Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Data flow: Store/load matching in pruning stage 3 #16741

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Data flow: Store/load matching in pruning stage 3 #16741

wants to merge 3 commits into from

Conversation

hvitved
Copy link
Contributor

@hvitved hvitved commented Jun 12, 2024
edited
Loading

Example tuple counts

C#: HardCodedCredentials.ql on mono

Before
# n stage nodes fields conscand states tuples calledges tfnodes tftuples
1 10 1 Fwd 3,498,701 41,634 -1 1 4,985,909 -1 -1 -1
2 15 1 Rev 1,988,816 32,443 -1 1 3,015,751 1,927,923 -1 -1
3 20 2 Fwd 1,227,365 14,291 17,410 1 2,377,149 999,216 0 0
4 25 2 Rev 816,624 9,731 11,168 1 1,155,022 368,049 0 0
5 30 3 Fwd 445,018 6,897 26,750 1 3,140,440 293,820 44,062 471,082
6 35 3 Rev 984 45 55 1 1,231 1,194 617 634
7 40 4 Fwd 95 4 5 1 105 30 0 0
8 45 4 Rev 95 4 5 1 99 30 0 0
9 50 5 Fwd 95 4 5 1 143 30 0 0
10 55 5 Rev 95 4 5 1 129 30 0 0
11 60 6 Fwd 95 4 5 1 136 30 0 0
12 65 6 Rev 95 4 5 1 129 30 0 0
After
# n stage nodes fields conscand states tuples calledges tfnodes tftuples
1 10 1 Fwd 3,498,701 41,634 -1 1 4,985,909 -1 -1 -1
2 15 1 Rev 1,988,816 32,443 -1 1 3,015,751 1,927,923 -1 -1
3 20 2 Fwd 1,227,365 14,291 17,410 1 2,377,149 999,216 0 0
4 25 2 Rev 816,624 9,731 11,168 1 1,155,022 368,049 0 0
5 30 3 Fwd 365,688 4,669 14,873 1 1,781,588 246,743 40,080 312,192
6 35 3 Rev 507 17 24 1 609 168 491 500
7 40 4 Fwd 95 4 5 1 105 30 0 0
8 45 4 Rev 95 4 5 1 99 30 0 0
9 50 5 Fwd 95 4 5 1 143 30 0 0
10 55 5 Rev 95 4 5 1 129 30 0 0
11 60 6 Fwd 95 4 5 1 136 30 0 0
12 65 6 Rev 95 4 5 1 129 30 0 0

Javascript: InsecureRandomness.ql on microsoft_vscode

Before
# n stage nodes fields conscand states tuples calledges tfnodes tftuples
1 10 1 Fwd 862,069 11,800 -1 1 1,116,618 -1 -1 -1
2 15 1 Rev 351,604 9,837 -1 1 476,835 77,147 -1 -1
3 20 2 Fwd 132,188 3,784 5,140 1 278,795 35,111 0 0
4 25 2 Rev 96,795 3,001 4,099 1 158,086 25,646 0 0
5 30 3 Fwd 86,505 2,789 5,741 1 319,508 24,224 84 1,179
6 35 3 Rev 80,912 2,649 3,987 1 164,567 22,598 76 1,024
7 40 4 Fwd 68,557 1,808 147,485 1 147,992,833 20,336 74 1,108
8 45 4 Rev 52,732 1,472 96,188 1 27,297,733 15,697 66 904
9 50 5 Fwd 2,218 37 65 1 3,365 962 4 12
10 55 5 Rev 96 2 2 1 96 61 0 0
11 60 6 Fwd 96 2 3 1 116 -1 -1 -1
12 65 6 Rev 84 2 3 1 84 -1 -1 -1
After
# n stage nodes fields conscand states tuples calledges tfnodes tftuples
1 10 1 Fwd 862,069 11,800 -1 1 1,116,618 -1 -1 -1
2 15 1 Rev 351,604 9,837 -1 1 476,835 77,147 -1 -1
3 20 2 Fwd 132,188 3,784 5,140 1 278,795 35,111 0 0
4 25 2 Rev 96,795 3,001 4,099 1 158,086 25,646 0 0
5 30 3 Fwd 21,495 373 568 1 42,953 6,513 48 116
6 35 3 Rev 7,315 197 259 1 9,942 2,426 26 64
7 40 4 Fwd 4,475 114 366 1 11,854 1,469 12 32
8 45 4 Rev 4,026 106 190 1 6,632 1,297 12 32
9 50 5 Fwd 351 16 18 1 421 120 0 0
10 55 5 Rev 96 2 2 1 96 61 0 0
11 60 6 Fwd 96 2 3 1 116 -1 -1 -1
12 65 6 Rev 84 2 3 1 84 -1 -1 -1

@hvitved hvitved force-pushed the dataflow/experiment branch 2 times, most recently from 8f901da to 1d5cfac Compare June 12, 2024 18:56
@hvitved hvitved force-pushed the dataflow/experiment branch 4 times, most recently from 927d3e2 to db588bc Compare June 14, 2024 08:30
@hvitved hvitved force-pushed the dataflow/experiment branch 7 times, most recently from c6d3701 to 29ac38c Compare June 18, 2024 07:47
@hvitved hvitved force-pushed the dataflow/experiment branch 3 times, most recently from 951d545 to 5ce9a85 Compare June 19, 2024 08:49
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 19, 2024
View reviewed changes
shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll

pragma[nomagic]
private predicate flowThroughOutOfCall(RetNodeEx ret, NodeEx out) {
exists(DataFlowCall call, CcCall ccc, ReturnKindExt kind |

Check warning

Code scanning / CodeQL

Omittable 'exists' variable Warning

This exists variable can be omitted by using a don't-care expression
in this argument
Loading
.
shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll Fixed Show fixed Hide fixed
shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll Fixed Show fixed Hide fixed
shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll Fixed Show fixed Hide fixed
@hvitved hvitved force-pushed the dataflow/experiment branch from a8bc63c to 0c546c9 Compare August 19, 2024 09:16
@hvitved hvitved force-pushed the dataflow/experiment branch 2 times, most recently from 4f5f6bc to 2a9f751 Compare August 20, 2024 10:29
@hvitved hvitved force-pushed the dataflow/experiment branch 17 times, most recently from aa22aad to 9f5cbe7 Compare August 23, 2024 07:17
@hvitved hvitved added the C# label Aug 23, 2024
@hvitved hvitved force-pushed the dataflow/experiment branch from 9f5cbe7 to 13806f5 Compare August 30, 2024 12:58
@github-actions github-actions bot removed the C# label Aug 30, 2024
@hvitved hvitved force-pushed the dataflow/experiment branch from 13806f5 to 184df7e Compare September 5, 2024 11:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
DataFlow Library
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hvitved @asgerf