wip4

Author: hvitved

rust/ql/lib/codeql/rust/internal/typeinference/TypeInference.qll

@@ -286,6 +286,10 @@ private module Input3 implements InputSig3 {
     (exists(resolveTupleFieldExpr(_, _)) implies any())
   }
 
+  class BoolType extends DataType {
+    BoolType() { this.getTypeItem() instanceof Builtins::Bool }
+  }
+
   class AstNode = Rust::AstNode;
 
   TypeMention getTypeAnnotation(AstNode n) {
@@ -304,32 +308,60 @@ private module Input3 implements InputSig3 {
     result = n.(ShorthandSelfParameterMention)
   }
 
+  class Expr = Rust::Expr;
+
+  class ConditionalExpr extends AstNode, IfExpr {
+    Expr getCondition() { result = super.getCondition() }
+
+    Expr getThen() { result = super.getThen() }
+
+    Expr getElse() { result = super.getElse() }
+  }
+
+  class BinaryExpr extends AstNode, Rust::BinaryExpr {
+    Expr getLeftOperand() { result = super.getLhs() }
+
+    Expr getRightOperand() { result = super.getRhs() }
+  }
+
+  class LogicalAndExpr extends BinaryExpr, Rust::LogicalAndExpr { }
+
+  class LogicalOrExpr extends BinaryExpr, Rust::LogicalOrExpr { }
+
+  abstract class Assignment extends BinaryExpr { }
+
+  class AssignExpr extends Assignment, Rust::AssignmentExpr { }
+
+  class ParenExpr extends AstNode, Rust::ParenExpr {
+    AstNode getExpr() { result = super.getExpr() }
+  }
+
   class Variable extends Rust::Variable {
     AstNode getDefiningNode() {
       result = this.getPat().getName() or
       result = this.getParameter().(SelfParam)
     }
 
-    AstNode getAnAccess() { result = super.getAnAccess() }
+    Expr getAnAccess() { result = super.getAnAccess() }
   }
 
-  abstract class Assignment extends AstNode {
+  abstract class LetDeclaration extends AstNode {
     abstract predicate isCoercionSite();
 
     abstract AstNode getLeftOperand();
 
     abstract AstNode getRightOperand();
   }
 
-  private class LetExprAssignment extends Assignment, LetExpr {
+  private class LetExprLetDeclaration extends LetDeclaration, LetExpr {
     override predicate isCoercionSite() { not this.getPat() instanceof IdentPat }
 
     override AstNode getLeftOperand() { result = this.getPat() }
 
     override AstNode getRightOperand() { result = this.getScrutinee() }
   }
 
-  private class LetStmtAssignment extends Assignment, LetStmt {
+  private class LetStmtLetDeclaration extends LetDeclaration, LetStmt {
     override predicate isCoercionSite() {
       this.hasTypeRepr() or
       not identLetStmt(this, _, _)
@@ -340,18 +372,6 @@ private module Input3 implements InputSig3 {
     override AstNode getRightOperand() { result = this.getInitializer() }
   }
 
-  private class AssignmentExprAssignment extends Assignment, AssignmentExpr {
-    override predicate isCoercionSite() { any() }
-
-    override AstNode getLeftOperand() { result = this.getLhs() }
-
-    override AstNode getRightOperand() { result = this.getRhs() }
-  }
-
-  class ParenExpr extends AstNode, Rust::ParenExpr {
-    AstNode getExpr() { result = super.getExpr() }
-  }
-
   predicate certainTypeEqualityInput(AstNode n1, TypePath prefix1, AstNode n2, TypePath prefix2) {
     n1 =
       any(IdentPat ip |
@@ -824,8 +844,6 @@ private module CertainTypeInferenceInput {
     result = inferRefExprType(n) and
     path.isEmpty()
     or
-    result = inferLogicalOperationType(n, path)
-    or
     result = inferCertainStructExprType(n, path)
     or
     result = inferCertainStructPatType(n, path)
@@ -857,14 +875,6 @@ private module CertainTypeInferenceInput {
   }
 }
 
-private Type inferLogicalOperationType(AstNode n, TypePath path) {
-  exists(Builtins::Bool t, BinaryLogicalOperation be |
-    n = [be, be.getLhs(), be.getRhs()] and
-    path.isEmpty() and
-    result = TDataType(t)
-  )
-}
-
 private Type inferAssignmentOperationType(AstNode n, TypePath path) {
   n instanceof AssignmentOperation and
   path.isEmpty() and

shared/typeinference/codeql/typeinference/internal/TypeInference.qll

@@ -2141,6 +2141,8 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
 
     /**
      * Provides the input to `Make3`.
+     *
+     * TODO: Eventually align the AST signature with that of the shared CFG library.
      */
     signature module InputSig3 {
       /**
@@ -2149,6 +2151,9 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
        */
       default predicate cachedStageRevRef() { none() }
 
+      /** A boolean type. */
+      class BoolType extends Type;
+
       /** An AST node. */
       class AstNode {
         /** Gets a textual representation of this AST node. */
@@ -2161,13 +2166,63 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
       /** Gets the type annotation that applies to `n`, if any. */
       TypeMention getTypeAnnotation(AstNode n);
 
+      /** An expression. */
+      class Expr extends AstNode;
+
+      /** A ternary conditional expression. */
+      class ConditionalExpr extends Expr {
+        /** Gets the condition of this expression. */
+        Expr getCondition();
+
+        /** Gets the true branch of this expression. */
+        Expr getThen();
+
+        /** Gets the false branch of this expression. */
+        Expr getElse();
+      }
+
+      /** A binary expression. */
+      class BinaryExpr extends Expr {
+        /** Gets the left operand of this binary expression. */
+        Expr getLeftOperand();
+
+        /** Gets the right operand of this binary expression. */
+        Expr getRightOperand();
+      }
+
+      /** A short-circuiting logical AND expression. */
+      class LogicalAndExpr extends BinaryExpr;
+
+      /** A short-circuiting logical OR expression. */
+      class LogicalOrExpr extends BinaryExpr;
+
+      /**
+       * An assignment expression, either compound or simple.
+       *
+       * Examples:
+       *
+       * ```
+       * x = y
+       * sum += element
+       * ```
+       */
+      class Assignment extends BinaryExpr;
+
+      /** A simple assignment expression, for example `x = y`. */
+      class AssignExpr extends Assignment;
+
+      /** A parenthesized expression. */
+      class ParenExpr extends AstNode {
+        AstNode getExpr();
+      }
+
       /** A variable, for example a local variable or a field. */
       class Variable {
         /** Gets the AST node that defines this variable. */
         AstNode getDefiningNode();
 
         /** Gets an access to this variable. */
-        AstNode getAnAccess();
+        Expr getAnAccess();
 
         /** Gets a textual representation of this element. */
         string toString();
@@ -2177,28 +2232,22 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
       }
 
       /**
-       * An assignment where type information can flow from one operand to the
-       * other.
+       * A `let` declaration, for example a local variable declaration.
        */
-      class Assignment extends AstNode {
+      class LetDeclaration extends AstNode {
         /**
-         * Holds if this assignment is a coercion site, meaning that the type of the right
+         * Holds if this declaration is a coercion site, meaning that the type of the right
          * operand may have to be coerced to the type of the left operand.
          */
         predicate isCoercionSite();
 
-        /** Gets the left operand of this binary expression. */
+        /** Gets the left operand of this declaration. */
         AstNode getLeftOperand();
 
-        /** Gets the right operand of this binary expression. */
+        /** Gets the right operand of this declaration. */
         AstNode getRightOperand();
       }
 
-      /** A parenthesized expression. */
-      class ParenExpr extends AstNode {
-        AstNode getExpr();
-      }
-
       /**
        * Holds if the types of `n1` at `path1` and `n2` at `path2` are certainly equal.
        */
@@ -2249,10 +2298,10 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
           (
             exists(Variable v | n1 = v.getAnAccess() and n2 = v.getDefiningNode())
             or
-            exists(Assignment a |
-              not a.isCoercionSite() and
-              n1 = a.getLeftOperand() and
-              n2 = a.getRightOperand()
+            exists(LetDeclaration let |
+              not let.isCoercionSite() and
+              n1 = let.getLeftOperand() and
+              n2 = let.getRightOperand()
             )
             or
             n1 = n2.(ParenExpr).getExpr()
@@ -2273,6 +2322,16 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
           )
         }
 
+        private Type inferLogicalOperationType(AstNode n, TypePath path) {
+          (
+            exists(LogicalAndExpr lae | n = [lae, lae.getLeftOperand(), lae.getRightOperand()]) or
+            exists(LogicalOrExpr loe | n = [loe, loe.getLeftOperand(), loe.getRightOperand()]) //or
+            // exists(LogicalNotExpr lne | n = [lne, lne.getOperand()])
+          ) and
+          result instanceof BoolType and
+          path.isEmpty()
+        }
+
         /** Gets the inferred certain type of `n` at `path`. */
         cached
         Type inferCertainType(AstNode n, TypePath path) {
@@ -2283,6 +2342,8 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
           or
           result = inferCertainTypeInput(n, path)
           or
+          result = inferLogicalOperationType(n, path)
+          or
           infersCertainTypeAt(n, path, result.getATypeParameter())
         }
 
@@ -2336,9 +2397,16 @@ module Make1<LocationSig Location, InputSig1<Location> Input1> {
         or
         path1.isEmpty() and
         path2.isEmpty() and
-        exists(Assignment a |
-          a.getLeftOperand() = n1 and
-          a.getRightOperand() = n2
+        (
+          exists(Assignment a |
+            a.getLeftOperand() = n1 and
+            a.getRightOperand() = n2
+          )
+          or
+          exists(LetDeclaration let |
+            let.getLeftOperand() = n1 and
+            let.getRightOperand() = n2
+          )
         )
         or
         typeEqualityInput(n1, path1, n2, path2)