Skip to content

Rust: Speedup AccessAfterLifetime.ql #20843

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hvitved merged 1 commit into from
Nov 17, 2025
Merged

Rust: Speedup AccessAfterLifetime.ql #20843

hvitved merged 1 commit into from
Nov 17, 2025

Conversation

@hvitved
Copy link
Contributor

@hvitved hvitved commented Nov 15, 2025
edited
Loading

DCA shows a massive 58 % total analysis time speedup on rust.

@github-actions github-actions bot added the Rust Pull requests that update Rust code label Nov 15, 2025
@hvitved hvitved force-pushed the rust/access-after-lifetime-speedup branch from 1e2c798 to 8455663 Compare November 15, 2025 14:22
@hvitved hvitved added the no-change-note-required This PR does not need a change note label Nov 15, 2025
@hvitved hvitved marked this pull request as ready for review November 15, 2025 19:03
@hvitved hvitved requested a review from a team as a code owner November 15, 2025 19:03
Copilot AI review requested due to automatic review settings November 15, 2025 19:03
Copilot AI reviewed Nov 15, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR refactors the AccessAfterLifetime.ql query to improve performance by 58% on total Rust analysis time. The optimization is achieved by moving filtering logic from a helper predicate that was called during dataflow analysis into the isSource and isSink predicates, which reduces the scope of the dataflow computation.

Key changes:

  • Moved macro expansion and unsafe block filtering from narrowDereferenceAfterLifetime to isSource and isSink predicates
  • Removed the narrowDereferenceAfterLifetime helper predicate
  • Simplified the query logic by calling AccessAfterLifetime::dereferenceAfterLifetime directly

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql Refactored filtering logic to move constraints into source/sink predicates for better performance
rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected Updated test expectations to reflect filtered results (macro expansions and non-unsafe dereferences)

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

paldepind
paldepind approved these changes Nov 16, 2025
View reviewed changes
Copy link
Contributor

@paldepind paldepind left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

If I understand correctly this shouldn't change the results. But now the filtering that only depends on sources/sinks is simply done before the data flow library does any work, instead of after, and thus we get the performance improvement.

@hvitved
Copy link
Contributor Author

hvitved commented Nov 17, 2025

If I understand correctly this shouldn't change the results. But now the filtering that only depends on sources/sinks is simply done before the data flow library does any work, instead of after, and thus we get the performance improvement.

Correct.

@hvitved hvitved merged commit e986cca into github:main Nov 17, 2025
27 checks passed
@hvitved hvitved deleted the rust/access-after-lifetime-speedup branch November 17, 2025 07:40
@geoffw0
Copy link
Contributor

geoffw0 commented Nov 17, 2025

Oh wow, good spot. 6.2% average analysis speedup across all projects 🚀

The new code also reads cleaner to me. 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@paldepind paldepind paldepind approved these changes

Assignees

No one assigned

Labels

no-change-note-required This PR does not need a change note Rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@hvitved @geoffw0 @paldepind