search

Fraunhofer-AISEC / cpg

A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.
https://fraunhofer-aisec.github.io/cpg/
Apache License 2.0
248 stars 60 forks source link

Adding trackable exception based on handled AST-Tree node #700

Closed konradweiss closed 1 year ago

konradweiss commented 2 years ago

Adds the functionality to keep track of currently handled nodes in language frontends and passes. When an exception is thrown, the currently tracked nodes are used to build a stack trace, added to the exception stack.

oxisto commented 2 years ago

Can we have a look at the performance cost of this somehow. Maybe @peckto can help here.

sonarcloud[bot] commented 2 years ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 5 Code Smells

56.9% 56.9% Coverage
0.6% 0.6% Duplication

peckto commented 2 years ago

I had not yet time to run performance analysis on this PR. But I noticed a crash, which does not occur on current master.

git clone https://salsa.debian.org/sdl-team/libsdl-sge.git
cpg-neo4j --no-neo4j ~/Downloads/libsdl-sge/ 
java.util.concurrent.ExecutionException: de.fraunhofer.aisec.cpg.frontends.TranslationException: EmptyStackException in ControlFlowSensitiveDFGPass

        To report this Issue visit https://github.com/Fraunhofer-AISEC/cpg/issues/new?&template=bugreport-from-cpg-traces.md&title=EmptyStackException+in+ControlFlowSensitiveDFGPass
        If possible:
                * paste this message and stack trace for us to locate the issue.
                * past the parsed code that cause the issue from your source, the location is referenced by the lines 'at processing of ... in ...'
                * tell us if you used the default passes and language frontends, or made any changes to the TranslationConfiguration, e.g. registered new passes or frontends, or deactivated any.

        at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:395)
        at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1999)
        at de.fraunhofer.aisec.cpg_vis_neo4j.Application.call(Application.kt:385)
        at de.fraunhofer.aisec.cpg_vis_neo4j.Application.call(Application.kt:72)
        at picocli.CommandLine.executeUserObject(CommandLine.java:1953)
        at picocli.CommandLine.access$1300(CommandLine.java:145)
        at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2352)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2346)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2311)
        at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2179)
        at picocli.CommandLine.execute(CommandLine.java:2078)
        at de.fraunhofer.aisec.cpg_vis_neo4j.ApplicationKt.main(Application.kt:425)
Caused by: de.fraunhofer.aisec.cpg.frontends.TranslationException: EmptyStackException in ControlFlowSensitiveDFGPass

        To report this Issue visit https://github.com/Fraunhofer-AISEC/cpg/issues/new?&template=bugreport-from-cpg-traces.md&title=EmptyStackException+in+ControlFlowSensitiveDFGPass
        If possible:
                * paste this message and stack trace for us to locate the issue.
                * past the parsed code that cause the issue from your source, the location is referenced by the lines 'at processing of ... in ...'
                * tell us if you used the default passes and language frontends, or made any changes to the TranslationConfiguration, e.g. registered new passes or frontends, or deactivated any.

Caused by: java.util.EmptyStackException
        at java.base/java.util.Stack.peek(Stack.java:102)
        at java.base/java.util.Stack.pop(Stack.java:84)
        at de.fraunhofer.aisec.cpg.GraphTransformation.popFromHandleLog(GraphTransformation.kt:51)
        at de.fraunhofer.aisec.cpg.GraphTransformation.withNodeInLog(GraphTransformation.kt:89)
        at de.fraunhofer.aisec.cpg.GraphTransformation.withNodeInLog(GraphTransformation.kt:80)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass$FunctionLevelFixpointIterator.propagateValues(ControlFlowSensitiveDFGPass.java:377)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass$FunctionLevelFixpointIterator.handle(ControlFlowSensitiveDFGPass.java:124)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass.handle(ControlFlowSensitiveDFGPass.java:100)
        at de.fraunhofer.aisec.cpg.helpers.SubgraphWalker$IterativeGraphWalker.lambda$iterate$1(SubgraphWalker.java:344)
        at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
        at de.fraunhofer.aisec.cpg.helpers.SubgraphWalker$IterativeGraphWalker.lambda$iterate$2(SubgraphWalker.java:344)
        at de.fraunhofer.aisec.cpg.GraphTransformation$withNodeInLog$1.invoke(GraphTransformation.kt:80)
        at de.fraunhofer.aisec.cpg.GraphTransformation$withNodeInLog$1.invoke(GraphTransformation.kt:80)
        at de.fraunhofer.aisec.cpg.GraphTransformation.withNodeInLog(GraphTransformation.kt:88)
        at de.fraunhofer.aisec.cpg.GraphTransformation.withNodeInLog(GraphTransformation.kt:80)
        at de.fraunhofer.aisec.cpg.helpers.SubgraphWalker$IterativeGraphWalker.iterate(SubgraphWalker.java:344)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass.accept(ControlFlowSensitiveDFGPass.java:74)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass.accept(ControlFlowSensitiveDFGPass.java:62)
        at de.fraunhofer.aisec.cpg.TranslationManager.analyze$lambda-2(TranslationManager.kt:102)
        at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1700)
        at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.exec(CompletableFuture.java:1692)
        at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:290)
        at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1020)
        at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1656)
        at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1594)
        at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:183)
maximiliankaul commented 2 years ago

I had not yet time to run performance analysis on this PR. But I noticed a crash, which does not occur on current master.

git clone https://salsa.debian.org/sdl-team/libsdl-sge.git
cpg-neo4j --no-neo4j ~/Downloads/libsdl-sge/ 
java.util.concurrent.ExecutionException: de.fraunhofer.aisec.cpg.frontends.TranslationException: EmptyStackException in ControlFlowSensitiveDFGPass

        To report this Issue visit https://github.com/Fraunhofer-AISEC/cpg/issues/new?&template=bugreport-from-cpg-traces.md&title=EmptyStackException+in+ControlFlowSensitiveDFGPass
        If possible:
                * paste this message and stack trace for us to locate the issue.
                * past the parsed code that cause the issue from your source, the location is referenced by the lines 'at processing of ... in ...'
                * tell us if you used the default passes and language frontends, or made any changes to the TranslationConfiguration, e.g. registered new passes or frontends, or deactivated any.

        at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:395)
        at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1999)
        at de.fraunhofer.aisec.cpg_vis_neo4j.Application.call(Application.kt:385)
        at de.fraunhofer.aisec.cpg_vis_neo4j.Application.call(Application.kt:72)
        at picocli.CommandLine.executeUserObject(CommandLine.java:1953)
        at picocli.CommandLine.access$1300(CommandLine.java:145)
        at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2352)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2346)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2311)
        at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2179)
        at picocli.CommandLine.execute(CommandLine.java:2078)
        at de.fraunhofer.aisec.cpg_vis_neo4j.ApplicationKt.main(Application.kt:425)
Caused by: de.fraunhofer.aisec.cpg.frontends.TranslationException: EmptyStackException in ControlFlowSensitiveDFGPass

        To report this Issue visit https://github.com/Fraunhofer-AISEC/cpg/issues/new?&template=bugreport-from-cpg-traces.md&title=EmptyStackException+in+ControlFlowSensitiveDFGPass
        If possible:
                * paste this message and stack trace for us to locate the issue.
                * past the parsed code that cause the issue from your source, the location is referenced by the lines 'at processing of ... in ...'
                * tell us if you used the default passes and language frontends, or made any changes to the TranslationConfiguration, e.g. registered new passes or frontends, or deactivated any.

Caused by: java.util.EmptyStackException
        at java.base/java.util.Stack.peek(Stack.java:102)
        at java.base/java.util.Stack.pop(Stack.java:84)
        at de.fraunhofer.aisec.cpg.GraphTransformation.popFromHandleLog(GraphTransformation.kt:51)
        at de.fraunhofer.aisec.cpg.GraphTransformation.withNodeInLog(GraphTransformation.kt:89)
        at de.fraunhofer.aisec.cpg.GraphTransformation.withNodeInLog(GraphTransformation.kt:80)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass$FunctionLevelFixpointIterator.propagateValues(ControlFlowSensitiveDFGPass.java:377)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass$FunctionLevelFixpointIterator.handle(ControlFlowSensitiveDFGPass.java:124)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass.handle(ControlFlowSensitiveDFGPass.java:100)
        at de.fraunhofer.aisec.cpg.helpers.SubgraphWalker$IterativeGraphWalker.lambda$iterate$1(SubgraphWalker.java:344)
        at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
        at de.fraunhofer.aisec.cpg.helpers.SubgraphWalker$IterativeGraphWalker.lambda$iterate$2(SubgraphWalker.java:344)
        at de.fraunhofer.aisec.cpg.GraphTransformation$withNodeInLog$1.invoke(GraphTransformation.kt:80)
        at de.fraunhofer.aisec.cpg.GraphTransformation$withNodeInLog$1.invoke(GraphTransformation.kt:80)
        at de.fraunhofer.aisec.cpg.GraphTransformation.withNodeInLog(GraphTransformation.kt:88)
        at de.fraunhofer.aisec.cpg.GraphTransformation.withNodeInLog(GraphTransformation.kt:80)
        at de.fraunhofer.aisec.cpg.helpers.SubgraphWalker$IterativeGraphWalker.iterate(SubgraphWalker.java:344)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass.accept(ControlFlowSensitiveDFGPass.java:74)
        at de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass.accept(ControlFlowSensitiveDFGPass.java:62)
        at de.fraunhofer.aisec.cpg.TranslationManager.analyze$lambda-2(TranslationManager.kt:102)
        at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1700)
        at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.exec(CompletableFuture.java:1692)
        at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:290)
        at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1020)
        at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1656)
        at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1594)
        at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:183)

This issue should be fixed with the change from !== to !=. I cannot reproduce this issue now.

maximiliankaul commented 2 years ago

This function more than doubles the calculation time when applied to passes as well. Therefore @oxisto and I have decided to remove it from passes. The additional time cost without supporting passes is estimated to be in the range of +10% to +20%.

sonarcloud[bot] commented 2 years ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 1 Code Smell

26.3% 26.3% Coverage
0.0% 0.0% Duplication