Support guards isinf(), isfinite(), isnan(), etc

Author: MichaelRFairhurst

c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.ql

@@ -44,6 +44,18 @@ module InvalidInfinityUsage implements DataFlow::ConfigSig {
     exprMayEqualInfinity(node.asExpr(), _)
   }
 
+  predicate isBarrierOut(DataFlow::Node node) {
+    guardedNotFPClass(node.asExpr(), TInfinite())
+    or
+    exists(Expr e |
+      e.getType() instanceof IntegralType and
+      e = node.asConvertedExpr()
+    )
+    or
+    // Sinks are places where Infinity produce a finite value
+    isSink(node)
+  }
+
   /**
    * An additional flow step to handle operations which propagate Infinity.
    *

c/misra/src/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.ql

@@ -89,7 +89,6 @@ class InvalidOperationExpr extends BinaryOperation {
 }
 
 module InvalidNaNUsage implements DataFlow::ConfigSig {
-
   /**
    * An expression which has non-NaN inputs and may produce a NaN output.
    */
@@ -108,6 +107,15 @@ module InvalidNaNUsage implements DataFlow::ConfigSig {
     node.asExpr() instanceof InvalidOperationExpr
   }
 
+  predicate isBarrierOut(DataFlow::Node node) {
+    guardedNotFPClass(node.asExpr(), TNaN())
+    or
+    exists(Expr e |
+      e.getType() instanceof IntegralType and
+      e = node.asConvertedExpr()
+    )
+  }
+
   /**
    * Add an additional flow step to handle NaN propagation through floating point operations.
    */
@@ -120,21 +128,24 @@ module InvalidNaNUsage implements DataFlow::ConfigSig {
   }
 
   predicate isSink(DataFlow::Node node) {
-    // Case 1: NaNs shall not be compared, except to themselves
-    exists(ComparisonOperation cmp |
-      node.asExpr() = cmp.getAnOperand() and
-      not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand())
-    )
-    or
-    // Case 2: NaNs and infinities shall not be cast to integers
-    exists(Conversion c |
-      node.asExpr() = c.getUnconverted() and
-      c.getExpr().getType() instanceof FloatingPointType and
-      c.getType() instanceof IntegralType
+    not guardedNotFPClass(node.asExpr(), TNaN()) and
+    (
+      // Case 1: NaNs shall not be compared, except to themselves
+      exists(ComparisonOperation cmp |
+        node.asExpr() = cmp.getAnOperand() and
+        not hashCons(cmp.getLeftOperand()) = hashCons(cmp.getRightOperand())
+      )
+      or
+      // Case 2: NaNs and infinities shall not be cast to integers
+      exists(Conversion c |
+        node.asExpr() = c.getUnconverted() and
+        c.getExpr().getType() instanceof FloatingPointType and
+        c.getType() instanceof IntegralType
+      )
+      //or
+      //// Case 4: Functions shall not return NaNs or infinities
+      //exists(ReturnStmt ret | node.asExpr() = ret.getExpr())
     )
-    //or
-    //// Case 4: Functions shall not return NaNs or infinities
-    //exists(ReturnStmt ret | node.asExpr() = ret.getExpr())
   }
 }
 

c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedInfinity.expected

@@ -1,5 +1,6 @@
 edges
 | test.c:8:14:8:20 | ... / ... | test.c:8:14:8:20 | ... / ... | provenance |  |
+| test.c:8:14:8:20 | ... / ... | test.c:9:14:9:16 | - ... | provenance | Config |
 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | provenance |  |
 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | provenance |  |
 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | provenance |  |
@@ -9,8 +10,17 @@ edges
 | test.c:9:14:9:16 | - ... | test.c:28:19:28:20 | l3 | provenance |  |
 | test.c:31:14:32:15 | ... / ... | test.c:31:14:32:15 | ... / ... | provenance |  |
 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | provenance |  |
-| test.c:33:14:33:22 | ... / ... | test.c:33:14:33:22 | ... / ... | provenance |  |
-| test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:77:15:77:21 | ... / ... | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | provenance |  |
+| test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | provenance |  |
 nodes
 | test.c:8:14:8:20 | ... / ... | semmle.label | ... / ... |
 | test.c:8:14:8:20 | ... / ... | semmle.label | ... / ... |
@@ -24,25 +34,46 @@ nodes
 | test.c:28:19:28:20 | l3 | semmle.label | l3 |
 | test.c:31:14:32:15 | ... / ... | semmle.label | ... / ... |
 | test.c:31:14:32:15 | ... / ... | semmle.label | ... / ... |
-| test.c:33:14:33:22 | ... / ... | semmle.label | ... / ... |
-| test.c:33:14:33:22 | ... / ... | semmle.label | ... / ... |
 | test.c:38:3:38:9 | l7 | semmle.label | l7 |
-| test.c:39:3:39:9 | l8 | semmle.label | l8 |
-| test.c:61:5:61:19 | ... / ... | semmle.label | ... / ... |
-| test.c:66:5:66:21 | ... / ... | semmle.label | ... / ... |
-| test.c:72:14:72:30 | ... / ... | semmle.label | ... / ... |
-| test.c:75:18:75:34 | ... / ... | semmle.label | ... / ... |
+| test.c:61:5:61:18 | ... / ... | semmle.label | ... / ... |
+| test.c:66:5:66:20 | ... / ... | semmle.label | ... / ... |
+| test.c:72:14:72:29 | ... / ... | semmle.label | ... / ... |
+| test.c:75:18:75:33 | ... / ... | semmle.label | ... / ... |
+| test.c:77:15:77:21 | ... / ... | semmle.label | ... / ... |
+| test.c:77:15:77:21 | ... / ... | semmle.label | ... / ... |
+| test.c:79:5:79:12 | l12 | semmle.label | l12 |
+| test.c:87:5:87:12 | l12 | semmle.label | l12 |
+| test.c:91:5:91:12 | l12 | semmle.label | l12 |
+| test.c:93:5:93:12 | l12 | semmle.label | l12 |
+| test.c:99:5:99:12 | l12 | semmle.label | l12 |
+| test.c:105:5:105:12 | l12 | semmle.label | l12 |
+| test.c:111:5:111:12 | l12 | semmle.label | l12 |
+| test.c:114:16:114:23 | l12 | semmle.label | l12 |
+| test.c:117:23:117:30 | l12 | semmle.label | l12 |
+| test.c:120:20:120:27 | l12 | semmle.label | l12 |
 subpaths
 #select
 | test.c:12:8:12:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:12:8:12:9 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity |
+| test.c:13:8:13:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:13:8:13:9 | l3 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity |
 | test.c:13:8:13:9 | l3 | test.c:9:14:9:16 | - ... | test.c:13:8:13:9 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity |
 | test.c:18:8:18:9 | l2 | test.c:8:14:8:20 | ... / ... | test.c:18:3:18:9 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity |
+| test.c:19:8:19:9 | l3 | test.c:8:14:8:20 | ... / ... | test.c:19:3:19:9 | l3 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity |
 | test.c:19:8:19:9 | l3 | test.c:9:14:9:16 | - ... | test.c:19:3:19:9 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity |
 | test.c:27:19:27:20 | l2 | test.c:8:14:8:20 | ... / ... | test.c:27:19:27:20 | l2 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity |
+| test.c:28:19:28:20 | l3 | test.c:8:14:8:20 | ... / ... | test.c:28:19:28:20 | l3 | Invalid usage of possible $@. | test.c:8:14:8:20 | ... / ... | infinity |
 | test.c:28:19:28:20 | l3 | test.c:9:14:9:16 | - ... | test.c:28:19:28:20 | l3 | Invalid usage of possible $@. | test.c:9:14:9:16 | - ... | infinity |
 | test.c:38:8:38:9 | l7 | test.c:31:14:32:15 | ... / ... | test.c:38:3:38:9 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | infinity |
-| test.c:39:8:39:9 | l8 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | Invalid usage of possible $@. | test.c:33:14:33:22 | ... / ... | infinity |
-| test.c:61:12:61:18 | ... / ... | test.c:61:5:61:19 | ... / ... | test.c:61:5:61:19 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:19 | ... / ... | infinity |
-| test.c:66:12:66:20 | ... / ... | test.c:66:5:66:21 | ... / ... | test.c:66:5:66:21 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:21 | ... / ... | infinity |
-| test.c:72:21:72:29 | ... / ... | test.c:72:14:72:30 | ... / ... | test.c:72:14:72:30 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:30 | ... / ... | infinity |
-| test.c:75:25:75:33 | ... / ... | test.c:75:18:75:34 | ... / ... | test.c:75:18:75:34 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:34 | ... / ... | infinity |
+| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:18 | ... / ... | infinity |
+| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:20 | ... / ... | infinity |
+| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:29 | ... / ... | infinity |
+| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:33 | ... / ... | infinity |
+| test.c:79:10:79:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:79:5:79:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |
+| test.c:87:10:87:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:87:5:87:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |
+| test.c:91:10:91:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:91:5:91:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |
+| test.c:93:10:93:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:93:5:93:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |
+| test.c:99:10:99:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:99:5:99:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |
+| test.c:105:10:105:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:105:5:105:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |
+| test.c:111:10:111:12 | l12 | test.c:77:15:77:21 | ... / ... | test.c:111:5:111:12 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |
+| test.c:114:21:114:23 | l12 | test.c:77:15:77:21 | ... / ... | test.c:114:16:114:23 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |
+| test.c:117:28:117:30 | l12 | test.c:77:15:77:21 | ... / ... | test.c:117:23:117:30 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |
+| test.c:120:25:120:27 | l12 | test.c:77:15:77:21 | ... / ... | test.c:120:20:120:27 | l12 | Invalid usage of possible $@. | test.c:77:15:77:21 | ... / ... | infinity |

c/misra/test/rules/DIR-4-15/PossibleMisuseOfUndetectedNaN.expected

@@ -16,6 +16,15 @@ edges
 | test.c:33:14:33:22 | ... / ... | test.c:33:14:33:22 | ... / ... | provenance |  |
 | test.c:33:14:33:22 | ... / ... | test.c:39:3:39:9 | l8 | provenance |  |
 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | provenance |  |
+| test.c:122:15:122:21 | ... / ... | test.c:122:15:122:21 | ... / ... | provenance |  |
+| test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | provenance |  |
+| test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | provenance |  |
+| test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | provenance |  |
+| test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | provenance |  |
+| test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | provenance |  |
+| test.c:122:15:122:21 | ... / ... | test.c:154:20:154:27 | l13 | provenance |  |
+| test.c:122:15:122:21 | ... / ... | test.c:156:23:156:30 | l13 | provenance |  |
+| test.c:122:15:122:21 | ... / ... | test.c:157:16:157:23 | l13 | provenance |  |
 nodes
 | test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... |
 | test.c:27:14:27:20 | ... / ... | semmle.label | ... / ... |
@@ -38,10 +47,20 @@ nodes
 | test.c:52:3:52:4 | l6 | semmle.label | l6 |
 | test.c:53:3:53:4 | l7 | semmle.label | l7 |
 | test.c:54:3:54:4 | l8 | semmle.label | l8 |
-| test.c:61:5:61:19 | ... / ... | semmle.label | ... / ... |
-| test.c:66:5:66:21 | ... / ... | semmle.label | ... / ... |
-| test.c:72:14:72:30 | ... / ... | semmle.label | ... / ... |
-| test.c:75:18:75:34 | ... / ... | semmle.label | ... / ... |
+| test.c:61:5:61:18 | ... / ... | semmle.label | ... / ... |
+| test.c:66:5:66:20 | ... / ... | semmle.label | ... / ... |
+| test.c:72:14:72:29 | ... / ... | semmle.label | ... / ... |
+| test.c:75:18:75:33 | ... / ... | semmle.label | ... / ... |
+| test.c:122:15:122:21 | ... / ... | semmle.label | ... / ... |
+| test.c:122:15:122:21 | ... / ... | semmle.label | ... / ... |
+| test.c:126:5:126:12 | l13 | semmle.label | l13 |
+| test.c:132:5:132:12 | l13 | semmle.label | l13 |
+| test.c:138:5:138:12 | l13 | semmle.label | l13 |
+| test.c:144:5:144:12 | l13 | semmle.label | l13 |
+| test.c:148:5:148:12 | l13 | semmle.label | l13 |
+| test.c:154:20:154:27 | l13 | semmle.label | l13 |
+| test.c:156:23:156:30 | l13 | semmle.label | l13 |
+| test.c:157:16:157:23 | l13 | semmle.label | l13 |
 subpaths
 #select
 | test.c:36:8:36:9 | l5 | test.c:27:14:27:20 | ... / ... | test.c:36:3:36:9 | l5 | Invalid usage of possible $@. | test.c:27:14:27:20 | ... / ... | NaN resulting from possible division of infinity by infinity |
@@ -57,7 +76,15 @@ subpaths
 | test.c:52:3:52:4 | l6 | test.c:28:14:28:20 | ... / ... | test.c:52:3:52:4 | l6 | Invalid usage of possible $@. | test.c:28:14:28:20 | ... / ... | NaN resulting from possible division of infinity by infinity |
 | test.c:53:3:53:4 | l7 | test.c:31:14:32:15 | ... / ... | test.c:53:3:53:4 | l7 | Invalid usage of possible $@. | test.c:31:14:32:15 | ... / ... | NaN resulting from possible division of zero by zero |
 | test.c:54:3:54:4 | l8 | test.c:33:14:33:22 | ... / ... | test.c:54:3:54:4 | l8 | Invalid usage of possible $@. | test.c:33:14:33:22 | ... / ... | NaN resulting from possible division of zero by zero |
-| test.c:61:12:61:18 | ... / ... | test.c:61:5:61:19 | ... / ... | test.c:61:5:61:19 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:19 | ... / ... | NaN resulting from possible division of zero by zero |
-| test.c:66:12:66:20 | ... / ... | test.c:66:5:66:21 | ... / ... | test.c:66:5:66:21 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:21 | ... / ... | NaN resulting from possible division of zero by zero |
-| test.c:72:21:72:29 | ... / ... | test.c:72:14:72:30 | ... / ... | test.c:72:14:72:30 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:30 | ... / ... | NaN resulting from possible division of zero by zero |
-| test.c:75:25:75:33 | ... / ... | test.c:75:18:75:34 | ... / ... | test.c:75:18:75:34 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:34 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:61:11:61:17 | ... / ... | test.c:61:5:61:18 | ... / ... | test.c:61:5:61:18 | ... / ... | Invalid usage of possible $@. | test.c:61:5:61:18 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:66:11:66:19 | ... / ... | test.c:66:5:66:20 | ... / ... | test.c:66:5:66:20 | ... / ... | Invalid usage of possible $@. | test.c:66:5:66:20 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:72:20:72:28 | ... / ... | test.c:72:14:72:29 | ... / ... | test.c:72:14:72:29 | ... / ... | Invalid usage of possible $@. | test.c:72:14:72:29 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:75:24:75:32 | ... / ... | test.c:75:18:75:33 | ... / ... | test.c:75:18:75:33 | ... / ... | Invalid usage of possible $@. | test.c:75:18:75:33 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:126:10:126:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:126:5:126:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:132:10:132:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:132:5:132:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:138:10:138:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:138:5:138:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:144:10:144:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:144:5:144:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:148:10:148:12 | l13 | test.c:122:15:122:21 | ... / ... | test.c:148:5:148:12 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:154:25:154:27 | l13 | test.c:122:15:122:21 | ... / ... | test.c:154:20:154:27 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:156:28:156:30 | l13 | test.c:122:15:122:21 | ... / ... | test.c:156:23:156:30 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero |
+| test.c:157:21:157:23 | l13 | test.c:122:15:122:21 | ... / ... | test.c:157:16:157:23 | l13 | Invalid usage of possible $@. | test.c:122:15:122:21 | ... / ... | NaN resulting from possible division of zero by zero |