Suppresses RLC non-final field overwrite warning for safe constructor field initialization#7050
Suppresses RLC non-final field overwrite warning for safe constructor field initialization#7050iamsanjaymalakar wants to merge 93 commits intotypetools:masterfrom
Conversation
… field initialization
kelloggm
left a comment
kelloggm
left a comment
There was a problem hiding this comment.
Overall looks good, just a few minor comments. I'd like to take one more look before we merge, though.
checker/tests/resourceleak-firstinitconstructor/ConstructorChainingLeak.java
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
mernst
changed the title
|
@iamsanjaymalakar The typecheck job is not passing. |
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
kelloggm
left a comment
kelloggm
left a comment
There was a problem hiding this comment.
LGTM, I don't need to review again. Please address these comments and then request a review from Mike.
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
|
@iamsanjaymalakar Martin asked you to assign me when you had addressed his comments. Have you addressed them? |
Yes, I have. You can take a look. |
mernst
left a comment
mernst
left a comment
There was a problem hiding this comment.
Please clarify some documentation, and update the code if necessary. (I didn't read the code because there is no point in doing so until the documentation is clear.)
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
mernst
left a comment
mernst
left a comment
There was a problem hiding this comment.
Thanks! This is looking solid. I have a few comments and questions, and then after another round I hope this can be merged.
...ker/src/main/java/org/checkerframework/checker/resourceleak/MustCallConsistencyAnalyzer.java
Outdated
Show resolved
Hide resolved
| } | ||
| } | ||
|
|
||
| /** |
There was a problem hiding this comment.
There are 400 lines of code about finding the first write. Given its size, I suggest abstracting it out into a separate file.
There was a problem hiding this comment.
Refactored them into a separate file.
| return false; | ||
| } | ||
| ClassTree classTree = TreePathUtil.enclosingClass(constructorPath); | ||
| if (classTree == null) { |
There was a problem hiding this comment.
When can this happen? Should this be removed, so that the Checker Framework throws an exception when it has an internal defect, rather than silently ignoring the error?
There was a problem hiding this comment.
I threw an exception instead of null-check now.
| Element lhsElement = TreeUtils.elementFromTree(lhs); | ||
| if (targetField == lhsElement) { | ||
| isInitialized.set(true); | ||
| return null; |
There was a problem hiding this comment.
Once isInitialized is set to true, there is no need to continue the visitor's traversal. So, use a visitor that permits early exit (short-circuiting).
Every visitor that can return early should use such an optimization.
There was a problem hiding this comment.
Thanks for pointing it out, I've added the short-circuiting logic.
|
|
||
| /** | ||
| * Scans {@code stmts} in source order to determine whether {@code targetAssignment} is definitely | ||
| * the first write to {@code targetField} in this constructor fragment. |
There was a problem hiding this comment.
It could also be in an initializer block, right?
There was a problem hiding this comment.
No, it's only for constructor-body statements. I've clarified in the javadoc.
| * exceptional path). | ||
| * | ||
| * @param tryTree the try statement to inspect | ||
| * @param targetField the field to check for assignments |
There was a problem hiding this comment.
I think it must be of reference (non-primitive) type. Is that correct?
|
|
||
| /** | ||
| * Visitor that determines whether a given assignment in a constructor is definitely the first | ||
| * write to its field before any earlier assignment or side-effecting call. The entry point is |
There was a problem hiding this comment.
Do "earlier assignments" include static initializer blocks? I know your code handles that, but the comment should say whether this method handles it.
There was a problem hiding this comment.
I've updated the comments.
| * | ||
| * <p>This performs a single AST traversal over the provided tree fragment and is deliberately | ||
| * conservative: it does not reason about control flow or path feasibility. It is intended to be | ||
| * applied only to supported fragments (expressions and statement subtrees selected by the |
There was a problem hiding this comment.
Selected how?
How does the caller know what is legal to pass?
There was a problem hiding this comment.
Updated the code comments.
| * <p>This performs a single AST traversal over the provided tree fragment and is deliberately | ||
| * conservative: it does not reason about control flow or path feasibility. It is intended to be | ||
| * applied only to supported fragments (expressions and statement subtrees selected by the | ||
| * caller), not to arbitrary statements containing branching/looping constructs. |
There was a problem hiding this comment.
Consider clarifying whether this code is conservative or unsound if the contract ("only applied to supported fragments") is violated by the caller.
There was a problem hiding this comment.
Updated the code comments.
| * Scans {@code root} to determine whether {@code targetAssignment} is reached before any | ||
| * disqualifying event within this tree fragment. | ||
| * | ||
| * <p>This method is conservative and AST-only. It returns {@link |
There was a problem hiding this comment.
What does "AST-only" mean in this context?
There was a problem hiding this comment.
Updated the code comments.
Summary by CodeRabbit
New Features
Tests