[clang] Thread Safety Analysis: Support passing scoped locks between functions with appropriate annotations (PR #110523)

Malek Ben Slimane via cfe-commits cfe-commits at lists.llvm.org
Wed Dec 4 07:19:54 PST 2024


================
@@ -336,6 +336,40 @@ Improvements to Clang's diagnostics
   local variables passed to function calls using the ``[[clang::musttail]]``
   attribute.
 
+- The Thread Safety Analysis (#GH110523) now supports passing scoped capabilities into functions:
+  an attribute on the scoped capability parameter indicates both the expected associated capabilities and,
+  like in the case of attributes on the function declaration itself, their state before and after the call.
+
+  .. code-block:: c++
+
+    #include "mutex.h"
+
+    class MutexUnlocker {
+      Mutex* mu;
+
+    public:
+      MutexUnlocker(Mutex* m) RELEASE(m) : mu(m)  { mu->Unlock(); }
+      ~MutexUnlocker() ACQUIRE(mu) { mu->Lock(); }
+    };
+
+    Mutex mu1, mu2;
+    int a GUARDED_BY(mu1);
+
+    void require(MutexLocker& scope REQUIRES(mu1)) {
+      scope.Unlock();
+      a = 0; // Warning!  Requires mu1.
+      scope.Lock();
+    }
+
+    void testParameter() {
+      MutexLocker scope(&mu1);
+      MutexLocker scope2(&mu2);
+      require(scope2); // Warning! Mutex managed by 'scope' is 'mu2' instead of 'mu1'
----------------
malek203 wrote:

That's right and I will fix it in the Thread Safety Analysis documentation too.

https://github.com/llvm/llvm-project/pull/110523


More information about the cfe-commits mailing list