False positive on S2583 in C#

wilfriedb · November 10, 2023, 9:41am

Operating system: Windows 11

Visual Studio version: 17.7
SonarLint plugin version: 7.3.0.77872
Programming language you’re coding in: C#
Is connected mode used: Yes
- Connected to SonarCloud or SonarQube (and which version): SonarQube 10.2.1

In some cases , the rule “S2583 Conditionally executed code should be reachable” gives false positives in the case the if statement is on a variable that could have been changed in a closure.

Example code:

var captured = 0;

Bar(() => captured++);

if (captured == 1)
{
    return 1;
}

static void Bar(Action action)
{
    action();
}

return 0;

In this code, the variable captured get changed, but the rule doe not recognize that, and gives the warning: Change this condition so that it does not always evaluate to 'False'. Some code paths are unreachable. It thinks the if statement will evaluate to false, but in reality, it will evaluate to true.

See also the screenshot:

Expected: No warning
Actual: Warning S5283

Mary_Georgiou · November 14, 2023, 8:37am

Hello @wilfriedb,

Thanks a lot for reporting this, it’s indeed an FP.
Our symbolic execution engine does not explore lambdas so it does not detect that captured can be also not 0.

Here is a GitHub issue for you to follow regarding this.

It’s in our future objectives to plan supporting lambdas for the symbolic execution.

pvk · November 15, 2023, 3:35pm

I think it is more basic than just about exploring lambdas. This code also gives the S5283.

private bool test()
{
    var exists = true;
    var count = 0;
    while (exists)
    {
        exists = someRoutine();
        count++;
        if (count <= 10) continue;
        return false;
    }

    return true;
}

Mary_Georgiou · November 15, 2023, 4:01pm

Hello @pvk,

I guess you mean in this line → if (count <= 10) continue;. Am I right? (if not please let me know - at least for me it only raises S2583 there).

If yes, this is a false positive but for another reason.
This stems from how the symbolic execution explores loops.

Our engine explores loops only two times, and it cannot “learn” that count >= 2 can be true.

We already have similar issues to our backlog (for example see here, here and here), where you can read more information.

pvk · November 15, 2023, 4:13pm

Yes, thanks, that is the issue. In the actual code it runs for 1000 times, so making more iterations exploring the loop is not likely going to be the solution.

Mary_Georgiou · November 15, 2023, 4:29pm

Unfortunately yes, as having the symbolic execution engine explore more times a loop will result in a huge performance hit in the analysis.

However, we have a scheduled sprint to look into the for-loop exploration with the goal of minimizing the false positives.

Topic		Replies	Views
False positive for S2583 - Conditionally executed code should be reachable SonarQube for IDE csharp	1	257	November 29, 2023
False positive on S2583 and conditions looking at incrementing values inside of a loop Report False-positive / False-negative... dotnet , false-positive	1	249	February 23, 2024
Another false positive for S2583 - Conditionally executed code should be reachable SonarQube for IDE csharp	1	325	November 30, 2023
S2589 false alarm in SonarLint, VS 2022 Report False-positive / False-negative... csharp , visualstudio , sonarqube-ide	2	256	December 20, 2023
Issue: Rule S2583: False positive when using ? with a bool? and false Report False-positive / False-negative... csharp , sonarqube-ide	1	735	September 11, 2019

False positive on S2583 in C#

Related topics