Skip to content

JS: Remove synthetic locations #20302

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Sep 1, 2025
Merged

JS: Remove synthetic locations #20302

merged 4 commits into from
Sep 1, 2025
+3,423 −3,610

Conversation

asgerf
Copy link
Contributor

@asgerf asgerf commented Aug 27, 2025
edited
Loading

For background see #20297.

This PR removes synthetic locations because the dependencies induced by such locations is greatly complicating overlay locality. This might change the location associated with some SSA phi nodes (from the legacy SSA library), but such nodes aren't generally used for user-visible alerts anyway.

Evaluation looks good. There's a 1% speed-up, which is expected given that we saw a similar slow-down when synthetic locations were introduced (which was at the time necessary for replacing hasLocationInfo with getLocation).

asgerf added 2 commits August 27, 2025 11:20
@asgerf
JS: Remove synthetic locations
dcf63fc
@asgerf
JS: Add deprecated alias
4a687a1 
The old DbLocation class was public, hence the alias
@asgerf asgerf requested a review from a team as a code owner August 27, 2025 13:45
@asgerf asgerf requested review from Copilot and removed request for a team August 27, 2025 13:45
@asgerf asgerf added the no-change-note-required This PR does not need a change note label Aug 27, 2025
@github-actions github-actions bot added the JS label Aug 27, 2025
Copilot
Copilot AI reviewed Aug 27, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR removes synthetic locations from the JavaScript CodeQL library to simplify overlay locality handling. The change affects how SSA phi nodes are located but should not impact user-visible alerts since these nodes are typically not shown to users.

  • Eliminates the entire synthetic location system and related TLocation type
  • Updates all location references from DbLocation to Location throughout the codebase
  • Simplifies SSA definition location handling to use basic block locations instead of synthetic ones

Reviewed Changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated no comments.

Show a summary per file
File Description
javascript/ql/lib/semmle/javascript/internal/Locations.qll Complete removal of synthetic location implementation and TLocation type
javascript/ql/lib/semmle/javascript/Locations.qll Simplifies Location class and deprecates DbLocation
javascript/ql/lib/semmle/javascript/SSA.qll Updates SSA definitions to use basic block locations and deprecates hasLocationInfo
javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/Ssa.qll Changes type parameter from DbLocation to Location
javascript/ql/lib/semmle/javascript/dataflow/internal/VariableOrThis.qll Updates return types from DbLocation to Location
javascript/ql/lib/semmle/javascript/dataflow/internal/VariableCapture.qll Updates type parameters and return types to use Location
javascript/ql/lib/semmle/javascript/Variables.qll Changes LocalVariable.getLocation return type
javascript/ql/lib/semmle/javascript/XML.qll Updates XML module to use Location instead of DbLocation
javascript/ql/lib/semmle/javascript/YAML.qll Removes DbLocation type constraint
javascript/ql/lib/semmle/javascript/RestrictedLocations.qll Updates location reference in FirstLineOf
javascript/ql/lib/semmle/javascript/JSON.qll Updates JSON file location handling
javascript/ql/lib/semmle/javascript/Files.qll Updates File.getLocation return type
javascript/ql/lib/semmle/javascript/AST.qll Updates token location handling

aschackmull
aschackmull previously approved these changes Aug 28, 2025
View reviewed changes
Copy link
Contributor

@aschackmull aschackmull left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🎉

@asgerf asgerf marked this pull request as draft August 28, 2025 09:33
@asgerf
Copy link
Contributor Author

asgerf commented Aug 28, 2025

Turns out some locations were negatively affected after all. Taking back into a draft while I fix these.

@asgerf asgerf force-pushed the js/simpler-locations branch from 4329261 to cc8fe10 Compare August 29, 2025 10:03
@asgerf
Copy link
Contributor Author

asgerf commented Aug 29, 2025

There was an issue with SsaExplicitDefinition getting a worse location than before. Previously they were associated with the CFG node of an assignement, which actually pretty annoying for simultaneous assignments. This was accidentally changed to take its location from the start of the basic block of that assignment.

I've updated it to refer to what it should have been all along, the mention of the variable on the LHS. See example of the old and new location:

Old location

OldLocation

New location

NewLocation

Evaluation

Evaluation is not quite 1% anymore, but still leaning in the right direction,

@asgerf asgerf marked this pull request as ready for review August 29, 2025 10:58
@asgerf asgerf merged commit 0d0eaa2 into github:main Sep 1, 2025
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@aschackmull aschackmull aschackmull approved these changes

Assignees
No one assigned
Labels
JS no-change-note-required This PR does not need a change note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@asgerf @aschackmull