Add enumFitsInType and related test cases

Author: jeongsoolee09

cpp/misra/src/rules/RULE-10-2-3/UnscopedEnumWithoutFixedUnderlyingTypeUsed.ql

@@ -82,7 +82,8 @@ predicate relationalEqualityOperationUsesUnscopedUnfixedEnum(RelationalEqualityB
      */
 
     leftOperandType = binOp.getLeftOperand().getExplicitlyConverted().getUnderlyingType() and
-    rightOperandType = binOp.getRightOperand().getExplicitlyConverted().getUnderlyingType() and
+    rightOperandType = binOp.getRightOperand().getExplicitlyConverted().getUnderlyingType()
+  |
     (
       isUnscopedEnumWithoutFixedUnderlyingType(leftOperandType)
       or
@@ -105,7 +106,63 @@ predicate compoundAssignmentUsesUnscopedUnfixedEnum(
   isUnscopedEnumWithoutFixedUnderlyingType(compoundAssignment.getAnOperand().getUnderlyingType())
 }
 
-predicate assignmentSourceIsUnscopedUnfixedEnum(AssignExpr assign) { none() }
+predicate assignmentSourceIsUnscopedUnfixedEnum(AssignExpr assign) {
+  isUnscopedEnumWithoutFixedUnderlyingType(assign.getRValue().getUnderlyingType())
+}
+
+/**
+ * Gets the minimum number of bits required to hold all values of enum `e`.
+ */
+int enumMinBits(Enum e, boolean signed) {
+  exists(QlBuiltins::BigInt minVal, QlBuiltins::BigInt maxVal |
+    minVal = min(EnumConstant c | c.getDeclaringEnum() = e | c.getValue().toBigInt()) and
+    maxVal = max(EnumConstant c | c.getDeclaringEnum() = e | c.getValue().toBigInt())
+  |
+    // 8 bits: signed [-128, 127] or unsigned [0, 255]
+    if minVal >= "-128".toBigInt() and maxVal <= "127".toBigInt()
+    then result = 8 and signed = true
+    else
+      if minVal >= "0".toBigInt() and maxVal <= "255".toBigInt()
+      then (
+        result = 8 and signed = false
+      ) else
+        // 16 bits: signed [-32768, 32767] or unsigned [0, 65535]
+        if minVal >= "-32768".toBigInt() and maxVal <= "32767".toBigInt()
+        then (
+          result = 16 and signed = true
+        ) else
+          if minVal >= "0".toBigInt() and maxVal <= "65535".toBigInt()
+          then (
+            result = 16 and signed = false
+          ) else
+            // 32 bits: signed [-2147483648, 2147483647] or unsigned [0, 4294967295]
+            if minVal >= "-2147483648".toBigInt() and maxVal <= "2147483647".toBigInt()
+            then (
+              result = 32 and signed = true
+            ) else
+              if minVal >= "0".toBigInt() and maxVal <= "4294967295".toBigInt()
+              then (
+                result = 32 and signed = false
+              ) else (
+                // 64 bits: everything else
+                result = 64 and signed = true
+              )
+  )
+}
+
+/**
+ * Holds if the enum `e` can fit in an integral type `type`.
+ */
+predicate enumFitsInType(Enum e, IntegralType type) {
+  exists(int minBits, boolean signed | minBits = enumMinBits(e, signed) |
+    type.getSize() * 8 = minBits and
+    (
+      signed = true and type.isSigned()
+      or
+      signed = false and type.isUnsigned()
+    )
+  )
+}
 
 predicate staticCastSourceIsUnscopedUnfixedEnumVariant(StaticCast cast) { none() }
 

cpp/misra/test/rules/RULE-10-2-3/test.cpp

@@ -2,10 +2,20 @@
 
 /* ========== 1. Fixtures ========== */
 
-// Unscoped, no fixed type
+// Unscoped, no fixed type - narrowest possible: char
 enum Unfixed { U0, U1, U2 };
 enum Unfixed2 { V0 = 10, V1, V2 };
 
+// Unscoped, no fixed type - narrowest possible: std::int16_t (needs > 127
+// signed)
+enum UnfixedMedium { UM0 = -1, UM1 = 1000 };
+
+// Unscoped, no fixed type - narrowest possible: std::uint32_t
+enum UnfixedLargeU { ULU0 = 0x7FFFFFFF, ULU1 };
+
+// Unscoped, no fixed type - narrowest possible: std::int64_t
+enum UnfixedLargeS { ULS0 = -1, ULS1 = 0x80000000 };
+
 // Unscoped, with fixed type
 enum Fixed : std::int32_t { F0 = 20, F1, F2 };
 enum Fixed2 : std::int32_t { G0 = 30, G1, G2 };
@@ -16,9 +26,6 @@ enum class Scoped { S0, S1, S2 };
 // Scoped, with fixed type
 enum class ScopedFixed : std::int32_t { SF0, SF1, SF2 };
 
-// Unscoped, no fixed type, large values
-enum UnfixedLarge { UL0 = 0x7FFFFFFF, UL1 };
-
 /* ========== 2. Arithmetic operators ========== */
 
 void arithmetic() {
@@ -121,19 +128,47 @@ void relational() {
 /* ========== 8. Assignment ========== */
 
 void assignment() {
-  Unfixed u = U0;
+  Unfixed u = U0;           // Narrowest: char
+  UnfixedMedium um = UM0;   // Narrowest: std::int16_t
+  UnfixedLargeU ulu = ULU0; // Narrowest: std::uint32_t
+  UnfixedLargeS uls = ULS0; // Narrowest: std::int64_t
   Fixed f = F0;
 
-  std::int32_t i32;
   std::int8_t i8;
+  std::int16_t i16;
+  std::int32_t i32;
+  std::uint32_t u32;
   std::int64_t i64;
 
-  i32 = u; // COMPLIANT: std::int32_t large enough
-  i64 = u; // COMPLIANT: std::int64_t large enough
-  i8 = u;  // NON_COMPLIANT: std::int8_t might not hold all values
-
-  i32 = f; // COMPLIANT: fixed underlying type
+  // Unfixed { U0, U1, U2 } - narrowest: char
+  i8 = u;  // COMPLIANT: std::int8_t >= char
+  i16 = u; // COMPLIANT: std::int16_t >= char
+  i32 = u; // COMPLIANT: std::int32_t >= char
+  i64 = u; // COMPLIANT: std::int64_t >= char
+
+  // UnfixedMedium { UM0 = -1, UM1 = 1000 } - narrowest: std::int16_t
+  i8 = um;  // NON_COMPLIANT: std::int8_t < std::int16_t
+  i16 = um; // COMPLIANT: std::int16_t >= std::int16_t
+  i32 = um; // COMPLIANT: std::int32_t >= std::int16_t
+  i64 = um; // COMPLIANT: std::int64_t >= std::int16_t
+
+  // UnfixedLargeU { ULU0 = 0x7FFFFFFF, ULU1 } - narrowest: std::uint32_t
+  i8 = ulu;  // NON_COMPLIANT: std::int8_t < std::uint32_t
+  i16 = ulu; // NON_COMPLIANT: std::int16_t < std::uint32_t
+  i32 = ulu; // NON_COMPLIANT: std::int32_t < std::uint32_t (signed vs unsigned)
+  u32 = ulu; // COMPLIANT: std::uint32_t >= std::uint32_t
+  i64 = ulu; // COMPLIANT: std::int64_t >= std::uint32_t
+
+  // UnfixedLargeS { ULS0 = -1, ULS1 = 0x80000000 } - narrowest: std::int64_t
+  i8 = uls;  // NON_COMPLIANT: std::int8_t < std::int64_t
+  i16 = uls; // NON_COMPLIANT: std::int16_t < std::int64_t
+  i32 = uls; // NON_COMPLIANT: std::int32_t < std::int64_t
+  u32 = uls; // NON_COMPLIANT: std::uint32_t < std::int64_t
+  i64 = uls; // COMPLIANT: std::int64_t >= std::int64_t
+
+  // Fixed underlying type - rule doesn't apply
   i8 = f;  // COMPLIANT: fixed underlying type
+  i32 = f; // COMPLIANT: fixed underlying type
 
   Unfixed u2;
   u2 = u; // COMPLIANT: same enum type
@@ -179,25 +214,44 @@ void switch_statements() {
 /* ========== 10. static_cast FROM unfixed enum ========== */
 
 void static_cast_from_unfixed() {
-  Unfixed u = U0;
+  Unfixed u = U0;           // Narrowest: char
+  UnfixedMedium um = UM0;   // Narrowest: std::int16_t
+  UnfixedLargeU ulu = ULU0; // Narrowest: std::uint32_t
+  UnfixedLargeS uls = ULS0; // Narrowest: std::int64_t
 
   // Target is same enumeration type
   static_cast<Unfixed>(u); // COMPLIANT: same enum type
 
-  // Target is integer type large enough
-  static_cast<int>(u);          // COMPLIANT: int guaranteed large enough
-  static_cast<long>(u);         // COMPLIANT: long >= int
-  static_cast<std::int64_t>(u); // COMPLIANT: std::int64_t >= int
-  static_cast<unsigned int>(u); // COMPLIANT: unsigned int large enough
-
-  // Target is integer type that might not be large enough
-  static_cast<std::int8_t>(
-      u); // NON_COMPLIANT: std::int8_t might not hold all values
-  static_cast<std::uint8_t>(
-      u); // NON_COMPLIANT: std::uint8_t might not hold all values
-  static_cast<std::int16_t>(
-      u);               // NON_COMPLIANT: std::int16_t might not hold all values
-  static_cast<char>(u); // NON_COMPLIANT: char might not hold all values
+  // Unfixed { U0, U1, U2 } - narrowest: char
+  static_cast<std::int8_t>(u);  // COMPLIANT: std::int8_t >= char
+  static_cast<std::int16_t>(u); // COMPLIANT: std::int16_t >= char
+  static_cast<std::int32_t>(u); // COMPLIANT: std::int32_t >= char
+  static_cast<std::int64_t>(u); // COMPLIANT: std::int64_t >= char
+  static_cast<int>(u);          // COMPLIANT: int >= char
+  static_cast<long>(u);         // COMPLIANT: long >= char
+  static_cast<unsigned int>(u); // COMPLIANT: unsigned int >= char
+
+  // UnfixedMedium { UM0 = -1, UM1 = 1000 } - narrowest: std::int16_t
+  static_cast<std::int8_t>(um);  // NON_COMPLIANT: std::int8_t < std::int16_t
+  static_cast<char>(um);         // NON_COMPLIANT: char < std::int16_t
+  static_cast<std::int16_t>(um); // COMPLIANT: std::int16_t >= std::int16_t
+  static_cast<std::int32_t>(um); // COMPLIANT: std::int32_t >= std::int16_t
+  static_cast<std::int64_t>(um); // COMPLIANT: std::int64_t >= std::int16_t
+
+  // UnfixedLargeU { ULU0 = 0x7FFFFFFF, ULU1 } - narrowest: std::uint32_t
+  static_cast<std::int8_t>(ulu);  // NON_COMPLIANT: std::int8_t < std::uint32_t
+  static_cast<std::int16_t>(ulu); // NON_COMPLIANT: std::int16_t < std::uint32_t
+  static_cast<std::int32_t>(ulu); // NON_COMPLIANT: std::int32_t < std::uint32_t
+  static_cast<std::uint32_t>(ulu); // COMPLIANT: std::uint32_t >= std::uint32_t
+  static_cast<std::int64_t>(ulu);  // COMPLIANT: std::int64_t >= std::uint32_t
+
+  // UnfixedLargeS { ULS0 = -1, ULS1 = 0x80000000 } - narrowest: std::int64_t
+  static_cast<std::int8_t>(uls);  // NON_COMPLIANT: std::int8_t < std::int64_t
+  static_cast<std::int16_t>(uls); // NON_COMPLIANT: std::int16_t < std::int64_t
+  static_cast<std::int32_t>(uls); // NON_COMPLIANT: std::int32_t < std::int64_t
+  static_cast<std::uint32_t>(
+      uls);                       // NON_COMPLIANT: std::uint32_t < std::int64_t
+  static_cast<std::int64_t>(uls); // COMPLIANT: std::int64_t >= std::int64_t
 
   // Target is different enumeration type
   static_cast<Unfixed2>(u); // NON_COMPLIANT: different enum type
@@ -287,7 +341,6 @@ void cross_enum_relational() {
 
   // Unfixed vs Scoped - with cast
   u == static_cast<int>(s); // NON_COMPLIANT: unfixed enum compared to int
-
   static_cast<int>(u) == static_cast<int>(s); // COMPLIANT: comparing ints
 
   // Fixed vs Scoped - with cast
@@ -411,4 +464,4 @@ class C1 {
   }
 };
 
-int main() { return 0; }
+int main() { return 0; }