Merge branch 'main' into redsun82/rust-regenerate-models

Author: redsun82

java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected

@@ -1,5 +1,4 @@
 ql/java/ql/src/Advisory/Declarations/MissingOverrideAnnotation.ql
-ql/java/ql/src/Advisory/Deprecated Code/AvoidDeprecatedCallableAccess.ql
 ql/java/ql/src/Advisory/Documentation/ImpossibleJavadocThrows.ql
 ql/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql
 ql/java/ql/src/Compatibility/JDK9/JdkInternalAccess.ql

java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected

@@ -1,5 +1,4 @@
 ql/java/ql/src/Advisory/Declarations/MissingOverrideAnnotation.ql
-ql/java/ql/src/Advisory/Deprecated Code/AvoidDeprecatedCallableAccess.ql
 ql/java/ql/src/Advisory/Documentation/ImpossibleJavadocThrows.ql
 ql/java/ql/src/Advisory/Documentation/SpuriousJavadocParam.ql
 ql/java/ql/src/Compatibility/JDK9/JdkInternalAccess.ql

java/ql/src/Advisory/Deprecated Code/AvoidDeprecatedCallableAccess.ql

@@ -6,8 +6,7 @@
  * @problem.severity recommendation
  * @precision high
  * @id java/deprecated-call
- * @tags quality
- *       maintainability
+ * @tags maintainability
  *       readability
  *       non-attributable
  *       external/cwe/cwe-477

javascript/ql/lib/semmle/javascript/frameworks/Fastify.qll

@@ -1,12 +1,12 @@
 /**
- * Provides classes for working with [Fastify](https://www.fastify.io/) applications.
+ * Provides classes for working with [Fastify](https://www.fastify.dev/) applications.
  */
 
 import javascript
 import semmle.javascript.frameworks.HTTP
 
 /**
- * Provides classes for working with [Fastify](https://www.fastify.io/) applications.
+ * Provides classes for working with [Fastify](https://www.fastify.dev/) applications.
  */
 module Fastify {
   /**

rust/ql/consistency-queries/PathResolutionConsistency.ql

@@ -10,22 +10,17 @@ private import codeql.rust.internal.PathResolution
 private import codeql.rust.internal.PathResolutionConsistency as PathResolutionConsistency
 private import codeql.rust.elements.Locatable
 private import codeql.Locations
-import PathResolutionConsistency
 
 class SourceLocatable extends Locatable {
-  Location getLocation() {
-    if super.getLocation().fromSource()
-    then result = super.getLocation()
-    else result instanceof EmptyLocation
-  }
+  SourceLocatable() { this.fromSource() }
 }
 
-query predicate multipleMethodCallTargets(SourceLocatable a, SourceLocatable b) {
-  PathResolutionConsistency::multipleMethodCallTargets(a, b)
+query predicate multipleCallTargets(SourceLocatable a) {
+  PathResolutionConsistency::multipleCallTargets(a, _)
 }
 
-query predicate multiplePathResolutions(SourceLocatable a, SourceLocatable b) {
-  PathResolutionConsistency::multiplePathResolutions(a, b)
+query predicate multiplePathResolutions(SourceLocatable a) {
+  PathResolutionConsistency::multiplePathResolutions(a, _)
 }
 
 query predicate multipleCanonicalPaths(SourceLocatable i, SourceLocatable c, string path) {

rust/ql/lib/codeql/rust/elements/internal/AstNodeImpl.qll

@@ -70,9 +70,9 @@ module Impl {
      */
     pragma[nomagic]
     predicate isFromMacroExpansion() {
-      exists(MacroCall mc |
-        MacroCallImpl::isInMacroExpansion(mc, this) and
-        not this = mc.getATokenTreeNode()
+      exists(AstNode root |
+        MacroCallImpl::isInMacroExpansion(root, this) and
+        not this = root.(MacroCall).getATokenTreeNode()
       )
     }
 

rust/ql/lib/codeql/rust/elements/internal/MacroCallImpl.qll

@@ -14,10 +14,12 @@ module Impl {
   private import rust
 
   pragma[nomagic]
-  predicate isInMacroExpansion(MacroCall mc, AstNode n) {
-    n = mc.getMacroCallExpansion()
+  predicate isInMacroExpansion(AstNode root, AstNode n) {
+    n = root.(MacroCall).getMacroCallExpansion()
     or
-    isInMacroExpansion(mc, n.getParentNode())
+    n = root.(Adt).getDeriveMacroExpansion(_)
+    or
+    isInMacroExpansion(root, n.getParentNode())
   }
 
   // the following QLdoc is generated: if you need to edit it, do it in the schema file

rust/ql/lib/codeql/rust/elements/internal/TupleStructPatImpl.qll

@@ -34,6 +34,11 @@ module Impl {
       exists(this.getField(pragma[only_bind_into](pos)))
     }
 
+    /**
+     * Gets the struct matched by this pattern.
+     */
+    Struct getStruct() { result = PathResolution::resolvePath(this.getPath()) }
+
     /** Gets the tuple field that matches the `pos`th pattern of this pattern. */
     pragma[nomagic]
     TupleField getTupleField(int pos) {

rust/ql/lib/codeql/rust/frameworks/Poem.qll

@@ -4,17 +4,15 @@
 
 private import rust
 private import codeql.rust.Concepts
-private import codeql.rust.dataflow.DataFlow
 
 /**
  * Parameters of a handler function
  */
 private class PoemHandlerParam extends RemoteSource::Range {
   PoemHandlerParam() {
     exists(TupleStructPat param |
-      param.getResolvedPath() = ["crate::web::query::Query", "crate::web::path::Path"]
-    |
-      this.asPat().getPat() = param.getAField()
+      this.asPat().getPat() = param.getAField() and
+      param.getStruct().getCanonicalPath() = ["poem::web::query::Query", "poem::web::path::Path"]
     )
   }
 }

rust/ql/lib/codeql/rust/internal/PathResolution.qll

@@ -1132,7 +1132,7 @@ pragma[nomagic]
 private predicate crateDependencyEdge(SourceFileItemNode file, string name, CrateItemNode dep) {
   exists(CrateItemNode c | dep = c.(Crate).getDependency(name) | file = c.getASourceFile())
   or
-  // Give builtin files, such as `await.rs`, access to `std`
+  // Give builtin files access to `std`
   file instanceof BuiltinSourceFile and
   dep.getName() = name and
   name = "std"
@@ -1501,7 +1501,7 @@ private predicate preludeEdge(SourceFile f, string name, ItemNode i) {
   exists(Crate stdOrCore, ModuleLikeNode mod, ModuleItemNode prelude, ModuleItemNode rust |
     f = any(Crate c0 | stdOrCore = c0.getDependency(_) or stdOrCore = c0).getASourceFile()
     or
-    // Give builtin files, such as `await.rs`, access to the prelude
+    // Give builtin files access to the prelude
     f instanceof BuiltinSourceFile
   |
     stdOrCore.getName() = ["std", "core"] and

rust/ql/lib/codeql/rust/internal/PathResolutionConsistency.qll

@@ -17,11 +17,13 @@ query predicate multiplePathResolutions(Path p, ItemNode i) {
       not use.isGlob() and
       not use.hasUseTreeList()
     ).getPath() and
+  // avoid overlap with `multipleCallTargets` below
+  not p = any(CallExpr ce).getFunction().(PathExpr).getPath() and
   strictcount(resolvePath(p)) > 1
 }
 
 /** Holds if `call` has multiple static call targets including `target`. */
-query predicate multipleMethodCallTargets(MethodCallExpr call, Callable target) {
+query predicate multipleCallTargets(CallExprBase call, Callable target) {
   target = call.getStaticTarget() and
   strictcount(call.getStaticTarget()) > 1
 }
@@ -51,8 +53,8 @@ int getPathResolutionInconsistencyCounts(string type) {
   type = "Multiple path resolutions" and
   result = count(Path p | multiplePathResolutions(p, _) | p)
   or
-  type = "Multiple static method call targets" and
-  result = count(CallExprBase call | multipleMethodCallTargets(call, _) | call)
+  type = "Multiple static call targets" and
+  result = count(CallExprBase call | multipleCallTargets(call, _) | call)
   or
   type = "Multiple record fields" and
   result = count(FieldExpr fe | multipleStructFields(fe, _) | fe)

rust/ql/lib/codeql/rust/internal/TypeInference.qll

@@ -997,101 +997,31 @@ private AssociatedTypeTypeParameter getFutureOutputTypeParameter() {
   result.getTypeAlias() = any(FutureTrait ft).getOutputType()
 }
 
-/**
- * A matching configuration for resolving types of `.await` expressions.
- */
-private module AwaitExprMatchingInput implements MatchingInputSig {
-  private newtype TDeclarationPosition =
-    TSelfDeclarationPosition() or
-    TOutputPos()
-
-  class DeclarationPosition extends TDeclarationPosition {
-    predicate isSelf() { this = TSelfDeclarationPosition() }
-
-    predicate isOutput() { this = TOutputPos() }
-
-    string toString() {
-      this.isSelf() and
-      result = "self"
-      or
-      this.isOutput() and
-      result = "(output)"
-    }
-  }
-
-  private class BuiltinsAwaitFile extends File {
-    BuiltinsAwaitFile() {
-      this.getBaseName() = "await.rs" and
-      this.getParentContainer() instanceof Builtins::BuiltinsFolder
-    }
-  }
-
-  class Declaration extends Function {
-    Declaration() {
-      this.getFile() instanceof BuiltinsAwaitFile and
-      this.getName().getText() = "await_type_matching"
-    }
-
-    TypeParameter getTypeParameter(TypeParameterPosition ppos) {
-      typeParamMatchPosition(this.getGenericParamList().getATypeParam(), result, ppos)
-    }
-
-    Type getDeclaredType(DeclarationPosition dpos, TypePath path) {
-      dpos.isSelf() and
-      result = this.getParam(0).getTypeRepr().(TypeMention).resolveTypeAt(path)
-      or
-      dpos.isOutput() and
-      result = this.getRetType().getTypeRepr().(TypeMention).resolveTypeAt(path)
-    }
-  }
-
-  class AccessPosition = DeclarationPosition;
-
-  class Access extends AwaitExpr {
-    Type getTypeArgument(TypeArgumentPosition apos, TypePath path) { none() }
-
-    AstNode getNodeAt(AccessPosition apos) {
-      result = this.getExpr() and
-      apos.isSelf()
-      or
-      result = this and
-      apos.isOutput()
-    }
-
-    Type getInferredType(AccessPosition apos, TypePath path) {
-      result = inferType(this.getNodeAt(apos), path)
-    }
-
-    Declaration getTarget() { exists(this) and exists(result) }
-  }
-
-  predicate accessDeclarationPositionMatch(AccessPosition apos, DeclarationPosition dpos) {
-    apos = dpos
-  }
-}
-
 pragma[nomagic]
 private TraitType inferAsyncBlockExprRootType(AsyncBlockExpr abe) {
   // `typeEquality` handles the non-root case
   exists(abe) and
   result = getFutureTraitType()
 }
 
-private module AwaitExprMatching = Matching<AwaitExprMatchingInput>;
+final class AwaitTarget extends Expr {
+  AwaitTarget() { this = any(AwaitExpr ae).getExpr() }
+
+  Type getTypeAt(TypePath path) { result = inferType(this, path) }
+}
+
+private module AwaitSatisfiesConstraintInput implements SatisfiesConstraintInputSig<AwaitTarget> {
+  predicate relevantConstraint(AwaitTarget term, Type constraint) {
+    exists(term) and
+    constraint.(TraitType).getTrait() instanceof FutureTrait
+  }
+}
 
 pragma[nomagic]
 private Type inferAwaitExprType(AstNode n, TypePath path) {
-  exists(AwaitExprMatchingInput::Access a, AwaitExprMatchingInput::AccessPosition apos |
-    n = a.getNodeAt(apos) and
-    result = AwaitExprMatching::inferAccessType(a, apos, path)
-  )
-  or
-  // This case is needed for `async` functions and blocks, where we assign
-  // the type `Future<Output = T>` directly instead of `impl Future<Output = T>`
-  //
-  // TODO: It would be better if we could handle this in the shared library
   exists(TypePath exprPath |
-    result = inferType(n.(AwaitExpr).getExpr(), exprPath) and
+    SatisfiesConstraint<AwaitTarget, AwaitSatisfiesConstraintInput>::satisfiesConstraintType(n.(AwaitExpr)
+          .getExpr(), _, exprPath, result) and
     exprPath.isCons(getFutureOutputTypeParameter(), path)
   )
 }

rust/ql/test/extractor-tests/crate_graph/CONSISTENCY/PathResolutionConsistency.expected

@@ -1,3 +1,9 @@
+multipleCallTargets
+| proc_macro.rs:16:12:16:16 | ...::to_tokens(...) |
+| proc_macro.rs:26:10:26:12 | ...::to_tokens(...) |
+| proc_macro.rs:27:10:27:16 | ...::to_tokens(...) |
+| proc_macro.rs:42:16:42:26 | ...::to_tokens(...) |
+| proc_macro.rs:44:27:44:30 | ...::to_tokens(...) |
+| proc_macro.rs:46:18:46:28 | ...::to_tokens(...) |
 multiplePathResolutions
-| macro_expansion.rs:1:5:1:14 | proc_macro | file://:0:0:0:0 | Crate([email protected]) |
-| macro_expansion.rs:1:5:1:14 | proc_macro | proc_macro.rs:0:0:0:0 | Crate([email protected]) |
+| macro_expansion.rs:1:5:1:14 | proc_macro |

rust/ql/test/extractor-tests/macro-expansion/CONSISTENCY/PathResolutionConsistency.expected

@@ -0,0 +1,2 @@
+multipleCallTargets
+| main.rs:225:14:225:29 | ...::deref(...) |

rust/ql/test/library-tests/dataflow/global/CONSISTENCY/PathResolutionConsistency.expected

@@ -1,21 +1,3 @@
-multiplePathResolutions
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:532:10:532:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
-| main.rs:538:10:538:18 | ...::from | file://:0:0:0:0 | fn from |
+multipleCallTargets
+| main.rs:532:10:532:21 | ...::from(...) |
+| main.rs:538:10:538:21 | ...::from(...) |