[v2,03/34] compiler-capability-analysis: Add test stub

Message ID	20250304092417.2873893-4-elver@google.com (mailing list archive)
State	New
Headers	show Received: from mail-wr1-f74.google.com (mail-wr1-f74.google.com [209.85.221.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8324F1FDE22 for <rcu@vger.kernel.org>; Tue, 4 Mar 2025 09:25:18 +0000 (UTC) Date: Tue, 4 Mar 2025 10:21:02 +0100 In-Reply-To: <20250304092417.2873893-1-elver@google.com> Precedence: bulk Mime-Version: 1.0 References: <20250304092417.2873893-1-elver@google.com> Message-ID: <20250304092417.2873893-4-elver@google.com> Subject: [PATCH v2 03/34] compiler-capability-analysis: Add test stub From: Marco Elver <elver@google.com> To: elver@google.com Cc: "David S. Miller" <davem@davemloft.net>, Luc Van Oostenryck <luc.vanoostenryck@gmail.com>, "Paul E. McKenney" <paulmck@kernel.org>, Alexander Potapenko <glider@google.com>, Arnd Bergmann <arnd@arndb.de>, Bart Van Assche <bvanassche@acm.org>, Bill Wendling <morbo@google.com>, Boqun Feng <boqun.feng@gmail.com>, Dmitry Vyukov <dvyukov@google.com>, Eric Dumazet <edumazet@google.com>, Frederic Weisbecker <frederic@kernel.org>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Herbert Xu <herbert@gondor.apana.org.au>, Ingo Molnar <mingo@kernel.org>, Jann Horn <jannh@google.com>, Jiri Slaby <jirislaby@kernel.org>, Joel Fernandes <joel@joelfernandes.org>, Jonathan Corbet <corbet@lwn.net>, Josh Triplett <josh@joshtriplett.org>, Justin Stitt <justinstitt@google.com>, Kees Cook <kees@kernel.org>, Kentaro Takeda <takedakn@nttdata.co.jp>, Mark Rutland <mark.rutland@arm.com>, Mathieu Desnoyers <mathieu.desnoyers@efficios.com>, Miguel Ojeda <ojeda@kernel.org>, Nathan Chancellor <nathan@kernel.org>, Neeraj Upadhyay <neeraj.upadhyay@kernel.org>, Peter Zijlstra <peterz@infradead.org>, Steven Rostedt <rostedt@goodmis.org>, Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>, Thomas Gleixner <tglx@linutronix.de>, Uladzislau Rezki <urezki@gmail.com>, Waiman Long <longman@redhat.com>, Will Deacon <will@kernel.org>, kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, llvm@lists.linux.dev, rcu@vger.kernel.org, linux-crypto@vger.kernel.org, linux-serial@vger.kernel.org Content-Type: text/plain; charset="UTF-8"
Series	Compiler-Based Capability- and Locking-Analysis \| expand [v2,00/34] Compiler-Based Capability- and Locking-Analysis [v2,01/34] compiler_types: Move lock checking attributes to compiler-capability-analysis.h [v2,02/34] compiler-capability-analysis: Add infrastructure for Clang's capability analysis [v2,03/34] compiler-capability-analysis: Add test stub [v2,04/34] Documentation: Add documentation for Compiler-Based Capability Analysis [v2,05/34] checkpatch: Warn about capability_unsafe() without comment [v2,06/34] cleanup: Basic compatibility with capability analysis [v2,07/34] lockdep: Annotate lockdep assertions for capability analysis [v2,08/34] locking/rwlock, spinlock: Support Clang's capability analysis [v2,09/34] compiler-capability-analysis: Change __cond_acquires to take return value [v2,10/34] locking/mutex: Support Clang's capability analysis [v2,11/34] locking/seqlock: Support Clang's capability analysis [v2,12/34] bit_spinlock: Include missing <asm/processor.h> [v2,13/34] bit_spinlock: Support Clang's capability analysis [v2,14/34] rcu: Support Clang's capability analysis [v2,15/34] srcu: Support Clang's capability analysis [v2,16/34] kref: Add capability-analysis annotations [v2,17/34] locking/rwsem: Support Clang's capability analysis [v2,18/34] locking/local_lock: Include missing headers [v2,19/34] locking/local_lock: Support Clang's capability analysis [v2,20/34] locking/ww_mutex: Support Clang's capability analysis [v2,21/34] debugfs: Make debugfs_cancellation a capability struct [v2,22/34] compiler-capability-analysis: Remove Sparse support [v2,23/34] compiler-capability-analysis: Remove __cond_lock() function-like helper [v2,24/34] compiler-capability-analysis: Introduce header suppressions [v2,25/34] compiler: Let data_race() imply disabled capability analysis [v2,26/34] kfence: Enable capability analysis [v2,27/34] kcov: Enable capability analysis [v2,28/34] stackdepot: Enable capability analysis [v2,29/34] rhashtable: Enable capability analysis [v2,30/34] printk: Move locking annotation to printk.c [v2,31/34] drivers/tty: Enable capability analysis for core files [v2,32/34] security/tomoyo: Enable capability analysis [v2,33/34] crypto: Enable capability analysis [v2,34/34] MAINTAINERS: Add entry for Capability Analysis

Message ID

20250304092417.2873893-4-elver@google.com (mailing list archive)

State

New

Headers

Date: Tue,  4 Mar 2025 10:21:02 +0100
In-Reply-To: <20250304092417.2873893-1-elver@google.com>
Precedence: bulk
Mime-Version: 1.0
References: <20250304092417.2873893-1-elver@google.com>
Message-ID: <20250304092417.2873893-4-elver@google.com>
Subject: [PATCH v2 03/34] compiler-capability-analysis: Add test stub
From: Marco Elver <elver@google.com>
To: elver@google.com
Cc: "David S. Miller" <davem@davemloft.net>,
 Luc Van Oostenryck <luc.vanoostenryck@gmail.com>,
	"Paul E. McKenney" <paulmck@kernel.org>,
 Alexander Potapenko <glider@google.com>, Arnd Bergmann <arnd@arndb.de>,
	Bart Van Assche <bvanassche@acm.org>, Bill Wendling <morbo@google.com>,
 Boqun Feng <boqun.feng@gmail.com>,
	Dmitry Vyukov <dvyukov@google.com>, Eric Dumazet <edumazet@google.com>,
	Frederic Weisbecker <frederic@kernel.org>,
 Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Herbert Xu <herbert@gondor.apana.org.au>, Ingo Molnar <mingo@kernel.org>,
	Jann Horn <jannh@google.com>, Jiri Slaby <jirislaby@kernel.org>,
	Joel Fernandes <joel@joelfernandes.org>, Jonathan Corbet <corbet@lwn.net>,
	Josh Triplett <josh@joshtriplett.org>, Justin Stitt <justinstitt@google.com>,
	Kees Cook <kees@kernel.org>, Kentaro Takeda <takedakn@nttdata.co.jp>,
	Mark Rutland <mark.rutland@arm.com>,
 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
	Miguel Ojeda <ojeda@kernel.org>, Nathan Chancellor <nathan@kernel.org>,
	Neeraj Upadhyay <neeraj.upadhyay@kernel.org>,
 Peter Zijlstra <peterz@infradead.org>,
	Steven Rostedt <rostedt@goodmis.org>,
 Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>,
	Thomas Gleixner <tglx@linutronix.de>, Uladzislau Rezki <urezki@gmail.com>,
 Waiman Long <longman@redhat.com>,
	Will Deacon <will@kernel.org>, kasan-dev@googlegroups.com,
 linux-kernel@vger.kernel.org,
	llvm@lists.linux.dev, rcu@vger.kernel.org, linux-crypto@vger.kernel.org,
	linux-serial@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"

Series

Compiler-Based Capability- and Locking-Analysis | expand

Commit Message

Marco Elver March 4, 2025, 9:21 a.m. UTC

Add a simple test stub where we will add common supported patterns that
should not generate false positive of each new supported capability.

Signed-off-by: Marco Elver <elver@google.com>
---
 lib/Kconfig.debug              | 14 ++++++++++++++
 lib/Makefile                   |  3 +++
 lib/test_capability-analysis.c | 18 ++++++++++++++++++
 3 files changed, 35 insertions(+)
 create mode 100644 lib/test_capability-analysis.c

Comments

Bart Van Assche March 4, 2025, 11:52 p.m. UTC | #1

On 3/4/25 1:21 AM, Marco Elver wrote:
> +#include <linux/build_bug.h>
> +
> +/*
> + * Test that helper macros work as expected.
> + */
> +static void __used test_common_helpers(void)
> +{
> +	BUILD_BUG_ON(capability_unsafe(3) != 3); /* plain expression */
> +	BUILD_BUG_ON(capability_unsafe((void)2; 3;) != 3); /* does not swallow semi-colon */
> +	BUILD_BUG_ON(capability_unsafe((void)2, 3) != 3); /* does not swallow commas */
> +	capability_unsafe(do { } while (0)); /* works with void statements */
> +}

Is it guaranteed that <linux/build_bug.h> includes the header file that
defines capability_unsafe() or should that header file perhaps be
included explicitly?

Thanks,

Bart.

Marco Elver March 5, 2025, 12:03 a.m. UTC | #2

On Wed, 5 Mar 2025 at 00:52, Bart Van Assche <bvanassche@acm.org> wrote:
>
> On 3/4/25 1:21 AM, Marco Elver wrote:
> > +#include <linux/build_bug.h>
> > +
> > +/*
> > + * Test that helper macros work as expected.
> > + */
> > +static void __used test_common_helpers(void)
> > +{
> > +     BUILD_BUG_ON(capability_unsafe(3) != 3); /* plain expression */
> > +     BUILD_BUG_ON(capability_unsafe((void)2; 3;) != 3); /* does not swallow semi-colon */
> > +     BUILD_BUG_ON(capability_unsafe((void)2, 3) != 3); /* does not swallow commas */
> > +     capability_unsafe(do { } while (0)); /* works with void statements */
> > +}
>
> Is it guaranteed that <linux/build_bug.h> includes the header file that
> defines capability_unsafe() or should that header file perhaps be
> included explicitly?

It doesn't come in via build_bug.h, but via:

  scripts/Makefile.lib -> "-include
$(srctree)/include/linux/compiler_types.h" (all TUs) ->
compiler-capability-analysis.h.

The things pulled in via compiler_types.h are treated a bit like
builtins available everywhere implicitly.

diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index f30099051294..8abaf7dab3f8 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -2764,6 +2764,20 @@  config LINEAR_RANGES_TEST
 
 	  If unsure, say N.
 
+config CAPABILITY_ANALYSIS_TEST
+	bool "Compiler capability-analysis warnings test"
+	depends on EXPERT
+	help
+	  This builds the test for compiler-based capability analysis. The test
+	  does not add executable code to the kernel, but is meant to test that
+	  common patterns supported by the analysis do not result in false
+	  positive warnings.
+
+	  When adding support for new capabilities, it is strongly recommended
+	  to add supported patterns to this test.
+
+	  If unsure, say N.
+
 config CMDLINE_KUNIT_TEST
 	tristate "KUnit test for cmdline API" if !KUNIT_ALL_TESTS
 	depends on KUNIT
diff --git a/lib/Makefile b/lib/Makefile
index d5cfc7afbbb8..1dbb59175eb0 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -394,6 +394,9 @@  obj-$(CONFIG_CRC_KUNIT_TEST) += crc_kunit.o
 obj-$(CONFIG_SIPHASH_KUNIT_TEST) += siphash_kunit.o
 obj-$(CONFIG_USERCOPY_KUNIT_TEST) += usercopy_kunit.o
 
+CAPABILITY_ANALYSIS_test_capability-analysis.o := y
+obj-$(CONFIG_CAPABILITY_ANALYSIS_TEST) += test_capability-analysis.o
+
 obj-$(CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED) += devmem_is_allowed.o
 
 obj-$(CONFIG_FIRMWARE_TABLE) += fw_table.o
diff --git a/lib/test_capability-analysis.c b/lib/test_capability-analysis.c
new file mode 100644
index 000000000000..a0adacce30ff
--- /dev/null
+++ b/lib/test_capability-analysis.c
@@ -0,0 +1,18 @@ 
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * Compile-only tests for common patterns that should not generate false
+ * positive errors when compiled with Clang's capability analysis.
+ */
+
+#include <linux/build_bug.h>
+
+/*
+ * Test that helper macros work as expected.
+ */
+static void __used test_common_helpers(void)
+{
+	BUILD_BUG_ON(capability_unsafe(3) != 3); /* plain expression */
+	BUILD_BUG_ON(capability_unsafe((void)2; 3;) != 3); /* does not swallow semi-colon */
+	BUILD_BUG_ON(capability_unsafe((void)2, 3) != 3); /* does not swallow commas */
+	capability_unsafe(do { } while (0)); /* works with void statements */
+}

[v2,03/34] compiler-capability-analysis: Add test stub

Commit Message

Comments

Patch