github
diff --git a/‎rust/ql/lib/codeql/rust/internal/typeinference/FunctionOverloading.qll‎
Lines changed: 22 additions & 19 deletions b/‎rust/ql/lib/codeql/rust/internal/typeinference/FunctionOverloading.qll‎
Lines changed: 22 additions & 19 deletions
diff --git a/‎rust/ql/lib/codeql/rust/internal/typeinference/FunctionType.qll‎
Lines changed: 61 additions & 36 deletions b/‎rust/ql/lib/codeql/rust/internal/typeinference/FunctionType.qll‎
Lines changed: 61 additions & 36 deletions
@@ -76,28 +76,20 @@ private predicate implSiblings(TraitItemNode trait, Impl impl1, Impl impl2) {
 pragma[nomagic]
 private predicate implHasSibling(ImplItemNode impl, Trait trait) { implSiblings(trait, impl, _) }
 
-/**
- * Holds if type parameter `tp` of `trait` occurs in the function `f` with the name
- * `functionName` at position `pos` and path `path`.
- *
- * Note that `pos` can also be the special `return` position, which is sometimes
- * needed to disambiguate associated function calls like `Default::default()`
- * (in this case, `tp` is the special `Self` type parameter).
- */
-bindingset[trait]
-pragma[inline_late]
+pragma[nomagic]
 predicate traitTypeParameterOccurrence(
   TraitItemNode trait, Function f, string functionName, FunctionPosition pos, TypePath path,
   TypeParameter tp
 ) {
-  f = trait.getASuccessor(functionName) and
+  f = trait.getAssocItem(functionName) and
   tp = getAssocFunctionTypeAt(f, trait, pos, path) and
   tp = trait.(TraitTypeAbstraction).getATypeParameter()
 }
 
 pragma[nomagic]
 private predicate functionResolutionDependsOnArgument0(
-  ImplItemNode impl, Function f, FunctionPosition pos, TypePath path, Type type
+  ImplItemNode impl, Function f, string functionName, TypeParameter traitTp, FunctionPosition pos,
+  TypePath path, Type type
 ) {
   /*
    * As seen in the example below, when an implementation has a sibling for a
@@ -124,9 +116,9 @@ private predicate functionResolutionDependsOnArgument0(
    * method. In that case we will still resolve several methods.
    */
 
-  exists(TraitItemNode trait, string functionName |
+  exists(TraitItemNode trait |
     implHasSibling(impl, trait) and
-    traitTypeParameterOccurrence(trait, _, functionName, pos, path, _) and
+    traitTypeParameterOccurrence(trait, _, functionName, pos, path, traitTp) and
     type = getAssocFunctionTypeAt(f, impl, pos, path) and
     f = impl.getASuccessor(functionName)
   )
@@ -139,21 +131,32 @@ private predicate functionResolutionDependsOnArgument0(
  */
 pragma[nomagic]
 predicate functionResolutionDependsOnArgument(
-  ImplItemNode impl, Function f, FunctionPosition pos, TypePath path, Type type
+  ImplItemNode impl, Function f, TypeParameter traitTp, FunctionPosition pos, TypePath path,
+  Type type
 ) {
-  functionResolutionDependsOnArgument0(impl, f, pos, path, type) and
-  (
+  exists(string functionName |
+    functionResolutionDependsOnArgument0(impl, f, functionName, traitTp, pos, path, type)
+  |
     pos.isPosition()
     or
     // Only disambiguate based on return type when all other positions are trivially
     // satisfied for all arguments.
     pos.isReturn() and
     forall(FunctionPosition pos0, TypePath path0, Type type0 |
       pos0.isPosition() and
-      functionResolutionDependsOnArgument0(impl, f, pos0, path0, type0)
+      functionResolutionDependsOnArgument0(impl, f, _, _, pos0, path0, type0)
     |
-      path0.isEmpty() and
       type0.(TypeParamTypeParameter).getTypeParam() = any(TypeParam tp | not tp.hasTypeBound())
+      or
+      forall(ImplItemNode impl1, Function f1, Type type1 |
+        implSiblings(_, impl, impl1) and
+        f1 = impl1.getASuccessor(functionName) and
+        type1 = getAssocFunctionTypeAt(f1, impl1, pos0, path0)
+      |
+        type1.(TypeParamTypeParameter).getTypeParam() = any(TypeParam tp | not tp.hasTypeBound())
+        or
+        type0 = type1
+      )
     )
   )
 }
@@ -294,10 +294,12 @@ module ArgIsInstantiationOf<
  */
 signature module ArgsAreInstantiationsOfInputSig {
   /**
-   * Holds if types need to be matched against the type `t` at position `pos` of
-   * `f` inside `i`.
+   * Holds if `f` implements a trait function with type parameter `traitTp`, where
+   * we need to check that the type of `f` for `traitTp` is satisfied.
+   *
+   * `pos` is one of the positions in `f` in which the relevant type occours.
    */
-  predicate toCheck(ImplOrTraitItemNode i, Function f, FunctionPosition pos, AssocFunctionType t);
+  predicate toCheck(ImplOrTraitItemNode i, Function f, TypeParameter traitTp, FunctionPosition pos);
 
   /** A call whose argument types are to be checked. */
   class Call {
@@ -318,23 +320,28 @@ signature module ArgsAreInstantiationsOfInputSig {
  */
 module ArgsAreInstantiationsOf<ArgsAreInstantiationsOfInputSig Input> {
   pragma[nomagic]
-  private predicate toCheckRanked(ImplOrTraitItemNode i, Function f, FunctionPosition pos, int rnk) {
-    Input::toCheck(i, f, pos, _) and
-    pos =
-      rank[rnk + 1](FunctionPosition pos0, int j |
-        Input::toCheck(i, f, pos0, _) and
-        (
-          j = pos0.asPosition()
-          or
-          pos0.isSelf() and j = -1
-          or
-          pos0.isReturn() and j = -2
-        )
+  private predicate toCheckRanked(
+    ImplOrTraitItemNode i, Function f, TypeParameter traitTp, FunctionPosition pos, int rnk
+  ) {
+    Input::toCheck(i, f, traitTp, pos) and
+    traitTp =
+      rank[rnk + 1](TypeParameter traitTp0, int j |
+        Input::toCheck(i, f, traitTp0, _) and
+        j = getTypeParameterId(traitTp0)
       |
-        pos0 order by j
+        traitTp0 order by j
       )
   }
 
+  pragma[nomagic]
+  private predicate toCheck(
+    ImplOrTraitItemNode i, Function f, TypeParameter traitTp, FunctionPosition pos,
+    AssocFunctionType t
+  ) {
+    Input::toCheck(i, f, traitTp, pos) and
+    t.appliesTo(f, i, pos)
+  }
+
   private newtype TCallAndPos =
     MkCallAndPos(Input::Call call, FunctionPosition pos) { exists(call.getArgType(pos, _)) }
 
@@ -356,36 +363,34 @@ module ArgsAreInstantiationsOf<ArgsAreInstantiationsOfInputSig Input> {
     string toString() { result = call.toString() + " [arg " + pos + "]" }
   }
 
+  pragma[nomagic]
+  private predicate potentialInstantiationOf0(
+    CallAndPos cp, Input::Call call, TypeParameter traitTp, FunctionPosition pos, Function f,
+    TypeAbstraction abs, AssocFunctionType constraint
+  ) {
+    cp = MkCallAndPos(call, pragma[only_bind_into](pos)) and
+    call.hasTargetCand(abs, f) and
+    toCheck(abs, f, traitTp, pragma[only_bind_into](pos), constraint)
+  }
+
   private module ArgIsInstantiationOfToIndexInput implements
     IsInstantiationOfInputSig<CallAndPos, AssocFunctionType>
   {
-    pragma[nomagic]
-    private predicate potentialInstantiationOf0(
-      CallAndPos cp, Input::Call call, FunctionPosition pos, int rnk, Function f,
-      TypeAbstraction abs, AssocFunctionType constraint
-    ) {
-      cp = MkCallAndPos(call, pragma[only_bind_into](pos)) and
-      call.hasTargetCand(abs, f) and
-      toCheckRanked(abs, f, pragma[only_bind_into](pos), rnk) and
-      Input::toCheck(abs, f, pragma[only_bind_into](pos), constraint)
-    }
-
     pragma[nomagic]
     predicate potentialInstantiationOf(
       CallAndPos cp, TypeAbstraction abs, AssocFunctionType constraint
     ) {
-      exists(Input::Call call, int rnk, Function f |
-        potentialInstantiationOf0(cp, call, _, rnk, f, abs, constraint)
+      exists(Input::Call call, TypeParameter traitTp, FunctionPosition pos, int rnk, Function f |
+        potentialInstantiationOf0(cp, call, traitTp, pragma[only_bind_into](pos), f, abs, constraint) and
+        toCheckRanked(abs, f, traitTp, pragma[only_bind_into](pos), rnk)
       |
         rnk = 0
         or
         argsAreInstantiationsOfToIndex(call, abs, f, rnk - 1)
       )
     }
 
-    predicate relevantConstraint(AssocFunctionType constraint) {
-      Input::toCheck(_, _, _, constraint)
-    }
+    predicate relevantConstraint(AssocFunctionType constraint) { toCheck(_, _, _, _, constraint) }
   }
 
   private module ArgIsInstantiationOfToIndex =
@@ -398,7 +403,11 @@ module ArgsAreInstantiationsOf<ArgsAreInstantiationsOfInputSig Input> {
     exists(FunctionPosition pos |
       ArgIsInstantiationOfToIndex::argIsInstantiationOf(MkCallAndPos(call, pos), i, _) and
       call.hasTargetCand(i, f) and
-      toCheckRanked(i, f, pos, rnk)
+      toCheckRanked(i, f, _, pos, rnk)
+    |
+      rnk = 0
+      or
+      argsAreInstantiationsOfToIndex(call, i, f, rnk - 1)
     )
   }
 
@@ -410,15 +419,31 @@ module ArgsAreInstantiationsOf<ArgsAreInstantiationsOfInputSig Input> {
   predicate argsAreInstantiationsOf(Input::Call call, ImplOrTraitItemNode i, Function f) {
     exists(int rnk |
       argsAreInstantiationsOfToIndex(call, i, f, rnk) and
-      rnk = max(int r | toCheckRanked(i, f, _, r))
+      rnk = max(int r | toCheckRanked(i, f, _, _, r))
     )
   }
 
+  private module ArgsAreNotInstantiationOfInput implements
+    IsInstantiationOfInputSig<CallAndPos, AssocFunctionType>
+  {
+    pragma[nomagic]
+    predicate potentialInstantiationOf(
+      CallAndPos cp, TypeAbstraction abs, AssocFunctionType constraint
+    ) {
+      potentialInstantiationOf0(cp, _, _, _, _, abs, constraint)
+    }
+
+    predicate relevantConstraint(AssocFunctionType constraint) { toCheck(_, _, _, _, constraint) }
+  }
+
+  private module ArgsAreNotInstantiationOf =
+    ArgIsInstantiationOf<CallAndPos, ArgsAreNotInstantiationOfInput>;
+
   pragma[nomagic]
   private predicate argsAreNotInstantiationsOf0(
     Input::Call call, FunctionPosition pos, ImplOrTraitItemNode i
   ) {
-    ArgIsInstantiationOfToIndex::argIsNotInstantiationOf(MkCallAndPos(call, pos), i, _, _)
+    ArgsAreNotInstantiationOf::argIsNotInstantiationOf(MkCallAndPos(call, pos), i, _, _)
   }
 
   /**
@@ -430,7 +455,7 @@ module ArgsAreInstantiationsOf<ArgsAreInstantiationsOfInputSig Input> {
     exists(FunctionPosition pos |
       argsAreNotInstantiationsOf0(call, pos, i) and
       call.hasTargetCand(i, f) and
-      Input::toCheck(i, f, pos, _)
+      Input::toCheck(i, f, _, pos)
     )
   }
 }