Xen project Mailing List

[PATCH] misra/eclair: set 'noreturn' attribute as safe during cast

To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>

Date: Mon, 28 Jul 2025 22:15:02 +0000

Accept-language: en-US, uk-UA, ru-RU

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dPdE5XEh1lmOM8CGOCe1XMb/1rdRrKm63xpOavuKZUA=; b=t8PleQNQ63TM+hQZz5LPrAY9/7ECHByqm6P9sl+vzc7CRjGtUAJ8y2aYMrWyqg4741MOJKAihmaNsbC7nerBxJDTXhpu+J8xkTQ3x5OH3/nMhjBhWq5IhaXTVbokrA9RmSRSL6sQdh6zwX/Fm6DnZMzx227jNVEvefsbprh2DstyU0KOCIVZUZtvamB2Yf6yG3NfuOXGBMVQvckAENSQzOFlXyufjJb4Lkl+qNG1JY11/mA9tt+MNy9n1nXeO+WswfRGSEzorrkMefqCvb7bxLuLa9DIieTgkFNYocnwef6ezU5KI71bmubIxkRPtPz3AiAIrKaS/dozz1UwK7DWaw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=IyVU9jnQonxcSjMA2jsMS79MuwX45+qk0kcVDEe4qSy2PbFGmqJkg60OMFo4g7KLaULGpqwCbeRPnt4SbLul7K+s9LBlMlksOVCgl8Eys4SPL+KkZ8rMUW/ECeTHRfGHtX7BaHhpxNvVFhpCjMnz2dryo6HfAx0X5VT5jvjGmXDDrr+HsTa7IeWxTpl/XfSaYhjCtwIGXaTjOrFwuyM9r3V8By5ka0ZqZaW6TKKRZ4OR0x5rOdTcQpzpv3l+TyDT2b4h95HYSGj8OzeqkGyPjwRuKKqXDXcl5S0VKRC10Q2l1cbC+UVHNty0n3s6XW1aN48bbHTtAn5396SWmmkWog==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;

Cc: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>, Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>

Delivery-date: Mon, 28 Jul 2025 22:15:15 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHcAA0QZaFBUUSap0maTjLkZJJTcQ==

Thread-topic: [PATCH] misra/eclair: set 'noreturn' attribute as safe during cast

ECLAIR reports a non-compliant cast due to the presence of the 'noreturn' attribute in the callee function. The issue occurs when casting a function pointer with the 'noreturn' attribute (void noreturn (*)(void *)) to a general function pointer type (void (*)(void *)). Configure ECLAIR to treat 'noreturn' attributes as safe in this conversion. Signed-off-by: Dmytro Prokopchuk <dmytro_prokopchuk1@xxxxxxxx> --- Previous discussion thread: https://patchew.org/Xen/181a03d5c7625d42c06cf9fa0cf48a9bc6825361.1753647875.git.dmytro._5Fprokopchuk1@xxxxxxxx/ Test CI pipeline: https://gitlab.com/xen-project/people/dimaprkp4k/xen/-/pipelines/1953370442 --- automation/eclair_analysis/ECLAIR/deviations.ecl | 7 +++++++ docs/misra/deviations.rst | 6 ++++++ docs/misra/rules.rst | 3 ++- 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/automation/eclair_analysis/ECLAIR/deviations.ecl index 483507e7b9..0e04681c4c 100644 --- a/automation/eclair_analysis/ECLAIR/deviations.ecl +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl @@ -367,6 +367,13 @@ constant expressions are required.\"" } -doc_end +-doc_begin="The conversion from 'void noreturn (*)(void *)' to 'void (*)(void *)' is safe +because the semantics of the 'noreturn' attribute do not alter the calling convention or behavior of the resulting code." +-config=MC3A2.R11.1,casts+={safe, + "kind(bitcast)&&to(type(pointer(inner(return(builtin(void))&&all_param(1, pointer(builtin(void)))))))&&from(expr(skip(!syntactic(), + ref(property(noreturn)))))"} +-doc_end + -doc_begin="The conversion from a pointer to an incomplete type to unsigned long does not lose any information, provided that the target type has enough bits to store it." -config=MC3A2.R11.2,casts+={safe, "from(type(any())) diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst index e78179fcb8..4e430bb17e 100644 --- a/docs/misra/deviations.rst +++ b/docs/misra/deviations.rst @@ -342,6 +342,12 @@ Deviations related to MISRA C:2012 Rules: semantics that do not lead to unexpected behaviour. - Tagged as `safe` for ECLAIR. + * - R11.1 + - The conversion from 'void noreturn (*)(void *)' to 'void (*)(void *)' + is safe because the semantics of the 'noreturn' attribute do not alter + the calling convention or behavior of the resulting code. + - Tagged as `safe` for ECLAIR. + * - R11.2 - The conversion from a pointer to an incomplete type to unsigned long does not lose any information, provided that the target type has enough diff --git a/docs/misra/rules.rst b/docs/misra/rules.rst index 3e014a6298..82a26162a9 100644 --- a/docs/misra/rules.rst +++ b/docs/misra/rules.rst @@ -404,7 +404,8 @@ maintainers if you want to suggest a change. function and any other type - All conversions to integer types are permitted if the destination type has enough bits to hold the entire value. Conversions to - bool and void* are permitted. + bool and void* are permitted. Conversions from 'void noreturn (*)(void *)' + to 'void (*)(void *)' are permitted. * - `Rule 11.2 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_02.c>`_ - Required -- 2.43.0

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.