SONARPY-587 Rule S1515: functions and lambdas should not reference va… (SonarSource#658)

guillaume-dequenne · web-flow · commit 40f4331560c4 · 2020-03-25T17:04:00.000+01:00
diff --git a/its/ruling/src/test/resources/expected/python-S1515.json b/its/ruling/src/test/resources/expected/python-S1515.json
@@ -0,0 +1,67 @@
+{
+'project:buildbot-0.8.6p1/buildbot/status/build.py':[
+299,
+],
+'project:buildbot-0.8.6p1/buildbot/status/builder.py':[
+498,
+],
+'project:buildbot-0.8.6p1/buildbot/status/buildstep.py':[
+235,
+],
+'project:buildbot-0.8.6p1/buildbot/status/mail.py':[
+456,
+681,
+],
+'project:buildbot-0.8.6p1/buildbot/test/unit/test_status_web_authz_Authz.py':[
+71,
+],
+'project:django-2.2.3/django/db/models/sql/compiler.py':[
+904,
+907,
+],
+'project:numpy-1.16.4/numpy/lib/tests/test_stride_tricks.py':[
+276,
+276,
+],
+'project:numpy-1.16.4/numpy/testing/tests/test_utils.py':[
+1119,
+1119,
+1120,
+1122,
+1122,
+1123,
+1125,
+1125,
+1126,
+1128,
+1128,
+1129,
+1131,
+1131,
+1132,
+],
+'project:twisted-12.1.0/twisted/conch/test/test_transport.py':[
+2011,
+2024,
+2037,
+2050,
+],
+'project:twisted-12.1.0/twisted/mail/imap4.py':[
+2125,
+],
+'project:twisted-12.1.0/twisted/mail/relaymanager.py':[
+425,
+],
+'project:twisted-12.1.0/twisted/mail/test/test_mail.py':[
+835,
+844,
+],
+'project:twisted-12.1.0/twisted/names/root.py':[
+234,
+],
+'project:twisted-12.1.0/twisted/web/distrib.py':[
+58,
+59,
+60,
+],
+}
diff --git a/python-checks/src/main/java/org/sonar/python/checks/CheckList.java b/python-checks/src/main/java/org/sonar/python/checks/CheckList.java
@@ -102,6 +102,7 @@ public static Iterable<Class> getChecks() {
       FixmeCommentCheck.class,
       FunctionComplexityCheck.class,
       FunctionNameCheck.class,
+      FunctionUsingLoopVariableCheck.class,
       GenericExceptionRaisedCheck.class,
       HardCodedCredentialsCheck.class,
       HardcodedIPCheck.class,
diff --git a/python-checks/src/main/java/org/sonar/python/checks/FunctionUsingLoopVariableCheck.java b/python-checks/src/main/java/org/sonar/python/checks/FunctionUsingLoopVariableCheck.java
@@ -0,0 +1,213 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.python.checks;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
+import org.sonar.check.Rule;
+import org.sonar.plugins.python.api.PythonSubscriptionCheck;
+import org.sonar.plugins.python.api.SubscriptionContext;
+import org.sonar.plugins.python.api.symbols.Symbol;
+import org.sonar.plugins.python.api.symbols.Usage;
+import org.sonar.plugins.python.api.tree.AssignmentStatement;
+import org.sonar.plugins.python.api.tree.BaseTreeVisitor;
+import org.sonar.plugins.python.api.tree.CallExpression;
+import org.sonar.plugins.python.api.tree.ClassDef;
+import org.sonar.plugins.python.api.tree.ComprehensionExpression;
+import org.sonar.plugins.python.api.tree.Expression;
+import org.sonar.plugins.python.api.tree.FileInput;
+import org.sonar.plugins.python.api.tree.FunctionDef;
+import org.sonar.plugins.python.api.tree.FunctionLike;
+import org.sonar.plugins.python.api.tree.LambdaExpression;
+import org.sonar.plugins.python.api.tree.Name;
+import org.sonar.plugins.python.api.tree.ParameterList;
+import org.sonar.plugins.python.api.tree.ReturnStatement;
+import org.sonar.plugins.python.api.tree.Tree;
+import org.sonar.plugins.python.api.tree.YieldStatement;
+import org.sonar.python.semantic.SymbolUtils;
+import org.sonar.python.tree.TreeUtils;
+
+@Rule(key = "S1515")
+public class FunctionUsingLoopVariableCheck extends PythonSubscriptionCheck {
+  @Override
+  public void initialize(Context context) {
+    context.registerSyntaxNodeConsumer(Tree.Kind.FUNCDEF, FunctionUsingLoopVariableCheck::checkFunctionLike);
+    context.registerSyntaxNodeConsumer(Tree.Kind.LAMBDA, FunctionUsingLoopVariableCheck::checkFunctionLike);
+  }
+
+  private static void checkFunctionLike(SubscriptionContext ctx) {
+    FunctionLike functionLike = (FunctionLike) ctx.syntaxNode();
+    Tree enclosingLoop = enclosingLoop(functionLike);
+    if(enclosingLoop == null || !enclosingLoop.is(Tree.Kind.WHILE_STMT, Tree.Kind.FOR_STMT, Tree.Kind.GENERATOR_EXPR, Tree.Kind.LIST_COMPREHENSION)) {
+      return;
+    }
+    if (isReturnedOrCalledWithinLoop(functionLike, enclosingLoop)) {
+      return;
+    }
+    Set<Symbol> enclosingScopeSymbols = getEnclosingScopeSymbols(enclosingLoop);
+    for (Symbol symbol : enclosingScopeSymbols) {
+      List<Tree> problematicUsages = new ArrayList<>();
+      List<Tree> bindingUsages = new ArrayList<>();
+      for (Usage usage : symbol.usages()) {
+        Tree usageTree = usage.tree();
+        if (isUsedInFunctionLike(usageTree, functionLike) && !usage.isBindingUsage()) {
+          problematicUsages.add(usageTree);
+        }
+        if (usage.isBindingUsage() && isWithinEnclosingLoop(usageTree, enclosingLoop)) {
+          bindingUsages.add(usageTree);
+        }
+      }
+      reportIssue(ctx, functionLike, problematicUsages, bindingUsages);
+    }
+  }
+
+  private static void reportIssue(SubscriptionContext ctx, FunctionLike functionLike, List<Tree> problematicUsages, List<Tree> bindingUsages) {
+    if (!problematicUsages.isEmpty() && !bindingUsages.isEmpty()) {
+      PreciseIssue issue = ctx.addIssue(problematicUsages.get(0), "Pass this variable as a parameter with a default value.")
+        .secondary(bindingUsages.get(bindingUsages.size() - 1), "Assignment in the loop");
+      if (functionLike.is(Tree.Kind.FUNCDEF)) {
+        issue.secondary(((FunctionDef) functionLike).name(), "Function definition");
+      }
+    }
+  }
+
+  private static boolean isUsedInFunctionLike(Tree usageTree, FunctionLike functionLike) {
+    ParameterList parameters = functionLike.parameters();
+    if (parameters != null && parameters.nonTuple().stream().anyMatch(p -> usageTree.equals(p.defaultValue()))) {
+      return false;
+    }
+    return TreeUtils.hasDescendant(functionLike, tree -> tree.equals(usageTree));
+  }
+
+  private static boolean isWithinEnclosingLoop(Tree usageTree, Tree enclosingLoop) {
+    return TreeUtils.hasDescendant(enclosingLoop, tree -> tree.equals(usageTree));
+  }
+
+  private static Set<Symbol> getEnclosingScopeSymbols(Tree enclosingLoop) {
+    if (enclosingLoop.is(Tree.Kind.LIST_COMPREHENSION) || enclosingLoop.is(Tree.Kind.GENERATOR_EXPR)) {
+      return ((ComprehensionExpression) enclosingLoop).localVariables();
+    }
+    Tree enclosingScope = TreeUtils.firstAncestor(enclosingLoop, tree -> tree.is(Tree.Kind.FUNCDEF, Tree.Kind.CLASSDEF, Tree.Kind.FILE_INPUT, Tree.Kind.LIST_COMPREHENSION,
+      Tree.Kind.GENERATOR_EXPR));
+    if (enclosingScope == null) {
+      return Collections.emptySet();
+    }
+    if (enclosingScope.is(Tree.Kind.FUNCDEF)) {
+      return ((FunctionLike) enclosingScope).localVariables();
+    }
+    if (enclosingScope.is(Tree.Kind.CLASSDEF)) {
+      return ((ClassDef) enclosingScope).classFields();
+    }
+    return ((FileInput) enclosingScope).globalVariables();
+  }
+
+  private static Tree enclosingLoop(FunctionLike functionLike) {
+    return TreeUtils.firstAncestor(functionLike, t -> t.is(Tree.Kind.FUNCDEF, Tree.Kind.CLASSDEF, Tree.Kind.WHILE_STMT, Tree.Kind.FOR_STMT,
+      Tree.Kind.RETURN_STMT, Tree.Kind.YIELD_STMT, Tree.Kind.GENERATOR_EXPR, Tree.Kind.COMP_FOR, Tree.Kind.LIST_COMPREHENSION));
+  }
+
+  private static boolean isReturnedOrCalledWithinLoop(FunctionLike functionLike, Tree enclosingLoop) {
+    Tree parentCallExpr = TreeUtils.firstAncestor(functionLike, t -> !t.is(Tree.Kind.PARENTHESIZED));
+    if (parentCallExpr != null && parentCallExpr.is(Tree.Kind.CALL_EXPR)) {
+      return true;
+    }
+    CallOrReturnVisitor callOrReturnVisitor = new CallOrReturnVisitor(functionLike, enclosingLoop);
+    enclosingLoop.accept(callOrReturnVisitor);
+    return callOrReturnVisitor.isReturned || callOrReturnVisitor.isCalled;
+  }
+
+  static class CallOrReturnVisitor extends BaseTreeVisitor {
+    Tree enclosingLoop;
+    FunctionLike functionLike;
+    boolean isReturned = false;
+    boolean isCalled = false;
+
+    public CallOrReturnVisitor(FunctionLike functionLike, Tree enclosingLoop) {
+      this.functionLike = functionLike;
+      this.enclosingLoop = enclosingLoop;
+    }
+
+    @Override
+    public void visitCallExpression(CallExpression callExpression) {
+      Symbol calleeSymbol = callExpression.calleeSymbol();
+      if (calleeSymbol != null) {
+        if (functionLike.is(Tree.Kind.FUNCDEF)) {
+          isCalled |= calleeSymbol.equals(((FunctionDef) functionLike).name().symbol());
+        } else {
+          // lambda expression
+          Name name = variableAssigned((LambdaExpression) functionLike);
+          if (name != null) {
+            isCalled |= calleeSymbol.equals(name.symbol());
+          }
+        }
+      }
+      super.visitCallExpression(callExpression);
+    }
+
+    @Override
+    public void visitReturnStatement(ReturnStatement returnStatement) {
+      isReturned |= isFunctionLikeReturned(returnStatement);
+    }
+
+    @Override
+    public void visitYieldStatement(YieldStatement yieldStatement) {
+      isReturned |= isFunctionLikeReturned(yieldStatement);
+    }
+
+    private static Name variableAssigned(LambdaExpression lambdaExpression) {
+      Tree parentAssignment = TreeUtils.firstAncestorOfKind(lambdaExpression, Tree.Kind.ASSIGNMENT_STMT);
+      if (parentAssignment != null) {
+        AssignmentStatement assignmentStatement = (AssignmentStatement) parentAssignment;
+        if (assignmentStatement.lhsExpressions().get(0).expressions().get(0).is(Tree.Kind.NAME)) {
+          Name name = (Name) assignmentStatement.lhsExpressions().get(0).expressions().get(0);
+          Expression expression = Expressions.singleAssignedValue(name);
+          if (expression != null && expression.equals(lambdaExpression)) {
+            return name;
+          }
+        }
+      }
+      return null;
+    }
+
+    private boolean isFunctionLikeReturned(Tree yieldOrReturnTree) {
+      if (functionLike.is(Tree.Kind.FUNCDEF)) {
+        Symbol functionSymbol = ((FunctionDef) functionLike).name().symbol();
+        return TreeUtils.hasDescendant(yieldOrReturnTree, d -> TreeUtils.getSymbolFromTree(d).filter(symbol -> symbol.equals(functionSymbol)).isPresent());
+      } else {
+        // lambda expression
+        return isLambdaReturned((LambdaExpression) functionLike, yieldOrReturnTree);
+      }
+    }
+
+    private static boolean isLambdaReturned(LambdaExpression lambdaExpression, Tree yieldOrReturnTree) {
+      Tree parentAssignment = TreeUtils.firstAncestorOfKind(lambdaExpression, Tree.Kind.ASSIGNMENT_STMT);
+      if (parentAssignment != null) {
+        AssignmentStatement assignmentStatement = (AssignmentStatement) parentAssignment;
+        // If the lambda expression is used to construct a returned variable, we don't raise issues to avoid FPs, even if the lambda is not returned explicitly
+        return SymbolUtils.assignmentsLhs(assignmentStatement).stream()
+          .map(TreeUtils::getSymbolFromTree)
+          .anyMatch(symbol -> TreeUtils.hasDescendant(yieldOrReturnTree, d -> TreeUtils.getSymbolFromTree(d).equals(symbol)));
+      }
+      return false;
+    }
+  }
+}
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1515.html b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1515.html
@@ -0,0 +1,43 @@
+<p>Nested functions and lambdas can reference variables defined in enclosing scopes. This can create tricky bugs when the variable and the function
+are defined in a loop. If the function is called after the loop, it will see the variables last value instead of seeing the values corresponding to
+the iteration where the function was defined.</p>
+<p>This rule raises an issue when a nested function or lambda references a variable defined in an enclosing loop.</p>
+<h2>Noncompliant Code Example</h2>
+<pre>
+def run():
+    mylist = []
+    for i in range(5):
+        mylist.append(lambda: i)  # Noncompliant
+
+        def func():
+            return i  # Noncompliant
+        mylist.append(func)
+</pre>
+<h2>Compliant Solution</h2>
+<pre>
+def run():
+    mylist = []
+    for i in range(5):
+        mylist.append(lambda i=i: i)  # passing the variable as a parameter with a default value
+
+        def func(i=i):  # same for nested functions
+            return i
+        mylist.append(func)
+</pre>
+<h2>Exceptions</h2>
+<p>No issue will be raised if the function or lambda is only called in the same loop.</p>
+<pre>
+def function_called_in_loop():
+    for i in range(10):
+        print((lambda param: param * i)(42))
+
+        def func(param):
+            return param * i
+
+        print(func(42))
+</pre>
+<h2>See</h2>
+<ul>
+  <li> <a href="https://docs.python-guide.org/writing/gotchas/#mutable-default-arguments">The Hitchhiker's Guide to Python - Common Gotchas</a> </li>
+</ul>
+
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1515.json b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1515.json
@@ -0,0 +1,16 @@
+{
+  "title": "Functions and lambdas should not reference variables defined in enclosing loops",
+  "type": "CODE_SMELL",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "30min"
+  },
+  "tags": [
+    "suspicious"
+  ],
+  "defaultSeverity": "Major",
+  "ruleSpecification": "RSPEC-1515",
+  "sqKey": "S1515",
+  "scope": "Main"
+}
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/Sonar_way_profile.json b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/Sonar_way_profile.json
@@ -26,6 +26,7 @@
     "S1226",
     "S1313",
     "S1481",
+    "S1515",
     "S1542",
     "S1656",
     "S1700",
diff --git a/python-checks/src/test/java/org/sonar/python/checks/FunctionUsingLoopVariableCheckTest.java b/python-checks/src/test/java/org/sonar/python/checks/FunctionUsingLoopVariableCheckTest.java
@@ -0,0 +1,31 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.python.checks;
+
+import org.junit.Test;
+import org.sonar.python.checks.utils.PythonCheckVerifier;
+
+public class FunctionUsingLoopVariableCheckTest {
+
+  @Test
+  public void test() {
+    PythonCheckVerifier.verify("src/test/resources/checks/functionUsingLoopVariable.py", new FunctionUsingLoopVariableCheck());
+  }
+}
diff --git a/python-checks/src/test/resources/checks/functionUsingLoopVariable.py b/python-checks/src/test/resources/checks/functionUsingLoopVariable.py
diff --git a/python-frontend/src/main/java/org/sonar/python/semantic/SymbolUtils.java b/python-frontend/src/main/java/org/sonar/python/semantic/SymbolUtils.java
