Rust: Initial model generation setup #18628
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| p = source.getNode() and | ||
| p.asParameter() = api.getAParameter() | ||
| select sink.getNode(), source, sink, "There is flow from a $@ to $@.", source.getNode(), | ||
| "parameter", sink.getNode(), "intermediate value" |
Check warning
Code scanning / CodeQL
Alert message style violation Warning
There was a problem hiding this comment.
These are debug queries copy pasted from C#, so I'm inclined to ignore this?
There was a problem hiding this comment.
I wouldn't worry about this too much, assuming we're not expecting users to use these queries directly. We might want to make it clearer what these queries are for though (e.g. in the @description) in case users do find them?
| returnNodeExt = sink.getNode() and | ||
| exists(captureThroughFlow0(api, p, returnNodeExt)) | ||
| select sink.getNode(), source, sink, "There is flow from $@ to the $@.", source.getNode(), | ||
| "parameter", sink.getNode(), "return value" |
Check warning
Code scanning / CodeQL
Alert message style violation Warning
| /** | ||
| * Gets the underlying type of the content `c`. | ||
| */ | ||
| Type getUnderlyingContentType(DataFlow::ContentSet c) { result = any(Type t) and exists(c) } |
Check warning
Code scanning / CodeQL
Redundant cast Warning
paldepind
force-pushed
the
rust-flow-summary-generation
branch
from
ecf32a1 to
360c5eb
Compare
paldepind
force-pushed
the
rust-flow-summary-generation
branch
from
360c5eb to
f76647f
Compare
| } | ||
|
|
||
| // MISSING: summary=repo::test;<crate::summaries::MyStruct>::get_foo;Argument[self].Struct[crate::summaries::MyStruct::foo];ReturnValue;value;dfc-generated | ||
| pub fn get_foo(self) -> i64 { |
There was a problem hiding this comment.
I'd have expected this to work, but I'll investigate later. Right now variants are more interesting, as generating models for Option is the current goal.
There was a problem hiding this comment.
I like the way these tests are set up, by the way. I suspect we'll want more of them as we debug things, but it's a really nice setup.
There was a problem hiding this comment.
Absolutely, and I completely agree. It's all thanks to @michaelnebel 🎉
paldepind
force-pushed
the
rust-flow-summary-generation
branch
from
03ec4ee to
0a9b864
Compare
|
CI complains about missing QLdoc, but it's the same in C# and Java, so I think it's ok to ignore. |
hvitved
left a comment
hvitved
left a comment
There was a problem hiding this comment.
Looks great, oh my that ModelGeneratorInputSig interface is complex... My main comment is about only using content-based (precise) summary generation.
| /** Gets the parameter that this node corresponds to. */ | ||
| ParamBase getParameter() { result = super.getParameter().getParamBase() } | ||
| } | ||
| final class ParameterNode = Node::SourceParameterNode; |
There was a problem hiding this comment.
This made me realize that we are already now exposing internal implementation details in the public DataFlow::Node class, which I want to avoid. So I would like for this to be reverted back 🙏
| @@ -0,0 +1,13 @@ | |||
| /** | |||
There was a problem hiding this comment.
I'm not sure we'll want this query, I hope that CaptureContentSummaryModels.ql should be enough for us.
There was a problem hiding this comment.
I don't have strong feelings but I'd be inclined to leave the files in places because:
1/ The shared Python script assumes that these files are there.
2/ For consistency with C# and Java
3/ We might never have to ever use them, but perhaps it could come in handy for debugging or experimenting through the generation script.
| @@ -0,0 +1,13 @@ | |||
| /** | |||
| import utils.test.InlineMadTest | ||
|
|
||
| module InlineMadTestConfig implements InlineMadTestConfigSig { | ||
| string getCapturedModel(Function c) { result = captureMixedFlow(c, _) } |
There was a problem hiding this comment.
Again, I think we just want ContentSensitive::captureFlow for Rust.
There was a problem hiding this comment.
Makes no difference in the tests, so let's just do that yes 👍
|
I'm looking forward to seeing early results from the model generator, which I gather is going to come a bit later. |
After this PR I'll create one adding flow for higher-order functions. With that we get around 50 lines of yaml for |
paldepind
force-pushed
the
rust-flow-summary-generation
branch
from
ffaad99 to
cf4f657
Compare
3 participants
Uh oh!
There was an error while loading. Please reload this page.