On 1/30/25 11:49 PM, Christoph Hellwig wrote:
On Wed, Jan 29, 2025 at 02:56:35PM -0800, Bart Van Assche wrote:
This bug was discovered by annotating all mutex operations with clang
thread-safety attributes and by building the kernel with clang and
-Wthread-safety.
Can you send patches for that?
Sure, but it will take a few additional days before these will be ready
to be posted. My current plan is as follows:
- In a first phase, annotate struct mutex and the
mutex_lock()/mutex_unlock() calls and their variants only. This is
sufficient to detect locking bugs at compile time in error paths and
also to support GUARDED_BY() if neither the guard() macro nor the
scoped_guard() macro are used.
- Next, modify the clang compiler such that the guard() macro becomes
supported. The challenge with the guard() macro is that it creates an
alias for synchronization object pointers, that the cleanup function
is passed a pointer to the synchronization object alias and also that
alias analysis is not supported by the clang thread-safety analysis.
I have not yet decided how to implement this.
- Evaluate whether it's worth it to annotate other synchronization
objects than struct mutex.
Bart.
