Skip to content

Rust: Make SummarizedCallable extend Function instead of string #19268

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 18, 2025
Merged

Rust: Make SummarizedCallable extend Function instead of string #19268

merged 1 commit into from
Jun 18, 2025
+476 −669

Conversation

hvitved
Copy link
Contributor

@hvitved hvitved commented Apr 10, 2025
edited
Loading

This PR changes the base class of SummarizedCallable from string to Function, thereby reusing the existing function entities already extracted instead of synthesizing new entities.

This is a big step towards using QL computed canonical paths in models-as-data instead of using extractor provided canonical paths.

A lot of preliminary PRs mean that we mostly retain results, however as witnessed by the tests, we still lose some results. This is largely because:

@github-actions github-actions bot added the Rust Pull requests that update Rust code label Apr 10, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 10, 2025
View reviewed changes
rust/ql/lib/codeql/rust/internal/TypeInference.qll Outdated
@@ -1017,3 +1017,26 @@
* Gets a type that `n` infers to, if any.
*/
Type inferType(AstNode n) { result = inferType(n, TypePath::nil()) }

/** Provides predicates for debugging the type inference implementation. */
private module Debug {

Check warning

Code scanning / CodeQL

Dead code Warning

This code is never used, and it's not publicly exported.
rust/ql/lib/codeql/rust/internal/TypeInference.qll
/** Provides predicates for debugging the type inference implementation. */
private module Debug {
private Locatable getRelevantLocatable() {
exists(string filepath, int startline, int startcolumn, int endline, int endcolumn |

Check warning

Code scanning / CodeQL

Omittable 'exists' variable Warning

This exists variable can be omitted by using a don't-care expression
in this argument
Loading
.
rust/ql/lib/codeql/rust/internal/TypeInference.qll
/** Provides predicates for debugging the type inference implementation. */
private module Debug {
private Locatable getRelevantLocatable() {
exists(string filepath, int startline, int startcolumn, int endline, int endcolumn |

Check warning

Code scanning / CodeQL

Omittable 'exists' variable Warning

This exists variable can be omitted by using a don't-care expression
in this argument
Loading
.
rust/ql/lib/codeql/rust/internal/TypeInference.qll
/** Provides predicates for debugging the type inference implementation. */
private module Debug {
private Locatable getRelevantLocatable() {
exists(string filepath, int startline, int startcolumn, int endline, int endcolumn |

Check warning

Code scanning / CodeQL

Omittable 'exists' variable Warning

This exists variable can be omitted by using a don't-care expression
in this argument
Loading
.
@hvitved hvitved force-pushed the rust/summarized-callable-base branch 3 times, most recently from 86ccc96 to a91cc6b Compare April 29, 2025 08:53
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 29, 2025
View reviewed changes
@hvitved hvitved force-pushed the rust/summarized-callable-base branch 4 times, most recently from d8b7085 to 10a72f7 Compare May 2, 2025 09:07
@hvitved hvitved force-pushed the rust/summarized-callable-base branch 3 times, most recently from 9b1cd94 to 2a2e7d5 Compare May 19, 2025 08:02
@hvitved hvitved force-pushed the rust/summarized-callable-base branch 3 times, most recently from e0a2c1d to dc9700e Compare May 27, 2025 10:36
@hvitved hvitved force-pushed the rust/summarized-callable-base branch from dc9700e to 4224947 Compare June 3, 2025 08:42
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 3, 2025
View reviewed changes
@hvitved hvitved force-pushed the rust/summarized-callable-base branch 4 times, most recently from b0991ad to c29c5f9 Compare June 10, 2025 09:42
@hvitved hvitved force-pushed the rust/summarized-callable-base branch 8 times, most recently from c1959ca to 73c4919 Compare June 15, 2025 18:14
@hvitved hvitved force-pushed the rust/summarized-callable-base branch 5 times, most recently from afa16ea to 58cd7b0 Compare June 16, 2025 11:06
@hvitved hvitved marked this pull request as ready for review June 16, 2025 11:19
@hvitved hvitved requested a review from a team as a code owner June 16, 2025 11:19
geoffw0
geoffw0 reviewed Jun 17, 2025
View reviewed changes
Copy link
Contributor

@geoffw0 geoffw0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test and DCA changes LGTM (I haven't reviewed the QL changes).

There are some losses (in particular: common data flow paths in tests) but they're well understood / documented with plans in place to get them back. 👍

rust/ql/test/library-tests/dataflow/sources/test_futures_io.rs
use futures_rustls::TlsConnector;
use std::io;
use std::pin::Pin;
use std::task::{Context, Poll};
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are we changing the imports for this test?

If it was done by an auto-formatter can be avoid doing that in future, we do not want to test only auto-formatted target code.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it was auto-format.

@hvitved hvitved force-pushed the rust/summarized-callable-base branch from 58cd7b0 to b978d35 Compare June 17, 2025 09:36
@hvitved hvitved force-pushed the rust/summarized-callable-base branch from b978d35 to 433756d Compare June 17, 2025 12:13
@geoffw0 geoffw0 mentioned this pull request Jun 17, 2025
Draft
paldepind
paldepind requested changes Jun 17, 2025
View reviewed changes
Copy link
Contributor

@paldepind paldepind left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! Only one nitpick.

One question, is using string for SummarizedCallable the approach taken for dynamic languages? Or is that some third approach?

rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll
target = result.asCfgScope()
or
target = result.asSummarizedCallable()
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess this is a key change? We now use getStaticTarget target in both cases, whereas we previously used getACall in the later case, which used extractor provided canonical paths internally.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Absolutely correct.

rust/ql/lib/codeql/rust/internal/PathResolution.qll
filepath.matches("%/test.rs") and
startline = 74
filepath.matches("%/main.rs") and
startline = 52
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be nice not to commit these changes. For instance, when looking at the history of a file it's easier if the commits that show up actually make meaningful changes.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point, I'll avoid that going forward.

rust/ql/lib/codeql/rust/internal/TypeInference.qll
filepath.matches("%/main.rs") and
startline = 1718
filepath.matches("%/sqlx.rs") and
startline = [56 .. 60]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Save as above.

@hvitved
Copy link
Contributor Author

hvitved commented Jun 17, 2025

One question, is using string for SummarizedCallable the approach taken for dynamic languages? Or is that some third approach?

Yes, that is indeed the approach taken there, where there are no extracted entities to use.

@hvitved hvitved merged commit bef07a7 into github:main Jun 18, 2025
18 checks passed
@hvitved hvitved deleted the rust/summarized-callable-base branch June 18, 2025 06:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geoffw0 geoffw0 geoffw0 left review comments

@paldepind paldepind paldepind approved these changes

Assignees
No one assigned
Labels
Rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hvitved @paldepind @geoffw0