From nobody Thu Apr 2 04:19:14 2026 Received: from mail-wm1-f48.google.com (mail-wm1-f48.google.com [209.85.128.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E7B993D8100 for ; Mon, 30 Mar 2026 14:10:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.48 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774879803; cv=none; b=ifQsgIc058c1vXwBh0TYkgHh1W1AFkyYZI3ay2uCmKjiQQMcOn2xVNFHBwq+n0aCxUKOh5a6OHILsIFl306WXwpCzqKTOcX9t3f6EHhDqS9g6MsWI+yavgvBZBrLM2yLizHkbgC2qrCSEVApZGQ7sP0I/38aNSONHSD4UYG6lsk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774879803; c=relaxed/simple; bh=pTCJHJX8bTl7q3lpIGFz0+hvyyonxW9EtJZoTs2vgbM=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=DncilgR6q+UNa1e6Xwz80fe4FI20cAS/tpBLh8WiOxl4p69t2A5Z5HKuTDKZJsvzv9WXFDdwlUVP00n0c3QqQC+gWJY2tXJSS+R2Fg0al6tpiQKs13q+E6239ca9bCMyLzT7ouDKhEYzrSh17+ZTgiKLqFrUBkd0RmGGnqxajus= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=hF6EWIFW; arc=none smtp.client-ip=209.85.128.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="hF6EWIFW" Received: by mail-wm1-f48.google.com with SMTP id 5b1f17b1804b1-4852c9b4158so35798135e9.0 for ; Mon, 30 Mar 2026 07:10:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1774879799; x=1775484599; darn=vger.kernel.org; h=user-agent:in-reply-to:content-disposition:mime-version:references :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=ofGeXPfaVRXCWGVBncjC8OxpQsdvZbUIW7I2SC9DA3M=; b=hF6EWIFWB4JFTpelTr435XNaGWDLc7O2Rv4S8FtPPGowkVtHDK4Tpl9LhEixC9DfXo 4G6YB6qQco+nJuBydGWoYzpb8pB/PoGLHPiVlBzlHOCjbH4HXcnHNa839xx3Pe/T63A7 6GVDevg2iStLdumLC2cpPJfUeVepPhtKqn1z3a0wkE4QvZLkeb7wMYT+8Kz/b4fFpRET F2iJewZJwt+UGUbeTMD682toji7EDbqVHSRjjxby6MUPOAZkAIDYDilyI47vgqQw7Tra QgWVGBZulPcCtGFqLlMgJScNgH/n+06C39tcZTEp146kn51Yghi98uoO4w0WRaCcmutn HHzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774879799; x=1775484599; h=user-agent:in-reply-to:content-disposition:mime-version:references :message-id:subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=ofGeXPfaVRXCWGVBncjC8OxpQsdvZbUIW7I2SC9DA3M=; b=fjplNtIv9HO5MDnI4XceOndXt4zNXaLW/HeJm6B9fywjBD2TqTtgZNFtoDadqHXEiH ktz2rHTwgC/MXAWta9+mEfOoIJBZg+zMZc4FlMLruL9g0GMJs4tHvkFI1mZDUPviuls2 PxOSd/6vss29/rmP8kS3Id4ViEFNbwF/CvQeDfW619uHGo4qAH5oEMCa/aPbrctFOksZ AIUR/cKALgynY68Q7ca31mmwOYfk0sKBYS44ZCRZHlduhG4ZNrYI1zM0Dw8XA1hzUj+8 vGCyoVmIS7UOntaAmTb+aEMD8tu1joItp2Da+FNjIuPFtUgdRcMLDpWHQeoirD3Ubcv7 kYDA== X-Forwarded-Encrypted: i=1; AJvYcCUCeV/QoyenZMshs3C1enAKhsJ+XL1g8eGCc6GBuGxlAjVz+92vfQC5L53mOORt48J8BZ2kvaN5U/24dz4=@vger.kernel.org X-Gm-Message-State: AOJu0Yy3pyYw/CkyuGZrSEVNeKmVO8CAlaNxLj6eL4NojW+tZlYm3NyA A4QxkGB68TdMaqJbvO6lZvjpJuRvZNhxh2xgwpuY7succ+BvmiMdg7qCZr2WSvI2+g== X-Gm-Gg: ATEYQzzbsZuoHhkk3oSulmozsxDH2DQvrUzCE0BgzV9324oIAvxM1CpGx6RN164nhZK 4xEjlPHnnhvISVFeaDLG+iQQnhn9WuYNwkCbynrPxIuS66at11fKj92VQh1N6afJHoSqEl+lwY5 roRk3VIXm8FY+EDHSPQpT7NNpbCFglTK3PSPFlibr1LobtVPSefxwdg9t2/di/iMHgZhWwsYxrL YZfAuZnDz4hipEu6iEXhLKE2ZWhHN7woRkYweUC672Nz/N1xaIfMWrekkjMFOrSfi901sjmbv5q w3eUVLKEZAuZBiR+r7VmErHtjRw7klAuiUNe6S7lbSlRHieJz/xeAlDhyV9g1W0aWD5Evp+AFNI cWuWWCEMgw95Ib2ywKkOl0RX0a7E99ClPDqtkdAR5mW/FpJHQm1Gp7HzVhHCgxRDvkahgxZ2XDB QZo/WCg5Z1BNCl5TCbRmEoY/7C8q1ltNfPQzZ9m0P1WtAwHfPdcVqIEadLOOTL X-Received: by 2002:a5d:5389:0:b0:43c:f52b:7ff7 with SMTP id ffacd0b85a97d-43cf52b80f8mr9346306f8f.50.1774879798389; Mon, 30 Mar 2026 07:09:58 -0700 (PDT) Received: from elver.google.com ([2a00:79e0:2834:9:a898:3d0d:784b:16c3]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43cf21eb95fsm21396329f8f.12.2026.03.30.07.09.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Mar 2026 07:09:57 -0700 (PDT) Date: Mon, 30 Mar 2026 16:09:50 +0200 From: Marco Elver To: Peter Zijlstra Cc: Ingo Molnar , Nathan Chancellor , Nick Desaulniers , Bill Wendling , Justin Stitt , llvm@lists.linux.dev, Bart Van Assche , linux-kernel@vger.kernel.org Subject: [PATCH tip/locking/core] compiler-context-analysis: Bump required Clang version to 23 Message-ID: References: <20260323153351.1412355-1-elver@google.com> <20260325152000.GG3738786@noisy.programming.kicks-ass.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20260325152000.GG3738786@noisy.programming.kicks-ass.net> User-Agent: Mutt/2.2.13 (2024-03-09) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Clang 23 introduces support for multiple arguments in the `guarded_by` and `pt_guarded_by` attributes [1]. This allows defining variables protected by multiple context locks, where read access requires holding at least one lock (shared or exclusive), and write access requires holding all of them exclusively. Clang 23 also provides a few other improvements (such as being able to deal with arrays of locks [2]) that make it worthwhile bumping the compiler version instead of trying to make both Clang 22 and later work while supporting these new features. Link: https://github.com/llvm/llvm-project/pull/186838 [1] Link: https://github.com/llvm/llvm-project/pull/148551 [2] Requested-by: Peter Zijlstra Signed-off-by: Marco Elver Reviewed-by: Nathan Chancellor --- v2: * Bump version instead of __guarded_by_any workaround. --- Documentation/dev-tools/context-analysis.rst | 2 +- include/linux/compiler-context-analysis.h | 30 ++++++++++++++------ lib/Kconfig.debug | 4 +-- lib/test_context-analysis.c | 24 ++++++++++++++++ 4 files changed, 49 insertions(+), 11 deletions(-) diff --git a/Documentation/dev-tools/context-analysis.rst b/Documentation/d= ev-tools/context-analysis.rst index 54d9ee28de98..8e71e1e75b5b 100644 --- a/Documentation/dev-tools/context-analysis.rst +++ b/Documentation/dev-tools/context-analysis.rst @@ -17,7 +17,7 @@ features. To enable for Clang, configure the kernel with:: =20 CONFIG_WARN_CONTEXT_ANALYSIS=3Dy =20 -The feature requires Clang 22 or later. +The feature requires Clang 23 or later. =20 The analysis is *opt-in by default*, and requires declaring which modules = and subsystems should be analyzed in the respective `Makefile`:: diff --git a/include/linux/compiler-context-analysis.h b/include/linux/comp= iler-context-analysis.h index 00c074a2ccb0..1ab2622621c3 100644 --- a/include/linux/compiler-context-analysis.h +++ b/include/linux/compiler-context-analysis.h @@ -39,12 +39,14 @@ # define __assumes_shared_ctx_lock(...) __attribute__((assert_shared_capab= ility(__VA_ARGS__))) =20 /** - * __guarded_by - struct member and globals attribute, declares variable - * only accessible within active context + * __guarded_by() - struct member and globals attribute, declares variable + * only accessible within active context + * @...: context lock instance pointer(s) * * Declares that the struct member or global variable is only accessible w= ithin - * the context entered by the given context lock. Read operations on the d= ata - * require shared access, while write operations require exclusive access. + * the context entered by the given context lock(s). Read operations on th= e data + * require shared access to at least one of the context locks, while write + * operations require exclusive access to all listed context locks. * * .. code-block:: c * @@ -52,17 +54,24 @@ * spinlock_t lock; * long counter __guarded_by(&lock); * }; + * + * struct some_state { + * spinlock_t lock1, lock2; + * long counter __guarded_by(&lock1, &lock2); + * }; */ # define __guarded_by(...) __attribute__((guarded_by(__VA_ARGS__))) =20 /** - * __pt_guarded_by - struct member and globals attribute, declares pointed= -to - * data only accessible within active context + * __pt_guarded_by() - struct member and globals attribute, declares point= ed-to + * data only accessible within active context + * @...: context lock instance pointer(s) * * Declares that the data pointed to by the struct member pointer or global * pointer is only accessible within the context entered by the given cont= ext - * lock. Read operations on the data require shared access, while write - * operations require exclusive access. + * lock(s). Read operations on the data require shared access to at least = one + * of the context locks, while write operations require exclusive access t= o all + * listed context locks. * * .. code-block:: c * @@ -70,6 +79,11 @@ * spinlock_t lock; * long *counter __pt_guarded_by(&lock); * }; + * + * struct some_state { + * spinlock_t lock1, lock2; + * long *counter __pt_guarded_by(&lock1, &lock2); + * }; */ # define __pt_guarded_by(...) __attribute__((pt_guarded_by(__VA_ARGS__))) =20 diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index 93f356d2b3d9..09e9bd003c70 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -630,7 +630,7 @@ config DEBUG_FORCE_WEAK_PER_CPU =20 config WARN_CONTEXT_ANALYSIS bool "Compiler context-analysis warnings" - depends on CC_IS_CLANG && CLANG_VERSION >=3D 220100 + depends on CC_IS_CLANG && CLANG_VERSION >=3D 230000 # Branch profiling re-defines "if", which messes with the compiler's # ability to analyze __cond_acquires(..), resulting in false positives. depends on !TRACE_BRANCH_PROFILING @@ -641,7 +641,7 @@ config WARN_CONTEXT_ANALYSIS and releasing user-definable "context locks". =20 Clang's name of the feature is "Thread Safety Analysis". Requires - Clang 22.1.0 or later. + Clang 23 or later. =20 Produces warnings by default. Select CONFIG_WERROR if you wish to turn these warnings into errors. diff --git a/lib/test_context-analysis.c b/lib/test_context-analysis.c index 06b4a6a028e0..316f4dfcda65 100644 --- a/lib/test_context-analysis.c +++ b/lib/test_context-analysis.c @@ -159,6 +159,10 @@ TEST_SPINLOCK_COMMON(read_lock, struct test_mutex_data { struct mutex mtx; int counter __guarded_by(&mtx); + + struct mutex mtx2; + int anyread __guarded_by(&mtx, &mtx2); + int *anyptr __pt_guarded_by(&mtx, &mtx2); }; =20 static void __used test_mutex_init(struct test_mutex_data *d) @@ -219,6 +223,26 @@ static void __used test_mutex_cond_guard(struct test_m= utex_data *d) } } =20 +static void __used test_mutex_multiguard(struct test_mutex_data *d) +{ + mutex_lock(&d->mtx); + (void)d->anyread; + (void)*d->anyptr; + mutex_unlock(&d->mtx); + + mutex_lock(&d->mtx2); + (void)d->anyread; + (void)*d->anyptr; + mutex_unlock(&d->mtx2); + + mutex_lock(&d->mtx); + mutex_lock(&d->mtx2); + d->anyread++; + (*d->anyptr)++; + mutex_unlock(&d->mtx2); + mutex_unlock(&d->mtx); +} + struct test_seqlock_data { seqlock_t sl; int counter __guarded_by(&sl); --=20 2.53.0.1018.g2bb0e51243-goog