python: instantiate module for variable capture

This provides variable capture in standard situations:
- nested functions
- lambdas
There are some deficiencies:
- we do not yet handle objects capturing variables.
- we do not handle variables captured via the `nonlocal` keyword.
  This should be solved at the AST level, though, and then it
  should "just work".

There are still inconsistencies in the case where
a `SynthesizedCaptureNode` has a comprehensions
as its enclosing callable. In this case,
`TFunction(cn.getEnclosingCallable())` is not
defined and so getEnclosingCallable does not exist
for the `CaptureNode`.

python/ql/test/experimental/dataflow/variable-capture/dict.py

@@ -37,7 +37,7 @@ def out():
     def captureOut1():
         sinkO1["x"] = SOURCE
     captureOut1()
-    SINK(sinkO1["x"]) #$ MISSING:captured
+    SINK(sinkO1["x"]) #$ captured
 
     sinkO2 = { "x": "" }
     def captureOut2():
@@ -45,7 +45,7 @@ def out():
             sinkO2["x"] = SOURCE
         m()
     captureOut2()
-    SINK(sinkO2["x"]) #$ MISSING:captured
+    SINK(sinkO2["x"]) #$ captured
 
     nonSink0 = { "x": "" }
     def captureOut1NotCalled():
@@ -67,7 +67,7 @@ def through(tainted):
     def captureOut1():
         sinkO1["x"] = tainted
     captureOut1()
-    SINK(sinkO1["x"]) #$ MISSING:captured
+    SINK(sinkO1["x"]) #$ captured
 
     sinkO2 = { "x": "" }
     def captureOut2():
@@ -75,7 +75,7 @@ def through(tainted):
             sinkO2["x"] = tainted
         m()
     captureOut2()
-    SINK(sinkO2["x"]) #$ MISSING:captured
+    SINK(sinkO2["x"]) #$ captured
 
     nonSink1 = { "x": "" }
     def captureOut1NotCalled():