Xen project Mailing List

Re: [XEN PATCH] automation/eclair: extend deviations of MISRA C:2012 Rule 16.3

To: Federico Serafini <federico.serafini@xxxxxxxxxxx>

Date: Wed, 28 Feb 2024 10:06:47 +0100

Autocrypt: addr=jbeulich@xxxxxxxx; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL

Cc: consulting@xxxxxxxxxxx, Simone Ballarin <simone.ballarin@xxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

Delivery-date: Wed, 28 Feb 2024 09:07:08 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 28.02.2024 09:53, Federico Serafini wrote: > --- a/automation/eclair_analysis/ECLAIR/deviations.ecl > +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl Comments below apply similarly to text added to this file. > --- a/docs/misra/deviations.rst > +++ b/docs/misra/deviations.rst > @@ -291,7 +291,14 @@ Deviations related to MISRA C:2012 Rules: > - Project-wide deviation; tagged as `deliberate` for ECLAIR. > > * - R16.3 > - - Switch clauses ending with continue, goto, return statements are safe. > + - Switch clauses ending with an unconditional flow control statement > + (i.e., continue, goto, or return) are safe. > + - Tagged as `safe` for ECLAIR. With this edit (unmentioned in the description, btw) ... > + * - R16.3 > + - Switch clauses ending with an if-else statement are safe if both > + branches consist of a flow control statement (i.e., continue, break, > + goto, return). ... why is it not also "ending with" here? Also what about either situation ending with a call to a noreturn function? > @@ -307,6 +314,16 @@ Deviations related to MISRA C:2012 Rules: > - Switch clauses ending with failure method \"BUG()\" are safe. > - Tagged as `safe` for ECLAIR. > > + * - R16.3 > + - On X86, switch clauses ending generating an exception through > + \"generate_exception()\" are safe. > + - Tagged as `safe` for ECLAIR. This macro is limited to the emulator, so shouldn't be deviated globally. Furthermore - why does the special case need mentioning here? Shouldn't it be the underlying pattern which is deviated (along the lines of the earlier ones): if ( true ) { ... goto ...; /* Or break / continue / return */ } > + * - R16.3 > + - Switch clauses ending generating a parse error through > + \"PARSE_ERR_RET()\" are safe. > + - Tagged as `safe` for ECLAIR. Again this isn't a global scope macro, so shouldn't be deviated globally. Plus it ends in "return", so ought to be covered by the earlier clause. The fact that the return is in a body of do {} while(0) shouldn't matter at all - that's purely syntactic sugar. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.