Merge pull request github#15740 from smowton/smowton/feature/call-and-type-telemetry

smowton · web-flow · commit 051d63a5a9b7 · 2024-02-29T16:51:51.000Z
Java: add extraction quality telemetry; improve stringification of some erroneous expressions
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-erroneous/ExtractorInformation.expected b/java/ql/integration-tests/all-platforms/java/buildless-erroneous/ExtractorInformation.expected
@@ -0,0 +1,19 @@
+| Annotation processors enabled: true | 1 |
+| Number of calls with call target | 1 |
+| Number of calls with missing call target | 4 |
+| Number of diagnostics from CodeQL Java extractor with severity 5 | 10 |
+| Number of diagnostics from CodeQL Java extractor with severity 6 | 2 |
+| Number of expressions with known type | 1 |
+| Number of expressions with unknown type | 6 |
+| Number of files | 607 |
+| Number of files with extension class | 604 |
+| Number of files with extension java | 1 |
+| Number of files with extension properties | 1 |
+| Number of lines of code | 7 |
+| Number of lines of code with extension java | 7 |
+| Percentage of calls with call target | 20 |
+| Total number of diagnostics from CodeQL Java extractor | 12 |
+| Total number of lines | 13 |
+| Total number of lines with extension java | 13 |
+| Used annotation processor: lombok.launch.AnnotationProcessorHider$AnnotationProcessor | 1 |
+| Used annotation processor: lombok.launch.AnnotationProcessorHider$ClaimingProcessor | 1 |
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-erroneous/ExtractorInformation.qlref b/java/ql/integration-tests/all-platforms/java/buildless-erroneous/ExtractorInformation.qlref
@@ -0,0 +1 @@
+Telemetry/ExtractorInformation.ql
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-erroneous/Test.java b/java/ql/integration-tests/all-platforms/java/buildless-erroneous/Test.java
@@ -0,0 +1,13 @@
+import abc.Def;
+
+public class Test {
+
+  public static void test() {
+
+    Def.someMethod();
+    (new Def()).member().chained();
+
+  }
+
+}
+
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-erroneous/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/buildless-erroneous/diagnostics.expected
@@ -0,0 +1,42 @@
+{
+  "markdownMessage": "Because no usable build tool (Gradle, Maven, etc) was found, build scripts could not be queried for guidance about the appropriate JDK version for the code being extracted, or precise dependency information. The default JDK will be used, and external dependencies will be inferred from the Java package names used.",
+  "severity": "unknown",
+  "source": {
+    "extractorName": "java",
+    "id": "java/autobuilder/buildless/no-build-tool-advice",
+    "name": "Java buildless mode found no usable build tool"
+  },
+  "visibility": {
+    "cliSummaryTable": true,
+    "statusPage": false,
+    "telemetry": true
+  }
+}
+{
+  "markdownMessage": "Java buildless mode used the system default JDK.",
+  "severity": "unknown",
+  "source": {
+    "extractorName": "java",
+    "id": "java/autobuilder/buildless/jdk-system-default",
+    "name": "Java buildless mode used the system default JDK"
+  },
+  "visibility": {
+    "cliSummaryTable": true,
+    "statusPage": false,
+    "telemetry": true
+  }
+}
+{
+  "markdownMessage": "Java was extracted in buildless mode. This means that all Java source in the working directory will be scanned, with build tools such as Maven and Gradle only contributing information about external dependencies.",
+  "severity": "note",
+  "source": {
+    "extractorName": "java",
+    "id": "java/autobuilder/buildless/mode-active",
+    "name": "Java was extracted in buildless mode"
+  },
+  "visibility": {
+    "cliSummaryTable": true,
+    "statusPage": true,
+    "telemetry": true
+  }
+}
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-erroneous/test.py b/java/ql/integration-tests/all-platforms/java/buildless-erroneous/test.py
@@ -0,0 +1,8 @@
+import sys
+
+from create_database_utils import *
+from diagnostics_test_utils import *
+
+run_codeql_database_create([], lang="java", extra_env={"CODEQL_EXTRACTOR_JAVA_OPTION_BUILDLESS": "true"})
+
+check_diagnostics()
diff --git a/java/ql/integration-tests/all-platforms/kotlin/extractor_information_kotlin1/ExtractorInformation.expected b/java/ql/integration-tests/all-platforms/kotlin/extractor_information_kotlin1/ExtractorInformation.expected
@@ -1,7 +1,12 @@
+| Number of calls with call target | 1 |
+| Number of calls with missing call target | 0 |
+| Number of expressions with known type | 0 |
+| Number of expressions with unknown type | 0 |
 | Number of files with extension jar | 1 |
 | Number of files with extension kt | 1 |
 | Number of lines of code | 2 |
 | Number of lines of code with extension kt | 2 |
+| Percentage of calls with call target | 100 |
 | Total number of lines | 3 |
 | Total number of lines with extension kt | 3 |
 | Uses Kotlin 2: false | 1 |
diff --git a/java/ql/integration-tests/all-platforms/kotlin/extractor_information_kotlin2/ExtractorInformation.expected b/java/ql/integration-tests/all-platforms/kotlin/extractor_information_kotlin2/ExtractorInformation.expected
@@ -1,7 +1,12 @@
+| Number of calls with call target | 1 |
+| Number of calls with missing call target | 0 |
+| Number of expressions with known type | 0 |
+| Number of expressions with unknown type | 0 |
 | Number of files with extension jar | 1 |
 | Number of files with extension kt | 1 |
 | Number of lines of code | 2 |
 | Number of lines of code with extension kt | 2 |
+| Percentage of calls with call target | 100 |
 | Total number of lines | 3 |
 | Total number of lines with extension kt | 3 |
 | Uses Kotlin 2: true | 1 |
diff --git a/java/ql/lib/change-notes/2024-02-27-error-types.md b/java/ql/lib/change-notes/2024-02-27-error-types.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often.
diff --git a/java/ql/lib/semmle/code/java/Expr.qll b/java/ql/lib/semmle/code/java/Expr.qll
@@ -2065,7 +2065,11 @@ class MethodCall extends Expr, Call, @methodaccess {
   override Stmt getEnclosingStmt() { result = Expr.super.getEnclosingStmt() }
 
   /** Gets a printable representation of this expression. */
-  override string toString() { result = this.printAccess() }
+  override string toString() {
+    if exists(this.getMethod())
+    then result = this.printAccess()
+    else result = "<Call to unknown method>"
+  }
 
   /** Gets a printable representation of this expression. */
   string printAccess() { result = this.getMethod().getName() + "(...)" }
@@ -2128,13 +2132,19 @@ class TypeAccess extends Expr, Annotatable, @typeaccess {
   /** Gets the compilation unit in which this type access occurs. */
   override CompilationUnit getCompilationUnit() { result = Expr.super.getCompilationUnit() }
 
-  /** Gets a printable representation of this expression. */
-  override string toString() {
+  private string toNormalString() {
     result = this.getQualifier().toString() + "." + this.getType().toString()
     or
     not this.hasQualifier() and result = this.getType().toString()
   }
 
+  /** Gets a printable representation of this expression. */
+  override string toString() {
+    if this.getType() instanceof ErrorType
+    then result = "<TypeAccess of ErrorType>"
+    else result = this.toNormalString()
+  }
+
   override string getAPrimaryQlClass() { result = "TypeAccess" }
 }
 
diff --git a/java/ql/src/Likely Bugs/Likely Typos/ContradictoryTypeChecks.ql b/java/ql/src/Likely Bugs/Likely Typos/ContradictoryTypeChecks.ql
@@ -40,7 +40,9 @@ predicate contradictoryTypeCheck(Expr e, Variable v, RefType t, RefType sup, Exp
     requiresInstanceOf(e, ssa.getAUse(), t) and
     sup = t.getAnAncestor() and
     instanceOfCheck(cond, ssa.getAUse(), sup) and
-    cond.(Guard).controls(e.getBasicBlock(), false)
+    cond.(Guard).controls(e.getBasicBlock(), false) and
+    not t instanceof ErrorType and
+    not sup instanceof ErrorType
   )
 }
 
diff --git a/java/ql/src/Telemetry/ExtractorInformation.ql b/java/ql/src/Telemetry/ExtractorInformation.ql
@@ -85,6 +85,65 @@ predicate extractorTotalDiagnostics(string key, int value) {
   )
 }
 
+signature module StatsSig {
+  int getNumberOfOk();
+
+  int getNumberOfNotOk();
+
+  string getOkText();
+
+  string getNotOkText();
+}
+
+module ReportStats<StatsSig Stats> {
+  predicate numberOfOk(string key, int value) {
+    value = Stats::getNumberOfOk() and
+    key = "Number of " + Stats::getOkText()
+  }
+
+  predicate numberOfNotOk(string key, int value) {
+    value = Stats::getNumberOfNotOk() and
+    key = "Number of " + Stats::getNotOkText()
+  }
+
+  predicate percentageOfOk(string key, float value) {
+    value = Stats::getNumberOfOk() * 100.0 / (Stats::getNumberOfOk() + Stats::getNumberOfNotOk()) and
+    key = "Percentage of " + Stats::getOkText()
+  }
+}
+
+module CallTargetStats implements StatsSig {
+  int getNumberOfOk() { result = count(Call c | exists(c.getCallee())) }
+
+  int getNumberOfNotOk() { result = count(Call c | not exists(c.getCallee())) }
+
+  string getOkText() { result = "calls with call target" }
+
+  string getNotOkText() { result = "calls with missing call target" }
+}
+
+private class SourceExpr extends Expr {
+  SourceExpr() { this.getFile().isSourceFile() }
+}
+
+private predicate hasGoodType(Expr e) {
+  exists(e.getType()) and not e.getType() instanceof ErrorType
+}
+
+module ExprTypeStats implements StatsSig {
+  int getNumberOfOk() { result = count(SourceExpr e | hasGoodType(e)) }
+
+  int getNumberOfNotOk() { result = count(SourceExpr e | not hasGoodType(e)) }
+
+  string getOkText() { result = "expressions with known type" }
+
+  string getNotOkText() { result = "expressions with unknown type" }
+}
+
+module CallTargetStatsReport = ReportStats<CallTargetStats>;
+
+module ExprTypeStatsReport = ReportStats<ExprTypeStats>;
+
 from string key, int value
 where
   not exists(string pattern | extractorInformationSkipKey(pattern) and key.matches(pattern)) and
@@ -97,6 +156,12 @@ where
     totalNumberOfLinesByExtension(key, value) or
     numberOfLinesOfCodeByExtension(key, value) or
     extractorDiagnostics(key, value) or
-    extractorTotalDiagnostics(key, value)
+    extractorTotalDiagnostics(key, value) or
+    CallTargetStatsReport::numberOfOk(key, value) or
+    CallTargetStatsReport::numberOfNotOk(key, value) or
+    CallTargetStatsReport::percentageOfOk(key, value) or
+    ExprTypeStatsReport::numberOfOk(key, value) or
+    ExprTypeStatsReport::numberOfNotOk(key, value) or
+    ExprTypeStatsReport::percentageOfOk(key, value)
   )
 select key, value
diff --git a/java/ql/test/library-tests/errorexpr/Test.java b/java/ql/test/library-tests/errorexpr/Test.java
@@ -15,3 +15,4 @@ public int yieldWrapper(int x) {
 // Diagnostic Matches: Erroneous node in tree: (ERROR)
 // Diagnostic Matches: In file Test.java:8:15 no end location for JCMethodInvocation : yield(x)
 // Diagnostic Matches: 1 errors during annotation processing
+// Diagnostic Matches: Unknown or erroneous type for expression of kind ErrorExpr
diff --git a/java/ql/test/library-tests/errortype/Diags.expected b/java/ql/test/library-tests/errortype/Diags.expected
@@ -1,3 +1,6 @@
 | Test.java:0:0:0:0 | 2 javac errors |
+| Test.java:6:5:6:15 | Unknown or erroneous type for expression of kind TypeAccess |
 | Test.java:6:23:6:39 | Unexpected symbol for constructor: new NoSuchClass() |
+| Test.java:6:23:6:39 | Unknown or erroneous type for expression of kind ClassInstanceCreation |
+| Test.java:6:27:6:37 | Unknown or erroneous type for expression of kind TypeAccess |
 | file://:0:0:0:0 | 2 errors during annotation processing |
diff --git a/java/ql/test/library-tests/errortype/ErrorTypes.expected b/java/ql/test/library-tests/errortype/ErrorTypes.expected
@@ -1 +1,4 @@
+| Test.java:6:5:6:15 | <TypeAccess of ErrorType> |
+| Test.java:6:23:6:39 | <ClassInstanceExpr that calls a missing constructor> |
+| Test.java:6:27:6:37 | <TypeAccess of ErrorType> |
 | Test.java:7:12:7:14 | nsc |
diff --git a/java/ql/test/library-tests/errortype/PrintAst.expected b/java/ql/test/library-tests/errortype/PrintAst.expected
@@ -7,9 +7,9 @@ Test.java:
 #    5|       3: [TypeAccess] NoSuchClass
 #    5|       5: [BlockStmt] { ... }
 #    6|         0: [LocalVariableDeclStmt] var ...;
-#    6|           0: [TypeAccess] NoSuchClass
+#    6|           0: [TypeAccess] <TypeAccess of ErrorType>
 #    6|           1: [LocalVariableDeclExpr] nsc
 #    6|             0: [ClassInstanceExpr] <ClassInstanceExpr that calls a missing constructor>
-#    6|               -3: [TypeAccess] NoSuchClass
+#    6|               -3: [TypeAccess] <TypeAccess of ErrorType>
 #    7|         1: [ReturnStmt] return ...
 #    7|           0: [VarAccess] nsc
diff --git a/java/ql/test/library-tests/errortype/Test.java b/java/ql/test/library-tests/errortype/Test.java
@@ -12,3 +12,5 @@ public NoSuchClass test() {
 // Diagnostic Matches: Unexpected symbol for constructor: new NoSuchClass()
 // Diagnostic Matches: 2 javac errors
 // Diagnostic Matches: 2 errors during annotation processing
+// Diagnostic Matches: Unknown or erroneous type for expression of kind TypeAccess
+// Diagnostic Matches: Unknown or erroneous type for expression of kind ClassInstanceCreation
diff --git a/java/ql/test/library-tests/unknown-method-reference-lhs/Diags.expected b/java/ql/test/library-tests/unknown-method-reference-lhs/Diags.expected
@@ -1,2 +1,4 @@
 | Test.java:0:0:0:0 | 1 javac errors |
 | Test.java:4:13:4:30 | Unable to extract method reference Unavailable.f()::g with no owner type |
+| Test.java:4:13:4:30 | Unknown or erroneous type for expression of kind MemberReference |
+| Test.java:4:13:4:30 | Unknown or erroneous type for expression of kind TypeAccess |
diff --git a/java/ql/test/library-tests/unknown-method-reference-lhs/Test.java b/java/ql/test/library-tests/unknown-method-reference-lhs/Test.java
@@ -8,3 +8,5 @@ public static void test() {
 
 // Diagnostic Matches: 1 javac errors
 // Diagnostic Matches: Unable to extract method reference Unavailable.f()::g with no owner type
+// Diagnostic Matches: Unknown or erroneous type for expression of kind MemberReference
+// Diagnostic Matches: Unknown or erroneous type for expression of kind TypeAccess

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: minorAnalysis
 +---
 +* Java expressions with erroneous types (e.g. the result of a call whose callee couldn't be resolved during extraction) are now given a CodeQL `ErrorType` more often.
Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,9 @@ predicate contradictoryTypeCheck(Expr e, Variable v, RefType t, RefType sup, Exp`
`40`	`40`	`requiresInstanceOf(e, ssa.getAUse(), t) and`
`41`	`41`	`sup = t.getAnAncestor() and`
`42`	`42`	`instanceOfCheck(cond, ssa.getAUse(), sup) and`
`43`		`- cond.(Guard).controls(e.getBasicBlock(), false)`
	`43`	`+ cond.(Guard).controls(e.getBasicBlock(), false) and`
	`44`	`+ not t instanceof ErrorType and`
	`45`	`+ not sup instanceof ErrorType`
`44`	`46`	`)`
`45`	`47`	`}`
`46`	`48`