Comments (9)
This one slipped between the cracks - sorry. I'll take a look.
from codepropertygraph.
I added a test for this in #1577, but didn't need to change anything in the implementation... as you would expect, createAndApply
does throw an exception.
The companion repository above doesn't contain any code, maybe you can provide a working example there?
from codepropertygraph.
[simon@roxanne tmp]$ git clone [email protected]:simkoc/cpg-bug-poc.git
Cloning into 'cpg-bug-poc'...
remote: Enumerating objects: 131, done.
remote: Counting objects: 100% (131/131), done.
remote: Compressing objects: 100% (58/58), done.
remote: Total 131 (delta 26), reused 116 (delta 19), pack-reused 0
Receiving objects: 100% (131/131), 16.10 KiB | 246.00 KiB/s, done.
Resolving deltas: 100% (26/26), done.
[simon@roxanne tmp]$ cd cpg-bug-poc/
[simon@roxanne cpg-bug-poc]$ git checkout issue2
Branch 'issue2' set up to track remote branch 'issue2' from 'origin'.
Switched to a new branch 'issue2'
[simon@roxanne cpg-bug-poc]$ sbt test
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by sbt.TrapExit$ (file:/home/simon/.sbt/boot/scala-2.12.14/org.scala-sbt/sbt/1.5.7/run_2.12-1.5.7.jar)
WARNING: Please consider reporting this to the maintainers of sbt.TrapExit$
WARNING: System::setSecurityManager will be removed in a future release
[info] welcome to sbt 1.5.7 (N/A Java 17.0.1)
[info] loading settings for project global-plugins from gpg.sbt,release.sbt,sonatype.sbt ...
[info] loading global plugins from /home/simon/.sbt/1.0/plugins
[info] loading settings for project cpg-bug-poc-build from plugins.sbt ...
[info] loading project definition from /home/simon/tmp/cpg-bug-poc/project
[info] loading settings for project cpg-bug-poc from build.sbt ...
[info] set current project to cpg bug poc (in build file:/home/simon/tmp/cpg-bug-poc/)
[info] compiling 1 Scala source to /home/simon/tmp/cpg-bug-poc/target/scala-2.13/classes ...
[info] compiling 1 Scala source to /home/simon/tmp/cpg-bug-poc/target/scala-2.13/test-classes ...
Exception in thread "Writer" java.lang.RuntimeException: Edge with type='POST_DOMINATE' with direction='OUT' not supported by nodeType='METHOD'
| => cat overflowdb.NodeDb.storeAdjacentNode(NodeDb.java:637)
at overflowdb.NodeDb.storeAdjacentNode(NodeDb.java:616)
at overflowdb.NodeDb.addEdge(NodeDb.java:303)
at overflowdb.NodeRef.addEdge(NodeRef.java:160)
at overflowdb.SemiEdge.$minus$minus$greater(SyntacticSugar.scala:59)
at io.shiftleft.passes.DiffGraph$Applier.odbAddEdge(DiffGraph.scala:411)
at io.shiftleft.passes.DiffGraph$Applier.addEdge(DiffGraph.scala:403)
at io.shiftleft.passes.DiffGraph$Applier.$anonfun$run$1(DiffGraph.scala:355)
at io.shiftleft.passes.DiffGraph$Applier.$anonfun$run$1$adapted(DiffGraph.scala:351)
at scala.collection.IterableOnceOps.foreach(IterableOnce.scala:553)
at scala.collection.IterableOnceOps.foreach$(IterableOnce.scala:551)
at scala.collection.AbstractIterator.foreach(Iterator.scala:1279)
at io.shiftleft.passes.DiffGraph$Applier.run(DiffGraph.scala:351)
at io.shiftleft.passes.DiffGraph$Applier$.applyDiff(DiffGraph.scala:438)
at io.shiftleft.passes.ParallelCpgPass$Writer.run(ParallelCpgPass.scala:116)
at java.base/java.lang.Thread.run(Thread.java:833)
[info] TestForBug:
[info] the cpg creation test
[info] - should fail
[info] Run completed in 443 milliseconds.
[info] Total number of tests run: 1
[info] Suites: completed 1, aborted 0
[info] Tests: succeeded 1, failed 0, canceled 0, ignored 0, pending 0
[info] All tests passed.
[success] Total time: 4 s, completed Jan 14, 2022, 2:56:05 PM
Did you checkout issue2 as linked? Above is the complete workflow with a passing unit test even though there is an error. This error will not be recognized during CI execution as the test suite says that every test succeeded. I would expect the unit test to fail.
from codepropertygraph.
Ah, yes I didn't notice that this was in a branch, thanks.
I can confirm the issue now, and it's actually in the ParallelCpgPass.
from codepropertygraph.
@bbrehm can I ask for your opinion on how to best handle (partial) failure in the ParallelCpgPass?
I added a test in https://github.com/ShiftLeftSecurity/codepropertygraph/tree/michael/parallel-cpg-pass-fail, but there are of course other options and questions.
E.g. should we continue running all other parts on failure? I guess so, but then if we want to throw an exception we need to wrap it in some kind of wrapper exception that contains all others.
Alternatively we could return a Seq[Try]
or similar here, rather than Unit
- that would be the cleaner and more composable way IMO, but you may have different ideas.
from codepropertygraph.
If I may add my two cents. Simply returning a List[(Part,Error)]
or in the spirit thereof by createAndApply would suffice. This way I would be able to check if the list is empty (complete success), whether an error occurred (non empty) and if so during which part. A method of the ParallelCpgPass doing this would be fine as well.
from codepropertygraph.
Exceptions during diffgraph creation:
Generally, I'd say that we shouldn't try to handle this at all -- it is the job of the pass author to deal with exceptions they raise, i.e. enclose their computation in a try-catch-finally block if required.
The legacy ParallelCpgPass interface and the newer ConcurrentWriterCpgPass are fundamentally incapable of sane exception handling: In these cases, changes to the graph are written concurrently with the generation of changes. Hence, the graph is already modified in the moment that the exception is thrown. The newer ConcurrentWriterCpgPass is at least deterministic, unless users introduce race conditions -- ParallelCpgPass is racy by design.
Whether the legacy CpgPass can handle exceptions depends on the exact class of Iterator (lazy or pre-constructed) that the pass-author decides to allocate. This makes it very hard to understand edge-case behavior of passes and is the reason that CpgPass
and ParallelCpgPass
are due for deprecation (and then for removal after some deprecation period).
The newer ForkJoinParallelCpgPass is always capable of handling exceptions in the passes: All changes are coalesced into a single diffgraph; if an uncaught exception occurs, then we log the error, run finish()
to close file-descriptors etc and then re-throw the exception without committing any changes to the graph.
Exceptions during diffgraph application (like the one you showed):
We currently don't verify that the diffgraph conforms to the schema before applying it. Hence, the graph is always in an undefined broken unrecoverable state after such an error occurs.
I agree that we should rethrow the exception (and nuke the entire scan) 👍
Before merging such a change, we should verify in kibana that prod doesn't have any such warnings, to avoid breaking stuff that currently manages to limp on to a scan result.
from codepropertygraph.
@simkoc this is fixed in cpg 1.3.492
from codepropertygraph.
yes it works now, thank you
from codepropertygraph.
Related Issues (20)
- Possibly unwanted #ifdef behaviour when running joern-scan with new C frontend HOT 4
- cpgqls python client closes connection before queries finish HOT 1
- Some header files not found with new beta C/C++ frontend HOT 2
- New C frontend: `METHOD` stubs for external methods not present HOT 1
- New C/C++ frontend: missing TYPE nodes for lambdas/template-types
- [ newc ] Type is missing for locals
- newc: signature
- [ newc ] Missing method stub HOT 4
- [newc] Base class in separate namespace not correctly identified
- Missing size of char array in CPG
- Question regarding `NodeRef`s HOT 2
- Does this tool support generating cpg from java code? HOT 2
- Wrong result for `\\` in the label in the dot file HOT 2
- Some operators have the wrong name (typo) HOT 1
- by using this joern library , i want CPG in ideal format as given in research papers in which CFG and AST nodes must not connected HOT 1
- Can code contain inheritance relationships between classes?
- `sbt package` failing on M1 macOS
- Introduce `POSSIBLE_TYPES` property
- Inclusion of schema.json generated by schema2json HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from codepropertygraph.