Declarations5 cpp misra 2023

[knewbury01]

Description

Declarations 5

Change request type

• Release or process automation (GitHub workflows, internal scripts)
• Internal documentation
• External documentation
• Query files (.ql, .qll, .qls or unit tests)
• External scripts (analysis report or other code shipped as part of a release)

Rules with added or modified queries

• No rules added
• Queries have been added for the following rules:
  • RULE-6-9-1
  • RULE-6-8-4
• Queries have been modified for the following rules:
  • rule number here

Release change checklist

A change note (development_handbook.md#change-notes) is required for any pull request which modifies:

• The structure or layout of the release artifacts.
• The evaluation performance (memory, execution time) of an existing query.
• The results of an existing query in any circumstance.

If you are only adding new rule queries, a change note is not required.

Author: Is a change note required?

• Yes
• No

🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.

• Confirmed

Reviewer: Confirm that either a change note is not required or the change note is required and has been added.

• Confirmed

Query development review checklist

For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:

Author

• Have all the relevant rule package description files been checked in?
• Have you verified that the metadata properties of each new query is set appropriately?
• Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
• Are the alert messages properly formatted and consistent with the style guide?
• Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
  As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
• Does the query have an appropriate level of in-query comments/documentation?
• Have you considered/identified possible edge cases?
• Does the query not reinvent features in the standard library?
• Can the query be simplified further (not golfed!)

Reviewer

• Have all the relevant rule package description files been checked in?
• Have you verified that the metadata properties of each new query is set appropriately?
• Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
• Are the alert messages properly formatted and consistent with the style guide?
• Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
  As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
• Does the query have an appropriate level of in-query comments/documentation?
• Have you considered/identified possible edge cases?
• Does the query not reinvent features in the standard library?
• Can the query be simplified further (not golfed!)

[Copilot]

Pull request overview

Adds a new C++ MISRA-C++-2023 “Declarations5” rule package and introduces two new rule queries (RULE-6-8-4 and RULE-6-9-1), wiring them into rule metadata/exclusions and adding unit tests.

Changes:

• Add new CodeQL queries for RULE-6-8-4 and RULE-6-9-1 under the Declarations5 package.
• Add/route rule package metadata (rules.csv + rule_packages/cpp/Declarations5.json) and integrate the new package into exclusions metadata.
• Add unit tests (.qlref, .expected, test.cpp) for both new queries.

Show a summary per file

File	Description
rules.csv	Re-points RULE-6-8-4 and RULE-6-9-1 to the new Declarations5 package.
rule_packages/cpp/Declarations5.json	Defines rule-package metadata and query metadata for the two new rules.
cpp/misra/src/rules/RULE-6-8-4/MemberFunctionsRefqualified.ql	Implements the RULE-6-8-4 query logic.
cpp/misra/src/rules/RULE-6-9-1/TypeAliasesDeclaration.ql	Implements the RULE-6-9-1 query logic.
cpp/misra/test/rules/RULE-6-8-4/test.cpp	Adds test cases for ref-qualification rule behavior.
cpp/misra/test/rules/RULE-6-8-4/MemberFunctionsRefqualified.qlref	Connects tests to the production RULE-6-8-4 query.
cpp/misra/test/rules/RULE-6-8-4/MemberFunctionsRefqualified.expected	Adds expected results for RULE-6-8-4 tests.
cpp/misra/test/rules/RULE-6-9-1/test.cpp	Adds test cases for type-alias consistency across redeclarations.
cpp/misra/test/rules/RULE-6-9-1/TypeAliasesDeclaration.qlref	Connects tests to the production RULE-6-9-1 query.
cpp/misra/test/rules/RULE-6-9-1/TypeAliasesDeclaration.expected	Adds expected results for RULE-6-9-1 tests.
cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll	Registers the new Declarations5 package in the C++ exclusions metadata dispatcher.
cpp/common/src/codingstandards/cpp/exclusions/cpp/Declarations5.qll	Adds autogenerated metadata mappings and query constructors for the new package.

Copilot's findings

Comments suppressed due to low confidence (1)

cpp/misra/src/rules/RULE-6-8-4/MemberFunctionsRefqualified.ql:56

• MembersReturningSubObject currently matches return field; even when the function returns the field by value. This causes false positives (for example, an && overload that returns a subobject by value to avoid dangling references). The rule description is about returning references/pointers; please add a return-type guard so only reference/pointer returns are considered violations.

class MembersReturningSubObject extends MembersReturningObjectOrSubobject {
  MembersReturningSubObject() {
    exists(ReturnStmt r, FieldSubObjectDeclaration field |
      r.getEnclosingFunction() = this and
      (
        r.getAChild*() = field.(Field).getAnAccess()
        or
        exists(PointerDereferenceExpr p |
          p.getAChild*() = field.(Field).getAnAccess() and
          r.getAChild*() = p
        )
      ) and
      field.(Field).getDeclaringType() = this.getDeclaringType()
    )
  }

• Files reviewed: 12/12 changed files
• Comments generated: 6

[Copilot]

The query currently produces duplicate results for the same source location (see the repeated test.cpp:42:16 rows in the corresponding .expected). Please adjust the query to avoid duplicates (for example by selecting distinct results and/or normalizing template instantiation/uninstantiated locations similar to other MISRA queries).

Suggested change

	select f, "Member function is not properly ref qualified."
	select distinct f, "Member function is not properly ref qualified."

[Copilot]

The .expected output contains three identical rows for the same location (test.cpp:42:16). This indicates the query is emitting duplicates; tests should generally not codify duplicate results. Once the query is de-duplicated, update this expected file accordingly.

Suggested change

	| test.cpp:42:16:42:16 | Members returning object or subobject | Member function is not properly ref qualified. |
	| test.cpp:42:16:42:16 | Members returning object or subobject | Member function is not properly ref qualified. |

[Copilot]

The expected results for this rule report the primary location on INT i; (line 4), but the test marks extern int i; (line 5) as NON_COMPLIANT. Please align the NON_COMPLIANT annotation(s) with the location(s) the query reports (either move/add the annotation to line 4, or adjust the query to report line 5 as the primary location).

Suggested change

	INT i;
	extern int i; // NON_COMPLIANT
	INT i; // NON_COMPLIANT
	extern int i;