@@ -73,8 +73,8 @@ private predicate summarizedLocalStep(Node nodeFrom, Node nodeTo) {
7373 |
7474 callable .propagatesFlow ( input , output , true ) and
7575 call .asExpr ( ) .getExpr ( ) = callable .getACallSimple ( ) and
76- nodeFrom = evaluateSummaryComponentStackLocal ( call , input ) and
77- nodeTo = evaluateSummaryComponentStackLocal ( call , output )
76+ nodeFrom = evaluateSummaryComponentStackLocal ( callable , call , input ) and
77+ nodeTo = evaluateSummaryComponentStackLocal ( callable , call , output )
7878 )
7979}
8080
@@ -191,8 +191,8 @@ predicate basicStoreStep(Node nodeFrom, Node nodeTo, DataFlow::ContentSet conten
191191 hasStoreSummary ( callable , contents , pragma [ only_bind_into ] ( input ) ,
192192 pragma [ only_bind_into ] ( output ) ) and
193193 call .asExpr ( ) .getExpr ( ) = callable .getACallSimple ( ) and
194- nodeFrom = evaluateSummaryComponentStackLocal ( call , input ) and
195- nodeTo = evaluateSummaryComponentStackLocal ( call , output )
194+ nodeFrom = evaluateSummaryComponentStackLocal ( callable , call , input ) and
195+ nodeTo = evaluateSummaryComponentStackLocal ( callable , call , output )
196196 )
197197}
198198
@@ -231,8 +231,8 @@ predicate basicLoadStep(Node nodeFrom, Node nodeTo, DataFlow::ContentSet content
231231 |
232232 hasLoadSummary ( callable , contents , pragma [ only_bind_into ] ( input ) , pragma [ only_bind_into ] ( output ) ) and
233233 call .asExpr ( ) .getExpr ( ) = callable .getACallSimple ( ) and
234- nodeFrom = evaluateSummaryComponentStackLocal ( call , input ) and
235- nodeTo = evaluateSummaryComponentStackLocal ( call , output )
234+ nodeFrom = evaluateSummaryComponentStackLocal ( callable , call , input ) and
235+ nodeTo = evaluateSummaryComponentStackLocal ( callable , call , output )
236236 )
237237}
238238
@@ -249,8 +249,8 @@ predicate basicLoadStoreStep(
249249 hasLoadStoreSummary ( callable , loadContent , storeContent , pragma [ only_bind_into ] ( input ) ,
250250 pragma [ only_bind_into ] ( output ) ) and
251251 call .asExpr ( ) .getExpr ( ) = callable .getACallSimple ( ) and
252- nodeFrom = evaluateSummaryComponentStackLocal ( call , input ) and
253- nodeTo = evaluateSummaryComponentStackLocal ( call , output )
252+ nodeFrom = evaluateSummaryComponentStackLocal ( callable , call , input ) and
253+ nodeTo = evaluateSummaryComponentStackLocal ( callable , call , output )
254254 )
255255}
256256
@@ -310,6 +310,7 @@ private DataFlow::Node evaluateSummaryComponentLocal(
310310 * Holds if `callable` is relevant for type-tracking and we therefore want `stack` to
311311 * be evaluated locally at its call sites.
312312 */
313+ pragma [ nomagic]
313314private predicate dependsOnSummaryComponentStack (
314315 SummarizedCallable callable , SummaryComponentStack stack
315316) {
@@ -320,26 +321,43 @@ private predicate dependsOnSummaryComponentStack(
320321 callable .propagatesFlow ( _, stack , true )
321322 )
322323 or
323- dependsOnSummaryComponentStack ( callable , SCS:: push ( _, stack ) )
324+ dependsOnSummaryComponentStackCons ( callable , _, stack )
325+ }
326+
327+ pragma [ nomagic]
328+ private predicate dependsOnSummaryComponentStackCons (
329+ SummarizedCallable callable , SummaryComponent head , SummaryComponentStack tail
330+ ) {
331+ dependsOnSummaryComponentStack ( callable , SCS:: push ( head , tail ) )
332+ }
333+
334+ pragma [ nomagic]
335+ private predicate dependsOnSummaryComponentStackLeaf (
336+ SummarizedCallable callable , SummaryComponent leaf
337+ ) {
338+ dependsOnSummaryComponentStack ( callable , SCS:: singleton ( leaf ) )
324339}
325340
326341/**
327342 * Gets a data flow node corresponding to the local input or output of `call`
328343 * identified by `stack`, if possible.
329344 */
345+ pragma [ nomagic]
330346private DataFlow:: Node evaluateSummaryComponentStackLocal (
331- DataFlow:: CallNode call , SummaryComponentStack stack
347+ SummarizedCallable callable , DataFlow:: CallNode call , SummaryComponentStack stack
332348) {
333- exists ( SummarizedCallable callable , SummaryComponent component |
334- dependsOnSummaryComponentStack ( callable , stack ) and
349+ exists ( SummaryComponent component |
350+ dependsOnSummaryComponentStackLeaf ( callable , component ) and
335351 stack = SCS:: singleton ( component ) and
336352 call .asExpr ( ) .getExpr ( ) = callable .getACallSimple ( ) and
337353 result = evaluateSummaryComponentLocal ( call , component )
338354 )
339355 or
340356 exists ( DataFlow:: Node prev , SummaryComponent head , SummaryComponentStack tail |
341- stack = SCS:: push ( head , tail ) and
342- prev = evaluateSummaryComponentStackLocal ( call , tail )
357+ prev = evaluateSummaryComponentStackLocal ( callable , call , tail ) and
358+ dependsOnSummaryComponentStackCons ( callable , pragma [ only_bind_into ] ( head ) ,
359+ pragma [ only_bind_out ] ( tail ) ) and
360+ stack = SCS:: push ( pragma [ only_bind_out ] ( head ) , pragma [ only_bind_out ] ( tail ) )
343361 |
344362 exists ( DataFlowDispatch:: ArgumentPosition apos , DataFlowDispatch:: ParameterPosition ppos |
345363 head = SummaryComponent:: parameter ( apos ) and
0 commit comments