Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

C#: Restrict multi-body dataflow dispatch based on file-system distance #16817

Merged
merged 2 commits into from
Aug 13, 2024
Merged

C#: Restrict multi-body dataflow dispatch based on file-system distance #16817

merged 2 commits into from
Aug 13, 2024

Conversation

hvitved
Copy link
Contributor

@hvitved hvitved commented Jun 24, 2024
edited
Loading

Methods with multiple implementations such as

// File1.cs
class MultiImpl
{
    public int M1(int x) => M2(x);
    public int M2(int x) => x;
}

// File2.cs
class MultiImpl
{
    public int M1(int x) => M2(x);
    public int M2(int x) => x;
}

give rise to a single CFG, where flow splits immediately following the special entry node:

flowchart TD
1["enter M1"]
2["exit M1"]
3["exit M1 (normal)"]
4["access to parameter x"]
5["access to parameter x"]
6["call to method M2"]
7["call to method M2"]

1 --> 4
3 --> 2
4 --> 6
5 --> 7
6 --> 3
7 --> 3
1 --> 5
Loading 
flowchart TD
1["enter M2"]
2["exit M2"]
3["exit M2 (normal)"]
4["access to parameter x"]
5["access to parameter x"]

1 --> 4
3 --> 2
4 --> 3
5 --> 3
1 --> 5
Loading

For data flow, this means that each of the two calls to M2 above will be able to target both bodies of M2.

This PR prevents this kind of combinatorial explosion by ranking the bodies of a method based on their file-system distance to the calling method, and only allowing flow into those bodies with the lowest rank. In order to do this, we need to track which version of a method (body) is being called, which is done by augmenting DataFlowCallables (as well as parameters) with the location of the implementation.

@github-actions github-actions bot added the C# label Jun 24, 2024
@hvitved hvitved force-pushed the csharp/multi-body-dataflow-dispatch branch 3 times, most recently from f522b6f to eea8d46 Compare June 25, 2024 07:07
@hvitved hvitved force-pushed the csharp/multi-body-dataflow-dispatch branch from 84d4f77 to 187a1bb Compare June 25, 2024 11:31
@hvitved hvitved force-pushed the csharp/multi-body-dataflow-dispatch branch from 09b4672 to 0f85287 Compare June 26, 2024 09:52
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 26, 2024
View reviewed changes
csharp/ql/lib/semmle/code/csharp/internal/Location.qll Outdated

bindingset[l1, l2]
pragma[inline_late]
private predicate inSameFile0(Location l1, Location l2) { l1.getFile() = l2.getFile() }

Check warning

Code scanning / CodeQL

Candidate predicate not marked as `nomagic` Warning

Candidate predicate to
inSameFile
Loading
is not marked as nomagic.
@hvitved hvitved force-pushed the csharp/multi-body-dataflow-dispatch branch 3 times, most recently from 8be274e to beaa1ac Compare June 28, 2024 07:40
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 28, 2024
View reviewed changes
csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
result)
or
// example: `int this[int x] { get => x }` here the parameter `x` is syntactically
// before the the callable `get_Item`

Check warning

Code scanning / CodeQL

Comment has repeated word Warning

The comment repeats the.
@hvitved hvitved mentioned this pull request Jul 1, 2024
Merged
@hvitved hvitved force-pushed the csharp/multi-body-dataflow-dispatch branch from beaa1ac to fd696ef Compare July 1, 2024 08:42
@hvitved hvitved changed the title C#: Restrict data flow for multi-bodied methods (take 2) C#: Restrict multi-body dataflow dispatch based on file-system distance Jul 1, 2024
@hvitved hvitved force-pushed the csharp/multi-body-dataflow-dispatch branch 2 times, most recently from 41d9b46 to 27a3f34 Compare July 4, 2024 08:54
@hvitved hvitved force-pushed the csharp/multi-body-dataflow-dispatch branch 2 times, most recently from e0a0a9b to 44b4eb3 Compare July 10, 2024 17:51
@hvitved hvitved mentioned this pull request Jul 11, 2024
Merged
@hvitved hvitved force-pushed the csharp/multi-body-dataflow-dispatch branch from 44b4eb3 to d1a24df Compare July 11, 2024 09:55
@hvitved hvitved force-pushed the csharp/multi-body-dataflow-dispatch branch from d1a24df to 0459422 Compare July 11, 2024 14:52
@hvitved hvitved added the no-change-note-required This PR does not need a change note label Jul 12, 2024
@hvitved hvitved marked this pull request as ready for review July 12, 2024 09:11
@hvitved hvitved requested a review from a team as a code owner July 12, 2024 09:11
michaelnebel
michaelnebel reviewed Jul 19, 2024
View reviewed changes
Copy link
Contributor

@michaelnebel michaelnebel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks plausible to me
(1) There are some issues with the doc comments.
(2) Why does DCA show a large alert discrepancy (have you tried to run with the cached DB?)

@hvitved
Copy link
Contributor Author

hvitved commented Aug 9, 2024

(1) There are some issues with the doc comments.

Those can be ignored.

(2) Why does DCA show a large alert discrepancy (have you tried to run with the cached DB?)

That is expected; calls to methods with multiple bodies would previously dispatch to all possible implementations, but now we only dispatch to the nearest implementation(s).

michaelnebel
michaelnebel approved these changes Aug 13, 2024
View reviewed changes
Copy link
Contributor

@michaelnebel michaelnebel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks plausible to me!

@hvitved hvitved merged commit fbcb449 into github:main Aug 13, 2024
36 of 38 checks passed
@hvitved hvitved deleted the csharp/multi-body-dataflow-dispatch branch August 13, 2024 10:15
@hvitved hvitved mentioned this pull request Aug 15, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelnebel michaelnebel michaelnebel approved these changes

Assignees
No one assigned
Labels
C# DataFlow Library no-change-note-required This PR does not need a change note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@hvitved @michaelnebel