Merge branch 'main' into knewbury01/Declarations4

Author: lcartey

.github/touch

@@ -224,6 +224,7 @@
                 "Iterators",
                 "Lambdas",
                 "Language1",
+                "Language2",
                 "Literals",
                 "Loops",
                 "Macros",
@@ -255,6 +256,7 @@
                 "Preprocessor3",
                 "Preprocessor4",
                 "Preprocessor5",
+                "Preprocessor6",
                 "IntegerConversion",
                 "Expressions",
                 "DeadCode",

.vscode/tasks.json

@@ -1,4 +1,4 @@
 name: cert-c-coding-standards
-version: 2.11.0-dev
+version: 2.12.0-dev
 suites: codeql-suites
 libraryPathDependencies: common-c-coding-standards

c/cert/src/qlpack.yml

@@ -16,7 +16,7 @@ import codingstandards.c.cert
 import codingstandards.cpp.SideEffect
 import semmle.code.cpp.dataflow.DataFlow
 import semmle.code.cpp.dataflow.TaintTracking
-import semmle.code.cpp.valuenumbering.GlobalValueNumberingImpl
+import semmle.code.cpp.valuenumbering.GlobalValueNumbering
 
 /** Holds if the function's return value is derived from the `AliasParamter` p. */
 predicate returnValueDependsOnAliasParameter(AliasParameter p) {

c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql

@@ -1,4 +1,4 @@
 name: cert-c-coding-standards-tests
-version: 2.11.0-dev
+version: 2.12.0-dev
 libraryPathDependencies: cert-c-coding-standards
 extractor: cpp

c/cert/test/qlpack.yml

@@ -0,0 +1,58 @@
+import cpp
+import codingstandards.cpp.Macro
+import codingstandards.cpp.Naming
+
+/**
+ * Macros that cannot be replaced by functions
+ */
+abstract class IrreplaceableFunctionLikeMacro extends FunctionLikeMacro { }
+
+/** A function like macro that contains the use of a stringize or tokenize operator should not be replaced by a function. */
+private class StringizeOrTokenizeMacro extends IrreplaceableFunctionLikeMacro {
+  StringizeOrTokenizeMacro() {
+    exists(TokenPastingOperator t | t.getMacro() = this) or
+    exists(StringizingOperator s | s.getMacro() = this)
+  }
+}
+
+/** A standard library function like macro that should not be replaced by a function. */
+private class StandardLibraryFunctionLikeMacro extends IrreplaceableFunctionLikeMacro {
+  StandardLibraryFunctionLikeMacro() { Naming::Cpp14::hasStandardLibraryMacroName(this.getName()) }
+}
+
+/** A function like macro invocation as an `asm` argument cannot be replaced by a function. */
+private class AsmArgumentInvoked extends IrreplaceableFunctionLikeMacro {
+  AsmArgumentInvoked() {
+    any(AsmStmt s).getLocation().subsumes(this.getAnInvocation().getLocation())
+  }
+}
+
+/** A macro that is only invoked with constant arguments is more likely to be compile-time evaluated than a function call so do not suggest replacement. */
+private class OnlyConstantArgsInvoked extends IrreplaceableFunctionLikeMacro {
+  OnlyConstantArgsInvoked() {
+    forex(MacroInvocation mi | mi = this.getAnInvocation() |
+      //int/float literals
+      mi.getUnexpandedArgument(_).regexpMatch("\\d+")
+      or
+      //char literal or string literal, which is a literal surrounded by single quotes or double quotes
+      mi.getUnexpandedArgument(_).regexpMatch("('[^']*'|\"[^\"]*\")")
+    )
+  }
+}
+
+/** A function like macro invoked to initialize an object with static storage that cannot be replaced with a function call. */
+private class UsedToStaticInitialize extends IrreplaceableFunctionLikeMacro {
+  UsedToStaticInitialize() {
+    any(StaticStorageDurationVariable v).getInitializer().getExpr() =
+      this.getAnInvocation().getExpr()
+  }
+}
+
+/** A function like macro that is called with an argument that is an operator that cannot be replaced with a function call. */
+private class FunctionLikeMacroWithOperatorArgument extends IrreplaceableFunctionLikeMacro {
+  FunctionLikeMacroWithOperatorArgument() {
+    exists(MacroInvocation mi | mi.getMacro() = this |
+      mi.getUnexpandedArgument(_) = any(Operation op).getOperator()
+    )
+  }
+}

c/common/src/codingstandards/c/IrreplaceableFunctionLikeMacro.qll

@@ -1,3 +1,3 @@
 name: common-c-coding-standards
-version: 2.11.0-dev
+version: 2.12.0-dev
 libraryPathDependencies: common-cpp-coding-standards

c/common/src/qlpack.yml

@@ -1,4 +1,4 @@
 name: common-c-coding-standards-tests
-version: 2.11.0-dev
+version: 2.12.0-dev
 libraryPathDependencies: common-c-coding-standards
 extractor: cpp

c/common/test/qlpack.yml

@@ -1,4 +1,4 @@
 name: misra-c-coding-standards
-version: 2.11.0-dev
+version: 2.12.0-dev
 suites: codeql-suites
 libraryPathDependencies: common-c-coding-standards

c/misra/src/qlpack.yml

@@ -0,0 +1,22 @@
+/**
+ * @id c/misra/usage-of-assembly-language-should-be-documented
+ * @name DIR-4-2: All usage of assembly language should be documented
+ * @description Assembly language is not portable and should be documented.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity warning
+ * @tags external/misra/id/dir-4-2
+ *       maintainability
+ *       readability
+ *       external/misra/obligation/advisory
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented
+
+class UsageOfAssemblyLanguageShouldBeDocumentedQuery extends UsageOfAssemblerNotDocumentedSharedQuery {
+  UsageOfAssemblyLanguageShouldBeDocumentedQuery() {
+    this = Language2Package::usageOfAssemblyLanguageShouldBeDocumentedQuery()
+  }
+}

c/misra/src/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.ql

@@ -0,0 +1,36 @@
+/**
+ * @id c/misra/function-over-function-like-macro
+ * @name DIR-4-9: A function should be used in preference to a function-like macro where they are interchangeable
+ * @description Using a function-like macro instead of a function can lead to unexpected program
+ *              behaviour.
+ * @kind problem
+ * @precision medium
+ * @problem.severity recommendation
+ * @tags external/misra/id/dir-4-9
+ *       external/misra/audit
+ *       maintainability
+ *       readability
+ *       external/misra/obligation/advisory
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.c.IrreplaceableFunctionLikeMacro
+
+predicate partOfConstantExpr(MacroInvocation i) {
+  exists(Expr e |
+    e.isConstant() and
+    not i.getExpr() = e and
+    i.getExpr().getParent+() = e
+  )
+}
+
+from FunctionLikeMacro m
+where
+  not isExcluded(m, Preprocessor6Package::functionOverFunctionLikeMacroQuery()) and
+  not m instanceof IrreplaceableFunctionLikeMacro and
+  //macros can have empty body
+  not m.getBody().length() = 0 and
+  //function call not allowed in a constant expression (where constant expr is parent)
+  forall(MacroInvocation i | i = m.getAnInvocation() | not partOfConstantExpr(i))
+select m, "Macro used instead of a function."

c/misra/src/rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql

@@ -0,0 +1,21 @@
+/**
+ * @id c/misra/emergent-language-features-used
+ * @name RULE-1-4: Emergent language features shall not be used
+ * @description Emergent language features may have unpredictable behavior and should not be used.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity warning
+ * @tags external/misra/id/rule-1-4
+ *       maintainability
+ *       readability
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.Emergent
+
+from C11::EmergentLanguageFeature ef
+where not isExcluded(ef, Language2Package::emergentLanguageFeaturesUsedQuery())
+select ef, "Usage of emergent language feature."
+

c/misra/src/rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql

@@ -1,4 +1,4 @@
 name: misra-c-coding-standards-tests
-version: 2.11.0-dev
+version: 2.12.0-dev
 libraryPathDependencies: misra-c-coding-standards
 extractor: cpp

c/misra/test/qlpack.yml

@@ -0,0 +1 @@
+cpp/common/test/rules/usageofassemblernotdocumented/UsageOfAssemblerNotDocumented.ql

c/misra/test/rules/DIR-4-2/UsageOfAssemblyLanguageShouldBeDocumented.testref

@@ -0,0 +1,2 @@
+| test.c:6:1:6:25 | #define MACRO4(x) (x + 1) | Macro used instead of a function. |
+| test.c:11:1:11:48 | #define MACRO9() printf_custom("output = %d", 7) | Macro used instead of a function. |

c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.expected

@@ -0,0 +1 @@
+rules/DIR-4-9/FunctionOverFunctionLikeMacro.ql

c/misra/test/rules/DIR-4-9/FunctionOverFunctionLikeMacro.qlref

@@ -0,0 +1,40 @@
+#include <assert.h>
+
+#define MACRO(OP, L, R) ((L)OP(R))                      // COMPLIANT
+#define MACRO2(L, R) (L + R)                            // COMPLIANT
+#define MACRO3(L, R) (L " " R " " L)                    // COMPLIANT
+#define MACRO4(x) (x + 1)                               // NON_COMPLIANT
+#define MACRO5(L, LR) (LR + 1)                          // COMPLIANT
+#define MACRO6(x) printf_custom("output = %d", test##x) // COMPLIANT
+#define MACRO7(x) #x                                    // COMPLIANT
+#define MACRO8(x) "NOP"                                 // COMPLIANT
+#define MACRO9() printf_custom("output = %d", 7)        // NON_COMPLIANT
+#define MACRO10(x)                                      // COMPLIANT
+#define MY_ASSERT(X) assert(X) // NON_COMPLIANT[FALSE_NEGATIVE]
+
+const char a1[MACRO2(1, 1) + 6];
+extern printf_custom();
+int test1;
+
+void f() {
+  int i = MACRO(+, 1, 1);
+  int i2 = MACRO2(7, 10);
+
+  static int i3 = MACRO2(1, 1);
+
+  char *i4 = MACRO3("prefix", "suffix");
+
+  int i5 = MACRO4(1);
+
+  int i6 = MACRO4(MACRO2(1, 1));
+
+  int i7 = MACRO5(1, 1);
+
+  MACRO6(1);
+
+  char *i10 = MACRO7("prefix");
+
+  asm(MACRO8(1));
+
+  MY_ASSERT(1);
+}

c/misra/test/rules/DIR-4-9/test.c

@@ -0,0 +1,15 @@
+| test.c:1:1:1:21 | #include <stdalign.h> | Usage of emergent language feature. |
+| test.c:2:1:2:22 | #include <stdatomic.h> | Usage of emergent language feature. |
+| test.c:3:1:3:24 | #include <stdnoreturn.h> | Usage of emergent language feature. |
+| test.c:4:1:4:20 | #include <threads.h> | Usage of emergent language feature. |
+| test.c:6:1:6:49 | #define MACRO(x) _Generic((x), int : 0, long : 1) | Usage of emergent language feature. |
+| test.c:7:1:7:32 | #define __STDC_WANT_LIB_EXT1__ 1 | Usage of emergent language feature. |
+| test.c:9:16:9:17 | f0 | Usage of emergent language feature. |
+| test.c:12:26:12:40 | atomic_new_type | Usage of emergent language feature. |
+| test.c:17:15:17:15 | i | Usage of emergent language feature. |
+| test.c:19:3:19:10 | alignas(...) | Usage of emergent language feature. |
+| test.c:20:3:20:9 | alignas(...) | Usage of emergent language feature. |
+| test.c:21:11:21:23 | alignof(int) | Usage of emergent language feature. |
+| test.c:22:12:22:23 | alignof(int) | Usage of emergent language feature. |
+| test.c:24:27:24:28 | i3 | Usage of emergent language feature. |
+| test.c:25:28:25:29 | i4 | Usage of emergent language feature. |

c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.expected

@@ -0,0 +1 @@
+rules/RULE-1-4/EmergentLanguageFeaturesUsed.ql

c/misra/test/rules/RULE-1-4/EmergentLanguageFeaturesUsed.qlref

@@ -0,0 +1,26 @@
+#include <stdalign.h>    //NON_COMPLIANT
+#include <stdatomic.h>   //NON_COMPLIANT
+#include <stdnoreturn.h> //NON_COMPLIANT
+#include <threads.h>     //NON_COMPLIANT
+
+#define MACRO(x) _Generic((x), int : 0, long : 1) // NON_COMPLIANT
+#define __STDC_WANT_LIB_EXT1__ 1                  // NON_COMPLIANT
+
+_Noreturn void f0(); // NON_COMPLIANT
+
+typedef int new_type;                     // COMPLIANT
+typedef _Atomic new_type atomic_new_type; // NON_COMPLIANT
+
+void f(int p) {
+  int i0 = _Generic(p, int : 0, long : 1); // NON_COMPLIANT[FALSE_NEGATIVE]
+
+  _Atomic int i; // NON_COMPLIANT
+
+  _Alignas(4) int i1;    // NON_COMPLIANT
+  alignas(4) int i2;     // NON_COMPLIANT
+  int a = _Alignof(int); // NON_COMPLIANT
+  int a1 = alignof(int); // NON_COMPLIANT
+
+  static thread_local int i3;  // NON_COMPLIANT
+  static _Thread_local int i4; // NON_COMPLIANT
+}

c/misra/test/rules/RULE-1-4/test.c

@@ -0,0 +1,4 @@
+ - `EXP30-C` - `DependenceOnOrderOfFunctionArgumentsForSideEffects.ql`:
+   - Prefer the `GlobalValueNumbering` CodeQL library over the `GlobalValueNumberingImpl` library, as the former yields higher quality results and the latter is going to be deprecated. This also improves performance when multiple queries are evaluated, due to more sharing of intermediate computations.
+- `EXP50-CPP` - `DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.ql`:
+   - Prefer the `GlobalValueNumbering` CodeQL library over the `GlobalValueNumberingImpl` library, as the former yields higher quality results and the latter is going to be deprecated. This also improves performance when multiple queries are evaluated, due to more sharing of intermediate computations.

change_notes/2022-11-15-consistent-gvn-library0use.md

@@ -0,0 +1,3 @@
+ - `M27-0-1`
+   - `CstdioTypesUsed.ql` - Exclude `size_t` from this rule, as it can be provided by headers other than `<cstdio>`.
+   - `CstdioMacrosUsed.ql` - Exclude `NULL` from this rule, as it can be provided by headers other than `<cstdio>`.

change_notes/2022-11-21-null-sizet-not-cstdio.md

@@ -1,4 +1,4 @@
 name: autosar-cpp-coding-standards
-version: 2.11.0-dev
+version: 2.12.0-dev
 suites: codeql-suites
 libraryPathDependencies: common-cpp-coding-standards

cpp/autosar/src/qlpack.yml

@@ -64,13 +64,13 @@ class MakeSharedOrUnique extends FunctionCall, CandidateFunctionLocalHeapAllocat
  * An `AllocationExpr` that allocates heap memory, where the memory is freed on at least one path
  * through the enclosing function.
  */
-class AllocationExprFunctionLocal extends AllocationExpr, CandidateFunctionLocalHeapAllocationExpr {
+class AllocationExprFunctionLocal extends CandidateFunctionLocalHeapAllocationExpr instanceof AllocationExpr {
   AllocationExprFunctionLocal() {
     this.getSizeBytes() < 1024 and
     TaintTracking::localExprTaint(this, any(DeallocationExpr de).getFreedExpr())
   }
 
-  override int getHeapSizeBytes() { result = this.getSizeBytes() }
+  override int getHeapSizeBytes() { result = super.getSizeBytes() }
 
   DeallocationExpr getADeallocation() { TaintTracking::localExprTaint(this, result.getFreedExpr()) }
 

cpp/autosar/src/rules/A18-5-8/UnnecessaryUseOfDynamicStorage.ql

@@ -22,7 +22,7 @@ from MacroInvocation mi
 where
   not isExcluded(mi, BannedLibrariesPackage::cstdioMacrosUsedQuery()) and
   mi.getMacroName() in [
-      "BUFSIZ", "EOF", "FILENAME_MAX", "FOPEN_MAX", "L_tmpnam", "NULL", "TMP_MAX", "_IOFBF",
-      "IOLBF", "_IONBF", "SEEK_CUR", "SEEK_END", "SEEK_SET"
+      "BUFSIZ", "EOF", "FILENAME_MAX", "FOPEN_MAX", "L_tmpnam", "TMP_MAX", "_IOFBF", "IOLBF",
+      "_IONBF", "SEEK_CUR", "SEEK_END", "SEEK_SET"
     ]
 select mi, "Use of <cstdio> macro '" + mi.getMacroName() + "'."

cpp/autosar/src/rules/M27-0-1/CstdioMacrosUsed.ql

@@ -22,5 +22,5 @@ from TypeMention tm, UserType ut
 where
   not isExcluded(tm, BannedLibrariesPackage::cstdioTypesUsedQuery()) and
   ut = tm.getMentionedType() and
-  ut.hasGlobalOrStdName(["FILE", "fpos_t", "size_t"])
+  ut.hasGlobalOrStdName(["FILE", "fpos_t"])
 select tm, "Use of <cstdio> type '" + ut.getQualifiedName() + "'."

cpp/autosar/src/rules/M27-0-1/CstdioTypesUsed.ql

@@ -17,10 +17,10 @@
 
 import cpp
 import codingstandards.cpp.autosar
+import codingstandards.cpp.rules.usageofassemblernotdocumented.UsageOfAssemblerNotDocumented
 
-from AsmStmt a
-where
-  not isExcluded(a, BannedLibrariesPackage::usageOfAssemblerNotDocumentedQuery()) and
-  not exists(Comment c | c.getCommentedElement() = a) and
-  not a.isAffectedByMacro()
-select a, "Use of assembler is not documented."
+class UsageOfAssemblerNotDocumentedQuery extends UsageOfAssemblerNotDocumentedSharedQuery {
+  UsageOfAssemblerNotDocumentedQuery() {
+    this = BannedLibrariesPackage::usageOfAssemblerNotDocumentedQuery()
+  }
+}

cpp/autosar/src/rules/M7-4-1/UsageOfAssemblerNotDocumented.ql

@@ -1,4 +1,4 @@
 name: autosar-cpp-coding-standards-tests
-version: 2.11.0-dev
+version: 2.12.0-dev
 libraryPathDependencies: autosar-cpp-coding-standards
 extractor: cpp

cpp/autosar/test/qlpack.yml

@@ -7,4 +7,3 @@
 | test.cpp:30:29:30:37 | FOPEN_MAX | Use of <cstdio> macro 'FOPEN_MAX'. |
 | test.cpp:41:14:41:16 | EOF | Use of <cstdio> macro 'EOF'. |
 | test.cpp:50:24:50:31 | SEEK_SET | Use of <cstdio> macro 'SEEK_SET'. |
-| test.cpp:60:10:60:13 | NULL | Use of <cstdio> macro 'NULL'. |

cpp/autosar/test/rules/M27-0-1/CstdioMacrosUsed.expected

@@ -1,7 +1,4 @@
 | test.cpp:4:8:4:11 | type mention | Use of <cstdio> type 'std::FILE'. |
 | test.cpp:6:8:6:13 | type mention | Use of <cstdio> type 'std::fpos_t'. |
-| test.cpp:20:18:20:23 | type mention | Use of <cstdio> type 'size_t'. |
-| test.cpp:21:18:21:23 | type mention | Use of <cstdio> type 'size_t'. |
 | test.cpp:34:3:34:6 | type mention | Use of <cstdio> type 'FILE'. |
 | test.cpp:36:3:36:8 | type mention | Use of <cstdio> type 'fpos_t'. |
-| test.cpp:50:14:50:19 | type mention | Use of <cstdio> type 'size_t'. |

cpp/autosar/test/rules/M27-0-1/CstdioTypesUsed.expected

@@ -57,5 +57,5 @@ void *test_cstdio_is_used() {
   printf("foo");     // NON_COMPLIANT
   puts("all done!"); // NON_COMPLIANT
 
-  return NULL; // NON_COMPLIANT
+  return NULL; // COMPLIANT - NULL is not uniquely defined by cstdio
 }