Hi all,
kconfirm has shrunk a lot since v2!
Okay back to the RFC...
kconfirm is a tool to detect misusage of Kconfig. It detects dead code,
constant conditions, and invalid (reverse) ranges. There are also optional
checks to detect config options that select visible config options, and to
check for dead links in the help texts.
Following this discussion:
https://lore.kernel.org/all/20260405122749.4990dcb538d457769a3276e0@linux-foundation.org/
in which Andrew brought up the possibility of moving kconfirm in-tree,
I've prepared this RFC to do so. See also kconfirm's introduction to the
mailing list:
https://lore.kernel.org/all/6ec4df6d-1445-48ca-8f54-1d1a83c4716d@gmail.com/
False Alarms:
kconfirm aims for zero false-positives, which is currently true for the
default checks (as far as I'm aware - but there are hundreds to go
through); this is not really possible for dead link checks, as this
depends on an internet connection, and we do not attempt to bypass bot
blocks. For this reason, dead link checking is disabled by default, but
I've provided an example below of how to enable it. Additionally, you can
view my previous message to the mailing list with hand-verified dead links
here:
https://lore.kernel.org/all/6732bf08-41ee-40c4-83b2-4ae8bc0da7cf@gmail.com/
Additionally, there is an optional check to detect config options that
select visible config options, as requested by Jani during the review of
the first version of this RFC:
https://lore.kernel.org/all/dcb7439832f0bb35598fba653d922b5f6a4d0058@intel.com/
Even after deduplicating across architectures, there are well over 1,000
instances of these select-visible cases, and I suspect that, despite the
Kconfig documentation saying select-visible should be avoided, some
exceptions will be made. So, I have left this check disabled by default,
keeping in line with the goal of having a low-noise checker. If interested
in using it, I have included an example below of how to enable this check.
Current State of Alarms:
On Linux v7.1-rc3 (which this RFC is based), there are 489 alarms coming
from the default set of checks, and an additional 1,789 alarms if enabling
the optional select-visible check. These counts are with deduplication
across all architectures, a change that was made to the tool's CLI from
RFC v1 to RFC v2. The last time I checked linux-next (next-20260427),
there were 81 unique dead links.
The most critical check is the dead default statements, which has surfaced
a few misconfiguration bugs (fortunately, just for kunit tests), see
examples:
https://lore.kernel.org/all/20260323124118.1414913-1-julianbraha@gmail.com/
and:
https://lore.kernel.org/all/20260323123536.1413732-1-julianbraha@gmail.com/
But hopefully kconfirm can ease maintenance and we can prevent more of
these from making it into the tree in the future.
Use it:
You can test out kconfirm with this patch series by compiling and running
kconfirm like this:
`make kconfirm`
To enable the select-visible check:
`KCONFIRM_ARGS="--enable-check select_visible" make kconfirm`
And to enable dead link checks in the help texts:
`KCONFIRM_ARGS="--enable-check dead_link" make kconfirm`
kconfirm by default runs on the same architecture as the kernel build
would; though additional architectures can be enabled by passing
`--enable-arch` and the default architecture can be disabled using
`--disable-arch`. Alarms are tagged with the affected architecture. For
alarms that appear in multiple of the enabled architectures, they are
deduplicated and tagged like: [X86] or [X86, ARM].
Dependencies will need to first be downloaded from crates.io by running
the `cargo vendor` command in scripts/kconfirm/
Requested feedback:
1. I would like to know if anyone thinks that the select-visible check
should be enabled by default.
2. I'm still hoping for some usage feedback!
Thanks,
Julian Braha
---
Changes since v2:
- Reduce Rust dependencies significantly (follows Demi's suggestions):
- from 6 direct dependencies to 1
- from 107 indirect dependencies to 4
- Replace ureq crate with usage of system libcurl (thanks Demi)
- Replace clap crate with FFI bindings to libc's getopt_long (also Demi)
- Remove crates env_logger, regex
- Switch from vendoring dependencies to requiring users to first download
outside of Make (as suggested by Miguel)
- Various makefile improvements (as pointed out by Nicolas):
- Fix out-of-tree builds
- Only delete kconfirm artifacts with 'distclean' and 'mrproper'
- Add myself as maintainer of kconfirm (as discussed with Nicolas)
- Remove dedicated code license file (pointed out by Jani)
- Update documentation to explain tool setup
- Add hint to users to check documentation and download tool dependencies
- Address sashiko's many code-level and documentation suggestions:
- Follow the kernel's rust import style
- Fix a dead_range/duplicate_range alarm mixup
- Fix potential duplicates in default value style check
- Avoid panicking on errors
- Clarify parse failure check usage in documentation
- Fix typo in documentation
- Can now enable architectures and disable the default (host) architecture in the CLI
Link to v2:
https://lore.kernel.org/all/20260509203808.1142311-1-julianbraha@gmail.com/
Changes since v1:
- vendored dependencies instead of requiring an internet connection
- removed Cargo.lock
- replaced reqwest dependency with smaller ureq
- removed rustls, expect user to have openssl instead
- added select-visible check based on Jani's feature request
- added invalid (reverse) range check
- deduplicating alarms that appear for multiple architectures
- `make clean` no longer deletes kconfirm's build artifacts
- typo fixes in documentation
- added patch description for the main "add kconfirm" patch (patch 1/2)
Link to v1:
https://lore.kernel.org/all/20260427174429.779474-1-julianbraha@gmail.com/
---
Julian Braha (3):
scripts: add kconfirm
Documentation: add kconfirm
MAINTAINERS: create entry for kconfirm
Documentation/dev-tools/index.rst | 1 +
Documentation/dev-tools/kconfirm.rst | 222 ++++++
MAINTAINERS | 6 +
Makefile | 15 +-
scripts/Makefile | 2 +-
scripts/kconfirm/.gitignore | 3 +
scripts/kconfirm/Cargo.lock | 60 ++
scripts/kconfirm/Cargo.toml | 12 +
scripts/kconfirm/Makefile | 14 +
scripts/kconfirm/kconfirm-lib/Cargo.toml | 12 +
scripts/kconfirm/kconfirm-lib/src/analyze.rs | 643 ++++++++++++++++
scripts/kconfirm/kconfirm-lib/src/checks.rs | 701 ++++++++++++++++++
scripts/kconfirm/kconfirm-lib/src/curl_ffi.rs | 182 +++++
.../kconfirm/kconfirm-lib/src/dead_links.rs | 138 ++++
scripts/kconfirm/kconfirm-lib/src/lib.rs | 62 ++
scripts/kconfirm/kconfirm-lib/src/output.rs | 111 +++
.../kconfirm/kconfirm-lib/src/symbol_table.rs | 223 ++++++
scripts/kconfirm/kconfirm-linux/Cargo.toml | 10 +
.../kconfirm/kconfirm-linux/src/getopt_ffi.rs | 99 +++
scripts/kconfirm/kconfirm-linux/src/lib.rs | 78 ++
scripts/kconfirm/kconfirm-linux/src/main.rs | 192 +++++
21 files changed, 2781 insertions(+), 5 deletions(-)
create mode 100644 Documentation/dev-tools/kconfirm.rst
create mode 100644 scripts/kconfirm/.gitignore
create mode 100644 scripts/kconfirm/Cargo.lock
create mode 100644 scripts/kconfirm/Cargo.toml
create mode 100644 scripts/kconfirm/Makefile
create mode 100644 scripts/kconfirm/kconfirm-lib/Cargo.toml
create mode 100644 scripts/kconfirm/kconfirm-lib/src/analyze.rs
create mode 100644 scripts/kconfirm/kconfirm-lib/src/checks.rs
create mode 100644 scripts/kconfirm/kconfirm-lib/src/curl_ffi.rs
create mode 100644 scripts/kconfirm/kconfirm-lib/src/dead_links.rs
create mode 100644 scripts/kconfirm/kconfirm-lib/src/lib.rs
create mode 100644 scripts/kconfirm/kconfirm-lib/src/output.rs
create mode 100644 scripts/kconfirm/kconfirm-lib/src/symbol_table.rs
create mode 100644 scripts/kconfirm/kconfirm-linux/Cargo.toml
create mode 100644 scripts/kconfirm/kconfirm-linux/src/getopt_ffi.rs
create mode 100644 scripts/kconfirm/kconfirm-linux/src/lib.rs
create mode 100644 scripts/kconfirm/kconfirm-linux/src/main.rs
--
2.53.0