Skip to content

Rust: extract crate graph #18228

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 17 commits into from
Mar 13, 2025
Merged

Rust: extract crate graph #18228

merged 17 commits into from
Mar 13, 2025

Conversation

aibaars
Copy link
Contributor

@aibaars aibaars commented Dec 6, 2024
edited
Loading

This pull request changes the Rust extractor to emit information about the crate graph, and the public modules, types, traits and function signatures contained in each crate. This should give our analyses information about names and types provided by the dependencies of a project. The information in the crate graph is represented as AST nodes without macro calls; type paths should be fully qualified and methods/functions have no bodies.

This PR currently does not extract generic type arguments , where clauses, and associated types and aliases. These should be added in a follow-up pull request.

@github-actions github-actions bot added the Rust Pull requests that update Rust code label Dec 6, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 6, 2024
View reviewed changes
@aibaars aibaars force-pushed the aibaars/crate-graph branch 5 times, most recently from 48783f3 to e0ecf47 Compare December 9, 2024 16:56
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 9, 2024
View reviewed changes
@aibaars aibaars force-pushed the aibaars/crate-graph branch 5 times, most recently from 9f083b9 to 7419e77 Compare December 11, 2024 09:10
@aibaars aibaars force-pushed the aibaars/crate-graph branch 3 times, most recently from 4c9e103 to 83111f3 Compare December 18, 2024 21:01
@aibaars aibaars force-pushed the aibaars/crate-graph branch from 4782bc1 to b3ed09d Compare January 15, 2025 13:04
@aibaars aibaars force-pushed the aibaars/crate-graph branch 2 times, most recently from c651fee to ed57708 Compare February 27, 2025 11:09
@aibaars aibaars marked this pull request as ready for review February 27, 2025 11:47
@aibaars aibaars requested a review from a team as a code owner February 27, 2025 11:47
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 27, 2025
View reviewed changes
rust/ql/lib/codeql/rust/elements/internal/generated/Crate.qll
private import codeql.rust.elements.internal.generated.Raw
import codeql.rust.elements.Crate
import codeql.rust.elements.internal.ElementImpl::Impl as ElementImpl
import codeql.rust.elements.Module

Check warning

Code scanning / CodeQL

Redundant import Warning generated

Redundant import, the module is already imported inside
codeql.rust.elements.Crate
Loading
.
@aibaars aibaars force-pushed the aibaars/crate-graph branch 3 times, most recently from 95cbd9b to 7d08551 Compare February 27, 2025 13:21
redsun82
redsun82 previously approved these changes Mar 4, 2025
View reviewed changes
@aibaars aibaars force-pushed the aibaars/crate-graph branch from 394bc66 to bbe51cb Compare March 7, 2025 12:14
aibaars added 15 commits March 10, 2025 10:16
@aibaars
Rust: add Crate to dbscheme
75ca04f
@aibaars
Rust: extract crate graph
e21a7f5
@aibaars
Rust: ignore crate graph elements from summary stats and AST no-locat…
98a4096 
…ion checks

These elements depend on the version of the standard libraries and platform, and
in addition no location information is extracted for them at the moment.

f
@aibaars
Rust: add ExtractionStep::CrateGraph
c601adf
@aibaars
Rust: QL Test: exclude crate graph related elements
9bba666
@aibaars
Rust: implement Crate::toString
8ec8824
@aibaars
Rust: add some tests for the crate graph
fce637f
@aibaars
Rust: update integration tests
e5b0397
@aibaars
Rust: improve modules test case
ff32119
@aibaars
Rust: crate_graph: extract only public items
8961a22
@aibaars
Rust: add file for root modules of crates
845f002
@aibaars
Run: misc/bazel/3rdparty/update_cargo_deps.sh
58d7933
@aibaars
Rust: fix crate graph after rust-analyzer upgrade
5855a12
@aibaars
Rust: update expected output
f17f375
@aibaars
Address review comment
9814aef
@aibaars aibaars force-pushed the aibaars/crate-graph branch from bbe51cb to 9814aef Compare March 10, 2025 09:31
hvitved
hvitved reviewed Mar 11, 2025
View reviewed changes
rust/ql/integration-tests/options/cfg/functions.ql Outdated
@@ -1,4 +1,5 @@
import rust

from Function f
where exists(f.getLocation().getFile().getRelativePath())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about adding

/** Holds if this element is from source code. */
predicate fromSource() { exists(this.getFile().getRelativePath()) }

to the class Locatable inside LocatableImpl.qll, and then replace all these calls with simply fromSource?

rust/ql/lib/codeql/files/FileSystem.qll
@@ -55,7 +55,8 @@ class File extends Container, Impl::File {
|
node.getFile() = this and
line = [/*loc.getStartLine(), */ loc.getEndLine()] and // ignore start locations for now as we're getting them wrong for things with a comment attached
not loc instanceof EmptyLocation
not loc instanceof EmptyLocation and
line > 0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why can't line 0 contain code?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lines start at 1. A location with a 0 line is pointing to a whole file .

rust/ql/lib/codeql/rust/elements/internal/CrateImpl.qll Outdated
Comment on lines 15 to 17
override string toString() {
result = "Crate(" + this.getName() + "@" + concat(this.getVersion()) + ")"
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
override string toString() {
result = "Crate(" + this.getName() + "@" + concat(this.getVersion()) + ")"
}
override string toString() {
result = strictconcat(int i | | this.toStringPart(i), " " order by i)
}
private string toStringPart(int i) {
i = 0 and result = "Crate("
or
i = 1 and result = this.getName()
or
i = 2 and result = "@"
or
i = 3 and result = this.getVersion()
or
i = 4 and result = ")"
}

rust/ql/lib/codeql/rust/internal/AstConsistency.qll
@@ -24,7 +24,9 @@ query predicate multipleLocations(Locatable e) { strictcount(e.getLocation()) >
/**
* Holds if `e` does not have a `Location`.
*/
query predicate noLocation(Locatable e) { not exists(e.getLocation()) }
query predicate noLocation(Locatable e) {
not exists(e.getLocation()) and not e.(AstNode).getParentNode*() = any(Crate c).getModule()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this mean we only have crate information for entities that are not in the source code?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, we have crate information for things in source code, but the crate information has no locations.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to double check: This is because for things in source code, we will now extract two entities, one as before, and a new one with crate information (for which we do not want to report missing locations)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's right. For items in source code, you'd have signatures without bodies and without locations.

@aibaars aibaars force-pushed the aibaars/crate-graph branch from 766a338 to 3991dc3 Compare March 11, 2025 11:57
@hvitved
Copy link
Contributor

hvitved commented Mar 12, 2025

As discussed offline, re-exports like this are not currently extracted, so we should do that follow-up.

@aibaars aibaars merged commit fa79dbc into main Mar 13, 2025
33 checks passed
@aibaars aibaars deleted the aibaars/crate-graph branch March 13, 2025 09:00
@hvitved hvitved mentioned this pull request Mar 13, 2025
Merged
@hvitved hvitved mentioned this pull request Apr 2, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hvitved hvitved hvitved approved these changes

@redsun82 redsun82 redsun82 left review comments

Assignees
No one assigned
Labels
Rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aibaars @hvitved @redsun82