@ -430,9 +430,22 @@ let analyze_procedure {Callbacks.exe_env; summary} =
let proc_name = Summary . get_proc_name summary in
let proc_name = Summary . get_proc_name summary in
let tenv = Exe_env . get_tenv exe_env proc_name in
let tenv = Exe_env . get_tenv exe_env proc_name in
let open ConcurrencyModels in
let open ConcurrencyModels in
let add_owned_formal acc base = OwnershipDomain . add base OwnershipAbstractValue . owned acc in
let add_conditionally_owned_formal =
let is_owned_formal { Annot . class_name } =
(* [@InjectProp] allocates a fresh object to bind to the parameter *)
String . is_suffix ~ suffix : Annotations . inject_prop class_name
in
let method_annotation = ( Procdesc . get_attributes proc_desc ) . method_annotation in
let method_annotation = ( Procdesc . get_attributes proc_desc ) . method_annotation in
let is_inject_prop = Annotations . ma_has_annotation_with method_annotation is_owned_formal in
fun acc formal formal_index ->
let ownership_value =
if is_inject_prop then OwnershipAbstractValue . owned
else OwnershipAbstractValue . make_owned_if formal_index
in
OwnershipDomain . add formal ownership_value acc
in
if RacerDModels . should_analyze_proc tenv proc_name then
if RacerDModels . should_analyze_proc tenv proc_name then
let formal_map = FormalMap . make proc_desc in
let locks =
let locks =
if Procdesc . is_java_synchronized proc_desc then LockDomain . ( acquire_lock bottom )
if Procdesc . is_java_synchronized proc_desc then LockDomain . ( acquire_lock bottom )
else LockDomain . bottom
else LockDomain . bottom
@ -447,57 +460,28 @@ let analyze_procedure {Callbacks.exe_env; summary} =
then ThreadsDomain . AnyThread
then ThreadsDomain . AnyThread
else ThreadsDomain . NoThread
else ThreadsDomain . NoThread
in
in
let add_owned_local acc ( var_data : ProcAttributes . var_data ) =
let pvar = Pvar . mk var_data . name proc_name in
let base = AccessPath . base_of_pvar pvar var_data . typ in
OwnershipDomain . add ( AccessExpression . base base ) OwnershipAbstractValue . owned acc
in
(* Add ownership to local variables. In cpp, stack-allocated local
variables cannot be raced on as every thread has its own stack .
More generally , we will never be confident that a race exists on a local / temp . * )
let own_locals =
List . fold ~ f : add_owned_local ( Procdesc . get_locals proc_desc ) ~ init : OwnershipDomain . empty
in
let is_owned_formal { Annot . class_name } =
(* @InjectProp allocates a fresh object to bind to the parameter *)
String . is_suffix ~ suffix : Annotations . inject_prop class_name
in
let add_conditional_owned_formal acc ( formal , formal_index ) =
let ownership_value =
if Annotations . ma_has_annotation_with method_annotation is_owned_formal then
OwnershipAbstractValue . owned
else OwnershipAbstractValue . make_owned_if formal_index
in
OwnershipDomain . add ( AccessExpression . base formal ) ownership_value acc
in
let ownership =
let ownership =
if RacerDModels . is_initializer tenv proc_name then
let is_initializer = RacerDModels . is_initializer tenv proc_name in
let add_owned_formal acc formal_index =
let is_injected =
match FormalMap . get_formal_base formal_index formal_map with
is_initializer && Annotations . pdesc_has_return_annot proc_desc Annotations . ia_is_inject
| Some base ->
in
OwnershipDomain . add ( AccessExpression . base base ) OwnershipAbstractValue . owned acc
Procdesc . get_formals proc_desc
| None ->
| > List . foldi ~ init : OwnershipDomain . empty ~ f : ( fun index acc ( name , typ ) ->
acc
let base =
AccessPath . base_of_pvar ( Pvar . mk name proc_name ) typ | > AccessExpression . base
in
in
if is_injected then
(* if a constructor is called via DI, all of its formals will be freshly allocated and
(* if a constructor is called via DI, all of its formals will be freshly allocated and
therefore owned . we assume that constructors annotated with @Inject will only be
therefore owned . we assume that constructors annotated with [ @ Inject ] will only be
called via DI or using fresh parameters . * )
called via DI or using fresh parameters . * )
if Annotations . pdesc_has_return_annot proc_desc Annotations . ia_is_inject then
add_owned_formal acc base
List . mapi ~ f : ( fun i _ -> i ) ( Procdesc . get_formals proc_desc )
else if is_initializer && Int . equal 0 index then
| > List . fold ~ f : add_owned_formal ~ init : own_locals
else
(* express that the constructor owns [this] *)
(* express that the constructor owns [this] *)
let init = add_owned_formal own_locals 0 in
add_owned_formal acc base
FormalMap . get_formals_indexes formal_map
else add_conditionally_owned_formal acc base index )
| > List . filter ~ f : ( fun ( _ , index ) -> not ( Int . equal 0 index ) )
| > List . fold ~ init ~ f : add_conditional_owned_formal
else
(* add Owned ( formal_index ) predicates for each formal to indicate that each one is owned if
it is owned in the caller * )
List . fold ~ init : own_locals ~ f : add_conditional_owned_formal
( FormalMap . get_formals_indexes formal_map )
in
in
let initial = { bottom with ownership ; threads ; locks } in
let initial = { bottom with ownership ; threads ; locks } in
let formal_map = FormalMap . make proc_desc in
let proc_data = ProcData . make summary tenv formal_map in
let proc_data = ProcData . make summary tenv formal_map in
Analyzer . compute_post proc_data ~ initial
Analyzer . compute_post proc_data ~ initial
| > Option . map ~ f : ( astate_to_summary proc_desc )
| > Option . map ~ f : ( astate_to_summary proc_desc )