SONARPY-1406 (+ SONARPY-1402): Addressing FNs and FPs on Peach (#1524)

* Reduce FPs by excluding Protocols
* Fix FNs by more closely inspecting `return self` statements

In iterators, `self` is often used as the return value of `__iter__`, see https://docs.python.org/3/library/stdtypes.html#iterator.__iter__
Furthermore, iterator implementations tend to implement the incrementation
method as `next()` instead of `__next__`, see ruling tests.
Hence, we were missing many invalid iterator implementations in the ruling
tests, and also in peach.

* Reduce FPs by handling methods annotated with NoReturn and Never

Functions annotated with NoReturn or Never can be
expected to raise exceptions and hence we should treat calls to them
like `raise` statements.

Author: anton-haubner-sonarsource

its/ruling/src/test/resources/expected/python-S2876.json

@@ -6,20 +6,32 @@
 130,
 146
 ],
+"project:mypy-0.782/test-data/stdlib-samples/3.2/test/test_set.py": [
+1619
+],
 "project:tensorflow/python/types/distribute.py": [
 28,
 60
 ],
-"project:twisted-12.1.0/twisted/application/service.py": [
-223
+"project:twisted-12.1.0/twisted/conch/ssh/filetransfer.py": [
+814
+],
+"project:twisted-12.1.0/twisted/conch/unix.py": [
+439
+],
+"project:twisted-12.1.0/twisted/mail/pop3.py": [
+128
 ],
 "project:twisted-12.1.0/twisted/python/test/test_sendmsg.py": [
 149
 ],
 "project:twisted-12.1.0/twisted/python/util.py": [
 486
 ],
-"project:twisted-12.1.0/twisted/words/protocols/jabber/ijabber.py": [
-137
+"project:twisted-12.1.0/twisted/python/zipstream.py": [
+154
+],
+"project:twisted-12.1.0/twisted/test/test_compat.py": [
+23
 ]
 }

python-checks/src/main/java/org/sonar/python/checks/CheckUtils.java

@@ -22,6 +22,7 @@
 import java.util.List;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nullable;
+import org.sonar.plugins.python.api.symbols.Symbol;
 import org.sonar.plugins.python.api.tree.ArgList;
 import org.sonar.plugins.python.api.tree.Argument;
 import org.sonar.plugins.python.api.tree.CallExpression;
@@ -31,6 +32,8 @@
 import org.sonar.plugins.python.api.tree.FunctionDef;
 import org.sonar.plugins.python.api.tree.ListLiteral;
 import org.sonar.plugins.python.api.tree.Name;
+import org.sonar.plugins.python.api.tree.Parameter;
+import org.sonar.plugins.python.api.tree.ParameterList;
 import org.sonar.plugins.python.api.tree.SetLiteral;
 import org.sonar.plugins.python.api.tree.Tree;
 import org.sonar.plugins.python.api.tree.Tuple;
@@ -41,6 +44,7 @@
 
 import static org.sonar.plugins.python.api.tree.Tree.Kind.GENERATOR_EXPR;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.LAMBDA;
+import static org.sonar.plugins.python.api.tree.Tree.Kind.NAME;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.NONE;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.NUMERIC_LITERAL;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.STRING_LITERAL;
@@ -154,6 +158,21 @@ public static boolean isNone(InferredType type) {
     return type.canOnlyBe(BuiltinTypes.NONE_TYPE);
   }
 
+  private static final List<String> PROTOCOL_LIKE_BASE_TYPES = List.of("typing.Protocol", "zope.interface.Interface");
+
+  /**
+   * Determines whether the given class must be a <a href="https://docs.python.org/3/library/typing.html#typing.Protocol">Protocol</a>
+   * or a similar Protocol-like definition (e.g. {@code zope.interface.Interface}).
+   */
+  public static boolean mustBeAProtocolLike(ClassDef classDef) {
+    var classSymbol = TreeUtils.getClassSymbolFromDef(classDef);
+    if (classSymbol != null) {
+      return PROTOCOL_LIKE_BASE_TYPES.stream().anyMatch(classSymbol::isOrExtends);
+    }
+
+    return false;
+  }
+
   private static final List<String> ABC_ABSTRACTMETHOD_DECORATORS = List.of("abstractmethod", "abc.abstractmethod");
 
   public static boolean isAbstract(FunctionDef funDef) {
@@ -163,4 +182,35 @@ public static boolean isAbstract(FunctionDef funDef) {
       .map(decorator -> TreeUtils.decoratorNameFromExpression(decorator.expression()))
       .anyMatch(foundDeco -> ABC_ABSTRACTMETHOD_DECORATORS.stream().anyMatch(abcDeco -> abcDeco.equals(foundDeco)));
   }
+
+  /**
+   * Simple check whether the given expression is the "self" name expression.
+   *
+   * Carefully check the context when relying on this method!
+   * This implementation does not ensure that the name is actually referring to a method parameter or whether the surrounding method might
+   * be static, etc.
+   */
+  public static boolean isSelf(Expression expression) {
+    // TODO: Instead of performing a manual string comparison, maybe check the symbol instead for being a SelfSymbolImpl symbol
+    // (This might require exposing some more information about the symbol kind being a "Self"-symbol)
+    return expression.is(NAME) && "self".equals(((Name) expression).name());
+  }
+
+  @CheckForNull
+  public static Symbol findFirstParameterSymbol(FunctionDef functionDef) {
+    ParameterList parameters = functionDef.parameters();
+    if (parameters == null) {
+      return null;
+    }
+    List<Parameter> params = parameters.nonTuple();
+    if (params.isEmpty()) {
+      return null;
+    }
+    Name firstParameterName = params.get(0).name();
+    if (firstParameterName == null) {
+      return null;
+    }
+
+    return firstParameterName.symbol();
+  }
 }

python-checks/src/main/java/org/sonar/python/checks/InfiniteRecursionCheck.java

@@ -30,9 +30,12 @@
 import javax.annotation.CheckForNull;
 import javax.annotation.Nullable;
 import org.sonar.check.Rule;
+import org.sonar.plugins.python.api.PythonFile;
 import org.sonar.plugins.python.api.PythonSubscriptionCheck;
 import org.sonar.plugins.python.api.cfg.CfgBlock;
 import org.sonar.plugins.python.api.cfg.ControlFlowGraph;
+import org.sonar.plugins.python.api.symbols.Symbol;
+import org.sonar.plugins.python.api.symbols.Usage;
 import org.sonar.plugins.python.api.tree.AssignmentStatement;
 import org.sonar.plugins.python.api.tree.BaseTreeVisitor;
 import org.sonar.plugins.python.api.tree.BinaryExpression;
@@ -41,21 +44,14 @@
 import org.sonar.plugins.python.api.tree.ComprehensionExpression;
 import org.sonar.plugins.python.api.tree.ComprehensionIf;
 import org.sonar.plugins.python.api.tree.ConditionalExpression;
-import org.sonar.plugins.python.api.tree.Decorator;
-import org.sonar.plugins.python.api.tree.DottedName;
 import org.sonar.plugins.python.api.tree.Expression;
 import org.sonar.plugins.python.api.tree.ExpressionList;
 import org.sonar.plugins.python.api.tree.FunctionDef;
 import org.sonar.plugins.python.api.tree.LambdaExpression;
 import org.sonar.plugins.python.api.tree.Name;
-import org.sonar.plugins.python.api.tree.Parameter;
-import org.sonar.plugins.python.api.tree.ParameterList;
 import org.sonar.plugins.python.api.tree.QualifiedExpression;
 import org.sonar.plugins.python.api.tree.Tree;
-import org.sonar.plugins.python.api.PythonFile;
 import org.sonar.python.api.PythonKeyword;
-import org.sonar.plugins.python.api.symbols.Symbol;
-import org.sonar.plugins.python.api.symbols.Usage;
 import org.sonar.python.tree.DictCompExpressionImpl;
 import org.sonar.python.tree.TreeUtils;
 
@@ -141,7 +137,7 @@ private RecursiveCallCollector(FunctionDef currentFunction, Symbol functionSymbo
           selfSymbol = null;
           className = findParentClassName(currentFunction);
         } else {
-          selfSymbol = findSelfParameterSymbol(currentFunction);
+          selfSymbol = CheckUtils.findFirstParameterSymbol(currentFunction);
           className = null;
         }
       } else {
@@ -259,20 +255,6 @@ private boolean matchesLookupClassName(Expression expression) {
       return className.equals(((Name) expression).name());
     }
 
-    @CheckForNull
-    private static Symbol findSelfParameterSymbol(FunctionDef functionDef) {
-      ParameterList parameters = functionDef.parameters();
-      if (parameters == null) {
-        return null;
-      }
-      List<Parameter> params = parameters.nonTuple();
-      if (params.isEmpty()) {
-        return null;
-      }
-      Name firstParameterName = params.get(0).name();
-      return firstParameterName != null ? firstParameterName.symbol() : null;
-    }
-
     @CheckForNull
     private static String findParentClassName(FunctionDef functionDef) {
       ClassDef parentClass = CheckUtils.getParentClassDef(functionDef);

python-checks/src/main/java/org/sonar/python/checks/IterMethodReturnTypeCheck.java

@@ -23,11 +23,14 @@
 import org.sonar.check.Rule;
 import org.sonar.plugins.python.api.PythonSubscriptionCheck;
 import org.sonar.plugins.python.api.SubscriptionContext;
+import org.sonar.plugins.python.api.tree.ClassDef;
 import org.sonar.plugins.python.api.tree.Expression;
 import org.sonar.plugins.python.api.tree.FunctionDef;
+import org.sonar.plugins.python.api.tree.Name;
 import org.sonar.plugins.python.api.tree.ReturnStatement;
 import org.sonar.plugins.python.api.tree.Tree;
 import org.sonar.plugins.python.api.types.InferredType;
+import org.sonar.python.tree.TreeUtils;
 
 @Rule(key = "S2876")
 public class IterMethodReturnTypeCheck extends PythonSubscriptionCheck {
@@ -36,16 +39,20 @@ public class IterMethodReturnTypeCheck extends PythonSubscriptionCheck {
     + " Consider explicitly raising a NotImplementedError if this class is not (yet) meant to support this method.";
   private static final String COROUTINE_METHOD_MESSAGE = INVALID_RETURN_VALUE_MESSAGE + " The method can not be a coroutine and have the `async` keyword.";
 
+  private static final List<String> REQUIRED_ITERATOR_METHODS = List.of("__iter__", "__next__");
+
   @Override
   public void initialize(Context context) {
-    context.registerSyntaxNodeConsumer(Tree.Kind.FUNCDEF, ctx -> checkFunctionDefinition(ctx, (FunctionDef) ctx.syntaxNode()));
+    context.registerSyntaxNodeConsumer(Tree.Kind.CLASSDEF, ctx -> checkClassDefinition(ctx, (ClassDef) ctx.syntaxNode()));
   }
 
-  private static void checkFunctionDefinition(SubscriptionContext ctx, FunctionDef funDef) {
-    if (!funDef.isMethodDefinition()) {
-      return;
+  private static void checkClassDefinition(SubscriptionContext ctx, ClassDef classDef) {
+    for (var methodDef : TreeUtils.topLevelFunctionDefs(classDef)) {
+      checkFunctionDefinition(ctx, classDef, methodDef, CheckUtils.mustBeAProtocolLike(classDef));
     }
+  }
 
+  private static void checkFunctionDefinition(SubscriptionContext ctx, ClassDef classDef, FunctionDef funDef, boolean classIsProtocolLike) {
     String funNameString = funDef.name().name();
     if (!"__iter__".equals(funNameString)) {
       return;
@@ -64,30 +71,71 @@ private static void checkFunctionDefinition(SubscriptionContext ctx, FunctionDef
     // If there are no return statements, we trigger this rule since this effectively means that the method is returning `None`.
     // However, there are exceptions to this:
     // * if the method raises exceptions, then it likely does not return a value on purpose
-    // * if the method is marked as abstract, then it is likely not implemented on purpose
+    // * if the method is marked as abstract or the surrounding class is a Protocol, then it is likely not implemented on purpose
     if (returnStmts.isEmpty() &&
       !returnStmtCollector.raisesExceptions() &&
-      !CheckUtils.isAbstract(funDef)) {
+      !CheckUtils.isAbstract(funDef) &&
+      !classIsProtocolLike) {
       ctx.addIssue(funDef.defKeyword(), funDef.colon(), NO_RETURN_STMTS_MESSAGE);
       return;
     }
 
     for (ReturnStatement returnStmt : returnStmts) {
-      checkReturnStmt(ctx, returnStmt);
+      checkReturnStmt(ctx, classDef, funDef, returnStmt);
     }
   }
 
-  private static void checkReturnStmt(SubscriptionContext ctx, ReturnStatement returnStmt) {
+  private static void checkReturnStmt(SubscriptionContext ctx, ClassDef classDef, FunctionDef functionDef, ReturnStatement returnStmt) {
     List<Expression> returnedExpressions = returnStmt.expressions();
     if (returnedExpressions.isEmpty()) {
       ctx.addIssue(returnStmt.returnKeyword(), INVALID_RETURN_VALUE_MESSAGE);
       return;
     }
 
+    // The type analysis will report ANY for the type of "self".
+    // This is technically the case, but in practice, self should almost always be an instance of the surrounding class if the associated
+    // symbol is the same as the first parameter of the method.
+    // Hence, to avoid FNs for methods returning self, we should report an issue if the surrounding class does not support the iterator
+    // protocol.
+    // Especially because it is quite common that iterator objects return self in __iter__,
+    // see https://docs.python.org/3/library/stdtypes.html#iterator.__iter__
+    if (returnsJustSelf(functionDef, returnedExpressions)) {
+      var classSymbol = TreeUtils.getClassSymbolFromDef(classDef);
+      if (classSymbol != null) {
+        if (REQUIRED_ITERATOR_METHODS.stream().anyMatch(method -> !classSymbol.canHaveMember(method))) {
+          ReturnCheckUtils.addIssueOnReturnedExpressions(ctx, returnStmt, INVALID_RETURN_VALUE_MESSAGE);
+        }
+        return;
+      }
+    }
+
+    // if the returned expression is not `self`, we just rely on the type analysis.
     InferredType returnStmtType = returnStmt.returnValueType();
-    if (!returnStmtType.canHaveMember("__iter__") ||
-      !returnStmtType.canHaveMember("__next__")) {
+    if (REQUIRED_ITERATOR_METHODS.stream().anyMatch(method -> !returnStmtType.canHaveMember(method))) {
       ReturnCheckUtils.addIssueOnReturnedExpressions(ctx, returnStmt, INVALID_RETURN_VALUE_MESSAGE);
     }
   }
+
+  private static boolean returnsJustSelf(FunctionDef funDef, List<Expression> returnedExpressions) {
+    if (returnedExpressions.size() != 1) {
+      return false;
+    }
+
+    var firstReturnedExpression = returnedExpressions.get(0);
+    if (!CheckUtils.isSelf(firstReturnedExpression)) {
+      return false;
+    }
+
+    var returnedSelfSymbol = ((Name) firstReturnedExpression).symbol();
+    if (returnedSelfSymbol == null) {
+      return false;
+    }
+
+    var selfParameterSymbol = CheckUtils.findFirstParameterSymbol(funDef);
+    if (selfParameterSymbol == null) {
+      return false;
+    }
+
+    return returnedSelfSymbol == selfParameterSymbol;
+  }
 }

python-checks/src/main/java/org/sonar/python/checks/ModifiedParameterValueCheck.java

@@ -33,19 +33,18 @@
 import javax.annotation.Nullable;
 import org.sonar.check.Rule;
 import org.sonar.plugins.python.api.PythonSubscriptionCheck;
+import org.sonar.plugins.python.api.quickfix.PythonQuickFix;
 import org.sonar.plugins.python.api.symbols.Symbol;
 import org.sonar.plugins.python.api.symbols.Usage;
 import org.sonar.plugins.python.api.tree.AssignmentStatement;
 import org.sonar.plugins.python.api.tree.CompoundAssignmentStatement;
 import org.sonar.plugins.python.api.tree.Expression;
 import org.sonar.plugins.python.api.tree.FunctionDef;
-import org.sonar.plugins.python.api.tree.Name;
 import org.sonar.plugins.python.api.tree.Parameter;
 import org.sonar.plugins.python.api.tree.QualifiedExpression;
 import org.sonar.plugins.python.api.tree.SubscriptionExpression;
 import org.sonar.plugins.python.api.tree.Tree;
 import org.sonar.plugins.python.api.types.BuiltinTypes;
-import org.sonar.plugins.python.api.quickfix.PythonQuickFix;
 import org.sonar.python.tree.TreeUtils;
 
 import static org.sonar.plugins.python.api.tree.Tree.Kind.ASSIGNMENT_STMT;
@@ -55,7 +54,6 @@
 import static org.sonar.plugins.python.api.tree.Tree.Kind.DICTIONARY_LITERAL;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.FUNCDEF;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.LIST_LITERAL;
-import static org.sonar.plugins.python.api.tree.Tree.Kind.NAME;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.QUALIFIED_EXPR;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.SET_LITERAL;
 import static org.sonar.plugins.python.api.tree.Tree.Kind.SUBSCRIPTION;
@@ -75,7 +73,7 @@ public class ModifiedParameterValueCheck extends PythonSubscriptionCheck {
   private static final String CLEAR = "clear";
   private static final Set<String> LIST_MUTATING_METHODS = new HashSet<>(Arrays.asList("append", CLEAR, "extend", "insert", "pop", "remove", "reverse", "sort"));
   private static final Set<String> SET_MUTATING_METHODS = new HashSet<>(
-          Arrays.asList("update", "intersection_update", "difference_update", "symmetric_difference_update", "add", "remove", "discard", "pop", CLEAR));
+    Arrays.asList("update", "intersection_update", "difference_update", "symmetric_difference_update", "add", "remove", "discard", "pop", CLEAR));
   private static final Set<String> DICT_MUTATING_METHODS = new HashSet<>(Arrays.asList("pop", CLEAR, "popitem", "setdefault", "update"));
   private static final Set<String> DEQUE_MUTATING_METHODS = new HashSet<>(Arrays.asList("appendleft", "extendleft", "popleft", "rotate"));
   static {
@@ -139,8 +137,7 @@ public void initialize(Context context) {
               getQuickFix(functionDef, defaultValue, paramSymbol)
                 .ifPresent(issue::addQuickFix);
             }
-          }
-        );
+          });
       }
     });
   }
@@ -156,8 +153,7 @@ private static Optional<PythonQuickFix> getQuickFix(FunctionDef functionDef, Exp
       paramInit -> PythonQuickFix.newQuickFix("Initialize this parameter inside the function/method")
         .addTextEdit(replace(defaultValue, "None"))
         .addTextEdit(insertLineBefore(firstStatement, String.format("if %1$s is None:\n    %1$s = %2$s", paramName, paramInit)))
-        .build()
-    );
+        .build());
   }
 
   @CheckForNull
@@ -238,25 +234,21 @@ private static boolean mightBeReferencedOutsideOfFunction(Tree tree) {
     }
     return assignment.assignedValue() == tree
       && assignment.lhsExpressions().stream()
-      .flatMap(expressionList -> expressionList.expressions().stream())
-      .anyMatch(ModifiedParameterValueCheck::isAccessingSelf);
+        .flatMap(expressionList -> expressionList.expressions().stream())
+        .anyMatch(ModifiedParameterValueCheck::isAccessingSelf);
   }
 
   private static boolean isAccessingSelf(Expression expression) {
     switch (expression.getKind()) {
       case QUALIFIED_EXPR:
-        return isSelf(((QualifiedExpression) expression).qualifier());
+        return CheckUtils.isSelf(((QualifiedExpression) expression).qualifier());
       case SUBSCRIPTION:
-        return isSelf(((SubscriptionExpression) expression).object());
+        return CheckUtils.isSelf(((SubscriptionExpression) expression).object());
       default:
         return false;
     }
   }
 
-  private static boolean isSelf(Expression expression) {
-    return expression.is(NAME) && ((Name) expression).name().equals("self");
-  }
-
   private static List<Tree> getAttributeSet(Symbol paramSymbol) {
     return paramSymbol.usages().stream()
       .map(Usage::tree)