SONARPY-3997 Compute ReachingDefinitionsAnalysis at module-level (#1018)

GitOrigin-RevId: 372eff5a6e5c40910ec716dfdd87024e9a830082

Author: guillaume-dequenne

python-checks/src/test/resources/checks/datetime_constructor_pytz_timezone.py

@@ -13,7 +13,9 @@ def timezone_in_a_variable():
     return dt1
 
 some_timezone_1 = pytz.timezone('US/Eastern')
-dt1 = datetime.datetime(2022, 1, 1, tzinfo=some_timezone_1)  # FN because of ReachingDefinitionsAnalysis limitations : it only runs in functions
+                 #^^^^^^^^^^^^^^^^^^^^^^^^^^^> 1 {{The pytz.timezone is created here.}}
+dt1 = datetime.datetime(2022, 1, 1, tzinfo=some_timezone_1)  # Noncompliant {{Don't pass a "pytz.timezone" to the "datetime.datetime" constructor.}}
+                                   #^^^^^^^^^^^^^^^^^^^^^^
 
 def compliant():
     other_timezone = datetime.timezone(datetime.timedelta(hours=2))

python-frontend/src/main/java/org/sonar/python/cfg/fixpoint/ReachingDefinitionsAnalysis.java

@@ -37,12 +37,14 @@
 import org.sonar.plugins.python.api.tree.AssignmentStatement;
 import org.sonar.plugins.python.api.tree.BaseTreeVisitor;
 import org.sonar.plugins.python.api.tree.Expression;
+import org.sonar.plugins.python.api.tree.FileInput;
 import org.sonar.plugins.python.api.tree.FunctionDef;
 import org.sonar.plugins.python.api.tree.Name;
 import org.sonar.plugins.python.api.tree.Tree;
 import org.sonar.python.tree.TreeUtils;
 
 import static org.sonar.plugins.python.api.tree.Tree.Kind.ASSIGNMENT_STMT;
+import static org.sonar.plugins.python.api.tree.Tree.Kind.CLASSDEF;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.FUNCDEF;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.TRY_STMT;
 
@@ -74,17 +76,38 @@ public Set<Expression> valuesAtLocation(Name variable) {
       return assignedExpressions;
     }
     FunctionDef enclosingFunction = (FunctionDef) TreeUtils.firstAncestorOfKind(variable, FUNCDEF);
-    if (enclosingFunction == null || TreeUtils.hasDescendant(enclosingFunction, t -> t.is(TRY_STMT))) {
+    if (enclosingFunction != null) {
+      return valuesInFunctionScope(variable, enclosingFunction);
+    }
+
+    FileInput fileInput = TreeUtils.firstAncestorOfClass(variable, FileInput.class);
+    if (fileInput == null) {
+      return Collections.emptySet();
+    }
+    return analyzeScope(variable, fileInput, () -> ControlFlowGraph.build(fileInput, pythonFile), fileInput.globalVariables());
+  }
+
+  private Set<Expression> valuesInFunctionScope(Name variable, FunctionDef enclosingFunction) {
+    return analyzeScope(variable, enclosingFunction, () -> ControlFlowGraph.build(enclosingFunction, pythonFile), enclosingFunction.localVariables());
+  }
+
+  private Set<Expression> analyzeScope(Name variable, Tree scopeTree, Supplier<ControlFlowGraph> cfgSupplier, Set<Symbol> variables) {
+    if (hasTryStatementInScope(scopeTree)) {
       return Collections.emptySet();
     }
-    ControlFlowGraph cfg = ControlFlowGraph.build(enclosingFunction, pythonFile);
+    ControlFlowGraph cfg = cfgSupplier.get();
     if (cfg == null) {
       return Collections.emptySet();
     }
-    compute(cfg, enclosingFunction.localVariables());
+    compute(cfg, variables);
     return assignedExpressionByName.getOrDefault(variable, Collections.emptySet());
   }
 
+  private static boolean hasTryStatementInScope(Tree tree) {
+    return tree.children().stream().anyMatch(child ->
+      child.is(TRY_STMT) || (!child.is(FUNCDEF, CLASSDEF) && hasTryStatementInScope(child)));
+  }
+
   private Set<Expression> getAssignedExpressions(Name variable, ProgramStateAtElement programStateAtElement) {
     Symbol symbol = variable.symbol();
     if (symbol == null) {

python-frontend/src/test/java/org/sonar/python/SubscriptionVisitorTest.java

@@ -215,4 +215,30 @@ public void initialize(Context context) {
       .withFailMessage("valuesAtLocation was not called by both checks")
       .isZero();
   }
+
+  @Test
+  void reachingDefinitionAnalysis_at_module_level() {
+    var latch = new CountDownLatch(1);
+
+    var check = new PythonSubscriptionCheck() {
+      @Override
+      public void initialize(Context context) {
+        context.registerSyntaxNodeConsumer(Tree.Kind.EXPRESSION_STMT, ctx -> {
+          var exprStmt = (ExpressionStatement) ctx.syntaxNode();
+          var expr = exprStmt.expressions().get(0);
+          if (expr instanceof Name name && "x".equals(name.name())) {
+            assertThat(ctx.valuesAtLocation(name)).extracting(e -> ((NumericLiteral) e).valueAsString()).containsExactly("42");
+            latch.countDown();
+          }
+        });
+      }
+    };
+
+    var fileInput = PythonTestUtils.parse("x = 42\nx");
+    var context = new Builder(fileInput, PythonTestUtils.pythonFile("file")).build();
+    SubscriptionVisitor.analyze(List.of(check), context);
+    assertThat(latch.getCount())
+      .withFailMessage("valuesAtLocation was not called at module level")
+      .isZero();
+  }
 }

python-frontend/src/test/java/org/sonar/python/cfg/fixpoint/ReachingDefinitionsAnalysisTest.java

@@ -82,12 +82,37 @@ void valuesAtLocation_branches() {
   @Test
   void valuesAtLocation_outside_function() {
     Name x = (Name) lastExpression("x = 42; x");
-    assertThat(analysis.valuesAtLocation(x)).isEmpty();
+    assertThat(analysis.valuesAtLocation(x)).extracting(ReachingDefinitionsAnalysisTest::getValueAsString).containsExactly("42");
   }
 
   @Test
   void valuesAtLocation_outside_function_annotated() {
     Name x = (Name) lastExpression("x: int = 42; x");
+    assertThat(analysis.valuesAtLocation(x)).extracting(ReachingDefinitionsAnalysisTest::getValueAsString).containsExactly("42");
+  }
+
+  @Test
+  void valuesAtLocation_outside_function_branches() {
+    Name x = (Name) lastExpression(
+      "if p:",
+      "  x = 1",
+      "else:",
+      "  x = 2",
+      "x"
+    );
+    assertThat(analysis.valuesAtLocation(x)).extracting(ReachingDefinitionsAnalysisTest::getValueAsString).containsExactlyInAnyOrder("1", "2");
+  }
+
+  @Test
+  void valuesAtLocation_outside_function_try_stmt() {
+    Name x = (Name) lastExpression(
+      "x = 1",
+      "try:",
+      "  x = 2",
+      "except:",
+      "  pass",
+      "x"
+    );
     assertThat(analysis.valuesAtLocation(x)).isEmpty();
   }
 
@@ -97,6 +122,12 @@ void valuesAtLocation_invalid_cfg() {
     assertThat(analysis.valuesAtLocation(x)).isEmpty();
   }
 
+  @Test
+  void valuesAtLocation_outside_function_invalid_cfg() {
+    Name x = (Name) lastExpression("x = 42", "break", "x");
+    assertThat(analysis.valuesAtLocation(x)).isEmpty();
+  }
+
   @Test
   void valuesAtLocation_no_name_assignment() {
     Name x = (Name) lastExpressionInFunction("x.foo = 42", "x");
@@ -158,6 +189,34 @@ void compound_assignments() {
     assertThat(analysis.valuesAtLocation(x)).isEmpty();
   }
 
+  @Test
+  void try_stmt_in_nested_function() {
+    Name x = (Name) lastExpressionInFunction(
+      "x = 1",
+      "def inner():",
+      "  try:",
+      "    pass",
+      "  except:",
+      "    pass",
+      "x"
+    );
+    assertThat(analysis.valuesAtLocation(x)).extracting(ReachingDefinitionsAnalysisTest::getValueAsString).containsExactly("1");
+  }
+
+  @Test
+  void valuesAtLocation_outside_function_try_stmt_in_nested_function() {
+    Name x = (Name) lastExpression(
+      "x = 1",
+      "def f():",
+      "  try:",
+      "    pass",
+      "  except:",
+      "    pass",
+      "x"
+    );
+    assertThat(analysis.valuesAtLocation(x)).extracting(ReachingDefinitionsAnalysisTest::getValueAsString).containsExactly("1");
+  }
+
   @Test
   void try_stmt() {
     Name x = (Name) lastExpressionInFunction(