Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

A14-5-2: type member dependent on class' template parameter detected not dependent #739

Closed
fjatWbyT opened this issue Oct 7, 2024 · 2 comments
Labels
Difficulty-Medium A false positive or false negative report which is expected to take 1-5 days effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-Medium Standard-AUTOSAR user-report Issue reported by an end user of CodeQL Coding Standards

Comments

@fjatWbyT
Copy link
Contributor

fjatWbyT commented Oct 7, 2024

Affected rules

  • A14-5-2

Description

Type member defined with a dependent name and template parameter results in recommendation to be defined in a separated class because it is identified to be not dependent on the template parameter.

Example

template<typename T>
struct a_template_struct {
  using type = T;
};

template<typename T>
struct another_template_struct {
  using type = typename a_template_struct<T>::type;
};

Query cpp/autosar/src/rules/A14-5-2/NonTemplateMemberDefinedInTemplate.ql outputs that another_template_struct::type does not use any of the template arguments of another_template_struct.

@fjatWbyT fjatWbyT added the false positive/false negative An issue related to observed false positives or false negatives. label Oct 7, 2024
@fjatWbyT fjatWbyT changed the title A-14-5-2: type member dependent on class' template parameter detected not dependent A14-5-2: type member dependent on class' template parameter detected not dependent Oct 7, 2024
@fjatWbyT
Copy link
Contributor Author

Strategy proposal

Add an additional omission case for type members declared with using aliases. This is motivated by the many A14-5-2 alerts overall produced in STL-like libraries (out of which, I've estimated an 80% of them to be false positives).

For example, I measured 1988 A14-5-2 alerts in abseil-cpp including false positives in aliases such as the ones starting at this line, and reduced it to 1540 with this strategy.

I was happy to see that current unit tests would finely do to capture the impact:

 using T1 = typename template_base<T>::type;   // COMPLIANT[FALSE_POSITIVE]
 using T2 = typename template_base<int>::type; // NON_COMPLIANT

would become

using T1 = typename template_base<T>::type;   // COMPLIANT
using T2 = typename template_base<int>::type; // NON_COMPLIANT[FALSE_NEGATIVE]

@lcartey lcartey added the user-report Issue reported by an end user of CodeQL Coding Standards label Oct 15, 2024
@lcartey lcartey moved this from Reported to Review in progress in Coding Standards Public Development Board Oct 15, 2024
@lcartey lcartey added Difficulty-Medium A false positive or false negative report which is expected to take 1-5 days effort to address Impact-Medium labels Oct 15, 2024
@fjatWbyT
Copy link
Contributor Author

fjatWbyT commented Dec 6, 2024

Hi, I think this issue could be closed ✅

I have just verified on abseil-cpp that results using current main reconcile:
there are 1774 alerts (in between the two numbers in the strategy proposal, which is a good sign since the proposal introduced false negatives such as the one in the unit tests);
and the particular false positive in btree.h isn't alerted.

@fjatWbyT fjatWbyT closed this as completed Dec 6, 2024
@github-project-automation github-project-automation bot moved this from Review in progress to Done in Coding Standards Public Development Board Dec 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Difficulty-Medium A false positive or false negative report which is expected to take 1-5 days effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-Medium Standard-AUTOSAR user-report Issue reported by an end user of CodeQL Coding Standards
Projects
Development

No branches or pull requests

3 participants