-
Notifications
You must be signed in to change notification settings - Fork 1.8k
C++: Nullness.qll bug fixes #9785
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Thanks for this. This looks correct to me. However, a test which exercises the new behavior would be useful. I can point you in the right direction for this. However, for that it would be good to know if you found this while running one of our queries, and, if so, which one. |
@jketema I had tested this with examples like:
And variants ( If you point me to the right spot I'm sure I can put in something that will illustrate the bug and fix. To answer your question though, I found this bug making my own query. |
No worries. If there had been a specific query you were looking at it would have been easiest to add a test to that query. I don't think we test this functionality directly. Let me think a bit about how to best solve this. |
@jketema Sounds good. I was probably going to make 2 more PRs related to Nullness.ql today. Would it be easier to bundle them into this PR or to do them separately? |
Depends a bit on their size. If they're small, I don't have a problem with having them as part of the current PR. |
I ended up only having one addition change which is now part of this PR. It's very small. |
I've created some tests for It was not immediately clear to me what you second commit is supposed to achieve, so it's probably not yet covered. |
@jketema The second commit was added to address situations where there is an initialization in a conditional guard. e.g., In this case the initialization is a validation check, but wasn't being detected as a validation check previously. |
Thanks for clarifying. #9793 has been merged. Could you rebase this PR and update the tests/test results as appropriate? If you're not sure how to do the tests, please just rebase, and I'll give you a hand. |
@jketema Yea I could use a hand to properly update the test results. |
In that case, please rebase this PR on top of the latest |
Is a merge of main sufficient or do I need to do I need to do anything fancier? |
That works too 😄 |
I've updated the tests and did some other minor fixes. |
| test.cpp:21:9:21:14 | ... = ... | test.cpp:5:13:5:13 | v | is null | is not valid | | ||
| test.cpp:21:9:21:14 | ... = ... | test.cpp:7:10:7:10 | b | is not null | is valid | | ||
| test.cpp:22:17:22:17 | b | test.cpp:7:10:7:10 | b | is not null | is valid | | ||
| test.cpp:22:9:22:14 | ... = ... | test.cpp:5:13:5:13 | v | is not null | is not valid | | ||
| test.cpp:22:9:22:14 | ... = ... | test.cpp:7:13:7:13 | c | is not null | is not valid | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please would you explain these two results? It looks to me like if c = !v
is true, c
will be true (only after the assignment) and v
must be false.
If this is just a limitation of the analysis, I'm happy with that and happy for it to be documented by this test. I just want to check I'm understanding correctly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, those are a bit weird. There's two things going on here:
- RHSs of assignments are not covered, as they're technically not part of a condition. So, those expressions for each variable will always result in
is not null
andis not valid
- The
c
case is a C++17-style if-initializer (note thec
in the condition on the next line of the expected file). These also fall outside the condition that is evaluated in theif
, and hence we also getis not null
andis not valid
there.
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me. 👍 👍
@bdrodes Merged! Thanks for your contribution. |
Corrects a bug in nullCheckExpr and validCheckExpr in Nullness.qll for logical AND expressions. Previously only checking null/valid on expressions in the right hand side of the AND operation. Now checking both left and right.