[clang] Thread Safety Analysis: Warn when using negative reentrant capability (PR #141599)

[Aaron Ballman via cfe-commits]

================
@@ -7223,4 +7225,10 @@ class TestNegativeWithReentrantMutex {
   }
 };
 
+typedef int __attribute__((capability("role"), reentrant_capability)) ThreadRole;
+ThreadRole FlightControl1, FlightControl2;
+void dispatch_log(const char *msg) __attribute__((requires_capability(!FlightControl1 && !FlightControl2))) {} // \
+  // expected-warning{{'ThreadRole' (aka 'int') is marked reentrant but used as a negative capability; this may be contradictory}} \
----------------
AaronBallman wrote:

My point is more that the `RUN` line for the test is not opting into the pedantic diagnostics but we're still getting the pedantic diagnostic. That's happening because we're adding `ThreadSafetyPedantic` to the `ThreadSafety` group in `DiagnosticGroups.td`, which means that passing `-Wthread-safety` will automatically enable `-Wthread-safety-pedantic`.

I think what we want is to leave `DefaultIgnore` on the diagnostic, but *not* add it to `-Wthread-safety` in `DiagnosticGroups.td`. So users have to explicitly pass the warning flag to enable the diagnostics.

That leaves the question of what to do if the user passes `-Wthread-safety-pedantic` but never passes `-Wthread-safety`. I suppose the result there is that they get no thread safety diagnostics, but maybe we want to catch that in the driver and tell the user "did you mean to pass -Wthread-safety as well?".

https://github.com/llvm/llvm-project/pull/141599