From 39081e9c1c6c869401741674f43e535a88c4a9aa Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 31 May 2022 00:35:48 +0200
Subject: [PATCH 001/144] Python: Fix staticmethod datamodel test

---
 .../dataflow/coverage/dataflow.expected       | 35 +++++++++++++------
 .../dataflow/coverage/datamodel.py            |  9 +++++
 2 files changed, 34 insertions(+), 10 deletions(-)

diff --git a/python/ql/test/experimental/dataflow/coverage/dataflow.expected b/python/ql/test/experimental/dataflow/coverage/dataflow.expected
index c7a0294d66a..9321d941ad8 100644
--- a/python/ql/test/experimental/dataflow/coverage/dataflow.expected
+++ b/python/ql/test/experimental/dataflow/coverage/dataflow.expected
@@ -4,6 +4,7 @@ edges
 | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:38:6:38:17 | ControlFlowNode for f() |
 | datamodel.py:44:22:44:22 | ControlFlowNode for x | datamodel.py:46:16:46:16 | ControlFlowNode for x |
 | datamodel.py:49:26:49:26 | ControlFlowNode for x | datamodel.py:50:16:50:16 | ControlFlowNode for x |
+| datamodel.py:53:22:53:22 | ControlFlowNode for x | datamodel.py:54:16:54:16 | ControlFlowNode for x |
 | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:44:22:44:22 | ControlFlowNode for x |
 | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() |
 | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:44:22:44:22 | ControlFlowNode for x |
@@ -12,10 +13,14 @@ edges
 | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() |
 | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:49:26:49:26 | ControlFlowNode for x |
 | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() |
-| datamodel.py:152:5:152:8 | [post store] ControlFlowNode for self [Attribute b] | datamodel.py:155:14:155:25 | ControlFlowNode for Customized() [Attribute b] |
-| datamodel.py:152:14:152:19 | ControlFlowNode for SOURCE | datamodel.py:152:5:152:8 | [post store] ControlFlowNode for self [Attribute b] |
-| datamodel.py:155:14:155:25 | ControlFlowNode for Customized() [Attribute b] | datamodel.py:159:6:159:15 | ControlFlowNode for customized [Attribute b] |
-| datamodel.py:159:6:159:15 | ControlFlowNode for customized [Attribute b] | datamodel.py:159:6:159:17 | ControlFlowNode for Attribute |
+| datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | datamodel.py:53:22:53:22 | ControlFlowNode for x |
+| datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() |
+| datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | datamodel.py:53:22:53:22 | ControlFlowNode for x |
+| datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() |
+| datamodel.py:161:5:161:8 | [post store] ControlFlowNode for self [Attribute b] | datamodel.py:164:14:164:25 | ControlFlowNode for Customized() [Attribute b] |
+| datamodel.py:161:14:161:19 | ControlFlowNode for SOURCE | datamodel.py:161:5:161:8 | [post store] ControlFlowNode for self [Attribute b] |
+| datamodel.py:164:14:164:25 | ControlFlowNode for Customized() [Attribute b] | datamodel.py:168:6:168:15 | ControlFlowNode for customized [Attribute b] |
+| datamodel.py:168:6:168:15 | ControlFlowNode for customized [Attribute b] | datamodel.py:168:6:168:17 | ControlFlowNode for Attribute |
 | test.py:42:10:42:26 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:43:9:43:9 | ControlFlowNode for x [Tuple element at index 1] |
 | test.py:42:21:42:26 | ControlFlowNode for SOURCE | test.py:42:10:42:26 | ControlFlowNode for Tuple [Tuple element at index 1] |
 | test.py:43:9:43:9 | ControlFlowNode for x [Tuple element at index 1] | test.py:43:9:43:12 | ControlFlowNode for Subscript |
@@ -396,6 +401,8 @@ nodes
 | datamodel.py:46:16:46:16 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
 | datamodel.py:49:26:49:26 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
 | datamodel.py:50:16:50:16 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
+| datamodel.py:53:22:53:22 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
+| datamodel.py:54:16:54:16 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
 | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
 | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
@@ -404,11 +411,15 @@ nodes
 | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
 | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:152:5:152:8 | [post store] ControlFlowNode for self [Attribute b] | semmle.label | [post store] ControlFlowNode for self [Attribute b] |
-| datamodel.py:152:14:152:19 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:155:14:155:25 | ControlFlowNode for Customized() [Attribute b] | semmle.label | ControlFlowNode for Customized() [Attribute b] |
-| datamodel.py:159:6:159:15 | ControlFlowNode for customized [Attribute b] | semmle.label | ControlFlowNode for customized [Attribute b] |
-| datamodel.py:159:6:159:17 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
+| datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
+| datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
+| datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| datamodel.py:161:5:161:8 | [post store] ControlFlowNode for self [Attribute b] | semmle.label | [post store] ControlFlowNode for self [Attribute b] |
+| datamodel.py:161:14:161:19 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| datamodel.py:164:14:164:25 | ControlFlowNode for Customized() [Attribute b] | semmle.label | ControlFlowNode for Customized() [Attribute b] |
+| datamodel.py:168:6:168:15 | ControlFlowNode for customized [Attribute b] | semmle.label | ControlFlowNode for customized [Attribute b] |
+| datamodel.py:168:6:168:17 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
 | test.py:42:10:42:26 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
 | test.py:42:21:42:26 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | test.py:43:9:43:9 | ControlFlowNode for x [Tuple element at index 1] | semmle.label | ControlFlowNode for x [Tuple element at index 1] |
@@ -845,6 +856,8 @@ subpaths
 | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:44:22:44:22 | ControlFlowNode for x | datamodel.py:46:16:46:16 | ControlFlowNode for x | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() |
 | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:49:26:49:26 | ControlFlowNode for x | datamodel.py:50:16:50:16 | ControlFlowNode for x | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() |
 | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:49:26:49:26 | ControlFlowNode for x | datamodel.py:50:16:50:16 | ControlFlowNode for x | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() |
+| datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | datamodel.py:53:22:53:22 | ControlFlowNode for x | datamodel.py:54:16:54:16 | ControlFlowNode for x | datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() |
+| datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | datamodel.py:53:22:53:22 | ControlFlowNode for x | datamodel.py:54:16:54:16 | ControlFlowNode for x | datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() |
 | test.py:380:28:380:33 | ControlFlowNode for SOURCE | test.py:375:15:375:15 | ControlFlowNode for b | test.py:376:12:376:12 | ControlFlowNode for b | test.py:380:10:380:34 | ControlFlowNode for second() |
 | test.py:388:30:388:35 | ControlFlowNode for SOURCE | test.py:375:15:375:15 | ControlFlowNode for b | test.py:376:12:376:12 | ControlFlowNode for b | test.py:388:10:388:36 | ControlFlowNode for second() |
 | test.py:396:10:396:43 | KwUnpacked b | test.py:375:15:375:15 | ControlFlowNode for b | test.py:376:12:376:12 | ControlFlowNode for b | test.py:396:10:396:43 | ControlFlowNode for second() |
@@ -862,7 +875,9 @@ subpaths
 | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | Flow found |
 | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | Flow found |
 | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | Flow found |
-| datamodel.py:159:6:159:17 | ControlFlowNode for Attribute | datamodel.py:152:14:152:19 | ControlFlowNode for SOURCE | datamodel.py:159:6:159:17 | ControlFlowNode for Attribute | Flow found |
+| datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() | datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() | Flow found |
+| datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() | datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() | Flow found |
+| datamodel.py:168:6:168:17 | ControlFlowNode for Attribute | datamodel.py:161:14:161:19 | ControlFlowNode for SOURCE | datamodel.py:168:6:168:17 | ControlFlowNode for Attribute | Flow found |
 | test.py:44:10:44:10 | ControlFlowNode for y | test.py:42:21:42:26 | ControlFlowNode for SOURCE | test.py:44:10:44:10 | ControlFlowNode for y | Flow found |
 | test.py:56:10:56:10 | ControlFlowNode for x | test.py:55:9:55:14 | ControlFlowNode for SOURCE | test.py:56:10:56:10 | ControlFlowNode for x | Flow found |
 | test.py:62:10:62:10 | ControlFlowNode for x | test.py:61:9:61:16 | ControlFlowNode for Str | test.py:62:10:62:10 | ControlFlowNode for x | Flow found |
diff --git a/python/ql/test/experimental/dataflow/coverage/datamodel.py b/python/ql/test/experimental/dataflow/coverage/datamodel.py
index f165e3d67e1..55a21410368 100644
--- a/python/ql/test/experimental/dataflow/coverage/datamodel.py
+++ b/python/ql/test/experimental/dataflow/coverage/datamodel.py
@@ -81,6 +81,15 @@ SINK(c.classmethod(SOURCE)) #$ flow="SOURCE -> c.classmethod(..)"
 SINK(C.classmethod(SOURCE)) #$ flow="SOURCE -> C.classmethod(..)"
 SINK(c_func_obj(C, SOURCE)) #$ MISSING: flow="SOURCE -> c_func_obj(..)"
 
+# When an instance method object is created by retrieving a class method object from a class or instance, its __self__ attribute is the class itself, and its __func__ attribute is the function object underlying the class method.
+s_func_obj = C.staticmethod.__func__
+
+# When an instance method object is derived from a class method object, the “class instance” stored in __self__ will actually be the class itself, so that calling either x.f(1) or C.f(1) is equivalent to calling f(C,1) where f is the underlying function.
+SINK(c.staticmethod(SOURCE)) #$ flow="SOURCE -> c.staticmethod(..)"
+SINK(C.staticmethod(SOURCE)) #$ flow="SOURCE -> C.staticmethod(..)"
+SINK(s_func_obj(SOURCE)) #$ MISSING: flow="SOURCE -> s_func_obj(..)"
+
+
 # Generator functions
 # A function or method which uses the yield statement (see section The yield statement) is called a generator function. Such a function, when called, always returns an iterator object which can be used to execute the body of the function: calling the iterator’s iterator.__next__() method will cause the function to execute until it provides a value using the yield statement. When the function executes a return statement or falls off the end, a StopIteration exception is raised and the iterator will have reached the end of the set of values to be returned.
 def gen(x, count):

From 609a4cfd42dccf4728eefcd973022fa2b12eacfc Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Wed, 22 Jun 2022 14:42:22 +0200
Subject: [PATCH 002/144] Python: validate tests in `datamodel.py`

And adopt argument passing tests as well.

turns out that `C.staticmethod.__func__` doesn't actually work :O
---
 .../dataflow/coverage/datamodel.py            | 88 +++++++++++++------
 .../test/experimental/dataflow/validTest.py   |  1 +
 2 files changed, 62 insertions(+), 27 deletions(-)

diff --git a/python/ql/test/experimental/dataflow/coverage/datamodel.py b/python/ql/test/experimental/dataflow/coverage/datamodel.py
index 55a21410368..364dbb299d7 100644
--- a/python/ql/test/experimental/dataflow/coverage/datamodel.py
+++ b/python/ql/test/experimental/dataflow/coverage/datamodel.py
@@ -8,15 +8,30 @@
 # Intended sources should be the variable `SOURCE` and intended sinks should be
 # arguments to the function `SINK` (see python/ql/test/experimental/dataflow/testConfig.qll).
 
+import sys
+import os
+import functools
+
+sys.path.append(os.path.dirname(os.path.dirname((__file__))))
+from testlib import expects
+
 # These are defined so that we can evaluate the test code.
 NONSOURCE = "not a source"
 SOURCE = "source"
 
+arg1 = "source1"
+arg2 = "source2"
+arg3 = "source3"
+arg4 = "source4"
+arg5 = "source5"
+arg6 = "source6"
+arg7 = "source7"
+
 def is_source(x):
     return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
 
-def SINK(x):
-    if is_source(x):
+def SINK(x, expected=SOURCE):
+    if is_source(x) or x == expected:
         print("OK")
     else:
         print("Unexpected flow", x)
@@ -27,6 +42,14 @@ def SINK_F(x):
     else:
         print("OK")
 
+SINK1 = functools.partial(SINK, expected=arg1)
+SINK2 = functools.partial(SINK, expected=arg2)
+SINK3 = functools.partial(SINK, expected=arg3)
+SINK4 = functools.partial(SINK, expected=arg4)
+SINK5 = functools.partial(SINK, expected=arg5)
+SINK6 = functools.partial(SINK, expected=arg6)
+SINK7 = functools.partial(SINK, expected=arg7)
+
 # Callable types
 # These are the types to which the function call operation (see section Calls) can be applied:
 
@@ -41,17 +64,19 @@ SINK(f(SOURCE, 3)) #$ flow="SOURCE -> f(..)"
 # An instance method object combines a class, a class instance and any callable object (normally a user-defined function).
 class C(object):
 
-    def method(self, x, cls):
-        assert cls is self.__class__
-        return x
+    def method(self, x, y):
+        SINK1(x)
+        SINK2(y)
 
     @classmethod
-    def classmethod(cls, x):
-        return x
+    def classmethod(cls, x, y):
+        SINK1(x)
+        SINK2(y)
 
     @staticmethod
-    def staticmethod(x):
-        return x
+    def staticmethod(x, y):
+        SINK1(x)
+        SINK2(y)
 
     def gen(self, x, count):
       n = count
@@ -64,30 +89,39 @@ class C(object):
 
 c = C()
 
-# When an instance method object is created by retrieving a user-defined function object from a class via one of its instances, its __self__ attribute is the instance, and the method object is said to be bound. The new method’s __func__ attribute is the original function object.
-func_obj = c.method.__func__
+@expects(6)
+def test_method_call():
+  # When an instance method object is created by retrieving a user-defined function object from a class via one of its instances, its __self__ attribute is the instance, and the method object is said to be bound. The new method’s __func__ attribute is the original function object.
+  func_obj = c.method.__func__
 
-# When an instance method object is called, the underlying function (__func__) is called, inserting the class instance (__self__) in front of the argument list. For instance, when C is a class which contains a definition for a function f(), and x is an instance of C, calling x.f(1) is equivalent to calling C.f(x, 1).
-SINK(c.method(SOURCE, C)) #$ flow="SOURCE -> c.method(..)"
-SINK(C.method(c, SOURCE, C)) #$ flow="SOURCE -> C.method(..)"
-SINK(func_obj(c, SOURCE, C)) #$ MISSING: flow="SOURCE -> func_obj(..)"
+  # When an instance method object is called, the underlying function (__func__) is called, inserting the class instance (__self__) in front of the argument list. For instance, when C is a class which contains a definition for a function f(), and x is an instance of C, calling x.f(1) is equivalent to calling C.f(x, 1).
+  c.method(arg1, arg2) # $ func=C.method arg1 arg2
+  C.method(c, arg1, arg2) # $ func=C.method arg1 arg2
+  func_obj(c, arg1, arg2) # $ MISSING: func=C.method arg1 arg2
 
 
-# When an instance method object is created by retrieving a class method object from a class or instance, its __self__ attribute is the class itself, and its __func__ attribute is the function object underlying the class method.
-c_func_obj = C.classmethod.__func__
+@expects(6)
+def test_classmethod_call():
+  # When an instance method object is created by retrieving a class method object from a class or instance, its __self__ attribute is the class itself, and its __func__ attribute is the function object underlying the class method.
+  c_func_obj = C.classmethod.__func__
 
-# When an instance method object is derived from a class method object, the “class instance” stored in __self__ will actually be the class itself, so that calling either x.f(1) or C.f(1) is equivalent to calling f(C,1) where f is the underlying function.
-SINK(c.classmethod(SOURCE)) #$ flow="SOURCE -> c.classmethod(..)"
-SINK(C.classmethod(SOURCE)) #$ flow="SOURCE -> C.classmethod(..)"
-SINK(c_func_obj(C, SOURCE)) #$ MISSING: flow="SOURCE -> c_func_obj(..)"
+  # When an instance method object is derived from a class method object, the “class instance” stored in __self__ will actually be the class itself, so that calling either x.f(1) or C.f(1) is equivalent to calling f(C,1) where f is the underlying function.
+  c.classmethod(arg1, arg2) # $ func=C.classmethod arg1 arg2
+  C.classmethod(arg1, arg2) # $ func=C.classmethod arg1 arg2
+  c_func_obj(C, arg1, arg2) # $ MISSING: func=C.classmethod arg1 arg2
 
-# When an instance method object is created by retrieving a class method object from a class or instance, its __self__ attribute is the class itself, and its __func__ attribute is the function object underlying the class method.
-s_func_obj = C.staticmethod.__func__
 
-# When an instance method object is derived from a class method object, the “class instance” stored in __self__ will actually be the class itself, so that calling either x.f(1) or C.f(1) is equivalent to calling f(C,1) where f is the underlying function.
-SINK(c.staticmethod(SOURCE)) #$ flow="SOURCE -> c.staticmethod(..)"
-SINK(C.staticmethod(SOURCE)) #$ flow="SOURCE -> C.staticmethod(..)"
-SINK(s_func_obj(SOURCE)) #$ MISSING: flow="SOURCE -> s_func_obj(..)"
+@expects(5)
+def test_staticmethod_call():
+  # staticmethods does not have a __func__ attribute
+  try:
+    C.staticmethod.__func__
+  except AttributeError:
+    print("OK")
+
+  # When an instance method object is derived from a class method object, the “class instance” stored in __self__ will actually be the class itself, so that calling either x.f(1) or C.f(1) is equivalent to calling f(C,1) where f is the underlying function.
+  c.staticmethod(arg1, arg2) # $ func=C.staticmethod arg1 arg2
+  C.staticmethod(arg1, arg2) # $ func=C.staticmethod arg1 arg2
 
 
 # Generator functions
diff --git a/python/ql/test/experimental/dataflow/validTest.py b/python/ql/test/experimental/dataflow/validTest.py
index 86336af05ba..edfe685c266 100644
--- a/python/ql/test/experimental/dataflow/validTest.py
+++ b/python/ql/test/experimental/dataflow/validTest.py
@@ -55,6 +55,7 @@ if __name__ == "__main__":
     check_tests_valid("coverage.classes")
     check_tests_valid("coverage.test")
     check_tests_valid("coverage.argumentPassing")
+    check_tests_valid("coverage.datamodel")
     check_tests_valid("variable-capture.in")
     check_tests_valid("variable-capture.nonlocal")
     check_tests_valid("variable-capture.dict")

From 7d8c0c663f39ef8d2e15ea894b4723105810d1ec Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Fri, 3 Jun 2022 18:33:44 +0200
Subject: [PATCH 003/144] Python: Remove `dataflow/coverage/dataflow.ql`

The selected edges is covered by `NormalDataflowTest.ql` now... and
reading the test-output changes in `edges` is just going to make commits
larger while not providing any real value.
---
 .../dataflow/coverage/dataflow.expected       | 985 ------------------
 .../dataflow/coverage/dataflow.ql             |  11 -
 2 files changed, 996 deletions(-)
 delete mode 100644 python/ql/test/experimental/dataflow/coverage/dataflow.expected
 delete mode 100644 python/ql/test/experimental/dataflow/coverage/dataflow.ql

diff --git a/python/ql/test/experimental/dataflow/coverage/dataflow.expected b/python/ql/test/experimental/dataflow/coverage/dataflow.expected
deleted file mode 100644
index 9321d941ad8..00000000000
--- a/python/ql/test/experimental/dataflow/coverage/dataflow.expected
+++ /dev/null
@@ -1,985 +0,0 @@
-edges
-| datamodel.py:35:7:35:7 | ControlFlowNode for a | datamodel.py:36:10:36:10 | ControlFlowNode for a |
-| datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:35:7:35:7 | ControlFlowNode for a |
-| datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:38:6:38:17 | ControlFlowNode for f() |
-| datamodel.py:44:22:44:22 | ControlFlowNode for x | datamodel.py:46:16:46:16 | ControlFlowNode for x |
-| datamodel.py:49:26:49:26 | ControlFlowNode for x | datamodel.py:50:16:50:16 | ControlFlowNode for x |
-| datamodel.py:53:22:53:22 | ControlFlowNode for x | datamodel.py:54:16:54:16 | ControlFlowNode for x |
-| datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:44:22:44:22 | ControlFlowNode for x |
-| datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() |
-| datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:44:22:44:22 | ControlFlowNode for x |
-| datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() |
-| datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:49:26:49:26 | ControlFlowNode for x |
-| datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() |
-| datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:49:26:49:26 | ControlFlowNode for x |
-| datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() |
-| datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | datamodel.py:53:22:53:22 | ControlFlowNode for x |
-| datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() |
-| datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | datamodel.py:53:22:53:22 | ControlFlowNode for x |
-| datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() |
-| datamodel.py:161:5:161:8 | [post store] ControlFlowNode for self [Attribute b] | datamodel.py:164:14:164:25 | ControlFlowNode for Customized() [Attribute b] |
-| datamodel.py:161:14:161:19 | ControlFlowNode for SOURCE | datamodel.py:161:5:161:8 | [post store] ControlFlowNode for self [Attribute b] |
-| datamodel.py:164:14:164:25 | ControlFlowNode for Customized() [Attribute b] | datamodel.py:168:6:168:15 | ControlFlowNode for customized [Attribute b] |
-| datamodel.py:168:6:168:15 | ControlFlowNode for customized [Attribute b] | datamodel.py:168:6:168:17 | ControlFlowNode for Attribute |
-| test.py:42:10:42:26 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:43:9:43:9 | ControlFlowNode for x [Tuple element at index 1] |
-| test.py:42:21:42:26 | ControlFlowNode for SOURCE | test.py:42:10:42:26 | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:43:9:43:9 | ControlFlowNode for x [Tuple element at index 1] | test.py:43:9:43:12 | ControlFlowNode for Subscript |
-| test.py:43:9:43:12 | ControlFlowNode for Subscript | test.py:44:10:44:10 | ControlFlowNode for y |
-| test.py:55:9:55:14 | ControlFlowNode for SOURCE | test.py:56:10:56:10 | ControlFlowNode for x |
-| test.py:61:9:61:16 | ControlFlowNode for Str | test.py:62:10:62:10 | ControlFlowNode for x |
-| test.py:66:9:66:17 | ControlFlowNode for Str | test.py:67:10:67:10 | ControlFlowNode for x |
-| test.py:71:9:71:10 | ControlFlowNode for IntegerLiteral | test.py:72:10:72:10 | ControlFlowNode for x |
-| test.py:76:9:76:12 | ControlFlowNode for FloatLiteral | test.py:77:10:77:10 | ControlFlowNode for x |
-| test.py:87:10:87:15 | ControlFlowNode for SOURCE | test.py:88:10:88:10 | ControlFlowNode for x |
-| test.py:93:9:93:16 | ControlFlowNode for List [List element] | test.py:94:10:94:10 | ControlFlowNode for x [List element] |
-| test.py:93:10:93:15 | ControlFlowNode for SOURCE | test.py:93:9:93:16 | ControlFlowNode for List [List element] |
-| test.py:94:10:94:10 | ControlFlowNode for x [List element] | test.py:94:10:94:13 | ControlFlowNode for Subscript |
-| test.py:103:9:103:37 | ControlFlowNode for ListComp [List element] | test.py:104:10:104:10 | ControlFlowNode for x [List element] |
-| test.py:103:10:103:15 | ControlFlowNode for SOURCE | test.py:103:9:103:37 | ControlFlowNode for ListComp [List element] |
-| test.py:104:10:104:10 | ControlFlowNode for x [List element] | test.py:104:10:104:13 | ControlFlowNode for Subscript |
-| test.py:108:9:108:29 | ControlFlowNode for ListComp [List element] | test.py:109:10:109:10 | ControlFlowNode for x [List element] |
-| test.py:108:10:108:10 | ControlFlowNode for y | test.py:108:9:108:29 | ControlFlowNode for ListComp [List element] |
-| test.py:108:16:108:16 | SSA variable y | test.py:108:10:108:10 | ControlFlowNode for y |
-| test.py:108:21:108:28 | ControlFlowNode for List [List element] | test.py:108:16:108:16 | SSA variable y |
-| test.py:108:22:108:27 | ControlFlowNode for SOURCE | test.py:108:21:108:28 | ControlFlowNode for List [List element] |
-| test.py:109:10:109:10 | ControlFlowNode for x [List element] | test.py:109:10:109:13 | ControlFlowNode for Subscript |
-| test.py:113:9:113:16 | ControlFlowNode for List [List element] | test.py:114:21:114:21 | ControlFlowNode for l [List element] |
-| test.py:113:10:113:15 | ControlFlowNode for SOURCE | test.py:113:9:113:16 | ControlFlowNode for List [List element] |
-| test.py:114:9:114:22 | ControlFlowNode for ListComp [List element] | test.py:115:10:115:10 | ControlFlowNode for x [List element] |
-| test.py:114:10:114:10 | ControlFlowNode for y | test.py:114:9:114:22 | ControlFlowNode for ListComp [List element] |
-| test.py:114:16:114:16 | SSA variable y | test.py:114:10:114:10 | ControlFlowNode for y |
-| test.py:114:21:114:21 | ControlFlowNode for l [List element] | test.py:114:16:114:16 | SSA variable y |
-| test.py:115:10:115:10 | ControlFlowNode for x [List element] | test.py:115:10:115:13 | ControlFlowNode for Subscript |
-| test.py:125:9:125:16 | ControlFlowNode for Set [Set element] | test.py:126:10:126:10 | ControlFlowNode for x [Set element] |
-| test.py:125:10:125:15 | ControlFlowNode for SOURCE | test.py:125:9:125:16 | ControlFlowNode for Set [Set element] |
-| test.py:126:10:126:10 | ControlFlowNode for x [Set element] | test.py:126:10:126:16 | ControlFlowNode for Attribute() |
-| test.py:130:9:130:37 | ControlFlowNode for SetComp [Set element] | test.py:131:10:131:10 | ControlFlowNode for x [Set element] |
-| test.py:130:10:130:15 | ControlFlowNode for SOURCE | test.py:130:9:130:37 | ControlFlowNode for SetComp [Set element] |
-| test.py:131:10:131:10 | ControlFlowNode for x [Set element] | test.py:131:10:131:16 | ControlFlowNode for Attribute() |
-| test.py:135:9:135:29 | ControlFlowNode for SetComp [Set element] | test.py:136:10:136:10 | ControlFlowNode for x [Set element] |
-| test.py:135:10:135:10 | ControlFlowNode for y | test.py:135:9:135:29 | ControlFlowNode for SetComp [Set element] |
-| test.py:135:16:135:16 | SSA variable y | test.py:135:10:135:10 | ControlFlowNode for y |
-| test.py:135:21:135:28 | ControlFlowNode for List [List element] | test.py:135:16:135:16 | SSA variable y |
-| test.py:135:22:135:27 | ControlFlowNode for SOURCE | test.py:135:21:135:28 | ControlFlowNode for List [List element] |
-| test.py:136:10:136:10 | ControlFlowNode for x [Set element] | test.py:136:10:136:16 | ControlFlowNode for Attribute() |
-| test.py:140:9:140:16 | ControlFlowNode for Set [Set element] | test.py:141:21:141:21 | ControlFlowNode for l [Set element] |
-| test.py:140:10:140:15 | ControlFlowNode for SOURCE | test.py:140:9:140:16 | ControlFlowNode for Set [Set element] |
-| test.py:141:9:141:22 | ControlFlowNode for SetComp [Set element] | test.py:142:10:142:10 | ControlFlowNode for x [Set element] |
-| test.py:141:10:141:10 | ControlFlowNode for y | test.py:141:9:141:22 | ControlFlowNode for SetComp [Set element] |
-| test.py:141:16:141:16 | SSA variable y | test.py:141:10:141:10 | ControlFlowNode for y |
-| test.py:141:21:141:21 | ControlFlowNode for l [Set element] | test.py:141:16:141:16 | SSA variable y |
-| test.py:142:10:142:10 | ControlFlowNode for x [Set element] | test.py:142:10:142:16 | ControlFlowNode for Attribute() |
-| test.py:152:9:152:21 | ControlFlowNode for Dict [Dictionary element at key s] | test.py:153:10:153:10 | ControlFlowNode for x [Dictionary element at key s] |
-| test.py:152:15:152:20 | ControlFlowNode for SOURCE | test.py:152:9:152:21 | ControlFlowNode for Dict [Dictionary element at key s] |
-| test.py:153:10:153:10 | ControlFlowNode for x [Dictionary element at key s] | test.py:153:10:153:15 | ControlFlowNode for Subscript |
-| test.py:157:9:157:21 | ControlFlowNode for Dict [Dictionary element at key s] | test.py:158:10:158:10 | ControlFlowNode for x [Dictionary element at key s] |
-| test.py:157:15:157:20 | ControlFlowNode for SOURCE | test.py:157:9:157:21 | ControlFlowNode for Dict [Dictionary element at key s] |
-| test.py:158:10:158:10 | ControlFlowNode for x [Dictionary element at key s] | test.py:158:10:158:19 | ControlFlowNode for Attribute() |
-| test.py:183:9:183:42 | ControlFlowNode for ListComp [List element] | test.py:184:10:184:10 | ControlFlowNode for x [List element] |
-| test.py:183:10:183:10 | ControlFlowNode for y | test.py:183:9:183:42 | ControlFlowNode for ListComp [List element] |
-| test.py:183:16:183:16 | SSA variable z [List element] | test.py:183:41:183:41 | ControlFlowNode for z [List element] |
-| test.py:183:21:183:30 | ControlFlowNode for List [List element, List element] | test.py:183:16:183:16 | SSA variable z [List element] |
-| test.py:183:22:183:29 | ControlFlowNode for List [List element] | test.py:183:21:183:30 | ControlFlowNode for List [List element, List element] |
-| test.py:183:23:183:28 | ControlFlowNode for SOURCE | test.py:183:22:183:29 | ControlFlowNode for List [List element] |
-| test.py:183:36:183:36 | SSA variable y | test.py:183:10:183:10 | ControlFlowNode for y |
-| test.py:183:41:183:41 | ControlFlowNode for z [List element] | test.py:183:36:183:36 | SSA variable y |
-| test.py:184:10:184:10 | ControlFlowNode for x [List element] | test.py:184:10:184:13 | ControlFlowNode for Subscript |
-| test.py:188:9:188:68 | ControlFlowNode for ListComp [List element] | test.py:189:10:189:10 | ControlFlowNode for x [List element] |
-| test.py:188:10:188:10 | ControlFlowNode for y | test.py:188:9:188:68 | ControlFlowNode for ListComp [List element] |
-| test.py:188:16:188:16 | SSA variable v [List element, List element, List element] | test.py:188:45:188:45 | ControlFlowNode for v [List element, List element, List element] |
-| test.py:188:21:188:34 | ControlFlowNode for List [List element, List element, List element, List element] | test.py:188:16:188:16 | SSA variable v [List element, List element, List element] |
-| test.py:188:22:188:33 | ControlFlowNode for List [List element, List element, List element] | test.py:188:21:188:34 | ControlFlowNode for List [List element, List element, List element, List element] |
-| test.py:188:23:188:32 | ControlFlowNode for List [List element, List element] | test.py:188:22:188:33 | ControlFlowNode for List [List element, List element, List element] |
-| test.py:188:24:188:31 | ControlFlowNode for List [List element] | test.py:188:23:188:32 | ControlFlowNode for List [List element, List element] |
-| test.py:188:25:188:30 | ControlFlowNode for SOURCE | test.py:188:24:188:31 | ControlFlowNode for List [List element] |
-| test.py:188:40:188:40 | SSA variable u [List element, List element] | test.py:188:56:188:56 | ControlFlowNode for u [List element, List element] |
-| test.py:188:45:188:45 | ControlFlowNode for v [List element, List element, List element] | test.py:188:40:188:40 | SSA variable u [List element, List element] |
-| test.py:188:51:188:51 | SSA variable z [List element] | test.py:188:67:188:67 | ControlFlowNode for z [List element] |
-| test.py:188:56:188:56 | ControlFlowNode for u [List element, List element] | test.py:188:51:188:51 | SSA variable z [List element] |
-| test.py:188:62:188:62 | SSA variable y | test.py:188:10:188:10 | ControlFlowNode for y |
-| test.py:188:67:188:67 | ControlFlowNode for z [List element] | test.py:188:62:188:62 | SSA variable y |
-| test.py:189:10:189:10 | ControlFlowNode for x [List element] | test.py:189:10:189:13 | ControlFlowNode for Subscript |
-| test.py:199:9:199:42 | ControlFlowNode for ListComp [List element] | test.py:200:10:200:10 | ControlFlowNode for x [List element] |
-| test.py:199:10:199:10 | ControlFlowNode for y | test.py:199:9:199:42 | ControlFlowNode for ListComp [List element] |
-| test.py:199:16:199:16 | SSA variable y | test.py:199:10:199:10 | ControlFlowNode for y |
-| test.py:199:22:199:22 | ControlFlowNode for z | test.py:199:22:199:40 | ControlFlowNode for GeneratorExp [List element] |
-| test.py:199:22:199:40 | ControlFlowNode for GeneratorExp [List element] | test.py:199:16:199:16 | SSA variable y |
-| test.py:199:28:199:28 | SSA variable z | test.py:199:22:199:22 | ControlFlowNode for z |
-| test.py:199:33:199:40 | ControlFlowNode for List [List element] | test.py:199:28:199:28 | SSA variable z |
-| test.py:199:34:199:39 | ControlFlowNode for SOURCE | test.py:199:33:199:40 | ControlFlowNode for List [List element] |
-| test.py:200:10:200:10 | ControlFlowNode for x [List element] | test.py:200:10:200:13 | ControlFlowNode for Subscript |
-| test.py:205:9:205:47 | ControlFlowNode for ListComp [List element] | test.py:206:10:206:10 | ControlFlowNode for x [List element] |
-| test.py:205:10:205:10 | ControlFlowNode for a | test.py:205:9:205:47 | ControlFlowNode for ListComp [List element] |
-| test.py:205:17:205:17 | SSA variable a | test.py:205:10:205:10 | ControlFlowNode for a |
-| test.py:205:17:205:20 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:205:17:205:17 | SSA variable a |
-| test.py:205:17:205:20 | IterableSequence [Tuple element at index 0] | test.py:205:17:205:20 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:205:26:205:46 | ControlFlowNode for List [List element, Tuple element at index 0] | test.py:205:17:205:20 | IterableSequence [Tuple element at index 0] |
-| test.py:205:28:205:33 | ControlFlowNode for SOURCE | test.py:205:28:205:44 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:205:28:205:44 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:205:26:205:46 | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:206:10:206:10 | ControlFlowNode for x [List element] | test.py:206:10:206:13 | ControlFlowNode for Subscript |
-| test.py:210:9:210:51 | ControlFlowNode for ListComp [List element] | test.py:211:10:211:10 | ControlFlowNode for x [List element] |
-| test.py:210:10:210:10 | ControlFlowNode for a [List element] | test.py:210:10:210:13 | ControlFlowNode for Subscript |
-| test.py:210:10:210:13 | ControlFlowNode for Subscript | test.py:210:9:210:51 | ControlFlowNode for ListComp [List element] |
-| test.py:210:20:210:21 | IterableElement | test.py:210:20:210:21 | SSA variable a [List element] |
-| test.py:210:20:210:21 | SSA variable a [List element] | test.py:210:10:210:10 | ControlFlowNode for a [List element] |
-| test.py:210:20:210:24 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:210:20:210:21 | IterableElement |
-| test.py:210:20:210:24 | IterableSequence [Tuple element at index 0] | test.py:210:20:210:24 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:210:30:210:50 | ControlFlowNode for List [List element, Tuple element at index 0] | test.py:210:20:210:24 | IterableSequence [Tuple element at index 0] |
-| test.py:210:32:210:37 | ControlFlowNode for SOURCE | test.py:210:32:210:48 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:210:32:210:48 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:210:30:210:50 | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:211:10:211:10 | ControlFlowNode for x [List element] | test.py:211:10:211:13 | ControlFlowNode for Subscript |
-| test.py:349:11:349:16 | ControlFlowNode for SOURCE | test.py:349:11:349:17 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:349:11:349:17 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:349:10:349:21 | ControlFlowNode for Subscript |
-| test.py:353:10:353:17 | ControlFlowNode for List [List element] | test.py:353:10:353:20 | ControlFlowNode for Subscript |
-| test.py:353:11:353:16 | ControlFlowNode for SOURCE | test.py:353:10:353:17 | ControlFlowNode for List [List element] |
-| test.py:357:10:357:22 | ControlFlowNode for Dict [Dictionary element at key s] | test.py:357:10:357:27 | ControlFlowNode for Subscript |
-| test.py:357:16:357:21 | ControlFlowNode for SOURCE | test.py:357:10:357:22 | ControlFlowNode for Dict [Dictionary element at key s] |
-| test.py:375:15:375:15 | ControlFlowNode for b | test.py:376:12:376:12 | ControlFlowNode for b |
-| test.py:380:28:380:33 | ControlFlowNode for SOURCE | test.py:375:15:375:15 | ControlFlowNode for b |
-| test.py:380:28:380:33 | ControlFlowNode for SOURCE | test.py:380:10:380:34 | ControlFlowNode for second() |
-| test.py:388:30:388:35 | ControlFlowNode for SOURCE | test.py:375:15:375:15 | ControlFlowNode for b |
-| test.py:388:30:388:35 | ControlFlowNode for SOURCE | test.py:388:10:388:36 | ControlFlowNode for second() |
-| test.py:396:10:396:43 | KwUnpacked b | test.py:375:15:375:15 | ControlFlowNode for b |
-| test.py:396:10:396:43 | KwUnpacked b | test.py:396:10:396:43 | ControlFlowNode for second() |
-| test.py:396:30:396:42 | ControlFlowNode for Dict [Dictionary element at key b] | test.py:396:10:396:43 | KwUnpacked b |
-| test.py:396:36:396:41 | ControlFlowNode for SOURCE | test.py:396:30:396:42 | ControlFlowNode for Dict [Dictionary element at key b] |
-| test.py:399:21:399:21 | ControlFlowNode for b [Tuple element at index 0] | test.py:400:12:400:12 | ControlFlowNode for b [Tuple element at index 0] |
-| test.py:400:12:400:12 | ControlFlowNode for b [Tuple element at index 0] | test.py:400:12:400:15 | ControlFlowNode for Subscript |
-| test.py:404:10:404:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] | test.py:399:21:399:21 | ControlFlowNode for b [Tuple element at index 0] |
-| test.py:404:10:404:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] | test.py:404:10:404:39 | ControlFlowNode for f_extra_pos() |
-| test.py:404:33:404:38 | ControlFlowNode for SOURCE | test.py:404:10:404:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] |
-| test.py:407:26:407:26 | ControlFlowNode for b [Dictionary element at key b] | test.py:408:12:408:12 | ControlFlowNode for b [Dictionary element at key b] |
-| test.py:408:12:408:12 | ControlFlowNode for b [Dictionary element at key b] | test.py:408:12:408:17 | ControlFlowNode for Subscript |
-| test.py:412:10:412:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] | test.py:407:26:407:26 | ControlFlowNode for b [Dictionary element at key b] |
-| test.py:412:10:412:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] | test.py:412:10:412:45 | ControlFlowNode for f_extra_keyword() |
-| test.py:412:39:412:44 | ControlFlowNode for SOURCE | test.py:412:10:412:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] |
-| test.py:429:15:429:20 | ControlFlowNode for SOURCE | test.py:429:10:429:20 | ControlFlowNode for BoolExpr |
-| test.py:434:16:434:21 | ControlFlowNode for SOURCE | test.py:434:10:434:21 | ControlFlowNode for BoolExpr |
-| test.py:445:10:445:15 | ControlFlowNode for SOURCE | test.py:445:10:445:38 | ControlFlowNode for IfExp |
-| test.py:453:34:453:39 | ControlFlowNode for SOURCE | test.py:453:10:453:39 | ControlFlowNode for IfExp |
-| test.py:474:11:474:11 | ControlFlowNode for x | test.py:475:16:475:16 | ControlFlowNode for x |
-| test.py:477:12:477:17 | ControlFlowNode for SOURCE | test.py:474:11:474:11 | ControlFlowNode for x |
-| test.py:477:12:477:17 | ControlFlowNode for SOURCE | test.py:477:10:477:18 | ControlFlowNode for f() |
-| test.py:481:19:481:19 | ControlFlowNode for b | test.py:482:16:482:16 | ControlFlowNode for b |
-| test.py:484:28:484:33 | ControlFlowNode for SOURCE | test.py:481:19:481:19 | ControlFlowNode for b |
-| test.py:484:28:484:33 | ControlFlowNode for SOURCE | test.py:484:10:484:34 | ControlFlowNode for second() |
-| test.py:495:19:495:19 | ControlFlowNode for b | test.py:496:16:496:16 | ControlFlowNode for b |
-| test.py:498:30:498:35 | ControlFlowNode for SOURCE | test.py:495:19:495:19 | ControlFlowNode for b |
-| test.py:498:30:498:35 | ControlFlowNode for SOURCE | test.py:498:10:498:36 | ControlFlowNode for second() |
-| test.py:509:19:509:19 | ControlFlowNode for b | test.py:510:16:510:16 | ControlFlowNode for b |
-| test.py:512:10:512:43 | KwUnpacked b | test.py:509:19:509:19 | ControlFlowNode for b |
-| test.py:512:10:512:43 | KwUnpacked b | test.py:512:10:512:43 | ControlFlowNode for second() |
-| test.py:512:30:512:42 | ControlFlowNode for Dict [Dictionary element at key b] | test.py:512:10:512:43 | KwUnpacked b |
-| test.py:512:36:512:41 | ControlFlowNode for SOURCE | test.py:512:30:512:42 | ControlFlowNode for Dict [Dictionary element at key b] |
-| test.py:516:30:516:30 | ControlFlowNode for b [Tuple element at index 0] | test.py:516:33:516:33 | ControlFlowNode for b [Tuple element at index 0] |
-| test.py:516:33:516:33 | ControlFlowNode for b [Tuple element at index 0] | test.py:516:33:516:36 | ControlFlowNode for Subscript |
-| test.py:517:10:517:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] | test.py:516:30:516:30 | ControlFlowNode for b [Tuple element at index 0] |
-| test.py:517:10:517:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] | test.py:517:10:517:39 | ControlFlowNode for f_extra_pos() |
-| test.py:517:33:517:38 | ControlFlowNode for SOURCE | test.py:517:10:517:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] |
-| test.py:521:35:521:35 | ControlFlowNode for b [Dictionary element at key b] | test.py:521:38:521:38 | ControlFlowNode for b [Dictionary element at key b] |
-| test.py:521:38:521:38 | ControlFlowNode for b [Dictionary element at key b] | test.py:521:38:521:43 | ControlFlowNode for Subscript |
-| test.py:522:10:522:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] | test.py:521:35:521:35 | ControlFlowNode for b [Dictionary element at key b] |
-| test.py:522:10:522:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] | test.py:522:10:522:45 | ControlFlowNode for f_extra_keyword() |
-| test.py:522:39:522:44 | ControlFlowNode for SOURCE | test.py:522:10:522:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] |
-| test.py:534:9:534:14 | ControlFlowNode for SOURCE | test.py:536:10:536:10 | ControlFlowNode for a |
-| test.py:534:9:534:14 | ControlFlowNode for SOURCE | test.py:541:10:541:10 | ControlFlowNode for b |
-| test.py:546:10:546:15 | ControlFlowNode for SOURCE | test.py:546:10:546:26 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:546:10:546:26 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:547:5:547:8 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:547:5:547:5 | SSA variable a | test.py:548:10:548:10 | ControlFlowNode for a |
-| test.py:547:5:547:8 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:547:5:547:5 | SSA variable a |
-| test.py:554:10:554:15 | ControlFlowNode for SOURCE | test.py:554:10:554:36 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:554:10:554:36 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:555:5:555:13 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:554:10:554:36 | ControlFlowNode for Tuple [Tuple element at index 1, Tuple element at index 1] | test.py:555:5:555:13 | ControlFlowNode for Tuple [Tuple element at index 1, Tuple element at index 1] |
-| test.py:554:19:554:35 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:554:10:554:36 | ControlFlowNode for Tuple [Tuple element at index 1, Tuple element at index 1] |
-| test.py:554:30:554:35 | ControlFlowNode for SOURCE | test.py:554:19:554:35 | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:555:5:555:5 | SSA variable a | test.py:556:10:556:10 | ControlFlowNode for a |
-| test.py:555:5:555:13 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:555:5:555:5 | SSA variable a |
-| test.py:555:5:555:13 | ControlFlowNode for Tuple [Tuple element at index 1, Tuple element at index 1] | test.py:555:9:555:12 | IterableSequence [Tuple element at index 1] |
-| test.py:555:9:555:12 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:555:12:555:12 | SSA variable c |
-| test.py:555:9:555:12 | IterableSequence [Tuple element at index 1] | test.py:555:9:555:12 | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:555:12:555:12 | SSA variable c | test.py:558:10:558:10 | ControlFlowNode for c |
-| test.py:563:9:563:33 | ControlFlowNode for List [List element, List element, List element, List element] | test.py:564:5:564:14 | IterableSequence [List element, List element, List element, List element] |
-| test.py:563:10:563:21 | ControlFlowNode for List [List element, List element, List element] | test.py:563:9:563:33 | ControlFlowNode for List [List element, List element, List element, List element] |
-| test.py:563:11:563:20 | ControlFlowNode for List [List element, List element] | test.py:563:10:563:21 | ControlFlowNode for List [List element, List element, List element] |
-| test.py:563:12:563:19 | ControlFlowNode for List [List element] | test.py:563:11:563:20 | ControlFlowNode for List [List element, List element] |
-| test.py:563:13:563:18 | ControlFlowNode for SOURCE | test.py:563:12:563:19 | ControlFlowNode for List [List element] |
-| test.py:564:5:564:11 | ControlFlowNode for List [Tuple element at index 0, List element, List element] | test.py:564:6:564:10 | IterableSequence [List element, List element] |
-| test.py:564:5:564:11 | IterableElement [List element, List element] | test.py:564:5:564:11 | ControlFlowNode for List [Tuple element at index 0, List element, List element] |
-| test.py:564:5:564:11 | IterableSequence [List element, List element, List element] | test.py:564:5:564:11 | IterableElement [List element, List element] |
-| test.py:564:5:564:14 | ControlFlowNode for Tuple [Tuple element at index 0, List element, List element, List element] | test.py:564:5:564:11 | IterableSequence [List element, List element, List element] |
-| test.py:564:5:564:14 | IterableElement [List element, List element, List element] | test.py:564:5:564:14 | ControlFlowNode for Tuple [Tuple element at index 0, List element, List element, List element] |
-| test.py:564:5:564:14 | IterableSequence [List element, List element, List element, List element] | test.py:564:5:564:14 | IterableElement [List element, List element, List element] |
-| test.py:564:6:564:10 | ControlFlowNode for List [Tuple element at index 0, List element] | test.py:564:7:564:9 | IterableSequence [List element] |
-| test.py:564:6:564:10 | IterableElement [List element] | test.py:564:6:564:10 | ControlFlowNode for List [Tuple element at index 0, List element] |
-| test.py:564:6:564:10 | IterableSequence [List element, List element] | test.py:564:6:564:10 | IterableElement [List element] |
-| test.py:564:7:564:9 | ControlFlowNode for List [Tuple element at index 0] | test.py:564:8:564:8 | SSA variable a |
-| test.py:564:7:564:9 | IterableElement | test.py:564:7:564:9 | ControlFlowNode for List [Tuple element at index 0] |
-| test.py:564:7:564:9 | IterableSequence [List element] | test.py:564:7:564:9 | IterableElement |
-| test.py:564:8:564:8 | SSA variable a | test.py:565:10:565:10 | ControlFlowNode for a |
-| test.py:571:10:571:15 | ControlFlowNode for SOURCE | test.py:571:10:571:34 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:571:10:571:34 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:572:5:572:12 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:571:10:571:34 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:572:5:572:12 | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:571:18:571:23 | ControlFlowNode for SOURCE | test.py:571:10:571:34 | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:572:5:572:5 | SSA variable a | test.py:573:10:573:10 | ControlFlowNode for a |
-| test.py:572:5:572:12 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:572:5:572:5 | SSA variable a |
-| test.py:572:5:572:12 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:572:8:572:9 | IterableElement |
-| test.py:572:5:572:12 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:572:12:572:12 | SSA variable c |
-| test.py:572:8:572:9 | IterableElement | test.py:572:8:572:9 | SSA variable b [List element] |
-| test.py:572:8:572:9 | SSA variable b [List element] | test.py:575:10:575:10 | ControlFlowNode for b [List element] |
-| test.py:572:12:572:12 | SSA variable c | test.py:576:12:576:12 | ControlFlowNode for c |
-| test.py:575:10:575:10 | ControlFlowNode for b [List element] | test.py:575:10:575:13 | ControlFlowNode for Subscript |
-| test.py:581:10:581:15 | ControlFlowNode for SOURCE | test.py:581:10:581:23 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:581:10:581:23 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:582:5:582:12 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:581:10:581:23 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:582:5:582:12 | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:581:18:581:23 | ControlFlowNode for SOURCE | test.py:581:10:581:23 | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:582:5:582:5 | SSA variable a | test.py:583:10:583:10 | ControlFlowNode for a |
-| test.py:582:5:582:12 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:582:5:582:5 | SSA variable a |
-| test.py:582:5:582:12 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:582:12:582:12 | SSA variable c |
-| test.py:582:12:582:12 | SSA variable c | test.py:585:10:585:10 | ControlFlowNode for c |
-| test.py:590:10:590:61 | ControlFlowNode for List [List element, List element] | test.py:593:6:593:23 | IterableSequence [List element, List element] |
-| test.py:590:10:590:61 | ControlFlowNode for List [List element, List element] | test.py:601:5:601:24 | IterableSequence [List element, List element] |
-| test.py:590:10:590:61 | ControlFlowNode for List [List element, List element] | test.py:609:6:609:23 | IterableSequence [List element, List element] |
-| test.py:590:11:590:37 | ControlFlowNode for List [List element] | test.py:590:10:590:61 | ControlFlowNode for List [List element, List element] |
-| test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:590:11:590:37 | ControlFlowNode for List [List element] |
-| test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:590:11:590:37 | ControlFlowNode for List [List element] |
-| test.py:590:40:590:47 | ControlFlowNode for List [List element] | test.py:590:10:590:61 | ControlFlowNode for List [List element, List element] |
-| test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:590:40:590:47 | ControlFlowNode for List [List element] |
-| test.py:593:6:593:23 | ControlFlowNode for Tuple [Tuple element at index 0, List element] | test.py:593:7:593:16 | IterableSequence [List element] |
-| test.py:593:6:593:23 | IterableElement [List element] | test.py:593:6:593:23 | ControlFlowNode for Tuple [Tuple element at index 0, List element] |
-| test.py:593:6:593:23 | IterableSequence [List element, List element] | test.py:593:6:593:23 | IterableElement [List element] |
-| test.py:593:7:593:8 | SSA variable a1 | test.py:594:10:594:11 | ControlFlowNode for a1 |
-| test.py:593:7:593:16 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:593:7:593:8 | SSA variable a1 |
-| test.py:593:7:593:16 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:593:11:593:12 | SSA variable a2 |
-| test.py:593:7:593:16 | ControlFlowNode for Tuple [Tuple element at index 2] | test.py:593:15:593:16 | SSA variable a3 |
-| test.py:593:7:593:16 | IterableElement | test.py:593:7:593:16 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:593:7:593:16 | IterableElement | test.py:593:7:593:16 | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:593:7:593:16 | IterableElement | test.py:593:7:593:16 | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:593:7:593:16 | IterableSequence [List element] | test.py:593:7:593:16 | IterableElement |
-| test.py:593:11:593:12 | SSA variable a2 | test.py:595:12:595:13 | ControlFlowNode for a2 |
-| test.py:593:15:593:16 | SSA variable a3 | test.py:596:10:596:11 | ControlFlowNode for a3 |
-| test.py:601:5:601:24 | ControlFlowNode for List [Tuple element at index 0, List element] | test.py:601:7:601:16 | IterableSequence [List element] |
-| test.py:601:5:601:24 | IterableElement [List element] | test.py:601:5:601:24 | ControlFlowNode for List [Tuple element at index 0, List element] |
-| test.py:601:5:601:24 | IterableSequence [List element, List element] | test.py:601:5:601:24 | IterableElement [List element] |
-| test.py:601:7:601:8 | SSA variable a1 | test.py:602:10:602:11 | ControlFlowNode for a1 |
-| test.py:601:7:601:16 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:601:7:601:8 | SSA variable a1 |
-| test.py:601:7:601:16 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:601:11:601:12 | SSA variable a2 |
-| test.py:601:7:601:16 | ControlFlowNode for Tuple [Tuple element at index 2] | test.py:601:15:601:16 | SSA variable a3 |
-| test.py:601:7:601:16 | IterableElement | test.py:601:7:601:16 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:601:7:601:16 | IterableElement | test.py:601:7:601:16 | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:601:7:601:16 | IterableElement | test.py:601:7:601:16 | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:601:7:601:16 | IterableSequence [List element] | test.py:601:7:601:16 | IterableElement |
-| test.py:601:11:601:12 | SSA variable a2 | test.py:603:12:603:13 | ControlFlowNode for a2 |
-| test.py:601:15:601:16 | SSA variable a3 | test.py:604:10:604:11 | ControlFlowNode for a3 |
-| test.py:609:6:609:17 | ControlFlowNode for List [Tuple element at index 0] | test.py:609:7:609:8 | SSA variable a1 |
-| test.py:609:6:609:17 | ControlFlowNode for List [Tuple element at index 1] | test.py:609:11:609:12 | SSA variable a2 |
-| test.py:609:6:609:17 | ControlFlowNode for List [Tuple element at index 2] | test.py:609:15:609:16 | SSA variable a3 |
-| test.py:609:6:609:17 | IterableElement | test.py:609:6:609:17 | ControlFlowNode for List [Tuple element at index 0] |
-| test.py:609:6:609:17 | IterableElement | test.py:609:6:609:17 | ControlFlowNode for List [Tuple element at index 1] |
-| test.py:609:6:609:17 | IterableElement | test.py:609:6:609:17 | ControlFlowNode for List [Tuple element at index 2] |
-| test.py:609:6:609:17 | IterableSequence [List element] | test.py:609:6:609:17 | IterableElement |
-| test.py:609:6:609:23 | ControlFlowNode for Tuple [Tuple element at index 0, List element] | test.py:609:6:609:17 | IterableSequence [List element] |
-| test.py:609:6:609:23 | IterableElement [List element] | test.py:609:6:609:23 | ControlFlowNode for Tuple [Tuple element at index 0, List element] |
-| test.py:609:6:609:23 | IterableSequence [List element, List element] | test.py:609:6:609:23 | IterableElement [List element] |
-| test.py:609:7:609:8 | SSA variable a1 | test.py:610:10:610:11 | ControlFlowNode for a1 |
-| test.py:609:11:609:12 | SSA variable a2 | test.py:611:12:611:13 | ControlFlowNode for a2 |
-| test.py:609:15:609:16 | SSA variable a3 | test.py:612:10:612:11 | ControlFlowNode for a3 |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] | test.py:621:5:621:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 0] |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] | test.py:630:6:630:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] | test.py:639:5:639:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 0] |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] | test.py:648:6:648:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] | test.py:621:5:621:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 2] |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] | test.py:630:6:630:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] | test.py:639:5:639:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 2] |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] | test.py:648:6:648:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] |
-| test.py:618:12:618:17 | ControlFlowNode for SOURCE | test.py:618:12:618:36 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:618:12:618:36 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] |
-| test.py:618:12:618:36 | ControlFlowNode for Tuple [Tuple element at index 2] | test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] |
-| test.py:618:31:618:36 | ControlFlowNode for SOURCE | test.py:618:12:618:36 | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:621:5:621:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 0] | test.py:621:6:621:14 | IterableSequence [Tuple element at index 0] |
-| test.py:621:5:621:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 2] | test.py:621:6:621:14 | IterableSequence [Tuple element at index 2] |
-| test.py:621:6:621:14 | ControlFlowNode for List [Tuple element at index 0] | test.py:621:7:621:8 | SSA variable a1 |
-| test.py:621:6:621:14 | ControlFlowNode for List [Tuple element at index 2] | test.py:621:11:621:13 | IterableElement |
-| test.py:621:6:621:14 | IterableSequence [Tuple element at index 0] | test.py:621:6:621:14 | ControlFlowNode for List [Tuple element at index 0] |
-| test.py:621:6:621:14 | IterableSequence [Tuple element at index 2] | test.py:621:6:621:14 | ControlFlowNode for List [Tuple element at index 2] |
-| test.py:621:7:621:8 | SSA variable a1 | test.py:622:10:622:11 | ControlFlowNode for a1 |
-| test.py:621:11:621:13 | IterableElement | test.py:621:11:621:13 | SSA variable a2 [List element] |
-| test.py:621:11:621:13 | SSA variable a2 [List element] | test.py:624:12:624:13 | ControlFlowNode for a2 [List element] |
-| test.py:621:11:621:13 | SSA variable a2 [List element] | test.py:625:10:625:11 | ControlFlowNode for a2 [List element] |
-| test.py:624:12:624:13 | ControlFlowNode for a2 [List element] | test.py:624:12:624:16 | ControlFlowNode for Subscript |
-| test.py:625:10:625:11 | ControlFlowNode for a2 [List element] | test.py:625:10:625:14 | ControlFlowNode for Subscript |
-| test.py:630:6:630:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] | test.py:630:7:630:13 | IterableSequence [Tuple element at index 0] |
-| test.py:630:6:630:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] | test.py:630:7:630:13 | IterableSequence [Tuple element at index 2] |
-| test.py:630:7:630:8 | SSA variable a1 | test.py:631:10:631:11 | ControlFlowNode for a1 |
-| test.py:630:7:630:13 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:630:7:630:8 | SSA variable a1 |
-| test.py:630:7:630:13 | ControlFlowNode for Tuple [Tuple element at index 2] | test.py:630:11:630:13 | IterableElement |
-| test.py:630:7:630:13 | IterableSequence [Tuple element at index 0] | test.py:630:7:630:13 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:630:7:630:13 | IterableSequence [Tuple element at index 2] | test.py:630:7:630:13 | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:630:11:630:13 | IterableElement | test.py:630:11:630:13 | SSA variable a2 [List element] |
-| test.py:630:11:630:13 | SSA variable a2 [List element] | test.py:633:12:633:13 | ControlFlowNode for a2 [List element] |
-| test.py:630:11:630:13 | SSA variable a2 [List element] | test.py:634:10:634:11 | ControlFlowNode for a2 [List element] |
-| test.py:633:12:633:13 | ControlFlowNode for a2 [List element] | test.py:633:12:633:16 | ControlFlowNode for Subscript |
-| test.py:634:10:634:11 | ControlFlowNode for a2 [List element] | test.py:634:10:634:14 | ControlFlowNode for Subscript |
-| test.py:639:5:639:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 0] | test.py:639:7:639:13 | IterableSequence [Tuple element at index 0] |
-| test.py:639:5:639:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 2] | test.py:639:7:639:13 | IterableSequence [Tuple element at index 2] |
-| test.py:639:7:639:8 | SSA variable a1 | test.py:640:10:640:11 | ControlFlowNode for a1 |
-| test.py:639:7:639:13 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:639:7:639:8 | SSA variable a1 |
-| test.py:639:7:639:13 | ControlFlowNode for Tuple [Tuple element at index 2] | test.py:639:11:639:13 | IterableElement |
-| test.py:639:7:639:13 | IterableSequence [Tuple element at index 0] | test.py:639:7:639:13 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:639:7:639:13 | IterableSequence [Tuple element at index 2] | test.py:639:7:639:13 | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:639:11:639:13 | IterableElement | test.py:639:11:639:13 | SSA variable a2 [List element] |
-| test.py:639:11:639:13 | SSA variable a2 [List element] | test.py:642:12:642:13 | ControlFlowNode for a2 [List element] |
-| test.py:639:11:639:13 | SSA variable a2 [List element] | test.py:643:10:643:11 | ControlFlowNode for a2 [List element] |
-| test.py:642:12:642:13 | ControlFlowNode for a2 [List element] | test.py:642:12:642:16 | ControlFlowNode for Subscript |
-| test.py:643:10:643:11 | ControlFlowNode for a2 [List element] | test.py:643:10:643:14 | ControlFlowNode for Subscript |
-| test.py:648:6:648:14 | ControlFlowNode for List [Tuple element at index 0] | test.py:648:7:648:8 | SSA variable a1 |
-| test.py:648:6:648:14 | ControlFlowNode for List [Tuple element at index 2] | test.py:648:11:648:13 | IterableElement |
-| test.py:648:6:648:14 | IterableSequence [Tuple element at index 0] | test.py:648:6:648:14 | ControlFlowNode for List [Tuple element at index 0] |
-| test.py:648:6:648:14 | IterableSequence [Tuple element at index 2] | test.py:648:6:648:14 | ControlFlowNode for List [Tuple element at index 2] |
-| test.py:648:6:648:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] | test.py:648:6:648:14 | IterableSequence [Tuple element at index 0] |
-| test.py:648:6:648:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] | test.py:648:6:648:14 | IterableSequence [Tuple element at index 2] |
-| test.py:648:7:648:8 | SSA variable a1 | test.py:649:10:649:11 | ControlFlowNode for a1 |
-| test.py:648:11:648:13 | IterableElement | test.py:648:11:648:13 | SSA variable a2 [List element] |
-| test.py:648:11:648:13 | SSA variable a2 [List element] | test.py:651:12:651:13 | ControlFlowNode for a2 [List element] |
-| test.py:648:11:648:13 | SSA variable a2 [List element] | test.py:652:10:652:11 | ControlFlowNode for a2 [List element] |
-| test.py:651:12:651:13 | ControlFlowNode for a2 [List element] | test.py:651:12:651:16 | ControlFlowNode for Subscript |
-| test.py:652:10:652:11 | ControlFlowNode for a2 [List element] | test.py:652:10:652:14 | ControlFlowNode for Subscript |
-| test.py:659:19:659:24 | ControlFlowNode for SOURCE | test.py:660:10:660:10 | ControlFlowNode for a |
-| test.py:667:10:667:51 | ControlFlowNode for List [List element, Tuple element at index 0] | test.py:668:16:668:17 | ControlFlowNode for tl [List element, Tuple element at index 0] |
-| test.py:667:12:667:17 | ControlFlowNode for SOURCE | test.py:667:12:667:28 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:667:12:667:28 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:667:10:667:51 | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:667:33:667:38 | ControlFlowNode for SOURCE | test.py:667:33:667:49 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:667:33:667:49 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:667:10:667:51 | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:668:9:668:9 | SSA variable x | test.py:669:14:669:14 | ControlFlowNode for x |
-| test.py:668:9:668:11 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:668:9:668:9 | SSA variable x |
-| test.py:668:9:668:11 | IterableSequence [Tuple element at index 0] | test.py:668:9:668:11 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:668:16:668:17 | ControlFlowNode for tl [List element, Tuple element at index 0] | test.py:668:9:668:11 | IterableSequence [Tuple element at index 0] |
-| test.py:675:10:675:51 | ControlFlowNode for List [List element, Tuple element at index 0] | test.py:676:17:676:18 | ControlFlowNode for tl [List element, Tuple element at index 0] |
-| test.py:675:12:675:17 | ControlFlowNode for SOURCE | test.py:675:12:675:28 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:675:12:675:28 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:675:10:675:51 | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:675:33:675:38 | ControlFlowNode for SOURCE | test.py:675:33:675:49 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:675:33:675:49 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:675:10:675:51 | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:676:9:676:10 | IterableElement | test.py:676:9:676:10 | SSA variable x [List element] |
-| test.py:676:9:676:10 | SSA variable x [List element] | test.py:678:14:678:14 | ControlFlowNode for x [List element] |
-| test.py:676:9:676:12 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:676:9:676:10 | IterableElement |
-| test.py:676:9:676:12 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:676:12:676:12 | SSA variable y |
-| test.py:676:9:676:12 | IterableSequence [Tuple element at index 0] | test.py:676:9:676:12 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:676:12:676:12 | SSA variable y | test.py:679:16:679:16 | ControlFlowNode for y |
-| test.py:676:17:676:18 | ControlFlowNode for tl [List element, Tuple element at index 0] | test.py:676:9:676:12 | IterableSequence [Tuple element at index 0] |
-| test.py:678:14:678:14 | ControlFlowNode for x [List element] | test.py:678:14:678:17 | ControlFlowNode for Subscript |
-| test.py:684:10:684:51 | ControlFlowNode for List [List element, Tuple element at index 0] | test.py:685:19:685:20 | ControlFlowNode for tl [List element, Tuple element at index 0] |
-| test.py:684:12:684:17 | ControlFlowNode for SOURCE | test.py:684:12:684:28 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:684:12:684:28 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:684:10:684:51 | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:684:33:684:38 | ControlFlowNode for SOURCE | test.py:684:33:684:49 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:684:33:684:49 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:684:10:684:51 | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:685:9:685:9 | SSA variable x | test.py:686:14:686:14 | ControlFlowNode for x |
-| test.py:685:9:685:14 | ControlFlowNode for Tuple [Tuple element at index 0] | test.py:685:9:685:9 | SSA variable x |
-| test.py:685:9:685:14 | IterableSequence [Tuple element at index 0] | test.py:685:9:685:14 | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:685:19:685:20 | ControlFlowNode for tl [List element, Tuple element at index 0] | test.py:685:9:685:14 | IterableSequence [Tuple element at index 0] |
-| test.py:690:39:690:42 | ControlFlowNode for args [Tuple element at index 0] | test.py:691:14:691:17 | ControlFlowNode for args [Tuple element at index 0] |
-| test.py:690:39:690:42 | ControlFlowNode for args [Tuple element at index 1] | test.py:691:14:691:17 | ControlFlowNode for args [Tuple element at index 1] |
-| test.py:691:7:691:9 | SSA variable arg | test.py:692:10:692:12 | ControlFlowNode for arg |
-| test.py:691:14:691:17 | ControlFlowNode for args [Tuple element at index 0] | test.py:691:7:691:9 | SSA variable arg |
-| test.py:691:14:691:17 | ControlFlowNode for args [Tuple element at index 1] | test.py:691:7:691:9 | SSA variable arg |
-| test.py:697:7:697:12 | ControlFlowNode for SOURCE | test.py:698:51:698:51 | ControlFlowNode for s |
-| test.py:698:3:698:52 | PosOverflowNode for iterate_star_args() [Tuple element at index 0] | test.py:690:39:690:42 | ControlFlowNode for args [Tuple element at index 0] |
-| test.py:698:3:698:52 | PosOverflowNode for iterate_star_args() [Tuple element at index 1] | test.py:690:39:690:42 | ControlFlowNode for args [Tuple element at index 1] |
-| test.py:698:43:698:48 | ControlFlowNode for SOURCE | test.py:698:3:698:52 | PosOverflowNode for iterate_star_args() [Tuple element at index 0] |
-| test.py:698:51:698:51 | ControlFlowNode for s | test.py:698:3:698:52 | PosOverflowNode for iterate_star_args() [Tuple element at index 1] |
-| test.py:769:16:769:21 | ControlFlowNode for SOURCE | test.py:772:10:772:36 | ControlFlowNode for return_from_inner_scope() |
-| test.py:807:35:807:35 | ControlFlowNode for x | test.py:808:10:808:10 | ControlFlowNode for x |
-| test.py:807:37:807:42 | ControlFlowNode for SOURCE | test.py:807:35:807:35 | ControlFlowNode for x |
-| test.py:807:48:807:48 | ControlFlowNode for y | test.py:809:10:809:10 | ControlFlowNode for y |
-| test.py:807:50:807:55 | ControlFlowNode for SOURCE | test.py:807:48:807:48 | ControlFlowNode for y |
-| test.py:807:61:807:61 | ControlFlowNode for z | test.py:810:10:810:10 | ControlFlowNode for z |
-| test.py:807:63:807:68 | ControlFlowNode for SOURCE | test.py:807:61:807:61 | ControlFlowNode for z |
-nodes
-| datamodel.py:35:7:35:7 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| datamodel.py:36:10:36:10 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| datamodel.py:38:6:38:17 | ControlFlowNode for f() | semmle.label | ControlFlowNode for f() |
-| datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:44:22:44:22 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| datamodel.py:46:16:46:16 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| datamodel.py:49:26:49:26 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| datamodel.py:50:16:50:16 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| datamodel.py:53:22:53:22 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| datamodel.py:54:16:54:16 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:161:5:161:8 | [post store] ControlFlowNode for self [Attribute b] | semmle.label | [post store] ControlFlowNode for self [Attribute b] |
-| datamodel.py:161:14:161:19 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:164:14:164:25 | ControlFlowNode for Customized() [Attribute b] | semmle.label | ControlFlowNode for Customized() [Attribute b] |
-| datamodel.py:168:6:168:15 | ControlFlowNode for customized [Attribute b] | semmle.label | ControlFlowNode for customized [Attribute b] |
-| datamodel.py:168:6:168:17 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
-| test.py:42:10:42:26 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:42:21:42:26 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:43:9:43:9 | ControlFlowNode for x [Tuple element at index 1] | semmle.label | ControlFlowNode for x [Tuple element at index 1] |
-| test.py:43:9:43:12 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:44:10:44:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:55:9:55:14 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:56:10:56:10 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:61:9:61:16 | ControlFlowNode for Str | semmle.label | ControlFlowNode for Str |
-| test.py:62:10:62:10 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:66:9:66:17 | ControlFlowNode for Str | semmle.label | ControlFlowNode for Str |
-| test.py:67:10:67:10 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:71:9:71:10 | ControlFlowNode for IntegerLiteral | semmle.label | ControlFlowNode for IntegerLiteral |
-| test.py:72:10:72:10 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:76:9:76:12 | ControlFlowNode for FloatLiteral | semmle.label | ControlFlowNode for FloatLiteral |
-| test.py:77:10:77:10 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:87:10:87:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:88:10:88:10 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:93:9:93:16 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:93:10:93:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:94:10:94:10 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:94:10:94:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:103:9:103:37 | ControlFlowNode for ListComp [List element] | semmle.label | ControlFlowNode for ListComp [List element] |
-| test.py:103:10:103:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:104:10:104:10 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:104:10:104:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:108:9:108:29 | ControlFlowNode for ListComp [List element] | semmle.label | ControlFlowNode for ListComp [List element] |
-| test.py:108:10:108:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:108:16:108:16 | SSA variable y | semmle.label | SSA variable y |
-| test.py:108:21:108:28 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:108:22:108:27 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:109:10:109:10 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:109:10:109:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:113:9:113:16 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:113:10:113:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:114:9:114:22 | ControlFlowNode for ListComp [List element] | semmle.label | ControlFlowNode for ListComp [List element] |
-| test.py:114:10:114:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:114:16:114:16 | SSA variable y | semmle.label | SSA variable y |
-| test.py:114:21:114:21 | ControlFlowNode for l [List element] | semmle.label | ControlFlowNode for l [List element] |
-| test.py:115:10:115:10 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:115:10:115:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:125:9:125:16 | ControlFlowNode for Set [Set element] | semmle.label | ControlFlowNode for Set [Set element] |
-| test.py:125:10:125:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:126:10:126:10 | ControlFlowNode for x [Set element] | semmle.label | ControlFlowNode for x [Set element] |
-| test.py:126:10:126:16 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| test.py:130:9:130:37 | ControlFlowNode for SetComp [Set element] | semmle.label | ControlFlowNode for SetComp [Set element] |
-| test.py:130:10:130:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:131:10:131:10 | ControlFlowNode for x [Set element] | semmle.label | ControlFlowNode for x [Set element] |
-| test.py:131:10:131:16 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| test.py:135:9:135:29 | ControlFlowNode for SetComp [Set element] | semmle.label | ControlFlowNode for SetComp [Set element] |
-| test.py:135:10:135:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:135:16:135:16 | SSA variable y | semmle.label | SSA variable y |
-| test.py:135:21:135:28 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:135:22:135:27 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:136:10:136:10 | ControlFlowNode for x [Set element] | semmle.label | ControlFlowNode for x [Set element] |
-| test.py:136:10:136:16 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| test.py:140:9:140:16 | ControlFlowNode for Set [Set element] | semmle.label | ControlFlowNode for Set [Set element] |
-| test.py:140:10:140:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:141:9:141:22 | ControlFlowNode for SetComp [Set element] | semmle.label | ControlFlowNode for SetComp [Set element] |
-| test.py:141:10:141:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:141:16:141:16 | SSA variable y | semmle.label | SSA variable y |
-| test.py:141:21:141:21 | ControlFlowNode for l [Set element] | semmle.label | ControlFlowNode for l [Set element] |
-| test.py:142:10:142:10 | ControlFlowNode for x [Set element] | semmle.label | ControlFlowNode for x [Set element] |
-| test.py:142:10:142:16 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| test.py:152:9:152:21 | ControlFlowNode for Dict [Dictionary element at key s] | semmle.label | ControlFlowNode for Dict [Dictionary element at key s] |
-| test.py:152:15:152:20 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:153:10:153:10 | ControlFlowNode for x [Dictionary element at key s] | semmle.label | ControlFlowNode for x [Dictionary element at key s] |
-| test.py:153:10:153:15 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:157:9:157:21 | ControlFlowNode for Dict [Dictionary element at key s] | semmle.label | ControlFlowNode for Dict [Dictionary element at key s] |
-| test.py:157:15:157:20 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:158:10:158:10 | ControlFlowNode for x [Dictionary element at key s] | semmle.label | ControlFlowNode for x [Dictionary element at key s] |
-| test.py:158:10:158:19 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| test.py:183:9:183:42 | ControlFlowNode for ListComp [List element] | semmle.label | ControlFlowNode for ListComp [List element] |
-| test.py:183:10:183:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:183:16:183:16 | SSA variable z [List element] | semmle.label | SSA variable z [List element] |
-| test.py:183:21:183:30 | ControlFlowNode for List [List element, List element] | semmle.label | ControlFlowNode for List [List element, List element] |
-| test.py:183:22:183:29 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:183:23:183:28 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:183:36:183:36 | SSA variable y | semmle.label | SSA variable y |
-| test.py:183:41:183:41 | ControlFlowNode for z [List element] | semmle.label | ControlFlowNode for z [List element] |
-| test.py:184:10:184:10 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:184:10:184:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:188:9:188:68 | ControlFlowNode for ListComp [List element] | semmle.label | ControlFlowNode for ListComp [List element] |
-| test.py:188:10:188:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:188:16:188:16 | SSA variable v [List element, List element, List element] | semmle.label | SSA variable v [List element, List element, List element] |
-| test.py:188:21:188:34 | ControlFlowNode for List [List element, List element, List element, List element] | semmle.label | ControlFlowNode for List [List element, List element, List element, List element] |
-| test.py:188:22:188:33 | ControlFlowNode for List [List element, List element, List element] | semmle.label | ControlFlowNode for List [List element, List element, List element] |
-| test.py:188:23:188:32 | ControlFlowNode for List [List element, List element] | semmle.label | ControlFlowNode for List [List element, List element] |
-| test.py:188:24:188:31 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:188:25:188:30 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:188:40:188:40 | SSA variable u [List element, List element] | semmle.label | SSA variable u [List element, List element] |
-| test.py:188:45:188:45 | ControlFlowNode for v [List element, List element, List element] | semmle.label | ControlFlowNode for v [List element, List element, List element] |
-| test.py:188:51:188:51 | SSA variable z [List element] | semmle.label | SSA variable z [List element] |
-| test.py:188:56:188:56 | ControlFlowNode for u [List element, List element] | semmle.label | ControlFlowNode for u [List element, List element] |
-| test.py:188:62:188:62 | SSA variable y | semmle.label | SSA variable y |
-| test.py:188:67:188:67 | ControlFlowNode for z [List element] | semmle.label | ControlFlowNode for z [List element] |
-| test.py:189:10:189:10 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:189:10:189:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:199:9:199:42 | ControlFlowNode for ListComp [List element] | semmle.label | ControlFlowNode for ListComp [List element] |
-| test.py:199:10:199:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:199:16:199:16 | SSA variable y | semmle.label | SSA variable y |
-| test.py:199:22:199:22 | ControlFlowNode for z | semmle.label | ControlFlowNode for z |
-| test.py:199:22:199:40 | ControlFlowNode for GeneratorExp [List element] | semmle.label | ControlFlowNode for GeneratorExp [List element] |
-| test.py:199:28:199:28 | SSA variable z | semmle.label | SSA variable z |
-| test.py:199:33:199:40 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:199:34:199:39 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:200:10:200:10 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:200:10:200:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:205:9:205:47 | ControlFlowNode for ListComp [List element] | semmle.label | ControlFlowNode for ListComp [List element] |
-| test.py:205:10:205:10 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| test.py:205:17:205:17 | SSA variable a | semmle.label | SSA variable a |
-| test.py:205:17:205:20 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:205:17:205:20 | IterableSequence [Tuple element at index 0] | semmle.label | IterableSequence [Tuple element at index 0] |
-| test.py:205:26:205:46 | ControlFlowNode for List [List element, Tuple element at index 0] | semmle.label | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:205:28:205:33 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:205:28:205:44 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:206:10:206:10 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:206:10:206:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:210:9:210:51 | ControlFlowNode for ListComp [List element] | semmle.label | ControlFlowNode for ListComp [List element] |
-| test.py:210:10:210:10 | ControlFlowNode for a [List element] | semmle.label | ControlFlowNode for a [List element] |
-| test.py:210:10:210:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:210:20:210:21 | IterableElement | semmle.label | IterableElement |
-| test.py:210:20:210:21 | SSA variable a [List element] | semmle.label | SSA variable a [List element] |
-| test.py:210:20:210:24 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:210:20:210:24 | IterableSequence [Tuple element at index 0] | semmle.label | IterableSequence [Tuple element at index 0] |
-| test.py:210:30:210:50 | ControlFlowNode for List [List element, Tuple element at index 0] | semmle.label | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:210:32:210:37 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:210:32:210:48 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:211:10:211:10 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:211:10:211:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:349:10:349:21 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:349:11:349:16 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:349:11:349:17 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:353:10:353:17 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:353:10:353:20 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:353:11:353:16 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:357:10:357:22 | ControlFlowNode for Dict [Dictionary element at key s] | semmle.label | ControlFlowNode for Dict [Dictionary element at key s] |
-| test.py:357:10:357:27 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:357:16:357:21 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:375:15:375:15 | ControlFlowNode for b | semmle.label | ControlFlowNode for b |
-| test.py:376:12:376:12 | ControlFlowNode for b | semmle.label | ControlFlowNode for b |
-| test.py:380:10:380:34 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
-| test.py:380:28:380:33 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:388:10:388:36 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
-| test.py:388:30:388:35 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:396:10:396:43 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
-| test.py:396:10:396:43 | KwUnpacked b | semmle.label | KwUnpacked b |
-| test.py:396:30:396:42 | ControlFlowNode for Dict [Dictionary element at key b] | semmle.label | ControlFlowNode for Dict [Dictionary element at key b] |
-| test.py:396:36:396:41 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:399:21:399:21 | ControlFlowNode for b [Tuple element at index 0] | semmle.label | ControlFlowNode for b [Tuple element at index 0] |
-| test.py:400:12:400:12 | ControlFlowNode for b [Tuple element at index 0] | semmle.label | ControlFlowNode for b [Tuple element at index 0] |
-| test.py:400:12:400:15 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:404:10:404:39 | ControlFlowNode for f_extra_pos() | semmle.label | ControlFlowNode for f_extra_pos() |
-| test.py:404:10:404:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] | semmle.label | PosOverflowNode for f_extra_pos() [Tuple element at index 0] |
-| test.py:404:33:404:38 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:407:26:407:26 | ControlFlowNode for b [Dictionary element at key b] | semmle.label | ControlFlowNode for b [Dictionary element at key b] |
-| test.py:408:12:408:12 | ControlFlowNode for b [Dictionary element at key b] | semmle.label | ControlFlowNode for b [Dictionary element at key b] |
-| test.py:408:12:408:17 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:412:10:412:45 | ControlFlowNode for f_extra_keyword() | semmle.label | ControlFlowNode for f_extra_keyword() |
-| test.py:412:10:412:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] | semmle.label | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] |
-| test.py:412:39:412:44 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:429:10:429:20 | ControlFlowNode for BoolExpr | semmle.label | ControlFlowNode for BoolExpr |
-| test.py:429:15:429:20 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:434:10:434:21 | ControlFlowNode for BoolExpr | semmle.label | ControlFlowNode for BoolExpr |
-| test.py:434:16:434:21 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:445:10:445:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:445:10:445:38 | ControlFlowNode for IfExp | semmle.label | ControlFlowNode for IfExp |
-| test.py:453:10:453:39 | ControlFlowNode for IfExp | semmle.label | ControlFlowNode for IfExp |
-| test.py:453:34:453:39 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:474:11:474:11 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:475:16:475:16 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:477:10:477:18 | ControlFlowNode for f() | semmle.label | ControlFlowNode for f() |
-| test.py:477:12:477:17 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:481:19:481:19 | ControlFlowNode for b | semmle.label | ControlFlowNode for b |
-| test.py:482:16:482:16 | ControlFlowNode for b | semmle.label | ControlFlowNode for b |
-| test.py:484:10:484:34 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
-| test.py:484:28:484:33 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:495:19:495:19 | ControlFlowNode for b | semmle.label | ControlFlowNode for b |
-| test.py:496:16:496:16 | ControlFlowNode for b | semmle.label | ControlFlowNode for b |
-| test.py:498:10:498:36 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
-| test.py:498:30:498:35 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:509:19:509:19 | ControlFlowNode for b | semmle.label | ControlFlowNode for b |
-| test.py:510:16:510:16 | ControlFlowNode for b | semmle.label | ControlFlowNode for b |
-| test.py:512:10:512:43 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
-| test.py:512:10:512:43 | KwUnpacked b | semmle.label | KwUnpacked b |
-| test.py:512:30:512:42 | ControlFlowNode for Dict [Dictionary element at key b] | semmle.label | ControlFlowNode for Dict [Dictionary element at key b] |
-| test.py:512:36:512:41 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:516:30:516:30 | ControlFlowNode for b [Tuple element at index 0] | semmle.label | ControlFlowNode for b [Tuple element at index 0] |
-| test.py:516:33:516:33 | ControlFlowNode for b [Tuple element at index 0] | semmle.label | ControlFlowNode for b [Tuple element at index 0] |
-| test.py:516:33:516:36 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:517:10:517:39 | ControlFlowNode for f_extra_pos() | semmle.label | ControlFlowNode for f_extra_pos() |
-| test.py:517:10:517:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] | semmle.label | PosOverflowNode for f_extra_pos() [Tuple element at index 0] |
-| test.py:517:33:517:38 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:521:35:521:35 | ControlFlowNode for b [Dictionary element at key b] | semmle.label | ControlFlowNode for b [Dictionary element at key b] |
-| test.py:521:38:521:38 | ControlFlowNode for b [Dictionary element at key b] | semmle.label | ControlFlowNode for b [Dictionary element at key b] |
-| test.py:521:38:521:43 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:522:10:522:45 | ControlFlowNode for f_extra_keyword() | semmle.label | ControlFlowNode for f_extra_keyword() |
-| test.py:522:10:522:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] | semmle.label | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] |
-| test.py:522:39:522:44 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:534:9:534:14 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:536:10:536:10 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| test.py:541:10:541:10 | ControlFlowNode for b | semmle.label | ControlFlowNode for b |
-| test.py:546:10:546:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:546:10:546:26 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:547:5:547:5 | SSA variable a | semmle.label | SSA variable a |
-| test.py:547:5:547:8 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:548:10:548:10 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| test.py:554:10:554:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:554:10:554:36 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:554:10:554:36 | ControlFlowNode for Tuple [Tuple element at index 1, Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1, Tuple element at index 1] |
-| test.py:554:19:554:35 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:554:30:554:35 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:555:5:555:5 | SSA variable a | semmle.label | SSA variable a |
-| test.py:555:5:555:13 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:555:5:555:13 | ControlFlowNode for Tuple [Tuple element at index 1, Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1, Tuple element at index 1] |
-| test.py:555:9:555:12 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:555:9:555:12 | IterableSequence [Tuple element at index 1] | semmle.label | IterableSequence [Tuple element at index 1] |
-| test.py:555:12:555:12 | SSA variable c | semmle.label | SSA variable c |
-| test.py:556:10:556:10 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| test.py:558:10:558:10 | ControlFlowNode for c | semmle.label | ControlFlowNode for c |
-| test.py:563:9:563:33 | ControlFlowNode for List [List element, List element, List element, List element] | semmle.label | ControlFlowNode for List [List element, List element, List element, List element] |
-| test.py:563:10:563:21 | ControlFlowNode for List [List element, List element, List element] | semmle.label | ControlFlowNode for List [List element, List element, List element] |
-| test.py:563:11:563:20 | ControlFlowNode for List [List element, List element] | semmle.label | ControlFlowNode for List [List element, List element] |
-| test.py:563:12:563:19 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:563:13:563:18 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:564:5:564:11 | ControlFlowNode for List [Tuple element at index 0, List element, List element] | semmle.label | ControlFlowNode for List [Tuple element at index 0, List element, List element] |
-| test.py:564:5:564:11 | IterableElement [List element, List element] | semmle.label | IterableElement [List element, List element] |
-| test.py:564:5:564:11 | IterableSequence [List element, List element, List element] | semmle.label | IterableSequence [List element, List element, List element] |
-| test.py:564:5:564:14 | ControlFlowNode for Tuple [Tuple element at index 0, List element, List element, List element] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0, List element, List element, List element] |
-| test.py:564:5:564:14 | IterableElement [List element, List element, List element] | semmle.label | IterableElement [List element, List element, List element] |
-| test.py:564:5:564:14 | IterableSequence [List element, List element, List element, List element] | semmle.label | IterableSequence [List element, List element, List element, List element] |
-| test.py:564:6:564:10 | ControlFlowNode for List [Tuple element at index 0, List element] | semmle.label | ControlFlowNode for List [Tuple element at index 0, List element] |
-| test.py:564:6:564:10 | IterableElement [List element] | semmle.label | IterableElement [List element] |
-| test.py:564:6:564:10 | IterableSequence [List element, List element] | semmle.label | IterableSequence [List element, List element] |
-| test.py:564:7:564:9 | ControlFlowNode for List [Tuple element at index 0] | semmle.label | ControlFlowNode for List [Tuple element at index 0] |
-| test.py:564:7:564:9 | IterableElement | semmle.label | IterableElement |
-| test.py:564:7:564:9 | IterableSequence [List element] | semmle.label | IterableSequence [List element] |
-| test.py:564:8:564:8 | SSA variable a | semmle.label | SSA variable a |
-| test.py:565:10:565:10 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| test.py:571:10:571:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:571:10:571:34 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:571:10:571:34 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:571:18:571:23 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:572:5:572:5 | SSA variable a | semmle.label | SSA variable a |
-| test.py:572:5:572:12 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:572:5:572:12 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:572:8:572:9 | IterableElement | semmle.label | IterableElement |
-| test.py:572:8:572:9 | SSA variable b [List element] | semmle.label | SSA variable b [List element] |
-| test.py:572:12:572:12 | SSA variable c | semmle.label | SSA variable c |
-| test.py:573:10:573:10 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| test.py:575:10:575:10 | ControlFlowNode for b [List element] | semmle.label | ControlFlowNode for b [List element] |
-| test.py:575:10:575:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:576:12:576:12 | ControlFlowNode for c | semmle.label | ControlFlowNode for c |
-| test.py:581:10:581:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:581:10:581:23 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:581:10:581:23 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:581:18:581:23 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:582:5:582:5 | SSA variable a | semmle.label | SSA variable a |
-| test.py:582:5:582:12 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:582:5:582:12 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:582:12:582:12 | SSA variable c | semmle.label | SSA variable c |
-| test.py:583:10:583:10 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| test.py:585:10:585:10 | ControlFlowNode for c | semmle.label | ControlFlowNode for c |
-| test.py:590:10:590:61 | ControlFlowNode for List [List element, List element] | semmle.label | ControlFlowNode for List [List element, List element] |
-| test.py:590:11:590:37 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:590:12:590:17 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:590:31:590:36 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:590:40:590:47 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
-| test.py:590:41:590:46 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:593:6:593:23 | ControlFlowNode for Tuple [Tuple element at index 0, List element] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0, List element] |
-| test.py:593:6:593:23 | IterableElement [List element] | semmle.label | IterableElement [List element] |
-| test.py:593:6:593:23 | IterableSequence [List element, List element] | semmle.label | IterableSequence [List element, List element] |
-| test.py:593:7:593:8 | SSA variable a1 | semmle.label | SSA variable a1 |
-| test.py:593:7:593:16 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:593:7:593:16 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:593:7:593:16 | ControlFlowNode for Tuple [Tuple element at index 2] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:593:7:593:16 | IterableElement | semmle.label | IterableElement |
-| test.py:593:7:593:16 | IterableSequence [List element] | semmle.label | IterableSequence [List element] |
-| test.py:593:11:593:12 | SSA variable a2 | semmle.label | SSA variable a2 |
-| test.py:593:15:593:16 | SSA variable a3 | semmle.label | SSA variable a3 |
-| test.py:594:10:594:11 | ControlFlowNode for a1 | semmle.label | ControlFlowNode for a1 |
-| test.py:595:12:595:13 | ControlFlowNode for a2 | semmle.label | ControlFlowNode for a2 |
-| test.py:596:10:596:11 | ControlFlowNode for a3 | semmle.label | ControlFlowNode for a3 |
-| test.py:601:5:601:24 | ControlFlowNode for List [Tuple element at index 0, List element] | semmle.label | ControlFlowNode for List [Tuple element at index 0, List element] |
-| test.py:601:5:601:24 | IterableElement [List element] | semmle.label | IterableElement [List element] |
-| test.py:601:5:601:24 | IterableSequence [List element, List element] | semmle.label | IterableSequence [List element, List element] |
-| test.py:601:7:601:8 | SSA variable a1 | semmle.label | SSA variable a1 |
-| test.py:601:7:601:16 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:601:7:601:16 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
-| test.py:601:7:601:16 | ControlFlowNode for Tuple [Tuple element at index 2] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:601:7:601:16 | IterableElement | semmle.label | IterableElement |
-| test.py:601:7:601:16 | IterableSequence [List element] | semmle.label | IterableSequence [List element] |
-| test.py:601:11:601:12 | SSA variable a2 | semmle.label | SSA variable a2 |
-| test.py:601:15:601:16 | SSA variable a3 | semmle.label | SSA variable a3 |
-| test.py:602:10:602:11 | ControlFlowNode for a1 | semmle.label | ControlFlowNode for a1 |
-| test.py:603:12:603:13 | ControlFlowNode for a2 | semmle.label | ControlFlowNode for a2 |
-| test.py:604:10:604:11 | ControlFlowNode for a3 | semmle.label | ControlFlowNode for a3 |
-| test.py:609:6:609:17 | ControlFlowNode for List [Tuple element at index 0] | semmle.label | ControlFlowNode for List [Tuple element at index 0] |
-| test.py:609:6:609:17 | ControlFlowNode for List [Tuple element at index 1] | semmle.label | ControlFlowNode for List [Tuple element at index 1] |
-| test.py:609:6:609:17 | ControlFlowNode for List [Tuple element at index 2] | semmle.label | ControlFlowNode for List [Tuple element at index 2] |
-| test.py:609:6:609:17 | IterableElement | semmle.label | IterableElement |
-| test.py:609:6:609:17 | IterableSequence [List element] | semmle.label | IterableSequence [List element] |
-| test.py:609:6:609:23 | ControlFlowNode for Tuple [Tuple element at index 0, List element] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0, List element] |
-| test.py:609:6:609:23 | IterableElement [List element] | semmle.label | IterableElement [List element] |
-| test.py:609:6:609:23 | IterableSequence [List element, List element] | semmle.label | IterableSequence [List element, List element] |
-| test.py:609:7:609:8 | SSA variable a1 | semmle.label | SSA variable a1 |
-| test.py:609:11:609:12 | SSA variable a2 | semmle.label | SSA variable a2 |
-| test.py:609:15:609:16 | SSA variable a3 | semmle.label | SSA variable a3 |
-| test.py:610:10:610:11 | ControlFlowNode for a1 | semmle.label | ControlFlowNode for a1 |
-| test.py:611:12:611:13 | ControlFlowNode for a2 | semmle.label | ControlFlowNode for a2 |
-| test.py:612:10:612:11 | ControlFlowNode for a3 | semmle.label | ControlFlowNode for a3 |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] |
-| test.py:618:11:618:47 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] |
-| test.py:618:12:618:17 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:618:12:618:36 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:618:12:618:36 | ControlFlowNode for Tuple [Tuple element at index 2] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:618:31:618:36 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:621:5:621:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 0] | semmle.label | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 0] |
-| test.py:621:5:621:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 2] | semmle.label | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 2] |
-| test.py:621:6:621:14 | ControlFlowNode for List [Tuple element at index 0] | semmle.label | ControlFlowNode for List [Tuple element at index 0] |
-| test.py:621:6:621:14 | ControlFlowNode for List [Tuple element at index 2] | semmle.label | ControlFlowNode for List [Tuple element at index 2] |
-| test.py:621:6:621:14 | IterableSequence [Tuple element at index 0] | semmle.label | IterableSequence [Tuple element at index 0] |
-| test.py:621:6:621:14 | IterableSequence [Tuple element at index 2] | semmle.label | IterableSequence [Tuple element at index 2] |
-| test.py:621:7:621:8 | SSA variable a1 | semmle.label | SSA variable a1 |
-| test.py:621:11:621:13 | IterableElement | semmle.label | IterableElement |
-| test.py:621:11:621:13 | SSA variable a2 [List element] | semmle.label | SSA variable a2 [List element] |
-| test.py:622:10:622:11 | ControlFlowNode for a1 | semmle.label | ControlFlowNode for a1 |
-| test.py:624:12:624:13 | ControlFlowNode for a2 [List element] | semmle.label | ControlFlowNode for a2 [List element] |
-| test.py:624:12:624:16 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:625:10:625:11 | ControlFlowNode for a2 [List element] | semmle.label | ControlFlowNode for a2 [List element] |
-| test.py:625:10:625:14 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:630:6:630:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] |
-| test.py:630:6:630:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] |
-| test.py:630:7:630:8 | SSA variable a1 | semmle.label | SSA variable a1 |
-| test.py:630:7:630:13 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:630:7:630:13 | ControlFlowNode for Tuple [Tuple element at index 2] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:630:7:630:13 | IterableSequence [Tuple element at index 0] | semmle.label | IterableSequence [Tuple element at index 0] |
-| test.py:630:7:630:13 | IterableSequence [Tuple element at index 2] | semmle.label | IterableSequence [Tuple element at index 2] |
-| test.py:630:11:630:13 | IterableElement | semmle.label | IterableElement |
-| test.py:630:11:630:13 | SSA variable a2 [List element] | semmle.label | SSA variable a2 [List element] |
-| test.py:631:10:631:11 | ControlFlowNode for a1 | semmle.label | ControlFlowNode for a1 |
-| test.py:633:12:633:13 | ControlFlowNode for a2 [List element] | semmle.label | ControlFlowNode for a2 [List element] |
-| test.py:633:12:633:16 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:634:10:634:11 | ControlFlowNode for a2 [List element] | semmle.label | ControlFlowNode for a2 [List element] |
-| test.py:634:10:634:14 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:639:5:639:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 0] | semmle.label | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 0] |
-| test.py:639:5:639:19 | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 2] | semmle.label | ControlFlowNode for List [Tuple element at index 0, Tuple element at index 2] |
-| test.py:639:7:639:8 | SSA variable a1 | semmle.label | SSA variable a1 |
-| test.py:639:7:639:13 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:639:7:639:13 | ControlFlowNode for Tuple [Tuple element at index 2] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 2] |
-| test.py:639:7:639:13 | IterableSequence [Tuple element at index 0] | semmle.label | IterableSequence [Tuple element at index 0] |
-| test.py:639:7:639:13 | IterableSequence [Tuple element at index 2] | semmle.label | IterableSequence [Tuple element at index 2] |
-| test.py:639:11:639:13 | IterableElement | semmle.label | IterableElement |
-| test.py:639:11:639:13 | SSA variable a2 [List element] | semmle.label | SSA variable a2 [List element] |
-| test.py:640:10:640:11 | ControlFlowNode for a1 | semmle.label | ControlFlowNode for a1 |
-| test.py:642:12:642:13 | ControlFlowNode for a2 [List element] | semmle.label | ControlFlowNode for a2 [List element] |
-| test.py:642:12:642:16 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:643:10:643:11 | ControlFlowNode for a2 [List element] | semmle.label | ControlFlowNode for a2 [List element] |
-| test.py:643:10:643:14 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:648:6:648:14 | ControlFlowNode for List [Tuple element at index 0] | semmle.label | ControlFlowNode for List [Tuple element at index 0] |
-| test.py:648:6:648:14 | ControlFlowNode for List [Tuple element at index 2] | semmle.label | ControlFlowNode for List [Tuple element at index 2] |
-| test.py:648:6:648:14 | IterableSequence [Tuple element at index 0] | semmle.label | IterableSequence [Tuple element at index 0] |
-| test.py:648:6:648:14 | IterableSequence [Tuple element at index 2] | semmle.label | IterableSequence [Tuple element at index 2] |
-| test.py:648:6:648:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 0] |
-| test.py:648:6:648:18 | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0, Tuple element at index 2] |
-| test.py:648:7:648:8 | SSA variable a1 | semmle.label | SSA variable a1 |
-| test.py:648:11:648:13 | IterableElement | semmle.label | IterableElement |
-| test.py:648:11:648:13 | SSA variable a2 [List element] | semmle.label | SSA variable a2 [List element] |
-| test.py:649:10:649:11 | ControlFlowNode for a1 | semmle.label | ControlFlowNode for a1 |
-| test.py:651:12:651:13 | ControlFlowNode for a2 [List element] | semmle.label | ControlFlowNode for a2 [List element] |
-| test.py:651:12:651:16 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:652:10:652:11 | ControlFlowNode for a2 [List element] | semmle.label | ControlFlowNode for a2 [List element] |
-| test.py:652:10:652:14 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:659:19:659:24 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:660:10:660:10 | ControlFlowNode for a | semmle.label | ControlFlowNode for a |
-| test.py:667:10:667:51 | ControlFlowNode for List [List element, Tuple element at index 0] | semmle.label | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:667:12:667:17 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:667:12:667:28 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:667:33:667:38 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:667:33:667:49 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:668:9:668:9 | SSA variable x | semmle.label | SSA variable x |
-| test.py:668:9:668:11 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:668:9:668:11 | IterableSequence [Tuple element at index 0] | semmle.label | IterableSequence [Tuple element at index 0] |
-| test.py:668:16:668:17 | ControlFlowNode for tl [List element, Tuple element at index 0] | semmle.label | ControlFlowNode for tl [List element, Tuple element at index 0] |
-| test.py:669:14:669:14 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:675:10:675:51 | ControlFlowNode for List [List element, Tuple element at index 0] | semmle.label | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:675:12:675:17 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:675:12:675:28 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:675:33:675:38 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:675:33:675:49 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:676:9:676:10 | IterableElement | semmle.label | IterableElement |
-| test.py:676:9:676:10 | SSA variable x [List element] | semmle.label | SSA variable x [List element] |
-| test.py:676:9:676:12 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:676:9:676:12 | IterableSequence [Tuple element at index 0] | semmle.label | IterableSequence [Tuple element at index 0] |
-| test.py:676:12:676:12 | SSA variable y | semmle.label | SSA variable y |
-| test.py:676:17:676:18 | ControlFlowNode for tl [List element, Tuple element at index 0] | semmle.label | ControlFlowNode for tl [List element, Tuple element at index 0] |
-| test.py:678:14:678:14 | ControlFlowNode for x [List element] | semmle.label | ControlFlowNode for x [List element] |
-| test.py:678:14:678:17 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:679:16:679:16 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:684:10:684:51 | ControlFlowNode for List [List element, Tuple element at index 0] | semmle.label | ControlFlowNode for List [List element, Tuple element at index 0] |
-| test.py:684:12:684:17 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:684:12:684:28 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:684:33:684:38 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:684:33:684:49 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:685:9:685:9 | SSA variable x | semmle.label | SSA variable x |
-| test.py:685:9:685:14 | ControlFlowNode for Tuple [Tuple element at index 0] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 0] |
-| test.py:685:9:685:14 | IterableSequence [Tuple element at index 0] | semmle.label | IterableSequence [Tuple element at index 0] |
-| test.py:685:19:685:20 | ControlFlowNode for tl [List element, Tuple element at index 0] | semmle.label | ControlFlowNode for tl [List element, Tuple element at index 0] |
-| test.py:686:14:686:14 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:690:39:690:42 | ControlFlowNode for args [Tuple element at index 0] | semmle.label | ControlFlowNode for args [Tuple element at index 0] |
-| test.py:690:39:690:42 | ControlFlowNode for args [Tuple element at index 1] | semmle.label | ControlFlowNode for args [Tuple element at index 1] |
-| test.py:691:7:691:9 | SSA variable arg | semmle.label | SSA variable arg |
-| test.py:691:14:691:17 | ControlFlowNode for args [Tuple element at index 0] | semmle.label | ControlFlowNode for args [Tuple element at index 0] |
-| test.py:691:14:691:17 | ControlFlowNode for args [Tuple element at index 1] | semmle.label | ControlFlowNode for args [Tuple element at index 1] |
-| test.py:692:10:692:12 | ControlFlowNode for arg | semmle.label | ControlFlowNode for arg |
-| test.py:697:7:697:12 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:698:3:698:52 | PosOverflowNode for iterate_star_args() [Tuple element at index 0] | semmle.label | PosOverflowNode for iterate_star_args() [Tuple element at index 0] |
-| test.py:698:3:698:52 | PosOverflowNode for iterate_star_args() [Tuple element at index 1] | semmle.label | PosOverflowNode for iterate_star_args() [Tuple element at index 1] |
-| test.py:698:43:698:48 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:698:51:698:51 | ControlFlowNode for s | semmle.label | ControlFlowNode for s |
-| test.py:769:16:769:21 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:772:10:772:36 | ControlFlowNode for return_from_inner_scope() | semmle.label | ControlFlowNode for return_from_inner_scope() |
-| test.py:807:35:807:35 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:807:37:807:42 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:807:48:807:48 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:807:50:807:55 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:807:61:807:61 | ControlFlowNode for z | semmle.label | ControlFlowNode for z |
-| test.py:807:63:807:68 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:808:10:808:10 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:809:10:809:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:810:10:810:10 | ControlFlowNode for z | semmle.label | ControlFlowNode for z |
-subpaths
-| datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:35:7:35:7 | ControlFlowNode for a | datamodel.py:36:10:36:10 | ControlFlowNode for a | datamodel.py:38:6:38:17 | ControlFlowNode for f() |
-| datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:44:22:44:22 | ControlFlowNode for x | datamodel.py:46:16:46:16 | ControlFlowNode for x | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() |
-| datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:44:22:44:22 | ControlFlowNode for x | datamodel.py:46:16:46:16 | ControlFlowNode for x | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() |
-| datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:49:26:49:26 | ControlFlowNode for x | datamodel.py:50:16:50:16 | ControlFlowNode for x | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() |
-| datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:49:26:49:26 | ControlFlowNode for x | datamodel.py:50:16:50:16 | ControlFlowNode for x | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() |
-| datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | datamodel.py:53:22:53:22 | ControlFlowNode for x | datamodel.py:54:16:54:16 | ControlFlowNode for x | datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() |
-| datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | datamodel.py:53:22:53:22 | ControlFlowNode for x | datamodel.py:54:16:54:16 | ControlFlowNode for x | datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() |
-| test.py:380:28:380:33 | ControlFlowNode for SOURCE | test.py:375:15:375:15 | ControlFlowNode for b | test.py:376:12:376:12 | ControlFlowNode for b | test.py:380:10:380:34 | ControlFlowNode for second() |
-| test.py:388:30:388:35 | ControlFlowNode for SOURCE | test.py:375:15:375:15 | ControlFlowNode for b | test.py:376:12:376:12 | ControlFlowNode for b | test.py:388:10:388:36 | ControlFlowNode for second() |
-| test.py:396:10:396:43 | KwUnpacked b | test.py:375:15:375:15 | ControlFlowNode for b | test.py:376:12:376:12 | ControlFlowNode for b | test.py:396:10:396:43 | ControlFlowNode for second() |
-| test.py:404:10:404:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] | test.py:399:21:399:21 | ControlFlowNode for b [Tuple element at index 0] | test.py:400:12:400:15 | ControlFlowNode for Subscript | test.py:404:10:404:39 | ControlFlowNode for f_extra_pos() |
-| test.py:412:10:412:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] | test.py:407:26:407:26 | ControlFlowNode for b [Dictionary element at key b] | test.py:408:12:408:17 | ControlFlowNode for Subscript | test.py:412:10:412:45 | ControlFlowNode for f_extra_keyword() |
-| test.py:477:12:477:17 | ControlFlowNode for SOURCE | test.py:474:11:474:11 | ControlFlowNode for x | test.py:475:16:475:16 | ControlFlowNode for x | test.py:477:10:477:18 | ControlFlowNode for f() |
-| test.py:484:28:484:33 | ControlFlowNode for SOURCE | test.py:481:19:481:19 | ControlFlowNode for b | test.py:482:16:482:16 | ControlFlowNode for b | test.py:484:10:484:34 | ControlFlowNode for second() |
-| test.py:498:30:498:35 | ControlFlowNode for SOURCE | test.py:495:19:495:19 | ControlFlowNode for b | test.py:496:16:496:16 | ControlFlowNode for b | test.py:498:10:498:36 | ControlFlowNode for second() |
-| test.py:512:10:512:43 | KwUnpacked b | test.py:509:19:509:19 | ControlFlowNode for b | test.py:510:16:510:16 | ControlFlowNode for b | test.py:512:10:512:43 | ControlFlowNode for second() |
-| test.py:517:10:517:39 | PosOverflowNode for f_extra_pos() [Tuple element at index 0] | test.py:516:30:516:30 | ControlFlowNode for b [Tuple element at index 0] | test.py:516:33:516:36 | ControlFlowNode for Subscript | test.py:517:10:517:39 | ControlFlowNode for f_extra_pos() |
-| test.py:522:10:522:45 | KwOverflowNode for f_extra_keyword() [Dictionary element at key b] | test.py:521:35:521:35 | ControlFlowNode for b [Dictionary element at key b] | test.py:521:38:521:43 | ControlFlowNode for Subscript | test.py:522:10:522:45 | ControlFlowNode for f_extra_keyword() |
-#select
-| datamodel.py:38:6:38:17 | ControlFlowNode for f() | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:38:6:38:17 | ControlFlowNode for f() | Flow found |
-| datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | Flow found |
-| datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | Flow found |
-| datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | Flow found |
-| datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | Flow found |
-| datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() | datamodel.py:88:21:88:26 | ControlFlowNode for SOURCE | datamodel.py:88:6:88:27 | ControlFlowNode for Attribute() | Flow found |
-| datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() | datamodel.py:89:21:89:26 | ControlFlowNode for SOURCE | datamodel.py:89:6:89:27 | ControlFlowNode for Attribute() | Flow found |
-| datamodel.py:168:6:168:17 | ControlFlowNode for Attribute | datamodel.py:161:14:161:19 | ControlFlowNode for SOURCE | datamodel.py:168:6:168:17 | ControlFlowNode for Attribute | Flow found |
-| test.py:44:10:44:10 | ControlFlowNode for y | test.py:42:21:42:26 | ControlFlowNode for SOURCE | test.py:44:10:44:10 | ControlFlowNode for y | Flow found |
-| test.py:56:10:56:10 | ControlFlowNode for x | test.py:55:9:55:14 | ControlFlowNode for SOURCE | test.py:56:10:56:10 | ControlFlowNode for x | Flow found |
-| test.py:62:10:62:10 | ControlFlowNode for x | test.py:61:9:61:16 | ControlFlowNode for Str | test.py:62:10:62:10 | ControlFlowNode for x | Flow found |
-| test.py:67:10:67:10 | ControlFlowNode for x | test.py:66:9:66:17 | ControlFlowNode for Str | test.py:67:10:67:10 | ControlFlowNode for x | Flow found |
-| test.py:72:10:72:10 | ControlFlowNode for x | test.py:71:9:71:10 | ControlFlowNode for IntegerLiteral | test.py:72:10:72:10 | ControlFlowNode for x | Flow found |
-| test.py:77:10:77:10 | ControlFlowNode for x | test.py:76:9:76:12 | ControlFlowNode for FloatLiteral | test.py:77:10:77:10 | ControlFlowNode for x | Flow found |
-| test.py:88:10:88:10 | ControlFlowNode for x | test.py:87:10:87:15 | ControlFlowNode for SOURCE | test.py:88:10:88:10 | ControlFlowNode for x | Flow found |
-| test.py:94:10:94:13 | ControlFlowNode for Subscript | test.py:93:10:93:15 | ControlFlowNode for SOURCE | test.py:94:10:94:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:104:10:104:13 | ControlFlowNode for Subscript | test.py:103:10:103:15 | ControlFlowNode for SOURCE | test.py:104:10:104:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:109:10:109:13 | ControlFlowNode for Subscript | test.py:108:22:108:27 | ControlFlowNode for SOURCE | test.py:109:10:109:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:115:10:115:13 | ControlFlowNode for Subscript | test.py:113:10:113:15 | ControlFlowNode for SOURCE | test.py:115:10:115:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:126:10:126:16 | ControlFlowNode for Attribute() | test.py:125:10:125:15 | ControlFlowNode for SOURCE | test.py:126:10:126:16 | ControlFlowNode for Attribute() | Flow found |
-| test.py:131:10:131:16 | ControlFlowNode for Attribute() | test.py:130:10:130:15 | ControlFlowNode for SOURCE | test.py:131:10:131:16 | ControlFlowNode for Attribute() | Flow found |
-| test.py:136:10:136:16 | ControlFlowNode for Attribute() | test.py:135:22:135:27 | ControlFlowNode for SOURCE | test.py:136:10:136:16 | ControlFlowNode for Attribute() | Flow found |
-| test.py:142:10:142:16 | ControlFlowNode for Attribute() | test.py:140:10:140:15 | ControlFlowNode for SOURCE | test.py:142:10:142:16 | ControlFlowNode for Attribute() | Flow found |
-| test.py:153:10:153:15 | ControlFlowNode for Subscript | test.py:152:15:152:20 | ControlFlowNode for SOURCE | test.py:153:10:153:15 | ControlFlowNode for Subscript | Flow found |
-| test.py:158:10:158:19 | ControlFlowNode for Attribute() | test.py:157:15:157:20 | ControlFlowNode for SOURCE | test.py:158:10:158:19 | ControlFlowNode for Attribute() | Flow found |
-| test.py:184:10:184:13 | ControlFlowNode for Subscript | test.py:183:23:183:28 | ControlFlowNode for SOURCE | test.py:184:10:184:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:189:10:189:13 | ControlFlowNode for Subscript | test.py:188:25:188:30 | ControlFlowNode for SOURCE | test.py:189:10:189:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:200:10:200:13 | ControlFlowNode for Subscript | test.py:199:34:199:39 | ControlFlowNode for SOURCE | test.py:200:10:200:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:206:10:206:13 | ControlFlowNode for Subscript | test.py:205:28:205:33 | ControlFlowNode for SOURCE | test.py:206:10:206:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:211:10:211:13 | ControlFlowNode for Subscript | test.py:210:32:210:37 | ControlFlowNode for SOURCE | test.py:211:10:211:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:349:10:349:21 | ControlFlowNode for Subscript | test.py:349:11:349:16 | ControlFlowNode for SOURCE | test.py:349:10:349:21 | ControlFlowNode for Subscript | Flow found |
-| test.py:353:10:353:20 | ControlFlowNode for Subscript | test.py:353:11:353:16 | ControlFlowNode for SOURCE | test.py:353:10:353:20 | ControlFlowNode for Subscript | Flow found |
-| test.py:357:10:357:27 | ControlFlowNode for Subscript | test.py:357:16:357:21 | ControlFlowNode for SOURCE | test.py:357:10:357:27 | ControlFlowNode for Subscript | Flow found |
-| test.py:380:10:380:34 | ControlFlowNode for second() | test.py:380:28:380:33 | ControlFlowNode for SOURCE | test.py:380:10:380:34 | ControlFlowNode for second() | Flow found |
-| test.py:388:10:388:36 | ControlFlowNode for second() | test.py:388:30:388:35 | ControlFlowNode for SOURCE | test.py:388:10:388:36 | ControlFlowNode for second() | Flow found |
-| test.py:396:10:396:43 | ControlFlowNode for second() | test.py:396:36:396:41 | ControlFlowNode for SOURCE | test.py:396:10:396:43 | ControlFlowNode for second() | Flow found |
-| test.py:404:10:404:39 | ControlFlowNode for f_extra_pos() | test.py:404:33:404:38 | ControlFlowNode for SOURCE | test.py:404:10:404:39 | ControlFlowNode for f_extra_pos() | Flow found |
-| test.py:412:10:412:45 | ControlFlowNode for f_extra_keyword() | test.py:412:39:412:44 | ControlFlowNode for SOURCE | test.py:412:10:412:45 | ControlFlowNode for f_extra_keyword() | Flow found |
-| test.py:429:10:429:20 | ControlFlowNode for BoolExpr | test.py:429:15:429:20 | ControlFlowNode for SOURCE | test.py:429:10:429:20 | ControlFlowNode for BoolExpr | Flow found |
-| test.py:434:10:434:21 | ControlFlowNode for BoolExpr | test.py:434:16:434:21 | ControlFlowNode for SOURCE | test.py:434:10:434:21 | ControlFlowNode for BoolExpr | Flow found |
-| test.py:445:10:445:38 | ControlFlowNode for IfExp | test.py:445:10:445:15 | ControlFlowNode for SOURCE | test.py:445:10:445:38 | ControlFlowNode for IfExp | Flow found |
-| test.py:453:10:453:39 | ControlFlowNode for IfExp | test.py:453:34:453:39 | ControlFlowNode for SOURCE | test.py:453:10:453:39 | ControlFlowNode for IfExp | Flow found |
-| test.py:477:10:477:18 | ControlFlowNode for f() | test.py:477:12:477:17 | ControlFlowNode for SOURCE | test.py:477:10:477:18 | ControlFlowNode for f() | Flow found |
-| test.py:484:10:484:34 | ControlFlowNode for second() | test.py:484:28:484:33 | ControlFlowNode for SOURCE | test.py:484:10:484:34 | ControlFlowNode for second() | Flow found |
-| test.py:498:10:498:36 | ControlFlowNode for second() | test.py:498:30:498:35 | ControlFlowNode for SOURCE | test.py:498:10:498:36 | ControlFlowNode for second() | Flow found |
-| test.py:512:10:512:43 | ControlFlowNode for second() | test.py:512:36:512:41 | ControlFlowNode for SOURCE | test.py:512:10:512:43 | ControlFlowNode for second() | Flow found |
-| test.py:517:10:517:39 | ControlFlowNode for f_extra_pos() | test.py:517:33:517:38 | ControlFlowNode for SOURCE | test.py:517:10:517:39 | ControlFlowNode for f_extra_pos() | Flow found |
-| test.py:522:10:522:45 | ControlFlowNode for f_extra_keyword() | test.py:522:39:522:44 | ControlFlowNode for SOURCE | test.py:522:10:522:45 | ControlFlowNode for f_extra_keyword() | Flow found |
-| test.py:536:10:536:10 | ControlFlowNode for a | test.py:534:9:534:14 | ControlFlowNode for SOURCE | test.py:536:10:536:10 | ControlFlowNode for a | Flow found |
-| test.py:541:10:541:10 | ControlFlowNode for b | test.py:534:9:534:14 | ControlFlowNode for SOURCE | test.py:541:10:541:10 | ControlFlowNode for b | Flow found |
-| test.py:548:10:548:10 | ControlFlowNode for a | test.py:546:10:546:15 | ControlFlowNode for SOURCE | test.py:548:10:548:10 | ControlFlowNode for a | Flow found |
-| test.py:556:10:556:10 | ControlFlowNode for a | test.py:554:10:554:15 | ControlFlowNode for SOURCE | test.py:556:10:556:10 | ControlFlowNode for a | Flow found |
-| test.py:558:10:558:10 | ControlFlowNode for c | test.py:554:30:554:35 | ControlFlowNode for SOURCE | test.py:558:10:558:10 | ControlFlowNode for c | Flow found |
-| test.py:565:10:565:10 | ControlFlowNode for a | test.py:563:13:563:18 | ControlFlowNode for SOURCE | test.py:565:10:565:10 | ControlFlowNode for a | Flow found |
-| test.py:573:10:573:10 | ControlFlowNode for a | test.py:571:10:571:15 | ControlFlowNode for SOURCE | test.py:573:10:573:10 | ControlFlowNode for a | Flow found |
-| test.py:575:10:575:13 | ControlFlowNode for Subscript | test.py:571:18:571:23 | ControlFlowNode for SOURCE | test.py:575:10:575:13 | ControlFlowNode for Subscript | Flow found |
-| test.py:576:12:576:12 | ControlFlowNode for c | test.py:571:18:571:23 | ControlFlowNode for SOURCE | test.py:576:12:576:12 | ControlFlowNode for c | Flow found |
-| test.py:583:10:583:10 | ControlFlowNode for a | test.py:581:10:581:15 | ControlFlowNode for SOURCE | test.py:583:10:583:10 | ControlFlowNode for a | Flow found |
-| test.py:585:10:585:10 | ControlFlowNode for c | test.py:581:18:581:23 | ControlFlowNode for SOURCE | test.py:585:10:585:10 | ControlFlowNode for c | Flow found |
-| test.py:594:10:594:11 | ControlFlowNode for a1 | test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:594:10:594:11 | ControlFlowNode for a1 | Flow found |
-| test.py:594:10:594:11 | ControlFlowNode for a1 | test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:594:10:594:11 | ControlFlowNode for a1 | Flow found |
-| test.py:594:10:594:11 | ControlFlowNode for a1 | test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:594:10:594:11 | ControlFlowNode for a1 | Flow found |
-| test.py:595:12:595:13 | ControlFlowNode for a2 | test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:595:12:595:13 | ControlFlowNode for a2 | Flow found |
-| test.py:595:12:595:13 | ControlFlowNode for a2 | test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:595:12:595:13 | ControlFlowNode for a2 | Flow found |
-| test.py:595:12:595:13 | ControlFlowNode for a2 | test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:595:12:595:13 | ControlFlowNode for a2 | Flow found |
-| test.py:596:10:596:11 | ControlFlowNode for a3 | test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:596:10:596:11 | ControlFlowNode for a3 | Flow found |
-| test.py:596:10:596:11 | ControlFlowNode for a3 | test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:596:10:596:11 | ControlFlowNode for a3 | Flow found |
-| test.py:596:10:596:11 | ControlFlowNode for a3 | test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:596:10:596:11 | ControlFlowNode for a3 | Flow found |
-| test.py:602:10:602:11 | ControlFlowNode for a1 | test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:602:10:602:11 | ControlFlowNode for a1 | Flow found |
-| test.py:602:10:602:11 | ControlFlowNode for a1 | test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:602:10:602:11 | ControlFlowNode for a1 | Flow found |
-| test.py:602:10:602:11 | ControlFlowNode for a1 | test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:602:10:602:11 | ControlFlowNode for a1 | Flow found |
-| test.py:603:12:603:13 | ControlFlowNode for a2 | test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:603:12:603:13 | ControlFlowNode for a2 | Flow found |
-| test.py:603:12:603:13 | ControlFlowNode for a2 | test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:603:12:603:13 | ControlFlowNode for a2 | Flow found |
-| test.py:603:12:603:13 | ControlFlowNode for a2 | test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:603:12:603:13 | ControlFlowNode for a2 | Flow found |
-| test.py:604:10:604:11 | ControlFlowNode for a3 | test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:604:10:604:11 | ControlFlowNode for a3 | Flow found |
-| test.py:604:10:604:11 | ControlFlowNode for a3 | test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:604:10:604:11 | ControlFlowNode for a3 | Flow found |
-| test.py:604:10:604:11 | ControlFlowNode for a3 | test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:604:10:604:11 | ControlFlowNode for a3 | Flow found |
-| test.py:610:10:610:11 | ControlFlowNode for a1 | test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:610:10:610:11 | ControlFlowNode for a1 | Flow found |
-| test.py:610:10:610:11 | ControlFlowNode for a1 | test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:610:10:610:11 | ControlFlowNode for a1 | Flow found |
-| test.py:610:10:610:11 | ControlFlowNode for a1 | test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:610:10:610:11 | ControlFlowNode for a1 | Flow found |
-| test.py:611:12:611:13 | ControlFlowNode for a2 | test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:611:12:611:13 | ControlFlowNode for a2 | Flow found |
-| test.py:611:12:611:13 | ControlFlowNode for a2 | test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:611:12:611:13 | ControlFlowNode for a2 | Flow found |
-| test.py:611:12:611:13 | ControlFlowNode for a2 | test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:611:12:611:13 | ControlFlowNode for a2 | Flow found |
-| test.py:612:10:612:11 | ControlFlowNode for a3 | test.py:590:12:590:17 | ControlFlowNode for SOURCE | test.py:612:10:612:11 | ControlFlowNode for a3 | Flow found |
-| test.py:612:10:612:11 | ControlFlowNode for a3 | test.py:590:31:590:36 | ControlFlowNode for SOURCE | test.py:612:10:612:11 | ControlFlowNode for a3 | Flow found |
-| test.py:612:10:612:11 | ControlFlowNode for a3 | test.py:590:41:590:46 | ControlFlowNode for SOURCE | test.py:612:10:612:11 | ControlFlowNode for a3 | Flow found |
-| test.py:622:10:622:11 | ControlFlowNode for a1 | test.py:618:12:618:17 | ControlFlowNode for SOURCE | test.py:622:10:622:11 | ControlFlowNode for a1 | Flow found |
-| test.py:624:12:624:16 | ControlFlowNode for Subscript | test.py:618:31:618:36 | ControlFlowNode for SOURCE | test.py:624:12:624:16 | ControlFlowNode for Subscript | Flow found |
-| test.py:625:10:625:14 | ControlFlowNode for Subscript | test.py:618:31:618:36 | ControlFlowNode for SOURCE | test.py:625:10:625:14 | ControlFlowNode for Subscript | Flow found |
-| test.py:631:10:631:11 | ControlFlowNode for a1 | test.py:618:12:618:17 | ControlFlowNode for SOURCE | test.py:631:10:631:11 | ControlFlowNode for a1 | Flow found |
-| test.py:633:12:633:16 | ControlFlowNode for Subscript | test.py:618:31:618:36 | ControlFlowNode for SOURCE | test.py:633:12:633:16 | ControlFlowNode for Subscript | Flow found |
-| test.py:634:10:634:14 | ControlFlowNode for Subscript | test.py:618:31:618:36 | ControlFlowNode for SOURCE | test.py:634:10:634:14 | ControlFlowNode for Subscript | Flow found |
-| test.py:640:10:640:11 | ControlFlowNode for a1 | test.py:618:12:618:17 | ControlFlowNode for SOURCE | test.py:640:10:640:11 | ControlFlowNode for a1 | Flow found |
-| test.py:642:12:642:16 | ControlFlowNode for Subscript | test.py:618:31:618:36 | ControlFlowNode for SOURCE | test.py:642:12:642:16 | ControlFlowNode for Subscript | Flow found |
-| test.py:643:10:643:14 | ControlFlowNode for Subscript | test.py:618:31:618:36 | ControlFlowNode for SOURCE | test.py:643:10:643:14 | ControlFlowNode for Subscript | Flow found |
-| test.py:649:10:649:11 | ControlFlowNode for a1 | test.py:618:12:618:17 | ControlFlowNode for SOURCE | test.py:649:10:649:11 | ControlFlowNode for a1 | Flow found |
-| test.py:651:12:651:16 | ControlFlowNode for Subscript | test.py:618:31:618:36 | ControlFlowNode for SOURCE | test.py:651:12:651:16 | ControlFlowNode for Subscript | Flow found |
-| test.py:652:10:652:14 | ControlFlowNode for Subscript | test.py:618:31:618:36 | ControlFlowNode for SOURCE | test.py:652:10:652:14 | ControlFlowNode for Subscript | Flow found |
-| test.py:660:10:660:10 | ControlFlowNode for a | test.py:659:19:659:24 | ControlFlowNode for SOURCE | test.py:660:10:660:10 | ControlFlowNode for a | Flow found |
-| test.py:669:14:669:14 | ControlFlowNode for x | test.py:667:12:667:17 | ControlFlowNode for SOURCE | test.py:669:14:669:14 | ControlFlowNode for x | Flow found |
-| test.py:669:14:669:14 | ControlFlowNode for x | test.py:667:33:667:38 | ControlFlowNode for SOURCE | test.py:669:14:669:14 | ControlFlowNode for x | Flow found |
-| test.py:678:14:678:17 | ControlFlowNode for Subscript | test.py:675:12:675:17 | ControlFlowNode for SOURCE | test.py:678:14:678:17 | ControlFlowNode for Subscript | Flow found |
-| test.py:678:14:678:17 | ControlFlowNode for Subscript | test.py:675:33:675:38 | ControlFlowNode for SOURCE | test.py:678:14:678:17 | ControlFlowNode for Subscript | Flow found |
-| test.py:679:16:679:16 | ControlFlowNode for y | test.py:675:12:675:17 | ControlFlowNode for SOURCE | test.py:679:16:679:16 | ControlFlowNode for y | Flow found |
-| test.py:679:16:679:16 | ControlFlowNode for y | test.py:675:33:675:38 | ControlFlowNode for SOURCE | test.py:679:16:679:16 | ControlFlowNode for y | Flow found |
-| test.py:686:14:686:14 | ControlFlowNode for x | test.py:684:12:684:17 | ControlFlowNode for SOURCE | test.py:686:14:686:14 | ControlFlowNode for x | Flow found |
-| test.py:686:14:686:14 | ControlFlowNode for x | test.py:684:33:684:38 | ControlFlowNode for SOURCE | test.py:686:14:686:14 | ControlFlowNode for x | Flow found |
-| test.py:692:10:692:12 | ControlFlowNode for arg | test.py:697:7:697:12 | ControlFlowNode for SOURCE | test.py:692:10:692:12 | ControlFlowNode for arg | Flow found |
-| test.py:692:10:692:12 | ControlFlowNode for arg | test.py:698:43:698:48 | ControlFlowNode for SOURCE | test.py:692:10:692:12 | ControlFlowNode for arg | Flow found |
-| test.py:772:10:772:36 | ControlFlowNode for return_from_inner_scope() | test.py:769:16:769:21 | ControlFlowNode for SOURCE | test.py:772:10:772:36 | ControlFlowNode for return_from_inner_scope() | Flow found |
-| test.py:808:10:808:10 | ControlFlowNode for x | test.py:807:37:807:42 | ControlFlowNode for SOURCE | test.py:808:10:808:10 | ControlFlowNode for x | Flow found |
-| test.py:809:10:809:10 | ControlFlowNode for y | test.py:807:50:807:55 | ControlFlowNode for SOURCE | test.py:809:10:809:10 | ControlFlowNode for y | Flow found |
-| test.py:810:10:810:10 | ControlFlowNode for z | test.py:807:63:807:68 | ControlFlowNode for SOURCE | test.py:810:10:810:10 | ControlFlowNode for z | Flow found |
diff --git a/python/ql/test/experimental/dataflow/coverage/dataflow.ql b/python/ql/test/experimental/dataflow/coverage/dataflow.ql
deleted file mode 100644
index 868f24a598f..00000000000
--- a/python/ql/test/experimental/dataflow/coverage/dataflow.ql
+++ /dev/null
@@ -1,11 +0,0 @@
-/**
- * @kind path-problem
- */
-
-import python
-import experimental.dataflow.testConfig
-import DataFlow::PathGraph
-
-from TestConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
-where config.hasFlowPath(source, sink)
-select sink.getNode(), source, sink, "Flow found"

From 0f34752f8f25821fe61b52a292256ba5fb04a307 Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Fri, 1 Jul 2022 11:56:50 +0200
Subject: [PATCH 004/144] Python: Delete `classesCallGraph.ql`

I don't see the value from this, so just going to outright delete it.
(it actually stayed alive for quite some time in the original git history,
but never seemed to be that useful.)
---
 .../coverage/classesCallGraph.expected        | 80 -------------------
 .../dataflow/coverage/classesCallGraph.ql     | 37 ---------
 2 files changed, 117 deletions(-)
 delete mode 100644 python/ql/test/experimental/dataflow/coverage/classesCallGraph.expected
 delete mode 100644 python/ql/test/experimental/dataflow/coverage/classesCallGraph.ql

diff --git a/python/ql/test/experimental/dataflow/coverage/classesCallGraph.expected b/python/ql/test/experimental/dataflow/coverage/classesCallGraph.expected
deleted file mode 100644
index f297c4be6e3..00000000000
--- a/python/ql/test/experimental/dataflow/coverage/classesCallGraph.expected
+++ /dev/null
@@ -1,80 +0,0 @@
-| classes.py:14:17:14:60 | ControlFlowNode for Attribute() | classes.py:14:17:14:60 | ControlFlowNode for Attribute() |
-| classes.py:45:16:45:35 | ControlFlowNode for Attribute() | classes.py:45:16:45:35 | ControlFlowNode for Attribute() |
-| classes.py:60:17:60:27 | [pre objCreate] ControlFlowNode for With_init() | classes.py:54:18:54:21 | ControlFlowNode for self |
-| classes.py:242:9:242:24 | ControlFlowNode for set() | classes.py:242:9:242:24 | ControlFlowNode for set() |
-| classes.py:247:9:247:30 | ControlFlowNode for frozenset() | classes.py:247:9:247:30 | ControlFlowNode for frozenset() |
-| classes.py:252:9:252:28 | ControlFlowNode for dict() | classes.py:252:9:252:28 | ControlFlowNode for dict() |
-| classes.py:559:16:559:17 | ControlFlowNode for Str | classes.py:565:5:565:22 | ControlFlowNode for Subscript |
-| classes.py:565:5:565:16 | ControlFlowNode for with_getitem | classes.py:555:21:555:24 | ControlFlowNode for self |
-| classes.py:565:18:565:21 | ControlFlowNode for arg2 | classes.py:555:27:555:29 | ControlFlowNode for key |
-| classes.py:581:5:581:16 | ControlFlowNode for with_setitem | classes.py:570:21:570:24 | ControlFlowNode for self |
-| classes.py:581:18:581:21 | ControlFlowNode for arg2 | classes.py:570:27:570:29 | ControlFlowNode for key |
-| classes.py:581:26:581:29 | ControlFlowNode for arg3 | classes.py:570:32:570:36 | ControlFlowNode for value |
-| classes.py:595:9:595:20 | ControlFlowNode for with_delitem | classes.py:586:21:586:24 | ControlFlowNode for self |
-| classes.py:595:22:595:25 | ControlFlowNode for arg2 | classes.py:586:27:586:29 | ControlFlowNode for key |
-| classes.py:618:16:618:28 | ControlFlowNode for Attribute() | classes.py:618:16:618:28 | ControlFlowNode for Attribute() |
-| classes.py:659:15:659:18 | ControlFlowNode for self | classes.py:667:5:667:19 | ControlFlowNode for BinaryExpr |
-| classes.py:661:16:661:19 | ControlFlowNode for self | classes.py:667:5:667:19 | ControlFlowNode for BinaryExpr |
-| classes.py:667:5:667:12 | ControlFlowNode for with_add | classes.py:657:17:657:20 | ControlFlowNode for self |
-| classes.py:667:5:667:12 | ControlFlowNode for with_add | classes.py:667:5:667:19 | ControlFlowNode for BinaryExpr |
-| classes.py:667:16:667:19 | ControlFlowNode for arg2 | classes.py:657:23:657:27 | ControlFlowNode for other |
-| classes.py:674:15:674:18 | ControlFlowNode for self | classes.py:682:5:682:19 | ControlFlowNode for BinaryExpr |
-| classes.py:676:16:676:19 | ControlFlowNode for self | classes.py:682:5:682:19 | ControlFlowNode for BinaryExpr |
-| classes.py:682:5:682:12 | ControlFlowNode for with_sub | classes.py:672:17:672:20 | ControlFlowNode for self |
-| classes.py:682:5:682:12 | ControlFlowNode for with_sub | classes.py:682:5:682:19 | ControlFlowNode for BinaryExpr |
-| classes.py:682:16:682:19 | ControlFlowNode for arg2 | classes.py:672:23:672:27 | ControlFlowNode for other |
-| classes.py:689:15:689:18 | ControlFlowNode for self | classes.py:697:5:697:19 | ControlFlowNode for BinaryExpr |
-| classes.py:691:16:691:19 | ControlFlowNode for self | classes.py:697:5:697:19 | ControlFlowNode for BinaryExpr |
-| classes.py:697:5:697:12 | ControlFlowNode for with_mul | classes.py:687:17:687:20 | ControlFlowNode for self |
-| classes.py:697:5:697:12 | ControlFlowNode for with_mul | classes.py:697:5:697:19 | ControlFlowNode for BinaryExpr |
-| classes.py:697:16:697:19 | ControlFlowNode for arg2 | classes.py:687:23:687:27 | ControlFlowNode for other |
-| classes.py:704:15:704:18 | ControlFlowNode for self | classes.py:712:5:712:22 | ControlFlowNode for BinaryExpr |
-| classes.py:706:16:706:19 | ControlFlowNode for self | classes.py:712:5:712:22 | ControlFlowNode for BinaryExpr |
-| classes.py:712:5:712:15 | ControlFlowNode for with_matmul | classes.py:702:20:702:23 | ControlFlowNode for self |
-| classes.py:712:5:712:15 | ControlFlowNode for with_matmul | classes.py:712:5:712:22 | ControlFlowNode for BinaryExpr |
-| classes.py:712:19:712:22 | ControlFlowNode for arg2 | classes.py:702:26:702:30 | ControlFlowNode for other |
-| classes.py:719:15:719:18 | ControlFlowNode for self | classes.py:727:5:727:23 | ControlFlowNode for BinaryExpr |
-| classes.py:721:16:721:19 | ControlFlowNode for self | classes.py:727:5:727:23 | ControlFlowNode for BinaryExpr |
-| classes.py:727:5:727:16 | ControlFlowNode for with_truediv | classes.py:717:21:717:24 | ControlFlowNode for self |
-| classes.py:727:5:727:16 | ControlFlowNode for with_truediv | classes.py:727:5:727:23 | ControlFlowNode for BinaryExpr |
-| classes.py:727:20:727:23 | ControlFlowNode for arg2 | classes.py:717:27:717:31 | ControlFlowNode for other |
-| classes.py:734:15:734:18 | ControlFlowNode for self | classes.py:742:5:742:25 | ControlFlowNode for BinaryExpr |
-| classes.py:736:16:736:19 | ControlFlowNode for self | classes.py:742:5:742:25 | ControlFlowNode for BinaryExpr |
-| classes.py:742:5:742:17 | ControlFlowNode for with_floordiv | classes.py:732:22:732:25 | ControlFlowNode for self |
-| classes.py:742:5:742:17 | ControlFlowNode for with_floordiv | classes.py:742:5:742:25 | ControlFlowNode for BinaryExpr |
-| classes.py:742:22:742:25 | ControlFlowNode for arg2 | classes.py:732:28:732:32 | ControlFlowNode for other |
-| classes.py:749:15:749:18 | ControlFlowNode for self | classes.py:757:5:757:19 | ControlFlowNode for BinaryExpr |
-| classes.py:751:16:751:19 | ControlFlowNode for self | classes.py:757:5:757:19 | ControlFlowNode for BinaryExpr |
-| classes.py:757:5:757:12 | ControlFlowNode for with_mod | classes.py:747:17:747:20 | ControlFlowNode for self |
-| classes.py:757:5:757:12 | ControlFlowNode for with_mod | classes.py:757:5:757:19 | ControlFlowNode for BinaryExpr |
-| classes.py:757:16:757:19 | ControlFlowNode for arg2 | classes.py:747:23:747:27 | ControlFlowNode for other |
-| classes.py:779:15:779:18 | ControlFlowNode for self | classes.py:793:5:793:20 | ControlFlowNode for BinaryExpr |
-| classes.py:781:16:781:19 | ControlFlowNode for self | classes.py:793:5:793:20 | ControlFlowNode for BinaryExpr |
-| classes.py:793:5:793:12 | ControlFlowNode for with_pow | classes.py:777:17:777:20 | ControlFlowNode for self |
-| classes.py:793:5:793:12 | ControlFlowNode for with_pow | classes.py:793:5:793:20 | ControlFlowNode for BinaryExpr |
-| classes.py:793:17:793:20 | ControlFlowNode for arg2 | classes.py:777:23:777:27 | ControlFlowNode for other |
-| classes.py:800:15:800:18 | ControlFlowNode for self | classes.py:808:5:808:23 | ControlFlowNode for BinaryExpr |
-| classes.py:802:16:802:19 | ControlFlowNode for self | classes.py:808:5:808:23 | ControlFlowNode for BinaryExpr |
-| classes.py:808:5:808:15 | ControlFlowNode for with_lshift | classes.py:798:20:798:23 | ControlFlowNode for self |
-| classes.py:808:5:808:15 | ControlFlowNode for with_lshift | classes.py:808:5:808:23 | ControlFlowNode for BinaryExpr |
-| classes.py:808:20:808:23 | ControlFlowNode for arg2 | classes.py:798:26:798:30 | ControlFlowNode for other |
-| classes.py:815:15:815:18 | ControlFlowNode for self | classes.py:823:5:823:23 | ControlFlowNode for BinaryExpr |
-| classes.py:817:16:817:19 | ControlFlowNode for self | classes.py:823:5:823:23 | ControlFlowNode for BinaryExpr |
-| classes.py:823:5:823:15 | ControlFlowNode for with_rshift | classes.py:813:20:813:23 | ControlFlowNode for self |
-| classes.py:823:5:823:15 | ControlFlowNode for with_rshift | classes.py:823:5:823:23 | ControlFlowNode for BinaryExpr |
-| classes.py:823:20:823:23 | ControlFlowNode for arg2 | classes.py:813:26:813:30 | ControlFlowNode for other |
-| classes.py:830:15:830:18 | ControlFlowNode for self | classes.py:838:5:838:19 | ControlFlowNode for BinaryExpr |
-| classes.py:832:16:832:19 | ControlFlowNode for self | classes.py:838:5:838:19 | ControlFlowNode for BinaryExpr |
-| classes.py:838:5:838:12 | ControlFlowNode for with_and | classes.py:828:17:828:20 | ControlFlowNode for self |
-| classes.py:838:5:838:12 | ControlFlowNode for with_and | classes.py:838:5:838:19 | ControlFlowNode for BinaryExpr |
-| classes.py:838:16:838:19 | ControlFlowNode for arg2 | classes.py:828:23:828:27 | ControlFlowNode for other |
-| classes.py:845:15:845:18 | ControlFlowNode for self | classes.py:853:5:853:19 | ControlFlowNode for BinaryExpr |
-| classes.py:847:16:847:19 | ControlFlowNode for self | classes.py:853:5:853:19 | ControlFlowNode for BinaryExpr |
-| classes.py:853:5:853:12 | ControlFlowNode for with_xor | classes.py:843:17:843:20 | ControlFlowNode for self |
-| classes.py:853:5:853:12 | ControlFlowNode for with_xor | classes.py:853:5:853:19 | ControlFlowNode for BinaryExpr |
-| classes.py:853:16:853:19 | ControlFlowNode for arg2 | classes.py:843:23:843:27 | ControlFlowNode for other |
-| classes.py:860:15:860:18 | ControlFlowNode for self | classes.py:868:5:868:18 | ControlFlowNode for BinaryExpr |
-| classes.py:862:16:862:19 | ControlFlowNode for self | classes.py:868:5:868:18 | ControlFlowNode for BinaryExpr |
-| classes.py:868:5:868:11 | ControlFlowNode for with_or | classes.py:858:16:858:19 | ControlFlowNode for self |
-| classes.py:868:5:868:11 | ControlFlowNode for with_or | classes.py:868:5:868:18 | ControlFlowNode for BinaryExpr |
-| classes.py:868:15:868:18 | ControlFlowNode for arg2 | classes.py:858:22:858:26 | ControlFlowNode for other |
diff --git a/python/ql/test/experimental/dataflow/coverage/classesCallGraph.ql b/python/ql/test/experimental/dataflow/coverage/classesCallGraph.ql
deleted file mode 100644
index c1b66d0f323..00000000000
--- a/python/ql/test/experimental/dataflow/coverage/classesCallGraph.ql
+++ /dev/null
@@ -1,37 +0,0 @@
-import semmle.python.dataflow.new.DataFlow
-private import semmle.python.dataflow.new.internal.DataFlowPrivate as DataFlowPrivate
-
-/**
- * A configuration to find the call graph edges.
- */
-class CallGraphConfig extends DataFlow::Configuration {
-  CallGraphConfig() { this = "CallGraphConfig" }
-
-  override predicate isSource(DataFlow::Node node) {
-    node instanceof DataFlowPrivate::ReturnNode
-    or
-    // These sources should allow for the non-standard call syntax
-    node instanceof DataFlow::ArgumentNode
-  }
-
-  override predicate isSink(DataFlow::Node node) {
-    node instanceof DataFlowPrivate::OutNode
-    or
-    node instanceof DataFlow::ParameterNode and
-    // exclude parameters to the SINK-functions
-    not exists(DataFlowPrivate::DataFlowCallable c |
-      c.getParameter(_) = node.asCfgNode() and
-      c.getName().matches("SINK_")
-    )
-  }
-}
-
-from DataFlow::Node source, DataFlow::Node sink
-where
-  source.getLocation().getFile().getBaseName() = "classes.py" and
-  sink.getLocation().getFile().getBaseName() = "classes.py" and
-  exists(CallGraphConfig cfg | cfg.hasFlow(source, sink))
-select source, sink
-// Ideally, we would just have 1-step paths either from argument to parameter
-// or from return to call. This gives a bit more, so should be rewritten.
-// We should also consider splitting this into two, one for each direction.

From c1b256159817c5d7e400a942577d328a099df620 Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Wed, 22 Jun 2022 15:06:21 +0200
Subject: [PATCH 005/144] Python: Extend fieldflow tests with bound method call

---
 .../experimental/dataflow/fieldflow/test.py   | 34 +++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/python/ql/test/experimental/dataflow/fieldflow/test.py b/python/ql/test/experimental/dataflow/fieldflow/test.py
index d8d4b5f6fe0..c7a2bc50a14 100644
--- a/python/ql/test/experimental/dataflow/fieldflow/test.py
+++ b/python/ql/test/experimental/dataflow/fieldflow/test.py
@@ -160,6 +160,40 @@ def test_nested_obj_method():
     a.getObj().foo = x
     SINK(a.obj.foo) # $ flow="SOURCE, l:-3 -> a.obj.foo"
 
+# ------------------------------------------------------------------------------
+# Bound Method calls
+# ------------------------------------------------------------------------------
+
+class Foo:
+    def __init__(self, x):
+        self.x = x
+
+    def update_x(self, x):
+        self.x = x
+
+@expects(7) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
+def test_bound_method_call():
+    # direct assignment
+    foo = Foo(None)
+    SINK_F(foo.x)
+    foo.x = SOURCE
+    SINK(foo.x) # $ flow="SOURCE, l:-1 -> foo.x"
+    foo.x = None
+    SINK_F(foo.x)
+
+    # assignment through function
+    foo = Foo(SOURCE)
+    SINK(foo.x) # $ flow="SOURCE, l:-1 -> foo.x"
+    foo.update_x(None)
+    SINK_F(foo.x) # $ flow="SOURCE, l:-3 -> foo.x"
+
+    # assignment through bound-method calls
+    foo = Foo(SOURCE)
+    ux = foo.update_x
+    SINK(foo.x) # $ flow="SOURCE, l:-2 -> foo.x"
+    ux(None)
+    SINK_F(foo.x) # $ SPURIOUS: flow="SOURCE, l:-4 -> foo.x"
+
 # ------------------------------------------------------------------------------
 # Global scope
 # ------------------------------------------------------------------------------

From 6577281bed5a7c9bc4696f01f07362b5fe4c8ede Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Thu, 28 Jul 2022 10:57:08 +0200
Subject: [PATCH 006/144] Python: Add crosstalk fieldflow test

---
 .../experimental/dataflow/fieldflow/test.py   | 122 ++++++++++++++++++
 1 file changed, 122 insertions(+)

diff --git a/python/ql/test/experimental/dataflow/fieldflow/test.py b/python/ql/test/experimental/dataflow/fieldflow/test.py
index c7a2bc50a14..70db8554241 100644
--- a/python/ql/test/experimental/dataflow/fieldflow/test.py
+++ b/python/ql/test/experimental/dataflow/fieldflow/test.py
@@ -194,6 +194,128 @@ def test_bound_method_call():
     ux(None)
     SINK_F(foo.x) # $ SPURIOUS: flow="SOURCE, l:-4 -> foo.x"
 
+
+# ------------------------------------------------------------------------------
+# Crosstalk test -- using different function based on conditional
+# ------------------------------------------------------------------------------
+
+class CrosstalkTestX:
+    def __init__(self):
+        self.x = None
+        self.y = None
+
+    def setx(self, value):
+        self.x = value
+
+    def setvalue(self, value):
+        self.x = value
+
+
+class CrosstalkTestY:
+    def __init__(self):
+        self.x = None
+        self.y = None
+
+    def sety(self ,value):
+        self.y = value
+
+    def setvalue(self, value):
+        self.y = value
+
+
+@expects(8) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
+def test_no_crosstalk_reference(cond=True):
+    objx = CrosstalkTestX()
+    SINK_F(objx.x)
+    SINK_F(objx.y)
+
+    objy = CrosstalkTestY()
+    SINK_F(objy.x)
+    SINK_F(objy.y)
+
+    if cond:
+        objx.setvalue(SOURCE)
+    else:
+        objy.setvalue(SOURCE)
+
+    SINK(objx.x) # $ flow="SOURCE, l:-4 -> objx.x"
+    SINK_F(objx.y)
+    SINK_F(objy.x)
+    SINK_F(objy.y) # $ flow="SOURCE, l:-5 -> objy.y"
+
+
+@expects(8) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
+def test_potential_crosstalk_different_name(cond=True):
+    objx = CrosstalkTestX()
+    SINK_F(objx.x)
+    SINK_F(objx.y)
+
+    objy = CrosstalkTestY()
+    SINK_F(objy.x)
+    SINK_F(objy.y)
+
+    if cond:
+        func = objx.setx
+    else:
+        func = objy.sety
+
+    func(SOURCE)
+
+    SINK(objx.x) # $ MISSING: flow="SOURCE, l:-2 -> objx.x"
+    SINK_F(objx.y)
+    SINK_F(objy.x)
+    SINK_F(objy.y) # $ MISSING: flow="SOURCE, l:-5 -> objy.y"
+
+
+@expects(8) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
+def test_potential_crosstalk_same_name(cond=True):
+    objx = CrosstalkTestX()
+    SINK_F(objx.x)
+    SINK_F(objx.y)
+
+    objy = CrosstalkTestY()
+    SINK_F(objy.x)
+    SINK_F(objy.y)
+
+    if cond:
+        func = objx.setvalue
+    else:
+        func = objy.setvalue
+
+    func(SOURCE)
+
+    SINK(objx.x) # $ MISSING: flow="SOURCE, l:-2 -> objx.x"
+    SINK_F(objx.y)
+    SINK_F(objy.x)
+    SINK_F(objy.y) # $ MISSING: flow="SOURCE, l:-5 -> objy.y"
+
+
+@expects(10) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
+def test_potential_crosstalk_same_name_object_reference(cond=True):
+    objx = CrosstalkTestX()
+    SINK_F(objx.x)
+    SINK_F(objx.y)
+
+    objy = CrosstalkTestY()
+    SINK_F(objy.x)
+    SINK_F(objy.y)
+
+    if cond:
+        obj = objx
+    else:
+        obj = objy
+
+    obj.setvalue(SOURCE)
+
+    SINK(objx.x) # $ MISSING: flow="SOURCE, l:-2 -> objx.x"
+    SINK_F(objx.y)
+    SINK_F(objy.x)
+    SINK_F(objy.y) # $ MISSING: flow="SOURCE, l:-5 -> objy.y"
+
+    SINK(obj.x) # $ flow="SOURCE, l:-7 -> obj.x"
+    SINK_F(obj.y) # $ flow="SOURCE, l:-8 -> obj.y"
+
+
 # ------------------------------------------------------------------------------
 # Global scope
 # ------------------------------------------------------------------------------

From e8fdff7a3bea1c12d87ae5e33958f8aaf71ef534 Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 16 Aug 2022 14:48:41 +0200
Subject: [PATCH 007/144] Python: Expand ExternalAPIs test

We never had a showcase of how keyword arguments were handled
---
 .../ExternalAPIsUsedWithUntrustedData.expected       |  2 +-
 .../UntrustedDataToExternalAPI.expected              |  7 +++++++
 .../Security/CWE-020-ExternalAPIs/test.py            | 12 ++++++++++++
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.expected b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.expected
index c070169615c..7438c415858 100644
--- a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.expected
+++ b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.expected
@@ -1 +1 @@
-| hmac.new [param 1] | 1 | 1 |
+| hmac.new [param 1] | 2 | 1 |
diff --git a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected
index c64a6943813..e024ef20cba 100644
--- a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected
+++ b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected
@@ -1,9 +1,12 @@
 edges
 | test.py:0:0:0:0 | ModuleVariableNode for test.request | test.py:13:16:13:22 | ControlFlowNode for request |
+| test.py:0:0:0:0 | ModuleVariableNode for test.request | test.py:23:16:23:22 | ControlFlowNode for request |
 | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:5:26:5:32 | GSSA Variable request |
 | test.py:5:26:5:32 | GSSA Variable request | test.py:0:0:0:0 | ModuleVariableNode for test.request |
 | test.py:13:16:13:22 | ControlFlowNode for request | test.py:13:16:13:27 | ControlFlowNode for Attribute |
 | test.py:13:16:13:27 | ControlFlowNode for Attribute | test.py:15:36:15:39 | ControlFlowNode for data |
+| test.py:23:16:23:22 | ControlFlowNode for request | test.py:23:16:23:27 | ControlFlowNode for Attribute |
+| test.py:23:16:23:27 | ControlFlowNode for Attribute | test.py:25:44:25:47 | ControlFlowNode for data |
 nodes
 | test.py:0:0:0:0 | ModuleVariableNode for test.request | semmle.label | ModuleVariableNode for test.request |
 | test.py:5:26:5:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
@@ -11,6 +14,10 @@ nodes
 | test.py:13:16:13:22 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
 | test.py:13:16:13:27 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
 | test.py:15:36:15:39 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
+| test.py:23:16:23:22 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
+| test.py:23:16:23:27 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
+| test.py:25:44:25:47 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
 subpaths
 #select
 | test.py:15:36:15:39 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:15:36:15:39 | ControlFlowNode for data | Call to hmac.new [param 1] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember |
+| test.py:25:44:25:47 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:25:44:25:47 | ControlFlowNode for data | Call to hmac.new [param 1] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember |
diff --git a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/test.py b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/test.py
index b88748fbb29..ca4191ded85 100644
--- a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/test.py
+++ b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/test.py
@@ -18,11 +18,22 @@ def hmac_example():
     return "ok"
 
 
+@app.route("/hmac-example2")
+def hmac_example2():
+    data_raw = request.args.get("data").encode('utf-8')
+    data = base64.decodebytes(data_raw)
+    my_hmac = hmac.new(key=SECRET_KEY, msg=data, digestmod=hashlib.sha256)
+    digest = my_hmac.digest()
+    print(digest)
+    return "ok"
+
+
 @app.route("/unknown-lib-1")
 def unknown_lib_1():
     from unknown.lib import func
     data = request.args.get("data")
     func(data) # TODO: currently not recognized
+    func(kw=data) # TODO: currently not recognized
 
 
 @app.route("/unknown-lib-2")
@@ -30,6 +41,7 @@ def unknown_lib_2():
     import unknown.lib
     data = request.args.get("data")
     unknown.lib.func(data) # TODO: currently not recognized
+    unknown.lib.func(kw=data) # TODO: currently not recognized
 
 
 if __name__ == "__main__":

From 08bc14f59806387599cfe38463367a2761f13cf1 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Tue, 1 Nov 2022 22:50:13 +0100
Subject: [PATCH 008/144] add failing test

---
 .../CWE-400/ReDoS/PolynomialBackTracking.expected        | 2 ++
 .../Security/CWE-400/ReDoS/PolynomialReDoS.expected      | 9 +++++++++
 .../test/query-tests/Security/CWE-400/ReDoS/lib/lib.js   | 9 ++++++++-
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialBackTracking.expected b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialBackTracking.expected
index e1ad3adb91c..6ed2af353f5 100644
--- a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialBackTracking.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialBackTracking.expected
@@ -33,6 +33,8 @@
 | lib/lib.js:8:3:8:4 | f* | Strings with many repetitions of 'f' can start matching anywhere after the start of the preceeding f*g |
 | lib/lib.js:28:3:28:4 | f* | Strings with many repetitions of 'f' can start matching anywhere after the start of the preceeding f*g |
 | lib/lib.js:36:3:36:4 | f* | Strings with many repetitions of 'f' can start matching anywhere after the start of the preceeding f*g |
+| lib/lib.js:42:29:42:30 | f* | Strings with many repetitions of 'f' can start matching anywhere after the start of the preceeding f*g |
+| lib/lib.js:45:29:45:30 | f* | Strings with many repetitions of 'f' can start matching anywhere after the start of the preceeding f*g |
 | lib/moduleLib/moduleLib.js:2:3:2:4 | a* | Strings with many repetitions of 'a' can start matching anywhere after the start of the preceeding a*b |
 | lib/otherLib/js/src/index.js:2:3:2:4 | a* | Strings with many repetitions of 'a' can start matching anywhere after the start of the preceeding a*b |
 | lib/snapdragon.js:7:28:7:29 | a* | Strings starting with 'a' and with many repetitions of 'a' can start matching anywhere after the start of the preceeding aa*$ |
diff --git a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
index 3df7db24964..c4076c927cd 100644
--- a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
@@ -28,6 +28,10 @@ nodes
 | lib/lib.js:35:28:35:31 | name |
 | lib/lib.js:36:13:36:16 | name |
 | lib/lib.js:36:13:36:16 | name |
+| lib/lib.js:41:32:41:35 | name |
+| lib/lib.js:41:32:41:35 | name |
+| lib/lib.js:42:17:42:20 | name |
+| lib/lib.js:42:17:42:20 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name |
 | lib/moduleLib/moduleLib.js:2:13:2:16 | name |
@@ -249,6 +253,10 @@ edges
 | lib/lib.js:35:1:37:1 | 'arguments' object of function usedWithArguments | lib/lib.js:35:28:35:31 | name |
 | lib/lib.js:35:28:35:31 | name | lib/lib.js:36:13:36:16 | name |
 | lib/lib.js:35:28:35:31 | name | lib/lib.js:36:13:36:16 | name |
+| lib/lib.js:41:32:41:35 | name | lib/lib.js:42:17:42:20 | name |
+| lib/lib.js:41:32:41:35 | name | lib/lib.js:42:17:42:20 | name |
+| lib/lib.js:41:32:41:35 | name | lib/lib.js:42:17:42:20 | name |
+| lib/lib.js:41:32:41:35 | name | lib/lib.js:42:17:42:20 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name | lib/moduleLib/moduleLib.js:2:13:2:16 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name | lib/moduleLib/moduleLib.js:2:13:2:16 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name | lib/moduleLib/moduleLib.js:2:13:2:16 | name |
@@ -440,6 +448,7 @@ edges
 | lib/lib.js:4:2:4:18 | regexp.test(name) | lib/lib.js:3:28:3:31 | name | lib/lib.js:4:14:4:17 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'a'. | lib/lib.js:1:15:1:16 | a* | regular expression | lib/lib.js:3:28:3:31 | name | library input |
 | lib/lib.js:8:2:8:17 | /f*g/.test(name) | lib/lib.js:7:19:7:22 | name | lib/lib.js:8:13:8:16 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'f'. | lib/lib.js:8:3:8:4 | f* | regular expression | lib/lib.js:7:19:7:22 | name | library input |
 | lib/lib.js:36:2:36:17 | /f*g/.test(name) | lib/lib.js:32:32:32:40 | arguments | lib/lib.js:36:13:36:16 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'f'. | lib/lib.js:36:3:36:4 | f* | regular expression | lib/lib.js:32:32:32:40 | arguments | library input |
+| lib/lib.js:42:17:42:33 | name.match(/f*g/) | lib/lib.js:41:32:41:35 | name | lib/lib.js:42:17:42:20 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'f'. | lib/lib.js:42:29:42:30 | f* | regular expression | lib/lib.js:41:32:41:35 | name | library input |
 | lib/moduleLib/moduleLib.js:2:2:2:17 | /a*b/.test(name) | lib/moduleLib/moduleLib.js:1:28:1:31 | name | lib/moduleLib/moduleLib.js:2:13:2:16 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'a'. | lib/moduleLib/moduleLib.js:2:3:2:4 | a* | regular expression | lib/moduleLib/moduleLib.js:1:28:1:31 | name | library input |
 | lib/otherLib/js/src/index.js:2:2:2:17 | /a*b/.test(name) | lib/otherLib/js/src/index.js:1:28:1:31 | name | lib/otherLib/js/src/index.js:2:13:2:16 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'a'. | lib/otherLib/js/src/index.js:2:3:2:4 | a* | regular expression | lib/otherLib/js/src/index.js:1:28:1:31 | name | library input |
 | lib/snapdragon.js:7:15:7:32 | this.match(/aa*$/) | lib/snapdragon.js:3:34:3:38 | input | lib/snapdragon.js:7:15:7:18 | this | This $@ that depends on $@ may run slow on strings starting with 'a' and with many repetitions of 'a'. | lib/snapdragon.js:7:28:7:29 | a* | regular expression | lib/snapdragon.js:3:34:3:38 | input | library input |
diff --git a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/lib/lib.js b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/lib/lib.js
index 5c892f328a3..87b7e8292d2 100644
--- a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/lib/lib.js
+++ b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/lib/lib.js
@@ -36,4 +36,11 @@ function usedWithArguments(name) {
 	/f*g/.test(name); // NOT OK
 }
 
-module.exports.snapdragon = require("./snapdragon")
\ No newline at end of file
+module.exports.snapdragon = require("./snapdragon")
+
+module.exports.foo = function (name) {
+    var data1 = name.match(/f*g/); // NOT OK
+
+    name = name.substr(1);
+    var data2 = name.match(/f*g/); // NOT OK - but not flagged
+}
\ No newline at end of file

From 851d53d56b69254efcb2c1898b0e47d9fe53daa8 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Tue, 1 Nov 2022 22:51:07 +0100
Subject: [PATCH 009/144] don't sanitize calls through substring calls that
 just remove the start

---
 .../regexp/PolynomialReDoSCustomizations.qll         |  3 ++-
 .../Security/CWE-400/ReDoS/PolynomialReDoS.expected  | 12 ++++++++++++
 .../query-tests/Security/CWE-400/ReDoS/lib/lib.js    |  2 +-
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/javascript/ql/lib/semmle/javascript/security/regexp/PolynomialReDoSCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/regexp/PolynomialReDoSCustomizations.qll
index 87f9437196f..508eaf40e2c 100644
--- a/javascript/ql/lib/semmle/javascript/security/regexp/PolynomialReDoSCustomizations.qll
+++ b/javascript/ql/lib/semmle/javascript/security/regexp/PolynomialReDoSCustomizations.qll
@@ -90,7 +90,8 @@ module PolynomialReDoS {
         isCharClassLike(root)
       )
       or
-      this.(DataFlow::MethodCallNode).getMethodName() = StringOps::substringMethodName()
+      this.(DataFlow::MethodCallNode).getMethodName() = StringOps::substringMethodName() and
+      not this.(DataFlow::MethodCallNode).getNumArgument() = 1 // with one argument it just slices off the beginning
     }
   }
 
diff --git a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
index c4076c927cd..04bf2cbad36 100644
--- a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/PolynomialReDoS.expected
@@ -32,6 +32,11 @@ nodes
 | lib/lib.js:41:32:41:35 | name |
 | lib/lib.js:42:17:42:20 | name |
 | lib/lib.js:42:17:42:20 | name |
+| lib/lib.js:44:5:44:25 | name |
+| lib/lib.js:44:12:44:15 | name |
+| lib/lib.js:44:12:44:25 | name.substr(1) |
+| lib/lib.js:45:17:45:20 | name |
+| lib/lib.js:45:17:45:20 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name |
 | lib/moduleLib/moduleLib.js:2:13:2:16 | name |
@@ -257,6 +262,12 @@ edges
 | lib/lib.js:41:32:41:35 | name | lib/lib.js:42:17:42:20 | name |
 | lib/lib.js:41:32:41:35 | name | lib/lib.js:42:17:42:20 | name |
 | lib/lib.js:41:32:41:35 | name | lib/lib.js:42:17:42:20 | name |
+| lib/lib.js:41:32:41:35 | name | lib/lib.js:44:12:44:15 | name |
+| lib/lib.js:41:32:41:35 | name | lib/lib.js:44:12:44:15 | name |
+| lib/lib.js:44:5:44:25 | name | lib/lib.js:45:17:45:20 | name |
+| lib/lib.js:44:5:44:25 | name | lib/lib.js:45:17:45:20 | name |
+| lib/lib.js:44:12:44:15 | name | lib/lib.js:44:12:44:25 | name.substr(1) |
+| lib/lib.js:44:12:44:25 | name.substr(1) | lib/lib.js:44:5:44:25 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name | lib/moduleLib/moduleLib.js:2:13:2:16 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name | lib/moduleLib/moduleLib.js:2:13:2:16 | name |
 | lib/moduleLib/moduleLib.js:1:28:1:31 | name | lib/moduleLib/moduleLib.js:2:13:2:16 | name |
@@ -449,6 +460,7 @@ edges
 | lib/lib.js:8:2:8:17 | /f*g/.test(name) | lib/lib.js:7:19:7:22 | name | lib/lib.js:8:13:8:16 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'f'. | lib/lib.js:8:3:8:4 | f* | regular expression | lib/lib.js:7:19:7:22 | name | library input |
 | lib/lib.js:36:2:36:17 | /f*g/.test(name) | lib/lib.js:32:32:32:40 | arguments | lib/lib.js:36:13:36:16 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'f'. | lib/lib.js:36:3:36:4 | f* | regular expression | lib/lib.js:32:32:32:40 | arguments | library input |
 | lib/lib.js:42:17:42:33 | name.match(/f*g/) | lib/lib.js:41:32:41:35 | name | lib/lib.js:42:17:42:20 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'f'. | lib/lib.js:42:29:42:30 | f* | regular expression | lib/lib.js:41:32:41:35 | name | library input |
+| lib/lib.js:45:17:45:33 | name.match(/f*g/) | lib/lib.js:41:32:41:35 | name | lib/lib.js:45:17:45:20 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'f'. | lib/lib.js:45:29:45:30 | f* | regular expression | lib/lib.js:41:32:41:35 | name | library input |
 | lib/moduleLib/moduleLib.js:2:2:2:17 | /a*b/.test(name) | lib/moduleLib/moduleLib.js:1:28:1:31 | name | lib/moduleLib/moduleLib.js:2:13:2:16 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'a'. | lib/moduleLib/moduleLib.js:2:3:2:4 | a* | regular expression | lib/moduleLib/moduleLib.js:1:28:1:31 | name | library input |
 | lib/otherLib/js/src/index.js:2:2:2:17 | /a*b/.test(name) | lib/otherLib/js/src/index.js:1:28:1:31 | name | lib/otherLib/js/src/index.js:2:13:2:16 | name | This $@ that depends on $@ may run slow on strings with many repetitions of 'a'. | lib/otherLib/js/src/index.js:2:3:2:4 | a* | regular expression | lib/otherLib/js/src/index.js:1:28:1:31 | name | library input |
 | lib/snapdragon.js:7:15:7:32 | this.match(/aa*$/) | lib/snapdragon.js:3:34:3:38 | input | lib/snapdragon.js:7:15:7:18 | this | This $@ that depends on $@ may run slow on strings starting with 'a' and with many repetitions of 'a'. | lib/snapdragon.js:7:28:7:29 | a* | regular expression | lib/snapdragon.js:3:34:3:38 | input | library input |
diff --git a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/lib/lib.js b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/lib/lib.js
index 87b7e8292d2..73700dfbc6b 100644
--- a/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/lib/lib.js
+++ b/javascript/ql/test/query-tests/Security/CWE-400/ReDoS/lib/lib.js
@@ -42,5 +42,5 @@ module.exports.foo = function (name) {
     var data1 = name.match(/f*g/); // NOT OK
 
     name = name.substr(1);
-    var data2 = name.match(/f*g/); // NOT OK - but not flagged
+    var data2 = name.match(/f*g/); // NOT OK
 }
\ No newline at end of file

From 5c905c42b268ed3f499033eb9605f7090c3081e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Wed, 26 Oct 2022 20:23:58 +0200
Subject: [PATCH 010/144] Swift: Initial UnsafeJsEval query

---
 .../queries/Security/CWE-094/UnsafeJsEval.ql  | 119 ++++++++++++++++++
 1 file changed, 119 insertions(+)
 create mode 100644 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
new file mode 100644
index 00000000000..ced918a64d4
--- /dev/null
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
@@ -0,0 +1,119 @@
+/**
+ * @name JavaScript Injection
+ * @description Evaluating JavaScript code containing a substring from a remote source may lead to remote code execution.
+ * @kind path-problem
+ * @problem.severity warning
+ * @security-severity 6.1
+ * @precision high
+ * @id swift/unsafe-js-eval
+ * @tags security
+ *       external/cwe/cwe-094
+ *       external/cwe/cwe-095
+ *       external/cwe/cwe-749
+ */
+
+import swift
+import codeql.swift.dataflow.DataFlow
+import codeql.swift.dataflow.TaintTracking
+import codeql.swift.dataflow.FlowSources
+import DataFlow::PathGraph
+
+/**
+ * A source of untrusted, user-controlled data.
+ * TODO: Extend to more (non-remote) sources in the future.
+ */
+class Source = RemoteFlowSource;
+
+/**
+ * A sink that evaluates a string of JavaScript code.
+ */
+abstract class Sink extends DataFlow::Node { }
+
+class WKWebView extends Sink {
+  WKWebView() {
+    any(CallExpr ce |
+      ce.getStaticTarget() =
+        getMethodWithQualifiedName("WKWebView",
+          [
+            "evaluateJavaScript(_:completionHandler:)",
+            "evaluateJavaScript(_:in:in:completionHandler:)",
+            "evaluateJavaScript(_:in:contentWorld:)",
+            "callAsyncJavaScript(_:arguments:in:in:completionHandler:)",
+            "callAsyncJavaScript(_:arguments:in:contentWorld:)"
+          ])
+    ).getArgument(0).getExpr() = this.asExpr()
+  }
+}
+
+class WKUserContentController extends Sink {
+  WKUserContentController() {
+    any(CallExpr ce |
+      ce.getStaticTarget() =
+        getMethodWithQualifiedName("WKUserContentController", "addUserScript(_:)")
+    ).getArgument(0).getExpr() = this.asExpr()
+  }
+}
+
+class UIWebView extends Sink {
+  UIWebView() {
+    any(CallExpr ce |
+      ce.getStaticTarget() =
+        getMethodWithQualifiedName(["UIWebView", "WebView"], "stringByEvaluatingJavaScript(from:)")
+    ).getArgument(0).getExpr() = this.asExpr()
+  }
+}
+
+class JSContext extends Sink {
+  JSContext() {
+    any(CallExpr ce |
+      ce.getStaticTarget() =
+        getMethodWithQualifiedName("JSContext",
+          ["evaluateScript(_:)", "evaluateScript(_:withSourceURL:)"])
+    ).getArgument(0).getExpr() = this.asExpr()
+  }
+}
+
+class JSEvaluateScript extends Sink {
+  JSEvaluateScript() {
+    any(CallExpr ce |
+      ce.getStaticTarget() = getFunctionWithQualifiedName("JSEvaluateScript(_:_:_:_:_:_:)")
+    ).getArgument(1).getExpr() = this.asExpr()
+  }
+}
+
+// TODO: Consider moving the following to the library, e.g.
+// - Decl.hasQualifiedName(moduleName?, declaringDeclName?, declName)
+// - parentDecl = memberDecl.getDeclaringDecl() <=> parentDecl.getAMember() = memberDecl
+IterableDeclContext getDeclaringDeclOf(Decl member) { result.getAMember() = member }
+
+MethodDecl getMethodWithQualifiedName(string className, string methodName) {
+  result.getName() = methodName and
+  getDeclaringDeclOf(result).(NominalTypeDecl).getName() = className
+}
+
+AbstractFunctionDecl getFunctionWithQualifiedName(string funcName) {
+  result.getName() = funcName and
+  not result.hasSelfParam()
+}
+
+/**
+ * A taint configuration from taint sources to sinks for this query.
+ */
+class UnsafeJsEvalConfig extends TaintTracking::Configuration {
+  UnsafeJsEvalConfig() { this = "UnsafeJsEvalConfig" }
+
+  override predicate isSource(DataFlow::Node node) { node instanceof Source }
+
+  override predicate isSink(DataFlow::Node node) { node instanceof Sink }
+
+  override predicate isSanitizer(DataFlow::Node node) {
+    none() // TODO: A conversion to a primitive type or an enum
+  }
+}
+
+from
+  UnsafeJsEvalConfig config, DataFlow::PathNode sourceNode, DataFlow::PathNode sinkNode, Sink sink
+where
+  config.hasFlowPath(sourceNode, sinkNode) and
+  sink = sinkNode.getNode()
+select sink, sourceNode, sinkNode, "Evaluation of uncontrolled JavaScript from a remote source."

From 7b599f5fefecf3e4798c4ed2211a8d2c7d692c49 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Thu, 27 Oct 2022 11:42:22 +0200
Subject: [PATCH 011/144] Swift: Add async varant of WKWebView
 evaluateJavaScript(_:)

See concurrency note here: https://developer.apple.com/documentation/webkit/wkwebview/1415017-evaluatejavascript

See also https://developer.apple.com/documentation/swift/calling-objective-c-apis-asynchronously
---
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
index ced918a64d4..53891e2c03d 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
@@ -35,7 +35,7 @@ class WKWebView extends Sink {
       ce.getStaticTarget() =
         getMethodWithQualifiedName("WKWebView",
           [
-            "evaluateJavaScript(_:completionHandler:)",
+            "evaluateJavaScript(_:)", "evaluateJavaScript(_:completionHandler:)",
             "evaluateJavaScript(_:in:in:completionHandler:)",
             "evaluateJavaScript(_:in:contentWorld:)",
             "callAsyncJavaScript(_:arguments:in:in:completionHandler:)",

From 28b7f0884f6d88f3e7f81d7f9a531ed4b22c0b64 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Wed, 2 Nov 2022 12:49:59 +0100
Subject: [PATCH 012/144] Swift: UnsafeJsEval test finally compiles

---
 .../Security/CWE-094/UnsafeJsEval.expected    |   0
 .../Security/CWE-094/UnsafeJsEval.qlref       |   1 +
 .../Security/CWE-094/UnsafeJsEval.swift       | 299 ++++++++++++++++++
 3 files changed, 300 insertions(+)
 create mode 100644 swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
 create mode 100644 swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.qlref
 create mode 100644 swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift

diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.qlref b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.qlref
new file mode 100644
index 00000000000..b8c11cee30d
--- /dev/null
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.qlref
@@ -0,0 +1 @@
+queries/Security/CWE-094/UnsafeJsEval.ql
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
new file mode 100644
index 00000000000..51914bd97e1
--- /dev/null
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
@@ -0,0 +1,299 @@
+
+// --- stubs ---
+
+class NSObject {}
+
+@MainActor class UIResponder : NSObject {}
+@MainActor class UIView : UIResponder {}
+
+@MainActor class NSResponder : NSObject {}
+class NSView : NSResponder {}
+
+class WKFrameInfo : NSObject {}
+class WKContentWorld : NSObject {
+	class var defaultClient: WKContentWorld { WKContentWorld() }
+}
+
+class WKWebView : UIView {
+
+	func evaluateJavaScript(
+		_ javaScriptString: String
+	) async throws -> Any { "" }
+
+	func evaluateJavaScript(
+		_ javaScriptString: String,
+		completionHandler: ((Any?, Error?) -> Void)? = nil
+	) {
+		completionHandler?(nil, nil)
+	}
+
+	@MainActor func evaluateJavaScript(
+		_ javaScript: String,
+		in frame: WKFrameInfo? = nil,
+		in contentWorld: WKContentWorld,
+		completionHandler: ((Result<Any, Error>) -> Void)? = nil
+	) {
+		completionHandler?(.success(""))
+	}
+
+	@MainActor func evaluateJavaScript(
+		_ javaScript: String,
+		in frame: WKFrameInfo? = nil,
+		contentWorld: WKContentWorld
+	) async throws -> Any? { nil }
+
+	@MainActor func callAsyncJavaScript(
+		_ functionBody: String,
+		arguments: [String : Any] = [:],
+		in frame: WKFrameInfo? = nil,
+		in contentWorld: WKContentWorld,
+		completionHandler: ((Result<Any, Error>) -> Void)? = nil
+	) {
+		completionHandler?(.success(""))
+	}
+
+	@MainActor func callAsyncJavaScript(
+		_ functionBody: String,
+		arguments: [String : Any] = [:],
+		in frame: WKFrameInfo? = nil,
+		contentWorld: WKContentWorld
+	) async throws -> Any? { nil }
+}
+
+enum WKUserScriptInjectionTime : Int, @unchecked Sendable {
+	case atDocumentStart, atDocumentEnd
+}
+
+class WKUserScript : NSObject {
+	init(
+		source: String,
+		injectionTime: WKUserScriptInjectionTime,
+		forMainFrameOnly: Bool
+	) {}
+
+	init(
+		source: String,
+		injectionTime: WKUserScriptInjectionTime,
+		forMainFrameOnly: Bool,
+		in contentWorld: WKContentWorld
+	) {}
+}
+
+class WKUserContentController : NSObject {
+	func addUserScript(_ userScript: WKUserScript) {}
+}
+
+class UIWebView : UIView {
+	// deprecated
+	func stringByEvaluatingJavaScript(from script: String) -> String? { nil }
+}
+
+class WebView : NSView {
+	// deprecated
+	func stringByEvaluatingJavaScript(from script: String!) -> String! { "" }
+}
+
+class JSValue : NSObject {}
+
+class JSContext {
+	func evaluateScript(_ script: String!) -> JSValue! { return JSValue() }
+	func evaluateScript(
+		_ script: String!,
+		withSourceURL sourceURL: URL!
+	) -> JSValue! { return JSValue() }
+}
+
+typealias JSContextRef = OpaquePointer
+typealias JSStringRef = OpaquePointer
+typealias JSObjectRef = OpaquePointer
+typealias JSValueRef = OpaquePointer
+typealias JSChar = UInt16
+
+func JSStringCreateWithCharacters(
+    _ chars: UnsafePointer<JSChar>!,
+    _ numChars: Int
+) -> JSStringRef! {
+	return chars.withMemoryRebound(to: CChar.self, capacity: numChars) {
+		cchars in OpaquePointer(cchars)
+	}
+}
+func JSStringCreateWithUTF8CString(_ string: UnsafePointer<CChar>!) -> JSStringRef! {
+	return OpaquePointer(string)
+}
+func JSStringRetain(_ string: JSStringRef!) -> JSStringRef! { return string }
+func JSStringRelease(_ string: JSStringRef!) { }
+
+func JSEvaluateScript(
+    _ ctx: JSContextRef!,
+    _ script: JSStringRef!,
+    _ thisObject: JSObjectRef!,
+    _ sourceURL: JSStringRef!,
+    _ startingLineNumber: Int32,
+    _ exception: UnsafeMutablePointer<JSValueRef?>!
+) -> JSValueRef! { return OpaquePointer(bitPattern: 0) }
+
+@frozen
+public struct Data: Collection {
+	public typealias Index = Int
+	public typealias Element = UInt8
+	public subscript(x: Index) -> Element { 0 }
+	public var startIndex: Index { 0 }
+	public var endIndex: Index { 0 }
+	public func index(after i: Index) -> Index { i + 1 }
+    init<S>(_ elements: S) {}
+}
+
+struct URL {
+	init?(string: String) {}
+	init?(string: String, relativeTo: URL?) {}
+}
+
+extension String {
+	init(contentsOf: URL) throws {
+        let data = ""
+        // ...
+        self.init(data)
+    }
+}
+
+// --- tests ---
+
+func getRemoteData() -> String {
+	let url = URL(string: "http://example.com/")
+	do {
+		return try String(contentsOf: url!)
+	} catch {
+		return ""
+	}
+}
+
+func testUsage(_ sink: @escaping (String) async throws -> ()) {
+	Task {
+		let localString = "console.log('localString')"
+		let localStringFragment = "'localStringFragment'"
+		let remoteString = getRemoteData()
+
+		try! await sink(localString) // GOOD: the HTML data is local
+		try! await sink(getRemoteData()) // BAD: HTML contains remote input, may access local secrets
+		try! await sink(remoteString) // BAD
+
+		try! await sink("console.log(" + localStringFragment + ")") // GOOD: the HTML data is local
+		try! await sink("console.log(" + remoteString + ")") // BAD
+
+		let localData = Data(localString.utf8)
+		let remoteData = Data(remoteString.utf8)
+
+		try! await sink(String(decoding: localData, as: UTF8.self)) // GOOD: the data is local
+		try! await sink(String(decoding: remoteData, as: UTF8.self)) // BAD: the data is remote
+
+		try! await sink("console.log(" + String(Int(localStringFragment) ?? 0) + ")") // GOOD: Primitive conversion
+		try! await sink("console.log(" + String(Int(remoteString) ?? 0) + ")") // GOOD: Primitive conversion
+
+		try! await sink("console.log(" + (localStringFragment.count != 0 ? "1" : "0") + ")") // GOOD: Primitive conversion
+		try! await sink("console.log(" + (remoteString.count != 0 ? "1" : "0") + ")") // GOOD: Primitive conversion
+	}
+}
+
+func testUIWebView() {
+	let webview = UIWebView()
+
+	testUsage { string in
+		_ = await webview.stringByEvaluatingJavaScript(from: string)
+	}
+}
+
+func testWebView() {
+	let webview = WebView()
+
+	testUsage { string in
+		_ = await webview.stringByEvaluatingJavaScript(from: string)
+	}
+}
+
+func testWKWebView() {
+	let webview = WKWebView()
+
+	testUsage { string in
+		_ = try await webview.evaluateJavaScript(string)
+	}
+	testUsage { string in
+		await webview.evaluateJavaScript(string) { _, _ in }
+	}
+	testUsage { string in
+		await webview.evaluateJavaScript(string, in: nil, in: WKContentWorld.defaultClient) { _ in }
+	}
+	testUsage { string in
+		_ = try await webview.evaluateJavaScript(string, contentWorld: .defaultClient)
+	}
+	testUsage { string in
+		await webview.callAsyncJavaScript(string, in: nil, in: .defaultClient) { _ in () }
+	}
+	testUsage { string in
+		_ = try await webview.callAsyncJavaScript(string, contentWorld: WKContentWorld.defaultClient)
+	}
+}
+
+func testWKUserContentController() {
+	let ctrl = WKUserContentController()
+
+	testUsage { string in
+		ctrl.addUserScript(WKUserScript(source: string, injectionTime: .atDocumentStart, forMainFrameOnly: false))
+	}
+	testUsage { string in
+		ctrl.addUserScript(WKUserScript(source: string, injectionTime: .atDocumentEnd, forMainFrameOnly: true, in: .defaultClient))
+	}
+}
+
+func testJSContext() {
+	let ctx = JSContext()
+
+	testUsage { string in
+		_ = ctx.evaluateScript(string)
+	}
+	testUsage { string in
+		_ = ctx.evaluateScript(string, withSourceURL: URL(string: "https://example.com"))
+	}
+}
+
+func testJSEvaluateScript() {
+	testUsage { string in
+		string.utf16.withContiguousStorageIfAvailable { stringBytes in
+			let jsstr = JSStringRetain(JSStringCreateWithCharacters(stringBytes.baseAddress, string.count))
+			defer { JSStringRelease(jsstr) }
+			_ = JSEvaluateScript(
+				/*ctx:*/ OpaquePointer(bitPattern: 0),
+				/*script:*/ jsstr,
+				/*thisObject:*/ OpaquePointer(bitPattern: 0),
+				/*sourceURL:*/ OpaquePointer(bitPattern: 0),
+				/*startingLineNumber:*/ 0,
+				/*exception:*/ UnsafeMutablePointer(bitPattern: 0)
+			)
+		}
+	}
+	testUsage { string in
+		string.utf8CString.withUnsafeBufferPointer { stringBytes in
+			let jsstr = JSStringRetain(JSStringCreateWithUTF8CString(stringBytes.baseAddress))
+			defer { JSStringRelease(jsstr) }
+			_ = JSEvaluateScript(
+				/*ctx:*/ OpaquePointer(bitPattern: 0),
+				/*script:*/ jsstr,
+				/*thisObject:*/ OpaquePointer(bitPattern: 0),
+				/*sourceURL:*/ OpaquePointer(bitPattern: 0),
+				/*startingLineNumber:*/ 0,
+				/*exception:*/ UnsafeMutablePointer(bitPattern: 0)
+			)
+		}
+	}
+}
+
+func testQHelpExamples() {
+
+}
+
+testUIWebView()
+testWebView()
+testWKWebView()
+testWKUserContentController()
+testJSContext()
+testJSEvaluateScript()
+testQHelpExamples()

From 3d24e0a2ebb187ad93cf04e0ef74297e717a92db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Thu, 3 Nov 2022 11:12:41 +0100
Subject: [PATCH 013/144] Swift: enable VSCode to build extractor via CMake

The `-arch=x86_64` from `swift/rules.bzl` turns out to be unnecessary,
even on Arm-based Macs.
---
 .vscode/settings.json | 4 +++-
 swift/CMakeLists.txt  | 4 ++++
 swift/rules.bzl       | 6 +-----
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/.vscode/settings.json b/.vscode/settings.json
index 8b22c91bb77..1050c79b825 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,3 +1,5 @@
 {
-    "omnisharp.autoStart": false
+  "omnisharp.autoStart": false,
+  "cmake.sourceDirectory": "${workspaceFolder}/swift",
+  "cmake.buildDirectory": "${workspaceFolder}/bazel-cmake-build"
 }
diff --git a/swift/CMakeLists.txt b/swift/CMakeLists.txt
index ad431e49a17..fbc55187567 100644
--- a/swift/CMakeLists.txt
+++ b/swift/CMakeLists.txt
@@ -9,6 +9,10 @@ set(CMAKE_CXX_EXTENSIONS OFF)
 set(CMAKE_C_COMPILER clang)
 set(CMAKE_CXX_COMPILER clang++)
 
+if(APPLE)
+    set(CMAKE_OSX_ARCHITECTURES x86_64) # temporary until we can build a Universal Binary
+endif()
+
 project(codeql)
 
 include(../misc/bazel/cmake/setup.cmake)
diff --git a/swift/rules.bzl b/swift/rules.bzl
index 29a1a704f02..ba9e4b0e8bf 100644
--- a/swift/rules.bzl
+++ b/swift/rules.bzl
@@ -5,11 +5,7 @@ def _wrap_cc(rule, kwargs):
     _add_args(kwargs, "copts", [
         # Required by LLVM/Swift
         "-fno-rtti",
-    ] + select({
-        # temporary, before we do universal merging and have an arm prebuilt package, we make arm build x86
-        "@platforms//os:macos": ["-arch=x86_64"],
-        "//conditions:default": [],
-    }))
+    ])
     _add_args(kwargs, "features", [
         # temporary, before we do universal merging
         "-universal_binaries",

From fdd7d76ffd0760315d313cd9570f213abce4e581 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Thu, 3 Nov 2022 16:14:43 +0100
Subject: [PATCH 014/144] Swift: use FreeFunctionDecl/.has(Qualified)Name

Instead of hand-rolled predicates.
---
 .../queries/Security/CWE-094/UnsafeJsEval.ql  | 52 +++++++------------
 1 file changed, 20 insertions(+), 32 deletions(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
index 53891e2c03d..fff05671313 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
@@ -32,15 +32,16 @@ abstract class Sink extends DataFlow::Node { }
 class WKWebView extends Sink {
   WKWebView() {
     any(CallExpr ce |
-      ce.getStaticTarget() =
-        getMethodWithQualifiedName("WKWebView",
-          [
-            "evaluateJavaScript(_:)", "evaluateJavaScript(_:completionHandler:)",
-            "evaluateJavaScript(_:in:in:completionHandler:)",
-            "evaluateJavaScript(_:in:contentWorld:)",
-            "callAsyncJavaScript(_:arguments:in:in:completionHandler:)",
-            "callAsyncJavaScript(_:arguments:in:contentWorld:)"
-          ])
+      ce.getStaticTarget()
+          .(MethodDecl)
+          .hasQualifiedName("WKWebView",
+            [
+              "evaluateJavaScript(_:)", "evaluateJavaScript(_:completionHandler:)",
+              "evaluateJavaScript(_:in:in:completionHandler:)",
+              "evaluateJavaScript(_:in:contentWorld:)",
+              "callAsyncJavaScript(_:arguments:in:in:completionHandler:)",
+              "callAsyncJavaScript(_:arguments:in:contentWorld:)"
+            ])
     ).getArgument(0).getExpr() = this.asExpr()
   }
 }
@@ -48,8 +49,9 @@ class WKWebView extends Sink {
 class WKUserContentController extends Sink {
   WKUserContentController() {
     any(CallExpr ce |
-      ce.getStaticTarget() =
-        getMethodWithQualifiedName("WKUserContentController", "addUserScript(_:)")
+      ce.getStaticTarget()
+          .(MethodDecl)
+          .hasQualifiedName("WKUserContentController", "addUserScript(_:)")
     ).getArgument(0).getExpr() = this.asExpr()
   }
 }
@@ -57,8 +59,9 @@ class WKUserContentController extends Sink {
 class UIWebView extends Sink {
   UIWebView() {
     any(CallExpr ce |
-      ce.getStaticTarget() =
-        getMethodWithQualifiedName(["UIWebView", "WebView"], "stringByEvaluatingJavaScript(from:)")
+      ce.getStaticTarget()
+          .(MethodDecl)
+          .hasQualifiedName(["UIWebView", "WebView"], "stringByEvaluatingJavaScript(from:)")
     ).getArgument(0).getExpr() = this.asExpr()
   }
 }
@@ -66,9 +69,9 @@ class UIWebView extends Sink {
 class JSContext extends Sink {
   JSContext() {
     any(CallExpr ce |
-      ce.getStaticTarget() =
-        getMethodWithQualifiedName("JSContext",
-          ["evaluateScript(_:)", "evaluateScript(_:withSourceURL:)"])
+      ce.getStaticTarget()
+          .(MethodDecl)
+          .hasQualifiedName("JSContext", ["evaluateScript(_:)", "evaluateScript(_:withSourceURL:)"])
     ).getArgument(0).getExpr() = this.asExpr()
   }
 }
@@ -76,26 +79,11 @@ class JSContext extends Sink {
 class JSEvaluateScript extends Sink {
   JSEvaluateScript() {
     any(CallExpr ce |
-      ce.getStaticTarget() = getFunctionWithQualifiedName("JSEvaluateScript(_:_:_:_:_:_:)")
+      ce.getStaticTarget().(FreeFunctionDecl).hasName("JSEvaluateScript(_:_:_:_:_:_:)")
     ).getArgument(1).getExpr() = this.asExpr()
   }
 }
 
-// TODO: Consider moving the following to the library, e.g.
-// - Decl.hasQualifiedName(moduleName?, declaringDeclName?, declName)
-// - parentDecl = memberDecl.getDeclaringDecl() <=> parentDecl.getAMember() = memberDecl
-IterableDeclContext getDeclaringDeclOf(Decl member) { result.getAMember() = member }
-
-MethodDecl getMethodWithQualifiedName(string className, string methodName) {
-  result.getName() = methodName and
-  getDeclaringDeclOf(result).(NominalTypeDecl).getName() = className
-}
-
-AbstractFunctionDecl getFunctionWithQualifiedName(string funcName) {
-  result.getName() = funcName and
-  not result.hasSelfParam()
-}
-
 /**
  * A taint configuration from taint sources to sinks for this query.
  */

From bc5b7455cf879ed3a7ad381d7e8835d7f12dda15 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 2 Nov 2022 13:55:39 +0100
Subject: [PATCH 015/144] add failing test

---
 .../UnsafeShellCommandConstruction/lib/subLib/index.js      | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/subLib/index.js b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/subLib/index.js
index 9e105338669..fe6eaa449ae 100644
--- a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/subLib/index.js
+++ b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/subLib/index.js
@@ -8,4 +8,8 @@ module.exports.foo = function (name) {
 	cp.exec("rm -rf " + name); // NOT OK - this is being called explicitly from child_process-test.js
 };
 
-module.exports.amd = require("./amd.js");
\ No newline at end of file
+module.exports.amd = require("./amd.js");
+
+module.exports.arrToShell = function (cmd, arr) {
+    cp.spawn("echo", arr, {shell: true}); // NOT OK - but not flagged [INCONSISTENCY]
+}
\ No newline at end of file

From 40032f295ae1625c51eba9075b905bdb6f3ce1df Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 2 Nov 2022 14:06:57 +0100
Subject: [PATCH 016/144] treat arrays that gets executed with shell:true as a
 sink for `js/shell-command-constructed-from-input`

---
 ...ShellCommandConstructionCustomizations.qll | 24 +++++++++++++------
 .../UnsafeShellCommandConstruction.expected   | 23 ++++++++++++++++++
 .../lib/subLib/index.js                       |  2 +-
 3 files changed, 41 insertions(+), 8 deletions(-)

diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll
index 0b4923de179..ca6920db466 100644
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll
@@ -156,14 +156,9 @@ module UnsafeShellCommandConstruction {
   }
 
   /**
-   * Gets a node that ends up in an array that is ultimately executed as a shell script by `sys`.
+   * Holds if the arguments array given to `sys` is joined as a string because `shell` is set to true.
    */
-  private DataFlow::SourceNode endsInShellExecutedArray(
-    DataFlow::TypeBackTracker t, SystemCommandExecution sys
-  ) {
-    t.start() and
-    result = sys.getArgumentList().getALocalSource() and
-    // the array gets joined to a string when `shell` is set to true.
+  predicate executesArrayAsShell(SystemCommandExecution sys) {
     sys.getOptionsArg()
         .getALocalSource()
         .getAPropertyWrite("shell")
@@ -171,6 +166,17 @@ module UnsafeShellCommandConstruction {
         .asExpr()
         .(BooleanLiteral)
         .getValue() = "true"
+  }
+
+  /**
+   * Gets a node that ends up in an array that is ultimately executed as a shell script by `sys`.
+   */
+  private DataFlow::SourceNode endsInShellExecutedArray(
+    DataFlow::TypeBackTracker t, SystemCommandExecution sys
+  ) {
+    t.start() and
+    result = sys.getArgumentList().getALocalSource() and
+    executesArrayAsShell(sys)
     or
     exists(DataFlow::TypeBackTracker t2 |
       result = endsInShellExecutedArray(t2, sys).backtrack(t2, t)
@@ -193,6 +199,10 @@ module UnsafeShellCommandConstruction {
         or
         this = arr.getAMethodCall(["push", "unshift"]).getAnArgument()
       )
+      or
+      this = sys.getArgumentList() and
+      not this instanceof DataFlow::ArrayCreationNode and
+      executesArrayAsShell(sys)
     }
 
     override string getSinkType() { result = "shell argument" }
diff --git a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
index 4cf79a4aedd..9cf2707f58f 100644
--- a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected
@@ -223,8 +223,14 @@ nodes
 | lib/lib.js:420:29:420:32 | name |
 | lib/lib.js:424:24:424:27 | name |
 | lib/lib.js:424:24:424:27 | name |
+| lib/lib.js:425:6:425:13 | arr |
+| lib/lib.js:425:12:425:13 | [] |
 | lib/lib.js:426:11:426:14 | name |
 | lib/lib.js:426:11:426:14 | name |
+| lib/lib.js:427:14:427:16 | arr |
+| lib/lib.js:427:14:427:16 | arr |
+| lib/lib.js:428:14:428:58 | build(" ...  + '-') |
+| lib/lib.js:428:14:428:58 | build(" ...  + '-') |
 | lib/lib.js:428:28:428:51 | (name ? ... ' : '') |
 | lib/lib.js:428:28:428:57 | (name ? ... ) + '-' |
 | lib/lib.js:428:29:428:50 | name ?  ... :' : '' |
@@ -302,6 +308,10 @@ nodes
 | lib/subLib/index.js:7:32:7:35 | name |
 | lib/subLib/index.js:8:22:8:25 | name |
 | lib/subLib/index.js:8:22:8:25 | name |
+| lib/subLib/index.js:13:44:13:46 | arr |
+| lib/subLib/index.js:13:44:13:46 | arr |
+| lib/subLib/index.js:14:22:14:24 | arr |
+| lib/subLib/index.js:14:22:14:24 | arr |
 edges
 | lib/isImported.js:5:49:5:52 | name | lib/isImported.js:6:22:6:25 | name |
 | lib/isImported.js:5:49:5:52 | name | lib/isImported.js:6:22:6:25 | name |
@@ -575,7 +585,13 @@ edges
 | lib/lib.js:414:40:414:43 | name | lib/lib.js:426:11:426:14 | name |
 | lib/lib.js:414:40:414:43 | name | lib/lib.js:428:36:428:39 | name |
 | lib/lib.js:414:40:414:43 | name | lib/lib.js:428:36:428:39 | name |
+| lib/lib.js:425:6:425:13 | arr | lib/lib.js:427:14:427:16 | arr |
+| lib/lib.js:425:6:425:13 | arr | lib/lib.js:427:14:427:16 | arr |
+| lib/lib.js:425:12:425:13 | [] | lib/lib.js:425:6:425:13 | arr |
+| lib/lib.js:426:11:426:14 | name | lib/lib.js:425:12:425:13 | [] |
 | lib/lib.js:428:28:428:51 | (name ? ... ' : '') | lib/lib.js:428:28:428:57 | (name ? ... ) + '-' |
+| lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | lib/lib.js:428:14:428:58 | build(" ...  + '-') |
+| lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | lib/lib.js:428:14:428:58 | build(" ...  + '-') |
 | lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | lib/lib.js:431:23:431:26 | last |
 | lib/lib.js:428:29:428:50 | name ?  ... :' : '' | lib/lib.js:428:28:428:51 | (name ? ... ' : '') |
 | lib/lib.js:428:36:428:39 | name | lib/lib.js:428:36:428:45 | name + ':' |
@@ -663,6 +679,10 @@ edges
 | lib/subLib/index.js:7:32:7:35 | name | lib/subLib/index.js:8:22:8:25 | name |
 | lib/subLib/index.js:7:32:7:35 | name | lib/subLib/index.js:8:22:8:25 | name |
 | lib/subLib/index.js:7:32:7:35 | name | lib/subLib/index.js:8:22:8:25 | name |
+| lib/subLib/index.js:13:44:13:46 | arr | lib/subLib/index.js:14:22:14:24 | arr |
+| lib/subLib/index.js:13:44:13:46 | arr | lib/subLib/index.js:14:22:14:24 | arr |
+| lib/subLib/index.js:13:44:13:46 | arr | lib/subLib/index.js:14:22:14:24 | arr |
+| lib/subLib/index.js:13:44:13:46 | arr | lib/subLib/index.js:14:22:14:24 | arr |
 #select
 | lib/isImported.js:6:10:6:25 | "rm -rf " + name | lib/isImported.js:5:49:5:52 | name | lib/isImported.js:6:22:6:25 | name | This string concatenation which depends on $@ is later used in a $@. | lib/isImported.js:5:49:5:52 | name | library input | lib/isImported.js:6:2:6:26 | cp.exec ... + name) | shell command |
 | lib/lib2.js:4:10:4:25 | "rm -rf " + name | lib/lib2.js:3:28:3:31 | name | lib/lib2.js:4:22:4:25 | name | This string concatenation which depends on $@ is later used in a $@. | lib/lib2.js:3:28:3:31 | name | library input | lib/lib2.js:4:2:4:26 | cp.exec ... + name) | shell command |
@@ -729,6 +749,8 @@ edges
 | lib/lib.js:420:29:420:32 | name | lib/lib.js:414:40:414:43 | name | lib/lib.js:420:29:420:32 | name | This shell argument which depends on $@ is later used in a $@. | lib/lib.js:414:40:414:43 | name | library input | lib/lib.js:420:2:420:49 | cp.spaw ...  true}) | shell command |
 | lib/lib.js:424:24:424:27 | name | lib/lib.js:414:40:414:43 | name | lib/lib.js:424:24:424:27 | name | This shell argument which depends on $@ is later used in a $@. | lib/lib.js:414:40:414:43 | name | library input | lib/lib.js:424:2:424:40 | spawn(" ... WN_OPT) | shell command |
 | lib/lib.js:426:11:426:14 | name | lib/lib.js:414:40:414:43 | name | lib/lib.js:426:11:426:14 | name | This shell argument which depends on $@ is later used in a $@. | lib/lib.js:414:40:414:43 | name | library input | lib/lib.js:427:2:427:28 | spawn(" ... WN_OPT) | shell command |
+| lib/lib.js:427:14:427:16 | arr | lib/lib.js:414:40:414:43 | name | lib/lib.js:427:14:427:16 | arr | This shell argument which depends on $@ is later used in a $@. | lib/lib.js:414:40:414:43 | name | library input | lib/lib.js:427:2:427:28 | spawn(" ... WN_OPT) | shell command |
+| lib/lib.js:428:14:428:58 | build(" ...  + '-') | lib/lib.js:414:40:414:43 | name | lib/lib.js:428:14:428:58 | build(" ...  + '-') | This shell argument which depends on $@ is later used in a $@. | lib/lib.js:414:40:414:43 | name | library input | lib/lib.js:428:2:428:70 | spawn(" ... WN_OPT) | shell command |
 | lib/lib.js:436:19:436:22 | last | lib/lib.js:414:40:414:43 | name | lib/lib.js:436:19:436:22 | last | This shell argument which depends on $@ is later used in a $@. | lib/lib.js:414:40:414:43 | name | library input | lib/lib.js:428:2:428:70 | spawn(" ... WN_OPT) | shell command |
 | lib/lib.js:442:12:442:27 | "rm -rf " + name | lib/lib.js:441:39:441:42 | name | lib/lib.js:442:24:442:27 | name | This string concatenation which depends on $@ is later used in a $@. | lib/lib.js:441:39:441:42 | name | library input | lib/lib.js:442:2:442:28 | asyncEx ... + name) | shell command |
 | lib/lib.js:447:13:447:28 | "rm -rf " + name | lib/lib.js:446:20:446:23 | name | lib/lib.js:447:25:447:28 | name | This string concatenation which depends on $@ is later used in a $@. | lib/lib.js:446:20:446:23 | name | library input | lib/lib.js:447:3:447:29 | asyncEx ... + name) | shell command |
@@ -750,3 +772,4 @@ edges
 | lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | lib/subLib/amdSub.js:3:28:3:31 | name | lib/subLib/amdSub.js:4:22:4:25 | name | This string concatenation which depends on $@ is later used in a $@. | lib/subLib/amdSub.js:3:28:3:31 | name | library input | lib/subLib/amdSub.js:4:2:4:26 | cp.exec ... + name) | shell command |
 | lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | lib/subLib/index.js:3:28:3:31 | name | lib/subLib/index.js:4:22:4:25 | name | This string concatenation which depends on $@ is later used in a $@. | lib/subLib/index.js:3:28:3:31 | name | library input | lib/subLib/index.js:4:2:4:26 | cp.exec ... + name) | shell command |
 | lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | lib/subLib/index.js:7:32:7:35 | name | lib/subLib/index.js:8:22:8:25 | name | This string concatenation which depends on $@ is later used in a $@. | lib/subLib/index.js:7:32:7:35 | name | library input | lib/subLib/index.js:8:2:8:26 | cp.exec ... + name) | shell command |
+| lib/subLib/index.js:14:22:14:24 | arr | lib/subLib/index.js:13:44:13:46 | arr | lib/subLib/index.js:14:22:14:24 | arr | This shell argument which depends on $@ is later used in a $@. | lib/subLib/index.js:13:44:13:46 | arr | library input | lib/subLib/index.js:14:5:14:40 | cp.spaw ...  true}) | shell command |
diff --git a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/subLib/index.js b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/subLib/index.js
index fe6eaa449ae..6e7d3498723 100644
--- a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/subLib/index.js
+++ b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/subLib/index.js
@@ -11,5 +11,5 @@ module.exports.foo = function (name) {
 module.exports.amd = require("./amd.js");
 
 module.exports.arrToShell = function (cmd, arr) {
-    cp.spawn("echo", arr, {shell: true}); // NOT OK - but not flagged [INCONSISTENCY]
+    cp.spawn("echo", arr, {shell: true}); // NOT OK
 }
\ No newline at end of file

From 7c515bbef7d63c2e9dbf944e37e20f531f9981dc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Mon, 7 Nov 2022 18:02:06 +0100
Subject: [PATCH 017/144] Swift: `_` as in `_ = ...` is a CFG leaf node.

This enables DataFlow to skip over it and not get stuck.
---
 .../swift/controlflow/internal/ControlFlowGraphImpl.qll   | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll
index e4f9c40d892..47b926f10af 100644
--- a/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll
+++ b/swift/ql/lib/codeql/swift/controlflow/internal/ControlFlowGraphImpl.qll
@@ -1015,6 +1015,14 @@ module Decls {
 
 module Exprs {
   module AssignExprs {
+    /**
+     * The control-flow of a `DiscardAssignmentExpr`, which represents the
+     * `_` leaf expression that may appear on the left-hand side of an `AssignExpr`.
+     */
+    private class DiscardAssignmentExprTree extends AstLeafTree {
+      override DiscardAssignmentExpr ast;
+    }
+
     /**
      * The control-flow of an assignment operation.
      *

From 66291d35755ca35ea98440fdc85e03b974ffc783 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 8 Nov 2022 11:09:55 +0100
Subject: [PATCH 018/144] Swift: sync tests pass with additional flow steps

TODO: Convert those flow steps to taint flow models in the library.
---
 .../queries/Security/CWE-094/UnsafeJsEval.ql  | 53 +++++++++++-
 .../Security/CWE-094/UnsafeJsEval.expected    | 84 +++++++++++++++++++
 .../Security/CWE-094/UnsafeJsEval.swift       | 57 +++++++++----
 3 files changed, 176 insertions(+), 18 deletions(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
index fff05671313..f5c444ff5e3 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
@@ -94,8 +94,57 @@ class UnsafeJsEvalConfig extends TaintTracking::Configuration {
 
   override predicate isSink(DataFlow::Node node) { node instanceof Sink }
 
-  override predicate isSanitizer(DataFlow::Node node) {
-    none() // TODO: A conversion to a primitive type or an enum
+  // TODO: convert to new taint flow models
+  override predicate isAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
+    exists(Argument arg |
+      arg =
+        any(CallExpr ce |
+          ce.getStaticTarget()
+              .(MethodDecl)
+              .hasQualifiedName("WKUserScript",
+                [
+                  "init(source:injectionTime:forMainFrameOnly:)",
+                  "init(source:injectionTime:forMainFrameOnly:in:)"
+                ])
+        ).getArgument(0)
+      or
+      arg =
+        any(CallExpr ce |
+          ce.getStaticTarget()
+              .(FreeFunctionDecl)
+              .hasName([
+                  "JSStringCreateWithUTF8CString(_:)", "JSStringCreateWithCharacters(_:_:)",
+                  "JSStringRetain(_:)"
+                ])
+        ).getArgument(0)
+    |
+      nodeFrom.asExpr() = arg.getExpr() and
+      nodeTo.asExpr() = arg.getApplyExpr()
+    )
+    or
+    exists(CallExpr ce, Expr self, AbstractClosureExpr closure |
+      ce.getStaticTarget()
+          .getName()
+          .matches(["withContiguousStorageIfAvailable(%)", "withUnsafeBufferPointer(%)"]) and
+      self = ce.getQualifier() and
+      ce.getArgument(0).getExpr() = closure
+    |
+      nodeFrom.asExpr() = self and
+      nodeTo.(DataFlow::ParameterNode).getParameter() = closure.getParam(0)
+    )
+    or
+    exists(MemberRefExpr e, Expr self, VarDecl member |
+      self.getType().getName() = "String" and
+      member.getName() = ["utf16", "utf8CString"]
+      or
+      self.getType().getName().matches(["Unsafe%Buffer%", "Unsafe%Pointer%"]) and
+      member.getName() = ["baseAddress"]
+    |
+      e.getBase() = self and
+      e.getMember() = member and
+      nodeFrom.asExpr() = self and
+      nodeTo.asExpr() = e
+    )
   }
 }
 
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
index e69de29bb2d..0e678737720 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
@@ -0,0 +1,84 @@
+edges
+| UnsafeJsEval.swift:123:21:123:42 | string :  | UnsafeJsEval.swift:123:70:123:70 | string :  |
+| UnsafeJsEval.swift:164:10:164:37 | try ... :  | UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  |
+| UnsafeJsEval.swift:164:10:164:37 | try ... :  | UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  |
+| UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:164:10:164:37 | try ... :  |
+| UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | UnsafeJsEval.swift:204:7:204:7 | remoteString :  |
+| UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  |
+| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:264:13:264:13 | string :  |
+| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:267:13:267:13 | string :  |
+| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:275:13:275:13 | string :  |
+| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:278:13:278:13 | string :  |
+| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:284:13:284:13 | string :  |
+| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:298:13:298:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:264:13:264:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:267:13:267:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:275:13:275:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:278:13:278:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:284:13:284:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:298:13:298:13 | string :  |
+| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:264:13:264:13 | string :  |
+| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:267:13:267:13 | string :  |
+| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:275:13:275:13 | string :  |
+| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:278:13:278:13 | string :  |
+| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:284:13:284:13 | string :  |
+| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:298:13:298:13 | string :  |
+| UnsafeJsEval.swift:264:13:264:13 | string :  | UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) |
+| UnsafeJsEval.swift:267:13:267:13 | string :  | UnsafeJsEval.swift:268:22:268:124 | call to init(source:injectionTime:forMainFrameOnly:in:) |
+| UnsafeJsEval.swift:275:13:275:13 | string :  | UnsafeJsEval.swift:276:26:276:26 | string |
+| UnsafeJsEval.swift:278:13:278:13 | string :  | UnsafeJsEval.swift:279:26:279:26 | string |
+| UnsafeJsEval.swift:284:13:284:13 | string :  | UnsafeJsEval.swift:285:3:285:10 | .utf16 :  |
+| UnsafeJsEval.swift:285:3:285:10 | .utf16 :  | UnsafeJsEval.swift:285:51:285:51 | stringBytes :  |
+| UnsafeJsEval.swift:285:51:285:51 | stringBytes :  | UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  |
+| UnsafeJsEval.swift:285:51:285:51 | stringBytes :  | UnsafeJsEval.swift:290:17:290:17 | jsstr |
+| UnsafeJsEval.swift:286:16:286:98 | call to JSStringRetain(_:) :  | UnsafeJsEval.swift:290:17:290:17 | jsstr |
+| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:123:21:123:42 | string :  |
+| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:286:16:286:98 | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:290:17:290:17 | jsstr |
+| UnsafeJsEval.swift:298:13:298:13 | string :  | UnsafeJsEval.swift:299:3:299:10 | .utf8CString :  |
+| UnsafeJsEval.swift:299:3:299:10 | .utf8CString :  | UnsafeJsEval.swift:299:48:299:48 | stringBytes :  |
+| UnsafeJsEval.swift:299:48:299:48 | stringBytes :  | UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  |
+| UnsafeJsEval.swift:299:48:299:48 | stringBytes :  | UnsafeJsEval.swift:304:17:304:17 | jsstr |
+| UnsafeJsEval.swift:300:16:300:85 | call to JSStringRetain(_:) :  | UnsafeJsEval.swift:304:17:304:17 | jsstr |
+| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:123:21:123:42 | string :  |
+| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:300:16:300:85 | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:304:17:304:17 | jsstr |
+nodes
+| UnsafeJsEval.swift:123:21:123:42 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:123:70:123:70 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:164:10:164:37 | try ... :  | semmle.label | try ... :  |
+| UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | semmle.label | call to init(contentsOf:) :  |
+| UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
+| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
+| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | semmle.label | remoteString :  |
+| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | semmle.label | ... .+(_:_:) ... :  |
+| UnsafeJsEval.swift:264:13:264:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) | semmle.label | call to init(source:injectionTime:forMainFrameOnly:) |
+| UnsafeJsEval.swift:267:13:267:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:268:22:268:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | semmle.label | call to init(source:injectionTime:forMainFrameOnly:in:) |
+| UnsafeJsEval.swift:275:13:275:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:276:26:276:26 | string | semmle.label | string |
+| UnsafeJsEval.swift:278:13:278:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:279:26:279:26 | string | semmle.label | string |
+| UnsafeJsEval.swift:284:13:284:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:285:3:285:10 | .utf16 :  | semmle.label | .utf16 :  |
+| UnsafeJsEval.swift:285:51:285:51 | stringBytes :  | semmle.label | stringBytes :  |
+| UnsafeJsEval.swift:286:16:286:98 | call to JSStringRetain(_:) :  | semmle.label | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | semmle.label | call to JSStringCreateWithCharacters(_:_:) :  |
+| UnsafeJsEval.swift:290:17:290:17 | jsstr | semmle.label | jsstr |
+| UnsafeJsEval.swift:298:13:298:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:299:3:299:10 | .utf8CString :  | semmle.label | .utf8CString :  |
+| UnsafeJsEval.swift:299:48:299:48 | stringBytes :  | semmle.label | stringBytes :  |
+| UnsafeJsEval.swift:300:16:300:85 | call to JSStringRetain(_:) :  | semmle.label | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | semmle.label | call to JSStringCreateWithUTF8CString(_:) :  |
+| UnsafeJsEval.swift:304:17:304:17 | jsstr | semmle.label | jsstr |
+subpaths
+| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:123:21:123:42 | string :  | UnsafeJsEval.swift:123:70:123:70 | string :  | UnsafeJsEval.swift:286:16:286:98 | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:123:21:123:42 | string :  | UnsafeJsEval.swift:123:70:123:70 | string :  | UnsafeJsEval.swift:300:16:300:85 | call to JSStringRetain(_:) :  |
+#select
+| UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:268:22:268:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:268:22:268:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:276:26:276:26 | string | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:276:26:276:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:279:26:279:26 | string | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:279:26:279:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:290:17:290:17 | jsstr | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:290:17:290:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:304:17:304:17 | jsstr | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:304:17:304:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
index 51914bd97e1..c2aa83dbcd6 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
@@ -167,7 +167,7 @@ func getRemoteData() -> String {
 	}
 }
 
-func testUsage(_ sink: @escaping (String) async throws -> ()) {
+func testAsync(_ sink: @escaping (String) async throws -> ()) {
 	Task {
 		let localString = "console.log('localString')"
 		let localStringFragment = "'localStringFragment'"
@@ -184,7 +184,7 @@ func testUsage(_ sink: @escaping (String) async throws -> ()) {
 		let remoteData = Data(remoteString.utf8)
 
 		try! await sink(String(decoding: localData, as: UTF8.self)) // GOOD: the data is local
-		try! await sink(String(decoding: remoteData, as: UTF8.self)) // BAD: the data is remote
+		try! await sink(String(decoding: remoteData, as: UTF8.self)) // BAD [NOT DETECTED]: the data is remote (TODO: model Data taint sources)
 
 		try! await sink("console.log(" + String(Int(localStringFragment) ?? 0) + ")") // GOOD: Primitive conversion
 		try! await sink("console.log(" + String(Int(remoteString) ?? 0) + ")") // GOOD: Primitive conversion
@@ -194,10 +194,35 @@ func testUsage(_ sink: @escaping (String) async throws -> ()) {
 	}
 }
 
+func testSync(_ sink: @escaping (String) -> ()) {
+	let localString = "console.log('localString')"
+	let localStringFragment = "'localStringFragment'"
+	let remoteString = getRemoteData()
+
+	sink(localString) // GOOD: the HTML data is local
+	sink(getRemoteData()) // BAD: HTML contains remote input, may access local secrets
+	sink(remoteString) // BAD
+
+	sink("console.log(" + localStringFragment + ")") // GOOD: the HTML data is local
+	sink("console.log(" + remoteString + ")") // BAD
+
+	let localData = Data(localString.utf8)
+	let remoteData = Data(remoteString.utf8)
+
+	sink(String(decoding: localData, as: UTF8.self)) // GOOD: the data is local
+	sink(String(decoding: remoteData, as: UTF8.self)) // BAD [NOT DETECTED]: the data is remote (TODO: model Data taint sources)
+
+	sink("console.log(" + String(Int(localStringFragment) ?? 0) + ")") // GOOD: Primitive conversion
+	sink("console.log(" + String(Int(remoteString) ?? 0) + ")") // GOOD: Primitive conversion
+
+	sink("console.log(" + (localStringFragment.count != 0 ? "1" : "0") + ")") // GOOD: Primitive conversion
+	sink("console.log(" + (remoteString.count != 0 ? "1" : "0") + ")") // GOOD: Primitive conversion
+}
+
 func testUIWebView() {
 	let webview = UIWebView()
 
-	testUsage { string in
+	testAsync { string in
 		_ = await webview.stringByEvaluatingJavaScript(from: string)
 	}
 }
@@ -205,7 +230,7 @@ func testUIWebView() {
 func testWebView() {
 	let webview = WebView()
 
-	testUsage { string in
+	testAsync { string in
 		_ = await webview.stringByEvaluatingJavaScript(from: string)
 	}
 }
@@ -213,22 +238,22 @@ func testWebView() {
 func testWKWebView() {
 	let webview = WKWebView()
 
-	testUsage { string in
+	testAsync { string in
 		_ = try await webview.evaluateJavaScript(string)
 	}
-	testUsage { string in
+	testAsync { string in
 		await webview.evaluateJavaScript(string) { _, _ in }
 	}
-	testUsage { string in
+	testAsync { string in
 		await webview.evaluateJavaScript(string, in: nil, in: WKContentWorld.defaultClient) { _ in }
 	}
-	testUsage { string in
+	testAsync { string in
 		_ = try await webview.evaluateJavaScript(string, contentWorld: .defaultClient)
 	}
-	testUsage { string in
+	testAsync { string in
 		await webview.callAsyncJavaScript(string, in: nil, in: .defaultClient) { _ in () }
 	}
-	testUsage { string in
+	testAsync { string in
 		_ = try await webview.callAsyncJavaScript(string, contentWorld: WKContentWorld.defaultClient)
 	}
 }
@@ -236,10 +261,10 @@ func testWKWebView() {
 func testWKUserContentController() {
 	let ctrl = WKUserContentController()
 
-	testUsage { string in
+	testSync { string in
 		ctrl.addUserScript(WKUserScript(source: string, injectionTime: .atDocumentStart, forMainFrameOnly: false))
 	}
-	testUsage { string in
+	testSync { string in
 		ctrl.addUserScript(WKUserScript(source: string, injectionTime: .atDocumentEnd, forMainFrameOnly: true, in: .defaultClient))
 	}
 }
@@ -247,16 +272,16 @@ func testWKUserContentController() {
 func testJSContext() {
 	let ctx = JSContext()
 
-	testUsage { string in
+	testSync { string in
 		_ = ctx.evaluateScript(string)
 	}
-	testUsage { string in
+	testSync { string in
 		_ = ctx.evaluateScript(string, withSourceURL: URL(string: "https://example.com"))
 	}
 }
 
 func testJSEvaluateScript() {
-	testUsage { string in
+	testSync { string in
 		string.utf16.withContiguousStorageIfAvailable { stringBytes in
 			let jsstr = JSStringRetain(JSStringCreateWithCharacters(stringBytes.baseAddress, string.count))
 			defer { JSStringRelease(jsstr) }
@@ -270,7 +295,7 @@ func testJSEvaluateScript() {
 			)
 		}
 	}
-	testUsage { string in
+	testSync { string in
 		string.utf8CString.withUnsafeBufferPointer { stringBytes in
 			let jsstr = JSStringRetain(JSStringCreateWithUTF8CString(stringBytes.baseAddress))
 			defer { JSStringRelease(jsstr) }

From d37ed02e796208ec5a4d79a8f23b7e925244781d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 8 Nov 2022 11:24:53 +0100
Subject: [PATCH 019/144] Swift: basic Data-related taint flow in query

Still TODO: a more comprehensive taint flow model for Data in the libs.
---
 .../ql/src/queries/Security/CWE-094/UnsafeJsEval.ql | 13 +++++++++++--
 .../Security/CWE-094/UnsafeJsEval.expected          |  8 ++++++++
 .../query-tests/Security/CWE-094/UnsafeJsEval.swift |  4 ++--
 3 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
index f5c444ff5e3..41065a9d47d 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
@@ -108,6 +108,15 @@ class UnsafeJsEvalConfig extends TaintTracking::Configuration {
                 ])
         ).getArgument(0)
       or
+      arg =
+        any(CallExpr ce | ce.getStaticTarget().(MethodDecl).hasQualifiedName("Data", "init(_:)"))
+            .getArgument(0)
+      or
+      arg =
+        any(CallExpr ce |
+          ce.getStaticTarget().(MethodDecl).hasQualifiedName("String", "init(decoding:as:)")
+        ).getArgument(0)
+      or
       arg =
         any(CallExpr ce |
           ce.getStaticTarget()
@@ -135,10 +144,10 @@ class UnsafeJsEvalConfig extends TaintTracking::Configuration {
     or
     exists(MemberRefExpr e, Expr self, VarDecl member |
       self.getType().getName() = "String" and
-      member.getName() = ["utf16", "utf8CString"]
+      member.getName() = ["utf8", "utf16", "utf8CString"]
       or
       self.getType().getName().matches(["Unsafe%Buffer%", "Unsafe%Pointer%"]) and
-      member.getName() = ["baseAddress"]
+      member.getName() = "baseAddress"
     |
       e.getBase() = self and
       e.getMember() = member and
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
index 0e678737720..c9c794bbbb1 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
@@ -5,6 +5,7 @@ edges
 | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:164:10:164:37 | try ... :  |
 | UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | UnsafeJsEval.swift:204:7:204:7 | remoteString :  |
 | UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  |
+| UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  |
 | UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:264:13:264:13 | string :  |
 | UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:267:13:267:13 | string :  |
 | UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:275:13:275:13 | string :  |
@@ -23,6 +24,12 @@ edges
 | UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:278:13:278:13 | string :  |
 | UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:284:13:284:13 | string :  |
 | UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:298:13:298:13 | string :  |
+| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:264:13:264:13 | string :  |
+| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:267:13:267:13 | string :  |
+| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:275:13:275:13 | string :  |
+| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:278:13:278:13 | string :  |
+| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:284:13:284:13 | string :  |
+| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:298:13:298:13 | string :  |
 | UnsafeJsEval.swift:264:13:264:13 | string :  | UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) |
 | UnsafeJsEval.swift:267:13:267:13 | string :  | UnsafeJsEval.swift:268:22:268:124 | call to init(source:injectionTime:forMainFrameOnly:in:) |
 | UnsafeJsEval.swift:275:13:275:13 | string :  | UnsafeJsEval.swift:276:26:276:26 | string |
@@ -52,6 +59,7 @@ nodes
 | UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
 | UnsafeJsEval.swift:204:7:204:7 | remoteString :  | semmle.label | remoteString :  |
 | UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | semmle.label | ... .+(_:_:) ... :  |
+| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | semmle.label | call to init(decoding:as:) :  |
 | UnsafeJsEval.swift:264:13:264:13 | string :  | semmle.label | string :  |
 | UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) | semmle.label | call to init(source:injectionTime:forMainFrameOnly:) |
 | UnsafeJsEval.swift:267:13:267:13 | string :  | semmle.label | string :  |
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
index c2aa83dbcd6..98f34e9826f 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
@@ -184,7 +184,7 @@ func testAsync(_ sink: @escaping (String) async throws -> ()) {
 		let remoteData = Data(remoteString.utf8)
 
 		try! await sink(String(decoding: localData, as: UTF8.self)) // GOOD: the data is local
-		try! await sink(String(decoding: remoteData, as: UTF8.self)) // BAD [NOT DETECTED]: the data is remote (TODO: model Data taint sources)
+		try! await sink(String(decoding: remoteData, as: UTF8.self)) // BAD: the data is remote
 
 		try! await sink("console.log(" + String(Int(localStringFragment) ?? 0) + ")") // GOOD: Primitive conversion
 		try! await sink("console.log(" + String(Int(remoteString) ?? 0) + ")") // GOOD: Primitive conversion
@@ -210,7 +210,7 @@ func testSync(_ sink: @escaping (String) -> ()) {
 	let remoteData = Data(remoteString.utf8)
 
 	sink(String(decoding: localData, as: UTF8.self)) // GOOD: the data is local
-	sink(String(decoding: remoteData, as: UTF8.self)) // BAD [NOT DETECTED]: the data is remote (TODO: model Data taint sources)
+	sink(String(decoding: remoteData, as: UTF8.self)) // BAD: the data is remote
 
 	sink("console.log(" + String(Int(localStringFragment) ?? 0) + ")") // GOOD: Primitive conversion
 	sink("console.log(" + String(Int(remoteString) ?? 0) + ")") // GOOD: Primitive conversion

From 5940f17b8394c6a641740080cb37a6f1d444f0e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Wed, 9 Nov 2022 13:10:08 +0100
Subject: [PATCH 020/144] Swift: Docs + doctests

---
 .../Security/CWE-094/UnsafeJsEval.qhelp       |  32 ++++
 .../Security/CWE-094/UnsafeJsEvalBad.swift    |   6 +
 .../Security/CWE-094/UnsafeJsEvalGood.swift   |  10 +
 .../Security/CWE-094/UnsafeJsEval.expected    | 176 +++++++++---------
 .../Security/CWE-094/UnsafeJsEval.swift       |  20 +-
 5 files changed, 152 insertions(+), 92 deletions(-)
 create mode 100644 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
 create mode 100644 swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalBad.swift
 create mode 100644 swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalGood.swift

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
new file mode 100644
index 00000000000..26eae7ff91b
--- /dev/null
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
@@ -0,0 +1,32 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+<overview>
+<p>Evaluating JavaScript that contains a substring from a remote origin may lead to remote code execution. Code under control of an attacker can execute arbitrary unauthorized actions, including exfiltration of local data by sending it to a third party web service.</p>
+
+</overview>
+<recommendation>
+
+<p>When loading JavaScript into a web view, evaluate only known, locally-defined source code. If a part of the input does come from a remote source, instead of injecting it into the JavaScript code to be evaluated, prefer sending it as data to the web view using an API such as <code>WKWebView.callAsyncJavaScript</code> with the <code>arguments</code> dictionary to pass remote data objects.</p>
+
+</recommendation>
+<example>
+
+<p>In the following example, a call to <code>WKWebView.evaluateJavaScript</code> evaluates JavaScript source code that is tainted with remote data, potentially introducing a code injection vulnerability.</p>
+
+<sample src="UnsafeJsEvalBad.swift" />
+
+<p>To fix the problem, we sanitize the remote data by passing it using the <code>arguments</code> dictionary of <code>WKWebView.callAsyncJavaScript</code>. This ensures that untrusted data cannot be evaluated as JavaScript source code.</p>
+
+<sample src="UnsafeJsEvalGood.swift" />
+
+</example>
+<references>
+
+<li>
+  <a href="https://developer.apple.com/documentation/webkit/wkwebview/3824703-callasyncjavascript">Apple Developer Documentation - WKWebView.callAsyncJavaScript(_:arguments:in:contentWorld:)</a>
+</li>
+
+</references>
+</qhelp>
diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalBad.swift b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalBad.swift
new file mode 100644
index 00000000000..2e5b0233e79
--- /dev/null
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalBad.swift
@@ -0,0 +1,6 @@
+let webview: WKWebView
+let remoteData = try String(contentsOf: URL(string: "http://example.com/evil.json")!)
+
+...
+
+_ = try await webview.evaluateJavaScript("alert(" + remoteData + ")") // BAD
diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalGood.swift b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalGood.swift
new file mode 100644
index 00000000000..a51ffd60b63
--- /dev/null
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalGood.swift
@@ -0,0 +1,10 @@
+let webview: WKWebView
+let remoteData = try String(contentsOf: URL(string: "http://example.com/evil.json")!)
+
+...
+
+_ = try await webview.callAsyncJavaScript(
+    "alert(JSON.parse(data))",
+    arguments: ["data": remoteData], // GOOD
+    contentWorld: .page
+)
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
index c9c794bbbb1..05881a11eb5 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
@@ -1,92 +1,92 @@
 edges
-| UnsafeJsEval.swift:123:21:123:42 | string :  | UnsafeJsEval.swift:123:70:123:70 | string :  |
-| UnsafeJsEval.swift:164:10:164:37 | try ... :  | UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  |
-| UnsafeJsEval.swift:164:10:164:37 | try ... :  | UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  |
-| UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:164:10:164:37 | try ... :  |
-| UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | UnsafeJsEval.swift:204:7:204:7 | remoteString :  |
-| UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  |
-| UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  |
-| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:264:13:264:13 | string :  |
-| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:267:13:267:13 | string :  |
-| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:275:13:275:13 | string :  |
-| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:278:13:278:13 | string :  |
-| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:284:13:284:13 | string :  |
-| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | UnsafeJsEval.swift:298:13:298:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:264:13:264:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:267:13:267:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:275:13:275:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:278:13:278:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:284:13:284:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | UnsafeJsEval.swift:298:13:298:13 | string :  |
-| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:264:13:264:13 | string :  |
-| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:267:13:267:13 | string :  |
-| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:275:13:275:13 | string :  |
-| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:278:13:278:13 | string :  |
-| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:284:13:284:13 | string :  |
-| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:298:13:298:13 | string :  |
-| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:264:13:264:13 | string :  |
-| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:267:13:267:13 | string :  |
-| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:275:13:275:13 | string :  |
-| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:278:13:278:13 | string :  |
-| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:284:13:284:13 | string :  |
-| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:298:13:298:13 | string :  |
-| UnsafeJsEval.swift:264:13:264:13 | string :  | UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) |
-| UnsafeJsEval.swift:267:13:267:13 | string :  | UnsafeJsEval.swift:268:22:268:124 | call to init(source:injectionTime:forMainFrameOnly:in:) |
-| UnsafeJsEval.swift:275:13:275:13 | string :  | UnsafeJsEval.swift:276:26:276:26 | string |
-| UnsafeJsEval.swift:278:13:278:13 | string :  | UnsafeJsEval.swift:279:26:279:26 | string |
-| UnsafeJsEval.swift:284:13:284:13 | string :  | UnsafeJsEval.swift:285:3:285:10 | .utf16 :  |
-| UnsafeJsEval.swift:285:3:285:10 | .utf16 :  | UnsafeJsEval.swift:285:51:285:51 | stringBytes :  |
-| UnsafeJsEval.swift:285:51:285:51 | stringBytes :  | UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  |
-| UnsafeJsEval.swift:285:51:285:51 | stringBytes :  | UnsafeJsEval.swift:290:17:290:17 | jsstr |
-| UnsafeJsEval.swift:286:16:286:98 | call to JSStringRetain(_:) :  | UnsafeJsEval.swift:290:17:290:17 | jsstr |
-| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:123:21:123:42 | string :  |
-| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:286:16:286:98 | call to JSStringRetain(_:) :  |
-| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:290:17:290:17 | jsstr |
-| UnsafeJsEval.swift:298:13:298:13 | string :  | UnsafeJsEval.swift:299:3:299:10 | .utf8CString :  |
-| UnsafeJsEval.swift:299:3:299:10 | .utf8CString :  | UnsafeJsEval.swift:299:48:299:48 | stringBytes :  |
-| UnsafeJsEval.swift:299:48:299:48 | stringBytes :  | UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  |
-| UnsafeJsEval.swift:299:48:299:48 | stringBytes :  | UnsafeJsEval.swift:304:17:304:17 | jsstr |
-| UnsafeJsEval.swift:300:16:300:85 | call to JSStringRetain(_:) :  | UnsafeJsEval.swift:304:17:304:17 | jsstr |
-| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:123:21:123:42 | string :  |
-| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:300:16:300:85 | call to JSStringRetain(_:) :  |
-| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:304:17:304:17 | jsstr |
+| UnsafeJsEval.swift:124:21:124:42 | string :  | UnsafeJsEval.swift:124:70:124:70 | string :  |
+| UnsafeJsEval.swift:165:10:165:37 | try ... :  | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  |
+| UnsafeJsEval.swift:165:10:165:37 | try ... :  | UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  |
+| UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:165:10:165:37 | try ... :  |
+| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:205:7:205:7 | remoteString :  |
+| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  |
+| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  |
+| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:276:13:276:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:279:13:279:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:285:13:285:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:299:13:299:13 | string :  |
+| UnsafeJsEval.swift:205:7:205:7 | remoteString :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
+| UnsafeJsEval.swift:205:7:205:7 | remoteString :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
+| UnsafeJsEval.swift:205:7:205:7 | remoteString :  | UnsafeJsEval.swift:276:13:276:13 | string :  |
+| UnsafeJsEval.swift:205:7:205:7 | remoteString :  | UnsafeJsEval.swift:279:13:279:13 | string :  |
+| UnsafeJsEval.swift:205:7:205:7 | remoteString :  | UnsafeJsEval.swift:285:13:285:13 | string :  |
+| UnsafeJsEval.swift:205:7:205:7 | remoteString :  | UnsafeJsEval.swift:299:13:299:13 | string :  |
+| UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
+| UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
+| UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:276:13:276:13 | string :  |
+| UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:279:13:279:13 | string :  |
+| UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:285:13:285:13 | string :  |
+| UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:299:13:299:13 | string :  |
+| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
+| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
+| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:276:13:276:13 | string :  |
+| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:279:13:279:13 | string :  |
+| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:285:13:285:13 | string :  |
+| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:299:13:299:13 | string :  |
+| UnsafeJsEval.swift:265:13:265:13 | string :  | UnsafeJsEval.swift:266:22:266:107 | call to init(source:injectionTime:forMainFrameOnly:) |
+| UnsafeJsEval.swift:268:13:268:13 | string :  | UnsafeJsEval.swift:269:22:269:124 | call to init(source:injectionTime:forMainFrameOnly:in:) |
+| UnsafeJsEval.swift:276:13:276:13 | string :  | UnsafeJsEval.swift:277:26:277:26 | string |
+| UnsafeJsEval.swift:279:13:279:13 | string :  | UnsafeJsEval.swift:280:26:280:26 | string |
+| UnsafeJsEval.swift:285:13:285:13 | string :  | UnsafeJsEval.swift:286:3:286:10 | .utf16 :  |
+| UnsafeJsEval.swift:286:3:286:10 | .utf16 :  | UnsafeJsEval.swift:286:51:286:51 | stringBytes :  |
+| UnsafeJsEval.swift:286:51:286:51 | stringBytes :  | UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) :  |
+| UnsafeJsEval.swift:286:51:286:51 | stringBytes :  | UnsafeJsEval.swift:291:17:291:17 | jsstr |
+| UnsafeJsEval.swift:287:16:287:98 | call to JSStringRetain(_:) :  | UnsafeJsEval.swift:291:17:291:17 | jsstr |
+| UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:124:21:124:42 | string :  |
+| UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:287:16:287:98 | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:291:17:291:17 | jsstr |
+| UnsafeJsEval.swift:299:13:299:13 | string :  | UnsafeJsEval.swift:300:3:300:10 | .utf8CString :  |
+| UnsafeJsEval.swift:300:3:300:10 | .utf8CString :  | UnsafeJsEval.swift:300:48:300:48 | stringBytes :  |
+| UnsafeJsEval.swift:300:48:300:48 | stringBytes :  | UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) :  |
+| UnsafeJsEval.swift:300:48:300:48 | stringBytes :  | UnsafeJsEval.swift:305:17:305:17 | jsstr |
+| UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) :  | UnsafeJsEval.swift:305:17:305:17 | jsstr |
+| UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:124:21:124:42 | string :  |
+| UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:305:17:305:17 | jsstr |
 nodes
-| UnsafeJsEval.swift:123:21:123:42 | string :  | semmle.label | string :  |
-| UnsafeJsEval.swift:123:70:123:70 | string :  | semmle.label | string :  |
-| UnsafeJsEval.swift:164:10:164:37 | try ... :  | semmle.label | try ... :  |
-| UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | semmle.label | call to init(contentsOf:) :  |
-| UnsafeJsEval.swift:200:21:200:35 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
-| UnsafeJsEval.swift:203:7:203:21 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
-| UnsafeJsEval.swift:204:7:204:7 | remoteString :  | semmle.label | remoteString :  |
-| UnsafeJsEval.swift:207:7:207:39 | ... .+(_:_:) ... :  | semmle.label | ... .+(_:_:) ... :  |
-| UnsafeJsEval.swift:213:7:213:49 | call to init(decoding:as:) :  | semmle.label | call to init(decoding:as:) :  |
-| UnsafeJsEval.swift:264:13:264:13 | string :  | semmle.label | string :  |
-| UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) | semmle.label | call to init(source:injectionTime:forMainFrameOnly:) |
-| UnsafeJsEval.swift:267:13:267:13 | string :  | semmle.label | string :  |
-| UnsafeJsEval.swift:268:22:268:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | semmle.label | call to init(source:injectionTime:forMainFrameOnly:in:) |
-| UnsafeJsEval.swift:275:13:275:13 | string :  | semmle.label | string :  |
-| UnsafeJsEval.swift:276:26:276:26 | string | semmle.label | string |
-| UnsafeJsEval.swift:278:13:278:13 | string :  | semmle.label | string :  |
-| UnsafeJsEval.swift:279:26:279:26 | string | semmle.label | string |
-| UnsafeJsEval.swift:284:13:284:13 | string :  | semmle.label | string :  |
-| UnsafeJsEval.swift:285:3:285:10 | .utf16 :  | semmle.label | .utf16 :  |
-| UnsafeJsEval.swift:285:51:285:51 | stringBytes :  | semmle.label | stringBytes :  |
-| UnsafeJsEval.swift:286:16:286:98 | call to JSStringRetain(_:) :  | semmle.label | call to JSStringRetain(_:) :  |
-| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | semmle.label | call to JSStringCreateWithCharacters(_:_:) :  |
-| UnsafeJsEval.swift:290:17:290:17 | jsstr | semmle.label | jsstr |
-| UnsafeJsEval.swift:298:13:298:13 | string :  | semmle.label | string :  |
-| UnsafeJsEval.swift:299:3:299:10 | .utf8CString :  | semmle.label | .utf8CString :  |
-| UnsafeJsEval.swift:299:48:299:48 | stringBytes :  | semmle.label | stringBytes :  |
-| UnsafeJsEval.swift:300:16:300:85 | call to JSStringRetain(_:) :  | semmle.label | call to JSStringRetain(_:) :  |
-| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | semmle.label | call to JSStringCreateWithUTF8CString(_:) :  |
-| UnsafeJsEval.swift:304:17:304:17 | jsstr | semmle.label | jsstr |
+| UnsafeJsEval.swift:124:21:124:42 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:124:70:124:70 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:165:10:165:37 | try ... :  | semmle.label | try ... :  |
+| UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | semmle.label | call to init(contentsOf:) :  |
+| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
+| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
+| UnsafeJsEval.swift:205:7:205:7 | remoteString :  | semmle.label | remoteString :  |
+| UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | semmle.label | ... .+(_:_:) ... :  |
+| UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | semmle.label | call to init(decoding:as:) :  |
+| UnsafeJsEval.swift:265:13:265:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:266:22:266:107 | call to init(source:injectionTime:forMainFrameOnly:) | semmle.label | call to init(source:injectionTime:forMainFrameOnly:) |
+| UnsafeJsEval.swift:268:13:268:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:269:22:269:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | semmle.label | call to init(source:injectionTime:forMainFrameOnly:in:) |
+| UnsafeJsEval.swift:276:13:276:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:277:26:277:26 | string | semmle.label | string |
+| UnsafeJsEval.swift:279:13:279:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:280:26:280:26 | string | semmle.label | string |
+| UnsafeJsEval.swift:285:13:285:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:286:3:286:10 | .utf16 :  | semmle.label | .utf16 :  |
+| UnsafeJsEval.swift:286:51:286:51 | stringBytes :  | semmle.label | stringBytes :  |
+| UnsafeJsEval.swift:287:16:287:98 | call to JSStringRetain(_:) :  | semmle.label | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) :  | semmle.label | call to JSStringCreateWithCharacters(_:_:) :  |
+| UnsafeJsEval.swift:291:17:291:17 | jsstr | semmle.label | jsstr |
+| UnsafeJsEval.swift:299:13:299:13 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:300:3:300:10 | .utf8CString :  | semmle.label | .utf8CString :  |
+| UnsafeJsEval.swift:300:48:300:48 | stringBytes :  | semmle.label | stringBytes :  |
+| UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) :  | semmle.label | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) :  | semmle.label | call to JSStringCreateWithUTF8CString(_:) :  |
+| UnsafeJsEval.swift:305:17:305:17 | jsstr | semmle.label | jsstr |
 subpaths
-| UnsafeJsEval.swift:286:31:286:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:123:21:123:42 | string :  | UnsafeJsEval.swift:123:70:123:70 | string :  | UnsafeJsEval.swift:286:16:286:98 | call to JSStringRetain(_:) :  |
-| UnsafeJsEval.swift:300:31:300:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:123:21:123:42 | string :  | UnsafeJsEval.swift:123:70:123:70 | string :  | UnsafeJsEval.swift:300:16:300:85 | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:124:21:124:42 | string :  | UnsafeJsEval.swift:124:70:124:70 | string :  | UnsafeJsEval.swift:287:16:287:98 | call to JSStringRetain(_:) :  |
+| UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:124:21:124:42 | string :  | UnsafeJsEval.swift:124:70:124:70 | string :  | UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) :  |
 #select
-| UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:265:22:265:107 | call to init(source:injectionTime:forMainFrameOnly:) | Evaluation of uncontrolled JavaScript from a remote source. |
-| UnsafeJsEval.swift:268:22:268:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:268:22:268:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | Evaluation of uncontrolled JavaScript from a remote source. |
-| UnsafeJsEval.swift:276:26:276:26 | string | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:276:26:276:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
-| UnsafeJsEval.swift:279:26:279:26 | string | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:279:26:279:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
-| UnsafeJsEval.swift:290:17:290:17 | jsstr | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:290:17:290:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
-| UnsafeJsEval.swift:304:17:304:17 | jsstr | UnsafeJsEval.swift:164:14:164:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:304:17:304:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:266:22:266:107 | call to init(source:injectionTime:forMainFrameOnly:) | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:266:22:266:107 | call to init(source:injectionTime:forMainFrameOnly:) | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:269:22:269:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:269:22:269:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:277:26:277:26 | string | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:277:26:277:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:280:26:280:26 | string | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:280:26:280:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:291:17:291:17 | jsstr | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:291:17:291:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:305:17:305:17 | jsstr | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:305:17:305:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
index 98f34e9826f..36cee943b66 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
@@ -12,6 +12,7 @@ class NSView : NSResponder {}
 class WKFrameInfo : NSObject {}
 class WKContentWorld : NSObject {
 	class var defaultClient: WKContentWorld { WKContentWorld() }
+	class var page: WKContentWorld { WKContentWorld() }
 }
 
 class WKWebView : UIView {
@@ -174,17 +175,17 @@ func testAsync(_ sink: @escaping (String) async throws -> ()) {
 		let remoteString = getRemoteData()
 
 		try! await sink(localString) // GOOD: the HTML data is local
-		try! await sink(getRemoteData()) // BAD: HTML contains remote input, may access local secrets
-		try! await sink(remoteString) // BAD
+		try! await sink(getRemoteData()) // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]: HTML contains remote input, may access local secrets
+		try! await sink(remoteString) // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]
 
 		try! await sink("console.log(" + localStringFragment + ")") // GOOD: the HTML data is local
-		try! await sink("console.log(" + remoteString + ")") // BAD
+		try! await sink("console.log(" + remoteString + ")") // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]
 
 		let localData = Data(localString.utf8)
 		let remoteData = Data(remoteString.utf8)
 
 		try! await sink(String(decoding: localData, as: UTF8.self)) // GOOD: the data is local
-		try! await sink(String(decoding: remoteData, as: UTF8.self)) // BAD: the data is remote
+		try! await sink(String(decoding: remoteData, as: UTF8.self)) // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]: the data is remote
 
 		try! await sink("console.log(" + String(Int(localStringFragment) ?? 0) + ")") // GOOD: Primitive conversion
 		try! await sink("console.log(" + String(Int(remoteString) ?? 0) + ")") // GOOD: Primitive conversion
@@ -312,7 +313,18 @@ func testJSEvaluateScript() {
 }
 
 func testQHelpExamples() {
+	Task {
+		let webview = WKWebView()
+		let remoteData = try String(contentsOf: URL(string: "http://example.com/evil.json")!)
 
+		_ = try await webview.evaluateJavaScript("alert(" + remoteData + ")") // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]
+
+		_ = try await webview.callAsyncJavaScript(
+			"alert(JSON.parse(data))",
+			arguments: ["data": remoteData], // GOOD
+			contentWorld: .page
+		)
+	}
 }
 
 testUIWebView()

From 23ff3769aca3646e64ecbe5af45e57a82f31a538 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Mon, 31 Oct 2022 18:24:13 +0000
Subject: [PATCH 021/144] Swift: Add Alamofire tests for
 swift/cleartext-transmission.

---
 .../Security/CWE-311/SensitiveExprs.expected  |  10 +
 .../Security/CWE-311/testAlamofire.swift      | 218 ++++++++++++++++++
 2 files changed, 228 insertions(+)
 create mode 100644 swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift

diff --git a/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected b/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected
index 9e359b62e27..3c61ec86e95 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected
+++ b/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected
@@ -1,3 +1,13 @@
+| testAlamofire.swift:150:45:150:45 | password | label:password, type:credential |
+| testAlamofire.swift:152:51:152:51 | password | label:password, type:credential |
+| testAlamofire.swift:154:38:154:38 | email | label:email, type:private information |
+| testAlamofire.swift:159:26:159:26 | email | label:email, type:private information |
+| testAlamofire.swift:171:35:171:35 | email | label:email, type:private information |
+| testAlamofire.swift:177:35:177:35 | email | label:email, type:private information |
+| testAlamofire.swift:187:65:187:65 | password | label:password, type:credential |
+| testAlamofire.swift:195:64:195:64 | password | label:password, type:credential |
+| testAlamofire.swift:205:62:205:62 | password | label:password, type:credential |
+| testAlamofire.swift:213:65:213:65 | password | label:password, type:credential |
 | testCoreData.swift:48:15:48:15 | password | label:password, type:credential |
 | testCoreData.swift:51:24:51:24 | password | label:password, type:credential |
 | testCoreData.swift:58:15:58:15 | password | label:password, type:credential |
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift b/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
new file mode 100644
index 00000000000..9056eebdbf1
--- /dev/null
+++ b/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
@@ -0,0 +1,218 @@
+
+// --- Foundation stubs ---
+
+class NSObject {
+}
+
+struct URL {
+}
+
+struct URLRequest {
+}
+
+class URLResponse: NSObject {
+}
+
+class HTTPURLResponse : URLResponse {
+}
+
+// --- Alamofire stubs ---
+
+protocol URLConvertible {
+}
+
+extension String: URLConvertible {
+}
+
+struct HTTPMethod {
+	static let get = HTTPMethod(rawValue: "GET")
+	static let post = HTTPMethod(rawValue: "POST")
+
+	init(rawValue: String) {}
+}
+
+struct HTTPHeaders {
+	init(_ dictionary: [String: String]) {}
+
+	mutating func add(name: String, value: String) {}
+	mutating func update(name: String, value: String) {}
+}
+
+extension HTTPHeaders: ExpressibleByDictionaryLiteral {
+	public init(dictionaryLiteral elements: (String, String)...) {}
+}
+
+typealias Parameters = [String: Any]
+
+protocol ParameterEncoding {
+}
+
+struct URLEncoding: ParameterEncoding {
+	static var `default`: URLEncoding { URLEncoding() }
+}
+
+protocol ParameterEncoder {
+}
+
+class URLEncodedFormParameterEncoder: ParameterEncoder {
+	static var `default`: URLEncodedFormParameterEncoder { URLEncodedFormParameterEncoder() }
+}
+
+protocol RequestInterceptor {
+}
+
+class Request {
+}
+
+class DataRequest: Request {
+}
+
+final class DataStreamRequest: Request {
+}
+
+class DownloadRequest: Request {
+	struct Options: OptionSet {
+		let rawValue: Int
+
+		init(rawValue: Int) {
+			self.rawValue = rawValue
+		}
+	}
+
+	typealias Destination =
+		(_ temporaryURL: URL, _ response: HTTPURLResponse) ->
+		(destinationURL: URL, options: Options)
+}
+
+class Session {
+	static let `default` = Session()
+
+	typealias RequestModifier = (inout URLRequest) throws -> Void
+
+	func request(
+		_ convertible: URLConvertible,
+		method: HTTPMethod = .get,
+		parameters: Parameters? = nil,
+		encoding: ParameterEncoding = URLEncoding.default,
+		headers: HTTPHeaders? = nil,
+		interceptor: RequestInterceptor? = nil,
+		requestModifier: RequestModifier? = nil) -> DataRequest {
+			return DataRequest()
+	}
+
+	func request<Parameters: Encodable>(
+		_ convertible: URLConvertible,
+		method: HTTPMethod = .get,
+		parameters: Parameters? = nil,
+		encoder: ParameterEncoder = URLEncodedFormParameterEncoder.default,
+		headers: HTTPHeaders? = nil,
+		interceptor: RequestInterceptor? = nil,
+		requestModifier: RequestModifier? = nil) -> DataRequest {
+			return DataRequest()
+	}
+
+	func streamRequest(
+		_ convertible: URLConvertible,
+		method: HTTPMethod = .get,
+		headers: HTTPHeaders? = nil,
+		automaticallyCancelOnStreamError: Bool = false,
+		interceptor: RequestInterceptor? = nil,
+		requestModifier: RequestModifier? = nil) -> DataStreamRequest {
+			return DataStreamRequest()
+	}
+
+	func download(
+		_ convertible: URLConvertible,
+		method: HTTPMethod = .get,
+		parameters: Parameters? = nil,
+		encoding: ParameterEncoding = URLEncoding.default,
+		headers: HTTPHeaders? = nil,
+		interceptor: RequestInterceptor? = nil,
+		requestModifier: RequestModifier? = nil,
+		to destination: DownloadRequest.Destination? = nil) -> DownloadRequest {
+			return DownloadRequest()
+	}
+
+	// (there are many more variants of `request`, `streamRequest` and `download`)
+}
+
+let AF = Session.default
+
+// --- tests ---
+
+struct MyEncodable: Encodable {
+	let value: String
+}
+
+func test1(username: String, password: String, email: String, harmless: String) {
+	// sensitive data in URL
+
+	AF.request("http://example.com/login?p=" + password) // BAD [NOT DETECTED]
+	AF.request("http://example.com/login?h=" + harmless) // GOOD (not sensitive)
+	AF.streamRequest("http://example.com/login?p=" + password) // BAD [NOT DETECTED]
+	AF.streamRequest("http://example.com/login?h=" + harmless) // GOOD (not sensitive)
+	AF.download("http://example.com/" + email + ".html") // BAD [NOT DETECTED]
+	AF.download("http://example.com/" + harmless + ".html") // GOOD (not sensitive)
+
+	// sensitive data in parameters
+
+	let params1 = ["value": email]
+	let params2 = ["value": harmless]
+
+	AF.request("http://example.com/", parameters: params1) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", parameters: params2) // GOOD (not sensitive)
+	AF.request("http://example.com/", parameters: params1, encoding: URLEncoding.default) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", parameters: params2, encoding: URLEncoding.default) // GOOD (not sensitive)
+	AF.request("http://example.com/", parameters: params1, encoder: URLEncodedFormParameterEncoder.default) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", parameters: params2, encoder: URLEncodedFormParameterEncoder.default) // GOOD (not sensitive)
+	AF.download("http://example.com/", parameters: params1) // BAD [NOT DETECTED]
+	AF.download("http://example.com/", parameters: params2) // GOOD (not sensitive)
+
+	let params3 = ["values": ["...", email, "..."]]
+	let params4 = ["values": ["...", harmless, "..."]]
+
+	AF.request("http://example.com/", method:.post, parameters: params3) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", method:.post, parameters: params4) // GOOD (not sensitive)
+
+	let params5 = MyEncodable(value: email)
+	let params6 = MyEncodable(value: harmless)
+
+	AF.request("http://example.com/", parameters: params5) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", parameters: params6) // GOOD (not sensitive)
+
+	// request headers
+	//  - in real usage a password here would normally be base64 encoded for transmission
+	//  - the risk is greatly reduced (but not eliminated) if HTTPS is used
+
+	let headers1: HTTPHeaders = ["Authorization": username + ":" + password]
+	let headers2: HTTPHeaders = ["Value": harmless]
+
+	AF.request("http://example.com/", headers: headers1) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", headers: headers2) // GOOD (not sensitive)
+	AF.streamRequest("http://example.com/", headers: headers1) // BAD [NOT DETECTED]
+	AF.streamRequest("http://example.com/", headers: headers2) // GOOD (not sensitive)
+
+	let headers3 = HTTPHeaders(["Authorization": username + ":" + password])
+	let headers4 = HTTPHeaders(["Value": harmless])
+
+	AF.request("http://example.com/", headers: headers3) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", headers: headers4) // GOOD (not sensitive)
+	AF.download("http://example.com/", headers: headers1) // BAD [NOT DETECTED]
+	AF.download("http://example.com/", headers: headers2) // GOOD (not sensitive)
+
+	var headers5 = HTTPHeaders([:])
+	var headers6 = HTTPHeaders([:])
+	headers5.add(name: "Authorization", value: username + ":" + password)
+	headers6.add(name: "Data", value: harmless)
+
+	AF.request("http://example.com/", headers: headers5) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", headers: headers6) // GOOD (not sensitive)
+
+	var headers7 = HTTPHeaders([:])
+	var headers8 = HTTPHeaders([:])
+	headers7.update(name: "Authorization", value: username + ":" + password)
+	headers8.update(name: "Data", value: harmless)
+
+	AF.request("http://example.com/", headers: headers7) // BAD [NOT DETECTED]
+	AF.request("http://example.com/", headers: headers8) // GOOD (not sensitive)
+}

From d97682991df5a8ac0b5b72c654fe5e4ea8cea767 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 1 Nov 2022 15:35:50 +0000
Subject: [PATCH 022/144] Swift: Add Alamofire sink for
 cpp/cleartext-transmission.

---
 .../codeql/swift/elements/expr/ApplyExpr.qll  |  8 ++++++++
 .../Security/CWE-311/CleartextTransmission.ql | 19 +++++++++++++++++++
 .../CWE-311/CleartextTransmission.expected    | 12 ++++++++++++
 .../Security/CWE-311/testAlamofire.swift      |  6 +++---
 4 files changed, 42 insertions(+), 3 deletions(-)

diff --git a/swift/ql/lib/codeql/swift/elements/expr/ApplyExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/ApplyExpr.qll
index 14bc6302c2b..cf11158df92 100644
--- a/swift/ql/lib/codeql/swift/elements/expr/ApplyExpr.qll
+++ b/swift/ql/lib/codeql/swift/elements/expr/ApplyExpr.qll
@@ -19,6 +19,14 @@ class ApplyExpr extends Generated::ApplyExpr {
   /** Gets the method qualifier, if this is applying a method */
   Expr getQualifier() { none() }
 
+  /**
+   * Gets the argument of this `ApplyExpr` called `label` (if any).
+   */
+  final Argument getArgumentWithLabel(string label) {
+    result = getAnArgument() and
+    result.getLabel() = label
+  }
+
   override string toString() {
     result = "call to " + this.getStaticTarget().toString()
     or
diff --git a/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql b/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
index 92977f5cfd5..21c1c538462 100644
--- a/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
+++ b/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
@@ -54,6 +54,25 @@ class Url extends Transmitted {
   }
 }
 
+/**
+ * An `Expr` that transmitted through the Alamofire library.
+ */
+class AlamofireTransmitted extends Transmitted {
+  AlamofireTransmitted() {
+    // sinks are the first argument containing the URL, and the `parameters`
+    // and `headers` arguments to appropriate methods of `Session`.
+    exists(CallExpr call, string fName |
+      call.getStaticTarget().(MethodDecl).hasQualifiedName("Session", fName) and
+      fName.regexpMatch("(request|streamRequest|download)\\(.*") and
+      (
+        call.getArgument(0).getExpr() = this or
+        call.getArgumentWithLabel("parameters").getExpr() = this or
+        call.getArgumentWithLabel("headers").getExpr() = this
+      )
+    )
+  }
+}
+
 /**
  * A taint configuration from sensitive information to expressions that are
  * transmitted over a network.
diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected b/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected
index de02d0db461..d8328252a1c 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected
+++ b/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected
@@ -1,4 +1,7 @@
 edges
+| testAlamofire.swift:150:45:150:45 | password :  | testAlamofire.swift:150:13:150:45 | ... .+(_:_:) ... |
+| testAlamofire.swift:152:51:152:51 | password :  | testAlamofire.swift:152:19:152:51 | ... .+(_:_:) ... |
+| testAlamofire.swift:154:38:154:38 | email :  | testAlamofire.swift:154:14:154:46 | ... .+(_:_:) ... |
 | testSend.swift:41:10:41:18 | data :  | testSend.swift:41:45:41:45 | data :  |
 | testSend.swift:45:13:45:13 | password :  | testSend.swift:52:27:52:27 | str1 |
 | testSend.swift:46:13:46:13 | password :  | testSend.swift:53:27:53:27 | str2 |
@@ -8,6 +11,12 @@ edges
 | testURL.swift:13:54:13:54 | passwd :  | testURL.swift:13:22:13:54 | ... .+(_:_:) ... |
 | testURL.swift:16:55:16:55 | credit_card_no :  | testURL.swift:16:22:16:55 | ... .+(_:_:) ... |
 nodes
+| testAlamofire.swift:150:13:150:45 | ... .+(_:_:) ... | semmle.label | ... .+(_:_:) ... |
+| testAlamofire.swift:150:45:150:45 | password :  | semmle.label | password :  |
+| testAlamofire.swift:152:19:152:51 | ... .+(_:_:) ... | semmle.label | ... .+(_:_:) ... |
+| testAlamofire.swift:152:51:152:51 | password :  | semmle.label | password :  |
+| testAlamofire.swift:154:14:154:46 | ... .+(_:_:) ... | semmle.label | ... .+(_:_:) ... |
+| testAlamofire.swift:154:38:154:38 | email :  | semmle.label | email :  |
 | testSend.swift:29:19:29:19 | passwordPlain | semmle.label | passwordPlain |
 | testSend.swift:41:10:41:18 | data :  | semmle.label | data :  |
 | testSend.swift:41:45:41:45 | data :  | semmle.label | data :  |
@@ -26,6 +35,9 @@ nodes
 subpaths
 | testSend.swift:47:17:47:17 | password :  | testSend.swift:41:10:41:18 | data :  | testSend.swift:41:45:41:45 | data :  | testSend.swift:47:13:47:25 | call to pad(_:) :  |
 #select
+| testAlamofire.swift:150:13:150:45 | ... .+(_:_:) ... | testAlamofire.swift:150:45:150:45 | password :  | testAlamofire.swift:150:13:150:45 | ... .+(_:_:) ... | This operation transmits '... .+(_:_:) ...', which may contain unencrypted sensitive data from $@. | testAlamofire.swift:150:45:150:45 | password :  | password |
+| testAlamofire.swift:152:19:152:51 | ... .+(_:_:) ... | testAlamofire.swift:152:51:152:51 | password :  | testAlamofire.swift:152:19:152:51 | ... .+(_:_:) ... | This operation transmits '... .+(_:_:) ...', which may contain unencrypted sensitive data from $@. | testAlamofire.swift:152:51:152:51 | password :  | password |
+| testAlamofire.swift:154:14:154:46 | ... .+(_:_:) ... | testAlamofire.swift:154:38:154:38 | email :  | testAlamofire.swift:154:14:154:46 | ... .+(_:_:) ... | This operation transmits '... .+(_:_:) ...', which may contain unencrypted sensitive data from $@. | testAlamofire.swift:154:38:154:38 | email :  | email |
 | testSend.swift:29:19:29:19 | passwordPlain | testSend.swift:29:19:29:19 | passwordPlain | testSend.swift:29:19:29:19 | passwordPlain | This operation transmits 'passwordPlain', which may contain unencrypted sensitive data from $@. | testSend.swift:29:19:29:19 | passwordPlain | passwordPlain |
 | testSend.swift:52:27:52:27 | str1 | testSend.swift:45:13:45:13 | password :  | testSend.swift:52:27:52:27 | str1 | This operation transmits 'str1', which may contain unencrypted sensitive data from $@. | testSend.swift:45:13:45:13 | password :  | password |
 | testSend.swift:53:27:53:27 | str2 | testSend.swift:46:13:46:13 | password :  | testSend.swift:53:27:53:27 | str2 | This operation transmits 'str2', which may contain unencrypted sensitive data from $@. | testSend.swift:46:13:46:13 | password :  | password |
diff --git a/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift b/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
index 9056eebdbf1..3a50c2cf249 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
+++ b/swift/ql/test/query-tests/Security/CWE-311/testAlamofire.swift
@@ -147,11 +147,11 @@ struct MyEncodable: Encodable {
 func test1(username: String, password: String, email: String, harmless: String) {
 	// sensitive data in URL
 
-	AF.request("http://example.com/login?p=" + password) // BAD [NOT DETECTED]
+	AF.request("http://example.com/login?p=" + password) // BAD
 	AF.request("http://example.com/login?h=" + harmless) // GOOD (not sensitive)
-	AF.streamRequest("http://example.com/login?p=" + password) // BAD [NOT DETECTED]
+	AF.streamRequest("http://example.com/login?p=" + password) // BAD
 	AF.streamRequest("http://example.com/login?h=" + harmless) // GOOD (not sensitive)
-	AF.download("http://example.com/" + email + ".html") // BAD [NOT DETECTED]
+	AF.download("http://example.com/" + email + ".html") // BAD
 	AF.download("http://example.com/" + harmless + ".html") // GOOD (not sensitive)
 
 	// sensitive data in parameters

From 887d1893e755c38c1f834b5e45126b707fb1c3e6 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Thu, 10 Nov 2022 15:51:02 +0000
Subject: [PATCH 023/144] Swift: Make ql-for-ql happy.

---
 swift/ql/lib/codeql/swift/elements/expr/ApplyExpr.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/lib/codeql/swift/elements/expr/ApplyExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/ApplyExpr.qll
index cf11158df92..5c82dc32afa 100644
--- a/swift/ql/lib/codeql/swift/elements/expr/ApplyExpr.qll
+++ b/swift/ql/lib/codeql/swift/elements/expr/ApplyExpr.qll
@@ -23,7 +23,7 @@ class ApplyExpr extends Generated::ApplyExpr {
    * Gets the argument of this `ApplyExpr` called `label` (if any).
    */
   final Argument getArgumentWithLabel(string label) {
-    result = getAnArgument() and
+    result = this.getAnArgument() and
     result.getLabel() = label
   }
 

From 4caaa3a396c65f75a3268d5e1405dbfe7bf9f0cf Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Fri, 24 Jun 2022 16:00:40 +0200
Subject: [PATCH 024/144] Python: Rewrite call-graph tests to be inline
 expectation (1/2)

This adds inline expectations, next commit will remove old annotations
code... but I thought it would be easier to review like this.
---
 .../CallGraph/InlineCallGraphTest.expected    |  4 ++
 .../CallGraph/InlineCallGraphTest.ql          | 49 +++++++++++++++++++
 .../CallGraph/code/class_simple.py            | 10 ++--
 .../CallGraph/code/runtime_decision.py        |  4 +-
 .../library-tests/CallGraph/code/simple.py    |  8 +--
 .../code/underscore_prefix_func_name.py       |  6 +--
 6 files changed, 67 insertions(+), 14 deletions(-)
 create mode 100644 python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected
 create mode 100644 python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql

diff --git a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected
new file mode 100644
index 00000000000..2ff4aeb6865
--- /dev/null
+++ b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected
@@ -0,0 +1,4 @@
+failures
+debug_callableNotUnique
+| code/class_advanced.py:18:5:18:18 | Function arg | Qualified function name 'B.arg' is not unique. Please fix. |
+| code/class_advanced.py:23:5:23:25 | Function arg | Qualified function name 'B.arg' is not unique. Please fix. |
diff --git a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql
new file mode 100644
index 00000000000..6b59751e43b
--- /dev/null
+++ b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql
@@ -0,0 +1,49 @@
+import python
+import TestUtilities.InlineExpectationsTest
+
+/** Holds when `call` is resolved to `callable` using points-to based call-graph. */
+predicate pointsToCallEdge(CallNode call, Function callable) {
+  exists(PythonFunctionValue funcValue |
+    funcValue.getScope() = callable and
+    call = funcValue.getACall()
+  )
+}
+
+/** Holds when `call` is resolved to `callable` using type-tracking based call-graph. */
+predicate typeTrackerCallEdge(CallNode call, Function callable) { none() }
+
+class CallGraphTest extends InlineExpectationsTest {
+  CallGraphTest() { this = "CallGraphTest" }
+
+  override string getARelevantTag() { result in ["pt", "tt"] }
+
+  override predicate hasActualResult(Location location, string element, string tag, string value) {
+    exists(location.getFile().getRelativePath()) and
+    exists(CallNode call, Function target |
+      tag = "tt" and
+      typeTrackerCallEdge(call, target)
+      or
+      tag = "pt" and
+      pointsToCallEdge(call, target)
+    |
+      location = call.getLocation() and
+      element = call.toString() and
+      (
+        // note: `target.getQualifiedName` for Lambdas is just "lambda", so is not very useful :|
+        not target.isLambda() and
+        value = target.getQualifiedName()
+        or
+        target.isLambda() and
+        value =
+          "lambda[" + target.getLocation().getFile().getShortName() + ":" +
+            target.getLocation().getStartLine() + ":" + target.getLocation().getStartColumn() + "]"
+      )
+    )
+  }
+}
+
+query predicate debug_callableNotUnique(Function callable, string message) {
+  exists(Function f | f != callable and f.getQualifiedName() = callable.getQualifiedName()) and
+  message =
+    "Qualified function name '" + callable.getQualifiedName() + "' is not unique. Please fix."
+}
diff --git a/python/ql/test/experimental/library-tests/CallGraph/code/class_simple.py b/python/ql/test/experimental/library-tests/CallGraph/code/class_simple.py
index 7309620b3ec..a679cc5e25c 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/code/class_simple.py
+++ b/python/ql/test/experimental/library-tests/CallGraph/code/class_simple.py
@@ -25,13 +25,13 @@ class A(object):
 a = A(42)
 
 # calls:A.some_method
-a.some_method()
+a.some_method() # $ pt=A.some_method
 # calls:A.some_staticmethod
-a.some_staticmethod()
+a.some_staticmethod() # $ pt=A.some_staticmethod
 # calls:A.some_classmethod
-a.some_classmethod()
+a.some_classmethod() # $ pt=A.some_classmethod
 
 # calls:A.some_staticmethod
-A.some_staticmethod()
+A.some_staticmethod() # $ pt=A.some_staticmethod
 # calls:A.some_classmethod
-A.some_classmethod()
+A.some_classmethod() # $ pt=A.some_classmethod
diff --git a/python/ql/test/experimental/library-tests/CallGraph/code/runtime_decision.py b/python/ql/test/experimental/library-tests/CallGraph/code/runtime_decision.py
index fd2f7773ced..a271cbd9a6f 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/code/runtime_decision.py
+++ b/python/ql/test/experimental/library-tests/CallGraph/code/runtime_decision.py
@@ -18,7 +18,7 @@ else:
     func = rd_bar
 
 # calls:rd_foo calls:rd_bar
-func()
+func() # $ pt=rd_foo pt=rd_bar
 
 # Random doesn't work with points-to :O
 if random.random() < 0.5:
@@ -27,4 +27,4 @@ else:
     func2 = rd_bar
 
 # calls:rd_foo calls:rd_bar
-func2()
+func2() # $ pt=rd_foo pt=rd_bar
diff --git a/python/ql/test/experimental/library-tests/CallGraph/code/simple.py b/python/ql/test/experimental/library-tests/CallGraph/code/simple.py
index d3c39e42fd5..210df4f209e 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/code/simple.py
+++ b/python/ql/test/experimental/library-tests/CallGraph/code/simple.py
@@ -16,12 +16,12 @@ lam = lambda: print("lambda called")
 
 
 # calls:foo
-foo()
+foo() # $ pt=foo
 # calls:foo
-indirect_foo()
+indirect_foo() # $ pt=foo
 # calls:bar
-bar()
+bar() # $ pt=bar
 # calls:lam
-lam()
+lam() # $ pt=lambda[simple.py:15:7]
 
 # python -m trace --trackcalls simple.py
diff --git a/python/ql/test/experimental/library-tests/CallGraph/code/underscore_prefix_func_name.py b/python/ql/test/experimental/library-tests/CallGraph/code/underscore_prefix_func_name.py
index 1ec87efd757..1a1efe9d7b6 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/code/underscore_prefix_func_name.py
+++ b/python/ql/test/experimental/library-tests/CallGraph/code/underscore_prefix_func_name.py
@@ -18,11 +18,11 @@ def _ignored():
 def _works_since_called():
     print('_works_since_called')
     # calls:some_function
-    some_function()
+    some_function() # $ pt=some_function
 
 def works_even_though_not_called():
     # calls:some_function
-    some_function()
+    some_function() # $ pt=some_function
 
 globals()['_ignored']()
-_works_since_called()
+_works_since_called() # $ pt=_works_since_called

From 6d9745e5c35796240be0909f5c6c3a05bd4f0beb Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Fri, 24 Jun 2022 16:13:32 +0200
Subject: [PATCH 025/144] Python: Rewrite call-graph tests to be inline
 expectation (2/2)

I ported the predicates showing difference between points-to and
type-tracking, since it's helpful to see the list of differences,
instead of having to parse expectations!
---
 .../library-tests/CallGraph/CallGraphTest.qll | 147 ------------------
 .../CallGraph/InlineCallGraphTest.expected    |  18 +++
 .../CallGraph/InlineCallGraphTest.ql          |  39 +++--
 .../library-tests/CallGraph/PointsTo.expected |   6 -
 .../library-tests/CallGraph/PointsTo.ql       |  10 --
 .../library-tests/CallGraph/README.md         |  38 -----
 .../library-tests/CallGraph/Relative.expected |  20 ---
 .../library-tests/CallGraph/Relative.ql       |  14 --
 .../CallGraph/TypeTracker.expected            |  21 ---
 .../library-tests/CallGraph/TypeTracker.ql    |  10 --
 .../CallGraph/code/runtime_decision.py        |   4 -
 .../library-tests/CallGraph/code/simple.py    |   9 +-
 .../code/underscore_prefix_func_name.py       |   4 -
 13 files changed, 48 insertions(+), 292 deletions(-)
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph/CallGraphTest.qll
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph/PointsTo.expected
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph/PointsTo.ql
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph/README.md
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph/Relative.expected
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph/Relative.ql
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph/TypeTracker.expected
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph/TypeTracker.ql

diff --git a/python/ql/test/experimental/library-tests/CallGraph/CallGraphTest.qll b/python/ql/test/experimental/library-tests/CallGraph/CallGraphTest.qll
deleted file mode 100644
index 0f8b3162980..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph/CallGraphTest.qll
+++ /dev/null
@@ -1,147 +0,0 @@
-import python
-
-/** Gets the comment on the line above `ast` */
-Comment commentFor(AstNode ast) {
-  exists(int line | line = ast.getLocation().getStartLine() - 1 |
-    result
-        .getLocation()
-        .hasLocationInfo(ast.getLocation().getFile().getAbsolutePath(), line, _, line, _)
-  )
-}
-
-/** Gets the value from `tag:value` in the comment for `ast` */
-string getAnnotation(AstNode ast, string tag) {
-  exists(Comment comment, string match, string theRegex |
-    theRegex = "([\\w]+):([\\w.]+)" and
-    comment = commentFor(ast) and
-    match = comment.getText().regexpFind(theRegex, _, _) and
-    tag = match.regexpCapture(theRegex, 1) and
-    result = match.regexpCapture(theRegex, 2)
-  )
-}
-
-/** Gets a callable annotated with `name:name` */
-Function annotatedCallable(string name) { name = getAnnotation(result, "name") }
-
-/** Gets a call annotated with `calls:name` */
-Call annotatedCall(string name) { name = getAnnotation(result, "calls") }
-
-predicate missingAnnotationForCallable(string name, Call call) {
-  call = annotatedCall(name) and
-  not exists(annotatedCallable(name))
-}
-
-predicate nonUniqueAnnotationForCallable(string name, Function callable) {
-  strictcount(annotatedCallable(name)) > 1 and
-  callable = annotatedCallable(name)
-}
-
-predicate missingAnnotationForCall(string name, Function callable) {
-  not exists(annotatedCall(name)) and
-  callable = annotatedCallable(name)
-}
-
-/** There is an obvious problem with the annotation `name` */
-predicate nameInErrorState(string name) {
-  missingAnnotationForCallable(name, _)
-  or
-  nonUniqueAnnotationForCallable(name, _)
-  or
-  missingAnnotationForCall(name, _)
-}
-
-/** Source code has annotation with `name` showing that `call` will call `callable` */
-predicate annotatedCallEdge(string name, Call call, Function callable) {
-  not nameInErrorState(name) and
-  call = annotatedCall(name) and
-  callable = annotatedCallable(name)
-}
-
-// ------------------------- Annotation debug query predicates -------------------------
-query predicate debug_missingAnnotationForCallable(Call call, string message) {
-  exists(string name |
-    message =
-      "This call is annotated with '" + name +
-        "', but no callable with that annotation was extracted. Please fix." and
-    missingAnnotationForCallable(name, call)
-  )
-}
-
-query predicate debug_nonUniqueAnnotationForCallable(Function callable, string message) {
-  exists(string name |
-    message = "Multiple callables are annotated with '" + name + "'. Please fix." and
-    nonUniqueAnnotationForCallable(name, callable)
-  )
-}
-
-query predicate debug_missingAnnotationForCall(Function callable, string message) {
-  exists(string name |
-    message =
-      "This callable is annotated with '" + name +
-        "', but no call with that annotation was extracted. Please fix." and
-    missingAnnotationForCall(name, callable)
-  )
-}
-
-// ------------------------- Call Graph resolution -------------------------
-private newtype TCallGraphResolver =
-  TPointsToResolver() or
-  TTypeTrackerResolver()
-
-/** A method of call graph resolution */
-abstract class CallGraphResolver extends TCallGraphResolver {
-  abstract predicate callEdge(Call call, Function callable);
-
-  /**
-   * Holds if annotations show that `call` will call `callable`,
-   * but our call graph resolver was not able to figure that out
-   */
-  predicate expectedCallEdgeNotFound(Call call, Function callable) {
-    annotatedCallEdge(_, call, callable) and
-    not this.callEdge(call, callable)
-  }
-
-  /**
-   * Holds if there are no annotations that show that `call` will call `callable` (where at least one of these are annotated),
-   * but the call graph resolver claims that `call` will call `callable`
-   */
-  predicate unexpectedCallEdgeFound(Call call, Function callable, string message) {
-    this.callEdge(call, callable) and
-    not annotatedCallEdge(_, call, callable) and
-    (
-      exists(string name |
-        message = "Call resolved to the callable named '" + name + "' but was not annotated as such" and
-        callable = annotatedCallable(name) and
-        not nameInErrorState(name)
-      )
-      or
-      exists(string name |
-        message = "Annotated call resolved to unannotated callable" and
-        call = annotatedCall(name) and
-        not nameInErrorState(name) and
-        not exists( | callable = annotatedCallable(_))
-      )
-    )
-  }
-
-  string toString() { result = "CallGraphResolver" }
-}
-
-/** A call graph resolver based on the existing points-to analysis */
-class PointsToResolver extends CallGraphResolver, TPointsToResolver {
-  override predicate callEdge(Call call, Function callable) {
-    exists(PythonFunctionValue funcValue |
-      funcValue.getScope() = callable and
-      call = funcValue.getACall().getNode()
-    )
-  }
-
-  override string toString() { result = "PointsToResolver" }
-}
-
-/** A call graph resolved based on Type Trackers */
-class TypeTrackerResolver extends CallGraphResolver, TTypeTrackerResolver {
-  override predicate callEdge(Call call, Function callable) { none() }
-
-  override string toString() { result = "TypeTrackerResolver" }
-}
diff --git a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected
index 2ff4aeb6865..975ac22dd2d 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected
+++ b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected
@@ -2,3 +2,21 @@ failures
 debug_callableNotUnique
 | code/class_advanced.py:18:5:18:18 | Function arg | Qualified function name 'B.arg' is not unique. Please fix. |
 | code/class_advanced.py:23:5:23:25 | Function arg | Qualified function name 'B.arg' is not unique. Please fix. |
+pointsTo_found_typeTracker_notFound
+| code/class_simple.py:28:1:28:15 | ControlFlowNode for Attribute() | A.some_method |
+| code/class_simple.py:30:1:30:21 | ControlFlowNode for Attribute() | A.some_staticmethod |
+| code/class_simple.py:32:1:32:20 | ControlFlowNode for Attribute() | A.some_classmethod |
+| code/class_simple.py:35:1:35:21 | ControlFlowNode for Attribute() | A.some_staticmethod |
+| code/class_simple.py:37:1:37:20 | ControlFlowNode for Attribute() | A.some_classmethod |
+| code/runtime_decision.py:18:1:18:6 | ControlFlowNode for func() | rd_bar |
+| code/runtime_decision.py:18:1:18:6 | ControlFlowNode for func() | rd_foo |
+| code/runtime_decision.py:26:1:26:7 | ControlFlowNode for func2() | rd_bar |
+| code/runtime_decision.py:26:1:26:7 | ControlFlowNode for func2() | rd_foo |
+| code/simple.py:15:1:15:5 | ControlFlowNode for foo() | foo |
+| code/simple.py:16:1:16:14 | ControlFlowNode for indirect_foo() | foo |
+| code/simple.py:17:1:17:5 | ControlFlowNode for bar() | bar |
+| code/simple.py:18:1:18:5 | ControlFlowNode for lam() | lambda[simple.py:12:7] |
+| code/underscore_prefix_func_name.py:18:5:18:19 | ControlFlowNode for some_function() | some_function |
+| code/underscore_prefix_func_name.py:21:5:21:19 | ControlFlowNode for some_function() | some_function |
+| code/underscore_prefix_func_name.py:24:1:24:21 | ControlFlowNode for _works_since_called() | _works_since_called |
+typeTracker_found_pointsTo_notFound
diff --git a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql
index 6b59751e43b..50ad10bd191 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql
+++ b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.ql
@@ -28,22 +28,41 @@ class CallGraphTest extends InlineExpectationsTest {
     |
       location = call.getLocation() and
       element = call.toString() and
-      (
-        // note: `target.getQualifiedName` for Lambdas is just "lambda", so is not very useful :|
-        not target.isLambda() and
-        value = target.getQualifiedName()
-        or
-        target.isLambda() and
-        value =
-          "lambda[" + target.getLocation().getFile().getShortName() + ":" +
-            target.getLocation().getStartLine() + ":" + target.getLocation().getStartColumn() + "]"
-      )
+      value = betterQualName(target)
     )
   }
 }
 
+bindingset[func]
+string betterQualName(Function func) {
+  // note: `target.getQualifiedName` for Lambdas is just "lambda", so is not very useful :|
+  not func.isLambda() and
+  result = func.getQualifiedName()
+  or
+  func.isLambda() and
+  result =
+    "lambda[" + func.getLocation().getFile().getShortName() + ":" +
+      func.getLocation().getStartLine() + ":" + func.getLocation().getStartColumn() + "]"
+}
+
 query predicate debug_callableNotUnique(Function callable, string message) {
   exists(Function f | f != callable and f.getQualifiedName() = callable.getQualifiedName()) and
   message =
     "Qualified function name '" + callable.getQualifiedName() + "' is not unique. Please fix."
 }
+
+query predicate pointsTo_found_typeTracker_notFound(CallNode call, string qualname) {
+  exists(Function target |
+    pointsToCallEdge(call, target) and
+    not typeTrackerCallEdge(call, target) and
+    qualname = betterQualName(target)
+  )
+}
+
+query predicate typeTracker_found_pointsTo_notFound(CallNode call, string qualname) {
+  exists(Function target |
+    not pointsToCallEdge(call, target) and
+    typeTrackerCallEdge(call, target) and
+    qualname = betterQualName(target)
+  )
+}
diff --git a/python/ql/test/experimental/library-tests/CallGraph/PointsTo.expected b/python/ql/test/experimental/library-tests/CallGraph/PointsTo.expected
deleted file mode 100644
index e7db0fde98c..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph/PointsTo.expected
+++ /dev/null
@@ -1,6 +0,0 @@
-debug_missingAnnotationForCallable
-debug_nonUniqueAnnotationForCallable
-debug_missingAnnotationForCall
-expectedCallEdgeNotFound
-| code/underscore_prefix_func_name.py:16:5:16:19 | some_function() | code/underscore_prefix_func_name.py:10:1:10:20 | Function some_function |
-unexpectedCallEdgeFound
diff --git a/python/ql/test/experimental/library-tests/CallGraph/PointsTo.ql b/python/ql/test/experimental/library-tests/CallGraph/PointsTo.ql
deleted file mode 100644
index f86842f2fe4..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph/PointsTo.ql
+++ /dev/null
@@ -1,10 +0,0 @@
-import python
-import CallGraphTest
-
-query predicate expectedCallEdgeNotFound(Call call, Function callable) {
-  any(PointsToResolver r).expectedCallEdgeNotFound(call, callable)
-}
-
-query predicate unexpectedCallEdgeFound(Call call, Function callable, string message) {
-  any(PointsToResolver r).unexpectedCallEdgeFound(call, callable, message)
-}
diff --git a/python/ql/test/experimental/library-tests/CallGraph/README.md b/python/ql/test/experimental/library-tests/CallGraph/README.md
deleted file mode 100644
index 0fbf6bdac9d..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph/README.md
+++ /dev/null
@@ -1,38 +0,0 @@
-# Call Graph Tests
-
-A small testing framework for our call graph resolution. It relies on manual annotation of calls and callables, **and will only include output if something is wrong**. For example, if we are not able to resolve that the `foo()` call will call the `foo` function, that should give an alert.
-
-```py
-# name:foo
-def foo():
-    pass
-# calls:foo
-foo()
-```
-
-This is greatly inspired by [`CallGraphs/AnnotatedTest`](https://github.com/github/codeql/blob/696d19cb1440b6f6a75c6a2c1319e18860ceb436/javascript/ql/test/library-tests/CallGraphs/AnnotatedTest/Test.ql) from JavaScript.
-
-IMPORTANT: Names used in annotations are not scoped, so must be unique globally. (this is a bit annoying, but makes things simple). If multiple identical annotations are used, an error message will be output.
-
-Important files:
-
-- `CallGraphTest.qll`: main code to find annotated calls/callables and setting everything up.
-- `PointsTo.ql`: results when using points-to for call graph resolution.
-- `TypeTracker.ql`: results when using TypeTracking for call graph resolution.
-- `Relative.ql`: differences between using points-to and TypeTracking.
-- `code/` contains the actual Python code we test against (included by `test.py`).
-
-All queries will also execute some `debug_*` predicates. These highlight any obvious problems with the annotation setup, and so there should never be any results committed. To show that this works as expected, see the [CallGraph-xfail](../CallGraph-xfail/)  which uses symlinked versions of the files in this directory (can't include as subdir, so has to be a sibling).
-
-## `options` file
-
-If the value for `--max-import-depth` is set so that `import random` will extract `random.py` from the standard library, BUT NO transitive imports are extracted, then points-to analysis will fail to handle the following snippet.
-
-```py
-import random
-if random.random() < 0.5:
-    func = foo
-else:
-    func = bar
-func()
-```
diff --git a/python/ql/test/experimental/library-tests/CallGraph/Relative.expected b/python/ql/test/experimental/library-tests/CallGraph/Relative.expected
deleted file mode 100644
index 9882dda21bf..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph/Relative.expected
+++ /dev/null
@@ -1,20 +0,0 @@
-debug_missingAnnotationForCallable
-debug_nonUniqueAnnotationForCallable
-debug_missingAnnotationForCall
-pointsTo_found_typeTracker_notFound
-| code/class_simple.py:28:1:28:15 | Attribute() | code/class_simple.py:8:5:8:26 | Function some_method |
-| code/class_simple.py:30:1:30:21 | Attribute() | code/class_simple.py:13:5:13:28 | Function some_staticmethod |
-| code/class_simple.py:32:1:32:20 | Attribute() | code/class_simple.py:18:5:18:30 | Function some_classmethod |
-| code/class_simple.py:35:1:35:21 | Attribute() | code/class_simple.py:13:5:13:28 | Function some_staticmethod |
-| code/class_simple.py:37:1:37:20 | Attribute() | code/class_simple.py:18:5:18:30 | Function some_classmethod |
-| code/runtime_decision.py:21:1:21:6 | func() | code/runtime_decision.py:8:1:8:13 | Function rd_foo |
-| code/runtime_decision.py:21:1:21:6 | func() | code/runtime_decision.py:12:1:12:13 | Function rd_bar |
-| code/runtime_decision.py:30:1:30:7 | func2() | code/runtime_decision.py:8:1:8:13 | Function rd_foo |
-| code/runtime_decision.py:30:1:30:7 | func2() | code/runtime_decision.py:12:1:12:13 | Function rd_bar |
-| code/simple.py:19:1:19:5 | foo() | code/simple.py:2:1:2:10 | Function foo |
-| code/simple.py:21:1:21:14 | indirect_foo() | code/simple.py:2:1:2:10 | Function foo |
-| code/simple.py:23:1:23:5 | bar() | code/simple.py:10:1:10:10 | Function bar |
-| code/simple.py:25:1:25:5 | lam() | code/simple.py:15:7:15:36 | Function lambda |
-| code/underscore_prefix_func_name.py:21:5:21:19 | some_function() | code/underscore_prefix_func_name.py:10:1:10:20 | Function some_function |
-| code/underscore_prefix_func_name.py:25:5:25:19 | some_function() | code/underscore_prefix_func_name.py:10:1:10:20 | Function some_function |
-pointsTo_notFound_typeTracker_found
diff --git a/python/ql/test/experimental/library-tests/CallGraph/Relative.ql b/python/ql/test/experimental/library-tests/CallGraph/Relative.ql
deleted file mode 100644
index f62e4d21cbd..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph/Relative.ql
+++ /dev/null
@@ -1,14 +0,0 @@
-import python
-import CallGraphTest
-
-query predicate pointsTo_found_typeTracker_notFound(Call call, Function callable) {
-  annotatedCallEdge(_, call, callable) and
-  any(PointsToResolver r).callEdge(call, callable) and
-  not any(TypeTrackerResolver r).callEdge(call, callable)
-}
-
-query predicate pointsTo_notFound_typeTracker_found(Call call, Function callable) {
-  annotatedCallEdge(_, call, callable) and
-  not any(PointsToResolver r).callEdge(call, callable) and
-  any(TypeTrackerResolver r).callEdge(call, callable)
-}
diff --git a/python/ql/test/experimental/library-tests/CallGraph/TypeTracker.expected b/python/ql/test/experimental/library-tests/CallGraph/TypeTracker.expected
deleted file mode 100644
index 5fc5376ca25..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph/TypeTracker.expected
+++ /dev/null
@@ -1,21 +0,0 @@
-debug_missingAnnotationForCallable
-debug_nonUniqueAnnotationForCallable
-debug_missingAnnotationForCall
-expectedCallEdgeNotFound
-| code/class_simple.py:28:1:28:15 | Attribute() | code/class_simple.py:8:5:8:26 | Function some_method |
-| code/class_simple.py:30:1:30:21 | Attribute() | code/class_simple.py:13:5:13:28 | Function some_staticmethod |
-| code/class_simple.py:32:1:32:20 | Attribute() | code/class_simple.py:18:5:18:30 | Function some_classmethod |
-| code/class_simple.py:35:1:35:21 | Attribute() | code/class_simple.py:13:5:13:28 | Function some_staticmethod |
-| code/class_simple.py:37:1:37:20 | Attribute() | code/class_simple.py:18:5:18:30 | Function some_classmethod |
-| code/runtime_decision.py:21:1:21:6 | func() | code/runtime_decision.py:8:1:8:13 | Function rd_foo |
-| code/runtime_decision.py:21:1:21:6 | func() | code/runtime_decision.py:12:1:12:13 | Function rd_bar |
-| code/runtime_decision.py:30:1:30:7 | func2() | code/runtime_decision.py:8:1:8:13 | Function rd_foo |
-| code/runtime_decision.py:30:1:30:7 | func2() | code/runtime_decision.py:12:1:12:13 | Function rd_bar |
-| code/simple.py:19:1:19:5 | foo() | code/simple.py:2:1:2:10 | Function foo |
-| code/simple.py:21:1:21:14 | indirect_foo() | code/simple.py:2:1:2:10 | Function foo |
-| code/simple.py:23:1:23:5 | bar() | code/simple.py:10:1:10:10 | Function bar |
-| code/simple.py:25:1:25:5 | lam() | code/simple.py:15:7:15:36 | Function lambda |
-| code/underscore_prefix_func_name.py:16:5:16:19 | some_function() | code/underscore_prefix_func_name.py:10:1:10:20 | Function some_function |
-| code/underscore_prefix_func_name.py:21:5:21:19 | some_function() | code/underscore_prefix_func_name.py:10:1:10:20 | Function some_function |
-| code/underscore_prefix_func_name.py:25:5:25:19 | some_function() | code/underscore_prefix_func_name.py:10:1:10:20 | Function some_function |
-unexpectedCallEdgeFound
diff --git a/python/ql/test/experimental/library-tests/CallGraph/TypeTracker.ql b/python/ql/test/experimental/library-tests/CallGraph/TypeTracker.ql
deleted file mode 100644
index a62332e3839..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph/TypeTracker.ql
+++ /dev/null
@@ -1,10 +0,0 @@
-import python
-import CallGraphTest
-
-query predicate expectedCallEdgeNotFound(Call call, Function callable) {
-  any(TypeTrackerResolver r).expectedCallEdgeNotFound(call, callable)
-}
-
-query predicate unexpectedCallEdgeFound(Call call, Function callable, string message) {
-  any(TypeTrackerResolver r).unexpectedCallEdgeFound(call, callable, message)
-}
diff --git a/python/ql/test/experimental/library-tests/CallGraph/code/runtime_decision.py b/python/ql/test/experimental/library-tests/CallGraph/code/runtime_decision.py
index a271cbd9a6f..3c4ebbb73e1 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/code/runtime_decision.py
+++ b/python/ql/test/experimental/library-tests/CallGraph/code/runtime_decision.py
@@ -4,11 +4,9 @@ import random
 # hmm, annoying that you have to keep names unique across files :|
 # since I like to use foo and bar ALL the time :D
 
-# name:rd_foo
 def rd_foo():
     print('rd_foo')
 
-# name:rd_bar
 def rd_bar():
     print('rd_bar')
 
@@ -17,7 +15,6 @@ if len(sys.argv) >= 2 and not sys.argv[1] in ['0', 'False', 'false']:
 else:
     func = rd_bar
 
-# calls:rd_foo calls:rd_bar
 func() # $ pt=rd_foo pt=rd_bar
 
 # Random doesn't work with points-to :O
@@ -26,5 +23,4 @@ if random.random() < 0.5:
 else:
     func2 = rd_bar
 
-# calls:rd_foo calls:rd_bar
 func2() # $ pt=rd_foo pt=rd_bar
diff --git a/python/ql/test/experimental/library-tests/CallGraph/code/simple.py b/python/ql/test/experimental/library-tests/CallGraph/code/simple.py
index 210df4f209e..ac07ace93b2 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/code/simple.py
+++ b/python/ql/test/experimental/library-tests/CallGraph/code/simple.py
@@ -1,4 +1,3 @@
-# name:foo
 def foo():
     print("foo called")
 
@@ -6,22 +5,16 @@ def foo():
 indirect_foo = foo
 
 
-# name:bar
 def bar():
     print("bar called")
 
 
-# name:lam
 lam = lambda: print("lambda called")
 
 
-# calls:foo
 foo() # $ pt=foo
-# calls:foo
 indirect_foo() # $ pt=foo
-# calls:bar
 bar() # $ pt=bar
-# calls:lam
-lam() # $ pt=lambda[simple.py:15:7]
+lam() # $ pt=lambda[simple.py:12:7]
 
 # python -m trace --trackcalls simple.py
diff --git a/python/ql/test/experimental/library-tests/CallGraph/code/underscore_prefix_func_name.py b/python/ql/test/experimental/library-tests/CallGraph/code/underscore_prefix_func_name.py
index 1a1efe9d7b6..fb3f5fc45a8 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/code/underscore_prefix_func_name.py
+++ b/python/ql/test/experimental/library-tests/CallGraph/code/underscore_prefix_func_name.py
@@ -6,22 +6,18 @@
 # points-to information about the `open` call in
 # https://google-gruyere.appspot.com/code/gruyere.py on line 227
 
-# name:some_function
 def some_function():
     print('some_function')
 
 def _ignored():
     print('_ignored')
-    # calls:some_function
     some_function()
 
 def _works_since_called():
     print('_works_since_called')
-    # calls:some_function
     some_function() # $ pt=some_function
 
 def works_even_though_not_called():
-    # calls:some_function
     some_function() # $ pt=some_function
 
 globals()['_ignored']()

From b60504f40463e1eed8a0aef2ff24b74a307e847b Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Fri, 24 Jun 2022 16:15:04 +0200
Subject: [PATCH 026/144] Python: Delete `CallGraph-xfail`

No longer needed since we're using an established testing framework now
---
 .../CallGraph-xfail/PointsTo.expected         | 18 --------
 .../CallGraph-xfail/PointsTo.qlref            |  1 -
 .../library-tests/CallGraph-xfail/README.md   |  1 -
 .../CallGraph-xfail/annotation_xfail.py       | 21 ---------
 .../CallGraph-xfail/call_edge_xfail.py        | 43 -------------------
 5 files changed, 84 deletions(-)
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-xfail/PointsTo.expected
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-xfail/PointsTo.qlref
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-xfail/README.md
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-xfail/annotation_xfail.py
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-xfail/call_edge_xfail.py

diff --git a/python/ql/test/experimental/library-tests/CallGraph-xfail/PointsTo.expected b/python/ql/test/experimental/library-tests/CallGraph-xfail/PointsTo.expected
deleted file mode 100644
index 680cee0e8b2..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-xfail/PointsTo.expected
+++ /dev/null
@@ -1,18 +0,0 @@
-debug_missingAnnotationForCallable
-| annotation_xfail.py:10:1:10:24 | callable_not_annotated() | This call is annotated with 'callable_not_annotated', but no callable with that annotation was extracted. Please fix. |
-debug_nonUniqueAnnotationForCallable
-| annotation_xfail.py:13:1:13:17 | Function non_unique | Multiple callables are annotated with 'non_unique'. Please fix. |
-| annotation_xfail.py:17:1:17:26 | Function too_much_copy_paste | Multiple callables are annotated with 'non_unique'. Please fix. |
-debug_missingAnnotationForCall
-| annotation_xfail.py:2:1:2:24 | Function no_annotated_call | This callable is annotated with 'no_annotated_call', but no call with that annotation was extracted. Please fix. |
-expectedCallEdgeNotFound
-| call_edge_xfail.py:36:1:36:11 | xfail_foo() | call_edge_xfail.py:8:1:8:16 | Function xfail_bar |
-| call_edge_xfail.py:39:1:39:11 | xfail_baz() | call_edge_xfail.py:8:1:8:16 | Function xfail_bar |
-unexpectedCallEdgeFound
-| call_edge_xfail.py:29:1:29:6 | func() | call_edge_xfail.py:4:1:4:16 | Function xfail_foo | Call resolved to the callable named 'xfail_foo' but was not annotated as such |
-| call_edge_xfail.py:29:1:29:6 | func() | call_edge_xfail.py:8:1:8:16 | Function xfail_bar | Call resolved to the callable named 'xfail_bar' but was not annotated as such |
-| call_edge_xfail.py:30:1:30:11 | xfail_foo() | call_edge_xfail.py:4:1:4:16 | Function xfail_foo | Call resolved to the callable named 'xfail_foo' but was not annotated as such |
-| call_edge_xfail.py:31:1:31:14 | xfail_lambda() | call_edge_xfail.py:15:16:15:44 | Function lambda | Call resolved to the callable named 'xfail_lambda' but was not annotated as such |
-| call_edge_xfail.py:36:1:36:11 | xfail_foo() | call_edge_xfail.py:4:1:4:16 | Function xfail_foo | Call resolved to the callable named 'xfail_foo' but was not annotated as such |
-| call_edge_xfail.py:39:1:39:11 | xfail_baz() | call_edge_xfail.py:11:1:11:16 | Function xfail_baz | Annotated call resolved to unannotated callable |
-| call_edge_xfail.py:43:1:43:6 | func() | call_edge_xfail.py:8:1:8:16 | Function xfail_bar | Call resolved to the callable named 'xfail_bar' but was not annotated as such |
diff --git a/python/ql/test/experimental/library-tests/CallGraph-xfail/PointsTo.qlref b/python/ql/test/experimental/library-tests/CallGraph-xfail/PointsTo.qlref
deleted file mode 100644
index da8a0d1631a..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-xfail/PointsTo.qlref
+++ /dev/null
@@ -1 +0,0 @@
-../CallGraph/PointsTo.ql
diff --git a/python/ql/test/experimental/library-tests/CallGraph-xfail/README.md b/python/ql/test/experimental/library-tests/CallGraph-xfail/README.md
deleted file mode 100644
index 39021bce2a1..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-xfail/README.md
+++ /dev/null
@@ -1 +0,0 @@
-Test that show our failure handling in [CallGraph](../CallGraph/) works as expected.
diff --git a/python/ql/test/experimental/library-tests/CallGraph-xfail/annotation_xfail.py b/python/ql/test/experimental/library-tests/CallGraph-xfail/annotation_xfail.py
deleted file mode 100644
index f8dbf88aa02..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-xfail/annotation_xfail.py
+++ /dev/null
@@ -1,21 +0,0 @@
-# name:no_annotated_call
-def no_annotated_call():
-    pass
-
-def callable_not_annotated():
-    pass
-
-no_annotated_call()
-# calls:callable_not_annotated
-callable_not_annotated()
-
-# name:non_unique
-def non_unique():
-    pass
-
-# name:non_unique
-def too_much_copy_paste():
-    pass
-
-# calls:non_unique
-non_unique()
diff --git a/python/ql/test/experimental/library-tests/CallGraph-xfail/call_edge_xfail.py b/python/ql/test/experimental/library-tests/CallGraph-xfail/call_edge_xfail.py
deleted file mode 100644
index e72e02e376b..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-xfail/call_edge_xfail.py
+++ /dev/null
@@ -1,43 +0,0 @@
-import sys
-
-# name:xfail_foo
-def xfail_foo():
-    print('xfail_foo')
-
-# name:xfail_bar
-def xfail_bar():
-    print('xfail_bar')
-
-def xfail_baz():
-    print('xfail_baz')
-
-# name:xfail_lambda
-xfail_lambda = lambda: print('xfail_lambda')
-
-if len(sys.argv) >= 2 and not sys.argv[1] in ['0', 'False', 'false']:
-    func = xfail_foo
-else:
-    func = xfail_bar
-
-# Correct usage to suppress bad annotation errors
-# calls:xfail_foo calls:xfail_bar
-func()
-# calls:xfail_lambda
-xfail_lambda()
-
-# These are not annotated, and will give rise to unexpectedCallEdgeFound
-func()
-xfail_foo()
-xfail_lambda()
-
-# These are annotated wrongly, and will give rise to unexpectedCallEdgeFound
-
-# calls:xfail_bar
-xfail_foo()
-
-# calls:xfail_bar
-xfail_baz()
-
-# The annotation is incomplete (does not include the call to xfail_bar)
-# calls:xfail_foo
-func()

From ab42521906e8caff7eedd751c4d5584422cbea57 Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Fri, 24 Jun 2022 16:17:26 +0200
Subject: [PATCH 027/144] Python: Port `CallGraph-implicit-init` tests

to the new call-graph test setup. Nice that we can write `MISSING:` now!
---
 .../InlineCallGraphTest.expected                       |  5 +++++
 .../CallGraph-implicit-init/InlineCallGraphTest.qlref  |  1 +
 .../CallGraph-implicit-init/PointsTo.expected          |  6 ------
 .../CallGraph-implicit-init/PointsTo.qlref             |  1 -
 .../CallGraph-implicit-init/Relative.expected          |  6 ------
 .../CallGraph-implicit-init/Relative.qlref             |  1 -
 .../CallGraph-implicit-init/TypeTracker.expected       |  7 -------
 .../CallGraph-implicit-init/TypeTracker.qlref          |  1 -
 .../library-tests/CallGraph-implicit-init/example.py   | 10 +++++-----
 .../library-tests/CallGraph-implicit-init/foo/bar/a.py |  1 -
 .../CallGraph-implicit-init/foo_explicit/bar/a.py      |  1 -
 11 files changed, 11 insertions(+), 29 deletions(-)
 create mode 100644 python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.expected
 create mode 100644 python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.qlref
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-implicit-init/PointsTo.expected
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-implicit-init/PointsTo.qlref
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-implicit-init/Relative.expected
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-implicit-init/Relative.qlref
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-implicit-init/TypeTracker.expected
 delete mode 100644 python/ql/test/experimental/library-tests/CallGraph-implicit-init/TypeTracker.qlref

diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.expected b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.expected
new file mode 100644
index 00000000000..c847f9a8aa2
--- /dev/null
+++ b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.expected
@@ -0,0 +1,5 @@
+failures
+debug_callableNotUnique
+pointsTo_found_typeTracker_notFound
+| example.py:22:1:22:16 | ControlFlowNode for explicit_afunc() | explicit_afunc |
+typeTracker_found_pointsTo_notFound
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.qlref b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.qlref
new file mode 100644
index 00000000000..25117a4582b
--- /dev/null
+++ b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.qlref
@@ -0,0 +1 @@
+../CallGraph/InlineCallGraphTest.ql
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/PointsTo.expected b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/PointsTo.expected
deleted file mode 100644
index 349d99b46d8..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/PointsTo.expected
+++ /dev/null
@@ -1,6 +0,0 @@
-debug_missingAnnotationForCallable
-debug_nonUniqueAnnotationForCallable
-debug_missingAnnotationForCall
-expectedCallEdgeNotFound
-| example.py:19:1:19:7 | afunc() | foo/bar/a.py:2:1:2:12 | Function afunc |
-unexpectedCallEdgeFound
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/PointsTo.qlref b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/PointsTo.qlref
deleted file mode 100644
index da8a0d1631a..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/PointsTo.qlref
+++ /dev/null
@@ -1 +0,0 @@
-../CallGraph/PointsTo.ql
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/Relative.expected b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/Relative.expected
deleted file mode 100644
index 38aab0b5888..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/Relative.expected
+++ /dev/null
@@ -1,6 +0,0 @@
-debug_missingAnnotationForCallable
-debug_nonUniqueAnnotationForCallable
-debug_missingAnnotationForCall
-pointsTo_found_typeTracker_notFound
-| example.py:22:1:22:16 | explicit_afunc() | foo_explicit/bar/a.py:2:1:2:21 | Function explicit_afunc |
-pointsTo_notFound_typeTracker_found
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/Relative.qlref b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/Relative.qlref
deleted file mode 100644
index 2ffa6c10d51..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/Relative.qlref
+++ /dev/null
@@ -1 +0,0 @@
-../CallGraph/Relative.ql
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/TypeTracker.expected b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/TypeTracker.expected
deleted file mode 100644
index 5283683a6a5..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/TypeTracker.expected
+++ /dev/null
@@ -1,7 +0,0 @@
-debug_missingAnnotationForCallable
-debug_nonUniqueAnnotationForCallable
-debug_missingAnnotationForCall
-expectedCallEdgeNotFound
-| example.py:19:1:19:7 | afunc() | foo/bar/a.py:2:1:2:12 | Function afunc |
-| example.py:22:1:22:16 | explicit_afunc() | foo_explicit/bar/a.py:2:1:2:21 | Function explicit_afunc |
-unexpectedCallEdgeFound
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/TypeTracker.qlref b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/TypeTracker.qlref
deleted file mode 100644
index 60c029a5510..00000000000
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/TypeTracker.qlref
+++ /dev/null
@@ -1 +0,0 @@
-../CallGraph/TypeTracker.ql
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/example.py b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/example.py
index 35d56620af7..75ad8a9db11 100644
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/example.py
+++ b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/example.py
@@ -5,18 +5,18 @@ This is not included in the standard `CallGraph/code` folder, since we're testin
 understanding import work properly, so it's better to have a clean test setup that is
 obviously correct (the other one isn't in regards to imports).
 
-Technically this is part of PEP 420 -- Implicit Namespace Packages, but does use the
+Technically this is part of PEP 420 -- Implicit Namespace Packages, but does not use the
 *real* namespace package feature of allowing source code for a single package to reside
 in multiple places.
 
+Maybe this should have been an import resolution test, and not a call-graph test ¯\_(ツ)_/¯
+
 Since PEP 420 was accepted in Python 3, this test is Python 3 only.
 """
 
 from foo.bar.a import afunc
 from foo_explicit.bar.a import explicit_afunc
 
-# calls:afunc
-afunc()
+afunc() # $ MISSING: pt,tt=afunc
 
-# calls:explicit_afunc
-explicit_afunc()
+explicit_afunc() # $ pt=explicit_afunc MISSING: tt=explicit_afunc
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/foo/bar/a.py b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/foo/bar/a.py
index a294b33191e..bc639f6c537 100644
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/foo/bar/a.py
+++ b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/foo/bar/a.py
@@ -1,4 +1,3 @@
-# name:afunc
 def afunc():
   print("afunc called")
   return 1
diff --git a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/foo_explicit/bar/a.py b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/foo_explicit/bar/a.py
index 616c3fddca1..c84d63cfce2 100644
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/foo_explicit/bar/a.py
+++ b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/foo_explicit/bar/a.py
@@ -1,4 +1,3 @@
-# name:explicit_afunc
 def explicit_afunc():
   print("explicit_afunc called")
   return 1

From 16ba5b1bb5602b8deeb99b15be076c4f3c890f16 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Mon, 14 Nov 2022 12:30:16 +0100
Subject: [PATCH 028/144] Swift: update doctests

---
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalBad.swift   | 2 +-
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalGood.swift  | 2 +-
 swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalBad.swift b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalBad.swift
index 2e5b0233e79..111f8100ee2 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalBad.swift
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalBad.swift
@@ -3,4 +3,4 @@ let remoteData = try String(contentsOf: URL(string: "http://example.com/evil.jso
 
 ...
 
-_ = try await webview.evaluateJavaScript("alert(" + remoteData + ")") // BAD
+_ = try await webview.evaluateJavaScript("console.log(" + remoteData + ")") // BAD
diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalGood.swift b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalGood.swift
index a51ffd60b63..ea8f6c0d5ee 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalGood.swift
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEvalGood.swift
@@ -4,7 +4,7 @@ let remoteData = try String(contentsOf: URL(string: "http://example.com/evil.jso
 ...
 
 _ = try await webview.callAsyncJavaScript(
-    "alert(JSON.parse(data))",
+    "console.log(data)",
     arguments: ["data": remoteData], // GOOD
     contentWorld: .page
 )
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
index 36cee943b66..e65c182a4c3 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
@@ -317,10 +317,10 @@ func testQHelpExamples() {
 		let webview = WKWebView()
 		let remoteData = try String(contentsOf: URL(string: "http://example.com/evil.json")!)
 
-		_ = try await webview.evaluateJavaScript("alert(" + remoteData + ")") // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]
+		_ = try await webview.evaluateJavaScript("console.log(" + remoteData + ")") // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]
 
 		_ = try await webview.callAsyncJavaScript(
-			"alert(JSON.parse(data))",
+			"console.log(data)",
 			arguments: ["data": remoteData], // GOOD
 			contentWorld: .page
 		)

From 3e6eedec300bcd6b9f70961225d63704d3a0f220 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Mon, 14 Nov 2022 14:42:56 +0000
Subject: [PATCH 029/144] Swift: Fix test output after merge.

---
 .../Security/CWE-311/CleartextTransmission.expected    | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected b/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected
index 0ce9f3b10c7..3245aa68d4e 100644
--- a/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected
+++ b/swift/ql/test/query-tests/Security/CWE-311/CleartextTransmission.expected
@@ -1,11 +1,11 @@
 edges
+| testAlamofire.swift:150:45:150:45 | password :  | testAlamofire.swift:150:13:150:45 | ... .+(_:_:) ... |
+| testAlamofire.swift:152:51:152:51 | password :  | testAlamofire.swift:152:19:152:51 | ... .+(_:_:) ... |
+| testAlamofire.swift:154:38:154:38 | email :  | testAlamofire.swift:154:14:154:46 | ... .+(_:_:) ... |
 | testSend.swift:5:5:5:29 | [summary param] 0 in init(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(_:) :  |
 | testSend.swift:33:14:33:32 | call to init(_:) :  | testSend.swift:37:19:37:19 | data2 |
 | testSend.swift:33:19:33:19 | passwordPlain :  | testSend.swift:5:5:5:29 | [summary param] 0 in init(_:) :  |
 | testSend.swift:33:19:33:19 | passwordPlain :  | testSend.swift:33:14:33:32 | call to init(_:) :  |
-| testAlamofire.swift:150:45:150:45 | password :  | testAlamofire.swift:150:13:150:45 | ... .+(_:_:) ... |
-| testAlamofire.swift:152:51:152:51 | password :  | testAlamofire.swift:152:19:152:51 | ... .+(_:_:) ... |
-| testAlamofire.swift:154:38:154:38 | email :  | testAlamofire.swift:154:14:154:46 | ... .+(_:_:) ... |
 | testSend.swift:41:10:41:18 | data :  | testSend.swift:41:45:41:45 | data :  |
 | testSend.swift:45:13:45:13 | password :  | testSend.swift:52:27:52:27 | str1 |
 | testSend.swift:46:13:46:13 | password :  | testSend.swift:53:27:53:27 | str2 |
@@ -16,13 +16,13 @@ edges
 | testURL.swift:16:55:16:55 | credit_card_no :  | testURL.swift:16:22:16:55 | ... .+(_:_:) ... |
 nodes
 | file://:0:0:0:0 | [summary] to write: return (return) in init(_:) :  | semmle.label | [summary] to write: return (return) in init(_:) :  |
-| testSend.swift:5:5:5:29 | [summary param] 0 in init(_:) :  | semmle.label | [summary param] 0 in init(_:) :  |
 | testAlamofire.swift:150:13:150:45 | ... .+(_:_:) ... | semmle.label | ... .+(_:_:) ... |
 | testAlamofire.swift:150:45:150:45 | password :  | semmle.label | password :  |
 | testAlamofire.swift:152:19:152:51 | ... .+(_:_:) ... | semmle.label | ... .+(_:_:) ... |
 | testAlamofire.swift:152:51:152:51 | password :  | semmle.label | password :  |
 | testAlamofire.swift:154:14:154:46 | ... .+(_:_:) ... | semmle.label | ... .+(_:_:) ... |
-| testAlamofire.swift:154:38:154:38 | email :  | semmle.label | email :  |=
+| testAlamofire.swift:154:38:154:38 | email :  | semmle.label | email :  |
+| testSend.swift:5:5:5:29 | [summary param] 0 in init(_:) :  | semmle.label | [summary param] 0 in init(_:) :  |
 | testSend.swift:29:19:29:19 | passwordPlain | semmle.label | passwordPlain |
 | testSend.swift:33:14:33:32 | call to init(_:) :  | semmle.label | call to init(_:) :  |
 | testSend.swift:33:19:33:19 | passwordPlain :  | semmle.label | passwordPlain :  |

From 7ca32ee2b57faec856bc5f9be44fbc1edaa78294 Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 15 Nov 2022 11:11:36 +0100
Subject: [PATCH 030/144] Python: Fieldflow: merge assignment tests

---
 .../experimental/dataflow/fieldflow/test.py   | 72 ++++++++-----------
 1 file changed, 30 insertions(+), 42 deletions(-)

diff --git a/python/ql/test/experimental/dataflow/fieldflow/test.py b/python/ql/test/experimental/dataflow/fieldflow/test.py
index 70db8554241..f5b20daff96 100644
--- a/python/ql/test/experimental/dataflow/fieldflow/test.py
+++ b/python/ql/test/experimental/dataflow/fieldflow/test.py
@@ -39,33 +39,55 @@ class MyObj(object):
         self.foo = foo
 
 def setFoo(obj, x):
-    SINK_F(obj.foo)
     obj.foo = x
 
-@expects(2) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
+
+@expects(3) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
 def test_indirect_assign():
-    myobj = MyObj("OK")
+    myobj = MyObj(NONSOURCE)
+    SINK_F(myobj.foo)
 
     setFoo(myobj, SOURCE)
     SINK(myobj.foo) # $ flow="SOURCE, l:-1 -> myobj.foo"
 
+    setFoo(myobj, NONSOURCE)
+    SINK_F(myobj.foo) # $ SPURIOUS: flow="SOURCE, l:-4 -> myobj.foo"
 
+
+@expects(3) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
 def test_indirect_assign_method():
-    myobj = MyObj("OK")
+    myobj = MyObj(NONSOURCE)
+    SINK_F(myobj.foo)
 
     myobj.setFoo(SOURCE)
     SINK(myobj.foo) # $ flow="SOURCE, l:-1 -> myobj.foo"
 
+    myobj.setFoo(NONSOURCE)
+    SINK_F(myobj.foo) # $ SPURIOUS: flow="SOURCE, l:-4 -> myobj.foo"
 
+
+@expects(3) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
+def test_indirect_assign_bound_method():
+    myobj = MyObj(NONSOURCE)
+    SINK_F(myobj.foo)
+
+    sf = myobj.setFoo
+
+    sf(SOURCE)
+    SINK(myobj.foo) # $ MISSING: flow="SOURCE, l:-1 -> myobj.foo"
+
+    sf(NONSOURCE)
+    SINK_F(myobj.foo)
+
+
+@expects(3) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
 def test_direct_assign():
     myobj = MyObj(NONSOURCE)
+    SINK_F(myobj.foo)
+
     myobj.foo = SOURCE
     SINK(myobj.foo) # $ flow="SOURCE, l:-1 -> myobj.foo"
 
-
-def test_direct_assign_overwrite():
-    myobj = MyObj(NONSOURCE)
-    myobj.foo = SOURCE
     myobj.foo = NONSOURCE
     SINK_F(myobj.foo)
 
@@ -160,40 +182,6 @@ def test_nested_obj_method():
     a.getObj().foo = x
     SINK(a.obj.foo) # $ flow="SOURCE, l:-3 -> a.obj.foo"
 
-# ------------------------------------------------------------------------------
-# Bound Method calls
-# ------------------------------------------------------------------------------
-
-class Foo:
-    def __init__(self, x):
-        self.x = x
-
-    def update_x(self, x):
-        self.x = x
-
-@expects(7) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
-def test_bound_method_call():
-    # direct assignment
-    foo = Foo(None)
-    SINK_F(foo.x)
-    foo.x = SOURCE
-    SINK(foo.x) # $ flow="SOURCE, l:-1 -> foo.x"
-    foo.x = None
-    SINK_F(foo.x)
-
-    # assignment through function
-    foo = Foo(SOURCE)
-    SINK(foo.x) # $ flow="SOURCE, l:-1 -> foo.x"
-    foo.update_x(None)
-    SINK_F(foo.x) # $ flow="SOURCE, l:-3 -> foo.x"
-
-    # assignment through bound-method calls
-    foo = Foo(SOURCE)
-    ux = foo.update_x
-    SINK(foo.x) # $ flow="SOURCE, l:-2 -> foo.x"
-    ux(None)
-    SINK_F(foo.x) # $ SPURIOUS: flow="SOURCE, l:-4 -> foo.x"
-
 
 # ------------------------------------------------------------------------------
 # Crosstalk test -- using different function based on conditional

From 98bf3adc7245d094a9d848276098f6cad6f53241 Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Sun, 13 Nov 2022 20:35:23 +0100
Subject: [PATCH 031/144] Python: Add enclosing-callable test

---
 .../EnclosingCallable.expected                | 24 +++++++++++++++++++
 .../enclosing-callable/EnclosingCallable.ql   |  6 +++++
 .../enclosing-callable/class_example.py       |  7 ++++++
 .../dataflow/enclosing-callable/generator.py  |  2 ++
 4 files changed, 39 insertions(+)
 create mode 100644 python/ql/test/experimental/dataflow/enclosing-callable/EnclosingCallable.expected
 create mode 100644 python/ql/test/experimental/dataflow/enclosing-callable/EnclosingCallable.ql
 create mode 100644 python/ql/test/experimental/dataflow/enclosing-callable/class_example.py
 create mode 100644 python/ql/test/experimental/dataflow/enclosing-callable/generator.py

diff --git a/python/ql/test/experimental/dataflow/enclosing-callable/EnclosingCallable.expected b/python/ql/test/experimental/dataflow/enclosing-callable/EnclosingCallable.expected
new file mode 100644
index 00000000000..a1e3de562f5
--- /dev/null
+++ b/python/ql/test/experimental/dataflow/enclosing-callable/EnclosingCallable.expected
@@ -0,0 +1,24 @@
+| file://:0:0:0:0 | Function generator_func | generator.py:1:20:1:21 | ControlFlowNode for xs |
+| file://:0:0:0:0 | Function generator_func | generator.py:2:12:2:26 | ControlFlowNode for .0 |
+| file://:0:0:0:0 | Function generator_func | generator.py:2:12:2:26 | ControlFlowNode for .0 |
+| file://:0:0:0:0 | Function generator_func | generator.py:2:12:2:26 | ControlFlowNode for ListComp |
+| file://:0:0:0:0 | Function generator_func | generator.py:2:13:2:13 | ControlFlowNode for Yield |
+| file://:0:0:0:0 | Function generator_func | generator.py:2:13:2:13 | ControlFlowNode for x |
+| file://:0:0:0:0 | Function generator_func | generator.py:2:19:2:19 | ControlFlowNode for x |
+| file://:0:0:0:0 | Function generator_func | generator.py:2:24:2:25 | ControlFlowNode for xs |
+| file://:0:0:0:0 | Module class_example | class_example.py:1:1:1:3 | ControlFlowNode for wat |
+| file://:0:0:0:0 | Module class_example | class_example.py:1:7:1:7 | ControlFlowNode for IntegerLiteral |
+| file://:0:0:0:0 | Module class_example | class_example.py:3:1:3:10 | ControlFlowNode for ClassExpr |
+| file://:0:0:0:0 | Module class_example | class_example.py:3:7:3:9 | ControlFlowNode for Wat |
+| file://:0:0:0:0 | Module class_example | class_example.py:4:5:4:7 | ControlFlowNode for wat |
+| file://:0:0:0:0 | Module class_example | class_example.py:4:11:4:11 | ControlFlowNode for IntegerLiteral |
+| file://:0:0:0:0 | Module class_example | class_example.py:5:5:5:9 | ControlFlowNode for print |
+| file://:0:0:0:0 | Module class_example | class_example.py:5:5:5:26 | ControlFlowNode for print() |
+| file://:0:0:0:0 | Module class_example | class_example.py:5:11:5:20 | ControlFlowNode for Str |
+| file://:0:0:0:0 | Module class_example | class_example.py:5:23:5:25 | ControlFlowNode for wat |
+| file://:0:0:0:0 | Module class_example | class_example.py:7:1:7:5 | ControlFlowNode for print |
+| file://:0:0:0:0 | Module class_example | class_example.py:7:1:7:23 | ControlFlowNode for print() |
+| file://:0:0:0:0 | Module class_example | class_example.py:7:7:7:17 | ControlFlowNode for Str |
+| file://:0:0:0:0 | Module class_example | class_example.py:7:20:7:22 | ControlFlowNode for wat |
+| file://:0:0:0:0 | Module generator | generator.py:1:1:1:23 | ControlFlowNode for FunctionExpr |
+| file://:0:0:0:0 | Module generator | generator.py:1:5:1:18 | ControlFlowNode for generator_func |
diff --git a/python/ql/test/experimental/dataflow/enclosing-callable/EnclosingCallable.ql b/python/ql/test/experimental/dataflow/enclosing-callable/EnclosingCallable.ql
new file mode 100644
index 00000000000..1fa6a8ffc54
--- /dev/null
+++ b/python/ql/test/experimental/dataflow/enclosing-callable/EnclosingCallable.ql
@@ -0,0 +1,6 @@
+import python
+import semmle.python.dataflow.new.DataFlow
+
+from DataFlow::CfgNode node
+where exists(node.getLocation().getFile().getRelativePath())
+select node.getEnclosingCallable() as enclosingCallable, node
diff --git a/python/ql/test/experimental/dataflow/enclosing-callable/class_example.py b/python/ql/test/experimental/dataflow/enclosing-callable/class_example.py
new file mode 100644
index 00000000000..389b293d2bd
--- /dev/null
+++ b/python/ql/test/experimental/dataflow/enclosing-callable/class_example.py
@@ -0,0 +1,7 @@
+wat = 1
+
+class Wat:
+    wat = 2
+    print("in class", wat) # prints 2
+
+print("in module", wat) # prints 1
diff --git a/python/ql/test/experimental/dataflow/enclosing-callable/generator.py b/python/ql/test/experimental/dataflow/enclosing-callable/generator.py
new file mode 100644
index 00000000000..56b6202abd7
--- /dev/null
+++ b/python/ql/test/experimental/dataflow/enclosing-callable/generator.py
@@ -0,0 +1,2 @@
+def generator_func(xs):
+    return [x for x in xs]

From e886b53a947ddce06437dfa1ac06e3ba1250c2f2 Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 15 Nov 2022 11:16:10 +0100
Subject: [PATCH 032/144] Python: CallGraph tests: remove rest of old
 annotations

---
 .../CallGraph/InlineCallGraphTest.expected             | 10 +++++-----
 .../library-tests/CallGraph/code/class_simple.py       |  8 --------
 2 files changed, 5 insertions(+), 13 deletions(-)

diff --git a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected
index 975ac22dd2d..02d08ac4c81 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected
+++ b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected
@@ -3,11 +3,11 @@ debug_callableNotUnique
 | code/class_advanced.py:18:5:18:18 | Function arg | Qualified function name 'B.arg' is not unique. Please fix. |
 | code/class_advanced.py:23:5:23:25 | Function arg | Qualified function name 'B.arg' is not unique. Please fix. |
 pointsTo_found_typeTracker_notFound
-| code/class_simple.py:28:1:28:15 | ControlFlowNode for Attribute() | A.some_method |
-| code/class_simple.py:30:1:30:21 | ControlFlowNode for Attribute() | A.some_staticmethod |
-| code/class_simple.py:32:1:32:20 | ControlFlowNode for Attribute() | A.some_classmethod |
-| code/class_simple.py:35:1:35:21 | ControlFlowNode for Attribute() | A.some_staticmethod |
-| code/class_simple.py:37:1:37:20 | ControlFlowNode for Attribute() | A.some_classmethod |
+| code/class_simple.py:24:1:24:15 | ControlFlowNode for Attribute() | A.some_method |
+| code/class_simple.py:25:1:25:21 | ControlFlowNode for Attribute() | A.some_staticmethod |
+| code/class_simple.py:26:1:26:20 | ControlFlowNode for Attribute() | A.some_classmethod |
+| code/class_simple.py:28:1:28:21 | ControlFlowNode for Attribute() | A.some_staticmethod |
+| code/class_simple.py:29:1:29:20 | ControlFlowNode for Attribute() | A.some_classmethod |
 | code/runtime_decision.py:18:1:18:6 | ControlFlowNode for func() | rd_bar |
 | code/runtime_decision.py:18:1:18:6 | ControlFlowNode for func() | rd_foo |
 | code/runtime_decision.py:26:1:26:7 | ControlFlowNode for func2() | rd_bar |
diff --git a/python/ql/test/experimental/library-tests/CallGraph/code/class_simple.py b/python/ql/test/experimental/library-tests/CallGraph/code/class_simple.py
index a679cc5e25c..f201e648e3a 100644
--- a/python/ql/test/experimental/library-tests/CallGraph/code/class_simple.py
+++ b/python/ql/test/experimental/library-tests/CallGraph/code/class_simple.py
@@ -4,17 +4,14 @@ class A(object):
         print('A.__init__', arg)
         self.arg = arg
 
-    # name:A.some_method
     def some_method(self):
         print('A.some_method', self)
 
     @staticmethod
-    # name:A.some_staticmethod
     def some_staticmethod():
         print('A.some_staticmethod')
 
     @classmethod
-    # name:A.some_classmethod
     def some_classmethod(cls):
         print('A.some_classmethod', cls)
 
@@ -24,14 +21,9 @@ class A(object):
 # However, current test setup uses "callable" for naming, and expects things to be Function.
 a = A(42)
 
-# calls:A.some_method
 a.some_method() # $ pt=A.some_method
-# calls:A.some_staticmethod
 a.some_staticmethod() # $ pt=A.some_staticmethod
-# calls:A.some_classmethod
 a.some_classmethod() # $ pt=A.some_classmethod
 
-# calls:A.some_staticmethod
 A.some_staticmethod() # $ pt=A.some_staticmethod
-# calls:A.some_classmethod
 A.some_classmethod() # $ pt=A.some_classmethod

From 9b38e1102a7f2e2743c7b8cafe9a661ea18e8cdf Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Mon, 14 Nov 2022 17:31:29 +0000
Subject: [PATCH 033/144] Swift: Add more tests of optionals.

---
 .../dataflow/dataflow/DataFlow.expected       | 123 +++++++++--------
 .../dataflow/dataflow/LocalFlow.expected      | 130 +++++++++++-------
 .../dataflow/dataflow/test.swift              |  49 +++++--
 3 files changed, 182 insertions(+), 120 deletions(-)

diff --git a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
index c4e0a7a01e6..0f55b0155c3 100644
--- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
+++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
@@ -100,29 +100,30 @@ edges
 | test.swift:225:14:225:21 | call to source() :  | test.swift:235:13:235:15 | .source_value |
 | test.swift:225:14:225:21 | call to source() :  | test.swift:238:13:238:15 | .source_value |
 | test.swift:259:12:259:19 | call to source() :  | test.swift:263:13:263:28 | call to optionalSource() :  |
-| test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:264:15:264:16 | ...! |
-| test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:266:15:266:16 | ...? :  |
-| test.swift:265:15:265:22 | call to source() :  | file://:0:0:0:0 | [summary param] this in signum() :  |
-| test.swift:265:15:265:22 | call to source() :  | test.swift:265:15:265:31 | call to signum() |
-| test.swift:266:15:266:16 | ...? :  | file://:0:0:0:0 | [summary param] this in signum() :  |
-| test.swift:266:15:266:16 | ...? :  | test.swift:266:15:266:25 | call to signum() :  |
-| test.swift:266:15:266:25 | call to signum() :  | test.swift:266:15:266:25 | OptionalEvaluationExpr |
-| test.swift:277:14:277:26 | (...) [Tuple element at index 1] :  | test.swift:281:15:281:15 | t1 [Tuple element at index 1] :  |
-| test.swift:277:18:277:25 | call to source() :  | test.swift:277:14:277:26 | (...) [Tuple element at index 1] :  |
-| test.swift:281:15:281:15 | t1 [Tuple element at index 1] :  | test.swift:281:15:281:18 | .1 |
-| test.swift:289:5:289:5 | [post] t1 [Tuple element at index 0] :  | test.swift:292:15:292:15 | t1 [Tuple element at index 0] :  |
-| test.swift:289:12:289:19 | call to source() :  | test.swift:289:5:289:5 | [post] t1 [Tuple element at index 0] :  |
-| test.swift:292:15:292:15 | t1 [Tuple element at index 0] :  | test.swift:292:15:292:18 | .0 |
-| test.swift:297:14:297:45 | (...) [Tuple element at index 0] :  | test.swift:302:15:302:15 | t1 [Tuple element at index 0] :  |
-| test.swift:297:14:297:45 | (...) [Tuple element at index 0] :  | test.swift:306:15:306:15 | t2 [Tuple element at index 0] :  |
-| test.swift:297:14:297:45 | (...) [Tuple element at index 1] :  | test.swift:303:15:303:15 | t1 [Tuple element at index 1] :  |
-| test.swift:297:14:297:45 | (...) [Tuple element at index 1] :  | test.swift:307:15:307:15 | t2 [Tuple element at index 1] :  |
-| test.swift:297:18:297:25 | call to source() :  | test.swift:297:14:297:45 | (...) [Tuple element at index 0] :  |
-| test.swift:297:31:297:38 | call to source() :  | test.swift:297:14:297:45 | (...) [Tuple element at index 1] :  |
-| test.swift:302:15:302:15 | t1 [Tuple element at index 0] :  | test.swift:302:15:302:18 | .0 |
-| test.swift:303:15:303:15 | t1 [Tuple element at index 1] :  | test.swift:303:15:303:18 | .1 |
-| test.swift:306:15:306:15 | t2 [Tuple element at index 0] :  | test.swift:306:15:306:18 | .0 |
-| test.swift:307:15:307:15 | t2 [Tuple element at index 1] :  | test.swift:307:15:307:18 | .1 |
+| test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:265:15:265:15 | x |
+| test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:267:15:267:16 | ...! |
+| test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:271:15:271:16 | ...? :  |
+| test.swift:270:15:270:22 | call to source() :  | file://:0:0:0:0 | [summary param] this in signum() :  |
+| test.swift:270:15:270:22 | call to source() :  | test.swift:270:15:270:31 | call to signum() |
+| test.swift:271:15:271:16 | ...? :  | file://:0:0:0:0 | [summary param] this in signum() :  |
+| test.swift:271:15:271:16 | ...? :  | test.swift:271:15:271:25 | call to signum() :  |
+| test.swift:271:15:271:25 | call to signum() :  | test.swift:271:15:271:25 | OptionalEvaluationExpr |
+| test.swift:302:14:302:26 | (...) [Tuple element at index 1] :  | test.swift:306:15:306:15 | t1 [Tuple element at index 1] :  |
+| test.swift:302:18:302:25 | call to source() :  | test.swift:302:14:302:26 | (...) [Tuple element at index 1] :  |
+| test.swift:306:15:306:15 | t1 [Tuple element at index 1] :  | test.swift:306:15:306:18 | .1 |
+| test.swift:314:5:314:5 | [post] t1 [Tuple element at index 0] :  | test.swift:317:15:317:15 | t1 [Tuple element at index 0] :  |
+| test.swift:314:12:314:19 | call to source() :  | test.swift:314:5:314:5 | [post] t1 [Tuple element at index 0] :  |
+| test.swift:317:15:317:15 | t1 [Tuple element at index 0] :  | test.swift:317:15:317:18 | .0 |
+| test.swift:322:14:322:45 | (...) [Tuple element at index 0] :  | test.swift:327:15:327:15 | t1 [Tuple element at index 0] :  |
+| test.swift:322:14:322:45 | (...) [Tuple element at index 0] :  | test.swift:331:15:331:15 | t2 [Tuple element at index 0] :  |
+| test.swift:322:14:322:45 | (...) [Tuple element at index 1] :  | test.swift:328:15:328:15 | t1 [Tuple element at index 1] :  |
+| test.swift:322:14:322:45 | (...) [Tuple element at index 1] :  | test.swift:332:15:332:15 | t2 [Tuple element at index 1] :  |
+| test.swift:322:18:322:25 | call to source() :  | test.swift:322:14:322:45 | (...) [Tuple element at index 0] :  |
+| test.swift:322:31:322:38 | call to source() :  | test.swift:322:14:322:45 | (...) [Tuple element at index 1] :  |
+| test.swift:327:15:327:15 | t1 [Tuple element at index 0] :  | test.swift:327:15:327:18 | .0 |
+| test.swift:328:15:328:15 | t1 [Tuple element at index 1] :  | test.swift:328:15:328:18 | .1 |
+| test.swift:331:15:331:15 | t2 [Tuple element at index 0] :  | test.swift:331:15:331:18 | .0 |
+| test.swift:332:15:332:15 | t2 [Tuple element at index 1] :  | test.swift:332:15:332:18 | .1 |
 nodes
 | file://:0:0:0:0 | .a [x] :  | semmle.label | .a [x] :  |
 | file://:0:0:0:0 | .x :  | semmle.label | .x :  |
@@ -237,32 +238,33 @@ nodes
 | test.swift:238:13:238:15 | .source_value | semmle.label | .source_value |
 | test.swift:259:12:259:19 | call to source() :  | semmle.label | call to source() :  |
 | test.swift:263:13:263:28 | call to optionalSource() :  | semmle.label | call to optionalSource() :  |
-| test.swift:264:15:264:16 | ...! | semmle.label | ...! |
-| test.swift:265:15:265:22 | call to source() :  | semmle.label | call to source() :  |
-| test.swift:265:15:265:31 | call to signum() | semmle.label | call to signum() |
-| test.swift:266:15:266:16 | ...? :  | semmle.label | ...? :  |
-| test.swift:266:15:266:25 | OptionalEvaluationExpr | semmle.label | OptionalEvaluationExpr |
-| test.swift:266:15:266:25 | call to signum() :  | semmle.label | call to signum() :  |
-| test.swift:277:14:277:26 | (...) [Tuple element at index 1] :  | semmle.label | (...) [Tuple element at index 1] :  |
-| test.swift:277:18:277:25 | call to source() :  | semmle.label | call to source() :  |
-| test.swift:281:15:281:15 | t1 [Tuple element at index 1] :  | semmle.label | t1 [Tuple element at index 1] :  |
-| test.swift:281:15:281:18 | .1 | semmle.label | .1 |
-| test.swift:289:5:289:5 | [post] t1 [Tuple element at index 0] :  | semmle.label | [post] t1 [Tuple element at index 0] :  |
-| test.swift:289:12:289:19 | call to source() :  | semmle.label | call to source() :  |
-| test.swift:292:15:292:15 | t1 [Tuple element at index 0] :  | semmle.label | t1 [Tuple element at index 0] :  |
-| test.swift:292:15:292:18 | .0 | semmle.label | .0 |
-| test.swift:297:14:297:45 | (...) [Tuple element at index 0] :  | semmle.label | (...) [Tuple element at index 0] :  |
-| test.swift:297:14:297:45 | (...) [Tuple element at index 1] :  | semmle.label | (...) [Tuple element at index 1] :  |
-| test.swift:297:18:297:25 | call to source() :  | semmle.label | call to source() :  |
-| test.swift:297:31:297:38 | call to source() :  | semmle.label | call to source() :  |
-| test.swift:302:15:302:15 | t1 [Tuple element at index 0] :  | semmle.label | t1 [Tuple element at index 0] :  |
-| test.swift:302:15:302:18 | .0 | semmle.label | .0 |
-| test.swift:303:15:303:15 | t1 [Tuple element at index 1] :  | semmle.label | t1 [Tuple element at index 1] :  |
-| test.swift:303:15:303:18 | .1 | semmle.label | .1 |
-| test.swift:306:15:306:15 | t2 [Tuple element at index 0] :  | semmle.label | t2 [Tuple element at index 0] :  |
-| test.swift:306:15:306:18 | .0 | semmle.label | .0 |
-| test.swift:307:15:307:15 | t2 [Tuple element at index 1] :  | semmle.label | t2 [Tuple element at index 1] :  |
-| test.swift:307:15:307:18 | .1 | semmle.label | .1 |
+| test.swift:265:15:265:15 | x | semmle.label | x |
+| test.swift:267:15:267:16 | ...! | semmle.label | ...! |
+| test.swift:270:15:270:22 | call to source() :  | semmle.label | call to source() :  |
+| test.swift:270:15:270:31 | call to signum() | semmle.label | call to signum() |
+| test.swift:271:15:271:16 | ...? :  | semmle.label | ...? :  |
+| test.swift:271:15:271:25 | OptionalEvaluationExpr | semmle.label | OptionalEvaluationExpr |
+| test.swift:271:15:271:25 | call to signum() :  | semmle.label | call to signum() :  |
+| test.swift:302:14:302:26 | (...) [Tuple element at index 1] :  | semmle.label | (...) [Tuple element at index 1] :  |
+| test.swift:302:18:302:25 | call to source() :  | semmle.label | call to source() :  |
+| test.swift:306:15:306:15 | t1 [Tuple element at index 1] :  | semmle.label | t1 [Tuple element at index 1] :  |
+| test.swift:306:15:306:18 | .1 | semmle.label | .1 |
+| test.swift:314:5:314:5 | [post] t1 [Tuple element at index 0] :  | semmle.label | [post] t1 [Tuple element at index 0] :  |
+| test.swift:314:12:314:19 | call to source() :  | semmle.label | call to source() :  |
+| test.swift:317:15:317:15 | t1 [Tuple element at index 0] :  | semmle.label | t1 [Tuple element at index 0] :  |
+| test.swift:317:15:317:18 | .0 | semmle.label | .0 |
+| test.swift:322:14:322:45 | (...) [Tuple element at index 0] :  | semmle.label | (...) [Tuple element at index 0] :  |
+| test.swift:322:14:322:45 | (...) [Tuple element at index 1] :  | semmle.label | (...) [Tuple element at index 1] :  |
+| test.swift:322:18:322:25 | call to source() :  | semmle.label | call to source() :  |
+| test.swift:322:31:322:38 | call to source() :  | semmle.label | call to source() :  |
+| test.swift:327:15:327:15 | t1 [Tuple element at index 0] :  | semmle.label | t1 [Tuple element at index 0] :  |
+| test.swift:327:15:327:18 | .0 | semmle.label | .0 |
+| test.swift:328:15:328:15 | t1 [Tuple element at index 1] :  | semmle.label | t1 [Tuple element at index 1] :  |
+| test.swift:328:15:328:18 | .1 | semmle.label | .1 |
+| test.swift:331:15:331:15 | t2 [Tuple element at index 0] :  | semmle.label | t2 [Tuple element at index 0] :  |
+| test.swift:331:15:331:18 | .0 | semmle.label | .0 |
+| test.swift:332:15:332:15 | t2 [Tuple element at index 1] :  | semmle.label | t2 [Tuple element at index 1] :  |
+| test.swift:332:15:332:18 | .1 | semmle.label | .1 |
 subpaths
 | test.swift:75:21:75:22 | &... :  | test.swift:65:16:65:28 | arg1 :  | test.swift:65:1:70:1 | arg2[return] :  | test.swift:75:31:75:32 | [post] &... :  |
 | test.swift:114:19:114:19 | arg :  | test.swift:109:9:109:14 | arg :  | test.swift:110:12:110:12 | arg :  | test.swift:114:12:114:22 | call to ... :  |
@@ -289,8 +291,8 @@ subpaths
 | test.swift:218:11:218:18 | call to source() :  | test.swift:169:12:169:22 | value :  | test.swift:170:5:170:5 | [post] self [x] :  | test.swift:218:3:218:5 | [post] getter for .a [x] :  |
 | test.swift:219:13:219:13 | b [a, x] :  | test.swift:185:7:185:7 | self [a, x] :  | file://:0:0:0:0 | .a [x] :  | test.swift:219:13:219:15 | .a [x] :  |
 | test.swift:219:13:219:15 | .a [x] :  | test.swift:163:7:163:7 | self [x] :  | file://:0:0:0:0 | .x :  | test.swift:219:13:219:17 | .x |
-| test.swift:265:15:265:22 | call to source() :  | file://:0:0:0:0 | [summary param] this in signum() :  | file://:0:0:0:0 | [summary] to write: return (return) in signum() :  | test.swift:265:15:265:31 | call to signum() |
-| test.swift:266:15:266:16 | ...? :  | file://:0:0:0:0 | [summary param] this in signum() :  | file://:0:0:0:0 | [summary] to write: return (return) in signum() :  | test.swift:266:15:266:25 | call to signum() :  |
+| test.swift:270:15:270:22 | call to source() :  | file://:0:0:0:0 | [summary param] this in signum() :  | file://:0:0:0:0 | [summary] to write: return (return) in signum() :  | test.swift:270:15:270:31 | call to signum() |
+| test.swift:271:15:271:16 | ...? :  | file://:0:0:0:0 | [summary param] this in signum() :  | file://:0:0:0:0 | [summary] to write: return (return) in signum() :  | test.swift:271:15:271:25 | call to signum() :  |
 #select
 | test.swift:7:15:7:15 | t1 | test.swift:6:19:6:26 | call to source() :  | test.swift:7:15:7:15 | t1 | result |
 | test.swift:9:15:9:15 | t1 | test.swift:6:19:6:26 | call to source() :  | test.swift:9:15:9:15 | t1 | result |
@@ -320,12 +322,13 @@ subpaths
 | test.swift:219:13:219:17 | .x | test.swift:218:11:218:18 | call to source() :  | test.swift:219:13:219:17 | .x | result |
 | test.swift:235:13:235:15 | .source_value | test.swift:225:14:225:21 | call to source() :  | test.swift:235:13:235:15 | .source_value | result |
 | test.swift:238:13:238:15 | .source_value | test.swift:225:14:225:21 | call to source() :  | test.swift:238:13:238:15 | .source_value | result |
-| test.swift:264:15:264:16 | ...! | test.swift:259:12:259:19 | call to source() :  | test.swift:264:15:264:16 | ...! | result |
-| test.swift:265:15:265:31 | call to signum() | test.swift:265:15:265:22 | call to source() :  | test.swift:265:15:265:31 | call to signum() | result |
-| test.swift:266:15:266:25 | OptionalEvaluationExpr | test.swift:259:12:259:19 | call to source() :  | test.swift:266:15:266:25 | OptionalEvaluationExpr | result |
-| test.swift:281:15:281:18 | .1 | test.swift:277:18:277:25 | call to source() :  | test.swift:281:15:281:18 | .1 | result |
-| test.swift:292:15:292:18 | .0 | test.swift:289:12:289:19 | call to source() :  | test.swift:292:15:292:18 | .0 | result |
-| test.swift:302:15:302:18 | .0 | test.swift:297:18:297:25 | call to source() :  | test.swift:302:15:302:18 | .0 | result |
-| test.swift:303:15:303:18 | .1 | test.swift:297:31:297:38 | call to source() :  | test.swift:303:15:303:18 | .1 | result |
-| test.swift:306:15:306:18 | .0 | test.swift:297:18:297:25 | call to source() :  | test.swift:306:15:306:18 | .0 | result |
-| test.swift:307:15:307:18 | .1 | test.swift:297:31:297:38 | call to source() :  | test.swift:307:15:307:18 | .1 | result |
+| test.swift:265:15:265:15 | x | test.swift:259:12:259:19 | call to source() :  | test.swift:265:15:265:15 | x | result |
+| test.swift:267:15:267:16 | ...! | test.swift:259:12:259:19 | call to source() :  | test.swift:267:15:267:16 | ...! | result |
+| test.swift:270:15:270:31 | call to signum() | test.swift:270:15:270:22 | call to source() :  | test.swift:270:15:270:31 | call to signum() | result |
+| test.swift:271:15:271:25 | OptionalEvaluationExpr | test.swift:259:12:259:19 | call to source() :  | test.swift:271:15:271:25 | OptionalEvaluationExpr | result |
+| test.swift:306:15:306:18 | .1 | test.swift:302:18:302:25 | call to source() :  | test.swift:306:15:306:18 | .1 | result |
+| test.swift:317:15:317:18 | .0 | test.swift:314:12:314:19 | call to source() :  | test.swift:317:15:317:18 | .0 | result |
+| test.swift:327:15:327:18 | .0 | test.swift:322:18:322:25 | call to source() :  | test.swift:327:15:327:18 | .0 | result |
+| test.swift:328:15:328:18 | .1 | test.swift:322:31:322:38 | call to source() :  | test.swift:328:15:328:18 | .1 | result |
+| test.swift:331:15:331:18 | .0 | test.swift:322:18:322:25 | call to source() :  | test.swift:331:15:331:18 | .0 | result |
+| test.swift:332:15:332:18 | .1 | test.swift:322:31:322:38 | call to source() :  | test.swift:332:15:332:18 | .1 | result |
diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
index 987d7073b87..91709720aa2 100644
--- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
+++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
@@ -184,52 +184,86 @@
 | test.swift:247:9:247:9 | [post] self | test.swift:246:5:248:5 | self[return] |
 | test.swift:247:9:247:9 | self | test.swift:246:5:248:5 | self[return] |
 | test.swift:252:23:252:23 | value | test.swift:252:23:252:23 | WriteDef |
-| test.swift:263:9:263:9 | WriteDef | test.swift:264:15:264:15 | x |
+| test.swift:262:21:262:27 | WriteDef | test.swift:266:15:266:15 | y |
+| test.swift:262:21:262:27 | y | test.swift:262:21:262:27 | WriteDef |
+| test.swift:263:9:263:9 | WriteDef | test.swift:265:15:265:15 | x |
 | test.swift:263:13:263:28 | call to optionalSource() | test.swift:263:9:263:9 | WriteDef |
-| test.swift:264:15:264:15 | x | test.swift:264:15:264:16 | ...! |
-| test.swift:264:15:264:15 | x | test.swift:266:15:266:15 | x |
-| test.swift:266:15:266:15 | x | test.swift:266:15:266:16 | ...? |
-| test.swift:266:15:266:15 | x | test.swift:267:15:267:15 | x |
-| test.swift:266:15:266:25 | call to signum() | test.swift:266:15:266:25 | OptionalEvaluationExpr |
-| test.swift:267:15:267:15 | x | test.swift:268:16:268:16 | x |
-| test.swift:277:9:277:9 | WriteDef | test.swift:279:15:279:15 | t1 |
-| test.swift:277:14:277:26 | (...) | test.swift:277:9:277:9 | WriteDef |
-| test.swift:279:15:279:15 | t1 | test.swift:280:15:280:15 | t1 |
-| test.swift:280:15:280:15 | [post] t1 | test.swift:281:15:281:15 | t1 |
-| test.swift:280:15:280:15 | t1 | test.swift:281:15:281:15 | t1 |
-| test.swift:281:15:281:15 | [post] t1 | test.swift:283:5:283:5 | t1 |
-| test.swift:281:15:281:15 | t1 | test.swift:283:5:283:5 | t1 |
-| test.swift:283:5:283:5 | [post] t1 | test.swift:285:15:285:15 | t1 |
-| test.swift:283:5:283:5 | t1 | test.swift:285:15:285:15 | t1 |
-| test.swift:285:15:285:15 | t1 | test.swift:286:15:286:15 | t1 |
-| test.swift:286:15:286:15 | [post] t1 | test.swift:287:15:287:15 | t1 |
-| test.swift:286:15:286:15 | t1 | test.swift:287:15:287:15 | t1 |
-| test.swift:287:15:287:15 | [post] t1 | test.swift:289:5:289:5 | t1 |
-| test.swift:287:15:287:15 | t1 | test.swift:289:5:289:5 | t1 |
-| test.swift:289:5:289:5 | [post] t1 | test.swift:291:15:291:15 | t1 |
-| test.swift:289:5:289:5 | t1 | test.swift:291:15:291:15 | t1 |
-| test.swift:291:15:291:15 | t1 | test.swift:292:15:292:15 | t1 |
-| test.swift:292:15:292:15 | [post] t1 | test.swift:293:15:293:15 | t1 |
-| test.swift:292:15:292:15 | t1 | test.swift:293:15:293:15 | t1 |
-| test.swift:297:9:297:9 | WriteDef | test.swift:298:14:298:14 | t1 |
-| test.swift:297:14:297:45 | (...) | test.swift:297:9:297:9 | WriteDef |
-| test.swift:298:9:298:9 | WriteDef | test.swift:305:15:305:15 | t2 |
-| test.swift:298:14:298:14 | t1 | test.swift:298:9:298:9 | WriteDef |
-| test.swift:298:14:298:14 | t1 | test.swift:299:21:299:21 | t1 |
-| test.swift:299:9:299:17 | WriteDef | test.swift:309:15:309:15 | a |
-| test.swift:299:9:299:17 | WriteDef | test.swift:310:15:310:15 | b |
-| test.swift:299:9:299:17 | WriteDef | test.swift:311:15:311:15 | c |
-| test.swift:299:21:299:21 | t1 | test.swift:299:9:299:17 | WriteDef |
-| test.swift:299:21:299:21 | t1 | test.swift:299:9:299:17 | WriteDef |
-| test.swift:299:21:299:21 | t1 | test.swift:299:9:299:17 | WriteDef |
-| test.swift:299:21:299:21 | t1 | test.swift:301:15:301:15 | t1 |
-| test.swift:301:15:301:15 | t1 | test.swift:302:15:302:15 | t1 |
-| test.swift:302:15:302:15 | [post] t1 | test.swift:303:15:303:15 | t1 |
-| test.swift:302:15:302:15 | t1 | test.swift:303:15:303:15 | t1 |
-| test.swift:303:15:303:15 | [post] t1 | test.swift:304:15:304:15 | t1 |
-| test.swift:303:15:303:15 | t1 | test.swift:304:15:304:15 | t1 |
-| test.swift:305:15:305:15 | t2 | test.swift:306:15:306:15 | t2 |
-| test.swift:306:15:306:15 | [post] t2 | test.swift:307:15:307:15 | t2 |
-| test.swift:306:15:306:15 | t2 | test.swift:307:15:307:15 | t2 |
-| test.swift:307:15:307:15 | [post] t2 | test.swift:308:15:308:15 | t2 |
-| test.swift:307:15:307:15 | t2 | test.swift:308:15:308:15 | t2 |
+| test.swift:265:15:265:15 | x | test.swift:267:15:267:15 | x |
+| test.swift:266:15:266:15 | y | test.swift:268:15:268:15 | y |
+| test.swift:267:15:267:15 | x | test.swift:267:15:267:16 | ...! |
+| test.swift:267:15:267:15 | x | test.swift:271:15:271:15 | x |
+| test.swift:268:15:268:15 | y | test.swift:268:15:268:16 | ...! |
+| test.swift:268:15:268:15 | y | test.swift:272:15:272:15 | y |
+| test.swift:271:15:271:15 | x | test.swift:271:15:271:16 | ...? |
+| test.swift:271:15:271:15 | x | test.swift:274:15:274:15 | x |
+| test.swift:271:15:271:25 | call to signum() | test.swift:271:15:271:25 | OptionalEvaluationExpr |
+| test.swift:272:15:272:15 | y | test.swift:272:15:272:16 | ...? |
+| test.swift:272:15:272:15 | y | test.swift:276:15:276:15 | y |
+| test.swift:272:15:272:25 | call to signum() | test.swift:272:15:272:25 | OptionalEvaluationExpr |
+| test.swift:274:15:274:15 | x | test.swift:275:15:275:15 | x |
+| test.swift:275:15:275:15 | x | test.swift:279:15:279:15 | x |
+| test.swift:276:15:276:15 | y | test.swift:277:15:277:15 | y |
+| test.swift:277:15:277:15 | y | test.swift:281:15:281:15 | y |
+| test.swift:279:15:279:15 | x | test.swift:279:26:279:26 | x |
+| test.swift:279:15:279:15 | x | test.swift:280:15:280:15 | x |
+| test.swift:279:26:279:26 | x | test.swift:279:26:279:27 | ...! |
+| test.swift:279:26:279:26 | x | test.swift:280:15:280:15 | x |
+| test.swift:280:15:280:15 | x | test.swift:280:26:280:26 | x |
+| test.swift:280:15:280:15 | x | test.swift:284:16:284:16 | x |
+| test.swift:280:26:280:26 | x | test.swift:280:26:280:27 | ...! |
+| test.swift:280:26:280:26 | x | test.swift:284:16:284:16 | x |
+| test.swift:281:15:281:15 | y | test.swift:281:26:281:26 | y |
+| test.swift:281:15:281:15 | y | test.swift:282:15:282:15 | y |
+| test.swift:281:26:281:26 | y | test.swift:281:26:281:27 | ...! |
+| test.swift:281:26:281:26 | y | test.swift:282:15:282:15 | y |
+| test.swift:282:15:282:15 | y | test.swift:282:26:282:26 | y |
+| test.swift:282:15:282:15 | y | test.swift:287:16:287:16 | y |
+| test.swift:282:26:282:26 | y | test.swift:282:26:282:27 | ...! |
+| test.swift:282:26:282:26 | y | test.swift:287:16:287:16 | y |
+| test.swift:284:16:284:16 | x | test.swift:290:16:290:16 | x |
+| test.swift:287:16:287:16 | y | test.swift:293:16:293:16 | y |
+| test.swift:290:16:290:16 | x | test.swift:290:16:290:17 | ...? |
+| test.swift:290:16:290:26 | call to signum() | test.swift:290:16:290:26 | OptionalEvaluationExpr |
+| test.swift:293:16:293:16 | y | test.swift:293:16:293:17 | ...? |
+| test.swift:293:16:293:26 | call to signum() | test.swift:293:16:293:26 | OptionalEvaluationExpr |
+| test.swift:304:9:304:9 | WriteDef | test.swift:306:15:306:15 | t1 |
+| test.swift:304:14:304:26 | (...) | test.swift:304:9:304:9 | WriteDef |
+| test.swift:306:15:306:15 | t1 | test.swift:307:15:307:15 | t1 |
+| test.swift:307:15:307:15 | [post] t1 | test.swift:308:15:308:15 | t1 |
+| test.swift:307:15:307:15 | t1 | test.swift:308:15:308:15 | t1 |
+| test.swift:308:15:308:15 | [post] t1 | test.swift:310:5:310:5 | t1 |
+| test.swift:308:15:308:15 | t1 | test.swift:310:5:310:5 | t1 |
+| test.swift:310:5:310:5 | [post] t1 | test.swift:312:15:312:15 | t1 |
+| test.swift:310:5:310:5 | t1 | test.swift:312:15:312:15 | t1 |
+| test.swift:312:15:312:15 | t1 | test.swift:313:15:313:15 | t1 |
+| test.swift:313:15:313:15 | [post] t1 | test.swift:314:15:314:15 | t1 |
+| test.swift:313:15:313:15 | t1 | test.swift:314:15:314:15 | t1 |
+| test.swift:314:15:314:15 | [post] t1 | test.swift:316:5:316:5 | t1 |
+| test.swift:314:15:314:15 | t1 | test.swift:316:5:316:5 | t1 |
+| test.swift:316:5:316:5 | [post] t1 | test.swift:318:15:318:15 | t1 |
+| test.swift:316:5:316:5 | t1 | test.swift:318:15:318:15 | t1 |
+| test.swift:318:15:318:15 | t1 | test.swift:319:15:319:15 | t1 |
+| test.swift:319:15:319:15 | [post] t1 | test.swift:320:15:320:15 | t1 |
+| test.swift:319:15:319:15 | t1 | test.swift:320:15:320:15 | t1 |
+| test.swift:324:9:324:9 | WriteDef | test.swift:325:14:325:14 | t1 |
+| test.swift:324:14:324:45 | (...) | test.swift:324:9:324:9 | WriteDef |
+| test.swift:325:9:325:9 | WriteDef | test.swift:332:15:332:15 | t2 |
+| test.swift:325:14:325:14 | t1 | test.swift:325:9:325:9 | WriteDef |
+| test.swift:325:14:325:14 | t1 | test.swift:326:21:326:21 | t1 |
+| test.swift:326:9:326:17 | WriteDef | test.swift:336:15:336:15 | a |
+| test.swift:326:9:326:17 | WriteDef | test.swift:337:15:337:15 | b |
+| test.swift:326:9:326:17 | WriteDef | test.swift:338:15:338:15 | c |
+| test.swift:326:21:326:21 | t1 | test.swift:326:9:326:17 | WriteDef |
+| test.swift:326:21:326:21 | t1 | test.swift:326:9:326:17 | WriteDef |
+| test.swift:326:21:326:21 | t1 | test.swift:326:9:326:17 | WriteDef |
+| test.swift:326:21:326:21 | t1 | test.swift:328:15:328:15 | t1 |
+| test.swift:328:15:328:15 | t1 | test.swift:329:15:329:15 | t1 |
+| test.swift:329:15:329:15 | [post] t1 | test.swift:330:15:330:15 | t1 |
+| test.swift:329:15:329:15 | t1 | test.swift:330:15:330:15 | t1 |
+| test.swift:330:15:330:15 | [post] t1 | test.swift:331:15:331:15 | t1 |
+| test.swift:330:15:330:15 | t1 | test.swift:331:15:331:15 | t1 |
+| test.swift:332:15:332:15 | t2 | test.swift:333:15:333:15 | t2 |
+| test.swift:333:15:333:15 | [post] t2 | test.swift:334:15:334:15 | t2 |
+| test.swift:333:15:333:15 | t2 | test.swift:334:15:334:15 | t2 |
+| test.swift:334:15:334:15 | [post] t2 | test.swift:335:15:335:15 | t2 |
+| test.swift:334:15:334:15 | t2 | test.swift:335:15:335:15 | t2 |
diff --git a/swift/ql/test/library-tests/dataflow/dataflow/test.swift b/swift/ql/test/library-tests/dataflow/dataflow/test.swift
index 23c8d138a2d..6995754e85c 100644
--- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift
+++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift
@@ -259,14 +259,39 @@ func optionalSource() -> Int? {
     return source()
 }
 
-func test_optionals() {
+func test_optionals(y: Int?) {
     let x = optionalSource()
+
+    sink(opt: x) // $ flow=259
+    sink(opt: y)
     sink(arg: x!) // $ flow=259
-    sink(arg: source().signum()) // $ flow=265
+    sink(arg: y!)
+
+    sink(arg: source().signum()) // $ flow=270
     sink(opt: x?.signum()) // $ flow=259
+    sink(opt: y?.signum())
+
     sink(arg: x ?? 0) // $ MISSING: flow=259
-    if let y = x {
-        sink(arg: y) // $ MISSING: flow=259
+    sink(arg: x ?? source()) // $ MISSING: flow=259, 276
+    sink(arg: y ?? 0)
+    sink(arg: y ?? source()) // $ MISSING: flow=278
+
+    sink(arg: x != nil ? x! : 0) // $ MISSING: flow=259
+    sink(arg: x != nil ? x! : source()) // $ MISSING: flow=259, 281
+    sink(arg: y != nil ? y! : 0)
+    sink(arg: y != nil ? y! : source()) // $ MISSING: flow=283
+
+    if let z = x {
+        sink(arg: z) // $ MISSING: flow=259
+    }
+    if let z = y {
+        sink(arg: z)
+    }
+    if let z = x?.signum() { // $ MISSING: flow=259
+        sink(arg: z)
+    }
+    if let z = y?.signum() {
+        sink(arg: z)
     }
 }
 
@@ -278,7 +303,7 @@ func testTuples() {
 
     sink(arg: t1)
     sink(arg: t1.0)
-    sink(arg: t1.1) // $ flow=277
+    sink(arg: t1.1) // $ flow=302
 
     t1.1 = 2
 
@@ -289,7 +314,7 @@ func testTuples() {
     t1.0 = source()
 
     sink(arg: t1)
-    sink(arg: t1.0) // $ flow=289
+    sink(arg: t1.0) // $ flow=314
     sink(arg: t1.1)
 }
 
@@ -299,14 +324,14 @@ func testTuples2() {
     let (a, b, c) = t1
 
     sink(arg: t1)
-    sink(arg: t1.x) // $ flow=297
-    sink(arg: t1.y) // $ flow=297
+    sink(arg: t1.x) // $ flow=322
+    sink(arg: t1.y) // $ flow=322
     sink(arg: t1.z)
     sink(arg: t2)
-    sink(arg: t2.x) // $ flow=297
-    sink(arg: t2.y) // $ flow=297
+    sink(arg: t2.x) // $ flow=322
+    sink(arg: t2.y) // $ flow=322
     sink(arg: t2.z)
-    sink(arg: a) // $ MISSING: flow=297
-    sink(arg: b) // $ MISSING: flow=297
+    sink(arg: a) // $ MISSING: flow=322
+    sink(arg: b) // $ MISSING: flow=322
     sink(arg: c)
 }

From 2dbb8919424978a588ed69c1828f8a5ade13d459 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Mon, 14 Nov 2022 18:29:35 +0000
Subject: [PATCH 034/144] Swift: Dataflow through ??.

---
 .../dataflow/internal/DataFlowPrivate.qll     |  7 ++
 .../dataflow/dataflow/DataFlow.expected       |  6 ++
 .../dataflow/dataflow/LocalFlow.expected      | 86 ++++++++++---------
 .../dataflow/dataflow/test.swift              |  4 +-
 4 files changed, 62 insertions(+), 41 deletions(-)

diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index 82332b4c47d..f811a540c97 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -153,6 +153,13 @@ private module Cached {
     or
     nodeFrom.asExpr() = nodeTo.asExpr().(OptionalEvaluationExpr).getSubExpr()
     or
+    // flow through nil-coalescing operator `??`
+    exists(BinaryExpr nco |
+      nco.getFunction().(DeclRefExpr).getDecl().(FreeFunctionDecl).getName() = "??(_:_:)" and
+      nodeFrom.asExpr() = nco.getAnOperand() and
+      nodeTo.asExpr() = nco
+    )
+    or
     // flow through a flow summary (extension of `SummaryModelCsv`)
     FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom, nodeTo, true)
   }
diff --git a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
index 0f55b0155c3..8c9c931a4ff 100644
--- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
+++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
@@ -103,6 +103,8 @@ edges
 | test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:265:15:265:15 | x |
 | test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:267:15:267:16 | ...! |
 | test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:271:15:271:16 | ...? :  |
+| test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:274:15:274:20 | ... ??(_:_:) ... |
+| test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:275:15:275:27 | ... ??(_:_:) ... |
 | test.swift:270:15:270:22 | call to source() :  | file://:0:0:0:0 | [summary param] this in signum() :  |
 | test.swift:270:15:270:22 | call to source() :  | test.swift:270:15:270:31 | call to signum() |
 | test.swift:271:15:271:16 | ...? :  | file://:0:0:0:0 | [summary param] this in signum() :  |
@@ -245,6 +247,8 @@ nodes
 | test.swift:271:15:271:16 | ...? :  | semmle.label | ...? :  |
 | test.swift:271:15:271:25 | OptionalEvaluationExpr | semmle.label | OptionalEvaluationExpr |
 | test.swift:271:15:271:25 | call to signum() :  | semmle.label | call to signum() :  |
+| test.swift:274:15:274:20 | ... ??(_:_:) ... | semmle.label | ... ??(_:_:) ... |
+| test.swift:275:15:275:27 | ... ??(_:_:) ... | semmle.label | ... ??(_:_:) ... |
 | test.swift:302:14:302:26 | (...) [Tuple element at index 1] :  | semmle.label | (...) [Tuple element at index 1] :  |
 | test.swift:302:18:302:25 | call to source() :  | semmle.label | call to source() :  |
 | test.swift:306:15:306:15 | t1 [Tuple element at index 1] :  | semmle.label | t1 [Tuple element at index 1] :  |
@@ -326,6 +330,8 @@ subpaths
 | test.swift:267:15:267:16 | ...! | test.swift:259:12:259:19 | call to source() :  | test.swift:267:15:267:16 | ...! | result |
 | test.swift:270:15:270:31 | call to signum() | test.swift:270:15:270:22 | call to source() :  | test.swift:270:15:270:31 | call to signum() | result |
 | test.swift:271:15:271:25 | OptionalEvaluationExpr | test.swift:259:12:259:19 | call to source() :  | test.swift:271:15:271:25 | OptionalEvaluationExpr | result |
+| test.swift:274:15:274:20 | ... ??(_:_:) ... | test.swift:259:12:259:19 | call to source() :  | test.swift:274:15:274:20 | ... ??(_:_:) ... | result |
+| test.swift:275:15:275:27 | ... ??(_:_:) ... | test.swift:259:12:259:19 | call to source() :  | test.swift:275:15:275:27 | ... ??(_:_:) ... | result |
 | test.swift:306:15:306:18 | .1 | test.swift:302:18:302:25 | call to source() :  | test.swift:306:15:306:18 | .1 | result |
 | test.swift:317:15:317:18 | .0 | test.swift:314:12:314:19 | call to source() :  | test.swift:317:15:317:18 | .0 | result |
 | test.swift:327:15:327:18 | .0 | test.swift:322:18:322:25 | call to source() :  | test.swift:327:15:327:18 | .0 | result |
diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
index 91709720aa2..0d48a6af63f 100644
--- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
+++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
@@ -200,10 +200,18 @@
 | test.swift:272:15:272:15 | y | test.swift:272:15:272:16 | ...? |
 | test.swift:272:15:272:15 | y | test.swift:276:15:276:15 | y |
 | test.swift:272:15:272:25 | call to signum() | test.swift:272:15:272:25 | OptionalEvaluationExpr |
+| test.swift:274:15:274:15 | x | test.swift:274:15:274:20 | ... ??(_:_:) ... |
 | test.swift:274:15:274:15 | x | test.swift:275:15:275:15 | x |
+| test.swift:274:20:274:20 | { ... } | test.swift:274:15:274:20 | ... ??(_:_:) ... |
+| test.swift:275:15:275:15 | x | test.swift:275:15:275:27 | ... ??(_:_:) ... |
 | test.swift:275:15:275:15 | x | test.swift:279:15:279:15 | x |
+| test.swift:275:20:275:27 | { ... } | test.swift:275:15:275:27 | ... ??(_:_:) ... |
+| test.swift:276:15:276:15 | y | test.swift:276:15:276:20 | ... ??(_:_:) ... |
 | test.swift:276:15:276:15 | y | test.swift:277:15:277:15 | y |
+| test.swift:276:20:276:20 | { ... } | test.swift:276:15:276:20 | ... ??(_:_:) ... |
+| test.swift:277:15:277:15 | y | test.swift:277:15:277:27 | ... ??(_:_:) ... |
 | test.swift:277:15:277:15 | y | test.swift:281:15:281:15 | y |
+| test.swift:277:20:277:27 | { ... } | test.swift:277:15:277:27 | ... ??(_:_:) ... |
 | test.swift:279:15:279:15 | x | test.swift:279:26:279:26 | x |
 | test.swift:279:15:279:15 | x | test.swift:280:15:280:15 | x |
 | test.swift:279:26:279:26 | x | test.swift:279:26:279:27 | ...! |
@@ -226,44 +234,44 @@
 | test.swift:290:16:290:26 | call to signum() | test.swift:290:16:290:26 | OptionalEvaluationExpr |
 | test.swift:293:16:293:16 | y | test.swift:293:16:293:17 | ...? |
 | test.swift:293:16:293:26 | call to signum() | test.swift:293:16:293:26 | OptionalEvaluationExpr |
-| test.swift:304:9:304:9 | WriteDef | test.swift:306:15:306:15 | t1 |
-| test.swift:304:14:304:26 | (...) | test.swift:304:9:304:9 | WriteDef |
-| test.swift:306:15:306:15 | t1 | test.swift:307:15:307:15 | t1 |
-| test.swift:307:15:307:15 | [post] t1 | test.swift:308:15:308:15 | t1 |
-| test.swift:307:15:307:15 | t1 | test.swift:308:15:308:15 | t1 |
-| test.swift:308:15:308:15 | [post] t1 | test.swift:310:5:310:5 | t1 |
-| test.swift:308:15:308:15 | t1 | test.swift:310:5:310:5 | t1 |
-| test.swift:310:5:310:5 | [post] t1 | test.swift:312:15:312:15 | t1 |
-| test.swift:310:5:310:5 | t1 | test.swift:312:15:312:15 | t1 |
-| test.swift:312:15:312:15 | t1 | test.swift:313:15:313:15 | t1 |
-| test.swift:313:15:313:15 | [post] t1 | test.swift:314:15:314:15 | t1 |
-| test.swift:313:15:313:15 | t1 | test.swift:314:15:314:15 | t1 |
-| test.swift:314:15:314:15 | [post] t1 | test.swift:316:5:316:5 | t1 |
-| test.swift:314:15:314:15 | t1 | test.swift:316:5:316:5 | t1 |
-| test.swift:316:5:316:5 | [post] t1 | test.swift:318:15:318:15 | t1 |
-| test.swift:316:5:316:5 | t1 | test.swift:318:15:318:15 | t1 |
-| test.swift:318:15:318:15 | t1 | test.swift:319:15:319:15 | t1 |
-| test.swift:319:15:319:15 | [post] t1 | test.swift:320:15:320:15 | t1 |
-| test.swift:319:15:319:15 | t1 | test.swift:320:15:320:15 | t1 |
-| test.swift:324:9:324:9 | WriteDef | test.swift:325:14:325:14 | t1 |
-| test.swift:324:14:324:45 | (...) | test.swift:324:9:324:9 | WriteDef |
-| test.swift:325:9:325:9 | WriteDef | test.swift:332:15:332:15 | t2 |
-| test.swift:325:14:325:14 | t1 | test.swift:325:9:325:9 | WriteDef |
-| test.swift:325:14:325:14 | t1 | test.swift:326:21:326:21 | t1 |
-| test.swift:326:9:326:17 | WriteDef | test.swift:336:15:336:15 | a |
-| test.swift:326:9:326:17 | WriteDef | test.swift:337:15:337:15 | b |
-| test.swift:326:9:326:17 | WriteDef | test.swift:338:15:338:15 | c |
-| test.swift:326:21:326:21 | t1 | test.swift:326:9:326:17 | WriteDef |
-| test.swift:326:21:326:21 | t1 | test.swift:326:9:326:17 | WriteDef |
-| test.swift:326:21:326:21 | t1 | test.swift:326:9:326:17 | WriteDef |
-| test.swift:326:21:326:21 | t1 | test.swift:328:15:328:15 | t1 |
+| test.swift:302:9:302:9 | WriteDef | test.swift:304:15:304:15 | t1 |
+| test.swift:302:14:302:26 | (...) | test.swift:302:9:302:9 | WriteDef |
+| test.swift:304:15:304:15 | t1 | test.swift:305:15:305:15 | t1 |
+| test.swift:305:15:305:15 | [post] t1 | test.swift:306:15:306:15 | t1 |
+| test.swift:305:15:305:15 | t1 | test.swift:306:15:306:15 | t1 |
+| test.swift:306:15:306:15 | [post] t1 | test.swift:308:5:308:5 | t1 |
+| test.swift:306:15:306:15 | t1 | test.swift:308:5:308:5 | t1 |
+| test.swift:308:5:308:5 | [post] t1 | test.swift:310:15:310:15 | t1 |
+| test.swift:308:5:308:5 | t1 | test.swift:310:15:310:15 | t1 |
+| test.swift:310:15:310:15 | t1 | test.swift:311:15:311:15 | t1 |
+| test.swift:311:15:311:15 | [post] t1 | test.swift:312:15:312:15 | t1 |
+| test.swift:311:15:311:15 | t1 | test.swift:312:15:312:15 | t1 |
+| test.swift:312:15:312:15 | [post] t1 | test.swift:314:5:314:5 | t1 |
+| test.swift:312:15:312:15 | t1 | test.swift:314:5:314:5 | t1 |
+| test.swift:314:5:314:5 | [post] t1 | test.swift:316:15:316:15 | t1 |
+| test.swift:314:5:314:5 | t1 | test.swift:316:15:316:15 | t1 |
+| test.swift:316:15:316:15 | t1 | test.swift:317:15:317:15 | t1 |
+| test.swift:317:15:317:15 | [post] t1 | test.swift:318:15:318:15 | t1 |
+| test.swift:317:15:317:15 | t1 | test.swift:318:15:318:15 | t1 |
+| test.swift:322:9:322:9 | WriteDef | test.swift:323:14:323:14 | t1 |
+| test.swift:322:14:322:45 | (...) | test.swift:322:9:322:9 | WriteDef |
+| test.swift:323:9:323:9 | WriteDef | test.swift:330:15:330:15 | t2 |
+| test.swift:323:14:323:14 | t1 | test.swift:323:9:323:9 | WriteDef |
+| test.swift:323:14:323:14 | t1 | test.swift:324:21:324:21 | t1 |
+| test.swift:324:9:324:17 | WriteDef | test.swift:334:15:334:15 | a |
+| test.swift:324:9:324:17 | WriteDef | test.swift:335:15:335:15 | b |
+| test.swift:324:9:324:17 | WriteDef | test.swift:336:15:336:15 | c |
+| test.swift:324:21:324:21 | t1 | test.swift:324:9:324:17 | WriteDef |
+| test.swift:324:21:324:21 | t1 | test.swift:324:9:324:17 | WriteDef |
+| test.swift:324:21:324:21 | t1 | test.swift:324:9:324:17 | WriteDef |
+| test.swift:324:21:324:21 | t1 | test.swift:326:15:326:15 | t1 |
+| test.swift:326:15:326:15 | t1 | test.swift:327:15:327:15 | t1 |
+| test.swift:327:15:327:15 | [post] t1 | test.swift:328:15:328:15 | t1 |
+| test.swift:327:15:327:15 | t1 | test.swift:328:15:328:15 | t1 |
+| test.swift:328:15:328:15 | [post] t1 | test.swift:329:15:329:15 | t1 |
 | test.swift:328:15:328:15 | t1 | test.swift:329:15:329:15 | t1 |
-| test.swift:329:15:329:15 | [post] t1 | test.swift:330:15:330:15 | t1 |
-| test.swift:329:15:329:15 | t1 | test.swift:330:15:330:15 | t1 |
-| test.swift:330:15:330:15 | [post] t1 | test.swift:331:15:331:15 | t1 |
-| test.swift:330:15:330:15 | t1 | test.swift:331:15:331:15 | t1 |
+| test.swift:330:15:330:15 | t2 | test.swift:331:15:331:15 | t2 |
+| test.swift:331:15:331:15 | [post] t2 | test.swift:332:15:332:15 | t2 |
+| test.swift:331:15:331:15 | t2 | test.swift:332:15:332:15 | t2 |
+| test.swift:332:15:332:15 | [post] t2 | test.swift:333:15:333:15 | t2 |
 | test.swift:332:15:332:15 | t2 | test.swift:333:15:333:15 | t2 |
-| test.swift:333:15:333:15 | [post] t2 | test.swift:334:15:334:15 | t2 |
-| test.swift:333:15:333:15 | t2 | test.swift:334:15:334:15 | t2 |
-| test.swift:334:15:334:15 | [post] t2 | test.swift:335:15:335:15 | t2 |
-| test.swift:334:15:334:15 | t2 | test.swift:335:15:335:15 | t2 |
diff --git a/swift/ql/test/library-tests/dataflow/dataflow/test.swift b/swift/ql/test/library-tests/dataflow/dataflow/test.swift
index 6995754e85c..a8a90fd5dca 100644
--- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift
+++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift
@@ -271,8 +271,8 @@ func test_optionals(y: Int?) {
     sink(opt: x?.signum()) // $ flow=259
     sink(opt: y?.signum())
 
-    sink(arg: x ?? 0) // $ MISSING: flow=259
-    sink(arg: x ?? source()) // $ MISSING: flow=259, 276
+    sink(arg: x ?? 0) // $ flow=259
+    sink(arg: x ?? source()) // $ flow=259 MISSING: flow=276
     sink(arg: y ?? 0)
     sink(arg: y ?? source()) // $ MISSING: flow=278
 

From 52d5578fb5d842e5c07dc40ef2387588b3345893 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Mon, 14 Nov 2022 22:10:17 +0000
Subject: [PATCH 035/144] Swift: Dataflow through second argument of ??.

---
 .../codeql/swift/dataflow/internal/DataFlowPrivate.qll   | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index f811a540c97..81a8bd4c85a 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -156,7 +156,14 @@ private module Cached {
     // flow through nil-coalescing operator `??`
     exists(BinaryExpr nco |
       nco.getFunction().(DeclRefExpr).getDecl().(FreeFunctionDecl).getName() = "??(_:_:)" and
-      nodeFrom.asExpr() = nco.getAnOperand() and
+      (
+        // value argument
+        nodeFrom.asExpr() = nco.getAnOperand()
+        or
+        // unpack closure (the second argument is typically an `AutoClosureExpr` argument)
+        nodeFrom.asExpr() =
+          nco.getAnOperand().(AbstractClosureExpr).getBody().getAnElement().(ReturnStmt).getResult()
+      ) and
       nodeTo.asExpr() = nco
     )
     or

From 4c806a442aa6f193af9fcb38b7bcb87d26171519 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 11:53:34 +0000
Subject: [PATCH 036/144] Swift: Dataflow through ? :.

---
 .../swift/dataflow/internal/DataFlowPrivate.qll     |  9 +++++++++
 .../dataflow/dataflow/DataFlow.expected             | 13 +++++++++++++
 .../dataflow/dataflow/LocalFlow.expected            |  8 ++++++++
 .../test/library-tests/dataflow/dataflow/test.swift |  6 +++---
 4 files changed, 33 insertions(+), 3 deletions(-)

diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index 81a8bd4c85a..7fcabf587ef 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -167,6 +167,15 @@ private module Cached {
       nodeTo.asExpr() = nco
     )
     or
+    // flow through ternary operator `? :`
+    exists(IfExpr ie |
+      nodeTo.asExpr() = ie and
+      (
+        nodeFrom.asExpr() = ie.getThenExpr() or
+        nodeFrom.asExpr() = ie.getElseExpr()
+      )
+    )
+    or
     // flow through a flow summary (extension of `SummaryModelCsv`)
     FlowSummaryImpl::Private::Steps::summaryLocalStep(nodeFrom, nodeTo, true)
   }
diff --git a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
index 8c9c931a4ff..1277d30cdc2 100644
--- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
+++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected
@@ -105,11 +105,15 @@ edges
 | test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:271:15:271:16 | ...? :  |
 | test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:274:15:274:20 | ... ??(_:_:) ... |
 | test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:275:15:275:27 | ... ??(_:_:) ... |
+| test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:279:15:279:31 | ... ? ... : ... |
+| test.swift:263:13:263:28 | call to optionalSource() :  | test.swift:280:15:280:38 | ... ? ... : ... |
 | test.swift:270:15:270:22 | call to source() :  | file://:0:0:0:0 | [summary param] this in signum() :  |
 | test.swift:270:15:270:22 | call to source() :  | test.swift:270:15:270:31 | call to signum() |
 | test.swift:271:15:271:16 | ...? :  | file://:0:0:0:0 | [summary param] this in signum() :  |
 | test.swift:271:15:271:16 | ...? :  | test.swift:271:15:271:25 | call to signum() :  |
 | test.swift:271:15:271:25 | call to signum() :  | test.swift:271:15:271:25 | OptionalEvaluationExpr |
+| test.swift:280:31:280:38 | call to source() :  | test.swift:280:15:280:38 | ... ? ... : ... |
+| test.swift:282:31:282:38 | call to source() :  | test.swift:282:15:282:38 | ... ? ... : ... |
 | test.swift:302:14:302:26 | (...) [Tuple element at index 1] :  | test.swift:306:15:306:15 | t1 [Tuple element at index 1] :  |
 | test.swift:302:18:302:25 | call to source() :  | test.swift:302:14:302:26 | (...) [Tuple element at index 1] :  |
 | test.swift:306:15:306:15 | t1 [Tuple element at index 1] :  | test.swift:306:15:306:18 | .1 |
@@ -249,6 +253,11 @@ nodes
 | test.swift:271:15:271:25 | call to signum() :  | semmle.label | call to signum() :  |
 | test.swift:274:15:274:20 | ... ??(_:_:) ... | semmle.label | ... ??(_:_:) ... |
 | test.swift:275:15:275:27 | ... ??(_:_:) ... | semmle.label | ... ??(_:_:) ... |
+| test.swift:279:15:279:31 | ... ? ... : ... | semmle.label | ... ? ... : ... |
+| test.swift:280:15:280:38 | ... ? ... : ... | semmle.label | ... ? ... : ... |
+| test.swift:280:31:280:38 | call to source() :  | semmle.label | call to source() :  |
+| test.swift:282:15:282:38 | ... ? ... : ... | semmle.label | ... ? ... : ... |
+| test.swift:282:31:282:38 | call to source() :  | semmle.label | call to source() :  |
 | test.swift:302:14:302:26 | (...) [Tuple element at index 1] :  | semmle.label | (...) [Tuple element at index 1] :  |
 | test.swift:302:18:302:25 | call to source() :  | semmle.label | call to source() :  |
 | test.swift:306:15:306:15 | t1 [Tuple element at index 1] :  | semmle.label | t1 [Tuple element at index 1] :  |
@@ -332,6 +341,10 @@ subpaths
 | test.swift:271:15:271:25 | OptionalEvaluationExpr | test.swift:259:12:259:19 | call to source() :  | test.swift:271:15:271:25 | OptionalEvaluationExpr | result |
 | test.swift:274:15:274:20 | ... ??(_:_:) ... | test.swift:259:12:259:19 | call to source() :  | test.swift:274:15:274:20 | ... ??(_:_:) ... | result |
 | test.swift:275:15:275:27 | ... ??(_:_:) ... | test.swift:259:12:259:19 | call to source() :  | test.swift:275:15:275:27 | ... ??(_:_:) ... | result |
+| test.swift:279:15:279:31 | ... ? ... : ... | test.swift:259:12:259:19 | call to source() :  | test.swift:279:15:279:31 | ... ? ... : ... | result |
+| test.swift:280:15:280:38 | ... ? ... : ... | test.swift:259:12:259:19 | call to source() :  | test.swift:280:15:280:38 | ... ? ... : ... | result |
+| test.swift:280:15:280:38 | ... ? ... : ... | test.swift:280:31:280:38 | call to source() :  | test.swift:280:15:280:38 | ... ? ... : ... | result |
+| test.swift:282:15:282:38 | ... ? ... : ... | test.swift:282:31:282:38 | call to source() :  | test.swift:282:15:282:38 | ... ? ... : ... | result |
 | test.swift:306:15:306:18 | .1 | test.swift:302:18:302:25 | call to source() :  | test.swift:306:15:306:18 | .1 | result |
 | test.swift:317:15:317:18 | .0 | test.swift:314:12:314:19 | call to source() :  | test.swift:317:15:317:18 | .0 | result |
 | test.swift:327:15:327:18 | .0 | test.swift:322:18:322:25 | call to source() :  | test.swift:327:15:327:18 | .0 | result |
diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
index 0d48a6af63f..69e2a3ad207 100644
--- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
+++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected
@@ -216,18 +216,26 @@
 | test.swift:279:15:279:15 | x | test.swift:280:15:280:15 | x |
 | test.swift:279:26:279:26 | x | test.swift:279:26:279:27 | ...! |
 | test.swift:279:26:279:26 | x | test.swift:280:15:280:15 | x |
+| test.swift:279:26:279:27 | ...! | test.swift:279:15:279:31 | ... ? ... : ... |
+| test.swift:279:31:279:31 | 0 | test.swift:279:15:279:31 | ... ? ... : ... |
 | test.swift:280:15:280:15 | x | test.swift:280:26:280:26 | x |
 | test.swift:280:15:280:15 | x | test.swift:284:16:284:16 | x |
 | test.swift:280:26:280:26 | x | test.swift:280:26:280:27 | ...! |
 | test.swift:280:26:280:26 | x | test.swift:284:16:284:16 | x |
+| test.swift:280:26:280:27 | ...! | test.swift:280:15:280:38 | ... ? ... : ... |
+| test.swift:280:31:280:38 | call to source() | test.swift:280:15:280:38 | ... ? ... : ... |
 | test.swift:281:15:281:15 | y | test.swift:281:26:281:26 | y |
 | test.swift:281:15:281:15 | y | test.swift:282:15:282:15 | y |
 | test.swift:281:26:281:26 | y | test.swift:281:26:281:27 | ...! |
 | test.swift:281:26:281:26 | y | test.swift:282:15:282:15 | y |
+| test.swift:281:26:281:27 | ...! | test.swift:281:15:281:31 | ... ? ... : ... |
+| test.swift:281:31:281:31 | 0 | test.swift:281:15:281:31 | ... ? ... : ... |
 | test.swift:282:15:282:15 | y | test.swift:282:26:282:26 | y |
 | test.swift:282:15:282:15 | y | test.swift:287:16:287:16 | y |
 | test.swift:282:26:282:26 | y | test.swift:282:26:282:27 | ...! |
 | test.swift:282:26:282:26 | y | test.swift:287:16:287:16 | y |
+| test.swift:282:26:282:27 | ...! | test.swift:282:15:282:38 | ... ? ... : ... |
+| test.swift:282:31:282:38 | call to source() | test.swift:282:15:282:38 | ... ? ... : ... |
 | test.swift:284:16:284:16 | x | test.swift:290:16:290:16 | x |
 | test.swift:287:16:287:16 | y | test.swift:293:16:293:16 | y |
 | test.swift:290:16:290:16 | x | test.swift:290:16:290:17 | ...? |
diff --git a/swift/ql/test/library-tests/dataflow/dataflow/test.swift b/swift/ql/test/library-tests/dataflow/dataflow/test.swift
index a8a90fd5dca..093e8c2db95 100644
--- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift
+++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift
@@ -276,10 +276,10 @@ func test_optionals(y: Int?) {
     sink(arg: y ?? 0)
     sink(arg: y ?? source()) // $ MISSING: flow=278
 
-    sink(arg: x != nil ? x! : 0) // $ MISSING: flow=259
-    sink(arg: x != nil ? x! : source()) // $ MISSING: flow=259, 281
+    sink(arg: x != nil ? x! : 0) // $ flow=259
+    sink(arg: x != nil ? x! : source()) // $ flow=259 flow=280
     sink(arg: y != nil ? y! : 0)
-    sink(arg: y != nil ? y! : source()) // $ MISSING: flow=283
+    sink(arg: y != nil ? y! : source()) // $ flow=282
 
     if let z = x {
         sink(arg: z) // $ MISSING: flow=259

From ae5689b2952f64a36f99e1d1a62bd19899ac854f Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 12:04:10 +0000
Subject: [PATCH 037/144] Swift: Update comment.

---
 swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index 7fcabf587ef..565bb4a8e93 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -148,7 +148,7 @@ private module Cached {
     // flow through `!`
     nodeFrom.asExpr() = nodeTo.asExpr().(ForceValueExpr).getSubExpr()
     or
-    // flow through `?`
+    // flow through `?` and `?.`
     nodeFrom.asExpr() = nodeTo.asExpr().(BindOptionalExpr).getSubExpr()
     or
     nodeFrom.asExpr() = nodeTo.asExpr().(OptionalEvaluationExpr).getSubExpr()

From 1b6317d584c20c89f600ec693cb89be3f78469d6 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 17:19:32 +0000
Subject: [PATCH 038/144] Update
 swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll

Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
---
 .../lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll   | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index 565bb4a8e93..afb82dbc9f7 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -170,10 +170,7 @@ private module Cached {
     // flow through ternary operator `? :`
     exists(IfExpr ie |
       nodeTo.asExpr() = ie and
-      (
-        nodeFrom.asExpr() = ie.getThenExpr() or
-        nodeFrom.asExpr() = ie.getElseExpr()
-      )
+      nodeFrom.asExpr() = ie.getBranch(_)
     )
     or
     // flow through a flow summary (extension of `SummaryModelCsv`)

From fa86e7533010de74084e6760658e04c138b43c52 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 17:49:23 +0000
Subject: [PATCH 039/144] Update
 swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll

Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
---
 .../swift/dataflow/internal/DataFlowPrivate.qll  | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index afb82dbc9f7..edb30bb74ce 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -155,16 +155,14 @@ private module Cached {
     or
     // flow through nil-coalescing operator `??`
     exists(BinaryExpr nco |
-      nco.getFunction().(DeclRefExpr).getDecl().(FreeFunctionDecl).getName() = "??(_:_:)" and
-      (
-        // value argument
-        nodeFrom.asExpr() = nco.getAnOperand()
-        or
-        // unpack closure (the second argument is typically an `AutoClosureExpr` argument)
-        nodeFrom.asExpr() =
-          nco.getAnOperand().(AbstractClosureExpr).getBody().getAnElement().(ReturnStmt).getResult()
-      ) and
+      nco.getStaticTarget().(FreeFunctionDecl).getName() = "??(_:_:)" and
       nodeTo.asExpr() = nco
+    |
+      // value argument
+      nodeFrom.asExpr() = nco.getAnOperand()
+      or
+      // unpack closure (the second argument is typically an `AutoClosureExpr` argument)
+      nodeFrom.asExpr() = nco.getAnOperand().(AutoClosureExpr).getReturn().getResult()
     )
     or
     // flow through ternary operator `? :`

From 3c46b0cad17cba46d86b40ffc18bf27373cedb47 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 17:59:35 +0000
Subject: [PATCH 040/144] Swift: Add BinaryExpr.getOperator().

---
 .../ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll  | 2 +-
 swift/ql/lib/codeql/swift/elements/expr/BinaryExpr.qll         | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index edb30bb74ce..a66c0065343 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -155,7 +155,7 @@ private module Cached {
     or
     // flow through nil-coalescing operator `??`
     exists(BinaryExpr nco |
-      nco.getStaticTarget().(FreeFunctionDecl).getName() = "??(_:_:)" and
+      nco.getOperator().(FreeFunctionDecl).getName() = "??(_:_:)" and
       nodeTo.asExpr() = nco
     |
       // value argument
diff --git a/swift/ql/lib/codeql/swift/elements/expr/BinaryExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/BinaryExpr.qll
index b75704bc1b1..d9aec16a069 100644
--- a/swift/ql/lib/codeql/swift/elements/expr/BinaryExpr.qll
+++ b/swift/ql/lib/codeql/swift/elements/expr/BinaryExpr.qll
@@ -1,11 +1,14 @@
 private import codeql.swift.generated.expr.BinaryExpr
 private import codeql.swift.elements.expr.Expr
+private import codeql.swift.elements.decl.AbstractFunctionDecl
 
 class BinaryExpr extends Generated::BinaryExpr {
   Expr getLeftOperand() { result = this.getArgument(0).getExpr() }
 
   Expr getRightOperand() { result = this.getArgument(1).getExpr() }
 
+  AbstractFunctionDecl getOperator() { result = this.getStaticTarget() }
+
   Expr getAnOperand() { result = [this.getLeftOperand(), this.getRightOperand()] }
 
   override string toString() { result = "... " + this.getFunction().toString() + " ..." }

From 70075e28328106625e9dde98ca13505a10a42724 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 18:03:16 +0000
Subject: [PATCH 041/144] Swift: Add qldoc for BinaryExpr.

---
 .../codeql/swift/elements/expr/BinaryExpr.qll | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/swift/ql/lib/codeql/swift/elements/expr/BinaryExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/BinaryExpr.qll
index d9aec16a069..29b86fa2adf 100644
--- a/swift/ql/lib/codeql/swift/elements/expr/BinaryExpr.qll
+++ b/swift/ql/lib/codeql/swift/elements/expr/BinaryExpr.qll
@@ -2,13 +2,32 @@ private import codeql.swift.generated.expr.BinaryExpr
 private import codeql.swift.elements.expr.Expr
 private import codeql.swift.elements.decl.AbstractFunctionDecl
 
+/**
+ * A Swift binary expression, that is, an expression that appears between its
+ * two operands. For example:
+ * ```
+ * x + y
+ * ```
+ */
 class BinaryExpr extends Generated::BinaryExpr {
+  /**
+   * Gets the left operand (left expression) of this binary expression.
+   */
   Expr getLeftOperand() { result = this.getArgument(0).getExpr() }
 
+  /**
+   * Gets the right operand (right expression) of this binary expression.
+   */
   Expr getRightOperand() { result = this.getArgument(1).getExpr() }
 
+  /**
+   * Gets the operator of this binary expression (the function that is called).
+   */
   AbstractFunctionDecl getOperator() { result = this.getStaticTarget() }
 
+  /**
+   * Gets an operand of this binary expression (left or right).
+   */
   Expr getAnOperand() { result = [this.getLeftOperand(), this.getRightOperand()] }
 
   override string toString() { result = "... " + this.getFunction().toString() + " ..." }

From 13d6deb9c4a79f5e27fe3fb6fe48cd873fe812e7 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 18:14:02 +0000
Subject: [PATCH 042/144] Swift: Make similar enhancements to unary operations.

---
 .../swift/elements/expr/PostfixUnaryExpr.qll  | 22 +++++++++++++++++--
 .../swift/elements/expr/PrefixUnaryExpr.qll   | 16 ++++++++++++++
 2 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/swift/ql/lib/codeql/swift/elements/expr/PostfixUnaryExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/PostfixUnaryExpr.qll
index 46742454650..77150da54a1 100644
--- a/swift/ql/lib/codeql/swift/elements/expr/PostfixUnaryExpr.qll
+++ b/swift/ql/lib/codeql/swift/elements/expr/PostfixUnaryExpr.qll
@@ -1,4 +1,22 @@
-// generated by codegen/codegen.py, remove this comment if you wish to edit this file
 private import codeql.swift.generated.expr.PostfixUnaryExpr
+private import codeql.swift.elements.expr.Expr
+private import codeql.swift.elements.decl.AbstractFunctionDecl
 
-class PostfixUnaryExpr extends Generated::PostfixUnaryExpr { }
+/**
+ * A Swift postfix unary expression, that is, a unary expression that appears
+ * after its operand. For example:
+ * ```
+ * x!
+ * ```
+ */
+class PostfixUnaryExpr extends Generated::PostfixUnaryExpr {
+  /**
+   *  Gets the operand (expression) of this postfix unary expression.
+   */
+  Expr getOperand() { result = this.getAnArgument().getExpr() }
+
+  /**
+   * Gets the operator of this postfix unary expression (the function that is called).
+   */
+  AbstractFunctionDecl getOperator() { result = this.getStaticTarget() }
+}
diff --git a/swift/ql/lib/codeql/swift/elements/expr/PrefixUnaryExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/PrefixUnaryExpr.qll
index b9a1ecd4ee9..0cd1e25ad6b 100644
--- a/swift/ql/lib/codeql/swift/elements/expr/PrefixUnaryExpr.qll
+++ b/swift/ql/lib/codeql/swift/elements/expr/PrefixUnaryExpr.qll
@@ -1,6 +1,22 @@
 private import codeql.swift.generated.expr.PrefixUnaryExpr
 private import codeql.swift.elements.expr.Expr
+private import codeql.swift.elements.decl.AbstractFunctionDecl
 
+/**
+ * A Swift prefix unary expression, that is, a unary expression that appears
+ * before its operand. For example:
+ * ```
+ * -x
+ * ```
+ */
 class PrefixUnaryExpr extends Generated::PrefixUnaryExpr {
+  /**
+   *  Gets the operand (expression) of this prefix unary expression.
+   */
   Expr getOperand() { result = this.getAnArgument().getExpr() }
+
+  /**
+   * Gets the operator of this prefix unary expression (the function that is called).
+   */
+  AbstractFunctionDecl getOperator() { result = this.getStaticTarget() }
 }

From 4eee37529609932d80d815c036e20193ea71251d Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 18:16:40 +0000
Subject: [PATCH 043/144] Swift: Add AutoClosureExpr.getExpr.

---
 .../lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll  | 2 +-
 swift/ql/lib/codeql/swift/elements/expr/AutoClosureExpr.qll | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index a66c0065343..e6ad6fb26b4 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -162,7 +162,7 @@ private module Cached {
       nodeFrom.asExpr() = nco.getAnOperand()
       or
       // unpack closure (the second argument is typically an `AutoClosureExpr` argument)
-      nodeFrom.asExpr() = nco.getAnOperand().(AutoClosureExpr).getReturn().getResult()
+      nodeFrom.asExpr() = nco.getAnOperand().(AutoClosureExpr).getExpr()
     )
     or
     // flow through ternary operator `? :`
diff --git a/swift/ql/lib/codeql/swift/elements/expr/AutoClosureExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/AutoClosureExpr.qll
index 6098a1e04cc..296c9513861 100644
--- a/swift/ql/lib/codeql/swift/elements/expr/AutoClosureExpr.qll
+++ b/swift/ql/lib/codeql/swift/elements/expr/AutoClosureExpr.qll
@@ -1,9 +1,15 @@
 private import codeql.swift.generated.expr.AutoClosureExpr
 private import codeql.swift.elements.stmt.ReturnStmt
+private import codeql.swift.elements.expr.Expr
 
 class AutoClosureExpr extends Generated::AutoClosureExpr {
   /** Gets the implicit return statement generated by this autoclosure expression. */
   ReturnStmt getReturn() { result = unique( | | this.getBody().getAnElement()) }
 
+  /**
+   * Gets the expression returned by this autoclosure expression.
+   */
+  Expr getExpr() { result = this.getReturn().getResult() }
+
   override string toString() { result = this.getBody().toString() }
 }

From 7c1fb5d4a677f767fe04bf8852564ab8b4781fb1 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 18:24:58 +0000
Subject: [PATCH 044/144] Swift: Add qldoc for AutoClosureExpr.

---
 .../swift/elements/expr/AutoClosureExpr.qll      | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/swift/ql/lib/codeql/swift/elements/expr/AutoClosureExpr.qll b/swift/ql/lib/codeql/swift/elements/expr/AutoClosureExpr.qll
index 296c9513861..aab42ca0af7 100644
--- a/swift/ql/lib/codeql/swift/elements/expr/AutoClosureExpr.qll
+++ b/swift/ql/lib/codeql/swift/elements/expr/AutoClosureExpr.qll
@@ -2,8 +2,22 @@ private import codeql.swift.generated.expr.AutoClosureExpr
 private import codeql.swift.elements.stmt.ReturnStmt
 private import codeql.swift.elements.expr.Expr
 
+/**
+ * A Swift autoclosure expression, that is, a closure automatically generated
+ * around an argument when the parameter has the `@autoclosure` attribute. For
+ * example, there is an `AutoClosureExpr` around the value `0` in:
+ * ```
+ * func myFunction(_ expr: @autoclosure () -> Int) {
+ *   ...
+ * }
+ *
+ * myFunction(0)
+ * ```
+ */
 class AutoClosureExpr extends Generated::AutoClosureExpr {
-  /** Gets the implicit return statement generated by this autoclosure expression. */
+  /**
+   * Gets the implicit return statement generated by this autoclosure expression.
+   */
   ReturnStmt getReturn() { result = unique( | | this.getBody().getAnElement()) }
 
   /**

From e81c62e40262da7db418f11af6fb15a6dc3bb38e Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Tue, 15 Nov 2022 18:34:51 +0000
Subject: [PATCH 045/144] Swift: Correct comment.

---
 swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
index e6ad6fb26b4..67aba2155db 100644
--- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll
@@ -161,7 +161,7 @@ private module Cached {
       // value argument
       nodeFrom.asExpr() = nco.getAnOperand()
       or
-      // unpack closure (the second argument is typically an `AutoClosureExpr` argument)
+      // unpack closure (the second argument is an `AutoClosureExpr` argument)
       nodeFrom.asExpr() = nco.getAnOperand().(AutoClosureExpr).getExpr()
     )
     or

From b42482c96000acb324ce451ca81c85aa197bc674 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 15 Nov 2022 21:14:18 +0100
Subject: [PATCH 046/144] Update
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp

Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
---
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
index 26eae7ff91b..e76b62f37f7 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
@@ -17,7 +17,7 @@
 
 <sample src="UnsafeJsEvalBad.swift" />
 
-<p>To fix the problem, we sanitize the remote data by passing it using the <code>arguments</code> dictionary of <code>WKWebView.callAsyncJavaScript</code>. This ensures that untrusted data cannot be evaluated as JavaScript source code.</p>
+<p>In the following (good) example, we sanitize the remote data by passing it using the <code>arguments</code> dictionary of <code>WKWebView.callAsyncJavaScript</code>. This ensures that untrusted data cannot be evaluated as JavaScript source code.</p>
 
 <sample src="UnsafeJsEvalGood.swift" />
 

From 8db8f14f9908926dd3efce3d1a32f23f4df5cf8a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 15 Nov 2022 21:14:37 +0100
Subject: [PATCH 047/144] Update
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp

Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
---
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
index e76b62f37f7..679da6a8fa3 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
@@ -13,7 +13,7 @@
 </recommendation>
 <example>
 
-<p>In the following example, a call to <code>WKWebView.evaluateJavaScript</code> evaluates JavaScript source code that is tainted with remote data, potentially introducing a code injection vulnerability.</p>
+<p>In the following (bad) example, a call to <code>WKWebView.evaluateJavaScript</code> evaluates JavaScript source code that is tainted with remote data, potentially introducing a code injection vulnerability.</p>
 
 <sample src="UnsafeJsEvalBad.swift" />
 

From cb7d9d5f3f192e0e1c826ff0521863549fd68deb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 15 Nov 2022 21:14:50 +0100
Subject: [PATCH 048/144] Update
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp

Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
---
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
index 679da6a8fa3..d63fe635f50 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
@@ -3,7 +3,7 @@
   "qhelp.dtd">
 <qhelp>
 <overview>
-<p>Evaluating JavaScript that contains a substring from a remote origin may lead to remote code execution. Code under control of an attacker can execute arbitrary unauthorized actions, including exfiltration of local data by sending it to a third party web service.</p>
+<p>Evaluating JavaScript that contains a substring from a remote origin may lead to remote code execution. Code written by an attacker can execute unauthorized actions, including exfiltration of local data through a third party web service.</p>
 
 </overview>
 <recommendation>

From fccb581765fd25543f27c36a8ebd3c7a8327cfff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 15 Nov 2022 21:14:56 +0100
Subject: [PATCH 049/144] Update
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp

Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
---
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
index d63fe635f50..ccb07b71785 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
@@ -8,7 +8,7 @@
 </overview>
 <recommendation>
 
-<p>When loading JavaScript into a web view, evaluate only known, locally-defined source code. If a part of the input does come from a remote source, instead of injecting it into the JavaScript code to be evaluated, prefer sending it as data to the web view using an API such as <code>WKWebView.callAsyncJavaScript</code> with the <code>arguments</code> dictionary to pass remote data objects.</p>
+<p>When loading JavaScript into a web view, evaluate only known, locally-defined source code. If part of the input comes from a remote source, do not inject it into the JavaScript code to be evaluated. Instead, send it to the web view as data using an API such as <code>WKWebView.callAsyncJavaScript</code> with the <code>arguments</code> dictionary to pass remote data objects.</p>
 
 </recommendation>
 <example>

From 52e5d541ef81e22d41593580826f18d994064a68 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 15 Nov 2022 21:15:04 +0100
Subject: [PATCH 050/144] Update
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp

Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
---
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
index ccb07b71785..a685e1d51d6 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.qhelp
@@ -25,7 +25,7 @@
 <references>
 
 <li>
-  <a href="https://developer.apple.com/documentation/webkit/wkwebview/3824703-callasyncjavascript">Apple Developer Documentation - WKWebView.callAsyncJavaScript(_:arguments:in:contentWorld:)</a>
+  Apple Developer Documentation: <a href="https://developer.apple.com/documentation/webkit/wkwebview/3824703-callasyncjavascript">WKWebView.callAsyncJavaScript(_:arguments:in:contentWorld:)</a>
 </li>
 
 </references>

From 09b669a58448fafa7bde94c5f4d3ddf034b4d721 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Tue, 15 Nov 2022 21:57:46 +0100
Subject: [PATCH 051/144] Swift: Add direct call to remote source to a test

Strangely, there are two separate paths to each of the JSEvaluateScript
sinks: one passing through the JSString constructor, one omitting this
step.
---
 .../Security/CWE-094/UnsafeJsEval.expected    | 23 ++++++++++++-------
 .../Security/CWE-094/UnsafeJsEval.swift       |  4 ++--
 2 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
index 05881a11eb5..4e04cad1468 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
@@ -1,17 +1,17 @@
 edges
 | UnsafeJsEval.swift:124:21:124:42 | string :  | UnsafeJsEval.swift:124:70:124:70 | string :  |
 | UnsafeJsEval.swift:165:10:165:37 | try ... :  | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  |
-| UnsafeJsEval.swift:165:10:165:37 | try ... :  | UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  |
 | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:165:10:165:37 | try ... :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:205:7:205:7 | remoteString :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  |
-| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:276:13:276:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:279:13:279:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:285:13:285:13 | string :  |
-| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | UnsafeJsEval.swift:299:13:299:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:276:13:276:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:279:13:279:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:285:13:285:13 | string :  |
+| UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:299:13:299:13 | string :  |
+| UnsafeJsEval.swift:204:12:204:66 | call to init(contentsOf:) :  | UnsafeJsEval.swift:204:7:204:66 | try! ... :  |
 | UnsafeJsEval.swift:205:7:205:7 | remoteString :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
 | UnsafeJsEval.swift:205:7:205:7 | remoteString :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
 | UnsafeJsEval.swift:205:7:205:7 | remoteString :  | UnsafeJsEval.swift:276:13:276:13 | string :  |
@@ -56,7 +56,8 @@ nodes
 | UnsafeJsEval.swift:165:10:165:37 | try ... :  | semmle.label | try ... :  |
 | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | semmle.label | call to init(contentsOf:) :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
-| UnsafeJsEval.swift:204:7:204:21 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
+| UnsafeJsEval.swift:204:7:204:66 | try! ... :  | semmle.label | try! ... :  |
+| UnsafeJsEval.swift:204:12:204:66 | call to init(contentsOf:) :  | semmle.label | call to init(contentsOf:) :  |
 | UnsafeJsEval.swift:205:7:205:7 | remoteString :  | semmle.label | remoteString :  |
 | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | semmle.label | ... .+(_:_:) ... :  |
 | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | semmle.label | call to init(decoding:as:) :  |
@@ -85,8 +86,14 @@ subpaths
 | UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:124:21:124:42 | string :  | UnsafeJsEval.swift:124:70:124:70 | string :  | UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) :  |
 #select
 | UnsafeJsEval.swift:266:22:266:107 | call to init(source:injectionTime:forMainFrameOnly:) | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:266:22:266:107 | call to init(source:injectionTime:forMainFrameOnly:) | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:266:22:266:107 | call to init(source:injectionTime:forMainFrameOnly:) | UnsafeJsEval.swift:204:12:204:66 | call to init(contentsOf:) :  | UnsafeJsEval.swift:266:22:266:107 | call to init(source:injectionTime:forMainFrameOnly:) | Evaluation of uncontrolled JavaScript from a remote source. |
 | UnsafeJsEval.swift:269:22:269:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:269:22:269:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:269:22:269:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | UnsafeJsEval.swift:204:12:204:66 | call to init(contentsOf:) :  | UnsafeJsEval.swift:269:22:269:124 | call to init(source:injectionTime:forMainFrameOnly:in:) | Evaluation of uncontrolled JavaScript from a remote source. |
 | UnsafeJsEval.swift:277:26:277:26 | string | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:277:26:277:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:277:26:277:26 | string | UnsafeJsEval.swift:204:12:204:66 | call to init(contentsOf:) :  | UnsafeJsEval.swift:277:26:277:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
 | UnsafeJsEval.swift:280:26:280:26 | string | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:280:26:280:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:280:26:280:26 | string | UnsafeJsEval.swift:204:12:204:66 | call to init(contentsOf:) :  | UnsafeJsEval.swift:280:26:280:26 | string | Evaluation of uncontrolled JavaScript from a remote source. |
 | UnsafeJsEval.swift:291:17:291:17 | jsstr | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:291:17:291:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:291:17:291:17 | jsstr | UnsafeJsEval.swift:204:12:204:66 | call to init(contentsOf:) :  | UnsafeJsEval.swift:291:17:291:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
 | UnsafeJsEval.swift:305:17:305:17 | jsstr | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:305:17:305:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
+| UnsafeJsEval.swift:305:17:305:17 | jsstr | UnsafeJsEval.swift:204:12:204:66 | call to init(contentsOf:) :  | UnsafeJsEval.swift:305:17:305:17 | jsstr | Evaluation of uncontrolled JavaScript from a remote source. |
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
index e65c182a4c3..69ccaba2f81 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.swift
@@ -175,7 +175,7 @@ func testAsync(_ sink: @escaping (String) async throws -> ()) {
 		let remoteString = getRemoteData()
 
 		try! await sink(localString) // GOOD: the HTML data is local
-		try! await sink(getRemoteData()) // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]: HTML contains remote input, may access local secrets
+		try! await sink(try String(contentsOf: URL(string: "http://example.com/")!)) // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]: HTML contains remote input, may access local secrets
 		try! await sink(remoteString) // BAD [NOT DETECTED - TODO: extract Callables of @MainActor method calls]
 
 		try! await sink("console.log(" + localStringFragment + ")") // GOOD: the HTML data is local
@@ -201,7 +201,7 @@ func testSync(_ sink: @escaping (String) -> ()) {
 	let remoteString = getRemoteData()
 
 	sink(localString) // GOOD: the HTML data is local
-	sink(getRemoteData()) // BAD: HTML contains remote input, may access local secrets
+	sink(try! String(contentsOf: URL(string: "http://example.com/")!)) // BAD: HTML contains remote input, may access local secrets
 	sink(remoteString) // BAD
 
 	sink("console.log(" + localStringFragment + ")") // GOOD: the HTML data is local

From de082260d85396e5dc1b537d2fc19d40e4adee05 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 12:48:25 +0100
Subject: [PATCH 052/144] QL: fixup `getQLDoc()`

---
 ql/ql/src/codeql_ql/ast/Ast.qll | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/ql/ql/src/codeql_ql/ast/Ast.qll b/ql/ql/src/codeql_ql/ast/Ast.qll
index d6a5039a3c7..fd7e416f291 100644
--- a/ql/ql/src/codeql_ql/ast/Ast.qll
+++ b/ql/ql/src/codeql_ql/ast/Ast.qll
@@ -156,12 +156,15 @@ class TopLevel extends TTopLevel, AstNode {
   }
 
   QLDoc getQLDocFor(ModuleMember m) {
-    exists(int i | i > 0 and result = this.getMember(i) and m = this.getMember(i + 1))
+    exists(int i | result = this.getMember(i) and m = this.getMember(i + 1))
   }
 
   override string getAPrimaryQlClass() { result = "TopLevel" }
 
-  override QLDoc getQLDoc() { result = this.getMember(0) }
+  override QLDoc getQLDoc() {
+    result = this.getMember(0) and
+    result.getLocation().getStartLine() = 1 // this might not hold if there is a block comment above, and that's the point.
+  }
 }
 
 abstract class Comment extends AstNode, TComment {
@@ -536,6 +539,12 @@ class ClasslessPredicate extends TClasslessPredicate, Predicate, ModuleDeclarati
 
   /** Holds if this classless predicate is a signature predicate with no body. */
   predicate isSignature() { not exists(this.getBody()) }
+
+  override QLDoc getQLDoc() {
+    result = any(TopLevel m).getQLDocFor(this)
+    or
+    result = any(Module m).getQLDocFor(this)
+  }
 }
 
 /**

From f71359c81d18da5243ad1e90a1de14a7e8b8f7ce Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 12:49:27 +0100
Subject: [PATCH 053/144] QL: detect toplevel block-comments that should be
 QLDoc

---
 ql/ql/src/queries/style/NonDocBlock.ql | 36 ++++++++++++++++++++------
 1 file changed, 28 insertions(+), 8 deletions(-)

diff --git a/ql/ql/src/queries/style/NonDocBlock.ql b/ql/ql/src/queries/style/NonDocBlock.ql
index 17d39eb9bdb..c81ed3c77db 100644
--- a/ql/ql/src/queries/style/NonDocBlock.ql
+++ b/ql/ql/src/queries/style/NonDocBlock.ql
@@ -30,23 +30,43 @@ int getLineAboveNodeThatCouldHaveDoc(File file) {
 pragma[noinline]
 BlockComment getACommentThatCouldBeQLDoc(File file) {
   file = result.getLocation().getFile() and
-  result.getLocation().getEndLine() = getLineAboveNodeThatCouldHaveDoc(file) and
   result.getLocation().getFile().getExtension() = "qll" and
-  not result.getContents().matches("/**%")
+  not result.getContents().matches("/**%") and
+  (
+    // above something that can be commented.
+    result.getLocation().getEndLine() = getLineAboveNodeThatCouldHaveDoc(file)
+    or
+    // toplevel in file.
+    result.getLocation().getStartLine() = 1 and
+    result.getLocation().getStartColumn() = 1
+  )
 }
 
 pragma[noinline]
-BlockComment getCommentAt(File file, int endLine) {
+BlockComment getCommentAtEnd(File file, int endLine) {
   result = getACommentThatCouldBeQLDoc(file) and
   result.getLocation().getEndLine() = endLine
 }
 
-from AstNode node, BlockComment comment
+pragma[noinline]
+BlockComment getCommentAtStart(File file, int startLine) {
+  result = getACommentThatCouldBeQLDoc(file) and
+  result.getLocation().getStartLine() = startLine
+}
+
+from AstNode node, BlockComment comment, string nodeDescrip
 where
-  canHaveQLDoc(node) and
+  (
+    canHaveQLDoc(node) and
+    comment = getCommentAtEnd(node.getLocation().getFile(), node.getLocation().getStartLine() - 1) and
+    nodeDescrip = "the below code"
+    or
+    node instanceof TopLevel and
+    comment = getCommentAtStart(node.getLocation().getFile(), 1) and
+    nodeDescrip = "the file"
+  ) and
   not exists(node.getQLDoc()) and
   not node.(ClassPredicate).isOverride() and // ignore override predicates
   not node.hasAnnotation("deprecated") and // ignore deprecated
-  not node.hasAnnotation("private") and // ignore private
-  comment = getCommentAt(node.getLocation().getFile(), node.getLocation().getStartLine() - 1)
-select comment, "Block comment could be QLDoc for $@.", node, "the below code"
+  not node.hasAnnotation("private") // ignore private
+select comment, "Block comment could be QLDoc for $@.", node, nodeDescrip

From f2222d32db6c90f809f0ab0fc3a0df60cd318b4b Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 12:51:38 +0100
Subject: [PATCH 054/144] QL: add test

---
 ql/ql/test/queries/style/NonDocBlock/Foo.qll        | 13 +++++++++++++
 .../queries/style/NonDocBlock/NonDocBlock.expected  |  2 ++
 .../queries/style/NonDocBlock/NonDocBlock.qlref     |  1 +
 3 files changed, 16 insertions(+)
 create mode 100644 ql/ql/test/queries/style/NonDocBlock/Foo.qll
 create mode 100644 ql/ql/test/queries/style/NonDocBlock/NonDocBlock.expected
 create mode 100644 ql/ql/test/queries/style/NonDocBlock/NonDocBlock.qlref

diff --git a/ql/ql/test/queries/style/NonDocBlock/Foo.qll b/ql/ql/test/queries/style/NonDocBlock/Foo.qll
new file mode 100644
index 00000000000..238bc18ff9c
--- /dev/null
+++ b/ql/ql/test/queries/style/NonDocBlock/Foo.qll
@@ -0,0 +1,13 @@
+/*
+ * This should be QLDoc.
+ */
+
+/**
+ * this is fine
+ */
+predicate foo() { any() }
+
+/* Note: this is bad. */
+class Foo extends string {
+  Foo() { this = "FOo" }
+}
diff --git a/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.expected b/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.expected
new file mode 100644
index 00000000000..7bdbfd18d95
--- /dev/null
+++ b/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.expected
@@ -0,0 +1,2 @@
+| Foo.qll:1:1:3:3 | BlockComment | Block comment could be QLDoc for $@. | Foo.qll:1:1:13:2 | TopLevel | the file |
+| Foo.qll:10:1:10:24 | BlockComment | Block comment could be QLDoc for $@. | Foo.qll:11:7:11:9 | Class Foo | the below code |
diff --git a/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.qlref b/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.qlref
new file mode 100644
index 00000000000..b6dbdf50604
--- /dev/null
+++ b/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.qlref
@@ -0,0 +1 @@
+queries/style/NonDocBlock.ql
\ No newline at end of file

From 78c9fb3d76b0d7a22811e3317c189699f85efdeb Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 13:36:13 +0100
Subject: [PATCH 055/144] QL: don't flag up comments placed on the same line as
 non-comments

---
 ql/ql/src/queries/style/NonDocBlock.ql        | 35 +++++++++++++------
 ql/ql/test/queries/style/NonDocBlock/Foo.qll  |  9 +++++
 .../style/NonDocBlock/NonDocBlock.expected    |  2 +-
 3 files changed, 35 insertions(+), 11 deletions(-)

diff --git a/ql/ql/src/queries/style/NonDocBlock.ql b/ql/ql/src/queries/style/NonDocBlock.ql
index c81ed3c77db..61efce0b902 100644
--- a/ql/ql/src/queries/style/NonDocBlock.ql
+++ b/ql/ql/src/queries/style/NonDocBlock.ql
@@ -29,16 +29,31 @@ int getLineAboveNodeThatCouldHaveDoc(File file) {
 
 pragma[noinline]
 BlockComment getACommentThatCouldBeQLDoc(File file) {
-  file = result.getLocation().getFile() and
-  result.getLocation().getFile().getExtension() = "qll" and
-  not result.getContents().matches("/**%") and
-  (
-    // above something that can be commented.
-    result.getLocation().getEndLine() = getLineAboveNodeThatCouldHaveDoc(file)
-    or
-    // toplevel in file.
-    result.getLocation().getStartLine() = 1 and
-    result.getLocation().getStartColumn() = 1
+  exists(Location loc | loc = result.getLocation() |
+    file = loc.getFile() and
+    loc.getFile().getExtension() = "qll" and
+    not result.getContents().matches("/**%") and
+    not [loc.getStartLine(), loc.getEndLine()] = getLinesWithNonComment(file) and
+    (
+      // above something that can be commented.
+      loc.getEndLine() = getLineAboveNodeThatCouldHaveDoc(file)
+      or
+      // toplevel in file.
+      loc.getStartLine() = 1 and
+      loc.getStartColumn() = 1
+    )
+  )
+}
+
+pragma[noinline]
+int getLinesWithNonComment(File f) {
+  exists(AstNode n, Location loc |
+    not n instanceof Comment and
+    not n instanceof TopLevel and
+    loc = n.getLocation() and
+    loc.getFile() = f
+  |
+    result = [loc.getEndLine(), loc.getStartLine()]
   )
 }
 
diff --git a/ql/ql/test/queries/style/NonDocBlock/Foo.qll b/ql/ql/test/queries/style/NonDocBlock/Foo.qll
index 238bc18ff9c..99f957fa770 100644
--- a/ql/ql/test/queries/style/NonDocBlock/Foo.qll
+++ b/ql/ql/test/queries/style/NonDocBlock/Foo.qll
@@ -11,3 +11,12 @@ predicate foo() { any() }
 class Foo extends string {
   Foo() { this = "FOo" }
 }
+
+/**
+ * This is also fine.
+ */
+/*abstract*/ class Bar extends string {
+  string getMergeRaw() { none() } // <- fine. The abstract comment is fine, it doesn't need to be QLDoc.
+
+  Bar() { this = "bar" }
+}
diff --git a/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.expected b/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.expected
index 7bdbfd18d95..41f029af5fd 100644
--- a/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.expected
+++ b/ql/ql/test/queries/style/NonDocBlock/NonDocBlock.expected
@@ -1,2 +1,2 @@
-| Foo.qll:1:1:3:3 | BlockComment | Block comment could be QLDoc for $@. | Foo.qll:1:1:13:2 | TopLevel | the file |
+| Foo.qll:1:1:3:3 | BlockComment | Block comment could be QLDoc for $@. | Foo.qll:1:1:22:2 | TopLevel | the file |
 | Foo.qll:10:1:10:24 | BlockComment | Block comment could be QLDoc for $@. | Foo.qll:11:7:11:9 | Class Foo | the below code |

From 20c4699478bd7cc213e72da272666f7c4de7df45 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 13:39:22 +0100
Subject: [PATCH 056/144] CPP: convert some block-comments that could be QLDoc
 to QLDoc

---
 cpp/ql/lib/semmle/code/cpp/security/TaintTracking.qll | 2 +-
 cpp/ql/src/jsf/4.09 Style/Naming.qll                  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cpp/ql/lib/semmle/code/cpp/security/TaintTracking.qll b/cpp/ql/lib/semmle/code/cpp/security/TaintTracking.qll
index 5b8f221f73a..49ef4137aa1 100644
--- a/cpp/ql/lib/semmle/code/cpp/security/TaintTracking.qll
+++ b/cpp/ql/lib/semmle/code/cpp/security/TaintTracking.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * Support for tracking tainted data through the program. This is an alias for
  * `semmle.code.cpp.ir.dataflow.DefaultTaintTracking` provided for backwards
  * compatibility.
diff --git a/cpp/ql/src/jsf/4.09 Style/Naming.qll b/cpp/ql/src/jsf/4.09 Style/Naming.qll
index 264a6bac219..5df3724a067 100644
--- a/cpp/ql/src/jsf/4.09 Style/Naming.qll	
+++ b/cpp/ql/src/jsf/4.09 Style/Naming.qll	
@@ -1,4 +1,4 @@
-/*
+/**
  * Common functions for implementing naming conventions
  *
  * Naming rules are the following:

From 6bfaf3b2f7916c99530964d89241b327389e43dd Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 13:39:33 +0100
Subject: [PATCH 057/144] C#: convert some block-comments that could be QLDoc
 to QLDoc

---
 csharp/ql/campaigns/Solorigate/lib/Solorigate.qll               | 2 +-
 .../code/csharp/Cryptography/NonCryptographicHashes.qll         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/csharp/ql/campaigns/Solorigate/lib/Solorigate.qll b/csharp/ql/campaigns/Solorigate/lib/Solorigate.qll
index 51559093b07..3d3468af78d 100644
--- a/csharp/ql/campaigns/Solorigate/lib/Solorigate.qll
+++ b/csharp/ql/campaigns/Solorigate/lib/Solorigate.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * Provides reusable predicates related to Solorigate
  */
 
diff --git a/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll b/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll
index b7371fafb3e..adb8df80ea6 100644
--- a/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll
+++ b/csharp/ql/lib/experimental/code/csharp/Cryptography/NonCryptographicHashes.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * Predicates that help detect potential non-cryptographic hash functions
  *
  * By themselves, non-cryptographic functions are common and not dangerous

From 7331363618aa540c16410d54e8ddbb64b098646b Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 13:40:15 +0100
Subject: [PATCH 058/144] Java: convert some block-comments that could be QLDoc
 to QLDoc

---
 java/ql/lib/semmle/code/java/frameworks/Properties.qll         | 3 ++-
 java/ql/lib/semmle/code/java/frameworks/Rmi.qll                | 3 ++-
 java/ql/lib/semmle/code/java/frameworks/apache/Exec.qll        | 3 ++-
 java/ql/lib/semmle/code/java/security/ExternalProcess.qll      | 3 ++-
 java/ql/lib/semmle/code/java/security/RelativePaths.qll        | 3 ++-
 java/ql/lib/semmle/code/java/security/SqlUnescapedLib.qll      | 3 ++-
 .../src/Violations of Best Practice/Dead Code/DeadLocals.qll   | 2 +-
 7 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/java/ql/lib/semmle/code/java/frameworks/Properties.qll b/java/ql/lib/semmle/code/java/frameworks/Properties.qll
index 0c7b83b2e52..096e3bbb43c 100644
--- a/java/ql/lib/semmle/code/java/frameworks/Properties.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/Properties.qll
@@ -1,4 +1,5 @@
-/* Definitions related to `java.util.Properties`. */
+/** Definitions related to `java.util.Properties`. */
+
 import semmle.code.java.Type
 private import semmle.code.java.dataflow.FlowSteps
 
diff --git a/java/ql/lib/semmle/code/java/frameworks/Rmi.qll b/java/ql/lib/semmle/code/java/frameworks/Rmi.qll
index 19428afae92..3b96ccd828d 100644
--- a/java/ql/lib/semmle/code/java/frameworks/Rmi.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/Rmi.qll
@@ -1,4 +1,5 @@
-/* Remote Method Invocation. */
+/** Remote Method Invocation. */
+
 import java
 
 /** The interface `java.rmi.Remote`. */
diff --git a/java/ql/lib/semmle/code/java/frameworks/apache/Exec.qll b/java/ql/lib/semmle/code/java/frameworks/apache/Exec.qll
index 978154d3274..5f44f878eb2 100644
--- a/java/ql/lib/semmle/code/java/frameworks/apache/Exec.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/apache/Exec.qll
@@ -1,4 +1,5 @@
-/* Definitions related to the Apache Commons Exec library. */
+/** Definitions related to the Apache Commons Exec library. */
+
 import semmle.code.java.Type
 import semmle.code.java.security.ExternalProcess
 
diff --git a/java/ql/lib/semmle/code/java/security/ExternalProcess.qll b/java/ql/lib/semmle/code/java/security/ExternalProcess.qll
index fe5e46d5efb..9a061c7a419 100644
--- a/java/ql/lib/semmle/code/java/security/ExternalProcess.qll
+++ b/java/ql/lib/semmle/code/java/security/ExternalProcess.qll
@@ -1,4 +1,5 @@
-/* Definitions related to external processes. */
+/** Definitions related to external processes. */
+
 import semmle.code.java.Member
 
 private module Instances {
diff --git a/java/ql/lib/semmle/code/java/security/RelativePaths.qll b/java/ql/lib/semmle/code/java/security/RelativePaths.qll
index 45473997489..458bb7aea5d 100644
--- a/java/ql/lib/semmle/code/java/security/RelativePaths.qll
+++ b/java/ql/lib/semmle/code/java/security/RelativePaths.qll
@@ -1,4 +1,5 @@
-/* Detection of strings and arrays of strings containing relative paths. */
+/** Detection of strings and arrays of strings containing relative paths. */
+
 import java
 
 /**
diff --git a/java/ql/lib/semmle/code/java/security/SqlUnescapedLib.qll b/java/ql/lib/semmle/code/java/security/SqlUnescapedLib.qll
index d76c77c499c..3f5810e141b 100644
--- a/java/ql/lib/semmle/code/java/security/SqlUnescapedLib.qll
+++ b/java/ql/lib/semmle/code/java/security/SqlUnescapedLib.qll
@@ -1,4 +1,5 @@
-/* Definitions used by `SqlUnescaped.ql`. */
+/** Definitions used by `SqlUnescaped.ql`. */
+
 import semmle.code.java.security.ControlledString
 import semmle.code.java.dataflow.TaintTracking
 
diff --git a/java/ql/src/Violations of Best Practice/Dead Code/DeadLocals.qll b/java/ql/src/Violations of Best Practice/Dead Code/DeadLocals.qll
index 82933aa9bac..8837b207e20 100644
--- a/java/ql/src/Violations of Best Practice/Dead Code/DeadLocals.qll	
+++ b/java/ql/src/Violations of Best Practice/Dead Code/DeadLocals.qll	
@@ -1,4 +1,4 @@
-/*
+/**
  * Provides classes and predicates for "dead locals": which variables are used, which assignments are useless, etc.
  */
 

From 9eaeaf732270d97fd30f30131587efa6785c76e6 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 13:41:52 +0100
Subject: [PATCH 059/144] ATM: convert some block-comments that could be QLDoc
 to QLDoc

---
 .../lib/experimental/adaptivethreatmodeling/ATMConfig.qll       | 2 +-
 .../adaptivethreatmodeling/AdaptiveThreatModeling.qll           | 2 +-
 .../lib/experimental/adaptivethreatmodeling/BaseScoring.qll     | 2 +-
 .../lib/experimental/adaptivethreatmodeling/CoreKnowledge.qll   | 2 +-
 .../experimental/adaptivethreatmodeling/EndpointFeatures.qll    | 2 +-
 .../lib/experimental/adaptivethreatmodeling/EndpointScoring.qll | 2 +-
 .../adaptivethreatmodeling/FunctionBodyFeatures.qll             | 2 +-
 .../modelbuilding/counting/CountAlertsAndSinks.qll              | 2 +-
 .../modelbuilding/extraction/Exclusions.qll                     | 2 +-
 .../modelbuilding/extraction/ExtractEndpointDataTraining.qll    | 2 +-
 10 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll
index 55d75ad2e4d..b9b077380fe 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * For internal use only.
  *
  * Configures boosting for adaptive threat modeling (ATM).
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/AdaptiveThreatModeling.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/AdaptiveThreatModeling.qll
index 002a5c8fe8e..0168d167509 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/AdaptiveThreatModeling.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/AdaptiveThreatModeling.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * For internal use only.
  *
  * Provides information about the results of boosted queries for use in adaptive threat modeling (ATM).
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/BaseScoring.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/BaseScoring.qll
index a6787196bbb..fb9b017b84c 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/BaseScoring.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/BaseScoring.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * For internal use only.
  *
  * Provides shared scoring functionality for use in adaptive threat modeling (ATM).
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/CoreKnowledge.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/CoreKnowledge.qll
index e569fb3dc96..274bab00221 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/CoreKnowledge.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/CoreKnowledge.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * For internal use only.
  *
  * Provides predicates that expose the knowledge of models
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll
index 60a490cc454..8b4d9147a00 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * For internal use only.
  *
  * Extracts data about the database for use in adaptive threat modeling (ATM).
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointScoring.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointScoring.qll
index 7f9e53a5465..6746c06db7b 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointScoring.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointScoring.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * For internal use only.
  *
  * Provides an implementation of scoring alerts for use in adaptive threat modeling (ATM).
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll
index 4464842bc38..62531a9d423 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * FunctionBodyFeatures.qll
  *
  * Contains logic relating to the `enclosingFunctionBody` and `enclosingFunctionName` features.
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/counting/CountAlertsAndSinks.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/counting/CountAlertsAndSinks.qll
index 2549db106f4..a4f52b1cf78 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/counting/CountAlertsAndSinks.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/counting/CountAlertsAndSinks.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * For internal use only.
  *
  *
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Exclusions.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Exclusions.qll
index 79d3486e2db..822b2d7ea62 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Exclusions.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Exclusions.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * For internal use only.
  *
  * Defines files that should be excluded from the evaluation of ML models.
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointDataTraining.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointDataTraining.qll
index 153afdb1b45..49f1f44e836 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointDataTraining.qll
+++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointDataTraining.qll
@@ -1,4 +1,4 @@
-/*
+/**
  * For internal use only.
  *
  * Extracts training data we can use to train ML models for ML-powered queries.

From fe49e41d7b8b4ed6ab137acb32f7b0dc6089a454 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 13:42:12 +0100
Subject: [PATCH 060/144] JS: convert some block-comments that could be QLDoc
 to QLDoc

---
 .../ql/test/tutorials/Validating RAML-based APIs/Osprey.qll    | 3 ++-
 .../ql/test/tutorials/Validating RAML-based APIs/RAML.qll      | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/javascript/ql/test/tutorials/Validating RAML-based APIs/Osprey.qll b/javascript/ql/test/tutorials/Validating RAML-based APIs/Osprey.qll
index d7c7df8e1fd..bf4d1dc2067 100644
--- a/javascript/ql/test/tutorials/Validating RAML-based APIs/Osprey.qll	
+++ b/javascript/ql/test/tutorials/Validating RAML-based APIs/Osprey.qll	
@@ -1,4 +1,5 @@
-/* Model of Osprey API implementations. */
+/** Model of Osprey API implementations. */
+
 import javascript
 import HTTP
 
diff --git a/javascript/ql/test/tutorials/Validating RAML-based APIs/RAML.qll b/javascript/ql/test/tutorials/Validating RAML-based APIs/RAML.qll
index a871d5e751e..b110a339046 100644
--- a/javascript/ql/test/tutorials/Validating RAML-based APIs/RAML.qll	
+++ b/javascript/ql/test/tutorials/Validating RAML-based APIs/RAML.qll	
@@ -1,4 +1,5 @@
-/* Model of RAML specifications. */
+/** Model of RAML specifications. */
+
 import javascript
 import HTTP
 

From 25b32860baae8cf75d455c0fa871f459f1f64a0b Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 13:42:43 +0100
Subject: [PATCH 061/144] Py: convert a block-comment that could be QLDoc to
 QLDoc

---
 python/ql/lib/semmle/python/TestUtils.qll | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/python/ql/lib/semmle/python/TestUtils.qll b/python/ql/lib/semmle/python/TestUtils.qll
index d7b8fc24676..8b1ae58be4f 100644
--- a/python/ql/lib/semmle/python/TestUtils.qll
+++ b/python/ql/lib/semmle/python/TestUtils.qll
@@ -1,4 +1,5 @@
-/* This file contains test-related utility functions */
+/** This file contains test-related utility functions */
+
 import python
 
 /** Removes everything up to the occurrence of `sub` in the string `str` */

From 7cab6b5491c68759b3f9f6ba3a35098708998a78 Mon Sep 17 00:00:00 2001
From: Tom Hvitved <hvitved@github.com>
Date: Fri, 21 Oct 2022 14:23:30 +0200
Subject: [PATCH 062/144] C#: Include SSA "phi reads" in `DataFlow::Node`

---
 .../lib/semmle/code/cil/internal/SsaImpl.qll  |  40 +++-
 .../dataflow/internal/DataFlowPrivate.qll     | 195 +++++++++---------
 .../dataflow/internal/DataFlowPublic.qll      |   4 +-
 .../code/csharp/dataflow/internal/SsaImpl.qll | 111 +++++++++-
 .../csharp7/LocalTaintFlow.expected           |   9 +-
 .../dataflow/local/DataFlowStep.expected      | 130 ++++++------
 .../dataflow/local/TaintTrackingStep.expected | 130 ++++++------
 7 files changed, 373 insertions(+), 246 deletions(-)

diff --git a/csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll b/csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll
index 683ee6268aa..2f8fde205fd 100644
--- a/csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll
+++ b/csharp/ql/lib/semmle/code/cil/internal/SsaImpl.qll
@@ -47,19 +47,19 @@ private module Cached {
   }
 
   cached
-  ReadAccess getAFirstRead(Definition def) {
+  ReadAccess getAFirstReadExt(DefinitionExt def) {
     exists(BasicBlock bb1, int i1, BasicBlock bb2, int i2 |
-      def.definesAt(_, bb1, i1) and
-      adjacentDefRead(def, bb1, i1, bb2, i2) and
+      def.definesAt(_, bb1, i1, _) and
+      adjacentDefReadExt(def, _, bb1, i1, bb2, i2) and
       result = bb2.getNode(i2)
     )
   }
 
   cached
-  predicate hasAdjacentReads(Definition def, ReadAccess first, ReadAccess second) {
+  predicate hasAdjacentReadsExt(DefinitionExt def, ReadAccess first, ReadAccess second) {
     exists(BasicBlock bb1, int i1, BasicBlock bb2, int i2 |
       first = bb1.getNode(i1) and
-      adjacentDefRead(def, bb1, i1, bb2, i2) and
+      adjacentDefReadExt(def, _, bb1, i1, bb2, i2) and
       second = bb2.getNode(i2)
     )
   }
@@ -68,9 +68,35 @@ private module Cached {
   Definition getAPhiInput(PhiNode phi) { phiHasInputFromBlock(phi, result, _) }
 
   cached
-  predicate lastRefBeforeRedef(Definition def, BasicBlock bb, int i, Definition next) {
-    lastRefRedef(def, bb, i, next)
+  predicate lastRefBeforeRedefExt(DefinitionExt def, BasicBlock bb, int i, DefinitionExt next) {
+    lastRefRedefExt(def, _, bb, i, next)
   }
 }
 
 import Cached
+
+private module Deprecated {
+  private import CIL
+
+  deprecated ReadAccess getAFirstRead(Definition def) {
+    exists(BasicBlock bb1, int i1, BasicBlock bb2, int i2 |
+      def.definesAt(_, bb1, i1) and
+      adjacentDefRead(def, bb1, i1, bb2, i2) and
+      result = bb2.getNode(i2)
+    )
+  }
+
+  deprecated predicate hasAdjacentReads(Definition def, ReadAccess first, ReadAccess second) {
+    exists(BasicBlock bb1, int i1, BasicBlock bb2, int i2 |
+      first = bb1.getNode(i1) and
+      adjacentDefRead(def, bb1, i1, bb2, i2) and
+      second = bb2.getNode(i2)
+    )
+  }
+
+  deprecated predicate lastRefBeforeRedef(Definition def, BasicBlock bb, int i, Definition next) {
+    lastRefRedef(def, bb, i, next)
+  }
+}
+
+import Deprecated
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
index 4fc2cb4f398..845d5bd378a 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll
@@ -18,6 +18,7 @@ private import semmle.code.csharp.frameworks.NHibernate
 private import semmle.code.csharp.frameworks.system.Collections
 private import semmle.code.csharp.frameworks.system.threading.Tasks
 private import semmle.code.cil.Ssa::Ssa as CilSsa
+private import semmle.code.cil.internal.SsaImpl as CilSsaImpl
 
 /** Gets the callable in which this node occurs. */
 DataFlowCallable nodeGetEnclosingCallable(NodeImpl n) { result = n.getEnclosingCallableImpl() }
@@ -174,7 +175,7 @@ predicate hasNodePath(ControlFlowReachabilityConfiguration conf, ExprNode n1, No
     cfn = n1.getControlFlowNode() and
     ssaDef.getADefinition() = def and
     ssaDef.getControlFlowNode() = cfnDef and
-    n2.(SsaDefinitionNode).getDefinition() = ssaDef
+    n2.(SsaDefinitionExtNode).getDefinitionExt() = ssaDef
   )
 }
 
@@ -306,17 +307,28 @@ module LocalFlow {
     }
   }
 
+  /** An SSA definition into which another SSA definition may flow. */
+  private class SsaInputDefinitionExtNode extends SsaDefinitionExtNode {
+    SsaInputDefinitionExtNode() {
+      def instanceof Ssa::PhiNode
+      or
+      def instanceof SsaImpl::PhiReadNode
+      or
+      def instanceof LocalFlow::UncertainExplicitSsaDefinition
+    }
+  }
+
   /**
    * Holds if `nodeFrom` is a last node referencing SSA definition `def`, which
    * can reach `next`.
    */
   private predicate localFlowSsaInputFromDef(
-    Node nodeFrom, Ssa::Definition def, Ssa::Definition next
+    Node nodeFrom, SsaImpl::DefinitionExt def, SsaInputDefinitionExtNode next
   ) {
     exists(ControlFlow::BasicBlock bb, int i |
-      SsaImpl::lastRefBeforeRedef(def, bb, i, next) and
-      def.definesAt(_, bb, i) and
-      def = getSsaDefinition(nodeFrom)
+      SsaImpl::lastRefBeforeRedefExt(def, bb, i, next.getDefinitionExt()) and
+      def.definesAt(_, bb, i, _) and
+      def = getSsaDefinitionExt(nodeFrom)
     )
   }
 
@@ -324,18 +336,17 @@ module LocalFlow {
    * Holds if `read` is a last node reading SSA definition `def`, which
    * can reach `next`.
    */
-  predicate localFlowSsaInputFromExpr(
-    ControlFlow::Node read, Ssa::Definition def, Ssa::Definition next
+  predicate localFlowSsaInputFromRead(
+    Node read, SsaImpl::DefinitionExt def, SsaInputDefinitionExtNode next
   ) {
     exists(ControlFlow::BasicBlock bb, int i |
-      SsaImpl::lastRefBeforeRedef(def, bb, i, next) and
-      read = bb.getNode(i) and
-      read.getElement() instanceof AssignableRead
+      SsaImpl::lastRefBeforeRedefExt(def, bb, i, next.getDefinitionExt()) and
+      read.asExprAtNode(bb.getNode(i)) instanceof AssignableRead
     )
   }
 
-  private Ssa::Definition getSsaDefinition(Node n) {
-    result = n.(SsaDefinitionNode).getDefinition()
+  private SsaImpl::DefinitionExt getSsaDefinitionExt(Node n) {
+    result = n.(SsaDefinitionExtNode).getDefinitionExt()
     or
     result = n.(ExplicitParameterNode).getSsaDefinition()
   }
@@ -344,9 +355,9 @@ module LocalFlow {
    * Holds if there is a local use-use flow step from `nodeFrom` to `nodeTo`
    * involving SSA definition `def`.
    */
-  predicate localSsaFlowStepUseUse(Ssa::Definition def, Node nodeFrom, Node nodeTo) {
+  predicate localSsaFlowStepUseUse(SsaImpl::DefinitionExt def, Node nodeFrom, Node nodeTo) {
     exists(ControlFlow::Node cfnFrom, ControlFlow::Node cfnTo |
-      SsaImpl::adjacentReadPairSameVar(def, cfnFrom, cfnTo) and
+      SsaImpl::adjacentReadPairSameVarExt(def, cfnFrom, cfnTo) and
       nodeTo = TExprNode(cfnTo) and
       nodeFrom = TExprNode(cfnFrom)
     )
@@ -356,31 +367,22 @@ module LocalFlow {
    * Holds if there is a local flow step from `nodeFrom` to `nodeTo` involving
    * SSA definition `def`.
    */
-  predicate localSsaFlowStep(Ssa::Definition def, Node nodeFrom, Node nodeTo) {
+  predicate localSsaFlowStep(SsaImpl::DefinitionExt def, Node nodeFrom, Node nodeTo) {
     // Flow from SSA definition/parameter to first read
-    exists(ControlFlow::Node cfn |
-      def = getSsaDefinition(nodeFrom) and
-      nodeTo.asExprAtNode(cfn) = def.getAFirstReadAtNode(cfn)
-    )
+    def = getSsaDefinitionExt(nodeFrom) and
+    SsaImpl::firstReadSameVarExt(def, nodeTo.(ExprNode).getControlFlowNode())
     or
     // Flow from read to next read
     localSsaFlowStepUseUse(def, nodeFrom.(PostUpdateNode).getPreUpdateNode(), nodeTo)
     or
-    // Flow into phi/uncertain SSA definition node from def
-    exists(Ssa::Definition next |
-      localFlowSsaInputFromDef(nodeFrom, def, next) and
-      next = nodeTo.(SsaDefinitionNode).getDefinition()
-    |
-      def = next.(Ssa::PhiNode).getAnInput()
-      or
-      def = next.(LocalFlow::UncertainExplicitSsaDefinition).getPriorDefinition()
-    )
+    // Flow into phi (read)/uncertain SSA definition node from def
+    localFlowSsaInputFromDef(nodeFrom, def, nodeTo)
   }
 
   /**
    * Holds if the source variable of SSA definition `def` is an instance field.
    */
-  predicate usesInstanceField(Ssa::Definition def) {
+  predicate usesInstanceField(SsaImpl::DefinitionExt def) {
     exists(Ssa::SourceVariables::FieldOrPropSourceVariable fp | fp = def.getSourceVariable() |
       not fp.getAssignable().(Modifiable).isStatic()
     )
@@ -389,25 +391,23 @@ module LocalFlow {
   predicate localFlowCapturedVarStep(Node nodeFrom, ImplicitCapturedArgumentNode nodeTo) {
     // Flow from SSA definition to implicit captured variable argument
     exists(Ssa::ExplicitDefinition def, ControlFlow::Nodes::ElementNode call |
-      def = getSsaDefinition(nodeFrom) and
+      def = getSsaDefinitionExt(nodeFrom) and
       def.isCapturedVariableDefinitionFlowIn(_, call, _) and
       nodeTo = TImplicitCapturedArgumentNode(call, def.getSourceVariable().getAssignable())
     )
   }
 
   private module CilFlow {
-    private import semmle.code.cil.internal.SsaImpl as CilSsaImpl
-
     /**
      * Holds if `nodeFrom` is a last node referencing SSA definition `def`, which
      * can reach `next`.
      */
     private predicate localFlowCilSsaInput(
-      Node nodeFrom, CilSsa::Definition def, CilSsa::Definition next
+      Node nodeFrom, CilSsaImpl::DefinitionExt def, CilSsaImpl::DefinitionExt next
     ) {
-      exists(CIL::BasicBlock bb, int i | CilSsaImpl::lastRefBeforeRedef(def, bb, i, next) |
-        def.definesAt(_, bb, i) and
-        def = nodeFrom.(CilSsaDefinitionNode).getDefinition()
+      exists(CIL::BasicBlock bb, int i | CilSsaImpl::lastRefBeforeRedefExt(def, bb, i, next) |
+        def.definesAt(_, bb, i, _) and
+        def = nodeFrom.(CilSsaDefinitionExtNode).getDefinition()
         or
         nodeFrom = TCilExprNode(bb.getNode(i).(CIL::ReadAccess))
       )
@@ -417,30 +417,33 @@ module LocalFlow {
      * Holds if there is a local flow step from `nodeFrom` to `nodeTo` involving
      * CIL SSA definition `def`.
      */
-    private predicate localCilSsaFlowStep(CilSsa::Definition def, Node nodeFrom, Node nodeTo) {
+    private predicate localCilSsaFlowStep(CilSsaImpl::DefinitionExt def, Node nodeFrom, Node nodeTo) {
       // Flow into SSA definition
       exists(CIL::VariableUpdate vu |
-        vu = def.getVariableUpdate() and
+        vu = def.(CilSsa::Definition).getVariableUpdate() and
         vu.getSource() = asCilDataFlowNode(nodeFrom) and
-        def = nodeTo.(CilSsaDefinitionNode).getDefinition()
+        def = nodeTo.(CilSsaDefinitionExtNode).getDefinition()
       )
       or
       // Flow from SSA definition to first read
-      def = nodeFrom.(CilSsaDefinitionNode).getDefinition() and
-      nodeTo = TCilExprNode(CilSsaImpl::getAFirstRead(def))
+      def = nodeFrom.(CilSsaDefinitionExtNode).getDefinition() and
+      nodeTo = TCilExprNode(CilSsaImpl::getAFirstReadExt(def))
       or
       // Flow from read to next read
       exists(CIL::ReadAccess readFrom, CIL::ReadAccess readTo |
-        CilSsaImpl::hasAdjacentReads(def, readFrom, readTo) and
+        CilSsaImpl::hasAdjacentReadsExt(def, readFrom, readTo) and
         nodeTo = TCilExprNode(readTo) and
         nodeFrom = TCilExprNode(readFrom)
       )
       or
-      // Flow into phi node
-      exists(CilSsa::PhiNode phi |
+      // Flow into phi (read) node
+      exists(CilSsaImpl::DefinitionExt phi |
         localFlowCilSsaInput(nodeFrom, def, phi) and
-        phi = nodeTo.(CilSsaDefinitionNode).getDefinition() and
-        def = CilSsaImpl::getAPhiInput(phi)
+        phi = nodeTo.(CilSsaDefinitionExtNode).getDefinition()
+      |
+        phi instanceof CilSsa::PhiNode
+        or
+        phi instanceof CilSsaImpl::PhiReadNode
       )
     }
 
@@ -466,7 +469,7 @@ module LocalFlow {
   }
 
   predicate localFlowStepCommon(Node nodeFrom, Node nodeTo) {
-    exists(Ssa::Definition def |
+    exists(SsaImpl::DefinitionExt def |
       localSsaFlowStep(def, nodeFrom, nodeTo) and
       not usesInstanceField(def)
     )
@@ -528,26 +531,20 @@ module LocalFlow {
 predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo) {
   LocalFlow::localFlowStepCommon(nodeFrom, nodeTo)
   or
-  exists(Ssa::Definition def |
+  exists(SsaImpl::DefinitionExt def |
     LocalFlow::localSsaFlowStepUseUse(def, nodeFrom, nodeTo) and
     not FlowSummaryImpl::Private::Steps::prohibitsUseUseFlow(nodeFrom, _) and
     not LocalFlow::usesInstanceField(def)
   )
   or
-  // Flow into phi/uncertain SSA definition node from read
-  exists(Ssa::Definition def, ControlFlow::Node read, Ssa::Definition next |
-    LocalFlow::localFlowSsaInputFromExpr(read, def, next) and
-    next = nodeTo.(SsaDefinitionNode).getDefinition() and
-    def =
-      [
-        next.(Ssa::PhiNode).getAnInput(),
-        next.(LocalFlow::UncertainExplicitSsaDefinition).getPriorDefinition()
-      ]
+  // Flow into phi (read)/uncertain SSA definition node from read
+  exists(SsaImpl::DefinitionExt def, Node read |
+    LocalFlow::localFlowSsaInputFromRead(read, def, nodeTo)
   |
-    exists(nodeFrom.asExprAtNode(read)) and
+    nodeFrom = read and
     not FlowSummaryImpl::Private::Steps::prohibitsUseUseFlow(nodeFrom, _)
     or
-    exists(nodeFrom.(PostUpdateNode).getPreUpdateNode().asExprAtNode(read))
+    nodeFrom.(PostUpdateNode).getPreUpdateNode() = read
   )
   or
   LocalFlow::localFlowCapturedVarStep(nodeFrom, nodeTo)
@@ -813,8 +810,8 @@ private module Cached {
       cfn.getElement() instanceof Expr
     } or
     TCilExprNode(CIL::Expr e) { e.getImplementation() instanceof CIL::BestImplementation } or
-    TCilSsaDefinitionNode(CilSsa::Definition def) or
-    TSsaDefinitionNode(Ssa::Definition def) {
+    TCilSsaDefinitionExtNode(CilSsaImpl::DefinitionExt def) or
+    TSsaDefinitionExtNode(SsaImpl::DefinitionExt def) {
       // Handled by `TExplicitParameterNode` below
       not def.(Ssa::ExplicitDefinition).getADefinition() instanceof
         AssignableDefinitions::ImplicitParameterDefinition
@@ -880,24 +877,18 @@ private module Cached {
     or
     LocalFlow::localSsaFlowStepUseUse(_, nodeFrom, nodeTo)
     or
-    exists(Ssa::Definition def |
+    exists(SsaImpl::DefinitionExt def |
       LocalFlow::localSsaFlowStep(def, nodeFrom, nodeTo) and
       LocalFlow::usesInstanceField(def)
     )
     or
-    // Flow into phi/uncertain SSA definition node from read
-    exists(Ssa::Definition def, ControlFlow::Node read, Ssa::Definition next |
-      LocalFlow::localFlowSsaInputFromExpr(read, def, next) and
-      next = nodeTo.(SsaDefinitionNode).getDefinition() and
-      def =
-        [
-          next.(Ssa::PhiNode).getAnInput(),
-          next.(LocalFlow::UncertainExplicitSsaDefinition).getPriorDefinition()
-        ]
+    // Flow into phi (read)/uncertain SSA definition node from read
+    exists(SsaImpl::DefinitionExt def, Node read |
+      LocalFlow::localFlowSsaInputFromRead(read, def, nodeTo)
     |
-      exists(nodeFrom.asExprAtNode(read))
+      nodeFrom = read
       or
-      exists(nodeFrom.(PostUpdateNode).getPreUpdateNode().asExprAtNode(read))
+      nodeFrom.(PostUpdateNode).getPreUpdateNode() = read
     )
     or
     // Simple flow through library code is included in the exposed local
@@ -945,9 +936,11 @@ import Cached
 
 /** Holds if `n` should be hidden from path explanations. */
 predicate nodeIsHidden(Node n) {
-  exists(Ssa::Definition def | def = n.(SsaDefinitionNode).getDefinition() |
+  exists(SsaImpl::DefinitionExt def | def = n.(SsaDefinitionExtNode).getDefinitionExt() |
     def instanceof Ssa::PhiNode
     or
+    def instanceof SsaImpl::PhiReadNode
+    or
     def instanceof Ssa::ImplicitEntryDefinition
     or
     def instanceof Ssa::ImplicitCallDefinition
@@ -978,13 +971,13 @@ predicate nodeIsHidden(Node n) {
 }
 
 /** A CIL SSA definition, viewed as a node in a data flow graph. */
-class CilSsaDefinitionNode extends NodeImpl, TCilSsaDefinitionNode {
-  CilSsa::Definition def;
+class CilSsaDefinitionExtNode extends NodeImpl, TCilSsaDefinitionExtNode {
+  CilSsaImpl::DefinitionExt def;
 
-  CilSsaDefinitionNode() { this = TCilSsaDefinitionNode(def) }
+  CilSsaDefinitionExtNode() { this = TCilSsaDefinitionExtNode(def) }
 
   /** Gets the underlying SSA definition. */
-  CilSsa::Definition getDefinition() { result = def }
+  CilSsaImpl::DefinitionExt getDefinition() { result = def }
 
   override DataFlowCallable getEnclosingCallableImpl() {
     result.asCallable() = def.getBasicBlock().getFirstNode().getImplementation().getMethod()
@@ -1000,13 +993,13 @@ class CilSsaDefinitionNode extends NodeImpl, TCilSsaDefinitionNode {
 }
 
 /** An SSA definition, viewed as a node in a data flow graph. */
-class SsaDefinitionNode extends NodeImpl, TSsaDefinitionNode {
-  Ssa::Definition def;
+class SsaDefinitionExtNode extends NodeImpl, TSsaDefinitionExtNode {
+  SsaImpl::DefinitionExt def;
 
-  SsaDefinitionNode() { this = TSsaDefinitionNode(def) }
+  SsaDefinitionExtNode() { this = TSsaDefinitionExtNode(def) }
 
   /** Gets the underlying SSA definition. */
-  Ssa::Definition getDefinition() { result = def }
+  SsaImpl::DefinitionExt getDefinitionExt() { result = def }
 
   override DataFlowCallable getEnclosingCallableImpl() {
     result.asCallable() = def.getEnclosingCallable()
@@ -1014,7 +1007,9 @@ class SsaDefinitionNode extends NodeImpl, TSsaDefinitionNode {
 
   override Type getTypeImpl() { result = def.getSourceVariable().getType() }
 
-  override ControlFlow::Node getControlFlowNodeImpl() { result = def.getControlFlowNode() }
+  override ControlFlow::Node getControlFlowNodeImpl() {
+    result = def.(Ssa::Definition).getControlFlowNode()
+  }
 
   override Location getLocationImpl() { result = def.getLocation() }
 
@@ -1108,13 +1103,11 @@ private module ParameterNodes {
    * }                      }
    * ```
    */
-  class ImplicitCapturedParameterNode extends ParameterNodeImpl, SsaDefinitionNode {
-    override SsaCapturedEntryDefinition def;
-
-    ImplicitCapturedParameterNode() { def = this.getDefinition() }
+  class ImplicitCapturedParameterNode extends ParameterNodeImpl, SsaDefinitionExtNode {
+    ImplicitCapturedParameterNode() { def instanceof SsaCapturedEntryDefinition }
 
     /** Gets the captured variable that this implicit parameter models. */
-    LocalScopeVariable getVariable() { result = def.getVariable() }
+    LocalScopeVariable getVariable() { result = def.(SsaCapturedEntryDefinition).getVariable() }
 
     override predicate isParameterOf(DataFlowCallable c, ParameterPosition pos) {
       pos.isImplicitCapturedParameterPosition(def.getSourceVariable().getAssignable()) and
@@ -1349,12 +1342,12 @@ private module ReturnNodes {
    * A data-flow node that represents an assignment to an `out` or a `ref`
    * parameter.
    */
-  class OutRefReturnNode extends ReturnNode, SsaDefinitionNode {
+  class OutRefReturnNode extends ReturnNode, SsaDefinitionExtNode {
     OutRefReturnKind kind;
 
     OutRefReturnNode() {
       exists(Parameter p |
-        this.getDefinition().isLiveOutRefParameterDefinition(p) and
+        this.getDefinitionExt().(Ssa::Definition).isLiveOutRefParameterDefinition(p) and
         kind.getPosition() = p.getPosition()
       |
         p.isOut() and kind instanceof OutReturnKind
@@ -1438,11 +1431,11 @@ private module ReturnNodes {
    * }                       }
    * ```
    */
-  class ImplicitCapturedReturnNode extends ReturnNode, SsaDefinitionNode {
+  class ImplicitCapturedReturnNode extends ReturnNode, SsaDefinitionExtNode {
     private Ssa::ExplicitDefinition edef;
 
     ImplicitCapturedReturnNode() {
-      edef = this.getDefinition() and
+      edef = this.getDefinitionExt() and
       edef.isCapturedVariableDefinitionFlowOut(_, _)
     }
 
@@ -1450,8 +1443,8 @@ private module ReturnNodes {
      * Holds if the value at this node may flow out to the implicit call definition
      * at `node`, using one or more calls.
      */
-    predicate flowsOutTo(SsaDefinitionNode node, boolean additionalCalls) {
-      edef.isCapturedVariableDefinitionFlowOut(node.getDefinition(), additionalCalls)
+    predicate flowsOutTo(SsaDefinitionExtNode node, boolean additionalCalls) {
+      edef.isCapturedVariableDefinitionFlowOut(node.getDefinitionExt(), additionalCalls)
     }
 
     override ImplicitCapturedReturnKind getKind() {
@@ -1558,13 +1551,13 @@ private module OutNodes {
    * A data-flow node that reads a value returned implicitly by a callable
    * using a captured variable.
    */
-  class CapturedOutNode extends OutNode, SsaDefinitionNode {
+  class CapturedOutNode extends OutNode, SsaDefinitionExtNode {
     private DataFlowCall call;
 
     CapturedOutNode() {
       exists(ImplicitCapturedReturnNode n, boolean additionalCalls, ControlFlow::Node cfn |
         n.flowsOutTo(this, additionalCalls) and
-        cfn = this.getDefinition().getControlFlowNode()
+        cfn = this.getDefinitionExt().(Ssa::Definition).getControlFlowNode()
       |
         additionalCalls = false and call = csharpCall(_, cfn)
         or
@@ -1576,7 +1569,7 @@ private module OutNodes {
     override DataFlowCall getCall(ReturnKind kind) {
       result = call and
       kind.(ImplicitCapturedReturnKind).getVariable() =
-        this.getDefinition().getSourceVariable().getAssignable()
+        this.getDefinitionExt().getSourceVariable().getAssignable()
     }
   }
 
@@ -1857,7 +1850,7 @@ predicate readStep(Node node1, Content c, Node node2) {
     exists(ForeachStmt fs, Ssa::ExplicitDefinition def |
       x.hasDefPath(fs.getIterableExpr(), node1.getControlFlowNode(), def.getADefinition(),
         def.getControlFlowNode()) and
-      node2.(SsaDefinitionNode).getDefinition() = def and
+      node2.(SsaDefinitionExtNode).getDefinitionExt() = def and
       c instanceof ElementContent
     )
     or
@@ -1880,7 +1873,7 @@ predicate readStep(Node node1, Content c, Node node2) {
       or
       // item = variable in node1 = (..., variable, ...)
       exists(AssignableDefinitions::TupleAssignmentDefinition tad, Ssa::ExplicitDefinition def |
-        node2.(SsaDefinitionNode).getDefinition() = def and
+        node2.(SsaDefinitionExtNode).getDefinitionExt() = def and
         def.getADefinition() = tad and
         tad.getLeaf() = item and
         hasNodePath(x, node1, node2)
@@ -1889,7 +1882,7 @@ predicate readStep(Node node1, Content c, Node node2) {
       // item = variable in node1 = (..., variable, ...) in a case/is var (..., ...)
       te = any(PatternExpr pe).getAChildExpr*() and
       exists(AssignableDefinitions::LocalVariableDefinition lvd, Ssa::ExplicitDefinition def |
-        node2.(SsaDefinitionNode).getDefinition() = def and
+        node2.(SsaDefinitionExtNode).getDefinitionExt() = def and
         def.getADefinition() = lvd and
         lvd.getDeclaration() = item and
         hasNodePath(x, node1, node2)
@@ -2223,7 +2216,7 @@ predicate lambdaCall(DataFlowCall call, LambdaCallKind kind, Node receiver) {
 
 /** Extra data-flow steps needed for lambda flow analysis. */
 predicate additionalLambdaFlowStep(Node nodeFrom, Node nodeTo, boolean preservesValue) {
-  exists(Ssa::Definition def |
+  exists(SsaImpl::DefinitionExt def |
     LocalFlow::localSsaFlowStep(def, nodeFrom, nodeTo) and
     LocalFlow::usesInstanceField(def) and
     preservesValue = true
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll
index f6520147e19..b22712087f2 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll
@@ -119,10 +119,10 @@ class ParameterNode extends Node instanceof ParameterNodeImpl {
 }
 
 /** A definition, viewed as a node in a data flow graph. */
-class AssignableDefinitionNode extends Node, TSsaDefinitionNode {
+class AssignableDefinitionNode extends Node, TSsaDefinitionExtNode {
   private Ssa::ExplicitDefinition edef;
 
-  AssignableDefinitionNode() { this = TSsaDefinitionNode(edef) }
+  AssignableDefinitionNode() { this = TSsaDefinitionExtNode(edef) }
 
   /** Gets the underlying definition. */
   AssignableDefinition getDefinition() { result = this.getDefinitionAtNode(_) }
diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
index 98a1cad843a..80d3dbd28ab 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/SsaImpl.qll
@@ -1093,35 +1093,79 @@ private predicate adjacentDefRead(
 }
 
 private predicate adjacentDefReachesRead(
-  Definition def, SsaInput::BasicBlock bb1, int i1, SsaInput::BasicBlock bb2, int i2
+  Definition def, SsaInput::SourceVariable v, SsaInput::BasicBlock bb1, int i1,
+  SsaInput::BasicBlock bb2, int i2
 ) {
-  exists(SsaInput::SourceVariable v | adjacentDefRead(def, bb1, i1, bb2, i2, v) |
+  adjacentDefRead(def, bb1, i1, bb2, i2, v) and
+  (
     def.definesAt(v, bb1, i1)
     or
     SsaInput::variableRead(bb1, i1, v, true)
   )
   or
   exists(SsaInput::BasicBlock bb3, int i3 |
-    adjacentDefReachesRead(def, bb1, i1, bb3, i3) and
+    adjacentDefReachesRead(def, v, bb1, i1, bb3, i3) and
     SsaInput::variableRead(bb3, i3, _, false) and
     Impl::adjacentDefRead(def, bb3, i3, bb2, i2)
   )
 }
 
+private predicate adjacentDefReachesReadExt(
+  DefinitionExt def, SsaInput::SourceVariable v, SsaInput::BasicBlock bb1, int i1,
+  SsaInput::BasicBlock bb2, int i2
+) {
+  Impl::adjacentDefReadExt(def, v, bb1, i1, bb2, i2) and
+  (
+    def.definesAt(v, bb1, i1, _)
+    or
+    SsaInput::variableRead(bb1, i1, v, true)
+  )
+  or
+  exists(SsaInput::BasicBlock bb3, int i3 |
+    adjacentDefReachesReadExt(def, v, bb1, i1, bb3, i3) and
+    SsaInput::variableRead(bb3, i3, v, false) and
+    Impl::adjacentDefReadExt(def, v, bb3, i3, bb2, i2)
+  )
+}
+
 /** Same as `adjacentDefRead`, but skips uncertain reads. */
 pragma[nomagic]
 private predicate adjacentDefSkipUncertainReads(
   Definition def, SsaInput::BasicBlock bb1, int i1, SsaInput::BasicBlock bb2, int i2
 ) {
-  adjacentDefReachesRead(def, bb1, i1, bb2, i2) and
-  SsaInput::variableRead(bb2, i2, _, true)
+  exists(SsaInput::SourceVariable v |
+    adjacentDefReachesRead(def, v, bb1, i1, bb2, i2) and
+    SsaInput::variableRead(bb2, i2, v, true)
+  )
+}
+
+/** Same as `adjacentDefReadExt`, but skips uncertain reads. */
+pragma[nomagic]
+private predicate adjacentDefSkipUncertainReadsExt(
+  DefinitionExt def, SsaInput::BasicBlock bb1, int i1, SsaInput::BasicBlock bb2, int i2
+) {
+  exists(SsaInput::SourceVariable v |
+    adjacentDefReachesReadExt(def, v, bb1, i1, bb2, i2) and
+    SsaInput::variableRead(bb2, i2, v, true)
+  )
 }
 
 private predicate adjacentDefReachesUncertainRead(
   Definition def, SsaInput::BasicBlock bb1, int i1, SsaInput::BasicBlock bb2, int i2
 ) {
-  adjacentDefReachesRead(def, bb1, i1, bb2, i2) and
-  SsaInput::variableRead(bb2, i2, _, false)
+  exists(SsaInput::SourceVariable v |
+    adjacentDefReachesRead(def, v, bb1, i1, bb2, i2) and
+    SsaInput::variableRead(bb2, i2, v, false)
+  )
+}
+
+private predicate adjacentDefReachesUncertainReadExt(
+  DefinitionExt def, SsaInput::BasicBlock bb1, int i1, SsaInput::BasicBlock bb2, int i2
+) {
+  exists(SsaInput::SourceVariable v |
+    adjacentDefReachesReadExt(def, v, bb1, i1, bb2, i2) and
+    SsaInput::variableRead(bb2, i2, v, false)
+  )
 }
 
 /** Same as `lastRefRedef`, but skips uncertain reads. */
@@ -1311,6 +1355,19 @@ private module Cached {
     )
   }
 
+  /**
+   * Holds if the value defined at SSA definition `def` can reach a read at `cfn`,
+   * without passing through any other read.
+   */
+  cached
+  predicate firstReadSameVarExt(DefinitionExt def, ControlFlow::Node cfn) {
+    exists(ControlFlow::BasicBlock bb1, int i1, ControlFlow::BasicBlock bb2, int i2 |
+      def.definesAt(_, bb1, i1, _) and
+      adjacentDefSkipUncertainReadsExt(def, bb1, i1, bb2, i2) and
+      cfn = bb2.getNode(i2)
+    )
+  }
+
   /**
    * Holds if the read at `cfn2` is a read of the same SSA definition `def`
    * as the read at `cfn1`, and `cfn2` can be reached from `cfn1` without
@@ -1326,7 +1383,23 @@ private module Cached {
     )
   }
 
-  /** Same as `lastRefRedef`, but skips uncertain reads. */
+  /**
+   * Holds if the read at `cfn2` is a read of the same SSA definition `def`
+   * as the read at `cfn1`, and `cfn2` can be reached from `cfn1` without
+   * passing through another read.
+   */
+  cached
+  predicate adjacentReadPairSameVarExt(
+    DefinitionExt def, ControlFlow::Node cfn1, ControlFlow::Node cfn2
+  ) {
+    exists(ControlFlow::BasicBlock bb1, int i1, ControlFlow::BasicBlock bb2, int i2 |
+      cfn1 = bb1.getNode(i1) and
+      variableReadActual(bb1, i1, _) and
+      adjacentDefSkipUncertainReadsExt(def, bb1, i1, bb2, i2) and
+      cfn2 = bb2.getNode(i2)
+    )
+  }
+
   cached
   predicate lastRefBeforeRedef(Definition def, ControlFlow::BasicBlock bb, int i, Definition next) {
     Impl::lastRefRedef(def, bb, i, next) and
@@ -1338,6 +1411,21 @@ private module Cached {
     )
   }
 
+  cached
+  predicate lastRefBeforeRedefExt(
+    DefinitionExt def, ControlFlow::BasicBlock bb, int i, DefinitionExt next
+  ) {
+    exists(SsaInput::SourceVariable v |
+      Impl::lastRefRedefExt(def, v, bb, i, next) and
+      not SsaInput::variableRead(bb, i, v, false)
+    )
+    or
+    exists(SsaInput::BasicBlock bb0, int i0 |
+      Impl::lastRefRedefExt(def, _, bb0, i0, next) and
+      adjacentDefReachesUncertainReadExt(def, bb, i, bb0, i0)
+    )
+  }
+
   cached
   predicate lastReadSameVar(Definition def, ControlFlow::Node cfn) {
     exists(ControlFlow::BasicBlock bb, int i |
@@ -1399,6 +1487,9 @@ class DefinitionExt extends Impl::DefinitionExt {
 
   /** Gets the location of this definition. */
   Location getLocation() { result = this.(Ssa::Definition).getLocation() }
+
+  /** Gets the enclosing callable of this definition. */
+  Callable getEnclosingCallable() { result = this.(Ssa::Definition).getEnclosingCallable() }
 }
 
 /**
@@ -1412,4 +1503,8 @@ class PhiReadNode extends DefinitionExt, Impl::PhiReadNode {
   }
 
   override Location getLocation() { result = this.getBasicBlock().getLocation() }
+
+  override Callable getEnclosingCallable() {
+    result = this.getSourceVariable().getEnclosingCallable()
+  }
 }
diff --git a/csharp/ql/test/library-tests/csharp7/LocalTaintFlow.expected b/csharp/ql/test/library-tests/csharp7/LocalTaintFlow.expected
index d5302764f5c..af72c3e5e38 100644
--- a/csharp/ql/test/library-tests/csharp7/LocalTaintFlow.expected
+++ b/csharp/ql/test/library-tests/csharp7/LocalTaintFlow.expected
@@ -160,7 +160,7 @@
 | CSharp7.cs:232:20:232:23 | null | CSharp7.cs:232:16:232:23 | SSA def(o) |
 | CSharp7.cs:233:13:233:13 | access to local variable o | CSharp7.cs:233:18:233:23 | SSA def(i1) |
 | CSharp7.cs:233:13:233:13 | access to local variable o | CSharp7.cs:237:18:237:18 | access to local variable o |
-| CSharp7.cs:233:13:233:13 | access to local variable o | CSharp7.cs:248:17:248:17 | access to local variable o |
+| CSharp7.cs:233:13:233:13 | access to local variable o | CSharp7.cs:248:9:274:9 | SSA phi read(o) |
 | CSharp7.cs:233:13:233:23 | [false] ... is ... | CSharp7.cs:233:13:233:33 | [false] ... && ... |
 | CSharp7.cs:233:13:233:23 | [true] ... is ... | CSharp7.cs:233:13:233:33 | [false] ... && ... |
 | CSharp7.cs:233:13:233:23 | [true] ... is ... | CSharp7.cs:233:13:233:33 | [true] ... && ... |
@@ -173,13 +173,14 @@
 | CSharp7.cs:235:38:235:39 | access to local variable i1 | CSharp7.cs:235:31:235:41 | $"..." |
 | CSharp7.cs:237:18:237:18 | access to local variable o | CSharp7.cs:237:23:237:31 | SSA def(s1) |
 | CSharp7.cs:237:18:237:18 | access to local variable o | CSharp7.cs:241:18:241:18 | access to local variable o |
-| CSharp7.cs:237:18:237:18 | access to local variable o | CSharp7.cs:248:17:248:17 | access to local variable o |
+| CSharp7.cs:237:18:237:18 | access to local variable o | CSharp7.cs:248:9:274:9 | SSA phi read(o) |
 | CSharp7.cs:237:23:237:31 | SSA def(s1) | CSharp7.cs:239:41:239:42 | access to local variable s1 |
 | CSharp7.cs:239:33:239:39 | "string " | CSharp7.cs:239:31:239:44 | $"..." |
 | CSharp7.cs:239:41:239:42 | access to local variable s1 | CSharp7.cs:239:31:239:44 | $"..." |
 | CSharp7.cs:241:18:241:18 | access to local variable o | CSharp7.cs:244:18:244:18 | access to local variable o |
-| CSharp7.cs:241:18:241:18 | access to local variable o | CSharp7.cs:248:17:248:17 | access to local variable o |
-| CSharp7.cs:244:18:244:18 | access to local variable o | CSharp7.cs:248:17:248:17 | access to local variable o |
+| CSharp7.cs:241:18:241:18 | access to local variable o | CSharp7.cs:248:9:274:9 | SSA phi read(o) |
+| CSharp7.cs:244:18:244:18 | access to local variable o | CSharp7.cs:248:9:274:9 | SSA phi read(o) |
+| CSharp7.cs:248:9:274:9 | SSA phi read(o) | CSharp7.cs:248:17:248:17 | access to local variable o |
 | CSharp7.cs:248:17:248:17 | access to local variable o | CSharp7.cs:254:27:254:27 | access to local variable o |
 | CSharp7.cs:248:17:248:17 | access to local variable o | CSharp7.cs:257:18:257:23 | SSA def(i2) |
 | CSharp7.cs:248:17:248:17 | access to local variable o | CSharp7.cs:260:18:260:23 | SSA def(i3) |
diff --git a/csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected b/csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected
index 92d2013bfbe..ad28e92e626 100644
--- a/csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected
+++ b/csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected
@@ -373,8 +373,8 @@
 | LocalDataFlow.cs:278:15:278:22 | access to local variable nonSink0 | LocalDataFlow.cs:285:31:285:38 | access to local variable nonSink0 |
 | LocalDataFlow.cs:281:13:281:34 | SSA def(sink70) | LocalDataFlow.cs:282:15:282:20 | access to local variable sink70 |
 | LocalDataFlow.cs:281:22:281:34 | ... = ... | LocalDataFlow.cs:281:13:281:34 | SSA def(sink70) |
+| LocalDataFlow.cs:281:22:281:34 | SSA def(sink0) | LocalDataFlow.cs:313:22:313:38 | SSA phi read(sink0) |
 | LocalDataFlow.cs:281:22:281:34 | SSA def(sink0) | LocalDataFlow.cs:313:34:313:38 | access to local variable sink0 |
-| LocalDataFlow.cs:281:22:281:34 | SSA def(sink0) | LocalDataFlow.cs:314:22:314:26 | access to local variable sink0 |
 | LocalDataFlow.cs:281:30:281:34 | access to local variable sink0 | LocalDataFlow.cs:281:22:281:34 | ... = ... |
 | LocalDataFlow.cs:281:30:281:34 | access to local variable sink0 | LocalDataFlow.cs:281:22:281:34 | SSA def(sink0) |
 | LocalDataFlow.cs:282:15:282:20 | [post] access to local variable sink70 | LocalDataFlow.cs:289:13:289:18 | access to local variable sink70 |
@@ -399,8 +399,9 @@
 | LocalDataFlow.cs:313:22:313:29 | access to local variable nonSink0 | LocalDataFlow.cs:313:22:313:38 | ... ?? ... |
 | LocalDataFlow.cs:313:22:313:29 | access to local variable nonSink0 | LocalDataFlow.cs:314:31:314:38 | access to local variable nonSink0 |
 | LocalDataFlow.cs:313:22:313:38 | ... ?? ... | LocalDataFlow.cs:313:13:313:38 | SSA def(sink73) |
+| LocalDataFlow.cs:313:22:313:38 | SSA phi read(sink0) | LocalDataFlow.cs:314:22:314:26 | access to local variable sink0 |
 | LocalDataFlow.cs:313:34:313:38 | access to local variable sink0 | LocalDataFlow.cs:313:22:313:38 | ... ?? ... |
-| LocalDataFlow.cs:313:34:313:38 | access to local variable sink0 | LocalDataFlow.cs:314:22:314:26 | access to local variable sink0 |
+| LocalDataFlow.cs:313:34:313:38 | access to local variable sink0 | LocalDataFlow.cs:313:22:313:38 | SSA phi read(sink0) |
 | LocalDataFlow.cs:314:13:314:38 | SSA def(sink74) | LocalDataFlow.cs:316:15:316:20 | access to local variable sink74 |
 | LocalDataFlow.cs:314:22:314:26 | access to local variable sink0 | LocalDataFlow.cs:314:22:314:38 | ... ?? ... |
 | LocalDataFlow.cs:314:22:314:38 | ... ?? ... | LocalDataFlow.cs:314:13:314:38 | SSA def(sink74) |
@@ -441,28 +442,22 @@
 | SSA.cs:13:15:13:22 | [post] access to local variable nonSink0 | SSA.cs:19:13:19:20 | access to local variable nonSink0 |
 | SSA.cs:13:15:13:22 | access to local variable nonSink0 | SSA.cs:19:13:19:20 | access to local variable nonSink0 |
 | SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:24:24:24:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:37:24:37:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
+| SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) |
 | SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:24:24:24:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:37:24:37:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
+| SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) |
 | SSA.cs:19:13:19:20 | [post] access to local variable nonSink0 | SSA.cs:30:24:30:31 | access to local variable nonSink0 |
-| SSA.cs:19:13:19:20 | [post] access to local variable nonSink0 | SSA.cs:49:24:49:31 | access to local variable nonSink0 |
-| SSA.cs:19:13:19:20 | [post] access to local variable nonSink0 | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
+| SSA.cs:19:13:19:20 | [post] access to local variable nonSink0 | SSA.cs:31:9:31:24 | SSA phi read(nonSink0) |
 | SSA.cs:19:13:19:20 | access to local variable nonSink0 | SSA.cs:30:24:30:31 | access to local variable nonSink0 |
-| SSA.cs:19:13:19:20 | access to local variable nonSink0 | SSA.cs:49:24:49:31 | access to local variable nonSink0 |
-| SSA.cs:19:13:19:20 | access to local variable nonSink0 | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
+| SSA.cs:19:13:19:20 | access to local variable nonSink0 | SSA.cs:31:9:31:24 | SSA phi read(nonSink0) |
 | SSA.cs:22:16:22:28 | SSA def(ssaSink1) | SSA.cs:25:9:25:24 | SSA phi(ssaSink1) |
 | SSA.cs:22:27:22:28 | "" | SSA.cs:22:16:22:28 | SSA def(ssaSink1) |
 | SSA.cs:23:13:23:22 | [post] access to parameter nonTainted | SSA.cs:29:13:29:22 | access to parameter nonTainted |
 | SSA.cs:23:13:23:22 | access to parameter nonTainted | SSA.cs:29:13:29:22 | access to parameter nonTainted |
 | SSA.cs:24:13:24:31 | SSA def(ssaSink1) | SSA.cs:25:9:25:24 | SSA phi(ssaSink1) |
 | SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:24:13:24:31 | SSA def(ssaSink1) |
-| SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:37:24:37:31 | access to local variable ssaSink0 |
-| SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
-| SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
+| SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) |
+| SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) | SSA.cs:37:24:37:31 | access to local variable ssaSink0 |
+| SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) | SSA.cs:43:9:43:24 | SSA phi read(ssaSink0) |
 | SSA.cs:25:9:25:24 | SSA phi(ssaSink1) | SSA.cs:25:15:25:22 | access to local variable ssaSink1 |
 | SSA.cs:28:16:28:28 | SSA def(nonSink1) | SSA.cs:31:9:31:24 | SSA phi(nonSink1) |
 | SSA.cs:28:27:28:28 | "" | SSA.cs:28:16:28:28 | SSA def(nonSink1) |
@@ -470,43 +465,48 @@
 | SSA.cs:29:13:29:22 | access to parameter nonTainted | SSA.cs:35:13:35:22 | access to parameter nonTainted |
 | SSA.cs:30:13:30:31 | SSA def(nonSink1) | SSA.cs:31:9:31:24 | SSA phi(nonSink1) |
 | SSA.cs:30:24:30:31 | access to local variable nonSink0 | SSA.cs:30:13:30:31 | SSA def(nonSink1) |
-| SSA.cs:30:24:30:31 | access to local variable nonSink0 | SSA.cs:49:24:49:31 | access to local variable nonSink0 |
-| SSA.cs:30:24:30:31 | access to local variable nonSink0 | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
+| SSA.cs:30:24:30:31 | access to local variable nonSink0 | SSA.cs:31:9:31:24 | SSA phi read(nonSink0) |
+| SSA.cs:31:9:31:24 | SSA phi read(nonSink0) | SSA.cs:49:24:49:31 | access to local variable nonSink0 |
+| SSA.cs:31:9:31:24 | SSA phi read(nonSink0) | SSA.cs:55:9:55:24 | SSA phi read(nonSink0) |
 | SSA.cs:31:9:31:24 | SSA phi(nonSink1) | SSA.cs:31:15:31:22 | access to local variable nonSink1 |
 | SSA.cs:34:16:34:28 | SSA def(ssaSink2) | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
 | SSA.cs:34:27:34:28 | "" | SSA.cs:34:16:34:28 | SSA def(ssaSink2) |
 | SSA.cs:35:13:35:22 | [post] access to parameter nonTainted | SSA.cs:38:17:38:26 | access to parameter nonTainted |
-| SSA.cs:35:13:35:22 | [post] access to parameter nonTainted | SSA.cs:47:13:47:22 | access to parameter nonTainted |
+| SSA.cs:35:13:35:22 | [post] access to parameter nonTainted | SSA.cs:43:9:43:24 | SSA phi read(nonTainted) |
 | SSA.cs:35:13:35:22 | access to parameter nonTainted | SSA.cs:38:17:38:26 | access to parameter nonTainted |
-| SSA.cs:35:13:35:22 | access to parameter nonTainted | SSA.cs:47:13:47:22 | access to parameter nonTainted |
+| SSA.cs:35:13:35:22 | access to parameter nonTainted | SSA.cs:43:9:43:24 | SSA phi read(nonTainted) |
 | SSA.cs:37:13:37:31 | SSA def(ssaSink2) | SSA.cs:39:21:39:28 | access to local variable ssaSink2 |
 | SSA.cs:37:13:37:31 | SSA def(ssaSink2) | SSA.cs:41:21:41:28 | access to local variable ssaSink2 |
 | SSA.cs:37:24:37:31 | access to local variable ssaSink0 | SSA.cs:37:13:37:31 | SSA def(ssaSink2) |
-| SSA.cs:37:24:37:31 | access to local variable ssaSink0 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
-| SSA.cs:37:24:37:31 | access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
-| SSA.cs:38:17:38:26 | [post] access to parameter nonTainted | SSA.cs:47:13:47:22 | access to parameter nonTainted |
-| SSA.cs:38:17:38:26 | access to parameter nonTainted | SSA.cs:47:13:47:22 | access to parameter nonTainted |
+| SSA.cs:37:24:37:31 | access to local variable ssaSink0 | SSA.cs:43:9:43:24 | SSA phi read(ssaSink0) |
+| SSA.cs:38:17:38:26 | [post] access to parameter nonTainted | SSA.cs:43:9:43:24 | SSA phi read(nonTainted) |
+| SSA.cs:38:17:38:26 | access to parameter nonTainted | SSA.cs:43:9:43:24 | SSA phi read(nonTainted) |
 | SSA.cs:39:21:39:28 | [post] access to local variable ssaSink2 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
 | SSA.cs:39:21:39:28 | access to local variable ssaSink2 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
 | SSA.cs:41:21:41:28 | [post] access to local variable ssaSink2 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
 | SSA.cs:41:21:41:28 | access to local variable ssaSink2 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
+| SSA.cs:43:9:43:24 | SSA phi read(nonTainted) | SSA.cs:47:13:47:22 | access to parameter nonTainted |
+| SSA.cs:43:9:43:24 | SSA phi read(ssaSink0) | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
+| SSA.cs:43:9:43:24 | SSA phi read(ssaSink0) | SSA.cs:97:9:97:32 | SSA phi read(ssaSink0) |
 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) | SSA.cs:43:15:43:22 | access to local variable ssaSink2 |
 | SSA.cs:46:16:46:28 | SSA def(nonSink2) | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
 | SSA.cs:46:27:46:28 | "" | SSA.cs:46:16:46:28 | SSA def(nonSink2) |
 | SSA.cs:47:13:47:22 | [post] access to parameter nonTainted | SSA.cs:50:17:50:26 | access to parameter nonTainted |
-| SSA.cs:47:13:47:22 | [post] access to parameter nonTainted | SSA.cs:89:13:89:22 | access to parameter nonTainted |
+| SSA.cs:47:13:47:22 | [post] access to parameter nonTainted | SSA.cs:55:9:55:24 | SSA phi read(nonTainted) |
 | SSA.cs:47:13:47:22 | access to parameter nonTainted | SSA.cs:50:17:50:26 | access to parameter nonTainted |
-| SSA.cs:47:13:47:22 | access to parameter nonTainted | SSA.cs:89:13:89:22 | access to parameter nonTainted |
+| SSA.cs:47:13:47:22 | access to parameter nonTainted | SSA.cs:55:9:55:24 | SSA phi read(nonTainted) |
 | SSA.cs:49:13:49:31 | SSA def(nonSink2) | SSA.cs:51:21:51:28 | access to local variable nonSink2 |
 | SSA.cs:49:13:49:31 | SSA def(nonSink2) | SSA.cs:53:21:53:28 | access to local variable nonSink2 |
 | SSA.cs:49:24:49:31 | access to local variable nonSink0 | SSA.cs:49:13:49:31 | SSA def(nonSink2) |
-| SSA.cs:49:24:49:31 | access to local variable nonSink0 | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
-| SSA.cs:50:17:50:26 | [post] access to parameter nonTainted | SSA.cs:89:13:89:22 | access to parameter nonTainted |
-| SSA.cs:50:17:50:26 | access to parameter nonTainted | SSA.cs:89:13:89:22 | access to parameter nonTainted |
+| SSA.cs:49:24:49:31 | access to local variable nonSink0 | SSA.cs:55:9:55:24 | SSA phi read(nonSink0) |
+| SSA.cs:50:17:50:26 | [post] access to parameter nonTainted | SSA.cs:55:9:55:24 | SSA phi read(nonTainted) |
+| SSA.cs:50:17:50:26 | access to parameter nonTainted | SSA.cs:55:9:55:24 | SSA phi read(nonTainted) |
 | SSA.cs:51:21:51:28 | [post] access to local variable nonSink2 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
 | SSA.cs:51:21:51:28 | access to local variable nonSink2 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
 | SSA.cs:53:21:53:28 | [post] access to local variable nonSink2 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
 | SSA.cs:53:21:53:28 | access to local variable nonSink2 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
+| SSA.cs:55:9:55:24 | SSA phi read(nonSink0) | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
+| SSA.cs:55:9:55:24 | SSA phi read(nonTainted) | SSA.cs:89:13:89:22 | access to parameter nonTainted |
 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) | SSA.cs:55:15:55:22 | access to local variable nonSink2 |
 | SSA.cs:58:16:58:33 | SSA def(ssaSink3) | SSA.cs:59:23:59:30 | access to local variable ssaSink3 |
 | SSA.cs:58:27:58:33 | access to parameter tainted | SSA.cs:58:16:58:33 | SSA def(ssaSink3) |
@@ -555,9 +555,9 @@
 | SSA.cs:77:20:77:26 | access to parameter tainted | SSA.cs:80:35:80:41 | access to parameter tainted |
 | SSA.cs:78:21:78:28 | SSA def(nonSink0) | SSA.cs:79:15:79:22 | access to local variable nonSink0 |
 | SSA.cs:79:15:79:22 | [post] access to local variable nonSink0 | SSA.cs:104:24:104:31 | access to local variable nonSink0 |
-| SSA.cs:79:15:79:22 | [post] access to local variable nonSink0 | SSA.cs:130:39:130:46 | access to local variable nonSink0 |
+| SSA.cs:79:15:79:22 | [post] access to local variable nonSink0 | SSA.cs:110:9:110:32 | SSA phi read(nonSink0) |
 | SSA.cs:79:15:79:22 | access to local variable nonSink0 | SSA.cs:104:24:104:31 | access to local variable nonSink0 |
-| SSA.cs:79:15:79:22 | access to local variable nonSink0 | SSA.cs:130:39:130:46 | access to local variable nonSink0 |
+| SSA.cs:79:15:79:22 | access to local variable nonSink0 | SSA.cs:110:9:110:32 | SSA phi read(nonSink0) |
 | SSA.cs:80:9:80:12 | [post] this access | SSA.cs:81:21:81:24 | this access |
 | SSA.cs:80:9:80:12 | this access | SSA.cs:81:21:81:24 | this access |
 | SSA.cs:80:9:80:14 | [post] access to field S | SSA.cs:81:21:81:26 | access to field S |
@@ -585,19 +585,21 @@
 | SSA.cs:88:16:88:28 | SSA def(ssaSink4) | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
 | SSA.cs:88:27:88:28 | "" | SSA.cs:88:16:88:28 | SSA def(ssaSink4) |
 | SSA.cs:89:13:89:22 | [post] access to parameter nonTainted | SSA.cs:92:17:92:26 | access to parameter nonTainted |
-| SSA.cs:89:13:89:22 | [post] access to parameter nonTainted | SSA.cs:102:13:102:22 | access to parameter nonTainted |
+| SSA.cs:89:13:89:22 | [post] access to parameter nonTainted | SSA.cs:97:9:97:32 | SSA phi read(nonTainted) |
 | SSA.cs:89:13:89:22 | access to parameter nonTainted | SSA.cs:92:17:92:26 | access to parameter nonTainted |
-| SSA.cs:89:13:89:22 | access to parameter nonTainted | SSA.cs:102:13:102:22 | access to parameter nonTainted |
+| SSA.cs:89:13:89:22 | access to parameter nonTainted | SSA.cs:97:9:97:32 | SSA phi read(nonTainted) |
 | SSA.cs:91:13:91:31 | SSA def(ssaSink4) | SSA.cs:93:21:93:28 | access to local variable ssaSink4 |
 | SSA.cs:91:13:91:31 | SSA def(ssaSink4) | SSA.cs:95:21:95:28 | access to local variable ssaSink4 |
 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 | SSA.cs:91:13:91:31 | SSA def(ssaSink4) |
-| SSA.cs:91:24:91:31 | access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
-| SSA.cs:92:17:92:26 | [post] access to parameter nonTainted | SSA.cs:102:13:102:22 | access to parameter nonTainted |
-| SSA.cs:92:17:92:26 | access to parameter nonTainted | SSA.cs:102:13:102:22 | access to parameter nonTainted |
+| SSA.cs:91:24:91:31 | access to local variable ssaSink0 | SSA.cs:97:9:97:32 | SSA phi read(ssaSink0) |
+| SSA.cs:92:17:92:26 | [post] access to parameter nonTainted | SSA.cs:97:9:97:32 | SSA phi read(nonTainted) |
+| SSA.cs:92:17:92:26 | access to parameter nonTainted | SSA.cs:97:9:97:32 | SSA phi read(nonTainted) |
 | SSA.cs:93:21:93:28 | [post] access to local variable ssaSink4 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
 | SSA.cs:93:21:93:28 | access to local variable ssaSink4 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
 | SSA.cs:95:21:95:28 | [post] access to local variable ssaSink4 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
 | SSA.cs:95:21:95:28 | access to local variable ssaSink4 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
+| SSA.cs:97:9:97:32 | SSA phi read(nonTainted) | SSA.cs:102:13:102:22 | access to parameter nonTainted |
+| SSA.cs:97:9:97:32 | SSA phi read(ssaSink0) | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) | SSA.cs:97:23:97:30 | access to local variable ssaSink4 |
 | SSA.cs:97:23:97:30 | SSA def(ssaSink4) | SSA.cs:98:15:98:22 | access to local variable ssaSink4 |
 | SSA.cs:97:23:97:30 | [post] access to local variable ssaSink4 | SSA.cs:97:23:97:30 | SSA def(ssaSink4) |
@@ -605,19 +607,21 @@
 | SSA.cs:101:16:101:28 | SSA def(nonSink3) | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
 | SSA.cs:101:27:101:28 | "" | SSA.cs:101:16:101:28 | SSA def(nonSink3) |
 | SSA.cs:102:13:102:22 | [post] access to parameter nonTainted | SSA.cs:105:17:105:26 | access to parameter nonTainted |
-| SSA.cs:102:13:102:22 | [post] access to parameter nonTainted | SSA.cs:115:13:115:22 | access to parameter nonTainted |
+| SSA.cs:102:13:102:22 | [post] access to parameter nonTainted | SSA.cs:110:9:110:32 | SSA phi read(nonTainted) |
 | SSA.cs:102:13:102:22 | access to parameter nonTainted | SSA.cs:105:17:105:26 | access to parameter nonTainted |
-| SSA.cs:102:13:102:22 | access to parameter nonTainted | SSA.cs:115:13:115:22 | access to parameter nonTainted |
+| SSA.cs:102:13:102:22 | access to parameter nonTainted | SSA.cs:110:9:110:32 | SSA phi read(nonTainted) |
 | SSA.cs:104:13:104:31 | SSA def(nonSink3) | SSA.cs:106:21:106:28 | access to local variable nonSink3 |
 | SSA.cs:104:13:104:31 | SSA def(nonSink3) | SSA.cs:108:21:108:28 | access to local variable nonSink3 |
 | SSA.cs:104:24:104:31 | access to local variable nonSink0 | SSA.cs:104:13:104:31 | SSA def(nonSink3) |
-| SSA.cs:104:24:104:31 | access to local variable nonSink0 | SSA.cs:130:39:130:46 | access to local variable nonSink0 |
-| SSA.cs:105:17:105:26 | [post] access to parameter nonTainted | SSA.cs:115:13:115:22 | access to parameter nonTainted |
-| SSA.cs:105:17:105:26 | access to parameter nonTainted | SSA.cs:115:13:115:22 | access to parameter nonTainted |
+| SSA.cs:104:24:104:31 | access to local variable nonSink0 | SSA.cs:110:9:110:32 | SSA phi read(nonSink0) |
+| SSA.cs:105:17:105:26 | [post] access to parameter nonTainted | SSA.cs:110:9:110:32 | SSA phi read(nonTainted) |
+| SSA.cs:105:17:105:26 | access to parameter nonTainted | SSA.cs:110:9:110:32 | SSA phi read(nonTainted) |
 | SSA.cs:106:21:106:28 | [post] access to local variable nonSink3 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
 | SSA.cs:106:21:106:28 | access to local variable nonSink3 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
 | SSA.cs:108:21:108:28 | [post] access to local variable nonSink3 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
 | SSA.cs:108:21:108:28 | access to local variable nonSink3 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
+| SSA.cs:110:9:110:32 | SSA phi read(nonSink0) | SSA.cs:130:39:130:46 | access to local variable nonSink0 |
+| SSA.cs:110:9:110:32 | SSA phi read(nonTainted) | SSA.cs:115:13:115:22 | access to parameter nonTainted |
 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) | SSA.cs:110:23:110:30 | access to local variable nonSink3 |
 | SSA.cs:110:23:110:30 | SSA def(nonSink3) | SSA.cs:111:15:111:22 | access to local variable nonSink3 |
 | SSA.cs:110:23:110:30 | [post] access to local variable nonSink3 | SSA.cs:110:23:110:30 | SSA def(nonSink3) |
@@ -627,15 +631,15 @@
 | SSA.cs:114:9:114:12 | this access | SSA.cs:117:13:117:16 | this access |
 | SSA.cs:114:9:114:12 | this access | SSA.cs:123:23:123:26 | this access |
 | SSA.cs:114:9:114:14 | [post] access to field S | SSA.cs:117:13:117:18 | access to field S |
-| SSA.cs:114:9:114:14 | [post] access to field S | SSA.cs:123:23:123:28 | access to field S |
+| SSA.cs:114:9:114:14 | [post] access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
 | SSA.cs:114:9:114:14 | access to field S | SSA.cs:117:13:117:18 | access to field S |
-| SSA.cs:114:9:114:14 | access to field S | SSA.cs:123:23:123:28 | access to field S |
+| SSA.cs:114:9:114:14 | access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
 | SSA.cs:114:9:114:33 | SSA def(this.S.SsaFieldSink1) | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
 | SSA.cs:114:32:114:33 | "" | SSA.cs:114:9:114:33 | SSA def(this.S.SsaFieldSink1) |
 | SSA.cs:115:13:115:22 | [post] access to parameter nonTainted | SSA.cs:118:17:118:26 | access to parameter nonTainted |
-| SSA.cs:115:13:115:22 | [post] access to parameter nonTainted | SSA.cs:128:13:128:22 | access to parameter nonTainted |
+| SSA.cs:115:13:115:22 | [post] access to parameter nonTainted | SSA.cs:123:9:123:30 | SSA phi read(nonTainted) |
 | SSA.cs:115:13:115:22 | access to parameter nonTainted | SSA.cs:118:17:118:26 | access to parameter nonTainted |
-| SSA.cs:115:13:115:22 | access to parameter nonTainted | SSA.cs:128:13:128:22 | access to parameter nonTainted |
+| SSA.cs:115:13:115:22 | access to parameter nonTainted | SSA.cs:123:9:123:30 | SSA phi read(nonTainted) |
 | SSA.cs:117:13:117:16 | [post] this access | SSA.cs:119:21:119:24 | this access |
 | SSA.cs:117:13:117:16 | [post] this access | SSA.cs:121:21:121:24 | this access |
 | SSA.cs:117:13:117:16 | this access | SSA.cs:119:21:119:24 | this access |
@@ -647,20 +651,22 @@
 | SSA.cs:117:13:117:43 | SSA def(this.S.SsaFieldSink1) | SSA.cs:119:21:119:40 | access to field SsaFieldSink1 |
 | SSA.cs:117:13:117:43 | SSA def(this.S.SsaFieldSink1) | SSA.cs:121:21:121:40 | access to field SsaFieldSink1 |
 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 | SSA.cs:117:13:117:43 | SSA def(this.S.SsaFieldSink1) |
-| SSA.cs:118:17:118:26 | [post] access to parameter nonTainted | SSA.cs:128:13:128:22 | access to parameter nonTainted |
-| SSA.cs:118:17:118:26 | access to parameter nonTainted | SSA.cs:128:13:128:22 | access to parameter nonTainted |
+| SSA.cs:118:17:118:26 | [post] access to parameter nonTainted | SSA.cs:123:9:123:30 | SSA phi read(nonTainted) |
+| SSA.cs:118:17:118:26 | access to parameter nonTainted | SSA.cs:123:9:123:30 | SSA phi read(nonTainted) |
 | SSA.cs:119:21:119:24 | [post] this access | SSA.cs:123:23:123:26 | this access |
 | SSA.cs:119:21:119:24 | this access | SSA.cs:123:23:123:26 | this access |
-| SSA.cs:119:21:119:26 | [post] access to field S | SSA.cs:123:23:123:28 | access to field S |
-| SSA.cs:119:21:119:26 | access to field S | SSA.cs:123:23:123:28 | access to field S |
+| SSA.cs:119:21:119:26 | [post] access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
+| SSA.cs:119:21:119:26 | access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
 | SSA.cs:119:21:119:40 | [post] access to field SsaFieldSink1 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
 | SSA.cs:119:21:119:40 | access to field SsaFieldSink1 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
 | SSA.cs:121:21:121:24 | [post] this access | SSA.cs:123:23:123:26 | this access |
 | SSA.cs:121:21:121:24 | this access | SSA.cs:123:23:123:26 | this access |
-| SSA.cs:121:21:121:26 | [post] access to field S | SSA.cs:123:23:123:28 | access to field S |
-| SSA.cs:121:21:121:26 | access to field S | SSA.cs:123:23:123:28 | access to field S |
+| SSA.cs:121:21:121:26 | [post] access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
+| SSA.cs:121:21:121:26 | access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
 | SSA.cs:121:21:121:40 | [post] access to field SsaFieldSink1 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
 | SSA.cs:121:21:121:40 | access to field SsaFieldSink1 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
+| SSA.cs:123:9:123:30 | SSA phi read(nonTainted) | SSA.cs:128:13:128:22 | access to parameter nonTainted |
+| SSA.cs:123:9:123:30 | SSA phi read(this.S) | SSA.cs:123:23:123:28 | access to field S |
 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) | SSA.cs:123:23:123:28 | SSA qualifier def(this.S.SsaFieldSink1) |
 | SSA.cs:123:23:123:26 | [post] this access | SSA.cs:124:15:124:18 | this access |
 | SSA.cs:123:23:123:26 | this access | SSA.cs:124:15:124:18 | this access |
@@ -677,9 +683,9 @@
 | SSA.cs:127:9:127:12 | this access | SSA.cs:130:13:130:16 | this access |
 | SSA.cs:127:9:127:12 | this access | SSA.cs:136:23:136:26 | this access |
 | SSA.cs:127:9:127:14 | [post] access to field S | SSA.cs:130:13:130:18 | access to field S |
-| SSA.cs:127:9:127:14 | [post] access to field S | SSA.cs:136:23:136:28 | access to field S |
+| SSA.cs:127:9:127:14 | [post] access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
 | SSA.cs:127:9:127:14 | access to field S | SSA.cs:130:13:130:18 | access to field S |
-| SSA.cs:127:9:127:14 | access to field S | SSA.cs:136:23:136:28 | access to field S |
+| SSA.cs:127:9:127:14 | access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
 | SSA.cs:127:9:127:36 | SSA def(this.S.SsaFieldNonSink0) | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
 | SSA.cs:127:35:127:36 | "" | SSA.cs:127:9:127:36 | SSA def(this.S.SsaFieldNonSink0) |
 | SSA.cs:128:13:128:22 | [post] access to parameter nonTainted | SSA.cs:131:17:131:26 | access to parameter nonTainted |
@@ -697,16 +703,17 @@
 | SSA.cs:130:39:130:46 | access to local variable nonSink0 | SSA.cs:130:13:130:46 | SSA def(this.S.SsaFieldNonSink0) |
 | SSA.cs:132:21:132:24 | [post] this access | SSA.cs:136:23:136:26 | this access |
 | SSA.cs:132:21:132:24 | this access | SSA.cs:136:23:136:26 | this access |
-| SSA.cs:132:21:132:26 | [post] access to field S | SSA.cs:136:23:136:28 | access to field S |
-| SSA.cs:132:21:132:26 | access to field S | SSA.cs:136:23:136:28 | access to field S |
+| SSA.cs:132:21:132:26 | [post] access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
+| SSA.cs:132:21:132:26 | access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
 | SSA.cs:132:21:132:43 | [post] access to field SsaFieldNonSink0 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
 | SSA.cs:132:21:132:43 | access to field SsaFieldNonSink0 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
 | SSA.cs:134:21:134:24 | [post] this access | SSA.cs:136:23:136:26 | this access |
 | SSA.cs:134:21:134:24 | this access | SSA.cs:136:23:136:26 | this access |
-| SSA.cs:134:21:134:26 | [post] access to field S | SSA.cs:136:23:136:28 | access to field S |
-| SSA.cs:134:21:134:26 | access to field S | SSA.cs:136:23:136:28 | access to field S |
+| SSA.cs:134:21:134:26 | [post] access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
+| SSA.cs:134:21:134:26 | access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
 | SSA.cs:134:21:134:43 | [post] access to field SsaFieldNonSink0 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
 | SSA.cs:134:21:134:43 | access to field SsaFieldNonSink0 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
+| SSA.cs:136:9:136:30 | SSA phi read(this.S) | SSA.cs:136:23:136:28 | access to field S |
 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) | SSA.cs:136:23:136:28 | SSA qualifier def(this.S.SsaFieldNonSink0) |
 | SSA.cs:136:23:136:26 | [post] this access | SSA.cs:137:15:137:18 | this access |
 | SSA.cs:136:23:136:26 | this access | SSA.cs:137:15:137:18 | this access |
@@ -732,17 +739,16 @@
 | SSA.cs:170:16:170:28 | SSA def(ssaSink5) | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) |
 | SSA.cs:170:27:170:28 | "" | SSA.cs:170:16:170:28 | SSA def(ssaSink5) |
 | SSA.cs:171:13:171:15 | SSA def(i) | SSA.cs:174:20:174:20 | SSA phi(i) |
-| SSA.cs:173:13:173:30 | SSA def(ssaSink5) | SSA.cs:176:21:176:28 | access to local variable ssaSink5 |
-| SSA.cs:173:13:173:30 | SSA def(ssaSink5) | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) |
+| SSA.cs:173:13:173:30 | SSA def(ssaSink5) | SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) |
 | SSA.cs:173:24:173:30 | access to parameter tainted | SSA.cs:173:13:173:30 | SSA def(ssaSink5) |
+| SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) | SSA.cs:176:21:176:28 | access to local variable ssaSink5 |
+| SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) |
 | SSA.cs:174:20:174:20 | SSA phi(i) | SSA.cs:174:20:174:20 | access to parameter i |
 | SSA.cs:174:20:174:22 | SSA def(i) | SSA.cs:174:20:174:20 | SSA phi(i) |
 | SSA.cs:176:21:176:28 | [post] access to local variable ssaSink5 | SSA.cs:177:21:177:28 | access to local variable ssaSink5 |
 | SSA.cs:176:21:176:28 | access to local variable ssaSink5 | SSA.cs:177:21:177:28 | access to local variable ssaSink5 |
-| SSA.cs:177:21:177:28 | [post] access to local variable ssaSink5 | SSA.cs:176:21:176:28 | access to local variable ssaSink5 |
-| SSA.cs:177:21:177:28 | [post] access to local variable ssaSink5 | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) |
-| SSA.cs:177:21:177:28 | access to local variable ssaSink5 | SSA.cs:176:21:176:28 | access to local variable ssaSink5 |
-| SSA.cs:177:21:177:28 | access to local variable ssaSink5 | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) |
+| SSA.cs:177:21:177:28 | [post] access to local variable ssaSink5 | SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) |
+| SSA.cs:177:21:177:28 | access to local variable ssaSink5 | SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) |
 | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) | SSA.cs:180:15:180:22 | access to local variable ssaSink5 |
 | Splitting.cs:3:18:3:18 | b | Splitting.cs:6:13:6:13 | access to parameter b |
 | Splitting.cs:3:28:3:34 | tainted | Splitting.cs:5:17:5:23 | access to parameter tainted |
diff --git a/csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected b/csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected
index a2767b538f5..6627f70e735 100644
--- a/csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected
+++ b/csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected
@@ -482,8 +482,8 @@
 | LocalDataFlow.cs:278:15:278:22 | access to local variable nonSink0 | LocalDataFlow.cs:285:31:285:38 | access to local variable nonSink0 |
 | LocalDataFlow.cs:281:13:281:34 | SSA def(sink70) | LocalDataFlow.cs:282:15:282:20 | access to local variable sink70 |
 | LocalDataFlow.cs:281:22:281:34 | ... = ... | LocalDataFlow.cs:281:13:281:34 | SSA def(sink70) |
+| LocalDataFlow.cs:281:22:281:34 | SSA def(sink0) | LocalDataFlow.cs:313:22:313:38 | SSA phi read(sink0) |
 | LocalDataFlow.cs:281:22:281:34 | SSA def(sink0) | LocalDataFlow.cs:313:34:313:38 | access to local variable sink0 |
-| LocalDataFlow.cs:281:22:281:34 | SSA def(sink0) | LocalDataFlow.cs:314:22:314:26 | access to local variable sink0 |
 | LocalDataFlow.cs:281:30:281:34 | access to local variable sink0 | LocalDataFlow.cs:281:22:281:34 | ... = ... |
 | LocalDataFlow.cs:281:30:281:34 | access to local variable sink0 | LocalDataFlow.cs:281:22:281:34 | SSA def(sink0) |
 | LocalDataFlow.cs:282:15:282:20 | [post] access to local variable sink70 | LocalDataFlow.cs:289:13:289:18 | access to local variable sink70 |
@@ -508,8 +508,9 @@
 | LocalDataFlow.cs:313:22:313:29 | access to local variable nonSink0 | LocalDataFlow.cs:313:22:313:38 | ... ?? ... |
 | LocalDataFlow.cs:313:22:313:29 | access to local variable nonSink0 | LocalDataFlow.cs:314:31:314:38 | access to local variable nonSink0 |
 | LocalDataFlow.cs:313:22:313:38 | ... ?? ... | LocalDataFlow.cs:313:13:313:38 | SSA def(sink73) |
+| LocalDataFlow.cs:313:22:313:38 | SSA phi read(sink0) | LocalDataFlow.cs:314:22:314:26 | access to local variable sink0 |
 | LocalDataFlow.cs:313:34:313:38 | access to local variable sink0 | LocalDataFlow.cs:313:22:313:38 | ... ?? ... |
-| LocalDataFlow.cs:313:34:313:38 | access to local variable sink0 | LocalDataFlow.cs:314:22:314:26 | access to local variable sink0 |
+| LocalDataFlow.cs:313:34:313:38 | access to local variable sink0 | LocalDataFlow.cs:313:22:313:38 | SSA phi read(sink0) |
 | LocalDataFlow.cs:314:13:314:38 | SSA def(sink74) | LocalDataFlow.cs:316:15:316:20 | access to local variable sink74 |
 | LocalDataFlow.cs:314:22:314:26 | access to local variable sink0 | LocalDataFlow.cs:314:22:314:38 | ... ?? ... |
 | LocalDataFlow.cs:314:22:314:38 | ... ?? ... | LocalDataFlow.cs:314:13:314:38 | SSA def(sink74) |
@@ -551,19 +552,13 @@
 | SSA.cs:13:15:13:22 | [post] access to local variable nonSink0 | SSA.cs:19:13:19:20 | access to local variable nonSink0 |
 | SSA.cs:13:15:13:22 | access to local variable nonSink0 | SSA.cs:19:13:19:20 | access to local variable nonSink0 |
 | SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:24:24:24:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:37:24:37:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
+| SSA.cs:16:13:16:20 | [post] access to local variable ssaSink0 | SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) |
 | SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:24:24:24:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:37:24:37:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
-| SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
+| SSA.cs:16:13:16:20 | access to local variable ssaSink0 | SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) |
 | SSA.cs:19:13:19:20 | [post] access to local variable nonSink0 | SSA.cs:30:24:30:31 | access to local variable nonSink0 |
-| SSA.cs:19:13:19:20 | [post] access to local variable nonSink0 | SSA.cs:49:24:49:31 | access to local variable nonSink0 |
-| SSA.cs:19:13:19:20 | [post] access to local variable nonSink0 | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
+| SSA.cs:19:13:19:20 | [post] access to local variable nonSink0 | SSA.cs:31:9:31:24 | SSA phi read(nonSink0) |
 | SSA.cs:19:13:19:20 | access to local variable nonSink0 | SSA.cs:30:24:30:31 | access to local variable nonSink0 |
-| SSA.cs:19:13:19:20 | access to local variable nonSink0 | SSA.cs:49:24:49:31 | access to local variable nonSink0 |
-| SSA.cs:19:13:19:20 | access to local variable nonSink0 | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
+| SSA.cs:19:13:19:20 | access to local variable nonSink0 | SSA.cs:31:9:31:24 | SSA phi read(nonSink0) |
 | SSA.cs:22:16:22:28 | SSA def(ssaSink1) | SSA.cs:25:9:25:24 | SSA phi(ssaSink1) |
 | SSA.cs:22:27:22:28 | "" | SSA.cs:22:16:22:28 | SSA def(ssaSink1) |
 | SSA.cs:23:13:23:22 | [post] access to parameter nonTainted | SSA.cs:29:13:29:22 | access to parameter nonTainted |
@@ -571,9 +566,9 @@
 | SSA.cs:23:13:23:29 | access to property Length | SSA.cs:23:13:23:33 | ... > ... |
 | SSA.cs:24:13:24:31 | SSA def(ssaSink1) | SSA.cs:25:9:25:24 | SSA phi(ssaSink1) |
 | SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:24:13:24:31 | SSA def(ssaSink1) |
-| SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:37:24:37:31 | access to local variable ssaSink0 |
-| SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
-| SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
+| SSA.cs:24:24:24:31 | access to local variable ssaSink0 | SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) |
+| SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) | SSA.cs:37:24:37:31 | access to local variable ssaSink0 |
+| SSA.cs:25:9:25:24 | SSA phi read(ssaSink0) | SSA.cs:43:9:43:24 | SSA phi read(ssaSink0) |
 | SSA.cs:25:9:25:24 | SSA phi(ssaSink1) | SSA.cs:25:15:25:22 | access to local variable ssaSink1 |
 | SSA.cs:28:16:28:28 | SSA def(nonSink1) | SSA.cs:31:9:31:24 | SSA phi(nonSink1) |
 | SSA.cs:28:27:28:28 | "" | SSA.cs:28:16:28:28 | SSA def(nonSink1) |
@@ -582,47 +577,52 @@
 | SSA.cs:29:13:29:29 | access to property Length | SSA.cs:29:13:29:33 | ... > ... |
 | SSA.cs:30:13:30:31 | SSA def(nonSink1) | SSA.cs:31:9:31:24 | SSA phi(nonSink1) |
 | SSA.cs:30:24:30:31 | access to local variable nonSink0 | SSA.cs:30:13:30:31 | SSA def(nonSink1) |
-| SSA.cs:30:24:30:31 | access to local variable nonSink0 | SSA.cs:49:24:49:31 | access to local variable nonSink0 |
-| SSA.cs:30:24:30:31 | access to local variable nonSink0 | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
+| SSA.cs:30:24:30:31 | access to local variable nonSink0 | SSA.cs:31:9:31:24 | SSA phi read(nonSink0) |
+| SSA.cs:31:9:31:24 | SSA phi read(nonSink0) | SSA.cs:49:24:49:31 | access to local variable nonSink0 |
+| SSA.cs:31:9:31:24 | SSA phi read(nonSink0) | SSA.cs:55:9:55:24 | SSA phi read(nonSink0) |
 | SSA.cs:31:9:31:24 | SSA phi(nonSink1) | SSA.cs:31:15:31:22 | access to local variable nonSink1 |
 | SSA.cs:34:16:34:28 | SSA def(ssaSink2) | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
 | SSA.cs:34:27:34:28 | "" | SSA.cs:34:16:34:28 | SSA def(ssaSink2) |
 | SSA.cs:35:13:35:22 | [post] access to parameter nonTainted | SSA.cs:38:17:38:26 | access to parameter nonTainted |
-| SSA.cs:35:13:35:22 | [post] access to parameter nonTainted | SSA.cs:47:13:47:22 | access to parameter nonTainted |
+| SSA.cs:35:13:35:22 | [post] access to parameter nonTainted | SSA.cs:43:9:43:24 | SSA phi read(nonTainted) |
 | SSA.cs:35:13:35:22 | access to parameter nonTainted | SSA.cs:38:17:38:26 | access to parameter nonTainted |
-| SSA.cs:35:13:35:22 | access to parameter nonTainted | SSA.cs:47:13:47:22 | access to parameter nonTainted |
+| SSA.cs:35:13:35:22 | access to parameter nonTainted | SSA.cs:43:9:43:24 | SSA phi read(nonTainted) |
 | SSA.cs:35:13:35:29 | access to property Length | SSA.cs:35:13:35:33 | ... > ... |
 | SSA.cs:37:13:37:31 | SSA def(ssaSink2) | SSA.cs:39:21:39:28 | access to local variable ssaSink2 |
 | SSA.cs:37:13:37:31 | SSA def(ssaSink2) | SSA.cs:41:21:41:28 | access to local variable ssaSink2 |
 | SSA.cs:37:24:37:31 | access to local variable ssaSink0 | SSA.cs:37:13:37:31 | SSA def(ssaSink2) |
-| SSA.cs:37:24:37:31 | access to local variable ssaSink0 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
-| SSA.cs:37:24:37:31 | access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
-| SSA.cs:38:17:38:26 | [post] access to parameter nonTainted | SSA.cs:47:13:47:22 | access to parameter nonTainted |
-| SSA.cs:38:17:38:26 | access to parameter nonTainted | SSA.cs:47:13:47:22 | access to parameter nonTainted |
+| SSA.cs:37:24:37:31 | access to local variable ssaSink0 | SSA.cs:43:9:43:24 | SSA phi read(ssaSink0) |
+| SSA.cs:38:17:38:26 | [post] access to parameter nonTainted | SSA.cs:43:9:43:24 | SSA phi read(nonTainted) |
+| SSA.cs:38:17:38:26 | access to parameter nonTainted | SSA.cs:43:9:43:24 | SSA phi read(nonTainted) |
 | SSA.cs:38:17:38:33 | access to property Length | SSA.cs:38:17:38:37 | ... > ... |
 | SSA.cs:39:21:39:28 | [post] access to local variable ssaSink2 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
 | SSA.cs:39:21:39:28 | access to local variable ssaSink2 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
 | SSA.cs:41:21:41:28 | [post] access to local variable ssaSink2 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
 | SSA.cs:41:21:41:28 | access to local variable ssaSink2 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) |
+| SSA.cs:43:9:43:24 | SSA phi read(nonTainted) | SSA.cs:47:13:47:22 | access to parameter nonTainted |
+| SSA.cs:43:9:43:24 | SSA phi read(ssaSink0) | SSA.cs:91:24:91:31 | access to local variable ssaSink0 |
+| SSA.cs:43:9:43:24 | SSA phi read(ssaSink0) | SSA.cs:97:9:97:32 | SSA phi read(ssaSink0) |
 | SSA.cs:43:9:43:24 | SSA phi(ssaSink2) | SSA.cs:43:15:43:22 | access to local variable ssaSink2 |
 | SSA.cs:46:16:46:28 | SSA def(nonSink2) | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
 | SSA.cs:46:27:46:28 | "" | SSA.cs:46:16:46:28 | SSA def(nonSink2) |
 | SSA.cs:47:13:47:22 | [post] access to parameter nonTainted | SSA.cs:50:17:50:26 | access to parameter nonTainted |
-| SSA.cs:47:13:47:22 | [post] access to parameter nonTainted | SSA.cs:89:13:89:22 | access to parameter nonTainted |
+| SSA.cs:47:13:47:22 | [post] access to parameter nonTainted | SSA.cs:55:9:55:24 | SSA phi read(nonTainted) |
 | SSA.cs:47:13:47:22 | access to parameter nonTainted | SSA.cs:50:17:50:26 | access to parameter nonTainted |
-| SSA.cs:47:13:47:22 | access to parameter nonTainted | SSA.cs:89:13:89:22 | access to parameter nonTainted |
+| SSA.cs:47:13:47:22 | access to parameter nonTainted | SSA.cs:55:9:55:24 | SSA phi read(nonTainted) |
 | SSA.cs:47:13:47:29 | access to property Length | SSA.cs:47:13:47:33 | ... > ... |
 | SSA.cs:49:13:49:31 | SSA def(nonSink2) | SSA.cs:51:21:51:28 | access to local variable nonSink2 |
 | SSA.cs:49:13:49:31 | SSA def(nonSink2) | SSA.cs:53:21:53:28 | access to local variable nonSink2 |
 | SSA.cs:49:24:49:31 | access to local variable nonSink0 | SSA.cs:49:13:49:31 | SSA def(nonSink2) |
-| SSA.cs:49:24:49:31 | access to local variable nonSink0 | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
-| SSA.cs:50:17:50:26 | [post] access to parameter nonTainted | SSA.cs:89:13:89:22 | access to parameter nonTainted |
-| SSA.cs:50:17:50:26 | access to parameter nonTainted | SSA.cs:89:13:89:22 | access to parameter nonTainted |
+| SSA.cs:49:24:49:31 | access to local variable nonSink0 | SSA.cs:55:9:55:24 | SSA phi read(nonSink0) |
+| SSA.cs:50:17:50:26 | [post] access to parameter nonTainted | SSA.cs:55:9:55:24 | SSA phi read(nonTainted) |
+| SSA.cs:50:17:50:26 | access to parameter nonTainted | SSA.cs:55:9:55:24 | SSA phi read(nonTainted) |
 | SSA.cs:50:17:50:33 | access to property Length | SSA.cs:50:17:50:37 | ... > ... |
 | SSA.cs:51:21:51:28 | [post] access to local variable nonSink2 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
 | SSA.cs:51:21:51:28 | access to local variable nonSink2 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
 | SSA.cs:53:21:53:28 | [post] access to local variable nonSink2 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
 | SSA.cs:53:21:53:28 | access to local variable nonSink2 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) |
+| SSA.cs:55:9:55:24 | SSA phi read(nonSink0) | SSA.cs:63:23:63:30 | access to local variable nonSink0 |
+| SSA.cs:55:9:55:24 | SSA phi read(nonTainted) | SSA.cs:89:13:89:22 | access to parameter nonTainted |
 | SSA.cs:55:9:55:24 | SSA phi(nonSink2) | SSA.cs:55:15:55:22 | access to local variable nonSink2 |
 | SSA.cs:58:16:58:33 | SSA def(ssaSink3) | SSA.cs:59:23:59:30 | access to local variable ssaSink3 |
 | SSA.cs:58:27:58:33 | access to parameter tainted | SSA.cs:58:16:58:33 | SSA def(ssaSink3) |
@@ -671,9 +671,9 @@
 | SSA.cs:77:20:77:26 | access to parameter tainted | SSA.cs:80:35:80:41 | access to parameter tainted |
 | SSA.cs:78:21:78:28 | SSA def(nonSink0) | SSA.cs:79:15:79:22 | access to local variable nonSink0 |
 | SSA.cs:79:15:79:22 | [post] access to local variable nonSink0 | SSA.cs:104:24:104:31 | access to local variable nonSink0 |
-| SSA.cs:79:15:79:22 | [post] access to local variable nonSink0 | SSA.cs:130:39:130:46 | access to local variable nonSink0 |
+| SSA.cs:79:15:79:22 | [post] access to local variable nonSink0 | SSA.cs:110:9:110:32 | SSA phi read(nonSink0) |
 | SSA.cs:79:15:79:22 | access to local variable nonSink0 | SSA.cs:104:24:104:31 | access to local variable nonSink0 |
-| SSA.cs:79:15:79:22 | access to local variable nonSink0 | SSA.cs:130:39:130:46 | access to local variable nonSink0 |
+| SSA.cs:79:15:79:22 | access to local variable nonSink0 | SSA.cs:110:9:110:32 | SSA phi read(nonSink0) |
 | SSA.cs:80:9:80:12 | [post] this access | SSA.cs:81:21:81:24 | this access |
 | SSA.cs:80:9:80:12 | this access | SSA.cs:81:21:81:24 | this access |
 | SSA.cs:80:9:80:14 | [post] access to field S | SSA.cs:81:21:81:26 | access to field S |
@@ -701,21 +701,23 @@
 | SSA.cs:88:16:88:28 | SSA def(ssaSink4) | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
 | SSA.cs:88:27:88:28 | "" | SSA.cs:88:16:88:28 | SSA def(ssaSink4) |
 | SSA.cs:89:13:89:22 | [post] access to parameter nonTainted | SSA.cs:92:17:92:26 | access to parameter nonTainted |
-| SSA.cs:89:13:89:22 | [post] access to parameter nonTainted | SSA.cs:102:13:102:22 | access to parameter nonTainted |
+| SSA.cs:89:13:89:22 | [post] access to parameter nonTainted | SSA.cs:97:9:97:32 | SSA phi read(nonTainted) |
 | SSA.cs:89:13:89:22 | access to parameter nonTainted | SSA.cs:92:17:92:26 | access to parameter nonTainted |
-| SSA.cs:89:13:89:22 | access to parameter nonTainted | SSA.cs:102:13:102:22 | access to parameter nonTainted |
+| SSA.cs:89:13:89:22 | access to parameter nonTainted | SSA.cs:97:9:97:32 | SSA phi read(nonTainted) |
 | SSA.cs:89:13:89:29 | access to property Length | SSA.cs:89:13:89:33 | ... > ... |
 | SSA.cs:91:13:91:31 | SSA def(ssaSink4) | SSA.cs:93:21:93:28 | access to local variable ssaSink4 |
 | SSA.cs:91:13:91:31 | SSA def(ssaSink4) | SSA.cs:95:21:95:28 | access to local variable ssaSink4 |
 | SSA.cs:91:24:91:31 | access to local variable ssaSink0 | SSA.cs:91:13:91:31 | SSA def(ssaSink4) |
-| SSA.cs:91:24:91:31 | access to local variable ssaSink0 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
-| SSA.cs:92:17:92:26 | [post] access to parameter nonTainted | SSA.cs:102:13:102:22 | access to parameter nonTainted |
-| SSA.cs:92:17:92:26 | access to parameter nonTainted | SSA.cs:102:13:102:22 | access to parameter nonTainted |
+| SSA.cs:91:24:91:31 | access to local variable ssaSink0 | SSA.cs:97:9:97:32 | SSA phi read(ssaSink0) |
+| SSA.cs:92:17:92:26 | [post] access to parameter nonTainted | SSA.cs:97:9:97:32 | SSA phi read(nonTainted) |
+| SSA.cs:92:17:92:26 | access to parameter nonTainted | SSA.cs:97:9:97:32 | SSA phi read(nonTainted) |
 | SSA.cs:92:17:92:33 | access to property Length | SSA.cs:92:17:92:37 | ... > ... |
 | SSA.cs:93:21:93:28 | [post] access to local variable ssaSink4 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
 | SSA.cs:93:21:93:28 | access to local variable ssaSink4 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
 | SSA.cs:95:21:95:28 | [post] access to local variable ssaSink4 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
 | SSA.cs:95:21:95:28 | access to local variable ssaSink4 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) |
+| SSA.cs:97:9:97:32 | SSA phi read(nonTainted) | SSA.cs:102:13:102:22 | access to parameter nonTainted |
+| SSA.cs:97:9:97:32 | SSA phi read(ssaSink0) | SSA.cs:117:36:117:43 | access to local variable ssaSink0 |
 | SSA.cs:97:9:97:32 | SSA phi(ssaSink4) | SSA.cs:97:23:97:30 | access to local variable ssaSink4 |
 | SSA.cs:97:23:97:30 | SSA def(ssaSink4) | SSA.cs:98:15:98:22 | access to local variable ssaSink4 |
 | SSA.cs:97:23:97:30 | [post] access to local variable ssaSink4 | SSA.cs:97:23:97:30 | SSA def(ssaSink4) |
@@ -723,21 +725,23 @@
 | SSA.cs:101:16:101:28 | SSA def(nonSink3) | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
 | SSA.cs:101:27:101:28 | "" | SSA.cs:101:16:101:28 | SSA def(nonSink3) |
 | SSA.cs:102:13:102:22 | [post] access to parameter nonTainted | SSA.cs:105:17:105:26 | access to parameter nonTainted |
-| SSA.cs:102:13:102:22 | [post] access to parameter nonTainted | SSA.cs:115:13:115:22 | access to parameter nonTainted |
+| SSA.cs:102:13:102:22 | [post] access to parameter nonTainted | SSA.cs:110:9:110:32 | SSA phi read(nonTainted) |
 | SSA.cs:102:13:102:22 | access to parameter nonTainted | SSA.cs:105:17:105:26 | access to parameter nonTainted |
-| SSA.cs:102:13:102:22 | access to parameter nonTainted | SSA.cs:115:13:115:22 | access to parameter nonTainted |
+| SSA.cs:102:13:102:22 | access to parameter nonTainted | SSA.cs:110:9:110:32 | SSA phi read(nonTainted) |
 | SSA.cs:102:13:102:29 | access to property Length | SSA.cs:102:13:102:33 | ... > ... |
 | SSA.cs:104:13:104:31 | SSA def(nonSink3) | SSA.cs:106:21:106:28 | access to local variable nonSink3 |
 | SSA.cs:104:13:104:31 | SSA def(nonSink3) | SSA.cs:108:21:108:28 | access to local variable nonSink3 |
 | SSA.cs:104:24:104:31 | access to local variable nonSink0 | SSA.cs:104:13:104:31 | SSA def(nonSink3) |
-| SSA.cs:104:24:104:31 | access to local variable nonSink0 | SSA.cs:130:39:130:46 | access to local variable nonSink0 |
-| SSA.cs:105:17:105:26 | [post] access to parameter nonTainted | SSA.cs:115:13:115:22 | access to parameter nonTainted |
-| SSA.cs:105:17:105:26 | access to parameter nonTainted | SSA.cs:115:13:115:22 | access to parameter nonTainted |
+| SSA.cs:104:24:104:31 | access to local variable nonSink0 | SSA.cs:110:9:110:32 | SSA phi read(nonSink0) |
+| SSA.cs:105:17:105:26 | [post] access to parameter nonTainted | SSA.cs:110:9:110:32 | SSA phi read(nonTainted) |
+| SSA.cs:105:17:105:26 | access to parameter nonTainted | SSA.cs:110:9:110:32 | SSA phi read(nonTainted) |
 | SSA.cs:105:17:105:33 | access to property Length | SSA.cs:105:17:105:37 | ... > ... |
 | SSA.cs:106:21:106:28 | [post] access to local variable nonSink3 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
 | SSA.cs:106:21:106:28 | access to local variable nonSink3 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
 | SSA.cs:108:21:108:28 | [post] access to local variable nonSink3 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
 | SSA.cs:108:21:108:28 | access to local variable nonSink3 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) |
+| SSA.cs:110:9:110:32 | SSA phi read(nonSink0) | SSA.cs:130:39:130:46 | access to local variable nonSink0 |
+| SSA.cs:110:9:110:32 | SSA phi read(nonTainted) | SSA.cs:115:13:115:22 | access to parameter nonTainted |
 | SSA.cs:110:9:110:32 | SSA phi(nonSink3) | SSA.cs:110:23:110:30 | access to local variable nonSink3 |
 | SSA.cs:110:23:110:30 | SSA def(nonSink3) | SSA.cs:111:15:111:22 | access to local variable nonSink3 |
 | SSA.cs:110:23:110:30 | [post] access to local variable nonSink3 | SSA.cs:110:23:110:30 | SSA def(nonSink3) |
@@ -747,15 +751,15 @@
 | SSA.cs:114:9:114:12 | this access | SSA.cs:117:13:117:16 | this access |
 | SSA.cs:114:9:114:12 | this access | SSA.cs:123:23:123:26 | this access |
 | SSA.cs:114:9:114:14 | [post] access to field S | SSA.cs:117:13:117:18 | access to field S |
-| SSA.cs:114:9:114:14 | [post] access to field S | SSA.cs:123:23:123:28 | access to field S |
+| SSA.cs:114:9:114:14 | [post] access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
 | SSA.cs:114:9:114:14 | access to field S | SSA.cs:117:13:117:18 | access to field S |
-| SSA.cs:114:9:114:14 | access to field S | SSA.cs:123:23:123:28 | access to field S |
+| SSA.cs:114:9:114:14 | access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
 | SSA.cs:114:9:114:33 | SSA def(this.S.SsaFieldSink1) | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
 | SSA.cs:114:32:114:33 | "" | SSA.cs:114:9:114:33 | SSA def(this.S.SsaFieldSink1) |
 | SSA.cs:115:13:115:22 | [post] access to parameter nonTainted | SSA.cs:118:17:118:26 | access to parameter nonTainted |
-| SSA.cs:115:13:115:22 | [post] access to parameter nonTainted | SSA.cs:128:13:128:22 | access to parameter nonTainted |
+| SSA.cs:115:13:115:22 | [post] access to parameter nonTainted | SSA.cs:123:9:123:30 | SSA phi read(nonTainted) |
 | SSA.cs:115:13:115:22 | access to parameter nonTainted | SSA.cs:118:17:118:26 | access to parameter nonTainted |
-| SSA.cs:115:13:115:22 | access to parameter nonTainted | SSA.cs:128:13:128:22 | access to parameter nonTainted |
+| SSA.cs:115:13:115:22 | access to parameter nonTainted | SSA.cs:123:9:123:30 | SSA phi read(nonTainted) |
 | SSA.cs:115:13:115:29 | access to property Length | SSA.cs:115:13:115:33 | ... > ... |
 | SSA.cs:117:13:117:16 | [post] this access | SSA.cs:119:21:119:24 | this access |
 | SSA.cs:117:13:117:16 | [post] this access | SSA.cs:121:21:121:24 | this access |
@@ -768,21 +772,23 @@
 | SSA.cs:117:13:117:43 | SSA def(this.S.SsaFieldSink1) | SSA.cs:119:21:119:40 | access to field SsaFieldSink1 |
 | SSA.cs:117:13:117:43 | SSA def(this.S.SsaFieldSink1) | SSA.cs:121:21:121:40 | access to field SsaFieldSink1 |
 | SSA.cs:117:36:117:43 | access to local variable ssaSink0 | SSA.cs:117:13:117:43 | SSA def(this.S.SsaFieldSink1) |
-| SSA.cs:118:17:118:26 | [post] access to parameter nonTainted | SSA.cs:128:13:128:22 | access to parameter nonTainted |
-| SSA.cs:118:17:118:26 | access to parameter nonTainted | SSA.cs:128:13:128:22 | access to parameter nonTainted |
+| SSA.cs:118:17:118:26 | [post] access to parameter nonTainted | SSA.cs:123:9:123:30 | SSA phi read(nonTainted) |
+| SSA.cs:118:17:118:26 | access to parameter nonTainted | SSA.cs:123:9:123:30 | SSA phi read(nonTainted) |
 | SSA.cs:118:17:118:33 | access to property Length | SSA.cs:118:17:118:37 | ... > ... |
 | SSA.cs:119:21:119:24 | [post] this access | SSA.cs:123:23:123:26 | this access |
 | SSA.cs:119:21:119:24 | this access | SSA.cs:123:23:123:26 | this access |
-| SSA.cs:119:21:119:26 | [post] access to field S | SSA.cs:123:23:123:28 | access to field S |
-| SSA.cs:119:21:119:26 | access to field S | SSA.cs:123:23:123:28 | access to field S |
+| SSA.cs:119:21:119:26 | [post] access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
+| SSA.cs:119:21:119:26 | access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
 | SSA.cs:119:21:119:40 | [post] access to field SsaFieldSink1 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
 | SSA.cs:119:21:119:40 | access to field SsaFieldSink1 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
 | SSA.cs:121:21:121:24 | [post] this access | SSA.cs:123:23:123:26 | this access |
 | SSA.cs:121:21:121:24 | this access | SSA.cs:123:23:123:26 | this access |
-| SSA.cs:121:21:121:26 | [post] access to field S | SSA.cs:123:23:123:28 | access to field S |
-| SSA.cs:121:21:121:26 | access to field S | SSA.cs:123:23:123:28 | access to field S |
+| SSA.cs:121:21:121:26 | [post] access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
+| SSA.cs:121:21:121:26 | access to field S | SSA.cs:123:9:123:30 | SSA phi read(this.S) |
 | SSA.cs:121:21:121:40 | [post] access to field SsaFieldSink1 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
 | SSA.cs:121:21:121:40 | access to field SsaFieldSink1 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) |
+| SSA.cs:123:9:123:30 | SSA phi read(nonTainted) | SSA.cs:128:13:128:22 | access to parameter nonTainted |
+| SSA.cs:123:9:123:30 | SSA phi read(this.S) | SSA.cs:123:23:123:28 | access to field S |
 | SSA.cs:123:9:123:30 | SSA phi(this.S.SsaFieldSink1) | SSA.cs:123:23:123:28 | SSA qualifier def(this.S.SsaFieldSink1) |
 | SSA.cs:123:23:123:26 | [post] this access | SSA.cs:124:15:124:18 | this access |
 | SSA.cs:123:23:123:26 | this access | SSA.cs:124:15:124:18 | this access |
@@ -799,9 +805,9 @@
 | SSA.cs:127:9:127:12 | this access | SSA.cs:130:13:130:16 | this access |
 | SSA.cs:127:9:127:12 | this access | SSA.cs:136:23:136:26 | this access |
 | SSA.cs:127:9:127:14 | [post] access to field S | SSA.cs:130:13:130:18 | access to field S |
-| SSA.cs:127:9:127:14 | [post] access to field S | SSA.cs:136:23:136:28 | access to field S |
+| SSA.cs:127:9:127:14 | [post] access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
 | SSA.cs:127:9:127:14 | access to field S | SSA.cs:130:13:130:18 | access to field S |
-| SSA.cs:127:9:127:14 | access to field S | SSA.cs:136:23:136:28 | access to field S |
+| SSA.cs:127:9:127:14 | access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
 | SSA.cs:127:9:127:36 | SSA def(this.S.SsaFieldNonSink0) | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
 | SSA.cs:127:35:127:36 | "" | SSA.cs:127:9:127:36 | SSA def(this.S.SsaFieldNonSink0) |
 | SSA.cs:128:13:128:22 | [post] access to parameter nonTainted | SSA.cs:131:17:131:26 | access to parameter nonTainted |
@@ -821,16 +827,17 @@
 | SSA.cs:131:17:131:33 | access to property Length | SSA.cs:131:17:131:37 | ... > ... |
 | SSA.cs:132:21:132:24 | [post] this access | SSA.cs:136:23:136:26 | this access |
 | SSA.cs:132:21:132:24 | this access | SSA.cs:136:23:136:26 | this access |
-| SSA.cs:132:21:132:26 | [post] access to field S | SSA.cs:136:23:136:28 | access to field S |
-| SSA.cs:132:21:132:26 | access to field S | SSA.cs:136:23:136:28 | access to field S |
+| SSA.cs:132:21:132:26 | [post] access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
+| SSA.cs:132:21:132:26 | access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
 | SSA.cs:132:21:132:43 | [post] access to field SsaFieldNonSink0 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
 | SSA.cs:132:21:132:43 | access to field SsaFieldNonSink0 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
 | SSA.cs:134:21:134:24 | [post] this access | SSA.cs:136:23:136:26 | this access |
 | SSA.cs:134:21:134:24 | this access | SSA.cs:136:23:136:26 | this access |
-| SSA.cs:134:21:134:26 | [post] access to field S | SSA.cs:136:23:136:28 | access to field S |
-| SSA.cs:134:21:134:26 | access to field S | SSA.cs:136:23:136:28 | access to field S |
+| SSA.cs:134:21:134:26 | [post] access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
+| SSA.cs:134:21:134:26 | access to field S | SSA.cs:136:9:136:30 | SSA phi read(this.S) |
 | SSA.cs:134:21:134:43 | [post] access to field SsaFieldNonSink0 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
 | SSA.cs:134:21:134:43 | access to field SsaFieldNonSink0 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) |
+| SSA.cs:136:9:136:30 | SSA phi read(this.S) | SSA.cs:136:23:136:28 | access to field S |
 | SSA.cs:136:9:136:30 | SSA phi(this.S.SsaFieldNonSink0) | SSA.cs:136:23:136:28 | SSA qualifier def(this.S.SsaFieldNonSink0) |
 | SSA.cs:136:23:136:26 | [post] this access | SSA.cs:137:15:137:18 | this access |
 | SSA.cs:136:23:136:26 | this access | SSA.cs:137:15:137:18 | this access |
@@ -859,18 +866,17 @@
 | SSA.cs:170:27:170:28 | "" | SSA.cs:170:16:170:28 | SSA def(ssaSink5) |
 | SSA.cs:171:13:171:15 | ...-- | SSA.cs:171:13:171:19 | ... > ... |
 | SSA.cs:171:13:171:15 | SSA def(i) | SSA.cs:174:20:174:20 | SSA phi(i) |
-| SSA.cs:173:13:173:30 | SSA def(ssaSink5) | SSA.cs:176:21:176:28 | access to local variable ssaSink5 |
-| SSA.cs:173:13:173:30 | SSA def(ssaSink5) | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) |
+| SSA.cs:173:13:173:30 | SSA def(ssaSink5) | SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) |
 | SSA.cs:173:24:173:30 | access to parameter tainted | SSA.cs:173:13:173:30 | SSA def(ssaSink5) |
+| SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) | SSA.cs:176:21:176:28 | access to local variable ssaSink5 |
+| SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) |
 | SSA.cs:174:20:174:20 | SSA phi(i) | SSA.cs:174:20:174:20 | access to parameter i |
 | SSA.cs:174:20:174:22 | ...-- | SSA.cs:174:20:174:26 | ... > ... |
 | SSA.cs:174:20:174:22 | SSA def(i) | SSA.cs:174:20:174:20 | SSA phi(i) |
 | SSA.cs:176:21:176:28 | [post] access to local variable ssaSink5 | SSA.cs:177:21:177:28 | access to local variable ssaSink5 |
 | SSA.cs:176:21:176:28 | access to local variable ssaSink5 | SSA.cs:177:21:177:28 | access to local variable ssaSink5 |
-| SSA.cs:177:21:177:28 | [post] access to local variable ssaSink5 | SSA.cs:176:21:176:28 | access to local variable ssaSink5 |
-| SSA.cs:177:21:177:28 | [post] access to local variable ssaSink5 | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) |
-| SSA.cs:177:21:177:28 | access to local variable ssaSink5 | SSA.cs:176:21:176:28 | access to local variable ssaSink5 |
-| SSA.cs:177:21:177:28 | access to local variable ssaSink5 | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) |
+| SSA.cs:177:21:177:28 | [post] access to local variable ssaSink5 | SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) |
+| SSA.cs:177:21:177:28 | access to local variable ssaSink5 | SSA.cs:174:20:174:20 | SSA phi read(ssaSink5) |
 | SSA.cs:180:9:180:24 | SSA phi(ssaSink5) | SSA.cs:180:15:180:22 | access to local variable ssaSink5 |
 | Splitting.cs:3:18:3:18 | b | Splitting.cs:6:13:6:13 | access to parameter b |
 | Splitting.cs:3:28:3:34 | tainted | Splitting.cs:5:17:5:23 | access to parameter tainted |

From de2ebe3618d34d33ef09dfcb1190a70230085c6f Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 16 Nov 2022 16:25:01 +0100
Subject: [PATCH 063/144] QL: fix the same QLDoc being QLDoc for multiple
 things

---
 ql/ql/src/codeql_ql/ast/Ast.qll | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/ql/ql/src/codeql_ql/ast/Ast.qll b/ql/ql/src/codeql_ql/ast/Ast.qll
index fd7e416f291..fe81ccae7fe 100644
--- a/ql/ql/src/codeql_ql/ast/Ast.qll
+++ b/ql/ql/src/codeql_ql/ast/Ast.qll
@@ -156,13 +156,22 @@ class TopLevel extends TTopLevel, AstNode {
   }
 
   QLDoc getQLDocFor(ModuleMember m) {
-    exists(int i | result = this.getMember(i) and m = this.getMember(i + 1))
+    exists(int i | result = this.getMember(i) and m = this.getMember(i + 1)) and
+    (
+      m instanceof ClasslessPredicate
+      or
+      m instanceof Class
+      or
+      m instanceof Module
+    )
   }
 
   override string getAPrimaryQlClass() { result = "TopLevel" }
 
   override QLDoc getQLDoc() {
     result = this.getMember(0) and
+    // it's not the QLDoc for a module member
+    not this.getQLDocFor(_) = result and
     result.getLocation().getStartLine() = 1 // this might not hold if there is a block comment above, and that's the point.
   }
 }

From 9f13cdadcb6233677a3609de8445a87d72b0ba96 Mon Sep 17 00:00:00 2001
From: Tom Hvitved <hvitved@github.com>
Date: Thu, 17 Nov 2022 13:42:30 +0100
Subject: [PATCH 064/144] C#: Add use-use stress test

---
 .../dataflow/local/DataFlowStep.expected      | 1601 +++++++++++++++
 .../dataflow/local/TaintTrackingStep.expected | 1801 +++++++++++++++++
 .../dataflow/local/UseUseExplosion.cs         |   29 +
 .../library-tests/dataflow/ssa-large/Large.cs |    2 +-
 4 files changed, 3432 insertions(+), 1 deletion(-)
 create mode 100644 csharp/ql/test/library-tests/dataflow/local/UseUseExplosion.cs

diff --git a/csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected b/csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected
index ad28e92e626..afb49ad2bce 100644
--- a/csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected
+++ b/csharp/ql/test/library-tests/dataflow/local/DataFlowStep.expected
@@ -832,3 +832,1604 @@
 | Splitting.cs:57:17:57:17 | [b (line 46): true] access to local variable y | Splitting.cs:58:27:58:27 | [b (line 46): true] access to local variable y |
 | Splitting.cs:58:22:58:22 | [b (line 46): false] SSA def(s) | Splitting.cs:59:19:59:19 | [b (line 46): false] access to local variable s |
 | Splitting.cs:58:22:58:22 | [b (line 46): true] SSA def(s) | Splitting.cs:59:19:59:19 | [b (line 46): true] access to local variable s |
+| UseUseExplosion.cs:21:10:21:10 | SSA entry def(this.Prop) | UseUseExplosion.cs:24:13:24:16 | access to property Prop |
+| UseUseExplosion.cs:21:10:21:10 | this | UseUseExplosion.cs:24:13:24:16 | this access |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1712:24:1712 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1727:24:1727 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1742:24:1742 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1757:24:1757 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1772:24:1772 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1787:24:1787 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1802:24:1802 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1817:24:1817 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1832:24:1832 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1847:24:1847 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1862:24:1862 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1877:24:1877 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1892:24:1892 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1907:24:1907 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1922:24:1922 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1937:24:1937 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1952:24:1952 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1967:24:1967 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1982:24:1982 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1997:24:1997 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2012:24:2012 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2027:24:2027 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2042:24:2042 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2057:24:2057 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2072:24:2072 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2087:24:2087 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2102:24:2102 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2117:24:2117 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2132:24:2132 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2147:24:2147 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2162:24:2162 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2177:24:2177 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2192:24:2192 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2207:24:2207 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2222:24:2222 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2237:24:2237 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2252:24:2252 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2267:24:2267 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2282:24:2282 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2297:24:2297 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2312:24:2312 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2327:24:2327 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2342:24:2342 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2357:24:2357 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2372:24:2372 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2387:24:2387 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2402:24:2402 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2417:24:2417 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2432:24:2432 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2447:24:2447 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2462:24:2462 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2477:24:2477 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2492:24:2492 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2507:24:2507 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2522:24:2522 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2537:24:2537 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2552:24:2552 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2567:24:2567 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2582:24:2582 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2597:24:2597 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2612:24:2612 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2627:24:2627 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2642:24:2642 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2657:24:2657 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2672:24:2672 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2687:24:2687 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2702:24:2702 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2717:24:2717 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2732:24:2732 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2747:24:2747 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2762:24:2762 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2777:24:2777 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2792:24:2792 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2807:24:2807 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2822:24:2822 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2837:24:2837 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2852:24:2852 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2867:24:2867 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2882:24:2882 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2897:24:2897 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2912:24:2912 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2927:24:2927 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2942:24:2942 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2957:24:2957 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2972:24:2972 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2987:24:2987 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3002:24:3002 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3017:24:3017 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3032:24:3032 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3047:24:3047 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3062:24:3062 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3077:24:3077 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3092:24:3092 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3107:24:3107 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3122:24:3122 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3137:24:3137 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3152:24:3152 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3167:24:3167 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3182:24:3182 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3197:24:3197 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:23:17:23:17 | 0 | UseUseExplosion.cs:23:13:23:17 | SSA def(x) |
+| UseUseExplosion.cs:24:13:24:16 | [post] this access | UseUseExplosion.cs:24:31:24:34 | this access |
+| UseUseExplosion.cs:24:13:24:16 | [post] this access | UseUseExplosion.cs:24:3193:24:3198 | this access |
+| UseUseExplosion.cs:24:13:24:16 | access to property Prop | UseUseExplosion.cs:24:31:24:34 | access to property Prop |
+| UseUseExplosion.cs:24:13:24:16 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:13:24:16 | this access | UseUseExplosion.cs:24:31:24:34 | this access |
+| UseUseExplosion.cs:24:13:24:16 | this access | UseUseExplosion.cs:24:3193:24:3198 | this access |
+| UseUseExplosion.cs:24:31:24:34 | [post] this access | UseUseExplosion.cs:24:48:24:51 | this access |
+| UseUseExplosion.cs:24:31:24:34 | [post] this access | UseUseExplosion.cs:24:3178:24:3183 | this access |
+| UseUseExplosion.cs:24:31:24:34 | access to property Prop | UseUseExplosion.cs:24:48:24:51 | access to property Prop |
+| UseUseExplosion.cs:24:31:24:34 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:31:24:34 | this access | UseUseExplosion.cs:24:48:24:51 | this access |
+| UseUseExplosion.cs:24:31:24:34 | this access | UseUseExplosion.cs:24:3178:24:3183 | this access |
+| UseUseExplosion.cs:24:48:24:51 | [post] this access | UseUseExplosion.cs:24:65:24:68 | this access |
+| UseUseExplosion.cs:24:48:24:51 | [post] this access | UseUseExplosion.cs:24:3163:24:3168 | this access |
+| UseUseExplosion.cs:24:48:24:51 | access to property Prop | UseUseExplosion.cs:24:65:24:68 | access to property Prop |
+| UseUseExplosion.cs:24:48:24:51 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:48:24:51 | this access | UseUseExplosion.cs:24:65:24:68 | this access |
+| UseUseExplosion.cs:24:48:24:51 | this access | UseUseExplosion.cs:24:3163:24:3168 | this access |
+| UseUseExplosion.cs:24:65:24:68 | [post] this access | UseUseExplosion.cs:24:82:24:85 | this access |
+| UseUseExplosion.cs:24:65:24:68 | [post] this access | UseUseExplosion.cs:24:3148:24:3153 | this access |
+| UseUseExplosion.cs:24:65:24:68 | access to property Prop | UseUseExplosion.cs:24:82:24:85 | access to property Prop |
+| UseUseExplosion.cs:24:65:24:68 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:65:24:68 | this access | UseUseExplosion.cs:24:82:24:85 | this access |
+| UseUseExplosion.cs:24:65:24:68 | this access | UseUseExplosion.cs:24:3148:24:3153 | this access |
+| UseUseExplosion.cs:24:82:24:85 | [post] this access | UseUseExplosion.cs:24:99:24:102 | this access |
+| UseUseExplosion.cs:24:82:24:85 | [post] this access | UseUseExplosion.cs:24:3133:24:3138 | this access |
+| UseUseExplosion.cs:24:82:24:85 | access to property Prop | UseUseExplosion.cs:24:99:24:102 | access to property Prop |
+| UseUseExplosion.cs:24:82:24:85 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:82:24:85 | this access | UseUseExplosion.cs:24:99:24:102 | this access |
+| UseUseExplosion.cs:24:82:24:85 | this access | UseUseExplosion.cs:24:3133:24:3138 | this access |
+| UseUseExplosion.cs:24:99:24:102 | [post] this access | UseUseExplosion.cs:24:116:24:119 | this access |
+| UseUseExplosion.cs:24:99:24:102 | [post] this access | UseUseExplosion.cs:24:3118:24:3123 | this access |
+| UseUseExplosion.cs:24:99:24:102 | access to property Prop | UseUseExplosion.cs:24:116:24:119 | access to property Prop |
+| UseUseExplosion.cs:24:99:24:102 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:99:24:102 | this access | UseUseExplosion.cs:24:116:24:119 | this access |
+| UseUseExplosion.cs:24:99:24:102 | this access | UseUseExplosion.cs:24:3118:24:3123 | this access |
+| UseUseExplosion.cs:24:116:24:119 | [post] this access | UseUseExplosion.cs:24:133:24:136 | this access |
+| UseUseExplosion.cs:24:116:24:119 | [post] this access | UseUseExplosion.cs:24:3103:24:3108 | this access |
+| UseUseExplosion.cs:24:116:24:119 | access to property Prop | UseUseExplosion.cs:24:133:24:136 | access to property Prop |
+| UseUseExplosion.cs:24:116:24:119 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:116:24:119 | this access | UseUseExplosion.cs:24:133:24:136 | this access |
+| UseUseExplosion.cs:24:116:24:119 | this access | UseUseExplosion.cs:24:3103:24:3108 | this access |
+| UseUseExplosion.cs:24:133:24:136 | [post] this access | UseUseExplosion.cs:24:150:24:153 | this access |
+| UseUseExplosion.cs:24:133:24:136 | [post] this access | UseUseExplosion.cs:24:3088:24:3093 | this access |
+| UseUseExplosion.cs:24:133:24:136 | access to property Prop | UseUseExplosion.cs:24:150:24:153 | access to property Prop |
+| UseUseExplosion.cs:24:133:24:136 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:133:24:136 | this access | UseUseExplosion.cs:24:150:24:153 | this access |
+| UseUseExplosion.cs:24:133:24:136 | this access | UseUseExplosion.cs:24:3088:24:3093 | this access |
+| UseUseExplosion.cs:24:150:24:153 | [post] this access | UseUseExplosion.cs:24:167:24:170 | this access |
+| UseUseExplosion.cs:24:150:24:153 | [post] this access | UseUseExplosion.cs:24:3073:24:3078 | this access |
+| UseUseExplosion.cs:24:150:24:153 | access to property Prop | UseUseExplosion.cs:24:167:24:170 | access to property Prop |
+| UseUseExplosion.cs:24:150:24:153 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:150:24:153 | this access | UseUseExplosion.cs:24:167:24:170 | this access |
+| UseUseExplosion.cs:24:150:24:153 | this access | UseUseExplosion.cs:24:3073:24:3078 | this access |
+| UseUseExplosion.cs:24:167:24:170 | [post] this access | UseUseExplosion.cs:24:184:24:187 | this access |
+| UseUseExplosion.cs:24:167:24:170 | [post] this access | UseUseExplosion.cs:24:3058:24:3063 | this access |
+| UseUseExplosion.cs:24:167:24:170 | access to property Prop | UseUseExplosion.cs:24:184:24:187 | access to property Prop |
+| UseUseExplosion.cs:24:167:24:170 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:167:24:170 | this access | UseUseExplosion.cs:24:184:24:187 | this access |
+| UseUseExplosion.cs:24:167:24:170 | this access | UseUseExplosion.cs:24:3058:24:3063 | this access |
+| UseUseExplosion.cs:24:184:24:187 | [post] this access | UseUseExplosion.cs:24:201:24:204 | this access |
+| UseUseExplosion.cs:24:184:24:187 | [post] this access | UseUseExplosion.cs:24:3043:24:3048 | this access |
+| UseUseExplosion.cs:24:184:24:187 | access to property Prop | UseUseExplosion.cs:24:201:24:204 | access to property Prop |
+| UseUseExplosion.cs:24:184:24:187 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:184:24:187 | this access | UseUseExplosion.cs:24:201:24:204 | this access |
+| UseUseExplosion.cs:24:184:24:187 | this access | UseUseExplosion.cs:24:3043:24:3048 | this access |
+| UseUseExplosion.cs:24:201:24:204 | [post] this access | UseUseExplosion.cs:24:218:24:221 | this access |
+| UseUseExplosion.cs:24:201:24:204 | [post] this access | UseUseExplosion.cs:24:3028:24:3033 | this access |
+| UseUseExplosion.cs:24:201:24:204 | access to property Prop | UseUseExplosion.cs:24:218:24:221 | access to property Prop |
+| UseUseExplosion.cs:24:201:24:204 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:201:24:204 | this access | UseUseExplosion.cs:24:218:24:221 | this access |
+| UseUseExplosion.cs:24:201:24:204 | this access | UseUseExplosion.cs:24:3028:24:3033 | this access |
+| UseUseExplosion.cs:24:218:24:221 | [post] this access | UseUseExplosion.cs:24:235:24:238 | this access |
+| UseUseExplosion.cs:24:218:24:221 | [post] this access | UseUseExplosion.cs:24:3013:24:3018 | this access |
+| UseUseExplosion.cs:24:218:24:221 | access to property Prop | UseUseExplosion.cs:24:235:24:238 | access to property Prop |
+| UseUseExplosion.cs:24:218:24:221 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:218:24:221 | this access | UseUseExplosion.cs:24:235:24:238 | this access |
+| UseUseExplosion.cs:24:218:24:221 | this access | UseUseExplosion.cs:24:3013:24:3018 | this access |
+| UseUseExplosion.cs:24:235:24:238 | [post] this access | UseUseExplosion.cs:24:252:24:255 | this access |
+| UseUseExplosion.cs:24:235:24:238 | [post] this access | UseUseExplosion.cs:24:2998:24:3003 | this access |
+| UseUseExplosion.cs:24:235:24:238 | access to property Prop | UseUseExplosion.cs:24:252:24:255 | access to property Prop |
+| UseUseExplosion.cs:24:235:24:238 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:235:24:238 | this access | UseUseExplosion.cs:24:252:24:255 | this access |
+| UseUseExplosion.cs:24:235:24:238 | this access | UseUseExplosion.cs:24:2998:24:3003 | this access |
+| UseUseExplosion.cs:24:252:24:255 | [post] this access | UseUseExplosion.cs:24:269:24:272 | this access |
+| UseUseExplosion.cs:24:252:24:255 | [post] this access | UseUseExplosion.cs:24:2983:24:2988 | this access |
+| UseUseExplosion.cs:24:252:24:255 | access to property Prop | UseUseExplosion.cs:24:269:24:272 | access to property Prop |
+| UseUseExplosion.cs:24:252:24:255 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:252:24:255 | this access | UseUseExplosion.cs:24:269:24:272 | this access |
+| UseUseExplosion.cs:24:252:24:255 | this access | UseUseExplosion.cs:24:2983:24:2988 | this access |
+| UseUseExplosion.cs:24:269:24:272 | [post] this access | UseUseExplosion.cs:24:286:24:289 | this access |
+| UseUseExplosion.cs:24:269:24:272 | [post] this access | UseUseExplosion.cs:24:2968:24:2973 | this access |
+| UseUseExplosion.cs:24:269:24:272 | access to property Prop | UseUseExplosion.cs:24:286:24:289 | access to property Prop |
+| UseUseExplosion.cs:24:269:24:272 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:269:24:272 | this access | UseUseExplosion.cs:24:286:24:289 | this access |
+| UseUseExplosion.cs:24:269:24:272 | this access | UseUseExplosion.cs:24:2968:24:2973 | this access |
+| UseUseExplosion.cs:24:286:24:289 | [post] this access | UseUseExplosion.cs:24:303:24:306 | this access |
+| UseUseExplosion.cs:24:286:24:289 | [post] this access | UseUseExplosion.cs:24:2953:24:2958 | this access |
+| UseUseExplosion.cs:24:286:24:289 | access to property Prop | UseUseExplosion.cs:24:303:24:306 | access to property Prop |
+| UseUseExplosion.cs:24:286:24:289 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:286:24:289 | this access | UseUseExplosion.cs:24:303:24:306 | this access |
+| UseUseExplosion.cs:24:286:24:289 | this access | UseUseExplosion.cs:24:2953:24:2958 | this access |
+| UseUseExplosion.cs:24:303:24:306 | [post] this access | UseUseExplosion.cs:24:320:24:323 | this access |
+| UseUseExplosion.cs:24:303:24:306 | [post] this access | UseUseExplosion.cs:24:2938:24:2943 | this access |
+| UseUseExplosion.cs:24:303:24:306 | access to property Prop | UseUseExplosion.cs:24:320:24:323 | access to property Prop |
+| UseUseExplosion.cs:24:303:24:306 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:303:24:306 | this access | UseUseExplosion.cs:24:320:24:323 | this access |
+| UseUseExplosion.cs:24:303:24:306 | this access | UseUseExplosion.cs:24:2938:24:2943 | this access |
+| UseUseExplosion.cs:24:320:24:323 | [post] this access | UseUseExplosion.cs:24:337:24:340 | this access |
+| UseUseExplosion.cs:24:320:24:323 | [post] this access | UseUseExplosion.cs:24:2923:24:2928 | this access |
+| UseUseExplosion.cs:24:320:24:323 | access to property Prop | UseUseExplosion.cs:24:337:24:340 | access to property Prop |
+| UseUseExplosion.cs:24:320:24:323 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:320:24:323 | this access | UseUseExplosion.cs:24:337:24:340 | this access |
+| UseUseExplosion.cs:24:320:24:323 | this access | UseUseExplosion.cs:24:2923:24:2928 | this access |
+| UseUseExplosion.cs:24:337:24:340 | [post] this access | UseUseExplosion.cs:24:354:24:357 | this access |
+| UseUseExplosion.cs:24:337:24:340 | [post] this access | UseUseExplosion.cs:24:2908:24:2913 | this access |
+| UseUseExplosion.cs:24:337:24:340 | access to property Prop | UseUseExplosion.cs:24:354:24:357 | access to property Prop |
+| UseUseExplosion.cs:24:337:24:340 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:337:24:340 | this access | UseUseExplosion.cs:24:354:24:357 | this access |
+| UseUseExplosion.cs:24:337:24:340 | this access | UseUseExplosion.cs:24:2908:24:2913 | this access |
+| UseUseExplosion.cs:24:354:24:357 | [post] this access | UseUseExplosion.cs:24:371:24:374 | this access |
+| UseUseExplosion.cs:24:354:24:357 | [post] this access | UseUseExplosion.cs:24:2893:24:2898 | this access |
+| UseUseExplosion.cs:24:354:24:357 | access to property Prop | UseUseExplosion.cs:24:371:24:374 | access to property Prop |
+| UseUseExplosion.cs:24:354:24:357 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:354:24:357 | this access | UseUseExplosion.cs:24:371:24:374 | this access |
+| UseUseExplosion.cs:24:354:24:357 | this access | UseUseExplosion.cs:24:2893:24:2898 | this access |
+| UseUseExplosion.cs:24:371:24:374 | [post] this access | UseUseExplosion.cs:24:388:24:391 | this access |
+| UseUseExplosion.cs:24:371:24:374 | [post] this access | UseUseExplosion.cs:24:2878:24:2883 | this access |
+| UseUseExplosion.cs:24:371:24:374 | access to property Prop | UseUseExplosion.cs:24:388:24:391 | access to property Prop |
+| UseUseExplosion.cs:24:371:24:374 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:371:24:374 | this access | UseUseExplosion.cs:24:388:24:391 | this access |
+| UseUseExplosion.cs:24:371:24:374 | this access | UseUseExplosion.cs:24:2878:24:2883 | this access |
+| UseUseExplosion.cs:24:388:24:391 | [post] this access | UseUseExplosion.cs:24:405:24:408 | this access |
+| UseUseExplosion.cs:24:388:24:391 | [post] this access | UseUseExplosion.cs:24:2863:24:2868 | this access |
+| UseUseExplosion.cs:24:388:24:391 | access to property Prop | UseUseExplosion.cs:24:405:24:408 | access to property Prop |
+| UseUseExplosion.cs:24:388:24:391 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:388:24:391 | this access | UseUseExplosion.cs:24:405:24:408 | this access |
+| UseUseExplosion.cs:24:388:24:391 | this access | UseUseExplosion.cs:24:2863:24:2868 | this access |
+| UseUseExplosion.cs:24:405:24:408 | [post] this access | UseUseExplosion.cs:24:422:24:425 | this access |
+| UseUseExplosion.cs:24:405:24:408 | [post] this access | UseUseExplosion.cs:24:2848:24:2853 | this access |
+| UseUseExplosion.cs:24:405:24:408 | access to property Prop | UseUseExplosion.cs:24:422:24:425 | access to property Prop |
+| UseUseExplosion.cs:24:405:24:408 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:405:24:408 | this access | UseUseExplosion.cs:24:422:24:425 | this access |
+| UseUseExplosion.cs:24:405:24:408 | this access | UseUseExplosion.cs:24:2848:24:2853 | this access |
+| UseUseExplosion.cs:24:422:24:425 | [post] this access | UseUseExplosion.cs:24:439:24:442 | this access |
+| UseUseExplosion.cs:24:422:24:425 | [post] this access | UseUseExplosion.cs:24:2833:24:2838 | this access |
+| UseUseExplosion.cs:24:422:24:425 | access to property Prop | UseUseExplosion.cs:24:439:24:442 | access to property Prop |
+| UseUseExplosion.cs:24:422:24:425 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:422:24:425 | this access | UseUseExplosion.cs:24:439:24:442 | this access |
+| UseUseExplosion.cs:24:422:24:425 | this access | UseUseExplosion.cs:24:2833:24:2838 | this access |
+| UseUseExplosion.cs:24:439:24:442 | [post] this access | UseUseExplosion.cs:24:456:24:459 | this access |
+| UseUseExplosion.cs:24:439:24:442 | [post] this access | UseUseExplosion.cs:24:2818:24:2823 | this access |
+| UseUseExplosion.cs:24:439:24:442 | access to property Prop | UseUseExplosion.cs:24:456:24:459 | access to property Prop |
+| UseUseExplosion.cs:24:439:24:442 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:439:24:442 | this access | UseUseExplosion.cs:24:456:24:459 | this access |
+| UseUseExplosion.cs:24:439:24:442 | this access | UseUseExplosion.cs:24:2818:24:2823 | this access |
+| UseUseExplosion.cs:24:456:24:459 | [post] this access | UseUseExplosion.cs:24:473:24:476 | this access |
+| UseUseExplosion.cs:24:456:24:459 | [post] this access | UseUseExplosion.cs:24:2803:24:2808 | this access |
+| UseUseExplosion.cs:24:456:24:459 | access to property Prop | UseUseExplosion.cs:24:473:24:476 | access to property Prop |
+| UseUseExplosion.cs:24:456:24:459 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:456:24:459 | this access | UseUseExplosion.cs:24:473:24:476 | this access |
+| UseUseExplosion.cs:24:456:24:459 | this access | UseUseExplosion.cs:24:2803:24:2808 | this access |
+| UseUseExplosion.cs:24:473:24:476 | [post] this access | UseUseExplosion.cs:24:490:24:493 | this access |
+| UseUseExplosion.cs:24:473:24:476 | [post] this access | UseUseExplosion.cs:24:2788:24:2793 | this access |
+| UseUseExplosion.cs:24:473:24:476 | access to property Prop | UseUseExplosion.cs:24:490:24:493 | access to property Prop |
+| UseUseExplosion.cs:24:473:24:476 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:473:24:476 | this access | UseUseExplosion.cs:24:490:24:493 | this access |
+| UseUseExplosion.cs:24:473:24:476 | this access | UseUseExplosion.cs:24:2788:24:2793 | this access |
+| UseUseExplosion.cs:24:490:24:493 | [post] this access | UseUseExplosion.cs:24:507:24:510 | this access |
+| UseUseExplosion.cs:24:490:24:493 | [post] this access | UseUseExplosion.cs:24:2773:24:2778 | this access |
+| UseUseExplosion.cs:24:490:24:493 | access to property Prop | UseUseExplosion.cs:24:507:24:510 | access to property Prop |
+| UseUseExplosion.cs:24:490:24:493 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:490:24:493 | this access | UseUseExplosion.cs:24:507:24:510 | this access |
+| UseUseExplosion.cs:24:490:24:493 | this access | UseUseExplosion.cs:24:2773:24:2778 | this access |
+| UseUseExplosion.cs:24:507:24:510 | [post] this access | UseUseExplosion.cs:24:524:24:527 | this access |
+| UseUseExplosion.cs:24:507:24:510 | [post] this access | UseUseExplosion.cs:24:2758:24:2763 | this access |
+| UseUseExplosion.cs:24:507:24:510 | access to property Prop | UseUseExplosion.cs:24:524:24:527 | access to property Prop |
+| UseUseExplosion.cs:24:507:24:510 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:507:24:510 | this access | UseUseExplosion.cs:24:524:24:527 | this access |
+| UseUseExplosion.cs:24:507:24:510 | this access | UseUseExplosion.cs:24:2758:24:2763 | this access |
+| UseUseExplosion.cs:24:524:24:527 | [post] this access | UseUseExplosion.cs:24:541:24:544 | this access |
+| UseUseExplosion.cs:24:524:24:527 | [post] this access | UseUseExplosion.cs:24:2743:24:2748 | this access |
+| UseUseExplosion.cs:24:524:24:527 | access to property Prop | UseUseExplosion.cs:24:541:24:544 | access to property Prop |
+| UseUseExplosion.cs:24:524:24:527 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:524:24:527 | this access | UseUseExplosion.cs:24:541:24:544 | this access |
+| UseUseExplosion.cs:24:524:24:527 | this access | UseUseExplosion.cs:24:2743:24:2748 | this access |
+| UseUseExplosion.cs:24:541:24:544 | [post] this access | UseUseExplosion.cs:24:558:24:561 | this access |
+| UseUseExplosion.cs:24:541:24:544 | [post] this access | UseUseExplosion.cs:24:2728:24:2733 | this access |
+| UseUseExplosion.cs:24:541:24:544 | access to property Prop | UseUseExplosion.cs:24:558:24:561 | access to property Prop |
+| UseUseExplosion.cs:24:541:24:544 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:541:24:544 | this access | UseUseExplosion.cs:24:558:24:561 | this access |
+| UseUseExplosion.cs:24:541:24:544 | this access | UseUseExplosion.cs:24:2728:24:2733 | this access |
+| UseUseExplosion.cs:24:558:24:561 | [post] this access | UseUseExplosion.cs:24:575:24:578 | this access |
+| UseUseExplosion.cs:24:558:24:561 | [post] this access | UseUseExplosion.cs:24:2713:24:2718 | this access |
+| UseUseExplosion.cs:24:558:24:561 | access to property Prop | UseUseExplosion.cs:24:575:24:578 | access to property Prop |
+| UseUseExplosion.cs:24:558:24:561 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:558:24:561 | this access | UseUseExplosion.cs:24:575:24:578 | this access |
+| UseUseExplosion.cs:24:558:24:561 | this access | UseUseExplosion.cs:24:2713:24:2718 | this access |
+| UseUseExplosion.cs:24:575:24:578 | [post] this access | UseUseExplosion.cs:24:592:24:595 | this access |
+| UseUseExplosion.cs:24:575:24:578 | [post] this access | UseUseExplosion.cs:24:2698:24:2703 | this access |
+| UseUseExplosion.cs:24:575:24:578 | access to property Prop | UseUseExplosion.cs:24:592:24:595 | access to property Prop |
+| UseUseExplosion.cs:24:575:24:578 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:575:24:578 | this access | UseUseExplosion.cs:24:592:24:595 | this access |
+| UseUseExplosion.cs:24:575:24:578 | this access | UseUseExplosion.cs:24:2698:24:2703 | this access |
+| UseUseExplosion.cs:24:592:24:595 | [post] this access | UseUseExplosion.cs:24:609:24:612 | this access |
+| UseUseExplosion.cs:24:592:24:595 | [post] this access | UseUseExplosion.cs:24:2683:24:2688 | this access |
+| UseUseExplosion.cs:24:592:24:595 | access to property Prop | UseUseExplosion.cs:24:609:24:612 | access to property Prop |
+| UseUseExplosion.cs:24:592:24:595 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:592:24:595 | this access | UseUseExplosion.cs:24:609:24:612 | this access |
+| UseUseExplosion.cs:24:592:24:595 | this access | UseUseExplosion.cs:24:2683:24:2688 | this access |
+| UseUseExplosion.cs:24:609:24:612 | [post] this access | UseUseExplosion.cs:24:626:24:629 | this access |
+| UseUseExplosion.cs:24:609:24:612 | [post] this access | UseUseExplosion.cs:24:2668:24:2673 | this access |
+| UseUseExplosion.cs:24:609:24:612 | access to property Prop | UseUseExplosion.cs:24:626:24:629 | access to property Prop |
+| UseUseExplosion.cs:24:609:24:612 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:609:24:612 | this access | UseUseExplosion.cs:24:626:24:629 | this access |
+| UseUseExplosion.cs:24:609:24:612 | this access | UseUseExplosion.cs:24:2668:24:2673 | this access |
+| UseUseExplosion.cs:24:626:24:629 | [post] this access | UseUseExplosion.cs:24:643:24:646 | this access |
+| UseUseExplosion.cs:24:626:24:629 | [post] this access | UseUseExplosion.cs:24:2653:24:2658 | this access |
+| UseUseExplosion.cs:24:626:24:629 | access to property Prop | UseUseExplosion.cs:24:643:24:646 | access to property Prop |
+| UseUseExplosion.cs:24:626:24:629 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:626:24:629 | this access | UseUseExplosion.cs:24:643:24:646 | this access |
+| UseUseExplosion.cs:24:626:24:629 | this access | UseUseExplosion.cs:24:2653:24:2658 | this access |
+| UseUseExplosion.cs:24:643:24:646 | [post] this access | UseUseExplosion.cs:24:660:24:663 | this access |
+| UseUseExplosion.cs:24:643:24:646 | [post] this access | UseUseExplosion.cs:24:2638:24:2643 | this access |
+| UseUseExplosion.cs:24:643:24:646 | access to property Prop | UseUseExplosion.cs:24:660:24:663 | access to property Prop |
+| UseUseExplosion.cs:24:643:24:646 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:643:24:646 | this access | UseUseExplosion.cs:24:660:24:663 | this access |
+| UseUseExplosion.cs:24:643:24:646 | this access | UseUseExplosion.cs:24:2638:24:2643 | this access |
+| UseUseExplosion.cs:24:660:24:663 | [post] this access | UseUseExplosion.cs:24:677:24:680 | this access |
+| UseUseExplosion.cs:24:660:24:663 | [post] this access | UseUseExplosion.cs:24:2623:24:2628 | this access |
+| UseUseExplosion.cs:24:660:24:663 | access to property Prop | UseUseExplosion.cs:24:677:24:680 | access to property Prop |
+| UseUseExplosion.cs:24:660:24:663 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:660:24:663 | this access | UseUseExplosion.cs:24:677:24:680 | this access |
+| UseUseExplosion.cs:24:660:24:663 | this access | UseUseExplosion.cs:24:2623:24:2628 | this access |
+| UseUseExplosion.cs:24:677:24:680 | [post] this access | UseUseExplosion.cs:24:694:24:697 | this access |
+| UseUseExplosion.cs:24:677:24:680 | [post] this access | UseUseExplosion.cs:24:2608:24:2613 | this access |
+| UseUseExplosion.cs:24:677:24:680 | access to property Prop | UseUseExplosion.cs:24:694:24:697 | access to property Prop |
+| UseUseExplosion.cs:24:677:24:680 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:677:24:680 | this access | UseUseExplosion.cs:24:694:24:697 | this access |
+| UseUseExplosion.cs:24:677:24:680 | this access | UseUseExplosion.cs:24:2608:24:2613 | this access |
+| UseUseExplosion.cs:24:694:24:697 | [post] this access | UseUseExplosion.cs:24:711:24:714 | this access |
+| UseUseExplosion.cs:24:694:24:697 | [post] this access | UseUseExplosion.cs:24:2593:24:2598 | this access |
+| UseUseExplosion.cs:24:694:24:697 | access to property Prop | UseUseExplosion.cs:24:711:24:714 | access to property Prop |
+| UseUseExplosion.cs:24:694:24:697 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:694:24:697 | this access | UseUseExplosion.cs:24:711:24:714 | this access |
+| UseUseExplosion.cs:24:694:24:697 | this access | UseUseExplosion.cs:24:2593:24:2598 | this access |
+| UseUseExplosion.cs:24:711:24:714 | [post] this access | UseUseExplosion.cs:24:728:24:731 | this access |
+| UseUseExplosion.cs:24:711:24:714 | [post] this access | UseUseExplosion.cs:24:2578:24:2583 | this access |
+| UseUseExplosion.cs:24:711:24:714 | access to property Prop | UseUseExplosion.cs:24:728:24:731 | access to property Prop |
+| UseUseExplosion.cs:24:711:24:714 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:711:24:714 | this access | UseUseExplosion.cs:24:728:24:731 | this access |
+| UseUseExplosion.cs:24:711:24:714 | this access | UseUseExplosion.cs:24:2578:24:2583 | this access |
+| UseUseExplosion.cs:24:728:24:731 | [post] this access | UseUseExplosion.cs:24:745:24:748 | this access |
+| UseUseExplosion.cs:24:728:24:731 | [post] this access | UseUseExplosion.cs:24:2563:24:2568 | this access |
+| UseUseExplosion.cs:24:728:24:731 | access to property Prop | UseUseExplosion.cs:24:745:24:748 | access to property Prop |
+| UseUseExplosion.cs:24:728:24:731 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:728:24:731 | this access | UseUseExplosion.cs:24:745:24:748 | this access |
+| UseUseExplosion.cs:24:728:24:731 | this access | UseUseExplosion.cs:24:2563:24:2568 | this access |
+| UseUseExplosion.cs:24:745:24:748 | [post] this access | UseUseExplosion.cs:24:762:24:765 | this access |
+| UseUseExplosion.cs:24:745:24:748 | [post] this access | UseUseExplosion.cs:24:2548:24:2553 | this access |
+| UseUseExplosion.cs:24:745:24:748 | access to property Prop | UseUseExplosion.cs:24:762:24:765 | access to property Prop |
+| UseUseExplosion.cs:24:745:24:748 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:745:24:748 | this access | UseUseExplosion.cs:24:762:24:765 | this access |
+| UseUseExplosion.cs:24:745:24:748 | this access | UseUseExplosion.cs:24:2548:24:2553 | this access |
+| UseUseExplosion.cs:24:762:24:765 | [post] this access | UseUseExplosion.cs:24:779:24:782 | this access |
+| UseUseExplosion.cs:24:762:24:765 | [post] this access | UseUseExplosion.cs:24:2533:24:2538 | this access |
+| UseUseExplosion.cs:24:762:24:765 | access to property Prop | UseUseExplosion.cs:24:779:24:782 | access to property Prop |
+| UseUseExplosion.cs:24:762:24:765 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:762:24:765 | this access | UseUseExplosion.cs:24:779:24:782 | this access |
+| UseUseExplosion.cs:24:762:24:765 | this access | UseUseExplosion.cs:24:2533:24:2538 | this access |
+| UseUseExplosion.cs:24:779:24:782 | [post] this access | UseUseExplosion.cs:24:796:24:799 | this access |
+| UseUseExplosion.cs:24:779:24:782 | [post] this access | UseUseExplosion.cs:24:2518:24:2523 | this access |
+| UseUseExplosion.cs:24:779:24:782 | access to property Prop | UseUseExplosion.cs:24:796:24:799 | access to property Prop |
+| UseUseExplosion.cs:24:779:24:782 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:779:24:782 | this access | UseUseExplosion.cs:24:796:24:799 | this access |
+| UseUseExplosion.cs:24:779:24:782 | this access | UseUseExplosion.cs:24:2518:24:2523 | this access |
+| UseUseExplosion.cs:24:796:24:799 | [post] this access | UseUseExplosion.cs:24:813:24:816 | this access |
+| UseUseExplosion.cs:24:796:24:799 | [post] this access | UseUseExplosion.cs:24:2503:24:2508 | this access |
+| UseUseExplosion.cs:24:796:24:799 | access to property Prop | UseUseExplosion.cs:24:813:24:816 | access to property Prop |
+| UseUseExplosion.cs:24:796:24:799 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:796:24:799 | this access | UseUseExplosion.cs:24:813:24:816 | this access |
+| UseUseExplosion.cs:24:796:24:799 | this access | UseUseExplosion.cs:24:2503:24:2508 | this access |
+| UseUseExplosion.cs:24:813:24:816 | [post] this access | UseUseExplosion.cs:24:830:24:833 | this access |
+| UseUseExplosion.cs:24:813:24:816 | [post] this access | UseUseExplosion.cs:24:2488:24:2493 | this access |
+| UseUseExplosion.cs:24:813:24:816 | access to property Prop | UseUseExplosion.cs:24:830:24:833 | access to property Prop |
+| UseUseExplosion.cs:24:813:24:816 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:813:24:816 | this access | UseUseExplosion.cs:24:830:24:833 | this access |
+| UseUseExplosion.cs:24:813:24:816 | this access | UseUseExplosion.cs:24:2488:24:2493 | this access |
+| UseUseExplosion.cs:24:830:24:833 | [post] this access | UseUseExplosion.cs:24:847:24:850 | this access |
+| UseUseExplosion.cs:24:830:24:833 | [post] this access | UseUseExplosion.cs:24:2473:24:2478 | this access |
+| UseUseExplosion.cs:24:830:24:833 | access to property Prop | UseUseExplosion.cs:24:847:24:850 | access to property Prop |
+| UseUseExplosion.cs:24:830:24:833 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:830:24:833 | this access | UseUseExplosion.cs:24:847:24:850 | this access |
+| UseUseExplosion.cs:24:830:24:833 | this access | UseUseExplosion.cs:24:2473:24:2478 | this access |
+| UseUseExplosion.cs:24:847:24:850 | [post] this access | UseUseExplosion.cs:24:864:24:867 | this access |
+| UseUseExplosion.cs:24:847:24:850 | [post] this access | UseUseExplosion.cs:24:2458:24:2463 | this access |
+| UseUseExplosion.cs:24:847:24:850 | access to property Prop | UseUseExplosion.cs:24:864:24:867 | access to property Prop |
+| UseUseExplosion.cs:24:847:24:850 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:847:24:850 | this access | UseUseExplosion.cs:24:864:24:867 | this access |
+| UseUseExplosion.cs:24:847:24:850 | this access | UseUseExplosion.cs:24:2458:24:2463 | this access |
+| UseUseExplosion.cs:24:864:24:867 | [post] this access | UseUseExplosion.cs:24:881:24:884 | this access |
+| UseUseExplosion.cs:24:864:24:867 | [post] this access | UseUseExplosion.cs:24:2443:24:2448 | this access |
+| UseUseExplosion.cs:24:864:24:867 | access to property Prop | UseUseExplosion.cs:24:881:24:884 | access to property Prop |
+| UseUseExplosion.cs:24:864:24:867 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:864:24:867 | this access | UseUseExplosion.cs:24:881:24:884 | this access |
+| UseUseExplosion.cs:24:864:24:867 | this access | UseUseExplosion.cs:24:2443:24:2448 | this access |
+| UseUseExplosion.cs:24:881:24:884 | [post] this access | UseUseExplosion.cs:24:898:24:901 | this access |
+| UseUseExplosion.cs:24:881:24:884 | [post] this access | UseUseExplosion.cs:24:2428:24:2433 | this access |
+| UseUseExplosion.cs:24:881:24:884 | access to property Prop | UseUseExplosion.cs:24:898:24:901 | access to property Prop |
+| UseUseExplosion.cs:24:881:24:884 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:881:24:884 | this access | UseUseExplosion.cs:24:898:24:901 | this access |
+| UseUseExplosion.cs:24:881:24:884 | this access | UseUseExplosion.cs:24:2428:24:2433 | this access |
+| UseUseExplosion.cs:24:898:24:901 | [post] this access | UseUseExplosion.cs:24:915:24:918 | this access |
+| UseUseExplosion.cs:24:898:24:901 | [post] this access | UseUseExplosion.cs:24:2413:24:2418 | this access |
+| UseUseExplosion.cs:24:898:24:901 | access to property Prop | UseUseExplosion.cs:24:915:24:918 | access to property Prop |
+| UseUseExplosion.cs:24:898:24:901 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:898:24:901 | this access | UseUseExplosion.cs:24:915:24:918 | this access |
+| UseUseExplosion.cs:24:898:24:901 | this access | UseUseExplosion.cs:24:2413:24:2418 | this access |
+| UseUseExplosion.cs:24:915:24:918 | [post] this access | UseUseExplosion.cs:24:932:24:935 | this access |
+| UseUseExplosion.cs:24:915:24:918 | [post] this access | UseUseExplosion.cs:24:2398:24:2403 | this access |
+| UseUseExplosion.cs:24:915:24:918 | access to property Prop | UseUseExplosion.cs:24:932:24:935 | access to property Prop |
+| UseUseExplosion.cs:24:915:24:918 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:915:24:918 | this access | UseUseExplosion.cs:24:932:24:935 | this access |
+| UseUseExplosion.cs:24:915:24:918 | this access | UseUseExplosion.cs:24:2398:24:2403 | this access |
+| UseUseExplosion.cs:24:932:24:935 | [post] this access | UseUseExplosion.cs:24:949:24:952 | this access |
+| UseUseExplosion.cs:24:932:24:935 | [post] this access | UseUseExplosion.cs:24:2383:24:2388 | this access |
+| UseUseExplosion.cs:24:932:24:935 | access to property Prop | UseUseExplosion.cs:24:949:24:952 | access to property Prop |
+| UseUseExplosion.cs:24:932:24:935 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:932:24:935 | this access | UseUseExplosion.cs:24:949:24:952 | this access |
+| UseUseExplosion.cs:24:932:24:935 | this access | UseUseExplosion.cs:24:2383:24:2388 | this access |
+| UseUseExplosion.cs:24:949:24:952 | [post] this access | UseUseExplosion.cs:24:966:24:969 | this access |
+| UseUseExplosion.cs:24:949:24:952 | [post] this access | UseUseExplosion.cs:24:2368:24:2373 | this access |
+| UseUseExplosion.cs:24:949:24:952 | access to property Prop | UseUseExplosion.cs:24:966:24:969 | access to property Prop |
+| UseUseExplosion.cs:24:949:24:952 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:949:24:952 | this access | UseUseExplosion.cs:24:966:24:969 | this access |
+| UseUseExplosion.cs:24:949:24:952 | this access | UseUseExplosion.cs:24:2368:24:2373 | this access |
+| UseUseExplosion.cs:24:966:24:969 | [post] this access | UseUseExplosion.cs:24:983:24:986 | this access |
+| UseUseExplosion.cs:24:966:24:969 | [post] this access | UseUseExplosion.cs:24:2353:24:2358 | this access |
+| UseUseExplosion.cs:24:966:24:969 | access to property Prop | UseUseExplosion.cs:24:983:24:986 | access to property Prop |
+| UseUseExplosion.cs:24:966:24:969 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:966:24:969 | this access | UseUseExplosion.cs:24:983:24:986 | this access |
+| UseUseExplosion.cs:24:966:24:969 | this access | UseUseExplosion.cs:24:2353:24:2358 | this access |
+| UseUseExplosion.cs:24:983:24:986 | [post] this access | UseUseExplosion.cs:24:1000:24:1003 | this access |
+| UseUseExplosion.cs:24:983:24:986 | [post] this access | UseUseExplosion.cs:24:2338:24:2343 | this access |
+| UseUseExplosion.cs:24:983:24:986 | access to property Prop | UseUseExplosion.cs:24:1000:24:1003 | access to property Prop |
+| UseUseExplosion.cs:24:983:24:986 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:983:24:986 | this access | UseUseExplosion.cs:24:1000:24:1003 | this access |
+| UseUseExplosion.cs:24:983:24:986 | this access | UseUseExplosion.cs:24:2338:24:2343 | this access |
+| UseUseExplosion.cs:24:1000:24:1003 | [post] this access | UseUseExplosion.cs:24:1017:24:1020 | this access |
+| UseUseExplosion.cs:24:1000:24:1003 | [post] this access | UseUseExplosion.cs:24:2323:24:2328 | this access |
+| UseUseExplosion.cs:24:1000:24:1003 | access to property Prop | UseUseExplosion.cs:24:1017:24:1020 | access to property Prop |
+| UseUseExplosion.cs:24:1000:24:1003 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1000:24:1003 | this access | UseUseExplosion.cs:24:1017:24:1020 | this access |
+| UseUseExplosion.cs:24:1000:24:1003 | this access | UseUseExplosion.cs:24:2323:24:2328 | this access |
+| UseUseExplosion.cs:24:1017:24:1020 | [post] this access | UseUseExplosion.cs:24:1034:24:1037 | this access |
+| UseUseExplosion.cs:24:1017:24:1020 | [post] this access | UseUseExplosion.cs:24:2308:24:2313 | this access |
+| UseUseExplosion.cs:24:1017:24:1020 | access to property Prop | UseUseExplosion.cs:24:1034:24:1037 | access to property Prop |
+| UseUseExplosion.cs:24:1017:24:1020 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1017:24:1020 | this access | UseUseExplosion.cs:24:1034:24:1037 | this access |
+| UseUseExplosion.cs:24:1017:24:1020 | this access | UseUseExplosion.cs:24:2308:24:2313 | this access |
+| UseUseExplosion.cs:24:1034:24:1037 | [post] this access | UseUseExplosion.cs:24:1051:24:1054 | this access |
+| UseUseExplosion.cs:24:1034:24:1037 | [post] this access | UseUseExplosion.cs:24:2293:24:2298 | this access |
+| UseUseExplosion.cs:24:1034:24:1037 | access to property Prop | UseUseExplosion.cs:24:1051:24:1054 | access to property Prop |
+| UseUseExplosion.cs:24:1034:24:1037 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1034:24:1037 | this access | UseUseExplosion.cs:24:1051:24:1054 | this access |
+| UseUseExplosion.cs:24:1034:24:1037 | this access | UseUseExplosion.cs:24:2293:24:2298 | this access |
+| UseUseExplosion.cs:24:1051:24:1054 | [post] this access | UseUseExplosion.cs:24:1068:24:1071 | this access |
+| UseUseExplosion.cs:24:1051:24:1054 | [post] this access | UseUseExplosion.cs:24:2278:24:2283 | this access |
+| UseUseExplosion.cs:24:1051:24:1054 | access to property Prop | UseUseExplosion.cs:24:1068:24:1071 | access to property Prop |
+| UseUseExplosion.cs:24:1051:24:1054 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1051:24:1054 | this access | UseUseExplosion.cs:24:1068:24:1071 | this access |
+| UseUseExplosion.cs:24:1051:24:1054 | this access | UseUseExplosion.cs:24:2278:24:2283 | this access |
+| UseUseExplosion.cs:24:1068:24:1071 | [post] this access | UseUseExplosion.cs:24:1085:24:1088 | this access |
+| UseUseExplosion.cs:24:1068:24:1071 | [post] this access | UseUseExplosion.cs:24:2263:24:2268 | this access |
+| UseUseExplosion.cs:24:1068:24:1071 | access to property Prop | UseUseExplosion.cs:24:1085:24:1088 | access to property Prop |
+| UseUseExplosion.cs:24:1068:24:1071 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1068:24:1071 | this access | UseUseExplosion.cs:24:1085:24:1088 | this access |
+| UseUseExplosion.cs:24:1068:24:1071 | this access | UseUseExplosion.cs:24:2263:24:2268 | this access |
+| UseUseExplosion.cs:24:1085:24:1088 | [post] this access | UseUseExplosion.cs:24:1102:24:1105 | this access |
+| UseUseExplosion.cs:24:1085:24:1088 | [post] this access | UseUseExplosion.cs:24:2248:24:2253 | this access |
+| UseUseExplosion.cs:24:1085:24:1088 | access to property Prop | UseUseExplosion.cs:24:1102:24:1105 | access to property Prop |
+| UseUseExplosion.cs:24:1085:24:1088 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1085:24:1088 | this access | UseUseExplosion.cs:24:1102:24:1105 | this access |
+| UseUseExplosion.cs:24:1085:24:1088 | this access | UseUseExplosion.cs:24:2248:24:2253 | this access |
+| UseUseExplosion.cs:24:1102:24:1105 | [post] this access | UseUseExplosion.cs:24:1119:24:1122 | this access |
+| UseUseExplosion.cs:24:1102:24:1105 | [post] this access | UseUseExplosion.cs:24:2233:24:2238 | this access |
+| UseUseExplosion.cs:24:1102:24:1105 | access to property Prop | UseUseExplosion.cs:24:1119:24:1122 | access to property Prop |
+| UseUseExplosion.cs:24:1102:24:1105 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1102:24:1105 | this access | UseUseExplosion.cs:24:1119:24:1122 | this access |
+| UseUseExplosion.cs:24:1102:24:1105 | this access | UseUseExplosion.cs:24:2233:24:2238 | this access |
+| UseUseExplosion.cs:24:1119:24:1122 | [post] this access | UseUseExplosion.cs:24:1136:24:1139 | this access |
+| UseUseExplosion.cs:24:1119:24:1122 | [post] this access | UseUseExplosion.cs:24:2218:24:2223 | this access |
+| UseUseExplosion.cs:24:1119:24:1122 | access to property Prop | UseUseExplosion.cs:24:1136:24:1139 | access to property Prop |
+| UseUseExplosion.cs:24:1119:24:1122 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1119:24:1122 | this access | UseUseExplosion.cs:24:1136:24:1139 | this access |
+| UseUseExplosion.cs:24:1119:24:1122 | this access | UseUseExplosion.cs:24:2218:24:2223 | this access |
+| UseUseExplosion.cs:24:1136:24:1139 | [post] this access | UseUseExplosion.cs:24:1153:24:1156 | this access |
+| UseUseExplosion.cs:24:1136:24:1139 | [post] this access | UseUseExplosion.cs:24:2203:24:2208 | this access |
+| UseUseExplosion.cs:24:1136:24:1139 | access to property Prop | UseUseExplosion.cs:24:1153:24:1156 | access to property Prop |
+| UseUseExplosion.cs:24:1136:24:1139 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1136:24:1139 | this access | UseUseExplosion.cs:24:1153:24:1156 | this access |
+| UseUseExplosion.cs:24:1136:24:1139 | this access | UseUseExplosion.cs:24:2203:24:2208 | this access |
+| UseUseExplosion.cs:24:1153:24:1156 | [post] this access | UseUseExplosion.cs:24:1170:24:1173 | this access |
+| UseUseExplosion.cs:24:1153:24:1156 | [post] this access | UseUseExplosion.cs:24:2188:24:2193 | this access |
+| UseUseExplosion.cs:24:1153:24:1156 | access to property Prop | UseUseExplosion.cs:24:1170:24:1173 | access to property Prop |
+| UseUseExplosion.cs:24:1153:24:1156 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1153:24:1156 | this access | UseUseExplosion.cs:24:1170:24:1173 | this access |
+| UseUseExplosion.cs:24:1153:24:1156 | this access | UseUseExplosion.cs:24:2188:24:2193 | this access |
+| UseUseExplosion.cs:24:1170:24:1173 | [post] this access | UseUseExplosion.cs:24:1187:24:1190 | this access |
+| UseUseExplosion.cs:24:1170:24:1173 | [post] this access | UseUseExplosion.cs:24:2173:24:2178 | this access |
+| UseUseExplosion.cs:24:1170:24:1173 | access to property Prop | UseUseExplosion.cs:24:1187:24:1190 | access to property Prop |
+| UseUseExplosion.cs:24:1170:24:1173 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1170:24:1173 | this access | UseUseExplosion.cs:24:1187:24:1190 | this access |
+| UseUseExplosion.cs:24:1170:24:1173 | this access | UseUseExplosion.cs:24:2173:24:2178 | this access |
+| UseUseExplosion.cs:24:1187:24:1190 | [post] this access | UseUseExplosion.cs:24:1204:24:1207 | this access |
+| UseUseExplosion.cs:24:1187:24:1190 | [post] this access | UseUseExplosion.cs:24:2158:24:2163 | this access |
+| UseUseExplosion.cs:24:1187:24:1190 | access to property Prop | UseUseExplosion.cs:24:1204:24:1207 | access to property Prop |
+| UseUseExplosion.cs:24:1187:24:1190 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1187:24:1190 | this access | UseUseExplosion.cs:24:1204:24:1207 | this access |
+| UseUseExplosion.cs:24:1187:24:1190 | this access | UseUseExplosion.cs:24:2158:24:2163 | this access |
+| UseUseExplosion.cs:24:1204:24:1207 | [post] this access | UseUseExplosion.cs:24:1221:24:1224 | this access |
+| UseUseExplosion.cs:24:1204:24:1207 | [post] this access | UseUseExplosion.cs:24:2143:24:2148 | this access |
+| UseUseExplosion.cs:24:1204:24:1207 | access to property Prop | UseUseExplosion.cs:24:1221:24:1224 | access to property Prop |
+| UseUseExplosion.cs:24:1204:24:1207 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1204:24:1207 | this access | UseUseExplosion.cs:24:1221:24:1224 | this access |
+| UseUseExplosion.cs:24:1204:24:1207 | this access | UseUseExplosion.cs:24:2143:24:2148 | this access |
+| UseUseExplosion.cs:24:1221:24:1224 | [post] this access | UseUseExplosion.cs:24:1238:24:1241 | this access |
+| UseUseExplosion.cs:24:1221:24:1224 | [post] this access | UseUseExplosion.cs:24:2128:24:2133 | this access |
+| UseUseExplosion.cs:24:1221:24:1224 | access to property Prop | UseUseExplosion.cs:24:1238:24:1241 | access to property Prop |
+| UseUseExplosion.cs:24:1221:24:1224 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1221:24:1224 | this access | UseUseExplosion.cs:24:1238:24:1241 | this access |
+| UseUseExplosion.cs:24:1221:24:1224 | this access | UseUseExplosion.cs:24:2128:24:2133 | this access |
+| UseUseExplosion.cs:24:1238:24:1241 | [post] this access | UseUseExplosion.cs:24:1255:24:1258 | this access |
+| UseUseExplosion.cs:24:1238:24:1241 | [post] this access | UseUseExplosion.cs:24:2113:24:2118 | this access |
+| UseUseExplosion.cs:24:1238:24:1241 | access to property Prop | UseUseExplosion.cs:24:1255:24:1258 | access to property Prop |
+| UseUseExplosion.cs:24:1238:24:1241 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1238:24:1241 | this access | UseUseExplosion.cs:24:1255:24:1258 | this access |
+| UseUseExplosion.cs:24:1238:24:1241 | this access | UseUseExplosion.cs:24:2113:24:2118 | this access |
+| UseUseExplosion.cs:24:1255:24:1258 | [post] this access | UseUseExplosion.cs:24:1272:24:1275 | this access |
+| UseUseExplosion.cs:24:1255:24:1258 | [post] this access | UseUseExplosion.cs:24:2098:24:2103 | this access |
+| UseUseExplosion.cs:24:1255:24:1258 | access to property Prop | UseUseExplosion.cs:24:1272:24:1275 | access to property Prop |
+| UseUseExplosion.cs:24:1255:24:1258 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1255:24:1258 | this access | UseUseExplosion.cs:24:1272:24:1275 | this access |
+| UseUseExplosion.cs:24:1255:24:1258 | this access | UseUseExplosion.cs:24:2098:24:2103 | this access |
+| UseUseExplosion.cs:24:1272:24:1275 | [post] this access | UseUseExplosion.cs:24:1289:24:1292 | this access |
+| UseUseExplosion.cs:24:1272:24:1275 | [post] this access | UseUseExplosion.cs:24:2083:24:2088 | this access |
+| UseUseExplosion.cs:24:1272:24:1275 | access to property Prop | UseUseExplosion.cs:24:1289:24:1292 | access to property Prop |
+| UseUseExplosion.cs:24:1272:24:1275 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1272:24:1275 | this access | UseUseExplosion.cs:24:1289:24:1292 | this access |
+| UseUseExplosion.cs:24:1272:24:1275 | this access | UseUseExplosion.cs:24:2083:24:2088 | this access |
+| UseUseExplosion.cs:24:1289:24:1292 | [post] this access | UseUseExplosion.cs:24:1306:24:1309 | this access |
+| UseUseExplosion.cs:24:1289:24:1292 | [post] this access | UseUseExplosion.cs:24:2068:24:2073 | this access |
+| UseUseExplosion.cs:24:1289:24:1292 | access to property Prop | UseUseExplosion.cs:24:1306:24:1309 | access to property Prop |
+| UseUseExplosion.cs:24:1289:24:1292 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1289:24:1292 | this access | UseUseExplosion.cs:24:1306:24:1309 | this access |
+| UseUseExplosion.cs:24:1289:24:1292 | this access | UseUseExplosion.cs:24:2068:24:2073 | this access |
+| UseUseExplosion.cs:24:1306:24:1309 | [post] this access | UseUseExplosion.cs:24:1323:24:1326 | this access |
+| UseUseExplosion.cs:24:1306:24:1309 | [post] this access | UseUseExplosion.cs:24:2053:24:2058 | this access |
+| UseUseExplosion.cs:24:1306:24:1309 | access to property Prop | UseUseExplosion.cs:24:1323:24:1326 | access to property Prop |
+| UseUseExplosion.cs:24:1306:24:1309 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1306:24:1309 | this access | UseUseExplosion.cs:24:1323:24:1326 | this access |
+| UseUseExplosion.cs:24:1306:24:1309 | this access | UseUseExplosion.cs:24:2053:24:2058 | this access |
+| UseUseExplosion.cs:24:1323:24:1326 | [post] this access | UseUseExplosion.cs:24:1340:24:1343 | this access |
+| UseUseExplosion.cs:24:1323:24:1326 | [post] this access | UseUseExplosion.cs:24:2038:24:2043 | this access |
+| UseUseExplosion.cs:24:1323:24:1326 | access to property Prop | UseUseExplosion.cs:24:1340:24:1343 | access to property Prop |
+| UseUseExplosion.cs:24:1323:24:1326 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1323:24:1326 | this access | UseUseExplosion.cs:24:1340:24:1343 | this access |
+| UseUseExplosion.cs:24:1323:24:1326 | this access | UseUseExplosion.cs:24:2038:24:2043 | this access |
+| UseUseExplosion.cs:24:1340:24:1343 | [post] this access | UseUseExplosion.cs:24:1357:24:1360 | this access |
+| UseUseExplosion.cs:24:1340:24:1343 | [post] this access | UseUseExplosion.cs:24:2023:24:2028 | this access |
+| UseUseExplosion.cs:24:1340:24:1343 | access to property Prop | UseUseExplosion.cs:24:1357:24:1360 | access to property Prop |
+| UseUseExplosion.cs:24:1340:24:1343 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1340:24:1343 | this access | UseUseExplosion.cs:24:1357:24:1360 | this access |
+| UseUseExplosion.cs:24:1340:24:1343 | this access | UseUseExplosion.cs:24:2023:24:2028 | this access |
+| UseUseExplosion.cs:24:1357:24:1360 | [post] this access | UseUseExplosion.cs:24:1374:24:1377 | this access |
+| UseUseExplosion.cs:24:1357:24:1360 | [post] this access | UseUseExplosion.cs:24:2008:24:2013 | this access |
+| UseUseExplosion.cs:24:1357:24:1360 | access to property Prop | UseUseExplosion.cs:24:1374:24:1377 | access to property Prop |
+| UseUseExplosion.cs:24:1357:24:1360 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1357:24:1360 | this access | UseUseExplosion.cs:24:1374:24:1377 | this access |
+| UseUseExplosion.cs:24:1357:24:1360 | this access | UseUseExplosion.cs:24:2008:24:2013 | this access |
+| UseUseExplosion.cs:24:1374:24:1377 | [post] this access | UseUseExplosion.cs:24:1391:24:1394 | this access |
+| UseUseExplosion.cs:24:1374:24:1377 | [post] this access | UseUseExplosion.cs:24:1993:24:1998 | this access |
+| UseUseExplosion.cs:24:1374:24:1377 | access to property Prop | UseUseExplosion.cs:24:1391:24:1394 | access to property Prop |
+| UseUseExplosion.cs:24:1374:24:1377 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1374:24:1377 | this access | UseUseExplosion.cs:24:1391:24:1394 | this access |
+| UseUseExplosion.cs:24:1374:24:1377 | this access | UseUseExplosion.cs:24:1993:24:1998 | this access |
+| UseUseExplosion.cs:24:1391:24:1394 | [post] this access | UseUseExplosion.cs:24:1408:24:1411 | this access |
+| UseUseExplosion.cs:24:1391:24:1394 | [post] this access | UseUseExplosion.cs:24:1978:24:1983 | this access |
+| UseUseExplosion.cs:24:1391:24:1394 | access to property Prop | UseUseExplosion.cs:24:1408:24:1411 | access to property Prop |
+| UseUseExplosion.cs:24:1391:24:1394 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1391:24:1394 | this access | UseUseExplosion.cs:24:1408:24:1411 | this access |
+| UseUseExplosion.cs:24:1391:24:1394 | this access | UseUseExplosion.cs:24:1978:24:1983 | this access |
+| UseUseExplosion.cs:24:1408:24:1411 | [post] this access | UseUseExplosion.cs:24:1425:24:1428 | this access |
+| UseUseExplosion.cs:24:1408:24:1411 | [post] this access | UseUseExplosion.cs:24:1963:24:1968 | this access |
+| UseUseExplosion.cs:24:1408:24:1411 | access to property Prop | UseUseExplosion.cs:24:1425:24:1428 | access to property Prop |
+| UseUseExplosion.cs:24:1408:24:1411 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1408:24:1411 | this access | UseUseExplosion.cs:24:1425:24:1428 | this access |
+| UseUseExplosion.cs:24:1408:24:1411 | this access | UseUseExplosion.cs:24:1963:24:1968 | this access |
+| UseUseExplosion.cs:24:1425:24:1428 | [post] this access | UseUseExplosion.cs:24:1442:24:1445 | this access |
+| UseUseExplosion.cs:24:1425:24:1428 | [post] this access | UseUseExplosion.cs:24:1948:24:1953 | this access |
+| UseUseExplosion.cs:24:1425:24:1428 | access to property Prop | UseUseExplosion.cs:24:1442:24:1445 | access to property Prop |
+| UseUseExplosion.cs:24:1425:24:1428 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1425:24:1428 | this access | UseUseExplosion.cs:24:1442:24:1445 | this access |
+| UseUseExplosion.cs:24:1425:24:1428 | this access | UseUseExplosion.cs:24:1948:24:1953 | this access |
+| UseUseExplosion.cs:24:1442:24:1445 | [post] this access | UseUseExplosion.cs:24:1459:24:1462 | this access |
+| UseUseExplosion.cs:24:1442:24:1445 | [post] this access | UseUseExplosion.cs:24:1933:24:1938 | this access |
+| UseUseExplosion.cs:24:1442:24:1445 | access to property Prop | UseUseExplosion.cs:24:1459:24:1462 | access to property Prop |
+| UseUseExplosion.cs:24:1442:24:1445 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1442:24:1445 | this access | UseUseExplosion.cs:24:1459:24:1462 | this access |
+| UseUseExplosion.cs:24:1442:24:1445 | this access | UseUseExplosion.cs:24:1933:24:1938 | this access |
+| UseUseExplosion.cs:24:1459:24:1462 | [post] this access | UseUseExplosion.cs:24:1476:24:1479 | this access |
+| UseUseExplosion.cs:24:1459:24:1462 | [post] this access | UseUseExplosion.cs:24:1918:24:1923 | this access |
+| UseUseExplosion.cs:24:1459:24:1462 | access to property Prop | UseUseExplosion.cs:24:1476:24:1479 | access to property Prop |
+| UseUseExplosion.cs:24:1459:24:1462 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1459:24:1462 | this access | UseUseExplosion.cs:24:1476:24:1479 | this access |
+| UseUseExplosion.cs:24:1459:24:1462 | this access | UseUseExplosion.cs:24:1918:24:1923 | this access |
+| UseUseExplosion.cs:24:1476:24:1479 | [post] this access | UseUseExplosion.cs:24:1493:24:1496 | this access |
+| UseUseExplosion.cs:24:1476:24:1479 | [post] this access | UseUseExplosion.cs:24:1903:24:1908 | this access |
+| UseUseExplosion.cs:24:1476:24:1479 | access to property Prop | UseUseExplosion.cs:24:1493:24:1496 | access to property Prop |
+| UseUseExplosion.cs:24:1476:24:1479 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1476:24:1479 | this access | UseUseExplosion.cs:24:1493:24:1496 | this access |
+| UseUseExplosion.cs:24:1476:24:1479 | this access | UseUseExplosion.cs:24:1903:24:1908 | this access |
+| UseUseExplosion.cs:24:1493:24:1496 | [post] this access | UseUseExplosion.cs:24:1510:24:1513 | this access |
+| UseUseExplosion.cs:24:1493:24:1496 | [post] this access | UseUseExplosion.cs:24:1888:24:1893 | this access |
+| UseUseExplosion.cs:24:1493:24:1496 | access to property Prop | UseUseExplosion.cs:24:1510:24:1513 | access to property Prop |
+| UseUseExplosion.cs:24:1493:24:1496 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1493:24:1496 | this access | UseUseExplosion.cs:24:1510:24:1513 | this access |
+| UseUseExplosion.cs:24:1493:24:1496 | this access | UseUseExplosion.cs:24:1888:24:1893 | this access |
+| UseUseExplosion.cs:24:1510:24:1513 | [post] this access | UseUseExplosion.cs:24:1527:24:1530 | this access |
+| UseUseExplosion.cs:24:1510:24:1513 | [post] this access | UseUseExplosion.cs:24:1873:24:1878 | this access |
+| UseUseExplosion.cs:24:1510:24:1513 | access to property Prop | UseUseExplosion.cs:24:1527:24:1530 | access to property Prop |
+| UseUseExplosion.cs:24:1510:24:1513 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1510:24:1513 | this access | UseUseExplosion.cs:24:1527:24:1530 | this access |
+| UseUseExplosion.cs:24:1510:24:1513 | this access | UseUseExplosion.cs:24:1873:24:1878 | this access |
+| UseUseExplosion.cs:24:1527:24:1530 | [post] this access | UseUseExplosion.cs:24:1544:24:1547 | this access |
+| UseUseExplosion.cs:24:1527:24:1530 | [post] this access | UseUseExplosion.cs:24:1858:24:1863 | this access |
+| UseUseExplosion.cs:24:1527:24:1530 | access to property Prop | UseUseExplosion.cs:24:1544:24:1547 | access to property Prop |
+| UseUseExplosion.cs:24:1527:24:1530 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1527:24:1530 | this access | UseUseExplosion.cs:24:1544:24:1547 | this access |
+| UseUseExplosion.cs:24:1527:24:1530 | this access | UseUseExplosion.cs:24:1858:24:1863 | this access |
+| UseUseExplosion.cs:24:1544:24:1547 | [post] this access | UseUseExplosion.cs:24:1561:24:1564 | this access |
+| UseUseExplosion.cs:24:1544:24:1547 | [post] this access | UseUseExplosion.cs:24:1843:24:1848 | this access |
+| UseUseExplosion.cs:24:1544:24:1547 | access to property Prop | UseUseExplosion.cs:24:1561:24:1564 | access to property Prop |
+| UseUseExplosion.cs:24:1544:24:1547 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1544:24:1547 | this access | UseUseExplosion.cs:24:1561:24:1564 | this access |
+| UseUseExplosion.cs:24:1544:24:1547 | this access | UseUseExplosion.cs:24:1843:24:1848 | this access |
+| UseUseExplosion.cs:24:1561:24:1564 | [post] this access | UseUseExplosion.cs:24:1577:24:1580 | this access |
+| UseUseExplosion.cs:24:1561:24:1564 | [post] this access | UseUseExplosion.cs:24:1828:24:1833 | this access |
+| UseUseExplosion.cs:24:1561:24:1564 | access to property Prop | UseUseExplosion.cs:24:1577:24:1580 | access to property Prop |
+| UseUseExplosion.cs:24:1561:24:1564 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1561:24:1564 | this access | UseUseExplosion.cs:24:1577:24:1580 | this access |
+| UseUseExplosion.cs:24:1561:24:1564 | this access | UseUseExplosion.cs:24:1828:24:1833 | this access |
+| UseUseExplosion.cs:24:1577:24:1580 | [post] this access | UseUseExplosion.cs:24:1593:24:1596 | this access |
+| UseUseExplosion.cs:24:1577:24:1580 | [post] this access | UseUseExplosion.cs:24:1813:24:1818 | this access |
+| UseUseExplosion.cs:24:1577:24:1580 | access to property Prop | UseUseExplosion.cs:24:1593:24:1596 | access to property Prop |
+| UseUseExplosion.cs:24:1577:24:1580 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1577:24:1580 | this access | UseUseExplosion.cs:24:1593:24:1596 | this access |
+| UseUseExplosion.cs:24:1577:24:1580 | this access | UseUseExplosion.cs:24:1813:24:1818 | this access |
+| UseUseExplosion.cs:24:1593:24:1596 | [post] this access | UseUseExplosion.cs:24:1609:24:1612 | this access |
+| UseUseExplosion.cs:24:1593:24:1596 | [post] this access | UseUseExplosion.cs:24:1798:24:1803 | this access |
+| UseUseExplosion.cs:24:1593:24:1596 | access to property Prop | UseUseExplosion.cs:24:1609:24:1612 | access to property Prop |
+| UseUseExplosion.cs:24:1593:24:1596 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1593:24:1596 | this access | UseUseExplosion.cs:24:1609:24:1612 | this access |
+| UseUseExplosion.cs:24:1593:24:1596 | this access | UseUseExplosion.cs:24:1798:24:1803 | this access |
+| UseUseExplosion.cs:24:1609:24:1612 | [post] this access | UseUseExplosion.cs:24:1625:24:1628 | this access |
+| UseUseExplosion.cs:24:1609:24:1612 | [post] this access | UseUseExplosion.cs:24:1783:24:1788 | this access |
+| UseUseExplosion.cs:24:1609:24:1612 | access to property Prop | UseUseExplosion.cs:24:1625:24:1628 | access to property Prop |
+| UseUseExplosion.cs:24:1609:24:1612 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1609:24:1612 | this access | UseUseExplosion.cs:24:1625:24:1628 | this access |
+| UseUseExplosion.cs:24:1609:24:1612 | this access | UseUseExplosion.cs:24:1783:24:1788 | this access |
+| UseUseExplosion.cs:24:1625:24:1628 | [post] this access | UseUseExplosion.cs:24:1641:24:1644 | this access |
+| UseUseExplosion.cs:24:1625:24:1628 | [post] this access | UseUseExplosion.cs:24:1768:24:1773 | this access |
+| UseUseExplosion.cs:24:1625:24:1628 | access to property Prop | UseUseExplosion.cs:24:1641:24:1644 | access to property Prop |
+| UseUseExplosion.cs:24:1625:24:1628 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1625:24:1628 | this access | UseUseExplosion.cs:24:1641:24:1644 | this access |
+| UseUseExplosion.cs:24:1625:24:1628 | this access | UseUseExplosion.cs:24:1768:24:1773 | this access |
+| UseUseExplosion.cs:24:1641:24:1644 | [post] this access | UseUseExplosion.cs:24:1657:24:1660 | this access |
+| UseUseExplosion.cs:24:1641:24:1644 | [post] this access | UseUseExplosion.cs:24:1753:24:1758 | this access |
+| UseUseExplosion.cs:24:1641:24:1644 | access to property Prop | UseUseExplosion.cs:24:1657:24:1660 | access to property Prop |
+| UseUseExplosion.cs:24:1641:24:1644 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1641:24:1644 | this access | UseUseExplosion.cs:24:1657:24:1660 | this access |
+| UseUseExplosion.cs:24:1641:24:1644 | this access | UseUseExplosion.cs:24:1753:24:1758 | this access |
+| UseUseExplosion.cs:24:1657:24:1660 | [post] this access | UseUseExplosion.cs:24:1673:24:1676 | this access |
+| UseUseExplosion.cs:24:1657:24:1660 | [post] this access | UseUseExplosion.cs:24:1738:24:1743 | this access |
+| UseUseExplosion.cs:24:1657:24:1660 | access to property Prop | UseUseExplosion.cs:24:1673:24:1676 | access to property Prop |
+| UseUseExplosion.cs:24:1657:24:1660 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1657:24:1660 | this access | UseUseExplosion.cs:24:1673:24:1676 | this access |
+| UseUseExplosion.cs:24:1657:24:1660 | this access | UseUseExplosion.cs:24:1738:24:1743 | this access |
+| UseUseExplosion.cs:24:1673:24:1676 | [post] this access | UseUseExplosion.cs:24:1689:24:1692 | this access |
+| UseUseExplosion.cs:24:1673:24:1676 | [post] this access | UseUseExplosion.cs:24:1723:24:1728 | this access |
+| UseUseExplosion.cs:24:1673:24:1676 | access to property Prop | UseUseExplosion.cs:24:1689:24:1692 | access to property Prop |
+| UseUseExplosion.cs:24:1673:24:1676 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1673:24:1676 | this access | UseUseExplosion.cs:24:1689:24:1692 | this access |
+| UseUseExplosion.cs:24:1673:24:1676 | this access | UseUseExplosion.cs:24:1723:24:1728 | this access |
+| UseUseExplosion.cs:24:1689:24:1692 | [post] this access | UseUseExplosion.cs:24:1708:24:1713 | this access |
+| UseUseExplosion.cs:24:1689:24:1692 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1689:24:1692 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1689:24:1692 | this access | UseUseExplosion.cs:24:1708:24:1713 | this access |
+| UseUseExplosion.cs:24:1689:24:1692 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1708:24:1713 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1708:24:1713 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1712:24:1712 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1723:24:1728 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1723:24:1728 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1727:24:1727 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1738:24:1743 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1738:24:1743 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1742:24:1742 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1753:24:1758 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1753:24:1758 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1757:24:1757 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1768:24:1773 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1768:24:1773 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1772:24:1772 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1783:24:1788 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1783:24:1788 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1787:24:1787 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1798:24:1803 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1798:24:1803 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1802:24:1802 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1813:24:1818 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1813:24:1818 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1817:24:1817 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1828:24:1833 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1828:24:1833 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1832:24:1832 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1843:24:1848 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1843:24:1848 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1847:24:1847 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1858:24:1863 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1858:24:1863 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1862:24:1862 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1873:24:1878 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1873:24:1878 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1877:24:1877 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1888:24:1893 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1888:24:1893 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1892:24:1892 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1903:24:1908 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1903:24:1908 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1907:24:1907 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1918:24:1923 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1918:24:1923 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1922:24:1922 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1933:24:1938 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1933:24:1938 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1937:24:1937 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1948:24:1953 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1948:24:1953 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1952:24:1952 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1963:24:1968 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1963:24:1968 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1967:24:1967 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1978:24:1983 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1978:24:1983 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1982:24:1982 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1993:24:1998 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1993:24:1998 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1997:24:1997 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2008:24:2013 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2008:24:2013 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2012:24:2012 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2023:24:2028 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2023:24:2028 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2027:24:2027 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2038:24:2043 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2038:24:2043 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2042:24:2042 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2053:24:2058 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2053:24:2058 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2057:24:2057 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2068:24:2073 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2068:24:2073 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2072:24:2072 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2083:24:2088 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2083:24:2088 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2087:24:2087 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2098:24:2103 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2098:24:2103 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2102:24:2102 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2113:24:2118 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2113:24:2118 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2117:24:2117 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2128:24:2133 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2128:24:2133 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2132:24:2132 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2143:24:2148 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2143:24:2148 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2147:24:2147 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2158:24:2163 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2158:24:2163 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2162:24:2162 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2173:24:2178 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2173:24:2178 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2177:24:2177 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2188:24:2193 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2188:24:2193 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2192:24:2192 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2203:24:2208 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2203:24:2208 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2207:24:2207 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2218:24:2223 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2218:24:2223 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2222:24:2222 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2233:24:2238 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2233:24:2238 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2237:24:2237 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2248:24:2253 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2248:24:2253 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2252:24:2252 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2263:24:2268 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2263:24:2268 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2267:24:2267 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2278:24:2283 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2278:24:2283 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2282:24:2282 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2293:24:2298 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2293:24:2298 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2297:24:2297 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2308:24:2313 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2308:24:2313 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2312:24:2312 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2323:24:2328 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2323:24:2328 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2327:24:2327 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2338:24:2343 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2338:24:2343 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2342:24:2342 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2353:24:2358 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2353:24:2358 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2357:24:2357 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2368:24:2373 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2368:24:2373 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2372:24:2372 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2383:24:2388 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2383:24:2388 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2387:24:2387 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2398:24:2403 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2398:24:2403 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2402:24:2402 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2413:24:2418 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2413:24:2418 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2417:24:2417 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2428:24:2433 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2428:24:2433 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2432:24:2432 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2443:24:2448 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2443:24:2448 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2447:24:2447 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2458:24:2463 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2458:24:2463 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2462:24:2462 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2473:24:2478 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2473:24:2478 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2477:24:2477 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2488:24:2493 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2488:24:2493 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2492:24:2492 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2503:24:2508 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2503:24:2508 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2507:24:2507 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2518:24:2523 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2518:24:2523 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2522:24:2522 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2533:24:2538 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2533:24:2538 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2537:24:2537 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2548:24:2553 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2548:24:2553 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2552:24:2552 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2563:24:2568 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2563:24:2568 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2567:24:2567 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2578:24:2583 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2578:24:2583 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2582:24:2582 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2593:24:2598 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2593:24:2598 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2597:24:2597 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2608:24:2613 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2608:24:2613 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2612:24:2612 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2623:24:2628 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2623:24:2628 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2627:24:2627 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2638:24:2643 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2638:24:2643 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2642:24:2642 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2653:24:2658 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2653:24:2658 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2657:24:2657 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2668:24:2673 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2668:24:2673 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2672:24:2672 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2683:24:2688 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2683:24:2688 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2687:24:2687 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2698:24:2703 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2698:24:2703 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2702:24:2702 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2713:24:2718 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2713:24:2718 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2717:24:2717 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2728:24:2733 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2728:24:2733 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2732:24:2732 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2743:24:2748 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2743:24:2748 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2747:24:2747 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2758:24:2763 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2758:24:2763 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2762:24:2762 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2773:24:2778 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2773:24:2778 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2777:24:2777 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2788:24:2793 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2788:24:2793 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2792:24:2792 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2803:24:2808 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2803:24:2808 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2807:24:2807 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2818:24:2823 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2818:24:2823 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2822:24:2822 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2833:24:2838 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2833:24:2838 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2837:24:2837 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2848:24:2853 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2848:24:2853 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2852:24:2852 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2863:24:2868 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2863:24:2868 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2867:24:2867 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2878:24:2883 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2878:24:2883 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2882:24:2882 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2893:24:2898 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2893:24:2898 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2897:24:2897 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2908:24:2913 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2908:24:2913 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2912:24:2912 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2923:24:2928 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2923:24:2928 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2927:24:2927 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2938:24:2943 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2938:24:2943 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2942:24:2942 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2953:24:2958 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2953:24:2958 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2957:24:2957 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2968:24:2973 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2968:24:2973 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2972:24:2972 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2983:24:2988 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2983:24:2988 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2987:24:2987 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2998:24:3003 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2998:24:3003 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3002:24:3002 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3013:24:3018 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3013:24:3018 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3017:24:3017 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3028:24:3033 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3028:24:3033 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3032:24:3032 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3043:24:3048 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3043:24:3048 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3047:24:3047 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3058:24:3063 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3058:24:3063 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3062:24:3062 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3073:24:3078 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3073:24:3078 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3077:24:3077 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3088:24:3093 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3088:24:3093 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3092:24:3092 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3103:24:3108 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3103:24:3108 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3107:24:3107 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3118:24:3123 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3118:24:3123 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3122:24:3122 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3133:24:3138 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3133:24:3138 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3137:24:3137 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3148:24:3153 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3148:24:3153 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3152:24:3152 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3163:24:3168 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3163:24:3168 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3167:24:3167 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3178:24:3183 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3178:24:3183 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3182:24:3182 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3193:24:3198 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3193:24:3198 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3197:24:3197 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) | UseUseExplosion.cs:25:13:25:16 | access to property Prop |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1712:25:1712 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1727:25:1727 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1742:25:1742 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1757:25:1757 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1772:25:1772 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1787:25:1787 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1802:25:1802 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1817:25:1817 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1832:25:1832 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1847:25:1847 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1862:25:1862 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1877:25:1877 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1892:25:1892 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1907:25:1907 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1922:25:1922 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1937:25:1937 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1952:25:1952 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1967:25:1967 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1982:25:1982 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1997:25:1997 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2012:25:2012 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2027:25:2027 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2042:25:2042 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2057:25:2057 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2072:25:2072 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2087:25:2087 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2102:25:2102 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2117:25:2117 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2132:25:2132 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2147:25:2147 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2162:25:2162 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2177:25:2177 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2192:25:2192 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2207:25:2207 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2222:25:2222 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2237:25:2237 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2252:25:2252 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2267:25:2267 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2282:25:2282 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2297:25:2297 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2312:25:2312 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2327:25:2327 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2342:25:2342 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2357:25:2357 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2372:25:2372 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2387:25:2387 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2402:25:2402 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2417:25:2417 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2432:25:2432 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2447:25:2447 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2462:25:2462 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2477:25:2477 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2492:25:2492 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2507:25:2507 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2522:25:2522 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2537:25:2537 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2552:25:2552 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2567:25:2567 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2582:25:2582 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2597:25:2597 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2612:25:2612 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2627:25:2627 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2642:25:2642 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2657:25:2657 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2672:25:2672 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2687:25:2687 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2702:25:2702 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2717:25:2717 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2732:25:2732 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2747:25:2747 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2762:25:2762 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2777:25:2777 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2792:25:2792 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2807:25:2807 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2822:25:2822 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2837:25:2837 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2852:25:2852 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2867:25:2867 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2882:25:2882 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2897:25:2897 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2912:25:2912 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2927:25:2927 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2942:25:2942 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2957:25:2957 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2972:25:2972 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2987:25:2987 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3002:25:3002 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3017:25:3017 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3032:25:3032 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3047:25:3047 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3062:25:3062 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3077:25:3077 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3092:25:3092 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3107:25:3107 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3122:25:3122 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3137:25:3137 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3152:25:3152 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3167:25:3167 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3182:25:3182 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3197:25:3197 | access to local variable x |
+| UseUseExplosion.cs:25:13:25:16 | [post] this access | UseUseExplosion.cs:25:31:25:34 | this access |
+| UseUseExplosion.cs:25:13:25:16 | [post] this access | UseUseExplosion.cs:25:3193:25:3198 | this access |
+| UseUseExplosion.cs:25:13:25:16 | access to property Prop | UseUseExplosion.cs:25:31:25:34 | access to property Prop |
+| UseUseExplosion.cs:25:13:25:16 | this access | UseUseExplosion.cs:25:31:25:34 | this access |
+| UseUseExplosion.cs:25:13:25:16 | this access | UseUseExplosion.cs:25:3193:25:3198 | this access |
+| UseUseExplosion.cs:25:31:25:34 | [post] this access | UseUseExplosion.cs:25:48:25:51 | this access |
+| UseUseExplosion.cs:25:31:25:34 | [post] this access | UseUseExplosion.cs:25:3178:25:3183 | this access |
+| UseUseExplosion.cs:25:31:25:34 | access to property Prop | UseUseExplosion.cs:25:48:25:51 | access to property Prop |
+| UseUseExplosion.cs:25:31:25:34 | this access | UseUseExplosion.cs:25:48:25:51 | this access |
+| UseUseExplosion.cs:25:31:25:34 | this access | UseUseExplosion.cs:25:3178:25:3183 | this access |
+| UseUseExplosion.cs:25:48:25:51 | [post] this access | UseUseExplosion.cs:25:65:25:68 | this access |
+| UseUseExplosion.cs:25:48:25:51 | [post] this access | UseUseExplosion.cs:25:3163:25:3168 | this access |
+| UseUseExplosion.cs:25:48:25:51 | access to property Prop | UseUseExplosion.cs:25:65:25:68 | access to property Prop |
+| UseUseExplosion.cs:25:48:25:51 | this access | UseUseExplosion.cs:25:65:25:68 | this access |
+| UseUseExplosion.cs:25:48:25:51 | this access | UseUseExplosion.cs:25:3163:25:3168 | this access |
+| UseUseExplosion.cs:25:65:25:68 | [post] this access | UseUseExplosion.cs:25:82:25:85 | this access |
+| UseUseExplosion.cs:25:65:25:68 | [post] this access | UseUseExplosion.cs:25:3148:25:3153 | this access |
+| UseUseExplosion.cs:25:65:25:68 | access to property Prop | UseUseExplosion.cs:25:82:25:85 | access to property Prop |
+| UseUseExplosion.cs:25:65:25:68 | this access | UseUseExplosion.cs:25:82:25:85 | this access |
+| UseUseExplosion.cs:25:65:25:68 | this access | UseUseExplosion.cs:25:3148:25:3153 | this access |
+| UseUseExplosion.cs:25:82:25:85 | [post] this access | UseUseExplosion.cs:25:99:25:102 | this access |
+| UseUseExplosion.cs:25:82:25:85 | [post] this access | UseUseExplosion.cs:25:3133:25:3138 | this access |
+| UseUseExplosion.cs:25:82:25:85 | access to property Prop | UseUseExplosion.cs:25:99:25:102 | access to property Prop |
+| UseUseExplosion.cs:25:82:25:85 | this access | UseUseExplosion.cs:25:99:25:102 | this access |
+| UseUseExplosion.cs:25:82:25:85 | this access | UseUseExplosion.cs:25:3133:25:3138 | this access |
+| UseUseExplosion.cs:25:99:25:102 | [post] this access | UseUseExplosion.cs:25:116:25:119 | this access |
+| UseUseExplosion.cs:25:99:25:102 | [post] this access | UseUseExplosion.cs:25:3118:25:3123 | this access |
+| UseUseExplosion.cs:25:99:25:102 | access to property Prop | UseUseExplosion.cs:25:116:25:119 | access to property Prop |
+| UseUseExplosion.cs:25:99:25:102 | this access | UseUseExplosion.cs:25:116:25:119 | this access |
+| UseUseExplosion.cs:25:99:25:102 | this access | UseUseExplosion.cs:25:3118:25:3123 | this access |
+| UseUseExplosion.cs:25:116:25:119 | [post] this access | UseUseExplosion.cs:25:133:25:136 | this access |
+| UseUseExplosion.cs:25:116:25:119 | [post] this access | UseUseExplosion.cs:25:3103:25:3108 | this access |
+| UseUseExplosion.cs:25:116:25:119 | access to property Prop | UseUseExplosion.cs:25:133:25:136 | access to property Prop |
+| UseUseExplosion.cs:25:116:25:119 | this access | UseUseExplosion.cs:25:133:25:136 | this access |
+| UseUseExplosion.cs:25:116:25:119 | this access | UseUseExplosion.cs:25:3103:25:3108 | this access |
+| UseUseExplosion.cs:25:133:25:136 | [post] this access | UseUseExplosion.cs:25:150:25:153 | this access |
+| UseUseExplosion.cs:25:133:25:136 | [post] this access | UseUseExplosion.cs:25:3088:25:3093 | this access |
+| UseUseExplosion.cs:25:133:25:136 | access to property Prop | UseUseExplosion.cs:25:150:25:153 | access to property Prop |
+| UseUseExplosion.cs:25:133:25:136 | this access | UseUseExplosion.cs:25:150:25:153 | this access |
+| UseUseExplosion.cs:25:133:25:136 | this access | UseUseExplosion.cs:25:3088:25:3093 | this access |
+| UseUseExplosion.cs:25:150:25:153 | [post] this access | UseUseExplosion.cs:25:167:25:170 | this access |
+| UseUseExplosion.cs:25:150:25:153 | [post] this access | UseUseExplosion.cs:25:3073:25:3078 | this access |
+| UseUseExplosion.cs:25:150:25:153 | access to property Prop | UseUseExplosion.cs:25:167:25:170 | access to property Prop |
+| UseUseExplosion.cs:25:150:25:153 | this access | UseUseExplosion.cs:25:167:25:170 | this access |
+| UseUseExplosion.cs:25:150:25:153 | this access | UseUseExplosion.cs:25:3073:25:3078 | this access |
+| UseUseExplosion.cs:25:167:25:170 | [post] this access | UseUseExplosion.cs:25:184:25:187 | this access |
+| UseUseExplosion.cs:25:167:25:170 | [post] this access | UseUseExplosion.cs:25:3058:25:3063 | this access |
+| UseUseExplosion.cs:25:167:25:170 | access to property Prop | UseUseExplosion.cs:25:184:25:187 | access to property Prop |
+| UseUseExplosion.cs:25:167:25:170 | this access | UseUseExplosion.cs:25:184:25:187 | this access |
+| UseUseExplosion.cs:25:167:25:170 | this access | UseUseExplosion.cs:25:3058:25:3063 | this access |
+| UseUseExplosion.cs:25:184:25:187 | [post] this access | UseUseExplosion.cs:25:201:25:204 | this access |
+| UseUseExplosion.cs:25:184:25:187 | [post] this access | UseUseExplosion.cs:25:3043:25:3048 | this access |
+| UseUseExplosion.cs:25:184:25:187 | access to property Prop | UseUseExplosion.cs:25:201:25:204 | access to property Prop |
+| UseUseExplosion.cs:25:184:25:187 | this access | UseUseExplosion.cs:25:201:25:204 | this access |
+| UseUseExplosion.cs:25:184:25:187 | this access | UseUseExplosion.cs:25:3043:25:3048 | this access |
+| UseUseExplosion.cs:25:201:25:204 | [post] this access | UseUseExplosion.cs:25:218:25:221 | this access |
+| UseUseExplosion.cs:25:201:25:204 | [post] this access | UseUseExplosion.cs:25:3028:25:3033 | this access |
+| UseUseExplosion.cs:25:201:25:204 | access to property Prop | UseUseExplosion.cs:25:218:25:221 | access to property Prop |
+| UseUseExplosion.cs:25:201:25:204 | this access | UseUseExplosion.cs:25:218:25:221 | this access |
+| UseUseExplosion.cs:25:201:25:204 | this access | UseUseExplosion.cs:25:3028:25:3033 | this access |
+| UseUseExplosion.cs:25:218:25:221 | [post] this access | UseUseExplosion.cs:25:235:25:238 | this access |
+| UseUseExplosion.cs:25:218:25:221 | [post] this access | UseUseExplosion.cs:25:3013:25:3018 | this access |
+| UseUseExplosion.cs:25:218:25:221 | access to property Prop | UseUseExplosion.cs:25:235:25:238 | access to property Prop |
+| UseUseExplosion.cs:25:218:25:221 | this access | UseUseExplosion.cs:25:235:25:238 | this access |
+| UseUseExplosion.cs:25:218:25:221 | this access | UseUseExplosion.cs:25:3013:25:3018 | this access |
+| UseUseExplosion.cs:25:235:25:238 | [post] this access | UseUseExplosion.cs:25:252:25:255 | this access |
+| UseUseExplosion.cs:25:235:25:238 | [post] this access | UseUseExplosion.cs:25:2998:25:3003 | this access |
+| UseUseExplosion.cs:25:235:25:238 | access to property Prop | UseUseExplosion.cs:25:252:25:255 | access to property Prop |
+| UseUseExplosion.cs:25:235:25:238 | this access | UseUseExplosion.cs:25:252:25:255 | this access |
+| UseUseExplosion.cs:25:235:25:238 | this access | UseUseExplosion.cs:25:2998:25:3003 | this access |
+| UseUseExplosion.cs:25:252:25:255 | [post] this access | UseUseExplosion.cs:25:269:25:272 | this access |
+| UseUseExplosion.cs:25:252:25:255 | [post] this access | UseUseExplosion.cs:25:2983:25:2988 | this access |
+| UseUseExplosion.cs:25:252:25:255 | access to property Prop | UseUseExplosion.cs:25:269:25:272 | access to property Prop |
+| UseUseExplosion.cs:25:252:25:255 | this access | UseUseExplosion.cs:25:269:25:272 | this access |
+| UseUseExplosion.cs:25:252:25:255 | this access | UseUseExplosion.cs:25:2983:25:2988 | this access |
+| UseUseExplosion.cs:25:269:25:272 | [post] this access | UseUseExplosion.cs:25:286:25:289 | this access |
+| UseUseExplosion.cs:25:269:25:272 | [post] this access | UseUseExplosion.cs:25:2968:25:2973 | this access |
+| UseUseExplosion.cs:25:269:25:272 | access to property Prop | UseUseExplosion.cs:25:286:25:289 | access to property Prop |
+| UseUseExplosion.cs:25:269:25:272 | this access | UseUseExplosion.cs:25:286:25:289 | this access |
+| UseUseExplosion.cs:25:269:25:272 | this access | UseUseExplosion.cs:25:2968:25:2973 | this access |
+| UseUseExplosion.cs:25:286:25:289 | [post] this access | UseUseExplosion.cs:25:303:25:306 | this access |
+| UseUseExplosion.cs:25:286:25:289 | [post] this access | UseUseExplosion.cs:25:2953:25:2958 | this access |
+| UseUseExplosion.cs:25:286:25:289 | access to property Prop | UseUseExplosion.cs:25:303:25:306 | access to property Prop |
+| UseUseExplosion.cs:25:286:25:289 | this access | UseUseExplosion.cs:25:303:25:306 | this access |
+| UseUseExplosion.cs:25:286:25:289 | this access | UseUseExplosion.cs:25:2953:25:2958 | this access |
+| UseUseExplosion.cs:25:303:25:306 | [post] this access | UseUseExplosion.cs:25:320:25:323 | this access |
+| UseUseExplosion.cs:25:303:25:306 | [post] this access | UseUseExplosion.cs:25:2938:25:2943 | this access |
+| UseUseExplosion.cs:25:303:25:306 | access to property Prop | UseUseExplosion.cs:25:320:25:323 | access to property Prop |
+| UseUseExplosion.cs:25:303:25:306 | this access | UseUseExplosion.cs:25:320:25:323 | this access |
+| UseUseExplosion.cs:25:303:25:306 | this access | UseUseExplosion.cs:25:2938:25:2943 | this access |
+| UseUseExplosion.cs:25:320:25:323 | [post] this access | UseUseExplosion.cs:25:337:25:340 | this access |
+| UseUseExplosion.cs:25:320:25:323 | [post] this access | UseUseExplosion.cs:25:2923:25:2928 | this access |
+| UseUseExplosion.cs:25:320:25:323 | access to property Prop | UseUseExplosion.cs:25:337:25:340 | access to property Prop |
+| UseUseExplosion.cs:25:320:25:323 | this access | UseUseExplosion.cs:25:337:25:340 | this access |
+| UseUseExplosion.cs:25:320:25:323 | this access | UseUseExplosion.cs:25:2923:25:2928 | this access |
+| UseUseExplosion.cs:25:337:25:340 | [post] this access | UseUseExplosion.cs:25:354:25:357 | this access |
+| UseUseExplosion.cs:25:337:25:340 | [post] this access | UseUseExplosion.cs:25:2908:25:2913 | this access |
+| UseUseExplosion.cs:25:337:25:340 | access to property Prop | UseUseExplosion.cs:25:354:25:357 | access to property Prop |
+| UseUseExplosion.cs:25:337:25:340 | this access | UseUseExplosion.cs:25:354:25:357 | this access |
+| UseUseExplosion.cs:25:337:25:340 | this access | UseUseExplosion.cs:25:2908:25:2913 | this access |
+| UseUseExplosion.cs:25:354:25:357 | [post] this access | UseUseExplosion.cs:25:371:25:374 | this access |
+| UseUseExplosion.cs:25:354:25:357 | [post] this access | UseUseExplosion.cs:25:2893:25:2898 | this access |
+| UseUseExplosion.cs:25:354:25:357 | access to property Prop | UseUseExplosion.cs:25:371:25:374 | access to property Prop |
+| UseUseExplosion.cs:25:354:25:357 | this access | UseUseExplosion.cs:25:371:25:374 | this access |
+| UseUseExplosion.cs:25:354:25:357 | this access | UseUseExplosion.cs:25:2893:25:2898 | this access |
+| UseUseExplosion.cs:25:371:25:374 | [post] this access | UseUseExplosion.cs:25:388:25:391 | this access |
+| UseUseExplosion.cs:25:371:25:374 | [post] this access | UseUseExplosion.cs:25:2878:25:2883 | this access |
+| UseUseExplosion.cs:25:371:25:374 | access to property Prop | UseUseExplosion.cs:25:388:25:391 | access to property Prop |
+| UseUseExplosion.cs:25:371:25:374 | this access | UseUseExplosion.cs:25:388:25:391 | this access |
+| UseUseExplosion.cs:25:371:25:374 | this access | UseUseExplosion.cs:25:2878:25:2883 | this access |
+| UseUseExplosion.cs:25:388:25:391 | [post] this access | UseUseExplosion.cs:25:405:25:408 | this access |
+| UseUseExplosion.cs:25:388:25:391 | [post] this access | UseUseExplosion.cs:25:2863:25:2868 | this access |
+| UseUseExplosion.cs:25:388:25:391 | access to property Prop | UseUseExplosion.cs:25:405:25:408 | access to property Prop |
+| UseUseExplosion.cs:25:388:25:391 | this access | UseUseExplosion.cs:25:405:25:408 | this access |
+| UseUseExplosion.cs:25:388:25:391 | this access | UseUseExplosion.cs:25:2863:25:2868 | this access |
+| UseUseExplosion.cs:25:405:25:408 | [post] this access | UseUseExplosion.cs:25:422:25:425 | this access |
+| UseUseExplosion.cs:25:405:25:408 | [post] this access | UseUseExplosion.cs:25:2848:25:2853 | this access |
+| UseUseExplosion.cs:25:405:25:408 | access to property Prop | UseUseExplosion.cs:25:422:25:425 | access to property Prop |
+| UseUseExplosion.cs:25:405:25:408 | this access | UseUseExplosion.cs:25:422:25:425 | this access |
+| UseUseExplosion.cs:25:405:25:408 | this access | UseUseExplosion.cs:25:2848:25:2853 | this access |
+| UseUseExplosion.cs:25:422:25:425 | [post] this access | UseUseExplosion.cs:25:439:25:442 | this access |
+| UseUseExplosion.cs:25:422:25:425 | [post] this access | UseUseExplosion.cs:25:2833:25:2838 | this access |
+| UseUseExplosion.cs:25:422:25:425 | access to property Prop | UseUseExplosion.cs:25:439:25:442 | access to property Prop |
+| UseUseExplosion.cs:25:422:25:425 | this access | UseUseExplosion.cs:25:439:25:442 | this access |
+| UseUseExplosion.cs:25:422:25:425 | this access | UseUseExplosion.cs:25:2833:25:2838 | this access |
+| UseUseExplosion.cs:25:439:25:442 | [post] this access | UseUseExplosion.cs:25:456:25:459 | this access |
+| UseUseExplosion.cs:25:439:25:442 | [post] this access | UseUseExplosion.cs:25:2818:25:2823 | this access |
+| UseUseExplosion.cs:25:439:25:442 | access to property Prop | UseUseExplosion.cs:25:456:25:459 | access to property Prop |
+| UseUseExplosion.cs:25:439:25:442 | this access | UseUseExplosion.cs:25:456:25:459 | this access |
+| UseUseExplosion.cs:25:439:25:442 | this access | UseUseExplosion.cs:25:2818:25:2823 | this access |
+| UseUseExplosion.cs:25:456:25:459 | [post] this access | UseUseExplosion.cs:25:473:25:476 | this access |
+| UseUseExplosion.cs:25:456:25:459 | [post] this access | UseUseExplosion.cs:25:2803:25:2808 | this access |
+| UseUseExplosion.cs:25:456:25:459 | access to property Prop | UseUseExplosion.cs:25:473:25:476 | access to property Prop |
+| UseUseExplosion.cs:25:456:25:459 | this access | UseUseExplosion.cs:25:473:25:476 | this access |
+| UseUseExplosion.cs:25:456:25:459 | this access | UseUseExplosion.cs:25:2803:25:2808 | this access |
+| UseUseExplosion.cs:25:473:25:476 | [post] this access | UseUseExplosion.cs:25:490:25:493 | this access |
+| UseUseExplosion.cs:25:473:25:476 | [post] this access | UseUseExplosion.cs:25:2788:25:2793 | this access |
+| UseUseExplosion.cs:25:473:25:476 | access to property Prop | UseUseExplosion.cs:25:490:25:493 | access to property Prop |
+| UseUseExplosion.cs:25:473:25:476 | this access | UseUseExplosion.cs:25:490:25:493 | this access |
+| UseUseExplosion.cs:25:473:25:476 | this access | UseUseExplosion.cs:25:2788:25:2793 | this access |
+| UseUseExplosion.cs:25:490:25:493 | [post] this access | UseUseExplosion.cs:25:507:25:510 | this access |
+| UseUseExplosion.cs:25:490:25:493 | [post] this access | UseUseExplosion.cs:25:2773:25:2778 | this access |
+| UseUseExplosion.cs:25:490:25:493 | access to property Prop | UseUseExplosion.cs:25:507:25:510 | access to property Prop |
+| UseUseExplosion.cs:25:490:25:493 | this access | UseUseExplosion.cs:25:507:25:510 | this access |
+| UseUseExplosion.cs:25:490:25:493 | this access | UseUseExplosion.cs:25:2773:25:2778 | this access |
+| UseUseExplosion.cs:25:507:25:510 | [post] this access | UseUseExplosion.cs:25:524:25:527 | this access |
+| UseUseExplosion.cs:25:507:25:510 | [post] this access | UseUseExplosion.cs:25:2758:25:2763 | this access |
+| UseUseExplosion.cs:25:507:25:510 | access to property Prop | UseUseExplosion.cs:25:524:25:527 | access to property Prop |
+| UseUseExplosion.cs:25:507:25:510 | this access | UseUseExplosion.cs:25:524:25:527 | this access |
+| UseUseExplosion.cs:25:507:25:510 | this access | UseUseExplosion.cs:25:2758:25:2763 | this access |
+| UseUseExplosion.cs:25:524:25:527 | [post] this access | UseUseExplosion.cs:25:541:25:544 | this access |
+| UseUseExplosion.cs:25:524:25:527 | [post] this access | UseUseExplosion.cs:25:2743:25:2748 | this access |
+| UseUseExplosion.cs:25:524:25:527 | access to property Prop | UseUseExplosion.cs:25:541:25:544 | access to property Prop |
+| UseUseExplosion.cs:25:524:25:527 | this access | UseUseExplosion.cs:25:541:25:544 | this access |
+| UseUseExplosion.cs:25:524:25:527 | this access | UseUseExplosion.cs:25:2743:25:2748 | this access |
+| UseUseExplosion.cs:25:541:25:544 | [post] this access | UseUseExplosion.cs:25:558:25:561 | this access |
+| UseUseExplosion.cs:25:541:25:544 | [post] this access | UseUseExplosion.cs:25:2728:25:2733 | this access |
+| UseUseExplosion.cs:25:541:25:544 | access to property Prop | UseUseExplosion.cs:25:558:25:561 | access to property Prop |
+| UseUseExplosion.cs:25:541:25:544 | this access | UseUseExplosion.cs:25:558:25:561 | this access |
+| UseUseExplosion.cs:25:541:25:544 | this access | UseUseExplosion.cs:25:2728:25:2733 | this access |
+| UseUseExplosion.cs:25:558:25:561 | [post] this access | UseUseExplosion.cs:25:575:25:578 | this access |
+| UseUseExplosion.cs:25:558:25:561 | [post] this access | UseUseExplosion.cs:25:2713:25:2718 | this access |
+| UseUseExplosion.cs:25:558:25:561 | access to property Prop | UseUseExplosion.cs:25:575:25:578 | access to property Prop |
+| UseUseExplosion.cs:25:558:25:561 | this access | UseUseExplosion.cs:25:575:25:578 | this access |
+| UseUseExplosion.cs:25:558:25:561 | this access | UseUseExplosion.cs:25:2713:25:2718 | this access |
+| UseUseExplosion.cs:25:575:25:578 | [post] this access | UseUseExplosion.cs:25:592:25:595 | this access |
+| UseUseExplosion.cs:25:575:25:578 | [post] this access | UseUseExplosion.cs:25:2698:25:2703 | this access |
+| UseUseExplosion.cs:25:575:25:578 | access to property Prop | UseUseExplosion.cs:25:592:25:595 | access to property Prop |
+| UseUseExplosion.cs:25:575:25:578 | this access | UseUseExplosion.cs:25:592:25:595 | this access |
+| UseUseExplosion.cs:25:575:25:578 | this access | UseUseExplosion.cs:25:2698:25:2703 | this access |
+| UseUseExplosion.cs:25:592:25:595 | [post] this access | UseUseExplosion.cs:25:609:25:612 | this access |
+| UseUseExplosion.cs:25:592:25:595 | [post] this access | UseUseExplosion.cs:25:2683:25:2688 | this access |
+| UseUseExplosion.cs:25:592:25:595 | access to property Prop | UseUseExplosion.cs:25:609:25:612 | access to property Prop |
+| UseUseExplosion.cs:25:592:25:595 | this access | UseUseExplosion.cs:25:609:25:612 | this access |
+| UseUseExplosion.cs:25:592:25:595 | this access | UseUseExplosion.cs:25:2683:25:2688 | this access |
+| UseUseExplosion.cs:25:609:25:612 | [post] this access | UseUseExplosion.cs:25:626:25:629 | this access |
+| UseUseExplosion.cs:25:609:25:612 | [post] this access | UseUseExplosion.cs:25:2668:25:2673 | this access |
+| UseUseExplosion.cs:25:609:25:612 | access to property Prop | UseUseExplosion.cs:25:626:25:629 | access to property Prop |
+| UseUseExplosion.cs:25:609:25:612 | this access | UseUseExplosion.cs:25:626:25:629 | this access |
+| UseUseExplosion.cs:25:609:25:612 | this access | UseUseExplosion.cs:25:2668:25:2673 | this access |
+| UseUseExplosion.cs:25:626:25:629 | [post] this access | UseUseExplosion.cs:25:643:25:646 | this access |
+| UseUseExplosion.cs:25:626:25:629 | [post] this access | UseUseExplosion.cs:25:2653:25:2658 | this access |
+| UseUseExplosion.cs:25:626:25:629 | access to property Prop | UseUseExplosion.cs:25:643:25:646 | access to property Prop |
+| UseUseExplosion.cs:25:626:25:629 | this access | UseUseExplosion.cs:25:643:25:646 | this access |
+| UseUseExplosion.cs:25:626:25:629 | this access | UseUseExplosion.cs:25:2653:25:2658 | this access |
+| UseUseExplosion.cs:25:643:25:646 | [post] this access | UseUseExplosion.cs:25:660:25:663 | this access |
+| UseUseExplosion.cs:25:643:25:646 | [post] this access | UseUseExplosion.cs:25:2638:25:2643 | this access |
+| UseUseExplosion.cs:25:643:25:646 | access to property Prop | UseUseExplosion.cs:25:660:25:663 | access to property Prop |
+| UseUseExplosion.cs:25:643:25:646 | this access | UseUseExplosion.cs:25:660:25:663 | this access |
+| UseUseExplosion.cs:25:643:25:646 | this access | UseUseExplosion.cs:25:2638:25:2643 | this access |
+| UseUseExplosion.cs:25:660:25:663 | [post] this access | UseUseExplosion.cs:25:677:25:680 | this access |
+| UseUseExplosion.cs:25:660:25:663 | [post] this access | UseUseExplosion.cs:25:2623:25:2628 | this access |
+| UseUseExplosion.cs:25:660:25:663 | access to property Prop | UseUseExplosion.cs:25:677:25:680 | access to property Prop |
+| UseUseExplosion.cs:25:660:25:663 | this access | UseUseExplosion.cs:25:677:25:680 | this access |
+| UseUseExplosion.cs:25:660:25:663 | this access | UseUseExplosion.cs:25:2623:25:2628 | this access |
+| UseUseExplosion.cs:25:677:25:680 | [post] this access | UseUseExplosion.cs:25:694:25:697 | this access |
+| UseUseExplosion.cs:25:677:25:680 | [post] this access | UseUseExplosion.cs:25:2608:25:2613 | this access |
+| UseUseExplosion.cs:25:677:25:680 | access to property Prop | UseUseExplosion.cs:25:694:25:697 | access to property Prop |
+| UseUseExplosion.cs:25:677:25:680 | this access | UseUseExplosion.cs:25:694:25:697 | this access |
+| UseUseExplosion.cs:25:677:25:680 | this access | UseUseExplosion.cs:25:2608:25:2613 | this access |
+| UseUseExplosion.cs:25:694:25:697 | [post] this access | UseUseExplosion.cs:25:711:25:714 | this access |
+| UseUseExplosion.cs:25:694:25:697 | [post] this access | UseUseExplosion.cs:25:2593:25:2598 | this access |
+| UseUseExplosion.cs:25:694:25:697 | access to property Prop | UseUseExplosion.cs:25:711:25:714 | access to property Prop |
+| UseUseExplosion.cs:25:694:25:697 | this access | UseUseExplosion.cs:25:711:25:714 | this access |
+| UseUseExplosion.cs:25:694:25:697 | this access | UseUseExplosion.cs:25:2593:25:2598 | this access |
+| UseUseExplosion.cs:25:711:25:714 | [post] this access | UseUseExplosion.cs:25:728:25:731 | this access |
+| UseUseExplosion.cs:25:711:25:714 | [post] this access | UseUseExplosion.cs:25:2578:25:2583 | this access |
+| UseUseExplosion.cs:25:711:25:714 | access to property Prop | UseUseExplosion.cs:25:728:25:731 | access to property Prop |
+| UseUseExplosion.cs:25:711:25:714 | this access | UseUseExplosion.cs:25:728:25:731 | this access |
+| UseUseExplosion.cs:25:711:25:714 | this access | UseUseExplosion.cs:25:2578:25:2583 | this access |
+| UseUseExplosion.cs:25:728:25:731 | [post] this access | UseUseExplosion.cs:25:745:25:748 | this access |
+| UseUseExplosion.cs:25:728:25:731 | [post] this access | UseUseExplosion.cs:25:2563:25:2568 | this access |
+| UseUseExplosion.cs:25:728:25:731 | access to property Prop | UseUseExplosion.cs:25:745:25:748 | access to property Prop |
+| UseUseExplosion.cs:25:728:25:731 | this access | UseUseExplosion.cs:25:745:25:748 | this access |
+| UseUseExplosion.cs:25:728:25:731 | this access | UseUseExplosion.cs:25:2563:25:2568 | this access |
+| UseUseExplosion.cs:25:745:25:748 | [post] this access | UseUseExplosion.cs:25:762:25:765 | this access |
+| UseUseExplosion.cs:25:745:25:748 | [post] this access | UseUseExplosion.cs:25:2548:25:2553 | this access |
+| UseUseExplosion.cs:25:745:25:748 | access to property Prop | UseUseExplosion.cs:25:762:25:765 | access to property Prop |
+| UseUseExplosion.cs:25:745:25:748 | this access | UseUseExplosion.cs:25:762:25:765 | this access |
+| UseUseExplosion.cs:25:745:25:748 | this access | UseUseExplosion.cs:25:2548:25:2553 | this access |
+| UseUseExplosion.cs:25:762:25:765 | [post] this access | UseUseExplosion.cs:25:779:25:782 | this access |
+| UseUseExplosion.cs:25:762:25:765 | [post] this access | UseUseExplosion.cs:25:2533:25:2538 | this access |
+| UseUseExplosion.cs:25:762:25:765 | access to property Prop | UseUseExplosion.cs:25:779:25:782 | access to property Prop |
+| UseUseExplosion.cs:25:762:25:765 | this access | UseUseExplosion.cs:25:779:25:782 | this access |
+| UseUseExplosion.cs:25:762:25:765 | this access | UseUseExplosion.cs:25:2533:25:2538 | this access |
+| UseUseExplosion.cs:25:779:25:782 | [post] this access | UseUseExplosion.cs:25:796:25:799 | this access |
+| UseUseExplosion.cs:25:779:25:782 | [post] this access | UseUseExplosion.cs:25:2518:25:2523 | this access |
+| UseUseExplosion.cs:25:779:25:782 | access to property Prop | UseUseExplosion.cs:25:796:25:799 | access to property Prop |
+| UseUseExplosion.cs:25:779:25:782 | this access | UseUseExplosion.cs:25:796:25:799 | this access |
+| UseUseExplosion.cs:25:779:25:782 | this access | UseUseExplosion.cs:25:2518:25:2523 | this access |
+| UseUseExplosion.cs:25:796:25:799 | [post] this access | UseUseExplosion.cs:25:813:25:816 | this access |
+| UseUseExplosion.cs:25:796:25:799 | [post] this access | UseUseExplosion.cs:25:2503:25:2508 | this access |
+| UseUseExplosion.cs:25:796:25:799 | access to property Prop | UseUseExplosion.cs:25:813:25:816 | access to property Prop |
+| UseUseExplosion.cs:25:796:25:799 | this access | UseUseExplosion.cs:25:813:25:816 | this access |
+| UseUseExplosion.cs:25:796:25:799 | this access | UseUseExplosion.cs:25:2503:25:2508 | this access |
+| UseUseExplosion.cs:25:813:25:816 | [post] this access | UseUseExplosion.cs:25:830:25:833 | this access |
+| UseUseExplosion.cs:25:813:25:816 | [post] this access | UseUseExplosion.cs:25:2488:25:2493 | this access |
+| UseUseExplosion.cs:25:813:25:816 | access to property Prop | UseUseExplosion.cs:25:830:25:833 | access to property Prop |
+| UseUseExplosion.cs:25:813:25:816 | this access | UseUseExplosion.cs:25:830:25:833 | this access |
+| UseUseExplosion.cs:25:813:25:816 | this access | UseUseExplosion.cs:25:2488:25:2493 | this access |
+| UseUseExplosion.cs:25:830:25:833 | [post] this access | UseUseExplosion.cs:25:847:25:850 | this access |
+| UseUseExplosion.cs:25:830:25:833 | [post] this access | UseUseExplosion.cs:25:2473:25:2478 | this access |
+| UseUseExplosion.cs:25:830:25:833 | access to property Prop | UseUseExplosion.cs:25:847:25:850 | access to property Prop |
+| UseUseExplosion.cs:25:830:25:833 | this access | UseUseExplosion.cs:25:847:25:850 | this access |
+| UseUseExplosion.cs:25:830:25:833 | this access | UseUseExplosion.cs:25:2473:25:2478 | this access |
+| UseUseExplosion.cs:25:847:25:850 | [post] this access | UseUseExplosion.cs:25:864:25:867 | this access |
+| UseUseExplosion.cs:25:847:25:850 | [post] this access | UseUseExplosion.cs:25:2458:25:2463 | this access |
+| UseUseExplosion.cs:25:847:25:850 | access to property Prop | UseUseExplosion.cs:25:864:25:867 | access to property Prop |
+| UseUseExplosion.cs:25:847:25:850 | this access | UseUseExplosion.cs:25:864:25:867 | this access |
+| UseUseExplosion.cs:25:847:25:850 | this access | UseUseExplosion.cs:25:2458:25:2463 | this access |
+| UseUseExplosion.cs:25:864:25:867 | [post] this access | UseUseExplosion.cs:25:881:25:884 | this access |
+| UseUseExplosion.cs:25:864:25:867 | [post] this access | UseUseExplosion.cs:25:2443:25:2448 | this access |
+| UseUseExplosion.cs:25:864:25:867 | access to property Prop | UseUseExplosion.cs:25:881:25:884 | access to property Prop |
+| UseUseExplosion.cs:25:864:25:867 | this access | UseUseExplosion.cs:25:881:25:884 | this access |
+| UseUseExplosion.cs:25:864:25:867 | this access | UseUseExplosion.cs:25:2443:25:2448 | this access |
+| UseUseExplosion.cs:25:881:25:884 | [post] this access | UseUseExplosion.cs:25:898:25:901 | this access |
+| UseUseExplosion.cs:25:881:25:884 | [post] this access | UseUseExplosion.cs:25:2428:25:2433 | this access |
+| UseUseExplosion.cs:25:881:25:884 | access to property Prop | UseUseExplosion.cs:25:898:25:901 | access to property Prop |
+| UseUseExplosion.cs:25:881:25:884 | this access | UseUseExplosion.cs:25:898:25:901 | this access |
+| UseUseExplosion.cs:25:881:25:884 | this access | UseUseExplosion.cs:25:2428:25:2433 | this access |
+| UseUseExplosion.cs:25:898:25:901 | [post] this access | UseUseExplosion.cs:25:915:25:918 | this access |
+| UseUseExplosion.cs:25:898:25:901 | [post] this access | UseUseExplosion.cs:25:2413:25:2418 | this access |
+| UseUseExplosion.cs:25:898:25:901 | access to property Prop | UseUseExplosion.cs:25:915:25:918 | access to property Prop |
+| UseUseExplosion.cs:25:898:25:901 | this access | UseUseExplosion.cs:25:915:25:918 | this access |
+| UseUseExplosion.cs:25:898:25:901 | this access | UseUseExplosion.cs:25:2413:25:2418 | this access |
+| UseUseExplosion.cs:25:915:25:918 | [post] this access | UseUseExplosion.cs:25:932:25:935 | this access |
+| UseUseExplosion.cs:25:915:25:918 | [post] this access | UseUseExplosion.cs:25:2398:25:2403 | this access |
+| UseUseExplosion.cs:25:915:25:918 | access to property Prop | UseUseExplosion.cs:25:932:25:935 | access to property Prop |
+| UseUseExplosion.cs:25:915:25:918 | this access | UseUseExplosion.cs:25:932:25:935 | this access |
+| UseUseExplosion.cs:25:915:25:918 | this access | UseUseExplosion.cs:25:2398:25:2403 | this access |
+| UseUseExplosion.cs:25:932:25:935 | [post] this access | UseUseExplosion.cs:25:949:25:952 | this access |
+| UseUseExplosion.cs:25:932:25:935 | [post] this access | UseUseExplosion.cs:25:2383:25:2388 | this access |
+| UseUseExplosion.cs:25:932:25:935 | access to property Prop | UseUseExplosion.cs:25:949:25:952 | access to property Prop |
+| UseUseExplosion.cs:25:932:25:935 | this access | UseUseExplosion.cs:25:949:25:952 | this access |
+| UseUseExplosion.cs:25:932:25:935 | this access | UseUseExplosion.cs:25:2383:25:2388 | this access |
+| UseUseExplosion.cs:25:949:25:952 | [post] this access | UseUseExplosion.cs:25:966:25:969 | this access |
+| UseUseExplosion.cs:25:949:25:952 | [post] this access | UseUseExplosion.cs:25:2368:25:2373 | this access |
+| UseUseExplosion.cs:25:949:25:952 | access to property Prop | UseUseExplosion.cs:25:966:25:969 | access to property Prop |
+| UseUseExplosion.cs:25:949:25:952 | this access | UseUseExplosion.cs:25:966:25:969 | this access |
+| UseUseExplosion.cs:25:949:25:952 | this access | UseUseExplosion.cs:25:2368:25:2373 | this access |
+| UseUseExplosion.cs:25:966:25:969 | [post] this access | UseUseExplosion.cs:25:983:25:986 | this access |
+| UseUseExplosion.cs:25:966:25:969 | [post] this access | UseUseExplosion.cs:25:2353:25:2358 | this access |
+| UseUseExplosion.cs:25:966:25:969 | access to property Prop | UseUseExplosion.cs:25:983:25:986 | access to property Prop |
+| UseUseExplosion.cs:25:966:25:969 | this access | UseUseExplosion.cs:25:983:25:986 | this access |
+| UseUseExplosion.cs:25:966:25:969 | this access | UseUseExplosion.cs:25:2353:25:2358 | this access |
+| UseUseExplosion.cs:25:983:25:986 | [post] this access | UseUseExplosion.cs:25:1000:25:1003 | this access |
+| UseUseExplosion.cs:25:983:25:986 | [post] this access | UseUseExplosion.cs:25:2338:25:2343 | this access |
+| UseUseExplosion.cs:25:983:25:986 | access to property Prop | UseUseExplosion.cs:25:1000:25:1003 | access to property Prop |
+| UseUseExplosion.cs:25:983:25:986 | this access | UseUseExplosion.cs:25:1000:25:1003 | this access |
+| UseUseExplosion.cs:25:983:25:986 | this access | UseUseExplosion.cs:25:2338:25:2343 | this access |
+| UseUseExplosion.cs:25:1000:25:1003 | [post] this access | UseUseExplosion.cs:25:1017:25:1020 | this access |
+| UseUseExplosion.cs:25:1000:25:1003 | [post] this access | UseUseExplosion.cs:25:2323:25:2328 | this access |
+| UseUseExplosion.cs:25:1000:25:1003 | access to property Prop | UseUseExplosion.cs:25:1017:25:1020 | access to property Prop |
+| UseUseExplosion.cs:25:1000:25:1003 | this access | UseUseExplosion.cs:25:1017:25:1020 | this access |
+| UseUseExplosion.cs:25:1000:25:1003 | this access | UseUseExplosion.cs:25:2323:25:2328 | this access |
+| UseUseExplosion.cs:25:1017:25:1020 | [post] this access | UseUseExplosion.cs:25:1034:25:1037 | this access |
+| UseUseExplosion.cs:25:1017:25:1020 | [post] this access | UseUseExplosion.cs:25:2308:25:2313 | this access |
+| UseUseExplosion.cs:25:1017:25:1020 | access to property Prop | UseUseExplosion.cs:25:1034:25:1037 | access to property Prop |
+| UseUseExplosion.cs:25:1017:25:1020 | this access | UseUseExplosion.cs:25:1034:25:1037 | this access |
+| UseUseExplosion.cs:25:1017:25:1020 | this access | UseUseExplosion.cs:25:2308:25:2313 | this access |
+| UseUseExplosion.cs:25:1034:25:1037 | [post] this access | UseUseExplosion.cs:25:1051:25:1054 | this access |
+| UseUseExplosion.cs:25:1034:25:1037 | [post] this access | UseUseExplosion.cs:25:2293:25:2298 | this access |
+| UseUseExplosion.cs:25:1034:25:1037 | access to property Prop | UseUseExplosion.cs:25:1051:25:1054 | access to property Prop |
+| UseUseExplosion.cs:25:1034:25:1037 | this access | UseUseExplosion.cs:25:1051:25:1054 | this access |
+| UseUseExplosion.cs:25:1034:25:1037 | this access | UseUseExplosion.cs:25:2293:25:2298 | this access |
+| UseUseExplosion.cs:25:1051:25:1054 | [post] this access | UseUseExplosion.cs:25:1068:25:1071 | this access |
+| UseUseExplosion.cs:25:1051:25:1054 | [post] this access | UseUseExplosion.cs:25:2278:25:2283 | this access |
+| UseUseExplosion.cs:25:1051:25:1054 | access to property Prop | UseUseExplosion.cs:25:1068:25:1071 | access to property Prop |
+| UseUseExplosion.cs:25:1051:25:1054 | this access | UseUseExplosion.cs:25:1068:25:1071 | this access |
+| UseUseExplosion.cs:25:1051:25:1054 | this access | UseUseExplosion.cs:25:2278:25:2283 | this access |
+| UseUseExplosion.cs:25:1068:25:1071 | [post] this access | UseUseExplosion.cs:25:1085:25:1088 | this access |
+| UseUseExplosion.cs:25:1068:25:1071 | [post] this access | UseUseExplosion.cs:25:2263:25:2268 | this access |
+| UseUseExplosion.cs:25:1068:25:1071 | access to property Prop | UseUseExplosion.cs:25:1085:25:1088 | access to property Prop |
+| UseUseExplosion.cs:25:1068:25:1071 | this access | UseUseExplosion.cs:25:1085:25:1088 | this access |
+| UseUseExplosion.cs:25:1068:25:1071 | this access | UseUseExplosion.cs:25:2263:25:2268 | this access |
+| UseUseExplosion.cs:25:1085:25:1088 | [post] this access | UseUseExplosion.cs:25:1102:25:1105 | this access |
+| UseUseExplosion.cs:25:1085:25:1088 | [post] this access | UseUseExplosion.cs:25:2248:25:2253 | this access |
+| UseUseExplosion.cs:25:1085:25:1088 | access to property Prop | UseUseExplosion.cs:25:1102:25:1105 | access to property Prop |
+| UseUseExplosion.cs:25:1085:25:1088 | this access | UseUseExplosion.cs:25:1102:25:1105 | this access |
+| UseUseExplosion.cs:25:1085:25:1088 | this access | UseUseExplosion.cs:25:2248:25:2253 | this access |
+| UseUseExplosion.cs:25:1102:25:1105 | [post] this access | UseUseExplosion.cs:25:1119:25:1122 | this access |
+| UseUseExplosion.cs:25:1102:25:1105 | [post] this access | UseUseExplosion.cs:25:2233:25:2238 | this access |
+| UseUseExplosion.cs:25:1102:25:1105 | access to property Prop | UseUseExplosion.cs:25:1119:25:1122 | access to property Prop |
+| UseUseExplosion.cs:25:1102:25:1105 | this access | UseUseExplosion.cs:25:1119:25:1122 | this access |
+| UseUseExplosion.cs:25:1102:25:1105 | this access | UseUseExplosion.cs:25:2233:25:2238 | this access |
+| UseUseExplosion.cs:25:1119:25:1122 | [post] this access | UseUseExplosion.cs:25:1136:25:1139 | this access |
+| UseUseExplosion.cs:25:1119:25:1122 | [post] this access | UseUseExplosion.cs:25:2218:25:2223 | this access |
+| UseUseExplosion.cs:25:1119:25:1122 | access to property Prop | UseUseExplosion.cs:25:1136:25:1139 | access to property Prop |
+| UseUseExplosion.cs:25:1119:25:1122 | this access | UseUseExplosion.cs:25:1136:25:1139 | this access |
+| UseUseExplosion.cs:25:1119:25:1122 | this access | UseUseExplosion.cs:25:2218:25:2223 | this access |
+| UseUseExplosion.cs:25:1136:25:1139 | [post] this access | UseUseExplosion.cs:25:1153:25:1156 | this access |
+| UseUseExplosion.cs:25:1136:25:1139 | [post] this access | UseUseExplosion.cs:25:2203:25:2208 | this access |
+| UseUseExplosion.cs:25:1136:25:1139 | access to property Prop | UseUseExplosion.cs:25:1153:25:1156 | access to property Prop |
+| UseUseExplosion.cs:25:1136:25:1139 | this access | UseUseExplosion.cs:25:1153:25:1156 | this access |
+| UseUseExplosion.cs:25:1136:25:1139 | this access | UseUseExplosion.cs:25:2203:25:2208 | this access |
+| UseUseExplosion.cs:25:1153:25:1156 | [post] this access | UseUseExplosion.cs:25:1170:25:1173 | this access |
+| UseUseExplosion.cs:25:1153:25:1156 | [post] this access | UseUseExplosion.cs:25:2188:25:2193 | this access |
+| UseUseExplosion.cs:25:1153:25:1156 | access to property Prop | UseUseExplosion.cs:25:1170:25:1173 | access to property Prop |
+| UseUseExplosion.cs:25:1153:25:1156 | this access | UseUseExplosion.cs:25:1170:25:1173 | this access |
+| UseUseExplosion.cs:25:1153:25:1156 | this access | UseUseExplosion.cs:25:2188:25:2193 | this access |
+| UseUseExplosion.cs:25:1170:25:1173 | [post] this access | UseUseExplosion.cs:25:1187:25:1190 | this access |
+| UseUseExplosion.cs:25:1170:25:1173 | [post] this access | UseUseExplosion.cs:25:2173:25:2178 | this access |
+| UseUseExplosion.cs:25:1170:25:1173 | access to property Prop | UseUseExplosion.cs:25:1187:25:1190 | access to property Prop |
+| UseUseExplosion.cs:25:1170:25:1173 | this access | UseUseExplosion.cs:25:1187:25:1190 | this access |
+| UseUseExplosion.cs:25:1170:25:1173 | this access | UseUseExplosion.cs:25:2173:25:2178 | this access |
+| UseUseExplosion.cs:25:1187:25:1190 | [post] this access | UseUseExplosion.cs:25:1204:25:1207 | this access |
+| UseUseExplosion.cs:25:1187:25:1190 | [post] this access | UseUseExplosion.cs:25:2158:25:2163 | this access |
+| UseUseExplosion.cs:25:1187:25:1190 | access to property Prop | UseUseExplosion.cs:25:1204:25:1207 | access to property Prop |
+| UseUseExplosion.cs:25:1187:25:1190 | this access | UseUseExplosion.cs:25:1204:25:1207 | this access |
+| UseUseExplosion.cs:25:1187:25:1190 | this access | UseUseExplosion.cs:25:2158:25:2163 | this access |
+| UseUseExplosion.cs:25:1204:25:1207 | [post] this access | UseUseExplosion.cs:25:1221:25:1224 | this access |
+| UseUseExplosion.cs:25:1204:25:1207 | [post] this access | UseUseExplosion.cs:25:2143:25:2148 | this access |
+| UseUseExplosion.cs:25:1204:25:1207 | access to property Prop | UseUseExplosion.cs:25:1221:25:1224 | access to property Prop |
+| UseUseExplosion.cs:25:1204:25:1207 | this access | UseUseExplosion.cs:25:1221:25:1224 | this access |
+| UseUseExplosion.cs:25:1204:25:1207 | this access | UseUseExplosion.cs:25:2143:25:2148 | this access |
+| UseUseExplosion.cs:25:1221:25:1224 | [post] this access | UseUseExplosion.cs:25:1238:25:1241 | this access |
+| UseUseExplosion.cs:25:1221:25:1224 | [post] this access | UseUseExplosion.cs:25:2128:25:2133 | this access |
+| UseUseExplosion.cs:25:1221:25:1224 | access to property Prop | UseUseExplosion.cs:25:1238:25:1241 | access to property Prop |
+| UseUseExplosion.cs:25:1221:25:1224 | this access | UseUseExplosion.cs:25:1238:25:1241 | this access |
+| UseUseExplosion.cs:25:1221:25:1224 | this access | UseUseExplosion.cs:25:2128:25:2133 | this access |
+| UseUseExplosion.cs:25:1238:25:1241 | [post] this access | UseUseExplosion.cs:25:1255:25:1258 | this access |
+| UseUseExplosion.cs:25:1238:25:1241 | [post] this access | UseUseExplosion.cs:25:2113:25:2118 | this access |
+| UseUseExplosion.cs:25:1238:25:1241 | access to property Prop | UseUseExplosion.cs:25:1255:25:1258 | access to property Prop |
+| UseUseExplosion.cs:25:1238:25:1241 | this access | UseUseExplosion.cs:25:1255:25:1258 | this access |
+| UseUseExplosion.cs:25:1238:25:1241 | this access | UseUseExplosion.cs:25:2113:25:2118 | this access |
+| UseUseExplosion.cs:25:1255:25:1258 | [post] this access | UseUseExplosion.cs:25:1272:25:1275 | this access |
+| UseUseExplosion.cs:25:1255:25:1258 | [post] this access | UseUseExplosion.cs:25:2098:25:2103 | this access |
+| UseUseExplosion.cs:25:1255:25:1258 | access to property Prop | UseUseExplosion.cs:25:1272:25:1275 | access to property Prop |
+| UseUseExplosion.cs:25:1255:25:1258 | this access | UseUseExplosion.cs:25:1272:25:1275 | this access |
+| UseUseExplosion.cs:25:1255:25:1258 | this access | UseUseExplosion.cs:25:2098:25:2103 | this access |
+| UseUseExplosion.cs:25:1272:25:1275 | [post] this access | UseUseExplosion.cs:25:1289:25:1292 | this access |
+| UseUseExplosion.cs:25:1272:25:1275 | [post] this access | UseUseExplosion.cs:25:2083:25:2088 | this access |
+| UseUseExplosion.cs:25:1272:25:1275 | access to property Prop | UseUseExplosion.cs:25:1289:25:1292 | access to property Prop |
+| UseUseExplosion.cs:25:1272:25:1275 | this access | UseUseExplosion.cs:25:1289:25:1292 | this access |
+| UseUseExplosion.cs:25:1272:25:1275 | this access | UseUseExplosion.cs:25:2083:25:2088 | this access |
+| UseUseExplosion.cs:25:1289:25:1292 | [post] this access | UseUseExplosion.cs:25:1306:25:1309 | this access |
+| UseUseExplosion.cs:25:1289:25:1292 | [post] this access | UseUseExplosion.cs:25:2068:25:2073 | this access |
+| UseUseExplosion.cs:25:1289:25:1292 | access to property Prop | UseUseExplosion.cs:25:1306:25:1309 | access to property Prop |
+| UseUseExplosion.cs:25:1289:25:1292 | this access | UseUseExplosion.cs:25:1306:25:1309 | this access |
+| UseUseExplosion.cs:25:1289:25:1292 | this access | UseUseExplosion.cs:25:2068:25:2073 | this access |
+| UseUseExplosion.cs:25:1306:25:1309 | [post] this access | UseUseExplosion.cs:25:1323:25:1326 | this access |
+| UseUseExplosion.cs:25:1306:25:1309 | [post] this access | UseUseExplosion.cs:25:2053:25:2058 | this access |
+| UseUseExplosion.cs:25:1306:25:1309 | access to property Prop | UseUseExplosion.cs:25:1323:25:1326 | access to property Prop |
+| UseUseExplosion.cs:25:1306:25:1309 | this access | UseUseExplosion.cs:25:1323:25:1326 | this access |
+| UseUseExplosion.cs:25:1306:25:1309 | this access | UseUseExplosion.cs:25:2053:25:2058 | this access |
+| UseUseExplosion.cs:25:1323:25:1326 | [post] this access | UseUseExplosion.cs:25:1340:25:1343 | this access |
+| UseUseExplosion.cs:25:1323:25:1326 | [post] this access | UseUseExplosion.cs:25:2038:25:2043 | this access |
+| UseUseExplosion.cs:25:1323:25:1326 | access to property Prop | UseUseExplosion.cs:25:1340:25:1343 | access to property Prop |
+| UseUseExplosion.cs:25:1323:25:1326 | this access | UseUseExplosion.cs:25:1340:25:1343 | this access |
+| UseUseExplosion.cs:25:1323:25:1326 | this access | UseUseExplosion.cs:25:2038:25:2043 | this access |
+| UseUseExplosion.cs:25:1340:25:1343 | [post] this access | UseUseExplosion.cs:25:1357:25:1360 | this access |
+| UseUseExplosion.cs:25:1340:25:1343 | [post] this access | UseUseExplosion.cs:25:2023:25:2028 | this access |
+| UseUseExplosion.cs:25:1340:25:1343 | access to property Prop | UseUseExplosion.cs:25:1357:25:1360 | access to property Prop |
+| UseUseExplosion.cs:25:1340:25:1343 | this access | UseUseExplosion.cs:25:1357:25:1360 | this access |
+| UseUseExplosion.cs:25:1340:25:1343 | this access | UseUseExplosion.cs:25:2023:25:2028 | this access |
+| UseUseExplosion.cs:25:1357:25:1360 | [post] this access | UseUseExplosion.cs:25:1374:25:1377 | this access |
+| UseUseExplosion.cs:25:1357:25:1360 | [post] this access | UseUseExplosion.cs:25:2008:25:2013 | this access |
+| UseUseExplosion.cs:25:1357:25:1360 | access to property Prop | UseUseExplosion.cs:25:1374:25:1377 | access to property Prop |
+| UseUseExplosion.cs:25:1357:25:1360 | this access | UseUseExplosion.cs:25:1374:25:1377 | this access |
+| UseUseExplosion.cs:25:1357:25:1360 | this access | UseUseExplosion.cs:25:2008:25:2013 | this access |
+| UseUseExplosion.cs:25:1374:25:1377 | [post] this access | UseUseExplosion.cs:25:1391:25:1394 | this access |
+| UseUseExplosion.cs:25:1374:25:1377 | [post] this access | UseUseExplosion.cs:25:1993:25:1998 | this access |
+| UseUseExplosion.cs:25:1374:25:1377 | access to property Prop | UseUseExplosion.cs:25:1391:25:1394 | access to property Prop |
+| UseUseExplosion.cs:25:1374:25:1377 | this access | UseUseExplosion.cs:25:1391:25:1394 | this access |
+| UseUseExplosion.cs:25:1374:25:1377 | this access | UseUseExplosion.cs:25:1993:25:1998 | this access |
+| UseUseExplosion.cs:25:1391:25:1394 | [post] this access | UseUseExplosion.cs:25:1408:25:1411 | this access |
+| UseUseExplosion.cs:25:1391:25:1394 | [post] this access | UseUseExplosion.cs:25:1978:25:1983 | this access |
+| UseUseExplosion.cs:25:1391:25:1394 | access to property Prop | UseUseExplosion.cs:25:1408:25:1411 | access to property Prop |
+| UseUseExplosion.cs:25:1391:25:1394 | this access | UseUseExplosion.cs:25:1408:25:1411 | this access |
+| UseUseExplosion.cs:25:1391:25:1394 | this access | UseUseExplosion.cs:25:1978:25:1983 | this access |
+| UseUseExplosion.cs:25:1408:25:1411 | [post] this access | UseUseExplosion.cs:25:1425:25:1428 | this access |
+| UseUseExplosion.cs:25:1408:25:1411 | [post] this access | UseUseExplosion.cs:25:1963:25:1968 | this access |
+| UseUseExplosion.cs:25:1408:25:1411 | access to property Prop | UseUseExplosion.cs:25:1425:25:1428 | access to property Prop |
+| UseUseExplosion.cs:25:1408:25:1411 | this access | UseUseExplosion.cs:25:1425:25:1428 | this access |
+| UseUseExplosion.cs:25:1408:25:1411 | this access | UseUseExplosion.cs:25:1963:25:1968 | this access |
+| UseUseExplosion.cs:25:1425:25:1428 | [post] this access | UseUseExplosion.cs:25:1442:25:1445 | this access |
+| UseUseExplosion.cs:25:1425:25:1428 | [post] this access | UseUseExplosion.cs:25:1948:25:1953 | this access |
+| UseUseExplosion.cs:25:1425:25:1428 | access to property Prop | UseUseExplosion.cs:25:1442:25:1445 | access to property Prop |
+| UseUseExplosion.cs:25:1425:25:1428 | this access | UseUseExplosion.cs:25:1442:25:1445 | this access |
+| UseUseExplosion.cs:25:1425:25:1428 | this access | UseUseExplosion.cs:25:1948:25:1953 | this access |
+| UseUseExplosion.cs:25:1442:25:1445 | [post] this access | UseUseExplosion.cs:25:1459:25:1462 | this access |
+| UseUseExplosion.cs:25:1442:25:1445 | [post] this access | UseUseExplosion.cs:25:1933:25:1938 | this access |
+| UseUseExplosion.cs:25:1442:25:1445 | access to property Prop | UseUseExplosion.cs:25:1459:25:1462 | access to property Prop |
+| UseUseExplosion.cs:25:1442:25:1445 | this access | UseUseExplosion.cs:25:1459:25:1462 | this access |
+| UseUseExplosion.cs:25:1442:25:1445 | this access | UseUseExplosion.cs:25:1933:25:1938 | this access |
+| UseUseExplosion.cs:25:1459:25:1462 | [post] this access | UseUseExplosion.cs:25:1476:25:1479 | this access |
+| UseUseExplosion.cs:25:1459:25:1462 | [post] this access | UseUseExplosion.cs:25:1918:25:1923 | this access |
+| UseUseExplosion.cs:25:1459:25:1462 | access to property Prop | UseUseExplosion.cs:25:1476:25:1479 | access to property Prop |
+| UseUseExplosion.cs:25:1459:25:1462 | this access | UseUseExplosion.cs:25:1476:25:1479 | this access |
+| UseUseExplosion.cs:25:1459:25:1462 | this access | UseUseExplosion.cs:25:1918:25:1923 | this access |
+| UseUseExplosion.cs:25:1476:25:1479 | [post] this access | UseUseExplosion.cs:25:1493:25:1496 | this access |
+| UseUseExplosion.cs:25:1476:25:1479 | [post] this access | UseUseExplosion.cs:25:1903:25:1908 | this access |
+| UseUseExplosion.cs:25:1476:25:1479 | access to property Prop | UseUseExplosion.cs:25:1493:25:1496 | access to property Prop |
+| UseUseExplosion.cs:25:1476:25:1479 | this access | UseUseExplosion.cs:25:1493:25:1496 | this access |
+| UseUseExplosion.cs:25:1476:25:1479 | this access | UseUseExplosion.cs:25:1903:25:1908 | this access |
+| UseUseExplosion.cs:25:1493:25:1496 | [post] this access | UseUseExplosion.cs:25:1510:25:1513 | this access |
+| UseUseExplosion.cs:25:1493:25:1496 | [post] this access | UseUseExplosion.cs:25:1888:25:1893 | this access |
+| UseUseExplosion.cs:25:1493:25:1496 | access to property Prop | UseUseExplosion.cs:25:1510:25:1513 | access to property Prop |
+| UseUseExplosion.cs:25:1493:25:1496 | this access | UseUseExplosion.cs:25:1510:25:1513 | this access |
+| UseUseExplosion.cs:25:1493:25:1496 | this access | UseUseExplosion.cs:25:1888:25:1893 | this access |
+| UseUseExplosion.cs:25:1510:25:1513 | [post] this access | UseUseExplosion.cs:25:1527:25:1530 | this access |
+| UseUseExplosion.cs:25:1510:25:1513 | [post] this access | UseUseExplosion.cs:25:1873:25:1878 | this access |
+| UseUseExplosion.cs:25:1510:25:1513 | access to property Prop | UseUseExplosion.cs:25:1527:25:1530 | access to property Prop |
+| UseUseExplosion.cs:25:1510:25:1513 | this access | UseUseExplosion.cs:25:1527:25:1530 | this access |
+| UseUseExplosion.cs:25:1510:25:1513 | this access | UseUseExplosion.cs:25:1873:25:1878 | this access |
+| UseUseExplosion.cs:25:1527:25:1530 | [post] this access | UseUseExplosion.cs:25:1544:25:1547 | this access |
+| UseUseExplosion.cs:25:1527:25:1530 | [post] this access | UseUseExplosion.cs:25:1858:25:1863 | this access |
+| UseUseExplosion.cs:25:1527:25:1530 | access to property Prop | UseUseExplosion.cs:25:1544:25:1547 | access to property Prop |
+| UseUseExplosion.cs:25:1527:25:1530 | this access | UseUseExplosion.cs:25:1544:25:1547 | this access |
+| UseUseExplosion.cs:25:1527:25:1530 | this access | UseUseExplosion.cs:25:1858:25:1863 | this access |
+| UseUseExplosion.cs:25:1544:25:1547 | [post] this access | UseUseExplosion.cs:25:1561:25:1564 | this access |
+| UseUseExplosion.cs:25:1544:25:1547 | [post] this access | UseUseExplosion.cs:25:1843:25:1848 | this access |
+| UseUseExplosion.cs:25:1544:25:1547 | access to property Prop | UseUseExplosion.cs:25:1561:25:1564 | access to property Prop |
+| UseUseExplosion.cs:25:1544:25:1547 | this access | UseUseExplosion.cs:25:1561:25:1564 | this access |
+| UseUseExplosion.cs:25:1544:25:1547 | this access | UseUseExplosion.cs:25:1843:25:1848 | this access |
+| UseUseExplosion.cs:25:1561:25:1564 | [post] this access | UseUseExplosion.cs:25:1577:25:1580 | this access |
+| UseUseExplosion.cs:25:1561:25:1564 | [post] this access | UseUseExplosion.cs:25:1828:25:1833 | this access |
+| UseUseExplosion.cs:25:1561:25:1564 | access to property Prop | UseUseExplosion.cs:25:1577:25:1580 | access to property Prop |
+| UseUseExplosion.cs:25:1561:25:1564 | this access | UseUseExplosion.cs:25:1577:25:1580 | this access |
+| UseUseExplosion.cs:25:1561:25:1564 | this access | UseUseExplosion.cs:25:1828:25:1833 | this access |
+| UseUseExplosion.cs:25:1577:25:1580 | [post] this access | UseUseExplosion.cs:25:1593:25:1596 | this access |
+| UseUseExplosion.cs:25:1577:25:1580 | [post] this access | UseUseExplosion.cs:25:1813:25:1818 | this access |
+| UseUseExplosion.cs:25:1577:25:1580 | access to property Prop | UseUseExplosion.cs:25:1593:25:1596 | access to property Prop |
+| UseUseExplosion.cs:25:1577:25:1580 | this access | UseUseExplosion.cs:25:1593:25:1596 | this access |
+| UseUseExplosion.cs:25:1577:25:1580 | this access | UseUseExplosion.cs:25:1813:25:1818 | this access |
+| UseUseExplosion.cs:25:1593:25:1596 | [post] this access | UseUseExplosion.cs:25:1609:25:1612 | this access |
+| UseUseExplosion.cs:25:1593:25:1596 | [post] this access | UseUseExplosion.cs:25:1798:25:1803 | this access |
+| UseUseExplosion.cs:25:1593:25:1596 | access to property Prop | UseUseExplosion.cs:25:1609:25:1612 | access to property Prop |
+| UseUseExplosion.cs:25:1593:25:1596 | this access | UseUseExplosion.cs:25:1609:25:1612 | this access |
+| UseUseExplosion.cs:25:1593:25:1596 | this access | UseUseExplosion.cs:25:1798:25:1803 | this access |
+| UseUseExplosion.cs:25:1609:25:1612 | [post] this access | UseUseExplosion.cs:25:1625:25:1628 | this access |
+| UseUseExplosion.cs:25:1609:25:1612 | [post] this access | UseUseExplosion.cs:25:1783:25:1788 | this access |
+| UseUseExplosion.cs:25:1609:25:1612 | access to property Prop | UseUseExplosion.cs:25:1625:25:1628 | access to property Prop |
+| UseUseExplosion.cs:25:1609:25:1612 | this access | UseUseExplosion.cs:25:1625:25:1628 | this access |
+| UseUseExplosion.cs:25:1609:25:1612 | this access | UseUseExplosion.cs:25:1783:25:1788 | this access |
+| UseUseExplosion.cs:25:1625:25:1628 | [post] this access | UseUseExplosion.cs:25:1641:25:1644 | this access |
+| UseUseExplosion.cs:25:1625:25:1628 | [post] this access | UseUseExplosion.cs:25:1768:25:1773 | this access |
+| UseUseExplosion.cs:25:1625:25:1628 | access to property Prop | UseUseExplosion.cs:25:1641:25:1644 | access to property Prop |
+| UseUseExplosion.cs:25:1625:25:1628 | this access | UseUseExplosion.cs:25:1641:25:1644 | this access |
+| UseUseExplosion.cs:25:1625:25:1628 | this access | UseUseExplosion.cs:25:1768:25:1773 | this access |
+| UseUseExplosion.cs:25:1641:25:1644 | [post] this access | UseUseExplosion.cs:25:1657:25:1660 | this access |
+| UseUseExplosion.cs:25:1641:25:1644 | [post] this access | UseUseExplosion.cs:25:1753:25:1758 | this access |
+| UseUseExplosion.cs:25:1641:25:1644 | access to property Prop | UseUseExplosion.cs:25:1657:25:1660 | access to property Prop |
+| UseUseExplosion.cs:25:1641:25:1644 | this access | UseUseExplosion.cs:25:1657:25:1660 | this access |
+| UseUseExplosion.cs:25:1641:25:1644 | this access | UseUseExplosion.cs:25:1753:25:1758 | this access |
+| UseUseExplosion.cs:25:1657:25:1660 | [post] this access | UseUseExplosion.cs:25:1673:25:1676 | this access |
+| UseUseExplosion.cs:25:1657:25:1660 | [post] this access | UseUseExplosion.cs:25:1738:25:1743 | this access |
+| UseUseExplosion.cs:25:1657:25:1660 | access to property Prop | UseUseExplosion.cs:25:1673:25:1676 | access to property Prop |
+| UseUseExplosion.cs:25:1657:25:1660 | this access | UseUseExplosion.cs:25:1673:25:1676 | this access |
+| UseUseExplosion.cs:25:1657:25:1660 | this access | UseUseExplosion.cs:25:1738:25:1743 | this access |
+| UseUseExplosion.cs:25:1673:25:1676 | [post] this access | UseUseExplosion.cs:25:1689:25:1692 | this access |
+| UseUseExplosion.cs:25:1673:25:1676 | [post] this access | UseUseExplosion.cs:25:1723:25:1728 | this access |
+| UseUseExplosion.cs:25:1673:25:1676 | access to property Prop | UseUseExplosion.cs:25:1689:25:1692 | access to property Prop |
+| UseUseExplosion.cs:25:1673:25:1676 | this access | UseUseExplosion.cs:25:1689:25:1692 | this access |
+| UseUseExplosion.cs:25:1673:25:1676 | this access | UseUseExplosion.cs:25:1723:25:1728 | this access |
+| UseUseExplosion.cs:25:1689:25:1692 | [post] this access | UseUseExplosion.cs:25:1708:25:1713 | this access |
+| UseUseExplosion.cs:25:1689:25:1692 | this access | UseUseExplosion.cs:25:1708:25:1713 | this access |
diff --git a/csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected b/csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected
index 6627f70e735..dc8cdffaa36 100644
--- a/csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected
+++ b/csharp/ql/test/library-tests/dataflow/local/TaintTrackingStep.expected
@@ -981,3 +981,1804 @@
 | Splitting.cs:58:22:58:22 | [b (line 46): true] SSA def(s) | Splitting.cs:59:19:59:19 | [b (line 46): true] access to local variable s |
 | Splitting.cs:58:27:58:27 | [b (line 46): false] access to local variable y | Splitting.cs:58:22:58:22 | [b (line 46): false] SSA def(s) |
 | Splitting.cs:58:27:58:27 | [b (line 46): true] access to local variable y | Splitting.cs:58:22:58:22 | [b (line 46): true] SSA def(s) |
+| UseUseExplosion.cs:21:10:21:10 | SSA entry def(this.Prop) | UseUseExplosion.cs:24:13:24:16 | access to property Prop |
+| UseUseExplosion.cs:21:10:21:10 | this | UseUseExplosion.cs:24:13:24:16 | this access |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1712:24:1712 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1727:24:1727 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1742:24:1742 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1757:24:1757 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1772:24:1772 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1787:24:1787 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1802:24:1802 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1817:24:1817 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1832:24:1832 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1847:24:1847 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1862:24:1862 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1877:24:1877 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1892:24:1892 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1907:24:1907 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1922:24:1922 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1937:24:1937 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1952:24:1952 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1967:24:1967 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1982:24:1982 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:1997:24:1997 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2012:24:2012 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2027:24:2027 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2042:24:2042 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2057:24:2057 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2072:24:2072 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2087:24:2087 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2102:24:2102 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2117:24:2117 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2132:24:2132 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2147:24:2147 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2162:24:2162 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2177:24:2177 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2192:24:2192 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2207:24:2207 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2222:24:2222 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2237:24:2237 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2252:24:2252 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2267:24:2267 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2282:24:2282 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2297:24:2297 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2312:24:2312 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2327:24:2327 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2342:24:2342 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2357:24:2357 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2372:24:2372 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2387:24:2387 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2402:24:2402 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2417:24:2417 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2432:24:2432 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2447:24:2447 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2462:24:2462 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2477:24:2477 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2492:24:2492 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2507:24:2507 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2522:24:2522 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2537:24:2537 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2552:24:2552 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2567:24:2567 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2582:24:2582 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2597:24:2597 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2612:24:2612 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2627:24:2627 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2642:24:2642 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2657:24:2657 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2672:24:2672 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2687:24:2687 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2702:24:2702 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2717:24:2717 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2732:24:2732 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2747:24:2747 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2762:24:2762 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2777:24:2777 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2792:24:2792 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2807:24:2807 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2822:24:2822 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2837:24:2837 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2852:24:2852 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2867:24:2867 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2882:24:2882 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2897:24:2897 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2912:24:2912 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2927:24:2927 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2942:24:2942 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2957:24:2957 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2972:24:2972 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:2987:24:2987 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3002:24:3002 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3017:24:3017 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3032:24:3032 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3047:24:3047 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3062:24:3062 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3077:24:3077 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3092:24:3092 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3107:24:3107 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3122:24:3122 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3137:24:3137 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3152:24:3152 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3167:24:3167 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3182:24:3182 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:24:3197:24:3197 | access to local variable x |
+| UseUseExplosion.cs:23:13:23:17 | SSA def(x) | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:23:17:23:17 | 0 | UseUseExplosion.cs:23:13:23:17 | SSA def(x) |
+| UseUseExplosion.cs:24:13:24:16 | [post] this access | UseUseExplosion.cs:24:31:24:34 | this access |
+| UseUseExplosion.cs:24:13:24:16 | [post] this access | UseUseExplosion.cs:24:3193:24:3198 | this access |
+| UseUseExplosion.cs:24:13:24:16 | access to property Prop | UseUseExplosion.cs:24:13:24:22 | ... > ... |
+| UseUseExplosion.cs:24:13:24:16 | access to property Prop | UseUseExplosion.cs:24:31:24:34 | access to property Prop |
+| UseUseExplosion.cs:24:13:24:16 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:13:24:16 | this access | UseUseExplosion.cs:24:31:24:34 | this access |
+| UseUseExplosion.cs:24:13:24:16 | this access | UseUseExplosion.cs:24:3193:24:3198 | this access |
+| UseUseExplosion.cs:24:31:24:34 | [post] this access | UseUseExplosion.cs:24:48:24:51 | this access |
+| UseUseExplosion.cs:24:31:24:34 | [post] this access | UseUseExplosion.cs:24:3178:24:3183 | this access |
+| UseUseExplosion.cs:24:31:24:34 | access to property Prop | UseUseExplosion.cs:24:31:24:39 | ... > ... |
+| UseUseExplosion.cs:24:31:24:34 | access to property Prop | UseUseExplosion.cs:24:48:24:51 | access to property Prop |
+| UseUseExplosion.cs:24:31:24:34 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:31:24:34 | this access | UseUseExplosion.cs:24:48:24:51 | this access |
+| UseUseExplosion.cs:24:31:24:34 | this access | UseUseExplosion.cs:24:3178:24:3183 | this access |
+| UseUseExplosion.cs:24:48:24:51 | [post] this access | UseUseExplosion.cs:24:65:24:68 | this access |
+| UseUseExplosion.cs:24:48:24:51 | [post] this access | UseUseExplosion.cs:24:3163:24:3168 | this access |
+| UseUseExplosion.cs:24:48:24:51 | access to property Prop | UseUseExplosion.cs:24:48:24:56 | ... > ... |
+| UseUseExplosion.cs:24:48:24:51 | access to property Prop | UseUseExplosion.cs:24:65:24:68 | access to property Prop |
+| UseUseExplosion.cs:24:48:24:51 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:48:24:51 | this access | UseUseExplosion.cs:24:65:24:68 | this access |
+| UseUseExplosion.cs:24:48:24:51 | this access | UseUseExplosion.cs:24:3163:24:3168 | this access |
+| UseUseExplosion.cs:24:65:24:68 | [post] this access | UseUseExplosion.cs:24:82:24:85 | this access |
+| UseUseExplosion.cs:24:65:24:68 | [post] this access | UseUseExplosion.cs:24:3148:24:3153 | this access |
+| UseUseExplosion.cs:24:65:24:68 | access to property Prop | UseUseExplosion.cs:24:65:24:73 | ... > ... |
+| UseUseExplosion.cs:24:65:24:68 | access to property Prop | UseUseExplosion.cs:24:82:24:85 | access to property Prop |
+| UseUseExplosion.cs:24:65:24:68 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:65:24:68 | this access | UseUseExplosion.cs:24:82:24:85 | this access |
+| UseUseExplosion.cs:24:65:24:68 | this access | UseUseExplosion.cs:24:3148:24:3153 | this access |
+| UseUseExplosion.cs:24:82:24:85 | [post] this access | UseUseExplosion.cs:24:99:24:102 | this access |
+| UseUseExplosion.cs:24:82:24:85 | [post] this access | UseUseExplosion.cs:24:3133:24:3138 | this access |
+| UseUseExplosion.cs:24:82:24:85 | access to property Prop | UseUseExplosion.cs:24:82:24:90 | ... > ... |
+| UseUseExplosion.cs:24:82:24:85 | access to property Prop | UseUseExplosion.cs:24:99:24:102 | access to property Prop |
+| UseUseExplosion.cs:24:82:24:85 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:82:24:85 | this access | UseUseExplosion.cs:24:99:24:102 | this access |
+| UseUseExplosion.cs:24:82:24:85 | this access | UseUseExplosion.cs:24:3133:24:3138 | this access |
+| UseUseExplosion.cs:24:99:24:102 | [post] this access | UseUseExplosion.cs:24:116:24:119 | this access |
+| UseUseExplosion.cs:24:99:24:102 | [post] this access | UseUseExplosion.cs:24:3118:24:3123 | this access |
+| UseUseExplosion.cs:24:99:24:102 | access to property Prop | UseUseExplosion.cs:24:99:24:107 | ... > ... |
+| UseUseExplosion.cs:24:99:24:102 | access to property Prop | UseUseExplosion.cs:24:116:24:119 | access to property Prop |
+| UseUseExplosion.cs:24:99:24:102 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:99:24:102 | this access | UseUseExplosion.cs:24:116:24:119 | this access |
+| UseUseExplosion.cs:24:99:24:102 | this access | UseUseExplosion.cs:24:3118:24:3123 | this access |
+| UseUseExplosion.cs:24:116:24:119 | [post] this access | UseUseExplosion.cs:24:133:24:136 | this access |
+| UseUseExplosion.cs:24:116:24:119 | [post] this access | UseUseExplosion.cs:24:3103:24:3108 | this access |
+| UseUseExplosion.cs:24:116:24:119 | access to property Prop | UseUseExplosion.cs:24:116:24:124 | ... > ... |
+| UseUseExplosion.cs:24:116:24:119 | access to property Prop | UseUseExplosion.cs:24:133:24:136 | access to property Prop |
+| UseUseExplosion.cs:24:116:24:119 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:116:24:119 | this access | UseUseExplosion.cs:24:133:24:136 | this access |
+| UseUseExplosion.cs:24:116:24:119 | this access | UseUseExplosion.cs:24:3103:24:3108 | this access |
+| UseUseExplosion.cs:24:133:24:136 | [post] this access | UseUseExplosion.cs:24:150:24:153 | this access |
+| UseUseExplosion.cs:24:133:24:136 | [post] this access | UseUseExplosion.cs:24:3088:24:3093 | this access |
+| UseUseExplosion.cs:24:133:24:136 | access to property Prop | UseUseExplosion.cs:24:133:24:141 | ... > ... |
+| UseUseExplosion.cs:24:133:24:136 | access to property Prop | UseUseExplosion.cs:24:150:24:153 | access to property Prop |
+| UseUseExplosion.cs:24:133:24:136 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:133:24:136 | this access | UseUseExplosion.cs:24:150:24:153 | this access |
+| UseUseExplosion.cs:24:133:24:136 | this access | UseUseExplosion.cs:24:3088:24:3093 | this access |
+| UseUseExplosion.cs:24:150:24:153 | [post] this access | UseUseExplosion.cs:24:167:24:170 | this access |
+| UseUseExplosion.cs:24:150:24:153 | [post] this access | UseUseExplosion.cs:24:3073:24:3078 | this access |
+| UseUseExplosion.cs:24:150:24:153 | access to property Prop | UseUseExplosion.cs:24:150:24:158 | ... > ... |
+| UseUseExplosion.cs:24:150:24:153 | access to property Prop | UseUseExplosion.cs:24:167:24:170 | access to property Prop |
+| UseUseExplosion.cs:24:150:24:153 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:150:24:153 | this access | UseUseExplosion.cs:24:167:24:170 | this access |
+| UseUseExplosion.cs:24:150:24:153 | this access | UseUseExplosion.cs:24:3073:24:3078 | this access |
+| UseUseExplosion.cs:24:167:24:170 | [post] this access | UseUseExplosion.cs:24:184:24:187 | this access |
+| UseUseExplosion.cs:24:167:24:170 | [post] this access | UseUseExplosion.cs:24:3058:24:3063 | this access |
+| UseUseExplosion.cs:24:167:24:170 | access to property Prop | UseUseExplosion.cs:24:167:24:175 | ... > ... |
+| UseUseExplosion.cs:24:167:24:170 | access to property Prop | UseUseExplosion.cs:24:184:24:187 | access to property Prop |
+| UseUseExplosion.cs:24:167:24:170 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:167:24:170 | this access | UseUseExplosion.cs:24:184:24:187 | this access |
+| UseUseExplosion.cs:24:167:24:170 | this access | UseUseExplosion.cs:24:3058:24:3063 | this access |
+| UseUseExplosion.cs:24:184:24:187 | [post] this access | UseUseExplosion.cs:24:201:24:204 | this access |
+| UseUseExplosion.cs:24:184:24:187 | [post] this access | UseUseExplosion.cs:24:3043:24:3048 | this access |
+| UseUseExplosion.cs:24:184:24:187 | access to property Prop | UseUseExplosion.cs:24:184:24:192 | ... > ... |
+| UseUseExplosion.cs:24:184:24:187 | access to property Prop | UseUseExplosion.cs:24:201:24:204 | access to property Prop |
+| UseUseExplosion.cs:24:184:24:187 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:184:24:187 | this access | UseUseExplosion.cs:24:201:24:204 | this access |
+| UseUseExplosion.cs:24:184:24:187 | this access | UseUseExplosion.cs:24:3043:24:3048 | this access |
+| UseUseExplosion.cs:24:201:24:204 | [post] this access | UseUseExplosion.cs:24:218:24:221 | this access |
+| UseUseExplosion.cs:24:201:24:204 | [post] this access | UseUseExplosion.cs:24:3028:24:3033 | this access |
+| UseUseExplosion.cs:24:201:24:204 | access to property Prop | UseUseExplosion.cs:24:201:24:209 | ... > ... |
+| UseUseExplosion.cs:24:201:24:204 | access to property Prop | UseUseExplosion.cs:24:218:24:221 | access to property Prop |
+| UseUseExplosion.cs:24:201:24:204 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:201:24:204 | this access | UseUseExplosion.cs:24:218:24:221 | this access |
+| UseUseExplosion.cs:24:201:24:204 | this access | UseUseExplosion.cs:24:3028:24:3033 | this access |
+| UseUseExplosion.cs:24:218:24:221 | [post] this access | UseUseExplosion.cs:24:235:24:238 | this access |
+| UseUseExplosion.cs:24:218:24:221 | [post] this access | UseUseExplosion.cs:24:3013:24:3018 | this access |
+| UseUseExplosion.cs:24:218:24:221 | access to property Prop | UseUseExplosion.cs:24:218:24:226 | ... > ... |
+| UseUseExplosion.cs:24:218:24:221 | access to property Prop | UseUseExplosion.cs:24:235:24:238 | access to property Prop |
+| UseUseExplosion.cs:24:218:24:221 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:218:24:221 | this access | UseUseExplosion.cs:24:235:24:238 | this access |
+| UseUseExplosion.cs:24:218:24:221 | this access | UseUseExplosion.cs:24:3013:24:3018 | this access |
+| UseUseExplosion.cs:24:235:24:238 | [post] this access | UseUseExplosion.cs:24:252:24:255 | this access |
+| UseUseExplosion.cs:24:235:24:238 | [post] this access | UseUseExplosion.cs:24:2998:24:3003 | this access |
+| UseUseExplosion.cs:24:235:24:238 | access to property Prop | UseUseExplosion.cs:24:235:24:243 | ... > ... |
+| UseUseExplosion.cs:24:235:24:238 | access to property Prop | UseUseExplosion.cs:24:252:24:255 | access to property Prop |
+| UseUseExplosion.cs:24:235:24:238 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:235:24:238 | this access | UseUseExplosion.cs:24:252:24:255 | this access |
+| UseUseExplosion.cs:24:235:24:238 | this access | UseUseExplosion.cs:24:2998:24:3003 | this access |
+| UseUseExplosion.cs:24:252:24:255 | [post] this access | UseUseExplosion.cs:24:269:24:272 | this access |
+| UseUseExplosion.cs:24:252:24:255 | [post] this access | UseUseExplosion.cs:24:2983:24:2988 | this access |
+| UseUseExplosion.cs:24:252:24:255 | access to property Prop | UseUseExplosion.cs:24:252:24:260 | ... > ... |
+| UseUseExplosion.cs:24:252:24:255 | access to property Prop | UseUseExplosion.cs:24:269:24:272 | access to property Prop |
+| UseUseExplosion.cs:24:252:24:255 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:252:24:255 | this access | UseUseExplosion.cs:24:269:24:272 | this access |
+| UseUseExplosion.cs:24:252:24:255 | this access | UseUseExplosion.cs:24:2983:24:2988 | this access |
+| UseUseExplosion.cs:24:269:24:272 | [post] this access | UseUseExplosion.cs:24:286:24:289 | this access |
+| UseUseExplosion.cs:24:269:24:272 | [post] this access | UseUseExplosion.cs:24:2968:24:2973 | this access |
+| UseUseExplosion.cs:24:269:24:272 | access to property Prop | UseUseExplosion.cs:24:269:24:277 | ... > ... |
+| UseUseExplosion.cs:24:269:24:272 | access to property Prop | UseUseExplosion.cs:24:286:24:289 | access to property Prop |
+| UseUseExplosion.cs:24:269:24:272 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:269:24:272 | this access | UseUseExplosion.cs:24:286:24:289 | this access |
+| UseUseExplosion.cs:24:269:24:272 | this access | UseUseExplosion.cs:24:2968:24:2973 | this access |
+| UseUseExplosion.cs:24:286:24:289 | [post] this access | UseUseExplosion.cs:24:303:24:306 | this access |
+| UseUseExplosion.cs:24:286:24:289 | [post] this access | UseUseExplosion.cs:24:2953:24:2958 | this access |
+| UseUseExplosion.cs:24:286:24:289 | access to property Prop | UseUseExplosion.cs:24:286:24:294 | ... > ... |
+| UseUseExplosion.cs:24:286:24:289 | access to property Prop | UseUseExplosion.cs:24:303:24:306 | access to property Prop |
+| UseUseExplosion.cs:24:286:24:289 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:286:24:289 | this access | UseUseExplosion.cs:24:303:24:306 | this access |
+| UseUseExplosion.cs:24:286:24:289 | this access | UseUseExplosion.cs:24:2953:24:2958 | this access |
+| UseUseExplosion.cs:24:303:24:306 | [post] this access | UseUseExplosion.cs:24:320:24:323 | this access |
+| UseUseExplosion.cs:24:303:24:306 | [post] this access | UseUseExplosion.cs:24:2938:24:2943 | this access |
+| UseUseExplosion.cs:24:303:24:306 | access to property Prop | UseUseExplosion.cs:24:303:24:311 | ... > ... |
+| UseUseExplosion.cs:24:303:24:306 | access to property Prop | UseUseExplosion.cs:24:320:24:323 | access to property Prop |
+| UseUseExplosion.cs:24:303:24:306 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:303:24:306 | this access | UseUseExplosion.cs:24:320:24:323 | this access |
+| UseUseExplosion.cs:24:303:24:306 | this access | UseUseExplosion.cs:24:2938:24:2943 | this access |
+| UseUseExplosion.cs:24:320:24:323 | [post] this access | UseUseExplosion.cs:24:337:24:340 | this access |
+| UseUseExplosion.cs:24:320:24:323 | [post] this access | UseUseExplosion.cs:24:2923:24:2928 | this access |
+| UseUseExplosion.cs:24:320:24:323 | access to property Prop | UseUseExplosion.cs:24:320:24:328 | ... > ... |
+| UseUseExplosion.cs:24:320:24:323 | access to property Prop | UseUseExplosion.cs:24:337:24:340 | access to property Prop |
+| UseUseExplosion.cs:24:320:24:323 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:320:24:323 | this access | UseUseExplosion.cs:24:337:24:340 | this access |
+| UseUseExplosion.cs:24:320:24:323 | this access | UseUseExplosion.cs:24:2923:24:2928 | this access |
+| UseUseExplosion.cs:24:337:24:340 | [post] this access | UseUseExplosion.cs:24:354:24:357 | this access |
+| UseUseExplosion.cs:24:337:24:340 | [post] this access | UseUseExplosion.cs:24:2908:24:2913 | this access |
+| UseUseExplosion.cs:24:337:24:340 | access to property Prop | UseUseExplosion.cs:24:337:24:345 | ... > ... |
+| UseUseExplosion.cs:24:337:24:340 | access to property Prop | UseUseExplosion.cs:24:354:24:357 | access to property Prop |
+| UseUseExplosion.cs:24:337:24:340 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:337:24:340 | this access | UseUseExplosion.cs:24:354:24:357 | this access |
+| UseUseExplosion.cs:24:337:24:340 | this access | UseUseExplosion.cs:24:2908:24:2913 | this access |
+| UseUseExplosion.cs:24:354:24:357 | [post] this access | UseUseExplosion.cs:24:371:24:374 | this access |
+| UseUseExplosion.cs:24:354:24:357 | [post] this access | UseUseExplosion.cs:24:2893:24:2898 | this access |
+| UseUseExplosion.cs:24:354:24:357 | access to property Prop | UseUseExplosion.cs:24:354:24:362 | ... > ... |
+| UseUseExplosion.cs:24:354:24:357 | access to property Prop | UseUseExplosion.cs:24:371:24:374 | access to property Prop |
+| UseUseExplosion.cs:24:354:24:357 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:354:24:357 | this access | UseUseExplosion.cs:24:371:24:374 | this access |
+| UseUseExplosion.cs:24:354:24:357 | this access | UseUseExplosion.cs:24:2893:24:2898 | this access |
+| UseUseExplosion.cs:24:371:24:374 | [post] this access | UseUseExplosion.cs:24:388:24:391 | this access |
+| UseUseExplosion.cs:24:371:24:374 | [post] this access | UseUseExplosion.cs:24:2878:24:2883 | this access |
+| UseUseExplosion.cs:24:371:24:374 | access to property Prop | UseUseExplosion.cs:24:371:24:379 | ... > ... |
+| UseUseExplosion.cs:24:371:24:374 | access to property Prop | UseUseExplosion.cs:24:388:24:391 | access to property Prop |
+| UseUseExplosion.cs:24:371:24:374 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:371:24:374 | this access | UseUseExplosion.cs:24:388:24:391 | this access |
+| UseUseExplosion.cs:24:371:24:374 | this access | UseUseExplosion.cs:24:2878:24:2883 | this access |
+| UseUseExplosion.cs:24:388:24:391 | [post] this access | UseUseExplosion.cs:24:405:24:408 | this access |
+| UseUseExplosion.cs:24:388:24:391 | [post] this access | UseUseExplosion.cs:24:2863:24:2868 | this access |
+| UseUseExplosion.cs:24:388:24:391 | access to property Prop | UseUseExplosion.cs:24:388:24:396 | ... > ... |
+| UseUseExplosion.cs:24:388:24:391 | access to property Prop | UseUseExplosion.cs:24:405:24:408 | access to property Prop |
+| UseUseExplosion.cs:24:388:24:391 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:388:24:391 | this access | UseUseExplosion.cs:24:405:24:408 | this access |
+| UseUseExplosion.cs:24:388:24:391 | this access | UseUseExplosion.cs:24:2863:24:2868 | this access |
+| UseUseExplosion.cs:24:405:24:408 | [post] this access | UseUseExplosion.cs:24:422:24:425 | this access |
+| UseUseExplosion.cs:24:405:24:408 | [post] this access | UseUseExplosion.cs:24:2848:24:2853 | this access |
+| UseUseExplosion.cs:24:405:24:408 | access to property Prop | UseUseExplosion.cs:24:405:24:413 | ... > ... |
+| UseUseExplosion.cs:24:405:24:408 | access to property Prop | UseUseExplosion.cs:24:422:24:425 | access to property Prop |
+| UseUseExplosion.cs:24:405:24:408 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:405:24:408 | this access | UseUseExplosion.cs:24:422:24:425 | this access |
+| UseUseExplosion.cs:24:405:24:408 | this access | UseUseExplosion.cs:24:2848:24:2853 | this access |
+| UseUseExplosion.cs:24:422:24:425 | [post] this access | UseUseExplosion.cs:24:439:24:442 | this access |
+| UseUseExplosion.cs:24:422:24:425 | [post] this access | UseUseExplosion.cs:24:2833:24:2838 | this access |
+| UseUseExplosion.cs:24:422:24:425 | access to property Prop | UseUseExplosion.cs:24:422:24:430 | ... > ... |
+| UseUseExplosion.cs:24:422:24:425 | access to property Prop | UseUseExplosion.cs:24:439:24:442 | access to property Prop |
+| UseUseExplosion.cs:24:422:24:425 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:422:24:425 | this access | UseUseExplosion.cs:24:439:24:442 | this access |
+| UseUseExplosion.cs:24:422:24:425 | this access | UseUseExplosion.cs:24:2833:24:2838 | this access |
+| UseUseExplosion.cs:24:439:24:442 | [post] this access | UseUseExplosion.cs:24:456:24:459 | this access |
+| UseUseExplosion.cs:24:439:24:442 | [post] this access | UseUseExplosion.cs:24:2818:24:2823 | this access |
+| UseUseExplosion.cs:24:439:24:442 | access to property Prop | UseUseExplosion.cs:24:439:24:447 | ... > ... |
+| UseUseExplosion.cs:24:439:24:442 | access to property Prop | UseUseExplosion.cs:24:456:24:459 | access to property Prop |
+| UseUseExplosion.cs:24:439:24:442 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:439:24:442 | this access | UseUseExplosion.cs:24:456:24:459 | this access |
+| UseUseExplosion.cs:24:439:24:442 | this access | UseUseExplosion.cs:24:2818:24:2823 | this access |
+| UseUseExplosion.cs:24:456:24:459 | [post] this access | UseUseExplosion.cs:24:473:24:476 | this access |
+| UseUseExplosion.cs:24:456:24:459 | [post] this access | UseUseExplosion.cs:24:2803:24:2808 | this access |
+| UseUseExplosion.cs:24:456:24:459 | access to property Prop | UseUseExplosion.cs:24:456:24:464 | ... > ... |
+| UseUseExplosion.cs:24:456:24:459 | access to property Prop | UseUseExplosion.cs:24:473:24:476 | access to property Prop |
+| UseUseExplosion.cs:24:456:24:459 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:456:24:459 | this access | UseUseExplosion.cs:24:473:24:476 | this access |
+| UseUseExplosion.cs:24:456:24:459 | this access | UseUseExplosion.cs:24:2803:24:2808 | this access |
+| UseUseExplosion.cs:24:473:24:476 | [post] this access | UseUseExplosion.cs:24:490:24:493 | this access |
+| UseUseExplosion.cs:24:473:24:476 | [post] this access | UseUseExplosion.cs:24:2788:24:2793 | this access |
+| UseUseExplosion.cs:24:473:24:476 | access to property Prop | UseUseExplosion.cs:24:473:24:481 | ... > ... |
+| UseUseExplosion.cs:24:473:24:476 | access to property Prop | UseUseExplosion.cs:24:490:24:493 | access to property Prop |
+| UseUseExplosion.cs:24:473:24:476 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:473:24:476 | this access | UseUseExplosion.cs:24:490:24:493 | this access |
+| UseUseExplosion.cs:24:473:24:476 | this access | UseUseExplosion.cs:24:2788:24:2793 | this access |
+| UseUseExplosion.cs:24:490:24:493 | [post] this access | UseUseExplosion.cs:24:507:24:510 | this access |
+| UseUseExplosion.cs:24:490:24:493 | [post] this access | UseUseExplosion.cs:24:2773:24:2778 | this access |
+| UseUseExplosion.cs:24:490:24:493 | access to property Prop | UseUseExplosion.cs:24:490:24:498 | ... > ... |
+| UseUseExplosion.cs:24:490:24:493 | access to property Prop | UseUseExplosion.cs:24:507:24:510 | access to property Prop |
+| UseUseExplosion.cs:24:490:24:493 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:490:24:493 | this access | UseUseExplosion.cs:24:507:24:510 | this access |
+| UseUseExplosion.cs:24:490:24:493 | this access | UseUseExplosion.cs:24:2773:24:2778 | this access |
+| UseUseExplosion.cs:24:507:24:510 | [post] this access | UseUseExplosion.cs:24:524:24:527 | this access |
+| UseUseExplosion.cs:24:507:24:510 | [post] this access | UseUseExplosion.cs:24:2758:24:2763 | this access |
+| UseUseExplosion.cs:24:507:24:510 | access to property Prop | UseUseExplosion.cs:24:507:24:515 | ... > ... |
+| UseUseExplosion.cs:24:507:24:510 | access to property Prop | UseUseExplosion.cs:24:524:24:527 | access to property Prop |
+| UseUseExplosion.cs:24:507:24:510 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:507:24:510 | this access | UseUseExplosion.cs:24:524:24:527 | this access |
+| UseUseExplosion.cs:24:507:24:510 | this access | UseUseExplosion.cs:24:2758:24:2763 | this access |
+| UseUseExplosion.cs:24:524:24:527 | [post] this access | UseUseExplosion.cs:24:541:24:544 | this access |
+| UseUseExplosion.cs:24:524:24:527 | [post] this access | UseUseExplosion.cs:24:2743:24:2748 | this access |
+| UseUseExplosion.cs:24:524:24:527 | access to property Prop | UseUseExplosion.cs:24:524:24:532 | ... > ... |
+| UseUseExplosion.cs:24:524:24:527 | access to property Prop | UseUseExplosion.cs:24:541:24:544 | access to property Prop |
+| UseUseExplosion.cs:24:524:24:527 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:524:24:527 | this access | UseUseExplosion.cs:24:541:24:544 | this access |
+| UseUseExplosion.cs:24:524:24:527 | this access | UseUseExplosion.cs:24:2743:24:2748 | this access |
+| UseUseExplosion.cs:24:541:24:544 | [post] this access | UseUseExplosion.cs:24:558:24:561 | this access |
+| UseUseExplosion.cs:24:541:24:544 | [post] this access | UseUseExplosion.cs:24:2728:24:2733 | this access |
+| UseUseExplosion.cs:24:541:24:544 | access to property Prop | UseUseExplosion.cs:24:541:24:549 | ... > ... |
+| UseUseExplosion.cs:24:541:24:544 | access to property Prop | UseUseExplosion.cs:24:558:24:561 | access to property Prop |
+| UseUseExplosion.cs:24:541:24:544 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:541:24:544 | this access | UseUseExplosion.cs:24:558:24:561 | this access |
+| UseUseExplosion.cs:24:541:24:544 | this access | UseUseExplosion.cs:24:2728:24:2733 | this access |
+| UseUseExplosion.cs:24:558:24:561 | [post] this access | UseUseExplosion.cs:24:575:24:578 | this access |
+| UseUseExplosion.cs:24:558:24:561 | [post] this access | UseUseExplosion.cs:24:2713:24:2718 | this access |
+| UseUseExplosion.cs:24:558:24:561 | access to property Prop | UseUseExplosion.cs:24:558:24:566 | ... > ... |
+| UseUseExplosion.cs:24:558:24:561 | access to property Prop | UseUseExplosion.cs:24:575:24:578 | access to property Prop |
+| UseUseExplosion.cs:24:558:24:561 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:558:24:561 | this access | UseUseExplosion.cs:24:575:24:578 | this access |
+| UseUseExplosion.cs:24:558:24:561 | this access | UseUseExplosion.cs:24:2713:24:2718 | this access |
+| UseUseExplosion.cs:24:575:24:578 | [post] this access | UseUseExplosion.cs:24:592:24:595 | this access |
+| UseUseExplosion.cs:24:575:24:578 | [post] this access | UseUseExplosion.cs:24:2698:24:2703 | this access |
+| UseUseExplosion.cs:24:575:24:578 | access to property Prop | UseUseExplosion.cs:24:575:24:583 | ... > ... |
+| UseUseExplosion.cs:24:575:24:578 | access to property Prop | UseUseExplosion.cs:24:592:24:595 | access to property Prop |
+| UseUseExplosion.cs:24:575:24:578 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:575:24:578 | this access | UseUseExplosion.cs:24:592:24:595 | this access |
+| UseUseExplosion.cs:24:575:24:578 | this access | UseUseExplosion.cs:24:2698:24:2703 | this access |
+| UseUseExplosion.cs:24:592:24:595 | [post] this access | UseUseExplosion.cs:24:609:24:612 | this access |
+| UseUseExplosion.cs:24:592:24:595 | [post] this access | UseUseExplosion.cs:24:2683:24:2688 | this access |
+| UseUseExplosion.cs:24:592:24:595 | access to property Prop | UseUseExplosion.cs:24:592:24:600 | ... > ... |
+| UseUseExplosion.cs:24:592:24:595 | access to property Prop | UseUseExplosion.cs:24:609:24:612 | access to property Prop |
+| UseUseExplosion.cs:24:592:24:595 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:592:24:595 | this access | UseUseExplosion.cs:24:609:24:612 | this access |
+| UseUseExplosion.cs:24:592:24:595 | this access | UseUseExplosion.cs:24:2683:24:2688 | this access |
+| UseUseExplosion.cs:24:609:24:612 | [post] this access | UseUseExplosion.cs:24:626:24:629 | this access |
+| UseUseExplosion.cs:24:609:24:612 | [post] this access | UseUseExplosion.cs:24:2668:24:2673 | this access |
+| UseUseExplosion.cs:24:609:24:612 | access to property Prop | UseUseExplosion.cs:24:609:24:617 | ... > ... |
+| UseUseExplosion.cs:24:609:24:612 | access to property Prop | UseUseExplosion.cs:24:626:24:629 | access to property Prop |
+| UseUseExplosion.cs:24:609:24:612 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:609:24:612 | this access | UseUseExplosion.cs:24:626:24:629 | this access |
+| UseUseExplosion.cs:24:609:24:612 | this access | UseUseExplosion.cs:24:2668:24:2673 | this access |
+| UseUseExplosion.cs:24:626:24:629 | [post] this access | UseUseExplosion.cs:24:643:24:646 | this access |
+| UseUseExplosion.cs:24:626:24:629 | [post] this access | UseUseExplosion.cs:24:2653:24:2658 | this access |
+| UseUseExplosion.cs:24:626:24:629 | access to property Prop | UseUseExplosion.cs:24:626:24:634 | ... > ... |
+| UseUseExplosion.cs:24:626:24:629 | access to property Prop | UseUseExplosion.cs:24:643:24:646 | access to property Prop |
+| UseUseExplosion.cs:24:626:24:629 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:626:24:629 | this access | UseUseExplosion.cs:24:643:24:646 | this access |
+| UseUseExplosion.cs:24:626:24:629 | this access | UseUseExplosion.cs:24:2653:24:2658 | this access |
+| UseUseExplosion.cs:24:643:24:646 | [post] this access | UseUseExplosion.cs:24:660:24:663 | this access |
+| UseUseExplosion.cs:24:643:24:646 | [post] this access | UseUseExplosion.cs:24:2638:24:2643 | this access |
+| UseUseExplosion.cs:24:643:24:646 | access to property Prop | UseUseExplosion.cs:24:643:24:651 | ... > ... |
+| UseUseExplosion.cs:24:643:24:646 | access to property Prop | UseUseExplosion.cs:24:660:24:663 | access to property Prop |
+| UseUseExplosion.cs:24:643:24:646 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:643:24:646 | this access | UseUseExplosion.cs:24:660:24:663 | this access |
+| UseUseExplosion.cs:24:643:24:646 | this access | UseUseExplosion.cs:24:2638:24:2643 | this access |
+| UseUseExplosion.cs:24:660:24:663 | [post] this access | UseUseExplosion.cs:24:677:24:680 | this access |
+| UseUseExplosion.cs:24:660:24:663 | [post] this access | UseUseExplosion.cs:24:2623:24:2628 | this access |
+| UseUseExplosion.cs:24:660:24:663 | access to property Prop | UseUseExplosion.cs:24:660:24:668 | ... > ... |
+| UseUseExplosion.cs:24:660:24:663 | access to property Prop | UseUseExplosion.cs:24:677:24:680 | access to property Prop |
+| UseUseExplosion.cs:24:660:24:663 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:660:24:663 | this access | UseUseExplosion.cs:24:677:24:680 | this access |
+| UseUseExplosion.cs:24:660:24:663 | this access | UseUseExplosion.cs:24:2623:24:2628 | this access |
+| UseUseExplosion.cs:24:677:24:680 | [post] this access | UseUseExplosion.cs:24:694:24:697 | this access |
+| UseUseExplosion.cs:24:677:24:680 | [post] this access | UseUseExplosion.cs:24:2608:24:2613 | this access |
+| UseUseExplosion.cs:24:677:24:680 | access to property Prop | UseUseExplosion.cs:24:677:24:685 | ... > ... |
+| UseUseExplosion.cs:24:677:24:680 | access to property Prop | UseUseExplosion.cs:24:694:24:697 | access to property Prop |
+| UseUseExplosion.cs:24:677:24:680 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:677:24:680 | this access | UseUseExplosion.cs:24:694:24:697 | this access |
+| UseUseExplosion.cs:24:677:24:680 | this access | UseUseExplosion.cs:24:2608:24:2613 | this access |
+| UseUseExplosion.cs:24:694:24:697 | [post] this access | UseUseExplosion.cs:24:711:24:714 | this access |
+| UseUseExplosion.cs:24:694:24:697 | [post] this access | UseUseExplosion.cs:24:2593:24:2598 | this access |
+| UseUseExplosion.cs:24:694:24:697 | access to property Prop | UseUseExplosion.cs:24:694:24:702 | ... > ... |
+| UseUseExplosion.cs:24:694:24:697 | access to property Prop | UseUseExplosion.cs:24:711:24:714 | access to property Prop |
+| UseUseExplosion.cs:24:694:24:697 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:694:24:697 | this access | UseUseExplosion.cs:24:711:24:714 | this access |
+| UseUseExplosion.cs:24:694:24:697 | this access | UseUseExplosion.cs:24:2593:24:2598 | this access |
+| UseUseExplosion.cs:24:711:24:714 | [post] this access | UseUseExplosion.cs:24:728:24:731 | this access |
+| UseUseExplosion.cs:24:711:24:714 | [post] this access | UseUseExplosion.cs:24:2578:24:2583 | this access |
+| UseUseExplosion.cs:24:711:24:714 | access to property Prop | UseUseExplosion.cs:24:711:24:719 | ... > ... |
+| UseUseExplosion.cs:24:711:24:714 | access to property Prop | UseUseExplosion.cs:24:728:24:731 | access to property Prop |
+| UseUseExplosion.cs:24:711:24:714 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:711:24:714 | this access | UseUseExplosion.cs:24:728:24:731 | this access |
+| UseUseExplosion.cs:24:711:24:714 | this access | UseUseExplosion.cs:24:2578:24:2583 | this access |
+| UseUseExplosion.cs:24:728:24:731 | [post] this access | UseUseExplosion.cs:24:745:24:748 | this access |
+| UseUseExplosion.cs:24:728:24:731 | [post] this access | UseUseExplosion.cs:24:2563:24:2568 | this access |
+| UseUseExplosion.cs:24:728:24:731 | access to property Prop | UseUseExplosion.cs:24:728:24:736 | ... > ... |
+| UseUseExplosion.cs:24:728:24:731 | access to property Prop | UseUseExplosion.cs:24:745:24:748 | access to property Prop |
+| UseUseExplosion.cs:24:728:24:731 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:728:24:731 | this access | UseUseExplosion.cs:24:745:24:748 | this access |
+| UseUseExplosion.cs:24:728:24:731 | this access | UseUseExplosion.cs:24:2563:24:2568 | this access |
+| UseUseExplosion.cs:24:745:24:748 | [post] this access | UseUseExplosion.cs:24:762:24:765 | this access |
+| UseUseExplosion.cs:24:745:24:748 | [post] this access | UseUseExplosion.cs:24:2548:24:2553 | this access |
+| UseUseExplosion.cs:24:745:24:748 | access to property Prop | UseUseExplosion.cs:24:745:24:753 | ... > ... |
+| UseUseExplosion.cs:24:745:24:748 | access to property Prop | UseUseExplosion.cs:24:762:24:765 | access to property Prop |
+| UseUseExplosion.cs:24:745:24:748 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:745:24:748 | this access | UseUseExplosion.cs:24:762:24:765 | this access |
+| UseUseExplosion.cs:24:745:24:748 | this access | UseUseExplosion.cs:24:2548:24:2553 | this access |
+| UseUseExplosion.cs:24:762:24:765 | [post] this access | UseUseExplosion.cs:24:779:24:782 | this access |
+| UseUseExplosion.cs:24:762:24:765 | [post] this access | UseUseExplosion.cs:24:2533:24:2538 | this access |
+| UseUseExplosion.cs:24:762:24:765 | access to property Prop | UseUseExplosion.cs:24:762:24:770 | ... > ... |
+| UseUseExplosion.cs:24:762:24:765 | access to property Prop | UseUseExplosion.cs:24:779:24:782 | access to property Prop |
+| UseUseExplosion.cs:24:762:24:765 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:762:24:765 | this access | UseUseExplosion.cs:24:779:24:782 | this access |
+| UseUseExplosion.cs:24:762:24:765 | this access | UseUseExplosion.cs:24:2533:24:2538 | this access |
+| UseUseExplosion.cs:24:779:24:782 | [post] this access | UseUseExplosion.cs:24:796:24:799 | this access |
+| UseUseExplosion.cs:24:779:24:782 | [post] this access | UseUseExplosion.cs:24:2518:24:2523 | this access |
+| UseUseExplosion.cs:24:779:24:782 | access to property Prop | UseUseExplosion.cs:24:779:24:787 | ... > ... |
+| UseUseExplosion.cs:24:779:24:782 | access to property Prop | UseUseExplosion.cs:24:796:24:799 | access to property Prop |
+| UseUseExplosion.cs:24:779:24:782 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:779:24:782 | this access | UseUseExplosion.cs:24:796:24:799 | this access |
+| UseUseExplosion.cs:24:779:24:782 | this access | UseUseExplosion.cs:24:2518:24:2523 | this access |
+| UseUseExplosion.cs:24:796:24:799 | [post] this access | UseUseExplosion.cs:24:813:24:816 | this access |
+| UseUseExplosion.cs:24:796:24:799 | [post] this access | UseUseExplosion.cs:24:2503:24:2508 | this access |
+| UseUseExplosion.cs:24:796:24:799 | access to property Prop | UseUseExplosion.cs:24:796:24:804 | ... > ... |
+| UseUseExplosion.cs:24:796:24:799 | access to property Prop | UseUseExplosion.cs:24:813:24:816 | access to property Prop |
+| UseUseExplosion.cs:24:796:24:799 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:796:24:799 | this access | UseUseExplosion.cs:24:813:24:816 | this access |
+| UseUseExplosion.cs:24:796:24:799 | this access | UseUseExplosion.cs:24:2503:24:2508 | this access |
+| UseUseExplosion.cs:24:813:24:816 | [post] this access | UseUseExplosion.cs:24:830:24:833 | this access |
+| UseUseExplosion.cs:24:813:24:816 | [post] this access | UseUseExplosion.cs:24:2488:24:2493 | this access |
+| UseUseExplosion.cs:24:813:24:816 | access to property Prop | UseUseExplosion.cs:24:813:24:821 | ... > ... |
+| UseUseExplosion.cs:24:813:24:816 | access to property Prop | UseUseExplosion.cs:24:830:24:833 | access to property Prop |
+| UseUseExplosion.cs:24:813:24:816 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:813:24:816 | this access | UseUseExplosion.cs:24:830:24:833 | this access |
+| UseUseExplosion.cs:24:813:24:816 | this access | UseUseExplosion.cs:24:2488:24:2493 | this access |
+| UseUseExplosion.cs:24:830:24:833 | [post] this access | UseUseExplosion.cs:24:847:24:850 | this access |
+| UseUseExplosion.cs:24:830:24:833 | [post] this access | UseUseExplosion.cs:24:2473:24:2478 | this access |
+| UseUseExplosion.cs:24:830:24:833 | access to property Prop | UseUseExplosion.cs:24:830:24:838 | ... > ... |
+| UseUseExplosion.cs:24:830:24:833 | access to property Prop | UseUseExplosion.cs:24:847:24:850 | access to property Prop |
+| UseUseExplosion.cs:24:830:24:833 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:830:24:833 | this access | UseUseExplosion.cs:24:847:24:850 | this access |
+| UseUseExplosion.cs:24:830:24:833 | this access | UseUseExplosion.cs:24:2473:24:2478 | this access |
+| UseUseExplosion.cs:24:847:24:850 | [post] this access | UseUseExplosion.cs:24:864:24:867 | this access |
+| UseUseExplosion.cs:24:847:24:850 | [post] this access | UseUseExplosion.cs:24:2458:24:2463 | this access |
+| UseUseExplosion.cs:24:847:24:850 | access to property Prop | UseUseExplosion.cs:24:847:24:855 | ... > ... |
+| UseUseExplosion.cs:24:847:24:850 | access to property Prop | UseUseExplosion.cs:24:864:24:867 | access to property Prop |
+| UseUseExplosion.cs:24:847:24:850 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:847:24:850 | this access | UseUseExplosion.cs:24:864:24:867 | this access |
+| UseUseExplosion.cs:24:847:24:850 | this access | UseUseExplosion.cs:24:2458:24:2463 | this access |
+| UseUseExplosion.cs:24:864:24:867 | [post] this access | UseUseExplosion.cs:24:881:24:884 | this access |
+| UseUseExplosion.cs:24:864:24:867 | [post] this access | UseUseExplosion.cs:24:2443:24:2448 | this access |
+| UseUseExplosion.cs:24:864:24:867 | access to property Prop | UseUseExplosion.cs:24:864:24:872 | ... > ... |
+| UseUseExplosion.cs:24:864:24:867 | access to property Prop | UseUseExplosion.cs:24:881:24:884 | access to property Prop |
+| UseUseExplosion.cs:24:864:24:867 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:864:24:867 | this access | UseUseExplosion.cs:24:881:24:884 | this access |
+| UseUseExplosion.cs:24:864:24:867 | this access | UseUseExplosion.cs:24:2443:24:2448 | this access |
+| UseUseExplosion.cs:24:881:24:884 | [post] this access | UseUseExplosion.cs:24:898:24:901 | this access |
+| UseUseExplosion.cs:24:881:24:884 | [post] this access | UseUseExplosion.cs:24:2428:24:2433 | this access |
+| UseUseExplosion.cs:24:881:24:884 | access to property Prop | UseUseExplosion.cs:24:881:24:889 | ... > ... |
+| UseUseExplosion.cs:24:881:24:884 | access to property Prop | UseUseExplosion.cs:24:898:24:901 | access to property Prop |
+| UseUseExplosion.cs:24:881:24:884 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:881:24:884 | this access | UseUseExplosion.cs:24:898:24:901 | this access |
+| UseUseExplosion.cs:24:881:24:884 | this access | UseUseExplosion.cs:24:2428:24:2433 | this access |
+| UseUseExplosion.cs:24:898:24:901 | [post] this access | UseUseExplosion.cs:24:915:24:918 | this access |
+| UseUseExplosion.cs:24:898:24:901 | [post] this access | UseUseExplosion.cs:24:2413:24:2418 | this access |
+| UseUseExplosion.cs:24:898:24:901 | access to property Prop | UseUseExplosion.cs:24:898:24:906 | ... > ... |
+| UseUseExplosion.cs:24:898:24:901 | access to property Prop | UseUseExplosion.cs:24:915:24:918 | access to property Prop |
+| UseUseExplosion.cs:24:898:24:901 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:898:24:901 | this access | UseUseExplosion.cs:24:915:24:918 | this access |
+| UseUseExplosion.cs:24:898:24:901 | this access | UseUseExplosion.cs:24:2413:24:2418 | this access |
+| UseUseExplosion.cs:24:915:24:918 | [post] this access | UseUseExplosion.cs:24:932:24:935 | this access |
+| UseUseExplosion.cs:24:915:24:918 | [post] this access | UseUseExplosion.cs:24:2398:24:2403 | this access |
+| UseUseExplosion.cs:24:915:24:918 | access to property Prop | UseUseExplosion.cs:24:915:24:923 | ... > ... |
+| UseUseExplosion.cs:24:915:24:918 | access to property Prop | UseUseExplosion.cs:24:932:24:935 | access to property Prop |
+| UseUseExplosion.cs:24:915:24:918 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:915:24:918 | this access | UseUseExplosion.cs:24:932:24:935 | this access |
+| UseUseExplosion.cs:24:915:24:918 | this access | UseUseExplosion.cs:24:2398:24:2403 | this access |
+| UseUseExplosion.cs:24:932:24:935 | [post] this access | UseUseExplosion.cs:24:949:24:952 | this access |
+| UseUseExplosion.cs:24:932:24:935 | [post] this access | UseUseExplosion.cs:24:2383:24:2388 | this access |
+| UseUseExplosion.cs:24:932:24:935 | access to property Prop | UseUseExplosion.cs:24:932:24:940 | ... > ... |
+| UseUseExplosion.cs:24:932:24:935 | access to property Prop | UseUseExplosion.cs:24:949:24:952 | access to property Prop |
+| UseUseExplosion.cs:24:932:24:935 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:932:24:935 | this access | UseUseExplosion.cs:24:949:24:952 | this access |
+| UseUseExplosion.cs:24:932:24:935 | this access | UseUseExplosion.cs:24:2383:24:2388 | this access |
+| UseUseExplosion.cs:24:949:24:952 | [post] this access | UseUseExplosion.cs:24:966:24:969 | this access |
+| UseUseExplosion.cs:24:949:24:952 | [post] this access | UseUseExplosion.cs:24:2368:24:2373 | this access |
+| UseUseExplosion.cs:24:949:24:952 | access to property Prop | UseUseExplosion.cs:24:949:24:957 | ... > ... |
+| UseUseExplosion.cs:24:949:24:952 | access to property Prop | UseUseExplosion.cs:24:966:24:969 | access to property Prop |
+| UseUseExplosion.cs:24:949:24:952 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:949:24:952 | this access | UseUseExplosion.cs:24:966:24:969 | this access |
+| UseUseExplosion.cs:24:949:24:952 | this access | UseUseExplosion.cs:24:2368:24:2373 | this access |
+| UseUseExplosion.cs:24:966:24:969 | [post] this access | UseUseExplosion.cs:24:983:24:986 | this access |
+| UseUseExplosion.cs:24:966:24:969 | [post] this access | UseUseExplosion.cs:24:2353:24:2358 | this access |
+| UseUseExplosion.cs:24:966:24:969 | access to property Prop | UseUseExplosion.cs:24:966:24:974 | ... > ... |
+| UseUseExplosion.cs:24:966:24:969 | access to property Prop | UseUseExplosion.cs:24:983:24:986 | access to property Prop |
+| UseUseExplosion.cs:24:966:24:969 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:966:24:969 | this access | UseUseExplosion.cs:24:983:24:986 | this access |
+| UseUseExplosion.cs:24:966:24:969 | this access | UseUseExplosion.cs:24:2353:24:2358 | this access |
+| UseUseExplosion.cs:24:983:24:986 | [post] this access | UseUseExplosion.cs:24:1000:24:1003 | this access |
+| UseUseExplosion.cs:24:983:24:986 | [post] this access | UseUseExplosion.cs:24:2338:24:2343 | this access |
+| UseUseExplosion.cs:24:983:24:986 | access to property Prop | UseUseExplosion.cs:24:983:24:991 | ... > ... |
+| UseUseExplosion.cs:24:983:24:986 | access to property Prop | UseUseExplosion.cs:24:1000:24:1003 | access to property Prop |
+| UseUseExplosion.cs:24:983:24:986 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:983:24:986 | this access | UseUseExplosion.cs:24:1000:24:1003 | this access |
+| UseUseExplosion.cs:24:983:24:986 | this access | UseUseExplosion.cs:24:2338:24:2343 | this access |
+| UseUseExplosion.cs:24:1000:24:1003 | [post] this access | UseUseExplosion.cs:24:1017:24:1020 | this access |
+| UseUseExplosion.cs:24:1000:24:1003 | [post] this access | UseUseExplosion.cs:24:2323:24:2328 | this access |
+| UseUseExplosion.cs:24:1000:24:1003 | access to property Prop | UseUseExplosion.cs:24:1000:24:1008 | ... > ... |
+| UseUseExplosion.cs:24:1000:24:1003 | access to property Prop | UseUseExplosion.cs:24:1017:24:1020 | access to property Prop |
+| UseUseExplosion.cs:24:1000:24:1003 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1000:24:1003 | this access | UseUseExplosion.cs:24:1017:24:1020 | this access |
+| UseUseExplosion.cs:24:1000:24:1003 | this access | UseUseExplosion.cs:24:2323:24:2328 | this access |
+| UseUseExplosion.cs:24:1017:24:1020 | [post] this access | UseUseExplosion.cs:24:1034:24:1037 | this access |
+| UseUseExplosion.cs:24:1017:24:1020 | [post] this access | UseUseExplosion.cs:24:2308:24:2313 | this access |
+| UseUseExplosion.cs:24:1017:24:1020 | access to property Prop | UseUseExplosion.cs:24:1017:24:1025 | ... > ... |
+| UseUseExplosion.cs:24:1017:24:1020 | access to property Prop | UseUseExplosion.cs:24:1034:24:1037 | access to property Prop |
+| UseUseExplosion.cs:24:1017:24:1020 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1017:24:1020 | this access | UseUseExplosion.cs:24:1034:24:1037 | this access |
+| UseUseExplosion.cs:24:1017:24:1020 | this access | UseUseExplosion.cs:24:2308:24:2313 | this access |
+| UseUseExplosion.cs:24:1034:24:1037 | [post] this access | UseUseExplosion.cs:24:1051:24:1054 | this access |
+| UseUseExplosion.cs:24:1034:24:1037 | [post] this access | UseUseExplosion.cs:24:2293:24:2298 | this access |
+| UseUseExplosion.cs:24:1034:24:1037 | access to property Prop | UseUseExplosion.cs:24:1034:24:1042 | ... > ... |
+| UseUseExplosion.cs:24:1034:24:1037 | access to property Prop | UseUseExplosion.cs:24:1051:24:1054 | access to property Prop |
+| UseUseExplosion.cs:24:1034:24:1037 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1034:24:1037 | this access | UseUseExplosion.cs:24:1051:24:1054 | this access |
+| UseUseExplosion.cs:24:1034:24:1037 | this access | UseUseExplosion.cs:24:2293:24:2298 | this access |
+| UseUseExplosion.cs:24:1051:24:1054 | [post] this access | UseUseExplosion.cs:24:1068:24:1071 | this access |
+| UseUseExplosion.cs:24:1051:24:1054 | [post] this access | UseUseExplosion.cs:24:2278:24:2283 | this access |
+| UseUseExplosion.cs:24:1051:24:1054 | access to property Prop | UseUseExplosion.cs:24:1051:24:1059 | ... > ... |
+| UseUseExplosion.cs:24:1051:24:1054 | access to property Prop | UseUseExplosion.cs:24:1068:24:1071 | access to property Prop |
+| UseUseExplosion.cs:24:1051:24:1054 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1051:24:1054 | this access | UseUseExplosion.cs:24:1068:24:1071 | this access |
+| UseUseExplosion.cs:24:1051:24:1054 | this access | UseUseExplosion.cs:24:2278:24:2283 | this access |
+| UseUseExplosion.cs:24:1068:24:1071 | [post] this access | UseUseExplosion.cs:24:1085:24:1088 | this access |
+| UseUseExplosion.cs:24:1068:24:1071 | [post] this access | UseUseExplosion.cs:24:2263:24:2268 | this access |
+| UseUseExplosion.cs:24:1068:24:1071 | access to property Prop | UseUseExplosion.cs:24:1068:24:1076 | ... > ... |
+| UseUseExplosion.cs:24:1068:24:1071 | access to property Prop | UseUseExplosion.cs:24:1085:24:1088 | access to property Prop |
+| UseUseExplosion.cs:24:1068:24:1071 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1068:24:1071 | this access | UseUseExplosion.cs:24:1085:24:1088 | this access |
+| UseUseExplosion.cs:24:1068:24:1071 | this access | UseUseExplosion.cs:24:2263:24:2268 | this access |
+| UseUseExplosion.cs:24:1085:24:1088 | [post] this access | UseUseExplosion.cs:24:1102:24:1105 | this access |
+| UseUseExplosion.cs:24:1085:24:1088 | [post] this access | UseUseExplosion.cs:24:2248:24:2253 | this access |
+| UseUseExplosion.cs:24:1085:24:1088 | access to property Prop | UseUseExplosion.cs:24:1085:24:1093 | ... > ... |
+| UseUseExplosion.cs:24:1085:24:1088 | access to property Prop | UseUseExplosion.cs:24:1102:24:1105 | access to property Prop |
+| UseUseExplosion.cs:24:1085:24:1088 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1085:24:1088 | this access | UseUseExplosion.cs:24:1102:24:1105 | this access |
+| UseUseExplosion.cs:24:1085:24:1088 | this access | UseUseExplosion.cs:24:2248:24:2253 | this access |
+| UseUseExplosion.cs:24:1102:24:1105 | [post] this access | UseUseExplosion.cs:24:1119:24:1122 | this access |
+| UseUseExplosion.cs:24:1102:24:1105 | [post] this access | UseUseExplosion.cs:24:2233:24:2238 | this access |
+| UseUseExplosion.cs:24:1102:24:1105 | access to property Prop | UseUseExplosion.cs:24:1102:24:1110 | ... > ... |
+| UseUseExplosion.cs:24:1102:24:1105 | access to property Prop | UseUseExplosion.cs:24:1119:24:1122 | access to property Prop |
+| UseUseExplosion.cs:24:1102:24:1105 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1102:24:1105 | this access | UseUseExplosion.cs:24:1119:24:1122 | this access |
+| UseUseExplosion.cs:24:1102:24:1105 | this access | UseUseExplosion.cs:24:2233:24:2238 | this access |
+| UseUseExplosion.cs:24:1119:24:1122 | [post] this access | UseUseExplosion.cs:24:1136:24:1139 | this access |
+| UseUseExplosion.cs:24:1119:24:1122 | [post] this access | UseUseExplosion.cs:24:2218:24:2223 | this access |
+| UseUseExplosion.cs:24:1119:24:1122 | access to property Prop | UseUseExplosion.cs:24:1119:24:1127 | ... > ... |
+| UseUseExplosion.cs:24:1119:24:1122 | access to property Prop | UseUseExplosion.cs:24:1136:24:1139 | access to property Prop |
+| UseUseExplosion.cs:24:1119:24:1122 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1119:24:1122 | this access | UseUseExplosion.cs:24:1136:24:1139 | this access |
+| UseUseExplosion.cs:24:1119:24:1122 | this access | UseUseExplosion.cs:24:2218:24:2223 | this access |
+| UseUseExplosion.cs:24:1136:24:1139 | [post] this access | UseUseExplosion.cs:24:1153:24:1156 | this access |
+| UseUseExplosion.cs:24:1136:24:1139 | [post] this access | UseUseExplosion.cs:24:2203:24:2208 | this access |
+| UseUseExplosion.cs:24:1136:24:1139 | access to property Prop | UseUseExplosion.cs:24:1136:24:1144 | ... > ... |
+| UseUseExplosion.cs:24:1136:24:1139 | access to property Prop | UseUseExplosion.cs:24:1153:24:1156 | access to property Prop |
+| UseUseExplosion.cs:24:1136:24:1139 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1136:24:1139 | this access | UseUseExplosion.cs:24:1153:24:1156 | this access |
+| UseUseExplosion.cs:24:1136:24:1139 | this access | UseUseExplosion.cs:24:2203:24:2208 | this access |
+| UseUseExplosion.cs:24:1153:24:1156 | [post] this access | UseUseExplosion.cs:24:1170:24:1173 | this access |
+| UseUseExplosion.cs:24:1153:24:1156 | [post] this access | UseUseExplosion.cs:24:2188:24:2193 | this access |
+| UseUseExplosion.cs:24:1153:24:1156 | access to property Prop | UseUseExplosion.cs:24:1153:24:1161 | ... > ... |
+| UseUseExplosion.cs:24:1153:24:1156 | access to property Prop | UseUseExplosion.cs:24:1170:24:1173 | access to property Prop |
+| UseUseExplosion.cs:24:1153:24:1156 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1153:24:1156 | this access | UseUseExplosion.cs:24:1170:24:1173 | this access |
+| UseUseExplosion.cs:24:1153:24:1156 | this access | UseUseExplosion.cs:24:2188:24:2193 | this access |
+| UseUseExplosion.cs:24:1170:24:1173 | [post] this access | UseUseExplosion.cs:24:1187:24:1190 | this access |
+| UseUseExplosion.cs:24:1170:24:1173 | [post] this access | UseUseExplosion.cs:24:2173:24:2178 | this access |
+| UseUseExplosion.cs:24:1170:24:1173 | access to property Prop | UseUseExplosion.cs:24:1170:24:1178 | ... > ... |
+| UseUseExplosion.cs:24:1170:24:1173 | access to property Prop | UseUseExplosion.cs:24:1187:24:1190 | access to property Prop |
+| UseUseExplosion.cs:24:1170:24:1173 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1170:24:1173 | this access | UseUseExplosion.cs:24:1187:24:1190 | this access |
+| UseUseExplosion.cs:24:1170:24:1173 | this access | UseUseExplosion.cs:24:2173:24:2178 | this access |
+| UseUseExplosion.cs:24:1187:24:1190 | [post] this access | UseUseExplosion.cs:24:1204:24:1207 | this access |
+| UseUseExplosion.cs:24:1187:24:1190 | [post] this access | UseUseExplosion.cs:24:2158:24:2163 | this access |
+| UseUseExplosion.cs:24:1187:24:1190 | access to property Prop | UseUseExplosion.cs:24:1187:24:1195 | ... > ... |
+| UseUseExplosion.cs:24:1187:24:1190 | access to property Prop | UseUseExplosion.cs:24:1204:24:1207 | access to property Prop |
+| UseUseExplosion.cs:24:1187:24:1190 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1187:24:1190 | this access | UseUseExplosion.cs:24:1204:24:1207 | this access |
+| UseUseExplosion.cs:24:1187:24:1190 | this access | UseUseExplosion.cs:24:2158:24:2163 | this access |
+| UseUseExplosion.cs:24:1204:24:1207 | [post] this access | UseUseExplosion.cs:24:1221:24:1224 | this access |
+| UseUseExplosion.cs:24:1204:24:1207 | [post] this access | UseUseExplosion.cs:24:2143:24:2148 | this access |
+| UseUseExplosion.cs:24:1204:24:1207 | access to property Prop | UseUseExplosion.cs:24:1204:24:1212 | ... > ... |
+| UseUseExplosion.cs:24:1204:24:1207 | access to property Prop | UseUseExplosion.cs:24:1221:24:1224 | access to property Prop |
+| UseUseExplosion.cs:24:1204:24:1207 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1204:24:1207 | this access | UseUseExplosion.cs:24:1221:24:1224 | this access |
+| UseUseExplosion.cs:24:1204:24:1207 | this access | UseUseExplosion.cs:24:2143:24:2148 | this access |
+| UseUseExplosion.cs:24:1221:24:1224 | [post] this access | UseUseExplosion.cs:24:1238:24:1241 | this access |
+| UseUseExplosion.cs:24:1221:24:1224 | [post] this access | UseUseExplosion.cs:24:2128:24:2133 | this access |
+| UseUseExplosion.cs:24:1221:24:1224 | access to property Prop | UseUseExplosion.cs:24:1221:24:1229 | ... > ... |
+| UseUseExplosion.cs:24:1221:24:1224 | access to property Prop | UseUseExplosion.cs:24:1238:24:1241 | access to property Prop |
+| UseUseExplosion.cs:24:1221:24:1224 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1221:24:1224 | this access | UseUseExplosion.cs:24:1238:24:1241 | this access |
+| UseUseExplosion.cs:24:1221:24:1224 | this access | UseUseExplosion.cs:24:2128:24:2133 | this access |
+| UseUseExplosion.cs:24:1238:24:1241 | [post] this access | UseUseExplosion.cs:24:1255:24:1258 | this access |
+| UseUseExplosion.cs:24:1238:24:1241 | [post] this access | UseUseExplosion.cs:24:2113:24:2118 | this access |
+| UseUseExplosion.cs:24:1238:24:1241 | access to property Prop | UseUseExplosion.cs:24:1238:24:1246 | ... > ... |
+| UseUseExplosion.cs:24:1238:24:1241 | access to property Prop | UseUseExplosion.cs:24:1255:24:1258 | access to property Prop |
+| UseUseExplosion.cs:24:1238:24:1241 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1238:24:1241 | this access | UseUseExplosion.cs:24:1255:24:1258 | this access |
+| UseUseExplosion.cs:24:1238:24:1241 | this access | UseUseExplosion.cs:24:2113:24:2118 | this access |
+| UseUseExplosion.cs:24:1255:24:1258 | [post] this access | UseUseExplosion.cs:24:1272:24:1275 | this access |
+| UseUseExplosion.cs:24:1255:24:1258 | [post] this access | UseUseExplosion.cs:24:2098:24:2103 | this access |
+| UseUseExplosion.cs:24:1255:24:1258 | access to property Prop | UseUseExplosion.cs:24:1255:24:1263 | ... > ... |
+| UseUseExplosion.cs:24:1255:24:1258 | access to property Prop | UseUseExplosion.cs:24:1272:24:1275 | access to property Prop |
+| UseUseExplosion.cs:24:1255:24:1258 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1255:24:1258 | this access | UseUseExplosion.cs:24:1272:24:1275 | this access |
+| UseUseExplosion.cs:24:1255:24:1258 | this access | UseUseExplosion.cs:24:2098:24:2103 | this access |
+| UseUseExplosion.cs:24:1272:24:1275 | [post] this access | UseUseExplosion.cs:24:1289:24:1292 | this access |
+| UseUseExplosion.cs:24:1272:24:1275 | [post] this access | UseUseExplosion.cs:24:2083:24:2088 | this access |
+| UseUseExplosion.cs:24:1272:24:1275 | access to property Prop | UseUseExplosion.cs:24:1272:24:1280 | ... > ... |
+| UseUseExplosion.cs:24:1272:24:1275 | access to property Prop | UseUseExplosion.cs:24:1289:24:1292 | access to property Prop |
+| UseUseExplosion.cs:24:1272:24:1275 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1272:24:1275 | this access | UseUseExplosion.cs:24:1289:24:1292 | this access |
+| UseUseExplosion.cs:24:1272:24:1275 | this access | UseUseExplosion.cs:24:2083:24:2088 | this access |
+| UseUseExplosion.cs:24:1289:24:1292 | [post] this access | UseUseExplosion.cs:24:1306:24:1309 | this access |
+| UseUseExplosion.cs:24:1289:24:1292 | [post] this access | UseUseExplosion.cs:24:2068:24:2073 | this access |
+| UseUseExplosion.cs:24:1289:24:1292 | access to property Prop | UseUseExplosion.cs:24:1289:24:1297 | ... > ... |
+| UseUseExplosion.cs:24:1289:24:1292 | access to property Prop | UseUseExplosion.cs:24:1306:24:1309 | access to property Prop |
+| UseUseExplosion.cs:24:1289:24:1292 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1289:24:1292 | this access | UseUseExplosion.cs:24:1306:24:1309 | this access |
+| UseUseExplosion.cs:24:1289:24:1292 | this access | UseUseExplosion.cs:24:2068:24:2073 | this access |
+| UseUseExplosion.cs:24:1306:24:1309 | [post] this access | UseUseExplosion.cs:24:1323:24:1326 | this access |
+| UseUseExplosion.cs:24:1306:24:1309 | [post] this access | UseUseExplosion.cs:24:2053:24:2058 | this access |
+| UseUseExplosion.cs:24:1306:24:1309 | access to property Prop | UseUseExplosion.cs:24:1306:24:1314 | ... > ... |
+| UseUseExplosion.cs:24:1306:24:1309 | access to property Prop | UseUseExplosion.cs:24:1323:24:1326 | access to property Prop |
+| UseUseExplosion.cs:24:1306:24:1309 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1306:24:1309 | this access | UseUseExplosion.cs:24:1323:24:1326 | this access |
+| UseUseExplosion.cs:24:1306:24:1309 | this access | UseUseExplosion.cs:24:2053:24:2058 | this access |
+| UseUseExplosion.cs:24:1323:24:1326 | [post] this access | UseUseExplosion.cs:24:1340:24:1343 | this access |
+| UseUseExplosion.cs:24:1323:24:1326 | [post] this access | UseUseExplosion.cs:24:2038:24:2043 | this access |
+| UseUseExplosion.cs:24:1323:24:1326 | access to property Prop | UseUseExplosion.cs:24:1323:24:1331 | ... > ... |
+| UseUseExplosion.cs:24:1323:24:1326 | access to property Prop | UseUseExplosion.cs:24:1340:24:1343 | access to property Prop |
+| UseUseExplosion.cs:24:1323:24:1326 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1323:24:1326 | this access | UseUseExplosion.cs:24:1340:24:1343 | this access |
+| UseUseExplosion.cs:24:1323:24:1326 | this access | UseUseExplosion.cs:24:2038:24:2043 | this access |
+| UseUseExplosion.cs:24:1340:24:1343 | [post] this access | UseUseExplosion.cs:24:1357:24:1360 | this access |
+| UseUseExplosion.cs:24:1340:24:1343 | [post] this access | UseUseExplosion.cs:24:2023:24:2028 | this access |
+| UseUseExplosion.cs:24:1340:24:1343 | access to property Prop | UseUseExplosion.cs:24:1340:24:1348 | ... > ... |
+| UseUseExplosion.cs:24:1340:24:1343 | access to property Prop | UseUseExplosion.cs:24:1357:24:1360 | access to property Prop |
+| UseUseExplosion.cs:24:1340:24:1343 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1340:24:1343 | this access | UseUseExplosion.cs:24:1357:24:1360 | this access |
+| UseUseExplosion.cs:24:1340:24:1343 | this access | UseUseExplosion.cs:24:2023:24:2028 | this access |
+| UseUseExplosion.cs:24:1357:24:1360 | [post] this access | UseUseExplosion.cs:24:1374:24:1377 | this access |
+| UseUseExplosion.cs:24:1357:24:1360 | [post] this access | UseUseExplosion.cs:24:2008:24:2013 | this access |
+| UseUseExplosion.cs:24:1357:24:1360 | access to property Prop | UseUseExplosion.cs:24:1357:24:1365 | ... > ... |
+| UseUseExplosion.cs:24:1357:24:1360 | access to property Prop | UseUseExplosion.cs:24:1374:24:1377 | access to property Prop |
+| UseUseExplosion.cs:24:1357:24:1360 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1357:24:1360 | this access | UseUseExplosion.cs:24:1374:24:1377 | this access |
+| UseUseExplosion.cs:24:1357:24:1360 | this access | UseUseExplosion.cs:24:2008:24:2013 | this access |
+| UseUseExplosion.cs:24:1374:24:1377 | [post] this access | UseUseExplosion.cs:24:1391:24:1394 | this access |
+| UseUseExplosion.cs:24:1374:24:1377 | [post] this access | UseUseExplosion.cs:24:1993:24:1998 | this access |
+| UseUseExplosion.cs:24:1374:24:1377 | access to property Prop | UseUseExplosion.cs:24:1374:24:1382 | ... > ... |
+| UseUseExplosion.cs:24:1374:24:1377 | access to property Prop | UseUseExplosion.cs:24:1391:24:1394 | access to property Prop |
+| UseUseExplosion.cs:24:1374:24:1377 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1374:24:1377 | this access | UseUseExplosion.cs:24:1391:24:1394 | this access |
+| UseUseExplosion.cs:24:1374:24:1377 | this access | UseUseExplosion.cs:24:1993:24:1998 | this access |
+| UseUseExplosion.cs:24:1391:24:1394 | [post] this access | UseUseExplosion.cs:24:1408:24:1411 | this access |
+| UseUseExplosion.cs:24:1391:24:1394 | [post] this access | UseUseExplosion.cs:24:1978:24:1983 | this access |
+| UseUseExplosion.cs:24:1391:24:1394 | access to property Prop | UseUseExplosion.cs:24:1391:24:1399 | ... > ... |
+| UseUseExplosion.cs:24:1391:24:1394 | access to property Prop | UseUseExplosion.cs:24:1408:24:1411 | access to property Prop |
+| UseUseExplosion.cs:24:1391:24:1394 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1391:24:1394 | this access | UseUseExplosion.cs:24:1408:24:1411 | this access |
+| UseUseExplosion.cs:24:1391:24:1394 | this access | UseUseExplosion.cs:24:1978:24:1983 | this access |
+| UseUseExplosion.cs:24:1408:24:1411 | [post] this access | UseUseExplosion.cs:24:1425:24:1428 | this access |
+| UseUseExplosion.cs:24:1408:24:1411 | [post] this access | UseUseExplosion.cs:24:1963:24:1968 | this access |
+| UseUseExplosion.cs:24:1408:24:1411 | access to property Prop | UseUseExplosion.cs:24:1408:24:1416 | ... > ... |
+| UseUseExplosion.cs:24:1408:24:1411 | access to property Prop | UseUseExplosion.cs:24:1425:24:1428 | access to property Prop |
+| UseUseExplosion.cs:24:1408:24:1411 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1408:24:1411 | this access | UseUseExplosion.cs:24:1425:24:1428 | this access |
+| UseUseExplosion.cs:24:1408:24:1411 | this access | UseUseExplosion.cs:24:1963:24:1968 | this access |
+| UseUseExplosion.cs:24:1425:24:1428 | [post] this access | UseUseExplosion.cs:24:1442:24:1445 | this access |
+| UseUseExplosion.cs:24:1425:24:1428 | [post] this access | UseUseExplosion.cs:24:1948:24:1953 | this access |
+| UseUseExplosion.cs:24:1425:24:1428 | access to property Prop | UseUseExplosion.cs:24:1425:24:1433 | ... > ... |
+| UseUseExplosion.cs:24:1425:24:1428 | access to property Prop | UseUseExplosion.cs:24:1442:24:1445 | access to property Prop |
+| UseUseExplosion.cs:24:1425:24:1428 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1425:24:1428 | this access | UseUseExplosion.cs:24:1442:24:1445 | this access |
+| UseUseExplosion.cs:24:1425:24:1428 | this access | UseUseExplosion.cs:24:1948:24:1953 | this access |
+| UseUseExplosion.cs:24:1442:24:1445 | [post] this access | UseUseExplosion.cs:24:1459:24:1462 | this access |
+| UseUseExplosion.cs:24:1442:24:1445 | [post] this access | UseUseExplosion.cs:24:1933:24:1938 | this access |
+| UseUseExplosion.cs:24:1442:24:1445 | access to property Prop | UseUseExplosion.cs:24:1442:24:1450 | ... > ... |
+| UseUseExplosion.cs:24:1442:24:1445 | access to property Prop | UseUseExplosion.cs:24:1459:24:1462 | access to property Prop |
+| UseUseExplosion.cs:24:1442:24:1445 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1442:24:1445 | this access | UseUseExplosion.cs:24:1459:24:1462 | this access |
+| UseUseExplosion.cs:24:1442:24:1445 | this access | UseUseExplosion.cs:24:1933:24:1938 | this access |
+| UseUseExplosion.cs:24:1459:24:1462 | [post] this access | UseUseExplosion.cs:24:1476:24:1479 | this access |
+| UseUseExplosion.cs:24:1459:24:1462 | [post] this access | UseUseExplosion.cs:24:1918:24:1923 | this access |
+| UseUseExplosion.cs:24:1459:24:1462 | access to property Prop | UseUseExplosion.cs:24:1459:24:1467 | ... > ... |
+| UseUseExplosion.cs:24:1459:24:1462 | access to property Prop | UseUseExplosion.cs:24:1476:24:1479 | access to property Prop |
+| UseUseExplosion.cs:24:1459:24:1462 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1459:24:1462 | this access | UseUseExplosion.cs:24:1476:24:1479 | this access |
+| UseUseExplosion.cs:24:1459:24:1462 | this access | UseUseExplosion.cs:24:1918:24:1923 | this access |
+| UseUseExplosion.cs:24:1476:24:1479 | [post] this access | UseUseExplosion.cs:24:1493:24:1496 | this access |
+| UseUseExplosion.cs:24:1476:24:1479 | [post] this access | UseUseExplosion.cs:24:1903:24:1908 | this access |
+| UseUseExplosion.cs:24:1476:24:1479 | access to property Prop | UseUseExplosion.cs:24:1476:24:1484 | ... > ... |
+| UseUseExplosion.cs:24:1476:24:1479 | access to property Prop | UseUseExplosion.cs:24:1493:24:1496 | access to property Prop |
+| UseUseExplosion.cs:24:1476:24:1479 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1476:24:1479 | this access | UseUseExplosion.cs:24:1493:24:1496 | this access |
+| UseUseExplosion.cs:24:1476:24:1479 | this access | UseUseExplosion.cs:24:1903:24:1908 | this access |
+| UseUseExplosion.cs:24:1493:24:1496 | [post] this access | UseUseExplosion.cs:24:1510:24:1513 | this access |
+| UseUseExplosion.cs:24:1493:24:1496 | [post] this access | UseUseExplosion.cs:24:1888:24:1893 | this access |
+| UseUseExplosion.cs:24:1493:24:1496 | access to property Prop | UseUseExplosion.cs:24:1493:24:1501 | ... > ... |
+| UseUseExplosion.cs:24:1493:24:1496 | access to property Prop | UseUseExplosion.cs:24:1510:24:1513 | access to property Prop |
+| UseUseExplosion.cs:24:1493:24:1496 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1493:24:1496 | this access | UseUseExplosion.cs:24:1510:24:1513 | this access |
+| UseUseExplosion.cs:24:1493:24:1496 | this access | UseUseExplosion.cs:24:1888:24:1893 | this access |
+| UseUseExplosion.cs:24:1510:24:1513 | [post] this access | UseUseExplosion.cs:24:1527:24:1530 | this access |
+| UseUseExplosion.cs:24:1510:24:1513 | [post] this access | UseUseExplosion.cs:24:1873:24:1878 | this access |
+| UseUseExplosion.cs:24:1510:24:1513 | access to property Prop | UseUseExplosion.cs:24:1510:24:1518 | ... > ... |
+| UseUseExplosion.cs:24:1510:24:1513 | access to property Prop | UseUseExplosion.cs:24:1527:24:1530 | access to property Prop |
+| UseUseExplosion.cs:24:1510:24:1513 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1510:24:1513 | this access | UseUseExplosion.cs:24:1527:24:1530 | this access |
+| UseUseExplosion.cs:24:1510:24:1513 | this access | UseUseExplosion.cs:24:1873:24:1878 | this access |
+| UseUseExplosion.cs:24:1527:24:1530 | [post] this access | UseUseExplosion.cs:24:1544:24:1547 | this access |
+| UseUseExplosion.cs:24:1527:24:1530 | [post] this access | UseUseExplosion.cs:24:1858:24:1863 | this access |
+| UseUseExplosion.cs:24:1527:24:1530 | access to property Prop | UseUseExplosion.cs:24:1527:24:1535 | ... > ... |
+| UseUseExplosion.cs:24:1527:24:1530 | access to property Prop | UseUseExplosion.cs:24:1544:24:1547 | access to property Prop |
+| UseUseExplosion.cs:24:1527:24:1530 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1527:24:1530 | this access | UseUseExplosion.cs:24:1544:24:1547 | this access |
+| UseUseExplosion.cs:24:1527:24:1530 | this access | UseUseExplosion.cs:24:1858:24:1863 | this access |
+| UseUseExplosion.cs:24:1544:24:1547 | [post] this access | UseUseExplosion.cs:24:1561:24:1564 | this access |
+| UseUseExplosion.cs:24:1544:24:1547 | [post] this access | UseUseExplosion.cs:24:1843:24:1848 | this access |
+| UseUseExplosion.cs:24:1544:24:1547 | access to property Prop | UseUseExplosion.cs:24:1544:24:1552 | ... > ... |
+| UseUseExplosion.cs:24:1544:24:1547 | access to property Prop | UseUseExplosion.cs:24:1561:24:1564 | access to property Prop |
+| UseUseExplosion.cs:24:1544:24:1547 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1544:24:1547 | this access | UseUseExplosion.cs:24:1561:24:1564 | this access |
+| UseUseExplosion.cs:24:1544:24:1547 | this access | UseUseExplosion.cs:24:1843:24:1848 | this access |
+| UseUseExplosion.cs:24:1561:24:1564 | [post] this access | UseUseExplosion.cs:24:1577:24:1580 | this access |
+| UseUseExplosion.cs:24:1561:24:1564 | [post] this access | UseUseExplosion.cs:24:1828:24:1833 | this access |
+| UseUseExplosion.cs:24:1561:24:1564 | access to property Prop | UseUseExplosion.cs:24:1561:24:1568 | ... > ... |
+| UseUseExplosion.cs:24:1561:24:1564 | access to property Prop | UseUseExplosion.cs:24:1577:24:1580 | access to property Prop |
+| UseUseExplosion.cs:24:1561:24:1564 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1561:24:1564 | this access | UseUseExplosion.cs:24:1577:24:1580 | this access |
+| UseUseExplosion.cs:24:1561:24:1564 | this access | UseUseExplosion.cs:24:1828:24:1833 | this access |
+| UseUseExplosion.cs:24:1577:24:1580 | [post] this access | UseUseExplosion.cs:24:1593:24:1596 | this access |
+| UseUseExplosion.cs:24:1577:24:1580 | [post] this access | UseUseExplosion.cs:24:1813:24:1818 | this access |
+| UseUseExplosion.cs:24:1577:24:1580 | access to property Prop | UseUseExplosion.cs:24:1577:24:1584 | ... > ... |
+| UseUseExplosion.cs:24:1577:24:1580 | access to property Prop | UseUseExplosion.cs:24:1593:24:1596 | access to property Prop |
+| UseUseExplosion.cs:24:1577:24:1580 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1577:24:1580 | this access | UseUseExplosion.cs:24:1593:24:1596 | this access |
+| UseUseExplosion.cs:24:1577:24:1580 | this access | UseUseExplosion.cs:24:1813:24:1818 | this access |
+| UseUseExplosion.cs:24:1593:24:1596 | [post] this access | UseUseExplosion.cs:24:1609:24:1612 | this access |
+| UseUseExplosion.cs:24:1593:24:1596 | [post] this access | UseUseExplosion.cs:24:1798:24:1803 | this access |
+| UseUseExplosion.cs:24:1593:24:1596 | access to property Prop | UseUseExplosion.cs:24:1593:24:1600 | ... > ... |
+| UseUseExplosion.cs:24:1593:24:1596 | access to property Prop | UseUseExplosion.cs:24:1609:24:1612 | access to property Prop |
+| UseUseExplosion.cs:24:1593:24:1596 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1593:24:1596 | this access | UseUseExplosion.cs:24:1609:24:1612 | this access |
+| UseUseExplosion.cs:24:1593:24:1596 | this access | UseUseExplosion.cs:24:1798:24:1803 | this access |
+| UseUseExplosion.cs:24:1609:24:1612 | [post] this access | UseUseExplosion.cs:24:1625:24:1628 | this access |
+| UseUseExplosion.cs:24:1609:24:1612 | [post] this access | UseUseExplosion.cs:24:1783:24:1788 | this access |
+| UseUseExplosion.cs:24:1609:24:1612 | access to property Prop | UseUseExplosion.cs:24:1609:24:1616 | ... > ... |
+| UseUseExplosion.cs:24:1609:24:1612 | access to property Prop | UseUseExplosion.cs:24:1625:24:1628 | access to property Prop |
+| UseUseExplosion.cs:24:1609:24:1612 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1609:24:1612 | this access | UseUseExplosion.cs:24:1625:24:1628 | this access |
+| UseUseExplosion.cs:24:1609:24:1612 | this access | UseUseExplosion.cs:24:1783:24:1788 | this access |
+| UseUseExplosion.cs:24:1625:24:1628 | [post] this access | UseUseExplosion.cs:24:1641:24:1644 | this access |
+| UseUseExplosion.cs:24:1625:24:1628 | [post] this access | UseUseExplosion.cs:24:1768:24:1773 | this access |
+| UseUseExplosion.cs:24:1625:24:1628 | access to property Prop | UseUseExplosion.cs:24:1625:24:1632 | ... > ... |
+| UseUseExplosion.cs:24:1625:24:1628 | access to property Prop | UseUseExplosion.cs:24:1641:24:1644 | access to property Prop |
+| UseUseExplosion.cs:24:1625:24:1628 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1625:24:1628 | this access | UseUseExplosion.cs:24:1641:24:1644 | this access |
+| UseUseExplosion.cs:24:1625:24:1628 | this access | UseUseExplosion.cs:24:1768:24:1773 | this access |
+| UseUseExplosion.cs:24:1641:24:1644 | [post] this access | UseUseExplosion.cs:24:1657:24:1660 | this access |
+| UseUseExplosion.cs:24:1641:24:1644 | [post] this access | UseUseExplosion.cs:24:1753:24:1758 | this access |
+| UseUseExplosion.cs:24:1641:24:1644 | access to property Prop | UseUseExplosion.cs:24:1641:24:1648 | ... > ... |
+| UseUseExplosion.cs:24:1641:24:1644 | access to property Prop | UseUseExplosion.cs:24:1657:24:1660 | access to property Prop |
+| UseUseExplosion.cs:24:1641:24:1644 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1641:24:1644 | this access | UseUseExplosion.cs:24:1657:24:1660 | this access |
+| UseUseExplosion.cs:24:1641:24:1644 | this access | UseUseExplosion.cs:24:1753:24:1758 | this access |
+| UseUseExplosion.cs:24:1657:24:1660 | [post] this access | UseUseExplosion.cs:24:1673:24:1676 | this access |
+| UseUseExplosion.cs:24:1657:24:1660 | [post] this access | UseUseExplosion.cs:24:1738:24:1743 | this access |
+| UseUseExplosion.cs:24:1657:24:1660 | access to property Prop | UseUseExplosion.cs:24:1657:24:1664 | ... > ... |
+| UseUseExplosion.cs:24:1657:24:1660 | access to property Prop | UseUseExplosion.cs:24:1673:24:1676 | access to property Prop |
+| UseUseExplosion.cs:24:1657:24:1660 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1657:24:1660 | this access | UseUseExplosion.cs:24:1673:24:1676 | this access |
+| UseUseExplosion.cs:24:1657:24:1660 | this access | UseUseExplosion.cs:24:1738:24:1743 | this access |
+| UseUseExplosion.cs:24:1673:24:1676 | [post] this access | UseUseExplosion.cs:24:1689:24:1692 | this access |
+| UseUseExplosion.cs:24:1673:24:1676 | [post] this access | UseUseExplosion.cs:24:1723:24:1728 | this access |
+| UseUseExplosion.cs:24:1673:24:1676 | access to property Prop | UseUseExplosion.cs:24:1673:24:1680 | ... > ... |
+| UseUseExplosion.cs:24:1673:24:1676 | access to property Prop | UseUseExplosion.cs:24:1689:24:1692 | access to property Prop |
+| UseUseExplosion.cs:24:1673:24:1676 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1673:24:1676 | this access | UseUseExplosion.cs:24:1689:24:1692 | this access |
+| UseUseExplosion.cs:24:1673:24:1676 | this access | UseUseExplosion.cs:24:1723:24:1728 | this access |
+| UseUseExplosion.cs:24:1689:24:1692 | [post] this access | UseUseExplosion.cs:24:1708:24:1713 | this access |
+| UseUseExplosion.cs:24:1689:24:1692 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1689:24:1692 | access to property Prop | UseUseExplosion.cs:24:1689:24:1696 | ... > ... |
+| UseUseExplosion.cs:24:1689:24:1692 | access to property Prop | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) |
+| UseUseExplosion.cs:24:1689:24:1692 | this access | UseUseExplosion.cs:24:1708:24:1713 | this access |
+| UseUseExplosion.cs:24:1689:24:1692 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1708:24:1713 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1708:24:1713 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1712:24:1712 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1723:24:1728 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1723:24:1728 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1727:24:1727 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1738:24:1743 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1738:24:1743 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1742:24:1742 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1753:24:1758 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1753:24:1758 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1757:24:1757 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1768:24:1773 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1768:24:1773 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1772:24:1772 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1783:24:1788 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1783:24:1788 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1787:24:1787 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1798:24:1803 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1798:24:1803 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1802:24:1802 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1813:24:1818 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1813:24:1818 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1817:24:1817 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1828:24:1833 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1828:24:1833 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1832:24:1832 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1843:24:1848 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1843:24:1848 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1847:24:1847 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1858:24:1863 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1858:24:1863 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1862:24:1862 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1873:24:1878 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1873:24:1878 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1877:24:1877 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1888:24:1893 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1888:24:1893 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1892:24:1892 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1903:24:1908 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1903:24:1908 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1907:24:1907 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1918:24:1923 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1918:24:1923 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1922:24:1922 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1933:24:1938 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1933:24:1938 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1937:24:1937 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1948:24:1953 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1948:24:1953 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1952:24:1952 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1963:24:1968 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1963:24:1968 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1967:24:1967 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1978:24:1983 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1978:24:1983 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1982:24:1982 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:1993:24:1998 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1993:24:1998 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:1997:24:1997 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2008:24:2013 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2008:24:2013 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2012:24:2012 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2023:24:2028 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2023:24:2028 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2027:24:2027 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2038:24:2043 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2038:24:2043 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2042:24:2042 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2053:24:2058 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2053:24:2058 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2057:24:2057 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2068:24:2073 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2068:24:2073 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2072:24:2072 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2083:24:2088 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2083:24:2088 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2087:24:2087 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2098:24:2103 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2098:24:2103 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2102:24:2102 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2113:24:2118 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2113:24:2118 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2117:24:2117 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2128:24:2133 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2128:24:2133 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2132:24:2132 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2143:24:2148 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2143:24:2148 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2147:24:2147 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2158:24:2163 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2158:24:2163 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2162:24:2162 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2173:24:2178 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2173:24:2178 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2177:24:2177 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2188:24:2193 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2188:24:2193 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2192:24:2192 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2203:24:2208 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2203:24:2208 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2207:24:2207 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2218:24:2223 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2218:24:2223 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2222:24:2222 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2233:24:2238 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2233:24:2238 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2237:24:2237 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2248:24:2253 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2248:24:2253 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2252:24:2252 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2263:24:2268 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2263:24:2268 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2267:24:2267 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2278:24:2283 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2278:24:2283 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2282:24:2282 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2293:24:2298 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2293:24:2298 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2297:24:2297 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2308:24:2313 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2308:24:2313 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2312:24:2312 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2323:24:2328 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2323:24:2328 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2327:24:2327 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2338:24:2343 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2338:24:2343 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2342:24:2342 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2353:24:2358 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2353:24:2358 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2357:24:2357 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2368:24:2373 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2368:24:2373 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2372:24:2372 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2383:24:2388 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2383:24:2388 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2387:24:2387 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2398:24:2403 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2398:24:2403 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2402:24:2402 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2413:24:2418 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2413:24:2418 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2417:24:2417 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2428:24:2433 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2428:24:2433 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2432:24:2432 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2443:24:2448 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2443:24:2448 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2447:24:2447 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2458:24:2463 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2458:24:2463 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2462:24:2462 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2473:24:2478 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2473:24:2478 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2477:24:2477 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2488:24:2493 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2488:24:2493 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2492:24:2492 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2503:24:2508 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2503:24:2508 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2507:24:2507 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2518:24:2523 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2518:24:2523 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2522:24:2522 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2533:24:2538 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2533:24:2538 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2537:24:2537 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2548:24:2553 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2548:24:2553 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2552:24:2552 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2563:24:2568 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2563:24:2568 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2567:24:2567 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2578:24:2583 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2578:24:2583 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2582:24:2582 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2593:24:2598 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2593:24:2598 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2597:24:2597 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2608:24:2613 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2608:24:2613 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2612:24:2612 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2623:24:2628 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2623:24:2628 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2627:24:2627 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2638:24:2643 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2638:24:2643 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2642:24:2642 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2653:24:2658 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2653:24:2658 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2657:24:2657 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2668:24:2673 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2668:24:2673 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2672:24:2672 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2683:24:2688 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2683:24:2688 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2687:24:2687 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2698:24:2703 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2698:24:2703 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2702:24:2702 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2713:24:2718 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2713:24:2718 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2717:24:2717 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2728:24:2733 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2728:24:2733 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2732:24:2732 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2743:24:2748 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2743:24:2748 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2747:24:2747 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2758:24:2763 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2758:24:2763 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2762:24:2762 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2773:24:2778 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2773:24:2778 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2777:24:2777 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2788:24:2793 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2788:24:2793 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2792:24:2792 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2803:24:2808 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2803:24:2808 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2807:24:2807 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2818:24:2823 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2818:24:2823 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2822:24:2822 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2833:24:2838 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2833:24:2838 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2837:24:2837 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2848:24:2853 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2848:24:2853 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2852:24:2852 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2863:24:2868 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2863:24:2868 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2867:24:2867 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2878:24:2883 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2878:24:2883 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2882:24:2882 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2893:24:2898 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2893:24:2898 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2897:24:2897 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2908:24:2913 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2908:24:2913 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2912:24:2912 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2923:24:2928 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2923:24:2928 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2927:24:2927 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2938:24:2943 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2938:24:2943 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2942:24:2942 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2953:24:2958 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2953:24:2958 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2957:24:2957 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2968:24:2973 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2968:24:2973 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2972:24:2972 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2983:24:2988 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2983:24:2988 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2987:24:2987 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:2998:24:3003 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:2998:24:3003 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3002:24:3002 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3013:24:3018 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3013:24:3018 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3017:24:3017 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3028:24:3033 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3028:24:3033 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3032:24:3032 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3043:24:3048 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3043:24:3048 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3047:24:3047 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3058:24:3063 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3058:24:3063 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3062:24:3062 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3073:24:3078 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3073:24:3078 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3077:24:3077 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3088:24:3093 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3088:24:3093 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3092:24:3092 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3103:24:3108 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3103:24:3108 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3107:24:3107 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3118:24:3123 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3118:24:3123 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3122:24:3122 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3133:24:3138 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3133:24:3138 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3137:24:3137 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3148:24:3153 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3148:24:3153 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3152:24:3152 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3163:24:3168 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3163:24:3168 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3167:24:3167 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3178:24:3183 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3178:24:3183 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3182:24:3182 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:24:3193:24:3198 | [post] this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3193:24:3198 | this access | UseUseExplosion.cs:25:13:25:16 | this access |
+| UseUseExplosion.cs:24:3197:24:3197 | access to local variable x | UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(this.Prop) | UseUseExplosion.cs:25:13:25:16 | access to property Prop |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1712:25:1712 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1727:25:1727 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1742:25:1742 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1757:25:1757 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1772:25:1772 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1787:25:1787 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1802:25:1802 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1817:25:1817 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1832:25:1832 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1847:25:1847 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1862:25:1862 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1877:25:1877 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1892:25:1892 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1907:25:1907 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1922:25:1922 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1937:25:1937 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1952:25:1952 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1967:25:1967 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1982:25:1982 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:1997:25:1997 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2012:25:2012 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2027:25:2027 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2042:25:2042 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2057:25:2057 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2072:25:2072 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2087:25:2087 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2102:25:2102 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2117:25:2117 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2132:25:2132 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2147:25:2147 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2162:25:2162 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2177:25:2177 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2192:25:2192 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2207:25:2207 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2222:25:2222 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2237:25:2237 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2252:25:2252 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2267:25:2267 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2282:25:2282 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2297:25:2297 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2312:25:2312 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2327:25:2327 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2342:25:2342 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2357:25:2357 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2372:25:2372 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2387:25:2387 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2402:25:2402 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2417:25:2417 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2432:25:2432 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2447:25:2447 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2462:25:2462 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2477:25:2477 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2492:25:2492 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2507:25:2507 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2522:25:2522 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2537:25:2537 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2552:25:2552 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2567:25:2567 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2582:25:2582 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2597:25:2597 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2612:25:2612 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2627:25:2627 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2642:25:2642 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2657:25:2657 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2672:25:2672 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2687:25:2687 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2702:25:2702 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2717:25:2717 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2732:25:2732 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2747:25:2747 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2762:25:2762 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2777:25:2777 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2792:25:2792 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2807:25:2807 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2822:25:2822 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2837:25:2837 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2852:25:2852 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2867:25:2867 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2882:25:2882 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2897:25:2897 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2912:25:2912 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2927:25:2927 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2942:25:2942 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2957:25:2957 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2972:25:2972 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:2987:25:2987 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3002:25:3002 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3017:25:3017 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3032:25:3032 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3047:25:3047 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3062:25:3062 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3077:25:3077 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3092:25:3092 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3107:25:3107 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3122:25:3122 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3137:25:3137 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3152:25:3152 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3167:25:3167 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3182:25:3182 | access to local variable x |
+| UseUseExplosion.cs:25:9:25:3199 | SSA phi read(x) | UseUseExplosion.cs:25:3197:25:3197 | access to local variable x |
+| UseUseExplosion.cs:25:13:25:16 | [post] this access | UseUseExplosion.cs:25:31:25:34 | this access |
+| UseUseExplosion.cs:25:13:25:16 | [post] this access | UseUseExplosion.cs:25:3193:25:3198 | this access |
+| UseUseExplosion.cs:25:13:25:16 | access to property Prop | UseUseExplosion.cs:25:13:25:22 | ... > ... |
+| UseUseExplosion.cs:25:13:25:16 | access to property Prop | UseUseExplosion.cs:25:31:25:34 | access to property Prop |
+| UseUseExplosion.cs:25:13:25:16 | this access | UseUseExplosion.cs:25:31:25:34 | this access |
+| UseUseExplosion.cs:25:13:25:16 | this access | UseUseExplosion.cs:25:3193:25:3198 | this access |
+| UseUseExplosion.cs:25:31:25:34 | [post] this access | UseUseExplosion.cs:25:48:25:51 | this access |
+| UseUseExplosion.cs:25:31:25:34 | [post] this access | UseUseExplosion.cs:25:3178:25:3183 | this access |
+| UseUseExplosion.cs:25:31:25:34 | access to property Prop | UseUseExplosion.cs:25:31:25:39 | ... > ... |
+| UseUseExplosion.cs:25:31:25:34 | access to property Prop | UseUseExplosion.cs:25:48:25:51 | access to property Prop |
+| UseUseExplosion.cs:25:31:25:34 | this access | UseUseExplosion.cs:25:48:25:51 | this access |
+| UseUseExplosion.cs:25:31:25:34 | this access | UseUseExplosion.cs:25:3178:25:3183 | this access |
+| UseUseExplosion.cs:25:48:25:51 | [post] this access | UseUseExplosion.cs:25:65:25:68 | this access |
+| UseUseExplosion.cs:25:48:25:51 | [post] this access | UseUseExplosion.cs:25:3163:25:3168 | this access |
+| UseUseExplosion.cs:25:48:25:51 | access to property Prop | UseUseExplosion.cs:25:48:25:56 | ... > ... |
+| UseUseExplosion.cs:25:48:25:51 | access to property Prop | UseUseExplosion.cs:25:65:25:68 | access to property Prop |
+| UseUseExplosion.cs:25:48:25:51 | this access | UseUseExplosion.cs:25:65:25:68 | this access |
+| UseUseExplosion.cs:25:48:25:51 | this access | UseUseExplosion.cs:25:3163:25:3168 | this access |
+| UseUseExplosion.cs:25:65:25:68 | [post] this access | UseUseExplosion.cs:25:82:25:85 | this access |
+| UseUseExplosion.cs:25:65:25:68 | [post] this access | UseUseExplosion.cs:25:3148:25:3153 | this access |
+| UseUseExplosion.cs:25:65:25:68 | access to property Prop | UseUseExplosion.cs:25:65:25:73 | ... > ... |
+| UseUseExplosion.cs:25:65:25:68 | access to property Prop | UseUseExplosion.cs:25:82:25:85 | access to property Prop |
+| UseUseExplosion.cs:25:65:25:68 | this access | UseUseExplosion.cs:25:82:25:85 | this access |
+| UseUseExplosion.cs:25:65:25:68 | this access | UseUseExplosion.cs:25:3148:25:3153 | this access |
+| UseUseExplosion.cs:25:82:25:85 | [post] this access | UseUseExplosion.cs:25:99:25:102 | this access |
+| UseUseExplosion.cs:25:82:25:85 | [post] this access | UseUseExplosion.cs:25:3133:25:3138 | this access |
+| UseUseExplosion.cs:25:82:25:85 | access to property Prop | UseUseExplosion.cs:25:82:25:90 | ... > ... |
+| UseUseExplosion.cs:25:82:25:85 | access to property Prop | UseUseExplosion.cs:25:99:25:102 | access to property Prop |
+| UseUseExplosion.cs:25:82:25:85 | this access | UseUseExplosion.cs:25:99:25:102 | this access |
+| UseUseExplosion.cs:25:82:25:85 | this access | UseUseExplosion.cs:25:3133:25:3138 | this access |
+| UseUseExplosion.cs:25:99:25:102 | [post] this access | UseUseExplosion.cs:25:116:25:119 | this access |
+| UseUseExplosion.cs:25:99:25:102 | [post] this access | UseUseExplosion.cs:25:3118:25:3123 | this access |
+| UseUseExplosion.cs:25:99:25:102 | access to property Prop | UseUseExplosion.cs:25:99:25:107 | ... > ... |
+| UseUseExplosion.cs:25:99:25:102 | access to property Prop | UseUseExplosion.cs:25:116:25:119 | access to property Prop |
+| UseUseExplosion.cs:25:99:25:102 | this access | UseUseExplosion.cs:25:116:25:119 | this access |
+| UseUseExplosion.cs:25:99:25:102 | this access | UseUseExplosion.cs:25:3118:25:3123 | this access |
+| UseUseExplosion.cs:25:116:25:119 | [post] this access | UseUseExplosion.cs:25:133:25:136 | this access |
+| UseUseExplosion.cs:25:116:25:119 | [post] this access | UseUseExplosion.cs:25:3103:25:3108 | this access |
+| UseUseExplosion.cs:25:116:25:119 | access to property Prop | UseUseExplosion.cs:25:116:25:124 | ... > ... |
+| UseUseExplosion.cs:25:116:25:119 | access to property Prop | UseUseExplosion.cs:25:133:25:136 | access to property Prop |
+| UseUseExplosion.cs:25:116:25:119 | this access | UseUseExplosion.cs:25:133:25:136 | this access |
+| UseUseExplosion.cs:25:116:25:119 | this access | UseUseExplosion.cs:25:3103:25:3108 | this access |
+| UseUseExplosion.cs:25:133:25:136 | [post] this access | UseUseExplosion.cs:25:150:25:153 | this access |
+| UseUseExplosion.cs:25:133:25:136 | [post] this access | UseUseExplosion.cs:25:3088:25:3093 | this access |
+| UseUseExplosion.cs:25:133:25:136 | access to property Prop | UseUseExplosion.cs:25:133:25:141 | ... > ... |
+| UseUseExplosion.cs:25:133:25:136 | access to property Prop | UseUseExplosion.cs:25:150:25:153 | access to property Prop |
+| UseUseExplosion.cs:25:133:25:136 | this access | UseUseExplosion.cs:25:150:25:153 | this access |
+| UseUseExplosion.cs:25:133:25:136 | this access | UseUseExplosion.cs:25:3088:25:3093 | this access |
+| UseUseExplosion.cs:25:150:25:153 | [post] this access | UseUseExplosion.cs:25:167:25:170 | this access |
+| UseUseExplosion.cs:25:150:25:153 | [post] this access | UseUseExplosion.cs:25:3073:25:3078 | this access |
+| UseUseExplosion.cs:25:150:25:153 | access to property Prop | UseUseExplosion.cs:25:150:25:158 | ... > ... |
+| UseUseExplosion.cs:25:150:25:153 | access to property Prop | UseUseExplosion.cs:25:167:25:170 | access to property Prop |
+| UseUseExplosion.cs:25:150:25:153 | this access | UseUseExplosion.cs:25:167:25:170 | this access |
+| UseUseExplosion.cs:25:150:25:153 | this access | UseUseExplosion.cs:25:3073:25:3078 | this access |
+| UseUseExplosion.cs:25:167:25:170 | [post] this access | UseUseExplosion.cs:25:184:25:187 | this access |
+| UseUseExplosion.cs:25:167:25:170 | [post] this access | UseUseExplosion.cs:25:3058:25:3063 | this access |
+| UseUseExplosion.cs:25:167:25:170 | access to property Prop | UseUseExplosion.cs:25:167:25:175 | ... > ... |
+| UseUseExplosion.cs:25:167:25:170 | access to property Prop | UseUseExplosion.cs:25:184:25:187 | access to property Prop |
+| UseUseExplosion.cs:25:167:25:170 | this access | UseUseExplosion.cs:25:184:25:187 | this access |
+| UseUseExplosion.cs:25:167:25:170 | this access | UseUseExplosion.cs:25:3058:25:3063 | this access |
+| UseUseExplosion.cs:25:184:25:187 | [post] this access | UseUseExplosion.cs:25:201:25:204 | this access |
+| UseUseExplosion.cs:25:184:25:187 | [post] this access | UseUseExplosion.cs:25:3043:25:3048 | this access |
+| UseUseExplosion.cs:25:184:25:187 | access to property Prop | UseUseExplosion.cs:25:184:25:192 | ... > ... |
+| UseUseExplosion.cs:25:184:25:187 | access to property Prop | UseUseExplosion.cs:25:201:25:204 | access to property Prop |
+| UseUseExplosion.cs:25:184:25:187 | this access | UseUseExplosion.cs:25:201:25:204 | this access |
+| UseUseExplosion.cs:25:184:25:187 | this access | UseUseExplosion.cs:25:3043:25:3048 | this access |
+| UseUseExplosion.cs:25:201:25:204 | [post] this access | UseUseExplosion.cs:25:218:25:221 | this access |
+| UseUseExplosion.cs:25:201:25:204 | [post] this access | UseUseExplosion.cs:25:3028:25:3033 | this access |
+| UseUseExplosion.cs:25:201:25:204 | access to property Prop | UseUseExplosion.cs:25:201:25:209 | ... > ... |
+| UseUseExplosion.cs:25:201:25:204 | access to property Prop | UseUseExplosion.cs:25:218:25:221 | access to property Prop |
+| UseUseExplosion.cs:25:201:25:204 | this access | UseUseExplosion.cs:25:218:25:221 | this access |
+| UseUseExplosion.cs:25:201:25:204 | this access | UseUseExplosion.cs:25:3028:25:3033 | this access |
+| UseUseExplosion.cs:25:218:25:221 | [post] this access | UseUseExplosion.cs:25:235:25:238 | this access |
+| UseUseExplosion.cs:25:218:25:221 | [post] this access | UseUseExplosion.cs:25:3013:25:3018 | this access |
+| UseUseExplosion.cs:25:218:25:221 | access to property Prop | UseUseExplosion.cs:25:218:25:226 | ... > ... |
+| UseUseExplosion.cs:25:218:25:221 | access to property Prop | UseUseExplosion.cs:25:235:25:238 | access to property Prop |
+| UseUseExplosion.cs:25:218:25:221 | this access | UseUseExplosion.cs:25:235:25:238 | this access |
+| UseUseExplosion.cs:25:218:25:221 | this access | UseUseExplosion.cs:25:3013:25:3018 | this access |
+| UseUseExplosion.cs:25:235:25:238 | [post] this access | UseUseExplosion.cs:25:252:25:255 | this access |
+| UseUseExplosion.cs:25:235:25:238 | [post] this access | UseUseExplosion.cs:25:2998:25:3003 | this access |
+| UseUseExplosion.cs:25:235:25:238 | access to property Prop | UseUseExplosion.cs:25:235:25:243 | ... > ... |
+| UseUseExplosion.cs:25:235:25:238 | access to property Prop | UseUseExplosion.cs:25:252:25:255 | access to property Prop |
+| UseUseExplosion.cs:25:235:25:238 | this access | UseUseExplosion.cs:25:252:25:255 | this access |
+| UseUseExplosion.cs:25:235:25:238 | this access | UseUseExplosion.cs:25:2998:25:3003 | this access |
+| UseUseExplosion.cs:25:252:25:255 | [post] this access | UseUseExplosion.cs:25:269:25:272 | this access |
+| UseUseExplosion.cs:25:252:25:255 | [post] this access | UseUseExplosion.cs:25:2983:25:2988 | this access |
+| UseUseExplosion.cs:25:252:25:255 | access to property Prop | UseUseExplosion.cs:25:252:25:260 | ... > ... |
+| UseUseExplosion.cs:25:252:25:255 | access to property Prop | UseUseExplosion.cs:25:269:25:272 | access to property Prop |
+| UseUseExplosion.cs:25:252:25:255 | this access | UseUseExplosion.cs:25:269:25:272 | this access |
+| UseUseExplosion.cs:25:252:25:255 | this access | UseUseExplosion.cs:25:2983:25:2988 | this access |
+| UseUseExplosion.cs:25:269:25:272 | [post] this access | UseUseExplosion.cs:25:286:25:289 | this access |
+| UseUseExplosion.cs:25:269:25:272 | [post] this access | UseUseExplosion.cs:25:2968:25:2973 | this access |
+| UseUseExplosion.cs:25:269:25:272 | access to property Prop | UseUseExplosion.cs:25:269:25:277 | ... > ... |
+| UseUseExplosion.cs:25:269:25:272 | access to property Prop | UseUseExplosion.cs:25:286:25:289 | access to property Prop |
+| UseUseExplosion.cs:25:269:25:272 | this access | UseUseExplosion.cs:25:286:25:289 | this access |
+| UseUseExplosion.cs:25:269:25:272 | this access | UseUseExplosion.cs:25:2968:25:2973 | this access |
+| UseUseExplosion.cs:25:286:25:289 | [post] this access | UseUseExplosion.cs:25:303:25:306 | this access |
+| UseUseExplosion.cs:25:286:25:289 | [post] this access | UseUseExplosion.cs:25:2953:25:2958 | this access |
+| UseUseExplosion.cs:25:286:25:289 | access to property Prop | UseUseExplosion.cs:25:286:25:294 | ... > ... |
+| UseUseExplosion.cs:25:286:25:289 | access to property Prop | UseUseExplosion.cs:25:303:25:306 | access to property Prop |
+| UseUseExplosion.cs:25:286:25:289 | this access | UseUseExplosion.cs:25:303:25:306 | this access |
+| UseUseExplosion.cs:25:286:25:289 | this access | UseUseExplosion.cs:25:2953:25:2958 | this access |
+| UseUseExplosion.cs:25:303:25:306 | [post] this access | UseUseExplosion.cs:25:320:25:323 | this access |
+| UseUseExplosion.cs:25:303:25:306 | [post] this access | UseUseExplosion.cs:25:2938:25:2943 | this access |
+| UseUseExplosion.cs:25:303:25:306 | access to property Prop | UseUseExplosion.cs:25:303:25:311 | ... > ... |
+| UseUseExplosion.cs:25:303:25:306 | access to property Prop | UseUseExplosion.cs:25:320:25:323 | access to property Prop |
+| UseUseExplosion.cs:25:303:25:306 | this access | UseUseExplosion.cs:25:320:25:323 | this access |
+| UseUseExplosion.cs:25:303:25:306 | this access | UseUseExplosion.cs:25:2938:25:2943 | this access |
+| UseUseExplosion.cs:25:320:25:323 | [post] this access | UseUseExplosion.cs:25:337:25:340 | this access |
+| UseUseExplosion.cs:25:320:25:323 | [post] this access | UseUseExplosion.cs:25:2923:25:2928 | this access |
+| UseUseExplosion.cs:25:320:25:323 | access to property Prop | UseUseExplosion.cs:25:320:25:328 | ... > ... |
+| UseUseExplosion.cs:25:320:25:323 | access to property Prop | UseUseExplosion.cs:25:337:25:340 | access to property Prop |
+| UseUseExplosion.cs:25:320:25:323 | this access | UseUseExplosion.cs:25:337:25:340 | this access |
+| UseUseExplosion.cs:25:320:25:323 | this access | UseUseExplosion.cs:25:2923:25:2928 | this access |
+| UseUseExplosion.cs:25:337:25:340 | [post] this access | UseUseExplosion.cs:25:354:25:357 | this access |
+| UseUseExplosion.cs:25:337:25:340 | [post] this access | UseUseExplosion.cs:25:2908:25:2913 | this access |
+| UseUseExplosion.cs:25:337:25:340 | access to property Prop | UseUseExplosion.cs:25:337:25:345 | ... > ... |
+| UseUseExplosion.cs:25:337:25:340 | access to property Prop | UseUseExplosion.cs:25:354:25:357 | access to property Prop |
+| UseUseExplosion.cs:25:337:25:340 | this access | UseUseExplosion.cs:25:354:25:357 | this access |
+| UseUseExplosion.cs:25:337:25:340 | this access | UseUseExplosion.cs:25:2908:25:2913 | this access |
+| UseUseExplosion.cs:25:354:25:357 | [post] this access | UseUseExplosion.cs:25:371:25:374 | this access |
+| UseUseExplosion.cs:25:354:25:357 | [post] this access | UseUseExplosion.cs:25:2893:25:2898 | this access |
+| UseUseExplosion.cs:25:354:25:357 | access to property Prop | UseUseExplosion.cs:25:354:25:362 | ... > ... |
+| UseUseExplosion.cs:25:354:25:357 | access to property Prop | UseUseExplosion.cs:25:371:25:374 | access to property Prop |
+| UseUseExplosion.cs:25:354:25:357 | this access | UseUseExplosion.cs:25:371:25:374 | this access |
+| UseUseExplosion.cs:25:354:25:357 | this access | UseUseExplosion.cs:25:2893:25:2898 | this access |
+| UseUseExplosion.cs:25:371:25:374 | [post] this access | UseUseExplosion.cs:25:388:25:391 | this access |
+| UseUseExplosion.cs:25:371:25:374 | [post] this access | UseUseExplosion.cs:25:2878:25:2883 | this access |
+| UseUseExplosion.cs:25:371:25:374 | access to property Prop | UseUseExplosion.cs:25:371:25:379 | ... > ... |
+| UseUseExplosion.cs:25:371:25:374 | access to property Prop | UseUseExplosion.cs:25:388:25:391 | access to property Prop |
+| UseUseExplosion.cs:25:371:25:374 | this access | UseUseExplosion.cs:25:388:25:391 | this access |
+| UseUseExplosion.cs:25:371:25:374 | this access | UseUseExplosion.cs:25:2878:25:2883 | this access |
+| UseUseExplosion.cs:25:388:25:391 | [post] this access | UseUseExplosion.cs:25:405:25:408 | this access |
+| UseUseExplosion.cs:25:388:25:391 | [post] this access | UseUseExplosion.cs:25:2863:25:2868 | this access |
+| UseUseExplosion.cs:25:388:25:391 | access to property Prop | UseUseExplosion.cs:25:388:25:396 | ... > ... |
+| UseUseExplosion.cs:25:388:25:391 | access to property Prop | UseUseExplosion.cs:25:405:25:408 | access to property Prop |
+| UseUseExplosion.cs:25:388:25:391 | this access | UseUseExplosion.cs:25:405:25:408 | this access |
+| UseUseExplosion.cs:25:388:25:391 | this access | UseUseExplosion.cs:25:2863:25:2868 | this access |
+| UseUseExplosion.cs:25:405:25:408 | [post] this access | UseUseExplosion.cs:25:422:25:425 | this access |
+| UseUseExplosion.cs:25:405:25:408 | [post] this access | UseUseExplosion.cs:25:2848:25:2853 | this access |
+| UseUseExplosion.cs:25:405:25:408 | access to property Prop | UseUseExplosion.cs:25:405:25:413 | ... > ... |
+| UseUseExplosion.cs:25:405:25:408 | access to property Prop | UseUseExplosion.cs:25:422:25:425 | access to property Prop |
+| UseUseExplosion.cs:25:405:25:408 | this access | UseUseExplosion.cs:25:422:25:425 | this access |
+| UseUseExplosion.cs:25:405:25:408 | this access | UseUseExplosion.cs:25:2848:25:2853 | this access |
+| UseUseExplosion.cs:25:422:25:425 | [post] this access | UseUseExplosion.cs:25:439:25:442 | this access |
+| UseUseExplosion.cs:25:422:25:425 | [post] this access | UseUseExplosion.cs:25:2833:25:2838 | this access |
+| UseUseExplosion.cs:25:422:25:425 | access to property Prop | UseUseExplosion.cs:25:422:25:430 | ... > ... |
+| UseUseExplosion.cs:25:422:25:425 | access to property Prop | UseUseExplosion.cs:25:439:25:442 | access to property Prop |
+| UseUseExplosion.cs:25:422:25:425 | this access | UseUseExplosion.cs:25:439:25:442 | this access |
+| UseUseExplosion.cs:25:422:25:425 | this access | UseUseExplosion.cs:25:2833:25:2838 | this access |
+| UseUseExplosion.cs:25:439:25:442 | [post] this access | UseUseExplosion.cs:25:456:25:459 | this access |
+| UseUseExplosion.cs:25:439:25:442 | [post] this access | UseUseExplosion.cs:25:2818:25:2823 | this access |
+| UseUseExplosion.cs:25:439:25:442 | access to property Prop | UseUseExplosion.cs:25:439:25:447 | ... > ... |
+| UseUseExplosion.cs:25:439:25:442 | access to property Prop | UseUseExplosion.cs:25:456:25:459 | access to property Prop |
+| UseUseExplosion.cs:25:439:25:442 | this access | UseUseExplosion.cs:25:456:25:459 | this access |
+| UseUseExplosion.cs:25:439:25:442 | this access | UseUseExplosion.cs:25:2818:25:2823 | this access |
+| UseUseExplosion.cs:25:456:25:459 | [post] this access | UseUseExplosion.cs:25:473:25:476 | this access |
+| UseUseExplosion.cs:25:456:25:459 | [post] this access | UseUseExplosion.cs:25:2803:25:2808 | this access |
+| UseUseExplosion.cs:25:456:25:459 | access to property Prop | UseUseExplosion.cs:25:456:25:464 | ... > ... |
+| UseUseExplosion.cs:25:456:25:459 | access to property Prop | UseUseExplosion.cs:25:473:25:476 | access to property Prop |
+| UseUseExplosion.cs:25:456:25:459 | this access | UseUseExplosion.cs:25:473:25:476 | this access |
+| UseUseExplosion.cs:25:456:25:459 | this access | UseUseExplosion.cs:25:2803:25:2808 | this access |
+| UseUseExplosion.cs:25:473:25:476 | [post] this access | UseUseExplosion.cs:25:490:25:493 | this access |
+| UseUseExplosion.cs:25:473:25:476 | [post] this access | UseUseExplosion.cs:25:2788:25:2793 | this access |
+| UseUseExplosion.cs:25:473:25:476 | access to property Prop | UseUseExplosion.cs:25:473:25:481 | ... > ... |
+| UseUseExplosion.cs:25:473:25:476 | access to property Prop | UseUseExplosion.cs:25:490:25:493 | access to property Prop |
+| UseUseExplosion.cs:25:473:25:476 | this access | UseUseExplosion.cs:25:490:25:493 | this access |
+| UseUseExplosion.cs:25:473:25:476 | this access | UseUseExplosion.cs:25:2788:25:2793 | this access |
+| UseUseExplosion.cs:25:490:25:493 | [post] this access | UseUseExplosion.cs:25:507:25:510 | this access |
+| UseUseExplosion.cs:25:490:25:493 | [post] this access | UseUseExplosion.cs:25:2773:25:2778 | this access |
+| UseUseExplosion.cs:25:490:25:493 | access to property Prop | UseUseExplosion.cs:25:490:25:498 | ... > ... |
+| UseUseExplosion.cs:25:490:25:493 | access to property Prop | UseUseExplosion.cs:25:507:25:510 | access to property Prop |
+| UseUseExplosion.cs:25:490:25:493 | this access | UseUseExplosion.cs:25:507:25:510 | this access |
+| UseUseExplosion.cs:25:490:25:493 | this access | UseUseExplosion.cs:25:2773:25:2778 | this access |
+| UseUseExplosion.cs:25:507:25:510 | [post] this access | UseUseExplosion.cs:25:524:25:527 | this access |
+| UseUseExplosion.cs:25:507:25:510 | [post] this access | UseUseExplosion.cs:25:2758:25:2763 | this access |
+| UseUseExplosion.cs:25:507:25:510 | access to property Prop | UseUseExplosion.cs:25:507:25:515 | ... > ... |
+| UseUseExplosion.cs:25:507:25:510 | access to property Prop | UseUseExplosion.cs:25:524:25:527 | access to property Prop |
+| UseUseExplosion.cs:25:507:25:510 | this access | UseUseExplosion.cs:25:524:25:527 | this access |
+| UseUseExplosion.cs:25:507:25:510 | this access | UseUseExplosion.cs:25:2758:25:2763 | this access |
+| UseUseExplosion.cs:25:524:25:527 | [post] this access | UseUseExplosion.cs:25:541:25:544 | this access |
+| UseUseExplosion.cs:25:524:25:527 | [post] this access | UseUseExplosion.cs:25:2743:25:2748 | this access |
+| UseUseExplosion.cs:25:524:25:527 | access to property Prop | UseUseExplosion.cs:25:524:25:532 | ... > ... |
+| UseUseExplosion.cs:25:524:25:527 | access to property Prop | UseUseExplosion.cs:25:541:25:544 | access to property Prop |
+| UseUseExplosion.cs:25:524:25:527 | this access | UseUseExplosion.cs:25:541:25:544 | this access |
+| UseUseExplosion.cs:25:524:25:527 | this access | UseUseExplosion.cs:25:2743:25:2748 | this access |
+| UseUseExplosion.cs:25:541:25:544 | [post] this access | UseUseExplosion.cs:25:558:25:561 | this access |
+| UseUseExplosion.cs:25:541:25:544 | [post] this access | UseUseExplosion.cs:25:2728:25:2733 | this access |
+| UseUseExplosion.cs:25:541:25:544 | access to property Prop | UseUseExplosion.cs:25:541:25:549 | ... > ... |
+| UseUseExplosion.cs:25:541:25:544 | access to property Prop | UseUseExplosion.cs:25:558:25:561 | access to property Prop |
+| UseUseExplosion.cs:25:541:25:544 | this access | UseUseExplosion.cs:25:558:25:561 | this access |
+| UseUseExplosion.cs:25:541:25:544 | this access | UseUseExplosion.cs:25:2728:25:2733 | this access |
+| UseUseExplosion.cs:25:558:25:561 | [post] this access | UseUseExplosion.cs:25:575:25:578 | this access |
+| UseUseExplosion.cs:25:558:25:561 | [post] this access | UseUseExplosion.cs:25:2713:25:2718 | this access |
+| UseUseExplosion.cs:25:558:25:561 | access to property Prop | UseUseExplosion.cs:25:558:25:566 | ... > ... |
+| UseUseExplosion.cs:25:558:25:561 | access to property Prop | UseUseExplosion.cs:25:575:25:578 | access to property Prop |
+| UseUseExplosion.cs:25:558:25:561 | this access | UseUseExplosion.cs:25:575:25:578 | this access |
+| UseUseExplosion.cs:25:558:25:561 | this access | UseUseExplosion.cs:25:2713:25:2718 | this access |
+| UseUseExplosion.cs:25:575:25:578 | [post] this access | UseUseExplosion.cs:25:592:25:595 | this access |
+| UseUseExplosion.cs:25:575:25:578 | [post] this access | UseUseExplosion.cs:25:2698:25:2703 | this access |
+| UseUseExplosion.cs:25:575:25:578 | access to property Prop | UseUseExplosion.cs:25:575:25:583 | ... > ... |
+| UseUseExplosion.cs:25:575:25:578 | access to property Prop | UseUseExplosion.cs:25:592:25:595 | access to property Prop |
+| UseUseExplosion.cs:25:575:25:578 | this access | UseUseExplosion.cs:25:592:25:595 | this access |
+| UseUseExplosion.cs:25:575:25:578 | this access | UseUseExplosion.cs:25:2698:25:2703 | this access |
+| UseUseExplosion.cs:25:592:25:595 | [post] this access | UseUseExplosion.cs:25:609:25:612 | this access |
+| UseUseExplosion.cs:25:592:25:595 | [post] this access | UseUseExplosion.cs:25:2683:25:2688 | this access |
+| UseUseExplosion.cs:25:592:25:595 | access to property Prop | UseUseExplosion.cs:25:592:25:600 | ... > ... |
+| UseUseExplosion.cs:25:592:25:595 | access to property Prop | UseUseExplosion.cs:25:609:25:612 | access to property Prop |
+| UseUseExplosion.cs:25:592:25:595 | this access | UseUseExplosion.cs:25:609:25:612 | this access |
+| UseUseExplosion.cs:25:592:25:595 | this access | UseUseExplosion.cs:25:2683:25:2688 | this access |
+| UseUseExplosion.cs:25:609:25:612 | [post] this access | UseUseExplosion.cs:25:626:25:629 | this access |
+| UseUseExplosion.cs:25:609:25:612 | [post] this access | UseUseExplosion.cs:25:2668:25:2673 | this access |
+| UseUseExplosion.cs:25:609:25:612 | access to property Prop | UseUseExplosion.cs:25:609:25:617 | ... > ... |
+| UseUseExplosion.cs:25:609:25:612 | access to property Prop | UseUseExplosion.cs:25:626:25:629 | access to property Prop |
+| UseUseExplosion.cs:25:609:25:612 | this access | UseUseExplosion.cs:25:626:25:629 | this access |
+| UseUseExplosion.cs:25:609:25:612 | this access | UseUseExplosion.cs:25:2668:25:2673 | this access |
+| UseUseExplosion.cs:25:626:25:629 | [post] this access | UseUseExplosion.cs:25:643:25:646 | this access |
+| UseUseExplosion.cs:25:626:25:629 | [post] this access | UseUseExplosion.cs:25:2653:25:2658 | this access |
+| UseUseExplosion.cs:25:626:25:629 | access to property Prop | UseUseExplosion.cs:25:626:25:634 | ... > ... |
+| UseUseExplosion.cs:25:626:25:629 | access to property Prop | UseUseExplosion.cs:25:643:25:646 | access to property Prop |
+| UseUseExplosion.cs:25:626:25:629 | this access | UseUseExplosion.cs:25:643:25:646 | this access |
+| UseUseExplosion.cs:25:626:25:629 | this access | UseUseExplosion.cs:25:2653:25:2658 | this access |
+| UseUseExplosion.cs:25:643:25:646 | [post] this access | UseUseExplosion.cs:25:660:25:663 | this access |
+| UseUseExplosion.cs:25:643:25:646 | [post] this access | UseUseExplosion.cs:25:2638:25:2643 | this access |
+| UseUseExplosion.cs:25:643:25:646 | access to property Prop | UseUseExplosion.cs:25:643:25:651 | ... > ... |
+| UseUseExplosion.cs:25:643:25:646 | access to property Prop | UseUseExplosion.cs:25:660:25:663 | access to property Prop |
+| UseUseExplosion.cs:25:643:25:646 | this access | UseUseExplosion.cs:25:660:25:663 | this access |
+| UseUseExplosion.cs:25:643:25:646 | this access | UseUseExplosion.cs:25:2638:25:2643 | this access |
+| UseUseExplosion.cs:25:660:25:663 | [post] this access | UseUseExplosion.cs:25:677:25:680 | this access |
+| UseUseExplosion.cs:25:660:25:663 | [post] this access | UseUseExplosion.cs:25:2623:25:2628 | this access |
+| UseUseExplosion.cs:25:660:25:663 | access to property Prop | UseUseExplosion.cs:25:660:25:668 | ... > ... |
+| UseUseExplosion.cs:25:660:25:663 | access to property Prop | UseUseExplosion.cs:25:677:25:680 | access to property Prop |
+| UseUseExplosion.cs:25:660:25:663 | this access | UseUseExplosion.cs:25:677:25:680 | this access |
+| UseUseExplosion.cs:25:660:25:663 | this access | UseUseExplosion.cs:25:2623:25:2628 | this access |
+| UseUseExplosion.cs:25:677:25:680 | [post] this access | UseUseExplosion.cs:25:694:25:697 | this access |
+| UseUseExplosion.cs:25:677:25:680 | [post] this access | UseUseExplosion.cs:25:2608:25:2613 | this access |
+| UseUseExplosion.cs:25:677:25:680 | access to property Prop | UseUseExplosion.cs:25:677:25:685 | ... > ... |
+| UseUseExplosion.cs:25:677:25:680 | access to property Prop | UseUseExplosion.cs:25:694:25:697 | access to property Prop |
+| UseUseExplosion.cs:25:677:25:680 | this access | UseUseExplosion.cs:25:694:25:697 | this access |
+| UseUseExplosion.cs:25:677:25:680 | this access | UseUseExplosion.cs:25:2608:25:2613 | this access |
+| UseUseExplosion.cs:25:694:25:697 | [post] this access | UseUseExplosion.cs:25:711:25:714 | this access |
+| UseUseExplosion.cs:25:694:25:697 | [post] this access | UseUseExplosion.cs:25:2593:25:2598 | this access |
+| UseUseExplosion.cs:25:694:25:697 | access to property Prop | UseUseExplosion.cs:25:694:25:702 | ... > ... |
+| UseUseExplosion.cs:25:694:25:697 | access to property Prop | UseUseExplosion.cs:25:711:25:714 | access to property Prop |
+| UseUseExplosion.cs:25:694:25:697 | this access | UseUseExplosion.cs:25:711:25:714 | this access |
+| UseUseExplosion.cs:25:694:25:697 | this access | UseUseExplosion.cs:25:2593:25:2598 | this access |
+| UseUseExplosion.cs:25:711:25:714 | [post] this access | UseUseExplosion.cs:25:728:25:731 | this access |
+| UseUseExplosion.cs:25:711:25:714 | [post] this access | UseUseExplosion.cs:25:2578:25:2583 | this access |
+| UseUseExplosion.cs:25:711:25:714 | access to property Prop | UseUseExplosion.cs:25:711:25:719 | ... > ... |
+| UseUseExplosion.cs:25:711:25:714 | access to property Prop | UseUseExplosion.cs:25:728:25:731 | access to property Prop |
+| UseUseExplosion.cs:25:711:25:714 | this access | UseUseExplosion.cs:25:728:25:731 | this access |
+| UseUseExplosion.cs:25:711:25:714 | this access | UseUseExplosion.cs:25:2578:25:2583 | this access |
+| UseUseExplosion.cs:25:728:25:731 | [post] this access | UseUseExplosion.cs:25:745:25:748 | this access |
+| UseUseExplosion.cs:25:728:25:731 | [post] this access | UseUseExplosion.cs:25:2563:25:2568 | this access |
+| UseUseExplosion.cs:25:728:25:731 | access to property Prop | UseUseExplosion.cs:25:728:25:736 | ... > ... |
+| UseUseExplosion.cs:25:728:25:731 | access to property Prop | UseUseExplosion.cs:25:745:25:748 | access to property Prop |
+| UseUseExplosion.cs:25:728:25:731 | this access | UseUseExplosion.cs:25:745:25:748 | this access |
+| UseUseExplosion.cs:25:728:25:731 | this access | UseUseExplosion.cs:25:2563:25:2568 | this access |
+| UseUseExplosion.cs:25:745:25:748 | [post] this access | UseUseExplosion.cs:25:762:25:765 | this access |
+| UseUseExplosion.cs:25:745:25:748 | [post] this access | UseUseExplosion.cs:25:2548:25:2553 | this access |
+| UseUseExplosion.cs:25:745:25:748 | access to property Prop | UseUseExplosion.cs:25:745:25:753 | ... > ... |
+| UseUseExplosion.cs:25:745:25:748 | access to property Prop | UseUseExplosion.cs:25:762:25:765 | access to property Prop |
+| UseUseExplosion.cs:25:745:25:748 | this access | UseUseExplosion.cs:25:762:25:765 | this access |
+| UseUseExplosion.cs:25:745:25:748 | this access | UseUseExplosion.cs:25:2548:25:2553 | this access |
+| UseUseExplosion.cs:25:762:25:765 | [post] this access | UseUseExplosion.cs:25:779:25:782 | this access |
+| UseUseExplosion.cs:25:762:25:765 | [post] this access | UseUseExplosion.cs:25:2533:25:2538 | this access |
+| UseUseExplosion.cs:25:762:25:765 | access to property Prop | UseUseExplosion.cs:25:762:25:770 | ... > ... |
+| UseUseExplosion.cs:25:762:25:765 | access to property Prop | UseUseExplosion.cs:25:779:25:782 | access to property Prop |
+| UseUseExplosion.cs:25:762:25:765 | this access | UseUseExplosion.cs:25:779:25:782 | this access |
+| UseUseExplosion.cs:25:762:25:765 | this access | UseUseExplosion.cs:25:2533:25:2538 | this access |
+| UseUseExplosion.cs:25:779:25:782 | [post] this access | UseUseExplosion.cs:25:796:25:799 | this access |
+| UseUseExplosion.cs:25:779:25:782 | [post] this access | UseUseExplosion.cs:25:2518:25:2523 | this access |
+| UseUseExplosion.cs:25:779:25:782 | access to property Prop | UseUseExplosion.cs:25:779:25:787 | ... > ... |
+| UseUseExplosion.cs:25:779:25:782 | access to property Prop | UseUseExplosion.cs:25:796:25:799 | access to property Prop |
+| UseUseExplosion.cs:25:779:25:782 | this access | UseUseExplosion.cs:25:796:25:799 | this access |
+| UseUseExplosion.cs:25:779:25:782 | this access | UseUseExplosion.cs:25:2518:25:2523 | this access |
+| UseUseExplosion.cs:25:796:25:799 | [post] this access | UseUseExplosion.cs:25:813:25:816 | this access |
+| UseUseExplosion.cs:25:796:25:799 | [post] this access | UseUseExplosion.cs:25:2503:25:2508 | this access |
+| UseUseExplosion.cs:25:796:25:799 | access to property Prop | UseUseExplosion.cs:25:796:25:804 | ... > ... |
+| UseUseExplosion.cs:25:796:25:799 | access to property Prop | UseUseExplosion.cs:25:813:25:816 | access to property Prop |
+| UseUseExplosion.cs:25:796:25:799 | this access | UseUseExplosion.cs:25:813:25:816 | this access |
+| UseUseExplosion.cs:25:796:25:799 | this access | UseUseExplosion.cs:25:2503:25:2508 | this access |
+| UseUseExplosion.cs:25:813:25:816 | [post] this access | UseUseExplosion.cs:25:830:25:833 | this access |
+| UseUseExplosion.cs:25:813:25:816 | [post] this access | UseUseExplosion.cs:25:2488:25:2493 | this access |
+| UseUseExplosion.cs:25:813:25:816 | access to property Prop | UseUseExplosion.cs:25:813:25:821 | ... > ... |
+| UseUseExplosion.cs:25:813:25:816 | access to property Prop | UseUseExplosion.cs:25:830:25:833 | access to property Prop |
+| UseUseExplosion.cs:25:813:25:816 | this access | UseUseExplosion.cs:25:830:25:833 | this access |
+| UseUseExplosion.cs:25:813:25:816 | this access | UseUseExplosion.cs:25:2488:25:2493 | this access |
+| UseUseExplosion.cs:25:830:25:833 | [post] this access | UseUseExplosion.cs:25:847:25:850 | this access |
+| UseUseExplosion.cs:25:830:25:833 | [post] this access | UseUseExplosion.cs:25:2473:25:2478 | this access |
+| UseUseExplosion.cs:25:830:25:833 | access to property Prop | UseUseExplosion.cs:25:830:25:838 | ... > ... |
+| UseUseExplosion.cs:25:830:25:833 | access to property Prop | UseUseExplosion.cs:25:847:25:850 | access to property Prop |
+| UseUseExplosion.cs:25:830:25:833 | this access | UseUseExplosion.cs:25:847:25:850 | this access |
+| UseUseExplosion.cs:25:830:25:833 | this access | UseUseExplosion.cs:25:2473:25:2478 | this access |
+| UseUseExplosion.cs:25:847:25:850 | [post] this access | UseUseExplosion.cs:25:864:25:867 | this access |
+| UseUseExplosion.cs:25:847:25:850 | [post] this access | UseUseExplosion.cs:25:2458:25:2463 | this access |
+| UseUseExplosion.cs:25:847:25:850 | access to property Prop | UseUseExplosion.cs:25:847:25:855 | ... > ... |
+| UseUseExplosion.cs:25:847:25:850 | access to property Prop | UseUseExplosion.cs:25:864:25:867 | access to property Prop |
+| UseUseExplosion.cs:25:847:25:850 | this access | UseUseExplosion.cs:25:864:25:867 | this access |
+| UseUseExplosion.cs:25:847:25:850 | this access | UseUseExplosion.cs:25:2458:25:2463 | this access |
+| UseUseExplosion.cs:25:864:25:867 | [post] this access | UseUseExplosion.cs:25:881:25:884 | this access |
+| UseUseExplosion.cs:25:864:25:867 | [post] this access | UseUseExplosion.cs:25:2443:25:2448 | this access |
+| UseUseExplosion.cs:25:864:25:867 | access to property Prop | UseUseExplosion.cs:25:864:25:872 | ... > ... |
+| UseUseExplosion.cs:25:864:25:867 | access to property Prop | UseUseExplosion.cs:25:881:25:884 | access to property Prop |
+| UseUseExplosion.cs:25:864:25:867 | this access | UseUseExplosion.cs:25:881:25:884 | this access |
+| UseUseExplosion.cs:25:864:25:867 | this access | UseUseExplosion.cs:25:2443:25:2448 | this access |
+| UseUseExplosion.cs:25:881:25:884 | [post] this access | UseUseExplosion.cs:25:898:25:901 | this access |
+| UseUseExplosion.cs:25:881:25:884 | [post] this access | UseUseExplosion.cs:25:2428:25:2433 | this access |
+| UseUseExplosion.cs:25:881:25:884 | access to property Prop | UseUseExplosion.cs:25:881:25:889 | ... > ... |
+| UseUseExplosion.cs:25:881:25:884 | access to property Prop | UseUseExplosion.cs:25:898:25:901 | access to property Prop |
+| UseUseExplosion.cs:25:881:25:884 | this access | UseUseExplosion.cs:25:898:25:901 | this access |
+| UseUseExplosion.cs:25:881:25:884 | this access | UseUseExplosion.cs:25:2428:25:2433 | this access |
+| UseUseExplosion.cs:25:898:25:901 | [post] this access | UseUseExplosion.cs:25:915:25:918 | this access |
+| UseUseExplosion.cs:25:898:25:901 | [post] this access | UseUseExplosion.cs:25:2413:25:2418 | this access |
+| UseUseExplosion.cs:25:898:25:901 | access to property Prop | UseUseExplosion.cs:25:898:25:906 | ... > ... |
+| UseUseExplosion.cs:25:898:25:901 | access to property Prop | UseUseExplosion.cs:25:915:25:918 | access to property Prop |
+| UseUseExplosion.cs:25:898:25:901 | this access | UseUseExplosion.cs:25:915:25:918 | this access |
+| UseUseExplosion.cs:25:898:25:901 | this access | UseUseExplosion.cs:25:2413:25:2418 | this access |
+| UseUseExplosion.cs:25:915:25:918 | [post] this access | UseUseExplosion.cs:25:932:25:935 | this access |
+| UseUseExplosion.cs:25:915:25:918 | [post] this access | UseUseExplosion.cs:25:2398:25:2403 | this access |
+| UseUseExplosion.cs:25:915:25:918 | access to property Prop | UseUseExplosion.cs:25:915:25:923 | ... > ... |
+| UseUseExplosion.cs:25:915:25:918 | access to property Prop | UseUseExplosion.cs:25:932:25:935 | access to property Prop |
+| UseUseExplosion.cs:25:915:25:918 | this access | UseUseExplosion.cs:25:932:25:935 | this access |
+| UseUseExplosion.cs:25:915:25:918 | this access | UseUseExplosion.cs:25:2398:25:2403 | this access |
+| UseUseExplosion.cs:25:932:25:935 | [post] this access | UseUseExplosion.cs:25:949:25:952 | this access |
+| UseUseExplosion.cs:25:932:25:935 | [post] this access | UseUseExplosion.cs:25:2383:25:2388 | this access |
+| UseUseExplosion.cs:25:932:25:935 | access to property Prop | UseUseExplosion.cs:25:932:25:940 | ... > ... |
+| UseUseExplosion.cs:25:932:25:935 | access to property Prop | UseUseExplosion.cs:25:949:25:952 | access to property Prop |
+| UseUseExplosion.cs:25:932:25:935 | this access | UseUseExplosion.cs:25:949:25:952 | this access |
+| UseUseExplosion.cs:25:932:25:935 | this access | UseUseExplosion.cs:25:2383:25:2388 | this access |
+| UseUseExplosion.cs:25:949:25:952 | [post] this access | UseUseExplosion.cs:25:966:25:969 | this access |
+| UseUseExplosion.cs:25:949:25:952 | [post] this access | UseUseExplosion.cs:25:2368:25:2373 | this access |
+| UseUseExplosion.cs:25:949:25:952 | access to property Prop | UseUseExplosion.cs:25:949:25:957 | ... > ... |
+| UseUseExplosion.cs:25:949:25:952 | access to property Prop | UseUseExplosion.cs:25:966:25:969 | access to property Prop |
+| UseUseExplosion.cs:25:949:25:952 | this access | UseUseExplosion.cs:25:966:25:969 | this access |
+| UseUseExplosion.cs:25:949:25:952 | this access | UseUseExplosion.cs:25:2368:25:2373 | this access |
+| UseUseExplosion.cs:25:966:25:969 | [post] this access | UseUseExplosion.cs:25:983:25:986 | this access |
+| UseUseExplosion.cs:25:966:25:969 | [post] this access | UseUseExplosion.cs:25:2353:25:2358 | this access |
+| UseUseExplosion.cs:25:966:25:969 | access to property Prop | UseUseExplosion.cs:25:966:25:974 | ... > ... |
+| UseUseExplosion.cs:25:966:25:969 | access to property Prop | UseUseExplosion.cs:25:983:25:986 | access to property Prop |
+| UseUseExplosion.cs:25:966:25:969 | this access | UseUseExplosion.cs:25:983:25:986 | this access |
+| UseUseExplosion.cs:25:966:25:969 | this access | UseUseExplosion.cs:25:2353:25:2358 | this access |
+| UseUseExplosion.cs:25:983:25:986 | [post] this access | UseUseExplosion.cs:25:1000:25:1003 | this access |
+| UseUseExplosion.cs:25:983:25:986 | [post] this access | UseUseExplosion.cs:25:2338:25:2343 | this access |
+| UseUseExplosion.cs:25:983:25:986 | access to property Prop | UseUseExplosion.cs:25:983:25:991 | ... > ... |
+| UseUseExplosion.cs:25:983:25:986 | access to property Prop | UseUseExplosion.cs:25:1000:25:1003 | access to property Prop |
+| UseUseExplosion.cs:25:983:25:986 | this access | UseUseExplosion.cs:25:1000:25:1003 | this access |
+| UseUseExplosion.cs:25:983:25:986 | this access | UseUseExplosion.cs:25:2338:25:2343 | this access |
+| UseUseExplosion.cs:25:1000:25:1003 | [post] this access | UseUseExplosion.cs:25:1017:25:1020 | this access |
+| UseUseExplosion.cs:25:1000:25:1003 | [post] this access | UseUseExplosion.cs:25:2323:25:2328 | this access |
+| UseUseExplosion.cs:25:1000:25:1003 | access to property Prop | UseUseExplosion.cs:25:1000:25:1008 | ... > ... |
+| UseUseExplosion.cs:25:1000:25:1003 | access to property Prop | UseUseExplosion.cs:25:1017:25:1020 | access to property Prop |
+| UseUseExplosion.cs:25:1000:25:1003 | this access | UseUseExplosion.cs:25:1017:25:1020 | this access |
+| UseUseExplosion.cs:25:1000:25:1003 | this access | UseUseExplosion.cs:25:2323:25:2328 | this access |
+| UseUseExplosion.cs:25:1017:25:1020 | [post] this access | UseUseExplosion.cs:25:1034:25:1037 | this access |
+| UseUseExplosion.cs:25:1017:25:1020 | [post] this access | UseUseExplosion.cs:25:2308:25:2313 | this access |
+| UseUseExplosion.cs:25:1017:25:1020 | access to property Prop | UseUseExplosion.cs:25:1017:25:1025 | ... > ... |
+| UseUseExplosion.cs:25:1017:25:1020 | access to property Prop | UseUseExplosion.cs:25:1034:25:1037 | access to property Prop |
+| UseUseExplosion.cs:25:1017:25:1020 | this access | UseUseExplosion.cs:25:1034:25:1037 | this access |
+| UseUseExplosion.cs:25:1017:25:1020 | this access | UseUseExplosion.cs:25:2308:25:2313 | this access |
+| UseUseExplosion.cs:25:1034:25:1037 | [post] this access | UseUseExplosion.cs:25:1051:25:1054 | this access |
+| UseUseExplosion.cs:25:1034:25:1037 | [post] this access | UseUseExplosion.cs:25:2293:25:2298 | this access |
+| UseUseExplosion.cs:25:1034:25:1037 | access to property Prop | UseUseExplosion.cs:25:1034:25:1042 | ... > ... |
+| UseUseExplosion.cs:25:1034:25:1037 | access to property Prop | UseUseExplosion.cs:25:1051:25:1054 | access to property Prop |
+| UseUseExplosion.cs:25:1034:25:1037 | this access | UseUseExplosion.cs:25:1051:25:1054 | this access |
+| UseUseExplosion.cs:25:1034:25:1037 | this access | UseUseExplosion.cs:25:2293:25:2298 | this access |
+| UseUseExplosion.cs:25:1051:25:1054 | [post] this access | UseUseExplosion.cs:25:1068:25:1071 | this access |
+| UseUseExplosion.cs:25:1051:25:1054 | [post] this access | UseUseExplosion.cs:25:2278:25:2283 | this access |
+| UseUseExplosion.cs:25:1051:25:1054 | access to property Prop | UseUseExplosion.cs:25:1051:25:1059 | ... > ... |
+| UseUseExplosion.cs:25:1051:25:1054 | access to property Prop | UseUseExplosion.cs:25:1068:25:1071 | access to property Prop |
+| UseUseExplosion.cs:25:1051:25:1054 | this access | UseUseExplosion.cs:25:1068:25:1071 | this access |
+| UseUseExplosion.cs:25:1051:25:1054 | this access | UseUseExplosion.cs:25:2278:25:2283 | this access |
+| UseUseExplosion.cs:25:1068:25:1071 | [post] this access | UseUseExplosion.cs:25:1085:25:1088 | this access |
+| UseUseExplosion.cs:25:1068:25:1071 | [post] this access | UseUseExplosion.cs:25:2263:25:2268 | this access |
+| UseUseExplosion.cs:25:1068:25:1071 | access to property Prop | UseUseExplosion.cs:25:1068:25:1076 | ... > ... |
+| UseUseExplosion.cs:25:1068:25:1071 | access to property Prop | UseUseExplosion.cs:25:1085:25:1088 | access to property Prop |
+| UseUseExplosion.cs:25:1068:25:1071 | this access | UseUseExplosion.cs:25:1085:25:1088 | this access |
+| UseUseExplosion.cs:25:1068:25:1071 | this access | UseUseExplosion.cs:25:2263:25:2268 | this access |
+| UseUseExplosion.cs:25:1085:25:1088 | [post] this access | UseUseExplosion.cs:25:1102:25:1105 | this access |
+| UseUseExplosion.cs:25:1085:25:1088 | [post] this access | UseUseExplosion.cs:25:2248:25:2253 | this access |
+| UseUseExplosion.cs:25:1085:25:1088 | access to property Prop | UseUseExplosion.cs:25:1085:25:1093 | ... > ... |
+| UseUseExplosion.cs:25:1085:25:1088 | access to property Prop | UseUseExplosion.cs:25:1102:25:1105 | access to property Prop |
+| UseUseExplosion.cs:25:1085:25:1088 | this access | UseUseExplosion.cs:25:1102:25:1105 | this access |
+| UseUseExplosion.cs:25:1085:25:1088 | this access | UseUseExplosion.cs:25:2248:25:2253 | this access |
+| UseUseExplosion.cs:25:1102:25:1105 | [post] this access | UseUseExplosion.cs:25:1119:25:1122 | this access |
+| UseUseExplosion.cs:25:1102:25:1105 | [post] this access | UseUseExplosion.cs:25:2233:25:2238 | this access |
+| UseUseExplosion.cs:25:1102:25:1105 | access to property Prop | UseUseExplosion.cs:25:1102:25:1110 | ... > ... |
+| UseUseExplosion.cs:25:1102:25:1105 | access to property Prop | UseUseExplosion.cs:25:1119:25:1122 | access to property Prop |
+| UseUseExplosion.cs:25:1102:25:1105 | this access | UseUseExplosion.cs:25:1119:25:1122 | this access |
+| UseUseExplosion.cs:25:1102:25:1105 | this access | UseUseExplosion.cs:25:2233:25:2238 | this access |
+| UseUseExplosion.cs:25:1119:25:1122 | [post] this access | UseUseExplosion.cs:25:1136:25:1139 | this access |
+| UseUseExplosion.cs:25:1119:25:1122 | [post] this access | UseUseExplosion.cs:25:2218:25:2223 | this access |
+| UseUseExplosion.cs:25:1119:25:1122 | access to property Prop | UseUseExplosion.cs:25:1119:25:1127 | ... > ... |
+| UseUseExplosion.cs:25:1119:25:1122 | access to property Prop | UseUseExplosion.cs:25:1136:25:1139 | access to property Prop |
+| UseUseExplosion.cs:25:1119:25:1122 | this access | UseUseExplosion.cs:25:1136:25:1139 | this access |
+| UseUseExplosion.cs:25:1119:25:1122 | this access | UseUseExplosion.cs:25:2218:25:2223 | this access |
+| UseUseExplosion.cs:25:1136:25:1139 | [post] this access | UseUseExplosion.cs:25:1153:25:1156 | this access |
+| UseUseExplosion.cs:25:1136:25:1139 | [post] this access | UseUseExplosion.cs:25:2203:25:2208 | this access |
+| UseUseExplosion.cs:25:1136:25:1139 | access to property Prop | UseUseExplosion.cs:25:1136:25:1144 | ... > ... |
+| UseUseExplosion.cs:25:1136:25:1139 | access to property Prop | UseUseExplosion.cs:25:1153:25:1156 | access to property Prop |
+| UseUseExplosion.cs:25:1136:25:1139 | this access | UseUseExplosion.cs:25:1153:25:1156 | this access |
+| UseUseExplosion.cs:25:1136:25:1139 | this access | UseUseExplosion.cs:25:2203:25:2208 | this access |
+| UseUseExplosion.cs:25:1153:25:1156 | [post] this access | UseUseExplosion.cs:25:1170:25:1173 | this access |
+| UseUseExplosion.cs:25:1153:25:1156 | [post] this access | UseUseExplosion.cs:25:2188:25:2193 | this access |
+| UseUseExplosion.cs:25:1153:25:1156 | access to property Prop | UseUseExplosion.cs:25:1153:25:1161 | ... > ... |
+| UseUseExplosion.cs:25:1153:25:1156 | access to property Prop | UseUseExplosion.cs:25:1170:25:1173 | access to property Prop |
+| UseUseExplosion.cs:25:1153:25:1156 | this access | UseUseExplosion.cs:25:1170:25:1173 | this access |
+| UseUseExplosion.cs:25:1153:25:1156 | this access | UseUseExplosion.cs:25:2188:25:2193 | this access |
+| UseUseExplosion.cs:25:1170:25:1173 | [post] this access | UseUseExplosion.cs:25:1187:25:1190 | this access |
+| UseUseExplosion.cs:25:1170:25:1173 | [post] this access | UseUseExplosion.cs:25:2173:25:2178 | this access |
+| UseUseExplosion.cs:25:1170:25:1173 | access to property Prop | UseUseExplosion.cs:25:1170:25:1178 | ... > ... |
+| UseUseExplosion.cs:25:1170:25:1173 | access to property Prop | UseUseExplosion.cs:25:1187:25:1190 | access to property Prop |
+| UseUseExplosion.cs:25:1170:25:1173 | this access | UseUseExplosion.cs:25:1187:25:1190 | this access |
+| UseUseExplosion.cs:25:1170:25:1173 | this access | UseUseExplosion.cs:25:2173:25:2178 | this access |
+| UseUseExplosion.cs:25:1187:25:1190 | [post] this access | UseUseExplosion.cs:25:1204:25:1207 | this access |
+| UseUseExplosion.cs:25:1187:25:1190 | [post] this access | UseUseExplosion.cs:25:2158:25:2163 | this access |
+| UseUseExplosion.cs:25:1187:25:1190 | access to property Prop | UseUseExplosion.cs:25:1187:25:1195 | ... > ... |
+| UseUseExplosion.cs:25:1187:25:1190 | access to property Prop | UseUseExplosion.cs:25:1204:25:1207 | access to property Prop |
+| UseUseExplosion.cs:25:1187:25:1190 | this access | UseUseExplosion.cs:25:1204:25:1207 | this access |
+| UseUseExplosion.cs:25:1187:25:1190 | this access | UseUseExplosion.cs:25:2158:25:2163 | this access |
+| UseUseExplosion.cs:25:1204:25:1207 | [post] this access | UseUseExplosion.cs:25:1221:25:1224 | this access |
+| UseUseExplosion.cs:25:1204:25:1207 | [post] this access | UseUseExplosion.cs:25:2143:25:2148 | this access |
+| UseUseExplosion.cs:25:1204:25:1207 | access to property Prop | UseUseExplosion.cs:25:1204:25:1212 | ... > ... |
+| UseUseExplosion.cs:25:1204:25:1207 | access to property Prop | UseUseExplosion.cs:25:1221:25:1224 | access to property Prop |
+| UseUseExplosion.cs:25:1204:25:1207 | this access | UseUseExplosion.cs:25:1221:25:1224 | this access |
+| UseUseExplosion.cs:25:1204:25:1207 | this access | UseUseExplosion.cs:25:2143:25:2148 | this access |
+| UseUseExplosion.cs:25:1221:25:1224 | [post] this access | UseUseExplosion.cs:25:1238:25:1241 | this access |
+| UseUseExplosion.cs:25:1221:25:1224 | [post] this access | UseUseExplosion.cs:25:2128:25:2133 | this access |
+| UseUseExplosion.cs:25:1221:25:1224 | access to property Prop | UseUseExplosion.cs:25:1221:25:1229 | ... > ... |
+| UseUseExplosion.cs:25:1221:25:1224 | access to property Prop | UseUseExplosion.cs:25:1238:25:1241 | access to property Prop |
+| UseUseExplosion.cs:25:1221:25:1224 | this access | UseUseExplosion.cs:25:1238:25:1241 | this access |
+| UseUseExplosion.cs:25:1221:25:1224 | this access | UseUseExplosion.cs:25:2128:25:2133 | this access |
+| UseUseExplosion.cs:25:1238:25:1241 | [post] this access | UseUseExplosion.cs:25:1255:25:1258 | this access |
+| UseUseExplosion.cs:25:1238:25:1241 | [post] this access | UseUseExplosion.cs:25:2113:25:2118 | this access |
+| UseUseExplosion.cs:25:1238:25:1241 | access to property Prop | UseUseExplosion.cs:25:1238:25:1246 | ... > ... |
+| UseUseExplosion.cs:25:1238:25:1241 | access to property Prop | UseUseExplosion.cs:25:1255:25:1258 | access to property Prop |
+| UseUseExplosion.cs:25:1238:25:1241 | this access | UseUseExplosion.cs:25:1255:25:1258 | this access |
+| UseUseExplosion.cs:25:1238:25:1241 | this access | UseUseExplosion.cs:25:2113:25:2118 | this access |
+| UseUseExplosion.cs:25:1255:25:1258 | [post] this access | UseUseExplosion.cs:25:1272:25:1275 | this access |
+| UseUseExplosion.cs:25:1255:25:1258 | [post] this access | UseUseExplosion.cs:25:2098:25:2103 | this access |
+| UseUseExplosion.cs:25:1255:25:1258 | access to property Prop | UseUseExplosion.cs:25:1255:25:1263 | ... > ... |
+| UseUseExplosion.cs:25:1255:25:1258 | access to property Prop | UseUseExplosion.cs:25:1272:25:1275 | access to property Prop |
+| UseUseExplosion.cs:25:1255:25:1258 | this access | UseUseExplosion.cs:25:1272:25:1275 | this access |
+| UseUseExplosion.cs:25:1255:25:1258 | this access | UseUseExplosion.cs:25:2098:25:2103 | this access |
+| UseUseExplosion.cs:25:1272:25:1275 | [post] this access | UseUseExplosion.cs:25:1289:25:1292 | this access |
+| UseUseExplosion.cs:25:1272:25:1275 | [post] this access | UseUseExplosion.cs:25:2083:25:2088 | this access |
+| UseUseExplosion.cs:25:1272:25:1275 | access to property Prop | UseUseExplosion.cs:25:1272:25:1280 | ... > ... |
+| UseUseExplosion.cs:25:1272:25:1275 | access to property Prop | UseUseExplosion.cs:25:1289:25:1292 | access to property Prop |
+| UseUseExplosion.cs:25:1272:25:1275 | this access | UseUseExplosion.cs:25:1289:25:1292 | this access |
+| UseUseExplosion.cs:25:1272:25:1275 | this access | UseUseExplosion.cs:25:2083:25:2088 | this access |
+| UseUseExplosion.cs:25:1289:25:1292 | [post] this access | UseUseExplosion.cs:25:1306:25:1309 | this access |
+| UseUseExplosion.cs:25:1289:25:1292 | [post] this access | UseUseExplosion.cs:25:2068:25:2073 | this access |
+| UseUseExplosion.cs:25:1289:25:1292 | access to property Prop | UseUseExplosion.cs:25:1289:25:1297 | ... > ... |
+| UseUseExplosion.cs:25:1289:25:1292 | access to property Prop | UseUseExplosion.cs:25:1306:25:1309 | access to property Prop |
+| UseUseExplosion.cs:25:1289:25:1292 | this access | UseUseExplosion.cs:25:1306:25:1309 | this access |
+| UseUseExplosion.cs:25:1289:25:1292 | this access | UseUseExplosion.cs:25:2068:25:2073 | this access |
+| UseUseExplosion.cs:25:1306:25:1309 | [post] this access | UseUseExplosion.cs:25:1323:25:1326 | this access |
+| UseUseExplosion.cs:25:1306:25:1309 | [post] this access | UseUseExplosion.cs:25:2053:25:2058 | this access |
+| UseUseExplosion.cs:25:1306:25:1309 | access to property Prop | UseUseExplosion.cs:25:1306:25:1314 | ... > ... |
+| UseUseExplosion.cs:25:1306:25:1309 | access to property Prop | UseUseExplosion.cs:25:1323:25:1326 | access to property Prop |
+| UseUseExplosion.cs:25:1306:25:1309 | this access | UseUseExplosion.cs:25:1323:25:1326 | this access |
+| UseUseExplosion.cs:25:1306:25:1309 | this access | UseUseExplosion.cs:25:2053:25:2058 | this access |
+| UseUseExplosion.cs:25:1323:25:1326 | [post] this access | UseUseExplosion.cs:25:1340:25:1343 | this access |
+| UseUseExplosion.cs:25:1323:25:1326 | [post] this access | UseUseExplosion.cs:25:2038:25:2043 | this access |
+| UseUseExplosion.cs:25:1323:25:1326 | access to property Prop | UseUseExplosion.cs:25:1323:25:1331 | ... > ... |
+| UseUseExplosion.cs:25:1323:25:1326 | access to property Prop | UseUseExplosion.cs:25:1340:25:1343 | access to property Prop |
+| UseUseExplosion.cs:25:1323:25:1326 | this access | UseUseExplosion.cs:25:1340:25:1343 | this access |
+| UseUseExplosion.cs:25:1323:25:1326 | this access | UseUseExplosion.cs:25:2038:25:2043 | this access |
+| UseUseExplosion.cs:25:1340:25:1343 | [post] this access | UseUseExplosion.cs:25:1357:25:1360 | this access |
+| UseUseExplosion.cs:25:1340:25:1343 | [post] this access | UseUseExplosion.cs:25:2023:25:2028 | this access |
+| UseUseExplosion.cs:25:1340:25:1343 | access to property Prop | UseUseExplosion.cs:25:1340:25:1348 | ... > ... |
+| UseUseExplosion.cs:25:1340:25:1343 | access to property Prop | UseUseExplosion.cs:25:1357:25:1360 | access to property Prop |
+| UseUseExplosion.cs:25:1340:25:1343 | this access | UseUseExplosion.cs:25:1357:25:1360 | this access |
+| UseUseExplosion.cs:25:1340:25:1343 | this access | UseUseExplosion.cs:25:2023:25:2028 | this access |
+| UseUseExplosion.cs:25:1357:25:1360 | [post] this access | UseUseExplosion.cs:25:1374:25:1377 | this access |
+| UseUseExplosion.cs:25:1357:25:1360 | [post] this access | UseUseExplosion.cs:25:2008:25:2013 | this access |
+| UseUseExplosion.cs:25:1357:25:1360 | access to property Prop | UseUseExplosion.cs:25:1357:25:1365 | ... > ... |
+| UseUseExplosion.cs:25:1357:25:1360 | access to property Prop | UseUseExplosion.cs:25:1374:25:1377 | access to property Prop |
+| UseUseExplosion.cs:25:1357:25:1360 | this access | UseUseExplosion.cs:25:1374:25:1377 | this access |
+| UseUseExplosion.cs:25:1357:25:1360 | this access | UseUseExplosion.cs:25:2008:25:2013 | this access |
+| UseUseExplosion.cs:25:1374:25:1377 | [post] this access | UseUseExplosion.cs:25:1391:25:1394 | this access |
+| UseUseExplosion.cs:25:1374:25:1377 | [post] this access | UseUseExplosion.cs:25:1993:25:1998 | this access |
+| UseUseExplosion.cs:25:1374:25:1377 | access to property Prop | UseUseExplosion.cs:25:1374:25:1382 | ... > ... |
+| UseUseExplosion.cs:25:1374:25:1377 | access to property Prop | UseUseExplosion.cs:25:1391:25:1394 | access to property Prop |
+| UseUseExplosion.cs:25:1374:25:1377 | this access | UseUseExplosion.cs:25:1391:25:1394 | this access |
+| UseUseExplosion.cs:25:1374:25:1377 | this access | UseUseExplosion.cs:25:1993:25:1998 | this access |
+| UseUseExplosion.cs:25:1391:25:1394 | [post] this access | UseUseExplosion.cs:25:1408:25:1411 | this access |
+| UseUseExplosion.cs:25:1391:25:1394 | [post] this access | UseUseExplosion.cs:25:1978:25:1983 | this access |
+| UseUseExplosion.cs:25:1391:25:1394 | access to property Prop | UseUseExplosion.cs:25:1391:25:1399 | ... > ... |
+| UseUseExplosion.cs:25:1391:25:1394 | access to property Prop | UseUseExplosion.cs:25:1408:25:1411 | access to property Prop |
+| UseUseExplosion.cs:25:1391:25:1394 | this access | UseUseExplosion.cs:25:1408:25:1411 | this access |
+| UseUseExplosion.cs:25:1391:25:1394 | this access | UseUseExplosion.cs:25:1978:25:1983 | this access |
+| UseUseExplosion.cs:25:1408:25:1411 | [post] this access | UseUseExplosion.cs:25:1425:25:1428 | this access |
+| UseUseExplosion.cs:25:1408:25:1411 | [post] this access | UseUseExplosion.cs:25:1963:25:1968 | this access |
+| UseUseExplosion.cs:25:1408:25:1411 | access to property Prop | UseUseExplosion.cs:25:1408:25:1416 | ... > ... |
+| UseUseExplosion.cs:25:1408:25:1411 | access to property Prop | UseUseExplosion.cs:25:1425:25:1428 | access to property Prop |
+| UseUseExplosion.cs:25:1408:25:1411 | this access | UseUseExplosion.cs:25:1425:25:1428 | this access |
+| UseUseExplosion.cs:25:1408:25:1411 | this access | UseUseExplosion.cs:25:1963:25:1968 | this access |
+| UseUseExplosion.cs:25:1425:25:1428 | [post] this access | UseUseExplosion.cs:25:1442:25:1445 | this access |
+| UseUseExplosion.cs:25:1425:25:1428 | [post] this access | UseUseExplosion.cs:25:1948:25:1953 | this access |
+| UseUseExplosion.cs:25:1425:25:1428 | access to property Prop | UseUseExplosion.cs:25:1425:25:1433 | ... > ... |
+| UseUseExplosion.cs:25:1425:25:1428 | access to property Prop | UseUseExplosion.cs:25:1442:25:1445 | access to property Prop |
+| UseUseExplosion.cs:25:1425:25:1428 | this access | UseUseExplosion.cs:25:1442:25:1445 | this access |
+| UseUseExplosion.cs:25:1425:25:1428 | this access | UseUseExplosion.cs:25:1948:25:1953 | this access |
+| UseUseExplosion.cs:25:1442:25:1445 | [post] this access | UseUseExplosion.cs:25:1459:25:1462 | this access |
+| UseUseExplosion.cs:25:1442:25:1445 | [post] this access | UseUseExplosion.cs:25:1933:25:1938 | this access |
+| UseUseExplosion.cs:25:1442:25:1445 | access to property Prop | UseUseExplosion.cs:25:1442:25:1450 | ... > ... |
+| UseUseExplosion.cs:25:1442:25:1445 | access to property Prop | UseUseExplosion.cs:25:1459:25:1462 | access to property Prop |
+| UseUseExplosion.cs:25:1442:25:1445 | this access | UseUseExplosion.cs:25:1459:25:1462 | this access |
+| UseUseExplosion.cs:25:1442:25:1445 | this access | UseUseExplosion.cs:25:1933:25:1938 | this access |
+| UseUseExplosion.cs:25:1459:25:1462 | [post] this access | UseUseExplosion.cs:25:1476:25:1479 | this access |
+| UseUseExplosion.cs:25:1459:25:1462 | [post] this access | UseUseExplosion.cs:25:1918:25:1923 | this access |
+| UseUseExplosion.cs:25:1459:25:1462 | access to property Prop | UseUseExplosion.cs:25:1459:25:1467 | ... > ... |
+| UseUseExplosion.cs:25:1459:25:1462 | access to property Prop | UseUseExplosion.cs:25:1476:25:1479 | access to property Prop |
+| UseUseExplosion.cs:25:1459:25:1462 | this access | UseUseExplosion.cs:25:1476:25:1479 | this access |
+| UseUseExplosion.cs:25:1459:25:1462 | this access | UseUseExplosion.cs:25:1918:25:1923 | this access |
+| UseUseExplosion.cs:25:1476:25:1479 | [post] this access | UseUseExplosion.cs:25:1493:25:1496 | this access |
+| UseUseExplosion.cs:25:1476:25:1479 | [post] this access | UseUseExplosion.cs:25:1903:25:1908 | this access |
+| UseUseExplosion.cs:25:1476:25:1479 | access to property Prop | UseUseExplosion.cs:25:1476:25:1484 | ... > ... |
+| UseUseExplosion.cs:25:1476:25:1479 | access to property Prop | UseUseExplosion.cs:25:1493:25:1496 | access to property Prop |
+| UseUseExplosion.cs:25:1476:25:1479 | this access | UseUseExplosion.cs:25:1493:25:1496 | this access |
+| UseUseExplosion.cs:25:1476:25:1479 | this access | UseUseExplosion.cs:25:1903:25:1908 | this access |
+| UseUseExplosion.cs:25:1493:25:1496 | [post] this access | UseUseExplosion.cs:25:1510:25:1513 | this access |
+| UseUseExplosion.cs:25:1493:25:1496 | [post] this access | UseUseExplosion.cs:25:1888:25:1893 | this access |
+| UseUseExplosion.cs:25:1493:25:1496 | access to property Prop | UseUseExplosion.cs:25:1493:25:1501 | ... > ... |
+| UseUseExplosion.cs:25:1493:25:1496 | access to property Prop | UseUseExplosion.cs:25:1510:25:1513 | access to property Prop |
+| UseUseExplosion.cs:25:1493:25:1496 | this access | UseUseExplosion.cs:25:1510:25:1513 | this access |
+| UseUseExplosion.cs:25:1493:25:1496 | this access | UseUseExplosion.cs:25:1888:25:1893 | this access |
+| UseUseExplosion.cs:25:1510:25:1513 | [post] this access | UseUseExplosion.cs:25:1527:25:1530 | this access |
+| UseUseExplosion.cs:25:1510:25:1513 | [post] this access | UseUseExplosion.cs:25:1873:25:1878 | this access |
+| UseUseExplosion.cs:25:1510:25:1513 | access to property Prop | UseUseExplosion.cs:25:1510:25:1518 | ... > ... |
+| UseUseExplosion.cs:25:1510:25:1513 | access to property Prop | UseUseExplosion.cs:25:1527:25:1530 | access to property Prop |
+| UseUseExplosion.cs:25:1510:25:1513 | this access | UseUseExplosion.cs:25:1527:25:1530 | this access |
+| UseUseExplosion.cs:25:1510:25:1513 | this access | UseUseExplosion.cs:25:1873:25:1878 | this access |
+| UseUseExplosion.cs:25:1527:25:1530 | [post] this access | UseUseExplosion.cs:25:1544:25:1547 | this access |
+| UseUseExplosion.cs:25:1527:25:1530 | [post] this access | UseUseExplosion.cs:25:1858:25:1863 | this access |
+| UseUseExplosion.cs:25:1527:25:1530 | access to property Prop | UseUseExplosion.cs:25:1527:25:1535 | ... > ... |
+| UseUseExplosion.cs:25:1527:25:1530 | access to property Prop | UseUseExplosion.cs:25:1544:25:1547 | access to property Prop |
+| UseUseExplosion.cs:25:1527:25:1530 | this access | UseUseExplosion.cs:25:1544:25:1547 | this access |
+| UseUseExplosion.cs:25:1527:25:1530 | this access | UseUseExplosion.cs:25:1858:25:1863 | this access |
+| UseUseExplosion.cs:25:1544:25:1547 | [post] this access | UseUseExplosion.cs:25:1561:25:1564 | this access |
+| UseUseExplosion.cs:25:1544:25:1547 | [post] this access | UseUseExplosion.cs:25:1843:25:1848 | this access |
+| UseUseExplosion.cs:25:1544:25:1547 | access to property Prop | UseUseExplosion.cs:25:1544:25:1552 | ... > ... |
+| UseUseExplosion.cs:25:1544:25:1547 | access to property Prop | UseUseExplosion.cs:25:1561:25:1564 | access to property Prop |
+| UseUseExplosion.cs:25:1544:25:1547 | this access | UseUseExplosion.cs:25:1561:25:1564 | this access |
+| UseUseExplosion.cs:25:1544:25:1547 | this access | UseUseExplosion.cs:25:1843:25:1848 | this access |
+| UseUseExplosion.cs:25:1561:25:1564 | [post] this access | UseUseExplosion.cs:25:1577:25:1580 | this access |
+| UseUseExplosion.cs:25:1561:25:1564 | [post] this access | UseUseExplosion.cs:25:1828:25:1833 | this access |
+| UseUseExplosion.cs:25:1561:25:1564 | access to property Prop | UseUseExplosion.cs:25:1561:25:1568 | ... > ... |
+| UseUseExplosion.cs:25:1561:25:1564 | access to property Prop | UseUseExplosion.cs:25:1577:25:1580 | access to property Prop |
+| UseUseExplosion.cs:25:1561:25:1564 | this access | UseUseExplosion.cs:25:1577:25:1580 | this access |
+| UseUseExplosion.cs:25:1561:25:1564 | this access | UseUseExplosion.cs:25:1828:25:1833 | this access |
+| UseUseExplosion.cs:25:1577:25:1580 | [post] this access | UseUseExplosion.cs:25:1593:25:1596 | this access |
+| UseUseExplosion.cs:25:1577:25:1580 | [post] this access | UseUseExplosion.cs:25:1813:25:1818 | this access |
+| UseUseExplosion.cs:25:1577:25:1580 | access to property Prop | UseUseExplosion.cs:25:1577:25:1584 | ... > ... |
+| UseUseExplosion.cs:25:1577:25:1580 | access to property Prop | UseUseExplosion.cs:25:1593:25:1596 | access to property Prop |
+| UseUseExplosion.cs:25:1577:25:1580 | this access | UseUseExplosion.cs:25:1593:25:1596 | this access |
+| UseUseExplosion.cs:25:1577:25:1580 | this access | UseUseExplosion.cs:25:1813:25:1818 | this access |
+| UseUseExplosion.cs:25:1593:25:1596 | [post] this access | UseUseExplosion.cs:25:1609:25:1612 | this access |
+| UseUseExplosion.cs:25:1593:25:1596 | [post] this access | UseUseExplosion.cs:25:1798:25:1803 | this access |
+| UseUseExplosion.cs:25:1593:25:1596 | access to property Prop | UseUseExplosion.cs:25:1593:25:1600 | ... > ... |
+| UseUseExplosion.cs:25:1593:25:1596 | access to property Prop | UseUseExplosion.cs:25:1609:25:1612 | access to property Prop |
+| UseUseExplosion.cs:25:1593:25:1596 | this access | UseUseExplosion.cs:25:1609:25:1612 | this access |
+| UseUseExplosion.cs:25:1593:25:1596 | this access | UseUseExplosion.cs:25:1798:25:1803 | this access |
+| UseUseExplosion.cs:25:1609:25:1612 | [post] this access | UseUseExplosion.cs:25:1625:25:1628 | this access |
+| UseUseExplosion.cs:25:1609:25:1612 | [post] this access | UseUseExplosion.cs:25:1783:25:1788 | this access |
+| UseUseExplosion.cs:25:1609:25:1612 | access to property Prop | UseUseExplosion.cs:25:1609:25:1616 | ... > ... |
+| UseUseExplosion.cs:25:1609:25:1612 | access to property Prop | UseUseExplosion.cs:25:1625:25:1628 | access to property Prop |
+| UseUseExplosion.cs:25:1609:25:1612 | this access | UseUseExplosion.cs:25:1625:25:1628 | this access |
+| UseUseExplosion.cs:25:1609:25:1612 | this access | UseUseExplosion.cs:25:1783:25:1788 | this access |
+| UseUseExplosion.cs:25:1625:25:1628 | [post] this access | UseUseExplosion.cs:25:1641:25:1644 | this access |
+| UseUseExplosion.cs:25:1625:25:1628 | [post] this access | UseUseExplosion.cs:25:1768:25:1773 | this access |
+| UseUseExplosion.cs:25:1625:25:1628 | access to property Prop | UseUseExplosion.cs:25:1625:25:1632 | ... > ... |
+| UseUseExplosion.cs:25:1625:25:1628 | access to property Prop | UseUseExplosion.cs:25:1641:25:1644 | access to property Prop |
+| UseUseExplosion.cs:25:1625:25:1628 | this access | UseUseExplosion.cs:25:1641:25:1644 | this access |
+| UseUseExplosion.cs:25:1625:25:1628 | this access | UseUseExplosion.cs:25:1768:25:1773 | this access |
+| UseUseExplosion.cs:25:1641:25:1644 | [post] this access | UseUseExplosion.cs:25:1657:25:1660 | this access |
+| UseUseExplosion.cs:25:1641:25:1644 | [post] this access | UseUseExplosion.cs:25:1753:25:1758 | this access |
+| UseUseExplosion.cs:25:1641:25:1644 | access to property Prop | UseUseExplosion.cs:25:1641:25:1648 | ... > ... |
+| UseUseExplosion.cs:25:1641:25:1644 | access to property Prop | UseUseExplosion.cs:25:1657:25:1660 | access to property Prop |
+| UseUseExplosion.cs:25:1641:25:1644 | this access | UseUseExplosion.cs:25:1657:25:1660 | this access |
+| UseUseExplosion.cs:25:1641:25:1644 | this access | UseUseExplosion.cs:25:1753:25:1758 | this access |
+| UseUseExplosion.cs:25:1657:25:1660 | [post] this access | UseUseExplosion.cs:25:1673:25:1676 | this access |
+| UseUseExplosion.cs:25:1657:25:1660 | [post] this access | UseUseExplosion.cs:25:1738:25:1743 | this access |
+| UseUseExplosion.cs:25:1657:25:1660 | access to property Prop | UseUseExplosion.cs:25:1657:25:1664 | ... > ... |
+| UseUseExplosion.cs:25:1657:25:1660 | access to property Prop | UseUseExplosion.cs:25:1673:25:1676 | access to property Prop |
+| UseUseExplosion.cs:25:1657:25:1660 | this access | UseUseExplosion.cs:25:1673:25:1676 | this access |
+| UseUseExplosion.cs:25:1657:25:1660 | this access | UseUseExplosion.cs:25:1738:25:1743 | this access |
+| UseUseExplosion.cs:25:1673:25:1676 | [post] this access | UseUseExplosion.cs:25:1689:25:1692 | this access |
+| UseUseExplosion.cs:25:1673:25:1676 | [post] this access | UseUseExplosion.cs:25:1723:25:1728 | this access |
+| UseUseExplosion.cs:25:1673:25:1676 | access to property Prop | UseUseExplosion.cs:25:1673:25:1680 | ... > ... |
+| UseUseExplosion.cs:25:1673:25:1676 | access to property Prop | UseUseExplosion.cs:25:1689:25:1692 | access to property Prop |
+| UseUseExplosion.cs:25:1673:25:1676 | this access | UseUseExplosion.cs:25:1689:25:1692 | this access |
+| UseUseExplosion.cs:25:1673:25:1676 | this access | UseUseExplosion.cs:25:1723:25:1728 | this access |
+| UseUseExplosion.cs:25:1689:25:1692 | [post] this access | UseUseExplosion.cs:25:1708:25:1713 | this access |
+| UseUseExplosion.cs:25:1689:25:1692 | access to property Prop | UseUseExplosion.cs:25:1689:25:1696 | ... > ... |
+| UseUseExplosion.cs:25:1689:25:1692 | this access | UseUseExplosion.cs:25:1708:25:1713 | this access |
diff --git a/csharp/ql/test/library-tests/dataflow/local/UseUseExplosion.cs b/csharp/ql/test/library-tests/dataflow/local/UseUseExplosion.cs
new file mode 100644
index 00000000000..b062aeba8f5
--- /dev/null
+++ b/csharp/ql/test/library-tests/dataflow/local/UseUseExplosion.cs
@@ -0,0 +1,29 @@
+class C
+{
+    int Prop { get; set; }
+
+    // Should generate 100 + 100 local use-use flow steps for `x`, and not 100 * 100
+    //
+    // Generated by quick-evaling `gen/0` below:
+    //
+    // ```ql
+    // string gen(int depth) {
+    //   depth in [0 .. 100] and
+    //   (
+    //     if depth = 0
+    //     then result = ""
+    //     else result = "if (Prop > " + depth + ") { " + gen(depth - 1) + " } else Use(x);"
+    //   )
+    // }
+    //
+    // string gen() { result = "var x = 0;\n" + gen(100) + "\n" + gen(100) }
+    // ```
+    void M()
+    {
+        var x = 0;
+        if (Prop > 100) { if (Prop > 99) { if (Prop > 98) { if (Prop > 97) { if (Prop > 96) { if (Prop > 95) { if (Prop > 94) { if (Prop > 93) { if (Prop > 92) { if (Prop > 91) { if (Prop > 90) { if (Prop > 89) { if (Prop > 88) { if (Prop > 87) { if (Prop > 86) { if (Prop > 85) { if (Prop > 84) { if (Prop > 83) { if (Prop > 82) { if (Prop > 81) { if (Prop > 80) { if (Prop > 79) { if (Prop > 78) { if (Prop > 77) { if (Prop > 76) { if (Prop > 75) { if (Prop > 74) { if (Prop > 73) { if (Prop > 72) { if (Prop > 71) { if (Prop > 70) { if (Prop > 69) { if (Prop > 68) { if (Prop > 67) { if (Prop > 66) { if (Prop > 65) { if (Prop > 64) { if (Prop > 63) { if (Prop > 62) { if (Prop > 61) { if (Prop > 60) { if (Prop > 59) { if (Prop > 58) { if (Prop > 57) { if (Prop > 56) { if (Prop > 55) { if (Prop > 54) { if (Prop > 53) { if (Prop > 52) { if (Prop > 51) { if (Prop > 50) { if (Prop > 49) { if (Prop > 48) { if (Prop > 47) { if (Prop > 46) { if (Prop > 45) { if (Prop > 44) { if (Prop > 43) { if (Prop > 42) { if (Prop > 41) { if (Prop > 40) { if (Prop > 39) { if (Prop > 38) { if (Prop > 37) { if (Prop > 36) { if (Prop > 35) { if (Prop > 34) { if (Prop > 33) { if (Prop > 32) { if (Prop > 31) { if (Prop > 30) { if (Prop > 29) { if (Prop > 28) { if (Prop > 27) { if (Prop > 26) { if (Prop > 25) { if (Prop > 24) { if (Prop > 23) { if (Prop > 22) { if (Prop > 21) { if (Prop > 20) { if (Prop > 19) { if (Prop > 18) { if (Prop > 17) { if (Prop > 16) { if (Prop > 15) { if (Prop > 14) { if (Prop > 13) { if (Prop > 12) { if (Prop > 11) { if (Prop > 10) { if (Prop > 9) { if (Prop > 8) { if (Prop > 7) { if (Prop > 6) { if (Prop > 5) { if (Prop > 4) { if (Prop > 3) { if (Prop > 2) { if (Prop > 1) { } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x);
+        if (Prop > 100) { if (Prop > 99) { if (Prop > 98) { if (Prop > 97) { if (Prop > 96) { if (Prop > 95) { if (Prop > 94) { if (Prop > 93) { if (Prop > 92) { if (Prop > 91) { if (Prop > 90) { if (Prop > 89) { if (Prop > 88) { if (Prop > 87) { if (Prop > 86) { if (Prop > 85) { if (Prop > 84) { if (Prop > 83) { if (Prop > 82) { if (Prop > 81) { if (Prop > 80) { if (Prop > 79) { if (Prop > 78) { if (Prop > 77) { if (Prop > 76) { if (Prop > 75) { if (Prop > 74) { if (Prop > 73) { if (Prop > 72) { if (Prop > 71) { if (Prop > 70) { if (Prop > 69) { if (Prop > 68) { if (Prop > 67) { if (Prop > 66) { if (Prop > 65) { if (Prop > 64) { if (Prop > 63) { if (Prop > 62) { if (Prop > 61) { if (Prop > 60) { if (Prop > 59) { if (Prop > 58) { if (Prop > 57) { if (Prop > 56) { if (Prop > 55) { if (Prop > 54) { if (Prop > 53) { if (Prop > 52) { if (Prop > 51) { if (Prop > 50) { if (Prop > 49) { if (Prop > 48) { if (Prop > 47) { if (Prop > 46) { if (Prop > 45) { if (Prop > 44) { if (Prop > 43) { if (Prop > 42) { if (Prop > 41) { if (Prop > 40) { if (Prop > 39) { if (Prop > 38) { if (Prop > 37) { if (Prop > 36) { if (Prop > 35) { if (Prop > 34) { if (Prop > 33) { if (Prop > 32) { if (Prop > 31) { if (Prop > 30) { if (Prop > 29) { if (Prop > 28) { if (Prop > 27) { if (Prop > 26) { if (Prop > 25) { if (Prop > 24) { if (Prop > 23) { if (Prop > 22) { if (Prop > 21) { if (Prop > 20) { if (Prop > 19) { if (Prop > 18) { if (Prop > 17) { if (Prop > 16) { if (Prop > 15) { if (Prop > 14) { if (Prop > 13) { if (Prop > 12) { if (Prop > 11) { if (Prop > 10) { if (Prop > 9) { if (Prop > 8) { if (Prop > 7) { if (Prop > 6) { if (Prop > 5) { if (Prop > 4) { if (Prop > 3) { if (Prop > 2) { if (Prop > 1) { } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x); } else Use(x);
+    }
+
+    void Use(int i) { }
+}
diff --git a/csharp/ql/test/library-tests/dataflow/ssa-large/Large.cs b/csharp/ql/test/library-tests/dataflow/ssa-large/Large.cs
index f6cce7f149a..798f106e9f6 100644
--- a/csharp/ql/test/library-tests/dataflow/ssa-large/Large.cs
+++ b/csharp/ql/test/library-tests/dataflow/ssa-large/Large.cs
@@ -2886,7 +2886,7 @@ public class Large
     //   (
     //     if depth = 0
     //     then result = ""
-    //     else else result = "if (Prop > " + depth + ") { " + gen(depth - 1, var) + " } else Use(" + var + ");"
+    //     else result = "if (Prop > " + depth + ") { " + gen(depth - 1, var) + " } else Use(" + var + ");"
     //   )
     // }
     // 

From 8b332778e3e75ac182dfe99adb1734b771a1cacf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= <d10c@users.noreply.github.com>
Date: Thu, 17 Nov 2022 18:08:06 +0100
Subject: [PATCH 065/144] Swift: update `@security-severity`

---
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
index 41065a9d47d..cd96709b6f6 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
@@ -3,7 +3,7 @@
  * @description Evaluating JavaScript code containing a substring from a remote source may lead to remote code execution.
  * @kind path-problem
  * @problem.severity warning
- * @security-severity 6.1
+ * @security-severity 9.3
  * @precision high
  * @id swift/unsafe-js-eval
  * @tags security

From 26866a733785cf9f8a10adcb0cb7e3bbdbba420e Mon Sep 17 00:00:00 2001
From: Anders Fugmann <anders@fugmann.net>
Date: Mon, 21 Nov 2022 09:58:12 +0100
Subject: [PATCH 066/144] Swift: set @github/codeql-swift as owner

---
 CODEOWNERS | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CODEOWNERS b/CODEOWNERS
index 86f38eeee22..55ee2f974f7 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -5,7 +5,7 @@
 /javascript/ @github/codeql-javascript
 /python/ @github/codeql-python
 /ruby/ @github/codeql-ruby
-/swift/ @github/codeql-c
+/swift/ @github/codeql-swift
 /java/kotlin-extractor/ @github/codeql-kotlin
 /java/kotlin-explorer/ @github/codeql-kotlin
 
@@ -45,4 +45,4 @@ WORKSPACE.bazel @github/codeql-ci-reviewers
 /.github/workflows/js-ml-tests.yml @github/codeql-ml-powered-queries-reviewers
 /.github/workflows/ql-for-ql-* @github/codeql-ql-for-ql-reviewers
 /.github/workflows/ruby-* @github/codeql-ruby
-/.github/workflows/swift.yml @github/codeql-c
+/.github/workflows/swift.yml @github/codeql-swift

From a385e872733be4a0a6969abede237cca7b349e3e Mon Sep 17 00:00:00 2001
From: Taus <tausbn@github.com>
Date: Mon, 21 Nov 2022 14:29:39 +0000
Subject: [PATCH 067/144] Python: Add change note for module resolution

Also adapts the version-specific tests to support results specific to
Python 2 (though at the moment there are no such tests).
---
 .../2022-11-21-module-resolution-rewrite.md     |  5 +++++
 .../import-resolution/importflow.ql             | 17 ++++++++++-------
 2 files changed, 15 insertions(+), 7 deletions(-)
 create mode 100644 python/ql/lib/change-notes/2022-11-21-module-resolution-rewrite.md

diff --git a/python/ql/lib/change-notes/2022-11-21-module-resolution-rewrite.md b/python/ql/lib/change-notes/2022-11-21-module-resolution-rewrite.md
new file mode 100644
index 00000000000..32484ffed56
--- /dev/null
+++ b/python/ql/lib/change-notes/2022-11-21-module-resolution-rewrite.md
@@ -0,0 +1,5 @@
+---
+ category: minorAnalysis
+---
+ * The data-flow library has been rewritten to no longer rely on the points-to analysis in order to
+   resolve references to modules. This should result in more results for data-flow queries.
diff --git a/python/ql/test/experimental/import-resolution/importflow.ql b/python/ql/test/experimental/import-resolution/importflow.ql
index 6160560a3ee..875fb947901 100644
--- a/python/ql/test/experimental/import-resolution/importflow.ql
+++ b/python/ql/test/experimental/import-resolution/importflow.ql
@@ -93,26 +93,29 @@ class ResolutionTest extends InlineExpectationsTest {
   }
 }
 
-class ResolutionTest3 extends InlineExpectationsTest {
-  ResolutionTest3() { this = "ResolutionTest3" }
+class VersionSpecificResolutionTest extends InlineExpectationsTest {
+  VersionSpecificResolutionTest() { this = "VersionSpecificResolutionTest" }
 
-  override string getARelevantTag() { result = "prints3" and major_version() = 3 }
+  override string getARelevantTag() { result = getTagForVersion(_) }
+
+  private string getTagForVersion(int version) {
+    result = "prints" + version and
+    version = major_version()
+  }
 
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     (
       exists(DataFlow::PathNode source, DataFlow::PathNode sink, ImportConfiguration config |
         config.hasFlowPath(source, sink) and
-        sink.getNode().(VersionGuardedNode).getVersion() = 3 and
-        tag = "prints3" and
+        tag = getTagForVersion(sink.getNode().(VersionGuardedNode).getVersion()) and
         location = sink.getNode().getLocation() and
         value = source.getNode().(SourceString).getContents() and
         element = sink.getNode().toString()
       )
       or
       exists(ModuleRef ref |
-        ref.(VersionGuardedNode).getVersion() = 3 and
         ref instanceof CheckArgument and
-        tag = "prints3" and
+        tag = getTagForVersion(ref.(VersionGuardedNode).getVersion()) and
         location = ref.getLocation() and
         value = "\"<module " + ref.getName() + ">\"" and
         element = ref.toString()

From f12e15b46b0679fae1465620788d5fa3797933f2 Mon Sep 17 00:00:00 2001
From: Taus <tausbn@github.com>
Date: Mon, 21 Nov 2022 15:23:13 +0000
Subject: [PATCH 068/144] Python: Fix implicit `this` warnings

---
 .../test/experimental/import-resolution/importflow.ql  | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/python/ql/test/experimental/import-resolution/importflow.ql b/python/ql/test/experimental/import-resolution/importflow.ql
index 875fb947901..e6e51afa963 100644
--- a/python/ql/test/experimental/import-resolution/importflow.ql
+++ b/python/ql/test/experimental/import-resolution/importflow.ql
@@ -93,16 +93,16 @@ class ResolutionTest extends InlineExpectationsTest {
   }
 }
 
+private string getTagForVersion(int version) {
+  result = "prints" + version and
+  version = major_version()
+}
+
 class VersionSpecificResolutionTest extends InlineExpectationsTest {
   VersionSpecificResolutionTest() { this = "VersionSpecificResolutionTest" }
 
   override string getARelevantTag() { result = getTagForVersion(_) }
 
-  private string getTagForVersion(int version) {
-    result = "prints" + version and
-    version = major_version()
-  }
-
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     (
       exists(DataFlow::PathNode source, DataFlow::PathNode sink, ImportConfiguration config |

From 16a76853f4106867bbe4b0697eb0c7075757c1ff Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Tue, 8 Nov 2022 15:23:43 +0100
Subject: [PATCH 069/144] Add libxml2 sinks

---
 .../lib/codeql/swift/frameworks/Libxml2.qll   | 54 +++++++++++
 swift/ql/lib/codeql/swift/security/XXE.qll    | 38 ++++++++
 .../query-tests/Security/CWE-611/XXETest.ql   |  7 ++
 .../Security/CWE-611/testLibxmlXXE.swift      | 96 +++++++++++++++++++
 4 files changed, 195 insertions(+)
 create mode 100644 swift/ql/lib/codeql/swift/frameworks/Libxml2.qll
 create mode 100644 swift/ql/test/query-tests/Security/CWE-611/testLibxmlXXE.swift

diff --git a/swift/ql/lib/codeql/swift/frameworks/Libxml2.qll b/swift/ql/lib/codeql/swift/frameworks/Libxml2.qll
new file mode 100644
index 00000000000..12f8603c69b
--- /dev/null
+++ b/swift/ql/lib/codeql/swift/frameworks/Libxml2.qll
@@ -0,0 +1,54 @@
+import swift
+
+/**
+ * A call to a `libxml2` function that parses XML.
+ */
+class Libxml2ParseCall extends ApplyExpr {
+  int xmlArg;
+  int optionsArg;
+
+  Libxml2ParseCall() {
+    exists(string fname | this.getStaticTarget().getName() = fname |
+      fname = "xmlCtxtUseOptions(_:_:)" and xmlArg = 0 and optionsArg = 1
+      or
+      fname = "xmlReadFile(_:_:_:)" and xmlArg = 0 and optionsArg = 2
+      or
+      fname = ["xmlReadDoc(_:_:_:_:)", "xmlReadFd(_:_:_:_:)"] and
+      xmlArg = 0 and
+      optionsArg = 3
+      or
+      fname = ["xmlCtxtReadFile(_:_:_:_:)", "xmlParseInNodeContext(_:_:_:_:_:)"] and
+      xmlArg = 1 and
+      optionsArg = 3
+      or
+      fname = ["xmlCtxtReadDoc(_:_:_:_:_:)", "xmlCtxtReadFd(_:_:_:_:_:)"] and
+      xmlArg = 1 and
+      optionsArg = 4
+      or
+      fname = "xmlReadMemory(_:_:_:_:_:)" and xmlArg = 0 and optionsArg = 4
+      or
+      fname = "xmlCtxtReadMemory(_:_:_:_:_:_:)" and xmlArg = 1 and optionsArg = 5
+      or
+      fname = "xmlReadIO(_:_:_:_:_:_:)" and xmlArg = 0 and optionsArg = 5
+      or
+      fname = "xmlCtxtReadIO(_:_:_:_:_:_:_:)" and xmlArg = 1 and optionsArg = 6
+    )
+  }
+
+  /**
+   * Gets the argument that receives the XML raw data.
+   */
+  Expr getXml() { result = this.getArgument(xmlArg).getExpr() }
+
+  /**
+   * Gets the argument that specifies `xmlParserOption`s.
+   */
+  Expr getOptions() { result = this.getArgument(optionsArg).getExpr() }
+}
+
+/**
+ * An `xmlParserOption` for `libxml2` that is considered unsafe.
+ */
+class Libxml2BadOption extends ConcreteVarDecl {
+  Libxml2BadOption() { this.getName() = ["XML_PARSE_NOENT", "XML_PARSE_DTDLOAD"] }
+}
diff --git a/swift/ql/lib/codeql/swift/security/XXE.qll b/swift/ql/lib/codeql/swift/security/XXE.qll
index 5f80426fa56..623be39060c 100644
--- a/swift/ql/lib/codeql/swift/security/XXE.qll
+++ b/swift/ql/lib/codeql/swift/security/XXE.qll
@@ -3,6 +3,7 @@
 import swift
 private import codeql.swift.dataflow.DataFlow
 private import codeql.swift.frameworks.AEXML
+private import codeql.swift.frameworks.Libxml2
 
 /** A data flow sink for XML external entities (XXE) vulnerabilities. */
 abstract class XxeSink extends DataFlow::Node { }
@@ -163,3 +164,40 @@ private class AexmlOptions extends Expr {
     this.getType() = any(LValueType t | t.getObjectType() instanceof AexmlOptionsType)
   }
 }
+
+/** The XML argument of a `libxml2` parsing call vulnerable to XXE. */
+private class Libxml2XxeSink extends XxeSink {
+  Libxml2XxeSink() {
+    exists(Libxml2ParseCall c, Libxml2BadOption opt |
+      this.asExpr() = c.getXml() and
+      lib2xmlOptionLocalTaintStep*(DataFlow::exprNode(opt.getAnAccess()),
+        DataFlow::exprNode(c.getOptions()))
+    )
+  }
+}
+
+/**
+ * Holds if taint can flow from `source` to `sink` in one local step,
+ * including bitwise operations, accesses to `.rawValue`, and casts to `Int32`.
+ */
+private predicate lib2xmlOptionLocalTaintStep(DataFlow::Node source, DataFlow::Node sink) {
+  DataFlow::localFlowStep(source, sink)
+  or
+  source.asExpr() = sink.asExpr().(BitwiseOperation).getAnOperand()
+  or
+  exists(MemberRefExpr rawValue | rawValue.getMember().(VarDecl).getName() = "rawValue" |
+    source.asExpr() = rawValue.getBase() and sink.asExpr() = rawValue
+  )
+  or
+  exists(ApplyExpr int32Init |
+    int32Init
+        .getStaticTarget()
+        .(ConstructorDecl)
+        .getEnclosingDecl()
+        .(ExtensionDecl)
+        .getExtendedTypeDecl()
+        .getName() = "SignedInteger"
+  |
+    source.asExpr() = int32Init.getAnArgument().getExpr() and sink.asExpr() = int32Init
+  )
+}
diff --git a/swift/ql/test/query-tests/Security/CWE-611/XXETest.ql b/swift/ql/test/query-tests/Security/CWE-611/XXETest.ql
index 817f55678ad..757e45a102b 100644
--- a/swift/ql/test/query-tests/Security/CWE-611/XXETest.ql
+++ b/swift/ql/test/query-tests/Security/CWE-611/XXETest.ql
@@ -1,7 +1,14 @@
 import swift
+import codeql.swift.dataflow.FlowSources
 import codeql.swift.security.XXEQuery
 import TestUtilities.InlineExpectationsTest
 
+class TestRemoteSource extends RemoteFlowSource {
+  TestRemoteSource() { this.asExpr().(ApplyExpr).getStaticTarget().getName().matches("source%") }
+
+  override string getSourceType() { result = "Test source" }
+}
+
 class XxeTest extends InlineExpectationsTest {
   XxeTest() { this = "XxeTest" }
 
diff --git a/swift/ql/test/query-tests/Security/CWE-611/testLibxmlXXE.swift b/swift/ql/test/query-tests/Security/CWE-611/testLibxmlXXE.swift
new file mode 100644
index 00000000000..b0e580c42a0
--- /dev/null
+++ b/swift/ql/test/query-tests/Security/CWE-611/testLibxmlXXE.swift
@@ -0,0 +1,96 @@
+// --- stubs ---
+
+class Data {
+    init<S>(_ elements: S) {}
+    func copyBytes(to: UnsafeMutablePointer<UInt8>, count: Int) {}
+}
+
+struct URL {
+	init?(string: String) {}
+}
+
+extension String {
+	init(contentsOf: URL) {
+        let data = ""
+        self.init(data)
+    }
+}
+
+struct xmlParserOption : Hashable {
+    let rawValue: UInt32 = 0
+}
+
+var XML_PARSE_NOENT: xmlParserOption { get { return xmlParserOption() } } 
+var XML_PARSE_DTDLOAD: xmlParserOption { get { return xmlParserOption() } } 
+
+typealias xmlChar = UInt8
+typealias xmlDocPtr = UnsafeMutablePointer<xmlDoc>
+typealias xmlNodePtr = UnsafeMutablePointer<xmlNode>
+typealias xmlParserCtxtPtr = UnsafeMutablePointer<xmlParserCtxt>
+struct xmlDoc {}
+struct xmlNode {}
+struct xmlParserCtxt {}
+struct xmlParserErrors {}
+struct xmlInputReadCallback {}
+struct xmlInputCloseCallback {}
+
+func xmlCtxtUseOptions(_ ctxt: xmlParserCtxtPtr!, _ options: Int32) -> Int32 { return 0 }
+func xmlReadDoc(_ cur: UnsafePointer<xmlChar>!, _ URL: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+func xmlReadFile(_ URL: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+func xmlReadMemory(_ buffer: UnsafePointer<CChar>!, _ size: Int32, _ URL: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+func xmlReadFd(_ fd: Int32, _ URL: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+func xmlReadIO(_ ioread: xmlInputReadCallback!, _ ioclose: xmlInputCloseCallback!, _ ioctx: UnsafeMutableRawPointer!, _ URL: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+func xmlCtxtReadDoc(_ ctxt: xmlParserCtxtPtr!, _ cur: UnsafePointer<xmlChar>!, _ URL: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+func xmlCtxtReadFile(_ ctxt: xmlParserCtxtPtr!, _ filename: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+func xmlParseInNodeContext(_ node: xmlNodePtr!, _ data: UnsafePointer<CChar>!, _ datalen: Int32, _ options: Int32, _ lst: UnsafeMutablePointer<xmlNodePtr?>!) -> xmlParserErrors { return xmlParserErrors() }
+func xmlCtxtReadMemory(_ ctxt: xmlParserCtxtPtr!, _ buffer: UnsafePointer<CChar>!, _ size: Int32, _ URL: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+func xmlCtxtReadFd(_ ctxt: xmlParserCtxtPtr!, _ fd: Int32, _ URL: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+func xmlCtxtReadIO(_ ctxt: xmlParserCtxtPtr!, _ ioread: xmlInputReadCallback!, _ ioclose: xmlInputCloseCallback!, _ ioctx: UnsafeMutableRawPointer!, _ URL: UnsafePointer<CChar>!, _ encoding: UnsafePointer<CChar>!, _ options: Int32) -> xmlDocPtr! { return xmlDocPtr.allocate(capacity: 0) }
+
+// --- tests ---
+
+func sourcePtr() -> UnsafeMutablePointer<UInt8> { return UnsafeMutablePointer<UInt8>.allocate(capacity: 0) }
+func sourceCharPtr() -> UnsafeMutablePointer<CChar> { return UnsafeMutablePointer<CChar>.allocate(capacity: 0) }
+
+func test() {
+    let remotePtr = sourcePtr()
+    let remoteCharPtr = sourceCharPtr()
+    let _ = xmlReadFile(remoteCharPtr, nil, 0) // NO XXE: external entities not enabled
+    let _ = xmlReadFile(remoteCharPtr, nil, Int32(XML_PARSE_NOENT.rawValue)) // $ hasXXE=57
+    let _ = xmlReadFile(remoteCharPtr, nil, Int32(XML_PARSE_DTDLOAD.rawValue)) // $ hasXXE=57
+    let _ = xmlReadDoc(remotePtr, nil, nil, 0) // NO XXE: external entities not enabled
+    let _ = xmlReadDoc(remotePtr, nil, nil, Int32(XML_PARSE_NOENT.rawValue)) // $ hasXXE=56
+    let _ = xmlReadDoc(remotePtr, nil, nil, Int32(XML_PARSE_DTDLOAD.rawValue)) // $ hasXXE=56
+    let _ = xmlCtxtReadFile(nil, remoteCharPtr, nil, 0) // NO XXE: external entities not enabled
+    let _ = xmlCtxtReadFile(nil, remoteCharPtr, nil, Int32(XML_PARSE_NOENT.rawValue)) // $ hasXXE=57
+    let _ = xmlCtxtReadFile(nil, remoteCharPtr, nil, Int32(XML_PARSE_DTDLOAD.rawValue)) // $ hasXXE=57
+    let _ = xmlParseInNodeContext(nil, remoteCharPtr, -1, 0, nil) // NO XXE: external entities not enabled
+    let _ = xmlParseInNodeContext(nil, remoteCharPtr, -1, Int32(XML_PARSE_DTDLOAD.rawValue), nil) // $ hasXXE=57
+    let _ = xmlParseInNodeContext(nil, remoteCharPtr, -1, Int32(XML_PARSE_NOENT.rawValue), nil) // $ hasXXE=57
+    let _ = xmlCtxtReadDoc(nil, remotePtr, nil, nil, 0) // NO XXE: external entities not enabled
+    let _ = xmlCtxtReadDoc(nil, remotePtr, nil, nil, Int32(XML_PARSE_NOENT.rawValue)) // $ hasXXE=56
+    let _ = xmlCtxtReadDoc(nil, remotePtr, nil, nil, Int32(XML_PARSE_DTDLOAD.rawValue)) // $ hasXXE=56
+    let _ = xmlReadMemory(remoteCharPtr, -1, nil, nil, 0) // NO XXE: external entities not enabled
+    let _ = xmlReadMemory(remoteCharPtr, -1, nil, nil, Int32(XML_PARSE_NOENT.rawValue)) // $ hasXXE=57
+    let _ = xmlReadMemory(remoteCharPtr, -1, nil, nil, Int32(XML_PARSE_DTDLOAD.rawValue)) // $ hasXXE=57
+    let _ = xmlCtxtReadMemory(nil, remoteCharPtr, -1, nil, nil, 0) // NO XXE: external entities not enabled
+    let _ = xmlCtxtReadMemory(nil, remoteCharPtr, -1, nil, nil, Int32(XML_PARSE_NOENT.rawValue)) // $ hasXXE=57
+    let _ = xmlCtxtReadMemory(nil, remoteCharPtr, -1, nil, nil, Int32(XML_PARSE_DTDLOAD.rawValue)) // $ hasXXE=57
+    // TODO: We would need to model taint around `xmlParserCtxtPtr`, file descriptors, and `xmlInputReadCallback`
+    // to be able to alert on these methods. Not doing it for now because of the effort required vs the expected gain.
+    let _ = xmlCtxtUseOptions(nil, 0)
+    let _ = xmlCtxtUseOptions(nil, Int32(XML_PARSE_NOENT.rawValue))
+    let _ = xmlCtxtUseOptions(nil, Int32(XML_PARSE_DTDLOAD.rawValue))
+    let _ = xmlReadFd(0, nil, nil, 0)
+    let _ = xmlReadFd(0, nil, nil, Int32(XML_PARSE_NOENT.rawValue))
+    let _ = xmlReadFd(0, nil, nil, Int32(XML_PARSE_DTDLOAD.rawValue))
+    let _ = xmlCtxtReadFd(nil, 0, nil, nil, 0)
+    let _ = xmlCtxtReadFd(nil, 0, nil, nil, Int32(XML_PARSE_NOENT.rawValue))
+    let _ = xmlCtxtReadFd(nil, 0, nil, nil, Int32(XML_PARSE_DTDLOAD.rawValue))
+    let _ = xmlReadIO(nil, nil, nil, nil, nil, 0)
+    let _ = xmlReadIO(nil, nil, nil, nil, nil, Int32(XML_PARSE_NOENT.rawValue))
+    let _ = xmlReadIO(nil, nil, nil, nil, nil, Int32(XML_PARSE_DTDLOAD.rawValue))
+    let _ = xmlCtxtReadIO(nil, nil, nil, nil, nil, nil, 0)
+    let _ = xmlCtxtReadIO(nil, nil, nil, nil, nil, nil, Int32(XML_PARSE_NOENT.rawValue))
+    let _ = xmlCtxtReadIO(nil, nil, nil, nil, nil, nil, Int32(XML_PARSE_DTDLOAD.rawValue))
+}

From 937365141fe40761186189b6ab7cb788fb15b3e7 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Mon, 21 Nov 2022 13:04:22 +0100
Subject: [PATCH 070/144] QL: add redundant-assignment query

---
 ql/ql/src/codeql/GlobalValueNumbering.qll     |   2 +-
 .../src/queries/style/RedundantAssignment.ql  | 110 ++++++++++++++++++
 2 files changed, 111 insertions(+), 1 deletion(-)
 create mode 100644 ql/ql/src/queries/style/RedundantAssignment.ql

diff --git a/ql/ql/src/codeql/GlobalValueNumbering.qll b/ql/ql/src/codeql/GlobalValueNumbering.qll
index cb9483200d0..21fe729fedc 100644
--- a/ql/ql/src/codeql/GlobalValueNumbering.qll
+++ b/ql/ql/src/codeql/GlobalValueNumbering.qll
@@ -237,7 +237,7 @@ private TValueNumber nonUniqueValueNumber(Expr e) {
 
 /** Gets the value number of an expression `e`. */
 cached
-TValueNumber valueNumber(Expr e) {
+ValueNumber valueNumber(Expr e) {
   result = nonUniqueValueNumber(e)
   or
   uniqueValueNumber(e) and
diff --git a/ql/ql/src/queries/style/RedundantAssignment.ql b/ql/ql/src/queries/style/RedundantAssignment.ql
new file mode 100644
index 00000000000..7baf046b97a
--- /dev/null
+++ b/ql/ql/src/queries/style/RedundantAssignment.ql
@@ -0,0 +1,110 @@
+/**
+ * @name Redundant assignment.
+ * @description Assigning the same value twice is redundant.
+ * @kind problem
+ * @problem.severity warning
+ * @precision high
+ * @id ql/redunant-assignment
+ * @tags maintainability
+ */
+
+import ql
+
+/**
+ * A variable that is set equal to (assigned) a value one or more times.
+ */
+class AssignedVariable extends VarDecl {
+  AssignedVariable() {
+    exists(VarAccess access, ComparisonFormula comp | comp.getOperator() = "=" |
+      access.getDeclaration() = this and
+      comp.getAnOperand() = access
+    )
+  }
+
+  /**
+   * Gets an expression that is assigned to this variable.
+   */
+  Expr getAnAssignedExpr() {
+    exists(VarAccess access, ComparisonFormula comp, Expr operand |
+      comp.getOperator() = "=" and
+      access.getDeclaration() = this and
+      comp.getAnOperand() = access and
+      operand = comp.getAnOperand() and
+      not operand.(VarAccess).getDeclaration() = this
+    |
+      result = operand and
+      not result instanceof Set
+      or
+      result = operand.(Set).getAnElement()
+    )
+  }
+}
+
+import codeql.GlobalValueNumbering as GVN
+
+/**
+ * Holds if `assigned1` and `assigned2` assigns the same value to `var`.
+ * The assignments may be on different branches of a disjunction.
+ */
+predicate candidateRedundantAssignment(AssignedVariable var, Expr assigned1, Expr assigned2) {
+  assigned1 = var.getAnAssignedExpr() and
+  assigned2 = var.getAnAssignedExpr() and
+  (
+    GVN::valueNumber(assigned1) = GVN::valueNumber(assigned2)
+    or
+    // because GVN skips large strings, we need to check for equality manually
+    assigned1.(String).getValue() = assigned2.(String).getValue()
+  ) and
+  assigned1 != assigned2
+}
+
+/**
+ * Gets a (transitive) parent of `p`, where the parent is not a disjunction, and `p` is a candidate assignment from `candidateRedundantAssignment`.
+ */
+AstNode getConjunctionParentRec(AstNode p) {
+  candidateRedundantAssignment(_, p, _) and
+  result = p
+  or
+  result = getConjunctionParentRec(p).getParent() and
+  not result instanceof Disjunction and
+  not result instanceof IfFormula and
+  not result instanceof Implication and
+  not result instanceof Negation and
+  not result instanceof Predicate
+}
+
+/**
+ * Gets which level in the AST `p` is at.
+ * E.g. the top-level is 0, the next level is 1, etc.
+ */
+int level(AstNode p) {
+  p instanceof TopLevel and result = 0
+  or
+  result = level(p.getParent()) + 1
+}
+
+/**
+ * Gets the top-most parent of `p` that is not a disjunction.
+ */
+AstNode getConjunctionParent(AstNode p) {
+  result =
+    min(int level, AstNode parent |
+      parent = getConjunctionParentRec(p) and level = level(parent)
+    |
+      parent order by level
+    )
+}
+
+from AssignedVariable var, Expr assigned1, Expr assigned2
+where
+  candidateRedundantAssignment(var, assigned1, assigned2) and
+  getConjunctionParent(assigned1) = getConjunctionParent(assigned2) and
+  // de-duplcation:
+  (
+    assigned1.getLocation().getStartLine() < assigned2.getLocation().getStartLine()
+    or
+    assigned1.getLocation().getStartLine() = assigned2.getLocation().getStartLine() and
+    assigned1.getLocation().getStartColumn() < assigned2.getLocation().getStartColumn()
+  )
+select assigned2, "$@ has previously been assigned $@.", var, "The variable " + var.getName(),
+  assigned1, "the same value"

From 64707f4f7b47e1b64d313f3ef653b05998d54460 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Mon, 21 Nov 2022 17:40:57 +0100
Subject: [PATCH 071/144] remove redundant assignments

---
 .../Magic Constants/MagicConstants.qll        | 40 +++++++++----------
 .../library-tests/assemblies/assemblies.ql    |  1 -
 .../OpenUrlRedirectCustomizations.qll         |  2 +-
 .../java/dataflow/internal/ContainerFlow.qll  |  1 -
 .../frameworks/android/ContentProviders.qll   |  1 -
 .../java/frameworks/guava/Collections.qll     |  1 -
 .../semmle/code/java/frameworks/guava/IO.qll  |  1 -
 .../Magic Constants/MagicConstants.qll        | 40 +++++++++----------
 .../semmle/javascript/frameworks/NoSQL.qll    |  2 +-
 .../LoopBoundInjectionCustomizations.qll      |  8 ++--
 10 files changed, 46 insertions(+), 51 deletions(-)

diff --git a/csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll b/csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll
index b65cdcd1961..73b82c14700 100644
--- a/csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll	
+++ b/csharp/ql/src/Bad Practices/Magic Constants/MagicConstants.qll	
@@ -10,26 +10,26 @@ private predicate trivialPositiveIntValue(string s) {
   s =
     [
       "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16",
-      "17", "18", "19", "20", "16", "32", "64", "128", "256", "512", "1024", "2048", "4096",
-      "16384", "32768", "65536", "1048576", "2147483648", "4294967296", "15", "31", "63", "127",
-      "255", "511", "1023", "2047", "4095", "16383", "32767", "65535", "1048577", "2147483647",
-      "4294967295", "0x00000001", "0x00000002", "0x00000004", "0x00000008", "0x00000010",
-      "0x00000020", "0x00000040", "0x00000080", "0x00000100", "0x00000200", "0x00000400",
-      "0x00000800", "0x00001000", "0x00002000", "0x00004000", "0x00008000", "0x00010000",
-      "0x00020000", "0x00040000", "0x00080000", "0x00100000", "0x00200000", "0x00400000",
-      "0x00800000", "0x01000000", "0x02000000", "0x04000000", "0x08000000", "0x10000000",
-      "0x20000000", "0x40000000", "0x80000000", "0x00000001", "0x00000003", "0x00000007",
-      "0x0000000f", "0x0000001f", "0x0000003f", "0x0000007f", "0x000000ff", "0x000001ff",
-      "0x000003ff", "0x000007ff", "0x00000fff", "0x00001fff", "0x00003fff", "0x00007fff",
-      "0x0000ffff", "0x0001ffff", "0x0003ffff", "0x0007ffff", "0x000fffff", "0x001fffff",
-      "0x003fffff", "0x007fffff", "0x00ffffff", "0x01ffffff", "0x03ffffff", "0x07ffffff",
-      "0x0fffffff", "0x1fffffff", "0x3fffffff", "0x7fffffff", "0xffffffff", "0x0001", "0x0002",
-      "0x0004", "0x0008", "0x0010", "0x0020", "0x0040", "0x0080", "0x0100", "0x0200", "0x0400",
-      "0x0800", "0x1000", "0x2000", "0x4000", "0x8000", "0x0001", "0x0003", "0x0007", "0x000f",
-      "0x001f", "0x003f", "0x007f", "0x00ff", "0x01ff", "0x03ff", "0x07ff", "0x0fff", "0x1fff",
-      "0x3fff", "0x7fff", "0xffff", "0x01", "0x02", "0x04", "0x08", "0x10", "0x20", "0x40", "0x80",
-      "0x01", "0x03", "0x07", "0x0f", "0x1f", "0x3f", "0x7f", "0xff", "0x00", "10", "100", "1000",
-      "10000", "100000", "1000000", "10000000", "100000000", "1000000000"
+      "17", "18", "19", "20", "32", "64", "128", "256", "512", "1024", "2048", "4096", "16384",
+      "32768", "65536", "1048576", "2147483648", "4294967296", "31", "63", "127", "255", "511",
+      "1023", "2047", "4095", "16383", "32767", "65535", "1048577", "2147483647", "4294967295",
+      "0x00000001", "0x00000002", "0x00000004", "0x00000008", "0x00000010", "0x00000020",
+      "0x00000040", "0x00000080", "0x00000100", "0x00000200", "0x00000400", "0x00000800",
+      "0x00001000", "0x00002000", "0x00004000", "0x00008000", "0x00010000", "0x00020000",
+      "0x00040000", "0x00080000", "0x00100000", "0x00200000", "0x00400000", "0x00800000",
+      "0x01000000", "0x02000000", "0x04000000", "0x08000000", "0x10000000", "0x20000000",
+      "0x40000000", "0x80000000", "0x00000003", "0x00000007", "0x0000000f", "0x0000001f",
+      "0x0000003f", "0x0000007f", "0x000000ff", "0x000001ff", "0x000003ff", "0x000007ff",
+      "0x00000fff", "0x00001fff", "0x00003fff", "0x00007fff", "0x0000ffff", "0x0001ffff",
+      "0x0003ffff", "0x0007ffff", "0x000fffff", "0x001fffff", "0x003fffff", "0x007fffff",
+      "0x00ffffff", "0x01ffffff", "0x03ffffff", "0x07ffffff", "0x0fffffff", "0x1fffffff",
+      "0x3fffffff", "0x7fffffff", "0xffffffff", "0x0001", "0x0002", "0x0004", "0x0008", "0x0010",
+      "0x0020", "0x0040", "0x0080", "0x0100", "0x0200", "0x0400", "0x0800", "0x1000", "0x2000",
+      "0x4000", "0x8000", "0x0003", "0x0007", "0x000f", "0x001f", "0x003f", "0x007f", "0x00ff",
+      "0x01ff", "0x03ff", "0x07ff", "0x0fff", "0x1fff", "0x3fff", "0x7fff", "0xffff", "0x02",
+      "0x04", "0x08", "0x10", "0x20", "0x40", "0x80", "0x01", "0x03", "0x07", "0x0f", "0x1f",
+      "0x3f", "0x7f", "0xff", "0x00", "100", "1000", "10000", "100000", "1000000", "10000000",
+      "100000000", "1000000000"
     ]
 }
 
diff --git a/csharp/ql/test/library-tests/assemblies/assemblies.ql b/csharp/ql/test/library-tests/assemblies/assemblies.ql
index 98db2a0f973..9c072f0d51e 100644
--- a/csharp/ql/test/library-tests/assemblies/assemblies.ql
+++ b/csharp/ql/test/library-tests/assemblies/assemblies.ql
@@ -34,7 +34,6 @@ where
   f.hasName("f") and
   g.hasName("g") and
   a.getDeclaringType() = class1 and
-  a.getDeclaringType() = class1 and
   b.getDeclaringType() = class1 and
   c.getDeclaringType() = class1 and
   not exists(c.getParameter(0).getType().(KnownType)) and
diff --git a/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll b/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll
index 80b9bb4a126..2d7f6948115 100644
--- a/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll
@@ -128,7 +128,7 @@ private class SafeUrlSink extends SafeUrlFlow::Sink {
 private class UnsafeFieldReadSanitizer extends SafeUrlFlow::SanitizerEdge {
   UnsafeFieldReadSanitizer() {
     exists(DataFlow::FieldReadNode frn, string name |
-      name = ["User", "RawQuery", "Fragment", "User"] and
+      name = ["User", "RawQuery", "Fragment"] and
       frn.getField().hasQualifiedName("net/url", "URL")
     |
       this = frn.getBase()
diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll b/java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
index 8f9a40ed8d0..aebe509816f 100644
--- a/java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
@@ -250,7 +250,6 @@ private class ContainerFlowSummaries extends SummaryModelCsv {
         "java.util;Scanner;true;Scanner;;;Argument[0];Argument[-1];taint;manual",
         "java.util;Scanner;true;findInLine;;;Argument[-1];ReturnValue;taint;manual",
         "java.util;Scanner;true;findWithinHorizon;;;Argument[-1];ReturnValue;taint;manual",
-        "java.util;Scanner;true;findWithinHorizon;;;Argument[-1];ReturnValue;taint;manual",
         "java.util;Scanner;true;next;;;Argument[-1];ReturnValue;taint;manual",
         "java.util;Scanner;true;nextBigDecimal;;;Argument[-1];ReturnValue;taint;manual",
         "java.util;Scanner;true;nextBigInteger;;;Argument[-1];ReturnValue;taint;manual",
diff --git a/java/ql/lib/semmle/code/java/frameworks/android/ContentProviders.qll b/java/ql/lib/semmle/code/java/frameworks/android/ContentProviders.qll
index 1e10a01d451..bf47e98b8fb 100644
--- a/java/ql/lib/semmle/code/java/frameworks/android/ContentProviders.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/android/ContentProviders.qll
@@ -56,7 +56,6 @@ private class SummaryModels extends SummaryModelCsv {
         "android.content;ContentValues;false;putAll;;;Argument[0].MapValue;Argument[-1].MapValue;value;manual",
         "android.content;ContentResolver;true;acquireContentProviderClient;;;Argument[0];ReturnValue;taint;manual",
         "android.content;ContentResolver;true;acquireUnstableContentProviderClient;;;Argument[0];ReturnValue;taint;manual",
-        "android.content;ContentResolver;true;acquireUnstableContentProviderClient;;;Argument[0];ReturnValue;taint;manual",
         "android.content;ContentResolver;true;applyBatch;;;Argument[1];ReturnValue;taint;manual",
         "android.content;ContentResolver;true;call;;;Argument[0];ReturnValue;taint;manual",
         "android.content;ContentResolver;true;canonicalize;;;Argument[0];ReturnValue;taint;manual",
diff --git a/java/ql/lib/semmle/code/java/frameworks/guava/Collections.qll b/java/ql/lib/semmle/code/java/frameworks/guava/Collections.qll
index d662e7ee7cd..feb27d22ec0 100644
--- a/java/ql/lib/semmle/code/java/frameworks/guava/Collections.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/guava/Collections.qll
@@ -503,7 +503,6 @@ private class GuavaCollectCsv extends SummaryModelCsv {
         "com.google.common.collect;Sets;false;filter;(SortedSet,Predicate);;Argument[0].Element;ReturnValue.Element;value;manual",
         "com.google.common.collect;Sets;false;intersection;(Set,Set);;Argument[0..1].Element;ReturnValue.Element;value;manual",
         "com.google.common.collect;Sets;false;newConcurrentHashSet;(Iterable);;Argument[0].Element;ReturnValue.Element;value;manual",
-        "com.google.common.collect;Sets;false;newConcurrentHashSet;(Iterable);;Argument[0].Element;ReturnValue.Element;value;manual",
         "com.google.common.collect;Sets;false;newCopyOnWriteArraySet;(Iterable);;Argument[0].Element;ReturnValue.Element;value;manual",
         "com.google.common.collect;Sets;false;newHashSet;(Iterable);;Argument[0].Element;ReturnValue.Element;value;manual",
         "com.google.common.collect;Sets;false;newHashSet;(Iterator);;Argument[0].Element;ReturnValue.Element;value;manual",
diff --git a/java/ql/lib/semmle/code/java/frameworks/guava/IO.qll b/java/ql/lib/semmle/code/java/frameworks/guava/IO.qll
index 6137a4e47f3..59fc0113e10 100644
--- a/java/ql/lib/semmle/code/java/frameworks/guava/IO.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/guava/IO.qll
@@ -93,7 +93,6 @@ private class GuavaIoSinkCsv extends SinkModelCsv {
         "com.google.common.io;Resources;false;asByteSource;(URL);;Argument[0];url-open-stream;manual",
         "com.google.common.io;Resources;false;asCharSource;(URL,Charset);;Argument[0];url-open-stream;manual",
         "com.google.common.io;Resources;false;copy;(URL,OutputStream);;Argument[0];url-open-stream;manual",
-        "com.google.common.io;Resources;false;asByteSource;(URL);;Argument[0];url-open-stream;manual",
         "com.google.common.io;Resources;false;readLines;;;Argument[0];url-open-stream;manual",
         "com.google.common.io;Resources;false;toByteArray;(URL);;Argument[0];url-open-stream;manual",
         "com.google.common.io;Resources;false;toString;(URL,Charset);;Argument[0];url-open-stream;manual"
diff --git a/java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll b/java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll
index 11dbd5cd8d3..5fc7e9069cd 100644
--- a/java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll	
+++ b/java/ql/src/Violations of Best Practice/Magic Constants/MagicConstants.qll	
@@ -8,26 +8,26 @@ private predicate trivialPositiveIntValue(string s) {
   s =
     [
       "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16",
-      "17", "18", "19", "20", "16", "32", "64", "128", "256", "512", "1024", "2048", "4096",
-      "16384", "32768", "65536", "1048576", "2147483648", "4294967296", "15", "31", "63", "127",
-      "255", "511", "1023", "2047", "4095", "16383", "32767", "65535", "1048577", "2147483647",
-      "4294967295", "0x00000001", "0x00000002", "0x00000004", "0x00000008", "0x00000010",
-      "0x00000020", "0x00000040", "0x00000080", "0x00000100", "0x00000200", "0x00000400",
-      "0x00000800", "0x00001000", "0x00002000", "0x00004000", "0x00008000", "0x00010000",
-      "0x00020000", "0x00040000", "0x00080000", "0x00100000", "0x00200000", "0x00400000",
-      "0x00800000", "0x01000000", "0x02000000", "0x04000000", "0x08000000", "0x10000000",
-      "0x20000000", "0x40000000", "0x80000000", "0x00000001", "0x00000003", "0x00000007",
-      "0x0000000f", "0x0000001f", "0x0000003f", "0x0000007f", "0x000000ff", "0x000001ff",
-      "0x000003ff", "0x000007ff", "0x00000fff", "0x00001fff", "0x00003fff", "0x00007fff",
-      "0x0000ffff", "0x0001ffff", "0x0003ffff", "0x0007ffff", "0x000fffff", "0x001fffff",
-      "0x003fffff", "0x007fffff", "0x00ffffff", "0x01ffffff", "0x03ffffff", "0x07ffffff",
-      "0x0fffffff", "0x1fffffff", "0x3fffffff", "0x7fffffff", "0xffffffff", "0x0001", "0x0002",
-      "0x0004", "0x0008", "0x0010", "0x0020", "0x0040", "0x0080", "0x0100", "0x0200", "0x0400",
-      "0x0800", "0x1000", "0x2000", "0x4000", "0x8000", "0x0001", "0x0003", "0x0007", "0x000f",
-      "0x001f", "0x003f", "0x007f", "0x00ff", "0x01ff", "0x03ff", "0x07ff", "0x0fff", "0x1fff",
-      "0x3fff", "0x7fff", "0xffff", "0x01", "0x02", "0x04", "0x08", "0x10", "0x20", "0x40", "0x80",
-      "0x01", "0x03", "0x07", "0x0f", "0x1f", "0x3f", "0x7f", "0xff", "0x00", "10", "100", "1000",
-      "10000", "100000", "1000000", "10000000", "100000000", "1000000000"
+      "17", "18", "19", "20", "32", "64", "128", "256", "512", "1024", "2048", "4096", "16384",
+      "32768", "65536", "1048576", "2147483648", "4294967296", "31", "63", "127", "255", "511",
+      "1023", "2047", "4095", "16383", "32767", "65535", "1048577", "2147483647", "4294967295",
+      "0x00000001", "0x00000002", "0x00000004", "0x00000008", "0x00000010", "0x00000020",
+      "0x00000040", "0x00000080", "0x00000100", "0x00000200", "0x00000400", "0x00000800",
+      "0x00001000", "0x00002000", "0x00004000", "0x00008000", "0x00010000", "0x00020000",
+      "0x00040000", "0x00080000", "0x00100000", "0x00200000", "0x00400000", "0x00800000",
+      "0x01000000", "0x02000000", "0x04000000", "0x08000000", "0x10000000", "0x20000000",
+      "0x40000000", "0x80000000", "0x00000003", "0x00000007", "0x0000000f", "0x0000001f",
+      "0x0000003f", "0x0000007f", "0x000000ff", "0x000001ff", "0x000003ff", "0x000007ff",
+      "0x00000fff", "0x00001fff", "0x00003fff", "0x00007fff", "0x0000ffff", "0x0001ffff",
+      "0x0003ffff", "0x0007ffff", "0x000fffff", "0x001fffff", "0x003fffff", "0x007fffff",
+      "0x00ffffff", "0x01ffffff", "0x03ffffff", "0x07ffffff", "0x0fffffff", "0x1fffffff",
+      "0x3fffffff", "0x7fffffff", "0xffffffff", "0x0001", "0x0002", "0x0004", "0x0008", "0x0010",
+      "0x0020", "0x0040", "0x0080", "0x0100", "0x0200", "0x0400", "0x0800", "0x1000", "0x2000",
+      "0x4000", "0x8000", "0x0003", "0x0007", "0x000f", "0x001f", "0x003f", "0x007f", "0x00ff",
+      "0x01ff", "0x03ff", "0x07ff", "0x0fff", "0x1fff", "0x3fff", "0x7fff", "0xffff", "0x01",
+      "0x02", "0x04", "0x08", "0x10", "0x20", "0x40", "0x80", "0x03", "0x07", "0x0f", "0x1f",
+      "0x3f", "0x7f", "0xff", "0x00", "100", "1000", "10000", "100000", "1000000", "10000000",
+      "100000000", "1000000000"
     ]
 }
 
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/NoSQL.qll b/javascript/ql/lib/semmle/javascript/frameworks/NoSQL.qll
index 11f454eadd5..568ae3c93a1 100644
--- a/javascript/ql/lib/semmle/javascript/frameworks/NoSQL.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/NoSQL.qll
@@ -251,7 +251,7 @@ private module Redis {
           "set", "publish", "append", "bitfield", "decrby", "getset", "hincrby", "hincrbyfloat",
           "hset", "hsetnx", "incrby", "incrbyfloat", "linsert", "lpush", "lpushx", "lset", "ltrim",
           "rename", "renamenx", "rpushx", "setbit", "setex", "smove", "zincrby", "zinterstore",
-          "hdel", "lpush", "pfadd", "rpush", "sadd", "sdiffstore", "srem"
+          "hdel", "pfadd", "rpush", "sadd", "sdiffstore", "srem"
         ] and
       argIndex = 0
       or
diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/LoopBoundInjectionCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/LoopBoundInjectionCustomizations.qll
index 2142d468b90..1c92ff66c5b 100644
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/LoopBoundInjectionCustomizations.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/LoopBoundInjectionCustomizations.qll
@@ -122,10 +122,10 @@ module LoopBoundInjection {
         "flattenDeep", "flattenDepth", "initial", "intersection", "intersectionBy",
         "intersectionWith", "join", "remove", "reverse", "slice", "sortedUniq", "sortedUniqBy",
         "tail", "union", "unionBy", "unionWith", "uniqBy", "unzip", "unzipWith", "without", "zip",
-        "zipObject", "zipObjectDeep", "zipWith", "countBy", "each", "forEach", "eachRight",
-        "forEachRight", "filter", "find", "findLast", "flatMap", "flatMapDeep", "flatMapDepth",
-        "forEach", "forEachRight", "groupBy", "invokeMap", "keyBy", "map", "orderBy", "partition",
-        "reduce", "reduceRight", "reject", "sortBy"
+        "zipObject", "zipObjectDeep", "zipWith", "countBy", "each", "eachRight", "forEachRight",
+        "filter", "find", "findLast", "flatMap", "flatMapDeep", "flatMapDepth", "forEach",
+        "groupBy", "invokeMap", "keyBy", "map", "orderBy", "partition", "reduce", "reduceRight",
+        "reject", "sortBy"
       ]
   }
 

From 313767539ad633e164e13c78d42137ecda54cf72 Mon Sep 17 00:00:00 2001
From: Tom Hvitved <hvitved@github.com>
Date: Fri, 18 Nov 2022 15:59:06 +0100
Subject: [PATCH 072/144] C#: Add workflow for running QL tests

---
 .github/workflows/csharp-qltest.yml           | 72 +++++++++++++++++++
 .gitignore                                    |  2 -
 csharp/.gitignore                             |  5 +-
 .../actions/create-extractor-pack/action.yml  | 13 ++++
 .../controlflow/internal/Completion.qll       |  1 -
 csharp/scripts/create-extractor-pack.sh       | 27 +++++++
 6 files changed, 116 insertions(+), 4 deletions(-)
 create mode 100644 .github/workflows/csharp-qltest.yml
 create mode 100644 csharp/actions/create-extractor-pack/action.yml
 create mode 100755 csharp/scripts/create-extractor-pack.sh

diff --git a/.github/workflows/csharp-qltest.yml b/.github/workflows/csharp-qltest.yml
new file mode 100644
index 00000000000..78b0ef6a87b
--- /dev/null
+++ b/.github/workflows/csharp-qltest.yml
@@ -0,0 +1,72 @@
+name: "C#: Run QL Tests"
+
+on:
+  push:
+    paths:
+      - "csharp/**"
+      - "shared/**"
+      - .github/actions/fetch-codeql/action.yml
+      - codeql-workspace.yml
+    branches:
+      - main
+      - "rc/*"
+  pull_request:
+    paths:
+      - "csharp/**"
+      - "shared/**"
+      - .github/workflows/csharp-qltest.yml
+      - .github/actions/fetch-codeql/action.yml
+      - codeql-workspace.yml
+    branches:
+      - main
+      - "rc/*"
+
+defaults:
+  run:
+    working-directory: csharp
+
+jobs:
+  qlupgrade:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: ./.github/actions/fetch-codeql
+      - name: Check DB upgrade scripts
+        run: |
+          echo >empty.trap
+          codeql dataset import -S ql/lib/upgrades/initial/semmlecode.csharp.dbscheme testdb empty.trap
+          codeql dataset upgrade testdb --additional-packs ql/lib
+          diff -q testdb/semmlecode.csharp.dbscheme ql/lib/semmlecode.csharp.dbscheme
+      - name: Check DB downgrade scripts
+        run: |
+          echo >empty.trap
+          rm -rf testdb; codeql dataset import -S ql/lib/semmlecode.csharp.dbscheme testdb empty.trap
+          codeql resolve upgrades --format=lines --allow-downgrades --additional-packs downgrades \
+           --dbscheme=ql/lib/semmlecode.csharp.dbscheme --target-dbscheme=downgrades/initial/semmlecode.csharp.dbscheme |
+           xargs codeql execute upgrades testdb
+          diff -q testdb/semmlecode.csharp.dbscheme downgrades/initial/semmlecode.csharp.dbscheme
+  qltest:
+    runs-on: ubuntu-latest-xl
+    strategy:
+      fail-fast: false
+      matrix:
+        slice: ["1/2", "2/2"]
+    steps:
+      - uses: actions/checkout@v3
+      - uses: ./.github/actions/fetch-codeql
+      - uses: ./csharp/actions/create-extractor-pack
+      - name: Cache compilation cache
+        id: query-cache
+        uses: ./.github/actions/cache-query-compilation
+        with:
+          key: csharp-qltest-${{ matrix.slice }}
+      - name: Run QL tests
+        run: |
+          CODEQL_PATH=$(gh codeql version --format=json | jq -r .unpackedLocation)
+          # The legacy ASP extractor is not in this repo, so take the one from the nightly build
+          mv "$CODEQL_PATH/csharp/tools/extractor-asp.jar" "${{ github.workspace }}/csharp/extractor-pack/tools"
+          # Safe guard against using the bundled extractor
+          rm -rf "$CODEQL_PATH/csharp"
+          codeql test run --threads=0 --ram 52000 --slice ${{ matrix.slice }} --search-path "${{ github.workspace }}/csharp/extractor-pack" --check-databases --check-undefined-labels --check-repeated-labels --check-redefined-labels --consistency-queries ql/consistency-queries ql/test --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
diff --git a/.gitignore b/.gitignore
index 7b8532b00d2..c81e23fc7f8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -27,8 +27,6 @@
 # It's useful (though not required) to be able to unpack codeql in the ql checkout itself
 /codeql/
 
-csharp/extractor/Semmle.Extraction.CSharp.Driver/Properties/launchSettings.json
-
 # Avoid committing cached package components
 .codeql
 
diff --git a/csharp/.gitignore b/csharp/.gitignore
index 0701c11fe1d..a030c9444fe 100644
--- a/csharp/.gitignore
+++ b/csharp/.gitignore
@@ -11,4 +11,7 @@ csharp.log
 *.tlog
 .vs
 *.user
-.vscode/launch.json
\ No newline at end of file
+.vscode/launch.json
+
+extractor/Semmle.Extraction.CSharp.Driver/Properties/launchSettings.json
+extractor-pack
\ No newline at end of file
diff --git a/csharp/actions/create-extractor-pack/action.yml b/csharp/actions/create-extractor-pack/action.yml
new file mode 100644
index 00000000000..43b0ec9c6fe
--- /dev/null
+++ b/csharp/actions/create-extractor-pack/action.yml
@@ -0,0 +1,13 @@
+name: Build C# CodeQL pack
+description: Builds the C# CodeQL pack
+runs:
+  using: composite
+  steps:
+    - name: Setup dotnet
+      uses: actions/setup-dotnet@v3
+      with:
+        dotnet-version: 6.0.202
+    - name: Build Extractor
+      shell: bash
+      run: scripts/create-extractor-pack.sh
+      working-directory: csharp
diff --git a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
index bda14e0b4ae..4003e8cfac2 100644
--- a/csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
+++ b/csharp/ql/lib/semmle/code/csharp/controlflow/internal/Completion.qll
@@ -103,7 +103,6 @@ abstract class Completion extends TCompletion {
    * otherwise it is a normal non-Boolean completion.
    */
   predicate isValidFor(ControlFlowElement cfe) {
-    cfe instanceof NonReturningCall and
     this = cfe.(NonReturningCall).getACompletion()
     or
     this = TThrowCompletion(cfe.(TriedControlFlowElement).getAThrownException())
diff --git a/csharp/scripts/create-extractor-pack.sh b/csharp/scripts/create-extractor-pack.sh
new file mode 100755
index 00000000000..dbbe8219a02
--- /dev/null
+++ b/csharp/scripts/create-extractor-pack.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+set -eux
+
+if [[ "$OSTYPE" == "linux-gnu"* ]]; then
+  platform="linux64"
+  dotnet_platform="linux-x64"
+elif [[ "$OSTYPE" == "darwin"* ]]; then
+  platform="osx64"
+  dotnet_platform="osx-x64"
+else
+  echo "Unknown OS"
+  exit 1
+fi
+
+rm -rf extractor-pack
+mkdir -p extractor-pack
+mkdir -p extractor-pack/tools/${platform}
+
+function dotnet_publish {
+  dotnet publish --self-contained --configuration Release --runtime ${dotnet_platform} -p:RuntimeFrameworkVersion=6.0.4 $1 --output extractor-pack/tools/${platform}
+}
+
+dotnet_publish extractor/Semmle.Extraction.CSharp.Standalone
+dotnet_publish extractor/Semmle.Extraction.CSharp.Driver
+dotnet_publish autobuilder/Semmle.Autobuild.CSharp
+
+cp -r codeql-extractor.yml tools/* downgrades tools ql/lib/semmlecode.csharp.dbscheme ql/lib/semmlecode.csharp.dbscheme.stats extractor-pack/

From 10c602d9fbd3183079b81decbaf83807d6f3e7ff Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Tue, 22 Nov 2022 10:19:50 +0100
Subject: [PATCH 073/144] CI: use read-only-cache when running on a PR

---
 .github/actions/cache-query-compilation/action.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/actions/cache-query-compilation/action.yml b/.github/actions/cache-query-compilation/action.yml
index c071aa204d9..9f7569e5f0c 100644
--- a/.github/actions/cache-query-compilation/action.yml
+++ b/.github/actions/cache-query-compilation/action.yml
@@ -26,9 +26,10 @@ runs:
         echo "merge_base=$MERGE_BASE" >> $GITHUB_ENV
     - name: Read CodeQL query compilation - PR
       if: ${{ github.event_name == 'pull_request' }}
-      uses: actions/cache@v3
+      uses: erik-krogh/actions-cache@a88d0603fe5fb5606db9f002dfcadeb32b5f84c6
       with:
         path: '**/.cache'
+        read-only: true
         key: codeql-compile-${{ inputs.key }}-pr-${{ github.sha }} # deliberately not using the `compile-compile-main` keys here.
         restore-keys: |
           codeql-compile-${{ inputs.key }}-${{ github.base_ref }}-${{ env.merge_base }}
@@ -36,7 +37,7 @@ runs:
           codeql-compile-${{ inputs.key }}-main-
     - name: Fill CodeQL query compilation cache - main
       if: ${{ github.event_name != 'pull_request' }}
-      uses: actions/cache@v3
+      uses: erik-krogh/actions-cache@a88d0603fe5fb5606db9f002dfcadeb32b5f84c6
       with:
         path: '**/.cache'
         key: codeql-compile-${{ inputs.key }}-${{ github.ref_name }}-${{ github.sha }} # just fill on main

From d876acde4c4b9fbd3e47e24593264d4b1aa4707c Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 22 Nov 2022 11:01:26 +0100
Subject: [PATCH 074/144] Python: Fix SINK/SINK_F usage for crosstalk tests

As discussed in PR review
https://github.com/github/codeql/pull/11208#discussion_r1022473421
---
 .../dataflow/TestUtil/NormalDataflowTest.qll  |  3 ++-
 .../experimental/dataflow/fieldflow/test.py   | 25 ++++++++++++++-----
 .../test/experimental/dataflow/testConfig.qll |  7 +++---
 3 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll b/python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll
index b0f0009b30d..f526a1f43ae 100644
--- a/python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll
+++ b/python/ql/test/experimental/dataflow/TestUtil/NormalDataflowTest.qll
@@ -16,8 +16,9 @@ class DataFlowTest extends FlowTest {
 query predicate missingAnnotationOnSink(Location location, string error, string element) {
   error = "ERROR, you should add `# $ MISSING: flow` annotation" and
   exists(DataFlow::Node sink |
+    any(TestConfiguration config).isSink(sink) and
+    // note: we only care about `SINK` and not `SINK_F`, so we have to reconstruct manually.
     exists(DataFlow::CallCfgNode call |
-      // note: we only care about `SINK` and not `SINK_F`, so we have to reconstruct manually.
       call.getFunction().asCfgNode().(NameNode).getId() = "SINK" and
       (sink = call.getArg(_) or sink = call.getArgByName(_))
     ) and
diff --git a/python/ql/test/experimental/dataflow/fieldflow/test.py b/python/ql/test/experimental/dataflow/fieldflow/test.py
index f5b20daff96..d9cb0280c73 100644
--- a/python/ql/test/experimental/dataflow/fieldflow/test.py
+++ b/python/ql/test/experimental/dataflow/fieldflow/test.py
@@ -13,7 +13,17 @@ def is_source(x):
     return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
 
 
-def SINK(x):
+def SINK(x, *, not_present_at_runtime=False):
+    # not_present_at_runtime supports use-cases where we want flow from data-flow layer
+    # (so we want to use SINK), but we end up in a siaution where it's not possible to
+    # actually get flow from a source at runtime. The only use-case is for the
+    # cross-talk tests, where our ability to use if-then-else is limited because doing
+    # so would make cfg-splitting kick in, and that would solve the problem trivially
+    # (by the splitting).
+    if not_present_at_runtime:
+        print("OK")
+        return
+
     if is_source(x):
         print("OK")
     else:
@@ -186,6 +196,9 @@ def test_nested_obj_method():
 # ------------------------------------------------------------------------------
 # Crosstalk test -- using different function based on conditional
 # ------------------------------------------------------------------------------
+# NOTE: These tests use `SINK(objy.y, not_present_at_runtime=True)` since it's not
+# possible to use if-then-else statements, since that would make cfg-splitting kick in,
+# and that would solve the problem trivially (by the splitting).
 
 class CrosstalkTestX:
     def __init__(self):
@@ -229,7 +242,7 @@ def test_no_crosstalk_reference(cond=True):
     SINK(objx.x) # $ flow="SOURCE, l:-4 -> objx.x"
     SINK_F(objx.y)
     SINK_F(objy.x)
-    SINK_F(objy.y) # $ flow="SOURCE, l:-5 -> objy.y"
+    SINK(objy.y, not_present_at_runtime=True) # $ flow="SOURCE, l:-5 -> objy.y"
 
 
 @expects(8) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
@@ -252,7 +265,7 @@ def test_potential_crosstalk_different_name(cond=True):
     SINK(objx.x) # $ MISSING: flow="SOURCE, l:-2 -> objx.x"
     SINK_F(objx.y)
     SINK_F(objy.x)
-    SINK_F(objy.y) # $ MISSING: flow="SOURCE, l:-5 -> objy.y"
+    SINK(objy.y, not_present_at_runtime=True) # $ MISSING: flow="SOURCE, l:-5 -> objy.y"
 
 
 @expects(8) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
@@ -275,7 +288,7 @@ def test_potential_crosstalk_same_name(cond=True):
     SINK(objx.x) # $ MISSING: flow="SOURCE, l:-2 -> objx.x"
     SINK_F(objx.y)
     SINK_F(objy.x)
-    SINK_F(objy.y) # $ MISSING: flow="SOURCE, l:-5 -> objy.y"
+    SINK(objy.y, not_present_at_runtime=True) # $ MISSING: flow="SOURCE, l:-5 -> objy.y"
 
 
 @expects(10) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
@@ -298,10 +311,10 @@ def test_potential_crosstalk_same_name_object_reference(cond=True):
     SINK(objx.x) # $ MISSING: flow="SOURCE, l:-2 -> objx.x"
     SINK_F(objx.y)
     SINK_F(objy.x)
-    SINK_F(objy.y) # $ MISSING: flow="SOURCE, l:-5 -> objy.y"
+    SINK(objy.y, not_present_at_runtime=True) # $ MISSING: flow="SOURCE, l:-5 -> objy.y"
 
     SINK(obj.x) # $ flow="SOURCE, l:-7 -> obj.x"
-    SINK_F(obj.y) # $ flow="SOURCE, l:-8 -> obj.y"
+    SINK(obj.y, not_present_at_runtime=True) # $ flow="SOURCE, l:-8 -> obj.y"
 
 
 # ------------------------------------------------------------------------------
diff --git a/python/ql/test/experimental/dataflow/testConfig.qll b/python/ql/test/experimental/dataflow/testConfig.qll
index 03815e2f7f9..addbeefeebf 100644
--- a/python/ql/test/experimental/dataflow/testConfig.qll
+++ b/python/ql/test/experimental/dataflow/testConfig.qll
@@ -38,9 +38,10 @@ class TestConfiguration extends DataFlow::Configuration {
   }
 
   override predicate isSink(DataFlow::Node node) {
-    exists(CallNode call |
-      call.getFunction().(NameNode).getId() in ["SINK", "SINK_F"] and
-      node.(DataFlow::CfgNode).getNode() = call.getAnArg()
+    exists(DataFlow::CallCfgNode call |
+      call.getFunction().asCfgNode().(NameNode).getId() in ["SINK", "SINK_F"] and
+      (node = call.getArg(_) or node = call.getArgByName(_)) and
+      not node = call.getArgByName("not_present_at_runtime")
     )
   }
 

From 84faf49bf0d63f19dc43619ef2ccfaa1ef3f8be2 Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 20 Sep 2022 14:28:44 +0200
Subject: [PATCH 075/144] Python: Add tests for compound arguments field flow

---
 .../experimental/dataflow/fieldflow/test.py   | 33 +++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/python/ql/test/experimental/dataflow/fieldflow/test.py b/python/ql/test/experimental/dataflow/fieldflow/test.py
index d9cb0280c73..100ab6aac70 100644
--- a/python/ql/test/experimental/dataflow/fieldflow/test.py
+++ b/python/ql/test/experimental/dataflow/fieldflow/test.py
@@ -193,6 +193,39 @@ def test_nested_obj_method():
     SINK(a.obj.foo) # $ flow="SOURCE, l:-3 -> a.obj.foo"
 
 
+# ------------------------------------------------------------------------------
+# Field access on compound arguments
+# ------------------------------------------------------------------------------
+
+# TODO: Add support for this, see https://github.com/github/codeql/pull/10444
+
+@expects(5) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
+def test_field_on_compound_arg(cond_true=True, cond_false=False):
+    class Ex:
+        def __init__(self):
+            self.attr = None
+
+    def set_attr(obj):
+        obj.attr = SOURCE
+
+    x = Ex()
+    y = Ex()
+    set_attr(x if cond_true else y)
+    SINK(x.attr) # $ MISSING: flow
+
+    x = Ex()
+    y = Ex()
+    set_attr(x if cond_false else y)
+    SINK(y.attr) # $ MISSING: flow
+
+    x = Ex()
+    y = Ex()
+    z = Ex()
+    set_attr(x if cond_false else (y if cond_true else z))
+    SINK_F(x.attr) # $ MISSING: flow
+    SINK(y.attr) # $ MISSING: flow
+    SINK_F(z.attr) # $ MISSING: flow
+
 # ------------------------------------------------------------------------------
 # Crosstalk test -- using different function based on conditional
 # ------------------------------------------------------------------------------

From ce2ba21240e6690b3819178c8eccead8e12941b4 Mon Sep 17 00:00:00 2001
From: ka1n4t <574702476@qq.com>
Date: Tue, 22 Nov 2022 18:32:14 +0800
Subject: [PATCH 076/144] Add binding between annotation and sink-param

---
 .../src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
index 3351af22a25..8399efcc229 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
+++ b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
@@ -134,7 +134,8 @@ predicate isMybatisXmlOrAnnotationSqlInjection(
           .matches("${" + annotation.getValue("value").(CompileTimeConstantExpr).getStringValue() +
               "%}") and
       annotation.getType() instanceof TypeParam and
-      ma.getAnArgument() = node.asExpr()
+      ma.getAnArgument() = node.asExpr() and
+      annotation.getTarget() = ma.getMethod().getParameter(node.asExpr().getIndex())
     )
     or
     // MyBatis default parameter sql injection vulnerabilities.the default parameter form of the method is arg[0...n] or param[1...n].

From 43f4dd8bc4db753aac52fc945832b6787494d608 Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Mon, 21 Nov 2022 10:10:38 +0100
Subject: [PATCH 077/144] Consider taint through bitwise operations on
 PendingIntent flags

---
 .../code/java/security/ImplicitPendingIntents.qll | 15 +++++++++++++--
 .../CWE-927/ImplicitPendingIntentsTest.java       |  2 +-
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll
index 3441cfaef18..bbfafc2d9c4 100644
--- a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll
+++ b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll
@@ -85,9 +85,11 @@ private class MutablePendingIntentFlowStep extends ImplicitPendingIntentAddition
       // unless it is at least sometimes explicitly marked immutable and never marked mutable.
       // Note: for API level < 31, PendingIntents were mutable by default, whereas since then
       // they are immutable by default.
-      not TaintTracking::localExprTaint(any(ImmutablePendingIntentFlag flag).getAnAccess(), flagArg)
+      not bitwiseLocalTaintStep*(DataFlow::exprNode(any(ImmutablePendingIntentFlag flag)
+              .getAnAccess()), DataFlow::exprNode(flagArg))
       or
-      TaintTracking::localExprTaint(any(MutablePendingIntentFlag flag).getAnAccess(), flagArg)
+      bitwiseLocalTaintStep*(DataFlow::exprNode(any(MutablePendingIntentFlag flag).getAnAccess()),
+        DataFlow::exprNode(flagArg))
     )
   }
 }
@@ -124,3 +126,12 @@ private class PendingIntentSentSinkModels extends SinkModelCsv {
       ]
   }
 }
+
+/**
+ * Holds if taint can flow from `source` to `sink` in one local step,
+ * including bitwise operations.
+ */
+private predicate bitwiseLocalTaintStep(DataFlow::Node source, DataFlow::Node sink) {
+  TaintTracking::localTaintStep(source, sink) or
+  source.asExpr() = sink.asExpr().(BitwiseExpr).(BinaryExpr).getAnOperand()
+}
diff --git a/java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntentsTest.java b/java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntentsTest.java
index 9c8f098d467..746c9ca83dc 100644
--- a/java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntentsTest.java
+++ b/java/ql/test/query-tests/security/CWE-927/ImplicitPendingIntentsTest.java
@@ -156,7 +156,7 @@ public class ImplicitPendingIntentsTest {
             PendingIntent pi = PendingIntent.getActivity(ctx, 0, baseIntent, flag); // Sanitizer
             Intent fwdIntent = new Intent();
             fwdIntent.putExtra("fwdIntent", pi);
-            ctx.startActivity(fwdIntent); // $ SPURIOUS: $ hasImplicitPendingIntent
+            ctx.startActivity(fwdIntent); // Safe
         }
     }
 

From 1667fbad88abb40cd9970c3471bdf79a2ca26517 Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Tue, 22 Nov 2022 11:48:21 +0100
Subject: [PATCH 078/144] Add change note

---
 .../change-notes/2022-11-22-bitwise-implicit-intent-flags.md  | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 java/ql/src/change-notes/2022-11-22-bitwise-implicit-intent-flags.md

diff --git a/java/ql/src/change-notes/2022-11-22-bitwise-implicit-intent-flags.md b/java/ql/src/change-notes/2022-11-22-bitwise-implicit-intent-flags.md
new file mode 100644
index 00000000000..20612e86325
--- /dev/null
+++ b/java/ql/src/change-notes/2022-11-22-bitwise-implicit-intent-flags.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Fixed an issue in the query `java/android/implicit-pendingintents` by which an implicit Pending Intent marked as immutable was not correctly recognized as such.

From 18be30d1774ab7a84452da1306f69941f2ea3b6b Mon Sep 17 00:00:00 2001
From: Taus <tausbn@github.com>
Date: Tue, 22 Nov 2022 13:46:45 +0100
Subject: [PATCH 079/144] Python: Apply suggestion from review

Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
---
 .../ql/lib/change-notes/2022-11-21-module-resolution-rewrite.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/python/ql/lib/change-notes/2022-11-21-module-resolution-rewrite.md b/python/ql/lib/change-notes/2022-11-21-module-resolution-rewrite.md
index 32484ffed56..fa04c07e9d5 100644
--- a/python/ql/lib/change-notes/2022-11-21-module-resolution-rewrite.md
+++ b/python/ql/lib/change-notes/2022-11-21-module-resolution-rewrite.md
@@ -2,4 +2,4 @@
  category: minorAnalysis
 ---
  * The data-flow library has been rewritten to no longer rely on the points-to analysis in order to
-   resolve references to modules. This should result in more results for data-flow queries.
+   resolve references to modules. Improvements in the module resolution can lead to more results.

From e01df3ea7c502e5e6c19c6063b408ff2b474d48a Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 22 Nov 2022 13:38:10 +0100
Subject: [PATCH 080/144] Python: Prepare for new test

.expected line changes :angry:
---
 .../CleartextLogging.expected                        | 12 ++++++------
 .../Security/CWE-312-CleartextLogging/test.py        |  5 +++++
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
index e9b5ac67585..00de056f78b 100644
--- a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
+++ b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
@@ -4,8 +4,8 @@ edges
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:23:58:23:65 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:27:40:27:47 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:30:58:30:65 | ControlFlowNode for password |
-| test.py:65:14:68:5 | ControlFlowNode for Dict | test.py:69:11:69:31 | ControlFlowNode for Subscript |
-| test.py:67:21:67:37 | ControlFlowNode for Attribute | test.py:65:14:68:5 | ControlFlowNode for Dict |
+| test.py:70:14:73:5 | ControlFlowNode for Dict | test.py:74:11:74:31 | ControlFlowNode for Subscript |
+| test.py:72:21:72:37 | ControlFlowNode for Attribute | test.py:70:14:73:5 | ControlFlowNode for Dict |
 nodes
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:20:48:20:55 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
@@ -17,9 +17,9 @@ nodes
 | test.py:37:11:37:24 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:39:22:39:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:40:22:40:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
-| test.py:65:14:68:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
-| test.py:67:21:67:37 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
-| test.py:69:11:69:31 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
+| test.py:70:14:73:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
+| test.py:72:21:72:37 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
+| test.py:74:11:74:31 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
 subpaths
 #select
 | test.py:20:48:20:55 | ControlFlowNode for password | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:20:48:20:55 | ControlFlowNode for password | This expression logs $@ as clear text. | test.py:19:16:19:29 | ControlFlowNode for get_password() | sensitive data (password) |
@@ -31,4 +31,4 @@ subpaths
 | test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:37:11:37:24 | ControlFlowNode for get_password() | sensitive data (password) |
 | test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:39:22:39:35 | ControlFlowNode for get_password() | sensitive data (password) |
 | test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:40:22:40:35 | ControlFlowNode for get_password() | sensitive data (password) |
-| test.py:69:11:69:31 | ControlFlowNode for Subscript | test.py:67:21:67:37 | ControlFlowNode for Attribute | test.py:69:11:69:31 | ControlFlowNode for Subscript | This expression logs $@ as clear text. | test.py:67:21:67:37 | ControlFlowNode for Attribute | sensitive data (password) |
+| test.py:74:11:74:31 | ControlFlowNode for Subscript | test.py:72:21:72:37 | ControlFlowNode for Attribute | test.py:74:11:74:31 | ControlFlowNode for Subscript | This expression logs $@ as clear text. | test.py:72:21:72:37 | ControlFlowNode for Attribute | sensitive data (password) |
diff --git a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/test.py b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/test.py
index 0a3d97426e0..265bda6d53d 100644
--- a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/test.py
+++ b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/test.py
@@ -39,6 +39,11 @@ def print_password():
     sys.stdout.write(get_password()) # NOT OK
     sys.stderr.write(get_password()) # NOT OK
 
+    # import getpass
+
+    # x = getpass.getpass()
+    # print(x) # NOT OK
+
 
 def FPs(account, account_id):
     # we assume that any account parameter is sensitive (id/username)

From 9342e3ba76ec910fabd19f739a85dd0192e93b3b Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 22 Nov 2022 13:59:59 +0100
Subject: [PATCH 081/144] Python: Enable new test

But look at all those elements from getpass.py implementation :(
---
 .../CleartextLogging.expected                 | 35 +++++++++++++++++++
 .../Security/CWE-312-CleartextLogging/test.py |  6 ++--
 2 files changed, 38 insertions(+), 3 deletions(-)

diff --git a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
index 00de056f78b..9d8152dd627 100644
--- a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
+++ b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
@@ -1,12 +1,37 @@
 edges
+| file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:62:26:62:57 | ControlFlowNode for fallback_getpass() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | test.py:44:9:44:25 | ControlFlowNode for Attribute() |
+| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | test.py:44:9:44:25 | ControlFlowNode for Attribute() |
+| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | test.py:44:9:44:25 | ControlFlowNode for Attribute() |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:20:48:20:55 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:22:58:22:65 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:23:58:23:65 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:27:40:27:47 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:30:58:30:65 | ControlFlowNode for password |
+| test.py:44:9:44:25 | ControlFlowNode for Attribute() | test.py:45:11:45:11 | ControlFlowNode for x |
 | test.py:70:14:73:5 | ControlFlowNode for Dict | test.py:74:11:74:31 | ControlFlowNode for Subscript |
 | test.py:72:21:72:37 | ControlFlowNode for Attribute | test.py:70:14:73:5 | ControlFlowNode for Dict |
 nodes
+| file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | semmle.label | ControlFlowNode for None |
+| file:///usr/lib/python3.8/getpass.py:62:26:62:57 | ControlFlowNode for fallback_getpass() | semmle.label | ControlFlowNode for fallback_getpass() |
+| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | semmle.label | ControlFlowNode for _raw_input() |
+| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | semmle.label | ControlFlowNode for _raw_input() |
+| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | semmle.label | ControlFlowNode for _raw_input() |
+| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | semmle.label | ControlFlowNode for fallback_getpass() |
+| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | semmle.label | ControlFlowNode for fallback_getpass() |
+| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | semmle.label | ControlFlowNode for fallback_getpass() |
+| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | semmle.label | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | semmle.label | ControlFlowNode for passwd |
+| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | semmle.label | ControlFlowNode for passwd |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:20:48:20:55 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
 | test.py:22:58:22:65 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
@@ -17,6 +42,8 @@ nodes
 | test.py:37:11:37:24 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:39:22:39:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:40:22:40:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
+| test.py:44:9:44:25 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
+| test.py:45:11:45:11 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
 | test.py:70:14:73:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
 | test.py:72:21:72:37 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
 | test.py:74:11:74:31 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
@@ -31,4 +58,12 @@ subpaths
 | test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:37:11:37:24 | ControlFlowNode for get_password() | sensitive data (password) |
 | test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:39:22:39:35 | ControlFlowNode for get_password() | sensitive data (password) |
 | test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:40:22:40:35 | ControlFlowNode for get_password() | sensitive data (password) |
+| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | sensitive data (password) |
+| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:62:26:62:57 | ControlFlowNode for fallback_getpass() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:62:26:62:57 | ControlFlowNode for fallback_getpass() | sensitive data (password) |
+| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | sensitive data (password) |
+| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | sensitive data (password) |
+| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | sensitive data (password) |
+| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | sensitive data (password) |
+| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | sensitive data (password) |
+| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | sensitive data (password) |
 | test.py:74:11:74:31 | ControlFlowNode for Subscript | test.py:72:21:72:37 | ControlFlowNode for Attribute | test.py:74:11:74:31 | ControlFlowNode for Subscript | This expression logs $@ as clear text. | test.py:72:21:72:37 | ControlFlowNode for Attribute | sensitive data (password) |
diff --git a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/test.py b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/test.py
index 265bda6d53d..b5ebe7593ba 100644
--- a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/test.py
+++ b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/test.py
@@ -39,10 +39,10 @@ def print_password():
     sys.stdout.write(get_password()) # NOT OK
     sys.stderr.write(get_password()) # NOT OK
 
-    # import getpass
+    import getpass
 
-    # x = getpass.getpass()
-    # print(x) # NOT OK
+    x = getpass.getpass()
+    print(x) # NOT OK
 
 
 def FPs(account, account_id):

From 80e71b202a851dc8605862bfe774683ddce177db Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 22 Nov 2022 14:08:00 +0100
Subject: [PATCH 082/144] Python: Cleartext queires: Remove flow from
 getpass.py

---
 .../dataflow/new/SensitiveDataSources.qll     | 12 ++++++-
 .../CleartextLogging.expected                 | 35 -------------------
 2 files changed, 11 insertions(+), 36 deletions(-)

diff --git a/python/ql/lib/semmle/python/dataflow/new/SensitiveDataSources.qll b/python/ql/lib/semmle/python/dataflow/new/SensitiveDataSources.qll
index 65d334f1c38..e5ee3e346b5 100644
--- a/python/ql/lib/semmle/python/dataflow/new/SensitiveDataSources.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/SensitiveDataSources.qll
@@ -23,7 +23,17 @@ module SensitiveDataClassification = SensitiveDataHeuristics::SensitiveDataClass
 class SensitiveDataSource extends DataFlow::Node {
   SensitiveDataSource::Range range;
 
-  SensitiveDataSource() { this = range }
+  SensitiveDataSource() {
+    this = range and
+    // ignore sensitive password sources in getpass.py, that can escape through `getpass.getpass()` return value,
+    // since `getpass.getpass()` is considered a source itself.
+    not exists(Module getpass |
+      getpass.getName() = "getpass" and
+      this.getScope().getEnclosingModule() = getpass and
+      // do allow this call if we're analyzing getpass.py as part of CPython though
+      not exists(getpass.getFile().getRelativePath())
+    )
+  }
 
   /**
    * Gets the classification of the sensitive data.
diff --git a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
index 9d8152dd627..00de056f78b 100644
--- a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
+++ b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
@@ -1,37 +1,12 @@
 edges
-| file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:62:26:62:57 | ControlFlowNode for fallback_getpass() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | test.py:44:9:44:25 | ControlFlowNode for Attribute() |
-| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | test.py:44:9:44:25 | ControlFlowNode for Attribute() |
-| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | test.py:44:9:44:25 | ControlFlowNode for Attribute() |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:20:48:20:55 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:22:58:22:65 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:23:58:23:65 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:27:40:27:47 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:30:58:30:65 | ControlFlowNode for password |
-| test.py:44:9:44:25 | ControlFlowNode for Attribute() | test.py:45:11:45:11 | ControlFlowNode for x |
 | test.py:70:14:73:5 | ControlFlowNode for Dict | test.py:74:11:74:31 | ControlFlowNode for Subscript |
 | test.py:72:21:72:37 | ControlFlowNode for Attribute | test.py:70:14:73:5 | ControlFlowNode for Dict |
 nodes
-| file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | semmle.label | ControlFlowNode for None |
-| file:///usr/lib/python3.8/getpass.py:62:26:62:57 | ControlFlowNode for fallback_getpass() | semmle.label | ControlFlowNode for fallback_getpass() |
-| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | semmle.label | ControlFlowNode for _raw_input() |
-| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | semmle.label | ControlFlowNode for _raw_input() |
-| file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | semmle.label | ControlFlowNode for _raw_input() |
-| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | semmle.label | ControlFlowNode for fallback_getpass() |
-| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | semmle.label | ControlFlowNode for fallback_getpass() |
-| file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | semmle.label | ControlFlowNode for fallback_getpass() |
-| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | semmle.label | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | semmle.label | ControlFlowNode for passwd |
-| file:///usr/lib/python3.8/getpass.py:94:16:94:21 | ControlFlowNode for passwd | semmle.label | ControlFlowNode for passwd |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:20:48:20:55 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
 | test.py:22:58:22:65 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
@@ -42,8 +17,6 @@ nodes
 | test.py:37:11:37:24 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:39:22:39:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:40:22:40:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
-| test.py:44:9:44:25 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| test.py:45:11:45:11 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
 | test.py:70:14:73:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
 | test.py:72:21:72:37 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
 | test.py:74:11:74:31 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
@@ -58,12 +31,4 @@ subpaths
 | test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:37:11:37:24 | ControlFlowNode for get_password() | sensitive data (password) |
 | test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:39:22:39:35 | ControlFlowNode for get_password() | sensitive data (password) |
 | test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:40:22:40:35 | ControlFlowNode for get_password() | sensitive data (password) |
-| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:44:14:44:17 | ControlFlowNode for None | sensitive data (password) |
-| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:62:26:62:57 | ControlFlowNode for fallback_getpass() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:62:26:62:57 | ControlFlowNode for fallback_getpass() | sensitive data (password) |
-| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | sensitive data (password) |
-| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | sensitive data (password) |
-| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:77:30:77:68 | ControlFlowNode for _raw_input() | sensitive data (password) |
-| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | sensitive data (password) |
-| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | sensitive data (password) |
-| test.py:45:11:45:11 | ControlFlowNode for x | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | file:///usr/lib/python3.8/getpass.py:91:26:91:57 | ControlFlowNode for fallback_getpass() | sensitive data (password) |
 | test.py:74:11:74:31 | ControlFlowNode for Subscript | test.py:72:21:72:37 | ControlFlowNode for Attribute | test.py:74:11:74:31 | ControlFlowNode for Subscript | This expression logs $@ as clear text. | test.py:72:21:72:37 | ControlFlowNode for Attribute | sensitive data (password) |

From 9195b73d8447b23670cb8433338af7be14073e8a Mon Sep 17 00:00:00 2001
From: Rasmus Wriedt Larsen <rasmuswl@github.com>
Date: Tue, 22 Nov 2022 14:08:16 +0100
Subject: [PATCH 083/144] Python: Model `getpass.getpass` as source of
 passwords

---
 .../python/dataflow/new/SensitiveDataSources.qll     | 12 ++++++++++++
 python/ql/src/change-notes/2022-11-22-getpass.md     |  4 ++++
 .../CleartextLogging.expected                        |  4 ++++
 3 files changed, 20 insertions(+)
 create mode 100644 python/ql/src/change-notes/2022-11-22-getpass.md

diff --git a/python/ql/lib/semmle/python/dataflow/new/SensitiveDataSources.qll b/python/ql/lib/semmle/python/dataflow/new/SensitiveDataSources.qll
index e5ee3e346b5..926ae46d33e 100644
--- a/python/ql/lib/semmle/python/dataflow/new/SensitiveDataSources.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/SensitiveDataSources.qll
@@ -8,6 +8,7 @@ private import semmle.python.dataflow.new.DataFlow
 // Need to import `semmle.python.Frameworks` since frameworks can extend `SensitiveDataSource::Range`
 private import semmle.python.Frameworks
 private import semmle.python.security.internal.SensitiveDataHeuristics as SensitiveDataHeuristics
+private import semmle.python.ApiGraphs
 
 // We export these explicitly, so we don't also export the `HeuristicNames` module.
 class SensitiveDataClassification = SensitiveDataHeuristics::SensitiveDataClassification;
@@ -322,6 +323,17 @@ private module SensitiveDataModeling {
 
     override SensitiveDataClassification getClassification() { result = classification }
   }
+
+  /**
+   * A call to `getpass.getpass`, see https://docs.python.org/3.10/library/getpass.html#getpass.getpass
+   */
+  class GetPassCall extends SensitiveDataSource::Range, API::CallNode {
+    GetPassCall() { this = API::moduleImport("getpass").getMember("getpass").getACall() }
+
+    override SensitiveDataClassification getClassification() {
+      result = SensitiveDataClassification::password()
+    }
+  }
 }
 
 predicate sensitiveDataExtraStepForCalls = SensitiveDataModeling::extraStepForCalls/2;
diff --git a/python/ql/src/change-notes/2022-11-22-getpass.md b/python/ql/src/change-notes/2022-11-22-getpass.md
new file mode 100644
index 00000000000..d9df302bc63
--- /dev/null
+++ b/python/ql/src/change-notes/2022-11-22-getpass.md
@@ -0,0 +1,4 @@
+---
+ category: minorAnalysis
+---
+ * Added modeling of `getpass.getpass` as a source of passwords, which will be an additional source for `py/clear-text-logging-sensitive-data`, `py/clear-text-storage-sensitive-data`, and `py/weak-sensitive-data-hashing`.
diff --git a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
index 00de056f78b..b2162352bae 100644
--- a/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
+++ b/python/ql/test/query-tests/Security/CWE-312-CleartextLogging/CleartextLogging.expected
@@ -4,6 +4,7 @@ edges
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:23:58:23:65 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:27:40:27:47 | ControlFlowNode for password |
 | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:30:58:30:65 | ControlFlowNode for password |
+| test.py:44:9:44:25 | ControlFlowNode for Attribute() | test.py:45:11:45:11 | ControlFlowNode for x |
 | test.py:70:14:73:5 | ControlFlowNode for Dict | test.py:74:11:74:31 | ControlFlowNode for Subscript |
 | test.py:72:21:72:37 | ControlFlowNode for Attribute | test.py:70:14:73:5 | ControlFlowNode for Dict |
 nodes
@@ -17,6 +18,8 @@ nodes
 | test.py:37:11:37:24 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:39:22:39:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
 | test.py:40:22:40:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
+| test.py:44:9:44:25 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
+| test.py:45:11:45:11 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
 | test.py:70:14:73:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
 | test.py:72:21:72:37 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
 | test.py:74:11:74:31 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
@@ -31,4 +34,5 @@ subpaths
 | test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:37:11:37:24 | ControlFlowNode for get_password() | sensitive data (password) |
 | test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:39:22:39:35 | ControlFlowNode for get_password() | sensitive data (password) |
 | test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:40:22:40:35 | ControlFlowNode for get_password() | sensitive data (password) |
+| test.py:45:11:45:11 | ControlFlowNode for x | test.py:44:9:44:25 | ControlFlowNode for Attribute() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | test.py:44:9:44:25 | ControlFlowNode for Attribute() | sensitive data (password) |
 | test.py:74:11:74:31 | ControlFlowNode for Subscript | test.py:72:21:72:37 | ControlFlowNode for Attribute | test.py:74:11:74:31 | ControlFlowNode for Subscript | This expression logs $@ as clear text. | test.py:72:21:72:37 | ControlFlowNode for Attribute | sensitive data (password) |

From 2e1a78e1bfa2e8c412a1651c102c4f15e722bd34 Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Tue, 22 Nov 2022 14:44:05 +0100
Subject: [PATCH 084/144] Add models for NSData and NSMutableData

---
 .../codeql/swift/dataflow/ExternalFlow.qll    |   1 +
 .../frameworks/StandardLibrary/NSData.qll     |  92 +++++
 .../dataflow/flowsources/FlowSources.expected |   4 +
 .../dataflow/flowsources/nsdata.swift         |  20 +
 .../dataflow/taint/LocalTaint.expected        |   3 +
 .../dataflow/taint/Taint.expected             | 363 ++++++++++++++++++
 .../library-tests/dataflow/taint/nsdata.swift | 141 +++++++
 .../dataflow/taint/nsmutabledata.swift        |  50 +++
 8 files changed, 674 insertions(+)
 create mode 100644 swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NSData.qll
 create mode 100644 swift/ql/test/library-tests/dataflow/flowsources/nsdata.swift
 create mode 100644 swift/ql/test/library-tests/dataflow/taint/nsdata.swift
 create mode 100644 swift/ql/test/library-tests/dataflow/taint/nsmutabledata.swift

diff --git a/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll b/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll
index 4d563525830..9e0433958ba 100644
--- a/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll
+++ b/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll
@@ -81,6 +81,7 @@ private module Frameworks {
   private import codeql.swift.frameworks.StandardLibrary.CustomUrlSchemes
   private import codeql.swift.frameworks.StandardLibrary.Data
   private import codeql.swift.frameworks.StandardLibrary.InputStream
+  private import codeql.swift.frameworks.StandardLibrary.NSData
   private import codeql.swift.frameworks.StandardLibrary.String
   private import codeql.swift.frameworks.StandardLibrary.Url
   private import codeql.swift.frameworks.StandardLibrary.UrlSession
diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NSData.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NSData.qll
new file mode 100644
index 00000000000..4fd8cba33fc
--- /dev/null
+++ b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NSData.qll
@@ -0,0 +1,92 @@
+/** Provides classes and models to work with `NSData`-related objects. */
+
+import swift
+private import codeql.swift.dataflow.DataFlow
+private import codeql.swift.dataflow.ExternalFlow
+private import codeql.swift.dataflow.FlowSteps
+
+/** The class `NSData`. */
+class NsData extends ClassDecl {
+  NsData() { this.getFullName() = "NSData" }
+}
+
+/** The class `NSMutableData`. */
+class NsMutableData extends ClassDecl {
+  NsMutableData() { this.getFullName() = "NSMutableData" }
+}
+
+private class NsDataSources extends SourceModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        ";NSData;true;init(contentsOf:);;;ReturnValue;remote",
+        ";NSData;true;init(contentsOf:options:);;;ReturnValue;remote"
+      ]
+  }
+}
+
+private class NsDataSummaries extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        ";NSData;true;init(bytes:length:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(bytesNoCopy:length:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(bytesNoCopy:length:deallocator:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(bytesNoCopy:length:freeWhenDone:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(data:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(contentsOfFile:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(contentsOfFile:options:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(contentsOf:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(contentsOf:options:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(contentsOfMappedFile:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(base64Encoded:options:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;init(base64Encoding:);;;Argument[0];ReturnValue;taint",
+        ";NSData;true;base64EncodedData(options:);;;Argument[-1];ReturnValue;taint",
+        ";NSData;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint",
+        ";NSData;true;base64Encoding();;;Argument[-1];ReturnValue;taint",
+        ";NSData;true;dataWithContentsOfMappedFile(_:);;;Argument[0];ReturnValue;taint",
+        // TODO: Needs block flow
+        // ";NSData;true;enumerateBytes(_:);;;Argument[-1];Argument[0].Parameter[0];taint"
+        ";NSData;true;getBytes(_:);;;Argument[-1];Argument[0];taint",
+        ";NSData;true;getBytes(_:length:);;;Argument[-1];Argument[0];taint",
+        ";NSData;true;getBytes(_:range:);;;Argument[-1];Argument[0];taint",
+        ";NSData;true;subdata(with:);;;Argument[-1];ReturnValue;taint",
+        ";NSData;true;compressed(using:);;;Argument[-1];ReturnValue;taint",
+        ";NSData;true;decompressed(using:);;;Argument[-1];ReturnValue;taint"
+      ]
+  }
+}
+
+private class NsMutableDataSummaries extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        ";NSMutableData;true;append(_:length:);;;Argument[0];Argument[-1];taint",
+        ";NSMutableData;true;append(_:);;;Argument[0];Argument[-1];taint",
+        ";NSMutableData;true;replaceBytes(in:withBytes:);;;Argument[1];Argument[-1];taint",
+        ";NSMutableData;true;replaceBytes(in:withBytes:length:);;;Argument[1];Argument[-1];taint",
+        ";NSMutableData;true;setData(_:);;;Argument[0];Argument[-1];taint",
+      ]
+  }
+}
+
+/** A content implying that, if a `NSData` object is tainted, some of its fields are also tainted. */
+private class NsDataTaintedFields extends TaintInheritingContent, DataFlow::Content::FieldContent {
+  NsDataTaintedFields() {
+    exists(FieldDecl f | this.getField() = f |
+      f.getEnclosingDecl() instanceof NsData and
+      f.getName() = ["bytes", "description"]
+    )
+  }
+}
+
+/** A content implying that, if a `NSMutableData` object is tainted, some of its fields are also tainted. */
+private class NsMutableDataTaintedFields extends TaintInheritingContent,
+  DataFlow::Content::FieldContent {
+  NsMutableDataTaintedFields() {
+    exists(FieldDecl f | this.getField() = f |
+      f.getEnclosingDecl() instanceof NsMutableData and
+      f.getName() = "mutableBytes"
+    )
+  }
+}
diff --git a/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected b/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected
index d3deab14155..01c18633b5d 100644
--- a/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected
+++ b/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected
@@ -3,6 +3,10 @@
 | customurlschemes.swift:38:52:38:62 | url | external |
 | customurlschemes.swift:43:9:43:28 | ...[...] | Remote URL in UIApplicationDelegate.application.launchOptions |
 | customurlschemes.swift:48:9:48:28 | ...[...] | Remote URL in UIApplicationDelegate.application.launchOptions |
+| nsdata.swift:18:17:18:17 | call to init(contentsOf:) | external |
+| nsdata.swift:18:17:18:40 | call to init(contentsOf:) | external |
+| nsdata.swift:19:17:19:17 | call to init(contentsOf:options:) | external |
+| nsdata.swift:19:17:19:53 | call to init(contentsOf:options:) | external |
 | string.swift:56:21:56:21 | call to init(contentsOf:) | external |
 | string.swift:56:21:56:44 | call to init(contentsOf:) | external |
 | string.swift:57:21:57:21 | call to init(contentsOf:encoding:) | external |
diff --git a/swift/ql/test/library-tests/dataflow/flowsources/nsdata.swift b/swift/ql/test/library-tests/dataflow/flowsources/nsdata.swift
new file mode 100644
index 00000000000..d1258f10364
--- /dev/null
+++ b/swift/ql/test/library-tests/dataflow/flowsources/nsdata.swift
@@ -0,0 +1,20 @@
+// --- stubs ---
+
+struct URL
+{
+	init?(string: String) {}
+}
+
+class NSData {
+    struct ReadingOptions : OptionSet { let rawValue: Int }
+    init?(contentsOf: URL) {}
+    init?(contentsOf: URL, options: NSData.ReadingOptions) {}
+}
+
+// --- tests ---
+
+func testNSData() {
+    let url = URL(string: "http://example.com/")
+    let _ = try NSData(contentsOf: url!) // SOURCE
+    let _ = try NSData(contentsOf: url!, options: []) // SOURCE
+}
diff --git a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
index c5b7944178a..e2c893738d3 100644
--- a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
+++ b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
@@ -1,3 +1,6 @@
+| nsdata.swift:139:15:139:15 | nsDataTainted24 | nsdata.swift:139:15:139:31 | .bytes |
+| nsdata.swift:140:15:140:15 | nsDataTainted24 | nsdata.swift:140:15:140:31 | .description |
+| nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 | nsmutabledata.swift:49:15:49:37 | .mutableBytes |
 | string.swift:7:13:7:13 |  | string.swift:7:13:7:13 | [post]  |
 | string.swift:7:13:7:13 |  | string.swift:7:14:7:14 | [post] &... |
 | string.swift:7:13:7:13 | TapExpr | string.swift:7:13:7:13 | "..." |
diff --git a/swift/ql/test/library-tests/dataflow/taint/Taint.expected b/swift/ql/test/library-tests/dataflow/taint/Taint.expected
index b562c44bdc5..16e2f0bec8d 100644
--- a/swift/ql/test/library-tests/dataflow/taint/Taint.expected
+++ b/swift/ql/test/library-tests/dataflow/taint/Taint.expected
@@ -1,5 +1,141 @@
 edges
 | file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  | url.swift:120:61:120:61 | data :  |
+| nsdata.swift:22:9:22:9 | self :  | file://:0:0:0:0 | .bytes :  |
+| nsdata.swift:23:9:23:9 | self :  | file://:0:0:0:0 | .description :  |
+| nsdata.swift:24:5:24:50 | [summary param] 0 in init(bytes:length:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:length:) :  |
+| nsdata.swift:25:5:25:68 | [summary param] 0 in init(bytesNoCopy:length:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:) :  |
+| nsdata.swift:26:5:26:130 | [summary param] 0 in init(bytesNoCopy:length:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:deallocator:) :  |
+| nsdata.swift:27:5:27:90 | [summary param] 0 in init(bytesNoCopy:length:freeWhenDone:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:freeWhenDone:) :  |
+| nsdata.swift:28:5:28:23 | [summary param] 0 in init(data:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(data:) :  |
+| nsdata.swift:29:5:29:36 | [summary param] 0 in init(contentsOfFile:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfFile:) :  |
+| nsdata.swift:30:5:30:93 | [summary param] 0 in init(contentsOfFile:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfFile:options:) :  |
+| nsdata.swift:31:5:31:29 | [summary param] 0 in init(contentsOf:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:) :  |
+| nsdata.swift:32:5:32:61 | [summary param] 0 in init(contentsOf:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  |
+| nsdata.swift:33:5:33:47 | [summary param] 0 in init(contentsOfMappedFile:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfMappedFile:) :  |
+| nsdata.swift:34:5:34:88 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  |
+| nsdata.swift:35:5:35:92 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  |
+| nsdata.swift:36:5:36:49 | [summary param] 0 in init(base64Encoding:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoding:) :  |
+| nsdata.swift:37:5:37:98 | [summary param] this in base64EncodedData(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  |
+| nsdata.swift:38:5:38:96 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  |
+| nsdata.swift:39:5:39:49 | [summary param] this in base64Encoding() :  | file://:0:0:0:0 | [summary] to write: return (return) in base64Encoding() :  |
+| nsdata.swift:40:5:40:82 | [summary param] 0 in dataWithContentsOfMappedFile(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in dataWithContentsOfMappedFile(_:) :  |
+| nsdata.swift:42:5:42:55 | [summary param] this in getBytes(_:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:) :  |
+| nsdata.swift:43:5:43:68 | [summary param] this in getBytes(_:length:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:length:) :  |
+| nsdata.swift:44:5:44:71 | [summary param] this in getBytes(_:range:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:range:) :  |
+| nsdata.swift:45:5:45:65 | [summary param] this in subdata(with:) :  | file://:0:0:0:0 | [summary] to write: return (return) in subdata(with:) :  |
+| nsdata.swift:46:5:46:89 | [summary param] this in compressed(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in compressed(using:) :  |
+| nsdata.swift:47:5:47:91 | [summary param] this in decompressed(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in decompressed(using:) :  |
+| nsdata.swift:57:26:57:80 | call to init(bytes:length:) :  | nsdata.swift:58:15:58:15 | nsDataTainted1 |
+| nsdata.swift:57:40:57:47 | call to source() :  | nsdata.swift:24:5:24:50 | [summary param] 0 in init(bytes:length:) :  |
+| nsdata.swift:57:40:57:47 | call to source() :  | nsdata.swift:57:26:57:80 | call to init(bytes:length:) :  |
+| nsdata.swift:60:26:60:93 | call to init(bytesNoCopy:length:) :  | nsdata.swift:61:15:61:15 | nsDataTainted2 |
+| nsdata.swift:60:46:60:53 | call to source() :  | nsdata.swift:25:5:25:68 | [summary param] 0 in init(bytesNoCopy:length:) :  |
+| nsdata.swift:60:46:60:53 | call to source() :  | nsdata.swift:60:26:60:93 | call to init(bytesNoCopy:length:) :  |
+| nsdata.swift:63:26:63:111 | call to init(bytesNoCopy:length:deallocator:) :  | nsdata.swift:64:15:64:15 | nsDataTainted3 |
+| nsdata.swift:63:46:63:53 | call to source() :  | nsdata.swift:26:5:26:130 | [summary param] 0 in init(bytesNoCopy:length:deallocator:) :  |
+| nsdata.swift:63:46:63:53 | call to source() :  | nsdata.swift:63:26:63:111 | call to init(bytesNoCopy:length:deallocator:) :  |
+| nsdata.swift:66:26:66:113 | call to init(bytesNoCopy:length:freeWhenDone:) :  | nsdata.swift:67:15:67:15 | nsDataTainted4 |
+| nsdata.swift:66:46:66:53 | call to source() :  | nsdata.swift:27:5:27:90 | [summary param] 0 in init(bytesNoCopy:length:freeWhenDone:) :  |
+| nsdata.swift:66:46:66:53 | call to source() :  | nsdata.swift:66:26:66:113 | call to init(bytesNoCopy:length:freeWhenDone:) :  |
+| nsdata.swift:69:26:69:56 | call to init(data:) :  | nsdata.swift:70:15:70:15 | nsDataTainted5 |
+| nsdata.swift:69:39:69:46 | call to source() :  | nsdata.swift:28:5:28:23 | [summary param] 0 in init(data:) :  |
+| nsdata.swift:69:39:69:46 | call to source() :  | nsdata.swift:69:26:69:56 | call to init(data:) :  |
+| nsdata.swift:72:26:72:68 | call to init(contentsOfFile:) :  | nsdata.swift:73:15:73:29 | ...! |
+| nsdata.swift:72:49:72:56 | call to source() :  | nsdata.swift:29:5:29:36 | [summary param] 0 in init(contentsOfFile:) :  |
+| nsdata.swift:72:49:72:56 | call to source() :  | nsdata.swift:72:26:72:68 | call to init(contentsOfFile:) :  |
+| nsdata.swift:75:26:75:81 | call to init(contentsOfFile:options:) :  | nsdata.swift:76:15:76:15 | nsDataTainted7 |
+| nsdata.swift:75:49:75:56 | call to source() :  | nsdata.swift:30:5:30:93 | [summary param] 0 in init(contentsOfFile:options:) :  |
+| nsdata.swift:75:49:75:56 | call to source() :  | nsdata.swift:75:26:75:81 | call to init(contentsOfFile:options:) :  |
+| nsdata.swift:78:26:78:61 | call to init(contentsOf:) :  | nsdata.swift:79:15:79:29 | ...! |
+| nsdata.swift:78:45:78:52 | call to source() :  | nsdata.swift:31:5:31:29 | [summary param] 0 in init(contentsOf:) :  |
+| nsdata.swift:78:45:78:52 | call to source() :  | nsdata.swift:78:26:78:61 | call to init(contentsOf:) :  |
+| nsdata.swift:81:26:81:74 | call to init(contentsOf:options:) :  | nsdata.swift:82:15:82:29 | ...! |
+| nsdata.swift:81:45:81:52 | call to source() :  | nsdata.swift:32:5:32:61 | [summary param] 0 in init(contentsOf:options:) :  |
+| nsdata.swift:81:45:81:52 | call to source() :  | nsdata.swift:81:26:81:74 | call to init(contentsOf:options:) :  |
+| nsdata.swift:84:27:84:75 | call to init(contentsOfMappedFile:) :  | nsdata.swift:85:15:85:30 | ...! |
+| nsdata.swift:84:56:84:63 | call to source() :  | nsdata.swift:33:5:33:47 | [summary param] 0 in init(contentsOfMappedFile:) :  |
+| nsdata.swift:84:56:84:63 | call to source() :  | nsdata.swift:84:27:84:75 | call to init(contentsOfMappedFile:) :  |
+| nsdata.swift:87:27:87:79 | call to init(base64Encoded:options:) :  | nsdata.swift:88:15:88:30 | ...! |
+| nsdata.swift:87:49:87:56 | call to source() :  | nsdata.swift:34:5:34:88 | [summary param] 0 in init(base64Encoded:options:) :  |
+| nsdata.swift:87:49:87:56 | call to source() :  | nsdata.swift:87:27:87:79 | call to init(base64Encoded:options:) :  |
+| nsdata.swift:89:27:89:81 | call to init(base64Encoded:options:) :  | nsdata.swift:90:15:90:30 | ...! |
+| nsdata.swift:89:49:89:56 | call to source() :  | nsdata.swift:35:5:35:92 | [summary param] 0 in init(base64Encoded:options:) :  |
+| nsdata.swift:89:49:89:56 | call to source() :  | nsdata.swift:89:27:89:81 | call to init(base64Encoded:options:) :  |
+| nsdata.swift:92:27:92:69 | call to init(base64Encoding:) :  | nsdata.swift:93:15:93:30 | ...! |
+| nsdata.swift:92:50:92:57 | call to source() :  | nsdata.swift:36:5:36:49 | [summary param] 0 in init(base64Encoding:) :  |
+| nsdata.swift:92:50:92:57 | call to source() :  | nsdata.swift:92:27:92:69 | call to init(base64Encoding:) :  |
+| nsdata.swift:95:27:95:34 | call to source() :  | nsdata.swift:96:15:96:15 | nsDataTainted14 :  |
+| nsdata.swift:95:27:95:34 | call to source() :  | nsdata.swift:97:15:97:15 | nsDataTainted14 :  |
+| nsdata.swift:96:15:96:15 | nsDataTainted14 :  | nsdata.swift:37:5:37:98 | [summary param] this in base64EncodedData(options:) :  |
+| nsdata.swift:96:15:96:15 | nsDataTainted14 :  | nsdata.swift:96:15:96:49 | call to base64EncodedData(options:) |
+| nsdata.swift:97:15:97:15 | nsDataTainted14 :  | nsdata.swift:37:5:37:98 | [summary param] this in base64EncodedData(options:) :  |
+| nsdata.swift:97:15:97:15 | nsDataTainted14 :  | nsdata.swift:97:15:97:60 | call to base64EncodedData(options:) |
+| nsdata.swift:99:27:99:34 | call to source() :  | nsdata.swift:100:15:100:15 | nsDataTainted15 :  |
+| nsdata.swift:99:27:99:34 | call to source() :  | nsdata.swift:101:15:101:15 | nsDataTainted15 :  |
+| nsdata.swift:100:15:100:15 | nsDataTainted15 :  | nsdata.swift:38:5:38:96 | [summary param] this in base64EncodedString(options:) :  |
+| nsdata.swift:100:15:100:15 | nsDataTainted15 :  | nsdata.swift:100:15:100:51 | call to base64EncodedString(options:) |
+| nsdata.swift:101:15:101:15 | nsDataTainted15 :  | nsdata.swift:38:5:38:96 | [summary param] this in base64EncodedString(options:) :  |
+| nsdata.swift:101:15:101:15 | nsDataTainted15 :  | nsdata.swift:101:15:101:62 | call to base64EncodedString(options:) |
+| nsdata.swift:103:27:103:34 | call to source() :  | nsdata.swift:104:15:104:15 | nsDataTainted16 :  |
+| nsdata.swift:104:15:104:15 | nsDataTainted16 :  | nsdata.swift:39:5:39:49 | [summary param] this in base64Encoding() :  |
+| nsdata.swift:104:15:104:15 | nsDataTainted16 :  | nsdata.swift:104:15:104:46 | call to base64Encoding() |
+| nsdata.swift:106:15:106:70 | call to dataWithContentsOfMappedFile(_:) :  | nsdata.swift:106:15:106:71 | ...! |
+| nsdata.swift:106:51:106:58 | call to source() :  | nsdata.swift:40:5:40:82 | [summary param] 0 in dataWithContentsOfMappedFile(_:) :  |
+| nsdata.swift:106:51:106:58 | call to source() :  | nsdata.swift:106:15:106:70 | call to dataWithContentsOfMappedFile(_:) :  |
+| nsdata.swift:113:27:113:34 | call to source() :  | nsdata.swift:115:5:115:5 | nsDataTainted18 :  |
+| nsdata.swift:115:5:115:5 | nsDataTainted18 :  | nsdata.swift:42:5:42:55 | [summary param] this in getBytes(_:) :  |
+| nsdata.swift:115:5:115:5 | nsDataTainted18 :  | nsdata.swift:115:30:115:30 | [post] bufferTainted18 :  |
+| nsdata.swift:115:30:115:30 | [post] bufferTainted18 :  | nsdata.swift:116:15:116:15 | bufferTainted18 |
+| nsdata.swift:118:27:118:34 | call to source() :  | nsdata.swift:120:5:120:5 | nsDataTainted19 :  |
+| nsdata.swift:120:5:120:5 | nsDataTainted19 :  | nsdata.swift:43:5:43:68 | [summary param] this in getBytes(_:length:) :  |
+| nsdata.swift:120:5:120:5 | nsDataTainted19 :  | nsdata.swift:120:30:120:30 | [post] bufferTainted19 :  |
+| nsdata.swift:120:30:120:30 | [post] bufferTainted19 :  | nsdata.swift:121:15:121:15 | bufferTainted19 |
+| nsdata.swift:123:27:123:34 | call to source() :  | nsdata.swift:125:5:125:5 | nsDataTainted20 :  |
+| nsdata.swift:125:5:125:5 | nsDataTainted20 :  | nsdata.swift:44:5:44:71 | [summary param] this in getBytes(_:range:) :  |
+| nsdata.swift:125:5:125:5 | nsDataTainted20 :  | nsdata.swift:125:30:125:30 | [post] bufferTainted20 :  |
+| nsdata.swift:125:30:125:30 | [post] bufferTainted20 :  | nsdata.swift:126:15:126:15 | bufferTainted20 |
+| nsdata.swift:128:27:128:34 | call to source() :  | nsdata.swift:129:15:129:15 | nsDataTainted21 :  |
+| nsdata.swift:129:15:129:15 | nsDataTainted21 :  | nsdata.swift:45:5:45:65 | [summary param] this in subdata(with:) :  |
+| nsdata.swift:129:15:129:15 | nsDataTainted21 :  | nsdata.swift:129:15:129:54 | call to subdata(with:) |
+| nsdata.swift:131:27:131:34 | call to source() :  | nsdata.swift:132:15:132:15 | nsDataTainted22 :  |
+| nsdata.swift:132:15:132:15 | nsDataTainted22 :  | nsdata.swift:46:5:46:89 | [summary param] this in compressed(using:) :  |
+| nsdata.swift:132:15:132:15 | nsDataTainted22 :  | nsdata.swift:132:15:132:81 | call to compressed(using:) |
+| nsdata.swift:134:27:134:34 | call to source() :  | nsdata.swift:135:15:135:15 | nsDataTainted23 :  |
+| nsdata.swift:135:15:135:15 | nsDataTainted23 :  | nsdata.swift:47:5:47:91 | [summary param] this in decompressed(using:) :  |
+| nsdata.swift:135:15:135:15 | nsDataTainted23 :  | nsdata.swift:135:15:135:83 | call to decompressed(using:) |
+| nsdata.swift:138:27:138:34 | call to source() :  | nsdata.swift:139:15:139:15 | nsDataTainted24 :  |
+| nsdata.swift:138:27:138:34 | call to source() :  | nsdata.swift:139:15:139:31 | .bytes |
+| nsdata.swift:138:27:138:34 | call to source() :  | nsdata.swift:140:15:140:15 | nsDataTainted24 :  |
+| nsdata.swift:138:27:138:34 | call to source() :  | nsdata.swift:140:15:140:31 | .description |
+| nsdata.swift:139:15:139:15 | nsDataTainted24 :  | nsdata.swift:22:9:22:9 | self :  |
+| nsdata.swift:139:15:139:15 | nsDataTainted24 :  | nsdata.swift:139:15:139:31 | .bytes |
+| nsdata.swift:140:15:140:15 | nsDataTainted24 :  | nsdata.swift:23:9:23:9 | self :  |
+| nsdata.swift:140:15:140:15 | nsDataTainted24 :  | nsdata.swift:140:15:140:31 | .description |
+| nsmutabledata.swift:13:9:13:9 | self :  | file://:0:0:0:0 | .mutableBytes :  |
+| nsmutabledata.swift:14:5:14:58 | [summary param] 0 in append(_:length:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:length:) :  |
+| nsmutabledata.swift:15:5:15:33 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
+| nsmutabledata.swift:16:5:16:78 | [summary param] 1 in replaceBytes(in:withBytes:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:) :  |
+| nsmutabledata.swift:17:5:17:121 | [summary param] 1 in replaceBytes(in:withBytes:length:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  |
+| nsmutabledata.swift:18:5:18:33 | [summary param] 0 in setData(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in setData(_:) :  |
+| nsmutabledata.swift:28:5:28:5 | [post] nsMutableDataTainted1 :  | nsmutabledata.swift:29:15:29:15 | nsMutableDataTainted1 |
+| nsmutabledata.swift:28:34:28:41 | call to source() :  | nsmutabledata.swift:14:5:14:58 | [summary param] 0 in append(_:length:) :  |
+| nsmutabledata.swift:28:34:28:41 | call to source() :  | nsmutabledata.swift:28:5:28:5 | [post] nsMutableDataTainted1 :  |
+| nsmutabledata.swift:32:5:32:5 | [post] nsMutableDataTainted2 :  | nsmutabledata.swift:33:15:33:15 | nsMutableDataTainted2 |
+| nsmutabledata.swift:32:34:32:41 | call to source() :  | nsmutabledata.swift:15:5:15:33 | [summary param] 0 in append(_:) :  |
+| nsmutabledata.swift:32:34:32:41 | call to source() :  | nsmutabledata.swift:32:5:32:5 | [post] nsMutableDataTainted2 :  |
+| nsmutabledata.swift:36:5:36:5 | [post] nsMutableDataTainted3 :  | nsmutabledata.swift:37:15:37:15 | nsMutableDataTainted3 |
+| nsmutabledata.swift:36:66:36:73 | call to source() :  | nsmutabledata.swift:16:5:16:78 | [summary param] 1 in replaceBytes(in:withBytes:) :  |
+| nsmutabledata.swift:36:66:36:73 | call to source() :  | nsmutabledata.swift:36:5:36:5 | [post] nsMutableDataTainted3 :  |
+| nsmutabledata.swift:40:5:40:5 | [post] nsMutableDataTainted4 :  | nsmutabledata.swift:41:15:41:15 | nsMutableDataTainted4 |
+| nsmutabledata.swift:40:66:40:73 | call to source() :  | nsmutabledata.swift:17:5:17:121 | [summary param] 1 in replaceBytes(in:withBytes:length:) :  |
+| nsmutabledata.swift:40:66:40:73 | call to source() :  | nsmutabledata.swift:40:5:40:5 | [post] nsMutableDataTainted4 :  |
+| nsmutabledata.swift:44:5:44:5 | [post] nsMutableDataTainted5 :  | nsmutabledata.swift:45:15:45:15 | nsMutableDataTainted5 |
+| nsmutabledata.swift:44:35:44:42 | call to source() :  | nsmutabledata.swift:18:5:18:33 | [summary param] 0 in setData(_:) :  |
+| nsmutabledata.swift:44:35:44:42 | call to source() :  | nsmutabledata.swift:44:5:44:5 | [post] nsMutableDataTainted5 :  |
+| nsmutabledata.swift:48:33:48:40 | call to source() :  | nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 :  |
+| nsmutabledata.swift:48:33:48:40 | call to source() :  | nsmutabledata.swift:49:15:49:37 | .mutableBytes |
+| nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 :  | nsmutabledata.swift:13:9:13:9 | self :  |
+| nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 :  | nsmutabledata.swift:49:15:49:37 | .mutableBytes |
 | string.swift:5:11:5:18 | call to source() :  | string.swift:7:13:7:13 | "..." |
 | string.swift:5:11:5:18 | call to source() :  | string.swift:9:13:9:13 | "..." |
 | string.swift:5:11:5:18 | call to source() :  | string.swift:11:13:11:13 | "..." |
@@ -240,13 +376,43 @@ edges
 | webview.swift:97:17:97:17 | s :  | webview.swift:44:5:44:48 | [summary param] 0 in setValue(_:forProperty:) :  |
 | webview.swift:97:17:97:17 | s :  | webview.swift:97:5:97:5 | [post] v3 :  |
 nodes
+| file://:0:0:0:0 | .bytes :  | semmle.label | .bytes :  |
+| file://:0:0:0:0 | .description :  | semmle.label | .description :  |
+| file://:0:0:0:0 | .mutableBytes :  | semmle.label | .mutableBytes :  |
+| file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:) :  | semmle.label | [summary] to write: argument 0 in getBytes(_:) :  |
+| file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:length:) :  | semmle.label | [summary] to write: argument 0 in getBytes(_:length:) :  |
+| file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:range:) :  | semmle.label | [summary] to write: argument 0 in getBytes(_:range:) :  |
 | file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  | semmle.label | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | semmle.label | [summary] to write: argument this in append(_:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in append(_:length:) :  | semmle.label | [summary] to write: argument this in append(_:length:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in defineProperty(_:descriptor:) :  | semmle.label | [summary] to write: argument this in defineProperty(_:descriptor:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:) :  | semmle.label | [summary] to write: argument this in replaceBytes(in:withBytes:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  | semmle.label | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in setData(_:) :  | semmle.label | [summary] to write: argument this in setData(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:at:) :  | semmle.label | [summary] to write: argument this in setValue(_:at:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:forProperty:) :  | semmle.label | [summary] to write: argument this in setValue(_:forProperty:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in atIndex(_:) :  | semmle.label | [summary] to write: return (return) in atIndex(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  | semmle.label | [summary] to write: return (return) in base64EncodedData(options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  | semmle.label | [summary] to write: return (return) in base64EncodedString(options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in base64Encoding() :  | semmle.label | [summary] to write: return (return) in base64Encoding() :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in compressed(using:) :  | semmle.label | [summary] to write: return (return) in compressed(using:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in dataWithContentsOfMappedFile(_:) :  | semmle.label | [summary] to write: return (return) in dataWithContentsOfMappedFile(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in decompressed(using:) :  | semmle.label | [summary] to write: return (return) in decompressed(using:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in forProperty(_:) :  | semmle.label | [summary] to write: return (return) in forProperty(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | semmle.label | [summary] to write: return (return) in init(base64Encoded:options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | semmle.label | [summary] to write: return (return) in init(base64Encoded:options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoding:) :  | semmle.label | [summary] to write: return (return) in init(base64Encoding:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(bool:in:) :  | semmle.label | [summary] to write: return (return) in init(bool:in:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:length:) :  | semmle.label | [summary] to write: return (return) in init(bytes:length:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:) :  | semmle.label | [summary] to write: return (return) in init(bytesNoCopy:length:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:deallocator:) :  | semmle.label | [summary] to write: return (return) in init(bytesNoCopy:length:deallocator:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:freeWhenDone:) :  | semmle.label | [summary] to write: return (return) in init(bytesNoCopy:length:freeWhenDone:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:) :  | semmle.label | [summary] to write: return (return) in init(contentsOf:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  | semmle.label | [summary] to write: return (return) in init(contentsOf:options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfFile:) :  | semmle.label | [summary] to write: return (return) in init(contentsOfFile:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfFile:options:) :  | semmle.label | [summary] to write: return (return) in init(contentsOfFile:options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfMappedFile:) :  | semmle.label | [summary] to write: return (return) in init(contentsOfMappedFile:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(data:) :  | semmle.label | [summary] to write: return (return) in init(data:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(double:in:) :  | semmle.label | [summary] to write: return (return) in init(double:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(int32:in:) :  | semmle.label | [summary] to write: return (return) in init(int32:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(object:in:) :  | semmle.label | [summary] to write: return (return) in init(object:in:) :  |
@@ -258,6 +424,7 @@ nodes
 | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | semmle.label | [summary] to write: return (return) in init(string:relativeTo:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | semmle.label | [summary] to write: return (return) in init(string:relativeTo:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(uInt32:in:) :  | semmle.label | [summary] to write: return (return) in init(uInt32:in:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in subdata(with:) :  | semmle.label | [summary] to write: return (return) in subdata(with:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toArray() :  | semmle.label | [summary] to write: return (return) in toArray() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toBool() :  | semmle.label | [summary] to write: return (return) in toBool() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toDate() :  | semmle.label | [summary] to write: return (return) in toDate() :  |
@@ -273,6 +440,136 @@ nodes
 | file://:0:0:0:0 | [summary] to write: return (return) in toSize() :  | semmle.label | [summary] to write: return (return) in toSize() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toString() :  | semmle.label | [summary] to write: return (return) in toString() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toUInt32() :  | semmle.label | [summary] to write: return (return) in toUInt32() :  |
+| nsdata.swift:22:9:22:9 | self :  | semmle.label | self :  |
+| nsdata.swift:23:9:23:9 | self :  | semmle.label | self :  |
+| nsdata.swift:24:5:24:50 | [summary param] 0 in init(bytes:length:) :  | semmle.label | [summary param] 0 in init(bytes:length:) :  |
+| nsdata.swift:25:5:25:68 | [summary param] 0 in init(bytesNoCopy:length:) :  | semmle.label | [summary param] 0 in init(bytesNoCopy:length:) :  |
+| nsdata.swift:26:5:26:130 | [summary param] 0 in init(bytesNoCopy:length:deallocator:) :  | semmle.label | [summary param] 0 in init(bytesNoCopy:length:deallocator:) :  |
+| nsdata.swift:27:5:27:90 | [summary param] 0 in init(bytesNoCopy:length:freeWhenDone:) :  | semmle.label | [summary param] 0 in init(bytesNoCopy:length:freeWhenDone:) :  |
+| nsdata.swift:28:5:28:23 | [summary param] 0 in init(data:) :  | semmle.label | [summary param] 0 in init(data:) :  |
+| nsdata.swift:29:5:29:36 | [summary param] 0 in init(contentsOfFile:) :  | semmle.label | [summary param] 0 in init(contentsOfFile:) :  |
+| nsdata.swift:30:5:30:93 | [summary param] 0 in init(contentsOfFile:options:) :  | semmle.label | [summary param] 0 in init(contentsOfFile:options:) :  |
+| nsdata.swift:31:5:31:29 | [summary param] 0 in init(contentsOf:) :  | semmle.label | [summary param] 0 in init(contentsOf:) :  |
+| nsdata.swift:32:5:32:61 | [summary param] 0 in init(contentsOf:options:) :  | semmle.label | [summary param] 0 in init(contentsOf:options:) :  |
+| nsdata.swift:33:5:33:47 | [summary param] 0 in init(contentsOfMappedFile:) :  | semmle.label | [summary param] 0 in init(contentsOfMappedFile:) :  |
+| nsdata.swift:34:5:34:88 | [summary param] 0 in init(base64Encoded:options:) :  | semmle.label | [summary param] 0 in init(base64Encoded:options:) :  |
+| nsdata.swift:35:5:35:92 | [summary param] 0 in init(base64Encoded:options:) :  | semmle.label | [summary param] 0 in init(base64Encoded:options:) :  |
+| nsdata.swift:36:5:36:49 | [summary param] 0 in init(base64Encoding:) :  | semmle.label | [summary param] 0 in init(base64Encoding:) :  |
+| nsdata.swift:37:5:37:98 | [summary param] this in base64EncodedData(options:) :  | semmle.label | [summary param] this in base64EncodedData(options:) :  |
+| nsdata.swift:38:5:38:96 | [summary param] this in base64EncodedString(options:) :  | semmle.label | [summary param] this in base64EncodedString(options:) :  |
+| nsdata.swift:39:5:39:49 | [summary param] this in base64Encoding() :  | semmle.label | [summary param] this in base64Encoding() :  |
+| nsdata.swift:40:5:40:82 | [summary param] 0 in dataWithContentsOfMappedFile(_:) :  | semmle.label | [summary param] 0 in dataWithContentsOfMappedFile(_:) :  |
+| nsdata.swift:42:5:42:55 | [summary param] this in getBytes(_:) :  | semmle.label | [summary param] this in getBytes(_:) :  |
+| nsdata.swift:43:5:43:68 | [summary param] this in getBytes(_:length:) :  | semmle.label | [summary param] this in getBytes(_:length:) :  |
+| nsdata.swift:44:5:44:71 | [summary param] this in getBytes(_:range:) :  | semmle.label | [summary param] this in getBytes(_:range:) :  |
+| nsdata.swift:45:5:45:65 | [summary param] this in subdata(with:) :  | semmle.label | [summary param] this in subdata(with:) :  |
+| nsdata.swift:46:5:46:89 | [summary param] this in compressed(using:) :  | semmle.label | [summary param] this in compressed(using:) :  |
+| nsdata.swift:47:5:47:91 | [summary param] this in decompressed(using:) :  | semmle.label | [summary param] this in decompressed(using:) :  |
+| nsdata.swift:57:26:57:80 | call to init(bytes:length:) :  | semmle.label | call to init(bytes:length:) :  |
+| nsdata.swift:57:40:57:47 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:58:15:58:15 | nsDataTainted1 | semmle.label | nsDataTainted1 |
+| nsdata.swift:60:26:60:93 | call to init(bytesNoCopy:length:) :  | semmle.label | call to init(bytesNoCopy:length:) :  |
+| nsdata.swift:60:46:60:53 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:61:15:61:15 | nsDataTainted2 | semmle.label | nsDataTainted2 |
+| nsdata.swift:63:26:63:111 | call to init(bytesNoCopy:length:deallocator:) :  | semmle.label | call to init(bytesNoCopy:length:deallocator:) :  |
+| nsdata.swift:63:46:63:53 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:64:15:64:15 | nsDataTainted3 | semmle.label | nsDataTainted3 |
+| nsdata.swift:66:26:66:113 | call to init(bytesNoCopy:length:freeWhenDone:) :  | semmle.label | call to init(bytesNoCopy:length:freeWhenDone:) :  |
+| nsdata.swift:66:46:66:53 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:67:15:67:15 | nsDataTainted4 | semmle.label | nsDataTainted4 |
+| nsdata.swift:69:26:69:56 | call to init(data:) :  | semmle.label | call to init(data:) :  |
+| nsdata.swift:69:39:69:46 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:70:15:70:15 | nsDataTainted5 | semmle.label | nsDataTainted5 |
+| nsdata.swift:72:26:72:68 | call to init(contentsOfFile:) :  | semmle.label | call to init(contentsOfFile:) :  |
+| nsdata.swift:72:49:72:56 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:73:15:73:29 | ...! | semmle.label | ...! |
+| nsdata.swift:75:26:75:81 | call to init(contentsOfFile:options:) :  | semmle.label | call to init(contentsOfFile:options:) :  |
+| nsdata.swift:75:49:75:56 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:76:15:76:15 | nsDataTainted7 | semmle.label | nsDataTainted7 |
+| nsdata.swift:78:26:78:61 | call to init(contentsOf:) :  | semmle.label | call to init(contentsOf:) :  |
+| nsdata.swift:78:45:78:52 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:79:15:79:29 | ...! | semmle.label | ...! |
+| nsdata.swift:81:26:81:74 | call to init(contentsOf:options:) :  | semmle.label | call to init(contentsOf:options:) :  |
+| nsdata.swift:81:45:81:52 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:82:15:82:29 | ...! | semmle.label | ...! |
+| nsdata.swift:84:27:84:75 | call to init(contentsOfMappedFile:) :  | semmle.label | call to init(contentsOfMappedFile:) :  |
+| nsdata.swift:84:56:84:63 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:85:15:85:30 | ...! | semmle.label | ...! |
+| nsdata.swift:87:27:87:79 | call to init(base64Encoded:options:) :  | semmle.label | call to init(base64Encoded:options:) :  |
+| nsdata.swift:87:49:87:56 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:88:15:88:30 | ...! | semmle.label | ...! |
+| nsdata.swift:89:27:89:81 | call to init(base64Encoded:options:) :  | semmle.label | call to init(base64Encoded:options:) :  |
+| nsdata.swift:89:49:89:56 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:90:15:90:30 | ...! | semmle.label | ...! |
+| nsdata.swift:92:27:92:69 | call to init(base64Encoding:) :  | semmle.label | call to init(base64Encoding:) :  |
+| nsdata.swift:92:50:92:57 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:93:15:93:30 | ...! | semmle.label | ...! |
+| nsdata.swift:95:27:95:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:96:15:96:15 | nsDataTainted14 :  | semmle.label | nsDataTainted14 :  |
+| nsdata.swift:96:15:96:49 | call to base64EncodedData(options:) | semmle.label | call to base64EncodedData(options:) |
+| nsdata.swift:97:15:97:15 | nsDataTainted14 :  | semmle.label | nsDataTainted14 :  |
+| nsdata.swift:97:15:97:60 | call to base64EncodedData(options:) | semmle.label | call to base64EncodedData(options:) |
+| nsdata.swift:99:27:99:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:100:15:100:15 | nsDataTainted15 :  | semmle.label | nsDataTainted15 :  |
+| nsdata.swift:100:15:100:51 | call to base64EncodedString(options:) | semmle.label | call to base64EncodedString(options:) |
+| nsdata.swift:101:15:101:15 | nsDataTainted15 :  | semmle.label | nsDataTainted15 :  |
+| nsdata.swift:101:15:101:62 | call to base64EncodedString(options:) | semmle.label | call to base64EncodedString(options:) |
+| nsdata.swift:103:27:103:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:104:15:104:15 | nsDataTainted16 :  | semmle.label | nsDataTainted16 :  |
+| nsdata.swift:104:15:104:46 | call to base64Encoding() | semmle.label | call to base64Encoding() |
+| nsdata.swift:106:15:106:70 | call to dataWithContentsOfMappedFile(_:) :  | semmle.label | call to dataWithContentsOfMappedFile(_:) :  |
+| nsdata.swift:106:15:106:71 | ...! | semmle.label | ...! |
+| nsdata.swift:106:51:106:58 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:113:27:113:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:115:5:115:5 | nsDataTainted18 :  | semmle.label | nsDataTainted18 :  |
+| nsdata.swift:115:30:115:30 | [post] bufferTainted18 :  | semmle.label | [post] bufferTainted18 :  |
+| nsdata.swift:116:15:116:15 | bufferTainted18 | semmle.label | bufferTainted18 |
+| nsdata.swift:118:27:118:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:120:5:120:5 | nsDataTainted19 :  | semmle.label | nsDataTainted19 :  |
+| nsdata.swift:120:30:120:30 | [post] bufferTainted19 :  | semmle.label | [post] bufferTainted19 :  |
+| nsdata.swift:121:15:121:15 | bufferTainted19 | semmle.label | bufferTainted19 |
+| nsdata.swift:123:27:123:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:125:5:125:5 | nsDataTainted20 :  | semmle.label | nsDataTainted20 :  |
+| nsdata.swift:125:30:125:30 | [post] bufferTainted20 :  | semmle.label | [post] bufferTainted20 :  |
+| nsdata.swift:126:15:126:15 | bufferTainted20 | semmle.label | bufferTainted20 |
+| nsdata.swift:128:27:128:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:129:15:129:15 | nsDataTainted21 :  | semmle.label | nsDataTainted21 :  |
+| nsdata.swift:129:15:129:54 | call to subdata(with:) | semmle.label | call to subdata(with:) |
+| nsdata.swift:131:27:131:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:132:15:132:15 | nsDataTainted22 :  | semmle.label | nsDataTainted22 :  |
+| nsdata.swift:132:15:132:81 | call to compressed(using:) | semmle.label | call to compressed(using:) |
+| nsdata.swift:134:27:134:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:135:15:135:15 | nsDataTainted23 :  | semmle.label | nsDataTainted23 :  |
+| nsdata.swift:135:15:135:83 | call to decompressed(using:) | semmle.label | call to decompressed(using:) |
+| nsdata.swift:138:27:138:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:139:15:139:15 | nsDataTainted24 :  | semmle.label | nsDataTainted24 :  |
+| nsdata.swift:139:15:139:31 | .bytes | semmle.label | .bytes |
+| nsdata.swift:140:15:140:15 | nsDataTainted24 :  | semmle.label | nsDataTainted24 :  |
+| nsdata.swift:140:15:140:31 | .description | semmle.label | .description |
+| nsmutabledata.swift:13:9:13:9 | self :  | semmle.label | self :  |
+| nsmutabledata.swift:14:5:14:58 | [summary param] 0 in append(_:length:) :  | semmle.label | [summary param] 0 in append(_:length:) :  |
+| nsmutabledata.swift:15:5:15:33 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
+| nsmutabledata.swift:16:5:16:78 | [summary param] 1 in replaceBytes(in:withBytes:) :  | semmle.label | [summary param] 1 in replaceBytes(in:withBytes:) :  |
+| nsmutabledata.swift:17:5:17:121 | [summary param] 1 in replaceBytes(in:withBytes:length:) :  | semmle.label | [summary param] 1 in replaceBytes(in:withBytes:length:) :  |
+| nsmutabledata.swift:18:5:18:33 | [summary param] 0 in setData(_:) :  | semmle.label | [summary param] 0 in setData(_:) :  |
+| nsmutabledata.swift:28:5:28:5 | [post] nsMutableDataTainted1 :  | semmle.label | [post] nsMutableDataTainted1 :  |
+| nsmutabledata.swift:28:34:28:41 | call to source() :  | semmle.label | call to source() :  |
+| nsmutabledata.swift:29:15:29:15 | nsMutableDataTainted1 | semmle.label | nsMutableDataTainted1 |
+| nsmutabledata.swift:32:5:32:5 | [post] nsMutableDataTainted2 :  | semmle.label | [post] nsMutableDataTainted2 :  |
+| nsmutabledata.swift:32:34:32:41 | call to source() :  | semmle.label | call to source() :  |
+| nsmutabledata.swift:33:15:33:15 | nsMutableDataTainted2 | semmle.label | nsMutableDataTainted2 |
+| nsmutabledata.swift:36:5:36:5 | [post] nsMutableDataTainted3 :  | semmle.label | [post] nsMutableDataTainted3 :  |
+| nsmutabledata.swift:36:66:36:73 | call to source() :  | semmle.label | call to source() :  |
+| nsmutabledata.swift:37:15:37:15 | nsMutableDataTainted3 | semmle.label | nsMutableDataTainted3 |
+| nsmutabledata.swift:40:5:40:5 | [post] nsMutableDataTainted4 :  | semmle.label | [post] nsMutableDataTainted4 :  |
+| nsmutabledata.swift:40:66:40:73 | call to source() :  | semmle.label | call to source() :  |
+| nsmutabledata.swift:41:15:41:15 | nsMutableDataTainted4 | semmle.label | nsMutableDataTainted4 |
+| nsmutabledata.swift:44:5:44:5 | [post] nsMutableDataTainted5 :  | semmle.label | [post] nsMutableDataTainted5 :  |
+| nsmutabledata.swift:44:35:44:42 | call to source() :  | semmle.label | call to source() :  |
+| nsmutabledata.swift:45:15:45:15 | nsMutableDataTainted5 | semmle.label | nsMutableDataTainted5 |
+| nsmutabledata.swift:48:33:48:40 | call to source() :  | semmle.label | call to source() :  |
+| nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 :  | semmle.label | nsMutableDataTainted6 :  |
+| nsmutabledata.swift:49:15:49:37 | .mutableBytes | semmle.label | .mutableBytes |
 | string.swift:5:11:5:18 | call to source() :  | semmle.label | call to source() :  |
 | string.swift:7:13:7:13 | "..." | semmle.label | "..." |
 | string.swift:9:13:9:13 | "..." | semmle.label | "..." |
@@ -474,6 +771,39 @@ nodes
 | webview.swift:97:17:97:17 | s :  | semmle.label | s :  |
 | webview.swift:98:10:98:10 | v3 | semmle.label | v3 |
 subpaths
+| nsdata.swift:57:40:57:47 | call to source() :  | nsdata.swift:24:5:24:50 | [summary param] 0 in init(bytes:length:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:length:) :  | nsdata.swift:57:26:57:80 | call to init(bytes:length:) :  |
+| nsdata.swift:60:46:60:53 | call to source() :  | nsdata.swift:25:5:25:68 | [summary param] 0 in init(bytesNoCopy:length:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:) :  | nsdata.swift:60:26:60:93 | call to init(bytesNoCopy:length:) :  |
+| nsdata.swift:63:46:63:53 | call to source() :  | nsdata.swift:26:5:26:130 | [summary param] 0 in init(bytesNoCopy:length:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:deallocator:) :  | nsdata.swift:63:26:63:111 | call to init(bytesNoCopy:length:deallocator:) :  |
+| nsdata.swift:66:46:66:53 | call to source() :  | nsdata.swift:27:5:27:90 | [summary param] 0 in init(bytesNoCopy:length:freeWhenDone:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:freeWhenDone:) :  | nsdata.swift:66:26:66:113 | call to init(bytesNoCopy:length:freeWhenDone:) :  |
+| nsdata.swift:69:39:69:46 | call to source() :  | nsdata.swift:28:5:28:23 | [summary param] 0 in init(data:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(data:) :  | nsdata.swift:69:26:69:56 | call to init(data:) :  |
+| nsdata.swift:72:49:72:56 | call to source() :  | nsdata.swift:29:5:29:36 | [summary param] 0 in init(contentsOfFile:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfFile:) :  | nsdata.swift:72:26:72:68 | call to init(contentsOfFile:) :  |
+| nsdata.swift:75:49:75:56 | call to source() :  | nsdata.swift:30:5:30:93 | [summary param] 0 in init(contentsOfFile:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfFile:options:) :  | nsdata.swift:75:26:75:81 | call to init(contentsOfFile:options:) :  |
+| nsdata.swift:78:45:78:52 | call to source() :  | nsdata.swift:31:5:31:29 | [summary param] 0 in init(contentsOf:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:) :  | nsdata.swift:78:26:78:61 | call to init(contentsOf:) :  |
+| nsdata.swift:81:45:81:52 | call to source() :  | nsdata.swift:32:5:32:61 | [summary param] 0 in init(contentsOf:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  | nsdata.swift:81:26:81:74 | call to init(contentsOf:options:) :  |
+| nsdata.swift:84:56:84:63 | call to source() :  | nsdata.swift:33:5:33:47 | [summary param] 0 in init(contentsOfMappedFile:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfMappedFile:) :  | nsdata.swift:84:27:84:75 | call to init(contentsOfMappedFile:) :  |
+| nsdata.swift:87:49:87:56 | call to source() :  | nsdata.swift:34:5:34:88 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | nsdata.swift:87:27:87:79 | call to init(base64Encoded:options:) :  |
+| nsdata.swift:89:49:89:56 | call to source() :  | nsdata.swift:35:5:35:92 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | nsdata.swift:89:27:89:81 | call to init(base64Encoded:options:) :  |
+| nsdata.swift:92:50:92:57 | call to source() :  | nsdata.swift:36:5:36:49 | [summary param] 0 in init(base64Encoding:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoding:) :  | nsdata.swift:92:27:92:69 | call to init(base64Encoding:) :  |
+| nsdata.swift:96:15:96:15 | nsDataTainted14 :  | nsdata.swift:37:5:37:98 | [summary param] this in base64EncodedData(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  | nsdata.swift:96:15:96:49 | call to base64EncodedData(options:) |
+| nsdata.swift:97:15:97:15 | nsDataTainted14 :  | nsdata.swift:37:5:37:98 | [summary param] this in base64EncodedData(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  | nsdata.swift:97:15:97:60 | call to base64EncodedData(options:) |
+| nsdata.swift:100:15:100:15 | nsDataTainted15 :  | nsdata.swift:38:5:38:96 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  | nsdata.swift:100:15:100:51 | call to base64EncodedString(options:) |
+| nsdata.swift:101:15:101:15 | nsDataTainted15 :  | nsdata.swift:38:5:38:96 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  | nsdata.swift:101:15:101:62 | call to base64EncodedString(options:) |
+| nsdata.swift:104:15:104:15 | nsDataTainted16 :  | nsdata.swift:39:5:39:49 | [summary param] this in base64Encoding() :  | file://:0:0:0:0 | [summary] to write: return (return) in base64Encoding() :  | nsdata.swift:104:15:104:46 | call to base64Encoding() |
+| nsdata.swift:106:51:106:58 | call to source() :  | nsdata.swift:40:5:40:82 | [summary param] 0 in dataWithContentsOfMappedFile(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in dataWithContentsOfMappedFile(_:) :  | nsdata.swift:106:15:106:70 | call to dataWithContentsOfMappedFile(_:) :  |
+| nsdata.swift:115:5:115:5 | nsDataTainted18 :  | nsdata.swift:42:5:42:55 | [summary param] this in getBytes(_:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:) :  | nsdata.swift:115:30:115:30 | [post] bufferTainted18 :  |
+| nsdata.swift:120:5:120:5 | nsDataTainted19 :  | nsdata.swift:43:5:43:68 | [summary param] this in getBytes(_:length:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:length:) :  | nsdata.swift:120:30:120:30 | [post] bufferTainted19 :  |
+| nsdata.swift:125:5:125:5 | nsDataTainted20 :  | nsdata.swift:44:5:44:71 | [summary param] this in getBytes(_:range:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:range:) :  | nsdata.swift:125:30:125:30 | [post] bufferTainted20 :  |
+| nsdata.swift:129:15:129:15 | nsDataTainted21 :  | nsdata.swift:45:5:45:65 | [summary param] this in subdata(with:) :  | file://:0:0:0:0 | [summary] to write: return (return) in subdata(with:) :  | nsdata.swift:129:15:129:54 | call to subdata(with:) |
+| nsdata.swift:132:15:132:15 | nsDataTainted22 :  | nsdata.swift:46:5:46:89 | [summary param] this in compressed(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in compressed(using:) :  | nsdata.swift:132:15:132:81 | call to compressed(using:) |
+| nsdata.swift:135:15:135:15 | nsDataTainted23 :  | nsdata.swift:47:5:47:91 | [summary param] this in decompressed(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in decompressed(using:) :  | nsdata.swift:135:15:135:83 | call to decompressed(using:) |
+| nsdata.swift:139:15:139:15 | nsDataTainted24 :  | nsdata.swift:22:9:22:9 | self :  | file://:0:0:0:0 | .bytes :  | nsdata.swift:139:15:139:31 | .bytes |
+| nsdata.swift:140:15:140:15 | nsDataTainted24 :  | nsdata.swift:23:9:23:9 | self :  | file://:0:0:0:0 | .description :  | nsdata.swift:140:15:140:31 | .description |
+| nsmutabledata.swift:28:34:28:41 | call to source() :  | nsmutabledata.swift:14:5:14:58 | [summary param] 0 in append(_:length:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:length:) :  | nsmutabledata.swift:28:5:28:5 | [post] nsMutableDataTainted1 :  |
+| nsmutabledata.swift:32:34:32:41 | call to source() :  | nsmutabledata.swift:15:5:15:33 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | nsmutabledata.swift:32:5:32:5 | [post] nsMutableDataTainted2 :  |
+| nsmutabledata.swift:36:66:36:73 | call to source() :  | nsmutabledata.swift:16:5:16:78 | [summary param] 1 in replaceBytes(in:withBytes:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:) :  | nsmutabledata.swift:36:5:36:5 | [post] nsMutableDataTainted3 :  |
+| nsmutabledata.swift:40:66:40:73 | call to source() :  | nsmutabledata.swift:17:5:17:121 | [summary param] 1 in replaceBytes(in:withBytes:length:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  | nsmutabledata.swift:40:5:40:5 | [post] nsMutableDataTainted4 :  |
+| nsmutabledata.swift:44:35:44:42 | call to source() :  | nsmutabledata.swift:18:5:18:33 | [summary param] 0 in setData(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in setData(_:) :  | nsmutabledata.swift:44:5:44:5 | [post] nsMutableDataTainted5 :  |
+| nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 :  | nsmutabledata.swift:13:9:13:9 | self :  | file://:0:0:0:0 | .mutableBytes :  | nsmutabledata.swift:49:15:49:37 | .mutableBytes |
 | url.swift:59:31:59:31 | tainted :  | url.swift:8:2:8:25 | [summary param] 0 in init(string:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(string:) :  | url.swift:59:19:59:38 | call to init(string:) :  |
 | url.swift:83:24:83:24 | tainted :  | url.swift:9:2:9:43 | [summary param] 0 in init(string:relativeTo:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | url.swift:83:12:83:48 | call to init(string:relativeTo:) :  |
 | url.swift:86:43:86:43 | urlTainted :  | url.swift:9:2:9:43 | [summary param] 1 in init(string:relativeTo:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | url.swift:86:12:86:53 | call to init(string:relativeTo:) :  |
@@ -524,6 +854,39 @@ subpaths
 | webview.swift:93:17:93:17 | s :  | webview.swift:43:5:43:38 | [summary param] 0 in setValue(_:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:at:) :  | webview.swift:93:5:93:5 | [post] v2 :  |
 | webview.swift:97:17:97:17 | s :  | webview.swift:44:5:44:48 | [summary param] 0 in setValue(_:forProperty:) :  | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:forProperty:) :  | webview.swift:97:5:97:5 | [post] v3 :  |
 #select
+| nsdata.swift:58:15:58:15 | nsDataTainted1 | nsdata.swift:57:40:57:47 | call to source() :  | nsdata.swift:58:15:58:15 | nsDataTainted1 | result |
+| nsdata.swift:61:15:61:15 | nsDataTainted2 | nsdata.swift:60:46:60:53 | call to source() :  | nsdata.swift:61:15:61:15 | nsDataTainted2 | result |
+| nsdata.swift:64:15:64:15 | nsDataTainted3 | nsdata.swift:63:46:63:53 | call to source() :  | nsdata.swift:64:15:64:15 | nsDataTainted3 | result |
+| nsdata.swift:67:15:67:15 | nsDataTainted4 | nsdata.swift:66:46:66:53 | call to source() :  | nsdata.swift:67:15:67:15 | nsDataTainted4 | result |
+| nsdata.swift:70:15:70:15 | nsDataTainted5 | nsdata.swift:69:39:69:46 | call to source() :  | nsdata.swift:70:15:70:15 | nsDataTainted5 | result |
+| nsdata.swift:73:15:73:29 | ...! | nsdata.swift:72:49:72:56 | call to source() :  | nsdata.swift:73:15:73:29 | ...! | result |
+| nsdata.swift:76:15:76:15 | nsDataTainted7 | nsdata.swift:75:49:75:56 | call to source() :  | nsdata.swift:76:15:76:15 | nsDataTainted7 | result |
+| nsdata.swift:79:15:79:29 | ...! | nsdata.swift:78:45:78:52 | call to source() :  | nsdata.swift:79:15:79:29 | ...! | result |
+| nsdata.swift:82:15:82:29 | ...! | nsdata.swift:81:45:81:52 | call to source() :  | nsdata.swift:82:15:82:29 | ...! | result |
+| nsdata.swift:85:15:85:30 | ...! | nsdata.swift:84:56:84:63 | call to source() :  | nsdata.swift:85:15:85:30 | ...! | result |
+| nsdata.swift:88:15:88:30 | ...! | nsdata.swift:87:49:87:56 | call to source() :  | nsdata.swift:88:15:88:30 | ...! | result |
+| nsdata.swift:90:15:90:30 | ...! | nsdata.swift:89:49:89:56 | call to source() :  | nsdata.swift:90:15:90:30 | ...! | result |
+| nsdata.swift:93:15:93:30 | ...! | nsdata.swift:92:50:92:57 | call to source() :  | nsdata.swift:93:15:93:30 | ...! | result |
+| nsdata.swift:96:15:96:49 | call to base64EncodedData(options:) | nsdata.swift:95:27:95:34 | call to source() :  | nsdata.swift:96:15:96:49 | call to base64EncodedData(options:) | result |
+| nsdata.swift:97:15:97:60 | call to base64EncodedData(options:) | nsdata.swift:95:27:95:34 | call to source() :  | nsdata.swift:97:15:97:60 | call to base64EncodedData(options:) | result |
+| nsdata.swift:100:15:100:51 | call to base64EncodedString(options:) | nsdata.swift:99:27:99:34 | call to source() :  | nsdata.swift:100:15:100:51 | call to base64EncodedString(options:) | result |
+| nsdata.swift:101:15:101:62 | call to base64EncodedString(options:) | nsdata.swift:99:27:99:34 | call to source() :  | nsdata.swift:101:15:101:62 | call to base64EncodedString(options:) | result |
+| nsdata.swift:104:15:104:46 | call to base64Encoding() | nsdata.swift:103:27:103:34 | call to source() :  | nsdata.swift:104:15:104:46 | call to base64Encoding() | result |
+| nsdata.swift:106:15:106:71 | ...! | nsdata.swift:106:51:106:58 | call to source() :  | nsdata.swift:106:15:106:71 | ...! | result |
+| nsdata.swift:116:15:116:15 | bufferTainted18 | nsdata.swift:113:27:113:34 | call to source() :  | nsdata.swift:116:15:116:15 | bufferTainted18 | result |
+| nsdata.swift:121:15:121:15 | bufferTainted19 | nsdata.swift:118:27:118:34 | call to source() :  | nsdata.swift:121:15:121:15 | bufferTainted19 | result |
+| nsdata.swift:126:15:126:15 | bufferTainted20 | nsdata.swift:123:27:123:34 | call to source() :  | nsdata.swift:126:15:126:15 | bufferTainted20 | result |
+| nsdata.swift:129:15:129:54 | call to subdata(with:) | nsdata.swift:128:27:128:34 | call to source() :  | nsdata.swift:129:15:129:54 | call to subdata(with:) | result |
+| nsdata.swift:132:15:132:81 | call to compressed(using:) | nsdata.swift:131:27:131:34 | call to source() :  | nsdata.swift:132:15:132:81 | call to compressed(using:) | result |
+| nsdata.swift:135:15:135:83 | call to decompressed(using:) | nsdata.swift:134:27:134:34 | call to source() :  | nsdata.swift:135:15:135:83 | call to decompressed(using:) | result |
+| nsdata.swift:139:15:139:31 | .bytes | nsdata.swift:138:27:138:34 | call to source() :  | nsdata.swift:139:15:139:31 | .bytes | result |
+| nsdata.swift:140:15:140:31 | .description | nsdata.swift:138:27:138:34 | call to source() :  | nsdata.swift:140:15:140:31 | .description | result |
+| nsmutabledata.swift:29:15:29:15 | nsMutableDataTainted1 | nsmutabledata.swift:28:34:28:41 | call to source() :  | nsmutabledata.swift:29:15:29:15 | nsMutableDataTainted1 | result |
+| nsmutabledata.swift:33:15:33:15 | nsMutableDataTainted2 | nsmutabledata.swift:32:34:32:41 | call to source() :  | nsmutabledata.swift:33:15:33:15 | nsMutableDataTainted2 | result |
+| nsmutabledata.swift:37:15:37:15 | nsMutableDataTainted3 | nsmutabledata.swift:36:66:36:73 | call to source() :  | nsmutabledata.swift:37:15:37:15 | nsMutableDataTainted3 | result |
+| nsmutabledata.swift:41:15:41:15 | nsMutableDataTainted4 | nsmutabledata.swift:40:66:40:73 | call to source() :  | nsmutabledata.swift:41:15:41:15 | nsMutableDataTainted4 | result |
+| nsmutabledata.swift:45:15:45:15 | nsMutableDataTainted5 | nsmutabledata.swift:44:35:44:42 | call to source() :  | nsmutabledata.swift:45:15:45:15 | nsMutableDataTainted5 | result |
+| nsmutabledata.swift:49:15:49:37 | .mutableBytes | nsmutabledata.swift:48:33:48:40 | call to source() :  | nsmutabledata.swift:49:15:49:37 | .mutableBytes | result |
 | string.swift:7:13:7:13 | "..." | string.swift:5:11:5:18 | call to source() :  | string.swift:7:13:7:13 | "..." | result |
 | string.swift:9:13:9:13 | "..." | string.swift:5:11:5:18 | call to source() :  | string.swift:9:13:9:13 | "..." | result |
 | string.swift:11:13:11:13 | "..." | string.swift:5:11:5:18 | call to source() :  | string.swift:11:13:11:13 | "..." | result |
diff --git a/swift/ql/test/library-tests/dataflow/taint/nsdata.swift b/swift/ql/test/library-tests/dataflow/taint/nsdata.swift
new file mode 100644
index 00000000000..f6d82ede499
--- /dev/null
+++ b/swift/ql/test/library-tests/dataflow/taint/nsdata.swift
@@ -0,0 +1,141 @@
+// --- stubs ---
+
+struct URL
+{
+	init?(string: String) {}
+}
+
+struct Data
+{
+    init<S>(_ elements: S) {}
+}
+
+struct NSRange {}
+
+struct ObjCBool {}
+
+class NSData {
+    struct ReadingOptions : OptionSet { let rawValue: Int }
+    struct Base64EncodingOptions : OptionSet { let rawValue: Int }
+    struct Base64DecodingOptions : OptionSet { let rawValue: Int }
+    enum CompressionAlgorithm : Int { case none }
+    var bytes: UnsafeRawPointer = UnsafeRawPointer(bitPattern: 0)!
+    var description: String = ""
+    init(bytes: UnsafeRawPointer?, length: Int) {}
+    init(bytesNoCopy bytes: UnsafeMutableRawPointer, length: Int) {}
+    init(bytesNoCopy bytes: UnsafeMutableRawPointer, length: Int, deallocator: ((UnsafeMutableRawPointer, Int) -> Void)? = nil) {}
+    init(bytesNoCopy bytes: UnsafeMutableRawPointer, length: Int, freeWhenDone b: Bool) {}
+    init(data: Data) {}
+    init?(contentsOfFile: String) {}
+    init(contentsOfFile path: String, options readOptionsMask: NSData.ReadingOptions = []) {} 
+    init?(contentsOf: URL) {}
+    init?(contentsOf: URL, options: NSData.ReadingOptions) {}
+    init?(contentsOfMappedFile path: String) {}
+    init?(base64Encoded base64Data: Data, options: NSData.Base64DecodingOptions = []) {}
+    init?(base64Encoded base64String: String, options: NSData.Base64DecodingOptions = []) {}
+    init?(base64Encoding base64String: String) {}
+    func base64EncodedData(options: NSData.Base64EncodingOptions = []) -> Data { return Data("") }
+    func base64EncodedString(options: NSData.Base64EncodingOptions = []) -> String { return "" }
+    func base64Encoding() -> String { return "" }
+    class func dataWithContentsOfMappedFile(_ path: String) -> Any? { return nil }
+    func enumerateBytes(_ block: (UnsafeRawPointer, NSRange, UnsafeMutablePointer<ObjCBool>) -> Void) {}
+    func getBytes(_ buffer: UnsafeMutableRawPointer) {}
+    func getBytes(_ buffer: UnsafeMutableRawPointer, length: Int) {}
+    func getBytes(_ buffer: UnsafeMutableRawPointer, range: NSRange) {}
+    func subdata(with range: NSRange) -> Data { return Data("") }
+    func compressed(using algorithm: NSData.CompressionAlgorithm) -> Self { return self }
+    func decompressed(using algorithm: NSData.CompressionAlgorithm) -> Self { return self }
+}
+
+// --- tests ---
+
+func source() -> Any { return "" }
+func sink(arg: Any) {}
+
+func test() {
+    // ";NSData;true;init(bytes:length:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted1 = NSData(bytes: source() as? UnsafeRawPointer, length: 0)
+    sink(arg: nsDataTainted1) // $ tainted=57
+    // ";NSData;true;init(bytesNoCopy:length:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted2 = NSData(bytesNoCopy: source() as! UnsafeMutableRawPointer, length: 0)
+    sink(arg: nsDataTainted2) // $ tainted=60
+    // ";NSData;true;init(bytesNoCopy:length:deallocator:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted3 = NSData(bytesNoCopy: source() as! UnsafeMutableRawPointer, length: 0, deallocator: nil)
+    sink(arg: nsDataTainted3) // $ tainted=63
+    // ";NSData;true;init(bytesNoCopy:length:freeWhenDone:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted4 = NSData(bytesNoCopy: source() as! UnsafeMutableRawPointer, length: 0, freeWhenDone: true)
+    sink(arg: nsDataTainted4) // $ tainted=66
+    // ";NSData;true;init(data:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted5 = NSData(data: source() as! Data)
+    sink(arg: nsDataTainted5) // $ tainted=69
+    // ";NSData;true;init(contentsOfFile:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted6 = NSData(contentsOfFile: source() as! String)
+    sink(arg: nsDataTainted6!) // $ tainted=72
+    // ";NSData;true;init(contentsOfFile:options:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted7 = NSData(contentsOfFile: source() as! String, options: [])
+    sink(arg: nsDataTainted7) // $ tainted=75
+    // ";NSData;true;init(contentsOf:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted8 = NSData(contentsOf: source() as! URL)
+    sink(arg: nsDataTainted8!) // $ tainted=78
+    // ";NSData;true;init(contentsOf:options:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted9 = NSData(contentsOf: source() as! URL, options: [])
+    sink(arg: nsDataTainted9!) // $ tainted=81
+    // ";NSData;true;init(contentsOfMappedFile:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted10 = NSData(contentsOfMappedFile: source() as! String)
+    sink(arg: nsDataTainted10!) // $ tainted=84
+    // ";NSData;true;init(base64Encoded:options:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted11 = NSData(base64Encoded: source() as! Data, options: [])
+    sink(arg: nsDataTainted11!) // $ tainted=87
+    let nsDataTainted12 = NSData(base64Encoded: source() as! String, options: [])
+    sink(arg: nsDataTainted12!) // $ tainted=89
+    // ";NSData;true;init(base64Encoding:);;;Argument[0];ReturnValue;taint",
+    let nsDataTainted13 = NSData(base64Encoding: source() as! String)
+    sink(arg: nsDataTainted13!) // $ tainted=92
+    // ";NSData;true;base64EncodedData(options:);;;Argument[-1];ReturnValue;taint",
+    let nsDataTainted14 = source() as! NSData
+    sink(arg: nsDataTainted14.base64EncodedData()) // $ tainted=95
+    sink(arg: nsDataTainted14.base64EncodedData(options: [])) // $ tainted=95
+    // ";NSData;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint",
+    let nsDataTainted15 = source() as! NSData
+    sink(arg: nsDataTainted15.base64EncodedString()) // $ tainted=99
+    sink(arg: nsDataTainted15.base64EncodedString(options: [])) // $ tainted=99
+    // ";NSData;true;base64Encoding();;;Argument[-1];ReturnValue;taint",
+    let nsDataTainted16 = source() as! NSData
+    sink(arg: nsDataTainted16.base64Encoding()) // $ tainted=103
+    // ";NSData;true;dataWithContentsOfMappedFile(_:);;;Argument[0];ReturnValue;taint",
+    sink(arg: NSData.dataWithContentsOfMappedFile(source() as! String)!) // $ tainted=106
+    // ";NSData;true;enumerateBytes(_:);;;Argument[-1];Argument[0].Parameter[0];taint"
+    let nsDataTainted17 = source() as! NSData
+    nsDataTainted17.enumerateBytes {
+        bytes, byteRange, stop in sink(arg: bytes) // $ MISSING: tainted=108
+    }
+    // ";NSData;true;getBytes(_:);;;Argument[-1];Argument[0];taint",
+    let nsDataTainted18 = source() as! NSData
+    let bufferTainted18 = UnsafeMutableRawPointer(bitPattern: 0)!
+    nsDataTainted18.getBytes(bufferTainted18)
+    sink(arg: bufferTainted18) // $ tainted=113
+    // ";NSData;true;getBytes(_:length:);;;Argument[-1];Argument[0];taint",
+    let nsDataTainted19 = source() as! NSData
+    let bufferTainted19 = UnsafeMutableRawPointer(bitPattern: 0)!
+    nsDataTainted19.getBytes(bufferTainted19, length: 0)
+    sink(arg: bufferTainted19) // $ tainted=118
+    // ";NSData;true;getBytes(_:range:);;;Argument[-1];Argument[0];taint",
+    let nsDataTainted20 = source() as! NSData
+    let bufferTainted20 = UnsafeMutableRawPointer(bitPattern: 0)!
+    nsDataTainted20.getBytes(bufferTainted20, range: NSRange())
+    sink(arg: bufferTainted20) // $ tainted=123
+    // ";NSData;true;subdata(with:);;;Argument[-1];ReturnValue;taint",
+    let nsDataTainted21 = source() as! NSData
+    sink(arg: nsDataTainted21.subdata(with: NSRange())) // $ tainted=128
+    // ";NSData;true;compressed(using:);;;Argument[-1];ReturnValue;taint",
+    let nsDataTainted22 = source() as! NSData
+    sink(arg: nsDataTainted22.compressed(using: NSData.CompressionAlgorithm.none)) // $ tainted=131
+    // ";NSData;true;decompressed(using:);;;Argument[-1];ReturnValue;taint"
+    let nsDataTainted23 = source() as! NSData
+    sink(arg: nsDataTainted23.decompressed(using: NSData.CompressionAlgorithm.none)) // $ tainted=134
+
+    // Fields
+    let nsDataTainted24 = source() as! NSData
+    sink(arg: nsDataTainted24.bytes) // $ tainted=138
+    sink(arg: nsDataTainted24.description) // $ tainted=138
+}
diff --git a/swift/ql/test/library-tests/dataflow/taint/nsmutabledata.swift b/swift/ql/test/library-tests/dataflow/taint/nsmutabledata.swift
new file mode 100644
index 00000000000..20f2739f9f9
--- /dev/null
+++ b/swift/ql/test/library-tests/dataflow/taint/nsmutabledata.swift
@@ -0,0 +1,50 @@
+// --- stubs ---
+
+struct Data
+{
+    init<S>(_ elements: S) {}
+}
+
+struct NSRange {}
+
+class NSData {}
+
+class NSMutableData : NSData {
+    var mutableBytes: UnsafeMutableRawPointer = UnsafeMutableRawPointer(bitPattern: 0)!
+    func append(_ bytes: UnsafeRawPointer, length: Int) {}
+    func append(_ other: Data) {}
+    func replaceBytes(in range: NSRange, withBytes bytes: UnsafeRawPointer) {}
+    func replaceBytes(in range: NSRange, withBytes replacementBytes: UnsafeRawPointer?, length replacementLength: Int) {}
+    func setData(_ data: Data) {}
+}
+
+// --- tests ---
+func source() -> Any { return "" }
+func sink(arg: Any) {}
+
+func test() {
+    // ";NSMutableData;true;append(_:length:);;;Argument[0];Argument[-1];taint",
+    let nsMutableDataTainted1 = NSMutableData()
+    nsMutableDataTainted1.append(source() as! UnsafeRawPointer, length: 0)
+    sink(arg: nsMutableDataTainted1) // $ tainted=28
+    // ";MutableNSData;true;append(_:);;;Argument[0];Argument[-1];taint",
+    let nsMutableDataTainted2 = NSMutableData()
+    nsMutableDataTainted2.append(source() as! Data)
+    sink(arg: nsMutableDataTainted2) // $ tainted=32
+    // ";NSMutableData;true;replaceBytes(in:withBytes:);;;Argument[1];Argument[-1];taint",
+    let nsMutableDataTainted3 = NSMutableData()
+    nsMutableDataTainted3.replaceBytes(in: NSRange(), withBytes: source() as! UnsafeRawPointer)
+    sink(arg: nsMutableDataTainted3) // $ tainted=36
+    // ";NSMutableData;true;replaceBytes(in:withBytes:length:);;;Argument[1];Argument[-1];taint",
+    let nsMutableDataTainted4 = NSMutableData()
+    nsMutableDataTainted4.replaceBytes(in: NSRange(), withBytes: source() as? UnsafeRawPointer, length: 0)
+    sink(arg: nsMutableDataTainted4) // $ tainted=40
+    // ";NSMutableData;true;setData(_:);;;Argument[1];Argument[-1];taint",
+    let nsMutableDataTainted5 = NSMutableData()
+    nsMutableDataTainted5.setData(source() as! Data)
+    sink(arg: nsMutableDataTainted5) // $ tainted=44
+
+    // Fields
+    let nsMutableDataTainted6 = source() as! NSMutableData
+    sink(arg: nsMutableDataTainted6.mutableBytes) // $ tainted=48
+}

From a2ac1384cb7dd36365265561ef3f1aff9e3bec35 Mon Sep 17 00:00:00 2001
From: Alex Denisov <alexdenisov@github.com>
Date: Tue, 22 Nov 2022 17:16:57 +0100
Subject: [PATCH 085/144] Swift: do not abort if cannot archive a source file

---
 swift/extractor/SwiftExtractor.cpp | 1 -
 1 file changed, 1 deletion(-)

diff --git a/swift/extractor/SwiftExtractor.cpp b/swift/extractor/SwiftExtractor.cpp
index 981ab7c1370..349943f2869 100644
--- a/swift/extractor/SwiftExtractor.cpp
+++ b/swift/extractor/SwiftExtractor.cpp
@@ -46,7 +46,6 @@ static void archiveFile(const SwiftExtractorConfiguration& config, swift::Source
   if (ec) {
     std::cerr << "Cannot archive source file " << srcFilePath << " -> " << dstFilePath << ": "
               << ec.message() << "\n";
-    std::abort();
   }
 }
 

From 8f02463411efd9f90a2bce28cc0845df9ede7b16 Mon Sep 17 00:00:00 2001
From: Alex Denisov <alexdenisov@github.com>
Date: Tue, 22 Nov 2022 13:47:24 +0100
Subject: [PATCH 086/144] Swift: fix remapping bug

This issue has slipped during a recent refactoring:
https://github.com/github/codeql/pull/10987/files#diff-c5ab26a06a93c4507a834859a6a56878d5bfe16c4d7cbac4afc4f081d46f461aL63-R64
---
 swift/extractor/remapping/SwiftOpenInterception.macOS.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/swift/extractor/remapping/SwiftOpenInterception.macOS.cpp b/swift/extractor/remapping/SwiftOpenInterception.macOS.cpp
index 035492fd385..0ac23d14cbc 100644
--- a/swift/extractor/remapping/SwiftOpenInterception.macOS.cpp
+++ b/swift/extractor/remapping/SwiftOpenInterception.macOS.cpp
@@ -61,7 +61,7 @@ void finalizeRemapping(
     }
     auto hash = originalHashFile(original);
     auto hashed = scratchDir / hash;
-    if (!hash.empty() && fs::exists(hashed)) {
+    if (!hash.empty() && fs::exists(patched)) {
       std::error_code ec;
       fs::create_symlink(/* target */ patched, /* symlink */ hashed, ec);
       if (ec) {

From 24c413fbf98eb3e66521d2f8496505ab2dd00003 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Tue, 22 Nov 2022 18:33:24 +0000
Subject: [PATCH 087/144] Adds Kotlin (beta) content

---
 .../codeql-cli/creating-codeql-databases.rst   |  4 +++-
 ...with-codeql-packs-in-visual-studio-code.rst |  2 +-
 ...-classes-for-working-with-java-programs.rst |  2 ++
 .../analyzing-data-flow-in-java.rst            |  2 ++
 .../codeql-language-guides/codeql-for-java.rst | 14 +++++++++++---
 .../codeql-overview/system-requirements.rst    |  2 ++
 docs/codeql/query-help/codeql-cwe-coverage.rst |  2 ++
 docs/codeql/query-help/index.rst               |  4 +++-
 docs/codeql/reusables/extractors.rst           |  2 +-
 docs/codeql/reusables/kotlin-beta-note.rst     |  4 ++++
 .../reusables/kotlin-java-differences.rst      | 18 ++++++++++++++++++
 docs/codeql/support/reusables/frameworks.rst   |  4 +++-
 12 files changed, 52 insertions(+), 8 deletions(-)
 create mode 100644 docs/codeql/reusables/kotlin-beta-note.rst
 create mode 100644 docs/codeql/reusables/kotlin-java-differences.rst

diff --git a/docs/codeql/codeql-cli/creating-codeql-databases.rst b/docs/codeql/codeql-cli/creating-codeql-databases.rst
index b305c6e1cb6..326f260fc70 100644
--- a/docs/codeql/codeql-cli/creating-codeql-databases.rst
+++ b/docs/codeql/codeql-cli/creating-codeql-databases.rst
@@ -168,7 +168,9 @@ generate a database, therefore the build method must be available to the CLI.
 Detecting the build system
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-The CodeQL CLI includes autobuilders for C/C++, C#, Go, and Java code. CodeQL
+.. include:: ../reusables/kotlin-beta-note.rst
+
+The CodeQL CLI includes autobuilders for C/C++, C#, Go, Java and Kotlin code. CodeQL
 autobuilders allow you to build projects for compiled languages without
 specifying any build commands. When an autobuilder is invoked, CodeQL examines
 the source for evidence of a build system and attempts to run the optimal set of
diff --git a/docs/codeql/codeql-for-visual-studio-code/working-with-codeql-packs-in-visual-studio-code.rst b/docs/codeql/codeql-for-visual-studio-code/working-with-codeql-packs-in-visual-studio-code.rst
index a13832239dc..65cf1ef78ef 100644
--- a/docs/codeql/codeql-for-visual-studio-code/working-with-codeql-packs-in-visual-studio-code.rst
+++ b/docs/codeql/codeql-for-visual-studio-code/working-with-codeql-packs-in-visual-studio-code.rst
@@ -30,7 +30,7 @@ You can then use the CodeQL CLI to publish your pack to share with others. For m
 Viewing CodeQL packs and their dependencies in Visual Studio Code
 -----------------------------------------------------------------
 To download a CodeQL pack that someone else has created, run the **CodeQL: Download Packs** command from the Command Palette.
-You can download all the core CodeQL query packs, or enter the full name of a specific pack to download. For example, to download the core queries for analyzing Java, enter ``codeql/java-queries``.
+You can download all the core CodeQL query packs, or enter the full name of a specific pack to download. For example, to download the core queries for analyzing Java or Kotlin, enter ``codeql/java-queries``.
 
 Whether you have downloaded a CodeQL pack or created your own, you can open the ``qlpack.yml`` file in the root of a CodeQL pack directory in Visual Studio Code and view the dependencies section to see what libraries the pack depends on.
 
diff --git a/docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst b/docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst
index 83bce3652b9..7819f762b98 100644
--- a/docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst
+++ b/docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst
@@ -7,6 +7,8 @@ CodeQL has a large selection of classes for representing the abstract syntax tre
 
 .. include:: ../reusables/abstract-syntax-tree.rst
 
+.. include:: ../reusables/kotlin-java-differences.rst
+
 Statement classes
 -----------------
 
diff --git a/docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst b/docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst
index 75309842ad5..cd64a18bcad 100644
--- a/docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst
+++ b/docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst
@@ -5,6 +5,8 @@ Analyzing data flow in Java
 
 You can use CodeQL to track the flow of data through a Java program to its use. 
 
+.. include:: ../reusables/kotlin-java-differences.rst
+
 About this article
 ------------------
 
diff --git a/docs/codeql/codeql-language-guides/codeql-for-java.rst b/docs/codeql/codeql-language-guides/codeql-for-java.rst
index 53489bc5207..6a16ea0658d 100644
--- a/docs/codeql/codeql-language-guides/codeql-for-java.rst
+++ b/docs/codeql/codeql-language-guides/codeql-for-java.rst
@@ -1,9 +1,17 @@
 .. _codeql-for-java:
 
-CodeQL for Java
-===============
+CodeQL for Java and Kotlin
+==========================
 
-Experiment and learn how to write effective and efficient queries for CodeQL databases generated from Java codebases.
+Experiment and learn how to write effective and efficient queries for CodeQL databases generated from Java and Kotlin codebases.
+
+.. include:: ../reusables/kotlin-beta-note.rst
+
+.. include:: ../reusables/kotlin-java-differences.rst
+
+.. pull-quote:: Enabling Kotlin support
+
+   To enable Kotlin support, you should enable `java` as a language.
 
 .. toctree::
    :hidden:
diff --git a/docs/codeql/codeql-overview/system-requirements.rst b/docs/codeql/codeql-overview/system-requirements.rst
index 5569462e5ae..fd4465f9ba4 100644
--- a/docs/codeql/codeql-overview/system-requirements.rst
+++ b/docs/codeql/codeql-overview/system-requirements.rst
@@ -11,6 +11,8 @@ Supported platforms
 #######################
 
 .. include:: ../support/reusables/platforms.rst
+    
+.. include:: ../reusables/kotlin-beta-note.rst
 
 Additional software requirements
 ################################
diff --git a/docs/codeql/query-help/codeql-cwe-coverage.rst b/docs/codeql/query-help/codeql-cwe-coverage.rst
index c0b36646df8..680f41b1056 100644
--- a/docs/codeql/query-help/codeql-cwe-coverage.rst
+++ b/docs/codeql/query-help/codeql-cwe-coverage.rst
@@ -3,6 +3,8 @@ CodeQL CWE coverage
 
 You can view the full coverage of MITRE's Common Weakness Enumeration (CWE) or coverage by language for the latest release of CodeQL.
 
+.. include:: ../reusables/kotlin-beta-note.rst
+
 About CWEs
 ##########
 
diff --git a/docs/codeql/query-help/index.rst b/docs/codeql/query-help/index.rst
index b45b3a5bf87..6dad02ce2b1 100644
--- a/docs/codeql/query-help/index.rst
+++ b/docs/codeql/query-help/index.rst
@@ -6,11 +6,13 @@ View the query help for the queries included in the ``code-scanning``, ``securit
 - :doc:`CodeQL query help for C and C++ <cpp>`
 - :doc:`CodeQL query help for C# <csharp>`
 - :doc:`CodeQL query help for Go <go>`
-- :doc:`CodeQL query help for Java <java>`
+- :doc:`CodeQL query help for Java and Kotlin <java>`
 - :doc:`CodeQL query help for JavaScript <javascript>`
 - :doc:`CodeQL query help for Python <python>`
 - :doc:`CodeQL query help for Ruby <ruby>`
 
+.. include:: ../reusables/kotlin-beta-note.rst
+
 .. pull-quote:: Information
 
    Each query help article includes: 
diff --git a/docs/codeql/reusables/extractors.rst b/docs/codeql/reusables/extractors.rst
index a3a4952811d..606c57d0208 100644
--- a/docs/codeql/reusables/extractors.rst
+++ b/docs/codeql/reusables/extractors.rst
@@ -10,7 +10,7 @@
      - ``csharp``
    * - Go
      - ``go``
-   * - Java 
+   * - Java/Kotlin
      - ``java``
    * - JavaScript/TypeScript
      - ``javascript``
diff --git a/docs/codeql/reusables/kotlin-beta-note.rst b/docs/codeql/reusables/kotlin-beta-note.rst
new file mode 100644
index 00000000000..d05d137a13e
--- /dev/null
+++ b/docs/codeql/reusables/kotlin-beta-note.rst
@@ -0,0 +1,4 @@
+  .. pull-quote:: Note
+
+     CodeQL analysis for Kotlin is currently in beta. During the beta, analysis of Kotlin code, 
+     and the accompanying documentation, will not be as comprehensive as for other languages.
\ No newline at end of file
diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
new file mode 100644
index 00000000000..b9d792d6d9f
--- /dev/null
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -0,0 +1,18 @@
+Writing CodeQL queries in Kotlin versus Java
+--------------------------------------------
+
+When writing Kotlin-specific elements (such as a `WhenExpr`) you’ll need to use Kotlin-specific CodeQL classes, but writing queries for Kotlin and Java is largely the same. The two make use of the same libraries such as DataFlow, TaintTracking, or SSA, and the same classes such as `MethodAccess` or `Class`. 
+
+There are however some important cases where writing queries for Kotlin can produce surprising results compared to writing Java queries, as CodeQL works with the JVM bytecode representation of the source code. 
+
+Be careful when trying to model code elements that don’t exist in Java, such as `NotNullExpr (expr!!)`, because they could interact in unexpected ways with common predicates. For example, `MethodAccess.getQualifier()` gets a `NotNullExpr `instead of a `VarAccess`` in the following Kotlin code:
+
+`someVar!!.someMethodCall()`
+
+In that specific case, you can use the predicate `Expr.getUnderlyingExpr()`. This goes directly to the underlying `VarAccess`` to produce a more similar behavior to that in Java.
+
+Nullable elements (`?`) can also produce unexpected behavior. To avoid a `NullPointerException`, Kotlin may inline calls like `expr.toString()` to `String.valueOf(expr)` when `expr` is nullable. Make sure that you write CodeQL around the extracted code, and do not directly modify the source code in the codebase.
+
+Another example is that if-else expressions are translated into `WhenExprs` in CodeQL, instead of the more typical `IfStmt` in Java.
+
+In general, you can debug these issues with the AST (you can use the `CodeQL: View AST`` command from Visual Studio Code’s CodeQL extension, or run the `PrintAst.ql`` query) and checking what exactly CodeQL is extracting from your code.
\ No newline at end of file
diff --git a/docs/codeql/support/reusables/frameworks.rst b/docs/codeql/support/reusables/frameworks.rst
index b83b26f486a..191b40b4896 100644
--- a/docs/codeql/support/reusables/frameworks.rst
+++ b/docs/codeql/support/reusables/frameworks.rst
@@ -93,9 +93,11 @@ and the CodeQL library pack ``codeql/go-all`` (`changelog <https://github.com/gi
    `yaml <https://gopkg.in/yaml.v3>`_, Serialization
    `zap <https://go.uber.org/zap>`_, Logging library
 
-Java built-in support
+Java and Kotlin built-in support
 ==================================
 
+.. include:: ../reusables/kotlin-beta-note.rst
+
 Provided by the current versions of the
 CodeQL query pack ``codeql/java-queries`` (`changelog <https://github.com/github/codeql/tree/codeql-cli/latest/java/ql/src/CHANGELOG.md>`__, `source <https://github.com/github/codeql/tree/codeql-cli/latest/java/ql/src>`__)
 and the CodeQL library pack ``codeql/java-all`` (`changelog <https://github.com/github/codeql/tree/codeql-cli/latest/java/ql/lib/CHANGELOG.md>`__, `source <https://github.com/github/codeql/tree/codeql-cli/latest/java/ql/lib>`__).

From 4ad7d2d8220126b21ea1abcec6d056d02b96ec1e Mon Sep 17 00:00:00 2001
From: Tom Hvitved <hvitved@github.com>
Date: Tue, 22 Nov 2022 19:51:44 +0100
Subject: [PATCH 088/144] C#: Also include extractor unit tests in
 `csharp-qltest.yml`

---
 .github/workflows/csharp-qltest.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/.github/workflows/csharp-qltest.yml b/.github/workflows/csharp-qltest.yml
index 78b0ef6a87b..28b3fb7477d 100644
--- a/.github/workflows/csharp-qltest.yml
+++ b/.github/workflows/csharp-qltest.yml
@@ -70,3 +70,16 @@ jobs:
           codeql test run --threads=0 --ram 52000 --slice ${{ matrix.slice }} --search-path "${{ github.workspace }}/csharp/extractor-pack" --check-databases --check-undefined-labels --check-repeated-labels --check-redefined-labels --consistency-queries ql/consistency-queries ql/test --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}"
         env:
           GITHUB_TOKEN: ${{ github.token }}
+  unit-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup dotnet
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: 6.0.202
+      - name: Extractor unit tests
+        run: |
+          dotnet test -p:RuntimeFrameworkVersion=6.0.4 "${{ github.workspace }}/csharp/extractor/Semmle.Util.Tests"
+          dotnet test -p:RuntimeFrameworkVersion=6.0.4 "${{ github.workspace }}/csharp/extractor/Semmle.Extraction.Tests"
+          dotnet test -p:RuntimeFrameworkVersion=6.0.4 "${{ github.workspace }}/csharp/autobuilder/Semmle.Autobuild.CSharp.Tests"

From d113fb23c839723e96709db42b071b7f90c484e4 Mon Sep 17 00:00:00 2001
From: ka1n4t <574702476@qq.com>
Date: Wed, 23 Nov 2022 11:05:58 +0800
Subject: [PATCH 089/144] Add test case for PR-11368

---
 .../MyBatisAnnotationSqlInjection.expected    | 14 +++++++++++
 .../CWE-089/src/main/MybatisSqlInjection.java | 12 +++++++++-
 .../src/main/MybatisSqlInjectionService.java  |  8 +++++++
 .../CWE-089/src/main/SqlInjectionMapper.java  | 23 ++++++++++++-------
 4 files changed, 48 insertions(+), 9 deletions(-)

diff --git a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected
index dfc923f9b58..481c8307ac3 100644
--- a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected
+++ b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected
@@ -1,16 +1,30 @@
 edges
 | MybatisSqlInjection.java:62:19:62:43 | name : String | MybatisSqlInjection.java:63:35:63:38 | name : String |
 | MybatisSqlInjection.java:63:35:63:38 | name : String | MybatisSqlInjectionService.java:48:19:48:29 | name : String |
+| MybatisSqlInjection.java:94:21:94:45 | name : String | MybatisSqlInjection.java:95:37:95:40 | name : String |
+| MybatisSqlInjection.java:95:37:95:40 | name : String | MybatisSqlInjectionService.java:76:21:76:31 | name : String |
+| MybatisSqlInjection.java:99:21:99:44 | age : String | MybatisSqlInjection.java:100:37:100:39 | age : String |
+| MybatisSqlInjection.java:100:37:100:39 | age : String | MybatisSqlInjectionService.java:80:21:80:30 | age : String |
 | MybatisSqlInjectionService.java:48:19:48:29 | name : String | MybatisSqlInjectionService.java:50:23:50:26 | name : String |
 | MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] [<map.value>] : String | MybatisSqlInjectionService.java:51:27:51:33 | hashMap |
 | MybatisSqlInjectionService.java:50:23:50:26 | name : String | MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] [<map.value>] : String |
+| MybatisSqlInjectionService.java:76:21:76:31 | name : String | MybatisSqlInjectionService.java:77:29:77:32 | name |
+| MybatisSqlInjectionService.java:80:21:80:30 | age : String | MybatisSqlInjectionService.java:81:29:81:31 | age |
 nodes
 | MybatisSqlInjection.java:62:19:62:43 | name : String | semmle.label | name : String |
 | MybatisSqlInjection.java:63:35:63:38 | name : String | semmle.label | name : String |
+| MybatisSqlInjection.java:94:21:94:45 | name : String | semmle.label | name : String |
+| MybatisSqlInjection.java:95:37:95:40 | name : String | semmle.label | name : String |
+| MybatisSqlInjection.java:99:21:99:44 | age : String | semmle.label | age : String |
+| MybatisSqlInjection.java:100:37:100:39 | age : String | semmle.label | age : String |
 | MybatisSqlInjectionService.java:48:19:48:29 | name : String | semmle.label | name : String |
 | MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] [<map.value>] : String | semmle.label | hashMap [post update] [<map.value>] : String |
 | MybatisSqlInjectionService.java:50:23:50:26 | name : String | semmle.label | name : String |
 | MybatisSqlInjectionService.java:51:27:51:33 | hashMap | semmle.label | hashMap |
+| MybatisSqlInjectionService.java:76:21:76:31 | name : String | semmle.label | name : String |
+| MybatisSqlInjectionService.java:77:29:77:32 | name | semmle.label | name |
+| MybatisSqlInjectionService.java:80:21:80:30 | age : String | semmle.label | age : String |
+| MybatisSqlInjectionService.java:81:29:81:31 | age | semmle.label | age |
 subpaths
 #select
 | MybatisSqlInjectionService.java:51:27:51:33 | hashMap | MybatisSqlInjection.java:62:19:62:43 | name : String | MybatisSqlInjectionService.java:51:27:51:33 | hashMap | MyBatis annotation SQL injection might include code from $@ to $@. | MybatisSqlInjection.java:62:19:62:43 | name | this user input | SqlInjectionMapper.java:33:2:33:54 | Select | this SQL operation |
diff --git a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjection.java b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjection.java
index 624f27ad81d..5aa6876e00c 100644
--- a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjection.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjection.java
@@ -79,7 +79,7 @@ public class MybatisSqlInjection {
 	public void badDelete(@RequestParam String name) {
 		mybatisSqlInjectionService.badDelete(name);
 	}
-	
+
 	@GetMapping(value = "badUpdate")
 	public void badUpdate(@RequestParam String name) {
 		mybatisSqlInjectionService.badUpdate(name);
@@ -89,4 +89,14 @@ public class MybatisSqlInjection {
 	public void badInsert(@RequestParam String name) {
 		mybatisSqlInjectionService.badInsert(name);
 	}
+
+	@GetMapping(value = "kkbad1")
+	public void kkbad1(@RequestParam String name, @RequestParam Integer age) {
+		mybatisSqlInjectionService.kkbad1(name, age);
+	}
+
+	@GetMapping(value = "kkbad2")
+	public void kkbad2(@RequestParam String age) {
+		mybatisSqlInjectionService.kkbad2(age);
+	}
 }
diff --git a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjectionService.java b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjectionService.java
index 89dbd599d71..28b9bebc1f4 100644
--- a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjectionService.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjectionService.java
@@ -72,4 +72,12 @@ public class MybatisSqlInjectionService {
 	public void badInsert(String input) {
 		sqlInjectionMapper.badInsert(input);
 	}
+
+	public void kkbad1(String name, Integer age){
+		sqlInjectionMapper.kkbad1(name, age);
+	}
+
+	public void kkbad2(String age){
+		sqlInjectionMapper.kkbad2(age);
+	}
 }
diff --git a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/SqlInjectionMapper.java b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/SqlInjectionMapper.java
index 5b159817297..50801558eb8 100644
--- a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/SqlInjectionMapper.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/SqlInjectionMapper.java
@@ -37,26 +37,33 @@ public interface SqlInjectionMapper {
 
 	//using providers
 	@SelectProvider(
-		type = MyBatisProvider.class,
-		method = "badSelect"
+			type = MyBatisProvider.class,
+			method = "badSelect"
 	)
 	String badSelect(String input);
 
 	@DeleteProvider(
-		type = MyBatisProvider.class,
-		method = "badDelete"
+			type = MyBatisProvider.class,
+			method = "badDelete"
 	)
 	void badDelete(String input);
 
 	@UpdateProvider(
-		type = MyBatisProvider.class,
-		method = "badUpdate"
+			type = MyBatisProvider.class,
+			method = "badUpdate"
 	)
 	void badUpdate(String input);
 
 	@InsertProvider(
-		type = MyBatisProvider.class,
-		method = "badInsert"
+			type = MyBatisProvider.class,
+			method = "badInsert"
 	)
 	void badInsert(String input);
+
+	@Select("select * from user_info where name = #{name} and age = ${age}")
+	String kkbad1(@Param("name") String name, Integer age);
+
+	@Select("select * from user_info where age = #{age}")
+	String kkbad2(@Param("age") String age);
+
 }

From 556d68aeed7bd6177c410c7badf472645de43ce8 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Wed, 23 Nov 2022 09:17:18 +0000
Subject: [PATCH 090/144] Update
 swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql

Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
---
 swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql b/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
index 21c1c538462..04108a33d29 100644
--- a/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
+++ b/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
@@ -66,8 +66,7 @@ class AlamofireTransmitted extends Transmitted {
       fName.regexpMatch("(request|streamRequest|download)\\(.*") and
       (
         call.getArgument(0).getExpr() = this or
-        call.getArgumentWithLabel("parameters").getExpr() = this or
-        call.getArgumentWithLabel("headers").getExpr() = this
+        call.getArgumentWithLabel(["headers", "parameters"]).getExpr() = this
       )
     )
   }

From e16bdc4d07741ba024d1ebcc27cd17157f0c8e74 Mon Sep 17 00:00:00 2001
From: Nick Rolfe <nickrolfe@github.com>
Date: Wed, 23 Nov 2022 09:43:15 +0000
Subject: [PATCH 091/144] Ruby/QL: only create dbscheme case-splits for columns
 on defining tables

---
 ql/node-types/src/lib.rs   | 17 +++++++++++++----
 ruby/node-types/src/lib.rs | 17 +++++++++++++----
 2 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/ql/node-types/src/lib.rs b/ql/node-types/src/lib.rs
index 0472443a380..9467e23fd62 100644
--- a/ql/node-types/src/lib.rs
+++ b/ql/node-types/src/lib.rs
@@ -81,6 +81,14 @@ pub enum Storage {
     },
 }
 
+impl Storage {
+    pub fn is_column(&self) -> bool {
+        match self {
+            Storage::Column { .. } => true,
+            _ => false,
+        }
+    }
+}
 pub fn read_node_types(prefix: &str, node_types_path: &Path) -> std::io::Result<NodeTypeMap> {
     let file = fs::File::open(node_types_path)?;
     let node_types: Vec<NodeInfo> = serde_json::from_reader(file)?;
@@ -245,10 +253,11 @@ fn add_field(
         }
     };
     let converted_types = convert_types(&field_info.types);
-    let type_info = if field_info
-        .types
-        .iter()
-        .all(|t| !t.named && token_kinds.contains(&convert_type(t)))
+    let type_info = if storage.is_column()
+        && field_info
+            .types
+            .iter()
+            .all(|t| !t.named && token_kinds.contains(&convert_type(t)))
     {
         // All possible types for this field are reserved words. The db
         // representation will be an `int` with a `case @foo.field = ...` to
diff --git a/ruby/node-types/src/lib.rs b/ruby/node-types/src/lib.rs
index a48e9ddbf9a..97b535ae912 100644
--- a/ruby/node-types/src/lib.rs
+++ b/ruby/node-types/src/lib.rs
@@ -81,6 +81,14 @@ pub enum Storage {
     },
 }
 
+impl Storage {
+    pub fn is_column(&self) -> bool {
+        match self {
+            Storage::Column { .. } => true,
+            _ => false,
+        }
+    }
+}
 pub fn read_node_types(prefix: &str, node_types_path: &Path) -> std::io::Result<NodeTypeMap> {
     let file = fs::File::open(node_types_path)?;
     let node_types: Vec<NodeInfo> = serde_json::from_reader(file)?;
@@ -245,10 +253,11 @@ fn add_field(
         }
     };
     let converted_types = convert_types(&field_info.types);
-    let type_info = if field_info
-        .types
-        .iter()
-        .all(|t| !t.named && token_kinds.contains(&convert_type(t)))
+    let type_info = if storage.is_column()
+        && field_info
+            .types
+            .iter()
+            .all(|t| !t.named && token_kinds.contains(&convert_type(t)))
     {
         // All possible types for this field are reserved words. The db
         // representation will be an `int` with a `case @foo.field = ...` to

From e2240abc7853cc1ef3d64c56ec335ee6a32de279 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 10:06:34 +0000
Subject: [PATCH 092/144] Update
 docs/codeql/codeql-language-guides/codeql-for-java.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/codeql-language-guides/codeql-for-java.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/codeql/codeql-language-guides/codeql-for-java.rst b/docs/codeql/codeql-language-guides/codeql-for-java.rst
index 6a16ea0658d..536dfbc294e 100644
--- a/docs/codeql/codeql-language-guides/codeql-for-java.rst
+++ b/docs/codeql/codeql-language-guides/codeql-for-java.rst
@@ -11,7 +11,7 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat
 
 .. pull-quote:: Enabling Kotlin support
 
-   To enable Kotlin support, you should enable `java` as a language.
+   To enable Kotlin support, you should enable ``java`` as a language.
 
 .. toctree::
    :hidden:

From 605c7113a2b1f7b947be9c45518c84807b589521 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 10:06:48 +0000
Subject: [PATCH 093/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/reusables/kotlin-java-differences.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index b9d792d6d9f..7f091d2b7a8 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -1,5 +1,5 @@
-Writing CodeQL queries in Kotlin versus Java
---------------------------------------------
+Writing CodeQL queries for Kotlin versus Java analysis
+------------------------------------------------------
 
 When writing Kotlin-specific elements (such as a `WhenExpr`) you’ll need to use Kotlin-specific CodeQL classes, but writing queries for Kotlin and Java is largely the same. The two make use of the same libraries such as DataFlow, TaintTracking, or SSA, and the same classes such as `MethodAccess` or `Class`. 
 

From 4bd7e24b5fac88d428867dca0103b30984035dee Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 10:06:57 +0000
Subject: [PATCH 094/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/reusables/kotlin-java-differences.rst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index 7f091d2b7a8..f36b1c62845 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -7,7 +7,8 @@ There are however some important cases where writing queries for Kotlin can prod
 
 Be careful when trying to model code elements that don’t exist in Java, such as `NotNullExpr (expr!!)`, because they could interact in unexpected ways with common predicates. For example, `MethodAccess.getQualifier()` gets a `NotNullExpr `instead of a `VarAccess`` in the following Kotlin code:
 
-`someVar!!.someMethodCall()`
+.. code-block:: kotlin
+   someVar!!.someMethodCall()
 
 In that specific case, you can use the predicate `Expr.getUnderlyingExpr()`. This goes directly to the underlying `VarAccess`` to produce a more similar behavior to that in Java.
 

From c663da5be6d90734ab34e06b316e4218a39743d3 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 10:07:03 +0000
Subject: [PATCH 095/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/reusables/kotlin-java-differences.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index f36b1c62845..39d7e39d21e 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -5,7 +5,7 @@ When writing Kotlin-specific elements (such as a `WhenExpr`) you’ll need to us
 
 There are however some important cases where writing queries for Kotlin can produce surprising results compared to writing Java queries, as CodeQL works with the JVM bytecode representation of the source code. 
 
-Be careful when trying to model code elements that don’t exist in Java, such as `NotNullExpr (expr!!)`, because they could interact in unexpected ways with common predicates. For example, `MethodAccess.getQualifier()` gets a `NotNullExpr `instead of a `VarAccess`` in the following Kotlin code:
+Be careful when you model code elements that don’t exist in Java, such as ``NotNullExpr (expr!!)``, because they could interact in unexpected ways with common predicates. For example, ``MethodAccess.getQualifier()`` returns a ``NotNullExpr`` instead of a ``VarAccess`` in the following Kotlin code:
 
 .. code-block:: kotlin
    someVar!!.someMethodCall()

From c06b8a68e5211f193c6956de395480b5f8349e06 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 10:08:00 +0000
Subject: [PATCH 096/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/reusables/kotlin-java-differences.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index 39d7e39d21e..7a228408104 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -3,7 +3,7 @@ Writing CodeQL queries for Kotlin versus Java analysis
 
 When writing Kotlin-specific elements (such as a `WhenExpr`) you’ll need to use Kotlin-specific CodeQL classes, but writing queries for Kotlin and Java is largely the same. The two make use of the same libraries such as DataFlow, TaintTracking, or SSA, and the same classes such as `MethodAccess` or `Class`. 
 
-There are however some important cases where writing queries for Kotlin can produce surprising results compared to writing Java queries, as CodeQL works with the JVM bytecode representation of the source code. 
+There are however some important cases where writing queries for Kotlin can produce surprising results compared to writing queries for Java, as CodeQL works with the JVM bytecode representation of the Kotlin source code. 
 
 Be careful when you model code elements that don’t exist in Java, such as ``NotNullExpr (expr!!)``, because they could interact in unexpected ways with common predicates. For example, ``MethodAccess.getQualifier()`` returns a ``NotNullExpr`` instead of a ``VarAccess`` in the following Kotlin code:
 

From df7f0cf9a96c11ea1eed51cb1f9f301bdd1302f8 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 10:08:10 +0000
Subject: [PATCH 097/144] Update
 docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst

---
 .../codeql-language-guides/analyzing-data-flow-in-java.rst      | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst b/docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst
index cd64a18bcad..2eccdf5e103 100644
--- a/docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst
+++ b/docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst
@@ -5,6 +5,8 @@ Analyzing data flow in Java
 
 You can use CodeQL to track the flow of data through a Java program to its use. 
 
+.. include:: ../reusables/kotlin-beta-note.rst
+
 .. include:: ../reusables/kotlin-java-differences.rst
 
 About this article

From 0a91ee10195a35743dd8bb1be2c5630acfa25c0e Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 10:08:20 +0000
Subject: [PATCH 098/144] Update
 docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst

---
 ...tract-syntax-tree-classes-for-working-with-java-programs.rst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst b/docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst
index 7819f762b98..7d41785ea89 100644
--- a/docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst
+++ b/docs/codeql/codeql-language-guides/abstract-syntax-tree-classes-for-working-with-java-programs.rst
@@ -7,6 +7,8 @@ CodeQL has a large selection of classes for representing the abstract syntax tre
 
 .. include:: ../reusables/abstract-syntax-tree.rst
 
+.. include:: ../reusables/kotlin-beta-note.rst
+
 .. include:: ../reusables/kotlin-java-differences.rst
 
 Statement classes

From 7644ecad52fdb11d1d511a179d6d18280e9bdd4a Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 10:08:29 +0000
Subject: [PATCH 099/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/reusables/kotlin-java-differences.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index 7a228408104..15831b5d2bc 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -16,4 +16,4 @@ Nullable elements (`?`) can also produce unexpected behavior. To avoid a `NullPo
 
 Another example is that if-else expressions are translated into `WhenExprs` in CodeQL, instead of the more typical `IfStmt` in Java.
 
-In general, you can debug these issues with the AST (you can use the `CodeQL: View AST`` command from Visual Studio Code’s CodeQL extension, or run the `PrintAst.ql`` query) and checking what exactly CodeQL is extracting from your code.
\ No newline at end of file
+In general, you can debug these issues with the AST (you can use the ``CodeQL: View AST`` command from Visual Studio Code’s CodeQL extension, or run the ``PrintAst.ql`` query) and see exactly what CodeQL is extracting from your code.
\ No newline at end of file

From 093ff4061dab1b6dde2b898559c788ff6d77c23d Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 10:08:45 +0000
Subject: [PATCH 100/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/reusables/kotlin-java-differences.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index 15831b5d2bc..2cefb35a6ea 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -1,7 +1,7 @@
 Writing CodeQL queries for Kotlin versus Java analysis
 ------------------------------------------------------
 
-When writing Kotlin-specific elements (such as a `WhenExpr`) you’ll need to use Kotlin-specific CodeQL classes, but writing queries for Kotlin and Java is largely the same. The two make use of the same libraries such as DataFlow, TaintTracking, or SSA, and the same classes such as `MethodAccess` or `Class`. 
+Generally you use the same classes to write queries for Kotlin and for Java. You use the same libraries such as DataFlow, TaintTracking, or SSA, and the same classes such as `MethodAccess` or `Class` for both languages. When you want to access Kotlin-specific elements (such as a ``WhenExpr``) you’ll need to use Kotlin-specific CodeQL classes.
 
 There are however some important cases where writing queries for Kotlin can produce surprising results compared to writing queries for Java, as CodeQL works with the JVM bytecode representation of the Kotlin source code. 
 

From a55c56feed2019bec3fcc1f4fd0a00e7c1e479fa Mon Sep 17 00:00:00 2001
From: Tom Hvitved <hvitved@github.com>
Date: Wed, 23 Nov 2022 11:33:52 +0100
Subject: [PATCH 101/144] Fix typo in `codeql-workspace.yml`

---
 codeql-workspace.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/codeql-workspace.yml b/codeql-workspace.yml
index f93ed4ac5c8..3f3318d12c2 100644
--- a/codeql-workspace.yml
+++ b/codeql-workspace.yml
@@ -25,7 +25,7 @@ provide:
   - "misc/suite-helpers/qlpack.yml"
   - "ruby/extractor-pack/codeql-extractor.yml"
   - "swift/extractor-pack/codeql-extractor.yml"
-  - "ql/extractor-pack/codeql-extractor.ym"
+  - "ql/extractor-pack/codeql-extractor.yml"
 
 versionPolicies:
   default:

From 3b698216304bad5c22df4dfffce0f0def6a8e3e7 Mon Sep 17 00:00:00 2001
From: Henry Mercer <henrymercer@github.com>
Date: Wed, 23 Nov 2022 10:45:05 +0000
Subject: [PATCH 102/144] ATM: Add descriptions to ML-powered packs

---
 javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml | 1 +
 .../ql/experimental/adaptivethreatmodeling/model/qlpack.yml      | 1 +
 .../experimental/adaptivethreatmodeling/modelbuilding/qlpack.yml | 1 +
 javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml | 1 +
 4 files changed, 4 insertions(+)

diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml
index fb53f54ded7..e3f7c7064d3 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml
@@ -1,4 +1,5 @@
 name: codeql/javascript-experimental-atm-lib
+description: CodeQL libraries for the experimental ML-powered queries
 version: 0.4.2
 extractor: javascript
 library: true
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/model/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/model/qlpack.yml
index 40b611fc72a..e37547ed938 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/model/qlpack.yml
+++ b/javascript/ql/experimental/adaptivethreatmodeling/model/qlpack.yml
@@ -1,4 +1,5 @@
 name: codeql/javascript-experimental-atm-model
+description: Machine learning model supporting the experimental ML-powered queries
 version: 0.3.1
 groups:
     - javascript
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/qlpack.yml
index e6657138f1c..ac65fc1bb5f 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/qlpack.yml
+++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/qlpack.yml
@@ -1,4 +1,5 @@
 name: codeql/javascript-experimental-atm-model-building
+description: CodeQL libraries for building machine learning models for the experimental ML-powered queries
 extractor: javascript
 library: false
 groups:
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml
index 725beadcb0e..1378bc67041 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml
+++ b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml
@@ -1,4 +1,5 @@
 name: codeql/javascript-experimental-atm-queries
+description: Experimental ML-powered queries for JavaScript
 language: javascript
 version: 0.4.2
 suites: codeql-suites

From a1bffff0b0c30aaae3bbea21b34eea8446354a9a Mon Sep 17 00:00:00 2001
From: Paolo Tranquilli <redsun82@github.com>
Date: Wed, 23 Nov 2022 12:15:29 +0100
Subject: [PATCH 103/144] Swift: add downgrades script to extractor pack

---
 swift/BUILD.bazel            |  1 +
 swift/downgrades/BUILD.bazel | 12 ++++++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 swift/downgrades/BUILD.bazel

diff --git a/swift/BUILD.bazel b/swift/BUILD.bazel
index 446d021a6aa..4803d4b3153 100644
--- a/swift/BUILD.bazel
+++ b/swift/BUILD.bazel
@@ -33,6 +33,7 @@ pkg_filegroup(
     srcs = [
         ":dbscheme_files",
         ":manifest",
+        "//swift/downgrades",
         "//swift/tools",
     ],
     visibility = ["//visibility:public"],
diff --git a/swift/downgrades/BUILD.bazel b/swift/downgrades/BUILD.bazel
new file mode 100644
index 00000000000..d76e543a6e7
--- /dev/null
+++ b/swift/downgrades/BUILD.bazel
@@ -0,0 +1,12 @@
+load("@rules_pkg//:mappings.bzl", "pkg_files", "strip_prefix")
+
+pkg_files(
+    name = "downgrades",
+    srcs = glob(
+        ["**"],
+        exclude = ["BUILD.bazel"],
+    ),
+    prefix = "downgrades",
+    strip_prefix = strip_prefix.from_pkg(),
+    visibility = ["//swift:__pkg__"],
+)

From 807f87e01f0052d8e659c127621e62068e823b29 Mon Sep 17 00:00:00 2001
From: Anders Schack-Mulligen <aschackmull@github.com>
Date: Wed, 23 Nov 2022 12:56:32 +0100
Subject: [PATCH 104/144] Java: Adjust the prioritisation between MaD and
 source dispatch.

---
 java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll b/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll
index 56385e89877..eb1878bf7e4 100644
--- a/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll
+++ b/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll
@@ -99,10 +99,12 @@ private module Dispatch {
   private predicate lowConfidenceDispatchType(SrcRefType t) {
     t instanceof TypeObject
     or
-    t instanceof FunctionalInterface
+    t instanceof Interface and not t.fromSource()
     or
     t.hasQualifiedName("java.io", "Serializable")
     or
+    t.hasQualifiedName("java.lang", "Iterable")
+    or
     t.hasQualifiedName("java.lang", "Cloneable")
     or
     t.getPackage().hasName("java.util") and t instanceof Interface

From 8f3731fd42d7d0e0f1e062a34b3dc99ed4866fd7 Mon Sep 17 00:00:00 2001
From: Tom Hvitved <hvitved@github.com>
Date: Wed, 23 Nov 2022 10:57:21 +0100
Subject: [PATCH 105/144] C#: Split `AutobuildOptions` into C#/C++ specific
 classes

---
 .github/workflows/csharp-qltest.yml           |  1 +
 .../BuildScripts.cs                           |  6 +-
 .../Semmle.Autobuild.Cpp/CppAutobuilder.cs    | 21 ++++-
 .../Semmle.Autobuild.Cpp/Program.cs           |  4 +-
 .../BuildScripts.cs                           |  4 +-
 .../CSharpAutobuilder.cs                      | 27 +++++-
 .../Semmle.Autobuild.CSharp/DotNetRule.cs     | 16 ++--
 .../Semmle.Autobuild.CSharp/Program.cs        |  2 +-
 .../StandaloneBuildRule.cs                    |  4 +-
 .../AutobuildOptions.cs                       | 18 ++--
 .../Semmle.Autobuild.Shared/Autobuilder.cs    | 85 ++++++++++++++-----
 .../BuildCommandAutoRule.cs                   |  8 +-
 .../BuildCommandRule.cs                       |  8 +-
 .../Semmle.Autobuild.Shared/MsBuildRule.cs    | 12 +--
 .../Semmle.Autobuild.Shared/Project.cs        | 14 +--
 .../ProjectOrSolution.cs                      |  4 +-
 .../Semmle.Autobuild.Shared/Solution.cs       | 12 +--
 17 files changed, 163 insertions(+), 83 deletions(-)

diff --git a/.github/workflows/csharp-qltest.yml b/.github/workflows/csharp-qltest.yml
index 28b3fb7477d..531f4296a84 100644
--- a/.github/workflows/csharp-qltest.yml
+++ b/.github/workflows/csharp-qltest.yml
@@ -83,3 +83,4 @@ jobs:
           dotnet test -p:RuntimeFrameworkVersion=6.0.4 "${{ github.workspace }}/csharp/extractor/Semmle.Util.Tests"
           dotnet test -p:RuntimeFrameworkVersion=6.0.4 "${{ github.workspace }}/csharp/extractor/Semmle.Extraction.Tests"
           dotnet test -p:RuntimeFrameworkVersion=6.0.4 "${{ github.workspace }}/csharp/autobuilder/Semmle.Autobuild.CSharp.Tests"
+          dotnet test -p:RuntimeFrameworkVersion=6.0.4 "${{ github.workspace }}/cpp/autobuilder/Semmle.Autobuild.Cpp.Tests"
diff --git a/cpp/autobuilder/Semmle.Autobuild.Cpp.Tests/BuildScripts.cs b/cpp/autobuilder/Semmle.Autobuild.Cpp.Tests/BuildScripts.cs
index 76acba2eee4..def45890c9f 100644
--- a/cpp/autobuilder/Semmle.Autobuild.Cpp.Tests/BuildScripts.cs
+++ b/cpp/autobuilder/Semmle.Autobuild.Cpp.Tests/BuildScripts.cs
@@ -257,11 +257,11 @@ namespace Semmle.Autobuild.Cpp.Tests
             Actions.GetCurrentDirectory = cwd;
             Actions.IsWindows = isWindows;
 
-            var options = new AutobuildOptions(Actions, Language.Cpp);
+            var options = new CppAutobuildOptions(Actions);
             return new CppAutobuilder(Actions, options);
         }
 
-        void TestAutobuilderScript(Autobuilder autobuilder, int expectedOutput, int commandsRun)
+        void TestAutobuilderScript(CppAutobuilder autobuilder, int expectedOutput, int commandsRun)
         {
             Assert.Equal(expectedOutput, autobuilder.GetBuildScript().Run(Actions, StartCallback, EndCallback));
 
@@ -299,7 +299,7 @@ namespace Semmle.Autobuild.Cpp.Tests
         {
             Actions.RunProcess[@"cmd.exe /C nuget restore C:\Project\test.sln -DisableParallelProcessing"] = 1;
             Actions.RunProcess[@"cmd.exe /C C:\Project\.nuget\nuget.exe restore C:\Project\test.sln -DisableParallelProcessing"] = 0;
-            Actions.RunProcess[@"cmd.exe /C CALL ^""C:\Program Files ^(x86^)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat^"" && set Platform=&& type NUL && C:\odasa\tools\odasa index --auto msbuild C:\Project\test.sln /t:rebuild /p:Platform=""x86"" /p:Configuration=""Release"" /p:MvcBuildViews=true"] = 0;
+            Actions.RunProcess[@"cmd.exe /C CALL ^""C:\Program Files ^(x86^)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat^"" && set Platform=&& type NUL && msbuild C:\Project\test.sln /t:rebuild /p:Platform=""x86"" /p:Configuration=""Release"""] = 0;
             Actions.RunProcessOut[@"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vswhere.exe -prerelease -legacy -property installationPath"] = "";
             Actions.RunProcess[@"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vswhere.exe -prerelease -legacy -property installationPath"] = 1;
             Actions.RunProcess[@"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vswhere.exe -prerelease -legacy -property installationVersion"] = 0;
diff --git a/cpp/autobuilder/Semmle.Autobuild.Cpp/CppAutobuilder.cs b/cpp/autobuilder/Semmle.Autobuild.Cpp/CppAutobuilder.cs
index 44c34656a2a..1503dedb376 100644
--- a/cpp/autobuilder/Semmle.Autobuild.Cpp/CppAutobuilder.cs
+++ b/cpp/autobuilder/Semmle.Autobuild.Cpp/CppAutobuilder.cs
@@ -2,9 +2,26 @@
 
 namespace Semmle.Autobuild.Cpp
 {
-    public class CppAutobuilder : Autobuilder
+    /// <summary>
+    /// Encapsulates C++ build options.
+    /// </summary>
+    public class CppAutobuildOptions : AutobuildOptionsShared
     {
-        public CppAutobuilder(IBuildActions actions, AutobuildOptions options) : base(actions, options) { }
+        public override Language Language => Language.Cpp;
+
+
+        /// <summary>
+        /// Reads options from environment variables.
+        /// Throws ArgumentOutOfRangeException for invalid arguments.
+        /// </summary>
+        public CppAutobuildOptions(IBuildActions actions) : base(actions)
+        {
+        }
+    }
+
+    public class CppAutobuilder : Autobuilder<CppAutobuildOptions>
+    {
+        public CppAutobuilder(IBuildActions actions, CppAutobuildOptions options) : base(actions, options) { }
 
         public override BuildScript GetBuildScript()
         {
diff --git a/cpp/autobuilder/Semmle.Autobuild.Cpp/Program.cs b/cpp/autobuilder/Semmle.Autobuild.Cpp/Program.cs
index 3f4627c53d5..a7556197bcd 100644
--- a/cpp/autobuilder/Semmle.Autobuild.Cpp/Program.cs
+++ b/cpp/autobuilder/Semmle.Autobuild.Cpp/Program.cs
@@ -11,14 +11,14 @@ namespace Semmle.Autobuild.Cpp
             try
             {
                 var actions = SystemBuildActions.Instance;
-                var options = new AutobuildOptions(actions, Language.Cpp);
+                var options = new CppAutobuildOptions(actions);
                 try
                 {
                     Console.WriteLine("CodeQL C++ autobuilder");
                     var builder = new CppAutobuilder(actions, options);
                     return builder.AttemptBuild();
                 }
-                catch(InvalidEnvironmentException ex)
+                catch (InvalidEnvironmentException ex)
                 {
                     Console.WriteLine("The environment is invalid: {0}", ex.Message);
                 }
diff --git a/csharp/autobuilder/Semmle.Autobuild.CSharp.Tests/BuildScripts.cs b/csharp/autobuilder/Semmle.Autobuild.CSharp.Tests/BuildScripts.cs
index 9afe24ed72f..df362c2a129 100644
--- a/csharp/autobuilder/Semmle.Autobuild.CSharp.Tests/BuildScripts.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.CSharp.Tests/BuildScripts.cs
@@ -403,7 +403,7 @@ namespace Semmle.Autobuild.CSharp.Tests
             actions.GetCurrentDirectory = cwd;
             actions.IsWindows = isWindows;
 
-            var options = new AutobuildOptions(actions, Language.CSharp);
+            var options = new CSharpAutobuildOptions(actions);
             return new CSharpAutobuilder(actions, options);
         }
 
@@ -576,7 +576,7 @@ namespace Semmle.Autobuild.CSharp.Tests
             actions.FileExists[@"C:\Program Files (x86)\Microsoft Visual Studio 10.0\VC\vcvarsall.bat"] = false;
         }
 
-        private void TestAutobuilderScript(Autobuilder autobuilder, int expectedOutput, int commandsRun)
+        private void TestAutobuilderScript(CSharpAutobuilder autobuilder, int expectedOutput, int commandsRun)
         {
             Assert.Equal(expectedOutput, autobuilder.GetBuildScript().Run(actions, StartCallback, EndCallback));
 
diff --git a/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs b/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs
index ff6d2c804cc..71891fa4e8b 100644
--- a/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs
@@ -4,9 +4,32 @@ using Semmle.Autobuild.Shared;
 
 namespace Semmle.Autobuild.CSharp
 {
-    public class CSharpAutobuilder : Autobuilder
+    /// <summary>
+    /// Encapsulates C# build options.
+    /// </summary>
+    public class CSharpAutobuildOptions : AutobuildOptionsShared
     {
-        public CSharpAutobuilder(IBuildActions actions, AutobuildOptions options) : base(actions, options) { }
+        private const string extractorOptionPrefix = "CODEQL_EXTRACTOR_CSHARP_OPTION_";
+
+        public bool Buildless { get; }
+
+        public override Language Language => Language.CSharp;
+
+
+        /// <summary>
+        /// Reads options from environment variables.
+        /// Throws ArgumentOutOfRangeException for invalid arguments.
+        /// </summary>
+        public CSharpAutobuildOptions(IBuildActions actions) : base(actions)
+        {
+            Buildless = actions.GetEnvironmentVariable(lgtmPrefix + "BUILDLESS").AsBool("buildless", false) ||
+                actions.GetEnvironmentVariable(extractorOptionPrefix + "BUILDLESS").AsBool("buildless", false);
+        }
+    }
+
+    public class CSharpAutobuilder : Autobuilder<CSharpAutobuildOptions>
+    {
+        public CSharpAutobuilder(IBuildActions actions, CSharpAutobuildOptions options) : base(actions, options) { }
 
         public override BuildScript GetBuildScript()
         {
diff --git a/csharp/autobuilder/Semmle.Autobuild.CSharp/DotNetRule.cs b/csharp/autobuilder/Semmle.Autobuild.CSharp/DotNetRule.cs
index 163dbfa1464..394349e2a40 100644
--- a/csharp/autobuilder/Semmle.Autobuild.CSharp/DotNetRule.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.CSharp/DotNetRule.cs
@@ -13,9 +13,9 @@ namespace Semmle.Autobuild.CSharp
     /// A build rule where the build command is of the form "dotnet build".
     /// Currently unused because the tracer does not work with dotnet.
     /// </summary>
-    internal class DotNetRule : IBuildRule
+    internal class DotNetRule : IBuildRule<CSharpAutobuildOptions>
     {
-        public BuildScript Analyse(Autobuilder builder, bool auto)
+        public BuildScript Analyse(IAutobuilder<CSharpAutobuildOptions> builder, bool auto)
         {
             if (!builder.ProjectsOrSolutionsToBuild.Any())
                 return BuildScript.Failure;
@@ -24,7 +24,7 @@ namespace Semmle.Autobuild.CSharp
             {
                 var notDotNetProject = builder.ProjectsOrSolutionsToBuild
                     .SelectMany(p => Enumerators.Singleton(p).Concat(p.IncludedProjects))
-                    .OfType<Project>()
+                    .OfType<Project<CSharpAutobuildOptions>>()
                     .FirstOrDefault(p => !p.DotNetProject);
                 if (notDotNetProject is not null)
                 {
@@ -56,7 +56,7 @@ namespace Semmle.Autobuild.CSharp
                 });
         }
 
-        private static BuildScript WithDotNet(Autobuilder builder, Func<string?, IDictionary<string, string>?, BuildScript> f)
+        private static BuildScript WithDotNet(IAutobuilder<AutobuildOptionsShared> builder, Func<string?, IDictionary<string, string>?, BuildScript> f)
         {
             var installDir = builder.Actions.PathCombine(builder.Options.RootDirectory, ".dotnet");
             var installScript = DownloadDotNet(builder, installDir);
@@ -92,7 +92,7 @@ namespace Semmle.Autobuild.CSharp
         /// variables needed by the installed .NET Core (<code>null</code> when no variables
         /// are needed).
         /// </summary>
-        public static BuildScript WithDotNet(Autobuilder builder, Func<IDictionary<string, string>?, BuildScript> f)
+        public static BuildScript WithDotNet(IAutobuilder<AutobuildOptionsShared> builder, Func<IDictionary<string, string>?, BuildScript> f)
             => WithDotNet(builder, (_1, env) => f(env));
 
         /// <summary>
@@ -100,7 +100,7 @@ namespace Semmle.Autobuild.CSharp
         /// .NET Core SDK. The SDK(s) will be installed at <code>installDir</code>
         /// (provided that the script succeeds).
         /// </summary>
-        private static BuildScript DownloadDotNet(Autobuilder builder, string installDir)
+        private static BuildScript DownloadDotNet(IAutobuilder<AutobuildOptionsShared> builder, string installDir)
         {
             if (!string.IsNullOrEmpty(builder.Options.DotNetVersion))
                 // Specific version supplied in configuration: always use that
@@ -137,7 +137,7 @@ namespace Semmle.Autobuild.CSharp
         ///
         /// See https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-install-script.
         /// </summary>
-        private static BuildScript DownloadDotNetVersion(Autobuilder builder, string path, string version)
+        private static BuildScript DownloadDotNetVersion(IAutobuilder<AutobuildOptionsShared> builder, string path, string version)
         {
             return BuildScript.Bind(GetInstalledSdksScript(builder.Actions), (sdks, sdksRet) =>
                 {
@@ -233,7 +233,7 @@ namespace Semmle.Autobuild.CSharp
         /// <summary>
         /// Gets the `dotnet build` script.
         /// </summary>
-        private static BuildScript GetBuildScript(Autobuilder builder, string? dotNetPath, IDictionary<string, string>? environment, string projOrSln)
+        private static BuildScript GetBuildScript(IAutobuilder<CSharpAutobuildOptions> builder, string? dotNetPath, IDictionary<string, string>? environment, string projOrSln)
         {
             var build = new CommandBuilder(builder.Actions, null, environment);
             var script = build.RunCommand(DotNetCommand(builder.Actions, dotNetPath)).
diff --git a/csharp/autobuilder/Semmle.Autobuild.CSharp/Program.cs b/csharp/autobuilder/Semmle.Autobuild.CSharp/Program.cs
index 2233557af16..479625c76e3 100644
--- a/csharp/autobuilder/Semmle.Autobuild.CSharp/Program.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.CSharp/Program.cs
@@ -11,7 +11,7 @@ namespace Semmle.Autobuild.CSharp
             try
             {
                 var actions = SystemBuildActions.Instance;
-                var options = new AutobuildOptions(actions, Language.CSharp);
+                var options = new CSharpAutobuildOptions(actions);
                 try
                 {
                     Console.WriteLine("CodeQL C# autobuilder");
diff --git a/csharp/autobuilder/Semmle.Autobuild.CSharp/StandaloneBuildRule.cs b/csharp/autobuilder/Semmle.Autobuild.CSharp/StandaloneBuildRule.cs
index fa6523e37ae..207ecd70f0a 100644
--- a/csharp/autobuilder/Semmle.Autobuild.CSharp/StandaloneBuildRule.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.CSharp/StandaloneBuildRule.cs
@@ -6,9 +6,9 @@ namespace Semmle.Autobuild.CSharp
     /// <summary>
     /// Build using standalone extraction.
     /// </summary>
-    internal class StandaloneBuildRule : IBuildRule
+    internal class StandaloneBuildRule : IBuildRule<CSharpAutobuildOptions>
     {
-        public BuildScript Analyse(Autobuilder builder, bool auto)
+        public BuildScript Analyse(IAutobuilder<CSharpAutobuildOptions> builder, bool auto)
         {
             BuildScript GetCommand(string? solution)
             {
diff --git a/csharp/autobuilder/Semmle.Autobuild.Shared/AutobuildOptions.cs b/csharp/autobuilder/Semmle.Autobuild.Shared/AutobuildOptions.cs
index ed20bb929ff..d51612272d0 100644
--- a/csharp/autobuilder/Semmle.Autobuild.Shared/AutobuildOptions.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.Shared/AutobuildOptions.cs
@@ -6,12 +6,12 @@ using System.Text.RegularExpressions;
 namespace Semmle.Autobuild.Shared
 {
     /// <summary>
-    /// Encapsulates build options.
+    /// Encapsulates build options shared between C# and C++.
     /// </summary>
-    public class AutobuildOptions
+    public abstract class AutobuildOptionsShared
     {
-        private const string lgtmPrefix = "LGTM_INDEX_";
-        private const string extractorOptionPrefix = "CODEQL_EXTRACTOR_CSHARP_OPTION_";
+        protected const string lgtmPrefix = "LGTM_INDEX_";
+
 
         public int SearchDepth { get; } = 3;
         public string RootDirectory { get; }
@@ -25,16 +25,16 @@ namespace Semmle.Autobuild.Shared
         public string? BuildCommand { get; }
         public IEnumerable<string> Solution { get; }
         public bool IgnoreErrors { get; }
-        public bool Buildless { get; }
+
         public bool AllSolutions { get; }
         public bool NugetRestore { get; }
-        public Language Language { get; }
+        public abstract Language Language { get; }
 
         /// <summary>
         /// Reads options from environment variables.
         /// Throws ArgumentOutOfRangeException for invalid arguments.
         /// </summary>
-        public AutobuildOptions(IBuildActions actions, Language language)
+        public AutobuildOptionsShared(IBuildActions actions)
         {
             RootDirectory = actions.GetCurrentDirectory();
             VsToolsVersion = actions.GetEnvironmentVariable(lgtmPrefix + "VSTOOLS_VERSION");
@@ -48,12 +48,8 @@ namespace Semmle.Autobuild.Shared
             Solution = actions.GetEnvironmentVariable(lgtmPrefix + "SOLUTION").AsListWithExpandedEnvVars(actions, Array.Empty<string>());
 
             IgnoreErrors = actions.GetEnvironmentVariable(lgtmPrefix + "IGNORE_ERRORS").AsBool("ignore_errors", false);
-            Buildless = actions.GetEnvironmentVariable(lgtmPrefix + "BUILDLESS").AsBool("buildless", false) ||
-                actions.GetEnvironmentVariable(extractorOptionPrefix + "BUILDLESS").AsBool("buildless", false);
             AllSolutions = actions.GetEnvironmentVariable(lgtmPrefix + "ALL_SOLUTIONS").AsBool("all_solutions", false);
             NugetRestore = actions.GetEnvironmentVariable(lgtmPrefix + "NUGET_RESTORE").AsBool("nuget_restore", true);
-
-            Language = language;
         }
     }
 
diff --git a/csharp/autobuilder/Semmle.Autobuild.Shared/Autobuilder.cs b/csharp/autobuilder/Semmle.Autobuild.Shared/Autobuilder.cs
index d90175d245a..1ef5ebd815d 100644
--- a/csharp/autobuilder/Semmle.Autobuild.Shared/Autobuilder.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.Shared/Autobuilder.cs
@@ -9,21 +9,21 @@ namespace Semmle.Autobuild.Shared
     /// <summary>
     /// A build rule analyses the files in "builder" and outputs a build script.
     /// </summary>
-    public interface IBuildRule
+    public interface IBuildRule<TAutobuildOptions> where TAutobuildOptions : AutobuildOptionsShared
     {
         /// <summary>
         /// Analyse the files and produce a build script.
         /// </summary>
         /// <param name="builder">The files and options relating to the build.</param>
         /// <param name="auto">Whether this build rule is being automatically applied.</param>
-        BuildScript Analyse(Autobuilder builder, bool auto);
+        BuildScript Analyse(IAutobuilder<TAutobuildOptions> builder, bool auto);
     }
 
     /// <summary>
     /// A delegate used to wrap a build script in an environment where an appropriate
     /// version of .NET Core is automatically installed.
     /// </summary>
-    public delegate BuildScript WithDotNet(Autobuilder builder, Func<IDictionary<string, string>?, BuildScript> f);
+    public delegate BuildScript WithDotNet<TAutobuildOptions>(IAutobuilder<TAutobuildOptions> builder, Func<IDictionary<string, string>?, BuildScript> f) where TAutobuildOptions : AutobuildOptionsShared;
 
     /// <summary>
     /// Exception indicating that environment variables are missing or invalid.
@@ -33,6 +33,59 @@ namespace Semmle.Autobuild.Shared
         public InvalidEnvironmentException(string m) : base(m) { }
     }
 
+    public interface IAutobuilder<out TAutobuildOptions> where TAutobuildOptions : AutobuildOptionsShared
+    {
+        /// <summary>
+        /// Full file paths of files found in the project directory, as well as
+        /// their distance from the project root folder. The list is sorted
+        /// by distance in ascending order.
+        /// </summary>
+        IEnumerable<(string, int)> Paths { get; }
+
+        /// <summary>
+        /// Gets all paths matching a particular filename, as well as
+        /// their distance from the project root folder. The list is sorted
+        /// by distance in ascending order.
+        /// </summary>
+        /// <param name="name">The filename to find.</param>
+        /// <returns>Possibly empty sequence of paths with the given filename.</returns>
+        IEnumerable<(string, int)> GetFilename(string name) =>
+           Paths.Where(p => Actions.GetFileName(p.Item1) == name);
+
+        /// <summary>
+        /// List of project/solution files to build.
+        /// </summary>
+        IList<IProjectOrSolution> ProjectsOrSolutionsToBuild { get; }
+
+        /// <summary>
+        /// Gets the supplied build configuration.
+        /// </summary>
+        TAutobuildOptions Options { get; }
+
+        /// <summary>
+        /// The set of build actions used during the autobuilder.
+        /// Could be real system operations, or a stub for testing.
+        /// </summary>
+        IBuildActions Actions { get; }
+
+        /// <summary>
+        /// Log a given build event to the console.
+        /// </summary>
+        /// <param name="format">The format string.</param>
+        /// <param name="args">Inserts to the format string.</param>
+        void Log(Severity severity, string format, params object[] args);
+
+        /// <summary>
+        /// Value of CODEQL_EXTRACTOR_<LANG>_ROOT environment variable.
+        /// </summary>
+        string? CodeQLExtractorLangRoot { get; }
+
+        /// <summary>
+        /// Value of CODEQL_PLATFORM environment variable.
+        /// </summary>
+        string? CodeQlPlatform { get; }
+    }
+
     /// <summary>
     /// Main application logic, containing all data
     /// gathered from the project and filesystem.
@@ -40,7 +93,7 @@ namespace Semmle.Autobuild.Shared
     /// The overall design is intended to be extensible so that in theory,
     /// it should be possible to add new build rules without touching this code.
     /// </summary>
-    public abstract class Autobuilder
+    public abstract class Autobuilder<TAutobuildOptions> : IAutobuilder<TAutobuildOptions> where TAutobuildOptions : AutobuildOptionsShared
     {
         /// <summary>
         /// Full file paths of files found in the project directory, as well as
@@ -60,16 +113,6 @@ namespace Semmle.Autobuild.Shared
         public IEnumerable<(string, int)> GetExtensions(params string[] extensions) =>
             Paths.Where(p => extensions.Contains(Path.GetExtension(p.Item1)));
 
-        /// <summary>
-        /// Gets all paths matching a particular filename, as well as
-        /// their distance from the project root folder. The list is sorted
-        /// by distance in ascending order.
-        /// </summary>
-        /// <param name="name">The filename to find.</param>
-        /// <returns>Possibly empty sequence of paths with the given filename.</returns>
-        public IEnumerable<(string, int)> GetFilename(string name) =>
-            Paths.Where(p => Actions.GetFileName(p.Item1) == name);
-
         /// <summary>
         /// Holds if a given path, relative to the root of the source directory
         /// was found.
@@ -115,7 +158,7 @@ namespace Semmle.Autobuild.Shared
         /// <summary>
         /// Gets the supplied build configuration.
         /// </summary>
-        public AutobuildOptions Options { get; }
+        public TAutobuildOptions Options { get; }
 
         /// <summary>
         /// The set of build actions used during the autobuilder.
@@ -123,7 +166,7 @@ namespace Semmle.Autobuild.Shared
         /// </summary>
         public IBuildActions Actions { get; }
 
-        private IEnumerable<IProjectOrSolution>? FindFiles(string extension, Func<string, ProjectOrSolution> create)
+        private IEnumerable<IProjectOrSolution>? FindFiles(string extension, Func<string, ProjectOrSolution<TAutobuildOptions>> create)
         {
             var matchingFiles = GetExtensions(extension)
                 .Select(p => (ProjectOrSolution: create(p.Item1), DistanceFromRoot: p.Item2))
@@ -146,7 +189,7 @@ namespace Semmle.Autobuild.Shared
         /// solution file and tools.
         /// </summary>
         /// <param name="options">The command line options.</param>
-        protected Autobuilder(IBuildActions actions, AutobuildOptions options)
+        protected Autobuilder(IBuildActions actions, TAutobuildOptions options)
         {
             Actions = actions;
             Options = options;
@@ -167,7 +210,7 @@ namespace Semmle.Autobuild.Shared
                     foreach (var solution in options.Solution)
                     {
                         if (actions.FileExists(solution))
-                            ret.Add(new Solution(this, solution, true));
+                            ret.Add(new Solution<TAutobuildOptions>(this, solution, true));
                         else
                             Log(Severity.Error, $"The specified project or solution file {solution} was not found");
                     }
@@ -175,17 +218,17 @@ namespace Semmle.Autobuild.Shared
                 }
 
                 // First look for `.proj` files
-                ret = FindFiles(".proj", f => new Project(this, f))?.ToList();
+                ret = FindFiles(".proj", f => new Project<TAutobuildOptions>(this, f))?.ToList();
                 if (ret is not null)
                     return ret;
 
                 // Then look for `.sln` files
-                ret = FindFiles(".sln", f => new Solution(this, f, false))?.ToList();
+                ret = FindFiles(".sln", f => new Solution<TAutobuildOptions>(this, f, false))?.ToList();
                 if (ret is not null)
                     return ret;
 
                 // Finally look for language specific project files, e.g. `.csproj` files
-                ret = FindFiles(this.Options.Language.ProjectExtension, f => new Project(this, f))?.ToList();
+                ret = FindFiles(this.Options.Language.ProjectExtension, f => new Project<TAutobuildOptions>(this, f))?.ToList();
                 return ret ?? new List<IProjectOrSolution>();
             });
 
diff --git a/csharp/autobuilder/Semmle.Autobuild.Shared/BuildCommandAutoRule.cs b/csharp/autobuilder/Semmle.Autobuild.Shared/BuildCommandAutoRule.cs
index b6cb0737630..0d44f0dad4d 100644
--- a/csharp/autobuilder/Semmle.Autobuild.Shared/BuildCommandAutoRule.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.Shared/BuildCommandAutoRule.cs
@@ -7,11 +7,11 @@ namespace Semmle.Autobuild.Shared
     /// <summary>
     /// Auto-detection of build scripts.
     /// </summary>
-    public class BuildCommandAutoRule : IBuildRule
+    public class BuildCommandAutoRule : IBuildRule<AutobuildOptionsShared>
     {
-        private readonly WithDotNet withDotNet;
+        private readonly WithDotNet<AutobuildOptionsShared> withDotNet;
 
-        public BuildCommandAutoRule(WithDotNet withDotNet)
+        public BuildCommandAutoRule(WithDotNet<AutobuildOptionsShared> withDotNet)
         {
             this.withDotNet = withDotNet;
         }
@@ -31,7 +31,7 @@ namespace Semmle.Autobuild.Shared
             "build"
         };
 
-        public BuildScript Analyse(Autobuilder builder, bool auto)
+        public BuildScript Analyse(IAutobuilder<AutobuildOptionsShared> builder, bool auto)
         {
             builder.Log(Severity.Info, "Attempting to locate build script");
 
diff --git a/csharp/autobuilder/Semmle.Autobuild.Shared/BuildCommandRule.cs b/csharp/autobuilder/Semmle.Autobuild.Shared/BuildCommandRule.cs
index 6db4cfa139d..54d406c9dac 100644
--- a/csharp/autobuilder/Semmle.Autobuild.Shared/BuildCommandRule.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.Shared/BuildCommandRule.cs
@@ -3,16 +3,16 @@
     /// <summary>
     /// Execute the build_command rule.
     /// </summary>
-    public class BuildCommandRule : IBuildRule
+    public class BuildCommandRule : IBuildRule<AutobuildOptionsShared>
     {
-        private readonly WithDotNet withDotNet;
+        private readonly WithDotNet<AutobuildOptionsShared> withDotNet;
 
-        public BuildCommandRule(WithDotNet withDotNet)
+        public BuildCommandRule(WithDotNet<AutobuildOptionsShared> withDotNet)
         {
             this.withDotNet = withDotNet;
         }
 
-        public BuildScript Analyse(Autobuilder builder, bool auto)
+        public BuildScript Analyse(IAutobuilder<AutobuildOptionsShared> builder, bool auto)
         {
             if (builder.Options.BuildCommand is null)
                 return BuildScript.Failure;
diff --git a/csharp/autobuilder/Semmle.Autobuild.Shared/MsBuildRule.cs b/csharp/autobuilder/Semmle.Autobuild.Shared/MsBuildRule.cs
index 0afc1da098c..77f2f70f718 100644
--- a/csharp/autobuilder/Semmle.Autobuild.Shared/MsBuildRule.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.Shared/MsBuildRule.cs
@@ -6,14 +6,14 @@ namespace Semmle.Autobuild.Shared
     /// <summary>
     /// A build rule using msbuild.
     /// </summary>
-    public class MsBuildRule : IBuildRule
+    public class MsBuildRule : IBuildRule<AutobuildOptionsShared>
     {
         /// <summary>
         /// The name of the msbuild command.
         /// </summary>
         private const string msBuild = "msbuild";
 
-        public BuildScript Analyse(Autobuilder builder, bool auto)
+        public BuildScript Analyse(IAutobuilder<AutobuildOptionsShared> builder, bool auto)
         {
             if (!builder.ProjectsOrSolutionsToBuild.Any())
                 return BuildScript.Failure;
@@ -27,8 +27,8 @@ namespace Semmle.Autobuild.Shared
             {
                 var firstSolution = builder.ProjectsOrSolutionsToBuild.OfType<ISolution>().FirstOrDefault();
                 vsTools = firstSolution is not null
-                                ? BuildTools.FindCompatibleVcVars(builder.Actions, firstSolution)
-                                : BuildTools.VcVarsAllBatFiles(builder.Actions).OrderByDescending(b => b.ToolsVersion).FirstOrDefault();
+                                        ? BuildTools.FindCompatibleVcVars(builder.Actions, firstSolution)
+                                        : BuildTools.VcVarsAllBatFiles(builder.Actions).OrderByDescending(b => b.ToolsVersion).FirstOrDefault();
             }
 
             if (vsTools is null && builder.Actions.IsWindows())
@@ -123,7 +123,7 @@ namespace Semmle.Autobuild.Shared
         ///
         /// Returns <code>null</code> when no version is specified.
         /// </summary>
-        public static VcVarsBatFile? GetVcVarsBatFile(Autobuilder builder)
+        public static VcVarsBatFile? GetVcVarsBatFile<TAutobuildOptions>(IAutobuilder<TAutobuildOptions> builder) where TAutobuildOptions : AutobuildOptionsShared
         {
             VcVarsBatFile? vsTools = null;
 
@@ -154,7 +154,7 @@ namespace Semmle.Autobuild.Shared
         /// <summary>
         /// Returns a script for downloading `nuget.exe` from nuget.org.
         /// </summary>
-        private static BuildScript DownloadNugetExe(Autobuilder builder, string path) =>
+        private static BuildScript DownloadNugetExe<TAutobuildOptions>(IAutobuilder<TAutobuildOptions> builder, string path) where TAutobuildOptions : AutobuildOptionsShared =>
             BuildScript.Create(_ =>
             {
                 builder.Log(Severity.Info, "Attempting to download nuget.exe");
diff --git a/csharp/autobuilder/Semmle.Autobuild.Shared/Project.cs b/csharp/autobuilder/Semmle.Autobuild.Shared/Project.cs
index bdc712d6623..71522859871 100644
--- a/csharp/autobuilder/Semmle.Autobuild.Shared/Project.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.Shared/Project.cs
@@ -12,7 +12,7 @@ namespace Semmle.Autobuild.Shared
     /// C# project files come in 2 flavours, .Net core and msbuild, but they
     /// have the same file extension.
     /// </summary>
-    public class Project : ProjectOrSolution
+    public class Project<TAutobuildOptions> : ProjectOrSolution<TAutobuildOptions> where TAutobuildOptions : AutobuildOptionsShared
     {
         /// <summary>
         /// Holds if this project is for .Net core.
@@ -23,13 +23,13 @@ namespace Semmle.Autobuild.Shared
 
         public Version ToolsVersion { get; private set; }
 
-        private readonly Lazy<List<Project>> includedProjectsLazy;
+        private readonly Lazy<List<Project<TAutobuildOptions>>> includedProjectsLazy;
         public override IEnumerable<IProjectOrSolution> IncludedProjects => includedProjectsLazy.Value;
 
-        public Project(Autobuilder builder, string path) : base(builder, path)
+        public Project(Autobuilder<TAutobuildOptions> builder, string path) : base(builder, path)
         {
             ToolsVersion = new Version();
-            includedProjectsLazy = new Lazy<List<Project>>(() => new List<Project>());
+            includedProjectsLazy = new Lazy<List<Project<TAutobuildOptions>>>(() => new List<Project<TAutobuildOptions>>());
 
             if (!builder.Actions.FileExists(FullPath))
                 return;
@@ -70,9 +70,9 @@ namespace Semmle.Autobuild.Shared
                     }
                 }
 
-                includedProjectsLazy = new Lazy<List<Project>>(() =>
+                includedProjectsLazy = new Lazy<List<Project<TAutobuildOptions>>>(() =>
                 {
-                    var ret = new List<Project>();
+                    var ret = new List<Project<TAutobuildOptions>>();
                     // The documentation on `.proj` files is very limited, but it appears that both
                     // `<ProjectFile Include="X"/>` and `<ProjectFiles Include="X"/>` is valid
                     var mgr = new XmlNamespaceManager(projFile.NameTable);
@@ -89,7 +89,7 @@ namespace Semmle.Autobuild.Shared
                         }
 
                         var includePath = builder.Actions.PathCombine(include.Value.Split('\\', StringSplitOptions.RemoveEmptyEntries));
-                        ret.Add(new Project(builder, builder.Actions.PathCombine(DirectoryName, includePath)));
+                        ret.Add(new Project<TAutobuildOptions>(builder, builder.Actions.PathCombine(DirectoryName, includePath)));
                     }
                     return ret;
                 });
diff --git a/csharp/autobuilder/Semmle.Autobuild.Shared/ProjectOrSolution.cs b/csharp/autobuilder/Semmle.Autobuild.Shared/ProjectOrSolution.cs
index 5e4d6c05248..d0c9eeb9669 100644
--- a/csharp/autobuilder/Semmle.Autobuild.Shared/ProjectOrSolution.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.Shared/ProjectOrSolution.cs
@@ -20,13 +20,13 @@ namespace Semmle.Autobuild.Shared
         IEnumerable<IProjectOrSolution> IncludedProjects { get; }
     }
 
-    public abstract class ProjectOrSolution : IProjectOrSolution
+    public abstract class ProjectOrSolution<TAutobuildOptions> : IProjectOrSolution where TAutobuildOptions : AutobuildOptionsShared
     {
         public string FullPath { get; }
 
         public string DirectoryName { get; }
 
-        protected ProjectOrSolution(Autobuilder builder, string path)
+        protected ProjectOrSolution(Autobuilder<TAutobuildOptions> builder, string path)
         {
             FullPath = builder.Actions.GetFullPath(path);
             DirectoryName = builder.Actions.GetDirectoryName(path) ?? "";
diff --git a/csharp/autobuilder/Semmle.Autobuild.Shared/Solution.cs b/csharp/autobuilder/Semmle.Autobuild.Shared/Solution.cs
index 0ec54c1e02f..78929b3a93e 100644
--- a/csharp/autobuilder/Semmle.Autobuild.Shared/Solution.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.Shared/Solution.cs
@@ -40,11 +40,11 @@ namespace Semmle.Autobuild.Shared
     /// <summary>
     /// A solution file on the filesystem, read using Microsoft.Build.
     /// </summary>
-    internal class Solution : ProjectOrSolution, ISolution
+    internal class Solution<TAutobuildOptions> : ProjectOrSolution<TAutobuildOptions>, ISolution where TAutobuildOptions : AutobuildOptionsShared
     {
         private readonly SolutionFile? solution;
 
-        private readonly IEnumerable<Project> includedProjects;
+        private readonly IEnumerable<Project<TAutobuildOptions>> includedProjects;
 
         public override IEnumerable<IProjectOrSolution> IncludedProjects => includedProjects;
 
@@ -57,7 +57,7 @@ namespace Semmle.Autobuild.Shared
         public string DefaultPlatformName =>
             solution is null ? "" : solution.GetDefaultPlatformName();
 
-        public Solution(Autobuilder builder, string path, bool allowProject) : base(builder, path)
+        public Solution(Autobuilder<TAutobuildOptions> builder, string path, bool allowProject) : base(builder, path)
         {
             try
             {
@@ -69,19 +69,19 @@ namespace Semmle.Autobuild.Shared
                 // that scenario as a solution with just that one project
                 if (allowProject)
                 {
-                    includedProjects = new[] { new Project(builder, path) };
+                    includedProjects = new[] { new Project<TAutobuildOptions>(builder, path) };
                     return;
                 }
 
                 builder.Log(Severity.Info, $"Unable to read solution file {path}.");
-                includedProjects = Array.Empty<Project>();
+                includedProjects = Array.Empty<Project<TAutobuildOptions>>();
                 return;
             }
 
             includedProjects = solution.ProjectsInOrder
                 .Where(p => p.ProjectType == SolutionProjectType.KnownToBeMSBuildFormat)
                 .Select(p => builder.Actions.PathCombine(DirectoryName, builder.Actions.PathCombine(p.RelativePath.Split('\\', StringSplitOptions.RemoveEmptyEntries))))
-                .Select(p => new Project(builder, p))
+                .Select(p => new Project<TAutobuildOptions>(builder, p))
                 .ToArray();
         }
 

From d401be18453679f98d03cdff77c50b9b4880ea07 Mon Sep 17 00:00:00 2001
From: Ian Lynagh <igfoo@github.com>
Date: Wed, 23 Nov 2022 12:11:55 +0000
Subject: [PATCH 106/144] Java: Fix typo: ceritificate

---
 .../Security/CWE/CWE-299/DisabledRevocationChecking.ql          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/ql/src/experimental/Security/CWE/CWE-299/DisabledRevocationChecking.ql b/java/ql/src/experimental/Security/CWE/CWE-299/DisabledRevocationChecking.ql
index c3af26f8ff4..a6d2049bd16 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-299/DisabledRevocationChecking.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-299/DisabledRevocationChecking.ql
@@ -1,5 +1,5 @@
 /**
- * @name Disabled ceritificate revocation checking
+ * @name Disabled certificate revocation checking
  * @description Using revoked certificates is dangerous.
  *              Therefore, revocation status of certificates in a chain should be checked.
  * @kind path-problem

From dcd082e955a225cf471f0aa90cf6de44453dbb05 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 12:48:47 +0000
Subject: [PATCH 107/144] Possible build fix, else needs new parameter

---
 docs/codeql/reusables/kotlin-java-differences.rst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index 2cefb35a6ea..3ab5b73e044 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -8,6 +8,7 @@ There are however some important cases where writing queries for Kotlin can prod
 Be careful when you model code elements that don’t exist in Java, such as ``NotNullExpr (expr!!)``, because they could interact in unexpected ways with common predicates. For example, ``MethodAccess.getQualifier()`` returns a ``NotNullExpr`` instead of a ``VarAccess`` in the following Kotlin code:
 
 .. code-block:: kotlin
+   
    someVar!!.someMethodCall()
 
 In that specific case, you can use the predicate `Expr.getUnderlyingExpr()`. This goes directly to the underlying `VarAccess`` to produce a more similar behavior to that in Java.

From 876add521476ca15ee49768e144f73271f3a82c5 Mon Sep 17 00:00:00 2001
From: Paolo Tranquilli <redsun82@github.com>
Date: Wed, 23 Nov 2022 13:56:03 +0100
Subject: [PATCH 108/144] Swift: reject uppercase acronyms in schema

This was causing hardly debuggable errors because names are transformed
to underscored lowercase names in the dbscheme and back to camelcase
for trap emission classes, which is not a noop in case uppercase
acronyms (like SIL or ABI) are in the name.

This makes the error be surfaced early with a helpful message.
---
 swift/codegen/lib/schema/schema.py |  9 +++++++--
 swift/codegen/test/test_schema.py  | 11 +++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/swift/codegen/lib/schema/schema.py b/swift/codegen/lib/schema/schema.py
index 94b4a2279ef..a2a1de0c05a 100644
--- a/swift/codegen/lib/schema/schema.py
+++ b/swift/codegen/lib/schema/schema.py
@@ -9,6 +9,7 @@ from enum import Enum, auto
 import functools
 import importlib.util
 from toposort import toposort_flatten
+import inflection
 
 
 class Error(Exception):
@@ -210,8 +211,12 @@ class _PropertyNamer(PropertyModifier):
 def _get_class(cls: type) -> Class:
     if not isinstance(cls, type):
         raise Error(f"Only class definitions allowed in schema, found {cls}")
-    if cls.__name__[0].islower():
-        raise Error(f"Class name must be capitalized, found {cls.__name__}")
+    # we must check that going to dbscheme names and back is preserved
+    # In particular this will not happen if uppercase acronyms are included in the name
+    to_underscore_and_back = inflection.camelize(inflection.underscore(cls.__name__), uppercase_first_letter=True)
+    if cls.__name__ != to_underscore_and_back:
+        raise Error(f"Class name must be upper camel-case, without capitalized acronyms, found {cls.__name__} "
+                    f"instead of {to_underscore_and_back}")
     if len({b._group for b in cls.__bases__ if hasattr(b, "_group")}) > 1:
         raise Error(f"Bases with mixed groups for {cls.__name__}")
     if any(getattr(b, "_null", False) for b in cls.__bases__):
diff --git a/swift/codegen/test/test_schema.py b/swift/codegen/test/test_schema.py
index 7ba84b4a292..0171087fafb 100644
--- a/swift/codegen/test/test_schema.py
+++ b/swift/codegen/test/test_schema.py
@@ -669,5 +669,16 @@ def test_null_class_cannot_be_defined_multiple_times():
                 pass
 
 
+def test_uppercase_acronyms_are_rejected():
+    with pytest.raises(schema.Error):
+        @schema.load
+        class data:
+            class Root:
+                pass
+
+            class ROTFLNode(Root):
+                pass
+
+
 if __name__ == '__main__':
     sys.exit(pytest.main([__file__] + sys.argv[1:]))

From 2eb6b1adb34679be3dc4c0822ebf10460369624b Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 23 Nov 2022 14:38:12 +0100
Subject: [PATCH 109/144] JS: fix two typos

---
 .../security/dataflow/SecondOrderCommandInjectionQuery.qll      | 2 +-
 .../ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/SecondOrderCommandInjectionQuery.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/SecondOrderCommandInjectionQuery.qll
index eb3fac4e860..fc10cd30c71 100644
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/SecondOrderCommandInjectionQuery.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/SecondOrderCommandInjectionQuery.qll
@@ -12,7 +12,7 @@ import SecondOrderCommandInjectionCustomizations::SecondOrderCommandInjection
 private import semmle.javascript.security.TaintedObject
 
 /**
- * A taint-tracking configuration for reasoning about command-injection vulnerabilities.
+ * A taint-tracking configuration for reasoning about second order command-injection vulnerabilities.
  */
 class Configuration extends TaintTracking::Configuration {
   Configuration() { this = "SecondOrderCommandInjection" }
diff --git a/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql b/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql
index 4d4471e9a55..2c3b5a59eee 100644
--- a/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql
+++ b/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql
@@ -6,7 +6,7 @@
  * @precision medium
  * @problem.severity error
  * @security-severity 5
- * @id py/predictable-token
+ * @id js/predictable-token
  * @tags security
  *       external/cwe/cwe-340
  */

From 19b5f64a11a8fc08f1152439ed33d76e96ebb59a Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 23 Nov 2022 14:58:17 +0100
Subject: [PATCH 110/144] use `instanceof` instead of `extends` on
 `DataFlow::CallNode` in some case

---
 .../codeql/ruby/frameworks/ActiveStorage.qll  |  4 +--
 .../lib/codeql/ruby/frameworks/PosixSpawn.qll |  8 +++---
 .../lib/codeql/ruby/frameworks/Railties.qll   |  8 +++---
 .../ql/lib/codeql/ruby/frameworks/core/IO.qll |  6 ++---
 .../codeql/ruby/frameworks/stdlib/Open3.qll   | 25 +++++++------------
 5 files changed, 22 insertions(+), 29 deletions(-)

diff --git a/ruby/ql/lib/codeql/ruby/frameworks/ActiveStorage.qll b/ruby/ql/lib/codeql/ruby/frameworks/ActiveStorage.qll
index 389ac9ee64d..4393f4c2bdb 100644
--- a/ruby/ql/lib/codeql/ruby/frameworks/ActiveStorage.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/ActiveStorage.qll
@@ -168,7 +168,7 @@ module ActiveStorage {
    * A call on an ActiveStorage object that results in an image transformation.
    * Arguments to these calls may be executed as system commands.
    */
-  private class ImageProcessingCall extends DataFlow::CallNode, SystemCommandExecution::Range {
+  private class ImageProcessingCall extends SystemCommandExecution::Range instanceof DataFlow::CallNode {
     ImageProcessingCall() {
       this.getReceiver() instanceof BlobInstance and
       this.getMethodName() = ["variant", "preview", "representation"]
@@ -209,7 +209,7 @@ module ActiveStorage {
       this = API::getTopLevelMember("ActiveStorage").getAMethodCall("video_preview_arguments=")
     }
 
-    override DataFlow::Node getAnArgument() { result = this.getArgument(0) }
+    override DataFlow::Node getAnArgument() { result = super.getArgument(0) }
   }
 
   /**
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/PosixSpawn.qll b/ruby/ql/lib/codeql/ruby/frameworks/PosixSpawn.qll
index 6c4d2ab1a47..92b6eb0fe71 100644
--- a/ruby/ql/lib/codeql/ruby/frameworks/PosixSpawn.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/PosixSpawn.qll
@@ -20,7 +20,7 @@ module PosixSpawn {
   /**
    * A call to `POSIX::Spawn::Child.new` or `POSIX::Spawn::Child.build`.
    */
-  class ChildCall extends SystemCommandExecution::Range, DataFlow::CallNode {
+  class ChildCall extends SystemCommandExecution::Range instanceof DataFlow::CallNode {
     ChildCall() {
       this =
         [
@@ -30,7 +30,7 @@ module PosixSpawn {
     }
 
     override DataFlow::Node getAnArgument() {
-      result = this.getArgument(_) and not result.asExpr() instanceof ExprNodes::PairCfgNode
+      result = super.getArgument(_) and not result.asExpr() instanceof ExprNodes::PairCfgNode
     }
 
     override predicate isShellInterpreted(DataFlow::Node arg) { none() }
@@ -39,7 +39,7 @@ module PosixSpawn {
   /**
    * A call to `POSIX::Spawn.spawn` or a related method.
    */
-  class SystemCall extends SystemCommandExecution::Range, DataFlow::CallNode {
+  class SystemCall extends SystemCommandExecution::Range instanceof DataFlow::CallNode {
     SystemCall() {
       this =
         posixSpawnModule()
@@ -71,7 +71,7 @@ module PosixSpawn {
     }
 
     private predicate argument(DataFlow::Node arg) {
-      arg = this.getArgument(_) and
+      arg = super.getArgument(_) and
       not arg.asExpr() instanceof ExprNodes::HashLiteralCfgNode and
       not arg.asExpr() instanceof ExprNodes::ArrayLiteralCfgNode and
       not arg.asExpr() instanceof ExprNodes::PairCfgNode
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/Railties.qll b/ruby/ql/lib/codeql/ruby/frameworks/Railties.qll
index fdcd3a0e1a8..509f72cafb9 100644
--- a/ruby/ql/lib/codeql/ruby/frameworks/Railties.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/Railties.qll
@@ -27,12 +27,12 @@ module Railties {
    * A call to `Rails::Generators::Actions#execute_command`.
    * This method concatenates its first and second arguments and executes the result as a shell command.
    */
-  private class ExecuteCommandCall extends SystemCommandExecution::Range, DataFlow::CallNode {
+  private class ExecuteCommandCall extends SystemCommandExecution::Range instanceof DataFlow::CallNode {
     ExecuteCommandCall() {
       this = generatorsActionsClass().getAnInstanceSelf().getAMethodCall("execute_command")
     }
 
-    override DataFlow::Node getAnArgument() { result = this.getArgument([0, 1]) }
+    override DataFlow::Node getAnArgument() { result = super.getArgument([0, 1]) }
 
     override predicate isShellInterpreted(DataFlow::Node arg) { arg = this.getAnArgument() }
   }
@@ -40,7 +40,7 @@ module Railties {
   /**
    * A call to a method in `Rails::Generators::Actions` which delegates to `execute_command`.
    */
-  private class ExecuteCommandWrapperCall extends SystemCommandExecution::Range, DataFlow::CallNode {
+  private class ExecuteCommandWrapperCall extends SystemCommandExecution::Range instanceof DataFlow::CallNode {
     ExecuteCommandWrapperCall() {
       this =
         generatorsActionsClass()
@@ -48,7 +48,7 @@ module Railties {
             .getAMethodCall(["rake", "rails_command", "git"])
     }
 
-    override DataFlow::Node getAnArgument() { result = this.getArgument(0) }
+    override DataFlow::Node getAnArgument() { result = super.getArgument(0) }
 
     override predicate isShellInterpreted(DataFlow::Node arg) { arg = this.getAnArgument() }
   }
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/core/IO.qll b/ruby/ql/lib/codeql/ruby/frameworks/core/IO.qll
index 0828a6dcea7..e751e882ddb 100644
--- a/ruby/ql/lib/codeql/ruby/frameworks/core/IO.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/core/IO.qll
@@ -114,7 +114,7 @@ module IO {
    * ```
    * Ruby documentation: https://docs.ruby-lang.org/en/3.1/IO.html#method-c-popen
    */
-  class POpenCall extends SystemCommandExecution::Range, DataFlow::CallNode {
+  class POpenCall extends SystemCommandExecution::Range instanceof DataFlow::CallNode {
     POpenCall() { this = API::getTopLevelMember("IO").getAMethodCall("popen") }
 
     override DataFlow::Node getAnArgument() { this.argument(result, _) }
@@ -131,7 +131,7 @@ module IO {
         not n instanceof ExprNodes::ArrayLiteralCfgNode and
         (
           // IO.popen({var: "a"}, "cmd", {some: :opt})
-          arg = this.getArgument([0, 1]) and
+          arg = super.getArgument([0, 1]) and
           // We over-approximate by assuming a subshell if the argument isn't an array or "-".
           // This increases the sensitivity of the CommandInjection query at the risk of some FPs.
           if n.getConstantValue().getString() = "-" then shell = false else shell = true
@@ -139,7 +139,7 @@ module IO {
           // IO.popen([{var: "b"}, "cmd", "arg1", "arg2", {some: :opt}])
           // IO.popen({var: "a"}, ["cmd", "arg1", "arg2", {some: :opt}])
           shell = false and
-          exists(ExprNodes::ArrayLiteralCfgNode arr | this.getArgument([0, 1]).asExpr() = arr |
+          exists(ExprNodes::ArrayLiteralCfgNode arr | super.getArgument([0, 1]).asExpr() = arr |
             n = arr.getAnArgument()
             or
             // IO.popen([{var: "b"}, ["cmd", "argv0"], "arg1", "arg2", {some: :opt}])
diff --git a/ruby/ql/lib/codeql/ruby/frameworks/stdlib/Open3.qll b/ruby/ql/lib/codeql/ruby/frameworks/stdlib/Open3.qll
index 3272056b4f1..fb081d5113e 100644
--- a/ruby/ql/lib/codeql/ruby/frameworks/stdlib/Open3.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/stdlib/Open3.qll
@@ -2,11 +2,13 @@
  * Provides modeling for the `Open3` library.
  */
 
+private import ruby
 private import codeql.ruby.AST
 private import codeql.ruby.DataFlow
 private import codeql.ruby.ApiGraphs
 private import codeql.ruby.frameworks.Stdlib
 private import codeql.ruby.Concepts
+private import codeql.ruby.frameworks.core.Kernel
 
 /**
  * Provides modeling for the `Open3` library.
@@ -17,23 +19,19 @@ module Open3 {
    * These methods take the same argument forms as `Kernel.system`.
    * See `KernelSystemCall` for details.
    */
-  class Open3Call extends SystemCommandExecution::Range {
-    MethodCall methodCall;
-
+  class Open3Call extends SystemCommandExecution::Range instanceof DataFlow::CallNode {
     Open3Call() {
-      this.asExpr().getExpr() = methodCall and
       this =
         API::getTopLevelMember("Open3")
             .getAMethodCall(["popen3", "popen2", "popen2e", "capture3", "capture2", "capture2e"])
     }
 
-    override DataFlow::Node getAnArgument() {
-      result.asExpr().getExpr() = methodCall.getAnArgument()
-    }
+    override DataFlow::Node getAnArgument() { result = super.getArgument(_) }
 
     override predicate isShellInterpreted(DataFlow::Node arg) {
       // These Open3 methods invoke a subshell if you provide a single string as argument
-      methodCall.getNumberOfArguments() = 1 and arg.asExpr().getExpr() = methodCall.getAnArgument()
+      super.getNumberOfArguments() = 1 and
+      arg = this.getAnArgument()
     }
   }
 
@@ -47,11 +45,8 @@ module Open3 {
    * Open3.pipeline([{}, "cat", "foo.txt"], "tail")
    * Open3.pipeline([["cat", "cat"], "foo.txt"], "tail")
    */
-  class Open3PipelineCall extends SystemCommandExecution::Range {
-    MethodCall methodCall;
-
+  class Open3PipelineCall extends SystemCommandExecution::Range instanceof DataFlow::CallNode {
     Open3PipelineCall() {
-      this.asExpr().getExpr() = methodCall and
       this =
         API::getTopLevelMember("Open3")
             .getAMethodCall([
@@ -59,14 +54,12 @@ module Open3 {
               ])
     }
 
-    override DataFlow::Node getAnArgument() {
-      result.asExpr().getExpr() = methodCall.getAnArgument()
-    }
+    override DataFlow::Node getAnArgument() { result = super.getArgument(_) }
 
     override predicate isShellInterpreted(DataFlow::Node arg) {
       // A command in the pipeline is executed in a subshell if it is given as a single string argument.
       arg.asExpr().getExpr() instanceof StringlikeLiteral and
-      arg.asExpr().getExpr() = methodCall.getAnArgument()
+      arg = this.getAnArgument()
     }
   }
 }

From 311614c5e6c250efaa165eb84fb20be665a65227 Mon Sep 17 00:00:00 2001
From: Michael Nebel <michaelnebel@github.com>
Date: Wed, 23 Nov 2022 14:08:15 +0100
Subject: [PATCH 111/144] C#: Remove imports of ExternalFlow.qll.

---
 .../semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll    | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll  | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll          | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/ServiceStack.qll     | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll              | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/System.qll           | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/CodeDom.qll   | 1 -
 .../ql/lib/semmle/code/csharp/frameworks/system/Collections.qll  | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/Data.qll      | 1 -
 .../ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll  | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/IO.qll        | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/Linq.qll      | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/Net.qll       | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/Security.qll  | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/Text.qll      | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/Web.qll       | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/Xml.qll       | 1 -
 .../semmle/code/csharp/frameworks/system/collections/Generic.qll | 1 -
 .../code/csharp/frameworks/system/collections/Specialized.qll    | 1 -
 .../ql/lib/semmle/code/csharp/frameworks/system/data/Common.qll  | 1 -
 .../lib/semmle/code/csharp/frameworks/system/io/Compression.qll  | 1 -
 csharp/ql/lib/semmle/code/csharp/frameworks/system/net/Mail.qll  | 1 -
 .../code/csharp/frameworks/system/runtime/CompilerServices.qll   | 1 -
 .../code/csharp/frameworks/system/security/Cryptography.qll      | 1 -
 .../frameworks/system/security/cryptography/X509Certificates.qll | 1 -
 .../code/csharp/frameworks/system/text/RegularExpressions.qll    | 1 -
 .../lib/semmle/code/csharp/frameworks/system/threading/Tasks.qll | 1 -
 .../semmle/code/csharp/frameworks/system/web/ui/WebControls.qll  | 1 -
 .../src/utils/model-generator/CaptureTypeBasedSummaryModels.ql   | 1 -
 29 files changed, 29 deletions(-)

diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll
index 594cbe20865..a6142ce11ee 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowDispatch.qll
@@ -6,7 +6,6 @@ private import DataFlowPublic
 private import DataFlowPrivate
 private import FlowSummaryImpl as FlowSummaryImpl
 private import semmle.code.csharp.dataflow.FlowSummary as FlowSummary
-private import semmle.code.csharp.dataflow.ExternalFlow
 private import semmle.code.csharp.dispatch.Dispatch
 private import semmle.code.csharp.dispatch.RuntimeCallable
 private import semmle.code.csharp.frameworks.system.Collections
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll
index 4c4b4e7bd1d..946ba0b9e2d 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll
@@ -9,7 +9,6 @@ private import semmle.code.csharp.frameworks.system.data.Entity
 private import semmle.code.csharp.frameworks.system.collections.Generic
 private import semmle.code.csharp.frameworks.Sql
 private import semmle.code.csharp.dataflow.FlowSummary
-private import semmle.code.csharp.dataflow.ExternalFlow
 private import semmle.code.csharp.dataflow.internal.DataFlowPrivate as DataFlowPrivate
 
 /**
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll
index 73a506bc555..bbadee3d5c9 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/JsonNET.qll
@@ -3,7 +3,6 @@
  */
 
 import csharp
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** Definitions relating to the `Json.NET` package. */
 module JsonNET {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/ServiceStack.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/ServiceStack.qll
index ba3248fea95..27021573f38 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/ServiceStack.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/ServiceStack.qll
@@ -6,7 +6,6 @@
  */
 
 import csharp
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** A class representing a Service */
 private class ServiceClass extends Class {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll
index 258b7b3f794..3d643934b5f 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll
@@ -7,7 +7,6 @@ private import semmle.code.csharp.frameworks.EntityFramework
 private import semmle.code.csharp.frameworks.NHibernate
 private import semmle.code.csharp.frameworks.Dapper
 private import semmle.code.csharp.dataflow.DataFlow4
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** An expression containing a SQL command. */
 abstract class SqlExpr extends Expr {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/System.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/System.qll
index bf291f90879..479b78b0567 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/System.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/System.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import system.Reflection
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System` namespace. */
 class SystemNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/CodeDom.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/CodeDom.qll
index b7edb8e18dc..400e9954866 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/CodeDom.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/CodeDom.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.CodeDome` namespace. */
 class SystemCodeDomNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Collections.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Collections.qll
index 227fe34e3ca..1a35b7a807d 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Collections.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Collections.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.ExternalFlow
 private import semmle.code.csharp.dataflow.FlowSummary
 
 /** The `System.Collections` namespace. */
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Data.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Data.qll
index a95ae099295..f0e9fe29e96 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Data.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Data.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Data` namespace. */
 class SystemDataNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll
index 0b85d2ac24a..81a620c9e7c 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll
@@ -2,7 +2,6 @@
 
 import semmle.code.csharp.Type
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Diagnostics` namespace. */
 class SystemDiagnosticsNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/IO.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/IO.qll
index 5ceb73d4b64..9756bf9c982 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/IO.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/IO.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.IO` namespace. */
 class SystemIONamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Linq.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Linq.qll
index 31b23334eaf..49076215471 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Linq.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Linq.qll
@@ -4,7 +4,6 @@
 
 private import csharp as CSharp
 private import semmle.code.csharp.frameworks.System as System
-private import semmle.code.csharp.dataflow.ExternalFlow as ExternalFlow
 
 /** Definitions relating to the `System.Linq` namespace. */
 module SystemLinq {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Net.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Net.qll
index 1fbc46dbc9c..7c0aee741db 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Net.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Net.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Net` namespace. */
 class SystemNetNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Security.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Security.qll
index f8501eb82e9..02325e19383 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Security.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Security.qll
@@ -1,7 +1,6 @@
 /** Provides classes related to the namespace `System.Security`. */
 
 import csharp
-private import semmle.code.csharp.dataflow.ExternalFlow
 private import semmle.code.csharp.frameworks.System
 
 /** The `System.Security` namespace. */
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Text.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Text.qll
index c81b28e29fe..fb4c37489af 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Text.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Text.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.System
-private import semmle.code.csharp.dataflow.ExternalFlow
 private import semmle.code.csharp.dataflow.FlowSummary
 
 /** The `System.Text` namespace. */
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Web.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Web.qll
index 6680e22b796..8552c028c89 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Web.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Web.qll
@@ -3,7 +3,6 @@
 import csharp
 private import semmle.code.csharp.frameworks.System
 private import semmle.code.csharp.frameworks.system.collections.Specialized
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Web` namespace. */
 class SystemWebNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Xml.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Xml.qll
index d6fd132ee6b..df6827660a0 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Xml.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Xml.qll
@@ -3,7 +3,6 @@
 import csharp
 private import semmle.code.csharp.frameworks.System
 private import semmle.code.csharp.dataflow.DataFlow3
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Xml` namespace. */
 class SystemXmlNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll
index a7ab58da4f1..260fe6d0318 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.system.Collections
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Collections.Generic` namespace. */
 class SystemCollectionsGenericNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Specialized.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Specialized.qll
index 4ffb7b5aa0c..2ddac761c4b 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Specialized.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Specialized.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.system.Collections
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Collections.Specialized` namespace. */
 class SystemCollectionsSpecializedNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/data/Common.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/data/Common.qll
index 06a98d59f49..22c80fd4de6 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/data/Common.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/data/Common.qll
@@ -4,7 +4,6 @@
 
 private import csharp as CSharp
 private import semmle.code.csharp.frameworks.system.Data as Data
-private import semmle.code.csharp.dataflow.ExternalFlow as ExternalFlow
 
 /** Definitions relating to the `System.Data.Common` namespace. */
 module SystemDataCommon {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/io/Compression.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/io/Compression.qll
index d5c58f13128..b1b777b0f69 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/io/Compression.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/io/Compression.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.system.IO
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.IO.Compression` namespace. */
 class SystemIOCompressionNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/net/Mail.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/net/Mail.qll
index 104ea2424dd..631a09058a3 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/net/Mail.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/net/Mail.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.system.Net
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Net.Mail` namespace. */
 class SystemNetMailNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll
index e4426a81d14..9ae5ec90b24 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll
@@ -3,7 +3,6 @@
 import csharp
 private import semmle.code.csharp.frameworks.system.Runtime
 private import semmle.code.csharp.dataflow.internal.DataFlowPrivate
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Runtime.CompilerServices` namespace. */
 class SystemRuntimeCompilerServicesNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/Cryptography.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/Cryptography.qll
index f922fb00669..40c07eef121 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/Cryptography.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/Cryptography.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.system.Security
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Security.Cryptography` namespace. */
 class SystemSecurityCryptographyNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/cryptography/X509Certificates.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/cryptography/X509Certificates.qll
index 0bd6461a6cd..54cc8d11864 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/cryptography/X509Certificates.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/cryptography/X509Certificates.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.system.security.Cryptography
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Security.Cryptography.X509Certificates` namespace. */
 class SystemSecurityCryptographyX509CertificatesNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/text/RegularExpressions.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/text/RegularExpressions.qll
index 6319ef6e894..531fa6ef721 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/text/RegularExpressions.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/text/RegularExpressions.qll
@@ -4,7 +4,6 @@
 
 import default
 import semmle.code.csharp.frameworks.system.Text
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Text.RegularExpressions` namespace. */
 class SystemTextRegularExpressionsNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/threading/Tasks.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/threading/Tasks.qll
index 7c0f1d2a885..acfc4edddd7 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/threading/Tasks.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/threading/Tasks.qll
@@ -3,7 +3,6 @@
 import csharp
 private import semmle.code.csharp.frameworks.system.Threading
 private import semmle.code.csharp.dataflow.internal.DataFlowPrivate
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Threading.Tasks` namespace. */
 class SystemThreadingTasksNamespace extends Namespace {
diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/ui/WebControls.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/ui/WebControls.qll
index 09d5e08d371..a059d5b3c7c 100644
--- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/ui/WebControls.qll
+++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/web/ui/WebControls.qll
@@ -2,7 +2,6 @@
 
 import csharp
 private import semmle.code.csharp.frameworks.system.web.UI
-private import semmle.code.csharp.dataflow.ExternalFlow
 
 /** The `System.Web.UI.WebControls` namespace. */
 class SystemWebUIWebControlsNamespace extends Namespace {
diff --git a/csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql b/csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql
index 7cd23988321..f15a786f53f 100644
--- a/csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql
+++ b/csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql
@@ -6,7 +6,6 @@
  * @tags model-generator
  */
 
-import semmle.code.csharp.dataflow.ExternalFlow
 import utils.modelgenerator.internal.CaptureTypeBasedSummaryModels
 
 from TypeBasedFlowTargetApi api, string flow

From 33216f3867c74f0d7f444dfd7b30b60ed2ffb658 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 23 Nov 2022 15:22:19 +0100
Subject: [PATCH 112/144] cleanup imports

---
 ruby/ql/lib/codeql/ruby/frameworks/stdlib/Open3.qll | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/ruby/ql/lib/codeql/ruby/frameworks/stdlib/Open3.qll b/ruby/ql/lib/codeql/ruby/frameworks/stdlib/Open3.qll
index fb081d5113e..e65f3005503 100644
--- a/ruby/ql/lib/codeql/ruby/frameworks/stdlib/Open3.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/stdlib/Open3.qll
@@ -3,12 +3,8 @@
  */
 
 private import ruby
-private import codeql.ruby.AST
-private import codeql.ruby.DataFlow
 private import codeql.ruby.ApiGraphs
-private import codeql.ruby.frameworks.Stdlib
 private import codeql.ruby.Concepts
-private import codeql.ruby.frameworks.core.Kernel
 
 /**
  * Provides modeling for the `Open3` library.
@@ -58,7 +54,7 @@ module Open3 {
 
     override predicate isShellInterpreted(DataFlow::Node arg) {
       // A command in the pipeline is executed in a subshell if it is given as a single string argument.
-      arg.asExpr().getExpr() instanceof StringlikeLiteral and
+      arg.asExpr().getExpr() instanceof Ast::StringlikeLiteral and
       arg = this.getAnArgument()
     }
   }

From ef837f72e47b0a13a643c19a76a9498c369df843 Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Wed, 23 Nov 2022 14:57:08 +0000
Subject: [PATCH 113/144] Swift: Test .expected changes resulting from merge.

---
 .../Security/CWE-094/UnsafeJsEval.expected            | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
index 4e04cad1468..6f146b41df8 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
@@ -1,9 +1,11 @@
 edges
 | UnsafeJsEval.swift:124:21:124:42 | string :  | UnsafeJsEval.swift:124:70:124:70 | string :  |
+| UnsafeJsEval.swift:144:5:144:29 | [summary param] 0 in init(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(_:) :  |
 | UnsafeJsEval.swift:165:10:165:37 | try ... :  | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  |
 | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | UnsafeJsEval.swift:165:10:165:37 | try ... :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:205:7:205:7 | remoteString :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  |
+| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:211:24:211:37 | .utf8 :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  |
 | UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
 | UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
@@ -24,6 +26,10 @@ edges
 | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:279:13:279:13 | string :  |
 | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:285:13:285:13 | string :  |
 | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | UnsafeJsEval.swift:299:13:299:13 | string :  |
+| UnsafeJsEval.swift:211:19:211:41 | call to init(_:) :  | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  |
+| UnsafeJsEval.swift:211:24:211:37 | .utf8 :  | UnsafeJsEval.swift:144:5:144:29 | [summary param] 0 in init(_:) :  |
+| UnsafeJsEval.swift:211:24:211:37 | .utf8 :  | UnsafeJsEval.swift:211:19:211:41 | call to init(_:) :  |
+| UnsafeJsEval.swift:211:24:211:37 | .utf8 :  | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  |
 | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
 | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
 | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:276:13:276:13 | string :  |
@@ -53,6 +59,7 @@ edges
 nodes
 | UnsafeJsEval.swift:124:21:124:42 | string :  | semmle.label | string :  |
 | UnsafeJsEval.swift:124:70:124:70 | string :  | semmle.label | string :  |
+| UnsafeJsEval.swift:144:5:144:29 | [summary param] 0 in init(_:) :  | semmle.label | [summary param] 0 in init(_:) :  |
 | UnsafeJsEval.swift:165:10:165:37 | try ... :  | semmle.label | try ... :  |
 | UnsafeJsEval.swift:165:14:165:37 | call to init(contentsOf:) :  | semmle.label | call to init(contentsOf:) :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | semmle.label | call to getRemoteData() :  |
@@ -60,6 +67,8 @@ nodes
 | UnsafeJsEval.swift:204:12:204:66 | call to init(contentsOf:) :  | semmle.label | call to init(contentsOf:) :  |
 | UnsafeJsEval.swift:205:7:205:7 | remoteString :  | semmle.label | remoteString :  |
 | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  | semmle.label | ... .+(_:_:) ... :  |
+| UnsafeJsEval.swift:211:19:211:41 | call to init(_:) :  | semmle.label | call to init(_:) :  |
+| UnsafeJsEval.swift:211:24:211:37 | .utf8 :  | semmle.label | .utf8 :  |
 | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | semmle.label | call to init(decoding:as:) :  |
 | UnsafeJsEval.swift:265:13:265:13 | string :  | semmle.label | string :  |
 | UnsafeJsEval.swift:266:22:266:107 | call to init(source:injectionTime:forMainFrameOnly:) | semmle.label | call to init(source:injectionTime:forMainFrameOnly:) |
@@ -81,7 +90,9 @@ nodes
 | UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) :  | semmle.label | call to JSStringRetain(_:) :  |
 | UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) :  | semmle.label | call to JSStringCreateWithUTF8CString(_:) :  |
 | UnsafeJsEval.swift:305:17:305:17 | jsstr | semmle.label | jsstr |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(_:) :  | semmle.label | [summary] to write: return (return) in init(_:) :  |
 subpaths
+| UnsafeJsEval.swift:211:24:211:37 | .utf8 :  | UnsafeJsEval.swift:144:5:144:29 | [summary param] 0 in init(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(_:) :  | UnsafeJsEval.swift:211:19:211:41 | call to init(_:) :  |
 | UnsafeJsEval.swift:287:31:287:97 | call to JSStringCreateWithCharacters(_:_:) :  | UnsafeJsEval.swift:124:21:124:42 | string :  | UnsafeJsEval.swift:124:70:124:70 | string :  | UnsafeJsEval.swift:287:16:287:98 | call to JSStringRetain(_:) :  |
 | UnsafeJsEval.swift:301:31:301:84 | call to JSStringCreateWithUTF8CString(_:) :  | UnsafeJsEval.swift:124:21:124:42 | string :  | UnsafeJsEval.swift:124:70:124:70 | string :  | UnsafeJsEval.swift:301:16:301:85 | call to JSStringRetain(_:) :  |
 #select

From 3c3442d8f0327673024fd3c5c4449d23637f0310 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 15:09:58 +0000
Subject: [PATCH 114/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/reusables/kotlin-java-differences.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index 3ab5b73e044..2523a7e8bda 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -1,7 +1,7 @@
 Writing CodeQL queries for Kotlin versus Java analysis
 ------------------------------------------------------
 
-Generally you use the same classes to write queries for Kotlin and for Java. You use the same libraries such as DataFlow, TaintTracking, or SSA, and the same classes such as `MethodAccess` or `Class` for both languages. When you want to access Kotlin-specific elements (such as a ``WhenExpr``) you’ll need to use Kotlin-specific CodeQL classes.
+Generally you use the same classes to write queries for Kotlin and for Java. You use the same libraries such as DataFlow, TaintTracking, or SSA, and the same classes such as ``MethodAccess`` or ``Class`` for both languages. When you want to access Kotlin-specific elements (such as a ``WhenExpr``) you’ll need to use Kotlin-specific CodeQL classes.
 
 There are however some important cases where writing queries for Kotlin can produce surprising results compared to writing queries for Java, as CodeQL works with the JVM bytecode representation of the Kotlin source code. 
 

From 72999c7af123a3df7c2aacba01b2ab566626e302 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 15:10:14 +0000
Subject: [PATCH 115/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/reusables/kotlin-java-differences.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index 2523a7e8bda..16fdc129d75 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -11,7 +11,7 @@ Be careful when you model code elements that don’t exist in Java, such as ``No
    
    someVar!!.someMethodCall()
 
-In that specific case, you can use the predicate `Expr.getUnderlyingExpr()`. This goes directly to the underlying `VarAccess`` to produce a more similar behavior to that in Java.
+In that specific case, you can use the predicate ``Expr.getUnderlyingExpr()``. This goes directly to the underlying ``VarAccess`` to produce a more similar behavior to that in Java.
 
 Nullable elements (`?`) can also produce unexpected behavior. To avoid a `NullPointerException`, Kotlin may inline calls like `expr.toString()` to `String.valueOf(expr)` when `expr` is nullable. Make sure that you write CodeQL around the extracted code, and do not directly modify the source code in the codebase.
 

From f9215ec5ca4765d64df13ff56892825f0aff4db3 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 15:10:24 +0000
Subject: [PATCH 116/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 docs/codeql/reusables/kotlin-java-differences.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index 16fdc129d75..b2b74d2d41a 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -13,8 +13,8 @@ Be careful when you model code elements that don’t exist in Java, such as ``No
 
 In that specific case, you can use the predicate ``Expr.getUnderlyingExpr()``. This goes directly to the underlying ``VarAccess`` to produce a more similar behavior to that in Java.
 
-Nullable elements (`?`) can also produce unexpected behavior. To avoid a `NullPointerException`, Kotlin may inline calls like `expr.toString()` to `String.valueOf(expr)` when `expr` is nullable. Make sure that you write CodeQL around the extracted code, and do not directly modify the source code in the codebase.
+Nullable elements (``?``) can also produce unexpected behavior. To avoid a ``NullPointerException``, Kotlin may inline calls like ``expr.toString()`` to ``String.valueOf(expr)`` when ``expr`` is nullable. Make sure that you write CodeQL around the extracted code, and do not directly modify the source code in the codebase.
 
-Another example is that if-else expressions are translated into `WhenExprs` in CodeQL, instead of the more typical `IfStmt` in Java.
+Another example is that if-else expressions in Kotlin are translated into ``WhenExprs`` in CodeQL, instead of the more typical ``IfStmt`` seen in Java.
 
 In general, you can debug these issues with the AST (you can use the ``CodeQL: View AST`` command from Visual Studio Code’s CodeQL extension, or run the ``PrintAst.ql`` query) and see exactly what CodeQL is extracting from your code.
\ No newline at end of file

From ee0811df268254af508a1d152090f0dcfc3fd2ae Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 15:13:40 +0000
Subject: [PATCH 117/144] Update
 docs/codeql/codeql-language-guides/codeql-for-java.rst

---
 docs/codeql/codeql-language-guides/codeql-for-java.rst | 1 -
 1 file changed, 1 deletion(-)

diff --git a/docs/codeql/codeql-language-guides/codeql-for-java.rst b/docs/codeql/codeql-language-guides/codeql-for-java.rst
index 536dfbc294e..a27328b052c 100644
--- a/docs/codeql/codeql-language-guides/codeql-for-java.rst
+++ b/docs/codeql/codeql-language-guides/codeql-for-java.rst
@@ -7,7 +7,6 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat
 
 .. include:: ../reusables/kotlin-beta-note.rst
 
-.. include:: ../reusables/kotlin-java-differences.rst
 
 .. pull-quote:: Enabling Kotlin support
 

From 9ee36215bd95510d8c50064746788f164ed916e5 Mon Sep 17 00:00:00 2001
From: Ian Lynagh <igfoo@github.com>
Date: Wed, 23 Nov 2022 15:14:46 +0000
Subject: [PATCH 118/144] Java: Fix basic query in docs

---
 .../basic-query-for-java-code.rst                      | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst
index bc721ce9371..0545efa738c 100644
--- a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst
+++ b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst
@@ -37,7 +37,7 @@ Running the query
 
       import java
 
-      from IfStmt ifstmt, Block block
+      from IfStmt ifstmt, BlockStmt block
       where ifstmt.getThen() = block and
         block.getNumStmt() = 0
       select ifstmt, "This 'if' statement is redundant." 
@@ -59,7 +59,7 @@ Running the query
 
    The query will take a few moments to return results. When the query completes, the results are displayed below the project name. The query results are listed in two columns, corresponding to the two expressions in the ``select`` clause of the query. The first column corresponds to the expression ``ifstmt`` and is linked to the location in the source code of the project where ``ifstmt`` occurs. The second column is the alert message.
 
-   ➤ `Example query results <https://lgtm.com/query/3235645104630320782/>`__
+   ➤ `Example query results <https://lgtm.com/query/8628882704378129297/>`__
 
    .. pull-quote::
 
@@ -81,10 +81,10 @@ After the initial ``import`` statement, this simple query comprises three parts
 +===============================================================+===================================================================================================================+========================================================================================================================+
 | ``import java``                                               | Imports the standard CodeQL libraries for Java.                                                                   | Every query begins with one or more ``import`` statements.                                                             |
 +---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
-| ``from IfStmt ifstmt, Block block``                           | Defines the variables for the query.                                                                              | We use:                                                                                                                |
+| ``from IfStmt ifstmt, BlockStmt block``                       | Defines the variables for the query.                                                                              | We use:                                                                                                                |
 |                                                               | Declarations are of the form:                                                                                     |                                                                                                                        |
 |                                                               | ``<type> <variable name>``                                                                                        | - an ``IfStmt`` variable for ``if`` statements                                                                         |
-|                                                               |                                                                                                                   | - a ``Block`` variable for the then block                                                                              |
+|                                                               |                                                                                                                   | - a ``BlockStmt`` variable for the ``then`` block                                                                      |
 +---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
 | ``where ifstmt.getThen() = block and block.getNumStmt() = 0`` | Defines a condition on the variables.                                                                             | ``ifstmt.getThen() = block`` relates the two variables. The block must be the ``then`` branch of the ``if`` statement. |
 |                                                               |                                                                                                                   |                                                                                                                        |
@@ -138,7 +138,7 @@ To exclude ``if`` statements that have an ``else`` branch:
 
    There are now fewer results because ``if`` statements with an ``else`` branch are no longer included.
 
-➤ `See this in the query console <https://lgtm.com/query/6382189874776576029/>`__
+➤ `See this in the query console <https://lgtm.com/query/2005778170075484819/>`__
 
 Further reading
 ---------------

From 950c4c811c4fac720d4716d4610a9506bd540f0d Mon Sep 17 00:00:00 2001
From: Ian Lynagh <igfoo@github.com>
Date: Wed, 23 Nov 2022 15:15:28 +0000
Subject: [PATCH 119/144] Java/Kotlin: Make the basic query in docs work for
 both languages

---
 .../basic-query-for-java-code.rst             | 110 ++++++++++--------
 1 file changed, 62 insertions(+), 48 deletions(-)

diff --git a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst
index 0545efa738c..23d655b791b 100644
--- a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst
+++ b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst
@@ -1,18 +1,33 @@
 .. _basic-query-for-java-code:
 
-Basic query for Java code
-=========================
+Basic query for Java and Kotlin code
+====================================
 
 Learn to write and run a simple CodeQL query using LGTM.
 
 About the query
 ---------------
 
-The query we're going to run performs a basic search of the code for ``if`` statements that are redundant, in the sense that they have an empty then branch. For example, code such as:
+The query we're going to run searches for inefficient tests for empty strings. For example, Java code such as:
 
 .. code-block:: java
 
-   if (error) { }
+    public class TestJava {
+        void myJavaFun(String s) {
+            boolean b = s.equals("");
+        }
+    }
+
+or Kotlin code such as:
+
+.. code-block:: kotlin
+
+    void myKotlinFun(s: String) {
+        var b = s.equals("")
+    }
+
+In either case, replacing ``s.equals("")`` with ``s.isEmpty()``
+would be more efficient.
 
 Running the query
 -----------------
@@ -37,10 +52,13 @@ Running the query
 
       import java
 
-      from IfStmt ifstmt, BlockStmt block
-      where ifstmt.getThen() = block and
-        block.getNumStmt() = 0
-      select ifstmt, "This 'if' statement is redundant." 
+      from MethodAccess ma
+      where
+        ma.getMethod().hasName("equals") and
+        ma.getArgument(0).(StringLiteral).getValue() = ""
+      select ma, "This comparison to empty string is inefficient, use isEmpty() instead."
+
+   Note that CodeQL treats Java and Kotlin as part of the same language, so even though this query starts with ``import java``, it will work for both Java and Kotlin code.
 
    LGTM checks whether your query compiles and, if all is well, the **Run** button changes to green to indicate that you can go ahead and run the query.
 
@@ -57,9 +75,9 @@ Running the query
 
       Your query is always run against the most recently analyzed commit to the selected project.
 
-   The query will take a few moments to return results. When the query completes, the results are displayed below the project name. The query results are listed in two columns, corresponding to the two expressions in the ``select`` clause of the query. The first column corresponds to the expression ``ifstmt`` and is linked to the location in the source code of the project where ``ifstmt`` occurs. The second column is the alert message.
+   The query will take a few moments to return results. When the query completes, the results are displayed below the project name. The query results are listed in two columns, corresponding to the two expressions in the ``select`` clause of the query. The first column corresponds to the expression ``ma`` and is linked to the location in the source code of the project where ``ma`` occurs. The second column is the alert message.
 
-   ➤ `Example query results <https://lgtm.com/query/8628882704378129297/>`__
+   ➤ `Example query results <https://lgtm.com/query/6863787472564633674/>`__
 
    .. pull-quote::
 
@@ -67,34 +85,33 @@ Running the query
 
       An ellipsis (…) at the bottom of the table indicates that the entire list is not displayed—click it to show more results.
 
-#. If any matching code is found, click a link in the ``ifstmt`` column to view the ``if`` statement in the code viewer.
+#. If any matching code is found, click a link in the ``ma`` column to view the ``.equals`` expression in the code viewer.
 
-   The matching ``if`` statement is highlighted with a yellow background in the code viewer. If any code in the file also matches a query from the standard query library for that language, you will see a red alert message at the appropriate point within the code.
+   The matching ``.equals`` expression is highlighted with a yellow background in the code viewer. If any code in the file also matches a query from the standard query library for that language, you will see a red alert message at the appropriate point within the code.
 
 About the query structure
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
 After the initial ``import`` statement, this simple query comprises three parts that serve similar purposes to the FROM, WHERE, and SELECT parts of an SQL query.
 
-+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
-| Query part                                                    | Purpose                                                                                                           | Details                                                                                                                |
-+===============================================================+===================================================================================================================+========================================================================================================================+
-| ``import java``                                               | Imports the standard CodeQL libraries for Java.                                                                   | Every query begins with one or more ``import`` statements.                                                             |
-+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
-| ``from IfStmt ifstmt, BlockStmt block``                       | Defines the variables for the query.                                                                              | We use:                                                                                                                |
-|                                                               | Declarations are of the form:                                                                                     |                                                                                                                        |
-|                                                               | ``<type> <variable name>``                                                                                        | - an ``IfStmt`` variable for ``if`` statements                                                                         |
-|                                                               |                                                                                                                   | - a ``BlockStmt`` variable for the ``then`` block                                                                      |
-+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
-| ``where ifstmt.getThen() = block and block.getNumStmt() = 0`` | Defines a condition on the variables.                                                                             | ``ifstmt.getThen() = block`` relates the two variables. The block must be the ``then`` branch of the ``if`` statement. |
-|                                                               |                                                                                                                   |                                                                                                                        |
-|                                                               |                                                                                                                   | ``block.getNumStmt() = 0`` states that the block must be empty (that is, it contains no statements).                   |
-+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
-| ``select ifstmt, "This 'if' statement is redundant."``        | Defines what to report for each match.                                                                            | Reports the resulting ``if`` statement with a string that explains the problem.                                        |
-|                                                               |                                                                                                                   |                                                                                                                        |
-|                                                               | ``select`` statements for queries that are used to find instances of poor coding practice are always in the form: |                                                                                                                        |
-|                                                               | ``select <program element>, "<alert message>"``                                                                   |                                                                                                                        |
-+---------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------+
++--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+
+| Query part                                                                                       | Purpose                                                                                                           | Details                                                                                           |
++==================================================================================================+===================================================================================================================+===================================================================================================+
+| ``import java``                                                                                  | Imports the standard CodeQL libraries for Java.                                                                   | Every query begins with one or more ``import`` statements.                                        |
++--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+
+| ``from MethodAccess ma``                                                                         | Defines the variables for the query.                                                                              | We use:                                                                                           |
+|                                                                                                  | Declarations are of the form:                                                                                     |                                                                                                   |
+|                                                                                                  | ``<type> <variable name>``                                                                                        | - a ``MethodAccess`` variable for call expressions                                                |
++--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+
+| ``where ma.getMethod().hasName("equals") and ma.getArgument(0).(StringLiteral).getValue() = ""`` | Defines a condition on the variables.                                                                             | ``ma.getMethod().hasName("equals")`` restricts ``ma`` to only calls to methods call ``equals``.   |
+|                                                                                                  |                                                                                                                   |                                                                                                   |
+|                                                                                                  |                                                                                                                   | ``ma.getArgument(0).(StringLiteral).getValue() = ""`` says the argument must be literal ``""``.   |
++--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+
+| ``select ma, "This comparison to empty string is inefficient, use isEmpty() instead."``          | Defines what to report for each match.                                                                            | Reports the resulting ``.equals`` expression with a string that explains the problem.             |
+|                                                                                                  |                                                                                                                   |                                                                                                   |
+|                                                                                                  | ``select`` statements for queries that are used to find instances of poor coding practice are always in the form: |                                                                                                   |
+|                                                                                                  | ``select <program element>, "<alert message>"``                                                                   |                                                                                                   |
++--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+
 
 Extend the query
 ----------------
@@ -104,41 +121,38 @@ Query writing is an inherently iterative process. You write a simple query and t
 Remove false positive results
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Browsing the results of our basic query shows that it could be improved. Among the results you are likely to find examples of ``if`` statements with an ``else`` branch, where an empty ``then`` branch does serve a purpose. For example:
+Browsing the results of our basic query shows that it could be improved. For example, you may find results for code like:
 
 .. code-block:: java
 
-   if (...) {
-     ...
-   } else if ("-verbose".equals(option)) {
-     // nothing to do - handled earlier
-   } else {
-     error("unrecognized option");
-   }
+    public class TestJava {
+        void myJavaFun(Object o) {
+            boolean b = o.equals("");
+        }
+    }
 
-In this case, identifying the ``if`` statement with the empty ``then`` branch as redundant is a false positive. One solution to this is to modify the query to ignore empty ``then`` branches if the ``if`` statement has an ``else`` branch.
-
-To exclude ``if`` statements that have an ``else`` branch:
+In this case, it is not possible to simply use ``o.isEmpty()`` instead, as ``o`` has type ``Object`` rather than ``String``. One solution to this is to modify the query to only return results where the expression being tested has type ``String``:
 
 #. Extend the where clause to include the following extra condition:
 
    .. code-block:: ql
 
-      and not exists(ifstmt.getElse())
+    ma.getQualifier().getType() instanceof TypeString
 
    The ``where`` clause is now:
 
    .. code-block:: ql
 
-      where ifstmt.getThen() = block and
-        block.getNumStmt() = 0 and
-        not exists(ifstmt.getElse())
+      where
+        ma.getQualifier().getType() instanceof TypeString and
+        ma.getMethod().hasName("equals") and
+        ma.getArgument(0).(StringLiteral).getValue() = ""
 
 #. Click **Run**.
 
-   There are now fewer results because ``if`` statements with an ``else`` branch are no longer included.
+   There are now fewer results because ``.equals`` expressions with different types are no longer included.
 
-➤ `See this in the query console <https://lgtm.com/query/2005778170075484819/>`__
+➤ `See this in the query console <https://lgtm.com/query/3716567543394265485/>`__
 
 Further reading
 ---------------

From 582cfb93304783fa472e69cd56cf420ec1e50bc3 Mon Sep 17 00:00:00 2001
From: Michael Nebel <michaelnebel@github.com>
Date: Wed, 23 Nov 2022 16:20:36 +0100
Subject: [PATCH 120/144] C#: Remove the frameworks module in ExternalFlow as
 MaD models are no longer inlined in the code.

---
 .../code/csharp/dataflow/ExternalFlow.qll     | 37 -------------------
 1 file changed, 37 deletions(-)

diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll
index 874bd51a9f3..f72fa288919 100644
--- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll
+++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll
@@ -90,43 +90,6 @@ private import internal.FlowSummaryImpl::Public
 private import internal.FlowSummaryImpl::Private::External
 private import internal.FlowSummaryImplSpecific
 
-/**
- * A module importing the frameworks that provide external flow data,
- * ensuring that they are visible to the taint tracking / data flow library.
- */
-private module Frameworks {
-  private import semmle.code.csharp.frameworks.EntityFramework
-  private import semmle.code.csharp.frameworks.JsonNET
-  private import semmle.code.csharp.frameworks.ServiceStack
-  private import semmle.code.csharp.frameworks.Sql
-  private import semmle.code.csharp.frameworks.System
-  private import semmle.code.csharp.frameworks.system.CodeDom
-  private import semmle.code.csharp.frameworks.system.Collections
-  private import semmle.code.csharp.frameworks.system.collections.Generic
-  private import semmle.code.csharp.frameworks.system.collections.Specialized
-  private import semmle.code.csharp.frameworks.system.Data
-  private import semmle.code.csharp.frameworks.system.data.Common
-  private import semmle.code.csharp.frameworks.system.Diagnostics
-  private import semmle.code.csharp.frameworks.system.Linq
-  private import semmle.code.csharp.frameworks.system.Net
-  private import semmle.code.csharp.frameworks.system.net.Mail
-  private import semmle.code.csharp.frameworks.system.IO
-  private import semmle.code.csharp.frameworks.system.io.Compression
-  private import semmle.code.csharp.frameworks.system.runtime.CompilerServices
-  private import semmle.code.csharp.frameworks.system.Security
-  private import semmle.code.csharp.frameworks.system.security.Cryptography
-  private import semmle.code.csharp.frameworks.system.security.cryptography.X509Certificates
-  private import semmle.code.csharp.frameworks.system.Text
-  private import semmle.code.csharp.frameworks.system.text.RegularExpressions
-  private import semmle.code.csharp.frameworks.system.threading.Tasks
-  private import semmle.code.csharp.frameworks.system.Web
-  private import semmle.code.csharp.frameworks.system.web.ui.WebControls
-  private import semmle.code.csharp.frameworks.system.Xml
-  private import semmle.code.csharp.security.dataflow.flowsinks.Html
-  private import semmle.code.csharp.security.dataflow.flowsources.Local
-  private import semmle.code.csharp.security.dataflow.XSSSinks
-}
-
 /**
  * DEPRECATED: Define source models as data extensions instead.
  *

From 277b5b483d7fcea8bbfd0b49300745a265c872a8 Mon Sep 17 00:00:00 2001
From: Ian Lynagh <igfoo@github.com>
Date: Wed, 23 Nov 2022 15:51:40 +0000
Subject: [PATCH 121/144] Java/Kotlin docs: Tweak text

---
 .../codeql/codeql-language-guides/basic-query-for-java-code.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst
index 23d655b791b..90954ad0e2c 100644
--- a/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst
+++ b/docs/codeql/codeql-language-guides/basic-query-for-java-code.rst
@@ -97,7 +97,7 @@ After the initial ``import`` statement, this simple query comprises three parts
 +--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+
 | Query part                                                                                       | Purpose                                                                                                           | Details                                                                                           |
 +==================================================================================================+===================================================================================================================+===================================================================================================+
-| ``import java``                                                                                  | Imports the standard CodeQL libraries for Java.                                                                   | Every query begins with one or more ``import`` statements.                                        |
+| ``import java``                                                                                  | Imports the standard CodeQL libraries for Java and Kotlin.                                                        | Every query begins with one or more ``import`` statements.                                        |
 +--------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+---------------------------------------------------------------------------------------------------+
 | ``from MethodAccess ma``                                                                         | Defines the variables for the query.                                                                              | We use:                                                                                           |
 |                                                                                                  | Declarations are of the form:                                                                                     |                                                                                                   |

From 2684b3f396ffd83859a69df955f7a02cb9656f7b Mon Sep 17 00:00:00 2001
From: Michael Nebel <michaelnebel@github.com>
Date: Wed, 23 Nov 2022 16:59:40 +0100
Subject: [PATCH 122/144] C#: Make bi-directional import of Servicestack remote
 flow source definitions.

---
 .../code/csharp/security/dataflow/flowsources/Remote.qll   | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
index 293d15b7461..a71edbc0681 100644
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll
@@ -19,6 +19,13 @@ abstract class RemoteFlowSource extends DataFlow::Node {
   abstract string getSourceType();
 }
 
+/**
+ * A module for importing frameworks that defines remote flow sources.
+ */
+private module RemoteFlowSources {
+  private import semmle.code.csharp.frameworks.ServiceStack
+}
+
 /** A data flow source of remote user input (ASP.NET). */
 abstract class AspNetRemoteFlowSource extends RemoteFlowSource { }
 

From 357c823b92b9f2dc7d2f16db1f523c1f269bdd53 Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Wed, 23 Nov 2022 16:59:52 +0000
Subject: [PATCH 123/144] Changes after feedback

---
 docs/codeql/codeql-language-guides/codeql-for-java.rst | 2 +-
 docs/codeql/reusables/kotlin-java-differences.rst      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/codeql/codeql-language-guides/codeql-for-java.rst b/docs/codeql/codeql-language-guides/codeql-for-java.rst
index a27328b052c..392ef19c8b2 100644
--- a/docs/codeql/codeql-language-guides/codeql-for-java.rst
+++ b/docs/codeql/codeql-language-guides/codeql-for-java.rst
@@ -10,7 +10,7 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat
 
 .. pull-quote:: Enabling Kotlin support
 
-   To enable Kotlin support, you should enable ``java`` as a language.
+   CodeQL treats Java and Kotlin as parts of the same language, so to enable Kotlin support you should enable ``java`` as a language.
 
 .. toctree::
    :hidden:
diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index b2b74d2d41a..07cb95203c2 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -13,7 +13,7 @@ Be careful when you model code elements that don’t exist in Java, such as ``No
 
 In that specific case, you can use the predicate ``Expr.getUnderlyingExpr()``. This goes directly to the underlying ``VarAccess`` to produce a more similar behavior to that in Java.
 
-Nullable elements (``?``) can also produce unexpected behavior. To avoid a ``NullPointerException``, Kotlin may inline calls like ``expr.toString()`` to ``String.valueOf(expr)`` when ``expr`` is nullable. Make sure that you write CodeQL around the extracted code, and do not directly modify the source code in the codebase.
+Nullable elements (`?`) can also produce unexpected behavior. To avoid a `NullPointerException`, Kotlin may inline calls like `expr.toString()` to `String.valueOf(expr)` when `expr` is nullable. Make sure that you write CodeQL around the extracted code, which may not exactly match the code as written in the codebase.
 
 Another example is that if-else expressions in Kotlin are translated into ``WhenExprs`` in CodeQL, instead of the more typical ``IfStmt`` seen in Java.
 

From 5b8b9044a527bd9f11eece8713aae15743a2d6b4 Mon Sep 17 00:00:00 2001
From: Ian Lynagh <igfoo@github.com>
Date: Wed, 23 Nov 2022 18:47:53 +0000
Subject: [PATCH 124/144] Kotlin: Remove an unused argument

---
 java/kotlin-extractor/src/main/kotlin/LinesOfCode.kt         | 2 +-
 .../src/main/kotlin/comments/CommentExtractor.kt             | 2 +-
 .../src/main/kotlin/utils/versions/v_1_4_32/Psi2Ir.kt        | 4 +---
 .../src/main/kotlin/utils/versions/v_1_5_20/Psi2Ir.kt        | 5 ++---
 4 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/java/kotlin-extractor/src/main/kotlin/LinesOfCode.kt b/java/kotlin-extractor/src/main/kotlin/LinesOfCode.kt
index 45e23498e9d..27b62c86109 100644
--- a/java/kotlin-extractor/src/main/kotlin/LinesOfCode.kt
+++ b/java/kotlin-extractor/src/main/kotlin/LinesOfCode.kt
@@ -16,7 +16,7 @@ class LinesOfCode(
     val tw: FileTrapWriter,
     val file: IrFile
 ) {
-    val psi2Ir = getPsi2Ir(logger).also {
+    val psi2Ir = getPsi2Ir().also {
         if (it == null) {
             logger.warn("Lines of code will not be populated as Kotlin version is too old (${KotlinCompilerVersion.getVersion()})")
         }
diff --git a/java/kotlin-extractor/src/main/kotlin/comments/CommentExtractor.kt b/java/kotlin-extractor/src/main/kotlin/comments/CommentExtractor.kt
index 310eb3e18b0..ad4aaf60936 100644
--- a/java/kotlin-extractor/src/main/kotlin/comments/CommentExtractor.kt
+++ b/java/kotlin-extractor/src/main/kotlin/comments/CommentExtractor.kt
@@ -25,7 +25,7 @@ class CommentExtractor(private val fileExtractor: KotlinFileExtractor, private v
     private val logger = fileExtractor.logger
 
     fun extract() {
-        val psi2Ir = getPsi2Ir(logger)
+        val psi2Ir = getPsi2Ir()
         if (psi2Ir == null) {
             logger.warn("Comments will not be extracted as Kotlin version is too old (${KotlinCompilerVersion.getVersion()})")
             return
diff --git a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/Psi2Ir.kt b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/Psi2Ir.kt
index 2990acfc98f..80120107478 100644
--- a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/Psi2Ir.kt
+++ b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/Psi2Ir.kt
@@ -1,5 +1,3 @@
 package com.github.codeql.utils.versions
 
-import com.github.codeql.FileLogger
-
-fun getPsi2Ir(@Suppress("UNUSED_PARAMETER") logger: FileLogger): Psi2IrFacade? = null
+fun getPsi2Ir(): Psi2IrFacade? = null
diff --git a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_5_20/Psi2Ir.kt b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_5_20/Psi2Ir.kt
index 024710bc4b8..73987106c55 100644
--- a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_5_20/Psi2Ir.kt
+++ b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_5_20/Psi2Ir.kt
@@ -1,6 +1,5 @@
 package com.github.codeql.utils.versions
 
-import com.github.codeql.FileLogger
 import com.intellij.psi.PsiElement
 import org.jetbrains.kotlin.backend.common.psi.PsiSourceManager
 import org.jetbrains.kotlin.backend.jvm.ir.getKtFile
@@ -8,9 +7,9 @@ import org.jetbrains.kotlin.ir.IrElement
 import org.jetbrains.kotlin.ir.declarations.IrFile
 import org.jetbrains.kotlin.psi.KtFile
 
-fun getPsi2Ir(logger: FileLogger): Psi2IrFacade? = Psi2Ir(logger)
+fun getPsi2Ir(): Psi2IrFacade? = Psi2Ir()
 
-private class Psi2Ir(private val logger: FileLogger): Psi2IrFacade {
+private class Psi2Ir(): Psi2IrFacade {
     override fun getKtFile(irFile: IrFile): KtFile? {
         return irFile.getKtFile()
     }

From 95f35196e4d7c6f1e080edb40fa7f05cb58aebc9 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Wed, 23 Nov 2022 20:45:51 +0100
Subject: [PATCH 125/144] add missing additional keywords

---
 .../semmle/code/java/regex/RegexTreeView.qll   | 16 ++++++++--------
 python/ql/lib/semmle/python/RegexTreeView.qll  | 12 ++++++------
 .../lib/codeql/ruby/regexp/RegExpTreeView.qll  | 18 +++++++++---------
 3 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/java/ql/lib/semmle/code/java/regex/RegexTreeView.qll b/java/ql/lib/semmle/code/java/regex/RegexTreeView.qll
index 2eecff1e627..1b01be0377b 100644
--- a/java/ql/lib/semmle/code/java/regex/RegexTreeView.qll
+++ b/java/ql/lib/semmle/code/java/regex/RegexTreeView.qll
@@ -615,7 +615,7 @@ module Impl implements RegexTreeViewSig {
    * \p{Digit}
    * \p{IsLowerCase}
    */
-  class RegExpNamedProperty extends RegExpCharacterClassEscape {
+  additional class RegExpNamedProperty extends RegExpCharacterClassEscape {
     boolean inverted;
     string name;
 
@@ -745,7 +745,7 @@ module Impl implements RegexTreeViewSig {
    * \t
    * ```
    */
-  class RegExpNormalChar extends RegExpTerm, TRegExpNormalChar {
+  additional class RegExpNormalChar extends RegExpTerm, TRegExpNormalChar {
     RegExpNormalChar() { this = TRegExpNormalChar(re, start, end) }
 
     /**
@@ -770,7 +770,7 @@ module Impl implements RegexTreeViewSig {
    * \Qabc\E
    * ```
    */
-  class RegExpQuote extends RegExpTerm, TRegExpQuote {
+  additional class RegExpQuote extends RegExpTerm, TRegExpQuote {
     string value;
 
     RegExpQuote() {
@@ -880,7 +880,7 @@ module Impl implements RegexTreeViewSig {
    * .
    * ```
    */
-  class RegExpSpecialChar extends RegExpTerm, TRegExpSpecialChar {
+  additional class RegExpSpecialChar extends RegExpTerm, TRegExpSpecialChar {
     string char;
 
     RegExpSpecialChar() {
@@ -956,7 +956,7 @@ module Impl implements RegexTreeViewSig {
    * (?=\w)
    * ```
    */
-  class RegExpZeroWidthMatch extends RegExpGroup {
+  additional class RegExpZeroWidthMatch extends RegExpGroup {
     RegExpZeroWidthMatch() { re.zeroWidthMatch(start, end) }
 
     override RegExpTerm getChild(int i) { none() }
@@ -1023,7 +1023,7 @@ module Impl implements RegexTreeViewSig {
    * (?!\n)
    * ```
    */
-  class RegExpNegativeLookahead extends RegExpLookahead {
+  additional class RegExpNegativeLookahead extends RegExpLookahead {
     RegExpNegativeLookahead() { re.negativeLookaheadAssertionGroup(start, end) }
 
     override string getPrimaryQLClass() { result = "RegExpNegativeLookahead" }
@@ -1065,7 +1065,7 @@ module Impl implements RegexTreeViewSig {
    * (?<!\\)
    * ```
    */
-  class RegExpNegativeLookbehind extends RegExpLookbehind {
+  additional class RegExpNegativeLookbehind extends RegExpLookbehind {
     RegExpNegativeLookbehind() { re.negativeLookbehindAssertionGroup(start, end) }
 
     override string getPrimaryQLClass() { result = "RegExpNegativeLookbehind" }
@@ -1159,7 +1159,7 @@ module Impl implements RegexTreeViewSig {
   /**
    * Gets the flags for `root`, or the empty string if `root` has no flags.
    */
-  deprecated string getFlags(RegExpTerm root) {
+  additional deprecated string getFlags(RegExpTerm root) {
     root.isRootTerm() and
     result = root.getLiteral().getFlags()
   }
diff --git a/python/ql/lib/semmle/python/RegexTreeView.qll b/python/ql/lib/semmle/python/RegexTreeView.qll
index 9ef211d53b0..8a5d95cc7cf 100644
--- a/python/ql/lib/semmle/python/RegexTreeView.qll
+++ b/python/ql/lib/semmle/python/RegexTreeView.qll
@@ -454,7 +454,7 @@ module Impl implements RegexTreeViewSig {
     override string getPrimaryQLClass() { result = "RegExpAlt" }
   }
 
-  class RegExpCharEscape = RegExpEscape;
+  additional class RegExpCharEscape = RegExpEscape;
 
   /**
    * An escaped regular expression term, that is, a regular expression
@@ -684,7 +684,7 @@ module Impl implements RegexTreeViewSig {
    * \t
    * ```
    */
-  class RegExpNormalChar extends RegExpTerm, TRegExpNormalChar {
+  additional class RegExpNormalChar extends RegExpTerm, TRegExpNormalChar {
     RegExpNormalChar() { this = TRegExpNormalChar(re, start, end) }
 
     /**
@@ -792,7 +792,7 @@ module Impl implements RegexTreeViewSig {
    * .
    * ```
    */
-  class RegExpSpecialChar extends RegExpTerm, TRegExpSpecialChar {
+  additional class RegExpSpecialChar extends RegExpTerm, TRegExpSpecialChar {
     string char;
 
     RegExpSpecialChar() {
@@ -868,7 +868,7 @@ module Impl implements RegexTreeViewSig {
    * (?=\w)
    * ```
    */
-  class RegExpZeroWidthMatch extends RegExpGroup {
+  additional class RegExpZeroWidthMatch extends RegExpGroup {
     RegExpZeroWidthMatch() { re.zeroWidthMatch(start, end) }
 
     override RegExpTerm getChild(int i) { none() }
@@ -937,7 +937,7 @@ module Impl implements RegexTreeViewSig {
    * (?!\n)
    * ```
    */
-  class RegExpNegativeLookahead extends RegExpLookahead {
+  additional class RegExpNegativeLookahead extends RegExpLookahead {
     RegExpNegativeLookahead() { re.negativeLookaheadAssertionGroup(start, end) }
 
     override string getPrimaryQLClass() { result = "RegExpNegativeLookahead" }
@@ -979,7 +979,7 @@ module Impl implements RegexTreeViewSig {
    * (?<!\\)
    * ```
    */
-  class RegExpNegativeLookbehind extends RegExpLookbehind {
+  additional class RegExpNegativeLookbehind extends RegExpLookbehind {
     RegExpNegativeLookbehind() { re.negativeLookbehindAssertionGroup(start, end) }
 
     override string getPrimaryQLClass() { result = "RegExpNegativeLookbehind" }
diff --git a/ruby/ql/lib/codeql/ruby/regexp/RegExpTreeView.qll b/ruby/ql/lib/codeql/ruby/regexp/RegExpTreeView.qll
index ab21512c694..4a0b40ccfb2 100644
--- a/ruby/ql/lib/codeql/ruby/regexp/RegExpTreeView.qll
+++ b/ruby/ql/lib/codeql/ruby/regexp/RegExpTreeView.qll
@@ -539,7 +539,7 @@ private module Impl implements RegexTreeViewSig {
     override predicate isNullable() { this.getAChild().isNullable() }
   }
 
-  class RegExpCharEscape = RegExpEscape;
+  additional class RegExpCharEscape = RegExpEscape;
 
   /**
    * An escaped regular expression term, that is, a regular expression
@@ -620,7 +620,7 @@ private module Impl implements RegexTreeViewSig {
   /**
    * A non-word boundary, that is, a regular expression term of the form `\B`.
    */
-  class RegExpNonWordBoundary extends RegExpSpecialChar {
+  additional class RegExpNonWordBoundary extends RegExpSpecialChar {
     RegExpNonWordBoundary() { this.getChar() = "\\B" }
 
     override string getAPrimaryQlClass() { result = "RegExpNonWordBoundary" }
@@ -756,7 +756,7 @@ private module Impl implements RegexTreeViewSig {
    * \t
    * ```
    */
-  class RegExpNormalChar extends RegExpTerm, TRegExpNormalChar {
+  additional class RegExpNormalChar extends RegExpTerm, TRegExpNormalChar {
     RegExpNormalChar() { this = TRegExpNormalChar(re, start, end) }
 
     /**
@@ -878,7 +878,7 @@ private module Impl implements RegexTreeViewSig {
    * .
    * ```
    */
-  class RegExpSpecialChar extends RegExpTerm, TRegExpSpecialChar {
+  additional class RegExpSpecialChar extends RegExpTerm, TRegExpSpecialChar {
     string char;
 
     RegExpSpecialChar() {
@@ -926,7 +926,7 @@ private module Impl implements RegexTreeViewSig {
    * \A
    * ```
    */
-  class RegExpAnchor extends RegExpSpecialChar {
+  additional class RegExpAnchor extends RegExpSpecialChar {
     RegExpAnchor() { this.getChar() = ["^", "$", "\\A", "\\Z", "\\z"] }
 
     override string getAPrimaryQlClass() { result = "RegExpAnchor" }
@@ -975,7 +975,7 @@ private module Impl implements RegexTreeViewSig {
    * (?=\w)
    * ```
    */
-  class RegExpZeroWidthMatch extends RegExpGroup {
+  additional class RegExpZeroWidthMatch extends RegExpGroup {
     RegExpZeroWidthMatch() { re.zeroWidthMatch(start, end) }
 
     override RegExpTerm getChild(int i) { none() }
@@ -1050,7 +1050,7 @@ private module Impl implements RegexTreeViewSig {
    * (?!\n)
    * ```
    */
-  class RegExpNegativeLookahead extends RegExpLookahead {
+  additional class RegExpNegativeLookahead extends RegExpLookahead {
     RegExpNegativeLookahead() { re.negativeLookaheadAssertionGroup(start, end) }
 
     override string getAPrimaryQlClass() { result = "RegExpNegativeLookahead" }
@@ -1092,7 +1092,7 @@ private module Impl implements RegexTreeViewSig {
    * (?<!\\)
    * ```
    */
-  class RegExpNegativeLookbehind extends RegExpLookbehind {
+  additional class RegExpNegativeLookbehind extends RegExpLookbehind {
     RegExpNegativeLookbehind() { re.negativeLookbehindAssertionGroup(start, end) }
 
     override string getAPrimaryQlClass() { result = "RegExpNegativeLookbehind" }
@@ -1142,7 +1142,7 @@ private module Impl implements RegexTreeViewSig {
    * A named character property. For example, the POSIX bracket expression
    * `[[:digit:]]`.
    */
-  class RegExpNamedCharacterProperty extends RegExpTerm, TRegExpNamedCharacterProperty {
+  additional class RegExpNamedCharacterProperty extends RegExpTerm, TRegExpNamedCharacterProperty {
     RegExpNamedCharacterProperty() { this = TRegExpNamedCharacterProperty(re, start, end) }
 
     override RegExpTerm getChild(int i) { none() }

From 2d92cee26aa2e70c66a6c9378212c29501afa400 Mon Sep 17 00:00:00 2001
From: Ian Lynagh <igfoo@github.com>
Date: Mon, 21 Nov 2022 17:26:16 +0000
Subject: [PATCH 126/144] Kotlin build system: Refactor jar-finder

We were globbing with a * in the filename, but that is not necessary.
---
 java/kotlin-extractor/build.py | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/java/kotlin-extractor/build.py b/java/kotlin-extractor/build.py
index 05cb1204d86..f31484bdec3 100755
--- a/java/kotlin-extractor/build.py
+++ b/java/kotlin-extractor/build.py
@@ -147,18 +147,17 @@ def get_gradle_lib_folder():
     return gradle_home + '/lib'
 
 
-def find_jar(path, pattern):
-    result = glob.glob(path + '/' + pattern + '*.jar')
-    if len(result) == 0:
-        raise Exception('Cannot find jar file %s under path %s' %
-                        (pattern, path))
-    return result
+def find_jar(path, base):
+    fn = path + '/' + base + '.jar'
+    if not os.path.isfile(fn):
+        raise Exception('Cannot find jar file at %s' % fn)
+    return fn
 
 
-def patterns_to_classpath(path, patterns):
+def bases_to_classpath(path, bases):
     result = []
-    for pattern in patterns:
-        result += find_jar(path, pattern)
+    for base in bases:
+        result.append(find_jar(path, base))
     return os.path.pathsep.join(result)
 
 
@@ -174,8 +173,8 @@ def transform_to_embeddable(srcs):
 
 
 def compile(jars, java_jars, dependency_folder, transform_to_embeddable, output, build_dir, current_version):
-    classpath = patterns_to_classpath(dependency_folder, jars)
-    java_classpath = patterns_to_classpath(dependency_folder, java_jars)
+    classpath = bases_to_classpath(dependency_folder, jars)
+    java_classpath = bases_to_classpath(dependency_folder, java_jars)
 
     tmp_src_dir = build_dir + '/temp_src'
 

From 2ac06b8db941f978e323bc1dafe48aecce43d2e4 Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Thu, 24 Nov 2022 10:50:39 +0100
Subject: [PATCH 127/144] Turns out lambda flow is already supported

---
 .../swift/frameworks/StandardLibrary/NSData.qll      |  3 +--
 .../test/library-tests/dataflow/taint/Taint.expected | 12 ++++++++++++
 .../dataflow/taint/TaintInline.expected              |  1 +
 .../test/library-tests/dataflow/taint/nsdata.swift   |  2 +-
 4 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NSData.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NSData.qll
index 4fd8cba33fc..bad20ece437 100644
--- a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NSData.qll
+++ b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/NSData.qll
@@ -45,8 +45,7 @@ private class NsDataSummaries extends SummaryModelCsv {
         ";NSData;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint",
         ";NSData;true;base64Encoding();;;Argument[-1];ReturnValue;taint",
         ";NSData;true;dataWithContentsOfMappedFile(_:);;;Argument[0];ReturnValue;taint",
-        // TODO: Needs block flow
-        // ";NSData;true;enumerateBytes(_:);;;Argument[-1];Argument[0].Parameter[0];taint"
+        ";NSData;true;enumerateBytes(_:);;;Argument[-1];Argument[0].Parameter[0];taint",
         ";NSData;true;getBytes(_:);;;Argument[-1];Argument[0];taint",
         ";NSData;true;getBytes(_:length:);;;Argument[-1];Argument[0];taint",
         ";NSData;true;getBytes(_:range:);;;Argument[-1];Argument[0];taint",
diff --git a/swift/ql/test/library-tests/dataflow/taint/Taint.expected b/swift/ql/test/library-tests/dataflow/taint/Taint.expected
index 16e2f0bec8d..38c3a209deb 100644
--- a/swift/ql/test/library-tests/dataflow/taint/Taint.expected
+++ b/swift/ql/test/library-tests/dataflow/taint/Taint.expected
@@ -1,4 +1,5 @@
 edges
+| file://:0:0:0:0 | [summary] to write: argument 0.parameter 0 in enumerateBytes(_:) :  | nsdata.swift:110:9:110:9 | bytes :  |
 | file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  | url.swift:120:61:120:61 | data :  |
 | nsdata.swift:22:9:22:9 | self :  | file://:0:0:0:0 | .bytes :  |
 | nsdata.swift:23:9:23:9 | self :  | file://:0:0:0:0 | .description :  |
@@ -19,6 +20,7 @@ edges
 | nsdata.swift:38:5:38:96 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  |
 | nsdata.swift:39:5:39:49 | [summary param] this in base64Encoding() :  | file://:0:0:0:0 | [summary] to write: return (return) in base64Encoding() :  |
 | nsdata.swift:40:5:40:82 | [summary param] 0 in dataWithContentsOfMappedFile(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in dataWithContentsOfMappedFile(_:) :  |
+| nsdata.swift:41:5:41:104 | [summary param] this in enumerateBytes(_:) :  | file://:0:0:0:0 | [summary] to write: argument 0.parameter 0 in enumerateBytes(_:) :  |
 | nsdata.swift:42:5:42:55 | [summary param] this in getBytes(_:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:) :  |
 | nsdata.swift:43:5:43:68 | [summary param] this in getBytes(_:length:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:length:) :  |
 | nsdata.swift:44:5:44:71 | [summary param] this in getBytes(_:range:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:range:) :  |
@@ -82,6 +84,9 @@ edges
 | nsdata.swift:106:15:106:70 | call to dataWithContentsOfMappedFile(_:) :  | nsdata.swift:106:15:106:71 | ...! |
 | nsdata.swift:106:51:106:58 | call to source() :  | nsdata.swift:40:5:40:82 | [summary param] 0 in dataWithContentsOfMappedFile(_:) :  |
 | nsdata.swift:106:51:106:58 | call to source() :  | nsdata.swift:106:15:106:70 | call to dataWithContentsOfMappedFile(_:) :  |
+| nsdata.swift:108:27:108:34 | call to source() :  | nsdata.swift:109:5:109:5 | nsDataTainted17 :  |
+| nsdata.swift:109:5:109:5 | nsDataTainted17 :  | nsdata.swift:41:5:41:104 | [summary param] this in enumerateBytes(_:) :  |
+| nsdata.swift:110:9:110:9 | bytes :  | nsdata.swift:110:45:110:45 | bytes |
 | nsdata.swift:113:27:113:34 | call to source() :  | nsdata.swift:115:5:115:5 | nsDataTainted18 :  |
 | nsdata.swift:115:5:115:5 | nsDataTainted18 :  | nsdata.swift:42:5:42:55 | [summary param] this in getBytes(_:) :  |
 | nsdata.swift:115:5:115:5 | nsDataTainted18 :  | nsdata.swift:115:30:115:30 | [post] bufferTainted18 :  |
@@ -382,6 +387,7 @@ nodes
 | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:) :  | semmle.label | [summary] to write: argument 0 in getBytes(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:length:) :  | semmle.label | [summary] to write: argument 0 in getBytes(_:length:) :  |
 | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:range:) :  | semmle.label | [summary] to write: argument 0 in getBytes(_:range:) :  |
+| file://:0:0:0:0 | [summary] to write: argument 0.parameter 0 in enumerateBytes(_:) :  | semmle.label | [summary] to write: argument 0.parameter 0 in enumerateBytes(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  | semmle.label | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | semmle.label | [summary] to write: argument this in append(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in append(_:length:) :  | semmle.label | [summary] to write: argument this in append(_:length:) :  |
@@ -459,6 +465,7 @@ nodes
 | nsdata.swift:38:5:38:96 | [summary param] this in base64EncodedString(options:) :  | semmle.label | [summary param] this in base64EncodedString(options:) :  |
 | nsdata.swift:39:5:39:49 | [summary param] this in base64Encoding() :  | semmle.label | [summary param] this in base64Encoding() :  |
 | nsdata.swift:40:5:40:82 | [summary param] 0 in dataWithContentsOfMappedFile(_:) :  | semmle.label | [summary param] 0 in dataWithContentsOfMappedFile(_:) :  |
+| nsdata.swift:41:5:41:104 | [summary param] this in enumerateBytes(_:) :  | semmle.label | [summary param] this in enumerateBytes(_:) :  |
 | nsdata.swift:42:5:42:55 | [summary param] this in getBytes(_:) :  | semmle.label | [summary param] this in getBytes(_:) :  |
 | nsdata.swift:43:5:43:68 | [summary param] this in getBytes(_:length:) :  | semmle.label | [summary param] this in getBytes(_:length:) :  |
 | nsdata.swift:44:5:44:71 | [summary param] this in getBytes(_:range:) :  | semmle.label | [summary param] this in getBytes(_:range:) :  |
@@ -520,6 +527,10 @@ nodes
 | nsdata.swift:106:15:106:70 | call to dataWithContentsOfMappedFile(_:) :  | semmle.label | call to dataWithContentsOfMappedFile(_:) :  |
 | nsdata.swift:106:15:106:71 | ...! | semmle.label | ...! |
 | nsdata.swift:106:51:106:58 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:108:27:108:34 | call to source() :  | semmle.label | call to source() :  |
+| nsdata.swift:109:5:109:5 | nsDataTainted17 :  | semmle.label | nsDataTainted17 :  |
+| nsdata.swift:110:9:110:9 | bytes :  | semmle.label | bytes :  |
+| nsdata.swift:110:45:110:45 | bytes | semmle.label | bytes |
 | nsdata.swift:113:27:113:34 | call to source() :  | semmle.label | call to source() :  |
 | nsdata.swift:115:5:115:5 | nsDataTainted18 :  | semmle.label | nsDataTainted18 :  |
 | nsdata.swift:115:30:115:30 | [post] bufferTainted18 :  | semmle.label | [post] bufferTainted18 :  |
@@ -873,6 +884,7 @@ subpaths
 | nsdata.swift:101:15:101:62 | call to base64EncodedString(options:) | nsdata.swift:99:27:99:34 | call to source() :  | nsdata.swift:101:15:101:62 | call to base64EncodedString(options:) | result |
 | nsdata.swift:104:15:104:46 | call to base64Encoding() | nsdata.swift:103:27:103:34 | call to source() :  | nsdata.swift:104:15:104:46 | call to base64Encoding() | result |
 | nsdata.swift:106:15:106:71 | ...! | nsdata.swift:106:51:106:58 | call to source() :  | nsdata.swift:106:15:106:71 | ...! | result |
+| nsdata.swift:110:45:110:45 | bytes | nsdata.swift:108:27:108:34 | call to source() :  | nsdata.swift:110:45:110:45 | bytes | result |
 | nsdata.swift:116:15:116:15 | bufferTainted18 | nsdata.swift:113:27:113:34 | call to source() :  | nsdata.swift:116:15:116:15 | bufferTainted18 | result |
 | nsdata.swift:121:15:121:15 | bufferTainted19 | nsdata.swift:118:27:118:34 | call to source() :  | nsdata.swift:121:15:121:15 | bufferTainted19 | result |
 | nsdata.swift:126:15:126:15 | bufferTainted20 | nsdata.swift:123:27:123:34 | call to source() :  | nsdata.swift:126:15:126:15 | bufferTainted20 | result |
diff --git a/swift/ql/test/library-tests/dataflow/taint/TaintInline.expected b/swift/ql/test/library-tests/dataflow/taint/TaintInline.expected
index e69de29bb2d..24bd1bc7451 100644
--- a/swift/ql/test/library-tests/dataflow/taint/TaintInline.expected
+++ b/swift/ql/test/library-tests/dataflow/taint/TaintInline.expected
@@ -0,0 +1 @@
+| nsdata.swift:110:45:110:45 | bytes | Unexpected result: tainted=108 |
diff --git a/swift/ql/test/library-tests/dataflow/taint/nsdata.swift b/swift/ql/test/library-tests/dataflow/taint/nsdata.swift
index f6d82ede499..e737bb108d9 100644
--- a/swift/ql/test/library-tests/dataflow/taint/nsdata.swift
+++ b/swift/ql/test/library-tests/dataflow/taint/nsdata.swift
@@ -107,7 +107,7 @@ func test() {
     // ";NSData;true;enumerateBytes(_:);;;Argument[-1];Argument[0].Parameter[0];taint"
     let nsDataTainted17 = source() as! NSData
     nsDataTainted17.enumerateBytes {
-        bytes, byteRange, stop in sink(arg: bytes) // $ MISSING: tainted=108
+        bytes, byteRange, stop in sink(arg: bytes) // tainted=108
     }
     // ";NSData;true;getBytes(_:);;;Argument[-1];Argument[0];taint",
     let nsDataTainted18 = source() as! NSData

From c9a600d4960ac561e8b976cab6d36be56f7c55a3 Mon Sep 17 00:00:00 2001
From: erik-krogh <erik-krogh@github.com>
Date: Thu, 24 Nov 2022 10:29:20 +0100
Subject: [PATCH 128/144] Ruby: cache the compiled extractor, because that's
 way smaller than the cargo cache

---
 .github/workflows/ruby-build.yml | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ruby-build.yml b/.github/workflows/ruby-build.yml
index cbe7f32fb17..f561af9c13b 100644
--- a/.github/workflows/ruby-build.yml
+++ b/.github/workflows/ruby-build.yml
@@ -48,7 +48,19 @@ jobs:
         run: |
           brew install gnu-tar
           echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH
+      - name: Cache entire extractor
+        uses: actions/cache@v3
+        id: cache-extractor
+        with:
+          path: |
+            ruby/target/release/ruby-autobuilder
+            ruby/target/release/ruby-autobuilder.exe
+            ruby/target/release/ruby-extractor
+            ruby/target/release/ruby-extractor.exe
+            ruby/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
+          key: ${{ runner.os }}-ruby-extractor-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }}--${{ hashFiles('ruby/**/*.rs') }}
       - uses: actions/cache@v3
+        if: steps.cache-extractor.outputs.cache-hit != 'true'
         with:
           path: |
             ~/.cargo/registry
@@ -56,15 +68,19 @@ jobs:
             ruby/target
           key: ${{ runner.os }}-ruby-rust-cargo-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }}
       - name: Check formatting
+        if: steps.cache-extractor.outputs.cache-hit != 'true'
         run: cargo fmt --all -- --check
       - name: Build
+        if: steps.cache-extractor.outputs.cache-hit != 'true'
         run: cargo build --verbose
       - name: Run tests
+        if: steps.cache-extractor.outputs.cache-hit != 'true'
         run: cargo test --verbose
       - name: Release build
+        if: steps.cache-extractor.outputs.cache-hit != 'true'
         run: cargo build --release
       - name: Generate dbscheme
-        if: ${{ matrix.os == 'ubuntu-latest' }}
+        if: ${{ matrix.os == 'ubuntu-latest' && steps.cache-extractor.outputs.cache-hit != 'true'}}
         run: target/release/ruby-generator --dbscheme ql/lib/ruby.dbscheme --library ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
       - uses: actions/upload-artifact@v3
         if: ${{ matrix.os == 'ubuntu-latest' }}

From 443d0f50c1354951c46ef5cfb1cba70150d3e682 Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Thu, 24 Nov 2022 11:10:07 +0100
Subject: [PATCH 129/144] Apply suggestions from code review

---
 .../Security/CWE/CWE-089/MyBatisCommonLib.qll        |  2 +-
 .../CWE-089/src/main/MybatisSqlInjection.java        | 12 ++++++------
 .../CWE-089/src/main/MybatisSqlInjectionService.java |  8 ++++----
 .../CWE-089/src/main/SqlInjectionMapper.java         |  4 ++--
 4 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
index 8399efcc229..4d3d77d8b65 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
+++ b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
@@ -135,7 +135,7 @@ predicate isMybatisXmlOrAnnotationSqlInjection(
               "%}") and
       annotation.getType() instanceof TypeParam and
       ma.getAnArgument() = node.asExpr() and
-      annotation.getTarget() = ma.getMethod().getParameter(node.asExpr().getIndex())
+      annotation.getTarget() = ma.getMethod().getParameter(node.asExpr().(Argument).getParameterPos())
     )
     or
     // MyBatis default parameter sql injection vulnerabilities.the default parameter form of the method is arg[0...n] or param[1...n].
diff --git a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjection.java b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjection.java
index 5aa6876e00c..a751d2ebb1c 100644
--- a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjection.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjection.java
@@ -90,13 +90,13 @@ public class MybatisSqlInjection {
 		mybatisSqlInjectionService.badInsert(name);
 	}
 
-	@GetMapping(value = "kkbad1")
-	public void kkbad1(@RequestParam String name, @RequestParam Integer age) {
-		mybatisSqlInjectionService.kkbad1(name, age);
+	@GetMapping(value = "good2")
+	public void good2(@RequestParam String name, @RequestParam Integer age) {
+		mybatisSqlInjectionService.good2(name, age);
 	}
 
-	@GetMapping(value = "kkbad2")
-	public void kkbad2(@RequestParam String age) {
-		mybatisSqlInjectionService.kkbad2(age);
+	@GetMapping(value = "good3")
+	public void good3(@RequestParam String age) {
+		mybatisSqlInjectionService.good3(age);
 	}
 }
diff --git a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjectionService.java b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjectionService.java
index 28b9bebc1f4..c8e1ce9c3cb 100644
--- a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjectionService.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MybatisSqlInjectionService.java
@@ -73,11 +73,11 @@ public class MybatisSqlInjectionService {
 		sqlInjectionMapper.badInsert(input);
 	}
 
-	public void kkbad1(String name, Integer age){
-		sqlInjectionMapper.kkbad1(name, age);
+	public void good2(String name, Integer age){
+		sqlInjectionMapper.good2(name, age);
 	}
 
-	public void kkbad2(String age){
-		sqlInjectionMapper.kkbad2(age);
+	public void good3(String age){
+		sqlInjectionMapper.good3(age);
 	}
 }
diff --git a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/SqlInjectionMapper.java b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/SqlInjectionMapper.java
index 50801558eb8..a39b26a3aea 100644
--- a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/SqlInjectionMapper.java
+++ b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/SqlInjectionMapper.java
@@ -61,9 +61,9 @@ public interface SqlInjectionMapper {
 	void badInsert(String input);
 
 	@Select("select * from user_info where name = #{name} and age = ${age}")
-	String kkbad1(@Param("name") String name, Integer age);
+	String good2(@Param("name") String name, Integer age);
 
 	@Select("select * from user_info where age = #{age}")
-	String kkbad2(@Param("age") String age);
+	String good3(@Param("age") String age);
 
 }

From 42259ef8d1ad5f5e2ee663d65384f6430b96d24e Mon Sep 17 00:00:00 2001
From: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
Date: Thu, 24 Nov 2022 10:10:42 +0000
Subject: [PATCH 130/144] Update
 docs/codeql/reusables/kotlin-java-differences.rst

---
 docs/codeql/reusables/kotlin-java-differences.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/codeql/reusables/kotlin-java-differences.rst b/docs/codeql/reusables/kotlin-java-differences.rst
index 07cb95203c2..40e18b60484 100644
--- a/docs/codeql/reusables/kotlin-java-differences.rst
+++ b/docs/codeql/reusables/kotlin-java-differences.rst
@@ -13,7 +13,7 @@ Be careful when you model code elements that don’t exist in Java, such as ``No
 
 In that specific case, you can use the predicate ``Expr.getUnderlyingExpr()``. This goes directly to the underlying ``VarAccess`` to produce a more similar behavior to that in Java.
 
-Nullable elements (`?`) can also produce unexpected behavior. To avoid a `NullPointerException`, Kotlin may inline calls like `expr.toString()` to `String.valueOf(expr)` when `expr` is nullable. Make sure that you write CodeQL around the extracted code, which may not exactly match the code as written in the codebase.
+Nullable elements (``?``) can also produce unexpected behavior. To avoid a ``NullPointerException``, Kotlin may inline calls like ``expr.toString()`` to ``String.valueOf(expr)`` when ``expr`` is nullable. Make sure that you write CodeQL around the extracted code, which may not exactly match the code as written in the codebase.
 
 Another example is that if-else expressions in Kotlin are translated into ``WhenExprs`` in CodeQL, instead of the more typical ``IfStmt`` seen in Java.
 

From 17218fa663373a2d327309204e765d2e10cd1f0a Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Thu, 24 Nov 2022 11:14:16 +0100
Subject: [PATCH 131/144] Formatting

---
 .../src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
index 4d3d77d8b65..0d13340b55d 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
+++ b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll
@@ -135,7 +135,8 @@ predicate isMybatisXmlOrAnnotationSqlInjection(
               "%}") and
       annotation.getType() instanceof TypeParam and
       ma.getAnArgument() = node.asExpr() and
-      annotation.getTarget() = ma.getMethod().getParameter(node.asExpr().(Argument).getParameterPos())
+      annotation.getTarget() =
+        ma.getMethod().getParameter(node.asExpr().(Argument).getParameterPos())
     )
     or
     // MyBatis default parameter sql injection vulnerabilities.the default parameter form of the method is arg[0...n] or param[1...n].

From 4f8ef13cd8014a1203ec15b9a924f03977b89253 Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Thu, 24 Nov 2022 12:13:46 +0100
Subject: [PATCH 132/144] Fix expectation in NSData tests

---
 swift/ql/test/library-tests/dataflow/taint/TaintInline.expected | 1 -
 swift/ql/test/library-tests/dataflow/taint/nsdata.swift         | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/swift/ql/test/library-tests/dataflow/taint/TaintInline.expected b/swift/ql/test/library-tests/dataflow/taint/TaintInline.expected
index 24bd1bc7451..e69de29bb2d 100644
--- a/swift/ql/test/library-tests/dataflow/taint/TaintInline.expected
+++ b/swift/ql/test/library-tests/dataflow/taint/TaintInline.expected
@@ -1 +0,0 @@
-| nsdata.swift:110:45:110:45 | bytes | Unexpected result: tainted=108 |
diff --git a/swift/ql/test/library-tests/dataflow/taint/nsdata.swift b/swift/ql/test/library-tests/dataflow/taint/nsdata.swift
index e737bb108d9..f49dce6679a 100644
--- a/swift/ql/test/library-tests/dataflow/taint/nsdata.swift
+++ b/swift/ql/test/library-tests/dataflow/taint/nsdata.swift
@@ -107,7 +107,7 @@ func test() {
     // ";NSData;true;enumerateBytes(_:);;;Argument[-1];Argument[0].Parameter[0];taint"
     let nsDataTainted17 = source() as! NSData
     nsDataTainted17.enumerateBytes {
-        bytes, byteRange, stop in sink(arg: bytes) // tainted=108
+        bytes, byteRange, stop in sink(arg: bytes) // $ tainted=108
     }
     // ";NSData;true;getBytes(_:);;;Argument[-1];Argument[0];taint",
     let nsDataTainted18 = source() as! NSData

From c6835cd2704cdaa0b4b30e2c6b3c44d28b720daf Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Thu, 24 Nov 2022 11:16:56 +0000
Subject: [PATCH 133/144] Swift: Update .generated.list.

---
 swift/ql/.generated.list | 1 -
 1 file changed, 1 deletion(-)

diff --git a/swift/ql/.generated.list b/swift/ql/.generated.list
index fd75bc1ade4..a62640aace8 100644
--- a/swift/ql/.generated.list
+++ b/swift/ql/.generated.list
@@ -184,7 +184,6 @@ ql/lib/codeql/swift/elements/expr/OverloadedDeclRefExprConstructor.qll 2cf79b483
 ql/lib/codeql/swift/elements/expr/ParenExprConstructor.qll 6baaa592db57870f5ecd9be632bd3f653c44d72581efd41e8a837916e1590f9e 6f28988d04b2cb69ddcb63fba9ae3166b527803a61c250f97e48ff39a28379f6
 ql/lib/codeql/swift/elements/expr/PointerToPointerExpr.qll 921645a373443d050dbc29b9f6bc4a734163c75aeffce453a4f8334b34077d30 54089de77845f6b0e623c537bc25a010ecf1b5c7630b1b4060d2b378abc07f4e
 ql/lib/codeql/swift/elements/expr/PointerToPointerExprConstructor.qll 95cc8003b9a3b2101afb8f110ec4cbd29e380fc048ee080f5047bcf0e14a06c7 114d487a1bb2cd33b27a9c3a47ad1d7254766e169512642f8b09b9c32cf3dc86
-ql/lib/codeql/swift/elements/expr/PostfixUnaryExpr.qll a67abdf379f04f1aeee0795cd3ebeb28ed8dfe0efad15b128d44cc9e30b32cbd cbb2b2d54c8e316dc71388ea4ff6bb5d0a6204b4e9d9ce2888e1877a54e85e8f
 ql/lib/codeql/swift/elements/expr/PostfixUnaryExprConstructor.qll c26326e2703b9a8b077ea9f132ae86a76b4010a108b8dcde29864f4206096231 70e45fbe365b63226d0132158cdd453e2e00d740a31c1fb0f7bfb3b2dedfd928
 ql/lib/codeql/swift/elements/expr/PrefixUnaryExprConstructor.qll 6d4c915baf460691cc22681154b1129852c26f1bd9fe3e27b4e162f819d934f5 7971698433bc03dbff2fec34426a96a969fab1a5a575aaf91f10044819e16f6d
 ql/lib/codeql/swift/elements/expr/PropertyWrapperValuePlaceholderExpr.qll 35a61a7f68e71165690127b445fff39780028cb6be5e7b5eadaafa8aeb6b2321 f9e32f65e6d453d3fa857a4d3ca19700be1f8ea2f3d13534656bc21a2fc5f0b0

From 4bbc1dc7346507147e77eee576f458c6e8ca29bd Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Thu, 24 Nov 2022 12:34:48 +0100
Subject: [PATCH 134/144] Update test expectations

---
 .../MyBatisAnnotationSqlInjection.expected    | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected
index 481c8307ac3..1aedc93eb9a 100644
--- a/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected
+++ b/java/ql/test/experimental/query-tests/security/CWE-089/src/main/MyBatisAnnotationSqlInjection.expected
@@ -1,30 +1,30 @@
 edges
 | MybatisSqlInjection.java:62:19:62:43 | name : String | MybatisSqlInjection.java:63:35:63:38 | name : String |
 | MybatisSqlInjection.java:63:35:63:38 | name : String | MybatisSqlInjectionService.java:48:19:48:29 | name : String |
-| MybatisSqlInjection.java:94:21:94:45 | name : String | MybatisSqlInjection.java:95:37:95:40 | name : String |
-| MybatisSqlInjection.java:95:37:95:40 | name : String | MybatisSqlInjectionService.java:76:21:76:31 | name : String |
-| MybatisSqlInjection.java:99:21:99:44 | age : String | MybatisSqlInjection.java:100:37:100:39 | age : String |
-| MybatisSqlInjection.java:100:37:100:39 | age : String | MybatisSqlInjectionService.java:80:21:80:30 | age : String |
+| MybatisSqlInjection.java:94:20:94:44 | name : String | MybatisSqlInjection.java:95:36:95:39 | name : String |
+| MybatisSqlInjection.java:95:36:95:39 | name : String | MybatisSqlInjectionService.java:76:20:76:30 | name : String |
+| MybatisSqlInjection.java:99:20:99:43 | age : String | MybatisSqlInjection.java:100:36:100:38 | age : String |
+| MybatisSqlInjection.java:100:36:100:38 | age : String | MybatisSqlInjectionService.java:80:20:80:29 | age : String |
 | MybatisSqlInjectionService.java:48:19:48:29 | name : String | MybatisSqlInjectionService.java:50:23:50:26 | name : String |
 | MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] [<map.value>] : String | MybatisSqlInjectionService.java:51:27:51:33 | hashMap |
 | MybatisSqlInjectionService.java:50:23:50:26 | name : String | MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] [<map.value>] : String |
-| MybatisSqlInjectionService.java:76:21:76:31 | name : String | MybatisSqlInjectionService.java:77:29:77:32 | name |
-| MybatisSqlInjectionService.java:80:21:80:30 | age : String | MybatisSqlInjectionService.java:81:29:81:31 | age |
+| MybatisSqlInjectionService.java:76:20:76:30 | name : String | MybatisSqlInjectionService.java:77:28:77:31 | name |
+| MybatisSqlInjectionService.java:80:20:80:29 | age : String | MybatisSqlInjectionService.java:81:28:81:30 | age |
 nodes
 | MybatisSqlInjection.java:62:19:62:43 | name : String | semmle.label | name : String |
 | MybatisSqlInjection.java:63:35:63:38 | name : String | semmle.label | name : String |
-| MybatisSqlInjection.java:94:21:94:45 | name : String | semmle.label | name : String |
-| MybatisSqlInjection.java:95:37:95:40 | name : String | semmle.label | name : String |
-| MybatisSqlInjection.java:99:21:99:44 | age : String | semmle.label | age : String |
-| MybatisSqlInjection.java:100:37:100:39 | age : String | semmle.label | age : String |
+| MybatisSqlInjection.java:94:20:94:44 | name : String | semmle.label | name : String |
+| MybatisSqlInjection.java:95:36:95:39 | name : String | semmle.label | name : String |
+| MybatisSqlInjection.java:99:20:99:43 | age : String | semmle.label | age : String |
+| MybatisSqlInjection.java:100:36:100:38 | age : String | semmle.label | age : String |
 | MybatisSqlInjectionService.java:48:19:48:29 | name : String | semmle.label | name : String |
 | MybatisSqlInjectionService.java:50:3:50:9 | hashMap [post update] [<map.value>] : String | semmle.label | hashMap [post update] [<map.value>] : String |
 | MybatisSqlInjectionService.java:50:23:50:26 | name : String | semmle.label | name : String |
 | MybatisSqlInjectionService.java:51:27:51:33 | hashMap | semmle.label | hashMap |
-| MybatisSqlInjectionService.java:76:21:76:31 | name : String | semmle.label | name : String |
-| MybatisSqlInjectionService.java:77:29:77:32 | name | semmle.label | name |
-| MybatisSqlInjectionService.java:80:21:80:30 | age : String | semmle.label | age : String |
-| MybatisSqlInjectionService.java:81:29:81:31 | age | semmle.label | age |
+| MybatisSqlInjectionService.java:76:20:76:30 | name : String | semmle.label | name : String |
+| MybatisSqlInjectionService.java:77:28:77:31 | name | semmle.label | name |
+| MybatisSqlInjectionService.java:80:20:80:29 | age : String | semmle.label | age : String |
+| MybatisSqlInjectionService.java:81:28:81:30 | age | semmle.label | age |
 subpaths
 #select
 | MybatisSqlInjectionService.java:51:27:51:33 | hashMap | MybatisSqlInjection.java:62:19:62:43 | name : String | MybatisSqlInjectionService.java:51:27:51:33 | hashMap | MyBatis annotation SQL injection might include code from $@ to $@. | MybatisSqlInjection.java:62:19:62:43 | name | this user input | SqlInjectionMapper.java:33:2:33:54 | Select | this SQL operation |

From 22841276502dbe6bac77a618775153833f542d8e Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Tue, 15 Nov 2022 13:18:40 +0100
Subject: [PATCH 135/144] Add MaD rows for the Data class

---
 .../swift/frameworks/StandardLibrary/Data.qll |  45 +++-
 .../library-tests/dataflow/taint/data.swift   | 240 ++++++++++++++++--
 .../library-tests/dataflow/taint/string.swift |  24 ++
 3 files changed, 291 insertions(+), 18 deletions(-)

diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll
index 740fc8874b6..0e27c0824dc 100644
--- a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll
+++ b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll
@@ -1,6 +1,47 @@
 import swift
 private import codeql.swift.dataflow.ExternalFlow
 
-private class DataSummaries extends SummaryModelCsv {
-  override predicate row(string row) { row = ";Data;true;init(_:);;;Argument[0];ReturnValue;taint" }
+private class DataSources extends SourceModelCsv {
+  override predicate row(string row) {
+    row = ";Data;true;init(contentsOf:options:);;;ReturnValue;remote"
+  }
+}
+
+private class DataSummaries extends SummaryModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        ";Data;true;init(_:);;;Argument[0];ReturnValue;taint",
+        ";Data;true;init(base64Encoded:options:);;;Argument[0];ReturnValue;taint",
+        ";Data;true;init(buffer:);;;Argument[0];ReturnValue;taint",
+        ";Data;true;init(bytes:count:);;;Argument[0];ReturnValue;taint",
+        ";Data;true;init(contentsOf:options:);;;Argument[0];ReturnValue;taint",
+        ";Data;true;init(bytesNoCopy:count:deallocator:);;;Argument[0];ReturnValue;taint",
+        ";Data;true;init(referencing:);;;Argument[0];ReturnValue;taint",
+        ";Data;true;append(_:);;;Argument[0];Argument[-1];taint",
+        ";Data;true;append(_:count:);;;Argument[0];Argument[-1];taint",
+        ";Data;true;append(contentsOf:);;;Argument[0];Argument[-1];taint",
+        ";Data;true;base64EncodedData(options:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;compactMap(_:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;copyBytes(to:);;;Argument[-1];Argument[0];taint",
+        ";Data;true;copyBytes(to:count:);;;Argument[-1];Argument[0];taint",
+        ";Data;true;copyBytes(to:from:);;;Argument[-1];Argument[0];taint",
+        ";Data;true;flatMap(_:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;insert(_:at:);;;Argument[0];Argument[-1];taint",
+        ";Data;true;insert(contentsOf:at:);;;Argument[0];Argument[-1];taint",
+        ";Data;true;map(_:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;reduce(into:_:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;replace(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint",
+        ";Data;true;replaceSubrange(_:with:);;;Argument[1];Argument[-1];taint",
+        ";Data;true;replaceSubrange(_:with:count:);;;Argument[1];Argument[-1];taint",
+        ";Data;true;replacing(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint",
+        ";Data;true;replacing(_:with:subrange:maxReplacements:);;;Argument[1];Argument[-1];taint",
+        ";Data;true;shuffled();;;Argument[-1];ReturnValue;taint",
+        ";Data;true;shuffled(using:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;sorted(using:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;trimmingPrefix(_:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;trimmingPrefix(while:);;;Argument[-1];ReturnValue;taint"
+      ]
+  }
 }
diff --git a/swift/ql/test/library-tests/dataflow/taint/data.swift b/swift/ql/test/library-tests/dataflow/taint/data.swift
index d7ebe600f8a..ba53694cf98 100644
--- a/swift/ql/test/library-tests/dataflow/taint/data.swift
+++ b/swift/ql/test/library-tests/dataflow/taint/data.swift
@@ -1,33 +1,241 @@
+// --- stubs ---
+struct URL {}
 
-class Data
+class NSData {}
+
+protocol SortComparator {
+	associatedtype Compared
+}
+struct Data
 {
+	struct Base64EncodingOptions : OptionSet { let rawValue: Int }
+	struct Base64DecodingOptions : OptionSet { let rawValue: Int }
+	enum Deallocator { case none }
+	struct ReadingOptions : OptionSet { let rawValue: Int }
+	typealias Index = Int
     init<S>(_ elements: S) {}
+	init(base64Encoded: Data, options: Data.Base64DecodingOptions) {}
+	init<SourceType>(buffer: UnsafeBufferPointer<SourceType>) {}
+	init<SourceType>(buffer: UnsafeMutablePointer<SourceType>) {}
+	init(bytes: UnsafeRawPointer, count: Int) {}
+	init(bytesNoCopy: UnsafeRawPointer, count: Int, deallocator: Data.Deallocator) {}
+	init(contentsOf: URL, options: ReadingOptions) {}
+	init(referencing: NSData) {}
+	func append(_: Data) {}
+	func append(_: UInt8) {}
+	func append<SourceType>(_: UnsafeBufferPointer<SourceType>) {}
+	func append(_: UnsafePointer<UInt8>, count: Int) {}
+	func append(contentsOf: [UInt8]) {}
+	func append<S>(contentsOf: S) {}
+	func base64EncodedData(options: Data.Base64EncodingOptions) -> Data { return Data("") }
+	func base64EncodedString(options: Data.Base64EncodingOptions) -> String { return "" }
+	func compactMap<ElementOfResult>(_: (UInt8) -> ElementOfResult) -> [ElementOfResult] { return [] }
+	func copyBytes(to: UnsafeMutableRawBufferPointer) {}
+	func copyBytes(to: UnsafeMutablePointer<UInt8>, count: Int) {}
+	func copyBytes(to: UnsafeMutablePointer<UInt8>, from: Range<Data.Index>) {}
+	func flatMap<SegmentOfResult>(_: (UInt8) -> SegmentOfResult) -> [SegmentOfResult.Element] where SegmentOfResult : Sequence { return [] }
+	func flatMap<ElementOfResult>(_: (UInt8) -> ElementOfResult?) -> [ElementOfResult] { return [] }
+	func insert(_: UInt8, at: Int) {}
+	func insert<C>(contentsOf: C, at: Int) where C : Collection, UInt8 == C.Element {}
+	func map<T>(_: (UInt8) -> T) -> [T] { return [] }
+	func reduce<Result>(into initialResult: Result, _: (inout Result, UInt8) -> ()) -> Result { return initialResult }
+	func replace<C, Replacement>(_: C, with: Replacement, maxReplacements: Int) where C : Collection, Replacement : Collection, UInt8 == C.Element, C.Element == Replacement.Element {}
+	func replaceSubrange(_: Range<Data.Index>, with: Data) {}
+	func replaceSubrange<ByteCollection>(_: Range<Data.Index>, with: ByteCollection) where ByteCollection : Collection, ByteCollection.Element == UInt8 {}
+	func replaceSubrange<SourceType>(_: Range<Data.Index>, with: UnsafeBufferPointer<SourceType>) {}
+	func replaceSubrange(_: Range<Data.Index>, with: UnsafeRawPointer, count: Int) {}
+	func replaceSubrange<C, R>(_: R, with: C) where C : Collection, R : RangeExpression, UInt8 == C.Element, Int == R.Bound {}
+	func replacing<C, Replacement>(_: C, with: Replacement, maxReplacements: Int = .max) -> Data where C : Collection, Replacement : Collection, UInt8 == C.Element, C.Element == Replacement.Element { return Data("") }
+	func replacing<C, Replacement>(_: C, with: Replacement, subrange: Range<Int>, maxReplacements: Int = .max) -> Data where C : Collection, Replacement : Collection, UInt8 == C.Element, C.Element == Replacement.Element { return Data("") }
+	func shuffled() -> [UInt8] { return [] }
+	func shuffled<T>(using: inout T) -> [UInt8] { return [] }
+	func sorted<Comparator>(using: Comparator) -> [UInt8] where Comparator : SortComparator, UInt8 == Comparator.Compared { return [] }
+	func trimmingPrefix<Prefix>(_ prefix: Prefix) -> Data where Prefix : Sequence, UInt8 == Prefix.Element { return Data("") }
+	func trimmingPrefix(while: (UInt8) -> Bool) -> Data { return Data("") }
 }
 
-extension String {
-	struct Encoding {
-		static let utf8 = Encoding()
-	}
+// --- tests ---
 
-	init?(data: Data, encoding: Encoding) { self.init() }
+class UInt8SortCompartor : SortComparator {
+	typealias Compared = UInt8
 }
 
-func source() -> String { return "" }
-func sink(arg: Data) {}
-func sink2(arg: String) {}
+func source() -> Any { return "" }
+func sink(arg: Any) {}
+func rng() -> RandomNumberGenerator? { return nil }
+func cmp() -> UInt8SortCompartor? { return nil }
 
 func taintThroughData() {
+	// ";Data;true;init(_:);;;Argument[0];ReturnValue;taint",
 	let dataClean = Data("123456".utf8)
-	let dataTainted = Data(source().utf8)
+	let dataTainted = Data((source() as! String).utf8)
 	let dataTainted2 = Data(dataTainted)
 
 	sink(arg: dataClean)
-	sink(arg: dataTainted) // $ MISSING: tainted=13
-	sink(arg: dataTainted2) // $ MISSING: tainted=13
+	sink(arg: dataTainted) // $ MISSING: tainted=71
+	sink(arg: dataTainted2) // $ MISSING: tainted=71
 
-	let stringClean = String(data: dataClean, encoding: String.Encoding.utf8)
-	let stringTainted = String(data: dataTainted, encoding: String.Encoding.utf8)
+	// ";Data;true;init(base64Encoded:options:);;;Argument[0];ReturnValue;taint",
+	let dataTainted3 = Data(base64Encoded: source() as! Data, options: [])
+	sink(arg: dataTainted3) // $ tainted=79
+
+	// ";Data;true;init(buffer:);;;Argument[0];ReturnValue;taint",
+	let dataTainted4 = Data(buffer: source() as! UnsafeBufferPointer<UInt8>)
+	sink(arg: dataTainted4)  // $ tainted=83
+	let dataTainted5 = Data(buffer: source() as! UnsafeMutablePointer<UInt8>)
+	sink(arg: dataTainted5)  // $ tainted=85
+
+	// ";Data;true;init(bytes:count:);;;Argument[0];ReturnValue;taint",
+	let dataTainted6 = Data(bytes: source() as! UnsafeRawPointer, count: 0)
+	sink(arg: dataTainted6)  // $ tainted=89
+
+	// ";Data;true;init(bytesNoCopy:count:deallocator:);;;Argument[0];ReturnValue;taint",
+	let dataTainted7 = Data(bytesNoCopy: source() as! UnsafeRawPointer, count: 0, deallocator: Data.Deallocator.none)
+	sink(arg: dataTainted7)  // $ tainted=93
+
+	// ";Data;true;init(contentsOf:options:);;;Argument[0];ReturnValue;taint",
+	let dataTainted8 = Data(contentsOf: source() as! URL, options: [])
+	sink(arg: dataTainted8)  // $ tainted=97
+
+	// ";Data;true;init(referencing:);;;Argument[0];ReturnValue;taint",
+	let dataTainted9 = Data(referencing: source() as! NSData)
+	sink(arg: dataTainted9)  // $ tainted=101
+
+	// ";Data;true;append(_:);;;Argument[0];Argument[-1];taint",
+	let dataTainted10 = Data("")
+	dataTainted10.append(source() as! Data)
+	sink(arg: dataTainted10) // $ tainted=106
+
+	let dataTainted11 = Data("")
+	dataTainted11.append(source() as! UInt8)
+	sink(arg: dataTainted11) // $ tainted=110
+
+	let dataTainted12 = Data("")
+	dataTainted12.append(source() as! UnsafeBufferPointer<UInt8>)
+	sink(arg: dataTainted12) // $ tainted=114
+
+	// ";Data;true;append(_:count:);;;Argument[0];Argument[-1];taint",
+	let dataTainted13 = Data("")
+	dataTainted13.append(source() as! UnsafePointer<UInt8>, count: 0)
+	sink(arg: dataTainted13) // $ tainted=119
+
+	// ";Data;true;append(contentsOf:);;;Argument[0];Argument[-1];taint",
+	let dataTainted14 = Data("")
+	dataTainted14.append(contentsOf: source() as! [UInt8])
+	sink(arg: dataTainted14) // $ tainted=124
+
+	// ";Data;true;base64EncodedData(options:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted15 = source() as! Data
+	sink(arg: dataTainted15.base64EncodedData(options: [])) // $ tainted=128
+
+	// ";Data;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted16 = source() as! Data
+	sink(arg: dataTainted16.base64EncodedString(options: [])) // $ tainted=132
+
+	// ";Data;true;compactMap(_:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted17 = source() as! Data
+	let compactMapped: [Int] = dataTainted17.compactMap { str in Int(str) }
+	sink(arg: compactMapped) // $ tainted=136
+
+	// ";Data;true;copyBytes(to:);;;Argument[-1];Argument[0];taint",
+	let dataTainted18 = source() as! Data
+	let pointerTainted18 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0)
+	dataTainted18.copyBytes(to: pointerTainted18)
+	sink(arg: pointerTainted18) // $ tainted=141
+
+	// ";Data;true;copyBytes(to:count:);;;Argument[-1];Argument[0];taint",
+	let dataTainted19 = source() as! Data
+	let pointerTainted19 = UnsafeMutablePointer<UInt8>.allocate(capacity: 0)
+	dataTainted19.copyBytes(to: pointerTainted19, count: 0)
+	sink(arg: pointerTainted19) // $ MISSING: tainted=147
+
+	// ";Data;true;copyBytes(to:from:);;;Argument[-1];Argument[0];taint",
+	let dataTainted20 = source() as! Data
+	let pointerTainted20 = UnsafeMutablePointer<UInt8>.allocate(capacity: 0)
+	dataTainted20.copyBytes(to: pointerTainted20, from: 0..<1)
+	sink(arg: pointerTainted20) // $ MISSING: tainted=153
+
+	// ";Data;true;flatMap(_:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted21 = source() as! Data
+	let flatMapped = dataTainted21.flatMap { Array(repeating: $0, count: 0) }
+	sink(arg: flatMapped) // $ tainted=159
+
+	let dataTainted22 = source() as! Data
+	let flatMapped2 = dataTainted22.flatMap { str in Int(str) }
+	sink(arg: flatMapped2) // $ tainted=163
+
+	// ";Data;true;insert(_:at:);;;Argument[0];Argument[-1];taint",
+	let dataTainted23 = Data("")
+	dataTainted23.insert(source() as! UInt8, at: 0)
+	sink(arg: dataTainted23) // $ tainted=169
+
+	// ";Data;true;insert(contentsOf:at:);;;Argument[0];Argument[-1];taint",
+	let dataTainted24 = Data("")
+	dataTainted24.insert(contentsOf: source() as! [UInt8], at: 0)
+	sink(arg: dataTainted24) // $ tainted=174
+
+	// ";Data;true;map(_:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted25 = source() as! Data
+	let mapped = dataTainted25.map { $0 }
+	sink(arg: mapped) // $ tainted=178
+
+	// ";Data;true;reduce(into:_:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted26 = source() as! Data
+	let reduced = dataTainted26.reduce(into: [:]) { c, i in c[i, default: 0] += 1 }
+	sink(arg: reduced) // $ tainted=183
+
+	// ";Data;true;replace(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint",
+	let dataTainted27 = Data("")
+	dataTainted27.replace([0], with: source() as! [UInt8], maxReplacements: .max)
+	sink(arg: dataTainted27) // $ tainted=189
+
+	// ";Data;true;replaceSubrange(_:with:);;;Argument[1];Argument[-1];taint",
+	let dataTainted28 = Data("")
+	dataTainted28.replaceSubrange(1..<3, with: source() as! Data)
+	sink(arg: dataTainted28) // $ tainted=194
+
+	let dataTainted29 = Data("")
+	dataTainted29.replaceSubrange(1..<3, with: source() as! [UInt8])
+	sink(arg: dataTainted29) // $ tainted=198
+
+	let dataTainted30 = Data("")
+	dataTainted30.replaceSubrange(1..<3, with: source() as! UnsafeBufferPointer<UInt8>)
+	sink(arg: dataTainted30) // $ tainted=202
+
+	// ";Data;true;replaceSubrange(_:with:count:);;;Argument[1];Argument[-1];taint",
+	let dataTainted31 = Data("")
+	dataTainted31.replaceSubrange(1..<3, with: source() as! UnsafeRawPointer, count: 0)
+	sink(arg: dataTainted31) // $ tainted=207
+
+	// ";Data;true;replacing(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint",
+	let dataTainted32 = Data("")
+	dataTainted32.replacing([0], with: source() as! [UInt8], maxReplacements: 0)
+	sink(arg: dataTainted32) // $ tainted=212
+
+	// ";Data;true;replacing(_:with:subrange:maxReplacements:);;;Argument[1];Argument[-1];taint",
+	let dataTainted33 = Data("")
+	dataTainted33.replacing([0], with: source() as! [UInt8], subrange: 1..<3, maxReplacements: 0)
+	sink(arg: dataTainted33) // $ tainted=217
+
+	// ";Data;true;shuffled();;;Argument[-1];ReturnValue;taint",
+	let dataTainted34 = source() as! Data
+	sink(arg: dataTainted34.shuffled()) // $ tainted=221
+	
+	// ";Data;true;shuffled(using:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted35 = source() as! Data
+	var rng = rng()!
+	sink(arg: dataTainted35.shuffled(using: &rng)) // $ tainted=225
+
+	// ";Data;true;sorted(using:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted36 = source() as! Data
+	sink(arg: dataTainted36.sorted(using: cmp()!)) // $ tainted=230
+
+	// ";Data;true;trimmingPrefix(_:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted37 = source() as! Data
+	sink(arg: dataTainted37.trimmingPrefix([0])) // $ tainted=234
+
+	// ";Data;true;trimmingPrefix(while:);;;Argument[-1];ReturnValue;taint"
+	let dataTainted38 = source() as! Data
+	sink(arg: dataTainted38.trimmingPrefix { _ in false }) // $ tainted=238
 
-	sink2(arg: stringClean!) // $ MISSING: tainted=13
-	sink2(arg: stringTainted!) // $ MISSING: tainted=13
 }
diff --git a/swift/ql/test/library-tests/dataflow/taint/string.swift b/swift/ql/test/library-tests/dataflow/taint/string.swift
index 6f5e5876a65..5b54a8dc444 100644
--- a/swift/ql/test/library-tests/dataflow/taint/string.swift
+++ b/swift/ql/test/library-tests/dataflow/taint/string.swift
@@ -87,3 +87,27 @@ func taintThroughStringOperations() {
   sink(arg: clean.debugDescription)
   sink(arg: tainted.debugDescription) // $ MISSING: tainted=74
 }
+
+class Data
+{
+    init<S>(_ elements: S) {}
+}
+
+extension String {
+	struct Encoding {
+		static let utf8 = Encoding()
+	}
+
+	init?(data: Data, encoding: Encoding) { self.init() }
+}
+
+
+func source3() -> Data { return Data("") }
+
+func taintThroughData() {
+  let stringClean = String(data: Data(""), encoding: String.Encoding.utf8)
+  let stringTainted = String(data: source3(), encoding: String.Encoding.utf8)
+
+	sink(arg: stringClean!)
+	sink(arg: stringTainted!) // $ MISSING: tainted=100
+}

From d6b14a13952337702f5c2c631fdf7699daa43d2c Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Mon, 21 Nov 2022 15:45:31 +0100
Subject: [PATCH 136/144] Update test expectations

---
 .../dataflow/taint/LocalTaint.expected        |   1 +
 .../dataflow/taint/Taint.expected             | 403 ++++++++++++++++++
 2 files changed, 404 insertions(+)

diff --git a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
index e2c893738d3..9e3f081261c 100644
--- a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
+++ b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
@@ -1,6 +1,7 @@
 | nsdata.swift:139:15:139:15 | nsDataTainted24 | nsdata.swift:139:15:139:31 | .bytes |
 | nsdata.swift:140:15:140:15 | nsDataTainted24 | nsdata.swift:140:15:140:31 | .description |
 | nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 | nsmutabledata.swift:49:15:49:37 | .mutableBytes |
+| data.swift:184:58:184:58 | &... | data.swift:184:58:184:73 | ...[...] |
 | string.swift:7:13:7:13 |  | string.swift:7:13:7:13 | [post]  |
 | string.swift:7:13:7:13 |  | string.swift:7:14:7:14 | [post] &... |
 | string.swift:7:13:7:13 | TapExpr | string.swift:7:13:7:13 | "..." |
diff --git a/swift/ql/test/library-tests/dataflow/taint/Taint.expected b/swift/ql/test/library-tests/dataflow/taint/Taint.expected
index 38c3a209deb..9430f377bef 100644
--- a/swift/ql/test/library-tests/dataflow/taint/Taint.expected
+++ b/swift/ql/test/library-tests/dataflow/taint/Taint.expected
@@ -1,5 +1,146 @@
 edges
 | file://:0:0:0:0 | [summary] to write: argument 0.parameter 0 in enumerateBytes(_:) :  | nsdata.swift:110:9:110:9 | bytes :  |
+| data.swift:17:2:17:66 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  |
+| data.swift:18:2:18:61 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  |
+| data.swift:19:2:19:62 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  |
+| data.swift:20:2:20:45 | [summary param] 0 in init(bytes:count:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:count:) :  |
+| data.swift:21:2:21:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:22:2:22:50 | [summary param] 0 in init(contentsOf:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  |
+| data.swift:23:2:23:29 | [summary param] 0 in init(referencing:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(referencing:) :  |
+| data.swift:24:2:24:24 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
+| data.swift:25:2:25:25 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
+| data.swift:26:2:26:63 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
+| data.swift:27:2:27:52 | [summary param] 0 in append(_:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:count:) :  |
+| data.swift:28:2:28:36 | [summary param] 0 in append(contentsOf:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(contentsOf:) :  |
+| data.swift:30:2:30:88 | [summary param] this in base64EncodedData(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  |
+| data.swift:31:2:31:86 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  |
+| data.swift:32:2:32:99 | [summary param] this in compactMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in compactMap(_:) :  |
+| data.swift:33:2:33:53 | [summary param] this in copyBytes(to:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in copyBytes(to:) :  |
+| data.swift:36:2:36:137 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  |
+| data.swift:37:2:37:97 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  |
+| data.swift:38:2:38:34 | [summary param] 0 in insert(_:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(_:at:) :  |
+| data.swift:39:2:39:83 | [summary param] 0 in insert(contentsOf:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(contentsOf:at:) :  |
+| data.swift:40:2:40:50 | [summary param] this in map(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in map(_:) :  |
+| data.swift:41:2:41:115 | [summary param] this in reduce(into:_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in reduce(into:_:) :  |
+| data.swift:42:2:42:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replace(_:with:maxReplacements:) :  |
+| data.swift:43:2:43:58 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  |
+| data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  |
+| data.swift:46:2:46:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:count:) :  |
+| data.swift:48:2:48:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  |
+| data.swift:49:2:49:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  |
+| data.swift:50:2:50:41 | [summary param] this in shuffled() :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled() :  |
+| data.swift:51:2:51:58 | [summary param] this in shuffled(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled(using:) :  |
+| data.swift:52:2:52:132 | [summary param] this in sorted(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted(using:) :  |
+| data.swift:53:2:53:123 | [summary param] this in trimmingPrefix(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(_:) :  |
+| data.swift:54:2:54:72 | [summary param] this in trimmingPrefix(while:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(while:) :  |
+| data.swift:79:21:79:71 | call to init(base64Encoded:options:) :  | data.swift:80:12:80:12 | dataTainted3 |
+| data.swift:79:41:79:48 | call to source() :  | data.swift:17:2:17:66 | [summary param] 0 in init(base64Encoded:options:) :  |
+| data.swift:79:41:79:48 | call to source() :  | data.swift:79:21:79:71 | call to init(base64Encoded:options:) :  |
+| data.swift:83:21:83:73 | call to init(buffer:) :  | data.swift:84:12:84:12 | dataTainted4 |
+| data.swift:83:34:83:41 | call to source() :  | data.swift:18:2:18:61 | [summary param] 0 in init(buffer:) :  |
+| data.swift:83:34:83:41 | call to source() :  | data.swift:83:21:83:73 | call to init(buffer:) :  |
+| data.swift:85:21:85:74 | call to init(buffer:) :  | data.swift:86:12:86:12 | dataTainted5 |
+| data.swift:85:34:85:41 | call to source() :  | data.swift:19:2:19:62 | [summary param] 0 in init(buffer:) :  |
+| data.swift:85:34:85:41 | call to source() :  | data.swift:85:21:85:74 | call to init(buffer:) :  |
+| data.swift:89:21:89:72 | call to init(bytes:count:) :  | data.swift:90:12:90:12 | dataTainted6 |
+| data.swift:89:33:89:40 | call to source() :  | data.swift:20:2:20:45 | [summary param] 0 in init(bytes:count:) :  |
+| data.swift:89:33:89:40 | call to source() :  | data.swift:89:21:89:72 | call to init(bytes:count:) :  |
+| data.swift:93:21:93:114 | call to init(bytesNoCopy:count:deallocator:) :  | data.swift:94:12:94:12 | dataTainted7 |
+| data.swift:93:39:93:46 | call to source() :  | data.swift:21:2:21:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:93:39:93:46 | call to source() :  | data.swift:93:21:93:114 | call to init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:97:21:97:67 | call to init(contentsOf:options:) :  | data.swift:98:12:98:12 | dataTainted8 |
+| data.swift:97:38:97:45 | call to source() :  | data.swift:22:2:22:50 | [summary param] 0 in init(contentsOf:options:) :  |
+| data.swift:97:38:97:45 | call to source() :  | data.swift:97:21:97:67 | call to init(contentsOf:options:) :  |
+| data.swift:101:21:101:58 | call to init(referencing:) :  | data.swift:102:12:102:12 | dataTainted9 |
+| data.swift:101:39:101:46 | call to source() :  | data.swift:23:2:23:29 | [summary param] 0 in init(referencing:) :  |
+| data.swift:101:39:101:46 | call to source() :  | data.swift:101:21:101:58 | call to init(referencing:) :  |
+| data.swift:106:2:106:2 | [post] dataTainted10 :  | data.swift:107:12:107:12 | dataTainted10 |
+| data.swift:106:23:106:30 | call to source() :  | data.swift:24:2:24:24 | [summary param] 0 in append(_:) :  |
+| data.swift:106:23:106:30 | call to source() :  | data.swift:106:2:106:2 | [post] dataTainted10 :  |
+| data.swift:110:2:110:2 | [post] dataTainted11 :  | data.swift:111:12:111:12 | dataTainted11 |
+| data.swift:110:23:110:30 | call to source() :  | data.swift:25:2:25:25 | [summary param] 0 in append(_:) :  |
+| data.swift:110:23:110:30 | call to source() :  | data.swift:110:2:110:2 | [post] dataTainted11 :  |
+| data.swift:114:2:114:2 | [post] dataTainted12 :  | data.swift:115:12:115:12 | dataTainted12 |
+| data.swift:114:23:114:30 | call to source() :  | data.swift:26:2:26:63 | [summary param] 0 in append(_:) :  |
+| data.swift:114:23:114:30 | call to source() :  | data.swift:114:2:114:2 | [post] dataTainted12 :  |
+| data.swift:119:2:119:2 | [post] dataTainted13 :  | data.swift:120:12:120:12 | dataTainted13 |
+| data.swift:119:23:119:30 | call to source() :  | data.swift:27:2:27:52 | [summary param] 0 in append(_:count:) :  |
+| data.swift:119:23:119:30 | call to source() :  | data.swift:119:2:119:2 | [post] dataTainted13 :  |
+| data.swift:124:2:124:2 | [post] dataTainted14 :  | data.swift:125:12:125:12 | dataTainted14 |
+| data.swift:124:35:124:42 | call to source() :  | data.swift:28:2:28:36 | [summary param] 0 in append(contentsOf:) :  |
+| data.swift:124:35:124:42 | call to source() :  | data.swift:124:2:124:2 | [post] dataTainted14 :  |
+| data.swift:128:22:128:29 | call to source() :  | data.swift:129:12:129:12 | dataTainted15 :  |
+| data.swift:129:12:129:12 | dataTainted15 :  | data.swift:30:2:30:88 | [summary param] this in base64EncodedData(options:) :  |
+| data.swift:129:12:129:12 | dataTainted15 :  | data.swift:129:12:129:55 | call to base64EncodedData(options:) |
+| data.swift:132:22:132:29 | call to source() :  | data.swift:133:12:133:12 | dataTainted16 :  |
+| data.swift:133:12:133:12 | dataTainted16 :  | data.swift:31:2:31:86 | [summary param] this in base64EncodedString(options:) :  |
+| data.swift:133:12:133:12 | dataTainted16 :  | data.swift:133:12:133:57 | call to base64EncodedString(options:) |
+| data.swift:136:22:136:29 | call to source() :  | data.swift:137:29:137:29 | dataTainted17 :  |
+| data.swift:137:29:137:29 | dataTainted17 :  | data.swift:32:2:32:99 | [summary param] this in compactMap(_:) :  |
+| data.swift:137:29:137:29 | dataTainted17 :  | data.swift:137:29:137:72 | call to compactMap(_:) :  |
+| data.swift:137:29:137:72 | call to compactMap(_:) :  | data.swift:138:12:138:12 | compactMapped |
+| data.swift:141:22:141:29 | call to source() :  | data.swift:143:2:143:2 | dataTainted18 :  |
+| data.swift:143:2:143:2 | dataTainted18 :  | data.swift:33:2:33:53 | [summary param] this in copyBytes(to:) :  |
+| data.swift:143:2:143:2 | dataTainted18 :  | data.swift:143:30:143:30 | [post] pointerTainted18 :  |
+| data.swift:143:30:143:30 | [post] pointerTainted18 :  | data.swift:144:12:144:12 | pointerTainted18 |
+| data.swift:159:22:159:29 | call to source() :  | data.swift:160:19:160:19 | dataTainted21 :  |
+| data.swift:160:19:160:19 | dataTainted21 :  | data.swift:36:2:36:137 | [summary param] this in flatMap(_:) :  |
+| data.swift:160:19:160:19 | dataTainted21 :  | data.swift:160:19:160:74 | call to flatMap(_:) :  |
+| data.swift:160:19:160:74 | call to flatMap(_:) :  | data.swift:161:12:161:12 | flatMapped |
+| data.swift:163:22:163:29 | call to source() :  | data.swift:164:20:164:20 | dataTainted22 :  |
+| data.swift:164:20:164:20 | dataTainted22 :  | data.swift:37:2:37:97 | [summary param] this in flatMap(_:) :  |
+| data.swift:164:20:164:20 | dataTainted22 :  | data.swift:164:20:164:60 | call to flatMap(_:) :  |
+| data.swift:164:20:164:60 | call to flatMap(_:) :  | data.swift:165:12:165:12 | flatMapped2 |
+| data.swift:169:2:169:2 | [post] dataTainted23 :  | data.swift:170:12:170:12 | dataTainted23 |
+| data.swift:169:23:169:30 | call to source() :  | data.swift:38:2:38:34 | [summary param] 0 in insert(_:at:) :  |
+| data.swift:169:23:169:30 | call to source() :  | data.swift:169:2:169:2 | [post] dataTainted23 :  |
+| data.swift:174:2:174:2 | [post] dataTainted24 :  | data.swift:175:12:175:12 | dataTainted24 |
+| data.swift:174:35:174:42 | call to source() :  | data.swift:39:2:39:83 | [summary param] 0 in insert(contentsOf:at:) :  |
+| data.swift:174:35:174:42 | call to source() :  | data.swift:174:2:174:2 | [post] dataTainted24 :  |
+| data.swift:178:22:178:29 | call to source() :  | data.swift:179:15:179:15 | dataTainted25 :  |
+| data.swift:179:15:179:15 | dataTainted25 :  | data.swift:40:2:40:50 | [summary param] this in map(_:) :  |
+| data.swift:179:15:179:15 | dataTainted25 :  | data.swift:179:15:179:38 | call to map(_:) :  |
+| data.swift:179:15:179:38 | call to map(_:) :  | data.swift:180:12:180:12 | mapped |
+| data.swift:183:22:183:29 | call to source() :  | data.swift:184:16:184:16 | dataTainted26 :  |
+| data.swift:184:16:184:16 | dataTainted26 :  | data.swift:41:2:41:115 | [summary param] this in reduce(into:_:) :  |
+| data.swift:184:16:184:16 | dataTainted26 :  | data.swift:184:16:184:80 | call to reduce(into:_:) :  |
+| data.swift:184:16:184:80 | call to reduce(into:_:) :  | data.swift:185:12:185:12 | reduced |
+| data.swift:189:2:189:2 | [post] dataTainted27 :  | data.swift:190:12:190:12 | dataTainted27 |
+| data.swift:189:35:189:42 | call to source() :  | data.swift:42:2:42:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  |
+| data.swift:189:35:189:42 | call to source() :  | data.swift:189:2:189:2 | [post] dataTainted27 :  |
+| data.swift:194:2:194:2 | [post] dataTainted28 :  | data.swift:195:12:195:12 | dataTainted28 |
+| data.swift:194:45:194:52 | call to source() :  | data.swift:43:2:43:58 | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:194:45:194:52 | call to source() :  | data.swift:194:2:194:2 | [post] dataTainted28 :  |
+| data.swift:198:2:198:2 | [post] dataTainted29 :  | data.swift:199:12:199:12 | dataTainted29 |
+| data.swift:198:45:198:52 | call to source() :  | data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:198:45:198:52 | call to source() :  | data.swift:198:2:198:2 | [post] dataTainted29 :  |
+| data.swift:202:2:202:2 | [post] dataTainted30 :  | data.swift:203:12:203:12 | dataTainted30 |
+| data.swift:202:45:202:52 | call to source() :  | data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:202:45:202:52 | call to source() :  | data.swift:202:2:202:2 | [post] dataTainted30 :  |
+| data.swift:207:2:207:2 | [post] dataTainted31 :  | data.swift:208:12:208:12 | dataTainted31 |
+| data.swift:207:45:207:52 | call to source() :  | data.swift:46:2:46:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  |
+| data.swift:207:45:207:52 | call to source() :  | data.swift:207:2:207:2 | [post] dataTainted31 :  |
+| data.swift:212:2:212:2 | [post] dataTainted32 :  | data.swift:213:12:213:12 | dataTainted32 |
+| data.swift:212:37:212:44 | call to source() :  | data.swift:48:2:48:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  |
+| data.swift:212:37:212:44 | call to source() :  | data.swift:212:2:212:2 | [post] dataTainted32 :  |
+| data.swift:217:2:217:2 | [post] dataTainted33 :  | data.swift:218:12:218:12 | dataTainted33 |
+| data.swift:217:37:217:44 | call to source() :  | data.swift:49:2:49:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  |
+| data.swift:217:37:217:44 | call to source() :  | data.swift:217:2:217:2 | [post] dataTainted33 :  |
+| data.swift:221:22:221:29 | call to source() :  | data.swift:222:12:222:12 | dataTainted34 :  |
+| data.swift:222:12:222:12 | dataTainted34 :  | data.swift:50:2:50:41 | [summary param] this in shuffled() :  |
+| data.swift:222:12:222:12 | dataTainted34 :  | data.swift:222:12:222:35 | call to shuffled() |
+| data.swift:225:22:225:29 | call to source() :  | data.swift:227:12:227:12 | dataTainted35 :  |
+| data.swift:227:12:227:12 | dataTainted35 :  | data.swift:51:2:51:58 | [summary param] this in shuffled(using:) :  |
+| data.swift:227:12:227:12 | dataTainted35 :  | data.swift:227:12:227:46 | call to shuffled(using:) |
+| data.swift:230:22:230:29 | call to source() :  | data.swift:231:12:231:12 | dataTainted36 :  |
+| data.swift:231:12:231:12 | dataTainted36 :  | data.swift:52:2:52:132 | [summary param] this in sorted(using:) :  |
+| data.swift:231:12:231:12 | dataTainted36 :  | data.swift:231:12:231:46 | call to sorted(using:) |
+| data.swift:234:22:234:29 | call to source() :  | data.swift:235:12:235:12 | dataTainted37 :  |
+| data.swift:235:12:235:12 | dataTainted37 :  | data.swift:53:2:53:123 | [summary param] this in trimmingPrefix(_:) :  |
+| data.swift:235:12:235:12 | dataTainted37 :  | data.swift:235:12:235:44 | call to trimmingPrefix(_:) |
+| data.swift:238:22:238:29 | call to source() :  | data.swift:239:12:239:12 | dataTainted38 :  |
+| data.swift:239:12:239:12 | dataTainted38 :  | data.swift:54:2:54:72 | [summary param] this in trimmingPrefix(while:) :  |
+| data.swift:239:12:239:12 | dataTainted38 :  | data.swift:239:12:239:54 | call to trimmingPrefix(while:) |
 | file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  | url.swift:120:61:120:61 | data :  |
 | nsdata.swift:22:9:22:9 | self :  | file://:0:0:0:0 | .bytes :  |
 | nsdata.swift:23:9:23:9 | self :  | file://:0:0:0:0 | .description :  |
@@ -381,6 +522,7 @@ edges
 | webview.swift:97:17:97:17 | s :  | webview.swift:44:5:44:48 | [summary param] 0 in setValue(_:forProperty:) :  |
 | webview.swift:97:17:97:17 | s :  | webview.swift:97:5:97:5 | [post] v3 :  |
 nodes
+<<<<<<< HEAD
 | file://:0:0:0:0 | .bytes :  | semmle.label | .bytes :  |
 | file://:0:0:0:0 | .description :  | semmle.label | .description :  |
 | file://:0:0:0:0 | .mutableBytes :  | semmle.label | .mutableBytes :  |
@@ -395,11 +537,171 @@ nodes
 | file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:) :  | semmle.label | [summary] to write: argument this in replaceBytes(in:withBytes:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  | semmle.label | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in setData(_:) :  | semmle.label | [summary] to write: argument this in setData(_:) :  |
+=======
+| data.swift:17:2:17:66 | [summary param] 0 in init(base64Encoded:options:) :  | semmle.label | [summary param] 0 in init(base64Encoded:options:) :  |
+| data.swift:18:2:18:61 | [summary param] 0 in init(buffer:) :  | semmle.label | [summary param] 0 in init(buffer:) :  |
+| data.swift:19:2:19:62 | [summary param] 0 in init(buffer:) :  | semmle.label | [summary param] 0 in init(buffer:) :  |
+| data.swift:20:2:20:45 | [summary param] 0 in init(bytes:count:) :  | semmle.label | [summary param] 0 in init(bytes:count:) :  |
+| data.swift:21:2:21:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  | semmle.label | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:22:2:22:50 | [summary param] 0 in init(contentsOf:options:) :  | semmle.label | [summary param] 0 in init(contentsOf:options:) :  |
+| data.swift:23:2:23:29 | [summary param] 0 in init(referencing:) :  | semmle.label | [summary param] 0 in init(referencing:) :  |
+| data.swift:24:2:24:24 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
+| data.swift:25:2:25:25 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
+| data.swift:26:2:26:63 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
+| data.swift:27:2:27:52 | [summary param] 0 in append(_:count:) :  | semmle.label | [summary param] 0 in append(_:count:) :  |
+| data.swift:28:2:28:36 | [summary param] 0 in append(contentsOf:) :  | semmle.label | [summary param] 0 in append(contentsOf:) :  |
+| data.swift:30:2:30:88 | [summary param] this in base64EncodedData(options:) :  | semmle.label | [summary param] this in base64EncodedData(options:) :  |
+| data.swift:31:2:31:86 | [summary param] this in base64EncodedString(options:) :  | semmle.label | [summary param] this in base64EncodedString(options:) :  |
+| data.swift:32:2:32:99 | [summary param] this in compactMap(_:) :  | semmle.label | [summary param] this in compactMap(_:) :  |
+| data.swift:33:2:33:53 | [summary param] this in copyBytes(to:) :  | semmle.label | [summary param] this in copyBytes(to:) :  |
+| data.swift:36:2:36:137 | [summary param] this in flatMap(_:) :  | semmle.label | [summary param] this in flatMap(_:) :  |
+| data.swift:37:2:37:97 | [summary param] this in flatMap(_:) :  | semmle.label | [summary param] this in flatMap(_:) :  |
+| data.swift:38:2:38:34 | [summary param] 0 in insert(_:at:) :  | semmle.label | [summary param] 0 in insert(_:at:) :  |
+| data.swift:39:2:39:83 | [summary param] 0 in insert(contentsOf:at:) :  | semmle.label | [summary param] 0 in insert(contentsOf:at:) :  |
+| data.swift:40:2:40:50 | [summary param] this in map(_:) :  | semmle.label | [summary param] this in map(_:) :  |
+| data.swift:41:2:41:115 | [summary param] this in reduce(into:_:) :  | semmle.label | [summary param] this in reduce(into:_:) :  |
+| data.swift:42:2:42:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  | semmle.label | [summary param] 1 in replace(_:with:maxReplacements:) :  |
+| data.swift:43:2:43:58 | [summary param] 1 in replaceSubrange(_:with:) :  | semmle.label | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  | semmle.label | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:46:2:46:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  | semmle.label | [summary param] 1 in replaceSubrange(_:with:count:) :  |
+| data.swift:48:2:48:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  | semmle.label | [summary param] 1 in replacing(_:with:maxReplacements:) :  |
+| data.swift:49:2:49:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  | semmle.label | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  |
+| data.swift:50:2:50:41 | [summary param] this in shuffled() :  | semmle.label | [summary param] this in shuffled() :  |
+| data.swift:51:2:51:58 | [summary param] this in shuffled(using:) :  | semmle.label | [summary param] this in shuffled(using:) :  |
+| data.swift:52:2:52:132 | [summary param] this in sorted(using:) :  | semmle.label | [summary param] this in sorted(using:) :  |
+| data.swift:53:2:53:123 | [summary param] this in trimmingPrefix(_:) :  | semmle.label | [summary param] this in trimmingPrefix(_:) :  |
+| data.swift:54:2:54:72 | [summary param] this in trimmingPrefix(while:) :  | semmle.label | [summary param] this in trimmingPrefix(while:) :  |
+| data.swift:79:21:79:71 | call to init(base64Encoded:options:) :  | semmle.label | call to init(base64Encoded:options:) :  |
+| data.swift:79:41:79:48 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:80:12:80:12 | dataTainted3 | semmle.label | dataTainted3 |
+| data.swift:83:21:83:73 | call to init(buffer:) :  | semmle.label | call to init(buffer:) :  |
+| data.swift:83:34:83:41 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:84:12:84:12 | dataTainted4 | semmle.label | dataTainted4 |
+| data.swift:85:21:85:74 | call to init(buffer:) :  | semmle.label | call to init(buffer:) :  |
+| data.swift:85:34:85:41 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:86:12:86:12 | dataTainted5 | semmle.label | dataTainted5 |
+| data.swift:89:21:89:72 | call to init(bytes:count:) :  | semmle.label | call to init(bytes:count:) :  |
+| data.swift:89:33:89:40 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:90:12:90:12 | dataTainted6 | semmle.label | dataTainted6 |
+| data.swift:93:21:93:114 | call to init(bytesNoCopy:count:deallocator:) :  | semmle.label | call to init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:93:39:93:46 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:94:12:94:12 | dataTainted7 | semmle.label | dataTainted7 |
+| data.swift:97:21:97:67 | call to init(contentsOf:options:) :  | semmle.label | call to init(contentsOf:options:) :  |
+| data.swift:97:38:97:45 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:98:12:98:12 | dataTainted8 | semmle.label | dataTainted8 |
+| data.swift:101:21:101:58 | call to init(referencing:) :  | semmle.label | call to init(referencing:) :  |
+| data.swift:101:39:101:46 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:102:12:102:12 | dataTainted9 | semmle.label | dataTainted9 |
+| data.swift:106:2:106:2 | [post] dataTainted10 :  | semmle.label | [post] dataTainted10 :  |
+| data.swift:106:23:106:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:107:12:107:12 | dataTainted10 | semmle.label | dataTainted10 |
+| data.swift:110:2:110:2 | [post] dataTainted11 :  | semmle.label | [post] dataTainted11 :  |
+| data.swift:110:23:110:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:111:12:111:12 | dataTainted11 | semmle.label | dataTainted11 |
+| data.swift:114:2:114:2 | [post] dataTainted12 :  | semmle.label | [post] dataTainted12 :  |
+| data.swift:114:23:114:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:115:12:115:12 | dataTainted12 | semmle.label | dataTainted12 |
+| data.swift:119:2:119:2 | [post] dataTainted13 :  | semmle.label | [post] dataTainted13 :  |
+| data.swift:119:23:119:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:120:12:120:12 | dataTainted13 | semmle.label | dataTainted13 |
+| data.swift:124:2:124:2 | [post] dataTainted14 :  | semmle.label | [post] dataTainted14 :  |
+| data.swift:124:35:124:42 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:125:12:125:12 | dataTainted14 | semmle.label | dataTainted14 |
+| data.swift:128:22:128:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:129:12:129:12 | dataTainted15 :  | semmle.label | dataTainted15 :  |
+| data.swift:129:12:129:55 | call to base64EncodedData(options:) | semmle.label | call to base64EncodedData(options:) |
+| data.swift:132:22:132:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:133:12:133:12 | dataTainted16 :  | semmle.label | dataTainted16 :  |
+| data.swift:133:12:133:57 | call to base64EncodedString(options:) | semmle.label | call to base64EncodedString(options:) |
+| data.swift:136:22:136:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:137:29:137:29 | dataTainted17 :  | semmle.label | dataTainted17 :  |
+| data.swift:137:29:137:72 | call to compactMap(_:) :  | semmle.label | call to compactMap(_:) :  |
+| data.swift:138:12:138:12 | compactMapped | semmle.label | compactMapped |
+| data.swift:141:22:141:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:143:2:143:2 | dataTainted18 :  | semmle.label | dataTainted18 :  |
+| data.swift:143:30:143:30 | [post] pointerTainted18 :  | semmle.label | [post] pointerTainted18 :  |
+| data.swift:144:12:144:12 | pointerTainted18 | semmle.label | pointerTainted18 |
+| data.swift:159:22:159:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:160:19:160:19 | dataTainted21 :  | semmle.label | dataTainted21 :  |
+| data.swift:160:19:160:74 | call to flatMap(_:) :  | semmle.label | call to flatMap(_:) :  |
+| data.swift:161:12:161:12 | flatMapped | semmle.label | flatMapped |
+| data.swift:163:22:163:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:164:20:164:20 | dataTainted22 :  | semmle.label | dataTainted22 :  |
+| data.swift:164:20:164:60 | call to flatMap(_:) :  | semmle.label | call to flatMap(_:) :  |
+| data.swift:165:12:165:12 | flatMapped2 | semmle.label | flatMapped2 |
+| data.swift:169:2:169:2 | [post] dataTainted23 :  | semmle.label | [post] dataTainted23 :  |
+| data.swift:169:23:169:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:170:12:170:12 | dataTainted23 | semmle.label | dataTainted23 |
+| data.swift:174:2:174:2 | [post] dataTainted24 :  | semmle.label | [post] dataTainted24 :  |
+| data.swift:174:35:174:42 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:175:12:175:12 | dataTainted24 | semmle.label | dataTainted24 |
+| data.swift:178:22:178:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:179:15:179:15 | dataTainted25 :  | semmle.label | dataTainted25 :  |
+| data.swift:179:15:179:38 | call to map(_:) :  | semmle.label | call to map(_:) :  |
+| data.swift:180:12:180:12 | mapped | semmle.label | mapped |
+| data.swift:183:22:183:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:184:16:184:16 | dataTainted26 :  | semmle.label | dataTainted26 :  |
+| data.swift:184:16:184:80 | call to reduce(into:_:) :  | semmle.label | call to reduce(into:_:) :  |
+| data.swift:185:12:185:12 | reduced | semmle.label | reduced |
+| data.swift:189:2:189:2 | [post] dataTainted27 :  | semmle.label | [post] dataTainted27 :  |
+| data.swift:189:35:189:42 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:190:12:190:12 | dataTainted27 | semmle.label | dataTainted27 |
+| data.swift:194:2:194:2 | [post] dataTainted28 :  | semmle.label | [post] dataTainted28 :  |
+| data.swift:194:45:194:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:195:12:195:12 | dataTainted28 | semmle.label | dataTainted28 |
+| data.swift:198:2:198:2 | [post] dataTainted29 :  | semmle.label | [post] dataTainted29 :  |
+| data.swift:198:45:198:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:199:12:199:12 | dataTainted29 | semmle.label | dataTainted29 |
+| data.swift:202:2:202:2 | [post] dataTainted30 :  | semmle.label | [post] dataTainted30 :  |
+| data.swift:202:45:202:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:203:12:203:12 | dataTainted30 | semmle.label | dataTainted30 |
+| data.swift:207:2:207:2 | [post] dataTainted31 :  | semmle.label | [post] dataTainted31 :  |
+| data.swift:207:45:207:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:208:12:208:12 | dataTainted31 | semmle.label | dataTainted31 |
+| data.swift:212:2:212:2 | [post] dataTainted32 :  | semmle.label | [post] dataTainted32 :  |
+| data.swift:212:37:212:44 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:213:12:213:12 | dataTainted32 | semmle.label | dataTainted32 |
+| data.swift:217:2:217:2 | [post] dataTainted33 :  | semmle.label | [post] dataTainted33 :  |
+| data.swift:217:37:217:44 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:218:12:218:12 | dataTainted33 | semmle.label | dataTainted33 |
+| data.swift:221:22:221:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:222:12:222:12 | dataTainted34 :  | semmle.label | dataTainted34 :  |
+| data.swift:222:12:222:35 | call to shuffled() | semmle.label | call to shuffled() |
+| data.swift:225:22:225:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:227:12:227:12 | dataTainted35 :  | semmle.label | dataTainted35 :  |
+| data.swift:227:12:227:46 | call to shuffled(using:) | semmle.label | call to shuffled(using:) |
+| data.swift:230:22:230:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:231:12:231:12 | dataTainted36 :  | semmle.label | dataTainted36 :  |
+| data.swift:231:12:231:46 | call to sorted(using:) | semmle.label | call to sorted(using:) |
+| data.swift:234:22:234:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:235:12:235:12 | dataTainted37 :  | semmle.label | dataTainted37 :  |
+| data.swift:235:12:235:44 | call to trimmingPrefix(_:) | semmle.label | call to trimmingPrefix(_:) |
+| data.swift:238:22:238:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:239:12:239:12 | dataTainted38 :  | semmle.label | dataTainted38 :  |
+| data.swift:239:12:239:54 | call to trimmingPrefix(while:) | semmle.label | call to trimmingPrefix(while:) |
+| file://:0:0:0:0 | [summary] to write: argument 0 in copyBytes(to:) :  | semmle.label | [summary] to write: argument 0 in copyBytes(to:) :  |
+| file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  | semmle.label | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | semmle.label | [summary] to write: argument this in append(_:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | semmle.label | [summary] to write: argument this in append(_:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | semmle.label | [summary] to write: argument this in append(_:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in append(_:count:) :  | semmle.label | [summary] to write: argument this in append(_:count:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in append(contentsOf:) :  | semmle.label | [summary] to write: argument this in append(contentsOf:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in defineProperty(_:descriptor:) :  | semmle.label | [summary] to write: argument this in defineProperty(_:descriptor:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in insert(_:at:) :  | semmle.label | [summary] to write: argument this in insert(_:at:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in insert(contentsOf:at:) :  | semmle.label | [summary] to write: argument this in insert(contentsOf:at:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replace(_:with:maxReplacements:) :  | semmle.label | [summary] to write: argument this in replace(_:with:maxReplacements:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | semmle.label | [summary] to write: argument this in replaceSubrange(_:with:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | semmle.label | [summary] to write: argument this in replaceSubrange(_:with:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:count:) :  | semmle.label | [summary] to write: argument this in replaceSubrange(_:with:count:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  | semmle.label | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  | semmle.label | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  |
+>>>>>>> 7ef2618758 (Update test expectations)
 | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:at:) :  | semmle.label | [summary] to write: argument this in setValue(_:at:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:forProperty:) :  | semmle.label | [summary] to write: argument this in setValue(_:forProperty:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in atIndex(_:) :  | semmle.label | [summary] to write: return (return) in atIndex(_:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  | semmle.label | [summary] to write: return (return) in base64EncodedData(options:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  | semmle.label | [summary] to write: return (return) in base64EncodedString(options:) :  |
+<<<<<<< HEAD
 | file://:0:0:0:0 | [summary] to write: return (return) in base64Encoding() :  | semmle.label | [summary] to write: return (return) in base64Encoding() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in compressed(using:) :  | semmle.label | [summary] to write: return (return) in compressed(using:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in dataWithContentsOfMappedFile(_:) :  | semmle.label | [summary] to write: return (return) in dataWithContentsOfMappedFile(_:) :  |
@@ -419,18 +721,40 @@ nodes
 | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfFile:options:) :  | semmle.label | [summary] to write: return (return) in init(contentsOfFile:options:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfMappedFile:) :  | semmle.label | [summary] to write: return (return) in init(contentsOfMappedFile:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(data:) :  | semmle.label | [summary] to write: return (return) in init(data:) :  |
+=======
+| file://:0:0:0:0 | [summary] to write: return (return) in compactMap(_:) :  | semmle.label | [summary] to write: return (return) in compactMap(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | semmle.label | [summary] to write: return (return) in flatMap(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | semmle.label | [summary] to write: return (return) in flatMap(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in forProperty(_:) :  | semmle.label | [summary] to write: return (return) in forProperty(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | semmle.label | [summary] to write: return (return) in init(base64Encoded:options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(bool:in:) :  | semmle.label | [summary] to write: return (return) in init(bool:in:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | semmle.label | [summary] to write: return (return) in init(buffer:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | semmle.label | [summary] to write: return (return) in init(buffer:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:count:) :  | semmle.label | [summary] to write: return (return) in init(bytes:count:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  | semmle.label | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  | semmle.label | [summary] to write: return (return) in init(contentsOf:options:) :  |
+>>>>>>> 7ef2618758 (Update test expectations)
 | file://:0:0:0:0 | [summary] to write: return (return) in init(double:in:) :  | semmle.label | [summary] to write: return (return) in init(double:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(int32:in:) :  | semmle.label | [summary] to write: return (return) in init(int32:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(object:in:) :  | semmle.label | [summary] to write: return (return) in init(object:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(point:in:) :  | semmle.label | [summary] to write: return (return) in init(point:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(range:in:) :  | semmle.label | [summary] to write: return (return) in init(range:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(rect:in:) :  | semmle.label | [summary] to write: return (return) in init(rect:in:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(referencing:) :  | semmle.label | [summary] to write: return (return) in init(referencing:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(size:in:) :  | semmle.label | [summary] to write: return (return) in init(size:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(string:) :  | semmle.label | [summary] to write: return (return) in init(string:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | semmle.label | [summary] to write: return (return) in init(string:relativeTo:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | semmle.label | [summary] to write: return (return) in init(string:relativeTo:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(uInt32:in:) :  | semmle.label | [summary] to write: return (return) in init(uInt32:in:) :  |
+<<<<<<< HEAD
 | file://:0:0:0:0 | [summary] to write: return (return) in subdata(with:) :  | semmle.label | [summary] to write: return (return) in subdata(with:) :  |
+=======
+| file://:0:0:0:0 | [summary] to write: return (return) in map(_:) :  | semmle.label | [summary] to write: return (return) in map(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in reduce(into:_:) :  | semmle.label | [summary] to write: return (return) in reduce(into:_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in shuffled() :  | semmle.label | [summary] to write: return (return) in shuffled() :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in shuffled(using:) :  | semmle.label | [summary] to write: return (return) in shuffled(using:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in sorted(using:) :  | semmle.label | [summary] to write: return (return) in sorted(using:) :  |
+>>>>>>> 7ef2618758 (Update test expectations)
 | file://:0:0:0:0 | [summary] to write: return (return) in toArray() :  | semmle.label | [summary] to write: return (return) in toArray() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toBool() :  | semmle.label | [summary] to write: return (return) in toBool() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toDate() :  | semmle.label | [summary] to write: return (return) in toDate() :  |
@@ -446,6 +770,7 @@ nodes
 | file://:0:0:0:0 | [summary] to write: return (return) in toSize() :  | semmle.label | [summary] to write: return (return) in toSize() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toString() :  | semmle.label | [summary] to write: return (return) in toString() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toUInt32() :  | semmle.label | [summary] to write: return (return) in toUInt32() :  |
+<<<<<<< HEAD
 | nsdata.swift:22:9:22:9 | self :  | semmle.label | self :  |
 | nsdata.swift:23:9:23:9 | self :  | semmle.label | self :  |
 | nsdata.swift:24:5:24:50 | [summary param] 0 in init(bytes:length:) :  | semmle.label | [summary param] 0 in init(bytes:length:) :  |
@@ -581,6 +906,10 @@ nodes
 | nsmutabledata.swift:48:33:48:40 | call to source() :  | semmle.label | call to source() :  |
 | nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 :  | semmle.label | nsMutableDataTainted6 :  |
 | nsmutabledata.swift:49:15:49:37 | .mutableBytes | semmle.label | .mutableBytes |
+=======
+| file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(_:) :  | semmle.label | [summary] to write: return (return) in trimmingPrefix(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(while:) :  | semmle.label | [summary] to write: return (return) in trimmingPrefix(while:) :  |
+>>>>>>> 7ef2618758 (Update test expectations)
 | string.swift:5:11:5:18 | call to source() :  | semmle.label | call to source() :  |
 | string.swift:7:13:7:13 | "..." | semmle.label | "..." |
 | string.swift:9:13:9:13 | "..." | semmle.label | "..." |
@@ -782,6 +1111,7 @@ nodes
 | webview.swift:97:17:97:17 | s :  | semmle.label | s :  |
 | webview.swift:98:10:98:10 | v3 | semmle.label | v3 |
 subpaths
+<<<<<<< HEAD
 | nsdata.swift:57:40:57:47 | call to source() :  | nsdata.swift:24:5:24:50 | [summary param] 0 in init(bytes:length:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:length:) :  | nsdata.swift:57:26:57:80 | call to init(bytes:length:) :  |
 | nsdata.swift:60:46:60:53 | call to source() :  | nsdata.swift:25:5:25:68 | [summary param] 0 in init(bytesNoCopy:length:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:) :  | nsdata.swift:60:26:60:93 | call to init(bytesNoCopy:length:) :  |
 | nsdata.swift:63:46:63:53 | call to source() :  | nsdata.swift:26:5:26:130 | [summary param] 0 in init(bytesNoCopy:length:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:deallocator:) :  | nsdata.swift:63:26:63:111 | call to init(bytesNoCopy:length:deallocator:) :  |
@@ -815,6 +1145,42 @@ subpaths
 | nsmutabledata.swift:40:66:40:73 | call to source() :  | nsmutabledata.swift:17:5:17:121 | [summary param] 1 in replaceBytes(in:withBytes:length:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  | nsmutabledata.swift:40:5:40:5 | [post] nsMutableDataTainted4 :  |
 | nsmutabledata.swift:44:35:44:42 | call to source() :  | nsmutabledata.swift:18:5:18:33 | [summary param] 0 in setData(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in setData(_:) :  | nsmutabledata.swift:44:5:44:5 | [post] nsMutableDataTainted5 :  |
 | nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 :  | nsmutabledata.swift:13:9:13:9 | self :  | file://:0:0:0:0 | .mutableBytes :  | nsmutabledata.swift:49:15:49:37 | .mutableBytes |
+=======
+| data.swift:79:41:79:48 | call to source() :  | data.swift:17:2:17:66 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | data.swift:79:21:79:71 | call to init(base64Encoded:options:) :  |
+| data.swift:83:34:83:41 | call to source() :  | data.swift:18:2:18:61 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | data.swift:83:21:83:73 | call to init(buffer:) :  |
+| data.swift:85:34:85:41 | call to source() :  | data.swift:19:2:19:62 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | data.swift:85:21:85:74 | call to init(buffer:) :  |
+| data.swift:89:33:89:40 | call to source() :  | data.swift:20:2:20:45 | [summary param] 0 in init(bytes:count:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:count:) :  | data.swift:89:21:89:72 | call to init(bytes:count:) :  |
+| data.swift:93:39:93:46 | call to source() :  | data.swift:21:2:21:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  | data.swift:93:21:93:114 | call to init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:97:38:97:45 | call to source() :  | data.swift:22:2:22:50 | [summary param] 0 in init(contentsOf:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  | data.swift:97:21:97:67 | call to init(contentsOf:options:) :  |
+| data.swift:101:39:101:46 | call to source() :  | data.swift:23:2:23:29 | [summary param] 0 in init(referencing:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(referencing:) :  | data.swift:101:21:101:58 | call to init(referencing:) :  |
+| data.swift:106:23:106:30 | call to source() :  | data.swift:24:2:24:24 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | data.swift:106:2:106:2 | [post] dataTainted10 :  |
+| data.swift:110:23:110:30 | call to source() :  | data.swift:25:2:25:25 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | data.swift:110:2:110:2 | [post] dataTainted11 :  |
+| data.swift:114:23:114:30 | call to source() :  | data.swift:26:2:26:63 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | data.swift:114:2:114:2 | [post] dataTainted12 :  |
+| data.swift:119:23:119:30 | call to source() :  | data.swift:27:2:27:52 | [summary param] 0 in append(_:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:count:) :  | data.swift:119:2:119:2 | [post] dataTainted13 :  |
+| data.swift:124:35:124:42 | call to source() :  | data.swift:28:2:28:36 | [summary param] 0 in append(contentsOf:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(contentsOf:) :  | data.swift:124:2:124:2 | [post] dataTainted14 :  |
+| data.swift:129:12:129:12 | dataTainted15 :  | data.swift:30:2:30:88 | [summary param] this in base64EncodedData(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  | data.swift:129:12:129:55 | call to base64EncodedData(options:) |
+| data.swift:133:12:133:12 | dataTainted16 :  | data.swift:31:2:31:86 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  | data.swift:133:12:133:57 | call to base64EncodedString(options:) |
+| data.swift:137:29:137:29 | dataTainted17 :  | data.swift:32:2:32:99 | [summary param] this in compactMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in compactMap(_:) :  | data.swift:137:29:137:72 | call to compactMap(_:) :  |
+| data.swift:143:2:143:2 | dataTainted18 :  | data.swift:33:2:33:53 | [summary param] this in copyBytes(to:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in copyBytes(to:) :  | data.swift:143:30:143:30 | [post] pointerTainted18 :  |
+| data.swift:160:19:160:19 | dataTainted21 :  | data.swift:36:2:36:137 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | data.swift:160:19:160:74 | call to flatMap(_:) :  |
+| data.swift:164:20:164:20 | dataTainted22 :  | data.swift:37:2:37:97 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | data.swift:164:20:164:60 | call to flatMap(_:) :  |
+| data.swift:169:23:169:30 | call to source() :  | data.swift:38:2:38:34 | [summary param] 0 in insert(_:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(_:at:) :  | data.swift:169:2:169:2 | [post] dataTainted23 :  |
+| data.swift:174:35:174:42 | call to source() :  | data.swift:39:2:39:83 | [summary param] 0 in insert(contentsOf:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(contentsOf:at:) :  | data.swift:174:2:174:2 | [post] dataTainted24 :  |
+| data.swift:179:15:179:15 | dataTainted25 :  | data.swift:40:2:40:50 | [summary param] this in map(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in map(_:) :  | data.swift:179:15:179:38 | call to map(_:) :  |
+| data.swift:184:16:184:16 | dataTainted26 :  | data.swift:41:2:41:115 | [summary param] this in reduce(into:_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in reduce(into:_:) :  | data.swift:184:16:184:80 | call to reduce(into:_:) :  |
+| data.swift:189:35:189:42 | call to source() :  | data.swift:42:2:42:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replace(_:with:maxReplacements:) :  | data.swift:189:2:189:2 | [post] dataTainted27 :  |
+| data.swift:194:45:194:52 | call to source() :  | data.swift:43:2:43:58 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | data.swift:194:2:194:2 | [post] dataTainted28 :  |
+| data.swift:198:45:198:52 | call to source() :  | data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | data.swift:198:2:198:2 | [post] dataTainted29 :  |
+| data.swift:202:45:202:52 | call to source() :  | data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | data.swift:202:2:202:2 | [post] dataTainted30 :  |
+| data.swift:207:45:207:52 | call to source() :  | data.swift:46:2:46:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:count:) :  | data.swift:207:2:207:2 | [post] dataTainted31 :  |
+| data.swift:212:37:212:44 | call to source() :  | data.swift:48:2:48:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  | data.swift:212:2:212:2 | [post] dataTainted32 :  |
+| data.swift:217:37:217:44 | call to source() :  | data.swift:49:2:49:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  | data.swift:217:2:217:2 | [post] dataTainted33 :  |
+| data.swift:222:12:222:12 | dataTainted34 :  | data.swift:50:2:50:41 | [summary param] this in shuffled() :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled() :  | data.swift:222:12:222:35 | call to shuffled() |
+| data.swift:227:12:227:12 | dataTainted35 :  | data.swift:51:2:51:58 | [summary param] this in shuffled(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled(using:) :  | data.swift:227:12:227:46 | call to shuffled(using:) |
+| data.swift:231:12:231:12 | dataTainted36 :  | data.swift:52:2:52:132 | [summary param] this in sorted(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted(using:) :  | data.swift:231:12:231:46 | call to sorted(using:) |
+| data.swift:235:12:235:12 | dataTainted37 :  | data.swift:53:2:53:123 | [summary param] this in trimmingPrefix(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(_:) :  | data.swift:235:12:235:44 | call to trimmingPrefix(_:) |
+| data.swift:239:12:239:12 | dataTainted38 :  | data.swift:54:2:54:72 | [summary param] this in trimmingPrefix(while:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(while:) :  | data.swift:239:12:239:54 | call to trimmingPrefix(while:) |
+>>>>>>> 7ef2618758 (Update test expectations)
 | url.swift:59:31:59:31 | tainted :  | url.swift:8:2:8:25 | [summary param] 0 in init(string:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(string:) :  | url.swift:59:19:59:38 | call to init(string:) :  |
 | url.swift:83:24:83:24 | tainted :  | url.swift:9:2:9:43 | [summary param] 0 in init(string:relativeTo:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | url.swift:83:12:83:48 | call to init(string:relativeTo:) :  |
 | url.swift:86:43:86:43 | urlTainted :  | url.swift:9:2:9:43 | [summary param] 1 in init(string:relativeTo:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | url.swift:86:12:86:53 | call to init(string:relativeTo:) :  |
@@ -865,6 +1231,7 @@ subpaths
 | webview.swift:93:17:93:17 | s :  | webview.swift:43:5:43:38 | [summary param] 0 in setValue(_:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:at:) :  | webview.swift:93:5:93:5 | [post] v2 :  |
 | webview.swift:97:17:97:17 | s :  | webview.swift:44:5:44:48 | [summary param] 0 in setValue(_:forProperty:) :  | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:forProperty:) :  | webview.swift:97:5:97:5 | [post] v3 :  |
 #select
+<<<<<<< HEAD
 | nsdata.swift:58:15:58:15 | nsDataTainted1 | nsdata.swift:57:40:57:47 | call to source() :  | nsdata.swift:58:15:58:15 | nsDataTainted1 | result |
 | nsdata.swift:61:15:61:15 | nsDataTainted2 | nsdata.swift:60:46:60:53 | call to source() :  | nsdata.swift:61:15:61:15 | nsDataTainted2 | result |
 | nsdata.swift:64:15:64:15 | nsDataTainted3 | nsdata.swift:63:46:63:53 | call to source() :  | nsdata.swift:64:15:64:15 | nsDataTainted3 | result |
@@ -899,6 +1266,42 @@ subpaths
 | nsmutabledata.swift:41:15:41:15 | nsMutableDataTainted4 | nsmutabledata.swift:40:66:40:73 | call to source() :  | nsmutabledata.swift:41:15:41:15 | nsMutableDataTainted4 | result |
 | nsmutabledata.swift:45:15:45:15 | nsMutableDataTainted5 | nsmutabledata.swift:44:35:44:42 | call to source() :  | nsmutabledata.swift:45:15:45:15 | nsMutableDataTainted5 | result |
 | nsmutabledata.swift:49:15:49:37 | .mutableBytes | nsmutabledata.swift:48:33:48:40 | call to source() :  | nsmutabledata.swift:49:15:49:37 | .mutableBytes | result |
+=======
+| data.swift:80:12:80:12 | dataTainted3 | data.swift:79:41:79:48 | call to source() :  | data.swift:80:12:80:12 | dataTainted3 | result |
+| data.swift:84:12:84:12 | dataTainted4 | data.swift:83:34:83:41 | call to source() :  | data.swift:84:12:84:12 | dataTainted4 | result |
+| data.swift:86:12:86:12 | dataTainted5 | data.swift:85:34:85:41 | call to source() :  | data.swift:86:12:86:12 | dataTainted5 | result |
+| data.swift:90:12:90:12 | dataTainted6 | data.swift:89:33:89:40 | call to source() :  | data.swift:90:12:90:12 | dataTainted6 | result |
+| data.swift:94:12:94:12 | dataTainted7 | data.swift:93:39:93:46 | call to source() :  | data.swift:94:12:94:12 | dataTainted7 | result |
+| data.swift:98:12:98:12 | dataTainted8 | data.swift:97:38:97:45 | call to source() :  | data.swift:98:12:98:12 | dataTainted8 | result |
+| data.swift:102:12:102:12 | dataTainted9 | data.swift:101:39:101:46 | call to source() :  | data.swift:102:12:102:12 | dataTainted9 | result |
+| data.swift:107:12:107:12 | dataTainted10 | data.swift:106:23:106:30 | call to source() :  | data.swift:107:12:107:12 | dataTainted10 | result |
+| data.swift:111:12:111:12 | dataTainted11 | data.swift:110:23:110:30 | call to source() :  | data.swift:111:12:111:12 | dataTainted11 | result |
+| data.swift:115:12:115:12 | dataTainted12 | data.swift:114:23:114:30 | call to source() :  | data.swift:115:12:115:12 | dataTainted12 | result |
+| data.swift:120:12:120:12 | dataTainted13 | data.swift:119:23:119:30 | call to source() :  | data.swift:120:12:120:12 | dataTainted13 | result |
+| data.swift:125:12:125:12 | dataTainted14 | data.swift:124:35:124:42 | call to source() :  | data.swift:125:12:125:12 | dataTainted14 | result |
+| data.swift:129:12:129:55 | call to base64EncodedData(options:) | data.swift:128:22:128:29 | call to source() :  | data.swift:129:12:129:55 | call to base64EncodedData(options:) | result |
+| data.swift:133:12:133:57 | call to base64EncodedString(options:) | data.swift:132:22:132:29 | call to source() :  | data.swift:133:12:133:57 | call to base64EncodedString(options:) | result |
+| data.swift:138:12:138:12 | compactMapped | data.swift:136:22:136:29 | call to source() :  | data.swift:138:12:138:12 | compactMapped | result |
+| data.swift:144:12:144:12 | pointerTainted18 | data.swift:141:22:141:29 | call to source() :  | data.swift:144:12:144:12 | pointerTainted18 | result |
+| data.swift:161:12:161:12 | flatMapped | data.swift:159:22:159:29 | call to source() :  | data.swift:161:12:161:12 | flatMapped | result |
+| data.swift:165:12:165:12 | flatMapped2 | data.swift:163:22:163:29 | call to source() :  | data.swift:165:12:165:12 | flatMapped2 | result |
+| data.swift:170:12:170:12 | dataTainted23 | data.swift:169:23:169:30 | call to source() :  | data.swift:170:12:170:12 | dataTainted23 | result |
+| data.swift:175:12:175:12 | dataTainted24 | data.swift:174:35:174:42 | call to source() :  | data.swift:175:12:175:12 | dataTainted24 | result |
+| data.swift:180:12:180:12 | mapped | data.swift:178:22:178:29 | call to source() :  | data.swift:180:12:180:12 | mapped | result |
+| data.swift:185:12:185:12 | reduced | data.swift:183:22:183:29 | call to source() :  | data.swift:185:12:185:12 | reduced | result |
+| data.swift:190:12:190:12 | dataTainted27 | data.swift:189:35:189:42 | call to source() :  | data.swift:190:12:190:12 | dataTainted27 | result |
+| data.swift:195:12:195:12 | dataTainted28 | data.swift:194:45:194:52 | call to source() :  | data.swift:195:12:195:12 | dataTainted28 | result |
+| data.swift:199:12:199:12 | dataTainted29 | data.swift:198:45:198:52 | call to source() :  | data.swift:199:12:199:12 | dataTainted29 | result |
+| data.swift:203:12:203:12 | dataTainted30 | data.swift:202:45:202:52 | call to source() :  | data.swift:203:12:203:12 | dataTainted30 | result |
+| data.swift:208:12:208:12 | dataTainted31 | data.swift:207:45:207:52 | call to source() :  | data.swift:208:12:208:12 | dataTainted31 | result |
+| data.swift:213:12:213:12 | dataTainted32 | data.swift:212:37:212:44 | call to source() :  | data.swift:213:12:213:12 | dataTainted32 | result |
+| data.swift:218:12:218:12 | dataTainted33 | data.swift:217:37:217:44 | call to source() :  | data.swift:218:12:218:12 | dataTainted33 | result |
+| data.swift:222:12:222:35 | call to shuffled() | data.swift:221:22:221:29 | call to source() :  | data.swift:222:12:222:35 | call to shuffled() | result |
+| data.swift:227:12:227:46 | call to shuffled(using:) | data.swift:225:22:225:29 | call to source() :  | data.swift:227:12:227:46 | call to shuffled(using:) | result |
+| data.swift:231:12:231:46 | call to sorted(using:) | data.swift:230:22:230:29 | call to source() :  | data.swift:231:12:231:46 | call to sorted(using:) | result |
+| data.swift:235:12:235:44 | call to trimmingPrefix(_:) | data.swift:234:22:234:29 | call to source() :  | data.swift:235:12:235:44 | call to trimmingPrefix(_:) | result |
+| data.swift:239:12:239:54 | call to trimmingPrefix(while:) | data.swift:238:22:238:29 | call to source() :  | data.swift:239:12:239:54 | call to trimmingPrefix(while:) | result |
+>>>>>>> 7ef2618758 (Update test expectations)
 | string.swift:7:13:7:13 | "..." | string.swift:5:11:5:18 | call to source() :  | string.swift:7:13:7:13 | "..." | result |
 | string.swift:9:13:9:13 | "..." | string.swift:5:11:5:18 | call to source() :  | string.swift:9:13:9:13 | "..." | result |
 | string.swift:11:13:11:13 | "..." | string.swift:5:11:5:18 | call to source() :  | string.swift:11:13:11:13 | "..." | result |

From 6a8b9fde788225afe8c9f70adf919893dfbca231 Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Mon, 21 Nov 2022 16:16:58 +0100
Subject: [PATCH 137/144] Add data flowsources test

---
 .../dataflow/flowsources/FlowSources.expected |  2 ++
 .../dataflow/flowsources/data.swift           | 19 +++++++++++++++++++
 2 files changed, 21 insertions(+)
 create mode 100644 swift/ql/test/library-tests/dataflow/flowsources/data.swift

diff --git a/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected b/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected
index 01c18633b5d..9aeb5661a9e 100644
--- a/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected
+++ b/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected
@@ -7,6 +7,8 @@
 | nsdata.swift:18:17:18:40 | call to init(contentsOf:) | external |
 | nsdata.swift:19:17:19:17 | call to init(contentsOf:options:) | external |
 | nsdata.swift:19:17:19:53 | call to init(contentsOf:options:) | external |
+| data.swift:18:20:18:20 | call to init(contentsOf:options:) | external |
+| data.swift:18:20:18:54 | call to init(contentsOf:options:) | external |
 | string.swift:56:21:56:21 | call to init(contentsOf:) | external |
 | string.swift:56:21:56:44 | call to init(contentsOf:) | external |
 | string.swift:57:21:57:21 | call to init(contentsOf:encoding:) | external |
diff --git a/swift/ql/test/library-tests/dataflow/flowsources/data.swift b/swift/ql/test/library-tests/dataflow/flowsources/data.swift
new file mode 100644
index 00000000000..eef374b62a9
--- /dev/null
+++ b/swift/ql/test/library-tests/dataflow/flowsources/data.swift
@@ -0,0 +1,19 @@
+// --- stubs ---
+
+struct URL
+{
+	init?(string: String) {}
+}
+
+
+struct Data {
+    struct ReadingOptions : OptionSet { let rawValue: Int }
+	init(contentsOf: URL, options: ReadingOptions) {}
+}
+
+// --- tests ---
+
+func testData() {
+    let url = URL(string: "http://example.com/")
+    let data = try Data(contentsOf: url!, options: []) // SOURCE
+}

From 25354d2dd888108c00c22b3b7a9ee2f9f548cacf Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Wed, 23 Nov 2022 12:18:32 +0100
Subject: [PATCH 138/144] Apply code review suggestions

---
 .../swift/frameworks/StandardLibrary/Data.qll |   6 +-
 .../library-tests/dataflow/taint/data.swift   | 126 ++++++++++--------
 2 files changed, 79 insertions(+), 53 deletions(-)

diff --git a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll
index 0e27c0824dc..420a5ebeb52 100644
--- a/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll
+++ b/swift/ql/lib/codeql/swift/frameworks/StandardLibrary/Data.qll
@@ -37,9 +37,13 @@ private class DataSummaries extends SummaryModelCsv {
         ";Data;true;replaceSubrange(_:with:count:);;;Argument[1];Argument[-1];taint",
         ";Data;true;replacing(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint",
         ";Data;true;replacing(_:with:subrange:maxReplacements:);;;Argument[1];Argument[-1];taint",
+        // TODO: this should be implemented by a model of BidirectionalCollection
+        // ";Data;true;reversed();;;Argument[-1];ReturnValue;taint",
+        ";Data;true;sorted();;;Argument[-1];ReturnValue;taint",
+        ";Data;true;sorted(by:);;;Argument[-1];ReturnValue;taint",
+        ";Data;true;sorted(using:);;;Argument[-1];ReturnValue;taint",
         ";Data;true;shuffled();;;Argument[-1];ReturnValue;taint",
         ";Data;true;shuffled(using:);;;Argument[-1];ReturnValue;taint",
-        ";Data;true;sorted(using:);;;Argument[-1];ReturnValue;taint",
         ";Data;true;trimmingPrefix(_:);;;Argument[-1];ReturnValue;taint",
         ";Data;true;trimmingPrefix(while:);;;Argument[-1];ReturnValue;taint"
       ]
diff --git a/swift/ql/test/library-tests/dataflow/taint/data.swift b/swift/ql/test/library-tests/dataflow/taint/data.swift
index ba53694cf98..2fdc4e1c949 100644
--- a/swift/ql/test/library-tests/dataflow/taint/data.swift
+++ b/swift/ql/test/library-tests/dataflow/taint/data.swift
@@ -6,13 +6,21 @@ class NSData {}
 protocol SortComparator {
 	associatedtype Compared
 }
-struct Data
+
+struct Data : BidirectionalCollection
 {
 	struct Base64EncodingOptions : OptionSet { let rawValue: Int }
 	struct Base64DecodingOptions : OptionSet { let rawValue: Int }
-	enum Deallocator { case none }
 	struct ReadingOptions : OptionSet { let rawValue: Int }
+	enum Deallocator { case none }
 	typealias Index = Int
+	typealias Element = UInt8
+	var startIndex: Self.Index { get { return 0 } }
+	var endIndex: Self.Index { get { return 0 } }
+	func index(after: Self.Index) -> Self.Index { return 0 }
+	func index(before: Self.Index) -> Self.Index { return 0 }
+	subscript(position: Self.Index) -> Self.Element { get { return 0 } }
+
     init<S>(_ elements: S) {}
 	init(base64Encoded: Data, options: Data.Base64DecodingOptions) {}
 	init<SourceType>(buffer: UnsafeBufferPointer<SourceType>) {}
@@ -47,9 +55,11 @@ struct Data
 	func replaceSubrange<C, R>(_: R, with: C) where C : Collection, R : RangeExpression, UInt8 == C.Element, Int == R.Bound {}
 	func replacing<C, Replacement>(_: C, with: Replacement, maxReplacements: Int = .max) -> Data where C : Collection, Replacement : Collection, UInt8 == C.Element, C.Element == Replacement.Element { return Data("") }
 	func replacing<C, Replacement>(_: C, with: Replacement, subrange: Range<Int>, maxReplacements: Int = .max) -> Data where C : Collection, Replacement : Collection, UInt8 == C.Element, C.Element == Replacement.Element { return Data("") }
+	func sorted() -> [UInt8] { return [] }
+	func sorted(by: (UInt8, UInt8) throws -> Bool) rethrows -> [UInt8] { return [] }
+	func sorted<Comparator>(using: Comparator) -> [UInt8] where Comparator : SortComparator, UInt8 == Comparator.Compared { return [] }
 	func shuffled() -> [UInt8] { return [] }
 	func shuffled<T>(using: inout T) -> [UInt8] { return [] }
-	func sorted<Comparator>(using: Comparator) -> [UInt8] where Comparator : SortComparator, UInt8 == Comparator.Compared { return [] }
 	func trimmingPrefix<Prefix>(_ prefix: Prefix) -> Data where Prefix : Sequence, UInt8 == Prefix.Element { return Data("") }
 	func trimmingPrefix(while: (UInt8) -> Bool) -> Data { return Data("") }
 }
@@ -72,170 +82,182 @@ func taintThroughData() {
 	let dataTainted2 = Data(dataTainted)
 
 	sink(arg: dataClean)
-	sink(arg: dataTainted) // $ MISSING: tainted=71
-	sink(arg: dataTainted2) // $ MISSING: tainted=71
+	sink(arg: dataTainted) // $ MISSING: tainted=81
+	sink(arg: dataTainted2) // $ MISSING: tainted=81
 
 	// ";Data;true;init(base64Encoded:options:);;;Argument[0];ReturnValue;taint",
 	let dataTainted3 = Data(base64Encoded: source() as! Data, options: [])
-	sink(arg: dataTainted3) // $ tainted=79
+	sink(arg: dataTainted3) // $ tainted=89
 
 	// ";Data;true;init(buffer:);;;Argument[0];ReturnValue;taint",
 	let dataTainted4 = Data(buffer: source() as! UnsafeBufferPointer<UInt8>)
-	sink(arg: dataTainted4)  // $ tainted=83
+	sink(arg: dataTainted4)  // $ tainted=93
 	let dataTainted5 = Data(buffer: source() as! UnsafeMutablePointer<UInt8>)
-	sink(arg: dataTainted5)  // $ tainted=85
+	sink(arg: dataTainted5)  // $ tainted=95
 
 	// ";Data;true;init(bytes:count:);;;Argument[0];ReturnValue;taint",
 	let dataTainted6 = Data(bytes: source() as! UnsafeRawPointer, count: 0)
-	sink(arg: dataTainted6)  // $ tainted=89
+	sink(arg: dataTainted6)  // $ tainted=99
 
 	// ";Data;true;init(bytesNoCopy:count:deallocator:);;;Argument[0];ReturnValue;taint",
 	let dataTainted7 = Data(bytesNoCopy: source() as! UnsafeRawPointer, count: 0, deallocator: Data.Deallocator.none)
-	sink(arg: dataTainted7)  // $ tainted=93
+	sink(arg: dataTainted7)  // $ tainted=103
 
 	// ";Data;true;init(contentsOf:options:);;;Argument[0];ReturnValue;taint",
-	let dataTainted8 = Data(contentsOf: source() as! URL, options: [])
-	sink(arg: dataTainted8)  // $ tainted=97
+	let urlTainted8 = source() as! URL
+	let dataTainted8 = Data(contentsOf: urlTainted8, options: [])
+	sink(arg: dataTainted8)  // $ tainted=107
 
 	// ";Data;true;init(referencing:);;;Argument[0];ReturnValue;taint",
 	let dataTainted9 = Data(referencing: source() as! NSData)
-	sink(arg: dataTainted9)  // $ tainted=101
+	sink(arg: dataTainted9)  // $ tainted=112
 
 	// ";Data;true;append(_:);;;Argument[0];Argument[-1];taint",
 	let dataTainted10 = Data("")
 	dataTainted10.append(source() as! Data)
-	sink(arg: dataTainted10) // $ tainted=106
+	sink(arg: dataTainted10) // $ tainted=117
 
 	let dataTainted11 = Data("")
 	dataTainted11.append(source() as! UInt8)
-	sink(arg: dataTainted11) // $ tainted=110
+	sink(arg: dataTainted11) // $ tainted=121
 
 	let dataTainted12 = Data("")
 	dataTainted12.append(source() as! UnsafeBufferPointer<UInt8>)
-	sink(arg: dataTainted12) // $ tainted=114
+	sink(arg: dataTainted12) // $ tainted=125
 
 	// ";Data;true;append(_:count:);;;Argument[0];Argument[-1];taint",
 	let dataTainted13 = Data("")
 	dataTainted13.append(source() as! UnsafePointer<UInt8>, count: 0)
-	sink(arg: dataTainted13) // $ tainted=119
+	sink(arg: dataTainted13) // $ tainted=130
 
 	// ";Data;true;append(contentsOf:);;;Argument[0];Argument[-1];taint",
 	let dataTainted14 = Data("")
 	dataTainted14.append(contentsOf: source() as! [UInt8])
-	sink(arg: dataTainted14) // $ tainted=124
+	sink(arg: dataTainted14) // $ tainted=135
 
 	// ";Data;true;base64EncodedData(options:);;;Argument[-1];ReturnValue;taint",
 	let dataTainted15 = source() as! Data
-	sink(arg: dataTainted15.base64EncodedData(options: [])) // $ tainted=128
+	sink(arg: dataTainted15.base64EncodedData(options: [])) // $ tainted=139
 
 	// ";Data;true;base64EncodedString(options:);;;Argument[-1];ReturnValue;taint",
 	let dataTainted16 = source() as! Data
-	sink(arg: dataTainted16.base64EncodedString(options: [])) // $ tainted=132
+	sink(arg: dataTainted16.base64EncodedString(options: [])) // $ tainted=143
 
 	// ";Data;true;compactMap(_:);;;Argument[-1];ReturnValue;taint",
 	let dataTainted17 = source() as! Data
 	let compactMapped: [Int] = dataTainted17.compactMap { str in Int(str) }
-	sink(arg: compactMapped) // $ tainted=136
+	sink(arg: compactMapped) // $ tainted=147
 
 	// ";Data;true;copyBytes(to:);;;Argument[-1];Argument[0];taint",
 	let dataTainted18 = source() as! Data
 	let pointerTainted18 = UnsafeMutableRawBufferPointer.allocate(byteCount: 0, alignment: 0)
 	dataTainted18.copyBytes(to: pointerTainted18)
-	sink(arg: pointerTainted18) // $ tainted=141
+	sink(arg: pointerTainted18) // $ tainted=152
 
 	// ";Data;true;copyBytes(to:count:);;;Argument[-1];Argument[0];taint",
 	let dataTainted19 = source() as! Data
 	let pointerTainted19 = UnsafeMutablePointer<UInt8>.allocate(capacity: 0)
 	dataTainted19.copyBytes(to: pointerTainted19, count: 0)
-	sink(arg: pointerTainted19) // $ MISSING: tainted=147
+	sink(arg: pointerTainted19) // $ MISSING: tainted=158
 
 	// ";Data;true;copyBytes(to:from:);;;Argument[-1];Argument[0];taint",
 	let dataTainted20 = source() as! Data
 	let pointerTainted20 = UnsafeMutablePointer<UInt8>.allocate(capacity: 0)
 	dataTainted20.copyBytes(to: pointerTainted20, from: 0..<1)
-	sink(arg: pointerTainted20) // $ MISSING: tainted=153
+	sink(arg: pointerTainted20) // $ MISSING: tainted=164
 
 	// ";Data;true;flatMap(_:);;;Argument[-1];ReturnValue;taint",
 	let dataTainted21 = source() as! Data
 	let flatMapped = dataTainted21.flatMap { Array(repeating: $0, count: 0) }
-	sink(arg: flatMapped) // $ tainted=159
+	sink(arg: flatMapped) // $ tainted=170
 
 	let dataTainted22 = source() as! Data
 	let flatMapped2 = dataTainted22.flatMap { str in Int(str) }
-	sink(arg: flatMapped2) // $ tainted=163
+	sink(arg: flatMapped2) // $ tainted=174
 
 	// ";Data;true;insert(_:at:);;;Argument[0];Argument[-1];taint",
 	let dataTainted23 = Data("")
 	dataTainted23.insert(source() as! UInt8, at: 0)
-	sink(arg: dataTainted23) // $ tainted=169
+	sink(arg: dataTainted23) // $ tainted=180
 
 	// ";Data;true;insert(contentsOf:at:);;;Argument[0];Argument[-1];taint",
 	let dataTainted24 = Data("")
 	dataTainted24.insert(contentsOf: source() as! [UInt8], at: 0)
-	sink(arg: dataTainted24) // $ tainted=174
+	sink(arg: dataTainted24) // $ tainted=185
 
 	// ";Data;true;map(_:);;;Argument[-1];ReturnValue;taint",
 	let dataTainted25 = source() as! Data
 	let mapped = dataTainted25.map { $0 }
-	sink(arg: mapped) // $ tainted=178
+	sink(arg: mapped) // $ tainted=189
 
 	// ";Data;true;reduce(into:_:);;;Argument[-1];ReturnValue;taint",
 	let dataTainted26 = source() as! Data
 	let reduced = dataTainted26.reduce(into: [:]) { c, i in c[i, default: 0] += 1 }
-	sink(arg: reduced) // $ tainted=183
+	sink(arg: reduced) // $ tainted=194
 
 	// ";Data;true;replace(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint",
 	let dataTainted27 = Data("")
 	dataTainted27.replace([0], with: source() as! [UInt8], maxReplacements: .max)
-	sink(arg: dataTainted27) // $ tainted=189
+	sink(arg: dataTainted27) // $ tainted=200
 
 	// ";Data;true;replaceSubrange(_:with:);;;Argument[1];Argument[-1];taint",
 	let dataTainted28 = Data("")
 	dataTainted28.replaceSubrange(1..<3, with: source() as! Data)
-	sink(arg: dataTainted28) // $ tainted=194
+	sink(arg: dataTainted28) // $ tainted=205
 
 	let dataTainted29 = Data("")
 	dataTainted29.replaceSubrange(1..<3, with: source() as! [UInt8])
-	sink(arg: dataTainted29) // $ tainted=198
+	sink(arg: dataTainted29) // $ tainted=209
 
 	let dataTainted30 = Data("")
 	dataTainted30.replaceSubrange(1..<3, with: source() as! UnsafeBufferPointer<UInt8>)
-	sink(arg: dataTainted30) // $ tainted=202
+	sink(arg: dataTainted30) // $ tainted=213
 
 	// ";Data;true;replaceSubrange(_:with:count:);;;Argument[1];Argument[-1];taint",
 	let dataTainted31 = Data("")
 	dataTainted31.replaceSubrange(1..<3, with: source() as! UnsafeRawPointer, count: 0)
-	sink(arg: dataTainted31) // $ tainted=207
+	sink(arg: dataTainted31) // $ tainted=218
 
 	// ";Data;true;replacing(_:with:maxReplacements:);;;Argument[1];Argument[-1];taint",
 	let dataTainted32 = Data("")
-	dataTainted32.replacing([0], with: source() as! [UInt8], maxReplacements: 0)
-	sink(arg: dataTainted32) // $ tainted=212
+	let _ = dataTainted32.replacing([0], with: source() as! [UInt8], maxReplacements: 0)
+	sink(arg: dataTainted32) // $ tainted=223
 
 	// ";Data;true;replacing(_:with:subrange:maxReplacements:);;;Argument[1];Argument[-1];taint",
 	let dataTainted33 = Data("")
-	dataTainted33.replacing([0], with: source() as! [UInt8], subrange: 1..<3, maxReplacements: 0)
-	sink(arg: dataTainted33) // $ tainted=217
+	let _ = dataTainted33.replacing([0], with: source() as! [UInt8], subrange: 1..<3, maxReplacements: 0)
+	sink(arg: dataTainted33) // $ tainted=228
 
-	// ";Data;true;shuffled();;;Argument[-1];ReturnValue;taint",
+	// ";Data;true;reversed();;;Argument[-1];ReturnValue;taint",
 	let dataTainted34 = source() as! Data
-	sink(arg: dataTainted34.shuffled()) // $ tainted=221
-	
-	// ";Data;true;shuffled(using:);;;Argument[-1];ReturnValue;taint",
+	sink(arg: dataTainted34.reversed()) // $ MISSING: tainted=232 // Needs models for BidirectionalCollection
+
+	// ";Data;true;sorted();;;Argument[-1];ReturnValue;taint",
 	let dataTainted35 = source() as! Data
-	var rng = rng()!
-	sink(arg: dataTainted35.shuffled(using: &rng)) // $ tainted=225
+	sink(arg: dataTainted35.sorted()) // $ tainted=236
+
+	// ";Data;true;sorted(by:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted36 = source() as! Data
+	sink(arg: dataTainted36.sorted{ _,_ in return false }) // $ tainted=240
 
 	// ";Data;true;sorted(using:);;;Argument[-1];ReturnValue;taint",
-	let dataTainted36 = source() as! Data
-	sink(arg: dataTainted36.sorted(using: cmp()!)) // $ tainted=230
+	let dataTainted37 = source() as! Data
+	sink(arg: dataTainted37.sorted(using: cmp()!)) // $ tainted=244
+
+	// ";Data;true;shuffled();;;Argument[-1];ReturnValue;taint",
+	let dataTainted38 = source() as! Data
+	sink(arg: dataTainted38.shuffled()) // $ tainted=248
+
+	// ";Data;true;shuffled(using:);;;Argument[-1];ReturnValue;taint",
+	let dataTainted39 = source() as! Data
+	var rng = rng()!
+	sink(arg: dataTainted39.shuffled(using: &rng)) // $ tainted=252
 
 	// ";Data;true;trimmingPrefix(_:);;;Argument[-1];ReturnValue;taint",
-	let dataTainted37 = source() as! Data
-	sink(arg: dataTainted37.trimmingPrefix([0])) // $ tainted=234
+	let dataTainted40 = source() as! Data
+	sink(arg: dataTainted40.trimmingPrefix([0])) // $ tainted=257
 
 	// ";Data;true;trimmingPrefix(while:);;;Argument[-1];ReturnValue;taint"
-	let dataTainted38 = source() as! Data
-	sink(arg: dataTainted38.trimmingPrefix { _ in false }) // $ tainted=238
-
+	let dataTainted41 = source() as! Data
+	sink(arg: dataTainted41.trimmingPrefix { _ in false }) // $ tainted=261
 }

From e67b72d954b9eb05a57b1916319bef7a06073cbb Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Wed, 23 Nov 2022 12:45:49 +0100
Subject: [PATCH 139/144] Update test expectations

---
 .../dataflow/taint/LocalTaint.expected        |   2 +-
 .../dataflow/taint/Taint.expected             | 782 +++++++++---------
 2 files changed, 394 insertions(+), 390 deletions(-)

diff --git a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
index 9e3f081261c..8ba56979b65 100644
--- a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
+++ b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected
@@ -1,7 +1,7 @@
+| data.swift:195:58:195:58 | &... | data.swift:195:58:195:73 | ...[...] |
 | nsdata.swift:139:15:139:15 | nsDataTainted24 | nsdata.swift:139:15:139:31 | .bytes |
 | nsdata.swift:140:15:140:15 | nsDataTainted24 | nsdata.swift:140:15:140:31 | .description |
 | nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 | nsmutabledata.swift:49:15:49:37 | .mutableBytes |
-| data.swift:184:58:184:58 | &... | data.swift:184:58:184:73 | ...[...] |
 | string.swift:7:13:7:13 |  | string.swift:7:13:7:13 | [post]  |
 | string.swift:7:13:7:13 |  | string.swift:7:14:7:14 | [post] &... |
 | string.swift:7:13:7:13 | TapExpr | string.swift:7:13:7:13 | "..." |
diff --git a/swift/ql/test/library-tests/dataflow/taint/Taint.expected b/swift/ql/test/library-tests/dataflow/taint/Taint.expected
index 9430f377bef..37d4e5dda85 100644
--- a/swift/ql/test/library-tests/dataflow/taint/Taint.expected
+++ b/swift/ql/test/library-tests/dataflow/taint/Taint.expected
@@ -1,146 +1,155 @@
 edges
+| data.swift:25:2:25:66 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  |
+| data.swift:26:2:26:61 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  |
+| data.swift:27:2:27:62 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  |
+| data.swift:28:2:28:45 | [summary param] 0 in init(bytes:count:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:count:) :  |
+| data.swift:29:2:29:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:30:2:30:50 | [summary param] 0 in init(contentsOf:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  |
+| data.swift:31:2:31:29 | [summary param] 0 in init(referencing:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(referencing:) :  |
+| data.swift:32:2:32:24 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
+| data.swift:33:2:33:25 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
+| data.swift:34:2:34:63 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
+| data.swift:35:2:35:52 | [summary param] 0 in append(_:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:count:) :  |
+| data.swift:36:2:36:36 | [summary param] 0 in append(contentsOf:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(contentsOf:) :  |
+| data.swift:38:2:38:88 | [summary param] this in base64EncodedData(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  |
+| data.swift:39:2:39:86 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  |
+| data.swift:40:2:40:99 | [summary param] this in compactMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in compactMap(_:) :  |
+| data.swift:41:2:41:53 | [summary param] this in copyBytes(to:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in copyBytes(to:) :  |
+| data.swift:44:2:44:137 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  |
+| data.swift:45:2:45:97 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  |
+| data.swift:46:2:46:34 | [summary param] 0 in insert(_:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(_:at:) :  |
+| data.swift:47:2:47:83 | [summary param] 0 in insert(contentsOf:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(contentsOf:at:) :  |
+| data.swift:48:2:48:50 | [summary param] this in map(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in map(_:) :  |
+| data.swift:49:2:49:115 | [summary param] this in reduce(into:_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in reduce(into:_:) :  |
+| data.swift:50:2:50:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replace(_:with:maxReplacements:) :  |
+| data.swift:51:2:51:58 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  |
+| data.swift:52:2:52:151 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  |
+| data.swift:54:2:54:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:count:) :  |
+| data.swift:56:2:56:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  |
+| data.swift:57:2:57:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  |
+| data.swift:58:2:58:39 | [summary param] this in sorted() :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted() :  |
+| data.swift:59:2:59:81 | [summary param] this in sorted(by:) :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted(by:) :  |
+| data.swift:60:2:60:132 | [summary param] this in sorted(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted(using:) :  |
+| data.swift:61:2:61:41 | [summary param] this in shuffled() :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled() :  |
+| data.swift:62:2:62:58 | [summary param] this in shuffled(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled(using:) :  |
+| data.swift:63:2:63:123 | [summary param] this in trimmingPrefix(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(_:) :  |
+| data.swift:64:2:64:72 | [summary param] this in trimmingPrefix(while:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(while:) :  |
+| data.swift:89:21:89:71 | call to init(base64Encoded:options:) :  | data.swift:90:12:90:12 | dataTainted3 |
+| data.swift:89:41:89:48 | call to source() :  | data.swift:25:2:25:66 | [summary param] 0 in init(base64Encoded:options:) :  |
+| data.swift:89:41:89:48 | call to source() :  | data.swift:89:21:89:71 | call to init(base64Encoded:options:) :  |
+| data.swift:93:21:93:73 | call to init(buffer:) :  | data.swift:94:12:94:12 | dataTainted4 |
+| data.swift:93:34:93:41 | call to source() :  | data.swift:26:2:26:61 | [summary param] 0 in init(buffer:) :  |
+| data.swift:93:34:93:41 | call to source() :  | data.swift:93:21:93:73 | call to init(buffer:) :  |
+| data.swift:95:21:95:74 | call to init(buffer:) :  | data.swift:96:12:96:12 | dataTainted5 |
+| data.swift:95:34:95:41 | call to source() :  | data.swift:27:2:27:62 | [summary param] 0 in init(buffer:) :  |
+| data.swift:95:34:95:41 | call to source() :  | data.swift:95:21:95:74 | call to init(buffer:) :  |
+| data.swift:99:21:99:72 | call to init(bytes:count:) :  | data.swift:100:12:100:12 | dataTainted6 |
+| data.swift:99:33:99:40 | call to source() :  | data.swift:28:2:28:45 | [summary param] 0 in init(bytes:count:) :  |
+| data.swift:99:33:99:40 | call to source() :  | data.swift:99:21:99:72 | call to init(bytes:count:) :  |
+| data.swift:103:21:103:114 | call to init(bytesNoCopy:count:deallocator:) :  | data.swift:104:12:104:12 | dataTainted7 |
+| data.swift:103:39:103:46 | call to source() :  | data.swift:29:2:29:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:103:39:103:46 | call to source() :  | data.swift:103:21:103:114 | call to init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:107:20:107:27 | call to source() :  | data.swift:108:38:108:38 | urlTainted8 :  |
+| data.swift:108:21:108:62 | call to init(contentsOf:options:) :  | data.swift:109:12:109:12 | dataTainted8 |
+| data.swift:108:38:108:38 | urlTainted8 :  | data.swift:30:2:30:50 | [summary param] 0 in init(contentsOf:options:) :  |
+| data.swift:108:38:108:38 | urlTainted8 :  | data.swift:108:21:108:62 | call to init(contentsOf:options:) :  |
+| data.swift:112:21:112:58 | call to init(referencing:) :  | data.swift:113:12:113:12 | dataTainted9 |
+| data.swift:112:39:112:46 | call to source() :  | data.swift:31:2:31:29 | [summary param] 0 in init(referencing:) :  |
+| data.swift:112:39:112:46 | call to source() :  | data.swift:112:21:112:58 | call to init(referencing:) :  |
+| data.swift:117:2:117:2 | [post] dataTainted10 :  | data.swift:118:12:118:12 | dataTainted10 |
+| data.swift:117:23:117:30 | call to source() :  | data.swift:32:2:32:24 | [summary param] 0 in append(_:) :  |
+| data.swift:117:23:117:30 | call to source() :  | data.swift:117:2:117:2 | [post] dataTainted10 :  |
+| data.swift:121:2:121:2 | [post] dataTainted11 :  | data.swift:122:12:122:12 | dataTainted11 |
+| data.swift:121:23:121:30 | call to source() :  | data.swift:33:2:33:25 | [summary param] 0 in append(_:) :  |
+| data.swift:121:23:121:30 | call to source() :  | data.swift:121:2:121:2 | [post] dataTainted11 :  |
+| data.swift:125:2:125:2 | [post] dataTainted12 :  | data.swift:126:12:126:12 | dataTainted12 |
+| data.swift:125:23:125:30 | call to source() :  | data.swift:34:2:34:63 | [summary param] 0 in append(_:) :  |
+| data.swift:125:23:125:30 | call to source() :  | data.swift:125:2:125:2 | [post] dataTainted12 :  |
+| data.swift:130:2:130:2 | [post] dataTainted13 :  | data.swift:131:12:131:12 | dataTainted13 |
+| data.swift:130:23:130:30 | call to source() :  | data.swift:35:2:35:52 | [summary param] 0 in append(_:count:) :  |
+| data.swift:130:23:130:30 | call to source() :  | data.swift:130:2:130:2 | [post] dataTainted13 :  |
+| data.swift:135:2:135:2 | [post] dataTainted14 :  | data.swift:136:12:136:12 | dataTainted14 |
+| data.swift:135:35:135:42 | call to source() :  | data.swift:36:2:36:36 | [summary param] 0 in append(contentsOf:) :  |
+| data.swift:135:35:135:42 | call to source() :  | data.swift:135:2:135:2 | [post] dataTainted14 :  |
+| data.swift:139:22:139:29 | call to source() :  | data.swift:140:12:140:12 | dataTainted15 :  |
+| data.swift:140:12:140:12 | dataTainted15 :  | data.swift:38:2:38:88 | [summary param] this in base64EncodedData(options:) :  |
+| data.swift:140:12:140:12 | dataTainted15 :  | data.swift:140:12:140:55 | call to base64EncodedData(options:) |
+| data.swift:143:22:143:29 | call to source() :  | data.swift:144:12:144:12 | dataTainted16 :  |
+| data.swift:144:12:144:12 | dataTainted16 :  | data.swift:39:2:39:86 | [summary param] this in base64EncodedString(options:) :  |
+| data.swift:144:12:144:12 | dataTainted16 :  | data.swift:144:12:144:57 | call to base64EncodedString(options:) |
+| data.swift:147:22:147:29 | call to source() :  | data.swift:148:29:148:29 | dataTainted17 :  |
+| data.swift:148:29:148:29 | dataTainted17 :  | data.swift:40:2:40:99 | [summary param] this in compactMap(_:) :  |
+| data.swift:148:29:148:29 | dataTainted17 :  | data.swift:148:29:148:72 | call to compactMap(_:) :  |
+| data.swift:148:29:148:72 | call to compactMap(_:) :  | data.swift:149:12:149:12 | compactMapped |
+| data.swift:152:22:152:29 | call to source() :  | data.swift:154:2:154:2 | dataTainted18 :  |
+| data.swift:154:2:154:2 | dataTainted18 :  | data.swift:41:2:41:53 | [summary param] this in copyBytes(to:) :  |
+| data.swift:154:2:154:2 | dataTainted18 :  | data.swift:154:30:154:30 | [post] pointerTainted18 :  |
+| data.swift:154:30:154:30 | [post] pointerTainted18 :  | data.swift:155:12:155:12 | pointerTainted18 |
+| data.swift:170:22:170:29 | call to source() :  | data.swift:171:19:171:19 | dataTainted21 :  |
+| data.swift:171:19:171:19 | dataTainted21 :  | data.swift:44:2:44:137 | [summary param] this in flatMap(_:) :  |
+| data.swift:171:19:171:19 | dataTainted21 :  | data.swift:171:19:171:74 | call to flatMap(_:) :  |
+| data.swift:171:19:171:74 | call to flatMap(_:) :  | data.swift:172:12:172:12 | flatMapped |
+| data.swift:174:22:174:29 | call to source() :  | data.swift:175:20:175:20 | dataTainted22 :  |
+| data.swift:175:20:175:20 | dataTainted22 :  | data.swift:45:2:45:97 | [summary param] this in flatMap(_:) :  |
+| data.swift:175:20:175:20 | dataTainted22 :  | data.swift:175:20:175:60 | call to flatMap(_:) :  |
+| data.swift:175:20:175:60 | call to flatMap(_:) :  | data.swift:176:12:176:12 | flatMapped2 |
+| data.swift:180:2:180:2 | [post] dataTainted23 :  | data.swift:181:12:181:12 | dataTainted23 |
+| data.swift:180:23:180:30 | call to source() :  | data.swift:46:2:46:34 | [summary param] 0 in insert(_:at:) :  |
+| data.swift:180:23:180:30 | call to source() :  | data.swift:180:2:180:2 | [post] dataTainted23 :  |
+| data.swift:185:2:185:2 | [post] dataTainted24 :  | data.swift:186:12:186:12 | dataTainted24 |
+| data.swift:185:35:185:42 | call to source() :  | data.swift:47:2:47:83 | [summary param] 0 in insert(contentsOf:at:) :  |
+| data.swift:185:35:185:42 | call to source() :  | data.swift:185:2:185:2 | [post] dataTainted24 :  |
+| data.swift:189:22:189:29 | call to source() :  | data.swift:190:15:190:15 | dataTainted25 :  |
+| data.swift:190:15:190:15 | dataTainted25 :  | data.swift:48:2:48:50 | [summary param] this in map(_:) :  |
+| data.swift:190:15:190:15 | dataTainted25 :  | data.swift:190:15:190:38 | call to map(_:) :  |
+| data.swift:190:15:190:38 | call to map(_:) :  | data.swift:191:12:191:12 | mapped |
+| data.swift:194:22:194:29 | call to source() :  | data.swift:195:16:195:16 | dataTainted26 :  |
+| data.swift:195:16:195:16 | dataTainted26 :  | data.swift:49:2:49:115 | [summary param] this in reduce(into:_:) :  |
+| data.swift:195:16:195:16 | dataTainted26 :  | data.swift:195:16:195:80 | call to reduce(into:_:) :  |
+| data.swift:195:16:195:80 | call to reduce(into:_:) :  | data.swift:196:12:196:12 | reduced |
+| data.swift:200:2:200:2 | [post] dataTainted27 :  | data.swift:201:12:201:12 | dataTainted27 |
+| data.swift:200:35:200:42 | call to source() :  | data.swift:50:2:50:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  |
+| data.swift:200:35:200:42 | call to source() :  | data.swift:200:2:200:2 | [post] dataTainted27 :  |
+| data.swift:205:2:205:2 | [post] dataTainted28 :  | data.swift:206:12:206:12 | dataTainted28 |
+| data.swift:205:45:205:52 | call to source() :  | data.swift:51:2:51:58 | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:205:45:205:52 | call to source() :  | data.swift:205:2:205:2 | [post] dataTainted28 :  |
+| data.swift:209:2:209:2 | [post] dataTainted29 :  | data.swift:210:12:210:12 | dataTainted29 |
+| data.swift:209:45:209:52 | call to source() :  | data.swift:52:2:52:151 | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:209:45:209:52 | call to source() :  | data.swift:209:2:209:2 | [post] dataTainted29 :  |
+| data.swift:213:2:213:2 | [post] dataTainted30 :  | data.swift:214:12:214:12 | dataTainted30 |
+| data.swift:213:45:213:52 | call to source() :  | data.swift:52:2:52:151 | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:213:45:213:52 | call to source() :  | data.swift:213:2:213:2 | [post] dataTainted30 :  |
+| data.swift:218:2:218:2 | [post] dataTainted31 :  | data.swift:219:12:219:12 | dataTainted31 |
+| data.swift:218:45:218:52 | call to source() :  | data.swift:54:2:54:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  |
+| data.swift:218:45:218:52 | call to source() :  | data.swift:218:2:218:2 | [post] dataTainted31 :  |
+| data.swift:223:10:223:10 | [post] dataTainted32 :  | data.swift:224:12:224:12 | dataTainted32 |
+| data.swift:223:45:223:52 | call to source() :  | data.swift:56:2:56:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  |
+| data.swift:223:45:223:52 | call to source() :  | data.swift:223:10:223:10 | [post] dataTainted32 :  |
+| data.swift:228:10:228:10 | [post] dataTainted33 :  | data.swift:229:12:229:12 | dataTainted33 |
+| data.swift:228:45:228:52 | call to source() :  | data.swift:57:2:57:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  |
+| data.swift:228:45:228:52 | call to source() :  | data.swift:228:10:228:10 | [post] dataTainted33 :  |
+| data.swift:236:22:236:29 | call to source() :  | data.swift:237:12:237:12 | dataTainted35 :  |
+| data.swift:237:12:237:12 | dataTainted35 :  | data.swift:58:2:58:39 | [summary param] this in sorted() :  |
+| data.swift:237:12:237:12 | dataTainted35 :  | data.swift:237:12:237:33 | call to sorted() |
+| data.swift:240:22:240:29 | call to source() :  | data.swift:241:12:241:12 | dataTainted36 :  |
+| data.swift:241:12:241:12 | dataTainted36 :  | data.swift:59:2:59:81 | [summary param] this in sorted(by:) :  |
+| data.swift:241:12:241:12 | dataTainted36 :  | data.swift:241:12:241:54 | call to sorted(by:) |
+| data.swift:244:22:244:29 | call to source() :  | data.swift:245:12:245:12 | dataTainted37 :  |
+| data.swift:245:12:245:12 | dataTainted37 :  | data.swift:60:2:60:132 | [summary param] this in sorted(using:) :  |
+| data.swift:245:12:245:12 | dataTainted37 :  | data.swift:245:12:245:46 | call to sorted(using:) |
+| data.swift:248:22:248:29 | call to source() :  | data.swift:249:12:249:12 | dataTainted38 :  |
+| data.swift:249:12:249:12 | dataTainted38 :  | data.swift:61:2:61:41 | [summary param] this in shuffled() :  |
+| data.swift:249:12:249:12 | dataTainted38 :  | data.swift:249:12:249:35 | call to shuffled() |
+| data.swift:252:22:252:29 | call to source() :  | data.swift:254:12:254:12 | dataTainted39 :  |
+| data.swift:254:12:254:12 | dataTainted39 :  | data.swift:62:2:62:58 | [summary param] this in shuffled(using:) :  |
+| data.swift:254:12:254:12 | dataTainted39 :  | data.swift:254:12:254:46 | call to shuffled(using:) |
+| data.swift:257:22:257:29 | call to source() :  | data.swift:258:12:258:12 | dataTainted40 :  |
+| data.swift:258:12:258:12 | dataTainted40 :  | data.swift:63:2:63:123 | [summary param] this in trimmingPrefix(_:) :  |
+| data.swift:258:12:258:12 | dataTainted40 :  | data.swift:258:12:258:44 | call to trimmingPrefix(_:) |
+| data.swift:261:22:261:29 | call to source() :  | data.swift:262:12:262:12 | dataTainted41 :  |
+| data.swift:262:12:262:12 | dataTainted41 :  | data.swift:64:2:64:72 | [summary param] this in trimmingPrefix(while:) :  |
+| data.swift:262:12:262:12 | dataTainted41 :  | data.swift:262:12:262:54 | call to trimmingPrefix(while:) |
 | file://:0:0:0:0 | [summary] to write: argument 0.parameter 0 in enumerateBytes(_:) :  | nsdata.swift:110:9:110:9 | bytes :  |
-| data.swift:17:2:17:66 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  |
-| data.swift:18:2:18:61 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  |
-| data.swift:19:2:19:62 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  |
-| data.swift:20:2:20:45 | [summary param] 0 in init(bytes:count:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:count:) :  |
-| data.swift:21:2:21:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  |
-| data.swift:22:2:22:50 | [summary param] 0 in init(contentsOf:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  |
-| data.swift:23:2:23:29 | [summary param] 0 in init(referencing:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(referencing:) :  |
-| data.swift:24:2:24:24 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
-| data.swift:25:2:25:25 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
-| data.swift:26:2:26:63 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  |
-| data.swift:27:2:27:52 | [summary param] 0 in append(_:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:count:) :  |
-| data.swift:28:2:28:36 | [summary param] 0 in append(contentsOf:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(contentsOf:) :  |
-| data.swift:30:2:30:88 | [summary param] this in base64EncodedData(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  |
-| data.swift:31:2:31:86 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  |
-| data.swift:32:2:32:99 | [summary param] this in compactMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in compactMap(_:) :  |
-| data.swift:33:2:33:53 | [summary param] this in copyBytes(to:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in copyBytes(to:) :  |
-| data.swift:36:2:36:137 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  |
-| data.swift:37:2:37:97 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  |
-| data.swift:38:2:38:34 | [summary param] 0 in insert(_:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(_:at:) :  |
-| data.swift:39:2:39:83 | [summary param] 0 in insert(contentsOf:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(contentsOf:at:) :  |
-| data.swift:40:2:40:50 | [summary param] this in map(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in map(_:) :  |
-| data.swift:41:2:41:115 | [summary param] this in reduce(into:_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in reduce(into:_:) :  |
-| data.swift:42:2:42:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replace(_:with:maxReplacements:) :  |
-| data.swift:43:2:43:58 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  |
-| data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  |
-| data.swift:46:2:46:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:count:) :  |
-| data.swift:48:2:48:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  |
-| data.swift:49:2:49:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  |
-| data.swift:50:2:50:41 | [summary param] this in shuffled() :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled() :  |
-| data.swift:51:2:51:58 | [summary param] this in shuffled(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled(using:) :  |
-| data.swift:52:2:52:132 | [summary param] this in sorted(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted(using:) :  |
-| data.swift:53:2:53:123 | [summary param] this in trimmingPrefix(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(_:) :  |
-| data.swift:54:2:54:72 | [summary param] this in trimmingPrefix(while:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(while:) :  |
-| data.swift:79:21:79:71 | call to init(base64Encoded:options:) :  | data.swift:80:12:80:12 | dataTainted3 |
-| data.swift:79:41:79:48 | call to source() :  | data.swift:17:2:17:66 | [summary param] 0 in init(base64Encoded:options:) :  |
-| data.swift:79:41:79:48 | call to source() :  | data.swift:79:21:79:71 | call to init(base64Encoded:options:) :  |
-| data.swift:83:21:83:73 | call to init(buffer:) :  | data.swift:84:12:84:12 | dataTainted4 |
-| data.swift:83:34:83:41 | call to source() :  | data.swift:18:2:18:61 | [summary param] 0 in init(buffer:) :  |
-| data.swift:83:34:83:41 | call to source() :  | data.swift:83:21:83:73 | call to init(buffer:) :  |
-| data.swift:85:21:85:74 | call to init(buffer:) :  | data.swift:86:12:86:12 | dataTainted5 |
-| data.swift:85:34:85:41 | call to source() :  | data.swift:19:2:19:62 | [summary param] 0 in init(buffer:) :  |
-| data.swift:85:34:85:41 | call to source() :  | data.swift:85:21:85:74 | call to init(buffer:) :  |
-| data.swift:89:21:89:72 | call to init(bytes:count:) :  | data.swift:90:12:90:12 | dataTainted6 |
-| data.swift:89:33:89:40 | call to source() :  | data.swift:20:2:20:45 | [summary param] 0 in init(bytes:count:) :  |
-| data.swift:89:33:89:40 | call to source() :  | data.swift:89:21:89:72 | call to init(bytes:count:) :  |
-| data.swift:93:21:93:114 | call to init(bytesNoCopy:count:deallocator:) :  | data.swift:94:12:94:12 | dataTainted7 |
-| data.swift:93:39:93:46 | call to source() :  | data.swift:21:2:21:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  |
-| data.swift:93:39:93:46 | call to source() :  | data.swift:93:21:93:114 | call to init(bytesNoCopy:count:deallocator:) :  |
-| data.swift:97:21:97:67 | call to init(contentsOf:options:) :  | data.swift:98:12:98:12 | dataTainted8 |
-| data.swift:97:38:97:45 | call to source() :  | data.swift:22:2:22:50 | [summary param] 0 in init(contentsOf:options:) :  |
-| data.swift:97:38:97:45 | call to source() :  | data.swift:97:21:97:67 | call to init(contentsOf:options:) :  |
-| data.swift:101:21:101:58 | call to init(referencing:) :  | data.swift:102:12:102:12 | dataTainted9 |
-| data.swift:101:39:101:46 | call to source() :  | data.swift:23:2:23:29 | [summary param] 0 in init(referencing:) :  |
-| data.swift:101:39:101:46 | call to source() :  | data.swift:101:21:101:58 | call to init(referencing:) :  |
-| data.swift:106:2:106:2 | [post] dataTainted10 :  | data.swift:107:12:107:12 | dataTainted10 |
-| data.swift:106:23:106:30 | call to source() :  | data.swift:24:2:24:24 | [summary param] 0 in append(_:) :  |
-| data.swift:106:23:106:30 | call to source() :  | data.swift:106:2:106:2 | [post] dataTainted10 :  |
-| data.swift:110:2:110:2 | [post] dataTainted11 :  | data.swift:111:12:111:12 | dataTainted11 |
-| data.swift:110:23:110:30 | call to source() :  | data.swift:25:2:25:25 | [summary param] 0 in append(_:) :  |
-| data.swift:110:23:110:30 | call to source() :  | data.swift:110:2:110:2 | [post] dataTainted11 :  |
-| data.swift:114:2:114:2 | [post] dataTainted12 :  | data.swift:115:12:115:12 | dataTainted12 |
-| data.swift:114:23:114:30 | call to source() :  | data.swift:26:2:26:63 | [summary param] 0 in append(_:) :  |
-| data.swift:114:23:114:30 | call to source() :  | data.swift:114:2:114:2 | [post] dataTainted12 :  |
-| data.swift:119:2:119:2 | [post] dataTainted13 :  | data.swift:120:12:120:12 | dataTainted13 |
-| data.swift:119:23:119:30 | call to source() :  | data.swift:27:2:27:52 | [summary param] 0 in append(_:count:) :  |
-| data.swift:119:23:119:30 | call to source() :  | data.swift:119:2:119:2 | [post] dataTainted13 :  |
-| data.swift:124:2:124:2 | [post] dataTainted14 :  | data.swift:125:12:125:12 | dataTainted14 |
-| data.swift:124:35:124:42 | call to source() :  | data.swift:28:2:28:36 | [summary param] 0 in append(contentsOf:) :  |
-| data.swift:124:35:124:42 | call to source() :  | data.swift:124:2:124:2 | [post] dataTainted14 :  |
-| data.swift:128:22:128:29 | call to source() :  | data.swift:129:12:129:12 | dataTainted15 :  |
-| data.swift:129:12:129:12 | dataTainted15 :  | data.swift:30:2:30:88 | [summary param] this in base64EncodedData(options:) :  |
-| data.swift:129:12:129:12 | dataTainted15 :  | data.swift:129:12:129:55 | call to base64EncodedData(options:) |
-| data.swift:132:22:132:29 | call to source() :  | data.swift:133:12:133:12 | dataTainted16 :  |
-| data.swift:133:12:133:12 | dataTainted16 :  | data.swift:31:2:31:86 | [summary param] this in base64EncodedString(options:) :  |
-| data.swift:133:12:133:12 | dataTainted16 :  | data.swift:133:12:133:57 | call to base64EncodedString(options:) |
-| data.swift:136:22:136:29 | call to source() :  | data.swift:137:29:137:29 | dataTainted17 :  |
-| data.swift:137:29:137:29 | dataTainted17 :  | data.swift:32:2:32:99 | [summary param] this in compactMap(_:) :  |
-| data.swift:137:29:137:29 | dataTainted17 :  | data.swift:137:29:137:72 | call to compactMap(_:) :  |
-| data.swift:137:29:137:72 | call to compactMap(_:) :  | data.swift:138:12:138:12 | compactMapped |
-| data.swift:141:22:141:29 | call to source() :  | data.swift:143:2:143:2 | dataTainted18 :  |
-| data.swift:143:2:143:2 | dataTainted18 :  | data.swift:33:2:33:53 | [summary param] this in copyBytes(to:) :  |
-| data.swift:143:2:143:2 | dataTainted18 :  | data.swift:143:30:143:30 | [post] pointerTainted18 :  |
-| data.swift:143:30:143:30 | [post] pointerTainted18 :  | data.swift:144:12:144:12 | pointerTainted18 |
-| data.swift:159:22:159:29 | call to source() :  | data.swift:160:19:160:19 | dataTainted21 :  |
-| data.swift:160:19:160:19 | dataTainted21 :  | data.swift:36:2:36:137 | [summary param] this in flatMap(_:) :  |
-| data.swift:160:19:160:19 | dataTainted21 :  | data.swift:160:19:160:74 | call to flatMap(_:) :  |
-| data.swift:160:19:160:74 | call to flatMap(_:) :  | data.swift:161:12:161:12 | flatMapped |
-| data.swift:163:22:163:29 | call to source() :  | data.swift:164:20:164:20 | dataTainted22 :  |
-| data.swift:164:20:164:20 | dataTainted22 :  | data.swift:37:2:37:97 | [summary param] this in flatMap(_:) :  |
-| data.swift:164:20:164:20 | dataTainted22 :  | data.swift:164:20:164:60 | call to flatMap(_:) :  |
-| data.swift:164:20:164:60 | call to flatMap(_:) :  | data.swift:165:12:165:12 | flatMapped2 |
-| data.swift:169:2:169:2 | [post] dataTainted23 :  | data.swift:170:12:170:12 | dataTainted23 |
-| data.swift:169:23:169:30 | call to source() :  | data.swift:38:2:38:34 | [summary param] 0 in insert(_:at:) :  |
-| data.swift:169:23:169:30 | call to source() :  | data.swift:169:2:169:2 | [post] dataTainted23 :  |
-| data.swift:174:2:174:2 | [post] dataTainted24 :  | data.swift:175:12:175:12 | dataTainted24 |
-| data.swift:174:35:174:42 | call to source() :  | data.swift:39:2:39:83 | [summary param] 0 in insert(contentsOf:at:) :  |
-| data.swift:174:35:174:42 | call to source() :  | data.swift:174:2:174:2 | [post] dataTainted24 :  |
-| data.swift:178:22:178:29 | call to source() :  | data.swift:179:15:179:15 | dataTainted25 :  |
-| data.swift:179:15:179:15 | dataTainted25 :  | data.swift:40:2:40:50 | [summary param] this in map(_:) :  |
-| data.swift:179:15:179:15 | dataTainted25 :  | data.swift:179:15:179:38 | call to map(_:) :  |
-| data.swift:179:15:179:38 | call to map(_:) :  | data.swift:180:12:180:12 | mapped |
-| data.swift:183:22:183:29 | call to source() :  | data.swift:184:16:184:16 | dataTainted26 :  |
-| data.swift:184:16:184:16 | dataTainted26 :  | data.swift:41:2:41:115 | [summary param] this in reduce(into:_:) :  |
-| data.swift:184:16:184:16 | dataTainted26 :  | data.swift:184:16:184:80 | call to reduce(into:_:) :  |
-| data.swift:184:16:184:80 | call to reduce(into:_:) :  | data.swift:185:12:185:12 | reduced |
-| data.swift:189:2:189:2 | [post] dataTainted27 :  | data.swift:190:12:190:12 | dataTainted27 |
-| data.swift:189:35:189:42 | call to source() :  | data.swift:42:2:42:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  |
-| data.swift:189:35:189:42 | call to source() :  | data.swift:189:2:189:2 | [post] dataTainted27 :  |
-| data.swift:194:2:194:2 | [post] dataTainted28 :  | data.swift:195:12:195:12 | dataTainted28 |
-| data.swift:194:45:194:52 | call to source() :  | data.swift:43:2:43:58 | [summary param] 1 in replaceSubrange(_:with:) :  |
-| data.swift:194:45:194:52 | call to source() :  | data.swift:194:2:194:2 | [post] dataTainted28 :  |
-| data.swift:198:2:198:2 | [post] dataTainted29 :  | data.swift:199:12:199:12 | dataTainted29 |
-| data.swift:198:45:198:52 | call to source() :  | data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  |
-| data.swift:198:45:198:52 | call to source() :  | data.swift:198:2:198:2 | [post] dataTainted29 :  |
-| data.swift:202:2:202:2 | [post] dataTainted30 :  | data.swift:203:12:203:12 | dataTainted30 |
-| data.swift:202:45:202:52 | call to source() :  | data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  |
-| data.swift:202:45:202:52 | call to source() :  | data.swift:202:2:202:2 | [post] dataTainted30 :  |
-| data.swift:207:2:207:2 | [post] dataTainted31 :  | data.swift:208:12:208:12 | dataTainted31 |
-| data.swift:207:45:207:52 | call to source() :  | data.swift:46:2:46:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  |
-| data.swift:207:45:207:52 | call to source() :  | data.swift:207:2:207:2 | [post] dataTainted31 :  |
-| data.swift:212:2:212:2 | [post] dataTainted32 :  | data.swift:213:12:213:12 | dataTainted32 |
-| data.swift:212:37:212:44 | call to source() :  | data.swift:48:2:48:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  |
-| data.swift:212:37:212:44 | call to source() :  | data.swift:212:2:212:2 | [post] dataTainted32 :  |
-| data.swift:217:2:217:2 | [post] dataTainted33 :  | data.swift:218:12:218:12 | dataTainted33 |
-| data.swift:217:37:217:44 | call to source() :  | data.swift:49:2:49:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  |
-| data.swift:217:37:217:44 | call to source() :  | data.swift:217:2:217:2 | [post] dataTainted33 :  |
-| data.swift:221:22:221:29 | call to source() :  | data.swift:222:12:222:12 | dataTainted34 :  |
-| data.swift:222:12:222:12 | dataTainted34 :  | data.swift:50:2:50:41 | [summary param] this in shuffled() :  |
-| data.swift:222:12:222:12 | dataTainted34 :  | data.swift:222:12:222:35 | call to shuffled() |
-| data.swift:225:22:225:29 | call to source() :  | data.swift:227:12:227:12 | dataTainted35 :  |
-| data.swift:227:12:227:12 | dataTainted35 :  | data.swift:51:2:51:58 | [summary param] this in shuffled(using:) :  |
-| data.swift:227:12:227:12 | dataTainted35 :  | data.swift:227:12:227:46 | call to shuffled(using:) |
-| data.swift:230:22:230:29 | call to source() :  | data.swift:231:12:231:12 | dataTainted36 :  |
-| data.swift:231:12:231:12 | dataTainted36 :  | data.swift:52:2:52:132 | [summary param] this in sorted(using:) :  |
-| data.swift:231:12:231:12 | dataTainted36 :  | data.swift:231:12:231:46 | call to sorted(using:) |
-| data.swift:234:22:234:29 | call to source() :  | data.swift:235:12:235:12 | dataTainted37 :  |
-| data.swift:235:12:235:12 | dataTainted37 :  | data.swift:53:2:53:123 | [summary param] this in trimmingPrefix(_:) :  |
-| data.swift:235:12:235:12 | dataTainted37 :  | data.swift:235:12:235:44 | call to trimmingPrefix(_:) |
-| data.swift:238:22:238:29 | call to source() :  | data.swift:239:12:239:12 | dataTainted38 :  |
-| data.swift:239:12:239:12 | dataTainted38 :  | data.swift:54:2:54:72 | [summary param] this in trimmingPrefix(while:) :  |
-| data.swift:239:12:239:12 | dataTainted38 :  | data.swift:239:12:239:54 | call to trimmingPrefix(while:) |
 | file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  | url.swift:120:61:120:61 | data :  |
 | nsdata.swift:22:9:22:9 | self :  | file://:0:0:0:0 | .bytes :  |
 | nsdata.swift:23:9:23:9 | self :  | file://:0:0:0:0 | .description :  |
@@ -522,218 +531,219 @@ edges
 | webview.swift:97:17:97:17 | s :  | webview.swift:44:5:44:48 | [summary param] 0 in setValue(_:forProperty:) :  |
 | webview.swift:97:17:97:17 | s :  | webview.swift:97:5:97:5 | [post] v3 :  |
 nodes
-<<<<<<< HEAD
+| data.swift:25:2:25:66 | [summary param] 0 in init(base64Encoded:options:) :  | semmle.label | [summary param] 0 in init(base64Encoded:options:) :  |
+| data.swift:26:2:26:61 | [summary param] 0 in init(buffer:) :  | semmle.label | [summary param] 0 in init(buffer:) :  |
+| data.swift:27:2:27:62 | [summary param] 0 in init(buffer:) :  | semmle.label | [summary param] 0 in init(buffer:) :  |
+| data.swift:28:2:28:45 | [summary param] 0 in init(bytes:count:) :  | semmle.label | [summary param] 0 in init(bytes:count:) :  |
+| data.swift:29:2:29:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  | semmle.label | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:30:2:30:50 | [summary param] 0 in init(contentsOf:options:) :  | semmle.label | [summary param] 0 in init(contentsOf:options:) :  |
+| data.swift:31:2:31:29 | [summary param] 0 in init(referencing:) :  | semmle.label | [summary param] 0 in init(referencing:) :  |
+| data.swift:32:2:32:24 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
+| data.swift:33:2:33:25 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
+| data.swift:34:2:34:63 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
+| data.swift:35:2:35:52 | [summary param] 0 in append(_:count:) :  | semmle.label | [summary param] 0 in append(_:count:) :  |
+| data.swift:36:2:36:36 | [summary param] 0 in append(contentsOf:) :  | semmle.label | [summary param] 0 in append(contentsOf:) :  |
+| data.swift:38:2:38:88 | [summary param] this in base64EncodedData(options:) :  | semmle.label | [summary param] this in base64EncodedData(options:) :  |
+| data.swift:39:2:39:86 | [summary param] this in base64EncodedString(options:) :  | semmle.label | [summary param] this in base64EncodedString(options:) :  |
+| data.swift:40:2:40:99 | [summary param] this in compactMap(_:) :  | semmle.label | [summary param] this in compactMap(_:) :  |
+| data.swift:41:2:41:53 | [summary param] this in copyBytes(to:) :  | semmle.label | [summary param] this in copyBytes(to:) :  |
+| data.swift:44:2:44:137 | [summary param] this in flatMap(_:) :  | semmle.label | [summary param] this in flatMap(_:) :  |
+| data.swift:45:2:45:97 | [summary param] this in flatMap(_:) :  | semmle.label | [summary param] this in flatMap(_:) :  |
+| data.swift:46:2:46:34 | [summary param] 0 in insert(_:at:) :  | semmle.label | [summary param] 0 in insert(_:at:) :  |
+| data.swift:47:2:47:83 | [summary param] 0 in insert(contentsOf:at:) :  | semmle.label | [summary param] 0 in insert(contentsOf:at:) :  |
+| data.swift:48:2:48:50 | [summary param] this in map(_:) :  | semmle.label | [summary param] this in map(_:) :  |
+| data.swift:49:2:49:115 | [summary param] this in reduce(into:_:) :  | semmle.label | [summary param] this in reduce(into:_:) :  |
+| data.swift:50:2:50:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  | semmle.label | [summary param] 1 in replace(_:with:maxReplacements:) :  |
+| data.swift:51:2:51:58 | [summary param] 1 in replaceSubrange(_:with:) :  | semmle.label | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:52:2:52:151 | [summary param] 1 in replaceSubrange(_:with:) :  | semmle.label | [summary param] 1 in replaceSubrange(_:with:) :  |
+| data.swift:54:2:54:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  | semmle.label | [summary param] 1 in replaceSubrange(_:with:count:) :  |
+| data.swift:56:2:56:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  | semmle.label | [summary param] 1 in replacing(_:with:maxReplacements:) :  |
+| data.swift:57:2:57:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  | semmle.label | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  |
+| data.swift:58:2:58:39 | [summary param] this in sorted() :  | semmle.label | [summary param] this in sorted() :  |
+| data.swift:59:2:59:81 | [summary param] this in sorted(by:) :  | semmle.label | [summary param] this in sorted(by:) :  |
+| data.swift:60:2:60:132 | [summary param] this in sorted(using:) :  | semmle.label | [summary param] this in sorted(using:) :  |
+| data.swift:61:2:61:41 | [summary param] this in shuffled() :  | semmle.label | [summary param] this in shuffled() :  |
+| data.swift:62:2:62:58 | [summary param] this in shuffled(using:) :  | semmle.label | [summary param] this in shuffled(using:) :  |
+| data.swift:63:2:63:123 | [summary param] this in trimmingPrefix(_:) :  | semmle.label | [summary param] this in trimmingPrefix(_:) :  |
+| data.swift:64:2:64:72 | [summary param] this in trimmingPrefix(while:) :  | semmle.label | [summary param] this in trimmingPrefix(while:) :  |
+| data.swift:89:21:89:71 | call to init(base64Encoded:options:) :  | semmle.label | call to init(base64Encoded:options:) :  |
+| data.swift:89:41:89:48 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:90:12:90:12 | dataTainted3 | semmle.label | dataTainted3 |
+| data.swift:93:21:93:73 | call to init(buffer:) :  | semmle.label | call to init(buffer:) :  |
+| data.swift:93:34:93:41 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:94:12:94:12 | dataTainted4 | semmle.label | dataTainted4 |
+| data.swift:95:21:95:74 | call to init(buffer:) :  | semmle.label | call to init(buffer:) :  |
+| data.swift:95:34:95:41 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:96:12:96:12 | dataTainted5 | semmle.label | dataTainted5 |
+| data.swift:99:21:99:72 | call to init(bytes:count:) :  | semmle.label | call to init(bytes:count:) :  |
+| data.swift:99:33:99:40 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:100:12:100:12 | dataTainted6 | semmle.label | dataTainted6 |
+| data.swift:103:21:103:114 | call to init(bytesNoCopy:count:deallocator:) :  | semmle.label | call to init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:103:39:103:46 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:104:12:104:12 | dataTainted7 | semmle.label | dataTainted7 |
+| data.swift:107:20:107:27 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:108:21:108:62 | call to init(contentsOf:options:) :  | semmle.label | call to init(contentsOf:options:) :  |
+| data.swift:108:38:108:38 | urlTainted8 :  | semmle.label | urlTainted8 :  |
+| data.swift:109:12:109:12 | dataTainted8 | semmle.label | dataTainted8 |
+| data.swift:112:21:112:58 | call to init(referencing:) :  | semmle.label | call to init(referencing:) :  |
+| data.swift:112:39:112:46 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:113:12:113:12 | dataTainted9 | semmle.label | dataTainted9 |
+| data.swift:117:2:117:2 | [post] dataTainted10 :  | semmle.label | [post] dataTainted10 :  |
+| data.swift:117:23:117:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:118:12:118:12 | dataTainted10 | semmle.label | dataTainted10 |
+| data.swift:121:2:121:2 | [post] dataTainted11 :  | semmle.label | [post] dataTainted11 :  |
+| data.swift:121:23:121:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:122:12:122:12 | dataTainted11 | semmle.label | dataTainted11 |
+| data.swift:125:2:125:2 | [post] dataTainted12 :  | semmle.label | [post] dataTainted12 :  |
+| data.swift:125:23:125:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:126:12:126:12 | dataTainted12 | semmle.label | dataTainted12 |
+| data.swift:130:2:130:2 | [post] dataTainted13 :  | semmle.label | [post] dataTainted13 :  |
+| data.swift:130:23:130:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:131:12:131:12 | dataTainted13 | semmle.label | dataTainted13 |
+| data.swift:135:2:135:2 | [post] dataTainted14 :  | semmle.label | [post] dataTainted14 :  |
+| data.swift:135:35:135:42 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:136:12:136:12 | dataTainted14 | semmle.label | dataTainted14 |
+| data.swift:139:22:139:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:140:12:140:12 | dataTainted15 :  | semmle.label | dataTainted15 :  |
+| data.swift:140:12:140:55 | call to base64EncodedData(options:) | semmle.label | call to base64EncodedData(options:) |
+| data.swift:143:22:143:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:144:12:144:12 | dataTainted16 :  | semmle.label | dataTainted16 :  |
+| data.swift:144:12:144:57 | call to base64EncodedString(options:) | semmle.label | call to base64EncodedString(options:) |
+| data.swift:147:22:147:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:148:29:148:29 | dataTainted17 :  | semmle.label | dataTainted17 :  |
+| data.swift:148:29:148:72 | call to compactMap(_:) :  | semmle.label | call to compactMap(_:) :  |
+| data.swift:149:12:149:12 | compactMapped | semmle.label | compactMapped |
+| data.swift:152:22:152:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:154:2:154:2 | dataTainted18 :  | semmle.label | dataTainted18 :  |
+| data.swift:154:30:154:30 | [post] pointerTainted18 :  | semmle.label | [post] pointerTainted18 :  |
+| data.swift:155:12:155:12 | pointerTainted18 | semmle.label | pointerTainted18 |
+| data.swift:170:22:170:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:171:19:171:19 | dataTainted21 :  | semmle.label | dataTainted21 :  |
+| data.swift:171:19:171:74 | call to flatMap(_:) :  | semmle.label | call to flatMap(_:) :  |
+| data.swift:172:12:172:12 | flatMapped | semmle.label | flatMapped |
+| data.swift:174:22:174:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:175:20:175:20 | dataTainted22 :  | semmle.label | dataTainted22 :  |
+| data.swift:175:20:175:60 | call to flatMap(_:) :  | semmle.label | call to flatMap(_:) :  |
+| data.swift:176:12:176:12 | flatMapped2 | semmle.label | flatMapped2 |
+| data.swift:180:2:180:2 | [post] dataTainted23 :  | semmle.label | [post] dataTainted23 :  |
+| data.swift:180:23:180:30 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:181:12:181:12 | dataTainted23 | semmle.label | dataTainted23 |
+| data.swift:185:2:185:2 | [post] dataTainted24 :  | semmle.label | [post] dataTainted24 :  |
+| data.swift:185:35:185:42 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:186:12:186:12 | dataTainted24 | semmle.label | dataTainted24 |
+| data.swift:189:22:189:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:190:15:190:15 | dataTainted25 :  | semmle.label | dataTainted25 :  |
+| data.swift:190:15:190:38 | call to map(_:) :  | semmle.label | call to map(_:) :  |
+| data.swift:191:12:191:12 | mapped | semmle.label | mapped |
+| data.swift:194:22:194:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:195:16:195:16 | dataTainted26 :  | semmle.label | dataTainted26 :  |
+| data.swift:195:16:195:80 | call to reduce(into:_:) :  | semmle.label | call to reduce(into:_:) :  |
+| data.swift:196:12:196:12 | reduced | semmle.label | reduced |
+| data.swift:200:2:200:2 | [post] dataTainted27 :  | semmle.label | [post] dataTainted27 :  |
+| data.swift:200:35:200:42 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:201:12:201:12 | dataTainted27 | semmle.label | dataTainted27 |
+| data.swift:205:2:205:2 | [post] dataTainted28 :  | semmle.label | [post] dataTainted28 :  |
+| data.swift:205:45:205:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:206:12:206:12 | dataTainted28 | semmle.label | dataTainted28 |
+| data.swift:209:2:209:2 | [post] dataTainted29 :  | semmle.label | [post] dataTainted29 :  |
+| data.swift:209:45:209:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:210:12:210:12 | dataTainted29 | semmle.label | dataTainted29 |
+| data.swift:213:2:213:2 | [post] dataTainted30 :  | semmle.label | [post] dataTainted30 :  |
+| data.swift:213:45:213:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:214:12:214:12 | dataTainted30 | semmle.label | dataTainted30 |
+| data.swift:218:2:218:2 | [post] dataTainted31 :  | semmle.label | [post] dataTainted31 :  |
+| data.swift:218:45:218:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:219:12:219:12 | dataTainted31 | semmle.label | dataTainted31 |
+| data.swift:223:10:223:10 | [post] dataTainted32 :  | semmle.label | [post] dataTainted32 :  |
+| data.swift:223:45:223:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:224:12:224:12 | dataTainted32 | semmle.label | dataTainted32 |
+| data.swift:228:10:228:10 | [post] dataTainted33 :  | semmle.label | [post] dataTainted33 :  |
+| data.swift:228:45:228:52 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:229:12:229:12 | dataTainted33 | semmle.label | dataTainted33 |
+| data.swift:236:22:236:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:237:12:237:12 | dataTainted35 :  | semmle.label | dataTainted35 :  |
+| data.swift:237:12:237:33 | call to sorted() | semmle.label | call to sorted() |
+| data.swift:240:22:240:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:241:12:241:12 | dataTainted36 :  | semmle.label | dataTainted36 :  |
+| data.swift:241:12:241:54 | call to sorted(by:) | semmle.label | call to sorted(by:) |
+| data.swift:244:22:244:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:245:12:245:12 | dataTainted37 :  | semmle.label | dataTainted37 :  |
+| data.swift:245:12:245:46 | call to sorted(using:) | semmle.label | call to sorted(using:) |
+| data.swift:248:22:248:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:249:12:249:12 | dataTainted38 :  | semmle.label | dataTainted38 :  |
+| data.swift:249:12:249:35 | call to shuffled() | semmle.label | call to shuffled() |
+| data.swift:252:22:252:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:254:12:254:12 | dataTainted39 :  | semmle.label | dataTainted39 :  |
+| data.swift:254:12:254:46 | call to shuffled(using:) | semmle.label | call to shuffled(using:) |
+| data.swift:257:22:257:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:258:12:258:12 | dataTainted40 :  | semmle.label | dataTainted40 :  |
+| data.swift:258:12:258:44 | call to trimmingPrefix(_:) | semmle.label | call to trimmingPrefix(_:) |
+| data.swift:261:22:261:29 | call to source() :  | semmle.label | call to source() :  |
+| data.swift:262:12:262:12 | dataTainted41 :  | semmle.label | dataTainted41 :  |
+| data.swift:262:12:262:54 | call to trimmingPrefix(while:) | semmle.label | call to trimmingPrefix(while:) |
 | file://:0:0:0:0 | .bytes :  | semmle.label | .bytes :  |
 | file://:0:0:0:0 | .description :  | semmle.label | .description :  |
 | file://:0:0:0:0 | .mutableBytes :  | semmle.label | .mutableBytes :  |
+| file://:0:0:0:0 | [summary] to write: argument 0 in copyBytes(to:) :  | semmle.label | [summary] to write: argument 0 in copyBytes(to:) :  |
 | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:) :  | semmle.label | [summary] to write: argument 0 in getBytes(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:length:) :  | semmle.label | [summary] to write: argument 0 in getBytes(_:length:) :  |
 | file://:0:0:0:0 | [summary] to write: argument 0 in getBytes(_:range:) :  | semmle.label | [summary] to write: argument 0 in getBytes(_:range:) :  |
 | file://:0:0:0:0 | [summary] to write: argument 0.parameter 0 in enumerateBytes(_:) :  | semmle.label | [summary] to write: argument 0.parameter 0 in enumerateBytes(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  | semmle.label | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | semmle.label | [summary] to write: argument this in append(_:) :  |
-| file://:0:0:0:0 | [summary] to write: argument this in append(_:length:) :  | semmle.label | [summary] to write: argument this in append(_:length:) :  |
-| file://:0:0:0:0 | [summary] to write: argument this in defineProperty(_:descriptor:) :  | semmle.label | [summary] to write: argument this in defineProperty(_:descriptor:) :  |
-| file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:) :  | semmle.label | [summary] to write: argument this in replaceBytes(in:withBytes:) :  |
-| file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  | semmle.label | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  |
-| file://:0:0:0:0 | [summary] to write: argument this in setData(_:) :  | semmle.label | [summary] to write: argument this in setData(_:) :  |
-=======
-| data.swift:17:2:17:66 | [summary param] 0 in init(base64Encoded:options:) :  | semmle.label | [summary param] 0 in init(base64Encoded:options:) :  |
-| data.swift:18:2:18:61 | [summary param] 0 in init(buffer:) :  | semmle.label | [summary param] 0 in init(buffer:) :  |
-| data.swift:19:2:19:62 | [summary param] 0 in init(buffer:) :  | semmle.label | [summary param] 0 in init(buffer:) :  |
-| data.swift:20:2:20:45 | [summary param] 0 in init(bytes:count:) :  | semmle.label | [summary param] 0 in init(bytes:count:) :  |
-| data.swift:21:2:21:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  | semmle.label | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  |
-| data.swift:22:2:22:50 | [summary param] 0 in init(contentsOf:options:) :  | semmle.label | [summary param] 0 in init(contentsOf:options:) :  |
-| data.swift:23:2:23:29 | [summary param] 0 in init(referencing:) :  | semmle.label | [summary param] 0 in init(referencing:) :  |
-| data.swift:24:2:24:24 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
-| data.swift:25:2:25:25 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
-| data.swift:26:2:26:63 | [summary param] 0 in append(_:) :  | semmle.label | [summary param] 0 in append(_:) :  |
-| data.swift:27:2:27:52 | [summary param] 0 in append(_:count:) :  | semmle.label | [summary param] 0 in append(_:count:) :  |
-| data.swift:28:2:28:36 | [summary param] 0 in append(contentsOf:) :  | semmle.label | [summary param] 0 in append(contentsOf:) :  |
-| data.swift:30:2:30:88 | [summary param] this in base64EncodedData(options:) :  | semmle.label | [summary param] this in base64EncodedData(options:) :  |
-| data.swift:31:2:31:86 | [summary param] this in base64EncodedString(options:) :  | semmle.label | [summary param] this in base64EncodedString(options:) :  |
-| data.swift:32:2:32:99 | [summary param] this in compactMap(_:) :  | semmle.label | [summary param] this in compactMap(_:) :  |
-| data.swift:33:2:33:53 | [summary param] this in copyBytes(to:) :  | semmle.label | [summary param] this in copyBytes(to:) :  |
-| data.swift:36:2:36:137 | [summary param] this in flatMap(_:) :  | semmle.label | [summary param] this in flatMap(_:) :  |
-| data.swift:37:2:37:97 | [summary param] this in flatMap(_:) :  | semmle.label | [summary param] this in flatMap(_:) :  |
-| data.swift:38:2:38:34 | [summary param] 0 in insert(_:at:) :  | semmle.label | [summary param] 0 in insert(_:at:) :  |
-| data.swift:39:2:39:83 | [summary param] 0 in insert(contentsOf:at:) :  | semmle.label | [summary param] 0 in insert(contentsOf:at:) :  |
-| data.swift:40:2:40:50 | [summary param] this in map(_:) :  | semmle.label | [summary param] this in map(_:) :  |
-| data.swift:41:2:41:115 | [summary param] this in reduce(into:_:) :  | semmle.label | [summary param] this in reduce(into:_:) :  |
-| data.swift:42:2:42:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  | semmle.label | [summary param] 1 in replace(_:with:maxReplacements:) :  |
-| data.swift:43:2:43:58 | [summary param] 1 in replaceSubrange(_:with:) :  | semmle.label | [summary param] 1 in replaceSubrange(_:with:) :  |
-| data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  | semmle.label | [summary param] 1 in replaceSubrange(_:with:) :  |
-| data.swift:46:2:46:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  | semmle.label | [summary param] 1 in replaceSubrange(_:with:count:) :  |
-| data.swift:48:2:48:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  | semmle.label | [summary param] 1 in replacing(_:with:maxReplacements:) :  |
-| data.swift:49:2:49:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  | semmle.label | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  |
-| data.swift:50:2:50:41 | [summary param] this in shuffled() :  | semmle.label | [summary param] this in shuffled() :  |
-| data.swift:51:2:51:58 | [summary param] this in shuffled(using:) :  | semmle.label | [summary param] this in shuffled(using:) :  |
-| data.swift:52:2:52:132 | [summary param] this in sorted(using:) :  | semmle.label | [summary param] this in sorted(using:) :  |
-| data.swift:53:2:53:123 | [summary param] this in trimmingPrefix(_:) :  | semmle.label | [summary param] this in trimmingPrefix(_:) :  |
-| data.swift:54:2:54:72 | [summary param] this in trimmingPrefix(while:) :  | semmle.label | [summary param] this in trimmingPrefix(while:) :  |
-| data.swift:79:21:79:71 | call to init(base64Encoded:options:) :  | semmle.label | call to init(base64Encoded:options:) :  |
-| data.swift:79:41:79:48 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:80:12:80:12 | dataTainted3 | semmle.label | dataTainted3 |
-| data.swift:83:21:83:73 | call to init(buffer:) :  | semmle.label | call to init(buffer:) :  |
-| data.swift:83:34:83:41 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:84:12:84:12 | dataTainted4 | semmle.label | dataTainted4 |
-| data.swift:85:21:85:74 | call to init(buffer:) :  | semmle.label | call to init(buffer:) :  |
-| data.swift:85:34:85:41 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:86:12:86:12 | dataTainted5 | semmle.label | dataTainted5 |
-| data.swift:89:21:89:72 | call to init(bytes:count:) :  | semmle.label | call to init(bytes:count:) :  |
-| data.swift:89:33:89:40 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:90:12:90:12 | dataTainted6 | semmle.label | dataTainted6 |
-| data.swift:93:21:93:114 | call to init(bytesNoCopy:count:deallocator:) :  | semmle.label | call to init(bytesNoCopy:count:deallocator:) :  |
-| data.swift:93:39:93:46 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:94:12:94:12 | dataTainted7 | semmle.label | dataTainted7 |
-| data.swift:97:21:97:67 | call to init(contentsOf:options:) :  | semmle.label | call to init(contentsOf:options:) :  |
-| data.swift:97:38:97:45 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:98:12:98:12 | dataTainted8 | semmle.label | dataTainted8 |
-| data.swift:101:21:101:58 | call to init(referencing:) :  | semmle.label | call to init(referencing:) :  |
-| data.swift:101:39:101:46 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:102:12:102:12 | dataTainted9 | semmle.label | dataTainted9 |
-| data.swift:106:2:106:2 | [post] dataTainted10 :  | semmle.label | [post] dataTainted10 :  |
-| data.swift:106:23:106:30 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:107:12:107:12 | dataTainted10 | semmle.label | dataTainted10 |
-| data.swift:110:2:110:2 | [post] dataTainted11 :  | semmle.label | [post] dataTainted11 :  |
-| data.swift:110:23:110:30 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:111:12:111:12 | dataTainted11 | semmle.label | dataTainted11 |
-| data.swift:114:2:114:2 | [post] dataTainted12 :  | semmle.label | [post] dataTainted12 :  |
-| data.swift:114:23:114:30 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:115:12:115:12 | dataTainted12 | semmle.label | dataTainted12 |
-| data.swift:119:2:119:2 | [post] dataTainted13 :  | semmle.label | [post] dataTainted13 :  |
-| data.swift:119:23:119:30 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:120:12:120:12 | dataTainted13 | semmle.label | dataTainted13 |
-| data.swift:124:2:124:2 | [post] dataTainted14 :  | semmle.label | [post] dataTainted14 :  |
-| data.swift:124:35:124:42 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:125:12:125:12 | dataTainted14 | semmle.label | dataTainted14 |
-| data.swift:128:22:128:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:129:12:129:12 | dataTainted15 :  | semmle.label | dataTainted15 :  |
-| data.swift:129:12:129:55 | call to base64EncodedData(options:) | semmle.label | call to base64EncodedData(options:) |
-| data.swift:132:22:132:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:133:12:133:12 | dataTainted16 :  | semmle.label | dataTainted16 :  |
-| data.swift:133:12:133:57 | call to base64EncodedString(options:) | semmle.label | call to base64EncodedString(options:) |
-| data.swift:136:22:136:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:137:29:137:29 | dataTainted17 :  | semmle.label | dataTainted17 :  |
-| data.swift:137:29:137:72 | call to compactMap(_:) :  | semmle.label | call to compactMap(_:) :  |
-| data.swift:138:12:138:12 | compactMapped | semmle.label | compactMapped |
-| data.swift:141:22:141:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:143:2:143:2 | dataTainted18 :  | semmle.label | dataTainted18 :  |
-| data.swift:143:30:143:30 | [post] pointerTainted18 :  | semmle.label | [post] pointerTainted18 :  |
-| data.swift:144:12:144:12 | pointerTainted18 | semmle.label | pointerTainted18 |
-| data.swift:159:22:159:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:160:19:160:19 | dataTainted21 :  | semmle.label | dataTainted21 :  |
-| data.swift:160:19:160:74 | call to flatMap(_:) :  | semmle.label | call to flatMap(_:) :  |
-| data.swift:161:12:161:12 | flatMapped | semmle.label | flatMapped |
-| data.swift:163:22:163:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:164:20:164:20 | dataTainted22 :  | semmle.label | dataTainted22 :  |
-| data.swift:164:20:164:60 | call to flatMap(_:) :  | semmle.label | call to flatMap(_:) :  |
-| data.swift:165:12:165:12 | flatMapped2 | semmle.label | flatMapped2 |
-| data.swift:169:2:169:2 | [post] dataTainted23 :  | semmle.label | [post] dataTainted23 :  |
-| data.swift:169:23:169:30 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:170:12:170:12 | dataTainted23 | semmle.label | dataTainted23 |
-| data.swift:174:2:174:2 | [post] dataTainted24 :  | semmle.label | [post] dataTainted24 :  |
-| data.swift:174:35:174:42 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:175:12:175:12 | dataTainted24 | semmle.label | dataTainted24 |
-| data.swift:178:22:178:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:179:15:179:15 | dataTainted25 :  | semmle.label | dataTainted25 :  |
-| data.swift:179:15:179:38 | call to map(_:) :  | semmle.label | call to map(_:) :  |
-| data.swift:180:12:180:12 | mapped | semmle.label | mapped |
-| data.swift:183:22:183:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:184:16:184:16 | dataTainted26 :  | semmle.label | dataTainted26 :  |
-| data.swift:184:16:184:80 | call to reduce(into:_:) :  | semmle.label | call to reduce(into:_:) :  |
-| data.swift:185:12:185:12 | reduced | semmle.label | reduced |
-| data.swift:189:2:189:2 | [post] dataTainted27 :  | semmle.label | [post] dataTainted27 :  |
-| data.swift:189:35:189:42 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:190:12:190:12 | dataTainted27 | semmle.label | dataTainted27 |
-| data.swift:194:2:194:2 | [post] dataTainted28 :  | semmle.label | [post] dataTainted28 :  |
-| data.swift:194:45:194:52 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:195:12:195:12 | dataTainted28 | semmle.label | dataTainted28 |
-| data.swift:198:2:198:2 | [post] dataTainted29 :  | semmle.label | [post] dataTainted29 :  |
-| data.swift:198:45:198:52 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:199:12:199:12 | dataTainted29 | semmle.label | dataTainted29 |
-| data.swift:202:2:202:2 | [post] dataTainted30 :  | semmle.label | [post] dataTainted30 :  |
-| data.swift:202:45:202:52 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:203:12:203:12 | dataTainted30 | semmle.label | dataTainted30 |
-| data.swift:207:2:207:2 | [post] dataTainted31 :  | semmle.label | [post] dataTainted31 :  |
-| data.swift:207:45:207:52 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:208:12:208:12 | dataTainted31 | semmle.label | dataTainted31 |
-| data.swift:212:2:212:2 | [post] dataTainted32 :  | semmle.label | [post] dataTainted32 :  |
-| data.swift:212:37:212:44 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:213:12:213:12 | dataTainted32 | semmle.label | dataTainted32 |
-| data.swift:217:2:217:2 | [post] dataTainted33 :  | semmle.label | [post] dataTainted33 :  |
-| data.swift:217:37:217:44 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:218:12:218:12 | dataTainted33 | semmle.label | dataTainted33 |
-| data.swift:221:22:221:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:222:12:222:12 | dataTainted34 :  | semmle.label | dataTainted34 :  |
-| data.swift:222:12:222:35 | call to shuffled() | semmle.label | call to shuffled() |
-| data.swift:225:22:225:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:227:12:227:12 | dataTainted35 :  | semmle.label | dataTainted35 :  |
-| data.swift:227:12:227:46 | call to shuffled(using:) | semmle.label | call to shuffled(using:) |
-| data.swift:230:22:230:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:231:12:231:12 | dataTainted36 :  | semmle.label | dataTainted36 :  |
-| data.swift:231:12:231:46 | call to sorted(using:) | semmle.label | call to sorted(using:) |
-| data.swift:234:22:234:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:235:12:235:12 | dataTainted37 :  | semmle.label | dataTainted37 :  |
-| data.swift:235:12:235:44 | call to trimmingPrefix(_:) | semmle.label | call to trimmingPrefix(_:) |
-| data.swift:238:22:238:29 | call to source() :  | semmle.label | call to source() :  |
-| data.swift:239:12:239:12 | dataTainted38 :  | semmle.label | dataTainted38 :  |
-| data.swift:239:12:239:54 | call to trimmingPrefix(while:) | semmle.label | call to trimmingPrefix(while:) |
-| file://:0:0:0:0 | [summary] to write: argument 0 in copyBytes(to:) :  | semmle.label | [summary] to write: argument 0 in copyBytes(to:) :  |
-| file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  | semmle.label | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | semmle.label | [summary] to write: argument this in append(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | semmle.label | [summary] to write: argument this in append(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | semmle.label | [summary] to write: argument this in append(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in append(_:count:) :  | semmle.label | [summary] to write: argument this in append(_:count:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in append(_:length:) :  | semmle.label | [summary] to write: argument this in append(_:length:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in append(contentsOf:) :  | semmle.label | [summary] to write: argument this in append(contentsOf:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in defineProperty(_:descriptor:) :  | semmle.label | [summary] to write: argument this in defineProperty(_:descriptor:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in insert(_:at:) :  | semmle.label | [summary] to write: argument this in insert(_:at:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in insert(contentsOf:at:) :  | semmle.label | [summary] to write: argument this in insert(contentsOf:at:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in replace(_:with:maxReplacements:) :  | semmle.label | [summary] to write: argument this in replace(_:with:maxReplacements:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:) :  | semmle.label | [summary] to write: argument this in replaceBytes(in:withBytes:) :  |
+| file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  | semmle.label | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | semmle.label | [summary] to write: argument this in replaceSubrange(_:with:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | semmle.label | [summary] to write: argument this in replaceSubrange(_:with:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:count:) :  | semmle.label | [summary] to write: argument this in replaceSubrange(_:with:count:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  | semmle.label | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  | semmle.label | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  |
->>>>>>> 7ef2618758 (Update test expectations)
+| file://:0:0:0:0 | [summary] to write: argument this in setData(_:) :  | semmle.label | [summary] to write: argument this in setData(_:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:at:) :  | semmle.label | [summary] to write: argument this in setValue(_:at:) :  |
 | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:forProperty:) :  | semmle.label | [summary] to write: argument this in setValue(_:forProperty:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in atIndex(_:) :  | semmle.label | [summary] to write: return (return) in atIndex(_:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  | semmle.label | [summary] to write: return (return) in base64EncodedData(options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  | semmle.label | [summary] to write: return (return) in base64EncodedData(options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  | semmle.label | [summary] to write: return (return) in base64EncodedString(options:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  | semmle.label | [summary] to write: return (return) in base64EncodedString(options:) :  |
-<<<<<<< HEAD
 | file://:0:0:0:0 | [summary] to write: return (return) in base64Encoding() :  | semmle.label | [summary] to write: return (return) in base64Encoding() :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in compactMap(_:) :  | semmle.label | [summary] to write: return (return) in compactMap(_:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in compressed(using:) :  | semmle.label | [summary] to write: return (return) in compressed(using:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in dataWithContentsOfMappedFile(_:) :  | semmle.label | [summary] to write: return (return) in dataWithContentsOfMappedFile(_:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in decompressed(using:) :  | semmle.label | [summary] to write: return (return) in decompressed(using:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | semmle.label | [summary] to write: return (return) in flatMap(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | semmle.label | [summary] to write: return (return) in flatMap(_:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in forProperty(_:) :  | semmle.label | [summary] to write: return (return) in forProperty(_:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | semmle.label | [summary] to write: return (return) in init(base64Encoded:options:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | semmle.label | [summary] to write: return (return) in init(base64Encoded:options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | semmle.label | [summary] to write: return (return) in init(base64Encoded:options:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoding:) :  | semmle.label | [summary] to write: return (return) in init(base64Encoding:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(bool:in:) :  | semmle.label | [summary] to write: return (return) in init(bool:in:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | semmle.label | [summary] to write: return (return) in init(buffer:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | semmle.label | [summary] to write: return (return) in init(buffer:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:count:) :  | semmle.label | [summary] to write: return (return) in init(bytes:count:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:length:) :  | semmle.label | [summary] to write: return (return) in init(bytes:length:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  | semmle.label | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:) :  | semmle.label | [summary] to write: return (return) in init(bytesNoCopy:length:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:deallocator:) :  | semmle.label | [summary] to write: return (return) in init(bytesNoCopy:length:deallocator:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:freeWhenDone:) :  | semmle.label | [summary] to write: return (return) in init(bytesNoCopy:length:freeWhenDone:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:) :  | semmle.label | [summary] to write: return (return) in init(contentsOf:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  | semmle.label | [summary] to write: return (return) in init(contentsOf:options:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  | semmle.label | [summary] to write: return (return) in init(contentsOf:options:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfFile:) :  | semmle.label | [summary] to write: return (return) in init(contentsOfFile:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfFile:options:) :  | semmle.label | [summary] to write: return (return) in init(contentsOfFile:options:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOfMappedFile:) :  | semmle.label | [summary] to write: return (return) in init(contentsOfMappedFile:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(data:) :  | semmle.label | [summary] to write: return (return) in init(data:) :  |
-=======
-| file://:0:0:0:0 | [summary] to write: return (return) in compactMap(_:) :  | semmle.label | [summary] to write: return (return) in compactMap(_:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | semmle.label | [summary] to write: return (return) in flatMap(_:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | semmle.label | [summary] to write: return (return) in flatMap(_:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in forProperty(_:) :  | semmle.label | [summary] to write: return (return) in forProperty(_:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | semmle.label | [summary] to write: return (return) in init(base64Encoded:options:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in init(bool:in:) :  | semmle.label | [summary] to write: return (return) in init(bool:in:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | semmle.label | [summary] to write: return (return) in init(buffer:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | semmle.label | [summary] to write: return (return) in init(buffer:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:count:) :  | semmle.label | [summary] to write: return (return) in init(bytes:count:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  | semmle.label | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  | semmle.label | [summary] to write: return (return) in init(contentsOf:options:) :  |
->>>>>>> 7ef2618758 (Update test expectations)
 | file://:0:0:0:0 | [summary] to write: return (return) in init(double:in:) :  | semmle.label | [summary] to write: return (return) in init(double:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(int32:in:) :  | semmle.label | [summary] to write: return (return) in init(int32:in:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(object:in:) :  | semmle.label | [summary] to write: return (return) in init(object:in:) :  |
@@ -746,15 +756,14 @@ nodes
 | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | semmle.label | [summary] to write: return (return) in init(string:relativeTo:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | semmle.label | [summary] to write: return (return) in init(string:relativeTo:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in init(uInt32:in:) :  | semmle.label | [summary] to write: return (return) in init(uInt32:in:) :  |
-<<<<<<< HEAD
-| file://:0:0:0:0 | [summary] to write: return (return) in subdata(with:) :  | semmle.label | [summary] to write: return (return) in subdata(with:) :  |
-=======
 | file://:0:0:0:0 | [summary] to write: return (return) in map(_:) :  | semmle.label | [summary] to write: return (return) in map(_:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in reduce(into:_:) :  | semmle.label | [summary] to write: return (return) in reduce(into:_:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in shuffled() :  | semmle.label | [summary] to write: return (return) in shuffled() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in shuffled(using:) :  | semmle.label | [summary] to write: return (return) in shuffled(using:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in sorted() :  | semmle.label | [summary] to write: return (return) in sorted() :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in sorted(by:) :  | semmle.label | [summary] to write: return (return) in sorted(by:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in sorted(using:) :  | semmle.label | [summary] to write: return (return) in sorted(using:) :  |
->>>>>>> 7ef2618758 (Update test expectations)
+| file://:0:0:0:0 | [summary] to write: return (return) in subdata(with:) :  | semmle.label | [summary] to write: return (return) in subdata(with:) :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toArray() :  | semmle.label | [summary] to write: return (return) in toArray() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toBool() :  | semmle.label | [summary] to write: return (return) in toBool() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toDate() :  | semmle.label | [summary] to write: return (return) in toDate() :  |
@@ -770,7 +779,8 @@ nodes
 | file://:0:0:0:0 | [summary] to write: return (return) in toSize() :  | semmle.label | [summary] to write: return (return) in toSize() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toString() :  | semmle.label | [summary] to write: return (return) in toString() :  |
 | file://:0:0:0:0 | [summary] to write: return (return) in toUInt32() :  | semmle.label | [summary] to write: return (return) in toUInt32() :  |
-<<<<<<< HEAD
+| file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(_:) :  | semmle.label | [summary] to write: return (return) in trimmingPrefix(_:) :  |
+| file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(while:) :  | semmle.label | [summary] to write: return (return) in trimmingPrefix(while:) :  |
 | nsdata.swift:22:9:22:9 | self :  | semmle.label | self :  |
 | nsdata.swift:23:9:23:9 | self :  | semmle.label | self :  |
 | nsdata.swift:24:5:24:50 | [summary param] 0 in init(bytes:length:) :  | semmle.label | [summary param] 0 in init(bytes:length:) :  |
@@ -906,10 +916,6 @@ nodes
 | nsmutabledata.swift:48:33:48:40 | call to source() :  | semmle.label | call to source() :  |
 | nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 :  | semmle.label | nsMutableDataTainted6 :  |
 | nsmutabledata.swift:49:15:49:37 | .mutableBytes | semmle.label | .mutableBytes |
-=======
-| file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(_:) :  | semmle.label | [summary] to write: return (return) in trimmingPrefix(_:) :  |
-| file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(while:) :  | semmle.label | [summary] to write: return (return) in trimmingPrefix(while:) :  |
->>>>>>> 7ef2618758 (Update test expectations)
 | string.swift:5:11:5:18 | call to source() :  | semmle.label | call to source() :  |
 | string.swift:7:13:7:13 | "..." | semmle.label | "..." |
 | string.swift:9:13:9:13 | "..." | semmle.label | "..." |
@@ -1111,7 +1117,42 @@ nodes
 | webview.swift:97:17:97:17 | s :  | semmle.label | s :  |
 | webview.swift:98:10:98:10 | v3 | semmle.label | v3 |
 subpaths
-<<<<<<< HEAD
+| data.swift:89:41:89:48 | call to source() :  | data.swift:25:2:25:66 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | data.swift:89:21:89:71 | call to init(base64Encoded:options:) :  |
+| data.swift:93:34:93:41 | call to source() :  | data.swift:26:2:26:61 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | data.swift:93:21:93:73 | call to init(buffer:) :  |
+| data.swift:95:34:95:41 | call to source() :  | data.swift:27:2:27:62 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | data.swift:95:21:95:74 | call to init(buffer:) :  |
+| data.swift:99:33:99:40 | call to source() :  | data.swift:28:2:28:45 | [summary param] 0 in init(bytes:count:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:count:) :  | data.swift:99:21:99:72 | call to init(bytes:count:) :  |
+| data.swift:103:39:103:46 | call to source() :  | data.swift:29:2:29:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  | data.swift:103:21:103:114 | call to init(bytesNoCopy:count:deallocator:) :  |
+| data.swift:108:38:108:38 | urlTainted8 :  | data.swift:30:2:30:50 | [summary param] 0 in init(contentsOf:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  | data.swift:108:21:108:62 | call to init(contentsOf:options:) :  |
+| data.swift:112:39:112:46 | call to source() :  | data.swift:31:2:31:29 | [summary param] 0 in init(referencing:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(referencing:) :  | data.swift:112:21:112:58 | call to init(referencing:) :  |
+| data.swift:117:23:117:30 | call to source() :  | data.swift:32:2:32:24 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | data.swift:117:2:117:2 | [post] dataTainted10 :  |
+| data.swift:121:23:121:30 | call to source() :  | data.swift:33:2:33:25 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | data.swift:121:2:121:2 | [post] dataTainted11 :  |
+| data.swift:125:23:125:30 | call to source() :  | data.swift:34:2:34:63 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | data.swift:125:2:125:2 | [post] dataTainted12 :  |
+| data.swift:130:23:130:30 | call to source() :  | data.swift:35:2:35:52 | [summary param] 0 in append(_:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:count:) :  | data.swift:130:2:130:2 | [post] dataTainted13 :  |
+| data.swift:135:35:135:42 | call to source() :  | data.swift:36:2:36:36 | [summary param] 0 in append(contentsOf:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(contentsOf:) :  | data.swift:135:2:135:2 | [post] dataTainted14 :  |
+| data.swift:140:12:140:12 | dataTainted15 :  | data.swift:38:2:38:88 | [summary param] this in base64EncodedData(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  | data.swift:140:12:140:55 | call to base64EncodedData(options:) |
+| data.swift:144:12:144:12 | dataTainted16 :  | data.swift:39:2:39:86 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  | data.swift:144:12:144:57 | call to base64EncodedString(options:) |
+| data.swift:148:29:148:29 | dataTainted17 :  | data.swift:40:2:40:99 | [summary param] this in compactMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in compactMap(_:) :  | data.swift:148:29:148:72 | call to compactMap(_:) :  |
+| data.swift:154:2:154:2 | dataTainted18 :  | data.swift:41:2:41:53 | [summary param] this in copyBytes(to:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in copyBytes(to:) :  | data.swift:154:30:154:30 | [post] pointerTainted18 :  |
+| data.swift:171:19:171:19 | dataTainted21 :  | data.swift:44:2:44:137 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | data.swift:171:19:171:74 | call to flatMap(_:) :  |
+| data.swift:175:20:175:20 | dataTainted22 :  | data.swift:45:2:45:97 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | data.swift:175:20:175:60 | call to flatMap(_:) :  |
+| data.swift:180:23:180:30 | call to source() :  | data.swift:46:2:46:34 | [summary param] 0 in insert(_:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(_:at:) :  | data.swift:180:2:180:2 | [post] dataTainted23 :  |
+| data.swift:185:35:185:42 | call to source() :  | data.swift:47:2:47:83 | [summary param] 0 in insert(contentsOf:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(contentsOf:at:) :  | data.swift:185:2:185:2 | [post] dataTainted24 :  |
+| data.swift:190:15:190:15 | dataTainted25 :  | data.swift:48:2:48:50 | [summary param] this in map(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in map(_:) :  | data.swift:190:15:190:38 | call to map(_:) :  |
+| data.swift:195:16:195:16 | dataTainted26 :  | data.swift:49:2:49:115 | [summary param] this in reduce(into:_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in reduce(into:_:) :  | data.swift:195:16:195:80 | call to reduce(into:_:) :  |
+| data.swift:200:35:200:42 | call to source() :  | data.swift:50:2:50:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replace(_:with:maxReplacements:) :  | data.swift:200:2:200:2 | [post] dataTainted27 :  |
+| data.swift:205:45:205:52 | call to source() :  | data.swift:51:2:51:58 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | data.swift:205:2:205:2 | [post] dataTainted28 :  |
+| data.swift:209:45:209:52 | call to source() :  | data.swift:52:2:52:151 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | data.swift:209:2:209:2 | [post] dataTainted29 :  |
+| data.swift:213:45:213:52 | call to source() :  | data.swift:52:2:52:151 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | data.swift:213:2:213:2 | [post] dataTainted30 :  |
+| data.swift:218:45:218:52 | call to source() :  | data.swift:54:2:54:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:count:) :  | data.swift:218:2:218:2 | [post] dataTainted31 :  |
+| data.swift:223:45:223:52 | call to source() :  | data.swift:56:2:56:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  | data.swift:223:10:223:10 | [post] dataTainted32 :  |
+| data.swift:228:45:228:52 | call to source() :  | data.swift:57:2:57:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  | data.swift:228:10:228:10 | [post] dataTainted33 :  |
+| data.swift:237:12:237:12 | dataTainted35 :  | data.swift:58:2:58:39 | [summary param] this in sorted() :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted() :  | data.swift:237:12:237:33 | call to sorted() |
+| data.swift:241:12:241:12 | dataTainted36 :  | data.swift:59:2:59:81 | [summary param] this in sorted(by:) :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted(by:) :  | data.swift:241:12:241:54 | call to sorted(by:) |
+| data.swift:245:12:245:12 | dataTainted37 :  | data.swift:60:2:60:132 | [summary param] this in sorted(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted(using:) :  | data.swift:245:12:245:46 | call to sorted(using:) |
+| data.swift:249:12:249:12 | dataTainted38 :  | data.swift:61:2:61:41 | [summary param] this in shuffled() :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled() :  | data.swift:249:12:249:35 | call to shuffled() |
+| data.swift:254:12:254:12 | dataTainted39 :  | data.swift:62:2:62:58 | [summary param] this in shuffled(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled(using:) :  | data.swift:254:12:254:46 | call to shuffled(using:) |
+| data.swift:258:12:258:12 | dataTainted40 :  | data.swift:63:2:63:123 | [summary param] this in trimmingPrefix(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(_:) :  | data.swift:258:12:258:44 | call to trimmingPrefix(_:) |
+| data.swift:262:12:262:12 | dataTainted41 :  | data.swift:64:2:64:72 | [summary param] this in trimmingPrefix(while:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(while:) :  | data.swift:262:12:262:54 | call to trimmingPrefix(while:) |
 | nsdata.swift:57:40:57:47 | call to source() :  | nsdata.swift:24:5:24:50 | [summary param] 0 in init(bytes:length:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:length:) :  | nsdata.swift:57:26:57:80 | call to init(bytes:length:) :  |
 | nsdata.swift:60:46:60:53 | call to source() :  | nsdata.swift:25:5:25:68 | [summary param] 0 in init(bytesNoCopy:length:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:) :  | nsdata.swift:60:26:60:93 | call to init(bytesNoCopy:length:) :  |
 | nsdata.swift:63:46:63:53 | call to source() :  | nsdata.swift:26:5:26:130 | [summary param] 0 in init(bytesNoCopy:length:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:length:deallocator:) :  | nsdata.swift:63:26:63:111 | call to init(bytesNoCopy:length:deallocator:) :  |
@@ -1145,42 +1186,6 @@ subpaths
 | nsmutabledata.swift:40:66:40:73 | call to source() :  | nsmutabledata.swift:17:5:17:121 | [summary param] 1 in replaceBytes(in:withBytes:length:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceBytes(in:withBytes:length:) :  | nsmutabledata.swift:40:5:40:5 | [post] nsMutableDataTainted4 :  |
 | nsmutabledata.swift:44:35:44:42 | call to source() :  | nsmutabledata.swift:18:5:18:33 | [summary param] 0 in setData(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in setData(_:) :  | nsmutabledata.swift:44:5:44:5 | [post] nsMutableDataTainted5 :  |
 | nsmutabledata.swift:49:15:49:15 | nsMutableDataTainted6 :  | nsmutabledata.swift:13:9:13:9 | self :  | file://:0:0:0:0 | .mutableBytes :  | nsmutabledata.swift:49:15:49:37 | .mutableBytes |
-=======
-| data.swift:79:41:79:48 | call to source() :  | data.swift:17:2:17:66 | [summary param] 0 in init(base64Encoded:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(base64Encoded:options:) :  | data.swift:79:21:79:71 | call to init(base64Encoded:options:) :  |
-| data.swift:83:34:83:41 | call to source() :  | data.swift:18:2:18:61 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | data.swift:83:21:83:73 | call to init(buffer:) :  |
-| data.swift:85:34:85:41 | call to source() :  | data.swift:19:2:19:62 | [summary param] 0 in init(buffer:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(buffer:) :  | data.swift:85:21:85:74 | call to init(buffer:) :  |
-| data.swift:89:33:89:40 | call to source() :  | data.swift:20:2:20:45 | [summary param] 0 in init(bytes:count:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytes:count:) :  | data.swift:89:21:89:72 | call to init(bytes:count:) :  |
-| data.swift:93:39:93:46 | call to source() :  | data.swift:21:2:21:82 | [summary param] 0 in init(bytesNoCopy:count:deallocator:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(bytesNoCopy:count:deallocator:) :  | data.swift:93:21:93:114 | call to init(bytesNoCopy:count:deallocator:) :  |
-| data.swift:97:38:97:45 | call to source() :  | data.swift:22:2:22:50 | [summary param] 0 in init(contentsOf:options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(contentsOf:options:) :  | data.swift:97:21:97:67 | call to init(contentsOf:options:) :  |
-| data.swift:101:39:101:46 | call to source() :  | data.swift:23:2:23:29 | [summary param] 0 in init(referencing:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(referencing:) :  | data.swift:101:21:101:58 | call to init(referencing:) :  |
-| data.swift:106:23:106:30 | call to source() :  | data.swift:24:2:24:24 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | data.swift:106:2:106:2 | [post] dataTainted10 :  |
-| data.swift:110:23:110:30 | call to source() :  | data.swift:25:2:25:25 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | data.swift:110:2:110:2 | [post] dataTainted11 :  |
-| data.swift:114:23:114:30 | call to source() :  | data.swift:26:2:26:63 | [summary param] 0 in append(_:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:) :  | data.swift:114:2:114:2 | [post] dataTainted12 :  |
-| data.swift:119:23:119:30 | call to source() :  | data.swift:27:2:27:52 | [summary param] 0 in append(_:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(_:count:) :  | data.swift:119:2:119:2 | [post] dataTainted13 :  |
-| data.swift:124:35:124:42 | call to source() :  | data.swift:28:2:28:36 | [summary param] 0 in append(contentsOf:) :  | file://:0:0:0:0 | [summary] to write: argument this in append(contentsOf:) :  | data.swift:124:2:124:2 | [post] dataTainted14 :  |
-| data.swift:129:12:129:12 | dataTainted15 :  | data.swift:30:2:30:88 | [summary param] this in base64EncodedData(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedData(options:) :  | data.swift:129:12:129:55 | call to base64EncodedData(options:) |
-| data.swift:133:12:133:12 | dataTainted16 :  | data.swift:31:2:31:86 | [summary param] this in base64EncodedString(options:) :  | file://:0:0:0:0 | [summary] to write: return (return) in base64EncodedString(options:) :  | data.swift:133:12:133:57 | call to base64EncodedString(options:) |
-| data.swift:137:29:137:29 | dataTainted17 :  | data.swift:32:2:32:99 | [summary param] this in compactMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in compactMap(_:) :  | data.swift:137:29:137:72 | call to compactMap(_:) :  |
-| data.swift:143:2:143:2 | dataTainted18 :  | data.swift:33:2:33:53 | [summary param] this in copyBytes(to:) :  | file://:0:0:0:0 | [summary] to write: argument 0 in copyBytes(to:) :  | data.swift:143:30:143:30 | [post] pointerTainted18 :  |
-| data.swift:160:19:160:19 | dataTainted21 :  | data.swift:36:2:36:137 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | data.swift:160:19:160:74 | call to flatMap(_:) :  |
-| data.swift:164:20:164:20 | dataTainted22 :  | data.swift:37:2:37:97 | [summary param] this in flatMap(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in flatMap(_:) :  | data.swift:164:20:164:60 | call to flatMap(_:) :  |
-| data.swift:169:23:169:30 | call to source() :  | data.swift:38:2:38:34 | [summary param] 0 in insert(_:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(_:at:) :  | data.swift:169:2:169:2 | [post] dataTainted23 :  |
-| data.swift:174:35:174:42 | call to source() :  | data.swift:39:2:39:83 | [summary param] 0 in insert(contentsOf:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in insert(contentsOf:at:) :  | data.swift:174:2:174:2 | [post] dataTainted24 :  |
-| data.swift:179:15:179:15 | dataTainted25 :  | data.swift:40:2:40:50 | [summary param] this in map(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in map(_:) :  | data.swift:179:15:179:38 | call to map(_:) :  |
-| data.swift:184:16:184:16 | dataTainted26 :  | data.swift:41:2:41:115 | [summary param] this in reduce(into:_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in reduce(into:_:) :  | data.swift:184:16:184:80 | call to reduce(into:_:) :  |
-| data.swift:189:35:189:42 | call to source() :  | data.swift:42:2:42:180 | [summary param] 1 in replace(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replace(_:with:maxReplacements:) :  | data.swift:189:2:189:2 | [post] dataTainted27 :  |
-| data.swift:194:45:194:52 | call to source() :  | data.swift:43:2:43:58 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | data.swift:194:2:194:2 | [post] dataTainted28 :  |
-| data.swift:198:45:198:52 | call to source() :  | data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | data.swift:198:2:198:2 | [post] dataTainted29 :  |
-| data.swift:202:45:202:52 | call to source() :  | data.swift:44:2:44:151 | [summary param] 1 in replaceSubrange(_:with:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:) :  | data.swift:202:2:202:2 | [post] dataTainted30 :  |
-| data.swift:207:45:207:52 | call to source() :  | data.swift:46:2:46:82 | [summary param] 1 in replaceSubrange(_:with:count:) :  | file://:0:0:0:0 | [summary] to write: argument this in replaceSubrange(_:with:count:) :  | data.swift:207:2:207:2 | [post] dataTainted31 :  |
-| data.swift:212:37:212:44 | call to source() :  | data.swift:48:2:48:214 | [summary param] 1 in replacing(_:with:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:maxReplacements:) :  | data.swift:212:2:212:2 | [post] dataTainted32 :  |
-| data.swift:217:37:217:44 | call to source() :  | data.swift:49:2:49:236 | [summary param] 1 in replacing(_:with:subrange:maxReplacements:) :  | file://:0:0:0:0 | [summary] to write: argument this in replacing(_:with:subrange:maxReplacements:) :  | data.swift:217:2:217:2 | [post] dataTainted33 :  |
-| data.swift:222:12:222:12 | dataTainted34 :  | data.swift:50:2:50:41 | [summary param] this in shuffled() :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled() :  | data.swift:222:12:222:35 | call to shuffled() |
-| data.swift:227:12:227:12 | dataTainted35 :  | data.swift:51:2:51:58 | [summary param] this in shuffled(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in shuffled(using:) :  | data.swift:227:12:227:46 | call to shuffled(using:) |
-| data.swift:231:12:231:12 | dataTainted36 :  | data.swift:52:2:52:132 | [summary param] this in sorted(using:) :  | file://:0:0:0:0 | [summary] to write: return (return) in sorted(using:) :  | data.swift:231:12:231:46 | call to sorted(using:) |
-| data.swift:235:12:235:12 | dataTainted37 :  | data.swift:53:2:53:123 | [summary param] this in trimmingPrefix(_:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(_:) :  | data.swift:235:12:235:44 | call to trimmingPrefix(_:) |
-| data.swift:239:12:239:12 | dataTainted38 :  | data.swift:54:2:54:72 | [summary param] this in trimmingPrefix(while:) :  | file://:0:0:0:0 | [summary] to write: return (return) in trimmingPrefix(while:) :  | data.swift:239:12:239:54 | call to trimmingPrefix(while:) |
->>>>>>> 7ef2618758 (Update test expectations)
 | url.swift:59:31:59:31 | tainted :  | url.swift:8:2:8:25 | [summary param] 0 in init(string:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(string:) :  | url.swift:59:19:59:38 | call to init(string:) :  |
 | url.swift:83:24:83:24 | tainted :  | url.swift:9:2:9:43 | [summary param] 0 in init(string:relativeTo:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | url.swift:83:12:83:48 | call to init(string:relativeTo:) :  |
 | url.swift:86:43:86:43 | urlTainted :  | url.swift:9:2:9:43 | [summary param] 1 in init(string:relativeTo:) :  | file://:0:0:0:0 | [summary] to write: return (return) in init(string:relativeTo:) :  | url.swift:86:12:86:53 | call to init(string:relativeTo:) :  |
@@ -1231,7 +1236,42 @@ subpaths
 | webview.swift:93:17:93:17 | s :  | webview.swift:43:5:43:38 | [summary param] 0 in setValue(_:at:) :  | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:at:) :  | webview.swift:93:5:93:5 | [post] v2 :  |
 | webview.swift:97:17:97:17 | s :  | webview.swift:44:5:44:48 | [summary param] 0 in setValue(_:forProperty:) :  | file://:0:0:0:0 | [summary] to write: argument this in setValue(_:forProperty:) :  | webview.swift:97:5:97:5 | [post] v3 :  |
 #select
-<<<<<<< HEAD
+| data.swift:90:12:90:12 | dataTainted3 | data.swift:89:41:89:48 | call to source() :  | data.swift:90:12:90:12 | dataTainted3 | result |
+| data.swift:94:12:94:12 | dataTainted4 | data.swift:93:34:93:41 | call to source() :  | data.swift:94:12:94:12 | dataTainted4 | result |
+| data.swift:96:12:96:12 | dataTainted5 | data.swift:95:34:95:41 | call to source() :  | data.swift:96:12:96:12 | dataTainted5 | result |
+| data.swift:100:12:100:12 | dataTainted6 | data.swift:99:33:99:40 | call to source() :  | data.swift:100:12:100:12 | dataTainted6 | result |
+| data.swift:104:12:104:12 | dataTainted7 | data.swift:103:39:103:46 | call to source() :  | data.swift:104:12:104:12 | dataTainted7 | result |
+| data.swift:109:12:109:12 | dataTainted8 | data.swift:107:20:107:27 | call to source() :  | data.swift:109:12:109:12 | dataTainted8 | result |
+| data.swift:113:12:113:12 | dataTainted9 | data.swift:112:39:112:46 | call to source() :  | data.swift:113:12:113:12 | dataTainted9 | result |
+| data.swift:118:12:118:12 | dataTainted10 | data.swift:117:23:117:30 | call to source() :  | data.swift:118:12:118:12 | dataTainted10 | result |
+| data.swift:122:12:122:12 | dataTainted11 | data.swift:121:23:121:30 | call to source() :  | data.swift:122:12:122:12 | dataTainted11 | result |
+| data.swift:126:12:126:12 | dataTainted12 | data.swift:125:23:125:30 | call to source() :  | data.swift:126:12:126:12 | dataTainted12 | result |
+| data.swift:131:12:131:12 | dataTainted13 | data.swift:130:23:130:30 | call to source() :  | data.swift:131:12:131:12 | dataTainted13 | result |
+| data.swift:136:12:136:12 | dataTainted14 | data.swift:135:35:135:42 | call to source() :  | data.swift:136:12:136:12 | dataTainted14 | result |
+| data.swift:140:12:140:55 | call to base64EncodedData(options:) | data.swift:139:22:139:29 | call to source() :  | data.swift:140:12:140:55 | call to base64EncodedData(options:) | result |
+| data.swift:144:12:144:57 | call to base64EncodedString(options:) | data.swift:143:22:143:29 | call to source() :  | data.swift:144:12:144:57 | call to base64EncodedString(options:) | result |
+| data.swift:149:12:149:12 | compactMapped | data.swift:147:22:147:29 | call to source() :  | data.swift:149:12:149:12 | compactMapped | result |
+| data.swift:155:12:155:12 | pointerTainted18 | data.swift:152:22:152:29 | call to source() :  | data.swift:155:12:155:12 | pointerTainted18 | result |
+| data.swift:172:12:172:12 | flatMapped | data.swift:170:22:170:29 | call to source() :  | data.swift:172:12:172:12 | flatMapped | result |
+| data.swift:176:12:176:12 | flatMapped2 | data.swift:174:22:174:29 | call to source() :  | data.swift:176:12:176:12 | flatMapped2 | result |
+| data.swift:181:12:181:12 | dataTainted23 | data.swift:180:23:180:30 | call to source() :  | data.swift:181:12:181:12 | dataTainted23 | result |
+| data.swift:186:12:186:12 | dataTainted24 | data.swift:185:35:185:42 | call to source() :  | data.swift:186:12:186:12 | dataTainted24 | result |
+| data.swift:191:12:191:12 | mapped | data.swift:189:22:189:29 | call to source() :  | data.swift:191:12:191:12 | mapped | result |
+| data.swift:196:12:196:12 | reduced | data.swift:194:22:194:29 | call to source() :  | data.swift:196:12:196:12 | reduced | result |
+| data.swift:201:12:201:12 | dataTainted27 | data.swift:200:35:200:42 | call to source() :  | data.swift:201:12:201:12 | dataTainted27 | result |
+| data.swift:206:12:206:12 | dataTainted28 | data.swift:205:45:205:52 | call to source() :  | data.swift:206:12:206:12 | dataTainted28 | result |
+| data.swift:210:12:210:12 | dataTainted29 | data.swift:209:45:209:52 | call to source() :  | data.swift:210:12:210:12 | dataTainted29 | result |
+| data.swift:214:12:214:12 | dataTainted30 | data.swift:213:45:213:52 | call to source() :  | data.swift:214:12:214:12 | dataTainted30 | result |
+| data.swift:219:12:219:12 | dataTainted31 | data.swift:218:45:218:52 | call to source() :  | data.swift:219:12:219:12 | dataTainted31 | result |
+| data.swift:224:12:224:12 | dataTainted32 | data.swift:223:45:223:52 | call to source() :  | data.swift:224:12:224:12 | dataTainted32 | result |
+| data.swift:229:12:229:12 | dataTainted33 | data.swift:228:45:228:52 | call to source() :  | data.swift:229:12:229:12 | dataTainted33 | result |
+| data.swift:237:12:237:33 | call to sorted() | data.swift:236:22:236:29 | call to source() :  | data.swift:237:12:237:33 | call to sorted() | result |
+| data.swift:241:12:241:54 | call to sorted(by:) | data.swift:240:22:240:29 | call to source() :  | data.swift:241:12:241:54 | call to sorted(by:) | result |
+| data.swift:245:12:245:46 | call to sorted(using:) | data.swift:244:22:244:29 | call to source() :  | data.swift:245:12:245:46 | call to sorted(using:) | result |
+| data.swift:249:12:249:35 | call to shuffled() | data.swift:248:22:248:29 | call to source() :  | data.swift:249:12:249:35 | call to shuffled() | result |
+| data.swift:254:12:254:46 | call to shuffled(using:) | data.swift:252:22:252:29 | call to source() :  | data.swift:254:12:254:46 | call to shuffled(using:) | result |
+| data.swift:258:12:258:44 | call to trimmingPrefix(_:) | data.swift:257:22:257:29 | call to source() :  | data.swift:258:12:258:44 | call to trimmingPrefix(_:) | result |
+| data.swift:262:12:262:54 | call to trimmingPrefix(while:) | data.swift:261:22:261:29 | call to source() :  | data.swift:262:12:262:54 | call to trimmingPrefix(while:) | result |
 | nsdata.swift:58:15:58:15 | nsDataTainted1 | nsdata.swift:57:40:57:47 | call to source() :  | nsdata.swift:58:15:58:15 | nsDataTainted1 | result |
 | nsdata.swift:61:15:61:15 | nsDataTainted2 | nsdata.swift:60:46:60:53 | call to source() :  | nsdata.swift:61:15:61:15 | nsDataTainted2 | result |
 | nsdata.swift:64:15:64:15 | nsDataTainted3 | nsdata.swift:63:46:63:53 | call to source() :  | nsdata.swift:64:15:64:15 | nsDataTainted3 | result |
@@ -1266,42 +1306,6 @@ subpaths
 | nsmutabledata.swift:41:15:41:15 | nsMutableDataTainted4 | nsmutabledata.swift:40:66:40:73 | call to source() :  | nsmutabledata.swift:41:15:41:15 | nsMutableDataTainted4 | result |
 | nsmutabledata.swift:45:15:45:15 | nsMutableDataTainted5 | nsmutabledata.swift:44:35:44:42 | call to source() :  | nsmutabledata.swift:45:15:45:15 | nsMutableDataTainted5 | result |
 | nsmutabledata.swift:49:15:49:37 | .mutableBytes | nsmutabledata.swift:48:33:48:40 | call to source() :  | nsmutabledata.swift:49:15:49:37 | .mutableBytes | result |
-=======
-| data.swift:80:12:80:12 | dataTainted3 | data.swift:79:41:79:48 | call to source() :  | data.swift:80:12:80:12 | dataTainted3 | result |
-| data.swift:84:12:84:12 | dataTainted4 | data.swift:83:34:83:41 | call to source() :  | data.swift:84:12:84:12 | dataTainted4 | result |
-| data.swift:86:12:86:12 | dataTainted5 | data.swift:85:34:85:41 | call to source() :  | data.swift:86:12:86:12 | dataTainted5 | result |
-| data.swift:90:12:90:12 | dataTainted6 | data.swift:89:33:89:40 | call to source() :  | data.swift:90:12:90:12 | dataTainted6 | result |
-| data.swift:94:12:94:12 | dataTainted7 | data.swift:93:39:93:46 | call to source() :  | data.swift:94:12:94:12 | dataTainted7 | result |
-| data.swift:98:12:98:12 | dataTainted8 | data.swift:97:38:97:45 | call to source() :  | data.swift:98:12:98:12 | dataTainted8 | result |
-| data.swift:102:12:102:12 | dataTainted9 | data.swift:101:39:101:46 | call to source() :  | data.swift:102:12:102:12 | dataTainted9 | result |
-| data.swift:107:12:107:12 | dataTainted10 | data.swift:106:23:106:30 | call to source() :  | data.swift:107:12:107:12 | dataTainted10 | result |
-| data.swift:111:12:111:12 | dataTainted11 | data.swift:110:23:110:30 | call to source() :  | data.swift:111:12:111:12 | dataTainted11 | result |
-| data.swift:115:12:115:12 | dataTainted12 | data.swift:114:23:114:30 | call to source() :  | data.swift:115:12:115:12 | dataTainted12 | result |
-| data.swift:120:12:120:12 | dataTainted13 | data.swift:119:23:119:30 | call to source() :  | data.swift:120:12:120:12 | dataTainted13 | result |
-| data.swift:125:12:125:12 | dataTainted14 | data.swift:124:35:124:42 | call to source() :  | data.swift:125:12:125:12 | dataTainted14 | result |
-| data.swift:129:12:129:55 | call to base64EncodedData(options:) | data.swift:128:22:128:29 | call to source() :  | data.swift:129:12:129:55 | call to base64EncodedData(options:) | result |
-| data.swift:133:12:133:57 | call to base64EncodedString(options:) | data.swift:132:22:132:29 | call to source() :  | data.swift:133:12:133:57 | call to base64EncodedString(options:) | result |
-| data.swift:138:12:138:12 | compactMapped | data.swift:136:22:136:29 | call to source() :  | data.swift:138:12:138:12 | compactMapped | result |
-| data.swift:144:12:144:12 | pointerTainted18 | data.swift:141:22:141:29 | call to source() :  | data.swift:144:12:144:12 | pointerTainted18 | result |
-| data.swift:161:12:161:12 | flatMapped | data.swift:159:22:159:29 | call to source() :  | data.swift:161:12:161:12 | flatMapped | result |
-| data.swift:165:12:165:12 | flatMapped2 | data.swift:163:22:163:29 | call to source() :  | data.swift:165:12:165:12 | flatMapped2 | result |
-| data.swift:170:12:170:12 | dataTainted23 | data.swift:169:23:169:30 | call to source() :  | data.swift:170:12:170:12 | dataTainted23 | result |
-| data.swift:175:12:175:12 | dataTainted24 | data.swift:174:35:174:42 | call to source() :  | data.swift:175:12:175:12 | dataTainted24 | result |
-| data.swift:180:12:180:12 | mapped | data.swift:178:22:178:29 | call to source() :  | data.swift:180:12:180:12 | mapped | result |
-| data.swift:185:12:185:12 | reduced | data.swift:183:22:183:29 | call to source() :  | data.swift:185:12:185:12 | reduced | result |
-| data.swift:190:12:190:12 | dataTainted27 | data.swift:189:35:189:42 | call to source() :  | data.swift:190:12:190:12 | dataTainted27 | result |
-| data.swift:195:12:195:12 | dataTainted28 | data.swift:194:45:194:52 | call to source() :  | data.swift:195:12:195:12 | dataTainted28 | result |
-| data.swift:199:12:199:12 | dataTainted29 | data.swift:198:45:198:52 | call to source() :  | data.swift:199:12:199:12 | dataTainted29 | result |
-| data.swift:203:12:203:12 | dataTainted30 | data.swift:202:45:202:52 | call to source() :  | data.swift:203:12:203:12 | dataTainted30 | result |
-| data.swift:208:12:208:12 | dataTainted31 | data.swift:207:45:207:52 | call to source() :  | data.swift:208:12:208:12 | dataTainted31 | result |
-| data.swift:213:12:213:12 | dataTainted32 | data.swift:212:37:212:44 | call to source() :  | data.swift:213:12:213:12 | dataTainted32 | result |
-| data.swift:218:12:218:12 | dataTainted33 | data.swift:217:37:217:44 | call to source() :  | data.swift:218:12:218:12 | dataTainted33 | result |
-| data.swift:222:12:222:35 | call to shuffled() | data.swift:221:22:221:29 | call to source() :  | data.swift:222:12:222:35 | call to shuffled() | result |
-| data.swift:227:12:227:46 | call to shuffled(using:) | data.swift:225:22:225:29 | call to source() :  | data.swift:227:12:227:46 | call to shuffled(using:) | result |
-| data.swift:231:12:231:46 | call to sorted(using:) | data.swift:230:22:230:29 | call to source() :  | data.swift:231:12:231:46 | call to sorted(using:) | result |
-| data.swift:235:12:235:44 | call to trimmingPrefix(_:) | data.swift:234:22:234:29 | call to source() :  | data.swift:235:12:235:44 | call to trimmingPrefix(_:) | result |
-| data.swift:239:12:239:54 | call to trimmingPrefix(while:) | data.swift:238:22:238:29 | call to source() :  | data.swift:239:12:239:54 | call to trimmingPrefix(while:) | result |
->>>>>>> 7ef2618758 (Update test expectations)
 | string.swift:7:13:7:13 | "..." | string.swift:5:11:5:18 | call to source() :  | string.swift:7:13:7:13 | "..." | result |
 | string.swift:9:13:9:13 | "..." | string.swift:5:11:5:18 | call to source() :  | string.swift:9:13:9:13 | "..." | result |
 | string.swift:11:13:11:13 | "..." | string.swift:5:11:5:18 | call to source() :  | string.swift:11:13:11:13 | "..." | result |

From fc7c66dab20bf4165cba5a279b61e39123dd46c1 Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Thu, 24 Nov 2022 12:04:08 +0100
Subject: [PATCH 140/144] Remove now unnecessary additional taint step in
 UnsafeJsEval

---
 swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql         | 4 ----
 .../test/query-tests/Security/CWE-094/UnsafeJsEval.expected   | 2 --
 2 files changed, 6 deletions(-)

diff --git a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
index cd96709b6f6..e5764416d27 100644
--- a/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
+++ b/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
@@ -108,10 +108,6 @@ class UnsafeJsEvalConfig extends TaintTracking::Configuration {
                 ])
         ).getArgument(0)
       or
-      arg =
-        any(CallExpr ce | ce.getStaticTarget().(MethodDecl).hasQualifiedName("Data", "init(_:)"))
-            .getArgument(0)
-      or
       arg =
         any(CallExpr ce |
           ce.getStaticTarget().(MethodDecl).hasQualifiedName("String", "init(decoding:as:)")
diff --git a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
index 6f146b41df8..e6b4fb45005 100644
--- a/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
+++ b/swift/ql/test/query-tests/Security/CWE-094/UnsafeJsEval.expected
@@ -6,7 +6,6 @@ edges
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:205:7:205:7 | remoteString :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:208:7:208:39 | ... .+(_:_:) ... :  |
 | UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:211:24:211:37 | .utf8 :  |
-| UnsafeJsEval.swift:201:21:201:35 | call to getRemoteData() :  | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  |
 | UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
 | UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
 | UnsafeJsEval.swift:204:7:204:66 | try! ... :  | UnsafeJsEval.swift:276:13:276:13 | string :  |
@@ -29,7 +28,6 @@ edges
 | UnsafeJsEval.swift:211:19:211:41 | call to init(_:) :  | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  |
 | UnsafeJsEval.swift:211:24:211:37 | .utf8 :  | UnsafeJsEval.swift:144:5:144:29 | [summary param] 0 in init(_:) :  |
 | UnsafeJsEval.swift:211:24:211:37 | .utf8 :  | UnsafeJsEval.swift:211:19:211:41 | call to init(_:) :  |
-| UnsafeJsEval.swift:211:24:211:37 | .utf8 :  | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  |
 | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:265:13:265:13 | string :  |
 | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:268:13:268:13 | string :  |
 | UnsafeJsEval.swift:214:7:214:49 | call to init(decoding:as:) :  | UnsafeJsEval.swift:276:13:276:13 | string :  |

From e4e5291511fa7832b58dd051f432a6362d0236c9 Mon Sep 17 00:00:00 2001
From: Tony Torralba <atorralba@users.noreply.github.com>
Date: Thu, 24 Nov 2022 13:03:12 +0100
Subject: [PATCH 141/144] Fix more test expectations after rebase

---
 .../library-tests/dataflow/flowsources/FlowSources.expected   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected b/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected
index 9aeb5661a9e..078385e1e00 100644
--- a/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected
+++ b/swift/ql/test/library-tests/dataflow/flowsources/FlowSources.expected
@@ -3,12 +3,12 @@
 | customurlschemes.swift:38:52:38:62 | url | external |
 | customurlschemes.swift:43:9:43:28 | ...[...] | Remote URL in UIApplicationDelegate.application.launchOptions |
 | customurlschemes.swift:48:9:48:28 | ...[...] | Remote URL in UIApplicationDelegate.application.launchOptions |
+| data.swift:18:20:18:20 | call to init(contentsOf:options:) | external |
+| data.swift:18:20:18:54 | call to init(contentsOf:options:) | external |
 | nsdata.swift:18:17:18:17 | call to init(contentsOf:) | external |
 | nsdata.swift:18:17:18:40 | call to init(contentsOf:) | external |
 | nsdata.swift:19:17:19:17 | call to init(contentsOf:options:) | external |
 | nsdata.swift:19:17:19:53 | call to init(contentsOf:options:) | external |
-| data.swift:18:20:18:20 | call to init(contentsOf:options:) | external |
-| data.swift:18:20:18:54 | call to init(contentsOf:options:) | external |
 | string.swift:56:21:56:21 | call to init(contentsOf:) | external |
 | string.swift:56:21:56:44 | call to init(contentsOf:) | external |
 | string.swift:57:21:57:21 | call to init(contentsOf:encoding:) | external |

From 8d96bfe973e3d3387918e8799019cee96c440ba5 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Thu, 24 Nov 2022 14:18:13 +0000
Subject: [PATCH 142/144] JS: Bump patch version of ML-powered library and
 query packs

---
 .../ql/experimental/adaptivethreatmodeling/lib/qlpack.yml       | 2 +-
 .../ql/experimental/adaptivethreatmodeling/src/qlpack.yml       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml
index e0571f38255..fb53f54ded7 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-experimental-atm-lib
-version: 0.4.1
+version: 0.4.2
 extractor: javascript
 library: true
 groups:
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml
index cab87ce0e33..725beadcb0e 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml
+++ b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml
@@ -1,6 +1,6 @@
 name: codeql/javascript-experimental-atm-queries
 language: javascript
-version: 0.4.1
+version: 0.4.2
 suites: codeql-suites
 defaultSuiteFile: codeql-suites/javascript-atm-code-scanning.qls
 groups:

From 78d49e44b1292319713b3b10e3c9b706aab67e63 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Thu, 24 Nov 2022 14:22:14 +0000
Subject: [PATCH 143/144] JS: Bump version of ML-powered library and query
 packs to 0.4.3

---
 .../ql/experimental/adaptivethreatmodeling/lib/qlpack.yml       | 2 +-
 .../ql/experimental/adaptivethreatmodeling/src/qlpack.yml       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml
index fb53f54ded7..22249f4b960 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml
+++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/javascript-experimental-atm-lib
-version: 0.4.2
+version: 0.4.3
 extractor: javascript
 library: true
 groups:
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml
index 725beadcb0e..875283e0b63 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml
+++ b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml
@@ -1,6 +1,6 @@
 name: codeql/javascript-experimental-atm-queries
 language: javascript
-version: 0.4.2
+version: 0.4.3
 suites: codeql-suites
 defaultSuiteFile: codeql-suites/javascript-atm-code-scanning.qls
 groups:

From e24e3bf13f002ad35c36262106e82cd229d18360 Mon Sep 17 00:00:00 2001
From: alexet <alexet@semmle.com>
Date: Thu, 24 Nov 2022 16:43:57 +0000
Subject: [PATCH 144/144] Java: Add new Mockito runner class location.

---
 java/ql/lib/semmle/code/java/frameworks/Mockito.qll | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/java/ql/lib/semmle/code/java/frameworks/Mockito.qll b/java/ql/lib/semmle/code/java/frameworks/Mockito.qll
index af161760063..9622d7e50ba 100644
--- a/java/ql/lib/semmle/code/java/frameworks/Mockito.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/Mockito.qll
@@ -53,9 +53,11 @@ class MockitoInitedTest extends Class {
   MockitoInitedTest() {
     // Tests run with the Mockito runner.
     exists(RunWithAnnotation a | a = this.getAnAncestor().getAnAnnotation() |
+      a.getRunner().(RefType).hasQualifiedName("org.mockito.junit", "MockitoJUnitRunner")
+      or
+      // Deprecated styles.
       a.getRunner().(RefType).hasQualifiedName("org.mockito.runners", "MockitoJUnitRunner")
       or
-      // Deprecated style.
       a.getRunner().(RefType).hasQualifiedName("org.mockito.runners", "MockitoJUnit44Runner")
     )
     or