Skip to content

Add analyzer+codefix for applying RequiresUnsafe to pointer methods#125196

Merged
agocke merged 24 commits intomainfrom
copilot/duplicate-pr-content-125195
Mar 19, 2026
Merged

Add analyzer+codefix for applying RequiresUnsafe to pointer methods#125196
agocke merged 24 commits intomainfrom
copilot/duplicate-pr-content-125195

Conversation

Copy link
Contributor

Copilot AI commented Mar 4, 2026
edited
Loading

Description

Cherry-pick of PR #125195 (agocke/runtime). Adds a Roslyn analyzer and code fixer that warns on methods with the unsafe modifier but missing [RequiresUnsafe], and applies [RequiresUnsafe] to all unsafe methods in System.Private.CoreLib.

  • Analyzer (UnsafeMethodMissingRequiresUnsafeAnalyzer): Reports IL2900 on unsafe methods lacking [RequiresUnsafe]
  • Code fixer (UnsafeMethodMissingRequiresUnsafeCodeFixProvider): Adds [RequiresUnsafe] attribute automatically
  • Attribute application: 276 files across CoreCLR and shared CoreLib annotated with [RequiresUnsafe]
  • Merge conflict resolution:
    • MdImport.cs — kept current LibraryImport/partial signature (diverged from fork's MethodImpl/extern), added [RequiresUnsafe]
    • Sve.PlatformNotSupported.cs — resolved conflicts from SVE method signature changes (Vector<int>/Vector<uint>Vector<long>/Vector<ulong>), ensured new unsafe pointer methods have [RequiresUnsafe]
  • Corner case exclusions:
    • Reverted [RequiresUnsafe] from IntPtr.cs and UIntPtr.cs — pointers in those files do not imply RequiresUnsafe
    • Removed [RequiresUnsafe] from Add<T>(void*, int) and Subtract<T>(void*, int) in Unsafe.cs — these methods do not dereference the pointer
    • Removed [RequiresUnsafe] from Alloc and AllocZeroed in NativeMemory.cs and NativeMemory.Unix.cs — returning a pointer is not inherently unsafe, only dereferencing it would be
  • Cleanup: Reverted 43 files that had only unnecessary using System.Diagnostics.CodeAnalysis; additions without any [RequiresUnsafe] usage (leftover from code fixer iterations), and restored UTF-8 BOMs in 20 files that were inadvertently stripped by the fork's editor
  • Scope note: [RequiresUnsafe] on Add, Subtract, AddByteOffset, and SubtractByteOffset methods returning ref T in Unsafe.cs was reverted to keep this PR focused on pointer-based methods; non-pointer RequiresUnsafe changes will be grouped into a separate PR

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

@agocke
Add analyzer and code fixer for unsafe methods missing [RequiresUnsafe]
baba7fd 
Add a new DiagnosticAnalyzer (UnsafeMethodMissingRequiresUnsafeAnalyzer)
that warns when a method, constructor, or local function has the 'unsafe'
modifier but is not annotated with [RequiresUnsafe].

Add a matching CodeFixProvider that adds the [RequiresUnsafe] attribute
to the flagged declaration.

Both are #if DEBUG guarded and enabled via the existing
EnableUnsafeAnalyzer MSBuild property.

New diagnostic: IL5004 (UnsafeMethodMissingRequiresUnsafe)

Co-authored-by: Copilot <[email protected]>
Copilot AI changed the title [WIP] Add exact contents from PR 125195 Add analyzer+codefix for unsafe methods missing [RequiresUnsafe] Mar 4, 2026
@dotnet-policy-service dotnet-policy-service bot added the linkable-framework Issues associated with delivering a linker friendly framework label Mar 4, 2026
@build-analysis build-analysis bot mentioned this pull request Mar 5, 2026
Open
agocke added 2 commits March 5, 2026 14:44
@agocke
Change analyzer/codefix implementation
315b2b0 
Now based on methods with pointer types, rather than methods with .
@agocke
Mark methods with pointer types as
ce61325
@agocke agocke mentioned this pull request Mar 5, 2026
Closed
agocke and others added 4 commits March 5, 2026 16:10
@agocke
Merge remote-tracking branch 'upstream/main' into copilot/duplicate-p…
a5aa1e8 
…r-content-125195

# Conflicts:
#	src/libraries/Common/src/Interop/Unix/System.Native/Interop.Futex.cs
#	src/libraries/System.Private.CoreLib/src/System/Threading/LowLevelFutex.Unix.cs
@agocke
Fix lambda scoping, field declarations, and shared file issues
851d167 
- Remove lambda/anonymous method break in RequiresUnsafeAnalyzer so
  unsafe context flows through nested lambdas (matching C# semantics)
- Add FieldDeclarationSyntax to IsInRequiresScope for unsafe field
  initializers
- Remove [RequiresUnsafe] from files compiled outside CoreLib (Common/,
  nativeaot/Runtime.Base/, Resources/) where the attribute is unavailable
- Add tests for lambda-in-unsafe-method, anonymous delegate, and field
  initializer scenarios

Co-authored-by: Copilot <[email protected]>
@agocke
Set IL5004 diagnostic severity to Info
c4b5726 
Use the DiagnosticSeverity.Info overload so IL5004 shows as a
suggestion rather than a warning/error in builds. Update tests to
expect Info severity.

Co-authored-by: Copilot <[email protected]>
@agocke
Remove [RequiresUnsafe] from AsPointer
a6490f4
@agocke agocke force-pushed the copilot/duplicate-pr-content-125195 branch from c08c9a1 to a6490f4 Compare March 6, 2026 18:35
agocke added 3 commits March 6, 2026 10:50
@agocke
Merge remote-tracking branch 'upstream/main' into copilot/duplicate-p…
77fc1e7 
…r-content-125195

# Conflicts:
#	src/coreclr/System.Private.CoreLib/src/System/AppContext.CoreCLR.cs
#	src/coreclr/System.Private.CoreLib/src/System/StartupHookProvider.CoreCLR.cs
@agocke
Annotate EventProvider
c36349c
@agocke
Include in Microsoft.Bcl.Memory
eeb56b0
jkotas
jkotas reviewed Mar 6, 2026
View reviewed changes
Copilot AI requested a review from jkotas March 14, 2026 13:59
This was referenced Mar 14, 2026
Open
Open
Open
Open
@jkotas
Copy link
Member

jkotas commented Mar 14, 2026

The annotations look fine to me.

This was referenced Mar 17, 2026
Open
Closed
@agocke
Copy link
Member

agocke commented Mar 17, 2026

@jkotas If you approve this change I'll check in the analyzer/codefixer and use them on the other libraries (after we make RequiresUnsafe match the API review approved this morning)

@jkotas
Copy link
Member

jkotas commented Mar 17, 2026

(I have not reviewed the analyzer and fixer in detail.)

@build-analysis build-analysis bot mentioned this pull request Mar 18, 2026
Open
@agocke
Copy link
Member

agocke commented Mar 19, 2026

Merging. Note: analyzer and fixer are currently non-shipping so skipping them is not a problem.

@agocke agocke merged commit 37c9693 into main Mar 19, 2026
162 of 167 checks passed
@agocke agocke deleted the copilot/duplicate-pr-content-125195 branch March 19, 2026 17:40
@github-project-automation github-project-automation bot moved this to Done in AppModel Mar 19, 2026
@richlander richlander mentioned this pull request Mar 19, 2026
Open
6 tasks
@dotnet-maestro dotnet-maestro bot mentioned this pull request Mar 20, 2026
Open
@EgorBo EgorBo mentioned this pull request Mar 21, 2026
Closed
Copilot AI mentioned this pull request Mar 21, 2026
Open
@EgorBo EgorBo mentioned this pull request Mar 22, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@agocke agocke agocke left review comments

Copilot code review Copilot Copilot left review comments

@EgorBo EgorBo EgorBo approved these changes

@jkotas jkotas jkotas approved these changes

@sbomer sbomer Awaiting requested review from sbomer sbomer is a code owner

@MichalStrehovsky MichalStrehovsky Awaiting requested review from MichalStrehovsky

Assignees

@agocke agocke

Copilot code review Copilot

Labels

area-Infrastructure-libraries linkable-framework Issues associated with delivering a linker friendly framework

Projects

AppModel
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@agocke @jkotas @EgorBo