[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: xen-analysis ECLAIR support


  • To: Stefano Stabellini <sstabellini@xxxxxxxxxx>, <luca.fancellu@xxxxxxx>
  • From: Michal Orzel <michal.orzel@xxxxxxx>
  • Date: Fri, 25 Aug 2023 10:18:40 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0/hjiJFOaAyN9HaKeW6rH+L7wnQJYIfr10GPJBnqNSQ=; b=irjs4sAv2z+B4VJW7/JPoOtwT5CEZAbEDlN2K1j+7ghgrszIfbrHSSMZS8Me9FVZZei3lUpL1balG4pj7WzLsTaFImnmd+H7BRcnKPSH/ca1SCmk67Tsz6zBtcID7bqHBZ+4XLHnxhftjZyjnSdiCupij9/+KJsu24AukQ6vrAtjLN0w5LRPdZ5j2MBr6sseTOHFNUXEByAAXn9OjY8AXeJtZg+bXMVes1JkaA/Mr7SyEpJtj7AizqAolED9bVY6jrICB9sEQS6P0VIdmV/nLdT2BxilZmBJ0rhSUv8G+8bfdsCgL2+lp+TCrL6qEFEBlU+FrRV3llu/kI4A+t/IrQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nyE5cc/zwWpa4sWyrHdVSqBsrDPUFfe75ovG31j03nr7wyhYSlU5kblbLtdLeLN6YdSBNoSrL4Jbhhzfq7kiDltqriVNdwqLjUPCzc0iS4ey35cD/EdPY6dKXy5gkKTdZcJeEz3JmMjiIwxeMFfKlOYTCW72fkGkKtwfQZaoEAQ3zPJwLydClL4IM/q5Qr8sclo5z3PooVey2rtWt4b+GBd7QEP/PY9klHwYU9Ry/qchQSni6BKs8rbbQMTYTuhnZ6zihju891PVIuHm+5cyAwRj4kWNqO9gtinpsxmnk2UeBu3Oz7604pKln9R533wlTfqcW8bqNO4biHpHUGylJw==
  • Cc: <nicola.vetrini@xxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>, <bertrand.marquis@xxxxxxx>
  • Delivery-date: Fri, 25 Aug 2023 08:18:54 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi Stefano,

On 25/08/2023 00:24, Stefano Stabellini wrote:
> 
> 
> Hi Luca,
> 
> We are looking into adding ECLAIR support for xen-analysis so that we
> can use the SAF-n-safe tags also with ECLAIR.
> 
> One question that came up is about multi-line statements. For instance,
> in a case like the following:
> 
> diff --git a/xen/common/inflate.c b/xen/common/inflate.c
> index 8fa4b96d12..8bdc9208da 100644
> --- a/xen/common/inflate.c
> +++ b/xen/common/inflate.c
> @@ -1201,6 +1201,7 @@ static int __init gunzip(void)
>      magic[1] = NEXTBYTE();
>      method   = NEXTBYTE();
> 
> +    /* SAF-1-safe */
>      if (magic[0] != 037 ||
>          ((magic[1] != 0213) && (magic[1] != 0236))) {
>          error("bad gzip magic numbers");
> 
> 
> Would SAF-1-safe cover both 037, and also 0213 and 0213?
> Or would it cover only 037?
> 
> We haven't use SAFE-n-safe extensively through the codebase yet but
> my understanding is that SAFE-n-safe would cover the entire statement of
> the following line, even if it is multi-line. Is that also your
> understanding? Does it work like that with cppcheck?
Looking at the docs and the actual script, only the single line below SAF 
comment is excluded.
So in your case you would require:

/* SAF-1-safe */
if (magic[0] != 037 ||
    /* SAF-1-safe */
    ((magic[1] != 0213) && (magic[1] != 0236))) {
    error("bad gzip magic numbers");

I guess this was done so that it is clear that someone took all the parts of 
the statements into account
and all of them fall into the same justification (which might not be the case).

BTW. I don't think we have also covered the case where there is more than one 
violation in a single line
that we want to deviate (e.g. sth like /* SAF-1-safe, SAF-2-safe */

~Michal



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.