Re: [PATCH v5 13/36] bit_spinlock: Support Clang's context analysis

Next message: Rob Herring (Arm): "Re: [PATCH 02/13] dt-bindings: soc: mobileye: Add EyeQ6Lplus OLB"
Previous message: Bart Van Assche: "Re: [PATCH v5 22/36] um: Fix incorrect __acquires/__releases annotations"
In reply to: Bart Van Assche: "Re: [PATCH v5 13/36] bit_spinlock: Support Clang's context analysis"
Next in thread: Marco Elver: "[PATCH v5 14/36] rcu: Support Clang's context analysis"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Marco Elver

Date: Fri Dec 19 2025 - 16:10:00 EST

On Fri, 19 Dec 2025 at 21:48, 'Bart Van Assche' via kasan-dev
<kasan-dev@xxxxxxxxxxxxxxxx> wrote:
>
> On 12/19/25 7:40 AM, Marco Elver wrote:
> > +/*
> > + * For static context analysis, we need a unique token for each possible bit
> > + * that can be used as a bit_spinlock. The easiest way to do that is to create a
> > + * fake context that we can cast to with the __bitlock(bitnum, addr) macro
> > + * below, which will give us unique instances for each (bit, addr) pair that the
> > + * static analysis can use.
> > + */
> > +context_lock_struct(__context_bitlock) { };
> > +#define __bitlock(bitnum, addr) (struct __context_bitlock *)(bitnum + (addr))
>
> Will this cause static analyzers to complain about out-of-bounds
> accesses for (bitnum + (addr)), which is equivalent to &(addr)[bitnum]?

Only if they decide to interpret never-executed code (i think the
kernel has various dead code that's optimized out that might trigger
static analyzers if they analyzed it).
But this could probably be improved by using a different idiom, and
using an empty inline function that takes bitnum, addr as args, and
Clang simply takes the call to that function as the context lock
identity.