Merge pull request #261 from github/jsinglet/performance-hotfix-2-15-1

jsinglet · web-flow · commit 815916686de4 · 2023-03-17T14:26:17.000-04:00
Performance Hotfix for 2.15.1
diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cert-c-coding-standards
-version: 2.15.0
+version: 2.15.1
 description: CERT C 2016
 suites: codeql-suites
 license: MIT
diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cert-c-coding-standards-tests
-version: 2.15.0
+version: 2.15.1
 extractor: cpp
 license: MIT
 dependencies:
diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/common-c-coding-standards
-version: 2.15.0
+version: 2.15.1
 license: MIT
 dependencies:
   codeql/common-cpp-coding-standards: '*'
diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/common-c-coding-standards-tests
-version: 2.15.0
+version: 2.15.1
 extractor: cpp
 license: MIT
 dependencies:
diff --git a/c/misra/src/codingstandards/c/misra/EssentialTypes.qll b/c/misra/src/codingstandards/c/misra/EssentialTypes.qll
@@ -31,45 +31,83 @@ class EssentialTypeCategory extends TEssentialTypeCategory {
   }
 }
 
+/**
+ * An expression in the program that evaluates to a compile time constant signed or unsigned integer.
+ */
+private class ConstantIntegerExpr extends Expr {
+  pragma[noinline]
+  ConstantIntegerExpr() {
+    getEssentialTypeCategory(this.getType()) =
+      [
+        EssentiallyUnsignedType().(EssentialTypeCategory),
+        EssentiallySignedType().(EssentialTypeCategory)
+      ] and
+    exists(this.getValue().toFloat()) and
+    not this instanceof Conversion
+  }
+}
+
+/** A `float` which represents an integer constant in the program. */
+private class IntegerConstantAsFloat extends float {
+  IntegerConstantAsFloat() { exists(ConstantIntegerExpr ce | this = ce.getValue().toFloat()) }
+}
+
+/**
+ * Identifies which integral types from which type categories can represent a given integer constant
+ * in the program.
+ */
+pragma[nomagic]
+private predicate isCandidateIntegralType(
+  EssentialTypeCategory cat, IntegralType it, IntegerConstantAsFloat c
+) {
+  getEssentialTypeCategory(it) = cat and
+  c = any(ConstantIntegerExpr ce).getValue().toFloat() and
+  // As with range analysis, we assume two's complement representation
+  typeLowerBound(it) <= c and
+  typeUpperBound(it) >= c
+}
+
 /**
  * Gets the unsigned type of lowest rank that can represent the value of the given expression,
  * assuming that the expression is essentially unsigned.
  */
-private IntegralType utlr(Expr const) {
+pragma[nomagic]
+private IntegralType utlr(ConstantIntegerExpr const) {
   getEssentialTypeCategory(const.getType()) = EssentiallyUnsignedType() and
-  getEssentialTypeCategory(result) = EssentiallyUnsignedType() and
-  exists(float c | c = const.getValue().toFloat() |
-    // As with range analysis, we assume two's complement representation
-    typeLowerBound(result) <= c and
-    typeUpperBound(result) >= c and
-    forall(IntegralType it |
-      getEssentialTypeCategory(it) = EssentiallyUnsignedType() and
-      typeLowerBound(it) <= c and
-      typeUpperBound(it) >= c
-    |
-      result.getSize() <= it.getSize()
-    )
+  result = utlr_c(const.getValue().toFloat())
+}
+
+/**
+ * Given an integer constant that appears in the program, gets the unsigned type of lowest rank
+ * that can hold it.
+ */
+pragma[nomagic]
+private IntegralType utlr_c(IntegerConstantAsFloat c) {
+  isCandidateIntegralType(EssentiallyUnsignedType(), result, c) and
+  forall(IntegralType it | isCandidateIntegralType(EssentiallyUnsignedType(), it, c) |
+    result.getSize() <= it.getSize()
   )
 }
 
 /**
  * Gets the signed type of lowest rank that can represent the value of the given expression,
  * assuming that the expression is essentially signed.
  */
-private IntegralType stlr(Expr const) {
+pragma[nomagic]
+private IntegralType stlr(ConstantIntegerExpr const) {
   getEssentialTypeCategory(const.getType()) = EssentiallySignedType() and
-  getEssentialTypeCategory(result) = EssentiallySignedType() and
-  exists(float c | c = const.getValue().toFloat() |
-    // As with range analysis, we assume two's complement representation
-    typeLowerBound(result) <= c and
-    typeUpperBound(result) >= c and
-    forall(IntegralType it |
-      getEssentialTypeCategory(it) = EssentiallySignedType() and
-      typeLowerBound(it) <= c and
-      typeUpperBound(it) >= c
-    |
-      result.getSize() <= it.getSize()
-    )
+  result = stlr_c(const.getValue().toFloat())
+}
+
+/**
+ * Given an integer constant that appears in the program, gets the signed type of lowest rank
+ * that can hold it.
+ */
+pragma[nomagic]
+private IntegralType stlr_c(IntegerConstantAsFloat c) {
+  isCandidateIntegralType(EssentiallySignedType(), result, c) and
+  forall(IntegralType it | isCandidateIntegralType(EssentiallySignedType(), it, c) |
+    result.getSize() <= it.getSize()
   )
 }
 
@@ -108,6 +146,7 @@ EssentialTypeCategory getEssentialTypeCategory(Type type) {
 /**
  * Gets the essential type of the given expression `e`, considering any explicit conversions.
  */
+pragma[nomagic]
 Type getEssentialType(Expr e) {
   if e.hasExplicitConversion()
   then
diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/misra-c-coding-standards
-version: 2.15.0
+version: 2.15.1
 description: MISRA C 2012
 suites: codeql-suites
 license: MIT
diff --git a/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql b/c/misra/src/rules/RULE-10-5/InappropriateEssentialTypeCast.ql
@@ -49,16 +49,23 @@ predicate isIncompatibleEssentialTypeCast(EssentialTypeCategory fromCat, Essenti
     ]
 }
 
+predicate isCastTypes(
+  Cast c, Type essentialFromType, Type essentialToType, EssentialTypeCategory fromCategory,
+  EssentialTypeCategory toCategory
+) {
+  essentialFromType = getEssentialTypeBeforeConversions(c.getExpr()) and
+  essentialToType = c.getType() and
+  fromCategory = getEssentialTypeCategory(essentialFromType) and
+  toCategory = getEssentialTypeCategory(essentialToType)
+}
+
 from
   Cast c, Type essentialFromType, Type essentialToType, EssentialTypeCategory fromCategory,
   EssentialTypeCategory toCategory, string message
 where
   not isExcluded(c, EssentialTypesPackage::inappropriateEssentialTypeCastQuery()) and
   not c.isImplicit() and
-  essentialFromType = getEssentialTypeBeforeConversions(c.getExpr()) and
-  essentialToType = c.getType() and
-  fromCategory = getEssentialTypeCategory(essentialFromType) and
-  toCategory = getEssentialTypeCategory(essentialToType) and
+  isCastTypes(c, essentialFromType, essentialToType, fromCategory, toCategory) and
   isIncompatibleEssentialTypeCast(fromCategory, toCategory) and
   (
     if fromCategory = EssentiallyEnumType() and toCategory = EssentiallyEnumType()
diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/misra-c-coding-standards-tests
-version: 2.15.0
+version: 2.15.1
 extractor: cpp
 license: MIT
 dependencies:
diff --git a/change_notes/2023-03-16-essential-types-performance.md b/change_notes/2023-03-16-essential-types-performance.md
@@ -0,0 +1,12 @@
+ * The performance of the following queries related to essential types have been improved:
+   * `Rule 10.1`
+   * `Rule 10.2`
+   * `Rule 10.3`
+   * `Rule 10.4`
+   * `Rule 10.5`
+   * `Rule 10.6`
+   * `Rule 10.7`
+   * `Rule 10.8`
+   * `Rule 14.1`
+   * `Rule 21.14`
+   * `Rule 21.16`
diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/autosar-cpp-coding-standards
-version: 2.15.0
+version: 2.15.1
 description: AUTOSAR C++14 Guidelines 20-11
 suites: codeql-suites
 license: MIT
diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/autosar-cpp-coding-standards-tests
-version: 2.15.0
+version: 2.15.1
 extractor: cpp
 license: MIT
 dependencies:
diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cert-cpp-coding-standards
-version: 2.15.0
+version: 2.15.1
 description: CERT C++ 2016
 suites: codeql-suites
 license: MIT
diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cert-cpp-coding-standards-tests
-version: 2.15.0
+version: 2.15.1
 extractor: cpp
 license: MIT
 dependencies:
diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/common-cpp-coding-standards
-version: 2.15.0
+version: 2.15.1
 license: MIT
 dependencies:
   codeql/cpp-all: 0.3.5
diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/common-cpp-coding-standards-tests
-version: 2.15.0
+version: 2.15.1
 extractor: cpp
 license: MIT
 dependencies:
diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/misra-cpp-coding-standards
-version: 2.15.0
+version: 2.15.1
 description: MISRA C++ 2008
 suites: codeql-suites
 license: MIT
diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/misra-cpp-coding-standards-tests
-version: 2.15.0
+version: 2.15.1
 extractor: cpp
 license: MIT
 dependencies:
diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/report-cpp-coding-standards
-version: 2.15.0
+version: 2.15.1
 license: MIT
 dependencies:
   codeql/cpp-all: 0.3.5
diff --git a/docs/user_manual.md b/docs/user_manual.md
@@ -26,10 +26,10 @@
 This user manual documents release `2.10.0` of the coding standards located at https://github.com/github/codeql-coding-standards/releases/tag/v2.10.0 .
 The release page documents the release notes and contains the following artifacts part of the release:
 
-- `code-scanning-cpp-query-pack-anon-2.15.0.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_.
-- `supported_rules_list_2.15.0.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule.
+- `code-scanning-cpp-query-pack-anon-2.15.1.zip`: coding standard queries and scripts to be used with GitHub Code Scanning or the CodeQL CLI as documented in the section _Operating manual_.
+- `supported_rules_list_2.15.1.csv`: A Comma Separated File (CSV) containing the supported rules per standard and the queries that implement the rule.
 - `upported_rules_list_2.15.0-dev.md`: A Markdown formatted file with a table containing the supported rules per standard and the queries that implement the rule.
-- `user_manual_2.15.0.md`: This user manual.
+- `user_manual_2.15.1.md`: This user manual.
 - `Source Code (zip)`: A zip archive containing the contents of https://github.com/github/codeql-coding-standards
 - `Source Code (tar.gz)`: A GZip compressed tar archive containing the contents of https://github.com/github/codeql-coding-standards
 - `checksums.txt`: A text file containing sha256 checksums for the aforementioned artifacts. 
@@ -457,7 +457,7 @@ This section describes known failure modes for "CodeQL Coding Standards" and des
 |                              | Ouf of space                                                                                                                                                       | Less output. Some files may be only be partially analyzed, or not analyzed at all.                                                                        | Error reported on the command line.                                                                                                                                                                                                                                                                                                  | Increase space. If it remains an issue report space consumption issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues).                                                                                                                                                                                            |
 |                              | False positives                                                                                                                                                    | More output. Results are reported which are not violations of the guidelines.                                                                             | All reported results must be reviewed.                                                                                                                                                                                                                                                                                               | Report false positive issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues).                                                                                                                                                                                                                                      |
 |                              | False negatives                                                                                                                                                    | Less output. Violations of the guidelines are not reported.                                                                                               | Other validation and verification processes during software development should be used to complement the analysis performed by CodeQL Coding Standards.                                                                                                                                                                              | Report false negative issues via the CodeQL Coding Standards [bug tracker](https://github.com/github/codeql-coding-standards/issues).                                                                                                                                                                                                                                      |
-|                              | Modifying coding standard suite                                                                                                                                    | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported.            | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.15.0.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications.                                                                                                                                                                                                                                                       |
+|                              | Modifying coding standard suite                                                                                                                                    | More or less output. If queries are added to the query set more result can be reported. If queries are removed less results might be reported.            | All queries supported by the CodeQL Coding Standards are listed in the release artifacts `supported_rules_list_2.15.1.csv` where VERSION is replaced with the used release. The rules in the resulting Sarif file must be cross-referenced with the expected rules in this list to determine the validity of the used CodeQL suite. | Ensure that the CodeQL Coding Standards are not modified in ways that are not documented as supported modifications.                                                                                                                                                                                                                                                       |
 |                              | Incorrect deviation record specification                                                                                                                           | More output. Results are reported for guidelines for which a deviation is assigned.                                                                       | Analysis integrity report lists all deviations and incorrectly specified deviation records with a reason. Ensure that all deviation records are correctly specified.                                                                                                                                                                 | Ensure that the deviation record is specified according to the specification in the user manual.                                                                                                                                                                                                                                                                           |
 |                              | Incorrect deviation permit specification                                                                                                                           | More output. Results are reported for guidelines for which a deviation is assigned.                                                                       | Analysis integrity report lists all deviations and incorrectly specified deviation permits with a reason. Ensure that all deviation permits are correctly specified.                                                                                                                                                                 | Ensure that the deviation record is specified according to the specification in the user manual.                                                                                                                                                                                                                                                                           |
 |                              | Unapproved use of a deviation record                                                                                                                               | Less output. Results for guideline violations are not reported.                                                                                           | Validate that the deviation record use is approved by verifying the approved-by attribute of the deviation record specification.                                                                                                                                                                                                     | Ensure that each raised deviation record is approved by an independent approver through an auditable process.                                                                                                                                                                                                                                                              |
