wip3

Author: hvitved

rust/ql/lib/codeql/rust/internal/typeinference/FunctionOverloading.qll

@@ -41,7 +41,7 @@ private module MkSiblingImpls<resolveTypeMentionAtSig/2 resolveTypeMentionAt> {
     trait = impl.resolveTraitTy()
   }
 
-  private module FooIsInstantiationOfInput implements IsInstantiationOfInputSig<Tm, Tm> {
+  private module ImplIsInstantiationOfSiblingInput implements IsInstantiationOfInputSig<Tm, Tm> {
     predicate potentialInstantiationOf(Tm cond, TypeAbstraction abs, Tm constraint) {
       exists(TraitItemNode trait, Type rootType |
         implSiblingCandidate(_, trait, rootType, cond) and
@@ -51,25 +51,40 @@ private module MkSiblingImpls<resolveTypeMentionAtSig/2 resolveTypeMentionAt> {
     }
   }
 
-  private module FooIsInstantiationOf = IsInstantiationOf<Tm, Tm, FooIsInstantiationOfInput>;
+  private module ImplIsInstantiationOfSibling =
+    IsInstantiationOf<Tm, Tm, ImplIsInstantiationOfSiblingInput>;
 
   /**
    * Holds if `impl1` and `impl2` are sibling implementations of `trait`. We
-   * consider implementations to be siblings if they implement the same trait for
-   * the same type. In that case `Self` is the same type in both implementations,
-   * and method calls to the implementations cannot be resolved unambiguously
-   * based only on the receiver type.
+   * consider implementations to be siblings if they implement the same trait and
+   * the type being implemented by one of the implementations is an instantiation
+   * of the type being implemented by the other.
+   *
+   * For example, in
+   *
+   * ```rust
+   * trait MyTrait<T> { ... }
+   * impl MyTrait<i64> for i64 { ... }    // I1
+   * impl MyTrait<u64> for i64 { ... }    // I2
+   *
+   * impl MyTrait<i64> for S<i64> { ... } // I3
+   * impl MyTrait<u64> for S<u64> { ... } // I4
+   * impl MyTrait<bool> for S<T> { ... }  // I5
+   * ```
+   *
+   * the pairs `(I1, I2)`, `(I3, I5)`, and `(I4, I5)` are siblings, but not `(I3, I4)`.
+   *
+   * Whenever an implementation has a sibling, calls to the implementations cannot be
+   * resolved unambiguously based only on the `Self` type alone.
    */
   pragma[inline]
-  predicate implSiblings(TraitItemNode trait, Impl impl1, Impl impl2) {
-    // impl1.fromSource() and
-    // impl1 instanceof Builtins::BuiltinImpl and
+  predicate implSiblings(TraitItemNode trait, ImplItemNode impl1, ImplItemNode impl2) {
     exists(Type rootType, AstNode selfTy1, AstNode selfTy2 |
       implSiblingCandidate(impl1, trait, rootType, selfTy1) and
       implSiblingCandidate(impl2, trait, rootType, selfTy2)
     |
-      FooIsInstantiationOf::isInstantiationOf(selfTy1, impl2, selfTy2) or
-      FooIsInstantiationOf::isInstantiationOf(selfTy2, impl1, selfTy1)
+      ImplIsInstantiationOfSibling::isInstantiationOf(selfTy1, impl2, selfTy2) or
+      ImplIsInstantiationOfSibling::isInstantiationOf(selfTy2, impl1, selfTy1)
     )
     or
     blanketImplSiblingCandidate(impl1, trait) and
@@ -85,11 +100,8 @@ private module MkSiblingImpls<resolveTypeMentionAtSig/2 resolveTypeMentionAt> {
   predicate implHasSibling(ImplItemNode impl, Trait trait) { implSiblings(trait, impl, _) }
 
   pragma[nomagic]
-  predicate implHasAmbiguousSiblingAt(
-    ImplItemNode impl, ImplItemNode impl2, Trait trait, TypePath path
-  ) {
-    // impl instanceof Builtins::BuiltinImpl and
-    exists(Type t1, Type t2 |
+  predicate implHasAmbiguousSiblingAt(ImplItemNode impl, Trait trait, TypePath path) {
+    exists(ImplItemNode impl2, Type t1, Type t2 |
       implSiblings(trait, impl, impl2) and
       t1 = resolveTypeMentionAt(impl.getTraitPath(), path) and
       t2 = resolveTypeMentionAt(impl2.getTraitPath(), path) and
@@ -99,7 +111,9 @@ private module MkSiblingImpls<resolveTypeMentionAtSig/2 resolveTypeMentionAt> {
       not t2 instanceof TypeParameter
     )
     or
-    // todo: handle blanket/non-blanket siblings in `implSiblings`
+    // Since we cannot resolve the `Output` types of certain built-in `Index` trait
+    // implementations, we need to ensure that the type-specialized versions that we
+    // ship do not apply unless there is an exact type match
     trait =
       any(IndexTrait it |
         implSiblingCandidate(impl, it, _, _) and
@@ -115,7 +129,7 @@ private Type resolvePreTypeMention(AstNode tm, TypePath path) {
 
 private module PreSiblingImpls = MkSiblingImpls<resolvePreTypeMention/2>;
 
-predicate preImplHasAmbiguousSiblingAt = PreSiblingImpls::implHasAmbiguousSiblingAt/4;
+predicate preImplHasAmbiguousSiblingAt = PreSiblingImpls::implHasAmbiguousSiblingAt/3;
 
 private Type resolveTypeMention(AstNode tm, TypePath path) {
   result = tm.(TypeMention).getTypeAt(path)
@@ -259,7 +273,6 @@ pragma[nomagic]
 predicate functionResolutionDependsOnArgument(
   ImplItemNode impl, Function f, TypeParameter traitTp, FunctionPosition pos
 ) {
-  // impl.fromSource() and
   exists(string functionName |
     functionResolutionDependsOnArgumentCand(impl, f, functionName, traitTp, pos, _)
   |

rust/ql/lib/codeql/rust/internal/typeinference/TypeInference.qll

@@ -235,10 +235,9 @@ private module PreInput2 implements InputSig2<PreTypeMention> {
   }
 
   predicate typeAbstractionHasAmbiguousConstraintAt(
-    TypeAbstraction abs, Type constraint, TypeAbstraction other, TypePath path
+    TypeAbstraction abs, Type constraint, TypePath path
   ) {
-    FunctionOverloading::preImplHasAmbiguousSiblingAt(abs, other, constraint.(TraitType).getTrait(),
-      path)
+    FunctionOverloading::preImplHasAmbiguousSiblingAt(abs, constraint.(TraitType).getTrait(), path)
   }
 
   predicate typeParameterIsFunctionallyDetermined =
@@ -262,10 +261,9 @@ private module Input2 implements InputSig2<TypeMention> {
   }
 
   predicate typeAbstractionHasAmbiguousConstraintAt(
-    TypeAbstraction abs, Type constraint, TypeAbstraction other, TypePath path
+    TypeAbstraction abs, Type constraint, TypePath path
   ) {
-    FunctionOverloading::implHasAmbiguousSiblingAt(abs, other, constraint.(TraitType).getTrait(),
-      path)
+    FunctionOverloading::implHasAmbiguousSiblingAt(abs, constraint.(TraitType).getTrait(), path)
   }
 
   predicate typeParameterIsFunctionallyDetermined =
@@ -1932,17 +1930,6 @@ private module AssocFunctionResolution {
       )
     }
 
-    // private AssocFunctionDeclaration testresolveCallTarget(
-    //   ImplOrTraitItemNode i, FunctionPosition selfPos, DerefChain derefChain, BorrowKind borrow,
-    //   FunctionPosition pos, TypePath path, Type t
-    // ) {
-    //   this = Debug::getRelevantLocatable() and
-    //   exists(AssocFunctionCallCand afcc |
-    //     afcc = MkAssocFunctionCallCand(this, selfPos, derefChain, borrow) and
-    //     result = afcc.resolveCallTarget(i) and
-    //     t = result.getParameterType(any(ImplOrTraitItemNodeOption o | o.asSome() = i), pos, path)
-    //   )
-    // }
     /**
      * Holds if the argument `arg` of this call has been implicitly dereferenced
      * and borrowed according to `derefChain` and `borrow`, in order to be able to
@@ -3960,7 +3947,7 @@ private module Debug {
     exists(string filepath, int startline, int startcolumn, int endline, int endcolumn |
       result.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and
       filepath.matches("%/main.rs") and
-      startline = 441
+      startline = 103
     )
   }
 

rust/ql/test/library-tests/type-inference/regressions.rs

@@ -149,7 +149,7 @@ mod regression5 {
 
     fn foo() -> S2<S1> {
         let x = S1.into(); // $ target=into
-        x // $ SPURIOUS: type=x:T2.TRef.S1 -- happens because we currently do not consider the two `impl` blocks to be siblings
+        x // $ type=x:T2.S1
     }
 }
 

rust/ql/test/library-tests/type-inference/type-inference.expected

@@ -15855,4 +15855,3 @@ inferType
 | regressions.rs:179:24:179:27 | S(...) | T | {EXTERNAL LOCATION} | i32 |
 | regressions.rs:179:26:179:26 | 1 |  | {EXTERNAL LOCATION} | i32 |
 testFailures
-| regressions.rs:152:11:152:127 | //... | Fixed spurious result: type=x:T2.TRef.S1 |

shared/typeinference/codeql/typeinference/internal/TypeInference.qll

@@ -145,6 +145,10 @@ signature module InputSig1<LocationSig Location> {
     Location getLocation();
   }
 
+  /**
+   * Holds if `t` is a pseudo type. Pseudo types are skipped when checking for
+   * non-instantiations in `isNotInstantiationOf`.
+   */
   predicate isPseudoType(Type t);
 
   /** A type parameter. */
@@ -415,7 +419,7 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
      * not at the path `"T2"`.
      */
     predicate typeAbstractionHasAmbiguousConstraintAt(
-      TypeAbstraction abs, Type constraint, TypeAbstraction other, TypePath path
+      TypeAbstraction abs, Type constraint, TypePath path
     );
 
     /**
@@ -639,7 +643,7 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
       }
 
       pragma[nomagic]
-      private Type getNonPseudoTypeAt2(
+      private Type getNonPseudoTypeAtTypeParameter(
         App app, TypeAbstraction abs, Constraint constraint, TypeParameter tp, TypePath path
       ) {
         hasTypeParameterAt(app, abs, constraint, path, tp) and
@@ -665,18 +669,19 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
       predicate isNotInstantiationOf(
         App app, TypeAbstraction abs, Constraint constraint, TypePath path
       ) {
-        // `app` and `constraint` differ on a concrete type
+        // `app` and `constraint` differ on a non-pseudo concrete type
         exists(Type t, Type t2 |
           t = getTypeAt(app, abs, constraint, path) and
           not t = abs.getATypeParameter() and
           t2 = getNonPseudoTypeAt(app, path) and
           t2 != t
         )
         or
-        // satisfiesConcreteTypes(app, abs, constraint) and
+        // `app` has different instantiations of a type parameter mentioned at two
+        // different paths
         exists(TypeParameter tp, TypePath path2, Type t, Type t2 |
-          t = getNonPseudoTypeAt2(app, abs, constraint, tp, path) and
-          t2 = getNonPseudoTypeAt2(app, abs, constraint, tp, path2) and
+          t = getNonPseudoTypeAtTypeParameter(app, abs, constraint, tp, path) and
+          t2 = getNonPseudoTypeAtTypeParameter(app, abs, constraint, tp, path2) and
           t != t2 and
           path != path2
         )
@@ -1027,122 +1032,24 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
         )
       }
 
-      private module TermIsInstantiationOfConditionInput2 implements
-        IsInstantiationOfInputSig<Term, TypeMention>
-      {
-        predicate potentialInstantiationOf(Term term, TypeAbstraction abs, TypeMention cond) {
-          TermIsInstantiationOfConditionInput::potentialInstantiationOf(term, abs, cond) and
-          exists(
-            TypeMention sub, Type constraintRoot, TypeMention constraintMention,
-            TypeAbstraction abs2
-          |
-            hasConstraintMention(term, abs2, sub, _, constraintRoot, constraintMention) and
-            conditionSatisfiesConstraintTypeAt(abs2, sub, constraintMention, _, _) and
-            typeAbstractionHasAmbiguousConstraintAt(abs2, constraintRoot, abs, _)
-          )
-        }
-
-        predicate relevantConstraint(TypeMention constraint) {
-          TermIsInstantiationOfConditionInput::relevantConstraint(constraint)
-        }
-      }
-
-      private module TermIsInstantiationOfCondition2 =
-        IsInstantiationOf<Term, TypeMention, TermIsInstantiationOfConditionInput2>;
-
       pragma[nomagic]
       private predicate satisfiesConstraintTypeMention0(
         Term term, Constraint constraint, TypeMention constraintMention, TypeAbstraction abs,
         TypeMention sub, TypePath path, Type t, boolean ambiguous
       ) {
         exists(Type constraintRoot |
           hasConstraintMention(term, abs, sub, constraint, constraintRoot, constraintMention) and
-          conditionSatisfiesConstraintTypeAt(abs, sub, constraintMention, path, t)
-        |
-          exists(TypePath prefix, TypeAbstraction other |
-            typeAbstractionHasAmbiguousConstraintAt(abs, constraintRoot, other, prefix) and
-            prefix.isPrefixOf(path) and
-            TermIsInstantiationOfCondition2::isInstantiationOf(term, other, _)
-            // hasConstraintMention(term, other, _, _, constraintRoot, _)
-          ) and
-          ambiguous = true
-          or
-          forall(TypePath prefix, TypeAbstraction other |
-            typeAbstractionHasAmbiguousConstraintAt(abs, constraintRoot, other, prefix) and
-            prefix.isPrefixOf(path)
-          |
-            TermIsInstantiationOfCondition2::isNotInstantiationOf(term, other, _, _)
-          ) and
-          ambiguous = false
+          conditionSatisfiesConstraintTypeAt(abs, sub, constraintMention, path, t) and
+          if
+            exists(TypePath prefix |
+              typeAbstractionHasAmbiguousConstraintAt(abs, constraintRoot, prefix) and
+              prefix.isPrefixOf(path)
+            )
+          then ambiguous = true
+          else ambiguous = false
         )
       }
 
-      // private predicate testsatisfiesConstraintTypeMention0(
-      //   Term term, Constraint constraint, TypeMention constraintMention, TypeAbstraction abs,
-      //   TypeMention sub, TypePath path, Type t, boolean ambiguous
-      // ) {
-      //   exists(string filepath, int startline, int startcolumn, int endline, int endcolumn |
-      //     term.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and
-      //     filepath.matches("%/main.rs") and
-      //     startline = 435
-      //   ) and
-      //   satisfiesConstraintTypeMention0(term, constraint, constraintMention, abs, sub, path, t,
-      //     ambiguous)
-      // }
-      // private predicate testsatisfiesConstraintTypeMention1(
-      //   Term term, Constraint constraint, TypeMention constraintMention, TypeAbstraction abs,
-      //   TypeMention sub, TypePath path, Type t, boolean ambiguous, TypePath prefix,
-      //   TypeAbstraction other, TypePath path2
-      // ) {
-      //   exists(string filepath, int startline, int startcolumn, int endline, int endcolumn |
-      //     term.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) and
-      //     filepath.matches("%/main.rs") and
-      //     startline = 435
-      //   ) and
-      //   exists(Type constraintRoot |
-      //     hasConstraintMention(term, abs, sub, constraint, constraintRoot, constraintMention) and
-      //     conditionSatisfiesConstraintTypeAt(abs, sub, constraintMention, path, t)
-      //   |
-      //     // if
-      //     //   exists(TypePath prefix, TypeAbstraction other |
-      //     //     typeAbstractionHasAmbiguousConstraintAt(abs, constraintRoot, other, prefix) and
-      //     //     prefix.isPrefixOf(path)
-      //     //   )
-      //     // then ambiguous = true
-      //     // else ambiguous = false
-      //     typeAbstractionHasAmbiguousConstraintAt(abs, constraintRoot, other, prefix) and
-      //     // isNotInstantiationOf(term, other, _, constraintRoot) and
-      //     // TermIsInstantiationOfConditionInput::potentialInstantiationOf(term, other, _) and
-      //     prefix.isPrefixOf(path) and
-      //     TermIsInstantiationOfCondition::isNotInstantiationOf(term, other, _, path2) and
-      //     // not isNotInstantiationOf(term, other, _, constraintRoot) and
-      //     ambiguous = false
-      //     // exists(TypePath prefix, TypeAbstraction other |
-      //     //   typeAbstractionHasAmbiguousConstraintAt(abs, constraintRoot, other, prefix) and
-      //     //   prefix.isPrefixOf(path) and
-      //     //   hasConstraintMention(term, other, _, _, constraintRoot, _)
-      //     // ) and
-      //     // ambiguous = true
-      //     // or
-      //     // forall(TypePath prefix, TypeAbstraction other |
-      //     //   typeAbstractionHasAmbiguousConstraintAt(abs, constraintRoot, other, prefix)
-      //     // |
-      //     //   not prefix.isPrefixOf(path)
-      //     //   or
-      //     //   // exists(Type type | hasTypeConstraint(term, type, constraint, constraintRoot) |
-      //     //   //   // countConstraintImplementations(type, constraintRoot) = 0
-      //     //   //   // or
-      //     //   //   // not rootTypesSatisfaction(type, constraintRoot, _, _, _)
-      //     //   //   // or
-      //     //   //   multipleConstraintImplementations(type, constraintRoot) and
-      //     //   //   isNotInstantiationOf(term, other, _, constraintRoot)
-      //     //   // )
-      //     //   isNotInstantiationOf(term, other, _, constraintRoot)
-      //     //   // TermIsInstantiationOfCondition::isNotInstantiationOf(term, other, _, _)
-      //     // ) and
-      //     // ambiguous = false
-      //   )
-      // }
       pragma[nomagic]
       private predicate conditionSatisfiesConstraintTypeAtForDisambiguation(
         TypeAbstraction abs, TypeMention condition, TypeMention constraint, TypePath path, Type t