,10 +1998,10 @@ module MakeImpl<InputSig Lang> {
DataFlowCall call, Cc cc, FlowState state, CcCall ccc, ParamNodeOption summaryCtx,
ArgTypOption argT, ApOption argAp, Typ t, TypOption origT, Ap ap, ApApprox apa,
RetNodeEx ret, ParamNodeEx innerSummaryCtx, ArgTyp innerArgT, Ap innerArgAp,
ApApprox innerArgApa
ApApprox innerArgApa, boolean allowsFieldFlow
) {
fwdFlowRetFromArg(ret, state, ccc, innerSummaryCtx, innerArgT, innerArgAp, innerArgApa, t,
origT, ap, apa) and
origT, ap, apa, allowsFieldFlow) and
fwdFlowIsEntered(call, cc, ccc, summaryCtx, argT, argAp, innerSummaryCtx, innerArgT,
innerArgAp)
}
Expand All @@ -1977,16 +2010,14 @@ module MakeImpl<InputSig Lang> {
private predicate fwdFlowThrough(
DataFlowCall call, Cc cc, FlowState state, CcCall ccc, ParamNodeOption summaryCtx,
ArgTypOption argT, ApOption argAp, Typ t, TypOption origT, Ap ap, ApApprox apa,
RetNodeEx ret, ApApprox innerArgApa
RetNodeEx ret, ApApprox innerArgApa, boolean allowsFieldFlow
) {
fwdFlowThrough0(call, cc, state, ccc, summaryCtx, argT, argAp, t, origT, ap, apa, ret, _,
_, _, innerArgApa)
_, _, innerArgApa, allowsFieldFlow)
}

private module FwdFlowThroughRestriction implements FwdFlowInInputSig {
predicate callRestriction = PrevStage::callMayFlowThroughRev/1;

predicate parameterRestriction = PrevStage::parameterMayFlowThrough/2;
predicate restriction = flowThroughOutOfCall/4;
}

/**
Expand All @@ -2000,7 +2031,8 @@ module MakeImpl<InputSig Lang> {
) {
exists(ApApprox apa |
FwdFlowIn<FwdFlowThroughRestriction>::fwdFlowIn(call, _, p, _, cc, innerCc, summaryCtx,
argT, argAp, any(Typ t0 | t = toArgTyp(t0)), _, ap, apa, _)
argT, argAp, any(Typ t0 | t = toArgTyp(t0)), _, ap, apa, _) and
fwdFlowInFlowThroughAllowed(call, p, ap, apa)
)
}

Expand All @@ -2024,10 +2056,11 @@ module MakeImpl<InputSig Lang> {
pragma[nomagic]
private predicate returnFlowsThrough0(
DataFlowCall call, FlowState state, CcCall ccc, Ap ap, ApApprox apa, RetNodeEx ret,
ParamNodeEx innerSummaryCtx, ArgTyp innerArgT, Ap innerArgAp, ApApprox innerArgApa
ParamNodeEx innerSummaryCtx, ArgTyp innerArgT, Ap innerArgAp, ApApprox innerArgApa,
boolean allowsFieldFlow
) {
fwdFlowThrough0(call, _, state, ccc, _, _, _, _, _, ap, apa, ret, innerSummaryCtx,
innerArgT, innerArgAp, innerArgApa)
innerArgT, innerArgAp, innerArgApa, allowsFieldFlow)
}

pragma[nomagic]
Expand All @@ -2036,10 +2069,10 @@ module MakeImpl<InputSig Lang> {
ArgTyp argT, Ap argAp, Ap ap
) {
exists(DataFlowCall call, ApApprox apa, boolean allowsFieldFlow, ApApprox innerArgApa |
returnFlowsThrough0(call, state, ccc, ap, apa, ret, p, argT, argAp, innerArgApa) and
returnFlowsThrough0(call, state, ccc, ap, apa, ret, p, argT, argAp, innerArgApa,
allowsFieldFlow) and
flowThroughOutOfCall(call, ccc, ret, _, _, allowsFieldFlow, innerArgApa, apa) and
pos = ret.getReturnPosition() and
if allowsFieldFlow = false then ap instanceof ApNil else any()
pos = ret.getReturnPosition()
)
}

Expand All @@ -2053,7 +2086,9 @@ module MakeImpl<InputSig Lang> {
flowIntoCallApaTaken(call, _, pragma[only_bind_into](arg), p, allowsFieldFlow, argApa) and
fwdFlow(arg, _, _, _, _, _, pragma[only_bind_into](argT), _,
pragma[only_bind_into](argAp), argApa) and
if allowsFieldFlow = false then argAp instanceof ApNil else any()
if allowsFieldFlow = false
then argAp instanceof ApNil and ap instanceof ApNil
else any()
)
}

Expand Down Expand Up @@ -3255,12 +3290,12 @@ module MakeImpl<InputSig Lang> {
then t = nt
else (
compatibleTypes(nt, t0) and
// t = t0
if inSummaryCtx = true and node instanceof ParamNodeEx
then
t = nt and
compatibleTypes(origT, t)
else t = t0
t = t0
// if inSummaryCtx = true and node instanceof ParamNodeEx
// then
// t = nt and
// compatibleTypes(origT, t)
// else t = t0
)
)
else t = t0
Expand Down
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy