Open
Conversation
Collaborator
Author
|
/test-performance |
|
🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute. |
|
🏁 Beep Boop! One or things failed during performance testing. Please check the release engineering repo for details. |
Collaborator
Author
|
Looks like performance testing & compiler compatibility testing can't handle the qtil dependency. |
…conditions-rule-22-3-1-no-asserts-on-constants
…conditions-rule-22-3-1-no-asserts-on-constants
…no-asserts-on-constants
Collaborator
Author
|
/test-performance |
|
🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute. |
|
🏁 Beep Boop! One or things failed during performance testing. Please check the release engineering repo for details. |
Collaborator
Author
|
/test-performance |
|
🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute. |
|
🏁 Beep Boop! One or things failed during performance testing. Please check the release engineering repo for details. |
Collaborator
Author
|
/test-performance |
|
🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute. |
|
🏁 Beep Boop! One or things failed during performance testing. Please check the release engineering repo for details. |
Collaborator
Author
|
/test-performance |
|
🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute. |
|
🏁 Beep Boop! One or things failed during performance testing. Please check the release engineering repo for details. |
Collaborator
Author
|
/test-performance |
|
🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute. |
|
🏁 Beep Boop! One or things failed during performance testing. Please check the release engineering repo for details. |
Collaborator
Author
|
/test-performance |
|
🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute. |
…no-asserts-on-constants
…no-asserts-on-constants
Collaborator
Author
|
/test-performance |
|
🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute. |
|
🏁 Beep Boop! Performance testing complete! See below for performance of the last 3 runs vs your PR. Times are based on predicate performance. You can find full graphs and stats in the PR that was created for this test in the release engineering repo. 🏁 Below are the slowest predicates for the last 2 releases vs this PR. |
Collaborator
Author
|
/test-performance |
|
🏁 Beep Boop! Performance testing for this PR has been initiated. Please check back later for results. Note that the query package generation step must complete before testing will start so it might be a minute. |
|
🏁 Beep Boop! Performance testing complete! See below for performance of the last 3 runs vs your PR. Times are based on predicate performance. You can find full graphs and stats in the PR that was created for this test in the release engineering repo. 🏁 Below are the slowest predicates for the last 2 releases vs this PR. |
Collaborator
Author
|
To summarize the performance results: Worth noting, it can (probably*) only have gone down via random variation, it did not change existing code. The previous run (that compared only to 2.54) was also slower, at 2861637 total serialized execution time. * it might have affected magic in shared predicates in some weirdly positive way but that seems highly unlikely |
Contributor
There was a problem hiding this comment.
Pull request overview
Implements the first CodeQL check for MISRA C++:2023 RULE-22-3-1 by detecting assert(...) calls whose condition is a constant expression, and adds shared infrastructure to model/assert macro expansions robustly across different implementations.
Changes:
- Add a new MISRA rule query (
AssertMacroUsedWithAConstantExpression) with unit tests and rule package metadata. - Introduce a shared
Assertstandard-library modeling library (plus small AST helper modules) to extract the asserted condition from macro-expanded forms. - Add
advanced-security/qtilas a dependency of the common C++ pack and update pack lockfiles accordingly.
Reviewed changes
Copilot reviewed 27 out of 28 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| rules.csv | Assign RULE-22-3-1 to the new Preconditions3 rule package. |
| rule_packages/cpp/Preconditions3.json | Add rule package metadata for RULE-22-3-1 and its query. |
| cpp/misra/src/rules/RULE-22-3-1/AssertMacroUsedWithAConstantExpression.ql | New rule query reporting assert with constant-expression conditions. |
| cpp/misra/test/rules/RULE-22-3-1/test.cpp | Unit tests for compliant/non-compliant assert usages. |
| cpp/misra/test/rules/RULE-22-3-1/AssertMacroUsedWithAConstantExpression.qlref | Wire test directory to the production query. |
| cpp/misra/test/rules/RULE-22-3-1/AssertMacroUsedWithAConstantExpression.expected | Expected results for the new MISRA rule test. |
| cpp/common/src/codingstandards/cpp/standardlibrary/Assert.qll | New shared library to model assert macro invocations and recover asserted conditions. |
| cpp/common/src/codingstandards/cpp/ast/Conditions.qll | New helper abstraction for “conditional evaluation” nodes. |
| cpp/common/src/codingstandards/cpp/ast/Search.qll | New helper to find the outermost matching AST node (uses qtil). |
| cpp/common/test/library/codingstandards/cpp/standardlibrary/Assert/test.cpp | Library-level tests covering multiple assert macro expansion patterns. |
| cpp/common/test/library/codingstandards/cpp/standardlibrary/Assert/AssertTest.ql | Inline expectations test runner for the Assert library. |
| cpp/common/test/library/codingstandards/cpp/standardlibrary/Assert/AssertTest.expected | Empty expected output for inline expectations test (mismatches would be emitted). |
| cpp/common/test/includes/standard-library/assert.h | Make the test assert macro expand to a conditional + abort, enabling macro-expansion modeling. |
| cpp/common/src/codingstandards/cpp/exclusions/cpp/Preconditions3.qll | Add autogenerated exclusions metadata module for the new package/query. |
| cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll | Register the new Preconditions3 package in query metadata plumbing. |
| cpp/common/src/qlpack.yml | Add advanced-security/qtil dependency to common C++ pack. |
| cpp/common/src/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil. |
| cpp/common/test/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil. |
| cpp/autosar/src/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil. |
| cpp/autosar/test/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil. |
| cpp/cert/src/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil. |
| cpp/cert/test/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil. |
| cpp/misra/src/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil. |
| c/common/src/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil (transitively via common-cpp). |
| c/common/test/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil (transitively via common-cpp). |
| c/misra/src/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil (transitively via common-cpp). |
| c/misra/test/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil (transitively via common-cpp). |
| c/cert/src/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil (transitively via common-cpp). |
| c/cert/test/codeql-pack.lock.yml | Lockfile update to include advanced-security/qtil (transitively via common-cpp). |
Comments suppressed due to low confidence (1)
cpp/misra/test/rules/RULE-22-3-1/test.cpp:87
- These assertions assume an ASCII-like character set (
'a' == 97,'A' < 'Z'), which is not guaranteed by the language and can make the test fail on alternative encodings. Use encoding-independent constant-expressions instead (for example'a' == 'a'and'A' != 'Z') and update the.expectedvalues accordingly.
assert('a' == 97); // NON_COMPLIANT
assert('A' < 'Z'); // NON_COMPLIANT
| license: MIT | ||
| dependencies: | ||
| codeql/cpp-all: 5.0.0 | ||
| advanced-security/qtil: "0.0.3" |
There was a problem hiding this comment.
This PR adds a new external CodeQL pack dependency (advanced-security/qtil) to the released codeql/common-cpp-coding-standards pack. Per the developer handbook’s change note policy, changes that affect the structure/layout of release artifacts typically require a change note. Please confirm whether a change_notes/ entry is needed for this dependency addition and add one if so.
Suggested change
| advanced-security/qtil: "0.0.3" |
| } | ||
|
|
||
| void test_assert_with_constant_expression() { | ||
| assert(sizeof(int) == 4); // NON_COMPLIANT |
There was a problem hiding this comment.
The test assumes sizeof(int) == 4 evaluates to true and the .expected file hard-codes the constant value as 1. This makes the test brittle on non-ILP32/LP64 targets (or if the extractor target differs). Prefer a target-independent constant-expression (for example sizeof(char) == 1, or another expression guaranteed true/false across platforms) and update the .expected accordingly; also update the other sizeof(int) == ... occurrences in this file for consistency.
This issue also appears on line 86 of the same file.
| * condition being asserted. | ||
| * | ||
| * For example, `assert(x)` may expand to `{ if (!__unlikely(x)) abort(); }`. In this case: | ||
| * - We first identify the "outermost conditonal" generated by the macro, which is the `if` |
There was a problem hiding this comment.
Typo in comment: "conditonal" should be "conditional".
Suggested change
| * - We first identify the "outermost conditonal" generated by the macro, which is the `if` | |
| * - We first identify the "outermost conditional" generated by the macro, which is the `if` |
Comment on lines
+106
to
+107
| * For example, `x || abort();` appears to assert `x` is true, while `if (!x) abort();` | ||
| * appears to assert `x` is false. |
There was a problem hiding this comment.
The example in this doc comment is logically inverted: in if (!x) abort(); the assertion is effectively that x is true (since the program aborts when !x is true). Please adjust the wording so it matches what appearsToAssert returns and avoid confusing future readers.
Suggested change
| * For example, `x || abort();` appears to assert `x` is true, while `if (!x) abort();` | |
| * appears to assert `x` is false. | |
| * For example, both `x || abort();` and `if (!x) abort();` effectively assert that `x` | |
| * is true (in the second case, by asserting that `!x` is false). |
Comment on lines
+33
to
+35
| #define assert(X) \ | ||
| { __builtin_expect((X), 1) ? (void)0 : __assert (#X, __FILE__, __LINE__); } | ||
|
|
There was a problem hiding this comment.
This file redefines the assert macro multiple times with different replacement lists but never #undefs it in between. Many compilers emit diagnostics for this, and it’s undefined/ill-formed in some modes. Add #undef assert before each subsequent #define assert(...) (similar to how other tests handle redefining assert).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
please enter the description of your change here
Change request type
.ql,.qll,.qlsor unit tests)Rules with added or modified queries
Release change checklist
A change note (development_handbook.md#change-notes) is required for any pull request which modifies:
If you are only adding new rule queries, a change note is not required.
Author: Is a change note required?
🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.
Reviewer: Confirm that either a change note is not required or the change note is required and has been added.
Query development review checklist
For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:
Author
As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
Reviewer
As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.