Merge branch 'main' into michaelrfairhurst/package-deadcode-9-rule-0-2-3

Author: mbaluda

c/misra/src/rules/RULE-18-9/ArrayToPointerConversionOfTemporaryObject.ql

@@ -16,6 +16,7 @@
 import cpp
 import codingstandards.c.misra
 import codingstandards.c.Objects
+import codingstandards.cpp.Expr
 
 /**
  * Holds if the value of an expression is used or stored.
@@ -37,32 +38,14 @@ predicate isUsedOrStored(Expr e) {
   e = any(ClassAggregateLiteral l).getAFieldExpr(_)
 }
 
-/**
- * Find expressions that defer their value directly to an inner expression
- * value.
- *
- * When an array is on the rhs of a comma expr, or in the then/else branch of a
- * ternary expr, and the result us used as a pointer, then the ArrayToPointer
- * conversion is marked inside comma expr/ternary expr, on the operands. These
- * conversions are only non-compliant if they flow into an operation or store.
- *
- * Full flow analysis with localFlowStep should not be necessary, and may cast a
- * wider net than needed for some queries, potentially resulting in false
- * positives.
- */
-Expr temporaryObjectFlowStep(Expr e) {
-  e = result.(CommaExpr).getRightOperand()
-  or
-  e = result.(ConditionalExpr).getThen()
-  or
-  e = result.(ConditionalExpr).getElse()
-}
-
 from FieldAccess fa, TemporaryObjectIdentity temporary, ArrayToPointerConversion conversion
 where
   not isExcluded(conversion, InvalidMemory3Package::arrayToPointerConversionOfTemporaryObjectQuery()) and
   fa = temporary.getASubobjectAccess() and
   conversion.getExpr() = fa and
-  isUsedOrStored(temporaryObjectFlowStep*(conversion.getExpr()))
+  exists(Expr useOrStore |
+    temporaryObjectFlowStep*(conversion.getExpr(), useOrStore) and
+    isUsedOrStored(useOrStore)
+  )
 select conversion, "Array to pointer conversion of array $@ from temporary object $@.",
   fa.getTarget(), fa.getTarget().getName(), temporary, temporary.toString()

change_notes/2025-05-20-update-integer-literal-lexing.md

@@ -0,0 +1,2 @@
+ - All queries related to integer suffixes:
+   - No visible changes expected: the regex for parsing integer suffixes, and how they are treated after lexing, has been refactored.

change_notes/2025-06-03-refactor-temporary-object-flow-step.md

@@ -0,0 +1,2 @@
+ - `RULE-18-9` - `ArraytoPointerConversionOfTemporaryObject.ql`
+   - The behavior for finding flow steps of temporary objects (for example, from ternary branches to the ternary expr result) has been extracted for reuse in other rules, no visible changes expected.

change_notes/2026-02-12-linkage-changes-and-unused-variable-reorganization.md

@@ -0,0 +1,6 @@
+ - All rules using `Linkage.qll`:
+   - `extern const` global variables are now properly analyzed as having external linkage, rather than internal linkage.
+   - Linkage analysis has been fixed to properly handle nested classes, including anonymous and typedefs of anonymous classes.
+   - Linkage for names within classes with internal linkage is now properly inherited as internal, rather than external.
+ - `M0-1-3`, `RULE-2-8` - `UnusedLocalVariable.ql`, `UnusedMemberVariable.ql`, `UnusedGlobalOrNamespaceVariable.ql`, `UnusedObjectDefinition.ql`, `UnusedObjectDefinitionStrict.ql`:
+   - The organization of unused variable analysis has been reorganized to be usable in MISRA C++ rule 0.2.1, with no expected noticeable change in results.

change_notes/2026-02-22-shared-default-initialization-logic.md

@@ -0,0 +1,3 @@
+ - `A3-3-2` - `StaticOrThreadLocalObjectsNonConstantInit`:
+   - The checks for non-constant initialization have been moved to be usable in other queries, such as MISRA C++23 Rule 6.7.2.
+   - No visible changes in query results expected.

cpp/autosar/src/rules/A3-3-2/StaticOrThreadLocalObjectsNonConstantInit.ql

@@ -15,100 +15,7 @@
 
 import cpp
 import codingstandards.cpp.autosar
-
-/**
- * Holds if `e` is a full expression or `AggregateLiteral` in the initializer of a
- * `StaticStorageDurationVariable`.
- *
- * Although `AggregateLiteral`s are expressions according to our model, they are not considered
- * expressions from the perspective of the standard. Therefore, we should consider components of
- * aggregate literals within static initializers to also be full expressions.
- */
-private predicate isFullExprOrAggregateInStaticInitializer(Expr e) {
-  exists(StaticStorageDurationVariable var | e = var.getInitializer().getExpr())
-  or
-  isFullExprOrAggregateInStaticInitializer(e.getParent().(AggregateLiteral))
-}
-
-/**
- * Holds if `e` is a non-constant full expression in a static initializer, for the given `reason`
- * and `reasonElement`.
- */
-private predicate nonConstantFullExprInStaticInitializer(
-  Expr e, Element reasonElement, string reason
-) {
-  isFullExprOrAggregateInStaticInitializer(e) and
-  if e instanceof AggregateLiteral
-  then
-    // If this is an aggregate literal, we apply this recursively
-    nonConstantFullExprInStaticInitializer(e.getAChild(), reasonElement, reason)
-  else (
-    // Otherwise we check this component to determine if it is constant
-    not (
-      e.getFullyConverted().isConstant() or
-      e.(Call).getTarget().isConstexpr() or
-      e.(VariableAccess).getTarget().isConstexpr()
-    ) and
-    reason = "uses a non-constant element in the initialization" and
-    reasonElement = e
-  )
-}
-
-/**
- * A `ConstructorCall` that does not represent a constant initializer for an object according to
- * `[basic.start.init]`.
- *
- * In addition to identifying `ConstructorCall`s which are not constant initializers, this also
- * provides an explanatory "reason" for why this constructor is not considered to be a constant
- * initializer.
- */
-predicate isNotConstantInitializer(ConstructorCall cc, Element reasonElement, string reason) {
-  // Must call a constexpr constructor
-  not cc.getTarget().isConstexpr() and
-  reason =
-    "calls the " + cc.getTarget().getName() + "(..) constructor which is not marked as constexpr" and
-  reasonElement = cc
-  or
-  // And all arguments must either be constant, or themselves call constexpr constructors
-  cc.getTarget().isConstexpr() and
-  exists(Expr arg | arg = cc.getAnArgument() |
-    isNotConstantInitializer(arg, reasonElement, reason)
-    or
-    not arg instanceof ConstructorCall and
-    not arg.getFullyConverted().isConstant() and
-    not arg.(Call).getTarget().isConstexpr() and
-    not arg.(VariableAccess).getTarget().isConstexpr() and
-    reason = "includes a non constant " + arg.getType() + " argument to a constexpr constructor" and
-    reasonElement = arg
-  )
-}
-
-/**
- * Identifies if a `StaticStorageDurationVariable` is not constant initialized according to
- * `[basic.start.init]`.
- */
-predicate isNotConstantInitialized(
-  StaticStorageDurationVariable v, string reason, Element reasonElement
-) {
-  if v.getInitializer().getExpr() instanceof ConstructorCall
-  then
-    // (2.2) if initialized by a constructor call, then that constructor call must be a constant
-    // initializer for the variable to be constant initialized
-    isNotConstantInitializer(v.getInitializer().getExpr(), reasonElement, reason)
-  else
-    // (2.3) If it is not initialized by a constructor call, then it must be the case that every full
-    // expr in the initializer is a constant expression or that the object was "value initialized"
-    // but without a constructor call. For value initialization, there are two non-constructor call
-    // cases to consider:
-    //
-    //  1. The object was zero initialized - in which case, the extractor does not include a
-    //     constructor call - instead, it has a blank aggregate literal, or no initializer.
-    //  2. The object is an array, which will be initialized by an aggregate literal.
-    //
-    // In both cases it is sufficient for us to find a non-constant full expression in the static
-    // initializer
-    nonConstantFullExprInStaticInitializer(v.getInitializer().getExpr(), reasonElement, reason)
-}
+import codingstandards.cpp.orderofevaluation.Initialization
 
 from StaticStorageDurationVariable staticOrThreadLocalVar, string reason, Element reasonElement
 where

cpp/autosar/src/rules/M0-1-3/UnusedGlobalOrNamespaceVariable.ql

@@ -18,11 +18,6 @@ import cpp
 import codingstandards.cpp.autosar
 import codingstandards.cpp.deadcode.UnusedVariables
 
-from PotentiallyUnusedGlobalOrNamespaceVariable v
-where
-  not isExcluded(v, DeadCodePackage::unusedGlobalOrNamespaceVariableQuery()) and
-  // No variable access
-  not exists(v.getAnAccess()) and
-  // Exclude members whose value is compile time and is potentially used to inintialize a template
-  not maybeACompileTimeTemplateArgument(v)
+from FullyUnusedGlobalOrNamespaceVariable v
+where not isExcluded(v, DeadCodePackage::unusedGlobalOrNamespaceVariableQuery())
 select v, "Variable '" + v.getQualifiedName() + "' is unused."

cpp/autosar/src/rules/M0-1-3/UnusedLocalVariable.ql

@@ -18,58 +18,6 @@ import cpp
 import codingstandards.cpp.autosar
 import codingstandards.cpp.deadcode.UnusedVariables
 
-// Collect constant values that we should use to exclude otherwise unused constexpr variables.
-//
-// For constexpr variables used as template arguments or in static_asserts, we don't see accesses
-// (just the appropriate literals). We therefore take a conservative approach and do not report
-// constexpr variables whose values are used in such contexts.
-//
-// For performance reasons, these special values should be collected in a single pass.
-predicate excludedConstantValue(string value) {
-  value = any(ClassTemplateInstantiation cti).getTemplateArgument(_).(Expr).getValue()
-  or
-  value = any(StaticAssert sa).getCondition().getAChild*().getValue()
-}
-
-/**
- * Defines the local variables that should be excluded from the unused variable analysis based
- * on their constant value.
- *
- * See `excludedConstantValue` for more details.
- */
-predicate excludeVariableByValue(Variable variable) {
-  variable.isConstexpr() and
-  excludedConstantValue(getConstExprValue(variable))
-}
-
-// TODO: This predicate may be possible to merge with M0-1-4's getUseCount(). These two rules
-// diverged to handle `excludeVariableByValue`, but may be possible to merge.
-int getUseCountConservatively(Variable v) {
-  result =
-    count(VariableAccess access | access = v.getAnAccess()) +
-      count(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) +
-      // In case an array type uses a constant in the same scope as the constexpr variable,
-      // consider it as used.
-      countUsesInLocalArraySize(v)
-}
-
-predicate isConservativelyUnused(Variable v) {
-  getUseCountConservatively(v) = 0 and
-  not excludeVariableByValue(v)
-}
-
-from PotentiallyUnusedLocalVariable v
-where
-  not isExcluded(v, DeadCodePackage::unusedLocalVariableQuery()) and
-  // Local variable is never accessed
-  not exists(v.getAnAccess()) and
-  // Sometimes multiple objects representing the same entities are created in
-  // the AST. Check if those are not accessed as well. Refer issue #658
-  not exists(LocalScopeVariable another |
-    another.getDefinitionLocation() = v.getDefinitionLocation() and
-    another.hasName(v.getName()) and
-    exists(another.getAnAccess()) and
-    another != v
-  ) and
-  isConservativelyUnused(v)
+from FullyUnusedLocalVariable v
+where not isExcluded(v, DeadCodePackage::unusedLocalVariableQuery())
 select v, "Local variable '" + v.getName() + "' in '" + v.getFunction().getName() + "' is not used."

cpp/autosar/src/rules/M0-1-3/UnusedMemberVariable.ql

@@ -19,13 +19,6 @@ import codingstandards.cpp.autosar
 import codingstandards.cpp.FunctionEquivalence
 import codingstandards.cpp.deadcode.UnusedVariables
 
-from PotentiallyUnusedMemberVariable v
-where
-  not isExcluded(v, DeadCodePackage::unusedMemberVariableQuery()) and
-  // No variable access
-  not exists(v.getAnAccess()) and
-  // No explicit initialization in a constructor
-  not exists(UserProvidedConstructorFieldInit cfi | cfi.getTarget() = v) and
-  // Exclude members whose value is compile time and is potentially used to inintialize a template
-  not maybeACompileTimeTemplateArgument(v)
+from FullyUnusedMemberVariable v
+where not isExcluded(v, DeadCodePackage::unusedMemberVariableQuery())
 select v, "Member variable '" + v.getName() + "' is unused."

cpp/autosar/src/rules/M0-1-4/SingleUseGlobalOrNamespacePODVariable.ql

@@ -19,7 +19,7 @@ import codingstandards.cpp.autosar
 import codingstandards.cpp.deadcode.UnusedVariables
 import SingleUsePODVariable
 
-from PotentiallyUnusedGlobalOrNamespaceVariable v
+from SecondPass::UnusedGlobalOrNamespaceVariable v
 where
   not isExcluded(v, DeadCodePackage::singleUseGlobalOrNamespacePODVariableQuery()) and
   isSingleUseNonVolatilePODVariable(v)