mirror of
https://github.com/github/codeql.git
synced 2026-05-24 08:07:07 +02:00
0a003edaa7
When join-ordering and evaluating this conjunction, it is preferable to start with the relatively small set of `sanitizer` calls, then compute the set of SSA variables accessed as the arguments of those sanitizer calls, then reason about how those variables are used in phi nodes. Use directional binding pragmas to encourage this join order by picking `sanitizer` first, and discourage picking the opposite join order starting with `phi`. This impacts performance of the ATM XSS queries on large databases like Node, where computing all variable accesses from phi nodes leads to 435M+ tuples.