[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: xen/x86: resolve the last 3 MISRA R16.6 violations

  • To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • From: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
  • Date: Wed, 19 Feb 2025 09:12:54 +0100
  • Arc-authentication-results: i=1; bugseng.com; arc=none smtp.remote-ip=162.55.131.47
  • Arc-message-signature: i=1; d=bugseng.com; s=openarc; a=rsa-sha256; c=relaxed/relaxed; t=1739952774; h=DKIM-Signature:MIME-Version:Date:From:To:Cc:Subject:In-Reply-To: References:Message-ID:X-Sender:Organization:Content-Type: Content-Transfer-Encoding; bh=4+oBlGhxBJ5EysxRzPH7bUEWF7p3IETPBaawTZhOMgs=; b=0l0JrErnnCvJHYYdaaO/SxMZljBA3U5zsVx2BkEgM54Qg9zfLF8BSIgcdMck9aTtkapB 80U+FYW0IUuNVscg35/JiijdnfUgWXVu1ssyJJLZBYH2dfsh7JLvbFG/5vBiqSc0K6Bvt WI5htmJOMq0Xz4UA3qw2CJBOxkbBJ7hyuwatUIjqH8VcqYkvtJ560qzsDTIn0nAeJfPnM sOT5xPyybekvyAEQrW2HzZtVxUOm8+P+X2uX6Uer+xTGTMkEdeVpJGGwTyeFN+eH8xJ/Y kX/uFsKSV5iyV8D7hQlQCjd2NR5g6vCjnHqsy4jXt3ZQj/gawlf7hOtEH5AvMItv9fzyf x5rAmTnihYt/aIuquLRxHZqDeSMhsPYYPJGifq9brjISzyCW1888SqZqgGtLCHe7eofRQ h6OHKiBsQz0Cb6dUuYvEOgjmQt3NrxNRxF3bKc6y50F7vP7my3fZe680tWDIAIbk6tpWQ Z8xwEza7DS3zdbuXMHeC86BaDKljLHV0bDE131SkYaVNJk/PAPjivPxjjVFIBa75/0sdi EyX6sgIrtM2YGtDZ9hoIQUc5rMotucAJd19NG0wFre9EK9LLUi8JdPe3xDB/FwSZd8bfa AyIZnVqCrCO53UcaK2S6GDNHAZaz3GE8zDjiGUtjiJV+0GsJ/WZyD8PONWDO9Ng=
  • Arc-seal: i=1; d=bugseng.com; s=openarc; a=rsa-sha256; cv=none; t=1739952774; b=FtlSVLhm3JldDkIEw2GFY8i//lUvNbmBx4Izioi/YviG0HWEwr8S2p7JQgJ0Hww/MIwz iMhmYg6jsNJ+OTLtHjn25QZ9JnsISlvp5eWOsghSbxLKJnKQq/9KFQMlNBF4U3W4NBQSd tbE9sHE8NrtquMr0wjbQ06/7S2C2z44I4YOfT+vxm9alA2KRYkE7ViFSihjmFou/YO5++ ZAUNYALF+xS47KnAtedHw+GxJ9/GVpWN7WN7eUOw/gIUGYaidUK7XPZPbvLnhqwGqansQ ve3Q3d9bAqjf5+MfXJfA9oQxNu+5xObL4r7M143bz98rxCfeLkSgmc6b/x/kQjO0kdm/E TZHx1qjIv3e25g0BgMwKEEh49pUqW1tc1kC0SXsiRjri3EmiJhy6iF5LQUsdNtIqA7h/V k4YaNDWyTlVuFFQBjk5MIFeHj9Z2FfeNl0xvR+tOOXvex3o40JBikEcMFbOdEY3AdYZXc ov4YbFOgy+I6KZ7ND5b/tpRJWY93akdYwcp0ImoQNB17WAIZ4k7zQ9tOKSzkOA35D/feO ThK+anUKD3xAo0kKH3ceT6tX6VESbgjhn+eb1YSiQtNT7x0Xpc5Ycn7blqlGD//sdJf/M v3zyaAdXReJm5mJ4Luh4RSHSe8awAoBk0AJbGLs8/YWTGoRwvSE8/RepPnsctIU=
  • Authentication-results: bugseng.com; arc=none smtp.remote-ip=162.55.131.47
  • Cc: Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, consulting@xxxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Wed, 19 Feb 2025 08:13:06 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 2025-02-18 22:42, Stefano Stabellini wrote:

On Tue, 18 Feb 2025, Jan Beulich wrote:

On 18.02.2025 00:12, Stefano Stabellini wrote:
> On Mon, 17 Feb 2025, Jan Beulich wrote:
>> On 15.02.2025 03:16, Stefano Stabellini wrote:
>>> --- a/xen/arch/x86/hvm/hvm.c
>>> +++ b/xen/arch/x86/hvm/hvm.c
>>> @@ -3797,22 +3797,14 @@ uint64_t hvm_get_reg(struct vcpu *v, unsigned int 
reg)
>>>  {
>>>      ASSERT(v == current || !vcpu_runnable(v));
>>>
>>> -    switch ( reg )
>>> -    {
>>> -    default:
>>> -        return alternative_call(hvm_funcs.get_reg, v, reg);
>>> -    }
>>> +    return alternative_call(hvm_funcs.get_reg, v, reg);
>>>  }
>>>
>>>  void hvm_set_reg(struct vcpu *v, unsigned int reg, uint64_t val)
>>>  {
>>>      ASSERT(v == current || !vcpu_runnable(v));
>>>
>>> -    switch ( reg )
>>> -    {
>>> -    default:
>>> -        return alternative_vcall(hvm_funcs.set_reg, v, reg, val);
>>> -    }
>>> +    return alternative_vcall(hvm_funcs.set_reg, v, reg, val);
>>>  }
>>
>> Both of these were, iirc, deliberately written using switch(), to ease
>> possible future changes.
>
> To be honest, I do not see any value in the way they are currently
> written. However, if you prefer, I can add a deviation for this, with
> one SAF comment for each of these two. The reason for the deviation
> would be "deliberate to ease possible future change". Please let me know
> how you would like to proceed.

Well, best next thing you can do is seek input from the person who has
written that code, i.e. Andrew.
Andrew wrote in chat that he is OK with a deviation and he can live with 
a SAF deviation. Here is the patch.


---
xen/x86: resolve the last 3 MISRA R16.6 violations

MISRA R16.6 states that "Every switch statement shall have at least two
switch-clauses". There are only 3 violations left on x86 (zero on ARM).

One of them is only a violation depending on the kconfig configuration.
So deviate it instead with a SAF comment.

Two of them are deliberate to enable future additions. Deviate them as
such.

Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxx>
Looks good to me, from an ECLAIR point of view. Did you have a chance to run a pipeline on it to confirm that the SAF comments are recognized correctly? 

With that,

Reviewed-by: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>


diff --git a/docs/misra/safe.json b/docs/misra/safe.json
index b8a4f878ea..3d68b59169 100644
--- a/docs/misra/safe.json
+++ b/docs/misra/safe.json
@@ -92,6 +92,22 @@
         },
         {
             "id": "SAF-11-safe",
+            "analyser": {
+                "eclair": "MC3A2.R16.6"
+            },
+            "name": "Rule 16.6: single clause due to kconfig",
+ "text": "A switch statement with a single switch clause because other switch clauses are disabled in a given kconfig is safe." 
+        },
+        {
+            "id": "SAF-12-safe",
+            "analyser": {
+                "eclair": "MC3A2.R16.6"
+            },
+ "name": "Rule 16.6: single clause due to future expansion", + "text": "A switch statement with a single switch clause to purposely enable future additions of new cases is safe." 
+        },
+        {
+            "id": "SAF-13-safe",
             "analyser": {},
             "name": "Sentinel",
             "text": "Next ID to be used"
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 39e39ce4ce..0f0630769b 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3797,6 +3797,7 @@ uint64_t hvm_get_reg(struct vcpu *v, unsigned int reg) 
 {
     ASSERT(v == current || !vcpu_runnable(v));

+    /* SAF-12-safe */
     switch ( reg )
     {
     default:
@@ -3808,6 +3809,7 @@ void hvm_set_reg(struct vcpu *v, unsigned int reg, uint64_t val) 
 {
     ASSERT(v == current || !vcpu_runnable(v));

+    /* SAF-12-safe */
     switch ( reg )
     {
     default:
diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 87b30ce4df..dca11a613d 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -436,6 +436,7 @@ unsigned long get_stack_trace_bottom(unsigned long sp) 

 static unsigned long get_shstk_bottom(unsigned long sp)
 {
+    /* SAF-11-safe */
     switch ( get_stack_page(sp) )
     {
 #ifdef CONFIG_XEN_SHSTK


--
Nicola Vetrini, B.Sc.
Software Engineer
BUGSENG (https://bugseng.com)
LinkedIn: https://www.linkedin.com/in/nicola-vetrini-a42471253

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.