Merge branch 'main' into feat-type-member-alias-a14-5-2

Author: lcartey

c/misra/src/codingstandards/c/misra/EssentialTypes.qll

@@ -130,12 +130,17 @@ EssentialTypeCategory getEssentialTypeCategory(Type type) {
     essentialType.(IntegralType).isSigned() and
     not essentialType instanceof PlainCharType
     or
+    // Anonymous enums are considered to be signed
+    result = EssentiallySignedType() and
+    essentialType instanceof AnonymousEnumType and
+    not essentialType instanceof MisraBoolType
+    or
     result = EssentiallyUnsignedType() and
     essentialType.(IntegralType).isUnsigned() and
     not essentialType instanceof PlainCharType
     or
     result = EssentiallyEnumType() and
-    essentialType instanceof Enum and
+    essentialType instanceof NamedEnumType and
     not essentialType instanceof MisraBoolType
     or
     result = EssentiallyFloatingType() and
@@ -348,16 +353,51 @@ class EssentialBinaryArithmeticExpr extends EssentialExpr, BinaryArithmeticOpera
   }
 }
 
+/**
+ * A named Enum type, as per D.5.
+ */
+class NamedEnumType extends Enum {
+  NamedEnumType() {
+    not isAnonymous()
+    or
+    exists(Type useOfEnum | this = useOfEnum.stripType() |
+      exists(TypedefType t | t.getBaseType() = useOfEnum)
+      or
+      exists(Function f | f.getType() = useOfEnum or f.getAParameter().getType() = useOfEnum)
+      or
+      exists(Struct s | s.getAField().getType() = useOfEnum)
+      or
+      exists(Variable v | v.getType() = useOfEnum)
+    )
+  }
+}
+
+/**
+ * An anonymous Enum type, as per D.5.
+ */
+class AnonymousEnumType extends Enum {
+  AnonymousEnumType() { not this instanceof NamedEnumType }
+}
+
+/**
+ * The EssentialType of an EnumConstantAccess, which may be essentially enum or essentially signed.
+ */
 class EssentialEnumConstantAccess extends EssentialExpr, EnumConstantAccess {
-  override Type getEssentialType() { result = getTarget().getDeclaringEnum() }
+  override Type getEssentialType() {
+    exists(Enum e | e = getTarget().getDeclaringEnum() |
+      if e instanceof NamedEnumType then result = e else result = stlr(this)
+    )
+  }
 }
 
 class EssentialLiteral extends EssentialExpr, Literal {
   override Type getEssentialType() {
     if this instanceof BooleanLiteral
-    then result instanceof MisraBoolType
+    then
+      // This returns a multitude of types - not sure if we really want that
+      result instanceof MisraBoolType
     else (
-      if this.(CharLiteral).getCharacter().length() = 1
+      if this instanceof CharLiteral
       then result instanceof PlainCharType
       else
         exists(Type underlyingStandardType |

c/misra/src/rules/RULE-10-4/OperandsWithMismatchedEssentialTypeCategory.ql

@@ -38,7 +38,7 @@ where
     // be reported as non-compliant.
     leftOpTypeCategory = EssentiallyEnumType() and
     rightOpTypeCategory = EssentiallyEnumType() and
-    not leftOpEssentialType = rightOpEssentialType and
+    not leftOpEssentialType.getUnspecifiedType() = rightOpEssentialType.getUnspecifiedType() and
     message =
       "The operands of this operator with usual arithmetic conversions have mismatched essentially Enum types (left operand: "
         + leftOpEssentialType + ", right operand: " + rightOpEssentialType + ")."

c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql

@@ -19,7 +19,7 @@ import codingstandards.cpp.Pointers
 from Cast cast, VoidPointerType type, PointerToObjectType newType
 where
   not isExcluded(cast, Pointers1Package::conversionFromPointerToVoidIntoPointerToObjectQuery()) and
-  type = cast.getExpr().getUnderlyingType() and
+  type = cast.getExpr().getUnspecifiedType() and
   newType = cast.getUnderlyingType() and
   not isNullPointerConstant(cast.getExpr())
 select cast,

c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql

@@ -0,0 +1,45 @@
+/**
+ * @id c/misra/incorrectly-sized-integer-constant-macro-argument
+ * @name RULE-7-5: The argument of an integer constant macro shall have an appropriate size
+ * @description Integer constant macros argument values should be values of a compatible size.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-7-5
+ *       correctness
+ *       external/misra/c/2012/amendment3
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.IntegerConstantMacro
+import codingstandards.cpp.Literals
+
+predicate matchesSign(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) {
+  literal.isNegative() implies macro.isSigned()
+}
+
+predicate matchesSize(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) {
+  literal.getRawValue() <= macro.maxValue() and
+  literal.getRawValue() >= macro.minValue()
+}
+
+from
+  PossiblyNegativeLiteral literal, MacroInvocation invoke, IntegerConstantMacro macro,
+  string explanation
+where
+  not isExcluded(invoke, Types2Package::incorrectlySizedIntegerConstantMacroArgumentQuery()) and
+  invoke.getMacro() = macro and
+  literal = invoke.getExpr() and
+  (
+    not matchesSign(macro, literal) and
+    explanation = " cannot be negative"
+    or
+    matchesSign(macro, literal) and
+    // Wait for BigInt support to check 64 bit macro types.
+    macro.getSize() < 64 and
+    not matchesSize(macro, literal) and
+    explanation = " is outside of the allowed range " + macro.getRangeString()
+  )
+select literal, "Value provided to integer constant macro " + macro.getName() + explanation

c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql

@@ -0,0 +1,35 @@
+/**
+ * @id c/misra/integer-constant-macro-argument-uses-suffix
+ * @name RULE-7-5: The argument of an integer constant macro shall not use literal suffixes u, l, or ul
+ * @description Integer constant macros should be used integer literal values with no u/l suffix.
+ * @kind problem
+ * @precision high
+ * @problem.severity warning
+ * @tags external/misra/id/rule-7-5
+ *       readability
+ *       maintainability
+ *       external/misra/c/2012/amendment3
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.IntegerConstantMacro
+import codingstandards.cpp.Literals
+
+string argumentSuffix(MacroInvocation invoke) {
+  // Extractor strips the suffix unless we look at the unexpanded argument text.
+  // Unexpanded argument text can be malformed in all sorts of ways, so make
+  // this match relatively strict, to be safe.
+  result = invoke.getUnexpandedArgument(0).regexpCapture("([0-9]+|0[xX][0-9A-F]+)([uUlL]+)$", 2)
+}
+
+from MacroInvocation invoke, PossiblyNegativeLiteral argument, string suffix
+where
+  not isExcluded(invoke, Types2Package::integerConstantMacroArgumentUsesSuffixQuery()) and
+  invoke.getMacro() instanceof IntegerConstantMacro and
+  invoke.getExpr() = argument and
+  suffix = argumentSuffix(invoke)
+select argument,
+  "Value suffix '" + suffix + "' is not allowed on provided argument to integer constant macro " +
+    invoke.getMacroName() + "."

c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql

@@ -0,0 +1,30 @@
+/**
+ * @id c/misra/invalid-integer-constant-macro-argument
+ * @name RULE-7-5: The argument of an integer constant macro shall be a literal
+ * @description Integer constant macros should be given a literal value as an argument.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity warning
+ * @tags external/misra/id/rule-7-5
+ *       correctness
+ *       external/misra/c/2012/amendment3
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.IntegerConstantMacro
+import codingstandards.cpp.Literals
+import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
+
+from MacroInvocation invoke, IntegerConstantMacro macro
+where
+  not isExcluded(invoke, Types2Package::invalidIntegerConstantMacroArgumentQuery()) and
+  invoke.getMacro() = macro and
+  (
+    not invoke.getExpr() instanceof PossiblyNegativeLiteral
+    or
+    any(MacroInvocation inner).getParentInvocation() = invoke
+  )
+select invoke.getExpr(),
+  "Argument to integer constant macro " + macro.getName() + " must be an integer literal."

c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql

@@ -0,0 +1,77 @@
+/**
+ * @id c/misra/invalid-literal-for-integer-constant-macro-argument
+ * @name RULE-7-5: The argument of an integer constant macro shall be a decimal, hex, or octal literal
+ * @description Integer constant macro arguments should be a decimal, hex, or octal literal.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-7-5
+ *       correctness
+ *       external/misra/c/2012/amendment3
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.IntegerConstantMacro
+import codingstandards.cpp.Literals
+
+/**
+ * Floating point literals are not allowed. Neither are char or string
+ * literals, although those are not `NumericLiteral`s and therefore detected in
+ * `InvalidIntegerConstantMacroArgument.ql`.
+ */
+predicate validLiteralType(PossiblyNegativeLiteral literal) {
+  literal.getBaseLiteral() instanceof Cpp14Literal::DecimalLiteral or
+  literal.getBaseLiteral() instanceof Cpp14Literal::OctalLiteral or
+  literal.getBaseLiteral() instanceof Cpp14Literal::HexLiteral or
+  // Ignore cases where the AST/extractor don't give us enough information:
+  literal.getBaseLiteral() instanceof Cpp14Literal::UnrecognizedNumericLiteral
+}
+
+/**
+ * Clang accepts `xINTsize_C(0b01)`, and expands the argument into a decimal
+ * literal. Binary literals are not standard c nor are they allowed by rule 7-5.
+ * Detect this pattern before macro expansion.
+ */
+predicate seemsBinaryLiteral(MacroInvocation invoke) {
+  invoke.getUnexpandedArgument(0).regexpMatch("-?0[bB][01]+")
+}
+
+/**
+ * Extractor converts `xINTsize_C('a')` to a decimal literal. Therefore, detect
+ * this pattern before macro expansion.
+ */
+predicate seemsCharLiteral(MacroInvocation invoke) {
+  invoke.getUnexpandedArgument(0).regexpMatch("-?'\\\\?.'")
+}
+
+string explainIncorrectArgument(MacroInvocation invoke) {
+  if seemsBinaryLiteral(invoke)
+  then result = "binary literal"
+  else
+    if seemsCharLiteral(invoke)
+    then result = "char literal"
+    else
+      exists(PossiblyNegativeLiteral literal |
+        literal = invoke.getExpr() and
+        if literal.getBaseLiteral() instanceof Cpp14Literal::FloatingLiteral
+        then result = "floating point literal"
+        else result = "invalid literal"
+      )
+}
+
+from MacroInvocation invoke, PossiblyNegativeLiteral literal
+where
+  not isExcluded(invoke, Types2Package::invalidLiteralForIntegerConstantMacroArgumentQuery()) and
+  invoke.getMacro() instanceof IntegerConstantMacro and
+  literal = invoke.getExpr() and
+  (
+    not validLiteralType(literal) or
+    seemsBinaryLiteral(invoke) or
+    seemsCharLiteral(invoke)
+  )
+select literal,
+  "Integer constant macro " + invoke.getMacroName() + " used with " +
+    explainIncorrectArgument(invoke) +
+    " argument, only decimal, octal, or hex integer literal allowed."

c/misra/src/rules/RULE-7-6/UseOfBannedSmallIntegerConstantMacro.ql

@@ -0,0 +1,24 @@
+/**
+ * @id c/misra/use-of-banned-small-integer-constant-macro
+ * @name RULE-7-6: The small integer variants of the minimum-width integer constant macros shall not be used
+ * @description Small integer constant macros expression are promoted to type int, which can lead to
+ *              unexpected results.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity warning
+ * @tags external/misra/id/rule-7-6
+ *       readability
+ *       external/misra/c/2012/amendment3
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.IntegerConstantMacro
+
+from MacroInvocation macroInvoke, IntegerConstantMacro macro
+where
+  not isExcluded(macroInvoke, Types2Package::useOfBannedSmallIntegerConstantMacroQuery()) and
+  macroInvoke.getMacro() = macro and
+  macro.isSmall()
+select macroInvoke, "Usage of small integer constant macro " + macro.getName() + " is not allowed."

c/misra/test/c/misra/EssentialTypes.expected

@@ -1,3 +1,9 @@
+| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type |
+| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type |
+| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type |
+| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type |
+| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type |
+| file://:0:0:0:0 | 0 | signed char | signed char | essentially Signed type |
 | test.c:4:20:4:20 | 1 | signed char | signed char | essentially Signed type |
 | test.c:4:20:4:20 | (unsigned int)... | unsigned int | unsigned int | essentially Unsigned type |
 | test.c:5:23:5:23 | 1 | signed char | signed char | essentially Signed type |
@@ -73,3 +79,14 @@
 | test.c:54:3:54:5 | ~ ... | int | int | essentially Signed type |
 | test.c:54:4:54:5 | (int)... | int | int | essentially Signed type |
 | test.c:54:4:54:5 | ss | signed short | signed short | essentially Signed type |
+| test.c:63:30:63:32 | ((unnamed enum))... | (unnamed enum) | (unnamed enum) | essentially Enum Type |
+| test.c:63:30:63:32 | EC5 | (unnamed enum) | (unnamed enum) | essentially Enum Type |
+| test.c:70:3:70:5 | EC1 | signed char | signed char | essentially Signed type |
+| test.c:71:3:71:5 | EC2 | E1 | E1 | essentially Enum Type |
+| test.c:72:3:72:5 | EC3 | (unnamed enum) | (unnamed enum) | essentially Enum Type |
+| test.c:73:3:73:5 | EC4 | (unnamed enum) | (unnamed enum) | essentially Enum Type |
+| test.c:74:3:74:5 | EC5 | (unnamed enum) | (unnamed enum) | essentially Enum Type |
+| test.c:75:3:75:5 | EC6 | (unnamed enum) | (unnamed enum) | essentially Enum Type |
+| test.c:79:3:79:5 | 97 | char | char | essentially Character type |
+| test.c:80:3:80:6 | 10 | char | char | essentially Character type |
+| test.c:81:3:81:6 | 0 | char | char | essentially Character type |

c/misra/test/c/misra/test.c

@@ -52,4 +52,31 @@ void testUnary() {
   ~us; // Should be essentially unsigned
   ~s;  // Should be essentially signed
   ~ss; // Should be essentially signed
+}
+
+enum { EC1 };
+enum E1 { EC2 };
+typedef enum { EC3 } E2;
+
+enum { EC4 } g;
+
+enum { EC5 } test() { return EC5; }
+
+struct S1 {
+  enum { EC6 } m;
+};
+
+void testEnums() {
+  EC1; // Should be essentially signed
+  EC2; // Should be essentially enum
+  EC3; // Should be essentially enum
+  EC4; // Should be essentially enum
+  EC5; // Should be essentially enum
+  EC6; // Should be essentially enum
+}
+
+void testControlChar() {
+  'a';  // Essentially char
+  '\n'; // Essentially char
+  '\0'; // Essentially char
 }

c/misra/test/rules/RULE-10-4/test.c

@@ -33,4 +33,13 @@ void testOps() {
   A < A;     // COMPLIANT
   e1a < e2a; // NON_COMPLIANT
   A < D;     // NON_COMPLIANT
+
+  enum { G };
+  s32 + G;   // COMPLIANT
+  c == '\n'; // COMPLIANT
+
+  typedef enum { H } E3;
+
+  E3 e3a = H;
+  e3a < H; // COMPLIANT
 }

c/misra/test/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.expected

@@ -2,3 +2,7 @@
 | test.c:14:8:14:9 | (int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (int). |
 | test.c:15:8:15:25 | (int *)... | Cast performed between a pointer to object type (short) and a pointer to a different object type (int). |
 | test.c:15:15:15:25 | (short *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (short). |
+| test.c:20:3:20:17 | (const int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (const int). |
+| test.c:21:3:21:16 | (int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (int). |
+| test.c:22:20:22:21 | (int *)... | Cast performed between a pointer to object type (char) and a pointer to a different object type (int). |
+| test.c:23:3:23:18 | (long long *)... | Cast performed between a pointer to object type (int) and a pointer to a different object type (long long). |