From nobody Thu Oct 2 10:55:48 2025 Received: from mail-wr1-f74.google.com (mail-wr1-f74.google.com [209.85.221.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3F2FF315D57 for ; Thu, 18 Sep 2025 14:06:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758204392; cv=none; b=gxdlVK98SeWv8lQoouQh7uGyxd1Ps/JYQsuvwB0+RIVAiYcQSGPyKvh8t1ZQzCFdxbjAb2KN/43Cw6BXKUcwpDj2K1mWqf4PTsSxjM3z56KaRJiEj7PxHvY0lzg7zd3vVuMSW5M4USIvXTh2s2WfbVa/chwHhSRDSLQOZn0XVWQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758204392; c=relaxed/simple; bh=yEzbFrSIlVK8MMgoiVU9ErjaZwwo0WE03sFxx8pRhqs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=W38XLBwtrmn2t1SDiuEwtWyiPeVOj0Rp2rUIH8RprJvKynLm9tBusz1fhKW8hDdL7Km9VSWPPO0uJg/HoUu0QO4xljjGHG/Uz9wvyVyzqDwhIQIzp8hbrK4Cx2FYhjt9fzJe0QlGwKx2e/fQspWdwpsq2cBEGPROrRAEciFj5CU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--elver.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=dDO5d8mH; arc=none smtp.client-ip=209.85.221.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--elver.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="dDO5d8mH" Received: by mail-wr1-f74.google.com with SMTP id ffacd0b85a97d-3ece0fd841cso765916f8f.0 for ; Thu, 18 Sep 2025 07:06:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1758204387; x=1758809187; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=3E29rPCnN3EjGw7BZaVdq2KLgeK/DgzeRknIagImVk4=; b=dDO5d8mH65+f0XSCRdEo6KLDwI+mNXjnLxSKrTJIHpE1KDju5pjjQxGVXb3T3fYgyW 3RAsay4Ly5vQEPxpfxx53M3HiTy9/7iNR5k2AUagM3IzvychSmZKC7czHH09x+3AQGWR nrSkEBBQvcBYidFVnq8mbvOvDGc/ZlrYgKMePt79QFhrBjLV6biHw7Y6zEuOfoj64xyE GbGjEI5CLZ8BFjXMXjkjga05U61KVZZaBtAWdq6+fHPNMnFws8VXhi9ulqRx/tGxNDj4 xmUderTc3kP4D0sJz9jahvZOuQX15ZxRPVzqf1qpCssPYkOXoLMO8XC3I1uWOWdaHhli znaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1758204387; x=1758809187; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=3E29rPCnN3EjGw7BZaVdq2KLgeK/DgzeRknIagImVk4=; b=CwhzymaC292oT3Yu8HPTz7H/mOHbm9W8+agkc65Q/7q3MV1K8uWCi6JgH1RU82ezZO q009rLfhD8t+dKgEPCEn4hO5vRgI8+C/YMWkZNaZQcfa1iaM0OV/YyI82RbpktrJQx7Z d1G2TuS+kmJzlPBK3HcvnvjzI7RP5941qIqP3JaJEB+XwfKjnGgw8jsSZQf4Iwvo0ahK gwosk4IpR+b007SsAaGpM35EHLpL1azoohUYg1xapZrB9uhKbvkBlM/MmY6egQ95iLSA 9gxj8DxL+cqOvYaDxSfixb0FdEflIrpEm1hkubFp2zbT9fbibbjeOQNeexr+bkq6UeoM 4htA== X-Forwarded-Encrypted: i=1; AJvYcCVjfd+xLBANJNaVUWWLGLRmVBxK6e6Muya2/fX92JD44FNH+6MCjd1SCbkftL0Vz2zFS4O3TNuTVpQz+R8=@vger.kernel.org X-Gm-Message-State: AOJu0YwO+o+WlZZaxMmylieJGZAXWKS2MprRQN0GL1O6bxHkXUdeMBjl jJ7xjGuPbWJQ+21zeJEFBuxiIpSclZPW9KAIXZwJ3dcCIXIJvQT9p8AM3ZMX93VGsr37/1rybiV 3SQ== X-Google-Smtp-Source: AGHT+IFHOcMXLGwqrVjcBRy1JE0YXyKuRo6WKOASUxR9vb7h90q+XczVWS1fXy1SoT97a7/Imh/y4s+FnQ== X-Received: from wmben15.prod.google.com ([2002:a05:600c:828f:b0:45c:b62f:ca0d]) (user=elver job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6000:1887:b0:3e7:615a:17f6 with SMTP id ffacd0b85a97d-3ecdf9ec859mr5220873f8f.28.1758204386463; Thu, 18 Sep 2025 07:06:26 -0700 (PDT) Date: Thu, 18 Sep 2025 15:59:33 +0200 In-Reply-To: <20250918140451.1289454-1-elver@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250918140451.1289454-1-elver@google.com> X-Mailer: git-send-email 2.51.0.384.g4c02a37b29-goog Message-ID: <20250918140451.1289454-23-elver@google.com> Subject: [PATCH v3 22/35] compiler-capability-analysis: Remove Sparse support From: Marco Elver To: elver@google.com, Peter Zijlstra , Boqun Feng , Ingo Molnar , Will Deacon Cc: "David S. Miller" , Luc Van Oostenryck , "Paul E. McKenney" , Alexander Potapenko , Arnd Bergmann , Bart Van Assche , Bill Wendling , Christoph Hellwig , Dmitry Vyukov , Eric Dumazet , Frederic Weisbecker , Greg Kroah-Hartman , Herbert Xu , Ian Rogers , Jann Horn , Joel Fernandes , Jonathan Corbet , Josh Triplett , Justin Stitt , Kees Cook , Kentaro Takeda , Lukas Bulwahn , Mark Rutland , Mathieu Desnoyers , Miguel Ojeda , Nathan Chancellor , Neeraj Upadhyay , Nick Desaulniers , Steven Rostedt , Tetsuo Handa , Thomas Gleixner , Thomas Graf , Uladzislau Rezki , Waiman Long , kasan-dev@googlegroups.com, linux-crypto@vger.kernel.org, linux-doc@vger.kernel.org, linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-security-module@vger.kernel.org, linux-sparse@vger.kernel.org, llvm@lists.linux.dev, rcu@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Remove Sparse support as discussed at [1]. The kernel codebase is still scattered with numerous places that try to appease Sparse's context tracking ("annotation for sparse", "fake out sparse", "work around sparse", etc.). Eventually, as more subsystems enable Clang's capability analysis, these places will show up and need adjustment or removal of the workarounds altogether. Link: https://lore.kernel.org/all/20250207083335.GW7145@noisy.programming.k= icks-ass.net/ [1] Link: https://lore.kernel.org/all/Z6XTKTo_LMj9KmbY@elver.google.com/ [2] Cc: "Luc Van Oostenryck" Cc: Peter Zijlstra Signed-off-by: Marco Elver --- v2: * New patch. --- Documentation/dev-tools/sparse.rst | 19 ----- include/linux/compiler-capability-analysis.h | 80 ++++++-------------- include/linux/rcupdate.h | 15 +--- 3 files changed, 25 insertions(+), 89 deletions(-) diff --git a/Documentation/dev-tools/sparse.rst b/Documentation/dev-tools/s= parse.rst index dc791c8d84d1..37b20170835d 100644 --- a/Documentation/dev-tools/sparse.rst +++ b/Documentation/dev-tools/sparse.rst @@ -53,25 +53,6 @@ sure that bitwise types don't get mixed up (little-endia= n vs big-endian vs cpu-endian vs whatever), and there the constant "0" really _is_ special. =20 -Using sparse for lock checking ------------------------------- - -The following macros are undefined for gcc and defined during a sparse -run to use the "context" tracking feature of sparse, applied to -locking. These annotations tell sparse when a lock is held, with -regard to the annotated function's entry and exit. - -__must_hold - The specified lock is held on function entry and exit. - -__acquires - The specified lock is held on function exit, but not entry. - -__releases - The specified lock is held on function entry, but not exit. - -If the function enters and exits without the lock held, acquiring and -releasing the lock inside the function in a balanced way, no -annotation is needed. The three annotations above are for cases where -sparse would otherwise report a context imbalance. - Getting sparse -------------- =20 diff --git a/include/linux/compiler-capability-analysis.h b/include/linux/c= ompiler-capability-analysis.h index ccd312dbbf06..6046fca44f17 100644 --- a/include/linux/compiler-capability-analysis.h +++ b/include/linux/compiler-capability-analysis.h @@ -248,57 +248,32 @@ static inline void _capability_unsafe_alias(void **p)= { } extern const struct __capability_##cap *name =20 /* - * Common keywords for static capability analysis. Both Clang's capability - * analysis and Sparse's context tracking are currently supported. - */ -#ifdef __CHECKER__ - -/* Sparse context/lock checking support. */ -# define __must_hold(x) __attribute__((context(x,1,1))) -# define __must_not_hold(x) -# define __acquires(x) __attribute__((context(x,0,1))) -# define __cond_acquires(ret, x) __attribute__((context(x,0,-1))) -# define __releases(x) __attribute__((context(x,1,0))) -# define __acquire(x) __context__(x,1) -# define __release(x) __context__(x,-1) -# define __cond_lock(x, c) ((c) ? ({ __acquire(x); 1; }) : 0) -/* For Sparse, there's no distinction between exclusive and shared locks. = */ -# define __must_hold_shared __must_hold -# define __acquires_shared __acquires -# define __cond_acquires_shared __cond_acquires -# define __releases_shared __releases -# define __acquire_shared __acquire -# define __release_shared __release -# define __cond_lock_shared __cond_acquire - -#else /* !__CHECKER__ */ + * Common keywords for static capability analysis. + */ =20 /** * __must_hold() - function attribute, caller must hold exclusive capabili= ty - * @x: capability instance pointer * * Function attribute declaring that the caller must hold the given capabi= lity - * instance @x exclusively. + * instance(s) exclusively. */ -# define __must_hold(x) __requires_cap(x) +#define __must_hold(...) __requires_cap(__VA_ARGS__) =20 /** * __must_not_hold() - function attribute, caller must not hold capability - * @x: capability instance pointer * * Function attribute declaring that the caller must not hold the given - * capability instance @x. + * capability instance(s). */ -# define __must_not_hold(x) __excludes_cap(x) +#define __must_not_hold(...) __excludes_cap(__VA_ARGS__) =20 /** * __acquires() - function attribute, function acquires capability exclusi= vely - * @x: capability instance pointer * * Function attribute declaring that the function acquires the given - * capability instance @x exclusively, but does not release it. + * capability instance(s) exclusively, but does not release them. */ -# define __acquires(x) __acquires_cap(x) +#define __acquires(...) __acquires_cap(__VA_ARGS__) =20 /* * Clang's analysis does not care precisely about the value, only that it = is @@ -325,16 +300,15 @@ static inline void _capability_unsafe_alias(void **p)= { } * * @ret may be one of: true, false, nonzero, 0, nonnull, NULL. */ -# define __cond_acquires(ret, x) __cond_acquires_impl_##ret(x) +#define __cond_acquires(ret, x) __cond_acquires_impl_##ret(x) =20 /** * __releases() - function attribute, function releases a capability exclu= sively - * @x: capability instance pointer * * Function attribute declaring that the function releases the given capab= ility - * instance @x exclusively. The capability must be held on entry. + * instance(s) exclusively. The capability must be held on entry. */ -# define __releases(x) __releases_cap(x) +#define __releases(...) __releases_cap(__VA_ARGS__) =20 /** * __acquire() - function to acquire capability exclusively @@ -342,7 +316,7 @@ static inline void _capability_unsafe_alias(void **p) {= } * * No-op function that acquires the given capability instance @x exclusive= ly. */ -# define __acquire(x) __acquire_cap(x) +#define __acquire(x) __acquire_cap(x) =20 /** * __release() - function to release capability exclusively @@ -350,7 +324,7 @@ static inline void _capability_unsafe_alias(void **p) {= } * * No-op function that releases the given capability instance @x. */ -# define __release(x) __release_cap(x) +#define __release(x) __release_cap(x) =20 /** * __cond_lock() - function that conditionally acquires a capability @@ -369,31 +343,28 @@ static inline void _capability_unsafe_alias(void **p)= { } * * #define spin_trylock(l) __cond_lock(&lock, _spin_trylock(&lock)) */ -# define __cond_lock(x, c) __try_acquire_cap(x, c) +#define __cond_lock(x, c) __try_acquire_cap(x, c) =20 /** * __must_hold_shared() - function attribute, caller must hold shared capa= bility - * @x: capability instance pointer * * Function attribute declaring that the caller must hold the given capabi= lity - * instance @x with shared access. + * instance(s) with shared access. */ -# define __must_hold_shared(x) __requires_shared_cap(x) +#define __must_hold_shared(...) __requires_shared_cap(__VA_ARGS__) =20 /** * __acquires_shared() - function attribute, function acquires capability = shared - * @x: capability instance pointer * * Function attribute declaring that the function acquires the given - * capability instance @x with shared access, but does not release it. + * capability instance(s) with shared access, but does not release them. */ -# define __acquires_shared(x) __acquires_shared_cap(x) +#define __acquires_shared(...) __acquires_shared_cap(__VA_ARGS__) =20 /** * __cond_acquires_shared() - function attribute, function conditionally * acquires a capability shared * @ret: abstract value returned by function if capability acquired - * @x: capability instance pointer * * Function attribute declaring that the function conditionally acquires t= he * given capability instance @x with shared access, but does not release i= t. The @@ -401,17 +372,16 @@ static inline void _capability_unsafe_alias(void **p)= { } * * @ret may be one of: true, false, nonzero, 0, nonnull, NULL. */ -# define __cond_acquires_shared(ret, x) __cond_acquires_impl_##ret(x, _sha= red) +#define __cond_acquires_shared(ret, x) __cond_acquires_impl_##ret(x, _shar= ed) =20 /** * __releases_shared() - function attribute, function releases a * capability shared - * @x: capability instance pointer * * Function attribute declaring that the function releases the given capab= ility - * instance @x with shared access. The capability must be held on entry. + * instance(s) with shared access. The capability must be held on entry. */ -# define __releases_shared(x) __releases_shared_cap(x) +#define __releases_shared(...) __releases_shared_cap(__VA_ARGS__) =20 /** * __acquire_shared() - function to acquire capability shared @@ -420,7 +390,7 @@ static inline void _capability_unsafe_alias(void **p) {= } * No-op function that acquires the given capability instance @x with shar= ed * access. */ -# define __acquire_shared(x) __acquire_shared_cap(x) +#define __acquire_shared(x) __acquire_shared_cap(x) =20 /** * __release_shared() - function to release capability shared @@ -429,7 +399,7 @@ static inline void _capability_unsafe_alias(void **p) {= } * No-op function that releases the given capability instance @x with shar= ed * access. */ -# define __release_shared(x) __release_shared_cap(x) +#define __release_shared(x) __release_shared_cap(x) =20 /** * __cond_lock_shared() - function that conditionally acquires a capability @@ -443,9 +413,7 @@ static inline void _capability_unsafe_alias(void **p) {= } * access, if the boolean expression @c is true. The result of @c is the r= eturn * value, to be able to create a capability-enabled interface. */ -# define __cond_lock_shared(x, c) __try_acquire_shared_cap(x, c) - -#endif /* __CHECKER__ */ +#define __cond_lock_shared(x, c) __try_acquire_shared_cap(x, c) =20 /** * __acquire_ret() - helper to acquire capability of return value diff --git a/include/linux/rcupdate.h b/include/linux/rcupdate.h index 8eeece72492c..aec28e98d3f2 100644 --- a/include/linux/rcupdate.h +++ b/include/linux/rcupdate.h @@ -1177,20 +1177,7 @@ rcu_head_after_call_rcu(struct rcu_head *rhp, rcu_ca= llback_t f) extern int rcu_expedited; extern int rcu_normal; =20 -DEFINE_LOCK_GUARD_0(rcu, - do { - rcu_read_lock(); - /* - * sparse doesn't call the cleanup function, - * so just release immediately and don't track - * the context. We don't need to anyway, since - * the whole point of the guard is to not need - * the explicit unlock. - */ - __release(RCU); - } while (0), - rcu_read_unlock()) - +DEFINE_LOCK_GUARD_0(rcu, rcu_read_lock(), rcu_read_unlock()) DECLARE_LOCK_GUARD_0_ATTRS(rcu, __acquires_shared(RCU), __releases_shared(= RCU)) =20 #endif /* __LINUX_RCUPDATE_H */ --=20 2.51.0.384.g4c02a37b29-goog