Merge branch 'main' into html_safe

Author: erik-krogh

cpp/ql/src/Best Practices/Unused Entities/UnusedStaticFunctions.ql

@@ -13,16 +13,32 @@
 
 import cpp
 
+pragma[noinline]
+predicate possiblyIncompleteFile(File f) {
+  exists(Diagnostic d | d.getFile() = f and d.getSeverity() >= 3)
+}
+
 predicate immediatelyReachableFunction(Function f) {
-  not f.isStatic() or
-  exists(BlockExpr be | be.getFunction() = f) or
-  f instanceof MemberFunction or
-  f instanceof TemplateFunction or
-  f.getFile() instanceof HeaderFile or
-  f.getAnAttribute().hasName("constructor") or
-  f.getAnAttribute().hasName("destructor") or
-  f.getAnAttribute().hasName("used") or
+  not f.isStatic()
+  or
+  exists(BlockExpr be | be.getFunction() = f)
+  or
+  f instanceof MemberFunction
+  or
+  f instanceof TemplateFunction
+  or
+  f.getFile() instanceof HeaderFile
+  or
+  f.getAnAttribute().hasName("constructor")
+  or
+  f.getAnAttribute().hasName("destructor")
+  or
+  f.getAnAttribute().hasName("used")
+  or
   f.getAnAttribute().hasName("unused")
+  or
+  // a compiler error in the same file suggests we may be missing data
+  possiblyIncompleteFile(f.getFile())
 }
 
 predicate immediatelyReachableVariable(Variable v) {

cpp/ql/src/change-notes/2022-09-21-unused-static-function.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Fixed false positives from the "Unused static function" (`cpp/unused-static-function`) query in files that had errors during compilation.

cpp/ql/test/query-tests/Best Practices/Unused Entities/UnusedStaticFunctions/extraction_error.c

@@ -0,0 +1,15 @@
+// semmle-extractor-options: --expect_errors
+
+static void my_function1_called() {} // GOOD
+static void my_function2_called_after_error() {} // GOOD
+static void my_function3_not_called() {} // BAD [NOT DETECTED]
+
+int main(void) {
+	my_function1_called();
+
+--- compilation stops here because this line is not valid C code ---
+
+	my_function2_called_after_error();
+
+	return 0;
+}

cpp/ql/test/query-tests/Best Practices/Unused Entities/UnusedStaticFunctions/unused_static_functions.cpp

@@ -33,3 +33,16 @@ static void f6(void);
 static void f5(void) { f6(); }
 static void f6(void) { f5(); }
 
+// f7 and f8 are reachable from `function_caller` 
+static int f7() { return 1; } // GOOD
+static void f8() { } // GOOD
+
+void function_caller()
+{
+	auto my_lambda = []() {
+		return f7();
+	}();
+
+	f8();
+}
+

docs/codeql/support/reusables/frameworks.rst

@@ -260,4 +260,16 @@ and the CodeQL library pack ``codeql/ruby-all`` (`changelog <https://github.com/
    :widths: auto
 
    Name, Category
+   excon, HTTP client
+   faraday, HTTP client
+   http_client, HTTP client
+   httparty, HTTP client
+   libxml-ruby, XML processing library
+   nokogiri, XML processing library
+   open-uri, HTTP client
+   posix-spawn, Utility library
+   rest-client, HTTP client
    Ruby on Rails, Web framework
+   rubyzip, Compression library
+   typhoeus, HTTP client
+

java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt

@@ -0,0 +1,84 @@
+test.kt:
+#    0| [CompilationUnit] test
+#    1|   1: [Interface] Ann
+#    1|     1: [Constructor] Ann
+#-----|       4: (Parameters)
+#    1|         0: [Parameter] arr1
+#    1|           0: [TypeAccess] String[]
+#    1|             0: [TypeAccess] String
+#    1|         1: [Parameter] arr2
+#    1|           0: [TypeAccess] int[]
+#    1|       5: [BlockStmt] { ... }
+#    1|         0: [SuperConstructorInvocationStmt] super(...)
+#    1|         1: [BlockStmt] { ... }
+#    1|           0: [ExprStmt] <Expr>;
+#    1|             0: [KtInitializerAssignExpr] ...=...
+#    1|               0: [VarAccess] arr1
+#    1|           1: [ExprStmt] <Expr>;
+#    1|             0: [KtInitializerAssignExpr] ...=...
+#    1|               0: [VarAccess] arr2
+#    1|     2: [Constructor] Ann
+#-----|       4: (Parameters)
+#    1|         0: [Parameter] p0
+#    1|           0: [TypeAccess] String[]
+#    1|         1: [Parameter] p1
+#    1|           0: [TypeAccess] int[]
+#    1|         2: [Parameter] p2
+#    1|           0: [TypeAccess] int
+#    1|         3: [Parameter] p3
+#    1|           0: [TypeAccess] DefaultConstructorMarker
+#    1|       5: [BlockStmt] { ... }
+#    1|         0: [IfStmt] if (...)
+#    1|           0: [EQExpr] ... == ...
+#    1|             0: [AndBitwiseExpr] ... & ...
+#    1|               0: [IntegerLiteral] 1
+#    1|               1: [VarAccess] p2
+#    1|             1: [IntegerLiteral] 0
+#    1|           1: [ExprStmt] <Expr>;
+#    1|             0: [AssignExpr] ...=...
+#    1|               0: [VarAccess] p0
+#    0|               1: [ArrayCreationExpr] new String[]
+#    0|                 -2: [ArrayInit] {...}
+#    0|                   0: [StringLiteral] hello
+#    0|                   1: [StringLiteral] world
+#    0|                 -1: [TypeAccess] String
+#    0|                 0: [IntegerLiteral] 2
+#    1|         1: [IfStmt] if (...)
+#    1|           0: [EQExpr] ... == ...
+#    1|             0: [AndBitwiseExpr] ... & ...
+#    1|               0: [IntegerLiteral] 2
+#    1|               1: [VarAccess] p2
+#    1|             1: [IntegerLiteral] 0
+#    1|           1: [ExprStmt] <Expr>;
+#    1|             0: [AssignExpr] ...=...
+#    1|               0: [VarAccess] p1
+#    0|               1: [ArrayCreationExpr] new int[]
+#    0|                 -2: [ArrayInit] {...}
+#    0|                   0: [IntegerLiteral] 1
+#    0|                   1: [IntegerLiteral] 2
+#    0|                   2: [IntegerLiteral] 3
+#    0|                 -1: [TypeAccess] int
+#    0|                 0: [IntegerLiteral] 3
+#    1|         2: [ThisConstructorInvocationStmt] this(...)
+#    1|           0: [VarAccess] p0
+#    1|           1: [VarAccess] p1
+#    1|     3: [FieldDeclaration] String[] arr1;
+#    1|       -1: [TypeAccess] String[]
+#    1|         0: [TypeAccess] String
+#    1|       0: [VarAccess] arr1
+#    1|     4: [Method] arr1
+#    1|       3: [TypeAccess] String[]
+#    1|         0: [TypeAccess] String
+#    1|       5: [BlockStmt] { ... }
+#    1|         0: [ReturnStmt] return ...
+#    1|           0: [VarAccess] this.arr1
+#    1|             -1: [ThisAccess] this
+#    1|     5: [Method] arr2
+#    1|       3: [TypeAccess] int[]
+#    1|       5: [BlockStmt] { ... }
+#    1|         0: [ReturnStmt] return ...
+#    1|           0: [VarAccess] this.arr2
+#    1|             -1: [ThisAccess] this
+#    1|     6: [FieldDeclaration] int[] arr2;
+#    1|       -1: [TypeAccess] int[]
+#    1|       0: [VarAccess] arr2

java/ql/test/kotlin/library-tests/collection-literals/PrintAst.expected

@@ -0,0 +1 @@
+semmle/code/java/PrintAst.ql

java/ql/test/kotlin/library-tests/collection-literals/PrintAst.qlref

@@ -0,0 +1 @@
+annotation class Ann(val arr1: Array<String> = ["hello", "world"], val arr2: IntArray = [1, 2, 3]) { }

java/ql/test/kotlin/library-tests/collection-literals/test.kt

@@ -1,5 +1,5 @@
 methods
-| clinit.kt:0:0:0:0 | ClinitKt | clinit.kt:0:0:0:0 | <clinit> | <clinit>() |  | Compiler generated |
+| clinit.kt:0:0:0:0 | ClinitKt | clinit.kt:0:0:0:0 | <clinit> | <clinit>() | static | Compiler generated |
 | clinit.kt:0:0:0:0 | ClinitKt | clinit.kt:3:1:3:24 | getTopLevelInt | getTopLevelInt() | public, static | Compiler generated |
 | clinit.kt:0:0:0:0 | ClinitKt | clinit.kt:3:1:3:24 | setTopLevelInt | setTopLevelInt(int) | public, static | Compiler generated |
 | dataClass.kt:1:1:1:47 | DataClass | dataClass.kt:0:0:0:0 | component1 | component1() | public | Compiler generated |
@@ -25,11 +25,11 @@ methods
 | delegates.kt:8:32:11:5 | new KMutableProperty1<MyClass,String>(...) { ... } | delegates.kt:8:32:11:5 | set | set(MyClass,java.lang.String) | override, public |  |
 | delegates.kt:8:32:11:5 | new KMutableProperty1<MyClass,String>(...) { ... } | delegates.kt:8:32:11:5 | set | set(MyClass,java.lang.String) | override, public |  |
 | delegates.kt:8:66:11:5 | new Function3<KProperty<?>,String,String,Unit>(...) { ... } | delegates.kt:8:66:11:5 | invoke | invoke(kotlin.reflect.KProperty,java.lang.String,java.lang.String) | override, public |  |
-| enumClass.kt:1:1:4:1 | EnumClass | enumClass.kt:0:0:0:0 | <clinit> | <clinit>() |  | Compiler generated |
+| enumClass.kt:1:1:4:1 | EnumClass | enumClass.kt:0:0:0:0 | <clinit> | <clinit>() | static | Compiler generated |
 | enumClass.kt:1:1:4:1 | EnumClass | enumClass.kt:0:0:0:0 | valueOf | valueOf(java.lang.String) | public, static | Compiler generated |
 | enumClass.kt:1:1:4:1 | EnumClass | enumClass.kt:0:0:0:0 | values | values() | public, static | Compiler generated |
 | enumClass.kt:1:1:4:1 | EnumClass | enumClass.kt:1:22:1:31 | getV | getV() | public | Compiler generated |
-| enumClass.kt:6:1:16:1 | EnumWithFunctions | enumClass.kt:0:0:0:0 | <clinit> | <clinit>() |  | Compiler generated |
+| enumClass.kt:6:1:16:1 | EnumWithFunctions | enumClass.kt:0:0:0:0 | <clinit> | <clinit>() | static | Compiler generated |
 | enumClass.kt:6:1:16:1 | EnumWithFunctions | enumClass.kt:0:0:0:0 | valueOf | valueOf(java.lang.String) | public, static | Compiler generated |
 | enumClass.kt:6:1:16:1 | EnumWithFunctions | enumClass.kt:0:0:0:0 | values | values() | public, static | Compiler generated |
 | enumClass.kt:6:1:16:1 | EnumWithFunctions | enumClass.kt:13:12:13:29 | f | f(int) | public |  |