Re: [PATCH RFC 00/33] Compile-time thread-safety checking

[Bart Van Assche]

On 2/7/25 10:24 AM, Marco Elver wrote:
> On Fri, 7 Feb 2025 at 18:46, Bart Van Assche <bvanassche@xxxxxxx> wrote:
> > As an
> > example, the Clang try_acquire_capability function attribute does not
> > support functions that return pointers although this is a common pattern
> > in the Linux kernel. I think that introducing a new function attribute
> > to support functions that return pointers is a better solution than
> > trying to annotate such functions with any of the existing Clang
> > thread-safety attributes.
>
> try_acquire_capability / __cond_acquires(cond, capability) is happy
> with pointer-returning functions when using int-literals for "cond"
> i.e. 0 or 1 (Clang's documentation says it only wants bool, but that's
> wrong). I just tested this on a pointer-returning function, and it
> works.

The first argument of the try_acquire_capability function annotation
must be the value that indicates that the capability has been acquired.
I'm not aware of any function in the Linux kernel that returns a pointer
and where returning a NULL pointer indicates success. Additionally,
return ERR_PTR() is used widely. Neither pattern can be annotated with
try_acquire_capability today. This is why I wrote that we need a new
function attribute for functions that return a pointer.

Thanks,

Bart.