Rust: Path resolution for static items#21922
Merged
Merged
Conversation
hvitved
force-pushed
the
rust/static-const-resolution
branch
4 times, most recently
from
1e14fda to
de91ba3
Compare
hvitved
force-pushed
the
rust/static-const-resolution
branch
from
de91ba3 to
0f05d22
Compare
hvitved
force-pushed
the
rust/static-const-resolution
branch
from
0f05d22 to
1fd31d0
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the Rust CodeQL libraries to resolve static items (similar to existing const handling), improves string representations for const/static, excludes them from CFG construction, and adds dataflow “jump” steps to model reads/writes involving const/static items; accompanying library and extractor tests are updated/added accordingly.
Changes:
- Add
staticpath resolution support and a publicStaticAccessAPI, aligning behavior withconstwhere appropriate. - Update control-flow and dataflow modeling to handle
const/staticinitialization/access patterns (including new dataflow steps). - Add/expand Rust library tests for
static/constaccess and update expected outputs impacted by the newtoString/resolution behavior.
Show a summary per file
| File | Description |
|---|---|
| rust/ql/test/TestUtils.qll | Adds a reusable helper predicate for locating line comments used by multiple inline-expectation tests. |
| rust/ql/test/library-tests/variables/variables.ql | Switches variable tests to use the shared comment helper from TestUtils. |
| rust/ql/test/library-tests/static_access/static_access.ql | New inline-expectations test query covering StaticAccess resolution (including shadowing). |
| rust/ql/test/library-tests/static_access/static_access.expected | Expected results for the new static_access library test. |
| rust/ql/test/library-tests/static_access/main.rs | New Rust test program exercising global/module/inner-block static accesses and shadowing. |
| rust/ql/test/library-tests/static_access/Cargo.lock | Lockfile for the new static_access test crate. |
| rust/ql/test/library-tests/path-resolution/path-resolution.expected | Updates expected path-resolution results to include const/static module cases and new item string forms. |
| rust/ql/test/library-tests/path-resolution/main.rs | Adds const_static module to exercise path resolution for const/static items and aliases. |
| rust/ql/test/library-tests/dataflow/local/DataFlowStep.ql | Filters local-step test results to source locations to avoid including summary-only nodes. |
| rust/ql/test/library-tests/dataflow/local/DataFlowStep.expected | Updates expected local-step results after filtering. |
| rust/ql/test/library-tests/dataflow/global/viableCallable.ql | Tightens viable-callable test results to source/implicit-deref calls. |
| rust/ql/test/library-tests/dataflow/global/viableCallable.expected | Updates expected viable-callable results based on the refined query predicate. |
| rust/ql/test/library-tests/dataflow/global/main.rs | Makes source a const fn and adds a module testing const/static value flows (incl. static mut). |
| rust/ql/test/library-tests/dataflow/global/inline-flow.expected | Updates inline-flow expected edges/nodes/subpaths to reflect new const/static dataflow modeling. |
| rust/ql/test/library-tests/controlflow/Cfg.expected | Updates CFG expected output to reflect skipping const/static items in CFG construction. |
| rust/ql/test/library-tests/const_access/main.rs | Extends const-access tests to cover more contexts and const shadowing via inner items. |
| rust/ql/test/library-tests/const_access/const_access.ql | Enhances the const-access test harness to disambiguate shadowed consts using line comments. |
| rust/ql/test/library-tests/const_access/const_access.expected | Updates expected const-access results (including improved toString output and added cases). |
| rust/ql/test/extractor-tests/macro-expansion/test.expected | Updates extractor macro-expansion expectations to match new const string rendering. |
| rust/ql/test/extractor-tests/macro-expansion/PrintAst.expected | Updates AST print expectations to match new const string rendering. |
| rust/ql/test/extractor-tests/generated/Static/Static.expected | Updates generated extractor expectations to match new static string rendering. |
| rust/ql/test/extractor-tests/generated/ExternItemList/ExternItemList.expected | Updates generated extractor expectations to match new static string rendering. |
| rust/ql/test/extractor-tests/generated/Const/Const.expected | Updates generated extractor expectations to match new const string rendering. |
| rust/ql/lib/rust.qll | Exports the new StaticAccess element API from the top-level Rust library. |
| rust/ql/lib/codeql/rust/internal/PathResolution.qll | Adds static item nodes to path resolution with canonical-path handling. |
| rust/ql/lib/codeql/rust/elements/StaticAccess.qll | Introduces the public StaticAccess/read/write access classes. |
| rust/ql/lib/codeql/rust/elements/internal/StaticImpl.qll | Implements Static helpers (getAnAccess), StaticAccess, and improved toString for statics. |
| rust/ql/lib/codeql/rust/elements/internal/ConstImpl.qll | Adds getAnAccess and improved toString for const items. |
| rust/ql/lib/codeql/rust/elements/internal/AstNodeImpl.qll | Adjusts enclosing CFG-scope handling to treat const/static specially. |
| rust/ql/lib/codeql/rust/dataflow/internal/Node.qll | Adds a dedicated dataflow node kind for static items. |
| rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll | Adds jump-step modeling for flows between const/static bodies and their accesses. |
| rust/ql/lib/codeql/rust/controlflow/internal/Scope.qll | Introduces a special “source-file scope” for const/static initialization contexts (no CFG computed). |
| rust/ql/lib/codeql/rust/controlflow/internal/ControlFlowGraphImpl.qll | Excludes const/static items from CFG item trees. |
| rust/ql/.gitattributes | Marks StaticImpl.qll as no longer linguist-generated. |
| rust/ql/.generated.list | Removes StaticImpl.qll from the generated-file tracking list. |
Copilot's findings
- Files reviewed: 31/35 changed files
- Comments generated: 1
geoffw0
approved these changes
Jun 3, 2026
Contributor
geoffw0
left a comment
geoffw0
left a comment
There was a problem hiding this comment.
Code changes LGTM. Impact on tests and DCA look really good as well. 👍
| node2.asExpr() = s.getAnAccess().(StaticReadAccess) | ||
| or | ||
| node1.asExpr() = [s.getBody(), s.getAnAccess().(StaticWriteAccess)] and | ||
| node2 = sn |
Contributor
There was a problem hiding this comment.
I can see here (and in one of the new tests) that we assume all writes to a static could (via the two dataflow steps) reach all reads. This seems like a reasonable approximation, and I think it's what we do in other languages that have similar features.
Contributor
Author
There was a problem hiding this comment.
Yes, it is similar to what we do in other languages.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR:
staticitems, similar to what we do forconstitems.toStringforstaticandconstitems.statics andconsts in the CFG.statics andconsts.