Python: Improve performance of FileNotClosed query by using basic block reachability #19641
Conversation
joefarebrother
added
the
no-change-note-required
There was a problem hiding this comment.
Pull Request Overview
This PR improves the performance of the FileNotClosed query by replacing full CFG reachability checks with basic-block–level reachability approximations and adds a test to illustrate the approximation’s limitations.
- Introduce
bbSuccessor,bbReachableStrict, andbbReachableReflpredicates for faster reachability. - Update
guardsExceptionsinFileClose(and itsWithStatementoverride) to use these new predicates. - Add a new
closed29test demonstrating a spurious false positive due to the approximation.
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| python/ql/test/query-tests/Resources/FileNotAlwaysClosed/resources_test.py | Add closed29 test case that tags a spurious false positive with $SPURIOUS. |
| python/ql/src/Resources/FileNotAlwaysClosedQuery.qll | Replace full CFG reachability with block-level reachability and refine exception guards. |
Comments suppressed due to low confidence (1)
python/ql/test/query-tests/Resources/FileNotAlwaysClosed/resources_test.py:285
- [nitpick] In
closed29, the variablef28duplicates the name fromclosed28. Consider renaming it tof29(or a more descriptive name) to avoid confusion.
f28 = open(path) # $SPURIOUS:notClosedOnException
Co-authored-by: Copilot <[email protected]>
| private predicate cfgGetASuccessorPlus(ControlFlowNode src, ControlFlowNode sink) = | ||
| fastTC(cfgGetASuccessor/2)(src, sink) | ||
| private predicate bbReachableStrict(BasicBlock src, BasicBlock sink) = | ||
| fastTC(bbSuccessor/2)(src, sink) |
There was a problem hiding this comment.
I think you should be able to use doubleBoundedFastTC here, for even better performance.
There was a problem hiding this comment.
That requires extra predicates to restrict the source and sink, right?
I'm not sure what those predicates should be.
| bbReachableRefl(raises.asCfgNode().getBasicBlock().getAnExceptionalSuccessor(), | ||
| this.asCfgNode().getBasicBlock()) |
There was a problem hiding this comment.
In case they belong to the same basic block, there is no logic guaranteeing that raises comes before this in that basic block.
There was a problem hiding this comment.
raises must come before this regardless because we're checking the that exceptional successor of raises reaches this on the basic block level.
|
Taking a step back and considering semantics: This seems like a clear-cut use-case for post-dominance. I.e. a file is always closed if the open is post-dominated by a close. So we're looking for opens that can reach a close, but aren't post-dominated. Is there any reason not to simplify the query implementation to that? |
cc @nickrolfe , @aschackmull , @alexet