Enforce loop counter to be variable access and add tests

jeongsoolee09 · jeongsoolee09 · commit 15be0109ebb4 · 2025-11-05T15:02:39.000-05:00
diff --git a/cpp/common/src/codingstandards/cpp/Loops.qll b/cpp/common/src/codingstandards/cpp/Loops.qll
@@ -390,13 +390,10 @@ class LegacyForLoopCondition extends RelationalOperation {
 
   LegacyForLoopCondition() {
     this = forLoop.getCondition() and
-    exists(Expr loopCounterExpr |
-      loopCounterExpr = this.getAnOperand() and
-      loopBound = this.getAnOperand() and
-      loopCounter = loopCounterExpr.getAChild*() and
-      loopCounter.getTarget() = getAnIterationVariable(forLoop) and
-      loopBound != loopCounterExpr
-    )
+    loopCounter = this.getAnOperand() and
+    loopBound = this.getAnOperand() and
+    loopCounter.getTarget() = getAnIterationVariable(forLoop) and
+    loopBound != loopCounter
   }
 
   /**
diff --git a/cpp/misra/test/rules/RULE-9-5-1/LegacyForStatementsShouldBeSimple.expected b/cpp/misra/test/rules/RULE-9-5-1/LegacyForStatementsShouldBeSimple.expected
@@ -1,45 +1,48 @@
-| test.cpp:24:3:26:3 | for(...;...;...) ... | The $@ is not of an integer type. | test.cpp:24:14:24:14 | i | counter variable | test.cpp:24:14:24:14 | i | N/A |
-| test.cpp:33:3:35:3 | for(...;...;...) ... | The $@ does not determine termination based only on a comparison against the value of the counter variable. | test.cpp:33:19:33:25 | ... == ... | loop condition | test.cpp:33:19:33:25 | ... == ... | N/A |
-| test.cpp:37:3:39:3 | for(...;...;...) ... | The $@ does not determine termination based only on a comparison against the value of the counter variable. | test.cpp:37:19:37:24 | ... < ... | loop condition | test.cpp:37:19:37:24 | ... < ... | N/A |
-| test.cpp:78:3:80:3 | for(...;...;...) ... | The $@ is not updated with an $@ other than addition or subtraction. | test.cpp:78:12:78:12 | i | counter variable | test.cpp:79:8:79:13 | ... *= ... | expression |
-| test.cpp:92:3:95:3 | for(...;...;...) ... | The $@ has a smaller type than that of the $@. | test.cpp:92:21:92:21 | i | counter variable | test.cpp:92:25:92:53 | call to max | loop bound |
-| test.cpp:117:3:120:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:118:13:118:13 | j | loop step | test.cpp:119:5:119:5 | j | mutated |
-| test.cpp:122:3:124:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:123:13:123:13 | j | loop step | test.cpp:123:16:123:16 | j | mutated |
-| test.cpp:122:3:124:3 | for(...;...;...) ... | The $@ is not updated with an $@ other than addition or subtraction. | test.cpp:122:12:122:12 | i | counter variable | test.cpp:123:8:123:18 | ... , ... | expression |
-| test.cpp:134:3:137:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:134:23:134:23 | j | loop bound | test.cpp:136:5:136:5 | j | mutated |
-| test.cpp:139:3:141:3 | for(...;...;...) ... | The $@ is a $@. | test.cpp:139:23:139:25 | ... ++ | loop bound | test.cpp:139:23:139:25 | ... ++ | non-const expression |
-| test.cpp:139:3:141:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:139:23:139:23 | j | loop bound | test.cpp:139:23:139:23 | j | mutated |
-| test.cpp:143:3:145:3 | for(...;...;...) ... | The $@ is a $@. | test.cpp:143:25:143:27 | ... ++ | loop bound | test.cpp:143:25:143:27 | ... ++ | non-const expression |
-| test.cpp:143:3:145:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:143:25:143:25 | j | loop bound | test.cpp:143:25:143:25 | j | mutated |
-| test.cpp:143:3:145:3 | for(...;...;...) ... | The $@ may be mutated in a location other than its update expression. | test.cpp:143:12:143:12 | i | counter variable | test.cpp:143:12:143:12 | i | N/A |
-| test.cpp:149:3:152:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:149:23:149:23 | k | loop bound | test.cpp:151:15:151:15 | k | mutated |
-| test.cpp:154:3:157:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:155:13:155:13 | l | loop step | test.cpp:156:15:156:15 | l | mutated |
-| test.cpp:159:3:161:3 | for(...;...;...) ... | The $@ is a $@. | test.cpp:159:23:159:24 | call to h1 | loop bound | test.cpp:159:23:159:24 | call to h1 | non-const expression |
-| test.cpp:167:3:169:3 | for(...;...;...) ... | The $@ is a $@. | test.cpp:168:13:168:14 | call to h1 | loop step | test.cpp:168:13:168:14 | call to h1 | non-const expression |
-| test.cpp:182:3:185:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:182:19:182:19 | i | loop counter | test.cpp:182:19:182:19 | i | N/A |
-| test.cpp:187:3:190:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:187:19:187:19 | i | loop counter | test.cpp:187:19:187:19 | i | N/A |
-| test.cpp:202:3:205:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:202:19:202:19 | i | loop counter | test.cpp:202:19:202:19 | i | N/A |
-| test.cpp:207:3:210:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:207:23:207:23 | k | loop bound | test.cpp:207:23:207:23 | k | N/A |
-| test.cpp:212:3:215:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:212:23:212:23 | k | loop bound | test.cpp:212:23:212:23 | k | N/A |
-| test.cpp:227:3:230:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:227:23:227:23 | k | loop bound | test.cpp:227:23:227:23 | k | N/A |
-| test.cpp:232:3:235:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:232:31:232:31 | l | loop step | test.cpp:232:31:232:31 | l | N/A |
-| test.cpp:237:3:240:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:237:31:237:31 | l | loop step | test.cpp:237:31:237:31 | l | N/A |
-| test.cpp:252:3:255:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:252:31:252:31 | l | loop step | test.cpp:252:31:252:31 | l | N/A |
-| test.cpp:257:3:260:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:257:19:257:19 | i | loop counter | test.cpp:257:19:257:19 | i | N/A |
-| test.cpp:257:3:260:3 | for(...;...;...) ... | The $@ may be mutated in a location other than its update expression. | test.cpp:257:12:257:12 | i | counter variable | test.cpp:257:12:257:12 | i | N/A |
-| test.cpp:262:3:265:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:262:19:262:19 | i | loop counter | test.cpp:262:19:262:19 | i | N/A |
-| test.cpp:262:3:265:3 | for(...;...;...) ... | The $@ may be mutated in a location other than its update expression. | test.cpp:262:12:262:12 | i | counter variable | test.cpp:262:12:262:12 | i | N/A |
-| test.cpp:277:3:280:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:277:19:277:19 | i | loop counter | test.cpp:277:19:277:19 | i | N/A |
-| test.cpp:277:3:280:3 | for(...;...;...) ... | The $@ may be mutated in a location other than its update expression. | test.cpp:277:12:277:12 | i | counter variable | test.cpp:277:12:277:12 | i | N/A |
-| test.cpp:282:3:285:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:282:23:282:23 | k | loop bound | test.cpp:284:8:284:8 | k | mutated |
-| test.cpp:282:3:285:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:282:23:282:23 | k | loop bound | test.cpp:282:23:282:23 | k | N/A |
-| test.cpp:287:3:290:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:287:23:287:23 | k | loop bound | test.cpp:289:9:289:9 | k | mutated |
-| test.cpp:287:3:290:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:287:23:287:23 | k | loop bound | test.cpp:287:23:287:23 | k | N/A |
-| test.cpp:303:3:306:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:303:23:303:23 | k | loop bound | test.cpp:305:9:305:9 | k | mutated |
-| test.cpp:303:3:306:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:303:23:303:23 | k | loop bound | test.cpp:303:23:303:23 | k | N/A |
-| test.cpp:308:3:311:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:308:31:308:31 | l | loop step | test.cpp:310:8:310:8 | l | mutated |
-| test.cpp:308:3:311:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:308:31:308:31 | l | loop step | test.cpp:308:31:308:31 | l | N/A |
-| test.cpp:313:3:316:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:313:31:313:31 | l | loop step | test.cpp:315:9:315:9 | l | mutated |
-| test.cpp:313:3:316:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:313:31:313:31 | l | loop step | test.cpp:313:31:313:31 | l | N/A |
-| test.cpp:328:3:331:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:328:31:328:31 | l | loop step | test.cpp:330:9:330:9 | l | mutated |
-| test.cpp:328:3:331:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:328:31:328:31 | l | loop step | test.cpp:328:31:328:31 | l | N/A |
+| test.cpp:26:3:28:3 | for(...;...;...) ... | The $@ is not of an integer type. | test.cpp:26:14:26:14 | i | counter variable | test.cpp:26:14:26:14 | i | N/A |
+| test.cpp:35:3:37:3 | for(...;...;...) ... | The $@ does not determine termination based only on a comparison against the value of the counter variable. | test.cpp:35:19:35:25 | ... == ... | loop condition | test.cpp:35:19:35:25 | ... == ... | N/A |
+| test.cpp:39:3:41:3 | for(...;...;...) ... | The $@ does not determine termination based only on a comparison against the value of the counter variable. | test.cpp:39:19:39:24 | ... < ... | loop condition | test.cpp:39:19:39:24 | ... < ... | N/A |
+| test.cpp:55:3:58:3 | for(...;...;...) ... | The $@ does not determine termination based only on a comparison against the value of the counter variable. | test.cpp:55:19:55:28 | ... < ... | loop condition | test.cpp:55:19:55:28 | ... < ... | N/A |
+| test.cpp:60:3:63:3 | for(...;...;...) ... | The $@ does not determine termination based only on a comparison against the value of the counter variable. | test.cpp:60:19:60:27 | ... < ... | loop condition | test.cpp:60:19:60:27 | ... < ... | N/A |
+| test.cpp:65:3:68:3 | for(...;...;...) ... | The $@ does not determine termination based only on a comparison against the value of the counter variable. | test.cpp:65:19:65:27 | ... < ... | loop condition | test.cpp:65:19:65:27 | ... < ... | N/A |
+| test.cpp:65:3:68:3 | for(...;...;...) ... | The $@ may be mutated in a location other than its update expression. | test.cpp:65:12:65:12 | i | counter variable | test.cpp:65:12:65:12 | i | N/A |
+| test.cpp:107:3:109:3 | for(...;...;...) ... | The $@ is not updated with an $@ other than addition or subtraction. | test.cpp:107:12:107:12 | i | counter variable | test.cpp:108:8:108:13 | ... *= ... | expression |
+| test.cpp:121:3:124:3 | for(...;...;...) ... | The $@ has a smaller type than that of the $@. | test.cpp:121:21:121:21 | i | counter variable | test.cpp:121:25:121:53 | call to max | loop bound |
+| test.cpp:146:3:149:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:147:13:147:13 | j | loop step | test.cpp:148:5:148:5 | j | mutated |
+| test.cpp:151:3:153:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:152:13:152:13 | j | loop step | test.cpp:152:16:152:16 | j | mutated |
+| test.cpp:151:3:153:3 | for(...;...;...) ... | The $@ is not updated with an $@ other than addition or subtraction. | test.cpp:151:12:151:12 | i | counter variable | test.cpp:152:8:152:18 | ... , ... | expression |
+| test.cpp:163:3:166:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:163:23:163:23 | j | loop bound | test.cpp:165:5:165:5 | j | mutated |
+| test.cpp:168:3:170:3 | for(...;...;...) ... | The $@ is a $@. | test.cpp:168:23:168:25 | ... ++ | loop bound | test.cpp:168:23:168:25 | ... ++ | non-const expression |
+| test.cpp:168:3:170:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:168:23:168:23 | j | loop bound | test.cpp:168:23:168:23 | j | mutated |
+| test.cpp:172:3:174:3 | for(...;...;...) ... | The $@ does not determine termination based only on a comparison against the value of the counter variable. | test.cpp:172:19:172:27 | ... < ... | loop condition | test.cpp:172:19:172:27 | ... < ... | N/A |
+| test.cpp:172:3:174:3 | for(...;...;...) ... | The $@ may be mutated in a location other than its update expression. | test.cpp:172:12:172:12 | i | counter variable | test.cpp:172:12:172:12 | i | N/A |
+| test.cpp:178:3:181:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:178:23:178:23 | k | loop bound | test.cpp:180:15:180:15 | k | mutated |
+| test.cpp:183:3:186:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:184:13:184:13 | l | loop step | test.cpp:185:15:185:15 | l | mutated |
+| test.cpp:188:3:190:3 | for(...;...;...) ... | The $@ is a $@. | test.cpp:188:23:188:24 | call to h1 | loop bound | test.cpp:188:23:188:24 | call to h1 | non-const expression |
+| test.cpp:196:3:198:3 | for(...;...;...) ... | The $@ is a $@. | test.cpp:197:13:197:14 | call to h1 | loop step | test.cpp:197:13:197:14 | call to h1 | non-const expression |
+| test.cpp:211:3:214:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:211:19:211:19 | i | loop counter | test.cpp:211:19:211:19 | i | N/A |
+| test.cpp:216:3:219:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:216:19:216:19 | i | loop counter | test.cpp:216:19:216:19 | i | N/A |
+| test.cpp:231:3:234:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:231:19:231:19 | i | loop counter | test.cpp:231:19:231:19 | i | N/A |
+| test.cpp:236:3:239:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:236:23:236:23 | k | loop bound | test.cpp:236:23:236:23 | k | N/A |
+| test.cpp:241:3:244:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:241:23:241:23 | k | loop bound | test.cpp:241:23:241:23 | k | N/A |
+| test.cpp:256:3:259:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:256:23:256:23 | k | loop bound | test.cpp:256:23:256:23 | k | N/A |
+| test.cpp:261:3:264:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:261:31:261:31 | l | loop step | test.cpp:261:31:261:31 | l | N/A |
+| test.cpp:266:3:269:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:266:31:266:31 | l | loop step | test.cpp:266:31:266:31 | l | N/A |
+| test.cpp:281:3:284:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:281:31:281:31 | l | loop step | test.cpp:281:31:281:31 | l | N/A |
+| test.cpp:286:3:289:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:286:19:286:19 | i | loop counter | test.cpp:286:19:286:19 | i | N/A |
+| test.cpp:286:3:289:3 | for(...;...;...) ... | The $@ may be mutated in a location other than its update expression. | test.cpp:286:12:286:12 | i | counter variable | test.cpp:286:12:286:12 | i | N/A |
+| test.cpp:291:3:294:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:291:19:291:19 | i | loop counter | test.cpp:291:19:291:19 | i | N/A |
+| test.cpp:291:3:294:3 | for(...;...;...) ... | The $@ may be mutated in a location other than its update expression. | test.cpp:291:12:291:12 | i | counter variable | test.cpp:291:12:291:12 | i | N/A |
+| test.cpp:306:3:309:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:306:19:306:19 | i | loop counter | test.cpp:306:19:306:19 | i | N/A |
+| test.cpp:306:3:309:3 | for(...;...;...) ... | The $@ may be mutated in a location other than its update expression. | test.cpp:306:12:306:12 | i | counter variable | test.cpp:306:12:306:12 | i | N/A |
+| test.cpp:311:3:314:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:311:23:311:23 | k | loop bound | test.cpp:313:8:313:8 | k | mutated |
+| test.cpp:311:3:314:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:311:23:311:23 | k | loop bound | test.cpp:311:23:311:23 | k | N/A |
+| test.cpp:316:3:319:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:316:23:316:23 | k | loop bound | test.cpp:318:9:318:9 | k | mutated |
+| test.cpp:316:3:319:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:316:23:316:23 | k | loop bound | test.cpp:316:23:316:23 | k | N/A |
+| test.cpp:332:3:335:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:332:23:332:23 | k | loop bound | test.cpp:334:9:334:9 | k | mutated |
+| test.cpp:332:3:335:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:332:23:332:23 | k | loop bound | test.cpp:332:23:332:23 | k | N/A |
+| test.cpp:337:3:340:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:337:31:337:31 | l | loop step | test.cpp:339:8:339:8 | l | mutated |
+| test.cpp:337:3:340:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:337:31:337:31 | l | loop step | test.cpp:337:31:337:31 | l | N/A |
+| test.cpp:342:3:345:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:342:31:342:31 | l | loop step | test.cpp:344:9:344:9 | l | mutated |
+| test.cpp:342:3:345:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:342:31:342:31 | l | loop step | test.cpp:342:31:342:31 | l | N/A |
+| test.cpp:357:3:360:3 | for(...;...;...) ... | The $@ is a non-const expression, or a variable that may be $@ in the loop. | test.cpp:357:31:357:31 | l | loop step | test.cpp:359:9:359:9 | l | mutated |
+| test.cpp:357:3:360:3 | for(...;...;...) ... | The $@ is taken as a mutable reference or its address to a mutable pointer. | test.cpp:357:31:357:31 | l | loop step | test.cpp:357:31:357:31 | l | N/A |
diff --git a/cpp/misra/test/rules/RULE-9-5-1/test.cpp b/cpp/misra/test/rules/RULE-9-5-1/test.cpp
