Rust: Add support for neutral models. #21271
Conversation
There was a problem hiding this comment.
Pull request overview
This pull request adds support for neutral models to the Rust dataflow analysis framework. Neutral models allow developers to explicitly disable generated or inherited source, sink, and summary models for specific functions, helping to correct false positives caused by inaccurate auto-generated models.
Changes:
- Added
neutralModelextensible predicate to define neutral models - Modified source, sink, and summary model application logic to respect neutral models
- Added comprehensive test coverage for neutral models with sources and sinks
- Added change notes documenting this new capability
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll | Adds the neutralModel extensible predicate and implements logic to filter out generated/inherited models when neutral models exist for the same function |
| rust/ql/test/library-tests/dataflow/models/models.ext.yml | Adds test data for neutral models including both generated and manual models with corresponding neutral models |
| rust/ql/test/library-tests/dataflow/models/main.rs | Adds test functions and test case to verify neutral model behavior |
| rust/ql/test/library-tests/dataflow/models/models.expected | Updates expected test output to reflect new test cases |
| rust/ql/lib/change-notes/2026-02-05-neutral-models.md | Documents the new neutral models feature |
hvitved
left a comment
hvitved
left a comment
There was a problem hiding this comment.
Sadly I was unable to produce an effective test for neutral summary models, since generated summary models of functions from the source aren't applied anyway, and it's difficult to add functions outside the source in tests.
Here is an idea: Add a new extensional predicate extensible predicate stub(string relativePath), add not stub(this.getRelativePath()) here, move the relevant functions into a separate file, say stubs.rs, and then add an entry for that file in models.ext.yml.
| ) and | ||
| not neutralModel(f.getCanonicalPath(), "summary", _, _) |
There was a problem hiding this comment.
This should not be needed, as it is handled by the shared library.
|
@hvitved thanks for your suggestions, there's something else I need to work on before I get back to this... |
Done. Good idea!
I believe it was needed at the time I wrote it. Some other configuration may be missing. I'll look into it next week. |
2 participants
Neutral models are models that neutralize generated models, allowing us to correct false positives caused by inaccurate generated models.
Sadly I was unable to produce an effective test for neutral summary models, since generated summary models of functions from the source aren't applied anyway, and it's difficult to add functions outside the source in tests. We will soon have neutral summaries of real library functions to test this feature anyway.