Merge branch 'main' into python/DSVW-repro

github · Oct 4, 2024 · acb14d9 · acb14d9
2 parents 6df1f5a + 6bb98b0
commit acb14d9
Show file tree

Hide file tree

Showing 203 changed files with 3,423 additions and 1,045 deletions.
diff --git a/cpp/ql/lib/semmle/code/cpp/Function.qll b/cpp/ql/lib/semmle/code/cpp/Function.qll
@@ -500,6 +500,17 @@ class Function extends Declaration, ControlFlowNode, AccessHolder, @function {
    * Gets the nearest enclosing AccessHolder.
    */
   override AccessHolder getEnclosingAccessHolder() { result = this.getDeclaringType() }
+
+  /**
+   * Holds if this function has extraction errors that create an `ErrorExpr`.
+   */
+  predicate hasErrors() {
+    exists(ErrorExpr e |
+      e.getEnclosingFunction() = this and
+      // Exclude the first allocator call argument because it is always extracted as `ErrorExpr`.
+      not exists(NewOrNewArrayExpr new | e = new.getAllocatorCall().getArgument(0))
+    )
+  }
 }
 
 pragma[noinline]

diff --git a/cpp/ql/src/Best Practices/Unused Entities/UnusedLocals.ql b/cpp/ql/src/Best Practices/Unused Entities/UnusedLocals.ql
@@ -57,5 +57,5 @@ where
   not declarationHasSideEffects(v) and
   not exists(AsmStmt s | f = s.getEnclosingFunction()) and
   not v.getAnAttribute().getName() = "unused" and
-  not any(ErrorExpr e).getEnclosingFunction() = f // unextracted expr may use `v`
+  not f.hasErrors() // Unextracted expressions may use `v`
 select v, "Variable " + v.getName() + " is not used."
diff --git a/cpp/ql/src/Likely Bugs/Memory Management/ReturnStackAllocatedMemory.ql b/cpp/ql/src/Likely Bugs/Memory Management/ReturnStackAllocatedMemory.ql
@@ -29,7 +29,7 @@ class ReturnStackAllocatedMemoryConfig extends MustFlowConfiguration {
   override predicate isSource(Instruction source) {
     exists(Function func |
       // Rule out FPs caused by extraction errors.
-      not any(ErrorExpr e).getEnclosingFunction() = func and
+      not func.hasErrors() and
       not intentionallyReturnsStackPointer(func) and
       func = source.getEnclosingFunction()
     |

diff --git a/cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql b/cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql
@@ -65,6 +65,7 @@ predicate isSinkImpl(Instruction sink, VariableAccess va) {
   exists(LoadInstruction load |
     va = load.getUnconvertedResultExpression() and
     not va = commonException() and
+    not va.getTarget().(LocalVariable).getFunction().hasErrors() and
     sink = load.getSourceValue()
   )
 }

diff --git a/cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql b/cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql
@@ -24,7 +24,7 @@ predicate instructionHasVariable(VariableAddressInstruction vai, StackVariable v
   // Pointer-to-member types aren't properly handled in the dbscheme.
   not vai.getResultType() instanceof PointerToMemberType and
   // Rule out FPs caused by extraction errors.
-  not any(ErrorExpr e).getEnclosingFunction() = f
+  not f.hasErrors()
 }
 
 /**

diff --git a/cpp/ql/src/change-notes/2024-10-02-uninitialized-local.md b/cpp/ql/src/change-notes/2024-10-02-uninitialized-local.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Fixed false positives in the `cpp/uninitialized-local` ("Potentially uninitialized local variable") query if there are extraction errors in the function.
diff --git a/cpp/ql/src/jsf/4.13 Functions/AV Rule 114.ql b/cpp/ql/src/jsf/4.13 Functions/AV Rule 114.ql
@@ -49,7 +49,7 @@ predicate functionsMissingReturnStmt(Function f, ControlFlowNode blame) {
 predicate functionImperfectlyExtracted(Function f) {
   exists(CompilerError e | f.getBlock().getLocation().subsumes(e.getLocation()))
   or
-  exists(ErrorExpr ee | ee.getEnclosingFunction() = f)
+  f.hasErrors()
   or
   count(f.getType()) > 1
   or

diff --git a/cpp/ql/test/library-tests/files/Files.expected b/cpp/ql/test/library-tests/files/Files.expected
@@ -1,4 +1,4 @@
-| c.c | library-tests/files/c.c | CFile, MetricFile | C |  |  |
-| files1.cpp | library-tests/files/files1.cpp | CppFile, MetricFile | C++ | swap | t |
-| files1.h | library-tests/files/files1.h | HeaderFile, MetricFile |  | swap |  |
-| files2.cpp | library-tests/files/files2.cpp | CppFile, MetricFile | C++ | g | x, y |
+| c.c | c.c | CFile, MetricFile | C |  |  |
+| files1.cpp | files1.cpp | CppFile, MetricFile | C++ | swap | t |
+| files1.h | files1.h | HeaderFile, MetricFile |  | swap |  |
+| files2.cpp | files2.cpp | CppFile, MetricFile | C++ | g | x, y |
diff --git a/cpp/ql/test/query-tests/Diagnostics/Info.expected b/cpp/ql/test/query-tests/Diagnostics/Info.expected
@@ -1,6 +1,6 @@
-| containserror.cpp:0:0:0:0 | containserror.cpp | query-tests/Diagnostics/containserror.cpp | fromSource, normalTermination |
-| containswarning.cpp:0:0:0:0 | containswarning.cpp | query-tests/Diagnostics/containswarning.cpp | fromSource, normalTermination |
-| doesnotcompile.cpp:0:0:0:0 | doesnotcompile.cpp | query-tests/Diagnostics/doesnotcompile.cpp | ExtractionProblem (severity 1), fromSource, normalTermination |
+| containserror.cpp:0:0:0:0 | containserror.cpp | containserror.cpp | fromSource, normalTermination |
+| containswarning.cpp:0:0:0:0 | containswarning.cpp | containswarning.cpp | fromSource, normalTermination |
+| doesnotcompile.cpp:0:0:0:0 | doesnotcompile.cpp | doesnotcompile.cpp | ExtractionProblem (severity 1), fromSource, normalTermination |
 | file://:0:0:0:0 |  |  |  |
-| header.h:0:0:0:0 | header.h | query-tests/Diagnostics/header.h | fromSource |
-| successful.cpp:0:0:0:0 | successful.cpp | query-tests/Diagnostics/successful.cpp | fromSource, normalTermination |
+| header.h:0:0:0:0 | header.h | header.h | fromSource |
+| successful.cpp:0:0:0:0 | successful.cpp | successful.cpp | fromSource, normalTermination |
diff --git a/cpp/ql/test/query-tests/Documentation/DocumentApi/DocumentApi.expected b/cpp/ql/test/query-tests/Documentation/DocumentApi/DocumentApi.expected
@@ -1,16 +1,16 @@
-| comment_prototypes.c:29:6:29:11 | proto6 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:9:5:9:10 | call to proto6 | query-tests/Documentation/DocumentApi/comment_prototypes_caller1.c |
-| comment_prototypes.c:29:6:29:11 | proto6 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:9:5:9:10 | call to proto6 | query-tests/Documentation/DocumentApi/comment_prototypes_caller2.c |
-| comment_prototypes.c:34:6:34:11 | proto7 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:10:5:10:10 | call to proto7 | query-tests/Documentation/DocumentApi/comment_prototypes_caller1.c |
-| comment_prototypes.c:34:6:34:11 | proto7 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:10:5:10:10 | call to proto7 | query-tests/Documentation/DocumentApi/comment_prototypes_caller2.c |
-| comment_prototypes.c:45:6:45:11 | proto9 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:12:5:12:10 | call to proto9 | query-tests/Documentation/DocumentApi/comment_prototypes_caller1.c |
-| comment_prototypes.c:45:6:45:11 | proto9 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:12:5:12:10 | call to proto9 | query-tests/Documentation/DocumentApi/comment_prototypes_caller2.c |
-| comment_prototypes.c:50:6:50:12 | proto10 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:13:5:13:11 | call to proto10 | query-tests/Documentation/DocumentApi/comment_prototypes_caller1.c |
-| comment_prototypes.c:50:6:50:12 | proto10 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:13:5:13:11 | call to proto10 | query-tests/Documentation/DocumentApi/comment_prototypes_caller2.c |
-| comment_prototypes.c:55:6:55:12 | proto11 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:14:5:14:11 | call to proto11 | query-tests/Documentation/DocumentApi/comment_prototypes_caller1.c |
-| comment_prototypes.c:55:6:55:12 | proto11 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:14:5:14:11 | call to proto11 | query-tests/Documentation/DocumentApi/comment_prototypes_caller2.c |
-| comment_prototypes.c:66:6:66:12 | proto13 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:16:5:16:11 | call to proto13 | query-tests/Documentation/DocumentApi/comment_prototypes_caller1.c |
-| comment_prototypes.c:66:6:66:12 | proto13 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:16:5:16:11 | call to proto13 | query-tests/Documentation/DocumentApi/comment_prototypes_caller2.c |
-| definition.c:2:6:2:7 | f1 | Functions called from other files should be documented (called from $@). | user1.c:9:5:9:6 | call to f1 | query-tests/Documentation/DocumentApi/user1.c |
-| definition.c:2:6:2:7 | f1 | Functions called from other files should be documented (called from $@). | user2.c:7:5:7:6 | call to f1 | query-tests/Documentation/DocumentApi/user2.c |
-| definition.c:32:6:32:7 | f6 | Functions called from other files should be documented (called from $@). | user1.c:14:5:14:6 | call to f6 | query-tests/Documentation/DocumentApi/user1.c |
-| definition.c:32:6:32:7 | f6 | Functions called from other files should be documented (called from $@). | user2.c:10:5:10:6 | call to f6 | query-tests/Documentation/DocumentApi/user2.c |
+| comment_prototypes.c:29:6:29:11 | proto6 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:9:5:9:10 | call to proto6 | comment_prototypes_caller1.c |
+| comment_prototypes.c:29:6:29:11 | proto6 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:9:5:9:10 | call to proto6 | comment_prototypes_caller2.c |
+| comment_prototypes.c:34:6:34:11 | proto7 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:10:5:10:10 | call to proto7 | comment_prototypes_caller1.c |
+| comment_prototypes.c:34:6:34:11 | proto7 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:10:5:10:10 | call to proto7 | comment_prototypes_caller2.c |
+| comment_prototypes.c:45:6:45:11 | proto9 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:12:5:12:10 | call to proto9 | comment_prototypes_caller1.c |
+| comment_prototypes.c:45:6:45:11 | proto9 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:12:5:12:10 | call to proto9 | comment_prototypes_caller2.c |
+| comment_prototypes.c:50:6:50:12 | proto10 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:13:5:13:11 | call to proto10 | comment_prototypes_caller1.c |
+| comment_prototypes.c:50:6:50:12 | proto10 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:13:5:13:11 | call to proto10 | comment_prototypes_caller2.c |
+| comment_prototypes.c:55:6:55:12 | proto11 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:14:5:14:11 | call to proto11 | comment_prototypes_caller1.c |
+| comment_prototypes.c:55:6:55:12 | proto11 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:14:5:14:11 | call to proto11 | comment_prototypes_caller2.c |
+| comment_prototypes.c:66:6:66:12 | proto13 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller1.c:16:5:16:11 | call to proto13 | comment_prototypes_caller1.c |
+| comment_prototypes.c:66:6:66:12 | proto13 | Functions called from other files should be documented (called from $@). | comment_prototypes_caller2.c:16:5:16:11 | call to proto13 | comment_prototypes_caller2.c |
+| definition.c:2:6:2:7 | f1 | Functions called from other files should be documented (called from $@). | user1.c:9:5:9:6 | call to f1 | user1.c |
+| definition.c:2:6:2:7 | f1 | Functions called from other files should be documented (called from $@). | user2.c:7:5:7:6 | call to f1 | user2.c |
+| definition.c:32:6:32:7 | f6 | Functions called from other files should be documented (called from $@). | user1.c:14:5:14:6 | call to f6 | user1.c |
+| definition.c:32:6:32:7 | f6 | Functions called from other files should be documented (called from $@). | user2.c:10:5:10:6 | call to f6 | user2.c |
diff --git a/cpp/ql/test/query-tests/Metrics/Dependencies/ExternalDependencies.expected b/cpp/ql/test/query-tests/Metrics/Dependencies/ExternalDependencies.expected
@@ -1,4 +1,4 @@
-| /query-tests/Metrics/Dependencies/main.cpp<\|>LibC<\|>unknown | 5 |
-| /query-tests/Metrics/Dependencies/include.h<\|>LibD<\|>unknown | 1 |
-| /query-tests/Metrics/Dependencies/main.cpp<\|>LibA<\|>unknown | 1 |
-| /query-tests/Metrics/Dependencies/main.cpp<\|>LibB<\|>unknown | 1 |
+| /main.cpp<\|>LibC<\|>unknown | 5 |
+| /include.h<\|>LibD<\|>unknown | 1 |
+| /main.cpp<\|>LibA<\|>unknown | 1 |
+| /main.cpp<\|>LibB<\|>unknown | 1 |
diff --git a/cpp/ql/test/query-tests/Metrics/Dependencies/ExternalDependenciesSourceLinks.expected b/cpp/ql/test/query-tests/Metrics/Dependencies/ExternalDependenciesSourceLinks.expected
@@ -1,4 +1,4 @@
-| /query-tests/Metrics/Dependencies/include.h<\|>LibD<\|>unknown | include.h:0:0:0:0 | include.h |
-| /query-tests/Metrics/Dependencies/main.cpp<\|>LibA<\|>unknown | main.cpp:0:0:0:0 | main.cpp |
-| /query-tests/Metrics/Dependencies/main.cpp<\|>LibB<\|>unknown | main.cpp:0:0:0:0 | main.cpp |
-| /query-tests/Metrics/Dependencies/main.cpp<\|>LibC<\|>unknown | main.cpp:0:0:0:0 | main.cpp |
+| /include.h<\|>LibD<\|>unknown | include.h:0:0:0:0 | include.h |
+| /main.cpp<\|>LibA<\|>unknown | main.cpp:0:0:0:0 | main.cpp |
+| /main.cpp<\|>LibB<\|>unknown | main.cpp:0:0:0:0 | main.cpp |
+| /main.cpp<\|>LibC<\|>unknown | main.cpp:0:0:0:0 | main.cpp |
diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/UninitializedLocal.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/UninitializedLocal.expected
@@ -1,5 +1,6 @@
 edges
 nodes
+| errors.cpp:13:7:13:7 | definition of x | semmle.label | definition of x |
 | test.cpp:11:6:11:8 | definition of foo | semmle.label | definition of foo |
 | test.cpp:111:6:111:8 | definition of foo | semmle.label | definition of foo |
 | test.cpp:226:7:226:7 | definition of x | semmle.label | definition of x |
@@ -14,6 +15,7 @@ nodes
 | test.cpp:472:6:472:6 | definition of x | semmle.label | definition of x |
 | test.cpp:479:6:479:6 | definition of x | semmle.label | definition of x |
 #select
+| errors.cpp:14:18:14:18 | x | errors.cpp:13:7:13:7 | definition of x | errors.cpp:13:7:13:7 | definition of x | The variable $@ may not be initialized at this access. | errors.cpp:13:7:13:7 | x | x |
 | test.cpp:12:6:12:8 | foo | test.cpp:11:6:11:8 | definition of foo | test.cpp:11:6:11:8 | definition of foo | The variable $@ may not be initialized at this access. | test.cpp:11:6:11:8 | foo | foo |
 | test.cpp:113:6:113:8 | foo | test.cpp:111:6:111:8 | definition of foo | test.cpp:111:6:111:8 | definition of foo | The variable $@ may not be initialized at this access. | test.cpp:111:6:111:8 | foo | foo |
 | test.cpp:227:3:227:3 | x | test.cpp:226:7:226:7 | definition of x | test.cpp:226:7:226:7 | definition of x | The variable $@ may not be initialized at this access. | test.cpp:226:7:226:7 | x | x |

diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/errors.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-457/semmle/tests/errors.cpp
@@ -0,0 +1,15 @@
+// semmle-extractor-options: --expect_errors
+
+int f1() {
+  int x;
+  initialize(&x); // error expression - initialize() is not defined
+  return x;       // GOOD - assume x is initialized
+}
+
+void * operator new(unsigned long, bool);
+void operator delete(void*, bool);
+
+int f2() {
+  int x;
+  new(true) int (x);  // BAD, ignore implicit error expression
+}
diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/LogForgingQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/LogForgingQuery.qll
@@ -42,7 +42,7 @@ private module LogForgingConfig implements DataFlow::ConfigSig {
  */
 module LogForging = TaintTracking::Global<LogForgingConfig>;
 
-/** A source of remote user input. */
+/** A source supported by the current threat model. */
 private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }
 
 private class HtmlSanitizer extends Sanitizer {

diff --git a/go/ql/integration-tests/test-extraction/src/go.mod b/go/ql/integration-tests/test-extraction/src/go.mod
@@ -1,3 +1,3 @@
-go 1.14
+go 1.18
 
 module testsample
diff --git a/go/ql/integration-tests/test-extraction/src/pkg1/def.go b/go/ql/integration-tests/test-extraction/src/pkg1/def.go
@@ -0,0 +1,7 @@
+package pkg1
+
+type Generic[T any] struct {
+	element T
+}
+
+func TestMe() {}
diff --git a/go/ql/integration-tests/test-extraction/src/pkg1/def_blackbox_test.go b/go/ql/integration-tests/test-extraction/src/pkg1/def_blackbox_test.go
@@ -0,0 +1,9 @@
+package pkg1_test
+
+import (
+	"testsample/pkg1"
+)
+
+func UsePkg1() {
+	pkg1.TestMe()
+}
diff --git a/go/ql/integration-tests/test-extraction/src/pkg1/def_test.go b/go/ql/integration-tests/test-extraction/src/pkg1/def_test.go
@@ -0,0 +1,5 @@
+package pkg1
+
+func UsePkg1() {
+	TestMe()
+}
diff --git a/go/ql/integration-tests/test-extraction/src/pkg2/use.go b/go/ql/integration-tests/test-extraction/src/pkg2/use.go
@@ -0,0 +1,12 @@
+package pkg2
+
+import (
+	"testsample/pkg1"
+)
+
+// This tests the case of cross-package generic type references
+// in the presence of test extraction. We need to make sure we
+// extract packages, including test variants, in the right order
+// such that we've seen pkg1.Generic before we try to use it here.
+
+type Specialised = pkg1.Generic[string]
diff --git a/go/ql/integration-tests/test-extraction/test.expected b/go/ql/integration-tests/test-extraction/test.expected
@@ -1,8 +1,14 @@
 #select
+| src/pkg1/def.go:0:0:0:0 | src/pkg1/def.go |
+| src/pkg1/def_blackbox_test.go:0:0:0:0 | src/pkg1/def_blackbox_test.go |
+| src/pkg1/def_test.go:0:0:0:0 | src/pkg1/def_test.go |
+| src/pkg2/use.go:0:0:0:0 | src/pkg2/use.go |
 | src/testme.go:0:0:0:0 | src/testme.go |
 | src/testme_blackbox_test.go:0:0:0:0 | src/testme_blackbox_test.go |
 | src/testme_test.go:0:0:0:0 | src/testme_test.go |
 calls
+| src/pkg1/def_blackbox_test.go:8:2:8:14 | call to TestMe | src/pkg1/def.go:7:1:7:16 | function declaration |
+| src/pkg1/def_test.go:4:2:4:9 | call to TestMe | src/pkg1/def.go:7:1:7:16 | function declaration |
 | src/testme_blackbox_test.go:10:18:10:44 | call to PublicFunction | src/testme.go:3:1:3:38 | function declaration |
 | src/testme_test.go:9:18:9:33 | call to PublicFunction | src/testme.go:3:1:3:38 | function declaration |
 | src/testme_test.go:14:19:14:35 | call to privateFunction | src/testme.go:5:1:5:39 | function declaration |

diff --git a/go/ql/integration-tests/test-extraction/test.py b/go/ql/integration-tests/test-extraction/test.py
@@ -1,7 +1,7 @@
 import os
 
 def test_traced(codeql, go):
-    codeql.database.create(source_root="src", command="go test -c")
+    codeql.database.create(source_root="src", command="go test -c ./...")
 
 def test_autobuild(codeql, go):
     codeql.database.create(source_root="src", extractor_option = ["extract_tests=true"])
diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Layout.qll b/java/ql/lib/semmle/code/java/frameworks/android/Layout.qll
@@ -6,7 +6,7 @@ private import semmle.code.java.dataflow.DataFlow
 
 /** An Android Layout XML file. */
 class AndroidLayoutXmlFile extends XmlFile {
-  AndroidLayoutXmlFile() { this.getRelativePath().matches("%/res/layout/%.xml") }
+  AndroidLayoutXmlFile() { this.getRelativePath().regexpMatch("(.*/)?res/layout/.*\\.xml") }
 }
 
 /** A component declared in an Android layout file. */

diff --git a/java/ql/src/Metrics/Summaries/GeneratedVsManualCoverageQuery.qll b/java/ql/src/Metrics/Summaries/GeneratedVsManualCoverageQuery.qll
@@ -17,12 +17,12 @@ private int getNumMadModeledApis(string package, string provenance, string apiSu
       (
         // "auto-only"
         not sc.hasManualModel() and
-        sc.hasProvenance("df-generated") and
+        sc.hasGeneratedModel() and
         provenance = "generated"
         or
         sc.hasManualModel() and
         (
-          if sc.hasProvenance("df-generated")
+          if sc.hasGeneratedModel()
           then
             // "both"
             provenance = "both"

diff --git a/java/ql/test-kotlin1/library-tests/classes/local_anonymous.ql b/java/ql/test-kotlin1/library-tests/classes/local_anonymous.ql
@@ -1,8 +1,6 @@
 import java
 
-private predicate filterFile(Top t) {
-  t.getFile().getRelativePath().matches("%/local_anonymous.kt")
-}
+private predicate filterFile(Top t) { t.getFile().getRelativePath().matches("%local_anonymous.kt") }
 
 private string isAnonymousType(Type t) {
   if t instanceof AnonymousClass then result = "anonymous" else result = "not anonymous"

diff --git a/java/ql/test-kotlin2/library-tests/classes/local_anonymous.ql b/java/ql/test-kotlin2/library-tests/classes/local_anonymous.ql
@@ -1,8 +1,6 @@
 import java
 
-private predicate filterFile(Top t) {
-  t.getFile().getRelativePath().matches("%/local_anonymous.kt")
-}
+private predicate filterFile(Top t) { t.getFile().getRelativePath().matches("%local_anonymous.kt") }
 
 private string isAnonymousType(Type t) {
   if t instanceof AnonymousClass then result = "anonymous" else result = "not anonymous"

diff --git a/java/ql/test/library-tests/MemberRefExpr/parameters.expected b/java/ql/test/library-tests/MemberRefExpr/parameters.expected
@@ -0,0 +1,10 @@
+| Test.java:3:22:3:24 | o |
+| Test.java:7:22:7:26 | i |
+| Test.java:45:22:45:26 | s |
+| Test.java:49:29:49:42 | this |
+| Test.java:50:29:50:42 | this |
+| Test.java:51:29:51:39 | this |
+| Test.java:52:40:52:64 | this |
+| Test.java:70:13:70:22 | length |
+| Test.java:71:13:71:26 | length |
+| Test.java:75:31:75:47 | this |
diff --git a/java/ql/test/library-tests/MemberRefExpr/parameters.ql b/java/ql/test/library-tests/MemberRefExpr/parameters.ql
@@ -0,0 +1,5 @@
+import java
+
+from Parameter p
+where p.fromSource()
+select p
diff --git a/javascript/ql/test/library-tests/Files/relativePaths.expected b/javascript/ql/test/library-tests/Files/relativePaths.expected
@@ -1,2 +1,2 @@
-| a.js:0:0:0:0 | a.js | library-tests/Files/a.js |
-| b/c.js:0:0:0:0 | b/c.js | library-tests/Files/b/c.js |
+| a.js:0:0:0:0 | a.js | a.js |
+| b/c.js:0:0:0:0 | b/c.js | b/c.js |
diff --git a/javascript/ql/test/library-tests/Modules/tests.expected b/javascript/ql/test/library-tests/Modules/tests.expected
@@ -115,16 +115,16 @@ test_ReExportDeclarations
 | m/c.js:5:1:5:30 | export  ... '../b'; | m/c.js:5:24:5:29 | '../b' |
 | reExportNamespace.js:1:1:1:26 | export  ...  "./a"; | reExportNamespace.js:1:21:1:25 | "./a" |
 test_getAnImportedModule
-| library-tests/Modules/b.js | library-tests/Modules/a.js |
-| library-tests/Modules/d.js | library-tests/Modules/a.js |
-| library-tests/Modules/d.js | library-tests/Modules/b.js |
-| library-tests/Modules/es2015_require.js | library-tests/Modules/d.js |
-| library-tests/Modules/f.ts | library-tests/Modules/e.js |
-| library-tests/Modules/g.ts | library-tests/Modules/f.ts |
-| library-tests/Modules/import-indirect-path.js | library-tests/Modules/a.js |
-| library-tests/Modules/import-ts-with-js-extension.ts | library-tests/Modules/f.ts |
-| library-tests/Modules/m/c.js | library-tests/Modules/b.js |
-| library-tests/Modules/reExportNamespaceClient.js | library-tests/Modules/reExportNamespace.js |
+| b.js | a.js |
+| d.js | a.js |
+| d.js | b.js |
+| es2015_require.js | d.js |
+| f.ts | e.js |
+| g.ts | f.ts |
+| import-indirect-path.js | a.js |
+| import-ts-with-js-extension.ts | f.ts |
+| m/c.js | b.js |
+| reExportNamespaceClient.js | reExportNamespace.js |
 test_getExportedName
 | arbitrarySpecifier.ts:5:10:5:30 | Foo_new ... o::new" | Foo::new |
 | arbitrarySpecifier.ts:6:13:6:28 | * as "Foo_types" | Foo_types |