From 9e6257053f5671e507c089198ec507a6e565d27b Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Fri, 13 Mar 2026 18:43:42 -0700 Subject: [PATCH 1/6] Import EXP51-CPP into rule 4-1-3 as it is UB --- ...-share-array-delete-type-mismatch-query.md | 3 ++ ...nArrayThroughAPointerOfTheIncorrectType.ql | 31 ++++-------- ...ThroughAPointerOfTheIncorrectType.expected | 15 ------ ...rayThroughAPointerOfTheIncorrectType.qlref | 1 - ...yThroughAPointerOfTheIncorrectType.testref | 1 + .../cpp/exclusions/cpp/Undefined.qll | 19 +++++++- ...hroughAPointerOfTheIncorrectTypeShared.qll | 48 +++++++++++++++++++ ...hAPointerOfTheIncorrectTypeShared.expected | 11 +++++ ...ThroughAPointerOfTheIncorrectTypeShared.ql | 11 +++++ .../test.cpp | 2 +- ...rayDeletedThroughPointerOfIncorrectType.ql | 30 ++++++++++++ ...letedThroughPointerOfIncorrectType.testref | 1 + rule_packages/cpp/Freed.json | 1 + rule_packages/cpp/Undefined.json | 13 +++++ 14 files changed, 148 insertions(+), 39 deletions(-) create mode 100644 change_notes/2026-03-13-share-array-delete-type-mismatch-query.md delete mode 100644 cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected delete mode 100644 cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qlref create mode 100644 cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.qll create mode 100644 cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.expected create mode 100644 cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.ql rename cpp/{cert/test/rules/EXP51-CPP => common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared}/test.cpp (99%) create mode 100644 cpp/misra/src/rules/RULE-4-1-3/ArrayDeletedThroughPointerOfIncorrectType.ql create mode 100644 cpp/misra/test/rules/RULE-4-1-3/ArrayDeletedThroughPointerOfIncorrectType.testref diff --git a/change_notes/2026-03-13-share-array-delete-type-mismatch-query.md b/change_notes/2026-03-13-share-array-delete-type-mismatch-query.md new file mode 100644 index 0000000000..38b11f3517 --- /dev/null +++ b/change_notes/2026-03-13-share-array-delete-type-mismatch-query.md @@ -0,0 +1,3 @@ + - `EXP51-CPP` - `DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql`: + - Refactored query logic into a shared library (`DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.qll`) to enable reuse by MISRA C++ `RULE-4-1-3`. The query logic is unchanged and no visible changes to results or performance are expected. + - The query now uses a `query predicate problems` instead of a `from/where/select`. In path-problem BQRS output, the results section header changes from `#select` to `problems`. Alert results and their content are otherwise identical. diff --git a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql index d0935cc798..ae1a767f66 100644 --- a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql +++ b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql @@ -18,29 +18,18 @@ import cpp import codingstandards.cpp.cert -import semmle.code.cpp.dataflow.DataFlow -import AllocationToDeleteFlow::PathGraph +import codingstandards.cpp.rules.donotdeleteanarraythroughapointeroftheincorrecttypeshared.DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared -module AllocationToDeleteConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NewArrayExpr } - - predicate isSink(DataFlow::Node sink) { - exists(DeleteArrayExpr dae | dae.getExpr() = sink.asExpr()) +module DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeConfig implements + DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeSharedConfigSig +{ + Query getQuery() { + result = FreedPackage::doNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeQuery() } } -module AllocationToDeleteFlow = DataFlow::Global; +module Shared = + DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared; -from - AllocationToDeleteFlow::PathNode source, AllocationToDeleteFlow::PathNode sink, - NewArrayExpr newArray, DeleteArrayExpr deleteArray -where - not isExcluded(deleteArray.getExpr(), - FreedPackage::doNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeQuery()) and - AllocationToDeleteFlow::flowPath(source, sink) and - newArray = source.getNode().asExpr() and - deleteArray.getExpr() = sink.getNode().asExpr() and - not newArray.getType().getUnspecifiedType() = deleteArray.getExpr().getType().getUnspecifiedType() -select sink, source, sink, - "Array of type " + newArray.getType() + " is deleted through a pointer of type " + - deleteArray.getExpr().getType() + "." +import Shared::PathGraph +import Shared diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected deleted file mode 100644 index 8b7a4902cc..0000000000 --- a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.expected +++ /dev/null @@ -1,15 +0,0 @@ -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:24,44-52) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:25,22-30) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:27,20-28) -WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql:32,33-41) -edges -| test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | provenance | | -| test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | provenance | | -nodes -| test.cpp:6:19:6:37 | new[] | semmle.label | new[] | -| test.cpp:7:22:7:40 | new[] | semmle.label | new[] | -| test.cpp:9:12:9:13 | l1 | semmle.label | l1 | -| test.cpp:10:12:10:13 | l2 | semmle.label | l2 | -subpaths -#select -| test.cpp:9:12:9:13 | l1 | test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | Array of type DerivedClass * is deleted through a pointer of type BaseClass *. | diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qlref b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qlref deleted file mode 100644 index fbeac87143..0000000000 --- a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.testref b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.testref new file mode 100644 index 0000000000..069f5724f8 --- /dev/null +++ b/cpp/cert/test/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.ql diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Undefined.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Undefined.qll index 37ae63fa53..106b68becc 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Undefined.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Undefined.qll @@ -8,7 +8,8 @@ newtype UndefinedQuery = TCriticalUnspecifiedBehaviorQuery() or TUndefinedBehaviorAuditQuery() or TCriticalUnspecifiedBehaviorAuditQuery() or - TPossibleDataRaceBetweenThreadsQuery() + TPossibleDataRaceBetweenThreadsQuery() or + TArrayDeletedThroughPointerOfIncorrectTypeQuery() predicate isUndefinedQueryMetadata(Query query, string queryId, string ruleId, string category) { query = @@ -55,6 +56,15 @@ predicate isUndefinedQueryMetadata(Query query, string queryId, string ruleId, s "cpp/misra/possible-data-race-between-threads" and ruleId = "RULE-4-1-3" and category = "required" + or + query = + // `Query` instance for the `arrayDeletedThroughPointerOfIncorrectType` query + UndefinedPackage::arrayDeletedThroughPointerOfIncorrectTypeQuery() and + queryId = + // `@id` for the `arrayDeletedThroughPointerOfIncorrectType` query + "cpp/misra/array-deleted-through-pointer-of-incorrect-type" and + ruleId = "RULE-4-1-3" and + category = "required" } module UndefinedPackage { @@ -92,4 +102,11 @@ module UndefinedPackage { // `Query` type for `possibleDataRaceBetweenThreads` query TQueryCPP(TUndefinedPackageQuery(TPossibleDataRaceBetweenThreadsQuery())) } + + Query arrayDeletedThroughPointerOfIncorrectTypeQuery() { + //autogenerate `Query` type + result = + // `Query` type for `arrayDeletedThroughPointerOfIncorrectType` query + TQueryCPP(TUndefinedPackageQuery(TArrayDeletedThroughPointerOfIncorrectTypeQuery())) + } } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.qll new file mode 100644 index 0000000000..d526632f89 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.qll @@ -0,0 +1,48 @@ +/** + * Provides a configurable module DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared + * with a `problems` predicate for the following issue: + * Deleting an array through a pointer of an incorrect type leads to undefined behavior. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import semmle.code.cpp.dataflow.DataFlow + +signature module DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeSharedConfigSig { + Query getQuery(); +} + +module DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared< + DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeSharedConfigSig Config> +{ + private module AllocationToDeleteConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr() instanceof NewArrayExpr } + + predicate isSink(DataFlow::Node sink) { + exists(DeleteArrayExpr dae | dae.getExpr() = sink.asExpr()) + } + } + + module AllocationToDeleteFlow = DataFlow::Global; + + module PathGraph = AllocationToDeleteFlow::PathGraph; + + query predicate problems( + Expr deleteExpr, AllocationToDeleteFlow::PathNode source, AllocationToDeleteFlow::PathNode sink, + string message + ) { + exists(NewArrayExpr newArray, DeleteArrayExpr deleteArray | + not isExcluded(deleteArray.getExpr(), Config::getQuery()) and + AllocationToDeleteFlow::flowPath(source, sink) and + newArray = source.getNode().asExpr() and + deleteArray.getExpr() = sink.getNode().asExpr() and + not newArray.getType().getUnspecifiedType() = + deleteArray.getExpr().getType().getUnspecifiedType() and + deleteExpr = sink.getNode().asExpr() and + message = + "Array of type " + newArray.getType() + " is deleted through a pointer of type " + + deleteArray.getExpr().getType() + "." + ) + } +} diff --git a/cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.expected b/cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.expected new file mode 100644 index 0000000000..7debcf36ab --- /dev/null +++ b/cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.expected @@ -0,0 +1,11 @@ +problems +| test.cpp:9:12:9:13 | l1 | test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | Array of type DerivedClass * is deleted through a pointer of type BaseClass *. | +edges +| test.cpp:6:19:6:37 | new[] | test.cpp:9:12:9:13 | l1 | provenance | | +| test.cpp:7:22:7:40 | new[] | test.cpp:10:12:10:13 | l2 | provenance | | +nodes +| test.cpp:6:19:6:37 | new[] | semmle.label | new[] | +| test.cpp:7:22:7:40 | new[] | semmle.label | new[] | +| test.cpp:9:12:9:13 | l1 | semmle.label | l1 | +| test.cpp:10:12:10:13 | l2 | semmle.label | l2 | +subpaths diff --git a/cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.ql b/cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.ql new file mode 100644 index 0000000000..769bb3c1b5 --- /dev/null +++ b/cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.ql @@ -0,0 +1,11 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.donotdeleteanarraythroughapointeroftheincorrecttypeshared.DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared + +module TestFileConfig implements DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeSharedConfigSig { + Query getQuery() { result instanceof TestQuery } +} + +module Shared = DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared; + +import Shared::PathGraph +import Shared diff --git a/cpp/cert/test/rules/EXP51-CPP/test.cpp b/cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/test.cpp similarity index 99% rename from cpp/cert/test/rules/EXP51-CPP/test.cpp rename to cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/test.cpp index a09dd276fa..4efbc87159 100644 --- a/cpp/cert/test/rules/EXP51-CPP/test.cpp +++ b/cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/test.cpp @@ -8,4 +8,4 @@ void test() { delete[] l1; // NON_COMPLIANT - pointer to base class delete[] l2; // COMPLIANT - pointer to derived class -} \ No newline at end of file +} diff --git a/cpp/misra/src/rules/RULE-4-1-3/ArrayDeletedThroughPointerOfIncorrectType.ql b/cpp/misra/src/rules/RULE-4-1-3/ArrayDeletedThroughPointerOfIncorrectType.ql new file mode 100644 index 0000000000..ac9bab4d6e --- /dev/null +++ b/cpp/misra/src/rules/RULE-4-1-3/ArrayDeletedThroughPointerOfIncorrectType.ql @@ -0,0 +1,30 @@ +/** + * @id cpp/misra/array-deleted-through-pointer-of-incorrect-type + * @name RULE-4-1-3: Array deleted through pointer of incorrect type leads to undefined behavior + * @description Deleting an array through a pointer of an incorrect type leads to undefined + * behavior. + * @kind path-problem + * @precision high + * @problem.severity error + * @tags external/misra/id/rule-4-1-3 + * correctness + * scope/system + * external/misra/enforcement/undecidable + * external/misra/obligation/required + */ + +import cpp +import codingstandards.cpp.misra +import codingstandards.cpp.rules.donotdeleteanarraythroughapointeroftheincorrecttypeshared.DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared + +module ArrayDeletedThroughPointerOfIncorrectTypeConfig implements + DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeSharedConfigSig +{ + Query getQuery() { result = UndefinedPackage::arrayDeletedThroughPointerOfIncorrectTypeQuery() } +} + +module Shared = + DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared; + +import Shared::PathGraph +import Shared diff --git a/cpp/misra/test/rules/RULE-4-1-3/ArrayDeletedThroughPointerOfIncorrectType.testref b/cpp/misra/test/rules/RULE-4-1-3/ArrayDeletedThroughPointerOfIncorrectType.testref new file mode 100644 index 0000000000..069f5724f8 --- /dev/null +++ b/cpp/misra/test/rules/RULE-4-1-3/ArrayDeletedThroughPointerOfIncorrectType.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotdeleteanarraythroughapointeroftheincorrecttypeshared/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared.ql diff --git a/rule_packages/cpp/Freed.json b/rule_packages/cpp/Freed.json index 30ab6982b2..4fd0fddb05 100644 --- a/rule_packages/cpp/Freed.json +++ b/rule_packages/cpp/Freed.json @@ -109,6 +109,7 @@ "name": "Do not delete an array through a pointer of the incorrect type", "precision": "high", "severity": "error", + "shared_implementation_short_name": "DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared", "short_name": "DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType", "tags": [ "correctness", diff --git a/rule_packages/cpp/Undefined.json b/rule_packages/cpp/Undefined.json index bc0b10af3d..e0977efd9f 100644 --- a/rule_packages/cpp/Undefined.json +++ b/rule_packages/cpp/Undefined.json @@ -69,6 +69,19 @@ "concurrency", "scope/system" ] + }, + { + "description": "Deleting an array through a pointer of an incorrect type leads to undefined behavior.", + "kind": "path-problem", + "name": "Array deleted through pointer of incorrect type leads to undefined behavior", + "precision": "high", + "severity": "error", + "shared_implementation_short_name": "DoNotDeleteAnArrayThroughAPointerOfTheIncorrectTypeShared", + "short_name": "ArrayDeletedThroughPointerOfIncorrectType", + "tags": [ + "correctness", + "scope/system" + ] } ], "title": "There shall be no occurrence of undefined or critical unspecified behaviour" From 8e8feef98a41d389228bc849231dcd5d4c742728 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 25 Mar 2026 15:14:27 +0100 Subject: [PATCH 2/6] Update .github/workflows/validate-query-formatting.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/validate-query-formatting.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index bdd3145669..e059caeca7 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -9,7 +9,6 @@ on: - main - next - "rc/**" - - michaelrfairhurst/package-undefined-behavior env: XARGS_MAX_PROCS: 4 From 9d539a327bf6607c44b7d1e62d84ed7740549d43 Mon Sep 17 00:00:00 2001 From: Mauro Baluda Date: Wed, 25 Mar 2026 15:25:38 +0100 Subject: [PATCH 3/6] Address copilot review --- .github/workflows/codeql_unit_tests.yml | 1 - .github/workflows/extra-rule-validation.yml | 1 - .github/workflows/tooling-unit-tests.yml | 1 - .github/workflows/validate-package-files.yml | 1 - .github/workflows/validate-query-help.yml | 1 - .github/workflows/validate-query-test-case-formatting.yml | 1 - .../PossibleDataRaceBetweenThreadsShared.qll | 2 +- .../PossibleDataRaceBetweenThreadsShared.expected | 2 ++ .../rules/possibledataracebetweenthreadsshared/test.cpp | 6 +++--- 9 files changed, 6 insertions(+), 10 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 3d8212190c..7ec7e53a79 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -15,7 +15,6 @@ on: - main - next - "rc/**" - - michaelrfairhurst/package-undefined-behavior jobs: diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 960ebe722a..9f74ae6574 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -15,7 +15,6 @@ on: - main - "rc/**" - next - - michaelrfairhurst/package-undefined-behavior jobs: diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index e2b690c76c..aec9f5dd78 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -15,7 +15,6 @@ on: - main - "rc/**" - next - - michaelrfairhurst/package-undefined-behavior jobs: prepare-supported-codeql-env-matrix: diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index c0f2eb7f00..3e53fc9650 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -9,7 +9,6 @@ on: - main - next - "rc/**" - - michaelrfairhurst/package-undefined-behavior jobs: validate-package-files: diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml index 6f4bd36e8b..8ac04f1ba9 100644 --- a/.github/workflows/validate-query-help.yml +++ b/.github/workflows/validate-query-help.yml @@ -9,7 +9,6 @@ on: - main - next - "rc/**" - - michaelrfairhurst/package-undefined-behavior jobs: validate-query-help-files: diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml index f1586b90ce..70151fbf48 100644 --- a/.github/workflows/validate-query-test-case-formatting.yml +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -9,7 +9,6 @@ on: - main - next - "rc/**" - - michaelrfairhurst/package-undefined-behavior env: XARGS_MAX_PROCS: 4 diff --git a/cpp/common/src/codingstandards/cpp/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.qll b/cpp/common/src/codingstandards/cpp/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.qll index 966d6bcba3..b4aa239f65 100644 --- a/cpp/common/src/codingstandards/cpp/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.qll @@ -37,7 +37,7 @@ module PossibleDataRaceBetweenThreadsShared Date: Wed, 25 Mar 2026 18:09:15 +0100 Subject: [PATCH 4/6] Fix expected file --- .../PossibleDataRaceBetweenThreadsShared.expected | 1 + 1 file changed, 1 insertion(+) diff --git a/c/common/test/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.expected b/c/common/test/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.expected index e1c0e9389d..ca6c50128e 100644 --- a/c/common/test/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.expected +++ b/c/common/test/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.expected @@ -8,6 +8,7 @@ | test.c:82:3:82:7 | call to srand | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:82:3:82:7 | call to srand | srand | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:82:3:82:7 | call to srand | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:83:3:83:8 | call to getenv | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:83:3:83:8 | call to getenv | getenv | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:83:3:83:8 | call to getenv | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:84:3:84:10 | call to getenv_s | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:84:3:84:10 | call to getenv_s | getenv_s | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:84:3:84:10 | call to getenv_s | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | +| test.c:85:3:85:8 | call to strtok | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:85:3:85:8 | call to strtok | strtok | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:85:3:85:8 | call to strtok | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:86:3:86:10 | call to strerror | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:86:3:86:10 | call to strerror | strerror | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:86:3:86:10 | call to strerror | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:87:3:87:9 | call to asctime | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:87:3:87:9 | call to asctime | asctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:87:3:87:9 | call to asctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:88:3:88:7 | call to ctime | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:88:3:88:7 | call to ctime | ctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:88:3:88:7 | call to ctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | From 5bf2f567c5092fb7310f40090023fb21be76bfe6 Mon Sep 17 00:00:00 2001 From: Mike Fairhurst Date: Mon, 30 Mar 2026 17:07:29 -0700 Subject: [PATCH 5/6] Revert "Address copilot review" This reverts commit 9d539a327bf6607c44b7d1e62d84ed7740549d43. The commit itself is good, but it should not be done in this branch. --- .github/workflows/codeql_unit_tests.yml | 1 + .github/workflows/extra-rule-validation.yml | 1 + .github/workflows/tooling-unit-tests.yml | 1 + .github/workflows/validate-package-files.yml | 1 + .github/workflows/validate-query-help.yml | 1 + .github/workflows/validate-query-test-case-formatting.yml | 1 + .../PossibleDataRaceBetweenThreadsShared.qll | 2 +- .../PossibleDataRaceBetweenThreadsShared.expected | 2 -- .../rules/possibledataracebetweenthreadsshared/test.cpp | 6 +++--- 9 files changed, 10 insertions(+), 6 deletions(-) diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 7ec7e53a79..3d8212190c 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -15,6 +15,7 @@ on: - main - next - "rc/**" + - michaelrfairhurst/package-undefined-behavior jobs: diff --git a/.github/workflows/extra-rule-validation.yml b/.github/workflows/extra-rule-validation.yml index 9f74ae6574..960ebe722a 100644 --- a/.github/workflows/extra-rule-validation.yml +++ b/.github/workflows/extra-rule-validation.yml @@ -15,6 +15,7 @@ on: - main - "rc/**" - next + - michaelrfairhurst/package-undefined-behavior jobs: diff --git a/.github/workflows/tooling-unit-tests.yml b/.github/workflows/tooling-unit-tests.yml index aec9f5dd78..e2b690c76c 100644 --- a/.github/workflows/tooling-unit-tests.yml +++ b/.github/workflows/tooling-unit-tests.yml @@ -15,6 +15,7 @@ on: - main - "rc/**" - next + - michaelrfairhurst/package-undefined-behavior jobs: prepare-supported-codeql-env-matrix: diff --git a/.github/workflows/validate-package-files.yml b/.github/workflows/validate-package-files.yml index 3e53fc9650..c0f2eb7f00 100644 --- a/.github/workflows/validate-package-files.yml +++ b/.github/workflows/validate-package-files.yml @@ -9,6 +9,7 @@ on: - main - next - "rc/**" + - michaelrfairhurst/package-undefined-behavior jobs: validate-package-files: diff --git a/.github/workflows/validate-query-help.yml b/.github/workflows/validate-query-help.yml index 8ac04f1ba9..6f4bd36e8b 100644 --- a/.github/workflows/validate-query-help.yml +++ b/.github/workflows/validate-query-help.yml @@ -9,6 +9,7 @@ on: - main - next - "rc/**" + - michaelrfairhurst/package-undefined-behavior jobs: validate-query-help-files: diff --git a/.github/workflows/validate-query-test-case-formatting.yml b/.github/workflows/validate-query-test-case-formatting.yml index 70151fbf48..f1586b90ce 100644 --- a/.github/workflows/validate-query-test-case-formatting.yml +++ b/.github/workflows/validate-query-test-case-formatting.yml @@ -9,6 +9,7 @@ on: - main - next - "rc/**" + - michaelrfairhurst/package-undefined-behavior env: XARGS_MAX_PROCS: 4 diff --git a/cpp/common/src/codingstandards/cpp/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.qll b/cpp/common/src/codingstandards/cpp/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.qll index b4aa239f65..966d6bcba3 100644 --- a/cpp/common/src/codingstandards/cpp/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.qll @@ -37,7 +37,7 @@ module PossibleDataRaceBetweenThreadsShared Date: Mon, 30 Mar 2026 17:10:05 -0700 Subject: [PATCH 6/6] Undo two more changes that were done for the right reason but on the wrong branch. --- .github/workflows/validate-query-formatting.yml | 1 + .../PossibleDataRaceBetweenThreadsShared.expected | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-query-formatting.yml b/.github/workflows/validate-query-formatting.yml index e059caeca7..bdd3145669 100644 --- a/.github/workflows/validate-query-formatting.yml +++ b/.github/workflows/validate-query-formatting.yml @@ -9,6 +9,7 @@ on: - main - next - "rc/**" + - michaelrfairhurst/package-undefined-behavior env: XARGS_MAX_PROCS: 4 diff --git a/c/common/test/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.expected b/c/common/test/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.expected index ca6c50128e..e1c0e9389d 100644 --- a/c/common/test/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.expected +++ b/c/common/test/rules/possibledataracebetweenthreadsshared/PossibleDataRaceBetweenThreadsShared.expected @@ -8,7 +8,6 @@ | test.c:82:3:82:7 | call to srand | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:82:3:82:7 | call to srand | srand | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:82:3:82:7 | call to srand | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:83:3:83:8 | call to getenv | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:83:3:83:8 | call to getenv | getenv | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:83:3:83:8 | call to getenv | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:84:3:84:10 | call to getenv_s | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:84:3:84:10 | call to getenv_s | getenv_s | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:84:3:84:10 | call to getenv_s | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | -| test.c:85:3:85:8 | call to strtok | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:85:3:85:8 | call to strtok | strtok | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:85:3:85:8 | call to strtok | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:86:3:86:10 | call to strerror | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:86:3:86:10 | call to strerror | strerror | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:86:3:86:10 | call to strerror | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:87:3:87:9 | call to asctime | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:87:3:87:9 | call to asctime | asctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:87:3:87:9 | call to asctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | | test.c:88:3:88:7 | call to ctime | Threaded call to non-reentrant function $@ not synchronized from thread function $@ spawned from a loop. | test.c:88:3:88:7 | call to ctime | ctime | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs | test.c:88:3:88:7 | call to ctime | concurrent call to non-reentrant function | test.c:78:6:78:43 | many_thread13_calls_nonreentrant_funcs | many_thread13_calls_nonreentrant_funcs |