Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rust: Include parameters and patterns in the CFG #17686

Merged
merged 5 commits into from
Oct 11, 2024
Merged

Rust: Include parameters and patterns in the CFG #17686

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
665da39
Rust: Add CFG test for nested function
hvitved Oct 10, 2024
f6f54c6
Rust: Include parameters in the CFG
hvitved Oct 8, 2024
2f14ec9
Rust: Include patterns in the CFG
hvitved Oct 8, 2024
756affa
Rust: Fix bugs in `LetExprTree` and `MethodCallExprTree`
hvitved Oct 9, 2024
ffd6b98
Address review comments
hvitved Oct 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion rust/ql/.generated.list
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 0 additions & 1 deletion rust/ql/.gitattributes
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

52 changes: 50 additions & 2 deletions rust/ql/lib/codeql/rust/controlflow/internal/Completion.qll
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ abstract class ConditionalCompletion extends NormalCompletion {
abstract ConditionalCompletion getDual();
}

/** Holds if node `le` has the Boolean constant value `value`. */
/** Holds if node `le` has the constant Boolean value `value`. */
private predicate isBooleanConstant(LiteralExpr le, Boolean value) {
le.getTextValue() = value.toString()
}
Expand Down Expand Up @@ -117,13 +117,61 @@ class BooleanCompletion extends ConditionalCompletion, TBooleanCompletion {
override string toString() { result = "boolean(" + value + ")" }
}

/** Holds if node `pat` has the constant match value `value`. */
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think Rust use the term irrefutable pattern for a pattern that cannot fail.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this is correct use of "irrefutable". Irrefutable is property of a pattern, but this predicate is a property of a pattern as an AST node and considers the surrounding AST context as well.

For instance, in

match b { Some(a) => 1, None => 0 }

this predicate holds for None (since the last pattern in a match arm is guaranteed to succeed due to exhaustiveness) but None is not an irrefutable pattern.

I think we should rename this predicate (not sure to what though). We could also extract a proper isIrrefutablePattern predicate from this predicate (but it will probably be a conservative approximation as refutability for custom types depends on the type definition. E.g. the pattern Foo(a) is irrefutable if Foo the only case in the enum and refutable otherwise).

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, you're right. Perhaps isExhaustiveMatch or similar. An irrefutable pattern is exhaustive on its own, and a last pattern in match should be exhaustive.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That sounds like a great name to me. I'll do a PR :)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done, PR is here #17751

pragma[nomagic]
private predicate isMatchConstant(Pat pat, boolean value) {
value = true and
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps remove the value and it seems to be always true

(
pat instanceof WildcardPat
or
pat = any(IdentPat ip | not ip.hasPat() and ip = any(Variable v).getPat())
or
pat instanceof RestPat
or
// `let` statements without an `else` branch must be exhaustive
pat = any(LetStmt let | not let.hasLetElse()).getPat()
or
// `match` expressions must be exhaustive, so last arm cannot fail
pat = any(MatchExpr me).getLastArm().getPat()
or
// parameter patterns must be exhaustive
pat = any(Param p).getPat()
) and
not pat = any(ForExpr for).getPat() // workaround until `for` loops are desugared
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure I understand why you exclude patterns in for here, they should also never fail

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thats because of how we currently model for loops; the pattern is used to represent the condition.

or
exists(Pat parent | isMatchConstant(parent, value) |
pat = parent.(BoxPat).getPat()
or
pat = parent.(IdentPat).getPat()
or
pat = parent.(ParenPat).getPat()
or
pat = parent.(RecordPat).getRecordPatFieldList().getField(_).getPat()
or
pat = parent.(RefPat).getPat()
or
pat = parent.(TuplePat).getAField()
or
pat = parent.(TupleStructPat).getAField()
or
pat = parent.(OrPat).getLastPat()
)
}

/**
* A completion that represents the result of a pattern match.
*/
class MatchCompletion extends TMatchCompletion, ConditionalCompletion {
MatchCompletion() { this = TMatchCompletion(value) }

override predicate isValidForSpecific(AstNode e) { e instanceof Pat }
override predicate isValidForSpecific(AstNode e) {
e instanceof Pat and
(
isMatchConstant(e, value)
or
not isMatchConstant(e, _)
)
}

override MatchSuccessor getAMatchingSuccessorType() { result.getValue() = value }

Expand Down
Loading
Loading