Skip to content

Rust: Strengthen modeling of the Clone trait #19442

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hvitved merged 1 commit into from
May 1, 2025
Merged

Rust: Strengthen modeling of the Clone trait #19442

hvitved merged 1 commit into from
May 1, 2025

Conversation

@hvitved
Copy link
Contributor

@hvitved hvitved commented May 1, 2025
edited
Loading

The clone method takes a &self parameter, meaning that in terms of data flow it dereferences the receiver argument. Now that we have a principled way of inserting implicit borrows, it makes sense to strengthen the modeling of the Clone trait.

Related, I also updated some expected flow summaries related to clone.

@github-actions github-actions bot added the Rust Pull requests that update Rust code label May 1, 2025
@hvitved hvitved marked this pull request as ready for review May 1, 2025 12:59
Copilot AI review requested due to automatic review settings May 1, 2025 12:59
@hvitved hvitved requested a review from a team as a code owner May 1, 2025 12:59
@hvitved hvitved requested a review from paldepind May 1, 2025 12:59
Copilot AI reviewed May 1, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR enhances the CodeQL model of Rust’s Clone trait by inserting implicit borrows and updating test expectations to reflect that clone dereferences its receiver, and adjusts related debug/test code.

  • Updated MyOption::cloned and Clone::clone summaries to include Reference on the self argument
  • Adjusted expected model files and inline-flow tests to remove now-unneeded generated clone edges
  • Refined the CloneCallable model to only match Argument[self].Reference and updated a debug filter path

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file
File Description
rust/ql/test/utils-tests/modelgenerator/option.rs Added .Reference in summaries for cloned and clone methods
rust/ql/test/utils-tests/modelgenerator/CaptureSummaryModels.expected Updated expected summaries for Clone::clone; removed cloned entry
rust/ql/test/library-tests/dataflow/modeled/main.rs Marked missing flow tests for clonable types due to lack of builtins
rust/ql/test/library-tests/dataflow/modeled/inline-flow.expected Removed generated clone edges from inline-flow expectations
rust/ql/lib/codeql/rust/internal/TypeInference.qll Changed debug filter from plugin.rs to main.rs at line 28
rust/ql/lib/codeql/rust/frameworks/stdlib/Clone.qll Restricted CloneCallable.propagatesFlow input to Argument[self].Reference
Comments suppressed due to low confidence (1)

rust/ql/test/utils-tests/modelgenerator/CaptureSummaryModels.expected:4

  • Also add an Expected summary missing entry for the <crate::option::MyOption>::cloned method to mirror the updated summaries and ensure the test suite covers both cloned and clone.
| Expected summary missing: repo::test;<crate::option::MyOption as crate::clone::Clone>::clone;Argument[self].Reference.Field[crate::option::MyOption::MySome(0)];ReturnValue.Field[crate::option::MyOption::MySome(0)];value;dfc-generated |

paldepind
paldepind approved these changes May 1, 2025
View reviewed changes
Copy link
Contributor

@paldepind paldepind left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense to me 👍

rust/ql/test/library-tests/dataflow/modeled/main.rs
sink(a); // $ hasValueFlow=12
let b = a.clone();
sink(b); // $ hasValueFlow=12
sink(b); // $ MISSING: hasValueFlow=12 - lack of builtins means that we cannot resolve clone call above, and hence not insert implicit borrow
Copy link
Contributor

@paldepind paldepind May 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If stuff like this persists being an issue, for some reason, we could reinstate the old heuristic only in the cases where no type is inferred for a method receiver.

Copy link
Contributor Author

@hvitved hvitved May 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense, though builtins should be extracted soonish.

@hvitved hvitved merged commit 40f80ff into github:main May 1, 2025
17 checks passed
@hvitved hvitved deleted the rust/clone-modeling branch May 1, 2025 15:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@paldepind paldepind paldepind approved these changes

Assignees

No one assigned

Labels

Rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hvitved @paldepind