Skip to content

[mono] CodeQL fix set #1 #99637

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 14, 2024
Merged

[mono] CodeQL fix set #1 #99637

merged 4 commits into from
Mar 14, 2024

Conversation

@kg
Copy link
Member

@kg kg commented Mar 12, 2024
edited
Loading

CodeQL flagged various places where we're dereferencing pointers that could be NULL, this PR systematically cleans some of them up via g_assert. (Note that CodeQL doesn't currently recognize g_assert as an assertion... working on that)

@kg kg added the runtime-mono specific to the Mono runtime label Mar 12, 2024
@ghost ghost added the area-VM-meta-mono label Mar 12, 2024
This was referenced Mar 12, 2024
Closed
Closed
Open
@kg kg marked this pull request as ready for review March 13, 2024 20:41
lambdageek
lambdageek reviewed Mar 13, 2024
View reviewed changes
src/mono/mono/mini/aot-compiler.c
Comment on lines 5852 to +5854
icomparable_inst = mono_class_inflate_generic_class_checked (icomparable, &ctx, error);
mono_error_assert_ok (error); /* FIXME don't swallow the error */
g_assert (icomparable_inst);
Copy link
Member

@lambdageek lambdageek Mar 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really wish we could teach CodeQL that for some functions that have a MonoError * argument, that if is_ok (error) then the return value is non-null. Otherwise these kinds of assertions are pretty lame.

lambdageek
lambdageek reviewed Mar 13, 2024
View reviewed changes
lambdageek
lambdageek reviewed Mar 13, 2024
View reviewed changes
lambdageek
lambdageek approved these changes Mar 13, 2024
View reviewed changes
Copy link
Member

@lambdageek lambdageek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks ok, but I wish we could systematically fix these code patterns:

   SomeResult *result = callee(arg1, arg, error);
   mono_error_assert_ok (error); // we should get to know that result != NULL here

by adding some kind of annotation to callee.

@kg
Copy link
Member Author

kg commented Mar 14, 2024

Looks ok, but I wish we could systematically fix these code patterns:

   SomeResult *result = callee(arg1, arg, error);
   mono_error_assert_ok (error); // we should get to know that result != NULL here

by adding some kind of annotation to callee.

Yeah, I'm not sure whether there is no relevant annotation or if the annotations just aren't documented.

This was referenced Mar 14, 2024
Closed
Closed
Closed
@kg kg merged commit 172ecdf into dotnet:main Mar 14, 2024
@github-actions github-actions bot locked and limited conversation to collaborators Apr 14, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@steveisok steveisok steveisok approved these changes

@lambdageek lambdageek lambdageek approved these changes

@fanyang-mono fanyang-mono fanyang-mono approved these changes

@vargaz vargaz Awaiting requested review from vargaz

@BrzVlad BrzVlad Awaiting requested review from BrzVlad BrzVlad is a code owner

@thaystg thaystg Awaiting requested review from thaystg thaystg is a code owner

Assignees

@kg kg

Labels

area-VM-meta-mono runtime-mono specific to the Mono runtime

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kg @steveisok @lambdageek @fanyang-mono