pghs975uc
/
infer_clone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b02a6e9e48'
${ noResults }
infer_clone/infer/tests/codetoanalyze/java/racerd/Annotations.java

411 lines
8.4 KiB
Raw Normal View History Unescape

[thread-safety] don't warn on methods annotated with UiThread Summary: These methods should only be called from other methods that also run on the UI thread, and they should not be starting new threads. Reviewed By: peterogithub Differential Revision: D4383133 fbshipit-source-id: 6cb2e40
8 years ago
/*
* Copyright (c) 2017 - present Facebook, Inc.
* All rights reserved.
*
* This source code is licensed under the BSD style license found in the
* LICENSE file in the root directory of this source tree. An additional grant
* of patent rights can be found in the PATENTS file in the same directory.
*/
package codetoanalyze.java.checkers;
[thread-safety] suppress warnings on methods annotated with @OnEvent Reviewed By: peterogithub Differential Revision: D4407224 fbshipit-source-id: 511aad4
8 years ago
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
[thread-safety] new SynchronizedCollection annotation Summary: For collections whose type does not express that the collection is thread-safe (e.g., `Collections.syncrhonizedMap` and friends). If you annotate a field holding one of these collections, we won't warn when you mutate the collection. Reviewed By: jeremydubreil Differential Revision: D4763565 fbshipit-source-id: 58b487a
8 years ago
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
[thread-safety] suppress warnings on methods annotated with @OnEvent Reviewed By: peterogithub Differential Revision: D4407224 fbshipit-source-id: 511aad4
8 years ago
[thread-safety] don't warn on methods annotated with UiThread Summary: These methods should only be called from other methods that also run on the UI thread, and they should not be starting new threads. Reviewed By: peterogithub Differential Revision: D4383133 fbshipit-source-id: 6cb2e40
8 years ago
import android.support.annotation.UiThread;
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
import com.facebook.infer.annotation.Functional;
[thread-safety] Add @ReturnsOwnership annotation for methods and handle it in the thread-safety analysis Reviewed By: jeremydubreil Differential Revision: D4538654 fbshipit-source-id: e5889ac
8 years ago
import com.facebook.infer.annotation.ReturnsOwnership;
[thread-safety] new SynchronizedCollection annotation Summary: For collections whose type does not express that the collection is thread-safe (e.g., `Collections.syncrhonizedMap` and friends). If you annotate a field holding one of these collections, we won't warn when you mutate the collection. Reviewed By: jeremydubreil Differential Revision: D4763565 fbshipit-source-id: 58b487a
8 years ago
import com.facebook.infer.annotation.SynchronizedCollection;
import com.facebook.infer.annotation.ThreadConfined;
import com.facebook.infer.annotation.ThreadSafe;
[threadsafety] don't warn on methods from classes annotated ThreadConfined Reviewed By: sblackshear Differential Revision: D4384861 fbshipit-source-id: 9b7c999
8 years ago
[thread-safety] don't warn on methods annotated with UiThread Summary: These methods should only be called from other methods that also run on the UI thread, and they should not be starting new threads. Reviewed By: peterogithub Differential Revision: D4383133 fbshipit-source-id: 6cb2e40
8 years ago
/** tests for classes and method annotations that are meaningful w.r.t thread-safety */
[thread-safety] handle some annotations as aliases of ThreadConfined Reviewed By: jaegs Differential Revision: D4458676 fbshipit-source-id: da42ad5
8 years ago
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.CLASS)
@interface OnBind {
}
[thread-safety] suppress warnings on methods annotated with @OnEvent Reviewed By: peterogithub Differential Revision: D4407224 fbshipit-source-id: 511aad4
8 years ago
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.CLASS)
@interface OnEvent {
}
[thread-safety] handle some annotations as aliases of ThreadConfined Reviewed By: jaegs Differential Revision: D4458676 fbshipit-source-id: da42ad5
8 years ago
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.CLASS)
@interface OnMount {
}
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.CLASS)
@interface OnUnbind {
}
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.CLASS)
@interface OnUnmount {
}
[thread-safety] enable defining aliases of @ThreadSafe in .inferconfig Reviewed By: peterogithub Differential Revision: D4662764 fbshipit-source-id: c202509
8 years ago
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.CLASS)
@interface MyThreadSafeAlias1 {
}
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.CLASS)
@interface MyThreadSafeAlias2 {
}
[racerd] treat `@InjectProp` formals as owned Reviewed By: ngorogiannis Differential Revision: D7641152 fbshipit-source-id: 2dac8df
7 years ago
@Target(ElementType.PARAMETER)
@Retention(RetentionPolicy.CLASS)
@interface InjectProp {
}
[thread-safety] Add @ReturnsOwnership annotation for methods and handle it in the thread-safety analysis Reviewed By: jeremydubreil Differential Revision: D4538654 fbshipit-source-id: e5889ac
8 years ago
interface Interface {
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
[thread-safety] Add @ReturnsOwnership annotation for methods and handle it in the thread-safety analysis Reviewed By: jeremydubreil Differential Revision: D4538654 fbshipit-source-id: e5889ac
8 years ago
@Functional Object functionalMethod();
@ReturnsOwnership Obj returnsOwnershipMethod();
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
}
[thread-safety] unify @AssumeThreadSafe and @ThreadSafeMethod into @ThreadSafe(enableChecks = ...) Summary: Rather than having three separate annotations related to checking/assuming thread-safety, let's just have one annotation instead. Reviewed By: peterogithub Differential Revision: D4605258 fbshipit-source-id: 17c935b
8 years ago
@ThreadSafe(enableChecks = false)
class AssumedThreadSafe {
Object field;
public void writeOk() {
this.field = new Object();
[thread-safety] enable defining aliases of @ThreadSafe in .inferconfig Reviewed By: peterogithub Differential Revision: D4662764 fbshipit-source-id: c202509
8 years ago
}
}
// this annotation is defined as an alias for @ThreadSafe in .inferconfig
class ThreadSafeAlias {
Object field;
@MyThreadSafeAlias1
void threadSafeAliasBad1() {
this.field = new Object();
}
@MyThreadSafeAlias2
void threadSafeAliasBad2() {
this.field = new Object();
[thread-safety] unify @AssumeThreadSafe and @ThreadSafeMethod into @ThreadSafe(enableChecks = ...) Summary: Rather than having three separate annotations related to checking/assuming thread-safety, let's just have one annotation instead. Reviewed By: peterogithub Differential Revision: D4605258 fbshipit-source-id: 17c935b
8 years ago
}
}
[thread-safety] don't warn on methods annotated with UiThread Summary: These methods should only be called from other methods that also run on the UI thread, and they should not be starting new threads. Reviewed By: peterogithub Differential Revision: D4383133 fbshipit-source-id: 6cb2e40
8 years ago
@ThreadSafe
[thread-safety] Add @ReturnsOwnership annotation for methods and handle it in the thread-safety analysis Reviewed By: jeremydubreil Differential Revision: D4538654 fbshipit-source-id: e5889ac
8 years ago
class Annotations implements Interface {
[thread-safety] don't warn on methods annotated with UiThread Summary: These methods should only be called from other methods that also run on the UI thread, and they should not be starting new threads. Reviewed By: peterogithub Differential Revision: D4383133 fbshipit-source-id: 6cb2e40
8 years ago
Object f;
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
boolean b;
[thread-safety] don't warn on methods annotated with UiThread Summary: These methods should only be called from other methods that also run on the UI thread, and they should not be starting new threads. Reviewed By: peterogithub Differential Revision: D4383133 fbshipit-source-id: 6cb2e40
8 years ago
@UiThread
public void setF(Object newF) {
this.f = newF; // shouldn't report here
}
public void callSetFOnMethodOk(Annotations obj) {
obj.setF(new Object()); // or here
}
public void mutateOffUiThreadBad() {
this.f = new Object();
}
[thread-safety] suppress warnings on methods annotated with @OnEvent Reviewed By: peterogithub Differential Revision: D4407224 fbshipit-source-id: 511aad4
8 years ago
// anything annotated with OnEvent is modeled as running on the UI thread, should not warn
@OnEvent
[thread-safety] don't warn on methods annotated with UiThread Summary: These methods should only be called from other methods that also run on the UI thread, and they should not be starting new threads. Reviewed By: peterogithub Differential Revision: D4383133 fbshipit-source-id: 6cb2e40
8 years ago
public void onClick() {
this.f = new Object();
}
[threadsafety] don't warn on methods from classes annotated ThreadConfined Reviewed By: sblackshear Differential Revision: D4384861 fbshipit-source-id: 9b7c999
8 years ago
Confined con;
[thread-safety] don't warn on external accesses to fields of ThreadConfined classes Reviewed By: jaegs Differential Revision: D4490858 fbshipit-source-id: e955a32
8 years ago
public void confinedCallerOk(){
[threadsafety] don't warn on methods from classes annotated ThreadConfined Reviewed By: sblackshear Differential Revision: D4384861 fbshipit-source-id: 9b7c999
8 years ago
con.foo();
}
[thread-safety] don't warn on external accesses to fields of ThreadConfined classes Reviewed By: jaegs Differential Revision: D4490858 fbshipit-source-id: e955a32
8 years ago
public void writeFieldOfConfinedClassOk() {
con.x = 7;
}
[thread-safety] add string parameter to @ThreadConfined Summary: Better documentation, and could perhaps be checked instead of trusted later if the analysis understands threads better. Reviewed By: jaegs Differential Revision: D4537463 fbshipit-source-id: 4323c78
8 years ago
@ThreadConfined(ThreadConfined.UI)
[threadsafety] don't warn on methods from classes annotated ThreadConfined Reviewed By: sblackshear Differential Revision: D4384861 fbshipit-source-id: 9b7c999
8 years ago
class Confined {
Integer x;
void foo(){
x = 22;
}
}
[thread-safety] add string parameter to @ThreadConfined Summary: Better documentation, and could perhaps be checked instead of trusted later if the analysis understands threads better. Reviewed By: jaegs Differential Revision: D4537463 fbshipit-source-id: 4323c78
8 years ago
@ThreadConfined(ThreadConfined.ANY) Obj encapsulatedField;
[thread-safety] support fields annotated with @ThreadConfined Summary: Similar to marking classes ThreadConfined, we want to support marking fields as well. The intended semantics are: don't warn on writes to the marked field outside of syncrhonization, but continue to warn on accesses to subfields. Reviewed By: peterogithub Differential Revision: D4406890 fbshipit-source-id: af8a114
8 years ago
public void mutateConfinedFieldDirectlyOk() {
this.encapsulatedField = new Obj();
}
public static void mutateConfinedFieldIndirectlyOk(Annotations a) {
a.encapsulatedField = new Obj();
}
public void mutateSubfieldOfConfinedBad() {
[thread-safety] Add @ReturnsOwnership annotation for methods and handle it in the thread-safety analysis Reviewed By: jeremydubreil Differential Revision: D4538654 fbshipit-source-id: e5889ac
8 years ago
this.encapsulatedField.f = new Object();
[thread-safety] support fields annotated with @ThreadConfined Summary: Similar to marking classes ThreadConfined, we want to support marking fields as well. The intended semantics are: don't warn on writes to the marked field outside of syncrhonization, but continue to warn on accesses to subfields. Reviewed By: peterogithub Differential Revision: D4406890 fbshipit-source-id: af8a114
8 years ago
}
[threadsafety] More races with main thread Summary: If I read off the main thread and write on the main we could have a race. (Writes off main are already reported.) Reviewed By: sblackshear Differential Revision: D4746138 fbshipit-source-id: 8b6e9c5
8 years ago
Integer zz;
[thread-safety] add string parameter to @ThreadConfined Summary: Better documentation, and could perhaps be checked instead of trusted later if the analysis understands threads better. Reviewed By: jaegs Differential Revision: D4537463 fbshipit-source-id: 4323c78
8 years ago
@ThreadConfined("some_custom_string")
[thread-safety] allow @ThreadConfined annotation on methods Reviewed By: peterogithub Differential Revision: D4433240 fbshipit-source-id: 9fb646b
8 years ago
public void threadConfinedMethodOk() {
this.f = new Object();
[threadsafety] More races with main thread Summary: If I read off the main thread and write on the main we could have a race. (Writes off main are already reported.) Reviewed By: sblackshear Differential Revision: D4746138 fbshipit-source-id: 8b6e9c5
8 years ago
zz = 22;
}
public void read_from_non_confined_method_Bad(){
Integer i;
i = zz;
[thread-safety] allow @ThreadConfined annotation on methods Reviewed By: peterogithub Differential Revision: D4433240 fbshipit-source-id: 9fb646b
8 years ago
}
[infer][threadsafety] Use disjunction in the join for threaded Summary: There are false positives in the current analysis due to the use of conjunction in the treatment of threaded. Changing conjunction to disjunction removes these false positives. Some new false negatives arise, but all the old tests pass. This is a stopgap towards a better solution being planned. Reviewed By: sblackshear Differential Revision: D4883280 fbshipit-source-id: c2a7e6e
8 years ago
/* Like in RaceWithMainThread.java with assertMainThread() */
[thread-safety] new threads domain Summary: Previously, we just tracked a boolean representing whether we were possibly on the main thread (true) or definitely not on the main thread (false). In order to start supporting `Thread.start`, `Runnable.run`, etc., we'll need something more expressive. This diff introduces a lattice: ``` Any / \ Main Background \ / Unknown ``` as the new threads domain. The initial value is `Unknown`, and we introduce `Main` in situations where we would have introduced `true` before. This (mostly) preserves behavior: the main difference is that before code like ``` if (*) { assertMainThread() } else { x.f = ... } ``` would have recorded that the access to `x.f` was on the main thread, whereas now we'll say that it's on an unknown thread. Reviewed By: peterogithub Differential Revision: D5860256 fbshipit-source-id: efee330
7 years ago
void conditional1_ok(boolean b){
[infer][threadsafety] Use disjunction in the join for threaded Summary: There are false positives in the current analysis due to the use of conjunction in the treatment of threaded. Changing conjunction to disjunction removes these false positives. Some new false negatives arise, but all the old tests pass. This is a stopgap towards a better solution being planned. Reviewed By: sblackshear Differential Revision: D4883280 fbshipit-source-id: c2a7e6e
8 years ago
if (b) {
[thread-safety] new threads domain Summary: Previously, we just tracked a boolean representing whether we were possibly on the main thread (true) or definitely not on the main thread (false). In order to start supporting `Thread.start`, `Runnable.run`, etc., we'll need something more expressive. This diff introduces a lattice: ``` Any / \ Main Background \ / Unknown ``` as the new threads domain. The initial value is `Unknown`, and we introduce `Main` in situations where we would have introduced `true` before. This (mostly) preserves behavior: the main difference is that before code like ``` if (*) { assertMainThread() } else { x.f = ... } ``` would have recorded that the access to `x.f` was on the main thread, whereas now we'll say that it's on an unknown thread. Reviewed By: peterogithub Differential Revision: D5860256 fbshipit-source-id: efee330
7 years ago
write_on_main_thread_ok();
}
[infer][threadsafety] Use disjunction in the join for threaded Summary: There are false positives in the current analysis due to the use of conjunction in the treatment of threaded. Changing conjunction to disjunction removes these false positives. Some new false negatives arise, but all the old tests pass. This is a stopgap towards a better solution being planned. Reviewed By: sblackshear Differential Revision: D4883280 fbshipit-source-id: c2a7e6e
8 years ago
}
Integer ii;
@ThreadConfined(ThreadConfined.UI)
[thread-safety] new threads domain Summary: Previously, we just tracked a boolean representing whether we were possibly on the main thread (true) or definitely not on the main thread (false). In order to start supporting `Thread.start`, `Runnable.run`, etc., we'll need something more expressive. This diff introduces a lattice: ``` Any / \ Main Background \ / Unknown ``` as the new threads domain. The initial value is `Unknown`, and we introduce `Main` in situations where we would have introduced `true` before. This (mostly) preserves behavior: the main difference is that before code like ``` if (*) { assertMainThread() } else { x.f = ... } ``` would have recorded that the access to `x.f` was on the main thread, whereas now we'll say that it's on an unknown thread. Reviewed By: peterogithub Differential Revision: D5860256 fbshipit-source-id: efee330
7 years ago
void write_on_main_thread_ok(){
[infer][threadsafety] Use disjunction in the join for threaded Summary: There are false positives in the current analysis due to the use of conjunction in the treatment of threaded. Changing conjunction to disjunction removes these false positives. Some new false negatives arise, but all the old tests pass. This is a stopgap towards a better solution being planned. Reviewed By: sblackshear Differential Revision: D4883280 fbshipit-source-id: c2a7e6e
8 years ago
ii = 22;
}
[thread-safety] Change meaning of @ThreadSafe to "can run in parallel with any thread including itself" Summary: Previously, annotating something ThreadSafe meant "check that it is safe to run all of this procedure's methods in parallel with each other" (including self-parallelization). This makes sense, but it means that if the user writes no annotations, we do no checking. I'm moving toward a model of inferring when an access might happen on a thread that can run concurrently with other threads, then automatically checking that it is thread-safe w.r.t to all other accesses to the same memory (on or off the current thread thread). This will let us report even when there are no `ThreadSafe` annotations. Any method that is known to run on a new thread (e.g., `Runnable.run`) will be modeled as running on a thread that can run in parallel with other threads, and so will any method that is `synchronized` or acquires a lock. In this setup, adding `ThreadSafe` to a method just means: "assume that the current method can run in parallel with any thread, including another thread that includes a different invocation of the same method (a self race) unless you see evidence to the contrary" (e.g., calling `assertMainThread` or annotating with `UiThread`). The key step in this diff is changing the threads domain to abstract *what threads the current thread may run in parallel with* rather than *what the current thread* is. This makes things much simpler. Reviewed By: jberdine Differential Revision: D5895242 fbshipit-source-id: 2e23d1e
7 years ago
void conditional2_bad(boolean b){
[infer][threadsafety] Use disjunction in the join for threaded Summary: There are false positives in the current analysis due to the use of conjunction in the treatment of threaded. Changing conjunction to disjunction removes these false positives. Some new false negatives arise, but all the old tests pass. This is a stopgap towards a better solution being planned. Reviewed By: sblackshear Differential Revision: D4883280 fbshipit-source-id: c2a7e6e
8 years ago
if (b)
{
[thread-safety] new threads domain Summary: Previously, we just tracked a boolean representing whether we were possibly on the main thread (true) or definitely not on the main thread (false). In order to start supporting `Thread.start`, `Runnable.run`, etc., we'll need something more expressive. This diff introduces a lattice: ``` Any / \ Main Background \ / Unknown ``` as the new threads domain. The initial value is `Unknown`, and we introduce `Main` in situations where we would have introduced `true` before. This (mostly) preserves behavior: the main difference is that before code like ``` if (*) { assertMainThread() } else { x.f = ... } ``` would have recorded that the access to `x.f` was on the main thread, whereas now we'll say that it's on an unknown thread. Reviewed By: peterogithub Differential Revision: D5860256 fbshipit-source-id: efee330
7 years ago
write_on_main_thread_ok();
[infer][threadsafety] Use disjunction in the join for threaded Summary: There are false positives in the current analysis due to the use of conjunction in the treatment of threaded. Changing conjunction to disjunction removes these false positives. Some new false negatives arise, but all the old tests pass. This is a stopgap towards a better solution being planned. Reviewed By: sblackshear Differential Revision: D4883280 fbshipit-source-id: c2a7e6e
8 years ago
} else {
[thread-safety] Change meaning of @ThreadSafe to "can run in parallel with any thread including itself" Summary: Previously, annotating something ThreadSafe meant "check that it is safe to run all of this procedure's methods in parallel with each other" (including self-parallelization). This makes sense, but it means that if the user writes no annotations, we do no checking. I'm moving toward a model of inferring when an access might happen on a thread that can run concurrently with other threads, then automatically checking that it is thread-safe w.r.t to all other accesses to the same memory (on or off the current thread thread). This will let us report even when there are no `ThreadSafe` annotations. Any method that is known to run on a new thread (e.g., `Runnable.run`) will be modeled as running on a thread that can run in parallel with other threads, and so will any method that is `synchronized` or acquires a lock. In this setup, adding `ThreadSafe` to a method just means: "assume that the current method can run in parallel with any thread, including another thread that includes a different invocation of the same method (a self race) unless you see evidence to the contrary" (e.g., calling `assertMainThread` or annotating with `UiThread`). The key step in this diff is changing the threads domain to abstract *what threads the current thread may run in parallel with* rather than *what the current thread* is. This makes things much simpler. Reviewed By: jberdine Differential Revision: D5895242 fbshipit-source-id: 2e23d1e
7 years ago
ii = 99; // this might or might not run on the main thread; warn
[infer][threadsafety] Use disjunction in the join for threaded Summary: There are false positives in the current analysis due to the use of conjunction in the treatment of threaded. Changing conjunction to disjunction removes these false positives. Some new false negatives arise, but all the old tests pass. This is a stopgap towards a better solution being planned. Reviewed By: sblackshear Differential Revision: D4883280 fbshipit-source-id: c2a7e6e
8 years ago
}
}
[thread-safety] handle some annotations as aliases of ThreadConfined Reviewed By: jaegs Differential Revision: D4458676 fbshipit-source-id: da42ad5
8 years ago
@OnBind
public void onBindMethodOk() {
this.f = new Object();
}
[threadsafety] More races with main thread Summary: If I read off the main thread and write on the main we could have a race. (Writes off main are already reported.) Reviewed By: sblackshear Differential Revision: D4746138 fbshipit-source-id: 8b6e9c5
8 years ago
public void read_off_UI_thread_Bad(){
Object o = f;
}
[thread-safety] handle some annotations as aliases of ThreadConfined Reviewed By: jaegs Differential Revision: D4458676 fbshipit-source-id: da42ad5
8 years ago
@OnMount
public void onMountMethodOk() {
this.f = new Object();
}
@OnUnmount
public void onUnmountMethodOk() {
this.f = new Object();
}
@OnUnbind
public void onUnbindMethodOk() {
this.f = new Object();
}
[thread-safety] unify @AssumeThreadSafe and @ThreadSafeMethod into @ThreadSafe(enableChecks = ...) Summary: Rather than having three separate annotations related to checking/assuming thread-safety, let's just have one annotation instead. Reviewed By: peterogithub Differential Revision: D4605258 fbshipit-source-id: 17c935b
8 years ago
@ThreadSafe(enableChecks = false)
[thread-safety] add @AssumeThreadSafe annotation to assume thread-safety of a method without checking it Reviewed By: peterogithub Differential Revision: D4433402 fbshipit-source-id: 742ad51
8 years ago
public void assumeThreadSafeOk() {
this.f = new Object();
}
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
@Functional native Object returnFunctional1();
@Functional Object returnFunctional2() { return null; }
// marked @Functional in interface
[thread-safety] Add @ReturnsOwnership annotation for methods and handle it in the thread-safety analysis Reviewed By: jeremydubreil Differential Revision: D4538654 fbshipit-source-id: e5889ac
8 years ago
@Override public Object functionalMethod() { return null; }
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
Object mAssignToFunctional;
public Object functionalOk1() {
if (mAssignToFunctional == null) {
mAssignToFunctional = returnFunctional1();
}
return mAssignToFunctional;
}
public Object functionalOk2() {
if (mAssignToFunctional == null) {
mAssignToFunctional = returnFunctional2();
}
return mAssignToFunctional;
}
public Object functionalOk3() {
if (mAssignToFunctional == null) {
[thread-safety] Add @ReturnsOwnership annotation for methods and handle it in the thread-safety analysis Reviewed By: jeremydubreil Differential Revision: D4538654 fbshipit-source-id: e5889ac
8 years ago
mAssignToFunctional = functionalMethod();
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
}
return mAssignToFunctional;
}
@Functional native double returnDouble();
@Functional native long returnLong();
double mDouble;
long mLong;
[thread-safety] fix understanding of non-atomic writes to doubles/longs Differential Revision: D5502627 fbshipit-source-id: 8b4cf37
7 years ago
int mInt1;
int mInt2;
public int functionalAcrossUnboxingAndCast1Ok() {
if (b) {
mInt1 = (int) returnDouble();
}
return 0;
}
public int functionalAcrossUnboxingAndCast2Ok() {
if (b) {
mInt2 = (int) returnLong();
}
return 0;
}
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
// writes to doubles are not atomic on all platforms, so this is not a benign race
public double functionalDoubleBad() {
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
if (b) {
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
mDouble = returnDouble();
}
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
return 0.0;
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
}
// writes to longs are not atomic on all platforms, so this is not a benign race
public long functionaLongBad() {
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
if (b) {
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
mLong = returnLong();
}
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
return 2;
[thread-safety] don't warn on accesses to fields assigned to @Functional calls Summary: This diff adds a set of access paths holding a value returned from a method annotated with Functional to the domain. If a "functional" value is written to a field, we won't count that right as an unprotected access. The idea is to be able to use the Functional annotation to get rid of benign race false positive, such as: ``` Functional T iAlwaysReturnTheSameThing(); T mCache; T memoizedGetter() { if (mCache == null) { mCache = iAlwaysReturnTheSameThing(); } return mCache; } ``` Although there is a write-write race on `mCache`, we don't care because it will be assigned to the same value regardless of which writer wins. Reviewed By: peterogithub Differential Revision: D4476492 fbshipit-source-id: cfa5dfc
8 years ago
}
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
Boolean mBoxedBool;
@Functional native boolean returnBool();
public boolean functionalAcrossBoxingOk() {
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
if (b) {
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
mBoxedBool = returnBool();
}
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
return b;
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
}
boolean mBool;
@Functional native Boolean returnBoxedBool();
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
boolean mBool2;
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
public boolean FP_functionalAcrossUnboxingOk() {
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
if (b) {
mBool2 = returnBoxedBool();
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
}
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
return b;
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
}
Long mBoxedLong;
@Functional native Long returnBoxedLong();
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
public int functionalBoxedLongOk() {
if (b) {
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
mBoxedLong = returnBoxedLong();
}
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
return 22;
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
}
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
long mLong2;
public int functionalAcrossUnboxingLongBad() {
if (b) {
mLong2 = returnBoxedLong();
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
}
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
return 2;
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
}
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
long mBoxedLong2;
public int FP_functionalAcrossBoxingLongOk() {
if (b) {
mBoxedLong2 = returnLong();
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
}
[threadsafety] read/write races Summary: Reports on reads that have one or more conflicting writes. When you report, say which other methods race with it. Reviewed By: sblackshear Differential Revision: D4538793 fbshipit-source-id: 47ce700
8 years ago
return 2;
[thread-safety] propagate @Functional attribute across boxing of primitive types Reviewed By: jeremydubreil Differential Revision: D4501552 fbshipit-source-id: c4cc9ec
8 years ago
}
[thread-safety] add understanding of conditional ownership Summary: Previously, we would lose track of ownership in code like ``` Obj owned = new Obj(); Obj stillOwned = id(owned); // would lose ownership here stillOwned.f = ... // would report false alarm here ``` This diff partially addresses the problem by adding a notion of "unconditional" (always owned) or "conditional" (owned if some formal at index i is owned) ownership. Now we can handle simple examples like the one above. I say "partially" because we still can't handle cases where there are different reasons for conditional ownership, such as ``` oneOrTwo(Obj o1, Obj o2) { if (*) return o1; else return o2; } // we won't understand that this maintains ownership if both formals are owned Obj stillOwned = oneOrTwo(owned1, owned2); stillOwned.f = ... // we'll report a false alarm here ``` This can be addressed in the future, but will require slightly more work Reviewed By: peterogithub Differential Revision: D4520069 fbshipit-source-id: 99c7418
8 years ago
public boolean propagateFunctional() {
return returnBool();
}
// show that we can handle indirect returns of procedures marked @Functional
public void propagateFunctionalOk() {
boolean returnedFunctional = propagateFunctional();
mBool = returnedFunctional;
}
[thread-safety] propagate attributes across binary/unary expressions Summary: Needed to handle cases like `mField = somethingFunctional() && somethingElseFunctional()` Reviewed By: peterogithub Differential Revision: D4532204 fbshipit-source-id: 078fae5
8 years ago
@Functional native int returnInt();
int mInt;
public void functionalAcrossLogicalOpsOk() {
boolean functionalBool = returnBool();
int functionalInt = returnInt();
boolean propagated = functionalBool && true || 2 < returnInt() && 3 == functionalInt;
mBool = propagated;
}
public void functionalAcrossArithmeticOpsOk() {
int functional = returnInt();
int propagated = functional + 1 - returnInt() * 7 % 2;
mInt = functional;
}
native int returnNonFunctionalInt();
public void functionalAndNonfunctionalBad() {
mInt = returnNonFunctionalInt() + returnInt();
}
[thread-safety] Add @ReturnsOwnership annotation for methods and handle it in the thread-safety analysis Reviewed By: jeremydubreil Differential Revision: D4538654 fbshipit-source-id: e5889ac
8 years ago
@ReturnsOwnership native Obj returnsOwned();
@Override
public native Obj returnsOwnershipMethod(); // marked @ReturnsOwnership in interface
void mutateAnnotatedOwnedOk() {
Obj owned = returnsOwned();
owned.f = new Object();
}
void mutateAnnotatedOverrideOwnedOk() {
Obj owned = returnsOwnershipMethod();
owned.f = new Object();
}
[thread-safety] unify @AssumeThreadSafe and @ThreadSafeMethod into @ThreadSafe(enableChecks = ...) Summary: Rather than having three separate annotations related to checking/assuming thread-safety, let's just have one annotation instead. Reviewed By: peterogithub Differential Revision: D4605258 fbshipit-source-id: 17c935b
8 years ago
public void writeToAssumedThreadSafeClassOk(AssumedThreadSafe c) {
c.writeOk();
}
[thread-safety] new SynchronizedCollection annotation Summary: For collections whose type does not express that the collection is thread-safe (e.g., `Collections.syncrhonizedMap` and friends). If you annotate a field holding one of these collections, we won't warn when you mutate the collection. Reviewed By: jeremydubreil Differential Revision: D4763565 fbshipit-source-id: 58b487a
8 years ago
@SynchronizedCollection
private final Map<Object,Object> mSynchronizedMap = Collections.synchronizedMap(new HashMap());
public void synchronizedMapOk1() {
mSynchronizedMap.put(new Object(), new Object());
}
public void synchronizedMapOk2(Annotations a) {
a.mSynchronizedMap.put(new Object(), new Object());
}
[racerd] treat `@InjectProp` formals as owned Reviewed By: ngorogiannis Differential Revision: D7641152 fbshipit-source-id: 2dac8df
7 years ago
public void injectPropOk(@InjectProp Obj o) {
o.f = 7;
}
[thread-safety] don't warn on methods annotated with UiThread Summary: These methods should only be called from other methods that also run on the UI thread, and they should not be starting new threads. Reviewed By: peterogithub Differential Revision: D4383133 fbshipit-source-id: 6cb2e40
8 years ago
}