Skip to content

Improve identification of reuse of reserved names #951

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 34 commits into
base: main
Choose a base branch
from
Draft

Improve identification of reuse of reserved names #951

wants to merge 34 commits into from

Conversation

lcartey
Copy link
Collaborator

@lcartey lcartey commented Aug 27, 2025

Description

This pull request improves the identification of reserved names across the supported languages. I originally worked on this last year, and putting this up now as a draft PR for visibility. The main contributions are:

  • Adopting extensible predicates and data extension files to store the list of names defined by a given language standard - models-as-data is a clearer, more performant and more extensible way to describe the list of names defined in a language standard.
  • Creating a data extension files generator for C standard library names - this generator takes content copied from the C standard documentation and processes it to produce a data extension file with the identified APIs. As some cases are not fully scrapable from the documentation, we also augment this with a manual file with a few additional APIs.
  • Updating the existing C++ generator to produce data extension files - we had an existing generator for C++ which produced a hard-coded .qll file. This has been adapted to produce data extension files instead. It uses a "real" codebase to identify which APIs are available
  • Modifying the C++ data extension generator to filter out more internal and non-relevant APIs - many of the APIs produced by the generator previously were not considered to be reserved names by the standard - for example, internal names or outside the namespace std. These are now filtered out.
  • Improving the reporting of "owning" header for the C++ data extension generator - internally standard libraries often implement APIs in private headers which are then included by the header that should define it. The generator attempts to find the "best" header for any given API name in the standard library to improve reporting.
  • Reimplementing reserved name detection for C - a ReservedName.qll has been created which implements reserved name detection/reuse for C, based on the C Standard and the MISRA specific rules. This is adopted by MISRA Rules 21.1 and 21.2, AUTOSAR A17-0-1 and CERT C DCL37-C.
  • Reimplemented reserved name detection for C++ - ReservedName.qll is extended to support C++ reserved name detection. This has not yet been adopted by the various C++ reserved name queries - I recall that it was challenging to determine how to handle many of the edge cases due to a lack of clarity in both the language standard and the various Coding Standards.

Existing Issue references:

Change request type

  • Release or process automation (GitHub workflows, internal scripts)
  • Internal documentation
  • External documentation
  • Query files (.ql, .qll, .qls or unit tests)
  • External scripts (analysis report or other code shipped as part of a release)

Rules with added or modified queries

  • No rules added
  • Queries have been added for the following rules:
  • Queries have been modified for the following rules:
    • RULE-21-1
    • RULE-21-2
    • A17-0-1
    • DCL37-C

Release change checklist

A change note (development_handbook.md#change-notes) is required for any pull request which modifies:

  • The structure or layout of the release artifacts.
  • The evaluation performance (memory, execution time) of an existing query.
  • The results of an existing query in any circumstance.

If you are only adding new rule queries, a change note is not required.

Author: Is a change note required?

  • Yes
  • No

🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.

  • Confirmed

Reviewer: Confirm that either a change note is not required or the change note is required and has been added.

  • Confirmed

Query development review checklist

For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:

Author

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

Reviewer

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

lcartey added 30 commits August 27, 2025 10:43
@lcartey
Add module for names from the C/C++ library
be7f810 
This commit adds a module for representing names from the C/C++
standard libraries. It uses models-as-data to represent the names, and
provides modules for accessing names in C99, C11 and C++14.
@lcartey
Add mad generator for the C Standard Library
1554d78 
This adds a python script for taking Appendix B of the C Standard
Library and converting it to the StandardLibrayNames models-as-data
format.
@lcartey
Add mad generator for the C++ Standard Library
057c684 
This repurposes the existing module generator to instead generate a mad
file for the C++ standard library. It makes the following changes:
 * Omits names outside the `std` namespace (as they cannot be
   distinguished from system headers).
 * Removes the macro query, and adds member variable and type models
   instead.
 * Move to a new generator directory.
 * Update the script to generate a mad file instead of a .qll file.
@lcartey
Fix output locations
bf715b1 
Ensure models-as-data are output to the correct location.
@lcartey
Update models file
af00c9f 
Exclude more internal and non `std` models.
@lcartey
C: Support pointer return types in library generator
ea7e3b5 
The library generator did not correctly parse function prototypes with
pointer return types. These are now appropriately parsed.
@lcartey
Add missing update
e21f6d3
@lcartey
Add manual member variable models for C11 and C99.
cae5660 
Appendix B of the spec doesn't include the member variables, but there's
only a few of them so we specify by hand.
@lcartey
Expose libraryMemberVariableModels
189d66f
@lcartey
Adopt StandardLibraryNames in the C DeclaredAReservedIdentifier query
fcbe4e7
@lcartey
Update message, add additional tests
5f738b3
@lcartey
Refine detection of reserved identifiers
221c0c1 
 * Update message
 * Require appropriate include in the non-external linkage case.
 * Add extra tests
@lcartey
Correctly reflect tag and typedef name spaces
ca51fda
@lcartey
Exclude identifiers generated from library macros
122a020 
Library macros are not under user control
@lcartey
Only include macro names when the relevant header is included
172378f
@lcartey
Improve performance on large databases
b91d527 
Remove unnecessary filter on start locations.
@lcartey
Migrate STR32-C to new naming library
1fd72e2
@lcartey
Extract ReservedNames library.
f5210ac
@lcartey
Exclude NDEBUG, regenerate
92cfb2f 
Exclude NDEBUG which is not actually defined by any header, and update
the generated files (include the outdated C99 file).
@lcartey
Migrate Rule 21.2 to the ReservedNames library
6998ed0
@lcartey
Unshared Rule 21.2, and implement with MISRA rules
927640b 
MISRA has slightly different rules to CERT, so unshare the rule.
@lcartey
Replace Naming with StandardLibraryNames
a821de9
@lcartey
Migrate A17-1-1 to use StandardLibraryNames
7c94c8c
@lcartey
Migrate M17-0-2 to StandardLibraryNames.
c3977f2
@lcartey
C++: More accurately report declaring header
b2ea30a 
Determine more accurately which header a declaration belongs to:
 * Identify "closest" imported header
 * Use manual mapping to disambiguate
@lcartey
C++: Remove unnamed and specialization types
d18ada0
@lcartey
C++: Exclude operator bool from the reserved names
a9a4613
@lcartey
C++: Exclude member names unless the declaring type is visible
bbd56e0
@lcartey
C++: Exclude name-header mappings for specializations
384b245
@lcartey
Add a predicate for identifying any name in a standard
6ca9153
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@lcartey