Skip to content

Implement PRE31-C #275

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Mar 30, 2023
Merged

Implement PRE31-C #275

merged 10 commits into from
Mar 30, 2023

Conversation

lcartey
Copy link
Collaborator

@lcartey lcartey commented Mar 27, 2023
edited by knewbury01
Loading

Description

Implements a heuristic query to find cases where arguments are provided to unsafe macros which have side-effects.

Change request type

  • Release or process automation (GitHub workflows, internal scripts)
  • Internal documentation
  • External documentation
  • Query files (.ql, .qll, .qls or unit tests)
  • External scripts (analysis report or other code shipped as part of a release)

Rules with added or modified queries

  • No rules added
  • Queries have been added for the following rules:
    • PRE31-C
  • Queries have been modified for the following rules:
    • rule number here

Release change checklist

A change note (development_handbook.md#change-notes) is required for any pull request which modifies:

  • The structure or layout of the release artifacts.
  • The evaluation performance (memory, execution time) of an existing query.
  • The results of an existing query in any circumstance.

If you are only adding new rule queries, a change note is not required.

Author: Is a change note required?

  • Yes
  • No

🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.

  • Confirmed

Reviewer: Confirm that either a change note is not required or the change note is required and has been added.

  • Confirmed

Query development review checklist

For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:

Author

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

Reviewer

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

@lcartey
PRE31-C: Implement query
49cded3 
Implements a heuristic query to find cases where arguments are provided
to unsafe macros which have side-effects.
@lcartey lcartey requested a review from rvermeulen March 27, 2023 23:56
lcartey and others added 6 commits March 29, 2023 11:40
@lcartey
PRE31-C: Create UnsafeMacro class.
d6a4c4e
@lcartey
PRE31-C: Refactor to create UnsafeMacroInvocation
bef5a36 
Refactor the query to create a separate class for representing unsafe
macro invocations. This will enable the query to be improved by
determining whether we actually observe multiple side-effects in
practice (to handle cases like `type(e) = e;`.
@lcartey
PRE31-C: Ensure we see multiple side-effects
272df6c 
A macro argument can be referred to multiple times in the body of a
macro without it necessarily being evaluated multiple times - for
example using an expression with sizeof, type etc. To handle these cases
we ensure that we see multiple equivalent side-effects.
@lcartey
PRE31-C: Improve docs
fc51948
@lcartey
PRE31-C: CERT help text
264f3cd
@lcartey
Merge branch 'main' into side-effects-4
afdd82f
@lcartey lcartey marked this pull request as ready for review March 29, 2023 11:08
@knewbury01 knewbury01 self-requested a review March 29, 2023 14:03
@jsinglet
Copy link
Contributor

/test-matrix

@jsinglet
Copy link
Contributor

/test-matrix

knewbury01
knewbury01 reviewed Mar 29, 2023
View reviewed changes
Copy link
Contributor

@knewbury01 knewbury01 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just a supplemental few points for the conversation that we had in the team sync!

lcartey and others added 2 commits March 29, 2023 22:45
@lcartey
PRE31-C: Update metadata and docs
edca7d1 
 * Add an implementation scope
 * Add qldocs
 * Update description.
@lcartey
Merge branch 'main' into side-effects-4
c8424b6
knewbury01
knewbury01 approved these changes Mar 30, 2023
View reviewed changes
Copy link
Contributor

@knewbury01 knewbury01 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

couldnt find anything else to improve! LGTM!

@knewbury01 knewbury01 added this pull request to the merge queue Mar 30, 2023
Merged via the queue into main with commit 06cc7e3 Mar 30, 2023
@knewbury01 knewbury01 deleted the side-effects-4 branch March 30, 2023 12:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@knewbury01 knewbury01 knewbury01 approved these changes

@rvermeulen rvermeulen Awaiting requested review from rvermeulen

Assignees
No one assigned
Labels
None yet
Projects
Coding Standards Public Development Board
Status: No status
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lcartey @jsinglet @knewbury01