Implement Types2 package.

Break up integer constant macro rules into several queries to make it easier to
handle exceptions and deviations.

Author: MichaelRFairhurst

c/misra/src/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql

@@ -0,0 +1,44 @@
+/**
+ * @id c/misra/incorrectly-sized-integer-constant-macro-argument
+ * @name RULE-7-5: The argument of an integer constant macro shall have an appropriate size
+ * @description Integer constant macros argument values should be values of a compatible size
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-7-5
+ *       correctness
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.IntegerConstantMacro
+import codingstandards.cpp.Literals
+
+predicate matchesSign(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) {
+  literal.isNegative() implies macro.isSigned()
+}
+
+predicate matchesSize(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) {
+  // Wait for BigInt support to check 64 bit macro types.
+  (macro.getSize() < 64 and matchesSign(macro, literal))
+  implies
+  (
+    literal.getRawValue() <= macro.maxValue() and
+    literal.getRawValue() >= macro.minValue()
+  )
+}
+
+from
+  PossiblyNegativeLiteral literal, MacroInvocation invoke, IntegerConstantMacro macro,
+  string explanation
+where
+  not isExcluded(invoke, Types2Package::incorrectlySizedIntegerConstantMacroArgumentQuery()) and
+  invoke.getMacro() = macro and
+  literal = invoke.getExpr() and
+  (
+    not matchesSign(macro, invoke.getExpr()) and explanation = "cannot be negative"
+    or
+    not matchesSize(macro, invoke.getExpr()) and explanation = "is too large for the specified type"
+  )
+select invoke.getExpr(), "Integer constant macro value " + explanation

c/misra/src/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql

@@ -0,0 +1,29 @@
+/**
+ * @id c/misra/integer-constant-macro-argument-uses-suffix
+ * @name RULE-7-5: The argument of an integer constant macro shall not use literal suffixes u, l, or ul
+ * @description Integer constant macros should be used integer literal values with no u/l suffix.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-7-5
+ *       readability
+ *       maintainability
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.IntegerConstantMacro
+import codingstandards.cpp.Literals
+
+predicate usesSuffix(MacroInvocation invoke) {
+  invoke.getUnexpandedArgument(0).regexpMatch(".*[uUlL]")
+}
+
+from MacroInvocation invoke, PossiblyNegativeLiteral argument
+where
+  not isExcluded(invoke, Types2Package::integerConstantMacroArgumentUsesSuffixQuery()) and
+  invoke.getMacro() instanceof IntegerConstantMacro and
+  invoke.getExpr() = argument and
+  usesSuffix(invoke)
+select invoke.getExpr(), "Integer constant macro arguments should not have 'u'/'l' suffix."

c/misra/src/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.ql

@@ -1,8 +1,7 @@
 /**
  * @id c/misra/invalid-integer-constant-macro-argument
- * @name RULE-7-5: The argument of an integer constant macro shall have an appropriate form
- * @description Integer constant macros should be given appropriate values for the size of the
- *              integer type.
+ * @name RULE-7-5: The argument of an integer constant macro shall be a literal
+ * @description Integer constant macros should be given a literal value as an argument
  * @kind problem
  * @precision very-high
  * @problem.severity error
@@ -14,73 +13,29 @@
 import cpp
 import codingstandards.c.misra
 import codingstandards.cpp.IntegerConstantMacro
-import codingstandards.cpp.Cpp14Literal
+import codingstandards.cpp.Literals
 import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
 
-abstract class PossiblyNegativeLiteral extends Expr {
-  abstract Cpp14Literal::IntegerLiteral getBaseLiteral();
-
-  predicate isNegative() {
-    this instanceof NegativeLiteral
-  }
-}
-
-class NegativeLiteral extends PossiblyNegativeLiteral, UnaryMinusExpr {
-  Cpp14Literal::IntegerLiteral literal;
-
-  NegativeLiteral() {
-    literal = getOperand()
-  }
-
-  override Cpp14Literal::IntegerLiteral getBaseLiteral() {
-    result = literal
-  }
-}
-
-class PositiveLiteral extends PossiblyNegativeLiteral, Cpp14Literal::IntegerLiteral {
-  PositiveLiteral() {
-    not exists(UnaryMinusExpr l | l.getOperand() = this)
-  }
-
-  override Cpp14Literal::IntegerLiteral getBaseLiteral() {
-    result = this
-  }
-}
-
-predicate validExpr(Expr expr) {
-  expr instanceof PossiblyNegativeLiteral
-}
-
-predicate usesSuffix(MacroInvocation invoke) {
-  invoke.getUnexpandedArgument(0).regexpMatch(".*[uUlL]")
-}
-
-predicate matchedSign(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) {
-  literal.isNegative() implies macro.isSigned()
-}
-
-predicate validLiteralType(PossiblyNegativeLiteral expr) {
-  expr.getBaseLiteral() instanceof Cpp14Literal::DecimalLiteral or
-  expr.getBaseLiteral() instanceof Cpp14Literal::OctalLiteral or
-  expr.getBaseLiteral() instanceof Cpp14Literal::HexLiteral
-}
-
-predicate matchesSize(IntegerConstantMacro macro, PossiblyNegativeLiteral literal) {
-  // Note: upperBound should equal lowerBound.
-  upperBound(literal) <= macro.maxValue() and
-  lowerBound(literal) >= macro.minValue() and exists("123".toBigInt())
+/**
+ * The max negative 64 bit signed integer is one less than the negative of the
+ * max positive signed 64 bit integer. The only way to create a "negative"
+ * literal is to use unary- negation of a positive literal. Therefore, clang
+ * (and likely other compilers) rejects `INT64_C(-92233...808)` but accepts
+ * `INT64_C(-92233...807 - 1)`. Therefore, in this case allow non-literal
+ * expressions.
+ */
+predicate specialMaxNegative64Exception(IntegerConstantMacro macro, Expr expr) {
+  macro.getSize() = 64 and
+  macro.isSigned() and
+  // Set a cutoff with precision, fix once BigInt library is available.
+  upperBound(expr) < macro.minValue() * 0.999999999 and
+  upperBound(expr) > macro.minValue() * 1.000000001
 }
 
-from MacroInvocation invoke, IntegerConstantMacro macro, string explanation
+from MacroInvocation invoke, IntegerConstantMacro macro
 where
   not isExcluded(invoke, Types2Package::invalidIntegerConstantMacroArgumentQuery()) and
   invoke.getMacro() = macro and
-  (
-    (not validExpr(invoke.getExpr()) and explanation = "invalid expression") or
-    (validLiteralType(invoke.getExpr()) and explanation = "invalid literal type" + invoke.getExpr().getAQlClass()) or
-    (usesSuffix(invoke) and explanation = "literal suffixes not allowed") or
-    (not matchedSign(macro, invoke.getExpr()) and explanation = "signed/unsigned mismatch") or
-    (not matchesSize(macro, invoke.getExpr()) and explanation  = "invalid size")
-  )
-  
-select invoke.getExpr(), "Invalid integer constant macro: " + explanation
+  not invoke.getExpr() instanceof PossiblyNegativeLiteral and
+  not specialMaxNegative64Exception(macro, invoke.getExpr())
+select invoke.getExpr(), "Integer constant macro argument must be an integer literal."

c/misra/src/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql

@@ -0,0 +1,47 @@
+/**
+ * @id c/misra/invalid-literal-for-integer-constant-macro-argument
+ * @name RULE-7-5: The argument of an integer constant macro shall be a decimal, hex, or octal literal
+ * @description Integer constant macro arguments should be a decimal, hex, or octal literal
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-7-5
+ *       correctness
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.cpp.IntegerConstantMacro
+import codingstandards.cpp.Literals
+
+/**
+ * Floating point literals are not allowed. Neither are char or string
+ * literals, although those are not `NumericLiteral`s and therefore detected in
+ * `InvalidIntegerConstantMacroArgument.ql`.
+ */
+predicate validLiteralType(PossiblyNegativeLiteral literal) {
+  literal.getBaseLiteral() instanceof Cpp14Literal::DecimalLiteral or
+  literal.getBaseLiteral() instanceof Cpp14Literal::OctalLiteral or
+  literal.getBaseLiteral() instanceof Cpp14Literal::HexLiteral
+}
+
+/**
+ * Clang accepts `xINTsize_C(0b01)`, and expands the argument into a decimal
+ * literal. Binary literals are not standard c nor are they allowed by rule 7-5.
+ * Detect this pattern before macro expansion.
+ */
+predicate seemsBinaryLiteral(MacroInvocation invoke) {
+  invoke.getUnexpandedArgument(0).regexpMatch("0[bB][01]+")
+}
+
+from MacroInvocation invoke, PossiblyNegativeLiteral literal
+where
+  not isExcluded(invoke, Types2Package::invalidLiteralForIntegerConstantMacroArgumentQuery()) and
+  invoke.getMacro() instanceof IntegerConstantMacro and
+  literal = invoke.getExpr() and
+  (
+    not validLiteralType(literal) or
+    seemsBinaryLiteral(invoke)
+  )
+select literal, "Integer constant macro arguments must be a decimal, octal, or hex integer literal."

c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.expected

@@ -0,0 +1,28 @@
+| test.c:26:13:26:15 | 256 | Integer constant macro value is too large for the specified type |
+| test.c:27:13:27:16 | 256 | Integer constant macro value is too large for the specified type |
+| test.c:28:13:28:17 | 256 | Integer constant macro value is too large for the specified type |
+| test.c:31:13:31:14 | - ... | Integer constant macro value cannot be negative |
+| test.c:32:13:32:15 | - ... | Integer constant macro value cannot be negative |
+| test.c:33:13:33:15 | - ... | Integer constant macro value cannot be negative |
+| test.c:34:13:34:17 | - ... | Integer constant macro value cannot be negative |
+| test.c:55:12:55:14 | 128 | Integer constant macro value is too large for the specified type |
+| test.c:56:12:56:15 | 128 | Integer constant macro value is too large for the specified type |
+| test.c:57:12:57:15 | 128 | Integer constant macro value is too large for the specified type |
+| test.c:61:12:61:15 | - ... | Integer constant macro value is too large for the specified type |
+| test.c:62:12:62:16 | - ... | Integer constant macro value is too large for the specified type |
+| test.c:63:12:63:16 | - ... | Integer constant macro value is too large for the specified type |
+| test.c:76:14:76:18 | 65536 | Integer constant macro value is too large for the specified type |
+| test.c:77:14:77:20 | 65536 | Integer constant macro value is too large for the specified type |
+| test.c:78:14:78:20 | 65536 | Integer constant macro value is too large for the specified type |
+| test.c:91:13:91:17 | 32768 | Integer constant macro value is too large for the specified type |
+| test.c:92:13:92:19 | 32768 | Integer constant macro value is too large for the specified type |
+| test.c:93:13:93:18 | 32768 | Integer constant macro value is too large for the specified type |
+| test.c:97:13:97:18 | - ... | Integer constant macro value is too large for the specified type |
+| test.c:98:13:98:20 | - ... | Integer constant macro value is too large for the specified type |
+| test.c:99:13:99:19 | - ... | Integer constant macro value is too large for the specified type |
+| test.c:109:14:109:24 | 4294967296 | Integer constant macro value is too large for the specified type |
+| test.c:110:14:110:25 | 4294967296 | Integer constant macro value is too large for the specified type |
+| test.c:120:13:120:22 | 2147483648 | Integer constant macro value is too large for the specified type |
+| test.c:121:13:121:22 | 2147483648 | Integer constant macro value is too large for the specified type |
+| test.c:124:13:124:23 | - ... | Integer constant macro value is too large for the specified type |
+| test.c:125:13:125:23 | - ... | Integer constant macro value is too large for the specified type |

c/misra/test/rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.qlref

@@ -0,0 +1 @@
+rules/RULE-7-5/IncorrectlySizedIntegerConstantMacroArgument.ql

c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.expected

@@ -0,0 +1,5 @@
+| test.c:16:13:16:14 | 1 | Integer constant macro arguments should not have 'u'/'l' suffix. |
+| test.c:17:13:17:14 | 2 | Integer constant macro arguments should not have 'u'/'l' suffix. |
+| test.c:18:13:18:14 | 3 | Integer constant macro arguments should not have 'u'/'l' suffix. |
+| test.c:19:13:19:14 | 4 | Integer constant macro arguments should not have 'u'/'l' suffix. |
+| test.c:20:13:20:15 | 5 | Integer constant macro arguments should not have 'u'/'l' suffix. |

c/misra/test/rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.qlref

@@ -0,0 +1 @@
+rules/RULE-7-5/IntegerConstantMacroArgumentUsesSuffix.ql

c/misra/test/rules/RULE-7-5/InvalidIntegerConstantMacroArgument.expected

@@ -1,55 +1,5 @@
-| test.c:12:13:12:15 | 1.0 | Invalid integer constant macro: invalid literal type |
-| test.c:13:13:12:15 | 0b111 | Invalid integer constant macro: invalid literal type |
-| test.c:16:13:16:14 | 1 | Invalid integer constant macro: literal suffixes not allowed |
-| test.c:17:13:17:14 | 2 | Invalid integer constant macro: literal suffixes not allowed |
-| test.c:18:13:18:14 | 3 | Invalid integer constant macro: literal suffixes not allowed |
-| test.c:19:13:19:14 | 4 | Invalid integer constant macro: literal suffixes not allowed |
-| test.c:20:13:20:15 | 5 | Invalid integer constant macro: literal suffixes not allowed |
-| test.c:26:13:26:15 | 256 | Invalid integer constant macro: invalid size |
-| test.c:27:13:27:16 | 256 | Invalid integer constant macro: invalid size |
-| test.c:28:13:28:17 | 256 | Invalid integer constant macro: invalid size |
-| test.c:31:13:31:14 | - ... | Invalid integer constant macro: signed/unsigned mismatch |
-| test.c:32:13:32:15 | - ... | Invalid integer constant macro: signed/unsigned mismatch |
-| test.c:33:13:33:15 | - ... | Invalid integer constant macro: signed/unsigned mismatch |
-| test.c:34:13:34:17 | - ... | Invalid integer constant macro: signed/unsigned mismatch |
-| test.c:37:13:37:17 | ... + ... | Invalid integer constant macro: invalid expression |
-| test.c:38:13:38:18 | access to array | Invalid integer constant macro: invalid expression |
-| test.c:39:13:39:18 | access to array | Invalid integer constant macro: invalid expression |
-| test.c:40:13:39:18 | UINT8_MAX | Invalid integer constant macro: invalid expression |
-| test.c:54:12:54:15 | 191 | Invalid integer constant macro: invalid size |
-| test.c:55:12:55:14 | 255 | Invalid integer constant macro: invalid size |
-| test.c:56:12:56:15 | 192 | Invalid integer constant macro: invalid size |
-| test.c:57:12:57:15 | 128 | Invalid integer constant macro: invalid size |
-| test.c:61:12:57:15 | -129 | Invalid integer constant macro: invalid size |
-| test.c:62:12:57:15 | -129 | Invalid integer constant macro: invalid size |
-| test.c:63:12:57:15 | -201 | Invalid integer constant macro: invalid size |
-| test.c:64:12:57:15 | -0x81 | Invalid integer constant macro: invalid size |
-| test.c:76:14:76:18 | 65536 | Invalid integer constant macro: invalid size |
-| test.c:78:14:78:20 | 65536 | Invalid integer constant macro: invalid size |
-| test.c:91:13:91:17 | 32768 | Invalid integer constant macro: invalid size |
-| test.c:93:13:93:18 | 32768 | Invalid integer constant macro: invalid size |
-| test.c:97:13:93:18 | -32769 | Invalid integer constant macro: invalid size |
-| test.c:98:13:93:18 | -040001 | Invalid integer constant macro: invalid size |
-| test.c:99:13:93:18 | -0x8001 | Invalid integer constant macro: invalid size |
-| test.c:109:14:109:24 | 4294967296 | Invalid integer constant macro: invalid size |
-| test.c:110:14:110:25 | 4294967296 | Invalid integer constant macro: invalid size |
-| test.c:120:13:120:22 | 2147483648 | Invalid integer constant macro: invalid size |
-| test.c:121:13:121:23 | 34359738368 | Invalid integer constant macro: invalid size |
-| test.c:130:14:130:15 | 0 | Invalid integer constant macro: invalid size |
-| test.c:133:14:133:34 | 18446744073709551615 | Invalid integer constant macro: invalid size |
-| test.c:134:14:134:32 | 18446744073709551615 | Invalid integer constant macro: invalid size |
-| test.c:140:13:140:14 | 0 | Invalid integer constant macro: invalid size |
-| test.c:143:13:143:32 | 9223372036854775807 | Invalid integer constant macro: invalid size |
-| test.c:147:13:147:33 | - ... | Invalid integer constant macro: invalid size |
-| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: invalid expression |
-| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: invalid literal type |
-| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: invalid size |
-| test.c:148:13:148:37 | ... - ... | Invalid integer constant macro: signed/unsigned mismatch |
-| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: invalid expression |
-| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: invalid literal type |
-| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: invalid size |
-| test.c:150:13:150:37 | ... - ... | Invalid integer constant macro: signed/unsigned mismatch |
-| test.c:152:13:152:31 | 9223372036854775807 | Invalid integer constant macro: invalid size |
-| test.c:153:13:153:31 | 9223372036854775808 | Invalid integer constant macro: invalid size |
-| test.c:154:13:154:31 | - ... | Invalid integer constant macro: invalid size |
-| test.c:155:13:155:30 | - ... | Invalid integer constant macro: invalid size |
+| test.c:37:13:37:17 | ... + ... | Integer constant macro argument must be an integer literal. |
+| test.c:38:13:38:18 | access to array | Integer constant macro argument must be an integer literal. |
+| test.c:39:13:39:19 | access to array | Integer constant macro argument must be an integer literal. |
+| test.c:152:13:152:37 | ... - ... | Integer constant macro argument must be an integer literal. |
+| test.c:153:13:153:47 | ... - ... | Integer constant macro argument must be an integer literal. |

c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.expected

@@ -0,0 +1,2 @@
+| test.c:12:13:12:15 | 1.0 | Integer constant macro arguments must be a decimal, octal, or hex integer literal. |
+| test.c:13:13:13:17 | 7 | Integer constant macro arguments must be a decimal, octal, or hex integer literal. |

c/misra/test/rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.qlref

@@ -0,0 +1 @@
+rules/RULE-7-5/InvalidLiteralForIntegerConstantMacroArgument.ql