False Negative - Python abc.ABC makes method's getACall unavailable

[fubuki8087]

If we have this Python code:

class MyClass():
    def method(self):
        print("xxx")
    def wrapper(self):
        self.method()

mc = MyClass()
mc.method()

and this query:

import python

from PythonFunctionValue method
select method.getACall()

It's OK that self.method() and mc.method() will be marked as positive.

However, those will be false negative as long as the class MyClass inherits abc.ABC. It looks like:

from abc import ABC

class MyClass(ABC):
    def method(self):
        print("xxx")
    def wrapper(self):
        self.method()

mc = MyClass()
mc.method()

Why does the abc.ABC make the result wrong?

[jketema]

Hi @fubuki8087

I've asked the CodeQL Python team to take a look.

[yoff]

Hi @fubuki8087, the PythonFunctionValue API is not really maintained anymore (it uses an old implementation of the call graph which was discarded precisely because of instabilities like the one you see). Unfortunately, we have not gotten around to expose the new call graph nicely. Partly because direct access to call resolution is rarely needed. But in case you do really need it, this comment shows you how to dig out the new call resolution predicate.