> - The `assert_capability` attribute is also a bit of a backdoor. Instead > of statically propagating through the code that a mutex is held, we can > just get that fact "out of thin air". >
Assert_capability is not a back door. It is supposed to be used only on a function which does a run-time check: if (!mu_.is_locked()) fail(). This sort of thing is very common in static analysis. There are places in the code where you cannot statically prove that a property holds at compile-time, so you insert a run-time check into the code, and then propagate that property to the static analysis on the branch where the check succeeds. Of course, you can use assert_capability to create a back door, by putting it on a function that doesn't actually check anything, just like you can declare random methods to be lock_functions, even if they don't lock anything. :-) -DeLesley -- DeLesley Hutchins | Software Engineer | deles...@google.com | 505-206-0315
_______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits