Deviations: Support attribute inheritence

Attributes are inherited from their parent.

Includes support for features which are not currently enabled,
due to lack of support in CodeQL itself.

Author: lcartey

cpp/common/src/codingstandards/cpp/deviations/CodeIdentifierDeviation.qll

@@ -231,6 +231,21 @@ class DeviationAttribute extends StdAttribute {
     result.(Stmt).getEnclosingFunction() = this.getASuppressedElement()
     or
     result.(LocalVariable) = this.getASuppressedElement().(DeclStmt).getADeclaration()
+    or
+    result.(Function).getDeclaringType() = this.getASuppressedElement()
+    or
+    result.(Variable).getDeclaringType() = this.getASuppressedElement()
+    or
+    exists(LambdaExpression expr |
+      expr = this.getASuppressedElement() and
+      result = expr.getLambdaFunction()
+    )
+    or
+    exists(Function f |
+      f = this.getASuppressedElement() and
+      // A suppression on the function should apply to the noexcept expression
+      result = f.getADeclarationEntry().getNoExceptExpr()
+    )
   }
 }
 

cpp/common/test/deviations/deviations_basic_test/TypeLongDoubleUsed.expected

@@ -2,6 +2,9 @@
 | attribute_syntax.cpp:21:15:21:17 | d10 | Use of long double type. |
 | attribute_syntax.cpp:29:15:29:17 | d14 | Use of long double type. |
 | attribute_syntax.cpp:33:20:33:22 | d16 | Use of long double type. |
+| attribute_syntax.cpp:55:15:55:16 | d1 | Use of long double type. |
+| attribute_syntax.cpp:57:17:57:18 | d2 | Use of long double type. |
+| attribute_syntax.cpp:60:17:60:18 | d3 | Use of long double type. |
 | main.cpp:13:15:13:16 | d1 | Use of long double type. |
 | main.cpp:18:15:18:16 | d4 | Use of long double type. |
 | main.cpp:21:15:21:16 | d6 | Use of long double type. |

cpp/common/test/deviations/deviations_basic_test/UnusedReturnValue.expected

@@ -5,6 +5,8 @@
 | attribute_syntax.cpp:26:5:26:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ |
 | attribute_syntax.cpp:30:3:30:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ |
 | attribute_syntax.cpp:41:3:41:6 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ |
+| attribute_syntax.cpp:49:5:49:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ |
+| attribute_syntax.cpp:61:5:61:8 | call to getZ | Return value from call to $@ is unused. | attribute_syntax.cpp:1:5:1:8 | getZ | getZ |
 | main.cpp:12:3:12:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX |
 | main.cpp:25:3:25:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX |
 | main.cpp:27:3:27:6 | call to getX | Return value from call to $@ is unused. | main.cpp:8:5:8:8 | getX | getX |

cpp/common/test/deviations/deviations_basic_test/attribute_syntax.cpp

@@ -36,10 +36,41 @@ int alt() {
 }
 
 [[codeql::autosar_deviation("a-0-4-2-deviation")]]
-int alt2() {
+int test_function_deviation() {
   int x = 0;       // COMPLIANT[DEVIATED]
   getZ();          // NON_COMPLIANT
   long double dd1; // COMPLIANT[DEVIATED]
-  [[codeql::autosar_deviation(
-      "a-0-4-2-deviation")]] long double dd2; // COMPLIANT[DEVIATED]
-}
+}
+
+[[codeql::autosar_deviation("a-0-4-2-deviation")]]
+void test_lambdas() {
+  auto l = []() {
+    long double d4; // COMPLIANT[DEVIATED]
+    getZ();         // NON_COMPLIANT
+  };
+}
+
+// Attributes are not supported on a class level at the moment
+[[codeql::autosar_deviation("a-0-4-2-deviation")]] class ClassA {
+  long double d1; // COMPLIANT[DEVIATED - false positive]
+  class ClassNested {
+    long double d2; // COMPLIANT[DEVIATED - false positive]
+  };
+  void test() {
+    long double d3; // COMPLIANT[DEVIATED - false positive]
+    getZ();         // NON_COMPLIANT
+  }
+};
+
+// static_assert, templates, noexcept, multiple declarations
+
+// Namespaces not currently supported by attributes
+// [[codeql::autosar_deviation("a-0-4-2-deviation")]] namespace NS {
+// long double d1; // COMPLIANT[DEVIATED]
+// class ClassA {
+//   long double d1; // COMPLIANT[DEVIATED]
+// };
+// void test() {
+//   long double d1; // COMPLIANT[DEVIATED]
+// }
+// }

docs/user_manual.md

@@ -446,9 +446,8 @@ This attribute may be added to the following program elements:
  * Functions
  * Statements
  * Variables
- * Type declarations
 
-Deviation attributes are inherited from parents in the code structure. For example, a deviation attribute applied to a function will apply the deviation to all code within the function. Note: deviations are not inherited by lambda expressions.
+Deviation attributes are inherited from parents in the code structure. For example, a deviation attribute applied to a function will apply the deviation to all code within the function.
 
 Multiple code identifiers may be passed in a single attribute to apply multiple deviations, for example:
 
@@ -507,7 +506,7 @@ Here are some examples, using the deviation record with the `a-0-4-2-deviation`
 6 |
 7 | // codeql::<standard>_deviation_end(a-0-4-2-deviation)
 ```
-Here, Line 1 will pair with Line 7, and Line 3 will pair with Line 8.
+Here, Line 1 will pair with Line 7, and Line 3 will pair with Line 5.
 
 A `codeql::<standard>_deviation_end` without a matching `codeql::<standard>_deviation_begin`, or `codeql::<standard>_deviation_begin` without a matching `codeql::<standard>_deviation_end` is invalid and will be ignored.