Merge pull request #7948 from github/release-prep/2.8.1

Release preparation for version 2.8.1

.codeqlmanifest.json

@@ -4,6 +4,7 @@
         "*/ql/lib/qlpack.yml",
         "*/ql/test/qlpack.yml",
         "*/ql/examples/qlpack.yml",
+        "*/ql/consistency-queries/qlpack.yml",
         "cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/qlpack.yml",
         "javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml",
         "javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/qlpack.yml",
@@ -14,8 +15,6 @@
         "misc/legacy-support/*/qlpack.yml",
         "misc/suite-helpers/qlpack.yml",
         "ruby/extractor-pack/codeql-extractor.yml",
-        "ruby/ql/consistency-queries/qlpack.yml",
-        "ql/ql/consistency-queries/qlpack.yml",
         "ql/extractor-pack/codeql-extractor.yml"
     ],
     "versionPolicies": {

.github/workflows/csv-coverage-metrics.yml

@@ -0,0 +1,43 @@
+name: "Publish framework coverage as metrics"
+
+on:
+  schedule:
+    - cron: '5 0 * * *'
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - ".github/workflows/csv-coverage-metrics.yml"
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+      - name: Setup CodeQL
+        uses: ./.github/actions/fetch-codeql
+      - name: Create empty database
+        run: |
+          DATABASE="${{ runner.temp }}/java-database"
+          PROJECT="${{ runner.temp }}/java-project"
+          mkdir -p "$PROJECT/src/tmp/empty"
+          echo "class Empty {}" >> "$PROJECT/src/tmp/empty/Empty.java"
+          codeql database create "$DATABASE" --language=java --source-root="$PROJECT" --command 'javac src/tmp/empty/Empty.java'
+      - name: Capture coverage information
+        run: |
+          DATABASE="${{ runner.temp }}/java-database"
+          codeql database analyze --format=sarif-latest --output=metrics.sarif -- "$DATABASE" ./java/ql/src/Metrics/Summaries/FrameworkCoverage.ql
+      - uses: actions/upload-artifact@v2
+        with:
+          name: metrics.sarif
+          path: metrics.sarif
+          retention-days: 20
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: metrics.sarif

.github/workflows/ruby-qltest.yml

@@ -52,6 +52,14 @@ jobs:
           codeql dataset import -S ql/lib/upgrades/initial/ruby.dbscheme testdb empty.trap
           codeql dataset upgrade testdb --additional-packs ql/lib
           diff -q testdb/ruby.dbscheme ql/lib/ruby.dbscheme
+      - name: Check DB downgrade scripts
+        run: |
+          echo >empty.trap
+          rm -rf testdb; codeql dataset import -S ql/lib/ruby.dbscheme testdb empty.trap
+          codeql resolve upgrades --format=lines --allow-downgrades --additional-packs downgrades \
+           --dbscheme=ql/lib/ruby.dbscheme --target-dbscheme=downgrades/initial/ruby.dbscheme |
+           xargs codeql execute upgrades testdb
+          diff -q testdb/ruby.dbscheme downgrades/initial/ruby.dbscheme
   qltest:
     runs-on: ubuntu-latest
     strategy:

benjamin-button.md

@@ -1,51 +0,0 @@
-# benjamin-buttons.md
-
-This file describes the changes that have been applied to
-the library to make it behave as if it was younger.
-
-## TaintedPath.ql
-
-Sinks added between 2020-01-01 and 2020-10-06 have been removed. Found by looking at:
-
-- the commit titles of https://github.com/github/codeql/commits/main/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
-- the PR titles of https://github.com/github/codeql/pulls?page=2&q=is%3Apr+label%3AJS+is%3Aclosed+sink
-
-Sinks added between 2018-08-02 and 2020-01-01 have been removed. Found by looking at:
-
-- the commit titles of https://github.com/github/codeql/commits/main/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
-- the PR titles of https://github.com/github/codeql/pulls?page=2&q=is%3Apr+label%3AJS+is%3Aclosed+sink
-- the PR titles of https://github.com/github/codeql/pulls?page=2&q=is%3Apr+label%3AJS+is%3Aclosed+pathinjection
-- the PR titles of https://github.com/github/codeql/pulls?page=2&q=is%3Apr+label%3AJS+is%3Aclosed+tainted-path
-
-Sinks from the "graceful-fs" and "fs-extra" (added before the open-sourcing squash).
-
-## Xss.ql
-
-Sinks added between 2020-01-01 and 2020-10-06 have been removed. Found by looking at:
-
-- the commit titles of https://github.com/github/codeql/commits/main/javascript/ql/test/query-tests/Security/CWE-079/Xss.expected
-- the PR titles of https://github.com/github/codeql/pulls?page=2&q=is%3Apr+label%3AJS+is%3Aclosed+sink
-
-- recursive type tracking for `jQuery::dollar`, `DOM::domValueRef`.
-
-## SqlInjection.ql
-
-Sinks added between 2020-01-01 and 2020-10-06 have been removed. Found by looking at:
-
-- the commit titles of https://github.com/github/codeql/commits/main/javascript/ql/test/query-tests/Security/CWE-089
-- the PR titles of https://github.com/github/codeql/pulls?page=2&q=is%3Apr+label%3AJS+is%3Aclosed+sink
-
-Sinks added between 2018-08-02 and 2020-01-01 have been removed. Found by looking at:
-
-- the commit titles of https://github.com/github/codeql/commits/main/javascript/ql/test/query-tests/Security/CWE-089
-- the PR titles of https://github.com/github/codeql/pulls?page=2&q=is%3Apr+label%3AJS+is%3Aclosed+sink
-- the PR titles of https://github.com/github/codeql/pulls?page=2&q=is%3Apr+label%3AJS+is%3Aclosed+sql
-
-TypeTracking in SQL.qll (added before the open-sourcing squash)
-
-The model of `mssql` and `sequelize` (added before the open-sourcing squash)
-
-## PseudoProperties
-
-Pseudo-properties (`$name$`) used in type-tracking and global dataflow configurations have been disabled.
-Found by searching for `"\$.*\$"`.

cpp/ql/lib/CHANGELOG.md

@@ -1,3 +1,16 @@
+## 0.0.9
+
+## 0.0.8
+
+### Deprecated APIs
+
+* The `codeql/cpp-upgrades` CodeQL pack has been removed. All upgrades scripts have been merged into the `codeql/cpp-all` CodeQL pack.
+
+### Minor Analysis Improvements
+
+* `FormatLiteral::getMaxConvertedLength` now uses range analysis to provide a
+  more accurate length for integers formatted with `%x`
+
 ## 0.0.7
 
 ## 0.0.6

cpp/ql/lib/change-notes/2022-01-11-remove-upgrades-packs.md

@@ -1,4 +0,0 @@
----
-category: deprecated
----
-* The `codeql/cpp-upgrades` CodeQL pack has been removed. All upgrades scripts have been merged into the `codeql/cpp-all` CodeQL pack.

cpp/ql/lib/change-notes/2022-01-14-hex-format-range-analysis.md

@@ -1,5 +0,0 @@
----
-category: minorAnalysis
----
-* `FormatLiteral::getMaxConvertedLength` now uses range analysis to provide a
-  more accurate length for integers formatted with `%x`

cpp/ql/lib/change-notes/released/0.0.8.md

@@ -0,0 +1,10 @@
+## 0.0.8
+
+### Deprecated APIs
+
+* The `codeql/cpp-upgrades` CodeQL pack has been removed. All upgrades scripts have been merged into the `codeql/cpp-all` CodeQL pack.
+
+### Minor Analysis Improvements
+
+* `FormatLiteral::getMaxConvertedLength` now uses range analysis to provide a
+  more accurate length for integers formatted with `%x`

cpp/ql/lib/change-notes/released/0.0.9.md

@@ -0,0 +1,2 @@
+## 0.0.9
+

cpp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.7
+lastReleaseVersion: 0.0.9

cpp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 0.0.8-dev
+version: 0.0.9
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp

cpp/ql/lib/semmle/code/cpp/commons/unix/Constants.qll

@@ -11,10 +11,10 @@ import cpp
  */
 bindingset[input]
 int parseOctal(string input) {
-  input.charAt(0) = "0" and
+  input.regexpMatch("0[0-7]+") and
   result =
     strictsum(int ix |
-      ix in [0 .. input.length()]
+      ix in [1 .. input.length()]
     |
       8.pow(input.length() - (ix + 1)) * input.charAt(ix).toInt()
     )

cpp/ql/src/CHANGELOG.md

@@ -1,3 +1,36 @@
+## 0.0.9
+
+### New Queries
+
+* Added a new query, `cpp/open-call-with-mode-argument`, to detect when `open` or `openat` is called with the `O_CREAT` or `O_TMPFILE` flag but when the `mode` argument is omitted.
+
+### Minor Analysis Improvements
+
+* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query has been further improved to reduce false positive results, and upgraded from `medium` to `high` precision.
+* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query now finds more results, where a password is stored in a struct field or class member variable.
+* The `cpp/cleartext-storage-file` query has been improved, removing false positives where data is written to a standard output stream.
+* The `cpp/cleartext-storage-buffer` query has been updated to use the `semmle.code.cpp.dataflow.TaintTracking` library.
+* The `cpp/world-writable-file-creation` query now only detects `open` and `openat` calls with the `O_CREAT` or `O_TMPFILE` flag.
+
+## 0.0.8
+
+### New Queries
+
+* The `security` tag has been added to the `cpp/return-stack-allocated-memory` query. As a result, its results will now appear by default.
+* The "Uncontrolled data in arithmetic expression" (cpp/uncontrolled-arithmetic) query has been enhanced to reduce false positive results and its @precision increased to high.
+* A new `cpp/very-likely-overruning-write` query has been added to the default query suite for C/C++. The query reports some results that were formerly flagged by `cpp/overruning-write`.
+
+### Minor Analysis Improvements
+
+* Fix an issue with the `cpp/declaration-hides-variable` query where it would report variables that are unnamed in a database.
+* The `cpp/cleartext-storage-file` query has been upgraded with non-local taint flow and has been converted to a `path-problem` query.
+* The `cpp/return-stack-allocated-memory` query has been improved to produce fewer false positives. The
+  query has also been converted to a `path-problem` query.
+* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query has been improved in several ways to reduce false positive results.
+* The "Potential improper null termination" (`cpp/improper-null-termination`) query now produces fewer false positive results around control flow branches and loops.
+* Added exception for GLib's gboolean to cpp/ambiguously-signed-bit-field.
+  This change reduces the number of false positives in the query.
+
 ## 0.0.7
 
 ## 0.0.6

cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql

@@ -168,6 +168,16 @@ class NetworkRecv extends NetworkSendRecv {
   override Recv target;
 }
 
+pragma[noinline]
+predicate encryptionFunction(Function f) {
+  f.getName().toLowerCase().regexpMatch(".*(crypt|encode|decode|hash|securezero).*")
+}
+
+pragma[noinline]
+predicate encryptionType(UserType t) {
+  t.getName().toLowerCase().regexpMatch(".*(crypt|encode|decode|hash|securezero).*")
+}
+
 /**
  * An expression that is an argument or return value from an encryption /
  * decryption call. This is quite inclusive to minimize false positives, for
@@ -177,10 +187,7 @@ class NetworkRecv extends NetworkSendRecv {
 class Encrypted extends Expr {
   Encrypted() {
     exists(FunctionCall fc |
-      fc.getTarget()
-          .getName()
-          .toLowerCase()
-          .regexpMatch(".*(crypt|encode|decode|hash|securezero).*") and
+      encryptionFunction(fc.getTarget()) and
       (
         this = fc or
         this = fc.getAnArgument()
@@ -189,7 +196,7 @@ class Encrypted extends Expr {
     or
     exists(Type t |
       this.getType().refersTo(t) and
-      t.getName().toLowerCase().regexpMatch(".*(crypt|encode|decode|hash|securezero).*")
+      encryptionType(t)
     )
   }
 }

cpp/ql/src/Security/CWE/CWE-732/DoNotCreateWorldWritable.ql

@@ -12,17 +12,16 @@
 
 import cpp
 import FilePermissions
-import semmle.code.cpp.commons.unix.Constants
 
 predicate worldWritableCreation(FileCreationExpr fc, int mode) {
   mode = localUmask(fc).mask(fc.getMode()) and
-  sets(mode, s_iwoth())
+  setsAnyBits(mode, UnixConstants::s_iwoth())
 }
 
 predicate setWorldWritable(FunctionCall fc, int mode) {
   fc.getTarget().getName() = ["chmod", "fchmod", "_chmod", "_wchmod"] and
   mode = fc.getArgument(1).getValue().toInt() and
-  sets(mode, s_iwoth())
+  setsAnyBits(mode, UnixConstants::s_iwoth())
 }
 
 from Expr fc, int mode, string message

cpp/ql/src/Security/CWE/CWE-732/FilePermissions.qll

@@ -1,5 +1,49 @@
 import cpp
-import semmle.code.cpp.commons.unix.Constants
+import semmle.code.cpp.commons.unix.Constants as UnixConstants
+
+/**
+ * Gets the number corresponding to the contents of `input` in base-16.
+ * Note: the first two characters of `input` must be `0x`. For example:
+ * `parseHex("0x123abc") = 1194684`.
+ */
+bindingset[input]
+int parseHex(string input) {
+  exists(string lowerCaseInput | lowerCaseInput = input.toLowerCase() |
+    lowerCaseInput.regexpMatch("0x[0-9a-f]+") and
+    result =
+      strictsum(int ix |
+        ix in [2 .. input.length()]
+      |
+        16.pow(input.length() - (ix + 1)) * "0123456789abcdef".indexOf(lowerCaseInput.charAt(ix))
+      )
+  )
+}
+
+/**
+ * Gets the value defined by the `O_CREAT` macro if the macro
+ * exists and if every definition defines the same value.
+ */
+int o_creat() {
+  result =
+    unique(int v |
+      exists(Macro m | m.getName() = "O_CREAT" |
+        v = parseHex(m.getBody()) or v = UnixConstants::parseOctal(m.getBody())
+      )
+    )
+}
+
+/**
+ * Gets the value defined by the `O_TMPFILE` macro if the macro
+ * exists and if every definition defines the same value.
+ */
+int o_tmpfile() {
+  result =
+    unique(int v |
+      exists(Macro m | m.getName() = "O_TMPFILE" |
+        v = parseHex(m.getBody()) or v = UnixConstants::parseOctal(m.getBody())
+      )
+    )
+}
 
 bindingset[n, digit]
 private string octalDigit(int n, int digit) {
@@ -20,11 +64,17 @@ string octalFileMode(int mode) {
   else result = "[non-standard mode: decimal " + mode + "]"
 }
 
+/**
+ * Holds if the bitmask `value` sets the bits in `flag`.
+ */
+bindingset[value, flag]
+predicate setsFlag(int value, int flag) { value.bitAnd(flag) = flag }
+
 /**
  * Holds if the bitmask `mask` sets any of the bit fields in `fields`.
  */
 bindingset[mask, fields]
-predicate sets(int mask, int fields) { mask.bitAnd(fields) != 0 }
+predicate setsAnyBits(int mask, int fields) { mask.bitAnd(fields) != 0 }
 
 /**
  * Gets the value that `fc` sets the umask to, if `fc` is a call to
@@ -83,16 +133,24 @@ abstract class FileCreationExpr extends FunctionCall {
   abstract int getMode();
 }
 
-class OpenCreationExpr extends FileCreationExpr {
+abstract class FileCreationWithOptionalModeExpr extends FileCreationExpr {
+  abstract predicate hasModeArgument();
+}
+
+class OpenCreationExpr extends FileCreationWithOptionalModeExpr {
   OpenCreationExpr() {
-    this.getTarget().getName() = ["open", "_open", "_wopen"] and
-    sets(this.getArgument(1).getValue().toInt(), o_creat())
+    this.getTarget().hasGlobalOrStdName(["open", "_open", "_wopen"]) and
+    exists(int flag | flag = this.getArgument(1).getValue().toInt() |
+      setsFlag(flag, o_creat()) or setsFlag(flag, o_tmpfile())
+    )
   }
 
   override Expr getPath() { result = this.getArgument(0) }
 
+  override predicate hasModeArgument() { exists(this.getArgument(2)) }
+
   override int getMode() {
-    if exists(this.getArgument(2))
+    if this.hasModeArgument()
     then result = this.getArgument(2).getValue().toInt()
     else
       // assume anything is permitted
@@ -108,20 +166,35 @@ class CreatCreationExpr extends FileCreationExpr {
   override int getMode() { result = this.getArgument(1).getValue().toInt() }
 }
 
-class OpenatCreationExpr extends FileCreationExpr {
+class OpenatCreationExpr extends FileCreationWithOptionalModeExpr {
   OpenatCreationExpr() {
-    this.getTarget().getName() = "openat" and
-    this.getNumberOfArguments() = 4
+    this.getTarget().hasGlobalOrStdName("openat") and
+    exists(int flag | flag = this.getArgument(2).getValue().toInt() |
+      setsFlag(flag, o_creat()) or setsFlag(flag, o_tmpfile())
+    )
   }
 
   override Expr getPath() { result = this.getArgument(1) }
 
-  override int getMode() { result = this.getArgument(3).getValue().toInt() }
+  override predicate hasModeArgument() { exists(this.getArgument(3)) }
+
+  override int getMode() {
+    if this.hasModeArgument()
+    then result = this.getArgument(3).getValue().toInt()
+    else
+      // assume anything is permitted
+      result = 0.bitNot()
+  }
 }
 
 private int fopenMode() {
   result =
-    s_irusr().bitOr(s_irgrp()).bitOr(s_iroth()).bitOr(s_iwusr()).bitOr(s_iwgrp()).bitOr(s_iwoth())
+    UnixConstants::s_irusr()
+        .bitOr(UnixConstants::s_irgrp())
+        .bitOr(UnixConstants::s_iroth())
+        .bitOr(UnixConstants::s_iwusr())
+        .bitOr(UnixConstants::s_iwgrp())
+        .bitOr(UnixConstants::s_iwoth())
 }
 
 class FopenCreationExpr extends FileCreationExpr {
@@ -153,6 +226,6 @@ class FopensCreationExpr extends FileCreationExpr {
     // fopen_s has restrictive permissions unless you have "u" in the mode
     if this.getArgument(2).getValue().charAt(_) = "u"
     then result = fopenMode()
-    else result = s_irusr().bitOr(s_iwusr())
+    else result = UnixConstants::s_irusr().bitOr(UnixConstants::s_iwusr())
   }
 }

cpp/ql/src/Security/CWE/CWE-732/OpenCallMissingModeArgument.c

@@ -0,0 +1,9 @@
+int open_file_bad() {
+	// BAD - this uses arbitrary bytes from the stack as mode argument
+        return open(FILE, O_CREAT)
+}
+
+int open_file_good() {
+	// GOOD - the mode argument is supplied
+        return open(FILE, O_CREAT, S_IRUSR | S_IWUSR)
+}

cpp/ql/src/Security/CWE/CWE-732/OpenCallMissingModeArgument.qhelp

@@ -0,0 +1,31 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+
+<overview>
+<p>
+When opening a file with the <code>O_CREAT</code> or <code>O_TMPFILE</code> flag, the <code>mode</code> must
+be supplied. If the <code>mode</code> argument is omitted, some arbitrary bytes from the stack will be used
+as the file mode. This leaks some bits from the stack into the permissions of the file.
+</p>
+</overview>
+
+<recommendation>
+<p>
+The <code>mode</code> must be supplied when <code>O_CREAT</code> or <code>O_TMPFILE</code> is specified.
+</p>
+</recommendation>
+
+<example>
+<p>
+The first example opens a file with the <code>O_CREAT</code> flag without supplying the <code>mode</code>
+argument. In this case arbitrary bytes from the stack will be used as <code>mode</code> argument. The
+second example correctly supplies the <code>mode</code> argument and creates a file that is user readable
+and writable.
+</p>
+
+<sample src="OpenCallMissingModeArgument.c" />
+
+</example>
+</qhelp>

cpp/ql/src/Security/CWE/CWE-732/OpenCallMissingModeArgument.ql

@@ -0,0 +1,19 @@
+/**
+ * @name File opened with O_CREAT flag but without mode argument
+ * @description Opening a file with the O_CREAT flag but without mode argument reads arbitrary bytes from the stack.
+ * @kind problem
+ * @problem.severity error
+ * @security-severity 7.8
+ * @precision high
+ * @id cpp/open-call-with-mode-argument
+ * @tags security
+ *       external/cwe/cwe-732
+ */
+
+import cpp
+import FilePermissions
+
+from FileCreationWithOptionalModeExpr fc
+where not fc.hasModeArgument()
+select fc,
+  "A file is created here without providing a mode argument, which may leak bits from the stack."

cpp/ql/src/change-notes/2021-12-14-overruning-write-split.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* A new `cpp/very-likely-overruning-write` query has been added to the default query suite for C/C++. The query reports some results that were formerly flagged by `cpp/overruning-write`.

cpp/ql/src/change-notes/2021-12-30-ambiguously-signed-bit-field.md

@@ -1,5 +0,0 @@
----
-category: minorAnalysis
----
-* Added exception for GLib's gboolean to cpp/ambiguously-signed-bit-field.
-  This change reduces the number of false positives in the query.

cpp/ql/src/change-notes/2022-01-05-promote-uncontrolled-arithmetic.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* The "Uncontrolled data in arithmetic expression" (cpp/uncontrolled-arithmetic) query has been enhanced to reduce false positive results and its @precision increased to high.

cpp/ql/src/change-notes/2022-01-18-improper-null-termination.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The "Potential improper null termination" (`cpp/improper-null-termination`) query now produces fewer false positive results around control flow branches and loops.

cpp/ql/src/change-notes/2022-01-19-cleartext-transmission.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query has been improved in several ways to reduce false positive results.

cpp/ql/src/change-notes/2022-01-20-return-stack-allocated-memory.md

@@ -1,5 +0,0 @@
----
-category: minorAnalysis
----
-* The `cpp/return-stack-allocated-memory` query has been improved to produce fewer false positives. The
-  query has also been converted to a `path-problem` query.

cpp/ql/src/change-notes/2022-01-22-cleartext-transmission.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query now finds more results, where a password is stored in a struct field or class member variable.

cpp/ql/src/change-notes/2022-01-24-cleartext-storage-file.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The `cpp/cleartext-storage-file` query has been upgraded with non-local taint flow and has been converted to a `path-problem` query.

cpp/ql/src/change-notes/2022-01-24-return-stack-allocated-memory.md

@@ -1,4 +0,0 @@
----
-category: newQuery
----
-* The `security` tag has been added to the `cpp/return-stack-allocated-memory` query. As a result, its results will now appear by default.

cpp/ql/src/change-notes/2022-01-25-cleartext-storage-buffer.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The `cpp/cleartext-storage-buffer` query has been updated to use the `semmle.code.cpp.dataflow.TaintTracking` library.

cpp/ql/src/change-notes/2022-01-26-unnamed-variable-declaration-hiding.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* Fix an issue with the `cpp/declaration-hides-variable` query where it would report variables that are unnamed in a database.

cpp/ql/src/change-notes/2022-01-28-cleartext-storage-file.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The `cpp/cleartext-storage-file` query has been improved, removing false positives where data is written to a standard output stream.

cpp/ql/src/change-notes/2022-02-22-cleartext-transmission.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query has been further improved to reduce false positive results, and upgraded from `medium` to `high` precision.

cpp/ql/src/change-notes/released/0.0.8.md

@@ -0,0 +1,18 @@
+## 0.0.8
+
+### New Queries
+
+* The `security` tag has been added to the `cpp/return-stack-allocated-memory` query. As a result, its results will now appear by default.
+* The "Uncontrolled data in arithmetic expression" (cpp/uncontrolled-arithmetic) query has been enhanced to reduce false positive results and its @precision increased to high.
+* A new `cpp/very-likely-overruning-write` query has been added to the default query suite for C/C++. The query reports some results that were formerly flagged by `cpp/overruning-write`.
+
+### Minor Analysis Improvements
+
+* Fix an issue with the `cpp/declaration-hides-variable` query where it would report variables that are unnamed in a database.
+* The `cpp/cleartext-storage-file` query has been upgraded with non-local taint flow and has been converted to a `path-problem` query.
+* The `cpp/return-stack-allocated-memory` query has been improved to produce fewer false positives. The
+  query has also been converted to a `path-problem` query.
+* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query has been improved in several ways to reduce false positive results.
+* The "Potential improper null termination" (`cpp/improper-null-termination`) query now produces fewer false positive results around control flow branches and loops.
+* Added exception for GLib's gboolean to cpp/ambiguously-signed-bit-field.
+  This change reduces the number of false positives in the query.

cpp/ql/src/change-notes/released/0.0.9.md

@@ -0,0 +1,13 @@
+## 0.0.9
+
+### New Queries
+
+* Added a new query, `cpp/open-call-with-mode-argument`, to detect when `open` or `openat` is called with the `O_CREAT` or `O_TMPFILE` flag but when the `mode` argument is omitted.
+
+### Minor Analysis Improvements
+
+* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query has been further improved to reduce false positive results, and upgraded from `medium` to `high` precision.
+* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query now finds more results, where a password is stored in a struct field or class member variable.
+* The `cpp/cleartext-storage-file` query has been improved, removing false positives where data is written to a standard output stream.
+* The `cpp/cleartext-storage-buffer` query has been updated to use the `semmle.code.cpp.dataflow.TaintTracking` library.
+* The `cpp/world-writable-file-creation` query now only detects `open` and `openat` calls with the `O_CREAT` or `O_TMPFILE` flag.

cpp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.7
+lastReleaseVersion: 0.0.9

cpp/ql/src/experimental/Best Practices/UselessTest.ql

@@ -38,6 +38,8 @@ where
   ) and
   eq.getRightOperand() instanceof Literal and
   ne.getRightOperand() instanceof Literal and
+  eq.getLeftOperand().getFullyConverted().getUnspecifiedType() =
+    ne.getLeftOperand().getFullyConverted().getUnspecifiedType() and
   nearestParent(eq) = nearestParent(ne) and
   sameExpr(eq.getLeftOperand(), ne.getLeftOperand())
 select ne, "Useless Test"

cpp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 0.0.8-dev
+version: 0.0.9
 groups: 
   - cpp
   - queries

cpp/ql/test/query-tests/Best Practices/Hiding/DeclarationHidesVariable/DeclarationHidesVariable.expected

@@ -1,2 +1,3 @@
 | hiding.cpp:6:17:6:17 | i | Variable i hides another variable of the same name (on $@). | hiding.cpp:4:13:4:13 | i | line 4 |
 | hiding.cpp:18:15:18:15 | k | Variable k hides another variable of the same name (on $@). | hiding.cpp:15:11:15:11 | k | line 15 |
+| hiding.cpp:38:11:38:11 | x | Variable x hides another variable of the same name (on $@). | hiding.cpp:36:9:36:9 | x | line 36 |

cpp/ql/test/query-tests/Best Practices/Hiding/DeclarationHidesVariable/hiding.cpp

@@ -35,7 +35,7 @@ void structuredBinding() {
   int xs[1] = {1};
   auto [x] = xs;
   {
-    auto [x] = xs; // BAD [NOT DETECTED]
+    auto [x] = xs; // BAD
     auto [y] = xs; // GOOD
   }
 }

cpp/ql/test/query-tests/Security/CWE/CWE-732/OpenCallMissingModeArgument.c

@@ -0,0 +1,29 @@
+typedef unsigned int mode_t;
+
+#define O_RDWR     0x0002
+#define O_CLOEXEC  0x0040
+#define O_NONBLOCK 0x0080
+#define O_CREAT    0x0200
+#define O_APPEND   0x0800
+#define O_TMPFILE  0x2000
+
+int open(const char *pathname, int flags, ...);
+
+int openat(int dirfd, const char *pathname, int flags, ...);
+
+const char *a_file = "/a_file";
+
+void test_open() {
+  open(a_file, O_NONBLOCK); // GOOD
+  open(a_file, O_RDWR | O_CLOEXEC); // GOOD
+  open(a_file, O_APPEND); // GOOD
+  open(a_file, O_CREAT); // BAD
+  open(a_file, O_CREAT, 0); // GOOD
+  open(a_file, O_TMPFILE); // BAD
+  open(a_file, O_TMPFILE, 0); // GOOD
+  openat(0, a_file, O_APPEND); // GOOD
+  openat(0, a_file, O_CREAT); // BAD
+  openat(0, a_file, O_CREAT, 0); // GOOD
+  openat(0, a_file, O_TMPFILE); // BAD
+  openat(0, a_file, O_TMPFILE, 0); // GOOD
+}

cpp/ql/test/query-tests/Security/CWE/CWE-732/OpenCallMissingModeArgument.expected

@@ -0,0 +1,4 @@
+| OpenCallMissingModeArgument.c:20:3:20:6 | call to open | A file is created here without providing a mode argument, which may leak bits from the stack. |
+| OpenCallMissingModeArgument.c:22:3:22:6 | call to open | A file is created here without providing a mode argument, which may leak bits from the stack. |
+| OpenCallMissingModeArgument.c:25:3:25:8 | call to openat | A file is created here without providing a mode argument, which may leak bits from the stack. |
+| OpenCallMissingModeArgument.c:27:3:27:8 | call to openat | A file is created here without providing a mode argument, which may leak bits from the stack. |

cpp/ql/test/query-tests/Security/CWE/CWE-732/OpenCallMissingModeArgument.qlref

@@ -0,0 +1 @@
+Security/CWE/CWE-732/OpenCallMissingModeArgument.ql

csharp/downgrades/4b9c288ece4218779b6113b17af42795f4bbbee1/upgrade.properties

@@ -0,0 +1,3 @@
+description: Remove 'lambda_expr_return_type' relation.
+compatibility: backwards
+lambda_expr_return_type.rel: delete

csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Lambda.cs

@@ -22,12 +22,13 @@ namespace Semmle.Extraction.CSharp.Entities.Expressions
             Parameter.Create(Context, symbol, this);
         }
 
-        private Lambda(ExpressionNodeInfo info, CSharpSyntaxNode body, IEnumerable<ParameterSyntax> @params)
+        private Lambda(ExpressionNodeInfo info, CSharpSyntaxNode body, IEnumerable<ParameterSyntax> @params, TypeSyntax? @return)
             : base(info)
         {
             if (Context.GetModel(info.Node).GetSymbolInfo(info.Node).Symbol is IMethodSymbol symbol)
             {
                 Modifier.ExtractModifiers(Context, info.Context.TrapWriter.Writer, this, symbol);
+                Attribute.ExtractAttributes(Context, symbol, this);
             }
             else
             {
@@ -40,6 +41,13 @@ namespace Semmle.Extraction.CSharp.Entities.Expressions
                 foreach (var param in @params)
                     VisitParameter(param);
 
+                if (@return is not null)
+                {
+                    var symbol = Context.GetType(@return);
+                    var type = Entities.Type.Create(Context, symbol);
+                    var trapFile = Context.TrapWriter.Writer;
+                    trapFile.lambda_expr_return_type(this, type.TypeRef);
+                }
                 if (body is ExpressionSyntax exprBody)
                     Create(Context, exprBody, this, 0);
                 else if (body is BlockSyntax blockBody)
@@ -50,17 +58,17 @@ namespace Semmle.Extraction.CSharp.Entities.Expressions
         }
 
         private Lambda(ExpressionNodeInfo info, ParenthesizedLambdaExpressionSyntax node)
-            : this(info.SetKind(ExprKind.LAMBDA), node.Body, node.ParameterList.Parameters) { }
+            : this(info.SetKind(ExprKind.LAMBDA), node.Body, node.ParameterList.Parameters, node.ReturnType) { }
 
         public static Lambda Create(ExpressionNodeInfo info, ParenthesizedLambdaExpressionSyntax node) => new Lambda(info, node);
 
         private Lambda(ExpressionNodeInfo info, SimpleLambdaExpressionSyntax node)
-            : this(info.SetKind(ExprKind.LAMBDA), node.Body, Enumerators.Singleton(node.Parameter)) { }
+            : this(info.SetKind(ExprKind.LAMBDA), node.Body, Enumerators.Singleton(node.Parameter), null) { }
 
         public static Lambda Create(ExpressionNodeInfo info, SimpleLambdaExpressionSyntax node) => new Lambda(info, node);
 
         private Lambda(ExpressionNodeInfo info, AnonymousMethodExpressionSyntax node) :
-            this(info.SetKind(ExprKind.ANONYMOUS_METHOD), node.Body, node.ParameterList is null ? Enumerable.Empty<ParameterSyntax>() : node.ParameterList.Parameters)
+            this(info.SetKind(ExprKind.ANONYMOUS_METHOD), node.Body, node.ParameterList is null ? Enumerable.Empty<ParameterSyntax>() : node.ParameterList.Parameters, null)
         { }
 
         public static Lambda Create(ExpressionNodeInfo info, AnonymousMethodExpressionSyntax node) => new Lambda(info, node);

csharp/extractor/Semmle.Extraction.CSharp/Tuples.cs

@@ -215,6 +215,9 @@ namespace Semmle.Extraction.CSharp
         internal static void indexers(this TextWriter trapFile, Indexer propKey, string name, Type declaringType, Type memberType, Indexer unboundProperty) =>
             trapFile.WriteTuple("indexers", propKey, name, declaringType, memberType, unboundProperty);
 
+        internal static void lambda_expr_return_type(this TextWriter trapFile, Lambda expr, Type returnType) =>
+            trapFile.WriteTuple("lambda_expr_return_type", expr, returnType);
+
         internal static void local_function_stmts(this TextWriter trapFile, Entities.Statements.LocalFunction fnStmt, LocalFunction fn) =>
             trapFile.WriteTuple("local_function_stmts", fnStmt, fn);
 

csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md

@@ -1 +1,7 @@
+## 1.0.3
+
+## 1.0.2
+
 ## 1.0.0
+
+## 0.0.6

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.0.2.md

@@ -0,0 +1 @@
+## 1.0.2

csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.0.3.md

@@ -0,0 +1 @@
+## 1.0.3

csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.1
+lastReleaseVersion: 1.0.3

csharp/ql/campaigns/Solorigate/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-all
-version: 1.0.2-dev
+version: 1.0.3
 groups:
     - csharp
     - solorigate

csharp/ql/campaigns/Solorigate/src/CHANGELOG.md

@@ -1 +1,7 @@
+## 1.0.3
+
+## 1.0.2
+
 ## 1.0.0
+
+## 0.0.6

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.0.2.md

@@ -0,0 +1 @@
+## 1.0.2

csharp/ql/campaigns/Solorigate/src/change-notes/released/1.0.3.md

@@ -0,0 +1 @@
+## 1.0.3

csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.0.1
+lastReleaseVersion: 1.0.3

csharp/ql/campaigns/Solorigate/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-solorigate-queries
-version: 1.0.2-dev
+version: 1.0.3
 groups:
     - csharp
     - solorigate

csharp/ql/consistency-queries/qlpack.yml

@@ -1,6 +1,5 @@
 name: codeql-csharp-consistency-queries
-version: 0.0.0
-libraryPathDependencies:
-  - codeql/csharp-all
-  - codeql/csharp-queries
+groups: [csharp, test, consistency-queries]
+dependencies:
+  codeql/csharp-all: "*"
 extractor: csharp

csharp/ql/lib/CHANGELOG.md

@@ -1,3 +1,35 @@
+## 0.0.9
+
+### Major Analysis Improvements
+
+* Added support for C# 10 lambda improvements
+  * Explicit return types on lambda expressions.
+  * Lambda expression can be tagged with method and return value attributes.
+* Added support for C# 10 [Extended property patterns](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#extended-property-patterns).
+* Return value attributes are extracted.
+* The QL `Attribute` class now has subclasses for each kind of attribute.
+
+## 0.0.8
+
+### Deprecated APIs
+
+* The `codeql/csharp-upgrades` CodeQL pack has been removed. All upgrades scripts have been merged into the `codeql/charp-all` CodeQL pack.
+
+### Major Analysis Improvements
+
+Added support for the following C# 10 features.
+* [Record structs](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#record-structs).
+* [Improvements of structure types](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#improvements-of-structure-types).
+  * Instance parameterless constructor in a structure type.
+  * Enhance `WithExpr` in QL to support `structs` and anonymous classes.
+* [Global using directives](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#global-using-directives).
+* [File-scoped namespace declaration](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#file-scoped-namespace-declaration).
+* [Enhanced #line pragma](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#enhanced-line-pragma).
+
+### Minor Analysis Improvements
+
+* The query `cs/local-shadows-member` no longer highlights parameters of `record` types.
+
 ## 0.0.7
 
 ## 0.0.6

csharp/ql/lib/change-notes/2021-02-02-return-value-attributes.md

@@ -1,5 +0,0 @@
----
-category: majorAnalysis
----
-* Return value attributes are extracted.
-* The QL `Attribute` class now has subclasses for each kind of attribute.

csharp/ql/lib/change-notes/2022-01-11-remove-upgrades-packs.md

@@ -1,4 +0,0 @@
----
-category: deprecated
----
-* The `codeql/csharp-upgrades` CodeQL pack has been removed. All upgrades scripts have been merged into the `codeql/charp-all` CodeQL pack.

csharp/ql/lib/change-notes/2022-01-18-local-shadows-member.md

@@ -1,4 +0,0 @@
----
-category: minorAnalysis
----
-* The query `cs/local-shadows-member` no longer highlights parameters of `record` types.

csharp/ql/lib/change-notes/2022-01-25-extended-property-patterns.md

@@ -1,4 +0,0 @@
----
-category: majorAnalysis
----
-* Added support for C# 10 [Extended property patterns](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#extended-property-patterns).

csharp/ql/lib/change-notes/released/0.0.8.md

@@ -1,6 +1,11 @@
----
-category: majorAnalysis
----
+## 0.0.8
+
+### Deprecated APIs
+
+* The `codeql/csharp-upgrades` CodeQL pack has been removed. All upgrades scripts have been merged into the `codeql/charp-all` CodeQL pack.
+
+### Major Analysis Improvements
+
 Added support for the following C# 10 features.
 * [Record structs](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#record-structs).
 * [Improvements of structure types](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#improvements-of-structure-types).
@@ -8,4 +13,8 @@ Added support for the following C# 10 features.
   * Enhance `WithExpr` in QL to support `structs` and anonymous classes.
 * [Global using directives](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#global-using-directives).
 * [File-scoped namespace declaration](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#file-scoped-namespace-declaration).
-* [Enhanced #line pragma](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#enhanced-line-pragma).
+* [Enhanced #line pragma](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#enhanced-line-pragma).
+
+### Minor Analysis Improvements
+
+* The query `cs/local-shadows-member` no longer highlights parameters of `record` types.

csharp/ql/lib/change-notes/released/0.0.9.md

@@ -0,0 +1,10 @@
+## 0.0.9
+
+### Major Analysis Improvements
+
+Added support for C# 10 lambda improvements
+* Explicit return types on lambda expressions.
+* Lambda expression can be tagged with method and return value attributes.
+* Added support for C# 10 [Extended property patterns](https://docs.microsoft.com/en-us/dotnet/csharp/whats-new/csharp-10#extended-property-patterns).
+* Return value attributes are extracted.
+* The QL `Attribute` class now has subclasses for each kind of attribute.

csharp/ql/lib/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.7
+lastReleaseVersion: 0.0.9

csharp/ql/lib/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-all
-version: 0.0.8-dev
+version: 0.0.9
 groups: csharp
 dbscheme: semmlecode.csharp.dbscheme
 extractor: csharp

csharp/ql/lib/semmle/code/csharp/Attribute.qll

@@ -10,8 +10,8 @@ private import TypeRef
  * An element that can have attributes. Either an assembly (`Assembly`), a field (`Field`),
  * a parameter (`Parameter`), an operator (`Operator`), a method (`Method`), a constructor (`Constructor`),
  * a destructor (`Destructor`), a callable accessor (`CallableAccessor`), a value or reference type
- * (`ValueOrRefType`), a declaration with accessors (`DeclarationWithAccessors`), or a local function
- * (`LocalFunction`).
+ * (`ValueOrRefType`), a declaration with accessors (`DeclarationWithAccessors`), a local function
+ * (`LocalFunction`) or a lambda expression (`LambdaExp`).
  */
 class Attributable extends @attributable {
   /** Gets an attribute attached to this element, if any. */

csharp/ql/lib/semmle/code/csharp/exprs/Creation.qll

@@ -5,6 +5,7 @@
 import Expr
 import semmle.code.csharp.Callable
 private import semmle.code.csharp.frameworks.system.linq.Expressions
+private import semmle.code.csharp.TypeRef
 
 /**
  * Either an object initializer (`ObjectInitializer`) or a collection
@@ -434,6 +435,12 @@ class AnonymousFunctionExpr extends Expr, Callable, Modifiable, @anonymous_funct
  * A lambda expression, for example `(int x) => x + 1`.
  */
 class LambdaExpr extends AnonymousFunctionExpr, @lambda_expr {
+  /* Holds if this lambda expression has explicit return type. */
+  predicate hasExplicitReturnType() { lambda_expr_return_type(this, _) }
+
+  /* Gets the explicit return type of this lambda expression, if any. */
+  Type getExplicitReturnType() { lambda_expr_return_type(this, getTypeRef(result)) }
+
   override string toString() { result = "(...) => ..." }
 
   override string getAPrimaryQlClass() { result = "LambdaExpr" }

csharp/ql/lib/semmlecode.csharp.dbscheme

@@ -191,7 +191,7 @@ sourceLocationPrefix(
 
 @attributable = @assembly | @field | @parameter | @operator | @method | @constructor
               | @destructor | @callable_accessor | @value_or_ref_type | @declaration_with_accessors
-              | @local_function;
+              | @local_function | @lambda_expr;
 
 /** LOCATIONS, ASEMMBLIES, MODULES, FILES and FOLDERS **/
 
@@ -1269,6 +1269,10 @@ expr_argument_name(
   unique int id: @expr ref,
   string name: string ref);
 
+lambda_expr_return_type(
+  unique int id: @lambda_expr ref,
+  int type_id: @type_or_ref ref);
+  
 /** CONTROL/DATA FLOW **/
 
 @control_flow_element = @stmt | @expr;

csharp/ql/lib/upgrades/ab09ac8287516082b7a7367f8fda1862b1be47c5/upgrade.properties

@@ -0,0 +1,2 @@
+description: Add relation 'lambda_expr_return_type' for lambdas with explicit return types.
+compatibility: backwards

csharp/ql/src/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 0.0.9
+
+## 0.0.8
+
 ## 0.0.7
 
 ## 0.0.6

csharp/ql/src/change-notes/released/0.0.8.md

@@ -0,0 +1 @@
+## 0.0.8

csharp/ql/src/change-notes/released/0.0.9.md

@@ -0,0 +1 @@
+## 0.0.9

csharp/ql/src/codeql-pack.release.yml

@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 0.0.7
+lastReleaseVersion: 0.0.9

csharp/ql/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/csharp-queries
-version: 0.0.8-dev
+version: 0.0.9
 groups: 
   - csharp
   - queries

csharp/ql/test/library-tests/csharp10/Lambda.cs

@@ -0,0 +1,20 @@
+using System;
+
+public class Lambda
+{
+    public void M1()
+    {
+        // Examples need for implicitly typed lambdas.
+        Func<int, string> f1 = (int x) => x.ToString();
+        var f2 = (int x) => x.ToString();
+
+        // Examples need for  explicit return type for implicitly and explicitly typed lambda.
+        var f3 = object (bool b) => b ? "1" : 0;
+        Func<bool, object> f4 = object (bool b) => b ? "1" : 0;
+
+        // Examples needed for explicit return type for downcast.
+        var f5 = int (bool b) => b ? 1 : 0;
+        var f6 = object (bool b) => b ? 1 : 0;
+    }
+}
+

csharp/ql/test/library-tests/csharp10/LambdaAttributes.cs

@@ -0,0 +1,18 @@
+using System;
+
+public class Example : Attribute
+{
+    public Example(int x) { }
+}
+
+public class LambdaAttributes
+{
+
+    public void M1()
+    {
+        // Examples needed for attributes.
+        var f7 = ([Example(1)] int x) => x.ToString(); // Parameter attribute
+        var f8 =[Example(2)] (int x) => x.ToString(); // Lambda attribute
+        var f9 =[return: Example(3)] (int x) => x.ToString(); // Return value attribute
+    }
+}

csharp/ql/test/library-tests/csharp10/Tuples.cs

@@ -0,0 +1,27 @@
+using System;
+
+public class Deconstruction
+{
+    public void M1()
+    {
+        // Declaration and Assignment
+        (int x1, int y1) = (10, 11);
+
+        // Assignment
+        int x2 = 0;
+        int y2 = 0;
+        (x2, y2) = (20, 21);
+
+        // Mixed
+        int y3 = 0;
+        (int x3, y3) = (30, 31);
+
+        int x4 = 0;
+        (x4, int y4) = (40, 41);
+
+        // Nested, Mixed
+        int x5 = 0;
+        int y51 = 0;
+        (x5, (int y50, y51)) = (50, (51, 52));
+    }
+}

csharp/ql/test/library-tests/csharp10/lambda.expected

@@ -0,0 +1,23 @@
+lambdaDeclaration
+| Func<bool, int> | Lambda.cs:16:13:16:14 | f5 | Lambda.cs:16:18:16:42 | (...) => ... |
+| Func<bool, object> | Lambda.cs:12:13:12:14 | f3 | Lambda.cs:12:18:12:47 | (...) => ... |
+| Func<bool, object> | Lambda.cs:13:28:13:29 | f4 | Lambda.cs:13:33:13:62 | (...) => ... |
+| Func<bool, object> | Lambda.cs:17:13:17:14 | f6 | Lambda.cs:17:18:17:45 | (...) => ... |
+| Func<int, string> | Lambda.cs:8:27:8:28 | f1 | Lambda.cs:8:32:8:54 | (...) => ... |
+| Func<int, string> | Lambda.cs:9:13:9:14 | f2 | Lambda.cs:9:18:9:40 | (...) => ... |
+| Func<int, string> | LambdaAttributes.cs:14:13:14:14 | f7 | LambdaAttributes.cs:14:18:14:53 | (...) => ... |
+| Func<int, string> | LambdaAttributes.cs:15:13:15:14 | f8 | LambdaAttributes.cs:15:17:15:52 | (...) => ... |
+| Func<int, string> | LambdaAttributes.cs:16:13:16:14 | f9 | LambdaAttributes.cs:16:17:16:60 | (...) => ... |
+lambdaDeclarationNatural
+| Func<bool, int> | Lambda.cs:16:13:16:14 | f5 | Lambda.cs:16:18:16:42 | (...) => ... |
+| Func<bool, object> | Lambda.cs:12:13:12:14 | f3 | Lambda.cs:12:18:12:47 | (...) => ... |
+| Func<bool, object> | Lambda.cs:17:13:17:14 | f6 | Lambda.cs:17:18:17:45 | (...) => ... |
+| Func<int, string> | Lambda.cs:9:13:9:14 | f2 | Lambda.cs:9:18:9:40 | (...) => ... |
+| Func<int, string> | LambdaAttributes.cs:14:13:14:14 | f7 | LambdaAttributes.cs:14:18:14:53 | (...) => ... |
+| Func<int, string> | LambdaAttributes.cs:15:13:15:14 | f8 | LambdaAttributes.cs:15:17:15:52 | (...) => ... |
+| Func<int, string> | LambdaAttributes.cs:16:13:16:14 | f9 | LambdaAttributes.cs:16:17:16:60 | (...) => ... |
+lambdaDeclarationExplicitReturnType
+| Func<bool, int> | int | int | Lambda.cs:16:13:16:14 | f5 | Lambda.cs:16:18:16:42 | (...) => ... |
+| Func<bool, object> | object | object | Lambda.cs:12:13:12:14 | f3 | Lambda.cs:12:18:12:47 | (...) => ... |
+| Func<bool, object> | object | object | Lambda.cs:13:28:13:29 | f4 | Lambda.cs:13:33:13:62 | (...) => ... |
+| Func<bool, object> | object | object | Lambda.cs:17:13:17:14 | f6 | Lambda.cs:17:18:17:45 | (...) => ... |

csharp/ql/test/library-tests/csharp10/lambda.ql

@@ -0,0 +1,25 @@
+import csharp
+
+private predicate getLambda(
+  LocalVariableDeclAndInitExpr e, string type, LocalVariable v, LambdaExpr lexp
+) {
+  lexp = e.getRValue() and
+  v = e.getTargetVariable() and
+  type = e.getType().toStringWithTypes()
+}
+
+query predicate lambdaDeclaration(string type, LocalVariable v, LambdaExpr lexp) {
+  getLambda(_, type, v, lexp)
+}
+
+query predicate lambdaDeclarationNatural(string type, LocalVariable v, LambdaExpr lexp) {
+  exists(LocalVariableDeclAndInitExpr e | getLambda(e, type, v, lexp) and e.isImplicitlyTyped())
+}
+
+query predicate lambdaDeclarationExplicitReturnType(
+  string type, string explicit, string actual, LocalVariable v, LambdaExpr lexp
+) {
+  getLambda(_, type, v, lexp) and
+  explicit = lexp.getExplicitReturnType().toStringWithTypes() and
+  actual = lexp.getReturnType().toStringWithTypes()
+}

csharp/ql/test/library-tests/csharp10/lambdaAttributes.expected

@@ -0,0 +1,7 @@
+allAttributes
+| LambdaAttributes.cs:14:20:14:26 | [Example(...)] | LambdaAttributes.cs:14:28:14:28 | 1 | Parameter |
+| LambdaAttributes.cs:15:18:15:24 | [Example(...)] | LambdaAttributes.cs:15:26:15:26 | 2 | LambdaExpr |
+| LambdaAttributes.cs:16:26:16:32 | [return: Example(...)] | LambdaAttributes.cs:16:34:16:34 | 3 | LambdaExpr |
+lambdaAttributes
+| LambdaAttributes.cs:15:18:15:24 | [Example(...)] | LambdaAttributes.cs:15:26:15:26 | 2 | LambdaAttributes.cs:15:17:15:52 | (...) => ... |
+| LambdaAttributes.cs:16:26:16:32 | [return: Example(...)] | LambdaAttributes.cs:16:34:16:34 | 3 | LambdaAttributes.cs:16:17:16:60 | (...) => ... |

csharp/ql/test/library-tests/csharp10/lambdaAttributes.ql

@@ -0,0 +1,11 @@
+import csharp
+
+query predicate allAttributes(Attribute a, Expr arg, string c) {
+  a.fromSource() and
+  arg = a.getArgument(0) and
+  c = a.getTarget().(Element).getAPrimaryQlClass()
+}
+
+query predicate lambdaAttributes(Attribute a, Expr arg, LambdaExpr l) {
+  allAttributes(a, arg, _) and a.getTarget() = l
+}

csharp/ql/test/library-tests/csharp10/tuples.expected

@@ -0,0 +1,18 @@
+declarations
+| Tuples.cs:8:14:8:15 | Int32 x1 |
+| Tuples.cs:8:22:8:23 | Int32 y1 |
+| Tuples.cs:17:14:17:15 | Int32 x3 |
+| Tuples.cs:20:18:20:19 | Int32 y4 |
+| Tuples.cs:25:19:25:21 | Int32 y50 |
+assignments
+| Tuples.cs:8:9:8:35 | ... = ... | Tuples.cs:8:14:8:15 | x1 | 0 |
+| Tuples.cs:8:9:8:35 | ... = ... | Tuples.cs:8:22:8:23 | y1 | 1 |
+| Tuples.cs:13:9:13:27 | ... = ... | Tuples.cs:11:13:11:14 | x2 | 0 |
+| Tuples.cs:13:9:13:27 | ... = ... | Tuples.cs:12:13:12:14 | y2 | 1 |
+| Tuples.cs:17:9:17:31 | ... = ... | Tuples.cs:16:13:16:14 | y3 | 1 |
+| Tuples.cs:17:9:17:31 | ... = ... | Tuples.cs:17:14:17:15 | x3 | 0 |
+| Tuples.cs:20:9:20:31 | ... = ... | Tuples.cs:19:13:19:14 | x4 | 0 |
+| Tuples.cs:20:9:20:31 | ... = ... | Tuples.cs:20:18:20:19 | y4 | 1 |
+| Tuples.cs:25:9:25:45 | ... = ... | Tuples.cs:23:13:23:14 | x5 | 0 |
+| Tuples.cs:25:9:25:45 | ... = ... | Tuples.cs:24:13:24:15 | y51 | 2 |
+| Tuples.cs:25:9:25:45 | ... = ... | Tuples.cs:25:19:25:21 | y50 | 1 |

csharp/ql/test/library-tests/csharp10/tuples.ql

@@ -0,0 +1,14 @@
+import csharp
+
+private predicate relevant(Element e) { e.getFile().getBaseName() = "Tuples.cs" }
+
+query predicate declarations(LocalVariableDeclExpr d) {
+  relevant(d) and
+  d.getParent*() instanceof TupleExpr
+}
+
+query predicate assignments(AssignableDefinitions::TupleAssignmentDefinition t, Assignable a, int o) {
+  relevant(t.getAssignment()) and
+  a = t.getTarget() and
+  o = t.getEvaluationOrder()
+}

csharp/ql/test/library-tests/dataflow/patterns/PatternFlow.expected

@@ -0,0 +1,5 @@
+failures
+edges
+nodes
+subpaths
+#select

csharp/ql/test/library-tests/dataflow/patterns/PatternFlow.ql

@@ -0,0 +1,11 @@
+/**
+ * @kind path-problem
+ */
+
+import csharp
+import DataFlow::PathGraph
+import TestUtilities.InlineFlowTest
+
+from DataFlow::PathNode source, DataFlow::PathNode sink, DefaultValueFlowConf conf
+where conf.hasFlowPath(source, sink)
+select sink, source, sink, "$@", source, source.toString()

csharp/ql/test/library-tests/dataflow/patterns/Patterns.cs

@@ -0,0 +1,54 @@
+using System;
+
+public record class RecordClass2(object Prop) { }
+
+public record class Nested(RecordClass2 Record) { }
+
+public class RecordPatterns
+{
+    private void M1()
+    {
+        var o = Source<object>(1);
+        var r = new RecordClass2(o);
+        if (r is RecordClass2 { Prop: object p })
+        {
+            Sink(p); // $ MISSING: hasValueFlow=1
+        }
+    }
+
+    private void M2()
+    {
+        var o = Source<object>(2);
+        var r = new RecordClass2(o);
+        switch (r)
+        {
+            case RecordClass2 { Prop: object p }:
+                Sink(p); // $ MISSING: hasValueFlow=2
+                break;
+        }
+    }
+
+    private void M3()
+    {
+        var o = Source<object>(3);
+        var s = new Nested(new RecordClass2(o));
+        if (s is Nested { Record: { Prop: object p } })
+        {
+            Sink(p); // $ MISSING: hasValueFlow=3
+        }
+    }
+
+    private void M4()
+    {
+        var o = Source<object>(4);
+        var s = new Nested(new RecordClass2(o));
+        if (s is Nested { Record.Prop: object p })
+        {
+            Sink(p); // $ MISSING: hasValueFlow=4
+        }
+    }
+
+    public static void Sink(object o) { }
+
+    static T Source<T>(object source) => throw null;
+}

csharp/ql/test/library-tests/dataflow/tuples/DataFlowStep.expected

@@ -1,111 +1,172 @@
-| Tuples.cs:7:13:7:56 | SSA def(x) | Tuples.cs:8:27:8:27 | access to local variable x |
-| Tuples.cs:7:13:7:56 | SSA qualifier def(x.Item1) | Tuples.cs:23:14:23:20 | access to field Item1 |
-| Tuples.cs:7:13:7:56 | SSA qualifier def(x.Item2) | Tuples.cs:25:14:25:20 | access to field Item2 |
-| Tuples.cs:7:13:7:56 | SSA qualifier def(x.Item2.Item1) | Tuples.cs:25:14:25:26 | access to field Item1 |
-| Tuples.cs:7:13:7:56 | SSA qualifier def(x.Item2.Item2) | Tuples.cs:26:14:26:26 | access to field Item2 |
-| Tuples.cs:7:17:7:56 | (..., ...) | Tuples.cs:7:13:7:56 | SSA def(x) |
-| Tuples.cs:8:9:8:27 | SSA def(a) | Tuples.cs:9:14:9:14 | access to local variable a |
-| Tuples.cs:8:9:8:27 | SSA def(b) | Tuples.cs:10:14:10:14 | access to local variable b |
-| Tuples.cs:8:9:8:27 | SSA def(c) | Tuples.cs:11:14:11:14 | access to local variable c |
-| Tuples.cs:8:27:8:27 | access to local variable x | Tuples.cs:8:9:8:23 | (..., ...) |
-| Tuples.cs:8:27:8:27 | access to local variable x | Tuples.cs:13:23:13:23 | access to local variable x |
-| Tuples.cs:13:9:13:23 | SSA def(a) | Tuples.cs:14:14:14:14 | access to local variable a |
-| Tuples.cs:13:9:13:23 | SSA def(b) | Tuples.cs:15:14:15:14 | access to local variable b |
-| Tuples.cs:13:9:13:23 | SSA def(c) | Tuples.cs:16:14:16:14 | access to local variable c |
-| Tuples.cs:13:23:13:23 | access to local variable x | Tuples.cs:13:9:13:19 | (..., ...) |
-| Tuples.cs:13:23:13:23 | access to local variable x | Tuples.cs:18:26:18:26 | access to local variable x |
-| Tuples.cs:18:9:18:26 | SSA def(p) | Tuples.cs:19:14:19:14 | access to local variable p |
-| Tuples.cs:18:9:18:26 | SSA def(q) | Tuples.cs:20:14:20:14 | access to local variable q |
-| Tuples.cs:18:9:18:26 | SSA qualifier def(q.Item1) | Tuples.cs:20:14:20:20 | access to field Item1 |
-| Tuples.cs:18:9:18:26 | SSA qualifier def(q.Item2) | Tuples.cs:21:14:21:20 | access to field Item2 |
-| Tuples.cs:18:26:18:26 | access to local variable x | Tuples.cs:18:9:18:22 | (..., ...) |
-| Tuples.cs:18:26:18:26 | access to local variable x | Tuples.cs:23:14:23:14 | access to local variable x |
-| Tuples.cs:20:14:20:14 | access to local variable q | Tuples.cs:21:14:21:14 | access to local variable q |
-| Tuples.cs:23:14:23:14 | [post] access to local variable x | Tuples.cs:24:14:24:14 | access to local variable x |
-| Tuples.cs:23:14:23:14 | access to local variable x | Tuples.cs:24:14:24:14 | access to local variable x |
-| Tuples.cs:23:14:23:20 | [post] access to field Item1 | Tuples.cs:24:14:24:16 | access to field Item1 |
-| Tuples.cs:23:14:23:20 | access to field Item1 | Tuples.cs:24:14:24:16 | access to field Item1 |
-| Tuples.cs:24:14:24:14 | [post] access to local variable x | Tuples.cs:25:14:25:14 | access to local variable x |
-| Tuples.cs:24:14:24:14 | access to local variable x | Tuples.cs:25:14:25:14 | access to local variable x |
-| Tuples.cs:25:14:25:14 | access to local variable x | Tuples.cs:26:14:26:14 | access to local variable x |
-| Tuples.cs:25:14:25:20 | access to field Item2 | Tuples.cs:26:14:26:20 | access to field Item2 |
-| Tuples.cs:31:13:31:72 | SSA def(x) | Tuples.cs:32:14:32:14 | access to local variable x |
-| Tuples.cs:31:13:31:72 | SSA qualifier def(x.Item1) | Tuples.cs:32:14:32:20 | access to field Item1 |
-| Tuples.cs:31:13:31:72 | SSA qualifier def(x.Item2) | Tuples.cs:33:14:33:20 | access to field Item2 |
-| Tuples.cs:31:13:31:72 | SSA qualifier def(x.Item10) | Tuples.cs:34:14:34:21 | access to field Item10 |
-| Tuples.cs:31:17:31:72 | (..., ...) | Tuples.cs:31:13:31:72 | SSA def(x) |
-| Tuples.cs:32:14:32:14 | [post] access to local variable x | Tuples.cs:33:14:33:14 | access to local variable x |
-| Tuples.cs:32:14:32:14 | access to local variable x | Tuples.cs:33:14:33:14 | access to local variable x |
-| Tuples.cs:33:14:33:14 | access to local variable x | Tuples.cs:34:14:34:14 | access to local variable x |
-| Tuples.cs:39:13:39:68 | SSA def(x) | Tuples.cs:40:14:40:14 | access to local variable x |
-| Tuples.cs:39:13:39:68 | SSA qualifier def(x.Item1) | Tuples.cs:40:14:40:20 | access to field Item1 |
-| Tuples.cs:39:13:39:68 | SSA qualifier def(x.Item2) | Tuples.cs:41:14:41:20 | access to field Item2 |
-| Tuples.cs:39:17:39:68 | (...) ... | Tuples.cs:39:13:39:68 | SSA def(x) |
-| Tuples.cs:39:47:39:68 | (..., ...) | Tuples.cs:39:17:39:68 | (...) ... |
-| Tuples.cs:40:14:40:14 | [post] access to local variable x | Tuples.cs:41:14:41:14 | access to local variable x |
-| Tuples.cs:40:14:40:14 | access to local variable x | Tuples.cs:41:14:41:14 | access to local variable x |
-| Tuples.cs:43:13:43:68 | SSA def(y) | Tuples.cs:44:14:44:14 | access to local variable y |
-| Tuples.cs:43:13:43:68 | SSA qualifier def(y.Item1) | Tuples.cs:44:14:44:20 | access to field Item1 |
-| Tuples.cs:43:13:43:68 | SSA qualifier def(y.Item2) | Tuples.cs:45:14:45:20 | access to field Item2 |
-| Tuples.cs:43:17:43:68 | (...) ... | Tuples.cs:43:13:43:68 | SSA def(y) |
-| Tuples.cs:43:47:43:68 | (...) ... | Tuples.cs:43:17:43:68 | (...) ... |
-| Tuples.cs:43:47:43:68 | (..., ...) | Tuples.cs:43:47:43:68 | (...) ... |
-| Tuples.cs:44:14:44:14 | [post] access to local variable y | Tuples.cs:45:14:45:14 | access to local variable y |
-| Tuples.cs:44:14:44:14 | access to local variable y | Tuples.cs:45:14:45:14 | access to local variable y |
-| Tuples.cs:48:27:48:27 | s | Tuples.cs:65:18:65:18 | access to parameter s |
-| Tuples.cs:50:13:50:56 | SSA def(x) | Tuples.cs:51:17:51:17 | access to local variable x |
-| Tuples.cs:50:17:50:56 | (..., ...) | Tuples.cs:50:13:50:56 | SSA def(x) |
-| Tuples.cs:51:17:51:17 | access to local variable x | Tuples.cs:53:18:53:57 | SSA def(t) |
-| Tuples.cs:51:17:51:17 | access to local variable x | Tuples.cs:58:18:58:35 | (..., ...) |
-| Tuples.cs:51:17:51:17 | access to local variable x | Tuples.cs:58:18:58:35 | (..., ...) |
-| Tuples.cs:51:17:51:17 | access to local variable x | Tuples.cs:77:13:77:13 | access to local variable x |
-| Tuples.cs:53:18:53:57 | SSA def(t) | Tuples.cs:53:64:53:64 | access to local variable t |
-| Tuples.cs:53:18:53:57 | SSA qualifier def(t.Item1) | Tuples.cs:54:22:54:28 | access to field Item1 |
-| Tuples.cs:53:18:53:57 | SSA qualifier def(t.Item2) | Tuples.cs:55:22:55:28 | access to field Item2 |
-| Tuples.cs:53:18:53:57 | SSA qualifier def(t.Item2.Item1) | Tuples.cs:56:22:56:34 | access to field Item1 |
-| Tuples.cs:53:18:53:57 | SSA qualifier def(t.Item2.Item2) | Tuples.cs:55:22:55:34 | access to field Item2 |
-| Tuples.cs:53:18:53:57 | SSA qualifier def(t.Item3) | Tuples.cs:53:64:53:70 | access to field Item3 |
-| Tuples.cs:53:64:53:64 | access to local variable t | Tuples.cs:54:22:54:22 | access to local variable t |
-| Tuples.cs:54:22:54:22 | [post] access to local variable t | Tuples.cs:55:22:55:22 | access to local variable t |
-| Tuples.cs:54:22:54:22 | access to local variable t | Tuples.cs:55:22:55:22 | access to local variable t |
-| Tuples.cs:55:22:55:22 | [post] access to local variable t | Tuples.cs:56:22:56:22 | access to local variable t |
-| Tuples.cs:55:22:55:22 | access to local variable t | Tuples.cs:56:22:56:22 | access to local variable t |
-| Tuples.cs:55:22:55:28 | [post] access to field Item2 | Tuples.cs:56:22:56:28 | access to field Item2 |
-| Tuples.cs:55:22:55:28 | access to field Item2 | Tuples.cs:56:22:56:28 | access to field Item2 |
-| Tuples.cs:58:23:58:23 | SSA def(a) | Tuples.cs:59:22:59:22 | access to local variable a |
-| Tuples.cs:58:27:58:27 | SSA def(b) | Tuples.cs:61:22:61:22 | access to local variable b |
-| Tuples.cs:58:30:58:30 | SSA def(c) | Tuples.cs:60:22:60:22 | access to local variable c |
-| Tuples.cs:65:13:65:30 | SSA def(y) | Tuples.cs:66:17:66:17 | access to local variable y |
-| Tuples.cs:65:13:65:30 | SSA qualifier def(y.Item1) | Tuples.cs:69:22:69:28 | access to field Item1 |
-| Tuples.cs:65:13:65:30 | SSA qualifier def(y.Item2) | Tuples.cs:70:22:70:28 | access to field Item2 |
-| Tuples.cs:65:13:65:30 | SSA qualifier def(y.Item2.Item1) | Tuples.cs:72:22:72:34 | access to field Item1 |
-| Tuples.cs:65:13:65:30 | SSA qualifier def(y.Item2.Item2) | Tuples.cs:70:22:70:34 | access to field Item2 |
-| Tuples.cs:65:17:65:30 | (..., ...) | Tuples.cs:65:13:65:30 | SSA def(y) |
-| Tuples.cs:65:18:65:18 | access to parameter s | Tuples.cs:65:25:65:25 | access to parameter s |
-| Tuples.cs:66:17:66:17 | access to local variable y | Tuples.cs:68:35:68:44 | (..., ...) |
-| Tuples.cs:66:17:66:17 | access to local variable y | Tuples.cs:69:22:69:22 | access to local variable y |
-| Tuples.cs:68:40:68:40 | SSA def(b) | Tuples.cs:73:22:73:22 | access to local variable b |
-| Tuples.cs:68:43:68:43 | SSA def(c) | Tuples.cs:71:22:71:22 | access to local variable c |
-| Tuples.cs:69:22:69:22 | [post] access to local variable y | Tuples.cs:70:22:70:22 | access to local variable y |
-| Tuples.cs:69:22:69:22 | access to local variable y | Tuples.cs:70:22:70:22 | access to local variable y |
-| Tuples.cs:70:22:70:22 | [post] access to local variable y | Tuples.cs:72:22:72:22 | access to local variable y |
-| Tuples.cs:70:22:70:22 | access to local variable y | Tuples.cs:72:22:72:22 | access to local variable y |
-| Tuples.cs:70:22:70:28 | [post] access to field Item2 | Tuples.cs:72:22:72:28 | access to field Item2 |
-| Tuples.cs:70:22:70:28 | access to field Item2 | Tuples.cs:72:22:72:28 | access to field Item2 |
-| Tuples.cs:77:13:77:13 | access to local variable x | Tuples.cs:77:18:77:35 | (..., ...) |
-| Tuples.cs:77:13:77:13 | access to local variable x | Tuples.cs:77:18:77:35 | (..., ...) |
-| Tuples.cs:77:23:77:23 | SSA def(p) | Tuples.cs:79:18:79:18 | access to local variable p |
-| Tuples.cs:77:27:77:27 | SSA def(q) | Tuples.cs:81:18:81:18 | access to local variable q |
-| Tuples.cs:77:30:77:30 | SSA def(r) | Tuples.cs:80:18:80:18 | access to local variable r |
-| Tuples.cs:89:13:89:41 | SSA def(r) | Tuples.cs:90:14:90:14 | access to local variable r |
-| Tuples.cs:89:13:89:41 | SSA qualifier def(r.i) | Tuples.cs:90:14:90:16 | access to property i |
-| Tuples.cs:89:17:89:41 | object creation of type R1 | Tuples.cs:89:13:89:41 | SSA def(r) |
-| Tuples.cs:90:14:90:14 | [post] access to local variable r | Tuples.cs:92:22:92:22 | access to local variable r |
-| Tuples.cs:90:14:90:14 | access to local variable r | Tuples.cs:92:22:92:22 | access to local variable r |
-| Tuples.cs:92:9:92:22 | SSA def(a) | Tuples.cs:93:14:93:14 | access to local variable a |
-| Tuples.cs:92:9:92:22 | SSA def(b) | Tuples.cs:94:14:94:14 | access to local variable b |
-| Tuples.cs:92:22:92:22 | access to local variable r | Tuples.cs:92:9:92:18 | (..., ...) |
-| Tuples.cs:92:22:92:22 | access to local variable r | Tuples.cs:96:17:96:17 | access to local variable r |
-| Tuples.cs:96:17:96:17 | access to local variable r | Tuples.cs:98:18:98:27 | (..., ...) |
-| Tuples.cs:98:23:98:23 | SSA def(x) | Tuples.cs:99:22:99:22 | access to local variable x |
-| Tuples.cs:98:26:98:26 | SSA def(y) | Tuples.cs:100:22:100:22 | access to local variable y |
+| Tuples.cs:7:13:7:34 | SSA def(o1) | Tuples.cs:10:21:10:22 | access to local variable o1 |
+| Tuples.cs:7:18:7:34 | call to method Source<Object> | Tuples.cs:7:13:7:34 | SSA def(o1) |
+| Tuples.cs:7:33:7:33 | 1 | Tuples.cs:7:33:7:33 | (...) ... |
+| Tuples.cs:8:13:8:34 | SSA def(o2) | Tuples.cs:10:29:10:30 | access to local variable o2 |
+| Tuples.cs:8:18:8:34 | call to method Source<Object> | Tuples.cs:8:13:8:34 | SSA def(o2) |
+| Tuples.cs:8:33:8:33 | 2 | Tuples.cs:8:33:8:33 | (...) ... |
+| Tuples.cs:10:13:10:32 | SSA def(x) | Tuples.cs:11:27:11:27 | access to local variable x |
+| Tuples.cs:10:13:10:32 | SSA qualifier def(x.Item1) | Tuples.cs:26:14:26:20 | access to field Item1 |
+| Tuples.cs:10:13:10:32 | SSA qualifier def(x.Item2) | Tuples.cs:28:14:28:20 | access to field Item2 |
+| Tuples.cs:10:13:10:32 | SSA qualifier def(x.Item2.Item1) | Tuples.cs:28:14:28:26 | access to field Item1 |
+| Tuples.cs:10:13:10:32 | SSA qualifier def(x.Item2.Item2) | Tuples.cs:29:14:29:26 | access to field Item2 |
+| Tuples.cs:10:17:10:32 | (..., ...) | Tuples.cs:10:13:10:32 | SSA def(x) |
+| Tuples.cs:11:9:11:27 | SSA def(a) | Tuples.cs:12:14:12:14 | access to local variable a |
+| Tuples.cs:11:9:11:27 | SSA def(b) | Tuples.cs:13:14:13:14 | access to local variable b |
+| Tuples.cs:11:9:11:27 | SSA def(c) | Tuples.cs:14:14:14:14 | access to local variable c |
+| Tuples.cs:11:27:11:27 | access to local variable x | Tuples.cs:11:9:11:23 | (..., ...) |
+| Tuples.cs:11:27:11:27 | access to local variable x | Tuples.cs:16:23:16:23 | access to local variable x |
+| Tuples.cs:13:14:13:14 | access to local variable b | Tuples.cs:13:14:13:14 | (...) ... |
+| Tuples.cs:16:9:16:23 | SSA def(a) | Tuples.cs:17:14:17:14 | access to local variable a |
+| Tuples.cs:16:9:16:23 | SSA def(b) | Tuples.cs:18:14:18:14 | access to local variable b |
+| Tuples.cs:16:9:16:23 | SSA def(c) | Tuples.cs:19:14:19:14 | access to local variable c |
+| Tuples.cs:16:23:16:23 | access to local variable x | Tuples.cs:16:9:16:19 | (..., ...) |
+| Tuples.cs:16:23:16:23 | access to local variable x | Tuples.cs:21:26:21:26 | access to local variable x |
+| Tuples.cs:18:14:18:14 | access to local variable b | Tuples.cs:18:14:18:14 | (...) ... |
+| Tuples.cs:21:9:21:26 | SSA def(p) | Tuples.cs:22:14:22:14 | access to local variable p |
+| Tuples.cs:21:9:21:26 | SSA def(q) | Tuples.cs:23:14:23:14 | access to local variable q |
+| Tuples.cs:21:9:21:26 | SSA qualifier def(q.Item1) | Tuples.cs:23:14:23:20 | access to field Item1 |
+| Tuples.cs:21:9:21:26 | SSA qualifier def(q.Item2) | Tuples.cs:24:14:24:20 | access to field Item2 |
+| Tuples.cs:21:26:21:26 | access to local variable x | Tuples.cs:21:9:21:22 | (..., ...) |
+| Tuples.cs:21:26:21:26 | access to local variable x | Tuples.cs:26:14:26:14 | access to local variable x |
+| Tuples.cs:23:14:23:14 | access to local variable q | Tuples.cs:24:14:24:14 | access to local variable q |
+| Tuples.cs:23:14:23:20 | access to field Item1 | Tuples.cs:23:14:23:20 | (...) ... |
+| Tuples.cs:26:14:26:14 | [post] access to local variable x | Tuples.cs:27:14:27:14 | access to local variable x |
+| Tuples.cs:26:14:26:14 | access to local variable x | Tuples.cs:27:14:27:14 | access to local variable x |
+| Tuples.cs:26:14:26:20 | [post] access to field Item1 | Tuples.cs:27:14:27:16 | access to field Item1 |
+| Tuples.cs:26:14:26:20 | access to field Item1 | Tuples.cs:27:14:27:16 | access to field Item1 |
+| Tuples.cs:27:14:27:14 | [post] access to local variable x | Tuples.cs:28:14:28:14 | access to local variable x |
+| Tuples.cs:27:14:27:14 | access to local variable x | Tuples.cs:28:14:28:14 | access to local variable x |
+| Tuples.cs:28:14:28:14 | access to local variable x | Tuples.cs:29:14:29:14 | access to local variable x |
+| Tuples.cs:28:14:28:20 | access to field Item2 | Tuples.cs:29:14:29:20 | access to field Item2 |
+| Tuples.cs:28:14:28:26 | access to field Item1 | Tuples.cs:28:14:28:26 | (...) ... |
+| Tuples.cs:34:13:34:34 | SSA def(o1) | Tuples.cs:37:18:37:19 | access to local variable o1 |
+| Tuples.cs:34:18:34:34 | call to method Source<Object> | Tuples.cs:34:13:34:34 | SSA def(o1) |
+| Tuples.cs:34:33:34:33 | 3 | Tuples.cs:34:33:34:33 | (...) ... |
+| Tuples.cs:35:13:35:34 | SSA def(o2) | Tuples.cs:37:46:37:47 | access to local variable o2 |
+| Tuples.cs:35:18:35:34 | call to method Source<Object> | Tuples.cs:35:13:35:34 | SSA def(o2) |
+| Tuples.cs:35:33:35:33 | 4 | Tuples.cs:35:33:35:33 | (...) ... |
+| Tuples.cs:37:13:37:48 | SSA def(x) | Tuples.cs:38:14:38:14 | access to local variable x |
+| Tuples.cs:37:13:37:48 | SSA qualifier def(x.Item1) | Tuples.cs:38:14:38:20 | access to field Item1 |
+| Tuples.cs:37:13:37:48 | SSA qualifier def(x.Item2) | Tuples.cs:39:14:39:20 | access to field Item2 |
+| Tuples.cs:37:13:37:48 | SSA qualifier def(x.Item10) | Tuples.cs:40:14:40:21 | access to field Item10 |
+| Tuples.cs:37:17:37:48 | (..., ...) | Tuples.cs:37:13:37:48 | SSA def(x) |
+| Tuples.cs:38:14:38:14 | [post] access to local variable x | Tuples.cs:39:14:39:14 | access to local variable x |
+| Tuples.cs:38:14:38:14 | access to local variable x | Tuples.cs:39:14:39:14 | access to local variable x |
+| Tuples.cs:39:14:39:14 | access to local variable x | Tuples.cs:40:14:40:14 | access to local variable x |
+| Tuples.cs:39:14:39:20 | access to field Item2 | Tuples.cs:39:14:39:20 | (...) ... |
+| Tuples.cs:45:13:45:33 | SSA def(o) | Tuples.cs:46:48:46:48 | access to local variable o |
+| Tuples.cs:45:17:45:33 | call to method Source<String> | Tuples.cs:45:13:45:33 | SSA def(o) |
+| Tuples.cs:45:32:45:32 | 5 | Tuples.cs:45:32:45:32 | (...) ... |
+| Tuples.cs:46:13:46:55 | SSA def(x) | Tuples.cs:47:14:47:14 | access to local variable x |
+| Tuples.cs:46:13:46:55 | SSA qualifier def(x.Item1) | Tuples.cs:47:14:47:20 | access to field Item1 |
+| Tuples.cs:46:13:46:55 | SSA qualifier def(x.Item2) | Tuples.cs:48:14:48:20 | access to field Item2 |
+| Tuples.cs:46:17:46:55 | (...) ... | Tuples.cs:46:13:46:55 | SSA def(x) |
+| Tuples.cs:46:47:46:55 | (..., ...) | Tuples.cs:46:17:46:55 | (...) ... |
+| Tuples.cs:46:48:46:48 | access to local variable o | Tuples.cs:50:48:50:48 | access to local variable o |
+| Tuples.cs:47:14:47:14 | [post] access to local variable x | Tuples.cs:48:14:48:14 | access to local variable x |
+| Tuples.cs:47:14:47:14 | access to local variable x | Tuples.cs:48:14:48:14 | access to local variable x |
+| Tuples.cs:48:14:48:20 | access to field Item2 | Tuples.cs:48:14:48:20 | (...) ... |
+| Tuples.cs:50:13:50:55 | SSA def(y) | Tuples.cs:51:14:51:14 | access to local variable y |
+| Tuples.cs:50:13:50:55 | SSA qualifier def(y.Item1) | Tuples.cs:51:14:51:20 | access to field Item1 |
+| Tuples.cs:50:13:50:55 | SSA qualifier def(y.Item2) | Tuples.cs:52:14:52:20 | access to field Item2 |
+| Tuples.cs:50:17:50:55 | (...) ... | Tuples.cs:50:13:50:55 | SSA def(y) |
+| Tuples.cs:50:47:50:55 | (...) ... | Tuples.cs:50:17:50:55 | (...) ... |
+| Tuples.cs:50:47:50:55 | (..., ...) | Tuples.cs:50:47:50:55 | (...) ... |
+| Tuples.cs:51:14:51:14 | [post] access to local variable y | Tuples.cs:52:14:52:14 | access to local variable y |
+| Tuples.cs:51:14:51:14 | access to local variable y | Tuples.cs:52:14:52:14 | access to local variable y |
+| Tuples.cs:52:14:52:20 | access to field Item2 | Tuples.cs:52:14:52:20 | (...) ... |
+| Tuples.cs:55:27:55:27 | s | Tuples.cs:75:18:75:18 | access to parameter s |
+| Tuples.cs:57:13:57:34 | SSA def(o1) | Tuples.cs:59:18:59:19 | access to local variable o1 |
+| Tuples.cs:57:18:57:34 | call to method Source<String> | Tuples.cs:57:13:57:34 | SSA def(o1) |
+| Tuples.cs:57:33:57:33 | 6 | Tuples.cs:57:33:57:33 | (...) ... |
+| Tuples.cs:58:13:58:34 | SSA def(o2) | Tuples.cs:59:26:59:27 | access to local variable o2 |
+| Tuples.cs:58:18:58:34 | call to method Source<String> | Tuples.cs:58:13:58:34 | SSA def(o2) |
+| Tuples.cs:58:33:58:33 | 7 | Tuples.cs:58:33:58:33 | (...) ... |
+| Tuples.cs:59:13:59:32 | SSA def(x) | Tuples.cs:60:17:60:17 | access to local variable x |
+| Tuples.cs:59:17:59:32 | (..., ...) | Tuples.cs:59:13:59:32 | SSA def(x) |
+| Tuples.cs:60:17:60:17 | access to local variable x | Tuples.cs:62:18:62:57 | SSA def(t) |
+| Tuples.cs:60:17:60:17 | access to local variable x | Tuples.cs:67:18:67:35 | (..., ...) |
+| Tuples.cs:60:17:60:17 | access to local variable x | Tuples.cs:67:18:67:35 | (..., ...) |
+| Tuples.cs:60:17:60:17 | access to local variable x | Tuples.cs:87:13:87:13 | access to local variable x |
+| Tuples.cs:62:18:62:57 | SSA def(t) | Tuples.cs:62:64:62:64 | access to local variable t |
+| Tuples.cs:62:18:62:57 | SSA qualifier def(t.Item1) | Tuples.cs:63:22:63:28 | access to field Item1 |
+| Tuples.cs:62:18:62:57 | SSA qualifier def(t.Item2) | Tuples.cs:64:22:64:28 | access to field Item2 |
+| Tuples.cs:62:18:62:57 | SSA qualifier def(t.Item2.Item1) | Tuples.cs:65:22:65:34 | access to field Item1 |
+| Tuples.cs:62:18:62:57 | SSA qualifier def(t.Item2.Item2) | Tuples.cs:64:22:64:34 | access to field Item2 |
+| Tuples.cs:62:18:62:57 | SSA qualifier def(t.Item3) | Tuples.cs:62:64:62:70 | access to field Item3 |
+| Tuples.cs:62:64:62:64 | access to local variable t | Tuples.cs:63:22:63:22 | access to local variable t |
+| Tuples.cs:63:22:63:22 | [post] access to local variable t | Tuples.cs:64:22:64:22 | access to local variable t |
+| Tuples.cs:63:22:63:22 | access to local variable t | Tuples.cs:64:22:64:22 | access to local variable t |
+| Tuples.cs:64:22:64:22 | [post] access to local variable t | Tuples.cs:65:22:65:22 | access to local variable t |
+| Tuples.cs:64:22:64:22 | access to local variable t | Tuples.cs:65:22:65:22 | access to local variable t |
+| Tuples.cs:64:22:64:28 | [post] access to field Item2 | Tuples.cs:65:22:65:28 | access to field Item2 |
+| Tuples.cs:64:22:64:28 | access to field Item2 | Tuples.cs:65:22:65:28 | access to field Item2 |
+| Tuples.cs:65:22:65:34 | access to field Item1 | Tuples.cs:65:22:65:34 | (...) ... |
+| Tuples.cs:67:23:67:23 | SSA def(a) | Tuples.cs:68:22:68:22 | access to local variable a |
+| Tuples.cs:67:27:67:27 | SSA def(b) | Tuples.cs:70:22:70:22 | access to local variable b |
+| Tuples.cs:67:30:67:30 | SSA def(c) | Tuples.cs:69:22:69:22 | access to local variable c |
+| Tuples.cs:70:22:70:22 | access to local variable b | Tuples.cs:70:22:70:22 | (...) ... |
+| Tuples.cs:74:13:74:34 | SSA def(o3) | Tuples.cs:78:51:78:52 | access to local variable o3 |
+| Tuples.cs:74:18:74:34 | call to method Source<String> | Tuples.cs:74:13:74:34 | SSA def(o3) |
+| Tuples.cs:74:33:74:33 | 8 | Tuples.cs:74:33:74:33 | (...) ... |
+| Tuples.cs:75:13:75:30 | SSA def(y) | Tuples.cs:76:17:76:17 | access to local variable y |
+| Tuples.cs:75:13:75:30 | SSA qualifier def(y.Item1) | Tuples.cs:79:22:79:28 | access to field Item1 |
+| Tuples.cs:75:13:75:30 | SSA qualifier def(y.Item2) | Tuples.cs:80:22:80:28 | access to field Item2 |
+| Tuples.cs:75:13:75:30 | SSA qualifier def(y.Item2.Item1) | Tuples.cs:82:22:82:34 | access to field Item1 |
+| Tuples.cs:75:13:75:30 | SSA qualifier def(y.Item2.Item2) | Tuples.cs:80:22:80:34 | access to field Item2 |
+| Tuples.cs:75:17:75:30 | (..., ...) | Tuples.cs:75:13:75:30 | SSA def(y) |
+| Tuples.cs:75:18:75:18 | access to parameter s | Tuples.cs:75:25:75:25 | access to parameter s |
+| Tuples.cs:76:17:76:17 | access to local variable y | Tuples.cs:78:26:78:35 | (..., ...) |
+| Tuples.cs:76:17:76:17 | access to local variable y | Tuples.cs:79:22:79:22 | access to local variable y |
+| Tuples.cs:78:19:78:23 | SSA def(a) | Tuples.cs:78:46:78:46 | access to local variable a |
+| Tuples.cs:78:31:78:31 | SSA def(b) | Tuples.cs:83:22:83:22 | access to local variable b |
+| Tuples.cs:78:34:78:34 | SSA def(c) | Tuples.cs:81:22:81:22 | access to local variable c |
+| Tuples.cs:79:22:79:22 | [post] access to local variable y | Tuples.cs:80:22:80:22 | access to local variable y |
+| Tuples.cs:79:22:79:22 | access to local variable y | Tuples.cs:80:22:80:22 | access to local variable y |
+| Tuples.cs:80:22:80:22 | [post] access to local variable y | Tuples.cs:82:22:82:22 | access to local variable y |
+| Tuples.cs:80:22:80:22 | access to local variable y | Tuples.cs:82:22:82:22 | access to local variable y |
+| Tuples.cs:80:22:80:28 | [post] access to field Item2 | Tuples.cs:82:22:82:28 | access to field Item2 |
+| Tuples.cs:80:22:80:28 | access to field Item2 | Tuples.cs:82:22:82:28 | access to field Item2 |
+| Tuples.cs:82:22:82:34 | access to field Item1 | Tuples.cs:82:22:82:34 | (...) ... |
+| Tuples.cs:83:22:83:22 | access to local variable b | Tuples.cs:83:22:83:22 | (...) ... |
+| Tuples.cs:87:13:87:13 | access to local variable x | Tuples.cs:87:18:87:35 | (..., ...) |
+| Tuples.cs:87:13:87:13 | access to local variable x | Tuples.cs:87:18:87:35 | (..., ...) |
+| Tuples.cs:87:23:87:23 | SSA def(p) | Tuples.cs:89:18:89:18 | access to local variable p |
+| Tuples.cs:87:27:87:27 | SSA def(q) | Tuples.cs:91:18:91:18 | access to local variable q |
+| Tuples.cs:87:30:87:30 | SSA def(r) | Tuples.cs:90:18:90:18 | access to local variable r |
+| Tuples.cs:91:18:91:18 | access to local variable q | Tuples.cs:91:18:91:18 | (...) ... |
+| Tuples.cs:99:13:99:33 | SSA def(o) | Tuples.cs:100:24:100:24 | access to local variable o |
+| Tuples.cs:99:17:99:33 | call to method Source<String> | Tuples.cs:99:13:99:33 | SSA def(o) |
+| Tuples.cs:99:32:99:32 | 9 | Tuples.cs:99:32:99:32 | (...) ... |
+| Tuples.cs:100:13:100:28 | SSA def(r) | Tuples.cs:101:14:101:14 | access to local variable r |
+| Tuples.cs:100:13:100:28 | SSA qualifier def(r.i) | Tuples.cs:101:14:101:16 | access to property i |
+| Tuples.cs:100:17:100:28 | object creation of type R1 | Tuples.cs:100:13:100:28 | SSA def(r) |
+| Tuples.cs:101:14:101:14 | [post] access to local variable r | Tuples.cs:103:22:103:22 | access to local variable r |
+| Tuples.cs:101:14:101:14 | access to local variable r | Tuples.cs:103:22:103:22 | access to local variable r |
+| Tuples.cs:103:9:103:22 | SSA def(a) | Tuples.cs:104:14:104:14 | access to local variable a |
+| Tuples.cs:103:9:103:22 | SSA def(b) | Tuples.cs:105:14:105:14 | access to local variable b |
+| Tuples.cs:103:22:103:22 | access to local variable r | Tuples.cs:103:9:103:18 | (..., ...) |
+| Tuples.cs:103:22:103:22 | access to local variable r | Tuples.cs:107:17:107:17 | access to local variable r |
+| Tuples.cs:105:14:105:14 | access to local variable b | Tuples.cs:105:14:105:14 | (...) ... |
+| Tuples.cs:107:17:107:17 | access to local variable r | Tuples.cs:109:18:109:27 | (..., ...) |
+| Tuples.cs:109:23:109:23 | SSA def(x) | Tuples.cs:110:22:110:22 | access to local variable x |
+| Tuples.cs:109:26:109:26 | SSA def(y) | Tuples.cs:111:22:111:22 | access to local variable y |
+| Tuples.cs:111:22:111:22 | access to local variable y | Tuples.cs:111:22:111:22 | (...) ... |
+| Tuples.cs:118:13:118:33 | SSA def(o) | Tuples.cs:121:28:121:28 | access to local variable o |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> | Tuples.cs:118:13:118:33 | SSA def(o) |
+| Tuples.cs:118:32:118:32 | 9 | Tuples.cs:118:32:118:32 | (...) ... |
+| Tuples.cs:121:9:121:32 | SSA def(x1) | Tuples.cs:122:14:122:15 | access to local variable x1 |
+| Tuples.cs:121:27:121:32 | (..., ...) | Tuples.cs:121:9:121:23 | (..., ...) |
+| Tuples.cs:121:28:121:28 | access to local variable o | Tuples.cs:121:9:121:32 | SSA def(x1) |
+| Tuples.cs:121:28:121:28 | access to local variable o | Tuples.cs:125:25:125:25 | access to local variable o |
+| Tuples.cs:125:9:125:29 | SSA def(x2) | Tuples.cs:126:14:126:15 | access to local variable x2 |
+| Tuples.cs:125:24:125:29 | (..., ...) | Tuples.cs:125:9:125:20 | (..., ...) |
+| Tuples.cs:125:25:125:25 | access to local variable o | Tuples.cs:125:9:125:29 | SSA def(x2) |
+| Tuples.cs:125:25:125:25 | access to local variable o | Tuples.cs:129:31:129:31 | access to local variable o |
+| Tuples.cs:129:9:129:32 | SSA def(y3) | Tuples.cs:130:14:130:15 | access to local variable y3 |
+| Tuples.cs:129:27:129:32 | (..., ...) | Tuples.cs:129:9:129:23 | (..., ...) |
+| Tuples.cs:129:31:129:31 | access to local variable o | Tuples.cs:129:9:129:32 | SSA def(y3) |
+| Tuples.cs:129:31:129:31 | access to local variable o | Tuples.cs:133:28:133:28 | access to local variable o |
+| Tuples.cs:133:9:133:29 | SSA def(y4) | Tuples.cs:134:14:134:15 | access to local variable y4 |
+| Tuples.cs:133:24:133:29 | (..., ...) | Tuples.cs:133:9:133:20 | (..., ...) |
+| Tuples.cs:133:28:133:28 | access to local variable o | Tuples.cs:133:9:133:29 | SSA def(y4) |

csharp/ql/test/library-tests/dataflow/tuples/PrintAst.expected

@@ -4,357 +4,520 @@ Tuples.cs:
 #    5|     -1: [TypeMention] Void
 #    6|     4: [BlockStmt] {...}
 #    7|       0: [LocalVariableDeclStmt] ... ...;
-#    7|         0: [LocalVariableDeclAndInitExpr] (String,(Int32,String)) x = ...
-#    7|           -1: [TypeMention] (string, (int, string))
-#    7|           0: [LocalVariableAccess] access to local variable x
-#    7|           1: [TupleExpr] (..., ...)
-#    7|             0: [StringLiteral] "taint source"
-#    7|             1: [TupleExpr] (..., ...)
-#    7|               0: [IntLiteral] 1
-#    7|               1: [StringLiteral] "taint source"
-#    8|       1: [ExprStmt] ...;
-#    8|         0: [AssignExpr] ... = ...
-#    8|           0: [TupleExpr] (..., ...)
-#    8|             0: [LocalVariableDeclExpr] String a
-#    8|             1: [TupleExpr] (..., ...)
-#    8|               0: [LocalVariableDeclExpr] Int32 b
-#    8|               1: [LocalVariableDeclExpr] String c
-#    8|           1: [LocalVariableAccess] access to local variable x
-#    9|       2: [ExprStmt] ...;
-#    9|         0: [MethodCall] call to method Sink<String>
-#    9|           0: [LocalVariableAccess] access to local variable a
-#   10|       3: [ExprStmt] ...;
-#   10|         0: [MethodCall] call to method Sink<Int32>
-#   10|           0: [LocalVariableAccess] access to local variable b
-#   11|       4: [ExprStmt] ...;
-#   11|         0: [MethodCall] call to method Sink<String>
-#   11|           0: [LocalVariableAccess] access to local variable c
+#    7|         0: [LocalVariableDeclAndInitExpr] Object o1 = ...
+#    7|           -1: [TypeMention] object
+#    7|           0: [LocalVariableAccess] access to local variable o1
+#    7|           1: [MethodCall] call to method Source<Object>
+#    7|             0: [CastExpr] (...) ...
+#    7|               1: [IntLiteral] 1
+#    8|       1: [LocalVariableDeclStmt] ... ...;
+#    8|         0: [LocalVariableDeclAndInitExpr] Object o2 = ...
+#    8|           -1: [TypeMention] object
+#    8|           0: [LocalVariableAccess] access to local variable o2
+#    8|           1: [MethodCall] call to method Source<Object>
+#    8|             0: [CastExpr] (...) ...
+#    8|               1: [IntLiteral] 2
+#   10|       2: [LocalVariableDeclStmt] ... ...;
+#   10|         0: [LocalVariableDeclAndInitExpr] (Object,(Int32,Object)) x = ...
+#   10|           -1: [TypeMention] (object, (int, object))
+#   10|           0: [LocalVariableAccess] access to local variable x
+#   10|           1: [TupleExpr] (..., ...)
+#   10|             0: [LocalVariableAccess] access to local variable o1
+#   10|             1: [TupleExpr] (..., ...)
+#   10|               0: [IntLiteral] 1
+#   10|               1: [LocalVariableAccess] access to local variable o2
+#   11|       3: [ExprStmt] ...;
+#   11|         0: [AssignExpr] ... = ...
+#   11|           0: [TupleExpr] (..., ...)
+#   11|             0: [LocalVariableDeclExpr] Object a
+#   11|             1: [TupleExpr] (..., ...)
+#   11|               0: [LocalVariableDeclExpr] Int32 b
+#   11|               1: [LocalVariableDeclExpr] Object c
+#   11|           1: [LocalVariableAccess] access to local variable x
+#   12|       4: [ExprStmt] ...;
+#   12|         0: [MethodCall] call to method Sink
+#   12|           0: [LocalVariableAccess] access to local variable a
 #   13|       5: [ExprStmt] ...;
-#   13|         0: [AssignExpr] ... = ...
-#   13|           0: [TupleExpr] (..., ...)
-#   13|             0: [LocalVariableAccess] access to local variable a
-#   13|             1: [TupleExpr] (..., ...)
-#   13|               0: [LocalVariableAccess] access to local variable b
-#   13|               1: [LocalVariableAccess] access to local variable c
-#   13|           1: [LocalVariableAccess] access to local variable x
+#   13|         0: [MethodCall] call to method Sink
+#   13|           0: [CastExpr] (...) ...
+#   13|             1: [LocalVariableAccess] access to local variable b
 #   14|       6: [ExprStmt] ...;
-#   14|         0: [MethodCall] call to method Sink<String>
-#   14|           0: [LocalVariableAccess] access to local variable a
-#   15|       7: [ExprStmt] ...;
-#   15|         0: [MethodCall] call to method Sink<Int32>
-#   15|           0: [LocalVariableAccess] access to local variable b
-#   16|       8: [ExprStmt] ...;
-#   16|         0: [MethodCall] call to method Sink<String>
-#   16|           0: [LocalVariableAccess] access to local variable c
+#   14|         0: [MethodCall] call to method Sink
+#   14|           0: [LocalVariableAccess] access to local variable c
+#   16|       7: [ExprStmt] ...;
+#   16|         0: [AssignExpr] ... = ...
+#   16|           0: [TupleExpr] (..., ...)
+#   16|             0: [LocalVariableAccess] access to local variable a
+#   16|             1: [TupleExpr] (..., ...)
+#   16|               0: [LocalVariableAccess] access to local variable b
+#   16|               1: [LocalVariableAccess] access to local variable c
+#   16|           1: [LocalVariableAccess] access to local variable x
+#   17|       8: [ExprStmt] ...;
+#   17|         0: [MethodCall] call to method Sink
+#   17|           0: [LocalVariableAccess] access to local variable a
 #   18|       9: [ExprStmt] ...;
-#   18|         0: [AssignExpr] ... = ...
-#   18|           0: [TupleExpr] (..., ...)
-#   18|             0: [LocalVariableDeclExpr] String p
-#   18|             1: [LocalVariableDeclExpr] (Int32,String) q
-#   18|           1: [LocalVariableAccess] access to local variable x
+#   18|         0: [MethodCall] call to method Sink
+#   18|           0: [CastExpr] (...) ...
+#   18|             1: [LocalVariableAccess] access to local variable b
 #   19|       10: [ExprStmt] ...;
-#   19|         0: [MethodCall] call to method Sink<String>
-#   19|           0: [LocalVariableAccess] access to local variable p
-#   20|       11: [ExprStmt] ...;
-#   20|         0: [MethodCall] call to method Sink<Int32>
-#   20|           0: [FieldAccess] access to field Item1
-#   20|             -1: [LocalVariableAccess] access to local variable q
-#   21|       12: [ExprStmt] ...;
-#   21|         0: [MethodCall] call to method Sink<String>
-#   21|           0: [FieldAccess] access to field Item2
-#   21|             -1: [LocalVariableAccess] access to local variable q
+#   19|         0: [MethodCall] call to method Sink
+#   19|           0: [LocalVariableAccess] access to local variable c
+#   21|       11: [ExprStmt] ...;
+#   21|         0: [AssignExpr] ... = ...
+#   21|           0: [TupleExpr] (..., ...)
+#   21|             0: [LocalVariableDeclExpr] Object p
+#   21|             1: [LocalVariableDeclExpr] (Int32,Object) q
+#   21|           1: [LocalVariableAccess] access to local variable x
+#   22|       12: [ExprStmt] ...;
+#   22|         0: [MethodCall] call to method Sink
+#   22|           0: [LocalVariableAccess] access to local variable p
 #   23|       13: [ExprStmt] ...;
-#   23|         0: [MethodCall] call to method Sink<String>
-#   23|           0: [FieldAccess] access to field Item1
-#   23|             -1: [LocalVariableAccess] access to local variable x
+#   23|         0: [MethodCall] call to method Sink
+#   23|           0: [CastExpr] (...) ...
+#   23|             1: [FieldAccess] access to field Item1
+#   23|               -1: [LocalVariableAccess] access to local variable q
 #   24|       14: [ExprStmt] ...;
-#   24|         0: [MethodCall] call to method Sink<String>
-#   24|           0: [FieldAccess] access to field Item1
-#   24|             -1: [LocalVariableAccess] access to local variable x
-#   25|       15: [ExprStmt] ...;
-#   25|         0: [MethodCall] call to method Sink<Int32>
-#   25|           0: [FieldAccess] access to field Item1
-#   25|             -1: [FieldAccess] access to field Item2
-#   25|               -1: [LocalVariableAccess] access to local variable x
-#   26|       16: [ExprStmt] ...;
-#   26|         0: [MethodCall] call to method Sink<String>
-#   26|           0: [FieldAccess] access to field Item2
-#   26|             -1: [FieldAccess] access to field Item2
-#   26|               -1: [LocalVariableAccess] access to local variable x
-#   29|   6: [Method] M2
-#   29|     -1: [TypeMention] Void
-#   30|     4: [BlockStmt] {...}
-#   31|       0: [LocalVariableDeclStmt] ... ...;
-#   31|         0: [LocalVariableDeclAndInitExpr] (String,Int32,Int32,Int32,Int32,Int32,Int32,Int32,Int32,String) x = ...
-#   31|           -1: [TypeMention] (string, int, int, int, int, int, int, int, int, string)
-#   31|           0: [LocalVariableAccess] access to local variable x
-#   31|           1: [TupleExpr] (..., ...)
-#   31|             0: [StringLiteral] "taint source"
-#   31|             1: [IntLiteral] 2
-#   31|             2: [IntLiteral] 3
-#   31|             3: [IntLiteral] 4
-#   31|             4: [IntLiteral] 5
-#   31|             5: [IntLiteral] 6
-#   31|             6: [IntLiteral] 7
-#   31|             7: [IntLiteral] 8
-#   31|             8: [IntLiteral] 9
-#   31|             9: [StringLiteral] "taint source"
-#   32|       1: [ExprStmt] ...;
-#   32|         0: [MethodCall] call to method Sink<String>
-#   32|           0: [FieldAccess] access to field Item1
-#   32|             -1: [LocalVariableAccess] access to local variable x
-#   33|       2: [ExprStmt] ...;
-#   33|         0: [MethodCall] call to method Sink<Int32>
-#   33|           0: [FieldAccess] access to field Item2
-#   33|             -1: [LocalVariableAccess] access to local variable x
-#   34|       3: [ExprStmt] ...;
-#   34|         0: [MethodCall] call to method Sink<String>
-#   34|           0: [FieldAccess] access to field Item10
-#   34|             -1: [LocalVariableAccess] access to local variable x
-#   37|   7: [Method] M3
-#   37|     -1: [TypeMention] Void
-#   38|     4: [BlockStmt] {...}
-#   39|       0: [LocalVariableDeclStmt] ... ...;
-#   39|         0: [LocalVariableDeclAndInitExpr] (String,Int32,Int32) x = ...
-#   39|           -1: [TypeMention] (string, int, int)
-#   39|           0: [LocalVariableAccess] access to local variable x
-#   39|           1: [CastExpr] (...) ...
-#   39|             0: [TypeAccess] access to type (String,Int32,Int32)
-#   39|               0: [TypeMention] (string, int, int)
-#   39|                 1: [TypeMention] string
-#   39|                 2: [TypeMention] int
-#   39|                 3: [TypeMention] int
-#   39|             1: [TupleExpr] (..., ...)
-#   39|               0: [StringLiteral] "taint source"
-#   39|               1: [IntLiteral] 2
-#   39|               2: [IntLiteral] 3
-#   40|       1: [ExprStmt] ...;
-#   40|         0: [MethodCall] call to method Sink<String>
-#   40|           0: [FieldAccess] access to field Item1
+#   24|         0: [MethodCall] call to method Sink
+#   24|           0: [FieldAccess] access to field Item2
+#   24|             -1: [LocalVariableAccess] access to local variable q
+#   26|       15: [ExprStmt] ...;
+#   26|         0: [MethodCall] call to method Sink
+#   26|           0: [FieldAccess] access to field Item1
+#   26|             -1: [LocalVariableAccess] access to local variable x
+#   27|       16: [ExprStmt] ...;
+#   27|         0: [MethodCall] call to method Sink
+#   27|           0: [FieldAccess] access to field Item1
+#   27|             -1: [LocalVariableAccess] access to local variable x
+#   28|       17: [ExprStmt] ...;
+#   28|         0: [MethodCall] call to method Sink
+#   28|           0: [CastExpr] (...) ...
+#   28|             1: [FieldAccess] access to field Item1
+#   28|               -1: [FieldAccess] access to field Item2
+#   28|                 -1: [LocalVariableAccess] access to local variable x
+#   29|       18: [ExprStmt] ...;
+#   29|         0: [MethodCall] call to method Sink
+#   29|           0: [FieldAccess] access to field Item2
+#   29|             -1: [FieldAccess] access to field Item2
+#   29|               -1: [LocalVariableAccess] access to local variable x
+#   32|   6: [Method] M2
+#   32|     -1: [TypeMention] Void
+#   33|     4: [BlockStmt] {...}
+#   34|       0: [LocalVariableDeclStmt] ... ...;
+#   34|         0: [LocalVariableDeclAndInitExpr] Object o1 = ...
+#   34|           -1: [TypeMention] object
+#   34|           0: [LocalVariableAccess] access to local variable o1
+#   34|           1: [MethodCall] call to method Source<Object>
+#   34|             0: [CastExpr] (...) ...
+#   34|               1: [IntLiteral] 3
+#   35|       1: [LocalVariableDeclStmt] ... ...;
+#   35|         0: [LocalVariableDeclAndInitExpr] Object o2 = ...
+#   35|           -1: [TypeMention] object
+#   35|           0: [LocalVariableAccess] access to local variable o2
+#   35|           1: [MethodCall] call to method Source<Object>
+#   35|             0: [CastExpr] (...) ...
+#   35|               1: [IntLiteral] 4
+#   37|       2: [LocalVariableDeclStmt] ... ...;
+#   37|         0: [LocalVariableDeclAndInitExpr] (Object,Int32,Int32,Int32,Int32,Int32,Int32,Int32,Int32,Object) x = ...
+#   37|           -1: [TypeMention] (object, int, int, int, int, int, int, int, int, object)
+#   37|           0: [LocalVariableAccess] access to local variable x
+#   37|           1: [TupleExpr] (..., ...)
+#   37|             0: [LocalVariableAccess] access to local variable o1
+#   37|             1: [IntLiteral] 2
+#   37|             2: [IntLiteral] 3
+#   37|             3: [IntLiteral] 4
+#   37|             4: [IntLiteral] 5
+#   37|             5: [IntLiteral] 6
+#   37|             6: [IntLiteral] 7
+#   37|             7: [IntLiteral] 8
+#   37|             8: [IntLiteral] 9
+#   37|             9: [LocalVariableAccess] access to local variable o2
+#   38|       3: [ExprStmt] ...;
+#   38|         0: [MethodCall] call to method Sink
+#   38|           0: [FieldAccess] access to field Item1
+#   38|             -1: [LocalVariableAccess] access to local variable x
+#   39|       4: [ExprStmt] ...;
+#   39|         0: [MethodCall] call to method Sink
+#   39|           0: [CastExpr] (...) ...
+#   39|             1: [FieldAccess] access to field Item2
+#   39|               -1: [LocalVariableAccess] access to local variable x
+#   40|       5: [ExprStmt] ...;
+#   40|         0: [MethodCall] call to method Sink
+#   40|           0: [FieldAccess] access to field Item10
 #   40|             -1: [LocalVariableAccess] access to local variable x
-#   41|       2: [ExprStmt] ...;
-#   41|         0: [MethodCall] call to method Sink<Int32>
-#   41|           0: [FieldAccess] access to field Item2
-#   41|             -1: [LocalVariableAccess] access to local variable x
-#   43|       3: [LocalVariableDeclStmt] ... ...;
-#   43|         0: [LocalVariableDeclAndInitExpr] (Object,Int32,Int32) y = ...
-#   43|           -1: [TypeMention] (object, int, int)
-#   43|           0: [LocalVariableAccess] access to local variable y
-#   43|           1: [CastExpr] (...) ...
-#   43|             0: [TypeAccess] access to type (Object,Int32,Int32)
-#   43|               0: [TypeMention] (object, int, int)
-#   43|                 1: [TypeMention] object
-#   43|                 2: [TypeMention] int
-#   43|                 3: [TypeMention] int
-#   43|             1: [CastExpr] (...) ...
-#   43|               1: [TupleExpr] (..., ...)
-#   43|                 0: [StringLiteral] "taint source"
-#   43|                 1: [IntLiteral] 2
-#   43|                 2: [IntLiteral] 3
-#   44|       4: [ExprStmt] ...;
-#   44|         0: [MethodCall] call to method Sink<Object>
-#   44|           0: [FieldAccess] access to field Item1
-#   44|             -1: [LocalVariableAccess] access to local variable y
-#   45|       5: [ExprStmt] ...;
-#   45|         0: [MethodCall] call to method Sink<Int32>
-#   45|           0: [FieldAccess] access to field Item2
-#   45|             -1: [LocalVariableAccess] access to local variable y
-#   48|   8: [Method] M4
-#   48|     -1: [TypeMention] Void
+#   43|   7: [Method] M3
+#   43|     -1: [TypeMention] Void
+#   44|     4: [BlockStmt] {...}
+#   45|       0: [LocalVariableDeclStmt] ... ...;
+#   45|         0: [LocalVariableDeclAndInitExpr] String o = ...
+#   45|           -1: [TypeMention] string
+#   45|           0: [LocalVariableAccess] access to local variable o
+#   45|           1: [MethodCall] call to method Source<String>
+#   45|             0: [CastExpr] (...) ...
+#   45|               1: [IntLiteral] 5
+#   46|       1: [LocalVariableDeclStmt] ... ...;
+#   46|         0: [LocalVariableDeclAndInitExpr] (String,Int32,Int32) x = ...
+#   46|           -1: [TypeMention] (string, int, int)
+#   46|           0: [LocalVariableAccess] access to local variable x
+#   46|           1: [CastExpr] (...) ...
+#   46|             0: [TypeAccess] access to type (String,Int32,Int32)
+#   46|               0: [TypeMention] (string, int, int)
+#   46|                 1: [TypeMention] string
+#   46|                 2: [TypeMention] int
+#   46|                 3: [TypeMention] int
+#   46|             1: [TupleExpr] (..., ...)
+#   46|               0: [LocalVariableAccess] access to local variable o
+#   46|               1: [IntLiteral] 2
+#   46|               2: [IntLiteral] 3
+#   47|       2: [ExprStmt] ...;
+#   47|         0: [MethodCall] call to method Sink
+#   47|           0: [FieldAccess] access to field Item1
+#   47|             -1: [LocalVariableAccess] access to local variable x
+#   48|       3: [ExprStmt] ...;
+#   48|         0: [MethodCall] call to method Sink
+#   48|           0: [CastExpr] (...) ...
+#   48|             1: [FieldAccess] access to field Item2
+#   48|               -1: [LocalVariableAccess] access to local variable x
+#   50|       4: [LocalVariableDeclStmt] ... ...;
+#   50|         0: [LocalVariableDeclAndInitExpr] (Object,Int32,Int32) y = ...
+#   50|           -1: [TypeMention] (object, int, int)
+#   50|           0: [LocalVariableAccess] access to local variable y
+#   50|           1: [CastExpr] (...) ...
+#   50|             0: [TypeAccess] access to type (Object,Int32,Int32)
+#   50|               0: [TypeMention] (object, int, int)
+#   50|                 1: [TypeMention] object
+#   50|                 2: [TypeMention] int
+#   50|                 3: [TypeMention] int
+#   50|             1: [CastExpr] (...) ...
+#   50|               1: [TupleExpr] (..., ...)
+#   50|                 0: [LocalVariableAccess] access to local variable o
+#   50|                 1: [IntLiteral] 2
+#   50|                 2: [IntLiteral] 3
+#   51|       5: [ExprStmt] ...;
+#   51|         0: [MethodCall] call to method Sink
+#   51|           0: [FieldAccess] access to field Item1
+#   51|             -1: [LocalVariableAccess] access to local variable y
+#   52|       6: [ExprStmt] ...;
+#   52|         0: [MethodCall] call to method Sink
+#   52|           0: [CastExpr] (...) ...
+#   52|             1: [FieldAccess] access to field Item2
+#   52|               -1: [LocalVariableAccess] access to local variable y
+#   55|   8: [Method] M4
+#   55|     -1: [TypeMention] Void
 #-----|     2: (Parameters)
-#   48|       0: [Parameter] s
-#   48|         -1: [TypeMention] string
-#   49|     4: [BlockStmt] {...}
-#   50|       0: [LocalVariableDeclStmt] ... ...;
-#   50|         0: [LocalVariableDeclAndInitExpr] (String,(Int32,String),Int32) x = ...
-#   50|           -1: [TypeMention] (string, (int, string), int)
-#   50|           0: [LocalVariableAccess] access to local variable x
-#   50|           1: [TupleExpr] (..., ...)
-#   50|             0: [StringLiteral] "taint source"
-#   50|             1: [TupleExpr] (..., ...)
-#   50|               0: [IntLiteral] 2
-#   50|               1: [StringLiteral] "taint source"
-#   50|             2: [IntLiteral] 3
-#   51|       1: [SwitchStmt] switch (...) {...}
-#   51|         0: [LocalVariableAccess] access to local variable x
-#   53|         0: [CaseStmt] case ...:
-#   53|           0: [VariablePatternExpr] (String,(Int32,String),Int32) t
-#   53|             0: [TypeMention] (string, (int, string), int)
-#   53|               1: [TypeMention] string
-#   53|               2: [TypeMention] (int, string)
-#   53|                 1: [TypeMention] int
-#   53|                 2: [TypeMention] string
-#   53|               3: [TypeMention] int
-#   53|           1: [GTExpr] ... > ...
-#   53|             0: [FieldAccess] access to field Item3
-#   53|               -1: [LocalVariableAccess] access to local variable t
-#   53|             1: [IntLiteral] 1
-#   54|         1: [ExprStmt] ...;
-#   54|           0: [MethodCall] call to method Sink<String>
-#   54|             0: [FieldAccess] access to field Item1
-#   54|               -1: [LocalVariableAccess] access to local variable t
-#   55|         2: [ExprStmt] ...;
-#   55|           0: [MethodCall] call to method Sink<String>
-#   55|             0: [FieldAccess] access to field Item2
-#   55|               -1: [FieldAccess] access to field Item2
-#   55|                 -1: [LocalVariableAccess] access to local variable t
-#   56|         3: [ExprStmt] ...;
-#   56|           0: [MethodCall] call to method Sink<Int32>
-#   56|             0: [FieldAccess] access to field Item1
-#   56|               -1: [FieldAccess] access to field Item2
-#   56|                 -1: [LocalVariableAccess] access to local variable t
-#   57|         4: [BreakStmt] break;
-#   58|         5: [CaseStmt] case ...:
-#   58|           0: [TupleExpr] (..., ...)
-#   58|             0: [VariablePatternExpr] String a
-#   58|             1: [TupleExpr] (..., ...)
-#   58|               0: [VariablePatternExpr] Int32 b
-#   58|               1: [VariablePatternExpr] String c
-#   58|             2: [DiscardPatternExpr] _
-#   59|         6: [ExprStmt] ...;
-#   59|           0: [MethodCall] call to method Sink<String>
-#   59|             0: [LocalVariableAccess] access to local variable a
-#   60|         7: [ExprStmt] ...;
-#   60|           0: [MethodCall] call to method Sink<String>
-#   60|             0: [LocalVariableAccess] access to local variable c
-#   61|         8: [ExprStmt] ...;
-#   61|           0: [MethodCall] call to method Sink<Int32>
-#   61|             0: [LocalVariableAccess] access to local variable b
-#   62|         9: [BreakStmt] break;
-#   65|       2: [LocalVariableDeclStmt] ... ...;
-#   65|         0: [LocalVariableDeclAndInitExpr] (String,(Int32,String),Int32) y = ...
-#   65|           -1: [TypeMention] (string, (int, string), int)
-#   65|           0: [LocalVariableAccess] access to local variable y
-#   65|           1: [TupleExpr] (..., ...)
-#   65|             0: [ParameterAccess] access to parameter s
-#   65|             1: [TupleExpr] (..., ...)
-#   65|               0: [IntLiteral] 2
-#   65|               1: [ParameterAccess] access to parameter s
-#   65|             2: [IntLiteral] 3
-#   66|       3: [SwitchStmt] switch (...) {...}
-#   66|         0: [LocalVariableAccess] access to local variable y
-#   68|         0: [CaseStmt] case ...:
-#   68|           0: [RecursivePatternExpr] { ... }
-#   68|             2: [PositionalPatternExpr] ( ... )
-#   68|               0: [ConstantPatternExpr,StringLiteral] "taint source"
-#   68|               1: [TupleExpr] (..., ...)
-#   68|                 0: [VariablePatternExpr] Int32 b
-#   68|                 1: [VariablePatternExpr] String c
-#   68|               2: [DiscardPatternExpr] _
-#   69|         1: [ExprStmt] ...;
-#   69|           0: [MethodCall] call to method Sink<String>
-#   69|             0: [FieldAccess] access to field Item1
-#   69|               -1: [LocalVariableAccess] access to local variable y
-#   70|         2: [ExprStmt] ...;
-#   70|           0: [MethodCall] call to method Sink<String>
-#   70|             0: [FieldAccess] access to field Item2
-#   70|               -1: [FieldAccess] access to field Item2
-#   70|                 -1: [LocalVariableAccess] access to local variable y
-#   71|         3: [ExprStmt] ...;
-#   71|           0: [MethodCall] call to method Sink<String>
-#   71|             0: [LocalVariableAccess] access to local variable c
-#   72|         4: [ExprStmt] ...;
-#   72|           0: [MethodCall] call to method Sink<Int32>
-#   72|             0: [FieldAccess] access to field Item1
-#   72|               -1: [FieldAccess] access to field Item2
-#   72|                 -1: [LocalVariableAccess] access to local variable y
-#   73|         5: [ExprStmt] ...;
-#   73|           0: [MethodCall] call to method Sink<Int32>
-#   73|             0: [LocalVariableAccess] access to local variable b
-#   74|         6: [BreakStmt] break;
-#   77|       4: [IfStmt] if (...) ...
-#   77|         0: [IsExpr] ... is ...
-#   77|           0: [LocalVariableAccess] access to local variable x
-#   77|           1: [TupleExpr] (..., ...)
-#   77|             0: [VariablePatternExpr] String p
-#   77|             1: [TupleExpr] (..., ...)
-#   77|               0: [VariablePatternExpr] Int32 q
-#   77|               1: [VariablePatternExpr] String r
-#   77|             2: [DiscardPatternExpr] _
-#   78|         1: [BlockStmt] {...}
-#   79|           0: [ExprStmt] ...;
-#   79|             0: [MethodCall] call to method Sink<String>
-#   79|               0: [LocalVariableAccess] access to local variable p
-#   80|           1: [ExprStmt] ...;
-#   80|             0: [MethodCall] call to method Sink<String>
-#   80|               0: [LocalVariableAccess] access to local variable r
-#   81|           2: [ExprStmt] ...;
-#   81|             0: [MethodCall] call to method Sink<Int32>
-#   81|               0: [LocalVariableAccess] access to local variable q
-#   85|   9: [RecordClass] R1
-#   85|     12: [NEOperator] !=
+#   55|       0: [Parameter] s
+#   55|         -1: [TypeMention] string
+#   56|     4: [BlockStmt] {...}
+#   57|       0: [LocalVariableDeclStmt] ... ...;
+#   57|         0: [LocalVariableDeclAndInitExpr] String o1 = ...
+#   57|           -1: [TypeMention] string
+#   57|           0: [LocalVariableAccess] access to local variable o1
+#   57|           1: [MethodCall] call to method Source<String>
+#   57|             0: [CastExpr] (...) ...
+#   57|               1: [IntLiteral] 6
+#   58|       1: [LocalVariableDeclStmt] ... ...;
+#   58|         0: [LocalVariableDeclAndInitExpr] String o2 = ...
+#   58|           -1: [TypeMention] string
+#   58|           0: [LocalVariableAccess] access to local variable o2
+#   58|           1: [MethodCall] call to method Source<String>
+#   58|             0: [CastExpr] (...) ...
+#   58|               1: [IntLiteral] 7
+#   59|       2: [LocalVariableDeclStmt] ... ...;
+#   59|         0: [LocalVariableDeclAndInitExpr] (String,(Int32,String),Int32) x = ...
+#   59|           -1: [TypeMention] (string, (int, string), int)
+#   59|           0: [LocalVariableAccess] access to local variable x
+#   59|           1: [TupleExpr] (..., ...)
+#   59|             0: [LocalVariableAccess] access to local variable o1
+#   59|             1: [TupleExpr] (..., ...)
+#   59|               0: [IntLiteral] 2
+#   59|               1: [LocalVariableAccess] access to local variable o2
+#   59|             2: [IntLiteral] 3
+#   60|       3: [SwitchStmt] switch (...) {...}
+#   60|         0: [LocalVariableAccess] access to local variable x
+#   62|         0: [CaseStmt] case ...:
+#   62|           0: [VariablePatternExpr] (String,(Int32,String),Int32) t
+#   62|             0: [TypeMention] (string, (int, string), int)
+#   62|               1: [TypeMention] string
+#   62|               2: [TypeMention] (int, string)
+#   62|                 1: [TypeMention] int
+#   62|                 2: [TypeMention] string
+#   62|               3: [TypeMention] int
+#   62|           1: [GTExpr] ... > ...
+#   62|             0: [FieldAccess] access to field Item3
+#   62|               -1: [LocalVariableAccess] access to local variable t
+#   62|             1: [IntLiteral] 1
+#   63|         1: [ExprStmt] ...;
+#   63|           0: [MethodCall] call to method Sink
+#   63|             0: [FieldAccess] access to field Item1
+#   63|               -1: [LocalVariableAccess] access to local variable t
+#   64|         2: [ExprStmt] ...;
+#   64|           0: [MethodCall] call to method Sink
+#   64|             0: [FieldAccess] access to field Item2
+#   64|               -1: [FieldAccess] access to field Item2
+#   64|                 -1: [LocalVariableAccess] access to local variable t
+#   65|         3: [ExprStmt] ...;
+#   65|           0: [MethodCall] call to method Sink
+#   65|             0: [CastExpr] (...) ...
+#   65|               1: [FieldAccess] access to field Item1
+#   65|                 -1: [FieldAccess] access to field Item2
+#   65|                   -1: [LocalVariableAccess] access to local variable t
+#   66|         4: [BreakStmt] break;
+#   67|         5: [CaseStmt] case ...:
+#   67|           0: [TupleExpr] (..., ...)
+#   67|             0: [VariablePatternExpr] String a
+#   67|             1: [TupleExpr] (..., ...)
+#   67|               0: [VariablePatternExpr] Int32 b
+#   67|               1: [VariablePatternExpr] String c
+#   67|             2: [DiscardPatternExpr] _
+#   68|         6: [ExprStmt] ...;
+#   68|           0: [MethodCall] call to method Sink
+#   68|             0: [LocalVariableAccess] access to local variable a
+#   69|         7: [ExprStmt] ...;
+#   69|           0: [MethodCall] call to method Sink
+#   69|             0: [LocalVariableAccess] access to local variable c
+#   70|         8: [ExprStmt] ...;
+#   70|           0: [MethodCall] call to method Sink
+#   70|             0: [CastExpr] (...) ...
+#   70|               1: [LocalVariableAccess] access to local variable b
+#   71|         9: [BreakStmt] break;
+#   74|       4: [LocalVariableDeclStmt] ... ...;
+#   74|         0: [LocalVariableDeclAndInitExpr] String o3 = ...
+#   74|           -1: [TypeMention] string
+#   74|           0: [LocalVariableAccess] access to local variable o3
+#   74|           1: [MethodCall] call to method Source<String>
+#   74|             0: [CastExpr] (...) ...
+#   74|               1: [IntLiteral] 8
+#   75|       5: [LocalVariableDeclStmt] ... ...;
+#   75|         0: [LocalVariableDeclAndInitExpr] (String,(Int32,String),Int32) y = ...
+#   75|           -1: [TypeMention] (string, (int, string), int)
+#   75|           0: [LocalVariableAccess] access to local variable y
+#   75|           1: [TupleExpr] (..., ...)
+#   75|             0: [ParameterAccess] access to parameter s
+#   75|             1: [TupleExpr] (..., ...)
+#   75|               0: [IntLiteral] 2
+#   75|               1: [ParameterAccess] access to parameter s
+#   75|             2: [IntLiteral] 3
+#   76|       6: [SwitchStmt] switch (...) {...}
+#   76|         0: [LocalVariableAccess] access to local variable y
+#   78|         0: [CaseStmt] case ...:
+#   78|           0: [RecursivePatternExpr] { ... }
+#   78|             2: [PositionalPatternExpr] ( ... )
+#   78|               0: [VariablePatternExpr] String a
+#   78|               1: [TupleExpr] (..., ...)
+#   78|                 0: [VariablePatternExpr] Int32 b
+#   78|                 1: [VariablePatternExpr] String c
+#   78|               2: [DiscardPatternExpr] _
+#   78|           1: [EQExpr] ... == ...
+#   78|             0: [LocalVariableAccess] access to local variable a
+#   78|             1: [LocalVariableAccess] access to local variable o3
+#   79|         1: [ExprStmt] ...;
+#   79|           0: [MethodCall] call to method Sink
+#   79|             0: [FieldAccess] access to field Item1
+#   79|               -1: [LocalVariableAccess] access to local variable y
+#   80|         2: [ExprStmt] ...;
+#   80|           0: [MethodCall] call to method Sink
+#   80|             0: [FieldAccess] access to field Item2
+#   80|               -1: [FieldAccess] access to field Item2
+#   80|                 -1: [LocalVariableAccess] access to local variable y
+#   81|         3: [ExprStmt] ...;
+#   81|           0: [MethodCall] call to method Sink
+#   81|             0: [LocalVariableAccess] access to local variable c
+#   82|         4: [ExprStmt] ...;
+#   82|           0: [MethodCall] call to method Sink
+#   82|             0: [CastExpr] (...) ...
+#   82|               1: [FieldAccess] access to field Item1
+#   82|                 -1: [FieldAccess] access to field Item2
+#   82|                   -1: [LocalVariableAccess] access to local variable y
+#   83|         5: [ExprStmt] ...;
+#   83|           0: [MethodCall] call to method Sink
+#   83|             0: [CastExpr] (...) ...
+#   83|               1: [LocalVariableAccess] access to local variable b
+#   84|         6: [BreakStmt] break;
+#   87|       7: [IfStmt] if (...) ...
+#   87|         0: [IsExpr] ... is ...
+#   87|           0: [LocalVariableAccess] access to local variable x
+#   87|           1: [TupleExpr] (..., ...)
+#   87|             0: [VariablePatternExpr] String p
+#   87|             1: [TupleExpr] (..., ...)
+#   87|               0: [VariablePatternExpr] Int32 q
+#   87|               1: [VariablePatternExpr] String r
+#   87|             2: [DiscardPatternExpr] _
+#   88|         1: [BlockStmt] {...}
+#   89|           0: [ExprStmt] ...;
+#   89|             0: [MethodCall] call to method Sink
+#   89|               0: [LocalVariableAccess] access to local variable p
+#   90|           1: [ExprStmt] ...;
+#   90|             0: [MethodCall] call to method Sink
+#   90|               0: [LocalVariableAccess] access to local variable r
+#   91|           2: [ExprStmt] ...;
+#   91|             0: [MethodCall] call to method Sink
+#   91|               0: [CastExpr] (...) ...
+#   91|                 1: [LocalVariableAccess] access to local variable q
+#   95|   9: [RecordClass] R1
+#   95|     12: [NEOperator] !=
 #-----|       2: (Parameters)
-#   85|         0: [Parameter] left
-#   85|         1: [Parameter] right
-#   85|     13: [EQOperator] ==
+#   95|         0: [Parameter] left
+#   95|         1: [Parameter] right
+#   95|     13: [EQOperator] ==
 #-----|       2: (Parameters)
-#   85|         0: [Parameter] left
-#   85|         1: [Parameter] right
-#   85|     14: [Property] EqualityContract
-#   85|       3: [Getter] get_EqualityContract
-#   85|     15: [InstanceConstructor] R1
+#   95|         0: [Parameter] left
+#   95|         1: [Parameter] right
+#   95|     14: [Property] EqualityContract
+#   95|       3: [Getter] get_EqualityContract
+#   95|     15: [InstanceConstructor] R1
 #-----|       2: (Parameters)
-#   85|         0: [Parameter] i
-#   85|           -1: [TypeMention] string
-#   85|         1: [Parameter] j
-#   85|           -1: [TypeMention] int
-#   85|     16: [Property] i
-#   85|       3: [Getter] get_i
-#   85|       4: [Setter] set_i
+#   95|         0: [Parameter] i
+#   95|           -1: [TypeMention] string
+#   95|         1: [Parameter] j
+#   95|           -1: [TypeMention] int
+#   95|     16: [Property] i
+#   95|       3: [Getter] get_i
+#   95|       4: [Setter] set_i
 #-----|         2: (Parameters)
-#   85|           0: [Parameter] value
-#   85|     17: [Property] j
-#   85|       3: [Getter] get_j
-#   85|       4: [Setter] set_j
+#   95|           0: [Parameter] value
+#   95|     17: [Property] j
+#   95|       3: [Getter] get_j
+#   95|       4: [Setter] set_j
 #-----|         2: (Parameters)
-#   85|           0: [Parameter] value
-#   87|   10: [Method] M5
-#   87|     -1: [TypeMention] Void
-#   88|     4: [BlockStmt] {...}
-#   89|       0: [LocalVariableDeclStmt] ... ...;
-#   89|         0: [LocalVariableDeclAndInitExpr] R1 r = ...
-#   89|           -1: [TypeMention] R1
-#   89|           0: [LocalVariableAccess] access to local variable r
-#   89|           1: [ObjectCreation] object creation of type R1
-#   89|             -1: [TypeMention] R1
-#   89|             0: [StringLiteral] "taint source"
-#   89|             1: [IntLiteral] 1
-#   90|       1: [ExprStmt] ...;
-#   90|         0: [MethodCall] call to method Sink<String>
-#   90|           0: [PropertyCall] access to property i
-#   90|             -1: [LocalVariableAccess] access to local variable r
-#   92|       2: [ExprStmt] ...;
-#   92|         0: [AssignExpr] ... = ...
-#   92|           0: [TupleExpr] (..., ...)
-#   92|             0: [LocalVariableDeclExpr] String a
-#   92|             1: [LocalVariableDeclExpr] Int32 b
-#   92|           1: [LocalVariableAccess] access to local variable r
-#   93|       3: [ExprStmt] ...;
-#   93|         0: [MethodCall] call to method Sink<String>
-#   93|           0: [LocalVariableAccess] access to local variable a
-#   94|       4: [ExprStmt] ...;
-#   94|         0: [MethodCall] call to method Sink<Int32>
-#   94|           0: [LocalVariableAccess] access to local variable b
-#   96|       5: [SwitchStmt] switch (...) {...}
-#   96|         0: [LocalVariableAccess] access to local variable r
-#   98|         0: [CaseStmt] case ...:
-#   98|           0: [TupleExpr] (..., ...)
-#   98|             0: [VariablePatternExpr] String x
-#   98|             1: [VariablePatternExpr] Int32 y
-#   99|         1: [ExprStmt] ...;
-#   99|           0: [MethodCall] call to method Sink<String>
-#   99|             0: [LocalVariableAccess] access to local variable x
-#  100|         2: [ExprStmt] ...;
-#  100|           0: [MethodCall] call to method Sink<Int32>
-#  100|             0: [LocalVariableAccess] access to local variable y
-#  101|         3: [BreakStmt] break;
-#  105|   11: [Method] Sink<>
-#  105|     -1: [TypeMention] Void
+#   95|           0: [Parameter] value
+#   97|   10: [Method] M5
+#   97|     -1: [TypeMention] Void
+#   98|     4: [BlockStmt] {...}
+#   99|       0: [LocalVariableDeclStmt] ... ...;
+#   99|         0: [LocalVariableDeclAndInitExpr] String o = ...
+#   99|           -1: [TypeMention] string
+#   99|           0: [LocalVariableAccess] access to local variable o
+#   99|           1: [MethodCall] call to method Source<String>
+#   99|             0: [CastExpr] (...) ...
+#   99|               1: [IntLiteral] 9
+#  100|       1: [LocalVariableDeclStmt] ... ...;
+#  100|         0: [LocalVariableDeclAndInitExpr] R1 r = ...
+#  100|           -1: [TypeMention] R1
+#  100|           0: [LocalVariableAccess] access to local variable r
+#  100|           1: [ObjectCreation] object creation of type R1
+#  100|             -1: [TypeMention] R1
+#  100|             0: [LocalVariableAccess] access to local variable o
+#  100|             1: [IntLiteral] 1
+#  101|       2: [ExprStmt] ...;
+#  101|         0: [MethodCall] call to method Sink
+#  101|           0: [PropertyCall] access to property i
+#  101|             -1: [LocalVariableAccess] access to local variable r
+#  103|       3: [ExprStmt] ...;
+#  103|         0: [AssignExpr] ... = ...
+#  103|           0: [TupleExpr] (..., ...)
+#  103|             0: [LocalVariableDeclExpr] String a
+#  103|             1: [LocalVariableDeclExpr] Int32 b
+#  103|           1: [LocalVariableAccess] access to local variable r
+#  104|       4: [ExprStmt] ...;
+#  104|         0: [MethodCall] call to method Sink
+#  104|           0: [LocalVariableAccess] access to local variable a
+#  105|       5: [ExprStmt] ...;
+#  105|         0: [MethodCall] call to method Sink
+#  105|           0: [CastExpr] (...) ...
+#  105|             1: [LocalVariableAccess] access to local variable b
+#  107|       6: [SwitchStmt] switch (...) {...}
+#  107|         0: [LocalVariableAccess] access to local variable r
+#  109|         0: [CaseStmt] case ...:
+#  109|           0: [TupleExpr] (..., ...)
+#  109|             0: [VariablePatternExpr] String x
+#  109|             1: [VariablePatternExpr] Int32 y
+#  110|         1: [ExprStmt] ...;
+#  110|           0: [MethodCall] call to method Sink
+#  110|             0: [LocalVariableAccess] access to local variable x
+#  111|         2: [ExprStmt] ...;
+#  111|           0: [MethodCall] call to method Sink
+#  111|             0: [CastExpr] (...) ...
+#  111|               1: [LocalVariableAccess] access to local variable y
+#  112|         3: [BreakStmt] break;
+#  116|   11: [Method] M6
+#  116|     -1: [TypeMention] Void
+#  117|     4: [BlockStmt] {...}
+#  118|       0: [LocalVariableDeclStmt] ... ...;
+#  118|         0: [LocalVariableDeclAndInitExpr] Object o = ...
+#  118|           -1: [TypeMention] object
+#  118|           0: [LocalVariableAccess] access to local variable o
+#  118|           1: [MethodCall] call to method Source<Object>
+#  118|             0: [CastExpr] (...) ...
+#  118|               1: [IntLiteral] 9
+#  120|       1: [LocalVariableDeclStmt] ... ...;
+#  120|         0: [LocalVariableDeclAndInitExpr] Int32 y1 = ...
+#  120|           -1: [TypeMention] int
+#  120|           0: [LocalVariableAccess] access to local variable y1
+#  120|           1: [IntLiteral] 0
+#  121|       2: [ExprStmt] ...;
+#  121|         0: [AssignExpr] ... = ...
+#  121|           0: [TupleExpr] (..., ...)
+#  121|             0: [LocalVariableDeclExpr] Object x1
+#  121|             1: [LocalVariableAccess] access to local variable y1
+#  121|           1: [TupleExpr] (..., ...)
+#  121|             0: [LocalVariableAccess] access to local variable o
+#  121|             1: [IntLiteral] 1
+#  122|       3: [ExprStmt] ...;
+#  122|         0: [MethodCall] call to method Sink
+#  122|           0: [LocalVariableAccess] access to local variable x1
+#  124|       4: [LocalVariableDeclStmt] ... ...;
+#  124|         0: [LocalVariableDeclAndInitExpr] Object x2 = ...
+#  124|           -1: [TypeMention] object
+#  124|           0: [LocalVariableAccess] access to local variable x2
+#  124|           1: [ObjectCreation] object creation of type Object
+#  124|             0: [TypeMention] object
+#  125|       5: [ExprStmt] ...;
+#  125|         0: [AssignExpr] ... = ...
+#  125|           0: [TupleExpr] (..., ...)
+#  125|             0: [LocalVariableAccess] access to local variable x2
+#  125|             1: [LocalVariableDeclExpr] Int32 y2
+#  125|           1: [TupleExpr] (..., ...)
+#  125|             0: [LocalVariableAccess] access to local variable o
+#  125|             1: [IntLiteral] 1
+#  126|       6: [ExprStmt] ...;
+#  126|         0: [MethodCall] call to method Sink
+#  126|           0: [LocalVariableAccess] access to local variable x2
+#  128|       7: [LocalVariableDeclStmt] ... ...;
+#  128|         0: [LocalVariableDeclAndInitExpr] Int32 x3 = ...
+#  128|           -1: [TypeMention] int
+#  128|           0: [LocalVariableAccess] access to local variable x3
+#  128|           1: [IntLiteral] 0
+#  129|       8: [ExprStmt] ...;
+#  129|         0: [AssignExpr] ... = ...
+#  129|           0: [TupleExpr] (..., ...)
+#  129|             0: [LocalVariableAccess] access to local variable x3
+#  129|             1: [LocalVariableDeclExpr] Object y3
+#  129|           1: [TupleExpr] (..., ...)
+#  129|             0: [IntLiteral] 1
+#  129|             1: [LocalVariableAccess] access to local variable o
+#  130|       9: [ExprStmt] ...;
+#  130|         0: [MethodCall] call to method Sink
+#  130|           0: [LocalVariableAccess] access to local variable y3
+#  132|       10: [LocalVariableDeclStmt] ... ...;
+#  132|         0: [LocalVariableDeclAndInitExpr] Object y4 = ...
+#  132|           -1: [TypeMention] object
+#  132|           0: [LocalVariableAccess] access to local variable y4
+#  132|           1: [ObjectCreation] object creation of type Object
+#  132|             0: [TypeMention] object
+#  133|       11: [ExprStmt] ...;
+#  133|         0: [AssignExpr] ... = ...
+#  133|           0: [TupleExpr] (..., ...)
+#  133|             0: [LocalVariableDeclExpr] Int32 x4
+#  133|             1: [LocalVariableAccess] access to local variable y4
+#  133|           1: [TupleExpr] (..., ...)
+#  133|             0: [IntLiteral] 1
+#  133|             1: [LocalVariableAccess] access to local variable o
+#  134|       12: [ExprStmt] ...;
+#  134|         0: [MethodCall] call to method Sink
+#  134|           0: [LocalVariableAccess] access to local variable y4
+#  137|   12: [Method] Sink
+#  137|     -1: [TypeMention] Void
+#-----|     2: (Parameters)
+#  137|       0: [Parameter] o
+#  137|         -1: [TypeMention] object
+#  137|     4: [BlockStmt] {...}
+#  139|   13: [Method] Source<>
+#  139|     -1: [TypeMention] T
 #-----|     1: (Type parameters)
-#  105|       0: [TypeParameter] T
+#  139|       0: [TypeParameter] T
 #-----|     2: (Parameters)
-#  105|       0: [Parameter] x
-#  105|         -1: [TypeMention] T
-#  105|     4: [BlockStmt] {...}
-#  108| [NamespaceDeclaration] namespace ... { ... }
-#  110|   1: [Class] IsExternalInit
+#  139|       0: [Parameter] source
+#  139|         -1: [TypeMention] object
+#  139|     4: [ThrowExpr] throw ...
+#  139|       0: [NullLiteral] null
+#  142| [NamespaceDeclaration] namespace ... { ... }
+#  144|   1: [Class] IsExternalInit

csharp/ql/test/library-tests/dataflow/tuples/Tuples.cs

@@ -4,71 +4,81 @@ class Tuples
 {
     static void M1()
     {
-        var x = (a: "taint source", (1, "taint source"));
+        var o1 = Source<object>(1);
+        var o2 = Source<object>(2);
+
+        var x = (a: o1, (1, o2));
         var (a, (b, c)) = x;
-        Sink(a);                // Tainted
+        Sink(a);                // $ hasValueFlow=1
         Sink(b);
-        Sink(c);                // Tainted
+        Sink(c);                // $ hasValueFlow=2
 
         (a, (b, c)) = x;
-        Sink(a);                // Tainted
+        Sink(a);                // $ hasValueFlow=1
         Sink(b);
-        Sink(c);                // Tainted
+        Sink(c);                // $ hasValueFlow=2
 
         (var p, var q) = x;
-        Sink(p);                // Tainted
+        Sink(p);                // $ hasValueFlow=1
         Sink(q.Item1);
-        Sink(q.Item2);          // Tainted
+        Sink(q.Item2);          // $ hasValueFlow=2
 
-        Sink(x.Item1);          // Tainted
-        Sink(x.a);              // Tainted
+        Sink(x.Item1);          // $ hasValueFlow=1
+        Sink(x.a);              // $ hasValueFlow=1
         Sink(x.Item2.Item1);
-        Sink(x.Item2.Item2);    // Tainted
+        Sink(x.Item2.Item2);    // $ hasValueFlow=2
     }
 
     static void M2()
     {
-        var x = ("taint source", 2, 3, 4, 5, 6, 7, 8, 9, "taint source");
-        Sink(x.Item1);          // Tainted
+        var o1 = Source<object>(3);
+        var o2 = Source<object>(4);
+
+        var x = (o1, 2, 3, 4, 5, 6, 7, 8, 9, o2);
+        Sink(x.Item1);          // $ hasValueFlow=3
         Sink(x.Item2);
-        Sink(x.Item10);         // Tainted
+        Sink(x.Item10);         // $ hasValueFlow=4
     }
 
     static void M3()
     {
-        var x = (ValueTuple<string, int, int>)("taint source", 2, 3);
-        Sink(x.Item1);          // Tainted
+        var o = Source<string>(5);
+        var x = (ValueTuple<string, int, int>)(o, 2, 3);
+        Sink(x.Item1);          // $ hasValueFlow=5
         Sink(x.Item2);
 
-        var y = (ValueTuple<object, int, int>)("taint source", 2, 3);
-        Sink(y.Item1);          // Tainted, not found
+        var y = (ValueTuple<object, int, int>)(o, 2, 3);
+        Sink(y.Item1);          // $ MISSING: hasValueFlow=5
         Sink(y.Item2);
     }
 
     static void M4(string s)
     {
-        var x = ("taint source", (2, "taint source"), 3);
+        var o1 = Source<string>(6);
+        var o2 = Source<string>(7);
+        var x = (o1, (2, o2), 3);
         switch (x)
         {
             case ValueTuple<string, (int, string), int> t when t.Item3 > 1:
-                Sink(t.Item1);          // Tainted
-                Sink(t.Item2.Item2);    // Tainted
+                Sink(t.Item1);          // $ hasValueFlow=6
+                Sink(t.Item2.Item2);    // $ hasValueFlow=7
                 Sink(t.Item2.Item1);
                 break;
             case var (a, (b, c), _):
-                Sink(a);        // Tainted
-                Sink(c);        // Tainted
+                Sink(a);        // $ hasValueFlow=6
+                Sink(c);        // $ hasValueFlow=7
                 Sink(b);
                 break;
         }
 
+        var o3 = Source<string>(8);
         var y = (s, (2, s), 3);
         switch (y)
         {
-            case ("taint source", var (b, c), _):
-                Sink(y.Item1);          // Tainted, not found
-                Sink(y.Item2.Item2);    // Tainted, not found
-                Sink(c);                // Tainted, not found
+            case (var a, var (b, c), _) when a == o3:
+                Sink(y.Item1);          // $ MISSING: hasValueFlow=8
+                Sink(y.Item2.Item2);    // $ MISSING: hasValueFlow=8
+                Sink(c);                // $ MISSING: hasValueFlow=8
                 Sink(y.Item2.Item1);
                 Sink(b);
                 break;
@@ -76,8 +86,8 @@ class Tuples
 
         if (x is var (p, (q, r), _))
         {
-            Sink(p);        // Tainted
-            Sink(r);        // Tainted
+            Sink(p);        // $ hasValueFlow=6
+            Sink(r);        // $ hasValueFlow=7
             Sink(q);
         }
     }
@@ -86,23 +96,47 @@ class Tuples
 
     static void M5()
     {
-        var r = new R1("taint source", 1);
-        Sink(r.i);          // Tainted
+        var o = Source<string>(9);
+        var r = new R1(o, 1);
+        Sink(r.i);          // $ hasValueFlow=9
 
         var (a, b) = r;
-        Sink(a);            // Tainted, not found
+        Sink(a);            // $ MISSING: hasValueFlow=9
         Sink(b);
 
         switch (r)
         {
             case var (x, y):
-                Sink(x);        // Tainted, not found
+                Sink(x);        // $ MISSING: hasValueFlow=9
                 Sink(y);
                 break;
         }
     }
 
-    static void Sink<T>(T x) { }
+    static void M6()
+    {
+        var o = Source<object>(9);
+
+        int y1 = 0;
+        (object x1, y1) = (o, 1);
+        Sink(x1);               // $ hasValueFlow=9
+
+        var x2 = new object();
+        (x2, int y2) = (o, 1);
+        Sink(x2);               // $ hasValueFlow=9
+
+        var x3 = 0;
+        (x3, object y3) = (1, o);
+        Sink(y3);               // $ hasValueFlow=9
+
+        var y4 = new object();
+        (int x4, y4) = (1, o);
+        Sink(y4);               // $ hasValueFlow=9
+    }
+
+    public static void Sink(object o) { }
+
+    static T Source<T>(object source) => throw null;
 }
 
 namespace System.Runtime.CompilerServices

csharp/ql/test/library-tests/dataflow/tuples/Tuples.expected

@@ -1,167 +1,438 @@
+failures
 edges
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item1] : String | Tuples.cs:8:9:8:23 | (..., ...) [field Item1] : String |
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item1] : String | Tuples.cs:13:9:13:19 | (..., ...) [field Item1] : String |
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item1] : String | Tuples.cs:18:9:18:22 | (..., ...) [field Item1] : String |
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item1] : String | Tuples.cs:23:14:23:14 | access to local variable x [field Item1] : String |
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item1] : String | Tuples.cs:24:14:24:14 | access to local variable x [field Item1] : String |
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:8:9:8:23 | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:13:9:13:19 | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:18:9:18:22 | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:26:14:26:14 | access to local variable x [field Item2, field Item2] : String |
-| Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:7:17:7:56 | (..., ...) [field Item1] : String |
-| Tuples.cs:7:37:7:55 | (..., ...) [field Item2] : String | Tuples.cs:7:17:7:56 | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:7:41:7:54 | "taint source" : String | Tuples.cs:7:37:7:55 | (..., ...) [field Item2] : String |
-| Tuples.cs:8:9:8:23 | (..., ...) [field Item1] : String | Tuples.cs:8:9:8:27 | SSA def(a) : String |
-| Tuples.cs:8:9:8:23 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:8:9:8:23 | (..., ...) [field Item2] : String |
-| Tuples.cs:8:9:8:23 | (..., ...) [field Item2] : String | Tuples.cs:8:9:8:27 | SSA def(c) : String |
-| Tuples.cs:8:9:8:27 | SSA def(a) : String | Tuples.cs:9:14:9:14 | access to local variable a |
-| Tuples.cs:8:9:8:27 | SSA def(c) : String | Tuples.cs:11:14:11:14 | access to local variable c |
-| Tuples.cs:13:9:13:19 | (..., ...) [field Item1] : String | Tuples.cs:13:9:13:23 | SSA def(a) : String |
-| Tuples.cs:13:9:13:19 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:13:13:13:18 | (..., ...) [field Item2] : String |
-| Tuples.cs:13:9:13:23 | SSA def(a) : String | Tuples.cs:14:14:14:14 | access to local variable a |
-| Tuples.cs:13:9:13:23 | SSA def(c) : String | Tuples.cs:16:14:16:14 | access to local variable c |
-| Tuples.cs:13:13:13:18 | (..., ...) [field Item2] : String | Tuples.cs:13:9:13:23 | SSA def(c) : String |
-| Tuples.cs:18:9:18:22 | (..., ...) [field Item1] : String | Tuples.cs:18:9:18:26 | SSA def(p) : String |
-| Tuples.cs:18:9:18:22 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:18:9:18:26 | SSA def(q) [field Item2] : String |
-| Tuples.cs:18:9:18:26 | SSA def(p) : String | Tuples.cs:19:14:19:14 | access to local variable p |
-| Tuples.cs:18:9:18:26 | SSA def(q) [field Item2] : String | Tuples.cs:21:14:21:14 | access to local variable q [field Item2] : String |
-| Tuples.cs:21:14:21:14 | access to local variable q [field Item2] : String | Tuples.cs:21:14:21:20 | access to field Item2 |
-| Tuples.cs:23:14:23:14 | access to local variable x [field Item1] : String | Tuples.cs:23:14:23:20 | access to field Item1 |
-| Tuples.cs:24:14:24:14 | access to local variable x [field Item1] : String | Tuples.cs:24:14:24:16 | access to field Item1 |
-| Tuples.cs:26:14:26:14 | access to local variable x [field Item2, field Item2] : String | Tuples.cs:26:14:26:20 | access to field Item2 [field Item2] : String |
-| Tuples.cs:26:14:26:20 | access to field Item2 [field Item2] : String | Tuples.cs:26:14:26:26 | access to field Item2 |
-| Tuples.cs:31:17:31:72 | (..., ...) [field Item1] : String | Tuples.cs:32:14:32:14 | access to local variable x [field Item1] : String |
-| Tuples.cs:31:17:31:72 | (..., ...) [field Item10] : String | Tuples.cs:34:14:34:14 | access to local variable x [field Item10] : String |
-| Tuples.cs:31:18:31:31 | "taint source" : String | Tuples.cs:31:17:31:72 | (..., ...) [field Item1] : String |
-| Tuples.cs:31:58:31:71 | "taint source" : String | Tuples.cs:31:17:31:72 | (..., ...) [field Item10] : String |
-| Tuples.cs:32:14:32:14 | access to local variable x [field Item1] : String | Tuples.cs:32:14:32:20 | access to field Item1 |
-| Tuples.cs:34:14:34:14 | access to local variable x [field Item10] : String | Tuples.cs:34:14:34:21 | access to field Item10 |
-| Tuples.cs:39:17:39:68 | (...) ... [field Item1] : String | Tuples.cs:40:14:40:14 | access to local variable x [field Item1] : String |
-| Tuples.cs:39:47:39:68 | (..., ...) [field Item1] : String | Tuples.cs:39:17:39:68 | (...) ... [field Item1] : String |
-| Tuples.cs:39:48:39:61 | "taint source" : String | Tuples.cs:39:47:39:68 | (..., ...) [field Item1] : String |
-| Tuples.cs:40:14:40:14 | access to local variable x [field Item1] : String | Tuples.cs:40:14:40:20 | access to field Item1 |
-| Tuples.cs:50:17:50:56 | (..., ...) [field Item1] : String | Tuples.cs:53:18:53:57 | SSA def(t) [field Item1] : String |
-| Tuples.cs:50:17:50:56 | (..., ...) [field Item1] : String | Tuples.cs:58:18:58:35 | (..., ...) [field Item1] : String |
-| Tuples.cs:50:17:50:56 | (..., ...) [field Item1] : String | Tuples.cs:77:18:77:35 | (..., ...) [field Item1] : String |
-| Tuples.cs:50:17:50:56 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:53:18:53:57 | SSA def(t) [field Item2, field Item2] : String |
-| Tuples.cs:50:17:50:56 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:58:18:58:35 | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:50:17:50:56 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:77:18:77:35 | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:50:18:50:31 | "taint source" : String | Tuples.cs:50:17:50:56 | (..., ...) [field Item1] : String |
-| Tuples.cs:50:34:50:52 | (..., ...) [field Item2] : String | Tuples.cs:50:17:50:56 | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:50:38:50:51 | "taint source" : String | Tuples.cs:50:34:50:52 | (..., ...) [field Item2] : String |
-| Tuples.cs:53:18:53:57 | SSA def(t) [field Item1] : String | Tuples.cs:54:22:54:22 | access to local variable t [field Item1] : String |
-| Tuples.cs:53:18:53:57 | SSA def(t) [field Item2, field Item2] : String | Tuples.cs:55:22:55:22 | access to local variable t [field Item2, field Item2] : String |
-| Tuples.cs:54:22:54:22 | access to local variable t [field Item1] : String | Tuples.cs:54:22:54:28 | access to field Item1 |
-| Tuples.cs:55:22:55:22 | access to local variable t [field Item2, field Item2] : String | Tuples.cs:55:22:55:28 | access to field Item2 [field Item2] : String |
-| Tuples.cs:55:22:55:28 | access to field Item2 [field Item2] : String | Tuples.cs:55:22:55:34 | access to field Item2 |
-| Tuples.cs:58:18:58:35 | (..., ...) [field Item1] : String | Tuples.cs:58:23:58:23 | SSA def(a) : String |
-| Tuples.cs:58:18:58:35 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:58:18:58:35 | (..., ...) [field Item2] : String |
-| Tuples.cs:58:18:58:35 | (..., ...) [field Item2] : String | Tuples.cs:58:30:58:30 | SSA def(c) : String |
-| Tuples.cs:58:23:58:23 | SSA def(a) : String | Tuples.cs:59:22:59:22 | access to local variable a |
-| Tuples.cs:58:30:58:30 | SSA def(c) : String | Tuples.cs:60:22:60:22 | access to local variable c |
-| Tuples.cs:77:18:77:35 | (..., ...) [field Item1] : String | Tuples.cs:77:23:77:23 | SSA def(p) : String |
-| Tuples.cs:77:18:77:35 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:77:18:77:35 | (..., ...) [field Item2] : String |
-| Tuples.cs:77:18:77:35 | (..., ...) [field Item2] : String | Tuples.cs:77:30:77:30 | SSA def(r) : String |
-| Tuples.cs:77:23:77:23 | SSA def(p) : String | Tuples.cs:79:18:79:18 | access to local variable p |
-| Tuples.cs:77:30:77:30 | SSA def(r) : String | Tuples.cs:80:18:80:18 | access to local variable r |
-| Tuples.cs:89:17:89:41 | object creation of type R1 [property i] : String | Tuples.cs:90:14:90:14 | access to local variable r [property i] : String |
-| Tuples.cs:89:24:89:37 | "taint source" : String | Tuples.cs:89:17:89:41 | object creation of type R1 [property i] : String |
-| Tuples.cs:90:14:90:14 | access to local variable r [property i] : String | Tuples.cs:90:14:90:16 | access to property i |
+| Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | Tuples.cs:10:21:10:22 | access to local variable o1 : Object |
+| Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | Tuples.cs:10:21:10:22 | access to local variable o1 : Object |
+| Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | Tuples.cs:10:29:10:30 | access to local variable o2 : Object |
+| Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | Tuples.cs:10:29:10:30 | access to local variable o2 : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:11:9:11:23 | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:11:9:11:23 | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:16:9:16:19 | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:16:9:16:19 | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:21:9:21:22 | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:21:9:21:22 | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:26:14:26:14 | access to local variable x [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:26:14:26:14 | access to local variable x [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:27:14:27:14 | access to local variable x [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | Tuples.cs:27:14:27:14 | access to local variable x [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:11:9:11:23 | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:11:9:11:23 | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:16:9:16:19 | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:16:9:16:19 | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:21:9:21:22 | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:21:9:21:22 | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:29:14:29:14 | access to local variable x [field Item2, field Item2] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:29:14:29:14 | access to local variable x [field Item2, field Item2] : Object |
+| Tuples.cs:10:21:10:22 | access to local variable o1 : Object | Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:21:10:22 | access to local variable o1 : Object | Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:25:10:31 | (..., ...) [field Item2] : Object | Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:25:10:31 | (..., ...) [field Item2] : Object | Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:29:10:30 | access to local variable o2 : Object | Tuples.cs:10:25:10:31 | (..., ...) [field Item2] : Object |
+| Tuples.cs:10:29:10:30 | access to local variable o2 : Object | Tuples.cs:10:25:10:31 | (..., ...) [field Item2] : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item1] : Object | Tuples.cs:11:9:11:27 | SSA def(a) : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item1] : Object | Tuples.cs:11:9:11:27 | SSA def(a) : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:11:9:11:23 | (..., ...) [field Item2] : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:11:9:11:23 | (..., ...) [field Item2] : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item2] : Object | Tuples.cs:11:9:11:27 | SSA def(c) : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item2] : Object | Tuples.cs:11:9:11:27 | SSA def(c) : Object |
+| Tuples.cs:11:9:11:27 | SSA def(a) : Object | Tuples.cs:12:14:12:14 | access to local variable a |
+| Tuples.cs:11:9:11:27 | SSA def(a) : Object | Tuples.cs:12:14:12:14 | access to local variable a |
+| Tuples.cs:11:9:11:27 | SSA def(c) : Object | Tuples.cs:14:14:14:14 | access to local variable c |
+| Tuples.cs:11:9:11:27 | SSA def(c) : Object | Tuples.cs:14:14:14:14 | access to local variable c |
+| Tuples.cs:16:9:16:19 | (..., ...) [field Item1] : Object | Tuples.cs:16:9:16:23 | SSA def(a) : Object |
+| Tuples.cs:16:9:16:19 | (..., ...) [field Item1] : Object | Tuples.cs:16:9:16:23 | SSA def(a) : Object |
+| Tuples.cs:16:9:16:19 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:16:13:16:18 | (..., ...) [field Item2] : Object |
+| Tuples.cs:16:9:16:19 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:16:13:16:18 | (..., ...) [field Item2] : Object |
+| Tuples.cs:16:9:16:23 | SSA def(a) : Object | Tuples.cs:17:14:17:14 | access to local variable a |
+| Tuples.cs:16:9:16:23 | SSA def(a) : Object | Tuples.cs:17:14:17:14 | access to local variable a |
+| Tuples.cs:16:9:16:23 | SSA def(c) : Object | Tuples.cs:19:14:19:14 | access to local variable c |
+| Tuples.cs:16:9:16:23 | SSA def(c) : Object | Tuples.cs:19:14:19:14 | access to local variable c |
+| Tuples.cs:16:13:16:18 | (..., ...) [field Item2] : Object | Tuples.cs:16:9:16:23 | SSA def(c) : Object |
+| Tuples.cs:16:13:16:18 | (..., ...) [field Item2] : Object | Tuples.cs:16:9:16:23 | SSA def(c) : Object |
+| Tuples.cs:21:9:21:22 | (..., ...) [field Item1] : Object | Tuples.cs:21:9:21:26 | SSA def(p) : Object |
+| Tuples.cs:21:9:21:22 | (..., ...) [field Item1] : Object | Tuples.cs:21:9:21:26 | SSA def(p) : Object |
+| Tuples.cs:21:9:21:22 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:21:9:21:26 | SSA def(q) [field Item2] : Object |
+| Tuples.cs:21:9:21:22 | (..., ...) [field Item2, field Item2] : Object | Tuples.cs:21:9:21:26 | SSA def(q) [field Item2] : Object |
+| Tuples.cs:21:9:21:26 | SSA def(p) : Object | Tuples.cs:22:14:22:14 | access to local variable p |
+| Tuples.cs:21:9:21:26 | SSA def(p) : Object | Tuples.cs:22:14:22:14 | access to local variable p |
+| Tuples.cs:21:9:21:26 | SSA def(q) [field Item2] : Object | Tuples.cs:24:14:24:14 | access to local variable q [field Item2] : Object |
+| Tuples.cs:21:9:21:26 | SSA def(q) [field Item2] : Object | Tuples.cs:24:14:24:14 | access to local variable q [field Item2] : Object |
+| Tuples.cs:24:14:24:14 | access to local variable q [field Item2] : Object | Tuples.cs:24:14:24:20 | access to field Item2 |
+| Tuples.cs:24:14:24:14 | access to local variable q [field Item2] : Object | Tuples.cs:24:14:24:20 | access to field Item2 |
+| Tuples.cs:26:14:26:14 | access to local variable x [field Item1] : Object | Tuples.cs:26:14:26:20 | access to field Item1 |
+| Tuples.cs:26:14:26:14 | access to local variable x [field Item1] : Object | Tuples.cs:26:14:26:20 | access to field Item1 |
+| Tuples.cs:27:14:27:14 | access to local variable x [field Item1] : Object | Tuples.cs:27:14:27:16 | access to field Item1 |
+| Tuples.cs:27:14:27:14 | access to local variable x [field Item1] : Object | Tuples.cs:27:14:27:16 | access to field Item1 |
+| Tuples.cs:29:14:29:14 | access to local variable x [field Item2, field Item2] : Object | Tuples.cs:29:14:29:20 | access to field Item2 [field Item2] : Object |
+| Tuples.cs:29:14:29:14 | access to local variable x [field Item2, field Item2] : Object | Tuples.cs:29:14:29:20 | access to field Item2 [field Item2] : Object |
+| Tuples.cs:29:14:29:20 | access to field Item2 [field Item2] : Object | Tuples.cs:29:14:29:26 | access to field Item2 |
+| Tuples.cs:29:14:29:20 | access to field Item2 [field Item2] : Object | Tuples.cs:29:14:29:26 | access to field Item2 |
+| Tuples.cs:34:18:34:34 | call to method Source<Object> : Object | Tuples.cs:37:18:37:19 | access to local variable o1 : Object |
+| Tuples.cs:34:18:34:34 | call to method Source<Object> : Object | Tuples.cs:37:18:37:19 | access to local variable o1 : Object |
+| Tuples.cs:35:18:35:34 | call to method Source<Object> : Object | Tuples.cs:37:46:37:47 | access to local variable o2 : Object |
+| Tuples.cs:35:18:35:34 | call to method Source<Object> : Object | Tuples.cs:37:46:37:47 | access to local variable o2 : Object |
+| Tuples.cs:37:17:37:48 | (..., ...) [field Item1] : Object | Tuples.cs:38:14:38:14 | access to local variable x [field Item1] : Object |
+| Tuples.cs:37:17:37:48 | (..., ...) [field Item1] : Object | Tuples.cs:38:14:38:14 | access to local variable x [field Item1] : Object |
+| Tuples.cs:37:17:37:48 | (..., ...) [field Item10] : Object | Tuples.cs:40:14:40:14 | access to local variable x [field Item10] : Object |
+| Tuples.cs:37:17:37:48 | (..., ...) [field Item10] : Object | Tuples.cs:40:14:40:14 | access to local variable x [field Item10] : Object |
+| Tuples.cs:37:18:37:19 | access to local variable o1 : Object | Tuples.cs:37:17:37:48 | (..., ...) [field Item1] : Object |
+| Tuples.cs:37:18:37:19 | access to local variable o1 : Object | Tuples.cs:37:17:37:48 | (..., ...) [field Item1] : Object |
+| Tuples.cs:37:46:37:47 | access to local variable o2 : Object | Tuples.cs:37:17:37:48 | (..., ...) [field Item10] : Object |
+| Tuples.cs:37:46:37:47 | access to local variable o2 : Object | Tuples.cs:37:17:37:48 | (..., ...) [field Item10] : Object |
+| Tuples.cs:38:14:38:14 | access to local variable x [field Item1] : Object | Tuples.cs:38:14:38:20 | access to field Item1 |
+| Tuples.cs:38:14:38:14 | access to local variable x [field Item1] : Object | Tuples.cs:38:14:38:20 | access to field Item1 |
+| Tuples.cs:40:14:40:14 | access to local variable x [field Item10] : Object | Tuples.cs:40:14:40:21 | access to field Item10 |
+| Tuples.cs:40:14:40:14 | access to local variable x [field Item10] : Object | Tuples.cs:40:14:40:21 | access to field Item10 |
+| Tuples.cs:45:17:45:33 | call to method Source<String> : String | Tuples.cs:46:48:46:48 | access to local variable o : String |
+| Tuples.cs:45:17:45:33 | call to method Source<String> : String | Tuples.cs:46:48:46:48 | access to local variable o : String |
+| Tuples.cs:46:17:46:55 | (...) ... [field Item1] : String | Tuples.cs:47:14:47:14 | access to local variable x [field Item1] : String |
+| Tuples.cs:46:17:46:55 | (...) ... [field Item1] : String | Tuples.cs:47:14:47:14 | access to local variable x [field Item1] : String |
+| Tuples.cs:46:47:46:55 | (..., ...) [field Item1] : String | Tuples.cs:46:17:46:55 | (...) ... [field Item1] : String |
+| Tuples.cs:46:47:46:55 | (..., ...) [field Item1] : String | Tuples.cs:46:17:46:55 | (...) ... [field Item1] : String |
+| Tuples.cs:46:48:46:48 | access to local variable o : String | Tuples.cs:46:47:46:55 | (..., ...) [field Item1] : String |
+| Tuples.cs:46:48:46:48 | access to local variable o : String | Tuples.cs:46:47:46:55 | (..., ...) [field Item1] : String |
+| Tuples.cs:47:14:47:14 | access to local variable x [field Item1] : String | Tuples.cs:47:14:47:20 | access to field Item1 |
+| Tuples.cs:47:14:47:14 | access to local variable x [field Item1] : String | Tuples.cs:47:14:47:20 | access to field Item1 |
+| Tuples.cs:57:18:57:34 | call to method Source<String> : String | Tuples.cs:59:18:59:19 | access to local variable o1 : String |
+| Tuples.cs:57:18:57:34 | call to method Source<String> : String | Tuples.cs:59:18:59:19 | access to local variable o1 : String |
+| Tuples.cs:58:18:58:34 | call to method Source<String> : String | Tuples.cs:59:26:59:27 | access to local variable o2 : String |
+| Tuples.cs:58:18:58:34 | call to method Source<String> : String | Tuples.cs:59:26:59:27 | access to local variable o2 : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String | Tuples.cs:62:18:62:57 | SSA def(t) [field Item1] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String | Tuples.cs:62:18:62:57 | SSA def(t) [field Item1] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String | Tuples.cs:67:18:67:35 | (..., ...) [field Item1] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String | Tuples.cs:67:18:67:35 | (..., ...) [field Item1] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String | Tuples.cs:87:18:87:35 | (..., ...) [field Item1] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String | Tuples.cs:87:18:87:35 | (..., ...) [field Item1] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:62:18:62:57 | SSA def(t) [field Item2, field Item2] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:62:18:62:57 | SSA def(t) [field Item2, field Item2] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:67:18:67:35 | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:67:18:67:35 | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:87:18:87:35 | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:87:18:87:35 | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:59:18:59:19 | access to local variable o1 : String | Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String |
+| Tuples.cs:59:18:59:19 | access to local variable o1 : String | Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String |
+| Tuples.cs:59:22:59:28 | (..., ...) [field Item2] : String | Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:59:22:59:28 | (..., ...) [field Item2] : String | Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:59:26:59:27 | access to local variable o2 : String | Tuples.cs:59:22:59:28 | (..., ...) [field Item2] : String |
+| Tuples.cs:59:26:59:27 | access to local variable o2 : String | Tuples.cs:59:22:59:28 | (..., ...) [field Item2] : String |
+| Tuples.cs:62:18:62:57 | SSA def(t) [field Item1] : String | Tuples.cs:63:22:63:22 | access to local variable t [field Item1] : String |
+| Tuples.cs:62:18:62:57 | SSA def(t) [field Item1] : String | Tuples.cs:63:22:63:22 | access to local variable t [field Item1] : String |
+| Tuples.cs:62:18:62:57 | SSA def(t) [field Item2, field Item2] : String | Tuples.cs:64:22:64:22 | access to local variable t [field Item2, field Item2] : String |
+| Tuples.cs:62:18:62:57 | SSA def(t) [field Item2, field Item2] : String | Tuples.cs:64:22:64:22 | access to local variable t [field Item2, field Item2] : String |
+| Tuples.cs:63:22:63:22 | access to local variable t [field Item1] : String | Tuples.cs:63:22:63:28 | access to field Item1 |
+| Tuples.cs:63:22:63:22 | access to local variable t [field Item1] : String | Tuples.cs:63:22:63:28 | access to field Item1 |
+| Tuples.cs:64:22:64:22 | access to local variable t [field Item2, field Item2] : String | Tuples.cs:64:22:64:28 | access to field Item2 [field Item2] : String |
+| Tuples.cs:64:22:64:22 | access to local variable t [field Item2, field Item2] : String | Tuples.cs:64:22:64:28 | access to field Item2 [field Item2] : String |
+| Tuples.cs:64:22:64:28 | access to field Item2 [field Item2] : String | Tuples.cs:64:22:64:34 | access to field Item2 |
+| Tuples.cs:64:22:64:28 | access to field Item2 [field Item2] : String | Tuples.cs:64:22:64:34 | access to field Item2 |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item1] : String | Tuples.cs:67:23:67:23 | SSA def(a) : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item1] : String | Tuples.cs:67:23:67:23 | SSA def(a) : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:67:18:67:35 | (..., ...) [field Item2] : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:67:18:67:35 | (..., ...) [field Item2] : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item2] : String | Tuples.cs:67:30:67:30 | SSA def(c) : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item2] : String | Tuples.cs:67:30:67:30 | SSA def(c) : String |
+| Tuples.cs:67:23:67:23 | SSA def(a) : String | Tuples.cs:68:22:68:22 | access to local variable a |
+| Tuples.cs:67:23:67:23 | SSA def(a) : String | Tuples.cs:68:22:68:22 | access to local variable a |
+| Tuples.cs:67:30:67:30 | SSA def(c) : String | Tuples.cs:69:22:69:22 | access to local variable c |
+| Tuples.cs:67:30:67:30 | SSA def(c) : String | Tuples.cs:69:22:69:22 | access to local variable c |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item1] : String | Tuples.cs:87:23:87:23 | SSA def(p) : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item1] : String | Tuples.cs:87:23:87:23 | SSA def(p) : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:87:18:87:35 | (..., ...) [field Item2] : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item2, field Item2] : String | Tuples.cs:87:18:87:35 | (..., ...) [field Item2] : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item2] : String | Tuples.cs:87:30:87:30 | SSA def(r) : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item2] : String | Tuples.cs:87:30:87:30 | SSA def(r) : String |
+| Tuples.cs:87:23:87:23 | SSA def(p) : String | Tuples.cs:89:18:89:18 | access to local variable p |
+| Tuples.cs:87:23:87:23 | SSA def(p) : String | Tuples.cs:89:18:89:18 | access to local variable p |
+| Tuples.cs:87:30:87:30 | SSA def(r) : String | Tuples.cs:90:18:90:18 | access to local variable r |
+| Tuples.cs:87:30:87:30 | SSA def(r) : String | Tuples.cs:90:18:90:18 | access to local variable r |
+| Tuples.cs:99:17:99:33 | call to method Source<String> : String | Tuples.cs:100:24:100:24 | access to local variable o : String |
+| Tuples.cs:99:17:99:33 | call to method Source<String> : String | Tuples.cs:100:24:100:24 | access to local variable o : String |
+| Tuples.cs:100:17:100:28 | object creation of type R1 [property i] : String | Tuples.cs:101:14:101:14 | access to local variable r [property i] : String |
+| Tuples.cs:100:17:100:28 | object creation of type R1 [property i] : String | Tuples.cs:101:14:101:14 | access to local variable r [property i] : String |
+| Tuples.cs:100:24:100:24 | access to local variable o : String | Tuples.cs:100:17:100:28 | object creation of type R1 [property i] : String |
+| Tuples.cs:100:24:100:24 | access to local variable o : String | Tuples.cs:100:17:100:28 | object creation of type R1 [property i] : String |
+| Tuples.cs:101:14:101:14 | access to local variable r [property i] : String | Tuples.cs:101:14:101:16 | access to property i |
+| Tuples.cs:101:14:101:14 | access to local variable r [property i] : String | Tuples.cs:101:14:101:16 | access to property i |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:121:28:121:28 | access to local variable o : Object |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:121:28:121:28 | access to local variable o : Object |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:122:14:122:15 | access to local variable x1 |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:122:14:122:15 | access to local variable x1 |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:125:25:125:25 | access to local variable o : Object |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:125:25:125:25 | access to local variable o : Object |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:126:14:126:15 | access to local variable x2 |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:126:14:126:15 | access to local variable x2 |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:129:31:129:31 | access to local variable o : Object |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:129:31:129:31 | access to local variable o : Object |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:130:14:130:15 | access to local variable y3 |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:130:14:130:15 | access to local variable y3 |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:133:28:133:28 | access to local variable o : Object |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:133:28:133:28 | access to local variable o : Object |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:134:14:134:15 | access to local variable y4 |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:134:14:134:15 | access to local variable y4 |
+| Tuples.cs:121:9:121:23 | (..., ...) [field Item1] : Object | Tuples.cs:121:9:121:32 | SSA def(x1) : Object |
+| Tuples.cs:121:9:121:23 | (..., ...) [field Item1] : Object | Tuples.cs:121:9:121:32 | SSA def(x1) : Object |
+| Tuples.cs:121:9:121:32 | SSA def(x1) : Object | Tuples.cs:122:14:122:15 | access to local variable x1 |
+| Tuples.cs:121:9:121:32 | SSA def(x1) : Object | Tuples.cs:122:14:122:15 | access to local variable x1 |
+| Tuples.cs:121:27:121:32 | (..., ...) [field Item1] : Object | Tuples.cs:121:9:121:23 | (..., ...) [field Item1] : Object |
+| Tuples.cs:121:27:121:32 | (..., ...) [field Item1] : Object | Tuples.cs:121:9:121:23 | (..., ...) [field Item1] : Object |
+| Tuples.cs:121:28:121:28 | access to local variable o : Object | Tuples.cs:121:27:121:32 | (..., ...) [field Item1] : Object |
+| Tuples.cs:121:28:121:28 | access to local variable o : Object | Tuples.cs:121:27:121:32 | (..., ...) [field Item1] : Object |
+| Tuples.cs:125:9:125:20 | (..., ...) [field Item1] : Object | Tuples.cs:125:9:125:29 | SSA def(x2) : Object |
+| Tuples.cs:125:9:125:20 | (..., ...) [field Item1] : Object | Tuples.cs:125:9:125:29 | SSA def(x2) : Object |
+| Tuples.cs:125:9:125:29 | SSA def(x2) : Object | Tuples.cs:126:14:126:15 | access to local variable x2 |
+| Tuples.cs:125:9:125:29 | SSA def(x2) : Object | Tuples.cs:126:14:126:15 | access to local variable x2 |
+| Tuples.cs:125:24:125:29 | (..., ...) [field Item1] : Object | Tuples.cs:125:9:125:20 | (..., ...) [field Item1] : Object |
+| Tuples.cs:125:24:125:29 | (..., ...) [field Item1] : Object | Tuples.cs:125:9:125:20 | (..., ...) [field Item1] : Object |
+| Tuples.cs:125:25:125:25 | access to local variable o : Object | Tuples.cs:125:24:125:29 | (..., ...) [field Item1] : Object |
+| Tuples.cs:125:25:125:25 | access to local variable o : Object | Tuples.cs:125:24:125:29 | (..., ...) [field Item1] : Object |
+| Tuples.cs:129:9:129:23 | (..., ...) [field Item2] : Object | Tuples.cs:129:9:129:32 | SSA def(y3) : Object |
+| Tuples.cs:129:9:129:23 | (..., ...) [field Item2] : Object | Tuples.cs:129:9:129:32 | SSA def(y3) : Object |
+| Tuples.cs:129:9:129:32 | SSA def(y3) : Object | Tuples.cs:130:14:130:15 | access to local variable y3 |
+| Tuples.cs:129:9:129:32 | SSA def(y3) : Object | Tuples.cs:130:14:130:15 | access to local variable y3 |
+| Tuples.cs:129:27:129:32 | (..., ...) [field Item2] : Object | Tuples.cs:129:9:129:23 | (..., ...) [field Item2] : Object |
+| Tuples.cs:129:27:129:32 | (..., ...) [field Item2] : Object | Tuples.cs:129:9:129:23 | (..., ...) [field Item2] : Object |
+| Tuples.cs:129:31:129:31 | access to local variable o : Object | Tuples.cs:129:27:129:32 | (..., ...) [field Item2] : Object |
+| Tuples.cs:129:31:129:31 | access to local variable o : Object | Tuples.cs:129:27:129:32 | (..., ...) [field Item2] : Object |
+| Tuples.cs:133:9:133:20 | (..., ...) [field Item2] : Object | Tuples.cs:133:9:133:29 | SSA def(y4) : Object |
+| Tuples.cs:133:9:133:20 | (..., ...) [field Item2] : Object | Tuples.cs:133:9:133:29 | SSA def(y4) : Object |
+| Tuples.cs:133:9:133:29 | SSA def(y4) : Object | Tuples.cs:134:14:134:15 | access to local variable y4 |
+| Tuples.cs:133:9:133:29 | SSA def(y4) : Object | Tuples.cs:134:14:134:15 | access to local variable y4 |
+| Tuples.cs:133:24:133:29 | (..., ...) [field Item2] : Object | Tuples.cs:133:9:133:20 | (..., ...) [field Item2] : Object |
+| Tuples.cs:133:24:133:29 | (..., ...) [field Item2] : Object | Tuples.cs:133:9:133:20 | (..., ...) [field Item2] : Object |
+| Tuples.cs:133:28:133:28 | access to local variable o : Object | Tuples.cs:133:24:133:29 | (..., ...) [field Item2] : Object |
+| Tuples.cs:133:28:133:28 | access to local variable o : Object | Tuples.cs:133:24:133:29 | (..., ...) [field Item2] : Object |
 nodes
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
-| Tuples.cs:7:17:7:56 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:7:21:7:34 | "taint source" : String | semmle.label | "taint source" : String |
-| Tuples.cs:7:37:7:55 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
-| Tuples.cs:7:41:7:54 | "taint source" : String | semmle.label | "taint source" : String |
-| Tuples.cs:8:9:8:23 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
-| Tuples.cs:8:9:8:23 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:8:9:8:23 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
-| Tuples.cs:8:9:8:27 | SSA def(a) : String | semmle.label | SSA def(a) : String |
-| Tuples.cs:8:9:8:27 | SSA def(c) : String | semmle.label | SSA def(c) : String |
-| Tuples.cs:9:14:9:14 | access to local variable a | semmle.label | access to local variable a |
-| Tuples.cs:11:14:11:14 | access to local variable c | semmle.label | access to local variable c |
-| Tuples.cs:13:9:13:19 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
-| Tuples.cs:13:9:13:19 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:13:9:13:23 | SSA def(a) : String | semmle.label | SSA def(a) : String |
-| Tuples.cs:13:9:13:23 | SSA def(c) : String | semmle.label | SSA def(c) : String |
-| Tuples.cs:13:13:13:18 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
-| Tuples.cs:14:14:14:14 | access to local variable a | semmle.label | access to local variable a |
-| Tuples.cs:16:14:16:14 | access to local variable c | semmle.label | access to local variable c |
-| Tuples.cs:18:9:18:22 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
-| Tuples.cs:18:9:18:22 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:18:9:18:26 | SSA def(p) : String | semmle.label | SSA def(p) : String |
-| Tuples.cs:18:9:18:26 | SSA def(q) [field Item2] : String | semmle.label | SSA def(q) [field Item2] : String |
-| Tuples.cs:19:14:19:14 | access to local variable p | semmle.label | access to local variable p |
-| Tuples.cs:21:14:21:14 | access to local variable q [field Item2] : String | semmle.label | access to local variable q [field Item2] : String |
-| Tuples.cs:21:14:21:20 | access to field Item2 | semmle.label | access to field Item2 |
-| Tuples.cs:23:14:23:14 | access to local variable x [field Item1] : String | semmle.label | access to local variable x [field Item1] : String |
-| Tuples.cs:23:14:23:20 | access to field Item1 | semmle.label | access to field Item1 |
-| Tuples.cs:24:14:24:14 | access to local variable x [field Item1] : String | semmle.label | access to local variable x [field Item1] : String |
-| Tuples.cs:24:14:24:16 | access to field Item1 | semmle.label | access to field Item1 |
-| Tuples.cs:26:14:26:14 | access to local variable x [field Item2, field Item2] : String | semmle.label | access to local variable x [field Item2, field Item2] : String |
-| Tuples.cs:26:14:26:20 | access to field Item2 [field Item2] : String | semmle.label | access to field Item2 [field Item2] : String |
-| Tuples.cs:26:14:26:26 | access to field Item2 | semmle.label | access to field Item2 |
-| Tuples.cs:31:17:31:72 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
-| Tuples.cs:31:17:31:72 | (..., ...) [field Item10] : String | semmle.label | (..., ...) [field Item10] : String |
-| Tuples.cs:31:18:31:31 | "taint source" : String | semmle.label | "taint source" : String |
-| Tuples.cs:31:58:31:71 | "taint source" : String | semmle.label | "taint source" : String |
-| Tuples.cs:32:14:32:14 | access to local variable x [field Item1] : String | semmle.label | access to local variable x [field Item1] : String |
-| Tuples.cs:32:14:32:20 | access to field Item1 | semmle.label | access to field Item1 |
-| Tuples.cs:34:14:34:14 | access to local variable x [field Item10] : String | semmle.label | access to local variable x [field Item10] : String |
-| Tuples.cs:34:14:34:21 | access to field Item10 | semmle.label | access to field Item10 |
-| Tuples.cs:39:17:39:68 | (...) ... [field Item1] : String | semmle.label | (...) ... [field Item1] : String |
-| Tuples.cs:39:47:39:68 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
-| Tuples.cs:39:48:39:61 | "taint source" : String | semmle.label | "taint source" : String |
-| Tuples.cs:40:14:40:14 | access to local variable x [field Item1] : String | semmle.label | access to local variable x [field Item1] : String |
-| Tuples.cs:40:14:40:20 | access to field Item1 | semmle.label | access to field Item1 |
-| Tuples.cs:50:17:50:56 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
-| Tuples.cs:50:17:50:56 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:50:18:50:31 | "taint source" : String | semmle.label | "taint source" : String |
-| Tuples.cs:50:34:50:52 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
-| Tuples.cs:50:38:50:51 | "taint source" : String | semmle.label | "taint source" : String |
-| Tuples.cs:53:18:53:57 | SSA def(t) [field Item1] : String | semmle.label | SSA def(t) [field Item1] : String |
-| Tuples.cs:53:18:53:57 | SSA def(t) [field Item2, field Item2] : String | semmle.label | SSA def(t) [field Item2, field Item2] : String |
-| Tuples.cs:54:22:54:22 | access to local variable t [field Item1] : String | semmle.label | access to local variable t [field Item1] : String |
-| Tuples.cs:54:22:54:28 | access to field Item1 | semmle.label | access to field Item1 |
-| Tuples.cs:55:22:55:22 | access to local variable t [field Item2, field Item2] : String | semmle.label | access to local variable t [field Item2, field Item2] : String |
-| Tuples.cs:55:22:55:28 | access to field Item2 [field Item2] : String | semmle.label | access to field Item2 [field Item2] : String |
-| Tuples.cs:55:22:55:34 | access to field Item2 | semmle.label | access to field Item2 |
-| Tuples.cs:58:18:58:35 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
-| Tuples.cs:58:18:58:35 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:58:18:58:35 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
-| Tuples.cs:58:23:58:23 | SSA def(a) : String | semmle.label | SSA def(a) : String |
-| Tuples.cs:58:30:58:30 | SSA def(c) : String | semmle.label | SSA def(c) : String |
-| Tuples.cs:59:22:59:22 | access to local variable a | semmle.label | access to local variable a |
-| Tuples.cs:60:22:60:22 | access to local variable c | semmle.label | access to local variable c |
-| Tuples.cs:77:18:77:35 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
-| Tuples.cs:77:18:77:35 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
-| Tuples.cs:77:18:77:35 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
-| Tuples.cs:77:23:77:23 | SSA def(p) : String | semmle.label | SSA def(p) : String |
-| Tuples.cs:77:30:77:30 | SSA def(r) : String | semmle.label | SSA def(r) : String |
-| Tuples.cs:79:18:79:18 | access to local variable p | semmle.label | access to local variable p |
-| Tuples.cs:80:18:80:18 | access to local variable r | semmle.label | access to local variable r |
-| Tuples.cs:89:17:89:41 | object creation of type R1 [property i] : String | semmle.label | object creation of type R1 [property i] : String |
-| Tuples.cs:89:24:89:37 | "taint source" : String | semmle.label | "taint source" : String |
-| Tuples.cs:90:14:90:14 | access to local variable r [property i] : String | semmle.label | access to local variable r [property i] : String |
-| Tuples.cs:90:14:90:16 | access to property i | semmle.label | access to property i |
+| Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | semmle.label | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:17:10:32 | (..., ...) [field Item2, field Item2] : Object | semmle.label | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:10:21:10:22 | access to local variable o1 : Object | semmle.label | access to local variable o1 : Object |
+| Tuples.cs:10:21:10:22 | access to local variable o1 : Object | semmle.label | access to local variable o1 : Object |
+| Tuples.cs:10:25:10:31 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:10:25:10:31 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:10:29:10:30 | access to local variable o2 : Object | semmle.label | access to local variable o2 : Object |
+| Tuples.cs:10:29:10:30 | access to local variable o2 : Object | semmle.label | access to local variable o2 : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item2, field Item2] : Object | semmle.label | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item2, field Item2] : Object | semmle.label | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:11:9:11:23 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:11:9:11:27 | SSA def(a) : Object | semmle.label | SSA def(a) : Object |
+| Tuples.cs:11:9:11:27 | SSA def(a) : Object | semmle.label | SSA def(a) : Object |
+| Tuples.cs:11:9:11:27 | SSA def(c) : Object | semmle.label | SSA def(c) : Object |
+| Tuples.cs:11:9:11:27 | SSA def(c) : Object | semmle.label | SSA def(c) : Object |
+| Tuples.cs:12:14:12:14 | access to local variable a | semmle.label | access to local variable a |
+| Tuples.cs:12:14:12:14 | access to local variable a | semmle.label | access to local variable a |
+| Tuples.cs:14:14:14:14 | access to local variable c | semmle.label | access to local variable c |
+| Tuples.cs:14:14:14:14 | access to local variable c | semmle.label | access to local variable c |
+| Tuples.cs:16:9:16:19 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:16:9:16:19 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:16:9:16:19 | (..., ...) [field Item2, field Item2] : Object | semmle.label | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:16:9:16:19 | (..., ...) [field Item2, field Item2] : Object | semmle.label | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:16:9:16:23 | SSA def(a) : Object | semmle.label | SSA def(a) : Object |
+| Tuples.cs:16:9:16:23 | SSA def(a) : Object | semmle.label | SSA def(a) : Object |
+| Tuples.cs:16:9:16:23 | SSA def(c) : Object | semmle.label | SSA def(c) : Object |
+| Tuples.cs:16:9:16:23 | SSA def(c) : Object | semmle.label | SSA def(c) : Object |
+| Tuples.cs:16:13:16:18 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:16:13:16:18 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:17:14:17:14 | access to local variable a | semmle.label | access to local variable a |
+| Tuples.cs:17:14:17:14 | access to local variable a | semmle.label | access to local variable a |
+| Tuples.cs:19:14:19:14 | access to local variable c | semmle.label | access to local variable c |
+| Tuples.cs:19:14:19:14 | access to local variable c | semmle.label | access to local variable c |
+| Tuples.cs:21:9:21:22 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:21:9:21:22 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:21:9:21:22 | (..., ...) [field Item2, field Item2] : Object | semmle.label | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:21:9:21:22 | (..., ...) [field Item2, field Item2] : Object | semmle.label | (..., ...) [field Item2, field Item2] : Object |
+| Tuples.cs:21:9:21:26 | SSA def(p) : Object | semmle.label | SSA def(p) : Object |
+| Tuples.cs:21:9:21:26 | SSA def(p) : Object | semmle.label | SSA def(p) : Object |
+| Tuples.cs:21:9:21:26 | SSA def(q) [field Item2] : Object | semmle.label | SSA def(q) [field Item2] : Object |
+| Tuples.cs:21:9:21:26 | SSA def(q) [field Item2] : Object | semmle.label | SSA def(q) [field Item2] : Object |
+| Tuples.cs:22:14:22:14 | access to local variable p | semmle.label | access to local variable p |
+| Tuples.cs:22:14:22:14 | access to local variable p | semmle.label | access to local variable p |
+| Tuples.cs:24:14:24:14 | access to local variable q [field Item2] : Object | semmle.label | access to local variable q [field Item2] : Object |
+| Tuples.cs:24:14:24:14 | access to local variable q [field Item2] : Object | semmle.label | access to local variable q [field Item2] : Object |
+| Tuples.cs:24:14:24:20 | access to field Item2 | semmle.label | access to field Item2 |
+| Tuples.cs:24:14:24:20 | access to field Item2 | semmle.label | access to field Item2 |
+| Tuples.cs:26:14:26:14 | access to local variable x [field Item1] : Object | semmle.label | access to local variable x [field Item1] : Object |
+| Tuples.cs:26:14:26:14 | access to local variable x [field Item1] : Object | semmle.label | access to local variable x [field Item1] : Object |
+| Tuples.cs:26:14:26:20 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:26:14:26:20 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:27:14:27:14 | access to local variable x [field Item1] : Object | semmle.label | access to local variable x [field Item1] : Object |
+| Tuples.cs:27:14:27:14 | access to local variable x [field Item1] : Object | semmle.label | access to local variable x [field Item1] : Object |
+| Tuples.cs:27:14:27:16 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:27:14:27:16 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:29:14:29:14 | access to local variable x [field Item2, field Item2] : Object | semmle.label | access to local variable x [field Item2, field Item2] : Object |
+| Tuples.cs:29:14:29:14 | access to local variable x [field Item2, field Item2] : Object | semmle.label | access to local variable x [field Item2, field Item2] : Object |
+| Tuples.cs:29:14:29:20 | access to field Item2 [field Item2] : Object | semmle.label | access to field Item2 [field Item2] : Object |
+| Tuples.cs:29:14:29:20 | access to field Item2 [field Item2] : Object | semmle.label | access to field Item2 [field Item2] : Object |
+| Tuples.cs:29:14:29:26 | access to field Item2 | semmle.label | access to field Item2 |
+| Tuples.cs:29:14:29:26 | access to field Item2 | semmle.label | access to field Item2 |
+| Tuples.cs:34:18:34:34 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:34:18:34:34 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:35:18:35:34 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:35:18:35:34 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:37:17:37:48 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:37:17:37:48 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:37:17:37:48 | (..., ...) [field Item10] : Object | semmle.label | (..., ...) [field Item10] : Object |
+| Tuples.cs:37:17:37:48 | (..., ...) [field Item10] : Object | semmle.label | (..., ...) [field Item10] : Object |
+| Tuples.cs:37:18:37:19 | access to local variable o1 : Object | semmle.label | access to local variable o1 : Object |
+| Tuples.cs:37:18:37:19 | access to local variable o1 : Object | semmle.label | access to local variable o1 : Object |
+| Tuples.cs:37:46:37:47 | access to local variable o2 : Object | semmle.label | access to local variable o2 : Object |
+| Tuples.cs:37:46:37:47 | access to local variable o2 : Object | semmle.label | access to local variable o2 : Object |
+| Tuples.cs:38:14:38:14 | access to local variable x [field Item1] : Object | semmle.label | access to local variable x [field Item1] : Object |
+| Tuples.cs:38:14:38:14 | access to local variable x [field Item1] : Object | semmle.label | access to local variable x [field Item1] : Object |
+| Tuples.cs:38:14:38:20 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:38:14:38:20 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:40:14:40:14 | access to local variable x [field Item10] : Object | semmle.label | access to local variable x [field Item10] : Object |
+| Tuples.cs:40:14:40:14 | access to local variable x [field Item10] : Object | semmle.label | access to local variable x [field Item10] : Object |
+| Tuples.cs:40:14:40:21 | access to field Item10 | semmle.label | access to field Item10 |
+| Tuples.cs:40:14:40:21 | access to field Item10 | semmle.label | access to field Item10 |
+| Tuples.cs:45:17:45:33 | call to method Source<String> : String | semmle.label | call to method Source<String> : String |
+| Tuples.cs:45:17:45:33 | call to method Source<String> : String | semmle.label | call to method Source<String> : String |
+| Tuples.cs:46:17:46:55 | (...) ... [field Item1] : String | semmle.label | (...) ... [field Item1] : String |
+| Tuples.cs:46:17:46:55 | (...) ... [field Item1] : String | semmle.label | (...) ... [field Item1] : String |
+| Tuples.cs:46:47:46:55 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
+| Tuples.cs:46:47:46:55 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
+| Tuples.cs:46:48:46:48 | access to local variable o : String | semmle.label | access to local variable o : String |
+| Tuples.cs:46:48:46:48 | access to local variable o : String | semmle.label | access to local variable o : String |
+| Tuples.cs:47:14:47:14 | access to local variable x [field Item1] : String | semmle.label | access to local variable x [field Item1] : String |
+| Tuples.cs:47:14:47:14 | access to local variable x [field Item1] : String | semmle.label | access to local variable x [field Item1] : String |
+| Tuples.cs:47:14:47:20 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:47:14:47:20 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:57:18:57:34 | call to method Source<String> : String | semmle.label | call to method Source<String> : String |
+| Tuples.cs:57:18:57:34 | call to method Source<String> : String | semmle.label | call to method Source<String> : String |
+| Tuples.cs:58:18:58:34 | call to method Source<String> : String | semmle.label | call to method Source<String> : String |
+| Tuples.cs:58:18:58:34 | call to method Source<String> : String | semmle.label | call to method Source<String> : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:59:17:59:32 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:59:18:59:19 | access to local variable o1 : String | semmle.label | access to local variable o1 : String |
+| Tuples.cs:59:18:59:19 | access to local variable o1 : String | semmle.label | access to local variable o1 : String |
+| Tuples.cs:59:22:59:28 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
+| Tuples.cs:59:22:59:28 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
+| Tuples.cs:59:26:59:27 | access to local variable o2 : String | semmle.label | access to local variable o2 : String |
+| Tuples.cs:59:26:59:27 | access to local variable o2 : String | semmle.label | access to local variable o2 : String |
+| Tuples.cs:62:18:62:57 | SSA def(t) [field Item1] : String | semmle.label | SSA def(t) [field Item1] : String |
+| Tuples.cs:62:18:62:57 | SSA def(t) [field Item1] : String | semmle.label | SSA def(t) [field Item1] : String |
+| Tuples.cs:62:18:62:57 | SSA def(t) [field Item2, field Item2] : String | semmle.label | SSA def(t) [field Item2, field Item2] : String |
+| Tuples.cs:62:18:62:57 | SSA def(t) [field Item2, field Item2] : String | semmle.label | SSA def(t) [field Item2, field Item2] : String |
+| Tuples.cs:63:22:63:22 | access to local variable t [field Item1] : String | semmle.label | access to local variable t [field Item1] : String |
+| Tuples.cs:63:22:63:22 | access to local variable t [field Item1] : String | semmle.label | access to local variable t [field Item1] : String |
+| Tuples.cs:63:22:63:28 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:63:22:63:28 | access to field Item1 | semmle.label | access to field Item1 |
+| Tuples.cs:64:22:64:22 | access to local variable t [field Item2, field Item2] : String | semmle.label | access to local variable t [field Item2, field Item2] : String |
+| Tuples.cs:64:22:64:22 | access to local variable t [field Item2, field Item2] : String | semmle.label | access to local variable t [field Item2, field Item2] : String |
+| Tuples.cs:64:22:64:28 | access to field Item2 [field Item2] : String | semmle.label | access to field Item2 [field Item2] : String |
+| Tuples.cs:64:22:64:28 | access to field Item2 [field Item2] : String | semmle.label | access to field Item2 [field Item2] : String |
+| Tuples.cs:64:22:64:34 | access to field Item2 | semmle.label | access to field Item2 |
+| Tuples.cs:64:22:64:34 | access to field Item2 | semmle.label | access to field Item2 |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
+| Tuples.cs:67:18:67:35 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
+| Tuples.cs:67:23:67:23 | SSA def(a) : String | semmle.label | SSA def(a) : String |
+| Tuples.cs:67:23:67:23 | SSA def(a) : String | semmle.label | SSA def(a) : String |
+| Tuples.cs:67:30:67:30 | SSA def(c) : String | semmle.label | SSA def(c) : String |
+| Tuples.cs:67:30:67:30 | SSA def(c) : String | semmle.label | SSA def(c) : String |
+| Tuples.cs:68:22:68:22 | access to local variable a | semmle.label | access to local variable a |
+| Tuples.cs:68:22:68:22 | access to local variable a | semmle.label | access to local variable a |
+| Tuples.cs:69:22:69:22 | access to local variable c | semmle.label | access to local variable c |
+| Tuples.cs:69:22:69:22 | access to local variable c | semmle.label | access to local variable c |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item1] : String | semmle.label | (..., ...) [field Item1] : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item2, field Item2] : String | semmle.label | (..., ...) [field Item2, field Item2] : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
+| Tuples.cs:87:18:87:35 | (..., ...) [field Item2] : String | semmle.label | (..., ...) [field Item2] : String |
+| Tuples.cs:87:23:87:23 | SSA def(p) : String | semmle.label | SSA def(p) : String |
+| Tuples.cs:87:23:87:23 | SSA def(p) : String | semmle.label | SSA def(p) : String |
+| Tuples.cs:87:30:87:30 | SSA def(r) : String | semmle.label | SSA def(r) : String |
+| Tuples.cs:87:30:87:30 | SSA def(r) : String | semmle.label | SSA def(r) : String |
+| Tuples.cs:89:18:89:18 | access to local variable p | semmle.label | access to local variable p |
+| Tuples.cs:89:18:89:18 | access to local variable p | semmle.label | access to local variable p |
+| Tuples.cs:90:18:90:18 | access to local variable r | semmle.label | access to local variable r |
+| Tuples.cs:90:18:90:18 | access to local variable r | semmle.label | access to local variable r |
+| Tuples.cs:99:17:99:33 | call to method Source<String> : String | semmle.label | call to method Source<String> : String |
+| Tuples.cs:99:17:99:33 | call to method Source<String> : String | semmle.label | call to method Source<String> : String |
+| Tuples.cs:100:17:100:28 | object creation of type R1 [property i] : String | semmle.label | object creation of type R1 [property i] : String |
+| Tuples.cs:100:17:100:28 | object creation of type R1 [property i] : String | semmle.label | object creation of type R1 [property i] : String |
+| Tuples.cs:100:24:100:24 | access to local variable o : String | semmle.label | access to local variable o : String |
+| Tuples.cs:100:24:100:24 | access to local variable o : String | semmle.label | access to local variable o : String |
+| Tuples.cs:101:14:101:14 | access to local variable r [property i] : String | semmle.label | access to local variable r [property i] : String |
+| Tuples.cs:101:14:101:14 | access to local variable r [property i] : String | semmle.label | access to local variable r [property i] : String |
+| Tuples.cs:101:14:101:16 | access to property i | semmle.label | access to property i |
+| Tuples.cs:101:14:101:16 | access to property i | semmle.label | access to property i |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | semmle.label | call to method Source<Object> : Object |
+| Tuples.cs:121:9:121:23 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:121:9:121:23 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:121:9:121:32 | SSA def(x1) : Object | semmle.label | SSA def(x1) : Object |
+| Tuples.cs:121:9:121:32 | SSA def(x1) : Object | semmle.label | SSA def(x1) : Object |
+| Tuples.cs:121:27:121:32 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:121:27:121:32 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:121:28:121:28 | access to local variable o : Object | semmle.label | access to local variable o : Object |
+| Tuples.cs:121:28:121:28 | access to local variable o : Object | semmle.label | access to local variable o : Object |
+| Tuples.cs:122:14:122:15 | access to local variable x1 | semmle.label | access to local variable x1 |
+| Tuples.cs:122:14:122:15 | access to local variable x1 | semmle.label | access to local variable x1 |
+| Tuples.cs:125:9:125:20 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:125:9:125:20 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:125:9:125:29 | SSA def(x2) : Object | semmle.label | SSA def(x2) : Object |
+| Tuples.cs:125:9:125:29 | SSA def(x2) : Object | semmle.label | SSA def(x2) : Object |
+| Tuples.cs:125:24:125:29 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:125:24:125:29 | (..., ...) [field Item1] : Object | semmle.label | (..., ...) [field Item1] : Object |
+| Tuples.cs:125:25:125:25 | access to local variable o : Object | semmle.label | access to local variable o : Object |
+| Tuples.cs:125:25:125:25 | access to local variable o : Object | semmle.label | access to local variable o : Object |
+| Tuples.cs:126:14:126:15 | access to local variable x2 | semmle.label | access to local variable x2 |
+| Tuples.cs:126:14:126:15 | access to local variable x2 | semmle.label | access to local variable x2 |
+| Tuples.cs:129:9:129:23 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:129:9:129:23 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:129:9:129:32 | SSA def(y3) : Object | semmle.label | SSA def(y3) : Object |
+| Tuples.cs:129:9:129:32 | SSA def(y3) : Object | semmle.label | SSA def(y3) : Object |
+| Tuples.cs:129:27:129:32 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:129:27:129:32 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:129:31:129:31 | access to local variable o : Object | semmle.label | access to local variable o : Object |
+| Tuples.cs:129:31:129:31 | access to local variable o : Object | semmle.label | access to local variable o : Object |
+| Tuples.cs:130:14:130:15 | access to local variable y3 | semmle.label | access to local variable y3 |
+| Tuples.cs:130:14:130:15 | access to local variable y3 | semmle.label | access to local variable y3 |
+| Tuples.cs:133:9:133:20 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:133:9:133:20 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:133:9:133:29 | SSA def(y4) : Object | semmle.label | SSA def(y4) : Object |
+| Tuples.cs:133:9:133:29 | SSA def(y4) : Object | semmle.label | SSA def(y4) : Object |
+| Tuples.cs:133:24:133:29 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:133:24:133:29 | (..., ...) [field Item2] : Object | semmle.label | (..., ...) [field Item2] : Object |
+| Tuples.cs:133:28:133:28 | access to local variable o : Object | semmle.label | access to local variable o : Object |
+| Tuples.cs:133:28:133:28 | access to local variable o : Object | semmle.label | access to local variable o : Object |
+| Tuples.cs:134:14:134:15 | access to local variable y4 | semmle.label | access to local variable y4 |
+| Tuples.cs:134:14:134:15 | access to local variable y4 | semmle.label | access to local variable y4 |
 subpaths
 #select
-| Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:9:14:9:14 | access to local variable a | $@ | Tuples.cs:9:14:9:14 | access to local variable a | access to local variable a |
-| Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:14:14:14:14 | access to local variable a | $@ | Tuples.cs:14:14:14:14 | access to local variable a | access to local variable a |
-| Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:19:14:19:14 | access to local variable p | $@ | Tuples.cs:19:14:19:14 | access to local variable p | access to local variable p |
-| Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:23:14:23:20 | access to field Item1 | $@ | Tuples.cs:23:14:23:20 | access to field Item1 | access to field Item1 |
-| Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:7:21:7:34 | "taint source" : String | Tuples.cs:24:14:24:16 | access to field Item1 | $@ | Tuples.cs:24:14:24:16 | access to field Item1 | access to field Item1 |
-| Tuples.cs:7:41:7:54 | "taint source" : String | Tuples.cs:7:41:7:54 | "taint source" : String | Tuples.cs:11:14:11:14 | access to local variable c | $@ | Tuples.cs:11:14:11:14 | access to local variable c | access to local variable c |
-| Tuples.cs:7:41:7:54 | "taint source" : String | Tuples.cs:7:41:7:54 | "taint source" : String | Tuples.cs:16:14:16:14 | access to local variable c | $@ | Tuples.cs:16:14:16:14 | access to local variable c | access to local variable c |
-| Tuples.cs:7:41:7:54 | "taint source" : String | Tuples.cs:7:41:7:54 | "taint source" : String | Tuples.cs:21:14:21:20 | access to field Item2 | $@ | Tuples.cs:21:14:21:20 | access to field Item2 | access to field Item2 |
-| Tuples.cs:7:41:7:54 | "taint source" : String | Tuples.cs:7:41:7:54 | "taint source" : String | Tuples.cs:26:14:26:26 | access to field Item2 | $@ | Tuples.cs:26:14:26:26 | access to field Item2 | access to field Item2 |
-| Tuples.cs:31:18:31:31 | "taint source" : String | Tuples.cs:31:18:31:31 | "taint source" : String | Tuples.cs:32:14:32:20 | access to field Item1 | $@ | Tuples.cs:32:14:32:20 | access to field Item1 | access to field Item1 |
-| Tuples.cs:31:58:31:71 | "taint source" : String | Tuples.cs:31:58:31:71 | "taint source" : String | Tuples.cs:34:14:34:21 | access to field Item10 | $@ | Tuples.cs:34:14:34:21 | access to field Item10 | access to field Item10 |
-| Tuples.cs:39:48:39:61 | "taint source" : String | Tuples.cs:39:48:39:61 | "taint source" : String | Tuples.cs:40:14:40:20 | access to field Item1 | $@ | Tuples.cs:40:14:40:20 | access to field Item1 | access to field Item1 |
-| Tuples.cs:50:18:50:31 | "taint source" : String | Tuples.cs:50:18:50:31 | "taint source" : String | Tuples.cs:54:22:54:28 | access to field Item1 | $@ | Tuples.cs:54:22:54:28 | access to field Item1 | access to field Item1 |
-| Tuples.cs:50:18:50:31 | "taint source" : String | Tuples.cs:50:18:50:31 | "taint source" : String | Tuples.cs:59:22:59:22 | access to local variable a | $@ | Tuples.cs:59:22:59:22 | access to local variable a | access to local variable a |
-| Tuples.cs:50:18:50:31 | "taint source" : String | Tuples.cs:50:18:50:31 | "taint source" : String | Tuples.cs:79:18:79:18 | access to local variable p | $@ | Tuples.cs:79:18:79:18 | access to local variable p | access to local variable p |
-| Tuples.cs:50:38:50:51 | "taint source" : String | Tuples.cs:50:38:50:51 | "taint source" : String | Tuples.cs:55:22:55:34 | access to field Item2 | $@ | Tuples.cs:55:22:55:34 | access to field Item2 | access to field Item2 |
-| Tuples.cs:50:38:50:51 | "taint source" : String | Tuples.cs:50:38:50:51 | "taint source" : String | Tuples.cs:60:22:60:22 | access to local variable c | $@ | Tuples.cs:60:22:60:22 | access to local variable c | access to local variable c |
-| Tuples.cs:50:38:50:51 | "taint source" : String | Tuples.cs:50:38:50:51 | "taint source" : String | Tuples.cs:80:18:80:18 | access to local variable r | $@ | Tuples.cs:80:18:80:18 | access to local variable r | access to local variable r |
-| Tuples.cs:89:24:89:37 | "taint source" : String | Tuples.cs:89:24:89:37 | "taint source" : String | Tuples.cs:90:14:90:16 | access to property i | $@ | Tuples.cs:90:14:90:16 | access to property i | access to property i |
+| Tuples.cs:12:14:12:14 | access to local variable a | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | Tuples.cs:12:14:12:14 | access to local variable a | $@ | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:14:14:14:14 | access to local variable c | Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | Tuples.cs:14:14:14:14 | access to local variable c | $@ | Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:17:14:17:14 | access to local variable a | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | Tuples.cs:17:14:17:14 | access to local variable a | $@ | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:19:14:19:14 | access to local variable c | Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | Tuples.cs:19:14:19:14 | access to local variable c | $@ | Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:22:14:22:14 | access to local variable p | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | Tuples.cs:22:14:22:14 | access to local variable p | $@ | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:24:14:24:20 | access to field Item2 | Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | Tuples.cs:24:14:24:20 | access to field Item2 | $@ | Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:26:14:26:20 | access to field Item1 | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | Tuples.cs:26:14:26:20 | access to field Item1 | $@ | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:27:14:27:16 | access to field Item1 | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | Tuples.cs:27:14:27:16 | access to field Item1 | $@ | Tuples.cs:7:18:7:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:29:14:29:26 | access to field Item2 | Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | Tuples.cs:29:14:29:26 | access to field Item2 | $@ | Tuples.cs:8:18:8:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:38:14:38:20 | access to field Item1 | Tuples.cs:34:18:34:34 | call to method Source<Object> : Object | Tuples.cs:38:14:38:20 | access to field Item1 | $@ | Tuples.cs:34:18:34:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:40:14:40:21 | access to field Item10 | Tuples.cs:35:18:35:34 | call to method Source<Object> : Object | Tuples.cs:40:14:40:21 | access to field Item10 | $@ | Tuples.cs:35:18:35:34 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:47:14:47:20 | access to field Item1 | Tuples.cs:45:17:45:33 | call to method Source<String> : String | Tuples.cs:47:14:47:20 | access to field Item1 | $@ | Tuples.cs:45:17:45:33 | call to method Source<String> : String | call to method Source<String> : String |
+| Tuples.cs:63:22:63:28 | access to field Item1 | Tuples.cs:57:18:57:34 | call to method Source<String> : String | Tuples.cs:63:22:63:28 | access to field Item1 | $@ | Tuples.cs:57:18:57:34 | call to method Source<String> : String | call to method Source<String> : String |
+| Tuples.cs:64:22:64:34 | access to field Item2 | Tuples.cs:58:18:58:34 | call to method Source<String> : String | Tuples.cs:64:22:64:34 | access to field Item2 | $@ | Tuples.cs:58:18:58:34 | call to method Source<String> : String | call to method Source<String> : String |
+| Tuples.cs:68:22:68:22 | access to local variable a | Tuples.cs:57:18:57:34 | call to method Source<String> : String | Tuples.cs:68:22:68:22 | access to local variable a | $@ | Tuples.cs:57:18:57:34 | call to method Source<String> : String | call to method Source<String> : String |
+| Tuples.cs:69:22:69:22 | access to local variable c | Tuples.cs:58:18:58:34 | call to method Source<String> : String | Tuples.cs:69:22:69:22 | access to local variable c | $@ | Tuples.cs:58:18:58:34 | call to method Source<String> : String | call to method Source<String> : String |
+| Tuples.cs:89:18:89:18 | access to local variable p | Tuples.cs:57:18:57:34 | call to method Source<String> : String | Tuples.cs:89:18:89:18 | access to local variable p | $@ | Tuples.cs:57:18:57:34 | call to method Source<String> : String | call to method Source<String> : String |
+| Tuples.cs:90:18:90:18 | access to local variable r | Tuples.cs:58:18:58:34 | call to method Source<String> : String | Tuples.cs:90:18:90:18 | access to local variable r | $@ | Tuples.cs:58:18:58:34 | call to method Source<String> : String | call to method Source<String> : String |
+| Tuples.cs:101:14:101:16 | access to property i | Tuples.cs:99:17:99:33 | call to method Source<String> : String | Tuples.cs:101:14:101:16 | access to property i | $@ | Tuples.cs:99:17:99:33 | call to method Source<String> : String | call to method Source<String> : String |
+| Tuples.cs:122:14:122:15 | access to local variable x1 | Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:122:14:122:15 | access to local variable x1 | $@ | Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:126:14:126:15 | access to local variable x2 | Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:126:14:126:15 | access to local variable x2 | $@ | Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:130:14:130:15 | access to local variable y3 | Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:130:14:130:15 | access to local variable y3 | $@ | Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | call to method Source<Object> : Object |
+| Tuples.cs:134:14:134:15 | access to local variable y4 | Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | Tuples.cs:134:14:134:15 | access to local variable y4 | $@ | Tuples.cs:118:17:118:33 | call to method Source<Object> : Object | call to method Source<Object> : Object |

csharp/ql/test/library-tests/dataflow/tuples/Tuples.ql

@@ -4,22 +4,8 @@
 
 import csharp
 import DataFlow::PathGraph
+import TestUtilities.InlineFlowTest
 
-class Conf extends DataFlow::Configuration {
-  Conf() { this = "TuplesConf" }
-
-  override predicate isSource(DataFlow::Node src) {
-    src.asExpr().(StringLiteral).getValue() = "taint source"
-  }
-
-  override predicate isSink(DataFlow::Node sink) {
-    exists(MethodCall mc |
-      mc.getTarget().hasUndecoratedName("Sink") and
-      mc.getAnArgument() = sink.asExpr()
-    )
-  }
-}
-
-from DataFlow::PathNode source, DataFlow::PathNode sink, Conf conf
+from DataFlow::PathNode source, DataFlow::PathNode sink, DefaultValueFlowConf conf
 where conf.hasFlowPath(source, sink)
-select source, source, sink, "$@", sink, sink.toString()
+select sink, source, sink, "$@", source, source.toString()

docs/codeql/codeql-cli/extractor-options.rst

@@ -10,32 +10,34 @@ setting extractor configuration options through the CodeQL CLI.
 About extractor options
 -----------------------
 
-Each extractor defines its own set of configuration options. To find out which options are available for a particular extractor, you can run ``codeql resolve languages`` or ``codeql resolve extractor`` with the ``--format=betterjson`` option. The ``betterjson`` output format provides the root paths of extractors and additional information. The output of ``codeql resolve extractor --format=betterjson`` will often be formatted like the following example::
+Each extractor defines its own set of configuration options. To find out which options are available for a particular extractor, you can run ``codeql resolve languages`` or ``codeql resolve extractor`` with the ``--format=betterjson`` option. The ``betterjson`` output format provides the root paths of extractors and additional information. The output of ``codeql resolve extractor --format=betterjson`` will often be formatted like the following example:
+
+.. code-block:: json
 
     {
-         "extractor_root" : "/home/user/codeql/java",
-         "extractor_options" : {
-             "option1" : {
-             "title" : "Java extractor option 1",
-             "description" : "An example string option for the Java extractor.",
-             "type" : "string",
-             "pattern" : "[a-z]+"
-             },
-         "group1" : {
-             "title" : "Java extractor group 1",
-             "description" : "An example option group for the Java extractor.",
-             "type" : "object",
-             "properties" : {
-                 "option2" : {
-                     "title" : "Java extractor option 2",
-                     "description" : "An example array option for the Java extractor",
-                     "type" : "array",
-                     "pattern" : "[1-9][0-9]*"
+        "extractor_root" : "/home/user/codeql/java",
+        "extractor_options" : {
+            "option1" : {
+                "title" : "Java extractor option 1",
+                "description" : "An example string option for the Java extractor.",
+                "type" : "string",
+                "pattern" : "[a-z]+"
+            },
+            "group1" : {
+                "title" : "Java extractor group 1",
+                "description" : "An example option group for the Java extractor.",
+                "type" : "object",
+                "properties" : {
+                    "option2" : {
+                        "title" : "Java extractor option 2",
+                        "description" : "An example array option for the Java extractor",
+                        "type" : "array",
+                        "pattern" : "[1-9][0-9]*"
+                    }
                 }
-             }
-         }
-         }
-     }
+            }
+        }
+    }
 
 The extractor option names and descriptions are listed under ``extractor_options``. Each option may contain the following fields:
 
@@ -93,27 +95,31 @@ You can also set extractor options through a file. The CodeQL CLI subcommands th
 
 Each option file contains a tree structure of nested maps. At the root is an extractor map key, and beneath it are map keys that correspond to extractor names. Starting at the third level, there are extractor options and option groups.
 
-In JSON::
+In JSON:
+
+.. code-block:: json
 
     {
          "extractor" : {
-             “java”: {
-                 "option1" : “abc”,
-                 "group1" : {
-                 "option2" : [ 102 ]
-                 }
-             }
-         }
-     }
+            "java": {
+                "option1" : "abc",
+                "group1" : {
+                    "option2" : [ 102 ]
+                }
+            }
+        }
+    }
 
 
-In YAML::
+In YAML:
+
+.. code-block:: yaml
 
     extractor:
-     java:
-         option1: “abc”
-         group1:
-             option2: [ 102 ]
+        java:
+            option1: "abc"
+            group1:
+                option2: [ 102 ]
 
 The value for a ``string`` extractor option must be a string or a number (which will be converted to a string before further processing).
 
@@ -123,14 +129,16 @@ The value for an option group (of type ``object``) must be a map, which may cont
 
 Each extractor option value must match the regular expression pattern of the extractor option (if it exists), and it must not contain newline characters.
 
-Assigning an extractor option that does not exist is an error. You can make the CodeQL CLI ignore unknown extractor options by using a special ``__allow_unknown_properties`` Boolean field. For example, the following option file asks the CodeQL CLI to ignore all unknown extractor options and option groups under ``group1``::
+Assigning an extractor option that does not exist is an error. You can make the CodeQL CLI ignore unknown extractor options by using a special ``__allow_unknown_properties`` Boolean field. For example, the following option file asks the CodeQL CLI to ignore all unknown extractor options and option groups under ``group1``:
+
+.. code-block:: yaml
 
     extractor:
-     java:
-         option1: “abc”
-         group1:
-             __allow_unknown_properties: true
-             option2: [ 102 ]
+        java:
+            option1: "abc"
+            group1:
+                __allow_unknown_properties: true
+                option2: [ 102 ]
 
 You can specify ``--extractor-options-file`` multiple times. The extractor option assignments are processed in the following order:
 

docs/codeql/codeql-cli/getting-started-with-the-codeql-cli.rst

@@ -200,7 +200,8 @@ clone and rename the repository in a single step by running
 
 The CodeQL libraries and queries for Go analysis live in the `CodeQL for Go
 repository <https://github.com/github/codeql-go/>`__. Clone a copy of this
-repository into ``codeql-home``.
+repository into ``codeql-home``, and run ``codeql-go/scripts/install-deps.sh``
+to install its dependencies.
 
 The cloned repositories should have a sibling relationship.
 For example, if the root of the cloned CodeQL repository is

docs/codeql/support/reusables/versions-compilers.rst

@@ -11,11 +11,11 @@
    Microsoft extensions (up to VS 2019),
 
    Arm Compiler 5 [3]_","``.cpp``, ``.c++``, ``.cxx``, ``.hpp``, ``.hh``, ``.h++``, ``.hxx``, ``.c``, ``.cc``, ``.h``"
-   C#,C# up to 9.0,"Microsoft Visual Studio up to 2019 with .NET up to 4.8,
+   C#,C# up to 10.0,"Microsoft Visual Studio up to 2019 with .NET up to 4.8,
 
    .NET Core up to 3.1
 
-   .NET 5","``.sln``, ``.csproj``, ``.cs``, ``.cshtml``, ``.xaml``"
+   .NET 5, .NET 6","``.sln``, ``.csproj``, ``.cs``, ``.cshtml``, ``.xaml``"
    Go (aka Golang), "Go up to 1.17", "Go 1.11 or more recent", ``.go``
    Java,"Java 7 to 16 [4]_","javac (OpenJDK and Oracle JDK),
 

java/ql/lib/CHANGELOG.md

@@ -1,3 +1,11 @@
+## 0.0.9
+
+## 0.0.8
+
+### Deprecated APIs
+
+* The `codeql/java-upgrades` CodeQL pack has been removed. All upgrades scripts have been merged into the `codeql/java-all` CodeQL pack.
+
 ## 0.0.7
 
 ## 0.0.6