This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
clang/
-
lib/Analysis/
-
Analysis/
-
ThreadSafety.cpp
-
test/
-
PCH/
-
thread-safety-attrs.cpp
-
SemaCXX/
2/2
warn-thread-safety-analysis.cpp

Differential D101202

Thread safety analysis: Fix false negative on break
ClosedPublic

Authored by aaronpuchert on Apr 23 2021, 2:17 PM.

Download Raw Diff

Details

Reviewers

aaron.ballman
delesley

Commits

rGdaca6edb31ef: Thread safety analysis: Fix false negative on break

Summary

We weren't modifying the lock set when intersecting with one coming
from a break-terminated block. This is inconsistent, since break isn't a
back edge, and it leads to false negatives with scoped locks. We usually
don't warn for those when joining locksets aren't the same, we just
silently remove locks that are not in the intersection. But not warning
and not removing them isn't right.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

aaronpuchert requested review of this revision.Apr 23 2021, 2:17 PM

aaronpuchert created this revision.

Herald added a project: Restricted Project. · View Herald TranscriptApr 23 2021, 2:17 PM

Herald added a subscriber: cfe-commits. · View Herald Transcript

aaronpuchert added inline comments.Apr 23 2021, 2:49 PM

clang/test/SemaCXX/warn-thread-safety-analysis.cpp
341	This is just a side effect, not the reason I did the change. It's consistent though with our usual behavior on joining forward edges, see e.g. `sls_fun_bad_11`.
2634	This warning was missing, and is the reason for this change.

Harbormaster completed remote builds in B100672: Diff 340164.Apr 23 2021, 5:08 PM

LGTM, thank you for explaining the test cases, that helped (and I agree that the drive-by test changes look sensible to me).

This revision is now accepted and ready to land.Apr 30 2021, 6:04 AM

This revision was landed with ongoing or failed builds.May 3 2021, 5:04 AM

Closed by commit rGdaca6edb31ef: Thread safety analysis: Fix false negative on break (authored by aaronpuchert). · Explain Why

This revision was automatically updated to reflect the committed changes.

aaronpuchert added a commit: rGdaca6edb31ef: Thread safety analysis: Fix false negative on break.

aaronpuchert mentioned this in D106715: Thread safety analysis: Drop special block handling.Jul 23 2021, 2:27 PM

aaronpuchert mentioned this in rG6de19ea4b626: Thread safety analysis: Drop special block handling.Sep 20 2021, 6:36 AM

Revision Contents

Path

Size

clang/

lib/

Analysis/

ThreadSafety.cpp

9 lines

test/

PCH/

thread-safety-attrs.cpp

3 lines

SemaCXX/

warn-thread-safety-analysis.cpp

16 lines

Diff 342363

clang/lib/Analysis/ThreadSafety.cpp

Show First 20 Lines • Show All 2,461 Lines • ▼ Show 20 Lines	for (const auto *PrevBlock : SpecialBlocks) {
const Stmt *Terminator = PrevBlock->getTerminatorStmt();		const Stmt *Terminator = PrevBlock->getTerminatorStmt();
bool IsLoop = Terminator && isa<ContinueStmt>(Terminator);		bool IsLoop = Terminator && isa<ContinueStmt>(Terminator);

FactSet PrevLockset;		FactSet PrevLockset;
getEdgeLockset(PrevLockset, PrevBlockInfo->ExitSet,		getEdgeLockset(PrevLockset, PrevBlockInfo->ExitSet,
PrevBlock, CurrBlock);		PrevBlock, CurrBlock);

// Do not update EntrySet.		// Do not update EntrySet.
intersectAndWarn(CurrBlockInfo->EntrySet, PrevLockset,		intersectAndWarn(
PrevBlockInfo->ExitLoc,		CurrBlockInfo->EntrySet, PrevLockset, PrevBlockInfo->ExitLoc,
IsLoop ? LEK_LockedSomeLoopIterations		IsLoop ? LEK_LockedSomeLoopIterations : LEK_LockedSomePredecessors,
: LEK_LockedSomePredecessors,		!IsLoop);
false);
}		}
}		}

BuildLockset LocksetBuilder(this, *CurrBlockInfo);		BuildLockset LocksetBuilder(this, *CurrBlockInfo);

// Visit all the statements in the basic block.		// Visit all the statements in the basic block.
for (const auto &BI : *CurrBlock) {		for (const auto &BI : *CurrBlock) {
switch (BI.getKind()) {		switch (BI.getKind()) {
▲ Show 20 Lines • Show All 106 Lines • Show Last 20 Lines

clang/test/PCH/thread-safety-attrs.cpp

Show First 20 Lines • Show All 305 Lines • ▼ Show 20 Lines	while (getBool()) {
sls_mu.Unlock();		sls_mu.Unlock();
if (getBool()) {		if (getBool()) {
if (getBool()) {		if (getBool()) {
break; // expected-warning{{mutex 'sls_mu' is not held on every path through here}}		break; // expected-warning{{mutex 'sls_mu' is not held on every path through here}}
}		}
}		}
sls_mu.Lock();		sls_mu.Lock();
}		}
sls_mu.Unlock();		sls_mu.Unlock(); // \
		// expected-warning{{releasing mutex 'sls_mu' that was not held}}
}		}

#endif		#endif

clang/test/SemaCXX/warn-thread-safety-analysis.cpp

Show First 20 Lines • Show All 331 Lines • ▼ Show 20 Lines	while (getBool()) {
sls_mu.Unlock();		sls_mu.Unlock();
if (getBool()) {		if (getBool()) {
if (getBool()) {		if (getBool()) {
break; // expected-warning{{mutex 'sls_mu' is not held on every path through here}}		break; // expected-warning{{mutex 'sls_mu' is not held on every path through here}}
}		}
}		}
sls_mu.Lock();		sls_mu.Lock();
}		}
sls_mu.Unlock();		sls_mu.Unlock(); // \
		// expected-warning{{releasing mutex 'sls_mu' that was not held}}
		aaronpuchertAuthorUnsubmitted Done Reply Inline Actions This is just a side effect, not the reason I did the change. It's consistent though with our usual behavior on joining forward edges, see e.g. `sls_fun_bad_11`. aaronpuchert: This is just a side effect, not the reason I did the change. It's consistent though with our…
}		}

//-----------------------------------------//		//-----------------------------------------//
// Handling lock expressions in attribute args		// Handling lock expressions in attribute args
// -------------------------------------------//		// -------------------------------------------//

Mutex aa_mu;		Mutex aa_mu;

▲ Show 20 Lines • Show All 2,228 Lines • ▼ Show 20 Lines	class Foo {
bool c;		bool c;
int a GUARDED_BY(mu_);		int a GUARDED_BY(mu_);

void test1();		void test1();
void test2();		void test2();
void test3();		void test3();
void test4();		void test4();
void test5();		void test5();
		void test6();
};		};


void Foo::test1() {		void Foo::test1() {
ReleasableMutexLock rlock(&mu_);		ReleasableMutexLock rlock(&mu_);
rlock.Release();		rlock.Release();
}		}

Show All 22 Lines	void Foo::test5() {
ReleasableMutexLock rlock(&mu_);		ReleasableMutexLock rlock(&mu_);
if (c) {		if (c) {
rlock.Release();		rlock.Release();
}		}
// No warning on join point because the lock will be released by the scope object anyway.		// No warning on join point because the lock will be released by the scope object anyway.
rlock.Release(); // expected-warning {{releasing mutex 'mu_' that was not held}}		rlock.Release(); // expected-warning {{releasing mutex 'mu_' that was not held}}
}		}

		void Foo::test6() {
		ReleasableMutexLock rlock(&mu_);
		do {
		if (c) {
		rlock.Release();
		break;
		}
		} while (c);
		// No warning on join point because the lock will be released by the scope object anyway
		a = 1; // expected-warning {{writing variable 'a' requires holding mutex 'mu_' exclusively}}
		aaronpuchertAuthorUnsubmitted Done Reply Inline Actions This warning was missing, and is the reason for this change. aaronpuchert: This warning was missing, and is the reason for this change.
		}


} // end namespace ReleasableScopedLock		} // end namespace ReleasableScopedLock


namespace RelockableScopedLock {		namespace RelockableScopedLock {

class DeferTraits {};		class DeferTraits {};

▲ Show 20 Lines • Show All 3,178 Lines • Show Last 20 Lines