[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v1 1/3] x86: x86_emulate: address violations of MISRA C Rule 19.1

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Tue, 29 Apr 2025 08:48:28 +0200
Autocrypt: addr=jbeulich@xxxxxxxx; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL
Cc: victorm.lira@xxxxxxx, Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, Federico Serafini <federico.serafini@xxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 29 Apr 2025 06:48:34 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 29.04.2025 03:27, Stefano Stabellini wrote:
> On Mon, 28 Apr 2025, Jan Beulich wrote:
>> On 26.04.2025 01:42, victorm.lira@xxxxxxx wrote:
>>> From: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
>>>
>>> Rule 19.1 states: "An object shall not be assigned or copied
>>> to an overlapping object". Since the "call" and "compat_call" are
>>
>> Was this taken from patch 2 without editing?
>>
>>> --- a/xen/arch/x86/x86_emulate/x86_emulate.c
>>> +++ b/xen/arch/x86/x86_emulate/x86_emulate.c
>>> @@ -526,9 +526,19 @@ static inline void put_loop_count(
>>>           */                                                             \
>>>          if ( !amd_like(ctxt) && mode_64bit() && ad_bytes == 4 )         \
>>>          {                                                               \
>>> +            uint64_t tmp;                                               \
>>> +                                                                        \
>>>              _regs.r(cx) = 0;                                            \
>>> -            if ( extend_si ) _regs.r(si) = _regs.esi;                   \
>>> -            if ( extend_di ) _regs.r(di) = _regs.edi;                   \
>>> +            if ( extend_si )                                            \
>>> +            {                                                           \
>>> +                tmp = _regs.esi;                                        \
>>> +                _regs.r(si) = tmp;                                      \
>>> +            }                                                           \
>>> +            if ( extend_di )                                            \
>>> +            {                                                           \
>>> +                tmp = _regs.edi;                                        \
>>> +                _regs.r(di) = tmp;                                      \
>>> +            }                                                           \
>>
>> See commit 7225f13aef03 for how we chose to address similar issues elsewhere
>> in the emulator. I think we want to be consistent there. This will then also
>> eliminate ...
>>
>>> @@ -2029,7 +2039,12 @@ x86_emulate(
>>>          switch ( op_bytes )
>>>          {
>>>          case 2: _regs.ax = (int8_t)_regs.ax; break; /* cbw */
>>> -        case 4: _regs.r(ax) = (uint32_t)(int16_t)_regs.ax; break; /* cwde 
>>> */
>>> +        case 4:
>>> +            {
>>> +                uint32_t tmp = (uint32_t)(int16_t)_regs.ax;
>>> +                _regs.r(ax) = tmp;
>>> +                break; /* cwde */
>>> +            }
>>
>> ... the odd brace placement here, as well as the inconsistency in the types
>> you used for the temporary variables (both really could have been unsigned
>> int; no need for a fixed-width type).
> 
> Is this what you have in mind?

No, and that's also not what the referenced commit did in a similar situation.

> --- a/xen/arch/x86/x86_emulate/x86_emulate.c
> +++ b/xen/arch/x86/x86_emulate/x86_emulate.c
> @@ -527,8 +527,8 @@ static inline void put_loop_count(
>          if ( !amd_like(ctxt) && mode_64bit() && ad_bytes == 4 )         \
>          {                                                               \
>              _regs.r(cx) = 0;                                            \
> -            if ( extend_si ) _regs.r(si) = _regs.esi;                   \
> -            if ( extend_di ) _regs.r(di) = _regs.edi;                   \
> +            if ( extend_si ) _regs.r(si) = (uint64_t)_regs.esi;         \
> +            if ( extend_di ) _regs.r(di) = (uint64_t)_regs.edi;         \

            if ( extend_si ) _regs.r(si) = (uint32_t)_regs.r(si);       \
            if ( extend_di ) _regs.r(di) = (uint32_t)_regs.r(di);       \

After all what the rule requires is that we use _the same_ field on both sides.

Jan

Follow-Ups:
- Re: [PATCH v1 1/3] x86: x86_emulate: address violations of MISRA C Rule 19.1
  - From: Stefano Stabellini

References:
- [PATCH v1 1/3] x86: x86_emulate: address violations of MISRA C Rule 19.1
  - From: victorm.lira
- Re: [PATCH v1 1/3] x86: x86_emulate: address violations of MISRA C Rule 19.1
  - From: Jan Beulich
- Re: [PATCH v1 1/3] x86: x86_emulate: address violations of MISRA C Rule 19.1
  - From: Stefano Stabellini

Prev by Date: Re: [PATCH] xen/x86: allow Dom0 PVH to call XENMEM_exchange
Next by Date: Re: [PATCH v1 2/3] compat: address violations of MISRA C Rule 19.1
Previous by thread: Re: [PATCH v1 1/3] x86: x86_emulate: address violations of MISRA C Rule 19.1
Next by thread: Re: [PATCH v1 1/3] x86: x86_emulate: address violations of MISRA C Rule 19.1
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.