First pass on 17-12, 17-13, both facing extractor issues.

Author: MichaelRFairhurst

c/misra/src/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql

@@ -0,0 +1,83 @@
+/**
+ * @id c/misra/function-addresses-should-address-operator
+ * @name RULE-17-12: A function identifier should only be called with a parenthesized parameter list or used with a &
+ * @description A function identifier should only be called with a parenthesized parameter list or
+ *              used with a & (address-of).
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-17-12
+ *       readability
+ *       external/misra/obligation/advisory
+ */
+
+import cpp
+import codingstandards.c.misra
+
+abstract class AddressOfFunction extends Expr {
+  abstract predicate isImplicitlyAddressed();
+
+  abstract string getFuncName();
+}
+
+class FunctionTypeAccess extends FunctionAccess, AddressOfFunction {
+
+  predicate isImmediatelyParenthesized() {
+    exists(ParenthesisExpr parens | parens.getExpr() = this)
+  }
+
+  predicate isExplicitlyAddressed() {
+    getParent() instanceof AddressOfExpr and
+    not isImmediatelyParenthesized()
+  }
+
+  override predicate isImplicitlyAddressed() {
+    not isExplicitlyAddressed()
+  }
+
+  override string getFuncName() {
+    result = getTarget().getName()
+  }
+}
+
+/*
+class IndirectFunctionCall extends FunctionCall, AddressOfFunction {
+  override predicate isImplicitlyAddressed() {
+    getConversion+() instanceof ParenthesisExpr
+  }
+  
+  override string getFuncName() {
+    result = getTarget().getName()
+  }
+}
+  */
+
+class MacroArgTakesFunction extends AddressOfFunction {
+  MacroInvocation m;
+  MacroArgTakesFunction() {
+    m.getExpr() = this
+  }
+
+  override predicate isImplicitlyAddressed() {
+    any()
+  }
+
+  string getProp() {
+    result = m.getExpandedArgument(_)
+    and this.get
+  }
+
+  override string getFuncName() {
+    result = "a macro argument"
+  }
+
+}
+
+from AddressOfFunction funcAddr
+where
+  not isExcluded(funcAddr, FunctionTypesPackage::functionAddressesShouldAddressOperatorQuery()) and
+  //not funcAccess.isImmediatelyCalled() and
+  //not funcAccess.isExplicitlyAddressed()
+  funcAddr.isImplicitlyAddressed()
+select
+  funcAddr, "The address of function " + funcAddr.getFuncName() + " is taken without the & operator."

c/misra/src/rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql

@@ -0,0 +1,147 @@
+/**
+ * @id c/misra/disallowed-function-type-qualifier
+ * @name RULE-17-13: A function type shall not include any type qualifiers (const, volatile, restrict, or _Atomic)
+ * @description The behavior of type qualifiers on a function type is undefined.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-17-13
+ *       correctness
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+
+//from DeclarationEntry decl, Type type //, Specifier specifier
+//where
+//  not isExcluded(decl, FunctionTypesPackage::disallowedFunctionTypeQualifierQuery()) and
+//  //decl.getType() instanceof FunctionPointerType and
+//  //decl.getType().(FunctionPointerType).hasSpecifier(specifier)
+//  (type = decl.getType().getUnderlyingType*()
+//  or type = decl.getType())
+//   and
+//  //specifier = type.getASpecifier()
+//  any()
+//select decl, type //, specifier // "The behavior of type qualifier " + specifier + " on a function type is undefined." 
+
+newtype TDeclaredFunction =
+  TFunctionDeclaration(Declaration declaration)
+
+abstract class DeclaredFunction extends TDeclaredFunction {
+  abstract string toString();
+}
+
+predicate isConstFunction(Type type) {
+  (type.getASpecifier().getName() = "const"
+  or type.isConst())
+  and isFunctionType(type)
+  or isConstFunction(type.getUnderlyingType())
+}
+
+predicate isFunctionType(Type type) {
+  type instanceof FunctionPointerType
+  or isFunctionType(type.getUnderlyingType())
+}
+
+predicate declaresConstFunction(DeclarationEntry entry) {
+  (entry.getDeclaration().getASpecifier().getName() = "const"
+  and isFunctionType(entry.getType()))
+  or isConstFunction(entry.getType())
+}
+
+class QualifiableRoutineType extends RoutineType, QualifiableType {
+  override string explainQualifiers() {
+    result = "func{"
+      + specifiersOf(this) + this.getReturnType().(QualifiableType).explainQualifiers()
+      + " ("
+      + paramString(0)
+      + ")}"
+  }
+
+  string paramString(int i) {
+    i = 0 and result = "" and not exists(this.getAParameterType())
+    or
+    (
+      if i < max(int j | exists(this.getParameterType(j)))
+      then
+        // Not the last one
+        result = this.getParameterType(i).(QualifiableType).explainQualifiers() + "," + this.paramString(i + 1)
+      else
+        // Last parameter
+        result = this.getParameterType(i).(QualifiableType).explainQualifiers()
+    )
+  }
+}
+
+class QualifiableIntType extends IntType, QualifiableType {
+  override string explainQualifiers() {
+    result = specifiersOf(this) + " " + this.toString()
+  }
+}
+
+class QualifiablePointerType extends PointerType, QualifiableType {
+  override string explainQualifiers() {
+    result = "{" 
+      + specifiersOf(this)
+      + " pointer to "
+      + this.getBaseType().(QualifiableType).explainQualifiers()
+      + "}"
+  }
+}
+
+class QualifiableType extends Type {
+  string explainQualifiers() {
+    result = "Unimplemented explainQualifiers for type(s): " + concat(string s | s = getAQlClass() | s, ",")
+  }
+}
+
+class QualifiableTypedefType extends TypedefType, QualifiableType {
+  override string explainQualifiers() {
+    result = "{ typedef "
+      + specifiersOf(this)
+      + " "
+      + this.getBaseType().(QualifiableType).explainQualifiers()
+      + "}"
+  }
+}
+
+class QualifiableSpecifiedType extends SpecifiedType, QualifiableType {
+  override string explainQualifiers() {
+    result = "{"
+      + specifiersOf(this)
+      + " "
+      + this.getBaseType().(QualifiableType).explainQualifiers()
+      + "}"
+  }
+}
+
+string typeString(Type t) {
+  //if 
+  //  t instanceof CTypedefType
+  //  then result = t.(CTypedefType).explain() + "specs:" + specifiersOf(t.(CTypedefType).getBaseType()) + "/" + typeString(t.(CTypedefType).getBaseType())
+  //  else
+  //result = concat(string s | s = t.getAQlClass() | s, ",")
+  result = t.(QualifiableType).explainQualifiers()
+}
+
+string specifiersOf(Type t) {
+  result = concat(Specifier s | s = t.getASpecifier()| s.getName(), ", ")
+}
+
+string declSpecifiersOf(Declaration d) {
+  result = concat(Specifier s | s = d.getASpecifier()| s.getName(), ", ")
+}
+
+string underlying(Type t) {
+  exists(Type u | u = t.getUnderlyingType() | result = u.toString())
+  or  result = "[no underlying]"
+
+}
+
+from DeclarationEntry entry
+select entry, entry.getType(), typeString(entry.getType()), declSpecifiersOf(entry.getDeclaration()), specifiersOf(entry.getType())
+
+//from Type t
+//where any()//isFunctionType(t)
+//select t, specifiersOf(t), underlying(t)

c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.expected

@@ -0,0 +1,18 @@
+| test.c:15:25:15:29 | func2 | The address of function func2 is taken without the & operator. |
+| test.c:16:27:16:31 | func3 | The address of function func3 is taken without the & operator. |
+| test.c:22:16:22:20 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:38:5:38:9 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:39:5:39:9 | func2 | The address of function func2 is taken without the & operator. |
+| test.c:47:7:47:11 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:48:7:48:11 | func2 | The address of function func2 is taken without the & operator. |
+| test.c:57:15:57:19 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:58:23:58:27 | func2 | The address of function func2 is taken without the & operator. |
+| test.c:59:15:59:19 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:59:22:59:26 | func2 | The address of function func2 is taken without the & operator. |
+| test.c:67:13:67:17 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:68:14:68:18 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:69:14:69:18 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:71:20:71:24 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:72:20:72:24 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:76:20:76:24 | func1 | The address of function func1 is taken without the & operator. |
+| test.c:77:20:77:24 | func1 | The address of function func1 is taken without the & operator. |

c/misra/test/rules/RULE-17-12/FunctionAddressesShouldAddressOperator.qlref

@@ -0,0 +1 @@
+rules/RULE-17-12/FunctionAddressesShouldAddressOperator.ql

c/misra/test/rules/RULE-17-12/test.c

@@ -0,0 +1,106 @@
+void func1() {}
+void func2(int x, char* y) {}
+
+typedef struct {} s;
+
+int func3() {
+    return 0;
+}
+
+typedef void (*func_ptr_t1)();
+typedef void (*func_ptr_t2)(int x, char* y);
+typedef s (*func_ptr_t3)();
+
+func_ptr_t1 func_ptr1 = &func1; // COMPLIANT
+func_ptr_t2 func_ptr2 = func2; // NON-COMPLIANT
+func_ptr_t3 func_ptr3 = &(func3); // NON-COMPLIANT
+
+void take_func(func_ptr_t1 f1, func_ptr_t2 f2);
+
+func_ptr_t1 returns_func(int x) {
+    if (x == 0) {
+        return func1; // NON-COMPLIANT
+    } else if (x == 1) {
+        return &func1; // COMPLIANT
+    }
+
+    return returns_func(0); // COMPLIANT
+}
+
+#define MACRO_IDENTITY(f) (f)
+#define MACRO_INVOKE_RISKY(f) (f())
+#define MACRO_INVOKE_IMPROVED(f) ((f)())
+
+void test() {
+    func1();     // COMPLIANT
+    func2(1, "hello"); // COMPLIANT
+
+    func1;     // NON-COMPLIANT 
+    func2;     // NON-COMPLIANT 
+
+    &func1;     // COMPLIANT 
+    &func2;     // COMPLIANT 
+
+    (func1)();     // COMPLIANT
+    (func2)(1, "hello"); // COMPLIANT
+
+    &(func1); // NON-COMPLIANT
+    &(func2); // NON-COMPLIANT
+
+    (&func1)();     // COMPLIANT
+    (&func2)(1, "hello"); // COMPLIANT
+
+    (func1());     // COMPLIANT
+    (func2(1, "hello")); // COMPLIANT
+
+    take_func(&func1, &func2); // COMPLIANT
+    take_func(func1, &func2); // NON-COMPLIANT
+    take_func(&func1, func2); // NON-COMPLIANT
+    take_func(func1, func2); // NON-COMPLIANT
+
+    returns_func(0); // COMPLIANT
+    returns_func(0)(); // COMPLIANT
+    (returns_func(0))(); // COMPLIANT
+
+    (void*) &func1;     // COMPLIANT 
+    (void*) (&func1);     // COMPLIANT 
+    (void*) func1;     // NON-COMPLIANT 
+    (void*) (func1);     // NON-COMPLIANT 
+    ((void*) func1);     // NON-COMPLIANT 
+
+    MACRO_IDENTITY(func1); // NON-COMPLIANT
+    MACRO_IDENTITY(func1)(); // NON-COMPLIANT
+    MACRO_IDENTITY(&func1); // COMPLIANT
+    MACRO_IDENTITY(&func1)(); // COMPLIANT
+
+    MACRO_INVOKE_RISKY(func3); // NON-COMPLIANT
+    MACRO_INVOKE_IMPROVED(func3); // NON-COMPLIANT
+    MACRO_INVOKE_IMPROVED(&func3); // COMPLIANT
+
+    // Function pointers are exempt from this rule.
+    func_ptr1(); // COMPLIANT
+    func_ptr2(1, "hello"); // COMPLIANT
+    func_ptr1; // COMPLIANT
+    func_ptr2; // COMPLIANT
+    &func_ptr1; // COMPLIANT
+    &func_ptr2; // COMPLIANT
+    (func_ptr1)(); // COMPLIANT
+    (func_ptr2)(1, "hello"); // COMPLIANT
+    (*func_ptr1)(); // COMPLIANT
+    (*func_ptr2)(1, "hello"); // COMPLIANT
+    take_func(func_ptr1, func_ptr2); // COMPLIANT
+    (void*) func_ptr1; // COMPLIANT
+    (void*) &func_ptr1;     // COMPLIANT 
+    (void*) (&func_ptr1);     // COMPLIANT 
+    (void*) func_ptr1;     // COMPLIANT 
+    (void*) (func_ptr1);     // COMPLIANT 
+    ((void*) func_ptr1);     // COMPLIANT 
+    MACRO_IDENTITY(func_ptr1); // COMPLIANT
+    MACRO_IDENTITY(func_ptr1)(); // COMPLIANT
+    MACRO_IDENTITY(&func_ptr1); // COMPLIANT
+    (*MACRO_IDENTITY(&func_ptr1))(); // COMPLIANT
+    MACRO_INVOKE_RISKY(func_ptr3); // COMPLIANT
+    MACRO_INVOKE_IMPROVED(func_ptr3); // COMPLIANT
+    MACRO_INVOKE_IMPROVED(*&func_ptr3); // COMPLIANT
+
+}

c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.expected

@@ -0,0 +1 @@
+No expected results have yet been specified

c/misra/test/rules/RULE-17-13/DisallowedFunctionTypeQualifier.qlref

@@ -0,0 +1 @@
+rules/RULE-17-13/DisallowedFunctionTypeQualifier.ql