mirror of
https://github.com/github/codeql.git
synced 2026-05-30 19:11:23 +02:00
93bd4e3b85
Adds inline-expectation tests for the new shared CFG implementation in python/ql/lib/semmle/python/controlflow/internal/AstNodeImpl.qll, covering every Python binding construct that introduces a variable. The test files use MISSING: annotations to record bindings whose defining Name AST node is *not* currently reachable from the new CFG. These are the 'red' half of red-green commit pairs: subsequent commits will extend AstNodeImpl to cover each construct and remove the corresponding MISSING: marker. Confirmed-broken categories: - Import aliases (from x import a) - Annotated assignment (x: int = 1) - Exception handler (except E as e) - Match patterns (case x, case [a,b], case ... as v) - PEP 695 type params (def f[T], class C[T]) Confirmed-working (no MISSING:): - Compound targets, with-as, comprehensions, decorated def/class, walrus, starred. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
38 lines
1.4 KiB
Plaintext
38 lines
1.4 KiB
Plaintext
/**
|
|
* Phase -1 of the dataflow CFG migration: verifies that every variable
|
|
* binding visible to the AST (`Name.defines(v)`) corresponds to a CFG node
|
|
* in the new CFG (`semmle.python.controlflow.internal.AstNodeImpl`).
|
|
*
|
|
* The expected tag is `cfgdefines=<name>`. Each binding annotation in the
|
|
* test sources looks like `# $ cfgdefines=x` for a binding currently
|
|
* covered by the new CFG, or `# $ MISSING: cfgdefines=x` for a binding
|
|
* that is known to be uncovered (a "red" test case that should be
|
|
* green-flipped once the corresponding `cfg-ext-*` extension lands).
|
|
*
|
|
* Parameters (`def f(x):` etc.) are deliberately excluded — Java's
|
|
* pattern handles parameter writes at the SSA layer (`hasEntryDef`),
|
|
* not as CFG nodes.
|
|
*/
|
|
|
|
import python
|
|
import semmle.python.controlflow.internal.AstNodeImpl as CfgImpl
|
|
import utils.test.InlineExpectationsTest
|
|
|
|
module CfgBindingsTest implements TestSig {
|
|
string getARelevantTag() { result = "cfgdefines" }
|
|
|
|
predicate hasActualResult(Location location, string element, string tag, string value) {
|
|
exists(Name n, Variable v, CfgImpl::ControlFlowNode cfg |
|
|
n.defines(v) and
|
|
not py_expr_contexts(_, 4, n) and // exclude parameters
|
|
cfg.getAstNode().asExpr() = n and
|
|
location = n.getLocation() and
|
|
element = n.toString() and
|
|
tag = "cfgdefines" and
|
|
value = v.getId()
|
|
)
|
|
}
|
|
}
|
|
|
|
import MakeTest<CfgBindingsTest>
|