Missing (r)unlock broken after semgrep update

[GrosQuildu]

Seems like Semgrep two things in new version that break our rules:

• const propagation works in different way: the unlocker := c.mu.RUnlock is not propagated to unlocker()
• implicit return is added at the end of defer func() { block

Something to investigate and fix in our rules.

[mschwager]

Hmm, I don't think const propagation has changed. I think it's just an implicit return has been added to functions. It looks like something changed in version 1.94.0. I tested the following Go script:

package main

import "fmt"

func main() {
    defer func() {
        fmt.Println("defered")
    }()

    fmt.Println("hello")
}

Semgrep 1.93.0 gives:

$ semgrep -l go -e 'return ...' test.go
Ran 1 rule on 1 file: 0 findings.

Semgrep 1.94.0 gives:

$ semgrep -l go -e 'return ...' test.go

    test.go
            7┆ fmt.Println("defered")

Ran 1 rule on 1 file: 1 finding.

If I remove the defer it gives the same results, so it's not a special case of defer functions. It's also interesting that it doesn't apply the implicit return to main here either 😕

[mschwager]

I'm wondering if this was unintentional and we should file a bug upstream.