Initial code analyzer for Microsoft.ML

Adds code analysis initially for correct usage of common Contracts.Except/Check
patterns, naming conventions, variable usage and initializations, access modifiers,
and other idioms used throughout the Microsoft.ML codebase. Enables analysis on
Microsoft.ML projects.

Author: Tom Finley

Microsoft.ML.sln

@@ -82,6 +82,12 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.ML.LightGBM", "sr
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.ML.Ensemble", "src\Microsoft.ML.Ensemble\Microsoft.ML.Ensemble.csproj", "{DCF46B79-1FDB-4DBA-A263-D3D64E3AAA27}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "analyzer", "analyzer", "{7F13E156-3EBA-4021-84A5-CD56BA72F99E}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.ML.CodeAnalyzer", "analyzer\Microsoft.ML.CodeAnalyzer\Microsoft.ML.CodeAnalyzer.csproj", "{B4E55B2D-2A92-46E7-B72F-E76D6FD83440}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.ML.CodeAnalyzer.Tests", "test\Microsoft.ML.CodeAnalyzer.Tests\Microsoft.ML.CodeAnalyzer.Tests.csproj", "{3E4ABF07-7970-4BE6-B45B-A13D3C397545}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -192,6 +198,14 @@ Global
 		{DCF46B79-1FDB-4DBA-A263-D3D64E3AAA27}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{DCF46B79-1FDB-4DBA-A263-D3D64E3AAA27}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{DCF46B79-1FDB-4DBA-A263-D3D64E3AAA27}.Release|Any CPU.Build.0 = Release|Any CPU
+		{B4E55B2D-2A92-46E7-B72F-E76D6FD83440}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{B4E55B2D-2A92-46E7-B72F-E76D6FD83440}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{B4E55B2D-2A92-46E7-B72F-E76D6FD83440}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{B4E55B2D-2A92-46E7-B72F-E76D6FD83440}.Release|Any CPU.Build.0 = Release|Any CPU
+		{3E4ABF07-7970-4BE6-B45B-A13D3C397545}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{3E4ABF07-7970-4BE6-B45B-A13D3C397545}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{3E4ABF07-7970-4BE6-B45B-A13D3C397545}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{3E4ABF07-7970-4BE6-B45B-A13D3C397545}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -227,6 +241,8 @@ Global
 		{3DEB504D-7A07-48CE-91A2-8047461CB3D4} = {AED9C836-31E3-4F3F-8ABC-929555D3F3C4}
 		{001F3B4E-FBE4-4001-AFD2-A6A989CD1C25} = {09EADF06-BE25-4228-AB53-95AE3E15B530}
 		{DCF46B79-1FDB-4DBA-A263-D3D64E3AAA27} = {09EADF06-BE25-4228-AB53-95AE3E15B530}
+		{B4E55B2D-2A92-46E7-B72F-E76D6FD83440} = {7F13E156-3EBA-4021-84A5-CD56BA72F99E}
+		{3E4ABF07-7970-4BE6-B45B-A13D3C397545} = {AED9C836-31E3-4F3F-8ABC-929555D3F3C4}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {41165AF1-35BB-4832-A189-73060F82B01D}

analyzer/Microsoft.ML.CodeAnalyzer/ContractsCheckAnalyzer.cs

@@ -0,0 +1,247 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using System.Collections.Generic;
+using System.Collections.Immutable;
+using Microsoft.CodeAnalysis;
+using Microsoft.CodeAnalysis.CSharp;
+using Microsoft.CodeAnalysis.CSharp.Syntax;
+using Microsoft.CodeAnalysis.Diagnostics;
+
+namespace Microsoft.ML.CodeAnalyzer
+{
+    [DiagnosticAnalyzer(LanguageNames.CSharp)]
+    public sealed class ContractsCheckAnalyzer : DiagnosticAnalyzer
+    {
+        // Detecting that a syntax call is actually on a particular method is computationally
+        // intensive, so once we detect that we're on Contracts methods, we put all the methods
+        // here.
+
+        private const string Category = "Contracts";
+
+        public static class NameofDiagnostic
+        {
+            public const string Id = "MSML_ContractsNameUsesNameof";
+            private const string Title = "Contracts argument for names is not a nameof";
+            private const string Format = "Call to '{0}' should use nameof(...) for {1} argument, but instead used '{2}'";
+            private const string Description =
+                "For Contracts.Checks or Excepts with some form of parameter name, unless that " +
+                "argument is a nameof(...) expression there's almost certainly something wrong.";
+
+            internal static DiagnosticDescriptor Rule =
+                new DiagnosticDescriptor(Id, Title, Format, Category,
+                    DiagnosticSeverity.Warning, isEnabledByDefault: true, description: Description);
+        }
+
+        public static class ExceptionDiagnostic
+        {
+            public const string Id = "MSML_ContractsExceptAsExpression";
+            private const string Title = "Contracts.Except used as expression";
+            private const string Format = "Something should be done with the exception created by '{0}'";
+            private const string Description =
+                "Contracts.Except and similar methods do not themselves throw, but provide an " +
+                "exception that can be thrown. This call did nothing with the exception.";
+
+            internal static DiagnosticDescriptor Rule =
+                new DiagnosticDescriptor(Id, Title, Format, Category,
+                    DiagnosticSeverity.Warning, isEnabledByDefault: true, description: Description);
+        }
+
+        public static class SimpleMessageDiagnostic
+        {
+            public const string Id = "MSML_ContractsCheckMessageNotLiteralOrIdentifier";
+            private const string Title = "Contracts.Check argument for message may involve formatting";
+            private const string Format = "On call to '{0}' message '{1}' could not be identified as being either a string literal or variable";
+
+            internal static DiagnosticDescriptor Rule =
+                new DiagnosticDescriptor(Id, Title, Format, Category,
+                    DiagnosticSeverity.Warning, isEnabledByDefault: true,
+                    description: Descriptions.ContractsCheckMessageNotLiteralOrIdentifier);
+        }
+
+        public static class DecodeMessageWithLoadContextDiagnostic
+        {
+            public const string Id = "MSML_NoMessagesForLoadContext";
+            private const string Title = "Contracts.Check argument for message may involve formatting";
+            private const string Format = "On call to '{0}' message '{1}' was provided, but this method had a ModelLoadContext";
+
+            internal static DiagnosticDescriptor Rule =
+                new DiagnosticDescriptor(Id, Title, Format, Category,
+                    DiagnosticSeverity.Warning, isEnabledByDefault: true,
+                    description: Descriptions.NoMessagesForLoadContext);
+        }
+
+        public override ImmutableArray<DiagnosticDescriptor> SupportedDiagnostics =>
+            ImmutableArray.Create(
+                NameofDiagnostic.Rule, ExceptionDiagnostic.Rule, SimpleMessageDiagnostic.Rule,
+                DecodeMessageWithLoadContextDiagnostic.Rule);
+
+        private static HashSet<string> _targetSet = new HashSet<string>(new[]
+        {
+            "Check", "CheckUserArg", "CheckParam", "CheckParamValue", "CheckRef", "CheckValue",
+            "CheckNonEmpty", "CheckNonWhiteSpace", "CheckDecode", "CheckIO", "CheckAlive", "CheckValueOrNull",
+            "Except", "ExceptUserArg", "ExceptParam", "ExceptParamValue", "ExceptValue", "ExceptEmpty",
+            "ExceptWhiteSpace", "ExceptDecode", "ExceptIO", "ExceptNotImpl", "ExceptNotSupp",
+        });
+
+        public override void Initialize(AnalysisContext context)
+        {
+            context.RegisterSyntaxNodeAction(Analyze, SyntaxKind.InvocationExpression);
+        }
+
+        /// <summary>
+        /// Returns an array parallel to <paramref name="parameters"/> that contains
+        /// the arguments in <paramref name="invocation"/>. If named parameters are used
+        /// then this is not necessarily the same. Note that in the event that there are
+        /// more arguments than parameters (e.g., via a <c>params</c> variable length
+        /// parameter) only the first match for the parameter is recorded.
+        /// </summary>
+        private static ArgumentSyntax[] ParallelArgs(
+            ImmutableArray<IParameterSymbol> parameters,
+            InvocationExpressionSyntax invocation)
+        {
+            ArgumentSyntax[] args = new ArgumentSyntax[parameters.Length];
+            var syntaxArgs = invocation.ArgumentList.Arguments;
+            for (int i = 0; i < syntaxArgs.Count; ++i)
+            {
+                var arg = syntaxArgs[i];
+                int index = -1;
+                if (arg.NameColon == null)
+                    index = i;
+                else
+                {
+                    string nameColonText = arg.NameColon.Name.ToString();
+                    for (int p = 0; p < parameters.Length; ++p)
+                    {
+                        if (parameters[p].Name == nameColonText)
+                        {
+                            index = p;
+                            break;
+                        }
+                    }
+                }
+                if (0 <= index && index < args.Length && args[index] == null)
+                    args[index] = arg;
+            }
+            return args;
+        }
+
+        private static bool NameIsNameof(ExpressionSyntax exp)
+        {
+            var invokeExp = exp as InvocationExpressionSyntax;
+            return invokeExp != null && invokeExp.Expression.ToString() == "nameof";
+        }
+
+        private static bool IsGoodMessage(SyntaxNodeAnalysisContext context, ExpressionSyntax exp)
+        {
+            if (exp.IsKind(SyntaxKind.AddExpression))
+            {
+                // These sorts of string concatenation things always wind up being compile
+                // time constants, from what I can tell from ildasm.
+                var binExp = (BinaryExpressionSyntax)exp;
+                return IsGoodMessage(context, binExp.Left) && IsGoodMessage(context, binExp.Right);
+            }
+
+            if (exp.IsKind(SyntaxKind.SimpleMemberAccessExpression))
+            {
+                var access = (MemberAccessExpressionSyntax)exp;
+                var field = context.SemanticModel.GetSymbolInfo(access).Symbol as IFieldSymbol;
+                return field?.IsConst ?? false;
+            }
+
+            if (exp.IsKind(SyntaxKind.InvocationExpression))
+                return ((InvocationExpressionSyntax)exp).Expression.ToString() == "nameof";
+
+            return exp.IsKind(SyntaxKind.StringLiteralExpression) || exp.IsKind(SyntaxKind.IdentifierName);
+        }
+
+        private static bool HasModelLoadContext(SyntaxNode node)
+        {
+            while (node != null && !node.IsKind(SyntaxKind.MethodDeclaration) && !node.IsKind(SyntaxKind.ConstructorDeclaration))
+                node = node.Parent;
+            if (node == null)
+                return false;
+            var enclosingParams = ((node as MethodDeclarationSyntax)?.ParameterList
+                ?? ((ConstructorDeclarationSyntax)node).ParameterList).Parameters;
+            foreach (var param in enclosingParams)
+            {
+                // It is possible that this may mislead us slightly, since there could be another
+                // unrelated type called ModelLoadContext, or someone could have type aliasing, or
+                // some other complicating factor that will defeat this simple check. With some
+                // additional computational load, we could access the semantic model for this.
+                if (param.Type.ToString() == "ModelLoadContext")
+                    return true;
+            }
+            return false;
+        }
+
+        private static void Analyze(SyntaxNodeAnalysisContext context)
+        {
+            var invocation = (InvocationExpressionSyntax)context.Node;
+            if (!(invocation.Expression is MemberAccessExpressionSyntax access))
+                return;
+            var name = access.Name.ToString();
+            // Do the quick checks first on the name.
+            bool isCheck = false;
+            bool isExcept = false;
+            if ((!(isCheck = name.StartsWith("Check")) && !(isExcept = name.StartsWith("Except"))) || !_targetSet.Contains(name))
+                return;
+            // Now that we've verified we're approximately in the right neighborhood, do a more
+            // in depth semantic analysis to verify we're targetting the right sort of object.
+            var symbolInfo = context.SemanticModel.GetSymbolInfo(invocation);
+            if (!(symbolInfo.Symbol is IMethodSymbol methodSymbol))
+                return;
+            var containingSymbolName = methodSymbol.ContainingSymbol.ToString();
+            // The "internal" version is one used by some projects that want to benefit from Contracts,
+            // but for some reason cannot reference MLCore.
+            if (containingSymbolName != "Microsoft.ML.Runtime.Contracts" &&
+                containingSymbolName != "Microsoft.ML.Runtime.Internal.Contracts")
+            {
+                return;
+            }
+            if (isExcept && invocation.Parent.IsKind(SyntaxKind.ExpressionStatement))
+            {
+                context.ReportDiagnostic(Diagnostic.Create(
+                    ExceptionDiagnostic.Rule, invocation.GetLocation(), name));
+            }
+
+            var parameters = methodSymbol.Parameters;
+            var args = ParallelArgs(parameters, invocation);
+
+            for (int i = 0; i < parameters.Length; ++i)
+            {
+                if (args[i] == null)
+                    continue;
+                var arg = args[i];
+                var parameter = parameters[i];
+
+                switch (parameter.Name)
+                {
+                    case "paramName":
+                    case "name":
+                        if (!NameIsNameof(arg.Expression))
+                        {
+                            context.ReportDiagnostic(Diagnostic.Create(
+                                NameofDiagnostic.Rule, arg.GetLocation(), name, parameter.Name, arg.Expression));
+                        }
+                        break;
+                    case "msg":
+                        if (isCheck && !IsGoodMessage(context, arg.Expression))
+                        {
+                            context.ReportDiagnostic(Diagnostic.Create(
+                                SimpleMessageDiagnostic.Rule, arg.GetLocation(), name, arg.Expression));
+                        }
+                        if ((name == "CheckDecode" || name == "ExceptDecode") && HasModelLoadContext(invocation))
+                        {
+                            context.ReportDiagnostic(Diagnostic.Create(
+                                DecodeMessageWithLoadContextDiagnostic.Rule, arg.GetLocation(), name, arg.Expression));
+                        }
+                        break;
+                    default:
+                        break;
+                }
+            }
+        }
+    }
+}