llvm-project

7152266d - Thread Safety Analysis: Support guarded_by/pt_guarded_by with multiple capabilities (#186838)

Thread Safety Analysis: Support guarded_by/pt_guarded_by with multiple capabilities (#186838) Previously, `guarded_by` and `pt_guarded_by` only accepted a single capability argument. Introduce support for declaring that a variable is guarded by multiple capabilities, which exploits the following property: any writer must hold all capabilities, so holding any one of them (exclusive or shared) guarantees at least shared (read) access. Therefore, writing requires all listed capabilities to be held exclusively, while reading only requires at least one to be held. This synchronization pattern is frequently used where the underlying lock implementation does not support real reader locking, and instead several lock "shards" are used to reduce contention for readers. For example, the Linux kernel makes frequent use of this pattern [1]. Backwards compatibility is not affected by this change: for the time being we deliberately do not change the semantics of multiple stacked attributes (this retains existing semantics precisely, while giving a way to choose the "stricter" semantics if needed). Previous Version: https://github.com/llvm/llvm-project/pull/185173 Link: https://lore.kernel.org/all/20250307085204.GJ16878@noisy.programming.kicks-ass.net/ [1]