codeql
codeql copied to clipboard
github
Overlay: Add overlay annotations to Java & shared libraries
This PR adds overlay annotations for Java libraries and shared libraries to support experimentation with Java overlay analysis. Overlay annotations were added automatically using the add-overlay-annotations.py script. The high-level intend is that dataflow should be global and as much as possible below dataflow should be local. To achieve this the script adds top-level overlay[local?] annotations to Java and shared libraries based on a simple heuristic:
- skip library files that end with
Test.qll - skip library files that end with
Query.qllorConfig.qllif they containimplements DataFlow::ConfigSig.
For files selected for annotation, the script also adds overlay[caller] annotations on all public predicates annotated with pragma[inline] to ensure that those predicates will still be inlined across the overlay frontier once overlay compilation is enabled. See the internal Incremental CodeQL docs for additional details.
I recommend reviewing this PR by reviewing the script that generated the annotations.
Some of the annotated Java library files are also used by Python and C# and the annotations have therefore also been added to the Python and C# variants through sync-files.py.
This PR does not enable overlay compilation for Java and therefore currently has no effect on the generated DIL, RA or QLX (as witnessed by the uneventful DCA runs). The only current impact of adding the annotations will be that the compiler will check for overlay annotation errors, but in the absence of errors the overlay annotations currently have no effect on compilation. See the internal Incremental CodeQL docs for additional details.
A CI check will be added in a subsequent PR to enforce usage of the add-overlay-annotations.py script to automatically add overlay annotations to newly added files.
