AI-generated audit finding — this issue was opened from an automated security/correctness audit. It has not been triaged by a human yet; verify the reasoning, reproducibility, and severity before acting on it.
Medium: derived service operations can be silently dropped when a base service already uses the same operation name — CONFIRMED
Affected code:
Verification:
Confirmed. Two problems stacked on each other:
ServiceMethod.Equals is OperationName == other.OperationName only — two methods with the same operation name are equal even if they dispatch to different C# methods with different IDL shapes.Except(baseServiceMethods) therefore strips any derived method whose operation name collides with a base method, silently. The duplicate-name diagnostic at line 75-83 runs on the already-filtered set, so the collision is never reported. The derived dispatcher then omits the operation entirely, and requests for that operation dispatch to the base class's implementation.
For a developer who meant to override a base operation with a differently-shaped IDL method (e.g. Slice override of an Ice operation), the generated dispatch quietly ignores their override.
Impact:
- Dispatch tables diverge from the declared service contract.
- Override and collision mistakes are hidden instead of diagnosed.
Recommendation:
- Check for duplicate operation names across both derived and inherited sets before the
Except filter, and report DuplicateOperationNames for any collision.
- Make
ServiceMethod.Equals consider the full method identity (concrete subtype + declaring interface + signature) so that only genuinely inherited methods get removed by Except.
Status: Valid, Medium severity.
Source report: src-IceRpc.ServiceGenerator-audit-2026-04-14.md (finding derived service operations can be silently dropped when a base service already uses the same operation name — **CONFIRMED**)
Severity (auditor-assigned): Medium
Medium: derived service operations can be silently dropped when a base service already uses the same operation name — CONFIRMED
Affected code:
GetServiceMethods(classSymbol.AllInterfaces).Except(baseServiceMethods)then the duplicate-name diagnostic loopEqualsandGetHashCodeboth defined solely in terms ofOperationNameVerification:
Confirmed. Two problems stacked on each other:
ServiceMethod.EqualsisOperationName == other.OperationNameonly — two methods with the same operation name are equal even if they dispatch to different C# methods with different IDL shapes.Except(baseServiceMethods)therefore strips any derived method whose operation name collides with a base method, silently. The duplicate-name diagnostic at line 75-83 runs on the already-filtered set, so the collision is never reported. The derived dispatcher then omits the operation entirely, and requests for that operation dispatch to the base class's implementation.For a developer who meant to override a base operation with a differently-shaped IDL method (e.g. Slice override of an Ice operation), the generated dispatch quietly ignores their override.
Impact:
Recommendation:
Exceptfilter, and reportDuplicateOperationNamesfor any collision.ServiceMethod.Equalsconsider the full method identity (concrete subtype + declaring interface + signature) so that only genuinely inherited methods get removed byExcept.Status: Valid, Medium severity.
Source report: src-IceRpc.ServiceGenerator-audit-2026-04-14.md (finding
derived service operations can be silently dropped when a base service already uses the same operation name — **CONFIRMED**)Severity (auditor-assigned): Medium