Skip to content

DCL60-CPP: no alerts reported #310

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
mbaluda opened this issue May 22, 2023 · 2 comments
Open

DCL60-CPP: no alerts reported #310

mbaluda opened this issue May 22, 2023 · 2 comments
Labels
Difficulty-High A false positive or false negative report which is expected to take 1+ week effort to address Impact-Low Stardard-CERT-C++ test-improvement An issue related to improving the test cases for a rule

Comments

@mbaluda
Copy link
Contributor

mbaluda commented May 22, 2023

Affected rules

  • DCL60-CPP

Description

No alert is reported by this query.
Even lines marked as COMPLIANT[FALSE_POSITIVE] in the test cases do not appear in the .expected file
@mbaluda mbaluda added the false positive/false negative An issue related to observed false positives or false negatives. label May 22, 2023
@lcartey lcartey added Difficulty-Medium A false positive or false negative report which is expected to take 1-5 days effort to address Impact-Medium Impact-Low and removed Impact-Medium labels May 26, 2023
@lcartey
Copy link
Collaborator

lcartey commented May 26, 2023

This rule only reports ODR violations where we are sure the two definitions coexist through static linking. Otherwise we could report false positive where multiple programs are represented in the same database that happen to have the same signature, but are never linked.

Unfortunately, there are limitations in our unit and compiler testing framework that made this rule difficult to test, because the test cases consist of separate translation units that are never linked together. ODR violations that don't span translation units are typically detected and rejected by the compiler, which makes it tricky to write a valid test case.

@lcartey lcartey added test-improvement An issue related to improving the test cases for a rule Difficulty-High A false positive or false negative report which is expected to take 1+ week effort to address Impact-Low and removed Difficulty-Medium A false positive or false negative report which is expected to take 1-5 days effort to address Impact-Low false positive/false negative An issue related to observed false positives or false negatives. labels May 26, 2023
@lcartey
Copy link
Collaborator

lcartey commented May 26, 2023

Re-categorising as a test improvement.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Difficulty-High A false positive or false negative report which is expected to take 1+ week effort to address Impact-Low Stardard-CERT-C++ test-improvement An issue related to improving the test cases for a rule
Projects
Coding Standards Public Development Board
Status: No status
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MichaelRFairhurst @mbaluda @lcartey