Merge pull request #938 from github/jeongsoolee09/MISRA-C++-2023-Statements

Implement "Statements" package

Author: jeongsoolee09

cpp/common/src/codingstandards/cpp/Loops.qll

@@ -374,3 +374,40 @@ predicate isInvalidLoop(ForStmt forLoop, string reason, Locatable reasonLocation
   reason = "its $@ is not a boolean" and
   reasonLabel = "loop control variable"
 }
+
+/**
+ * A comparison expression that has the minimum qualification as being a valid termination
+ * condition of a legacy for-loop. It is characterized by a value read from a variable being
+ * compared to a value, which is supposed to be the loop bound.
+ */
+class LegacyForLoopCondition extends RelationalOperation {
+  /**
+   * The legacy for-loop this relational operation is a condition of.
+   */
+  ForStmt forLoop;
+  VariableAccess loopCounter;
+  Expr loopBound;
+
+  LegacyForLoopCondition() {
+    this = forLoop.getCondition() and
+    loopCounter = this.getAnOperand() and
+    loopBound = this.getAnOperand() and
+    loopCounter.getTarget() = getAnIterationVariable(forLoop) and
+    loopBound != loopCounter
+  }
+
+  /**
+   * Gets the for-loop this expression is a termination condition of.
+   */
+  ForStmt getForLoop() { result = forLoop }
+
+  /**
+   * Gets the variable access to the loop counter variable, appearing in this loop condition.
+   */
+  VariableAccess getLoopCounter() { result = loopCounter }
+
+  /**
+   * Gets the variable access to the loop bound variable, appearing in this loop condition.
+   */
+  Expr getLoopBound() { result = loopBound }
+}

cpp/common/src/codingstandards/cpp/ast/Increment.qll

@@ -0,0 +1,76 @@
+/**
+ * Provides a library for working with expressions that update the value
+ * of a numeric variable by incrementing or decrementing it by a certain
+ * amount.
+ */
+
+import cpp
+
+private class AssignAddOrSubExpr extends AssignArithmeticOperation {
+  AssignAddOrSubExpr() {
+    this instanceof AssignAddExpr or
+    this instanceof AssignSubExpr
+  }
+}
+
+private class AddOrSubExpr extends BinaryArithmeticOperation {
+  AddOrSubExpr() {
+    this instanceof AddExpr or
+    this instanceof SubExpr
+  }
+}
+
+/**
+ * An expression that updates a numeric variable by adding to or subtracting
+ * from it a certain amount.
+ */
+abstract class StepCrementUpdateExpr extends Expr {
+  /**
+   * The expression in the abstract syntax tree that represents the amount of
+   * value by which the variable is updated.
+   */
+  abstract Expr getAmountExpr();
+}
+
+/**
+ * An increment or decrement operator application, either postfix or prefix.
+ */
+class PostfixOrPrefixCrementExpr extends CrementOperation, StepCrementUpdateExpr {
+  override Expr getAmountExpr() { none() }
+}
+
+/**
+ * An add-then-assign or subtract-then-assign expression in a shortened form,
+ * i.e. `+=` or `-=`.
+ */
+class AssignAddOrSubUpdateExpr extends AssignAddOrSubExpr, StepCrementUpdateExpr {
+  override Expr getAmountExpr() { result = this.getRValue() }
+}
+
+/**
+ * An add-then-assign expression or a subtract-then-assign expression, i.e.
+ * `x = x + E` or `x = x - E`, where `x` is some variable and `E` an
+ * arbitrary expression.
+ */
+class AddOrSubThenAssignExpr extends AssignExpr, StepCrementUpdateExpr {
+  /** The `x` as in the left-hand side of `x = x + E`. */
+  VariableAccess lvalueVariable;
+  /** The `x + E` as in `x = x + E`. */
+  AddOrSubExpr addOrSubExpr;
+  /** The `E` as in `x = x + E`. */
+  Expr amountExpr;
+
+  AddOrSubThenAssignExpr() {
+    this.getLValue() = lvalueVariable and
+    this.getRValue() = addOrSubExpr and
+    exists(VariableAccess lvalueVariableAsRvalue |
+      lvalueVariableAsRvalue = addOrSubExpr.getAnOperand() and
+      amountExpr = addOrSubExpr.getAnOperand() and
+      lvalueVariableAsRvalue != amountExpr
+    |
+      lvalueVariable.getTarget() = lvalueVariableAsRvalue.(VariableAccess).getTarget()
+    )
+  }
+
+  override Expr getAmountExpr() { result = amountExpr }
+}

cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll

@@ -50,6 +50,7 @@ import SideEffects1
 import SideEffects2
 import SmartPointers1
 import SmartPointers2
+import Statements
 import Strings
 import Templates
 import Toolchain
@@ -108,6 +109,7 @@ newtype TCPPQuery =
   TSideEffects2PackageQuery(SideEffects2Query q) or
   TSmartPointers1PackageQuery(SmartPointers1Query q) or
   TSmartPointers2PackageQuery(SmartPointers2Query q) or
+  TStatementsPackageQuery(StatementsQuery q) or
   TStringsPackageQuery(StringsQuery q) or
   TTemplatesPackageQuery(TemplatesQuery q) or
   TToolchainPackageQuery(ToolchainQuery q) or
@@ -166,6 +168,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat
   isSideEffects2QueryMetadata(query, queryId, ruleId, category) or
   isSmartPointers1QueryMetadata(query, queryId, ruleId, category) or
   isSmartPointers2QueryMetadata(query, queryId, ruleId, category) or
+  isStatementsQueryMetadata(query, queryId, ruleId, category) or
   isStringsQueryMetadata(query, queryId, ruleId, category) or
   isTemplatesQueryMetadata(query, queryId, ruleId, category) or
   isToolchainQueryMetadata(query, queryId, ruleId, category) or

cpp/common/src/codingstandards/cpp/exclusions/cpp/Statements.qll

@@ -0,0 +1,61 @@
+//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY.  **/
+import cpp
+import RuleMetadata
+import codingstandards.cpp.exclusions.RuleMetadata
+
+newtype StatementsQuery =
+  TAppropriateStructureOfSwitchStatementQuery() or
+  TLegacyForStatementsShouldBeSimpleQuery() or
+  TForRangeInitializerAtMostOneFunctionCallQuery()
+
+predicate isStatementsQueryMetadata(Query query, string queryId, string ruleId, string category) {
+  query =
+    // `Query` instance for the `appropriateStructureOfSwitchStatement` query
+    StatementsPackage::appropriateStructureOfSwitchStatementQuery() and
+  queryId =
+    // `@id` for the `appropriateStructureOfSwitchStatement` query
+    "cpp/misra/appropriate-structure-of-switch-statement" and
+  ruleId = "RULE-9-4-2" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `legacyForStatementsShouldBeSimple` query
+    StatementsPackage::legacyForStatementsShouldBeSimpleQuery() and
+  queryId =
+    // `@id` for the `legacyForStatementsShouldBeSimple` query
+    "cpp/misra/legacy-for-statements-should-be-simple" and
+  ruleId = "RULE-9-5-1" and
+  category = "advisory"
+  or
+  query =
+    // `Query` instance for the `forRangeInitializerAtMostOneFunctionCall` query
+    StatementsPackage::forRangeInitializerAtMostOneFunctionCallQuery() and
+  queryId =
+    // `@id` for the `forRangeInitializerAtMostOneFunctionCall` query
+    "cpp/misra/for-range-initializer-at-most-one-function-call" and
+  ruleId = "RULE-9-5-2" and
+  category = "required"
+}
+
+module StatementsPackage {
+  Query appropriateStructureOfSwitchStatementQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `appropriateStructureOfSwitchStatement` query
+      TQueryCPP(TStatementsPackageQuery(TAppropriateStructureOfSwitchStatementQuery()))
+  }
+
+  Query legacyForStatementsShouldBeSimpleQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `legacyForStatementsShouldBeSimple` query
+      TQueryCPP(TStatementsPackageQuery(TLegacyForStatementsShouldBeSimpleQuery()))
+  }
+
+  Query forRangeInitializerAtMostOneFunctionCallQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `forRangeInitializerAtMostOneFunctionCall` query
+      TQueryCPP(TStatementsPackageQuery(TForRangeInitializerAtMostOneFunctionCallQuery()))
+  }
+}

cpp/misra/src/rules/RULE-9-4-2/AppropriateStructureOfSwitchStatement.ql

@@ -0,0 +1,92 @@
+/**
+ * @id cpp/misra/appropriate-structure-of-switch-statement
+ * @name RULE-9-4-2: The structure of a switch statement shall be appropriate
+ * @description A switch statement should have an appropriate structure with proper cases, default
+ *              labels, and break statements to ensure clear control flow and prevent unintended
+ *              fall-through behavior.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-9-4-2
+ *       correctness
+ *       maintainability
+ *       readability
+ *       external/misra/allocated-target/single-translation-unit
+ *       external/misra/enforcement/decidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+import codingstandards.cpp.SwitchStatement
+import codingstandards.cpp.Noreturn
+
+from SwitchStmt switch, string message
+where
+  not isExcluded(switch, StatementsPackage::appropriateStructureOfSwitchStatementQuery()) and
+  /* 1. There is a statement that appears as an initializer and is not a declaration statement. */
+  exists(Stmt initializer | initializer = switch.getInitialization() |
+    not initializer instanceof DeclStmt
+  ) and
+  message = "contains a statement that is not a simple declaration"
+  or
+  /* 2. There is a switch case label that does not lead a branch (i.e. a switch case label is nested). */
+  exists(SwitchCase case | case = switch.getASwitchCase() | case instanceof NestedSwitchCase) and
+  message = "contains a switch label that is not directly within the switch body"
+  or
+  /* 3. There is a non-case label in a label group. */
+  exists(SwitchCase case | case = switch.getASwitchCase() |
+    case.getAStmt().getChildStmt*() instanceof LabelStmt
+  ) and
+  message = "contains a statement label that is not a case label"
+  or
+  /* 4. There is a statement before the first case label. */
+  exists(Stmt switchBody | switchBody = switch.getStmt() |
+    not switchBody.getChild(0) instanceof SwitchCase
+  ) and
+  message = "has a statement that is not a case label as its first element"
+  or
+  /* 5. There is a switch case whose terminator is not one of the allowed kinds. */
+  exists(SwitchCase case, Stmt lastStmt |
+    case = switch.getASwitchCase() and lastStmt = case.getLastStmt()
+  |
+    not (
+      lastStmt instanceof BreakStmt or
+      lastStmt instanceof ReturnStmt or
+      lastStmt instanceof GotoStmt or
+      lastStmt instanceof ContinueStmt or
+      lastStmt.(ExprStmt).getExpr() instanceof ThrowExpr or
+      lastStmt.(ExprStmt).getExpr().(Call).getTarget() instanceof NoreturnFunction or
+      lastStmt.getAnAttribute().getName().matches("%fallthrough") // We'd like to consider compiler variants such as `clang::fallthrough`.
+    )
+  ) and
+  message = "is missing a terminator that moves the control out of its body"
+  or
+  /* 6. The switch statement does not have more than two unique branches. */
+  count(SwitchCase case |
+    case = switch.getASwitchCase() and
+    /*
+     * If the next switch case is the following statement of this switch case, then the two
+     * switch cases are consecutive and should be considered as constituting one branch
+     * together.
+     */
+
+    not case.getNextSwitchCase() = case.getFollowingStmt()
+  |
+    case
+  ) < 2 and
+  message = "contains less than two branches"
+  or
+  /* 7-1. The switch statement is not an enum switch statement and is missing a default case. */
+  not switch instanceof EnumSwitch and
+  not switch.hasDefaultCase() and
+  message = "lacks a default case"
+  or
+  /*
+   * 7-2. The switch statement is an enum switch statement and is missing a branch for a
+   * variant.
+   */
+
+  exists(switch.(EnumSwitch).getAMissingCase()) and
+  message = "lacks a case for one of its variants"
+select switch, "Switch statement " + message + "."