Skip to content

Rust: Use type inference to insert implicit borrows and derefs #19419

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 1, 2025
Merged

Rust: Use type inference to insert implicit borrows and derefs #19419

merged 2 commits into from
May 1, 2025
+27 −94

Conversation

paldepind
Copy link
Contributor

@paldepind paldepind commented Apr 30, 2025
edited
Loading

Removes the current heuristic for implicit borrows and derefs and determines these based on type inference instead.

  • Some false flow is removed in a few tests.
  • Improvements to the output of the model generation visible in the test output changes.
  • Nothing reported by the DCA.

@github-actions github-actions bot added the Rust Pull requests that update Rust code label Apr 30, 2025
@paldepind paldepind force-pushed the rust-precise-implicit-deref-borrow branch from 4158477 to f584d22 Compare April 30, 2025 12:44
@paldepind paldepind marked this pull request as ready for review April 30, 2025 13:25
@Copilot Copilot AI review requested due to automatic review settings April 30, 2025 13:25
@paldepind paldepind requested a review from a team as a code owner April 30, 2025 13:25
Copilot
Copilot AI reviewed Apr 30, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR refactors the logic for implicit borrows and dereferences by basing them on type inference instead of heuristics.

  • Removed outdated expected summaries in tests and updated expected outputs accordingly.
  • Modified the TypeInference module to use inferType(n) for determining receiver types and added new predicates for detecting implicit deref and borrow.
  • Adjusted dataflow predicates to call the new TypeInference predicates.

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Show a summary per file
File Description
rust/ql/test/utils-tests/modelgenerator/CaptureSummaryModels.expected Removed outdated expected summary lines to match the new model generation output.
rust/ql/test/query-tests/security/CWE-089/SqlInjection.expected Updated expected SQL injection summaries by removing duplicate/obsolete entries.
rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected Removed redundant "receiver" lines reflecting changes in implicit borrow/deref handling.
rust/ql/lib/codeql/rust/internal/TypeInference.qll Revised receiver type detection to use inferType(n) and added predicates for implicit borrow/dereference.
rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll Updated dataflow predicates to use the new TypeInference predicates for implicit dereference and borrow.

hvitved
hvitved approved these changes Apr 30, 2025
View reviewed changes
Copy link
Contributor

@hvitved hvitved left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great to have a principled solution for this.

@paldepind paldepind merged commit bab84d0 into github:main May 1, 2025
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@hvitved hvitved hvitved approved these changes

Assignees
No one assigned
Labels
Rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@paldepind @hvitved