From ece122aca31ca25a8bda1615393647e2175ff042 Mon Sep 17 00:00:00 2001 From: Jonas Jensen Date: Mon, 11 Mar 2019 10:57:00 +0100 Subject: [PATCH] C++: Fix join order in def-by-reference data flow The performance was adequate on most projects but degenerated on https://github.com/Microsoft/Tocino. --- .../semmle/code/cpp/dataflow/internal/FlowVar.qll | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/cpp/ql/src/semmle/code/cpp/dataflow/internal/FlowVar.qll b/cpp/ql/src/semmle/code/cpp/dataflow/internal/FlowVar.qll index 2c2641a2ef3f..60a7b7e7e352 100644 --- a/cpp/ql/src/semmle/code/cpp/dataflow/internal/FlowVar.qll +++ b/cpp/ql/src/semmle/code/cpp/dataflow/internal/FlowVar.qll @@ -237,15 +237,8 @@ module FlowVar_internal { override VariableAccess getAnAccess() { exists(SubBasicBlock reached | - reached = getAReachedBlockVarSBB(this) - | + reached = getAReachedBlockVarSBB(this) and variableAccessInSBB(v, reached, result) - or - // Allow flow into a `VariableAccess` that is used as definition by - // reference. This flow is blocked by `getAReachedBlockVarSBB` because - // flow should not propagate past that. - result = reached.getASuccessor().(VariableAccess) and - blockVarDefinedByReference(result, v, _) ) } @@ -420,6 +413,12 @@ module FlowVar_internal { va.getTarget() = v and va = sbb.getANode() and not overwrite(va, _) + or + // Allow flow into a `VariableAccess` that is used as definition by + // reference. This flow is blocked by `getAReachedBlockVarSBB` because + // flow should not propagate past that. + va = sbb.getASuccessor().(VariableAccess) and + blockVarDefinedByReference(va, v, _) } /**