Draft PR for Rule 4-1-3, no undefined/unspecified behavior

.github/workflows/code-scanning-pack-gen.yml

@@ -10,6 +10,7 @@ on:
       - main
       - next
       - "rc/**"
+      - michaelrfairhurst/package-undefined-behavior
   push:
     branches:
       - main

.github/workflows/codeql_unit_tests.yml

@@ -15,6 +15,7 @@ on:
       - main
       - next
       - "rc/**"
+      - michaelrfairhurst/package-undefined-behavior
 
 jobs:
 

.github/workflows/extra-rule-validation.yml

@@ -15,6 +15,7 @@ on:
       - main
       - "rc/**"
       - next
+      - michaelrfairhurst/package-undefined-behavior
 
 
 jobs:

.github/workflows/tooling-unit-tests.yml

@@ -15,6 +15,7 @@ on:
       - main
       - "rc/**"
       - next
+      - michaelrfairhurst/package-undefined-behavior
 
 jobs:
   prepare-supported-codeql-env-matrix:

.github/workflows/validate-package-files.yml

@@ -9,6 +9,7 @@ on:
       - main
       - next
       - "rc/**"
+      - michaelrfairhurst/package-undefined-behavior
 
 jobs:
   validate-package-files:

.github/workflows/validate-query-formatting.yml

@@ -9,6 +9,7 @@ on:
       - main
       - next
       - "rc/**"
+      - michaelrfairhurst/package-undefined-behavior
 
 env:
     XARGS_MAX_PROCS: 4

.github/workflows/validate-query-help.yml

@@ -9,6 +9,7 @@ on:
       - main
       - next
       - "rc/**"
+      - michaelrfairhurst/package-undefined-behavior
 
 jobs:
   validate-query-help-files:

.github/workflows/validate-query-test-case-formatting.yml

@@ -9,6 +9,7 @@ on:
       - main
       - next
       - "rc/**"
+      - michaelrfairhurst/package-undefined-behavior
 
 env:
   XARGS_MAX_PROCS: 4

cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll

@@ -85,6 +85,7 @@ import Toolchain3
 import Trigraph
 import TrustBoundaries
 import TypeRanges
+import Undefined
 import Uninitialized
 import VirtualFunctions
 
@@ -173,6 +174,7 @@ newtype TCPPQuery =
   TTrigraphPackageQuery(TrigraphQuery q) or
   TTrustBoundariesPackageQuery(TrustBoundariesQuery q) or
   TTypeRangesPackageQuery(TypeRangesQuery q) or
+  TUndefinedPackageQuery(UndefinedQuery q) or
   TUninitializedPackageQuery(UninitializedQuery q) or
   TVirtualFunctionsPackageQuery(VirtualFunctionsQuery q)
 
@@ -261,6 +263,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat
   isTrigraphQueryMetadata(query, queryId, ruleId, category) or
   isTrustBoundariesQueryMetadata(query, queryId, ruleId, category) or
   isTypeRangesQueryMetadata(query, queryId, ruleId, category) or
+  isUndefinedQueryMetadata(query, queryId, ruleId, category) or
   isUninitializedQueryMetadata(query, queryId, ruleId, category) or
   isVirtualFunctionsQueryMetadata(query, queryId, ruleId, category)
 }

cpp/common/src/codingstandards/cpp/exclusions/cpp/Undefined.qll

@@ -0,0 +1,78 @@
+//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY.  **/
+import cpp
+import RuleMetadata
+import codingstandards.cpp.exclusions.RuleMetadata
+
+newtype UndefinedQuery =
+  TUndefinedBehaviorQuery() or
+  TCriticalUnspecifiedBehaviorQuery() or
+  TUndefinedBehaviorAuditQuery() or
+  TCriticalUnspecifiedBehaviorAuditQuery()
+
+predicate isUndefinedQueryMetadata(Query query, string queryId, string ruleId, string category) {
+  query =
+    // `Query` instance for the `undefinedBehavior` query
+    UndefinedPackage::undefinedBehaviorQuery() and
+  queryId =
+    // `@id` for the `undefinedBehavior` query
+    "cpp/misra/undefined-behavior" and
+  ruleId = "RULE-4-1-3" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `criticalUnspecifiedBehavior` query
+    UndefinedPackage::criticalUnspecifiedBehaviorQuery() and
+  queryId =
+    // `@id` for the `criticalUnspecifiedBehavior` query
+    "cpp/misra/critical-unspecified-behavior" and
+  ruleId = "RULE-4-1-3" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `undefinedBehaviorAudit` query
+    UndefinedPackage::undefinedBehaviorAuditQuery() and
+  queryId =
+    // `@id` for the `undefinedBehaviorAudit` query
+    "cpp/misra/undefined-behavior-audit" and
+  ruleId = "RULE-4-1-3" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `criticalUnspecifiedBehaviorAudit` query
+    UndefinedPackage::criticalUnspecifiedBehaviorAuditQuery() and
+  queryId =
+    // `@id` for the `criticalUnspecifiedBehaviorAudit` query
+    "cpp/misra/critical-unspecified-behavior-audit" and
+  ruleId = "RULE-4-1-3" and
+  category = "required"
+}
+
+module UndefinedPackage {
+  Query undefinedBehaviorQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `undefinedBehavior` query
+      TQueryCPP(TUndefinedPackageQuery(TUndefinedBehaviorQuery()))
+  }
+
+  Query criticalUnspecifiedBehaviorQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `criticalUnspecifiedBehavior` query
+      TQueryCPP(TUndefinedPackageQuery(TCriticalUnspecifiedBehaviorQuery()))
+  }
+
+  Query undefinedBehaviorAuditQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `undefinedBehaviorAudit` query
+      TQueryCPP(TUndefinedPackageQuery(TUndefinedBehaviorAuditQuery()))
+  }
+
+  Query criticalUnspecifiedBehaviorAuditQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `criticalUnspecifiedBehaviorAudit` query
+      TQueryCPP(TUndefinedPackageQuery(TCriticalUnspecifiedBehaviorAuditQuery()))
+  }
+}

cpp/misra/src/rules/RULE-4-1-3/CriticalUnspecifiedBehavior.ql

@@ -0,0 +1,23 @@
+/**
+ * @id cpp/misra/critical-unspecified-behavior
+ * @name RULE-4-1-3: There shall be no occurrence of critical unspecified behaviour
+ * @description Critical unspecified behaviour impacts the observable behaviour of the abstract
+ *              machine and means a program is not guaranteed to behave predictably.
+ * @kind problem
+ * @precision high
+ * @problem.severity error
+ * @tags external/misra/id/rule-4-1-3
+ *       correctness
+ *       scope/system
+ *       external/misra/enforcement/undecidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+
+from Element e
+where
+  not isExcluded(e, UndefinedPackage::criticalUnspecifiedBehaviorQuery()) and
+  none()
+select e, "no implementation"

cpp/misra/src/rules/RULE-4-1-3/CriticalUnspecifiedBehaviorAudit.ql

@@ -0,0 +1,24 @@
+/**
+ * @id cpp/misra/critical-unspecified-behavior-audit
+ * @name RULE-4-1-3: Audit: there shall be no occurrence of critical unspecified behaviour
+ * @description Critical unspecified behaviour impacts the observable behaviour of the abstract
+ *              machine and means a program is not guaranteed to behave predictably.
+ * @kind problem
+ * @precision low
+ * @problem.severity error
+ * @tags external/misra/id/rule-4-1-3
+ *       correctness
+ *       scope/system
+ *       external/misra/audit
+ *       external/misra/enforcement/undecidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+
+from Element e
+where
+  not isExcluded(e, UndefinedPackage::criticalUnspecifiedBehaviorAuditQuery()) and
+  none()
+select e, "no implementation"

cpp/misra/src/rules/RULE-4-1-3/UndefinedBehavior.ql

@@ -0,0 +1,24 @@
+/**
+ * @id cpp/misra/undefined-behavior
+ * @name RULE-4-1-3: There shall be no occurrence of undefined behaviour
+ * @description It is not possible to reason about the behaviour of any program that contains
+ *              instances of undefined behaviour, which can cause unpredictable results that are
+ *              particularly difficult to detect during testing.
+ * @kind problem
+ * @precision high
+ * @problem.severity error
+ * @tags external/misra/id/rule-4-1-3
+ *       correctness
+ *       scope/system
+ *       external/misra/enforcement/undecidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+
+from Element e
+where
+  not isExcluded(e, UndefinedPackage::undefinedBehaviorQuery()) and
+  none()
+select e, "no implementation"

cpp/misra/src/rules/RULE-4-1-3/UndefinedBehaviorAudit.ql

@@ -0,0 +1,25 @@
+/**
+ * @id cpp/misra/undefined-behavior-audit
+ * @name RULE-4-1-3: Audit: there shall be no occurrence of undefined behaviour
+ * @description It is not possible to reason about the behaviour of any program that contains
+ *              instances of undefined behaviour, which can cause unpredictable results that are
+ *              particularly difficult to detect during testing.
+ * @kind problem
+ * @precision low
+ * @problem.severity error
+ * @tags external/misra/id/rule-4-1-3
+ *       correctness
+ *       scope/system
+ *       external/misra/audit
+ *       external/misra/enforcement/undecidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+
+from Element e
+where
+  not isExcluded(e, UndefinedPackage::undefinedBehaviorAuditQuery()) and
+  none()
+select e, "no implementation"

cpp/misra/test/rules/RULE-4-1-3/CriticalUnspecifiedBehavior.expected

@@ -0,0 +1 @@
+No expected results have yet been specified

cpp/misra/test/rules/RULE-4-1-3/CriticalUnspecifiedBehavior.qlref

@@ -0,0 +1 @@
+rules/RULE-4-1-3/CriticalUnspecifiedBehavior.ql

cpp/misra/test/rules/RULE-4-1-3/CriticalUnspecifiedBehaviorAudit.expected

@@ -0,0 +1 @@
+No expected results have yet been specified

cpp/misra/test/rules/RULE-4-1-3/CriticalUnspecifiedBehaviorAudit.qlref

@@ -0,0 +1 @@
+rules/RULE-4-1-3/CriticalUnspecifiedBehaviorAudit.ql

cpp/misra/test/rules/RULE-4-1-3/UndefinedBehavior.expected

@@ -0,0 +1 @@
+No expected results have yet been specified

cpp/misra/test/rules/RULE-4-1-3/UndefinedBehavior.qlref

@@ -0,0 +1 @@
+rules/RULE-4-1-3/UndefinedBehavior.ql

cpp/misra/test/rules/RULE-4-1-3/UndefinedBehaviorAudit.expected

@@ -0,0 +1 @@
+No expected results have yet been specified

cpp/misra/test/rules/RULE-4-1-3/UndefinedBehaviorAudit.qlref

@@ -0,0 +1 @@
+rules/RULE-4-1-3/UndefinedBehaviorAudit.ql

rule_packages/cpp/Undefined.json

@@ -0,0 +1,63 @@
+{
+  "MISRA-C++-2023": {
+    "RULE-4-1-3": {
+      "properties": {
+        "enforcement": "undecidable",
+        "obligation": "required"
+      },
+      "queries": [
+        {
+          "description": "It is not possible to reason about the behaviour of any program that contains instances of undefined behaviour, which can cause unpredictable results that are particularly difficult to detect during testing.",
+          "kind": "problem",
+          "name": "There shall be no occurrence of undefined behaviour",
+          "precision": "high",
+          "severity": "error",
+          "short_name": "UndefinedBehavior",
+          "tags": [
+            "correctness",
+            "scope/system"
+          ]
+        },
+        {
+          "description": "Critical unspecified behaviour impacts the observable behaviour of the abstract machine and means a program is not guaranteed to behave predictably.",
+          "kind": "problem",
+          "name": "There shall be no occurrence of critical unspecified behaviour",
+          "precision": "high",
+          "severity": "error",
+          "short_name": "CriticalUnspecifiedBehavior",
+          "tags": [
+            "correctness",
+            "scope/system"
+          ]
+        },
+        {
+          "description": "It is not possible to reason about the behaviour of any program that contains instances of undefined behaviour, which can cause unpredictable results that are particularly difficult to detect during testing.",
+          "kind": "problem",
+          "name": "Audit: there shall be no occurrence of undefined behaviour",
+          "precision": "low",
+          "severity": "error",
+          "short_name": "UndefinedBehaviorAudit",
+          "tags": [
+            "correctness",
+            "scope/system",
+            "external/misra/audit"
+          ]
+        },
+        {
+          "description": "Critical unspecified behaviour impacts the observable behaviour of the abstract machine and means a program is not guaranteed to behave predictably.",
+          "kind": "problem",
+          "name": "Audit: there shall be no occurrence of critical unspecified behaviour",
+          "precision": "low",
+          "severity": "error",
+          "short_name": "CriticalUnspecifiedBehaviorAudit",
+          "tags": [
+            "correctness",
+            "scope/system",
+            "external/misra/audit"
+          ]
+        }
+      ],
+      "title": "There shall be no occurrence of undefined or critical unspecified behaviour"
+    }
+  }
+}