Skip to content

Commit 9eda513

Browse files
hyperpolymathclaude
hyperpolymath
and
claude
committed
feat(assail): strip #[cfg(test)] mod bodies before Rust keyword scan
Closes the two residual UnboundedAllocation false positives classified in 007-lang/audits/audit-unbounded-allocation.md §5 and §6: - crates/oo7-core/src/backends_tier4.rs — test fn `choreography_unbounded_loop` inside `#[cfg(test)] mod tests {}` - crates/oo7-core/src/metacompiler.rs — test fn `validate_detects_left_recursion` inside the same shape Both files are production Rust but embed a `#[cfg(test)] mod tests { … }` at the bottom. Previously, substring-based dangerous-pattern checks on `code_only` saw the test-fn identifiers (`unbounded`, `recursion`) and flagged the whole file as UnboundedAllocation. The file-path-based `is_test_file` predicate does not recognise inline test modules, so those tokens counted against the production file. Fix: add `strip_cfg_test_modules_rs(&code_only)` and use the resulting `code_no_test_mods` for the unbounded-allocation keyword check. This is the Rust analogue of `count_unsafe_in_test_blocks` on the Zig side. Intentionally scoped to the unbounded-allocation check only — broader application to unsafe/panic/crypto checks is deferred to keep blast radius small. Recognised attribute forms: `#[cfg(test)]`, `#[cfg(any(test, …))]`, `#[cfg(all(test, …))]`, and any other `cfg(…)` whose argument list contains bareword `test` outside a `not(test)` group. `#[cfg(not(test))]` is production-only and left in place. New helpers: - `Analyzer::strip_cfg_test_modules_rs(content)` — brace-match `#[cfg(test)] mod <name> { … }`, replace body with whitespace, preserve line count so downstream line numbers stay stable. - `Analyzer::cfg_args_select_test(args)` — classify the argument list of `#[cfg(...)]` as selecting for `test` or not. - `strip_not_test_groups(args)` — erase `not(test)` groups so `all(not(test), …)` does not mis-classify. Tests: 15 new unit tests covering the common attribute forms, pub mod, mod without body, nested braces, `feature = testable` substring non-matches, and `not(debug_assertions)` preservation. All 182 lib tests pass (was 167 + 15 new = 182). Measured impact on 007-lang: UnboundedAllocation residuals 6 → 4. Remaining 4 are all legitimate `std::fs::read_to_string` full-file reads of operator-supplied input (CLI, import resolver, diagnostics temp file, config loader) and are accepted in the audit doc. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1 parent 317a0e9 commit 9eda513

1 file changed

Lines changed: 380 additions & 15 deletions

File tree

0 commit comments

Comments
 (0)