vscode-codeql icon indicating copy to clipboard operation
vscode-codeql copied to clipboard

Published 20 hours ago verified publisher icon github

Variant Analysis Results don't show results without source location in some cases

Open Marcono1234 opened this issue 1 year ago • 1 comments

Describe the bug If you use a query with @kind problem in the metadata (or even without @kind, whose select clause has an element as first tuple value, e.g. select element, "my message") and all or some of the elements in the results don't have a source location (for example because they come from an external library), then they are not shown in the Variant Analysis Results view and there is no indication that they were omitted.

This differs from a run for a local database, whose result view includes these results, respectively offers to view the "raw results".

It also differs from a Variant Analysis run without @kind ... in the metadata and where for example a string is the first value in the result tuples (e.g. select "my message", element), which does show the raw results.

Version Extension version

CodeQL extension version: 1.8.8 
CodeQL CLI version: 2.14.0 
Platform: win32 x64

VS Code version

Version: 1.80.1 (user setup)
Commit: 74f6148eb9ea00507ec113ec51c489d6ffb4b771
Date: 2023-07-12T17:22:07.651Z
Electron: 22.3.14
ElectronBuildId: 21893604
Chromium: 108.0.5359.215
Node.js: 16.17.1
V8: 10.8.168.25-electron.0
OS: Windows_NT x64 10.0.19045

To reproduce

  1. Open Quick Query and paste the following query 
    /**
 * @kind problem
 */

import java

from EnumType t
where not t.fromSource()
select t, "my message"
  2. Run Variant Analysis, for example on the top 10 repositories
  3. Open the Variant Analysis Results :x: Bug: No results are shown, and there is no indication and no way to show the actual results which don't have a source location

Expected behavior Either:

  • There should be at least an indication that X results were omitted because they are not in the source code
  • Or better, there should be a way to view the "raw results" (i.e. shown as regular table), which include elements without source location

Additional context This might affect other @kind types as well.

Marcono1234 avatar Jul 22 '23 15:07 Marcono1234

Thank you for submitting this. I agree with your deduction that it's the result being in the source archive that's the defining factor here.

Taking your query that reproduces it and modifying it slightly to:

import java

from EnumType t, string fromSource
where (t.fromSource() and fromSource = "yes") or (not t.fromSource() and fromSource = "no")
select t, fromSource

you can clearly see the difference in results if you run this locally vs as a variant analysis. All of the results that are "not from source" will be omitted.

I've opened an internal issue to look into this more and we'll report back when there's any progress.

robertbrignull avatar Jul 25 '23 10:07 robertbrignull