A new feature in the queue for likely introduction with the next version of the Linux kernel (Linux 6.20~7.0) is compiler-based context and locking analysis. This kernel code depends on the yet-to-be-released LLVM Clang 22 compiler but can provide some powerful insights to kernel developers.
Marco Elver of Google has been working on this compiler-based context and locking analysis of the kernel using static analysis on kernel primitives.
Marco explained of this powerful functionality in the current version patch series:
"Context Analysis is a language extension, which enables statically checking that required contexts are activ…
A new feature in the queue for likely introduction with the next version of the Linux kernel (Linux 6.20~7.0) is compiler-based context and locking analysis. This kernel code depends on the yet-to-be-released LLVM Clang 22 compiler but can provide some powerful insights to kernel developers.
Marco Elver of Google has been working on this compiler-based context and locking analysis of the kernel using static analysis on kernel primitives.
Marco explained of this powerful functionality in the current version patch series:
"Context Analysis is a language extension, which enables statically checking that required contexts are active (or inactive) by acquiring and releasing user-definable "context locks". An obvious application is lock-safety checking for the kernel’s various synchronization primitives (each of which represents a "context lock"), and checking that locking rules are not violated.
The feature requires Clang 22 (unreleased) or later. Clang originally called the feature "Thread Safety Analysis". This was later changed and the feature became more flexible, gaining the ability to define custom "capabilities". Its foundations can be found in "Capability Systems", used to specify the permissibility of operations to depend on some "capability" being held (or not held).
Because the feature is not just able to express "capabilities" related to synchronization primitives, and "capability" is already overloaded in the kernel, the naming chosen for the kernel departs from Clang’s "Thread Safety" and "capability" nomenclature; we refer to the feature as "Context Analysis" to avoid confusion. The internal implementation still makes references to Clang’s terminology in a few places, such as `-Wthread-safety` being the warning option that also still appears in diagnostic messages."
The patch series has been queued into the tip/tip.git’s locking/core Git branch. With the code now being in a TIP branch, barring any last minute issues, it should be submitted for the next merge window once the Linux 6.20/7.0 cycle kicks off in February.
Using this developer feature requires LLVM Clang 22+ with LLVM Clang 22.1 stable expected for release around the end of February.