Remove shared implementation

Author: mbaluda

c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.expected

@@ -1,7 +1,7 @@
 /**
  * @id c/misra/object-assigned-to-an-overlapping-object
  * @name RULE-19-1: An object shall not be assigned to an overlapping object
- * @description An object shall not be assigned to an overlapping object.
+ * @description An object shall not be copied or assigned to an overlapping object.
  * @kind problem
  * @precision high
  * @problem.severity error
@@ -12,10 +12,43 @@
 
 import cpp
 import codingstandards.c.misra
-import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment
+import semmle.code.cpp.valuenumbering.GlobalValueNumbering
 
-class ObjectAssignedToAnOverlappingObjectQuery extends OverlappingObjectAssignmentSharedQuery {
-  ObjectAssignedToAnOverlappingObjectQuery() {
-    this = Contracts7Package::objectAssignedToAnOverlappingObjectQuery()
-  }
+VariableAccess getAQualifier(VariableAccess va) { result = va.getQualifier+() }
+
+int getAccessByteOffset(FieldAccess fa) {
+  not fa.getQualifier() instanceof FieldAccess and result = fa.getTarget().getByteOffset()
+  or
+  result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier())
+}
+
+predicate overlaps(FieldAccess fa1, FieldAccess fa2) {
+  exists(int startfa1, int endfa1, int startfa2, int endfa2 |
+    startfa1 = getAccessByteOffset(fa1) and
+    endfa1 = startfa1 + fa1.getTarget().getType().getSize() - 1 and
+    startfa2 = getAccessByteOffset(fa2) and
+    endfa2 = startfa2 + fa2.getTarget().getType().getSize() - 1
+  |
+    startfa1 = startfa2 and endfa1 = endfa2
+    or
+    startfa1 > startfa2 and endfa1 < endfa2
+    or
+    startfa1 < startfa2 and endfa1 < endfa2 and endfa1 > startfa2
+    or
+    startfa1 > startfa2 and endfa1 > endfa2 and startfa1 < endfa2
+  )
 }
+
+from AssignExpr assignExpr, Expr lhs, Expr rhs, ValueFieldAccess valuelhs, ValueFieldAccess valuerhs
+where
+  not isExcluded(assignExpr, Contracts7Package::objectAssignedToAnOverlappingObjectQuery()) and
+  lhs.getType() instanceof Union and
+  rhs.getType() instanceof Union and
+  lhs = getAQualifier(assignExpr.getLValue()) and
+  rhs = getAQualifier(assignExpr.getRValue()) and
+  globalValueNumber(lhs) = globalValueNumber(rhs) and
+  valuerhs = assignExpr.getRValue() and
+  valuelhs = assignExpr.getLValue() and // a.b.c == ((a.b).c)
+  overlaps(valuelhs, valuerhs)
+select assignExpr, "An object $@ assigned to overlapping object $@.", valuelhs,
+  valuelhs.getTarget().getName(), valuerhs, valuerhs.getTarget().getName()

c/common/test/rules/overlappingobjectassignment/OverlappingObjectAssignment.ql

@@ -24,14 +24,11 @@ int getAccessByteOffset(FieldAccess fa) {
   result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier())
 }
 
-/**
- * Models calls to memcpy on overlapping objects
- */
-class MemcpyCall extends Locatable {
+class OverlappingCopy extends Locatable {
   Expr src;
   Expr dst;
 
-  MemcpyCall() {
+  OverlappingCopy() {
     this.(MacroInvocation).getMacroName() = "memcpy" and
     src = this.(MacroInvocation).getExpr().getChild(1) and
     dst = this.(MacroInvocation).getExpr().getChild(0)
@@ -65,14 +62,13 @@ class MemcpyCall extends Locatable {
     e instanceof VariableAccess and result = 0
   }
 
-  // maximum amount of element copied
   int getCount() {
     result =
       upperBound([this.(MacroInvocation).getExpr().getChild(2), this.(FunctionCall).getArgument(2)])
   }
 
   // source and destination overlap
-  predicate overlap() {
+  predicate overlaps() {
     globalValueNumber(this.getBase(src)) = globalValueNumber(this.getBase(dst)) and
     exists(int dstStart, int dstEnd, int srcStart, int srcEnd |
       dstStart = this.getOffset(dst) and
@@ -96,9 +92,9 @@ class MemcpyCall extends Locatable {
   }
 }
 
-from MemcpyCall memcpy
+from OverlappingCopy copy
 where
-  not isExcluded(memcpy, Contracts7Package::objectCopiedToAnOverlappingObjectQuery()) and
-  memcpy.overlap()
-select memcpy, "The object to copy $@ overlaps the object to copy $@.", memcpy.getSrc(), "from",
-  memcpy.getDst(), "to"
+  not isExcluded(copy, Contracts7Package::objectCopiedToAnOverlappingObjectQuery()) and
+  copy.overlaps()
+select copy, "The object to copy $@ overlaps the object to copy $@.", copy.getSrc(), "from",
+  copy.getDst(), "to"

c/common/test/rules/overlappingobjectassignment/test.c

@@ -0,0 +1 @@
+| test.c:55:3:55:18 | ... = ... | An object $@ assigned to overlapping object $@. | test.c:55:9:55:10 | m2 | m2 | test.c:55:17:55:18 | m1 | m1 |

c/misra/src/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql

@@ -0,0 +1 @@
+rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.ql

c/misra/src/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.ql

@@ -1,5 +1,5 @@
-| test.c:5:3:5:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:5:17:5:21 | & ... | from | test.c:5:10:5:14 | & ... | to |
-| test.c:7:3:7:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:7:17:7:21 | & ... | from | test.c:7:10:7:14 | & ... | to |
-| test.c:8:3:8:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:8:17:8:17 | o | from | test.c:8:10:8:14 | ... + ... | to |
-| test.c:10:3:10:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:10:17:10:21 | ... + ... | from | test.c:10:10:10:14 | ... + ... | to |
-| test.c:52:3:52:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:52:21:52:26 | & ... | from | test.c:52:10:52:18 | & ... | to |
+| test.c:8:3:8:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:8:17:8:21 | & ... | from | test.c:8:10:8:14 | & ... | to |
+| test.c:10:3:10:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:10:17:10:21 | & ... | from | test.c:10:10:10:14 | & ... | to |
+| test.c:11:3:11:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:11:17:11:17 | o | from | test.c:11:10:11:14 | ... + ... | to |
+| test.c:13:3:13:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:13:17:13:21 | ... + ... | from | test.c:13:10:13:14 | ... + ... | to |
+| test.c:57:3:57:8 | call to memcpy | The object to copy $@ overlaps the object to copy $@. | test.c:57:21:57:26 | & ... | from | test.c:57:10:57:18 | & ... | to |

c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.expected

@@ -2,6 +2,9 @@
 
 int o[10];
 void g(void) {
+
+  o[2] = o[0]; // COMPLIANT
+
   memcpy(&o[1], &o[0], 2); // NON_COMPLIANT
   memcpy(&o[2], &o[0], 2); // COMPLIANT
   memcpy(&o[2], &o[1], 2); // NON_COMPLIANT
@@ -49,6 +52,8 @@ union {
 } u2;
 
 void test_unions() {
+  u1.m2.m2 = u1.m1; // NON_COMPLIANT
+
   memcpy(&u1.m2.m2, &u1.m1, sizeof(u1.m1)); // NON_COMPLIANT
   memcpy(&u2.diff.suffix, &u2.fnv.suffix, sizeof(u2.fnv.suffix)); // COMPLIANT
 }

c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.qlref

@@ -12,12 +12,46 @@
  *       external/autosar/obligation/required
  */
 
+//Assignment between different active members of same union instance
 import cpp
 import codingstandards.cpp.autosar
-import codingstandards.cpp.rules.overlappingobjectassignment.OverlappingObjectAssignment
+import semmle.code.cpp.valuenumbering.GlobalValueNumbering
 
-class ObjectAssignedToAnOverlappingObjectQuery extends OverlappingObjectAssignmentSharedQuery {
-  ObjectAssignedToAnOverlappingObjectQuery() {
-    this = RepresentationPackage::objectAssignedToAnOverlappingObjectQuery()
-  }
+VariableAccess getAQualifier(VariableAccess va) { result = va.getQualifier+() }
+
+int getAccessByteOffset(FieldAccess fa) {
+  not fa.getQualifier() instanceof FieldAccess and result = fa.getTarget().getByteOffset()
+  or
+  result = fa.getTarget().getByteOffset() + getAccessByteOffset(fa.getQualifier())
+}
+
+predicate overlaps(FieldAccess fa1, FieldAccess fa2) {
+  exists(int startfa1, int endfa1, int startfa2, int endfa2 |
+    startfa1 = getAccessByteOffset(fa1) and
+    endfa1 = startfa1 + fa1.getTarget().getType().getSize() - 1 and
+    startfa2 = getAccessByteOffset(fa2) and
+    endfa2 = startfa2 + fa2.getTarget().getType().getSize() - 1
+  |
+    startfa1 = startfa2 and endfa1 = endfa2
+    or
+    startfa1 > startfa2 and endfa1 < endfa2
+    or
+    startfa1 < startfa2 and endfa1 < endfa2 and endfa1 > startfa2
+    or
+    startfa1 > startfa2 and endfa1 > endfa2 and startfa1 < endfa2
+  )
 }
+
+from AssignExpr assignExpr, Expr lhs, Expr rhs, ValueFieldAccess valuelhs, ValueFieldAccess valuerhs
+where
+  not isExcluded(assignExpr, RepresentationPackage::objectAssignedToAnOverlappingObjectQuery()) and
+  lhs.getType() instanceof Union and
+  rhs.getType() instanceof Union and
+  lhs = getAQualifier(assignExpr.getLValue()) and
+  rhs = getAQualifier(assignExpr.getRValue()) and
+  globalValueNumber(lhs) = globalValueNumber(rhs) and
+  valuerhs = assignExpr.getRValue() and
+  valuelhs = assignExpr.getLValue() and // a.b.c == ((a.b).c)
+  overlaps(valuelhs, valuerhs)
+select assignExpr, "An object $@ assigned to overlapping object $@.", valuelhs,
+  valuelhs.getTarget().getName(), valuerhs, valuerhs.getTarget().getName()

c/misra/test/rules/RULE-19-1/ObjectAssignedToAnOverlappingObject.testref

@@ -0,0 +1 @@
+No expected results have yet been specified

c/misra/test/rules/RULE-19-1/ObjectCopiedToAnOverlappingObject.expected

@@ -0,0 +1 @@
+rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql

c/misra/test/rules/RULE-19-1/test.c

@@ -66,13 +66,12 @@
       },
       "queries": [
         {
-          "description": "An object shall not be assigned to an overlapping object.",
+          "description": "An object shall not be copied or assigned to an overlapping object.",
           "kind": "problem",
           "name": "An object shall not be assigned to an overlapping object",
           "precision": "high",
           "severity": "error",
           "short_name": "ObjectAssignedToAnOverlappingObject",
-          "shared_implementation_short_name": "OverlappingObjectAssignment",
           "tags": [
             "correctness"
           ]

cpp/autosar/src/rules/M0-2-1/ObjectAssignedToAnOverlappingObject.ql

@@ -50,7 +50,6 @@
           "precision": "high",
           "severity": "error",
           "short_name": "ObjectAssignedToAnOverlappingObject",
-          "shared_implementation_short_name": "OverlappingObjectAssignment",
           "tags": [
             "correctness"
           ]