Python: Simplyfy sequence stores

yoff · yoff · commit f21777c6ce50 · 2020-08-03T08:16:43.000+02:00
diff --git a/python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll b/python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll
@@ -224,16 +224,13 @@ predicate jumpStep(Node pred, Node succ) {
  * content `c`.
  */
 predicate storeStep(Node nodeFrom, Content c, Node nodeTo) {
-  // Definition
-  //   `x = (..., 42, ...)`
+  // Sequence
+  //   `(..., 42, ...)`
   //   or
-  //   `x = [..., 42, ...]`
-  //   nodeFrom is `f(42)`, cfg node
-  //   nodeTo is `x`, essa var
-  exists(SequenceNode s |
-    nodeFrom.(CfgNode).getNode() = s.getAnElement() and
-    nodeTo.(EssaNode).getVar().getDefinition().(AssignmentDefinition).getValue() = s
-  )
+  //   `[..., 42, ...]`
+  //   nodeFrom is `42`, cfg node
+  //   nodeTo is the sequence, say `[..., 42, ...]`, cfg node
+  nodeTo.(CfgNode).getNode().(SequenceNode).getAnElement() = nodeFrom.(CfgNode).getNode()
 }
 
 /**
diff --git a/python/ql/test/experimental/dataflow/coverage/dataflow.expected b/python/ql/test/experimental/dataflow/coverage/dataflow.expected
@@ -1,10 +1,10 @@
 edges
-| test.py:24:5:24:5 | SSA variable x [Content] | test.py:25:9:25:9 | ControlFlowNode for x [Content] |
-| test.py:24:21:24:26 | ControlFlowNode for SOURCE | test.py:24:5:24:5 | SSA variable x [Content] |
+| test.py:24:10:24:26 | ControlFlowNode for Tuple [Content] | test.py:25:9:25:9 | ControlFlowNode for x [Content] |
+| test.py:24:21:24:26 | ControlFlowNode for SOURCE | test.py:24:10:24:26 | ControlFlowNode for Tuple [Content] |
 | test.py:25:9:25:9 | ControlFlowNode for x [Content] | test.py:25:9:25:12 | ControlFlowNode for Subscript |
 | test.py:25:9:25:12 | ControlFlowNode for Subscript | test.py:26:10:26:10 | ControlFlowNode for y |
-| test.py:29:5:29:5 | SSA variable x [Content] | test.py:30:9:30:9 | ControlFlowNode for x [Content] |
-| test.py:29:21:29:26 | ControlFlowNode for SOURCE | test.py:29:5:29:5 | SSA variable x [Content] |
+| test.py:29:10:29:26 | ControlFlowNode for Tuple [Content] | test.py:30:9:30:9 | ControlFlowNode for x [Content] |
+| test.py:29:21:29:26 | ControlFlowNode for SOURCE | test.py:29:10:29:26 | ControlFlowNode for Tuple [Content] |
 | test.py:30:9:30:9 | ControlFlowNode for x [Content] | test.py:30:9:30:12 | ControlFlowNode for Subscript |
 | test.py:30:9:30:12 | ControlFlowNode for Subscript | test.py:31:12:31:12 | ControlFlowNode for y |
 | test.py:35:9:35:14 | ControlFlowNode for SOURCE | test.py:36:10:36:10 | ControlFlowNode for x |
@@ -13,19 +13,23 @@ edges
 | test.py:48:9:48:10 | ControlFlowNode for IntegerLiteral | test.py:49:10:49:10 | ControlFlowNode for x |
 | test.py:52:9:52:12 | ControlFlowNode for FloatLiteral | test.py:53:10:53:10 | ControlFlowNode for x |
 | test.py:61:10:61:15 | ControlFlowNode for SOURCE | test.py:62:10:62:10 | ControlFlowNode for x |
-| test.py:66:5:66:5 | SSA variable x [Content] | test.py:67:10:67:10 | ControlFlowNode for x [Content] |
-| test.py:66:10:66:15 | ControlFlowNode for SOURCE | test.py:66:5:66:5 | SSA variable x [Content] |
+| test.py:66:9:66:16 | ControlFlowNode for List [Content] | test.py:67:10:67:10 | ControlFlowNode for x [Content] |
+| test.py:66:10:66:15 | ControlFlowNode for SOURCE | test.py:66:9:66:16 | ControlFlowNode for List [Content] |
 | test.py:67:10:67:10 | ControlFlowNode for x [Content] | test.py:67:10:67:13 | ControlFlowNode for Subscript |
-| test.py:238:28:238:33 | ControlFlowNode for SOURCE | test.py:238:10:238:34 | ControlFlowNode for second() |
-| test.py:297:12:297:17 | ControlFlowNode for SOURCE | test.py:297:10:297:18 | ControlFlowNode for f() |
-| test.py:301:28:301:33 | ControlFlowNode for SOURCE | test.py:301:10:301:34 | ControlFlowNode for second() |
+| test.py:222:11:222:16 | ControlFlowNode for SOURCE | test.py:222:11:222:17 | ControlFlowNode for Tuple [Content] |
+| test.py:222:11:222:17 | ControlFlowNode for Tuple [Content] | test.py:222:10:222:21 | ControlFlowNode for Subscript |
+| test.py:225:10:225:17 | ControlFlowNode for List [Content] | test.py:225:10:225:20 | ControlFlowNode for Subscript |
+| test.py:225:11:225:16 | ControlFlowNode for SOURCE | test.py:225:10:225:17 | ControlFlowNode for List [Content] |
+| test.py:246:28:246:33 | ControlFlowNode for SOURCE | test.py:246:10:246:34 | ControlFlowNode for second() |
+| test.py:305:12:305:17 | ControlFlowNode for SOURCE | test.py:305:10:305:18 | ControlFlowNode for f() |
+| test.py:309:28:309:33 | ControlFlowNode for SOURCE | test.py:309:10:309:34 | ControlFlowNode for second() |
 nodes
-| test.py:24:5:24:5 | SSA variable x [Content] | semmle.label | SSA variable x [Content] |
+| test.py:24:10:24:26 | ControlFlowNode for Tuple [Content] | semmle.label | ControlFlowNode for Tuple [Content] |
 | test.py:24:21:24:26 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | test.py:25:9:25:9 | ControlFlowNode for x [Content] | semmle.label | ControlFlowNode for x [Content] |
 | test.py:25:9:25:12 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
 | test.py:26:10:26:10 | ControlFlowNode for y | semmle.label | ControlFlowNode for y |
-| test.py:29:5:29:5 | SSA variable x [Content] | semmle.label | SSA variable x [Content] |
+| test.py:29:10:29:26 | ControlFlowNode for Tuple [Content] | semmle.label | ControlFlowNode for Tuple [Content] |
 | test.py:29:21:29:26 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | test.py:30:9:30:9 | ControlFlowNode for x [Content] | semmle.label | ControlFlowNode for x [Content] |
 | test.py:30:9:30:12 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
@@ -42,16 +46,22 @@ nodes
 | test.py:53:10:53:10 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
 | test.py:61:10:61:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | test.py:62:10:62:10 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
-| test.py:66:5:66:5 | SSA variable x [Content] | semmle.label | SSA variable x [Content] |
+| test.py:66:9:66:16 | ControlFlowNode for List [Content] | semmle.label | ControlFlowNode for List [Content] |
 | test.py:66:10:66:15 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | test.py:67:10:67:10 | ControlFlowNode for x [Content] | semmle.label | ControlFlowNode for x [Content] |
 | test.py:67:10:67:13 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
-| test.py:238:10:238:34 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
-| test.py:238:28:238:33 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:297:10:297:18 | ControlFlowNode for f() | semmle.label | ControlFlowNode for f() |
-| test.py:297:12:297:17 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| test.py:301:10:301:34 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
-| test.py:301:28:301:33 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| test.py:222:10:222:21 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
+| test.py:222:11:222:16 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| test.py:222:11:222:17 | ControlFlowNode for Tuple [Content] | semmle.label | ControlFlowNode for Tuple [Content] |
+| test.py:225:10:225:17 | ControlFlowNode for List [Content] | semmle.label | ControlFlowNode for List [Content] |
+| test.py:225:10:225:20 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
+| test.py:225:11:225:16 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| test.py:246:10:246:34 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
+| test.py:246:28:246:33 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| test.py:305:10:305:18 | ControlFlowNode for f() | semmle.label | ControlFlowNode for f() |
+| test.py:305:12:305:17 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| test.py:309:10:309:34 | ControlFlowNode for second() | semmle.label | ControlFlowNode for second() |
+| test.py:309:28:309:33 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 #select
 | test.py:26:10:26:10 | ControlFlowNode for y | test.py:24:21:24:26 | ControlFlowNode for SOURCE | test.py:26:10:26:10 | ControlFlowNode for y | <message> |
 | test.py:31:12:31:12 | ControlFlowNode for y | test.py:29:21:29:26 | ControlFlowNode for SOURCE | test.py:31:12:31:12 | ControlFlowNode for y | <message> |
@@ -62,6 +72,8 @@ nodes
 | test.py:53:10:53:10 | ControlFlowNode for x | test.py:52:9:52:12 | ControlFlowNode for FloatLiteral | test.py:53:10:53:10 | ControlFlowNode for x | <message> |
 | test.py:62:10:62:10 | ControlFlowNode for x | test.py:61:10:61:15 | ControlFlowNode for SOURCE | test.py:62:10:62:10 | ControlFlowNode for x | <message> |
 | test.py:67:10:67:13 | ControlFlowNode for Subscript | test.py:66:10:66:15 | ControlFlowNode for SOURCE | test.py:67:10:67:13 | ControlFlowNode for Subscript | <message> |
-| test.py:238:10:238:34 | ControlFlowNode for second() | test.py:238:28:238:33 | ControlFlowNode for SOURCE | test.py:238:10:238:34 | ControlFlowNode for second() | <message> |
-| test.py:297:10:297:18 | ControlFlowNode for f() | test.py:297:12:297:17 | ControlFlowNode for SOURCE | test.py:297:10:297:18 | ControlFlowNode for f() | <message> |
-| test.py:301:10:301:34 | ControlFlowNode for second() | test.py:301:28:301:33 | ControlFlowNode for SOURCE | test.py:301:10:301:34 | ControlFlowNode for second() | <message> |
+| test.py:222:10:222:21 | ControlFlowNode for Subscript | test.py:222:11:222:16 | ControlFlowNode for SOURCE | test.py:222:10:222:21 | ControlFlowNode for Subscript | <message> |
+| test.py:225:10:225:20 | ControlFlowNode for Subscript | test.py:225:11:225:16 | ControlFlowNode for SOURCE | test.py:225:10:225:20 | ControlFlowNode for Subscript | <message> |
+| test.py:246:10:246:34 | ControlFlowNode for second() | test.py:246:28:246:33 | ControlFlowNode for SOURCE | test.py:246:10:246:34 | ControlFlowNode for second() | <message> |
+| test.py:305:10:305:18 | ControlFlowNode for f() | test.py:305:12:305:17 | ControlFlowNode for SOURCE | test.py:305:10:305:18 | ControlFlowNode for f() | <message> |
+| test.py:309:10:309:34 | ControlFlowNode for second() | test.py:309:28:309:33 | ControlFlowNode for SOURCE | test.py:309:10:309:34 | ControlFlowNode for second() | <message> |
diff --git a/python/ql/test/experimental/dataflow/coverage/test.py b/python/ql/test/experimental/dataflow/coverage/test.py
@@ -74,6 +74,10 @@ def test_list_comprehension():
     x = [SOURCE for y in [NONSOURCE]]
     SINK(x[0]) # Flow missing
 
+def test_list_comprehension_flow():
+    x = [y for y in [SOURCE]]
+    SINK(x[0]) # Flow missing
+
 def test_nested_list_display():
     x = [* [SOURCE]]
     SINK(x[0]) # Flow missing
@@ -87,6 +91,10 @@ def test_set_comprehension():
     x = {SOURCE for y in [NONSOURCE]}
     SINK(x.pop()) # Flow missing
 
+def test_set_comprehension_flow():
+    x = {y for y in [SOURCE]}
+    SINK(x.pop()) # Flow missing
+
 def test_nested_set_display():
     x = {* {SOURCE}}
     SINK(x.pop()) # Flow missing
@@ -211,10 +219,10 @@ def test_attribute_reference():
 
 # 6.3.2. Subscriptions
 def test_subscription_tuple():
-    SINK((SOURCE,)[0]) # Flow missing
+    SINK((SOURCE,)[0])
 
 def test_subscription_list():
-    SINK([SOURCE][0]) # Flow missing
+    SINK([SOURCE][0])
 
 def test_subscription_mapping():
     SINK({"s":SOURCE}["s"]) # Flow missing
