C++: Fix BMN issue with cpp/integer-multiplication-cast-to-long.#21457
C++: Fix BMN issue with cpp/integer-multiplication-cast-to-long.#21457geoffw0 wants to merge 4 commits intogithub:mainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds a reusable helper on Function to detect functions with non-unique return-type extraction (seen in build-mode-none databases), and documents the fix via a C++ change note.
Changes:
- Add
Function::hasAmbiguousReturnType()predicate to detect non-unique extracted return types. - Add a C++ change note entry describing the fix for
cpp/integer-multiplication-cast-to-long.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| cpp/ql/lib/semmle/code/cpp/Function.qll | Introduces a new Function predicate for identifying ambiguous/non-unique return types. |
| cpp/ql/src/change-notes/2026-03-11-integer-multiplication-cast-to-long.md | Adds a release note for the query fix (but contains a build-mode wording typo). |
You can also share your feedback on Copilot code review. Take the survey.
| --- | ||
| category: minorAnalysis | ||
| --- | ||
| * Fixed an issue with the "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query causing false positive results in Build Mode Node databases. |
There was a problem hiding this comment.
"Build Mode Node" looks like a typo and doesn’t match the terminology used elsewhere (for example, "build mode none"). Consider changing this to "Build Mode None" (or "build mode none" to match the CLI flag) to avoid confusion in the release note.
| * Fixed an issue with the "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query causing false positive results in Build Mode Node databases. | |
| * Fixed an issue with the "Multiplication result converted to larger type" (`cpp/integer-multiplication-cast-to-long`) query causing false positive results in build mode `none` databases. |
| * Holds if this function has ambiguous return type (this occurs sometimes in | ||
| * Build Mode None). |
There was a problem hiding this comment.
The doc comment is a bit unclear/grammatically off: consider “has an ambiguous return type” and clarify what “ambiguous” means here (for example, whether it includes functions with zero extracted return types as well as multiple). Also consider aligning capitalization/wording with existing comments that refer to “build mode none”.
| * Holds if this function has ambiguous return type (this occurs sometimes in | |
| * Build Mode None). | |
| * Holds if this function has an ambiguous return type, meaning that zero or | |
| * multiple return types were extracted (this can occur in build mode none). |
There was a problem hiding this comment.
We might want to standardize this. In Compilation we use phrasing like "using the "none" build mode", and in the change notes we use build-mode: none.
| * Holds if this function has ambiguous return type (this occurs sometimes in | ||
| * Build Mode None). |
There was a problem hiding this comment.
We might want to standardize this. In Compilation we use phrasing like "using the "none" build mode", and in the change notes we use build-mode: none.
Fix an issue with
cpp/integer-multiplication-cast-to-longin Build Mode Node databases. The test was inspired by a case inbminor_glibcwherefabsfhad two return types in the database (floatandint, implying interference from an implicit definition perhaps?). The fix has been made a new predicate ofFunction, since I anticipate this issue may surface again in a couple of other queries involving types.