Brodes/seh flow overhaul2 #17676
Brodes/seh flow overhaul2 #17676
Conversation
…d updating uses of TExceptionEdge
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll
Outdated
Show resolved
Hide resolved
| @@ -3437,8 +3460,7 @@ class TranslatedVarArg extends TranslatedNonConstantExpr { | |||
|
|
|||
| final override Instruction getInstructionSuccessorInternal(InstructionTag tag, EdgeKind kind) { | |||
| tag = VarArgsVAListLoadTag() and | |||
| kind instanceof GotoEdge and | |||
| result = this.getInstruction(VarArgsArgAddressTag()) | |||
| (kind instanceof GotoEdge and result = this.getInstruction(VarArgsArgAddressTag())) | |||
There was a problem hiding this comment.
This parenthesis here is also superfluous now
There was a problem hiding this comment.
So much for the formatting tool fixing that automatically.
There was a problem hiding this comment.
😅 Yeah, the autoformatter doesn't remove all superfluous parentheses (because that's apparently a super hard problem in general). By the way, it's still complaining about missing autoformat in a couple of places, though:
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedElement.qll would change by autoformatting.
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll would change by autoformatting.
cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll would change by autoformatting.
cpp/ql/lib/semmle/code/cpp/models/implementations/Strcpy.qll would change by autoformatting.
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
Outdated
Show resolved
Hide resolved
cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll
Outdated
Show resolved
Hide resolved
| * unconditional or non-throwing. IR generation will enforce | ||
| * the most strict interpretation. |
There was a problem hiding this comment.
Where does this enforcement happen?
There was a problem hiding this comment.
| * the most strict interpretation. | ||
| */ | ||
| class DefaultSEHExceptionBehavior extends ThrowingFunction { | ||
| DefaultSEHExceptionBehavior() { this = any(Function f) } |
There was a problem hiding this comment.
I don't think we need this charpred as ThrowingFunction is already a Function (which Code Scanning is also telling us 🎉)
There was a problem hiding this comment.
Let me ask this. It is currently defined as a function yes, but in my refactor of this concept I had intended that an ExceptionAnnotation can be on any expression. Hence, this char pred exists for that concept, but you are right it is not needed given I didn't think I could swing that concept for this pr. The question is, given I would hope it could generalize, should the char pred be defensive?
There was a problem hiding this comment.
I'm fine with leaving it here. Although, I don't think we'll ever generalize ThrowingFunction to not be a function since that would probably be a bit confusing. Rather, if we generalize it to ThrowingExpr I think we'd keep ThrowingFunction as a special case that extends both Function and ThrowingExpr.
There was a problem hiding this comment.
I moved the char pred up to ThrowingFunction, an abstract, as that makes more sense, However, removing the char pred does result in a warning. Apparently extending an abstract class without specifying a char pred is a no no? What do you suggest? Define one with "any()"?
There was a problem hiding this comment.
I went with this 'any' approach, but depending on your comments I can revert it.
|
@MathiasVP I realize I need a change log, but previously I put change logs under src/change-notes. For libraries, I see lib/change-notes and a released directory. Do I put it at the same level of released or should there be another sub directory? I'm moving to ready to review while we figure that out. |
|
Yeah, the "unreleased" change notes goes in this folder: https://github.com/github/codeql/tree/main/cpp/ql/lib/change-notes Then, as part of the release process, those files will be moved into the "released" folder. |
|
@bdrodes Could you please fix all the QL-for-QL warnings except the redundant import ones? |
…oft/codeql into brodes/seh_flow_overhaul2 # Please enter a commit message to explain why this merge is necessary, # especially if it merges an updated upstream into a topic branch. # # Lines starting with '#' will be ignored, and an empty message aborts # the commit.
|
@jketema or @MathiasVP I'm not sure what is required for the newtype qldocs, here's what's in the code, but it is still complaining:
|
|
You need to use QLDoc on the branches as well: /** Structure Exception Handling (SEH) exception */
TSEHException() or
/** C++ exception */
TCxxException()By the way, I've seen "Structure Exception Handling" in multiple places. They should probably be fixed to be "Structured Exception Handling". |
|
Good find @MathiasVP . Fixing... |
|
@jketema , I think that covers your asks for the ql-for-ql with my last push. |
I still see quite a large number of them when I look at the changes. |
|
@jketema , my misunderstanding, I thought I was reviewing the actions warnings. @MathiasVP set me straight where to look. I'll get back to you. |
|
@jketema , altered all the isSEH to isSeh to be in compliance with convention. I think that got rid of the warnings. |
cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll
Fixed
Show fixed
Hide fixed
cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll
Fixed
Show fixed
Hide fixed
cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll
Fixed
Show fixed
Hide fixed
|
Note that this is currently breaking 100s of tests. |
|
|
||
| private newtype TEdgeKind = | ||
| TGotoEdge() or // Single successor (including fall-through) | ||
| TTrueEdge() or // 'true' edge of conditional branch | ||
| TFalseEdge() or // 'false' edge of conditional branch | ||
| TExceptionEdge() or // Thrown exception | ||
| TExceptionEdge(Boolean isSeh) or // Thrown exception, true for SEH exceptions, false otherwise |
There was a problem hiding this comment.
What is the reason for doing with with a boolean instead of just having two separate kinds of edges (one for normal exceptions and one for SEH exceptions)?
There was a problem hiding this comment.
We want a single edge concept for all exceptions. A problem we have had generally with SEH vs traditional is the concept has been handled by different mechanisms making it error prone to do anything with exceptions as it is easy to forget the 'other' exception.
Overhaul of try/catch to support differentiating SEH vs C++ exception handling in IR generation.