search

joernio / joern

Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc
https://joern.io/
Apache License 2.0
2.09k stars 286 forks source link

[Bug][Golang][Dataflowengine][Performance] Hang #3918

Open ycclnn opened 11 months ago

ycclnn commented 11 months ago

chainlink.zip Describe the bug reachableBy hangs for empty sink and single literal node source.

joern> cpg.literal.id(161614).l
val res9: List[io.shiftleft.codepropertygraph.generated.nodes.Literal] = List(
  Literal(
    id = 161614L,
    argumentIndex = 2,
    argumentName = None,
    code = "\"text file holding the API email and password needed to create a session cookie\"",
    columnNumber = Some(value = 15),
    dynamicTypeHintFullName = ArraySeq(),
    lineNumber = Some(value = 167),
    order = 2,
    possibleTypes = ArraySeq(),
    typeFullName = "string"
  )
)

joern> Iterator[CfgNode]().reachableBy(cpg.literal.id(161614L))
Captured interrupt signal `INT` - if you want to kill the REPL, press Ctrl-c again within three seconds

Desktop (please complete the following information):

ycclnn commented 11 months ago

Looks like it's due to malformed cpg. cpg.method.fieldAccess.size hangs forever, causing the overflowdb repeatedly calling Next() and hasNext().

This problem exists in version 2.0.189.

@pandurangpatil Would you please take a look if you have time? Thanks.

val res0: io.shiftleft.codepropertygraph.Cpg = Cpg (Graph [1018955 nodes])

joern> cpg.method.fieldAccess
val res1:
  Iterator[
    io.shiftleft.semanticcpg.language.operatorextension.OpNodes.FieldAccess] = non-empty iterator

joern> cpg.method.fieldAccess.size
ycclnn commented 11 months ago

I feel like this is somehow the same problem as #3845 because: image I believe there is a cycle in the AST graph as cpg.method.id(141337L).ast stucks as well.