Merge branch 'main' into michaelrfairhurst/implement-concurrency9-package

Author: nicolaswill

.github/workflows/upgrade_codeql_dependencies.yml

@@ -53,7 +53,7 @@ jobs:
           find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
         with:
           title: "Upgrade `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}"
           body: |

amendments.csv

@@ -1,50 +1,50 @@
 language,standard,amendment,rule_id,supportable,implementation_category,implemented,difficulty
-c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,No,Easy
+c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,Yes,Easy
 c,MISRA-C-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy
 c,MISRA-C-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import
 c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy
-c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,No,Easy
-c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,No,Easy
-c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,No,Import
-c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,No,Easy
-c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,No,Import
-c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,No,Import
+c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,Yes,Easy
+c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,Yes,Easy
+c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,Yes,Import
+c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,Yes,Easy
+c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,Yes,Import
+c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,Yes,Import
 c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy
-c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy
-c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy
-c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard
+c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,Yes,Easy
+c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,Yes,Easy
+c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,Yes,Very Hard
 c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium
 c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,Yes,Easy
 c,MISRA-C-2012,Amendment4,RULE-2-2,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-2-7,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Amendment4,RULE-3-1,Yes,Refine,No,Easy
+c,MISRA-C-2012,Amendment4,RULE-3-1,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Amendment4,RULE-8-6,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-8-9,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-9-4,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-10-1,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-18-3,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-1-4,Yes,Replace,No,Easy
-c,MISRA-C-2012,Amendment4,RULE-9-1,Yes,Refine,No,Easy
+c,MISRA-C-2012,Amendment4,RULE-9-1,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Amendment4,RULE-9-2,Yes,Refine,No,Import
 c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-8-7,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-10-3,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-11-3,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-11-6,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-13-2,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-13-6,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-15-7,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-17-4,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-17-5,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-20-14,No,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-21-19,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,No,Easy
-c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,Yes,Import
+c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,Yes,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,Yes,Import

c/cert/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cert-c-coding-standards
-version: 2.42.0-dev
+version: 2.44.0-dev
 description: CERT C 2016
 suites: codeql-suites
 license: MIT

c/cert/src/rules/PRE31-C/SideEffectsInArgumentsToUnsafeMacros.ql

@@ -15,7 +15,6 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Macro
 import codingstandards.cpp.SideEffect
-import codingstandards.cpp.StructuralEquivalence
 import codingstandards.cpp.sideeffect.DefaultEffects
 import codingstandards.cpp.sideeffect.Customizations
 import semmle.code.cpp.valuenumbering.HashCons

c/cert/test/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cert-c-coding-standards-tests
-version: 2.42.0-dev
+version: 2.44.0-dev
 extractor: cpp
 license: MIT
 dependencies:

c/common/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/common-c-coding-standards
-version: 2.42.0-dev
+version: 2.44.0-dev
 license: MIT
 dependencies:
   codeql/common-cpp-coding-standards: '*'

c/common/test/includes/standard-library/stdatomic.h

@@ -1,4 +1,5 @@
 #define ATOMIC_VAR_INIT(value) (value)
+#define atomic_init __c11_atomic_init
 #define atomic_is_lock_free(obj) __c11_atomic_is_lock_free(sizeof(*(obj)))
 typedef _Atomic(int) atomic_int;
 

c/common/test/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/common-c-coding-standards-tests
-version: 2.42.0-dev
+version: 2.44.0-dev
 extractor: cpp
 license: MIT
 dependencies:

c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected

@@ -1,5 +1,5 @@
-| test.c:4:13:4:18 | ... + ... | Array pointer p2 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
-| test.c:5:13:5:18 | ... + ... | Array pointer p3 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
-| test.c:6:13:6:18 | & ... | Array pointer p4 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
-| test.c:11:8:11:11 | ... -- | Array pointer p7 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
-| test.c:12:8:12:9 | p3 | Array pointer p8 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:4:13:4:18 | ... + ... | Array pointer p2 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:5:13:5:18 | ... + ... | Array pointer p3 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:6:13:6:18 | & ... | Array pointer p4 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:11:8:11:11 | ... -- | Array pointer p7 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:12:8:12:9 | p3 | Array pointer p8 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |

c/common/test/rules/readofuninitializedmemory/test.c

@@ -94,4 +94,6 @@ void test_non_default_init() {
   static struct A ss;
   use_struct_A(
       ss); // COMPLIANT - static struct type variables are zero initialized
+  _Atomic int x;
+  use_int(x); // COMPLIANT - atomics are special, covered by other rules
 }

c/misra/src/codingstandards/c/misra/EssentialTypes.qll

@@ -6,13 +6,17 @@ import codingstandards.c.misra
 import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils
 import MisraExpressions
 
+newtype TEssentialFloatCategory =
+  Real() or
+  Complex()
+
 newtype TEssentialTypeCategory =
   EssentiallyBooleanType() or
   EssentiallyCharacterType() or
   EssentiallyEnumType() or
   EssentiallySignedType() or
   EssentiallyUnsignedType() or
-  EssentiallyFloatingType()
+  EssentiallyFloatingType(TEssentialFloatCategory c)
 
 /** An essential type category, as specified by Appendix D.1. */
 class EssentialTypeCategory extends TEssentialTypeCategory {
@@ -27,7 +31,9 @@ class EssentialTypeCategory extends TEssentialTypeCategory {
     or
     this = EssentiallyUnsignedType() and result = "essentially Unsigned type"
     or
-    this = EssentiallyFloatingType() and result = "essentially Floating type"
+    this = EssentiallyFloatingType(Real()) and result = "essentially Floating type"
+    or
+    this = EssentiallyFloatingType(Complex()) and result = "essentially Complex Floating type"
   }
 }
 
@@ -145,8 +151,11 @@ EssentialTypeCategory getEssentialTypeCategory(Type type) {
     essentialType instanceof NamedEnumType and
     not essentialType instanceof MisraBoolType
     or
-    result = EssentiallyFloatingType() and
-    essentialType instanceof FloatingPointType
+    result = EssentiallyFloatingType(Real()) and
+    essentialType instanceof RealNumberType
+    or
+    result = EssentiallyFloatingType(Complex()) and
+    essentialType instanceof ComplexNumberType
   )
 }
 
@@ -168,6 +177,17 @@ Type getEssentialType(Expr e) {
 
 Type getEssentialTypeBeforeConversions(Expr e) { result = e.(EssentialExpr).getEssentialType() }
 
+/**
+ * For most essential types, `Type.getSize()` is correct, except for complex floating types.
+ *
+ * For complex floating types, the size is the size of the real part, so we divide by 2.
+ */
+int getEssentialSize(Type essentialType) {
+  if getEssentialTypeCategory(essentialType) = EssentiallyFloatingType(Complex())
+  then result = essentialType.getSize() / 2
+  else result = essentialType.getSize()
+}
+
 class EssentialExpr extends Expr {
   Type getEssentialType() { result = this.getType() }
 
@@ -308,12 +328,14 @@ class EssentialBinaryOperationSubjectToUsualConversions extends EssentialExpr, B
     exists(
       Type leftEssentialType, Type rightEssentialType,
       EssentialTypeCategory leftEssentialTypeCategory,
-      EssentialTypeCategory rightEssentialTypeCategory
+      EssentialTypeCategory rightEssentialTypeCategory, int intTypeSize
     |
       leftEssentialType = getEssentialType(getLeftOperand()) and
       rightEssentialType = getEssentialType(getRightOperand()) and
       leftEssentialTypeCategory = getEssentialTypeCategory(leftEssentialType) and
-      rightEssentialTypeCategory = getEssentialTypeCategory(rightEssentialType)
+      rightEssentialTypeCategory = getEssentialTypeCategory(rightEssentialType) and
+      // For rules around addition/subtraction with char types:
+      intTypeSize = any(IntType i | i.isSigned()).getSize()
     |
       if
         leftEssentialTypeCategory = rightEssentialTypeCategory and
@@ -336,14 +358,18 @@ class EssentialBinaryOperationSubjectToUsualConversions extends EssentialExpr, B
 class EssentialAddExpr extends EssentialBinaryOperationSubjectToUsualConversions, AddExpr {
   override Type getEssentialType() {
     exists(
-      EssentialTypeCategory operandTypeCategory, EssentialTypeCategory otherOperandTypeCategory
+      Type otherOperandType, EssentialTypeCategory operandTypeCategory,
+      EssentialTypeCategory otherOperandTypeCategory, int intTypeSize
     |
       operandTypeCategory = getEssentialTypeCategory(getEssentialType(getAnOperand())) and
-      otherOperandTypeCategory = getEssentialTypeCategory(getEssentialType(getAnOperand()))
+      otherOperandType = getEssentialType(getAnOperand()) and
+      otherOperandTypeCategory = getEssentialTypeCategory(otherOperandType) and
+      intTypeSize = any(IntType i).getSize()
     |
       if
         operandTypeCategory = EssentiallyCharacterType() and
-        otherOperandTypeCategory instanceof EssentiallySignedOrUnsignedType
+        otherOperandTypeCategory instanceof EssentiallySignedOrUnsignedType and
+        otherOperandType.getSize() <= intTypeSize
       then result instanceof PlainCharType
       else result = super.getEssentialType()
     )
@@ -356,15 +382,18 @@ class EssentialAddExpr extends EssentialBinaryOperationSubjectToUsualConversions
 class EssentialSubExpr extends EssentialBinaryOperationSubjectToUsualConversions, SubExpr {
   override Type getEssentialType() {
     exists(
-      EssentialTypeCategory leftEssentialTypeCategory,
-      EssentialTypeCategory rightEssentialTypeCategory
+      EssentialTypeCategory leftEssentialTypeCategory, Type rightEssentialType,
+      EssentialTypeCategory rightEssentialTypeCategory, int intTypeSize
     |
       leftEssentialTypeCategory = getEssentialTypeCategory(getEssentialType(getLeftOperand())) and
-      rightEssentialTypeCategory = getEssentialTypeCategory(getEssentialType(getRightOperand()))
+      rightEssentialType = getEssentialType(getRightOperand()) and
+      rightEssentialTypeCategory = getEssentialTypeCategory(rightEssentialType) and
+      intTypeSize = any(IntType i).getSize()
     |
       if
         leftEssentialTypeCategory = EssentiallyCharacterType() and
-        rightEssentialTypeCategory instanceof EssentiallySignedOrUnsignedType
+        rightEssentialTypeCategory instanceof EssentiallySignedOrUnsignedType and
+        rightEssentialType.getSize() <= intTypeSize
       then result instanceof PlainCharType
       else result = super.getEssentialType()
     )

c/misra/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/misra-c-coding-standards
-version: 2.42.0-dev
+version: 2.44.0-dev
 description: MISRA C 2012
 suites: codeql-suites
 license: MIT

c/misra/src/rules/DIR-4-6/PlainNumericalTypeUsedOverExplicitTypedef.ql

@@ -29,6 +29,8 @@ class BuiltInNumericType extends BuiltInType {
     this instanceof DoubleType
     or
     this instanceof LongDoubleType
+    or
+    this instanceof ComplexNumberType
   }
 }
 
@@ -38,22 +40,64 @@ predicate forbiddenBuiltinNumericUsedInDecl(Variable var, string message) {
   message = "The type " + var.getType() + " is not a fixed-width numeric type."
 }
 
+class SizedTypeString extends string {
+  string pattern;
+  int size;
+
+  bindingset[this]
+  pragma[inline]
+  SizedTypeString() {
+    pattern = "(u?int|c?float)(4|8|16|32|64|128)_t" and
+    this.regexpMatch(pattern) and
+    size = this.regexpCapture(pattern, 2).toInt()
+  }
+
+  bindingset[this]
+  pragma[inline]
+  int getSize() { result = size }
+
+  bindingset[this]
+  pragma[inline]
+  predicate isComplex() { this.charAt(0) = "c" }
+}
+
+predicate forbiddenComplexType(CTypedefType typedef, string message) {
+  typedef.getName().(SizedTypeString).isComplex() and
+  (
+    if typedef.getBaseType().stripTopLevelSpecifiers() instanceof ComplexNumberType
+    then
+      typedef.getSize() * 8 != typedef.getName().(SizedTypeString).getSize() * 2 and
+      message = "The typedef type " + typedef.getName() + " does not have its indicated real size."
+    else message = "The typedef type " + typedef.getName() + " is not a complex type."
+  )
+}
+
+predicate forbiddenRealType(CTypedefType typedef, string message) {
+  not typedef.getName().(SizedTypeString).isComplex() and
+  (
+    if typedef.getBaseType().stripTopLevelSpecifiers() instanceof ComplexNumberType
+    then message = "The typedef name " + typedef.getName() + " does not indicate a complex type."
+    else (
+      typedef.getSize() * 8 != typedef.getName().(SizedTypeString).getSize() and
+      message = "The typedef type " + typedef.getName() + " does not have its indicated size."
+    )
+  )
+}
+
 predicate forbiddenTypedef(CTypedefType typedef, string message) {
   /* If the typedef's name contains an explicit size */
   (
-    if typedef.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t")
+    if typedef.getName() instanceof SizedTypeString
     then (
-      /* Then the actual type size should match. */
-      not typedef.getSize() * 8 =
-        // times 8 because getSize() gets the size in bytes
-        typedef.getName().regexpCapture("u?(int|float)(4|8|16|32|64|128)_t", 2).toInt() and
-      message = "The typedef type " + typedef.getName() + " does not have its indicated size."
+      forbiddenRealType(typedef, message)
+      or
+      forbiddenComplexType(typedef, message)
     ) else (
       (
         // type def is to a built in numeric type
         typedef.getBaseType() instanceof BuiltInNumericType and
         // but does not include the size in the name
-        not typedef.getName().regexpMatch("u?(int|float)(4|8|16|32|64|128)_t")
+        not typedef.getName() instanceof SizedTypeString
         or
         // this is a typedef to a forbidden type def
         forbiddenTypedef(typedef.getBaseType(), _)