Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Initiate Types Rule Package and Implement MISRA RULE-6-1 and RULE-6-2 #174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 27 commits into from
Feb 2, 2023
Merged

Initiate Types Rule Package and Implement MISRA RULE-6-1 and RULE-6-2 #174

merged 27 commits into from
Feb 2, 2023

Conversation

jeongsoolee09
Copy link
Contributor

@jeongsoolee09 jeongsoolee09 commented Jan 26, 2023
edited by lcartey
Loading

Description

Implemented MISRA's RULE-6-1: Bit-fields shall only be declared with an appropriate type and MISRA's RULE-6-2: Single-bit named bit fields shall not be of a signed type.

Change request type

  • Release or process automation (GitHub workflows, internal scripts)
  • Internal documentation
  • External documentation
  • Query files (.ql, .qll, .qls or unit tests)
  • External scripts (analysis report or other code shipped as part of a release)

Rules with added or modified queries

  • No rules added
  • Queries have been added for the following rules:
    • RULE-6-1
    • RULE-6-2
  • Queries have been modified for the following rules:
    • rule number here

Release change checklist

A change note (development_handbook.md#change-notes) is required for any pull request which modifies:

  • The structure or layout of the release artifacts.
  • The evaluation performance (memory, execution time) of an existing query.
  • The results of an existing query in any circumstance.

If you are only adding new rule queries, a change note is not required.

Author: Is a change note required?

  • Yes
  • No

🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.

  • Confirmed

Reviewer: Confirm that either a change note is not required or the change note is required and has been added.

  • Confirmed

Query development review checklist

For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:

Author

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

Reviewer

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

@jeongsoolee09
Copy link
Contributor Author

The suggested cert-help-extraction.py seems to have a bug.

√ codeql-coding-standards % python3.9 scripts/help/cert-help-extraction.py 
ID: ARR39-C - Converting contents at https://wiki.sei.cmu.edu/confluence/display/c/ARR39-C.+Do+not+add+or+subtract+a+scaled+integer+to+a+pointer into Markdown help file for DoNotAddOrSubtractAScaledIntegerToAPointer
ID: ARR39-C - Didn't find heading 'CERT', going to update the headings 'Noncompliant Code Example, Compliant Solution, Related Vulnerabilities, Automated Detection, Risk Assessment, Description, Related Guidelines, Bibliography'.
ID: CON30-C - Converting contents at https://wiki.sei.cmu.edu/confluence/display/c/CON30-C.+Clean+up+thread-specific+storage into Markdown help file for CleanUpThreadSpecificStorage
ID: CON30-C - Didn't find heading 'CERT', going to update the headings 'Noncompliant Code Example, Compliant Solution, Related Vulnerabilities, Automated Detection, Risk Assessment, Description'.
ID: CON31-C - Converting contents at https://wiki.sei.cmu.edu/confluence/display/c/CON31-C.+Do+not+destroy+a+mutex+while+it+is+locked into Markdown help file for DoNotAllowAMutexToGoOutOfScopeWhileLocked
ID: CON31-C - Didn't find heading 'CERT', going to update the headings 'Noncompliant Code Example, Compliant Solution, Related Vulnerabilities, Automated Detection, Risk Assessment, Description, Related Guidelines, Bibliography, CERT-CWE Mapping Notes'.
ID: CON31-C - Converting contents at https://wiki.sei.cmu.edu/confluence/display/c/CON31-C.+Do+not+destroy+a+mutex+while+it+is+locked into Markdown help file for DoNotDestroyAMutexWhileItIsLocked
ID: CON31-C - Didn't find heading 'CERT', going to update the headings 'Noncompliant Code Example, Compliant Solution, Related Vulnerabilities, Automated Detection, Risk Assessment, Description, Related Guidelines, Bibliography, CERT-CWE Mapping Notes'.
ID: CON32-C - Converting contents at https://wiki.sei.cmu.edu/confluence/display/c/CON32-C.+Prevent+data+races+when+accessing+bit-fields+from+multiple+threads into Markdown help file for PreventDataRacesWithMultipleThreads
ID: CON32-C - Didn't find heading 'CERT', going to update the headings 'Related Vulnerabilities, Compliant Solution (Bit-field, C11, Mutex), Automated Detection, Risk Assessment, Description, Compliant Solution (C11), Bibliography, Noncompliant Code Example (Bit-field)'.
ID: CON33-C - Converting contents at https://wiki.sei.cmu.edu/confluence/display/c/CON33-C.+Avoid+race+conditions+when+using+library+functions into Markdown help file for RaceConditionsWhenUsingLibraryFunctions
ID: CON33-C - Didn't find heading 'CERT', going to update the headings 'Noncompliant Code Example, Compliant Solution (Annex K, strerror_s()), Related Vulnerabilities, Automated Detection, Risk Assessment, Description, Related Guidelines, Bibliography, Compliant Solution (POSIX, strerror_r()), CERT-CWE Mapping Notes'.
ID: CON34-C - Converting contents at https://wiki.sei.cmu.edu/confluence/display/c/CON34-C.+Declare+objects+shared+between+threads+with+appropriate+storage+durations into Markdown help file for AppropriateThreadObjectStorageDurations
Traceback (most recent call last):
  File "/Users/jslee/Work/WorkRepos/codeql-coding-standards/scripts/help/cert-help-extraction.py", line 526, in <module>
    if find_heading(parsed_help, 'CERT'):
  File "/Users/jslee/Work/WorkRepos/codeql-coding-standards/scripts/shared/markdown_helpers.py", line 98, in find_heading
    if get_heading_text(h) == heading:
  File "/Users/jslee/Work/WorkRepos/codeql-coding-standards/scripts/shared/markdown_helpers.py", line 108, in get_heading_text
    return heading.children[0].children
IndexError: list index out of range

@lcartey
Copy link
Collaborator

lcartey commented Jan 27, 2023

@jeongsoolee09 Can you please create a new package for your two rules? We don't want to generate and commit files for all 30 rules in the Types package, as we are not going to implement all of them.

I would recommend calling the new package BitfieldTypes. You can create it like this:

  1. Update rules.csv so that Rule 6.1 and Rule 6.2 are assigned to the new package (BitfieldTypes).
  2. Generate the BitfieldTypes c package description file.
  3. Copy any changes you made for Rule 6.1 and Rule 6.2 from the existing Types.json to the BitfieldTypes.json.
  4. Generate the package files for the new package.
  5. Delete any files from the types package.

Thanks!

@jeongsoolee09 jeongsoolee09 changed the title Initiate Types Rule Package and Implement MISRA RULE-6-1 Initiate Types Rule Package and Implement MISRA RULE-6-1 and RULE-6-2 Jan 27, 2023
@jeongsoolee09 jeongsoolee09 marked this pull request as draft January 27, 2023 17:34
@jeongsoolee09
Copy link
Contributor Author

I am changing this PR to draft to accommodate RULE-6-2 as well.

@jeongsoolee09
Copy link
Contributor Author

Undone Types and made a small rule package called BitfieldTypes.

@jeongsoolee09 jeongsoolee09 marked this pull request as ready for review January 27, 2023 22:12
lcartey
lcartey requested changes Jan 31, 2023
View reviewed changes
Copy link
Collaborator

@lcartey lcartey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just a couple of changes.

c/misra/test/rules/RULE-6-2/test.c Outdated Show resolved Hide resolved
c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql Outdated Show resolved Hide resolved
c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql Outdated Show resolved Hide resolved
c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql Outdated Show resolved Hide resolved
c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql Outdated Show resolved Hide resolved
lcartey
lcartey reviewed Jan 31, 2023
View reviewed changes
rule_packages/c/Types.json Outdated Show resolved Hide resolved
@jeongsoolee09
Copy link
Contributor Author

We can ignore implementation-specific integer types: GCC and Clang does not define any additional types that are equivalent to int.

@jeongsoolee09 jeongsoolee09 requested a review from lcartey February 1, 2023 01:07
lcartey
lcartey requested changes Feb 1, 2023
View reviewed changes
Copy link
Collaborator

@lcartey lcartey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One minor change, otherwise looks good!

c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql Outdated Show resolved Hide resolved
@jeongsoolee09
refine RULE-6-1
3e96c5f 
Use the fact that `resolveTypedefs` is an identity operation with
types that have no type alias (typedef).
@jeongsoolee09 jeongsoolee09 merged commit b18a89e into main Feb 2, 2023
@jeongsoolee09 jeongsoolee09 deleted the jeongsoolee09/misra6-1_and_misra6-2 branch February 2, 2023 09:05
rvermeulen
rvermeulen reviewed Feb 3, 2023
View reviewed changes
c/misra/test/rules/RULE-6-2/test.c Show resolved Hide resolved
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rvermeulen rvermeulen rvermeulen left review comments

@lcartey lcartey lcartey approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Coding Standards Public Development Board
Status: No status
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jeongsoolee09 @lcartey @rvermeulen
Morty Proxy This is a proxified and sanitized view of the page, visit original site.