set compileForOverlayEval true for java

config/annotate-overlay-local.py

@@ -0,0 +1,175 @@
+# This script is used to annotate .qll files with overlay[local?] annotations.
+# It will walk the directory tree and annotate most .qll files, skipping only
+# some specific cases (e.g., empty files, files that configure dataflow for queries).
+# It will also add overlay[caller] annotations to predicates that are pragma[inline]
+# and either not private or in a hardcoded list of predicates.
+
+# The script takes a list of languages and processes the corresponding directories.
+
+# Usage: python3 annotate-overlay-local.py <language1> <language2> ...
+
+# The script will modify the files in place and print the changes made.
+# The script is designed to be run from the root of the repository.
+
+#!/usr/bin/python3
+import sys
+import os
+from difflib import *
+
+# These are the only two predicates that are pragma[inline], private, and must be
+# overlay[caller] in order to successfully compile our internal java queries.
+hardcoded_overlay_caller_preds = [
+    "fwdFlowInCand", "fwdFlowInCandTypeFlowDisabled"]
+
+
+def filter_out_annotations(filename):
+    '''
+    Read the file and strip all existing overlay[...] annotations from the contents.
+    Return the file modified file content as a list of lines.
+    '''
+    overlays = ["local", "local?", "global", "caller"]
+    annotations = [f"overlay[{t}]" for t in overlays]
+    with open(filename, 'r') as file_in:
+        lines = [l for l in file_in if not l.strip() in annotations]
+    for ann in annotations:
+        if any(line for line in lines if ann in line):
+            raise Exception(f"Failed to filter out {ann} from {filename}.")
+    return lines
+
+
+def insert_toplevel_maybe_local_anntotation(filename, lines):
+    '''
+    Find a suitable place to insert an overlay[local?] annotation at the top of the file.
+    Return a pair: (string describing action taken, modified content as list of lines).
+    '''
+    out_lines = []
+    status = 0
+
+    for line in lines:
+        if status == 0 and line.rstrip().endswith("module;"):
+            out_lines.append("overlay[local?]\n")
+            status = 1
+        out_lines.append(line)
+
+    if status == 1:
+        return (f"Annotating \"{filename}\" via existing file-level module statement", out_lines)
+
+    out_lines = []
+    empty_line_buffer = []
+    status = 0
+    for line in lines:
+        trimmed = line.strip()
+        if not trimmed:
+            empty_line_buffer.append(line)
+            continue
+        if status <= 1 and trimmed.endswith("*/"):
+            status = 2
+        elif status == 0 and trimmed.startswith("/**"):
+            status = 1
+        elif status == 0 and not trimmed.startswith("/*"):
+            out_lines.append("overlay[local?]\n")
+            out_lines.append("module;\n")
+            out_lines.append("\n")
+            status = 3
+        elif status == 2 and (trimmed.startswith("import ") or trimmed.startswith("private import ")):
+            out_lines.append("overlay[local?]\n")
+            out_lines.append("module;\n")
+            status = 3
+        elif status == 2 and (trimmed.startswith("class ") or trimmed.startswith("predicate ")
+                              or trimmed.startswith("module ") or trimmed.startswith("signature ")):
+            out_lines = ["overlay[local?]\n", "module;\n", "\n"] + out_lines
+            status = 3
+        elif status == 2 and trimmed.startswith("/*"):
+            out_lines.append("overlay[local?]\n")
+            out_lines.append("module;\n")
+            status = 3
+        elif status == 2:
+            status = 4
+        if empty_line_buffer:
+            out_lines += empty_line_buffer
+            empty_line_buffer = []
+        out_lines.append(line)
+    if status == 3:
+        out_lines += empty_line_buffer
+
+    if status == 3:
+        return (f"Annotating \"{filename}\" after file-level module qldoc", out_lines)
+
+    raise Exception(f"Failed to annotate \"{filename}\" as overlay[local?].")
+
+
+def insert_overlay_caller_annotations(lines):
+    '''
+    Mark pragma[inline] predicates as overlay[caller] if they are not declared private
+    or if they are private but are in the list of hardcoded_overlay_caller_preds.
+    '''
+    out_lines = []
+    for i, line in enumerate(lines):
+        trimmed = line.strip()
+        if trimmed == "pragma[inline]":
+            if (not "private" in lines[i+1] or
+                    any(pred in lines[i+1] for pred in hardcoded_overlay_caller_preds)):
+                whitespace = line[0: line.find(trimmed)]
+                out_lines.append(f"{whitespace}overlay[caller]\n")
+        out_lines.append(line)
+    return out_lines
+
+
+def annotate_as_appropriate(filename):
+    '''
+    Read file and strip all existing overlay[...] annotations from the contents;
+    then insert new overlay[...] annotations according to heuristics.
+    Return a pair: (string describing action taken, modified content as list of lines).
+    '''
+    lines = filter_out_annotations(filename)
+    lines = insert_overlay_caller_annotations(lines)
+
+    # These simple heuristics filter out those .qll files that we no _not_ want to annotate
+    # as overlay[local?].  It is not clear that these heuristics are exactly what we want,
+    # but they seem to work well enough for now (as determined by speed and accuracy numbers).
+    if (filename.endswith("Test.qll") or
+        ((filename.endswith("Query.qll") or filename.endswith("Config.qll")) and
+         any("implements DataFlow::ConfigSig" in line for line in lines))):
+        return (f"Keeping \"{filename}\" global because it configures dataflow for a query", lines)
+    elif not any(line for line in lines if line.strip()):
+        return (f"Keeping \"{filename}\" global because it is empty", lines)
+
+    return insert_toplevel_maybe_local_anntotation(filename, lines)
+
+
+def process_single_file(filename):
+    '''
+    Process a single file, annotating it as appropriate and writing the changes back to the file.
+    '''
+    annotate_result = annotate_as_appropriate(filename)
+
+    old = [line for line in open(filename)]
+    new = annotate_result[1]
+
+    if old != new:
+        diff = context_diff(old, new, fromfile=filename, tofile=filename)
+        diff = [line for line in diff]
+        if diff:
+            print(annotate_result[0])
+            for line in diff:
+                print(line.rstrip())
+            with open(filename, "w") as out_file:
+                for line in new:
+                    out_file.write(line)
+
+
+dirs = []
+for lang in sys.argv[1:]:
+    if lang in ["cpp", "go", "csharp", "java", "javascript", "python", "ruby", "rust", "swift"]:
+        dirs.append(f"{lang}/ql/lib")
+    else:
+        raise Exception(f"Unknown language \"{lang}\".")
+
+if dirs:
+    dirs.append("shared")
+
+for roots in dirs:
+    for dirpath, dirnames, filenames in os.walk(roots):
+        for filename in filenames:
+            if filename.endswith(".qll") and not dirpath.endswith("tutorial"):
+                process_single_file(os.path.join(dirpath, filename))

csharp/ql/lib/semmle/code/csharp/dataflow/Bound.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes for representing abstract bounds for use in, for example, range analysis.
  */
+overlay[local?]
+module;
 
 private import internal.rangeanalysis.BoundSpecific
 

csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll

@@ -3,6 +3,8 @@
  * an expression, `b` is a `Bound` (typically zero or the value of an SSA
  * variable), and `v` is an integer in the range `[0 .. m-1]`.
  */
+overlay[local?]
+module;
 
 private import internal.rangeanalysis.ModulusAnalysisSpecific::Private
 private import Bound

csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 newtype TSign =
   TNeg() or
   TZero() or

csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll

@@ -5,6 +5,8 @@
  * The analysis is implemented as an abstract interpretation over the
  * three-valued domain `{negative, zero, positive}`.
  */
+overlay[local?]
+module;
 
 private import SignAnalysisSpecific::Private
 private import SsaReadPositionCommon

csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes for representing a position at which an SSA variable is read.
  */
+overlay[local?]
+module;
 
 private import SsaReadPositionSpecific
 import SsaReadPositionSpecific::Public

java/ql/lib/Customizations.qll

@@ -8,5 +8,7 @@
  * the `RemoteFlowSource` and `AdditionalTaintStep` classes associated with the security queries
  * to model frameworks that are not covered by the standard library.
  */
+overlay[local?]
+module;
 
 import java

java/ql/lib/IDEContextual.qll

@@ -1,6 +1,8 @@
 /**
  * Provides shared predicates related to contextual queries in the code viewer.
  */
+overlay[local?]
+module;
 
 import semmle.files.FileSystem
 private import codeql.util.FileSystem

java/ql/lib/default.qll

@@ -1,3 +1,5 @@
 /** DEPRECATED: use `java.qll` instead. */
+overlay[local?]
+module;
 
 import java

java/ql/lib/definitions.qll

@@ -2,6 +2,8 @@
  * Provides classes and predicates related to jump-to-definition links
  * in the code viewer.
  */
+overlay[local?]
+module;
 
 import java
 import IDEContextual

java/ql/lib/external/ExternalArtifact.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 import java
 
 class ExternalData extends @externalDataElement {

java/ql/lib/java.qll

@@ -1,4 +1,6 @@
 /** Provides all default Java QL imports. */
+overlay[local?]
+module;
 
 import Customizations
 import semmle.code.FileSystem

java/ql/lib/semmle/code/FileSystem.qll

@@ -1,4 +1,6 @@
 /** Provides classes for working with files and folders. */
+overlay[local?]
+module;
 
 import Location
 private import codeql.util.FileSystem

java/ql/lib/semmle/code/Location.qll

@@ -3,6 +3,8 @@
  *
  * Locations represent parts of files and are used to map elements to their source location.
  */
+overlay[local?]
+module;
 
 import FileSystem
 import semmle.code.java.Element

java/ql/lib/semmle/code/SMAP.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with SMAP files (see JSR-045).
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/Unit.qll

@@ -1,3 +1,5 @@
 /** Provides the `Unit` class. */
+overlay[local?]
+module;
 
 import codeql.util.Unit

java/ql/lib/semmle/code/configfiles/ConfigFiles.qll

@@ -2,6 +2,8 @@
  * Provides classes and predicates for working with configuration files, such
  * as Java `.properties` or `.ini` files.
  */
+overlay[local?]
+module;
 
 import semmle.code.Location
 

java/ql/lib/semmle/code/java/Annotation.qll

@@ -8,6 +8,8 @@
  * Each annotation type has zero or more annotation elements that contain a
  * name and possibly a value.
  */
+overlay[local?]
+module;
 
 import Element
 import Expr

java/ql/lib/semmle/code/java/Collections.qll

@@ -2,6 +2,8 @@
  * Provides classes and predicates for reasoning about instances of
  * `java.util.Collection` and their methods.
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/Compilation.qll

@@ -1,6 +1,8 @@
 /**
  * Provides a class representing individual compiler invocations that occurred during the build.
  */
+overlay[local?]
+module;
 
 import semmle.code.FileSystem
 

java/ql/lib/semmle/code/java/CompilationUnit.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Java compilation units.
  */
+overlay[local?]
+module;
 
 import Element
 import Package

java/ql/lib/semmle/code/java/Completion.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for representing completions.
  */
+overlay[local?]
+module;
 
 /*
  * A completion represents how a statement or expression terminates.

java/ql/lib/semmle/code/java/Concurrency.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 import java
 
 /**

java/ql/lib/semmle/code/java/Constants.qll

@@ -1,6 +1,8 @@
 /**
  * Provdides a module to calculate constant integer and boolean values.
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/ControlFlowGraph.qll

@@ -7,6 +7,8 @@
  * statement, an expression, or an exit node for a callable, indicating that
  * execution of the callable terminates.
  */
+overlay[local?]
+module;
 
 /*
  * The implementation is centered around the concept of a _completion_, which

java/ql/lib/semmle/code/java/Conversions.qll

@@ -4,6 +4,8 @@
  *
  * See the Java Language Specification, Section 5, for details.
  */
+overlay[local?]
+module;
 
 import java
 import semmle.code.java.arithmetic.Overflow

java/ql/lib/semmle/code/java/Dependency.qll

@@ -1,6 +1,8 @@
 /**
  * Provides utility predicates for representing dependencies between types.
  */
+overlay[local?]
+module;
 
 import Type
 import Generics

java/ql/lib/semmle/code/java/DependencyCounts.qll

@@ -1,6 +1,8 @@
 /**
  * This library provides utility predicates for representing the number of dependencies between types.
  */
+overlay[local?]
+module;
 
 import Type
 import Generics

java/ql/lib/semmle/code/java/Diagnostics.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes representing warnings generated during compilation.
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/Element.qll

@@ -1,6 +1,8 @@
 /**
  * Provides a class that represents named elements in Java programs.
  */
+overlay[local?]
+module;
 
 import CompilationUnit
 import semmle.code.Location

java/ql/lib/semmle/code/java/Exception.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Java exceptions.
  */
+overlay[local?]
+module;
 
 import Element
 import Type

java/ql/lib/semmle/code/java/Expr.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes for working with Java expressions.
  */
+overlay[local?]
+module;
 
 import java
 private import semmle.code.java.frameworks.android.Compose

java/ql/lib/semmle/code/java/GeneratedFiles.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with the most common types of generated files.
  */
+overlay[local?]
+module;
 
 import Type
 private import semmle.code.java.frameworks.JavaxAnnotations

java/ql/lib/semmle/code/java/Generics.qll

@@ -30,6 +30,8 @@
  *
  * The terminology for generic methods is analogous.
  */
+overlay[local?]
+module;
 
 import Type
 

java/ql/lib/semmle/code/java/Import.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Java imports.
  */
+overlay[local?]
+module;
 
 import semmle.code.Location
 import CompilationUnit

java/ql/lib/semmle/code/java/J2EE.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with J2EE bean types.
  */
+overlay[local?]
+module;
 
 import Type
 

java/ql/lib/semmle/code/java/JDK.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with standard classes and methods from the JDK.
  */
+overlay[local?]
+module;
 
 import Member
 import semmle.code.java.security.ExternalProcess

java/ql/lib/semmle/code/java/JDKAnnotations.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes that represent standard annotations from the JDK.
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/JMX.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with JMX bean types.
  */
+overlay[local?]
+module;
 
 import Type
 

java/ql/lib/semmle/code/java/Javadoc.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Javadoc documentation.
  */
+overlay[local?]
+module;
 
 import semmle.code.Location
 

java/ql/lib/semmle/code/java/KotlinType.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Kotlin types.
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/Maps.qll

@@ -2,6 +2,8 @@
  * Provides classes and predicates for reasoning about instances of
  * `java.util.Map` and their methods.
  */
+overlay[local?]
+module;
 
 import java
 import Collections

java/ql/lib/semmle/code/java/Member.qll

@@ -2,6 +2,8 @@
  * Provides classes and predicates for working with members of Java classes and interfaces,
  * that is, methods, constructors, fields and nested types.
  */
+overlay[local?]
+module;
 
 import Element
 import Type

java/ql/lib/semmle/code/java/Modifier.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Java modifiers.
  */
+overlay[local?]
+module;
 
 import Element
 

java/ql/lib/semmle/code/java/Modules.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes for working with Java modules.
  */
+overlay[local?]
+module;
 
 import CompilationUnit
 

java/ql/lib/semmle/code/java/NumberFormatException.qll

@@ -1,4 +1,6 @@
 /** Provides classes and predicates for reasoning about `java.lang.NumberFormatException`. */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/Package.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Java packages.
  */
+overlay[local?]
+module;
 
 import Element
 import Type

java/ql/lib/semmle/code/java/PrettyPrintAst.qll

@@ -2,6 +2,8 @@
  * Provides pretty-printed representations of the AST, in particular top-level
  * classes and interfaces.
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/PrintAst.qll

@@ -5,6 +5,8 @@
  * extend `PrintAstConfiguration` and override `shouldPrint` to hold for only the elements
  * you wish to view the AST for.
  */
+overlay[local?]
+module;
 
 import java
 import semmle.code.java.regex.RegexTreeView as RegexTreeView

java/ql/lib/semmle/code/java/Reflection.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Java Reflection.
  */
+overlay[local?]
+module;
 
 import java
 import JDKAnnotations

java/ql/lib/semmle/code/java/Serializability.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Java Serialization.
  */
+overlay[local?]
+module;
 
 import java
 private import frameworks.jackson.JacksonSerializability

java/ql/lib/semmle/code/java/Statement.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Java statements.
  */
+overlay[local?]
+module;
 
 import Expr
 import metrics.MetricStmt

java/ql/lib/semmle/code/java/StringFormat.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for reasoning about string formatting.
  */
+overlay[local?]
+module;
 
 import java
 import dataflow.DefUse

java/ql/lib/semmle/code/java/Type.qll

@@ -9,6 +9,8 @@
  * Classes and interfaces can also be local (`LocalClassOrInterface`, `LocalClass`) or anonymous (`AnonymousClass`).
  * Enumerated types (`EnumType`) and records (`Record`) are special kinds of classes.
  */
+overlay[local?]
+module;
 
 import Member
 import Modifier
@@ -668,6 +670,7 @@ class RefType extends Type, Annotatable, Modifiable, @reftype {
    *
    * For the definition of the notion of *erasure* see JLS v8, section 4.6 (Type Erasure).
    */
+  overlay[caller]
   pragma[inline]
   RefType commonSubtype(RefType other) {
     result.getASourceSupertype*() = erase(this) and
@@ -1257,6 +1260,7 @@ private Type erase(Type t) {
  *
  * For the definition of the notion of *erasure* see JLS v8, section 4.6 (Type Erasure).
  */
+overlay[caller]
 pragma[inline]
 predicate haveIntersection(RefType t1, RefType t2) {
   exists(RefType e1, RefType e2 | e1 = erase(t1) and e2 = erase(t2) |

java/ql/lib/semmle/code/java/UnitTests.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with test classes and methods.
  */
+overlay[local?]
+module;
 
 import Type
 import Member

java/ql/lib/semmle/code/java/Variable.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with Java variables and their declarations.
  */
+overlay[local?]
+module;
 
 import Element
 

java/ql/lib/semmle/code/java/arithmetic/Overflow.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 import java
 
 /** A subclass of `PrimitiveType` with width-based ordering methods. */

java/ql/lib/semmle/code/java/comparison/Comparison.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 import java
 
 /**

java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for working with basic blocks in Java.
  */
+overlay[local?]
+module;
 
 import java
 import Dominance

java/ql/lib/semmle/code/java/controlflow/Dominance.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for control-flow graph dominance.
  */
+overlay[local?]
+module;
 
 import java
 
@@ -109,6 +111,7 @@ predicate iDominates(ControlFlowNode dominator, ControlFlowNode node) {
 }
 
 /** Holds if `dom` strictly dominates `node`. */
+overlay[caller]
 pragma[inline]
 predicate strictlyDominates(ControlFlowNode dom, ControlFlowNode node) {
   // This predicate is gigantic, so it must be inlined.
@@ -118,6 +121,7 @@ predicate strictlyDominates(ControlFlowNode dom, ControlFlowNode node) {
 }
 
 /** Holds if `dom` dominates `node`. (This is reflexive.) */
+overlay[caller]
 pragma[inline]
 predicate dominates(ControlFlowNode dom, ControlFlowNode node) {
   // This predicate is gigantic, so it must be inlined.
@@ -127,6 +131,7 @@ predicate dominates(ControlFlowNode dom, ControlFlowNode node) {
 }
 
 /** Holds if `dom` strictly post-dominates `node`. */
+overlay[caller]
 pragma[inline]
 predicate strictlyPostDominates(ControlFlowNode dom, ControlFlowNode node) {
   // This predicate is gigantic, so it must be inlined.
@@ -136,6 +141,7 @@ predicate strictlyPostDominates(ControlFlowNode dom, ControlFlowNode node) {
 }
 
 /** Holds if `dom` post-dominates `node`. (This is reflexive.) */
+overlay[caller]
 pragma[inline]
 predicate postDominates(ControlFlowNode dom, ControlFlowNode node) {
   // This predicate is gigantic, so it must be inlined.

java/ql/lib/semmle/code/java/controlflow/Guards.qll

@@ -2,6 +2,8 @@
  * Provides classes and predicates for reasoning about guards and the control
  * flow elements controlled by those guards.
  */
+overlay[local?]
+module;
 
 import java
 private import semmle.code.java.controlflow.Dominance

java/ql/lib/semmle/code/java/controlflow/Paths.qll

@@ -2,6 +2,8 @@
  * This library provides predicates for reasoning about the set of all paths
  * through a callable.
  */
+overlay[local?]
+module;
 
 import java
 import semmle.code.java.dispatch.VirtualDispatch

java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for identifying unreachable blocks under a "closed-world" assumption.
  */
+overlay[local?]
+module;
 
 import java
 import semmle.code.java.controlflow.Guards

java/ql/lib/semmle/code/java/controlflow/internal/GuardsLogic.qll

@@ -2,6 +2,8 @@
  * Provides predicates for working with the internal logic of the `Guards`
  * library.
  */
+overlay[local?]
+module;
 
 import java
 import semmle.code.java.controlflow.Guards

java/ql/lib/semmle/code/java/controlflow/internal/Preconditions.qll

@@ -3,6 +3,8 @@
  * `com.google.common.base.Preconditions` and
  * `org.apache.commons.lang3.Validate`.
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/controlflow/internal/SwitchCases.qll

@@ -1,4 +1,6 @@
 /** Provides utility predicates relating to switch cases. */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/controlflow/unreachableblocks/ExcludeDebuggingProfilingLogging.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 import java
 import semmle.code.java.controlflow.UnreachableBlocks
 

java/ql/lib/semmle/code/java/dataflow/ApiSinks.qll

@@ -1,4 +1,6 @@
 /** Provides classes representing various flow sinks for data flow / taint tracking. */
+overlay[local?]
+module;
 
 private import semmle.code.java.dataflow.FlowSinks as FlowSinks
 

java/ql/lib/semmle/code/java/dataflow/ApiSources.qll

@@ -1,4 +1,6 @@
 /** Provides classes representing various flow sources for data flow / taint tracking. */
+overlay[local?]
+module;
 
 private import semmle.code.java.dataflow.FlowSources as FlowSources
 

java/ql/lib/semmle/code/java/dataflow/Bound.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes for representing abstract bounds for use in, for example, range analysis.
  */
+overlay[local?]
+module;
 
 private import internal.rangeanalysis.BoundSpecific
 

java/ql/lib/semmle/code/java/dataflow/DataFlow.qll

@@ -2,6 +2,8 @@
  * Provides classes for performing local (intra-procedural) and
  * global (inter-procedural) data flow analyses.
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/dataflow/DefUse.qll

@@ -2,6 +2,8 @@
  * Provides classes and predicates for def-use and use-use pairs. Built on top of the SSA library for
  * maximal precision.
  */
+overlay[local?]
+module;
 
 import java
 private import SSA

java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll

@@ -86,6 +86,8 @@
  *    This information is used in a heuristic for dataflow analysis to determine, if a
  *    model or source code should be used for determining flow.
  */
+overlay[local?]
+module;
 
 import java
 private import semmle.code.java.dataflow.DataFlow::DataFlow

java/ql/lib/semmle/code/java/dataflow/FlowSinks.qll

@@ -1,4 +1,6 @@
 /** Provides classes representing various flow sinks for data flow / taint tracking. */
+overlay[local?]
+module;
 
 private import java
 private import semmle.code.java.dataflow.ExternalFlow

java/ql/lib/semmle/code/java/dataflow/FlowSources.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes representing various flow sources for taint tracking.
  */
+overlay[local?]
+module;
 
 import java
 import semmle.code.java.dataflow.DataFlow

java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes representing various flow steps for taint tracking.
  */
+overlay[local?]
+module;
 
 private import java
 private import semmle.code.java.dataflow.DataFlow

java/ql/lib/semmle/code/java/dataflow/FlowSummary.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for defining flow summaries.
  */
+overlay[local?]
+module;
 
 import java
 private import internal.FlowSummaryImpl as Impl

java/ql/lib/semmle/code/java/dataflow/InstanceAccess.qll

@@ -2,6 +2,8 @@
  * Provides classes and predicates for reasoning about explicit and implicit
  * instance accesses.
  */
+overlay[local?]
+module;
 
 import java
 

java/ql/lib/semmle/code/java/dataflow/IntegerGuards.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for integer guards.
  */
+overlay[local?]
+module;
 
 import java
 private import SSA

java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll

@@ -3,6 +3,8 @@
  * an expression, `b` is a `Bound` (typically zero or the value of an SSA
  * variable), and `v` is an integer in the range `[0 .. m-1]`.
  */
+overlay[local?]
+module;
 
 private import internal.rangeanalysis.ModulusAnalysisSpecific::Private
 private import Bound

java/ql/lib/semmle/code/java/dataflow/NullGuards.qll

@@ -1,6 +1,8 @@
 /**
  * Provides classes and predicates for null guards.
  */
+overlay[local?]
+module;
 
 import java
 import SSA

java/ql/lib/semmle/code/java/dataflow/Nullness.qll

@@ -6,6 +6,8 @@
  * hold, so results guarded by, for example, `assert x != null;` or
  * `if (x == null) { assert false; }` are excluded.
  */
+overlay[local?]
+module;
 
 /*
  * Implementation details:

java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll

@@ -8,6 +8,8 @@
  * If an inferred bound relies directly on a condition, then this condition is
  * reported as the reason for the bound.
  */
+overlay[local?]
+module;
 
 /*
  * This library tackles range analysis as a flow problem. Consider e.g.:

java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll

@@ -1,6 +1,8 @@
 /**
  * Provides utility predicates for range analysis.
  */
+overlay[local?]
+module;
 
 import java
 private import SSA

java/ql/lib/semmle/code/java/dataflow/SSA.qll

@@ -10,6 +10,8 @@
  * of the field in case the field is not amenable to a non-trivial SSA
  * representation.
  */
+overlay[local?]
+module;
 
 import java
 private import internal.SsaImpl

java/ql/lib/semmle/code/java/dataflow/SignAnalysis.qll

@@ -5,5 +5,7 @@
  * The analysis is implemented as an abstract interpretation over the
  * three-valued domain `{negative, zero, positive}`.
  */
+overlay[local?]
+module;
 
 import semmle.code.java.dataflow.internal.rangeanalysis.SignAnalysisCommon

java/ql/lib/semmle/code/java/dataflow/StringPrefixes.qll

@@ -25,6 +25,8 @@
  * String.format("%sfoo:%s", notSuffix, suffix4);
  * ```
  */
+overlay[local?]
+module;
 
 import java
 private import semmle.code.java.dataflow.TaintTracking

java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll

@@ -2,6 +2,8 @@
  * Provides classes for performing local (intra-procedural) and
  * global (inter-procedural) taint-tracking analyses.
  */
+overlay[local?]
+module;
 
 import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.dataflow.internal.TaintTrackingUtil::StringBuilderVarModule

java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll

@@ -7,6 +7,8 @@
  * type has a subtype or if an inferred upper bound passed through at least one
  * explicit or implicit cast that lost type information.
  */
+overlay[local?]
+module;
 
 import java as J
 private import semmle.code.java.dispatch.VirtualDispatch

java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll

@@ -10,6 +10,8 @@
  * This is a restricted version of SSA.qll that only handles `LocalScopeVariable`s
  * in order to not depend on virtual dispatch.
  */
+overlay[local?]
+module;
 
 import java
 private import codeql.ssa.Ssa as SsaImplCommon

java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 import java
 import semmle.code.java.Collections
 import semmle.code.java.Maps

java/ql/lib/semmle/code/java/dataflow/internal/ContentDataFlow.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import java
 private import DataFlowImplSpecific
 private import codeql.dataflow.internal.ContentDataFlowImpl

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowDispatch.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import java
 private import DataFlowPrivate
 private import DataFlowUtil
@@ -210,6 +213,7 @@ private module DispatchImpl {
   }
 
   /** Holds if arguments at position `apos` match parameters at position `ppos`. */
+  overlay[caller]
   pragma[inline]
   predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos) { ppos = apos }
 }

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import DataFlowImplSpecific
 private import codeql.dataflow.internal.DataFlowImpl
 private import semmle.code.Location

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import DataFlowImplSpecific
 private import semmle.code.Location
 private import codeql.dataflow.internal.DataFlowImplCommon

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll

@@ -2,6 +2,8 @@
  * Provides consistency queries for checking invariants in the language-specific
  * data-flow classes and predicates.
  */
+overlay[local?]
+module;
 
 private import java
 private import DataFlowImplSpecific

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll

@@ -1,6 +1,8 @@
 /**
  * Provides Java-specific definitions for use in the data flow library.
  */
+overlay[local?]
+module;
 
 private import semmle.code.Location
 private import codeql.dataflow.DataFlow

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import java
 private import semmle.code.java.dataflow.InstanceAccess
 private import semmle.code.java.dataflow.ExternalFlow

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll

@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import java
 private import DataFlowUtil
 private import DataFlowImplCommon

java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll

@@ -1,6 +1,8 @@
 /**
  * Basic definitions for use in the data flow library.
  */
+overlay[local?]
+module;
 
 private import java
 private import DataFlowPrivate
@@ -77,6 +79,7 @@ private module ThisFlow {
  * Holds if data can flow from `node1` to `node2` in zero or more
  * local (intra-procedural) steps.
  */
+overlay[caller]
 pragma[inline]
 predicate localFlow(Node node1, Node node2) { node1 = node2 or localFlowStepPlus(node1, node2) }
 
@@ -86,6 +89,7 @@ private predicate localFlowStepPlus(Node node1, Node node2) = fastTC(localFlowSt
  * Holds if data can flow from `e1` to `e2` in zero or more
  * local (intra-procedural) steps.
  */
+overlay[caller]
 pragma[inline]
 predicate localExprFlow(Expr e1, Expr e2) { localFlow(exprNode(e1), exprNode(e2)) }