Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A5-2-6: Exclude cases with the same binary operator #231

Closed
lcartey opened this issue Mar 3, 2023 · 4 comments · Fixed by #753
Closed

A5-2-6: Exclude cases with the same binary operator #231

lcartey opened this issue Mar 3, 2023 · 4 comments · Fixed by #753
Assignees
@lcartey
Labels
Difficulty-Low A false positive or false negative report which is expected to take <1 day effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-High top-25-fps user-report Issue reported by an end user of CodeQL Coding Standards

Comments

@lcartey
Copy link
Collaborator

lcartey commented Mar 3, 2023
edited
Loading

Affected rules

  • A5-2-6

Description

It's not well defined by the standard, but I think it's reasonable to exclude -> and . when considering whether an operand of a logical operator is binary.

Update: We thought the query was incorrectly reporting -> and . as binary operators. However, the problem was a confusion over this example:

foo->bar() && foo->baz() && foo->bang()

Where the query is reporting that this should be bracketed like so:

(foo->bar() && foo->baz()) && foo->bang()

This is a grey area in the rule itself - technically the title implies we should report this case. However, the rationale states:

Parentheses are required to add clarity in logical expressions making code easier to review versus code based only C++ operator precedence rules.

Which I think argues against asking for the developers to add unnecessary brackets in this case.

Proposed next steps:

  • Exclude cases where the nested binary operator is the same as the parent binary operator.
  • Refine the wording of the alert to ensure that it's clear where the brackets should be applied.

Example

foo->bar() && foo->baz() && foo->bang()
@lcartey lcartey added false positive/false negative An issue related to observed false positives or false negatives. Difficulty-Low A false positive or false negative report which is expected to take <1 day effort to address Impact-High user-report Issue reported by an end user of CodeQL Coding Standards labels Mar 3, 2023
@lcartey lcartey changed the title A5-2-6: Do not consider -> and . as binary oprators A5-2-6: Do not consider -> and . as binary operators Mar 3, 2023
@jeongsoolee09 jeongsoolee09 mentioned this issue Mar 23, 2023
Merged
30 tasks
@lcartey
Copy link
Collaborator Author

lcartey commented Apr 19, 2023

Reviewing the query, the description above is not accurate. The query already only reports BinaryOperations, which does not include FieldAccesses (such as -> and .). I have investigated whether these could be caused by the use of operator->, either independently or in conjunction with templates but cannot reproduce the problem.

@lcartey lcartey changed the title A5-2-6: Do not consider -> and . as binary operators A5-2-6: Consider excluding cases with the same binary operator May 26, 2023
@lcartey
Copy link
Collaborator Author

lcartey commented May 26, 2023

Issue body updated: the problem has been identified as related to (a) confusion caused by the alert message about where the brackets should apply and (b) an over-zealous rule.

@lcartey lcartey changed the title A5-2-6: Consider excluding cases with the same binary operator A5-2-6: Exclude cases with the same binary operator May 26, 2023
@lcartey lcartey self-assigned this Nov 5, 2023
@nbusser
Copy link

nbusser commented Jun 2, 2024
edited
Loading

I would like to report a similar over-zealous case when using the same comparison operator:

(a == 0) && (b == 0) // True negative, OK

(a == 0) && (b == 0) && ( c == 0) // Triggers A5-2-6 warning (zealous)

((a == 0) && (b == 0)) && ( c == 0) // Needs to do this to avoid A5-2-6 warning, which alters readability of code

AUTOSAR C++14 is not really clear for this specific case.

@lcartey lcartey mentioned this issue Oct 17, 2024
Merged
30 tasks
@lcartey lcartey moved this from Assigned to Ready for review in Coding Standards Public Development Board Oct 17, 2024
@lcartey
Copy link
Collaborator Author

lcartey commented Oct 17, 2024

This will be addressed by: #753

@github-project-automation github-project-automation bot moved this from Ready for review to Done in Coding Standards Public Development Board Oct 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lcartey lcartey

Labels
Difficulty-Low A false positive or false negative report which is expected to take <1 day effort to address false positive/false negative An issue related to observed false positives or false negatives. Impact-High top-25-fps user-report Issue reported by an end user of CodeQL Coding Standards
Projects
Coding Standards Public Development Board
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

A5-2-6: Ignore cases with the same operator github/codeql-coding-standards
3 participants
@lcartey @nbusser @jeongsoolee09