Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rule S2259 FP: symbolic execution does not enter the for loop #890

Closed
bzuu opened this issue Oct 31, 2017 · 3 comments · Fixed by #6138
Closed

Rule S2259 FP: symbolic execution does not enter the for loop #890

bzuu opened this issue Oct 31, 2017 · 3 comments · Fixed by #6138
Assignees
@martin-strecker-sonarsource
Labels
Area: C# C# rules related issues. Area: CFG/SE CFG and SE related issues. Type: CFG/SE FPs Rule IS triggered when it shouldn't be for CFG and SE rules.
Milestone
8.46

Comments

@bzuu
Copy link

bzuu commented Oct 31, 2017

Description

The following code snippet seems to trigger a false positive S2259 'lastEx' is null on at least one execution path. on the last line with the throw statement:

public FileStream Blah()
{
	IOException lastEx = null;
	for (int i = 0; i < 10; i++)
	{
		try
		{
			return File.Open("somepath", FileMode.Open);
		}
		catch (IOException e)
		{
			lastEx = e;
		}
	}

	throw new InvalidOperationException(lastEx.Message);
}

When the for loop is removed S2259 is not raised on the last line.

Expected behavior

No S2259 raised on the last line as either the code has returned or the lastEx value has been set.

Actual behavior

Rule S2259 is raised both using the scanner for MSBuild as well as using SonarLint.

Related information

  • SonarC# Version 6.5 (build 3766)
  • Visual Studio Enterprise 2017 Version 15.4.1
  • Scanner for MSBuild Version 3.0.2
  • SonarLint 3.6.0.2584
@valhristov valhristov added Area: Symbolic Execution Type: False Positive Rule IS triggered when it shouldn't be. and removed Status: Needs Review labels Mar 8, 2018
@agigleux agigleux added this to the 8.0 milestone May 22, 2018
@sm-g
Copy link

sm-g commented Sep 1, 2018

same for forest here after update from 6.8.2 to 7.4.0:

DisjointForest<TModel> forest = null;
try
{
	forest = DisjointForest<TModel>.Create(models);
}
catch (ArgumentException ex) when (ex.Message.Contains("sss", StringComparison.OrdinalIgnoreCase))
{
	return result;
}

foreach (var item in Filter<TItem, TModel>(items))
{
	var count = forest.Leaves.Count();
}

@andrei-epure-sonarsource andrei-epure-sonarsource modified the milestones: CFG + Symbolic Execution, 7.16 Jul 31, 2019
@andrei-epure-sonarsource
Copy link
Contributor

This is because our Symbolic Execution engine thinks the code will never enter the loop.

    class TestForLoop
    {
        string Foo()
        {
            string s = null;
            for (int i = 0; i < 10; i++)
            {
                s = "";
            }
            return s.Trim(); // Noncompliant FP due to integer constraints
        }
    }

@andrei-epure-sonarsource andrei-epure-sonarsource modified the milestones: 7.16, CFG + Symbolic Execution Aug 8, 2019
@andrei-epure-sonarsource andrei-epure-sonarsource added the Area: CFG/SE CFG and SE related issues. label Aug 8, 2019
andrei-epure-sonarsource added a commit that referenced this issue Aug 8, 2019
@andrei-epure-sonarsource
Repro for #890
1bd602e
andrei-epure-sonarsource added a commit that referenced this issue Aug 8, 2019
@andrei-epure-sonarsource
Repro for #890 (#2571)
c0ffbb0
@andrei-epure-sonarsource andrei-epure-sonarsource changed the title Rule S2259: False positive on try statement in for loop Rule S2259: False positive due to for loop symbolic execution Aug 9, 2019
@andrei-epure-sonarsource andrei-epure-sonarsource changed the title Rule S2259: False positive due to for loop symbolic execution Rule S2259 FP: for symbolic execution does not enter the loop Aug 9, 2019
@andrei-epure-sonarsource andrei-epure-sonarsource changed the title Rule S2259 FP: for symbolic execution does not enter the loop Rule S2259 FP: for symbolic execution does not enter the for loop Aug 23, 2019
@andrei-epure-sonarsource andrei-epure-sonarsource changed the title Rule S2259 FP: for symbolic execution does not enter the for loop Rule S2259 FP: symbolic execution does not enter the for loop Aug 23, 2019
Closed
@costin-zaharia-sonarsource costin-zaharia-sonarsource added the Area: C# C# rules related issues. label Dec 2, 2019
@costin-zaharia-sonarsource costin-zaharia-sonarsource removed this from the CFG + Symbolic Execution milestone Dec 2, 2019
@pavel-mikula-sonarsource pavel-mikula-sonarsource added Type: CFG/SE FPs Rule IS triggered when it shouldn't be for CFG and SE rules. and removed Type: False Positive Rule IS triggered when it shouldn't be. labels Jun 25, 2021
@andrei-epure-sonarsource
Copy link
Contributor

related to #2528

@pavel-mikula-sonarsource pavel-mikula-sonarsource added this to the 8.43 milestone Jul 18, 2022
@pavel-mikula-sonarsource pavel-mikula-sonarsource modified the milestones: 8.43, 8.44 Jul 29, 2022
@pavel-mikula-sonarsource pavel-mikula-sonarsource removed this from the 8.44 milestone Aug 8, 2022
@pavel-mikula-sonarsource pavel-mikula-sonarsource added this to the 8.45 milestone Aug 22, 2022
@pavel-mikula-sonarsource pavel-mikula-sonarsource modified the milestones: 8.45, 8.46 Sep 14, 2022
martin-strecker-sonarsource added a commit that referenced this issue Sep 27, 2022
@martin-strecker-sonarsource
Add repo for #890
3820e1a
Merged
martin-strecker-sonarsource added a commit that referenced this issue Sep 30, 2022
@martin-strecker-sonarsource
Add repo for #890
e2bb90b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@martin-strecker-sonarsource martin-strecker-sonarsource

Labels
Area: C# C# rules related issues. Area: CFG/SE CFG and SE related issues. Type: CFG/SE FPs Rule IS triggered when it shouldn't be for CFG and SE rules.
Projects
None yet
Milestone
8.46
Development

Successfully merging a pull request may close this issue.

Improve S2259: Variables of caught exceptions are known to be NotNull SonarSource/sonar-dotnet
8 participants
@agigleux @sm-g @bzuu @valhristov @andrei-epure-sonarsource @costin-zaharia-sonarsource @pavel-mikula-sonarsource @martin-strecker-sonarsource