When I write a query like this:
class Meow extends Struct {
Field f;
Meow() {
f.getDeclaringType() = this
}
Field getField() { result = f }
}
from Meow m
select m, m.getField(), m.getField()My mental model of this is: "Meow is essentially a (struct, struct's field) tuple. from Meow m will select all of those tuples. For each of those , select m, m.getField(), m.getField() will print their contents."
But that is actually not what happens, because you get results like this:
| m | col1 | col2 |
+-----------------------------------+-----------------------------------------------------+-----------------------------------------------------+
// [snip]
| port_io_ops | f_inb | f_outb |
// [snip]
Which means that the first m.getField() and the second m.getField() are operating on different Meow objects.
I've been debugging a bug in my query for hours now only to realize that this is what happens. Is this really intended? I read through a non-trivial amount of documentation and did not realize this, I feel like my whole mental model of how codeql works is shattering :S
(If it is really intended, could the documentation be updated to point this out more clearly?)
When I write a query like this:
My mental model of this is: "
Meowis essentially a (struct, struct's field) tuple.from Meow mwill select all of those tuples. For each of those ,select m, m.getField(), m.getField()will print their contents."But that is actually not what happens, because you get results like this:
Which means that the first
m.getField()and the secondm.getField()are operating on differentMeowobjects.I've been debugging a bug in my query for hours now only to realize that this is what happens. Is this really intended? I read through a non-trivial amount of documentation and did not realize this, I feel like my whole mental model of how codeql works is shattering :S
(If it is really intended, could the documentation be updated to point this out more clearly?)