[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] misra/eclair: set 'noreturn' attribute as safe during cast


  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>
  • Date: Mon, 28 Jul 2025 22:15:02 +0000
  • Accept-language: en-US, uk-UA, ru-RU
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dPdE5XEh1lmOM8CGOCe1XMb/1rdRrKm63xpOavuKZUA=; b=t8PleQNQ63TM+hQZz5LPrAY9/7ECHByqm6P9sl+vzc7CRjGtUAJ8y2aYMrWyqg4741MOJKAihmaNsbC7nerBxJDTXhpu+J8xkTQ3x5OH3/nMhjBhWq5IhaXTVbokrA9RmSRSL6sQdh6zwX/Fm6DnZMzx227jNVEvefsbprh2DstyU0KOCIVZUZtvamB2Yf6yG3NfuOXGBMVQvckAENSQzOFlXyufjJb4Lkl+qNG1JY11/mA9tt+MNy9n1nXeO+WswfRGSEzorrkMefqCvb7bxLuLa9DIieTgkFNYocnwef6ezU5KI71bmubIxkRPtPz3AiAIrKaS/dozz1UwK7DWaw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=IyVU9jnQonxcSjMA2jsMS79MuwX45+qk0kcVDEe4qSy2PbFGmqJkg60OMFo4g7KLaULGpqwCbeRPnt4SbLul7K+s9LBlMlksOVCgl8Eys4SPL+KkZ8rMUW/ECeTHRfGHtX7BaHhpxNvVFhpCjMnz2dryo6HfAx0X5VT5jvjGmXDDrr+HsTa7IeWxTpl/XfSaYhjCtwIGXaTjOrFwuyM9r3V8By5ka0ZqZaW6TKKRZ4OR0x5rOdTcQpzpv3l+TyDT2b4h95HYSGj8OzeqkGyPjwRuKKqXDXcl5S0VKRC10Q2l1cbC+UVHNty0n3s6XW1aN48bbHTtAn5396SWmmkWog==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
  • Cc: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>, Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Mon, 28 Jul 2025 22:15:15 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHcAA0QZaFBUUSap0maTjLkZJJTcQ==
  • Thread-topic: [PATCH] misra/eclair: set 'noreturn' attribute as safe during cast

ECLAIR reports a non-compliant cast due to the presence
of the 'noreturn' attribute in the callee function.
The issue occurs when casting a function pointer with
the 'noreturn' attribute (void noreturn (*)(void *))
to a general function pointer type (void (*)(void *)).

Configure ECLAIR to treat 'noreturn' attributes as safe
in this conversion.

Signed-off-by: Dmytro Prokopchuk <dmytro_prokopchuk1@xxxxxxxx>
---
Previous discussion thread:
https://patchew.org/Xen/181a03d5c7625d42c06cf9fa0cf48a9bc6825361.1753647875.git.dmytro._5Fprokopchuk1@xxxxxxxx/

Test CI pipeline:
https://gitlab.com/xen-project/people/dimaprkp4k/xen/-/pipelines/1953370442
---
 automation/eclair_analysis/ECLAIR/deviations.ecl | 7 +++++++
 docs/misra/deviations.rst                        | 6 ++++++
 docs/misra/rules.rst                             | 3 ++-
 3 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl 
b/automation/eclair_analysis/ECLAIR/deviations.ecl
index 483507e7b9..0e04681c4c 100644
--- a/automation/eclair_analysis/ECLAIR/deviations.ecl
+++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
@@ -367,6 +367,13 @@ constant expressions are required.\""
 }
 -doc_end
 
+-doc_begin="The conversion from 'void noreturn (*)(void *)' to 'void (*)(void 
*)' is safe
+because the semantics of the 'noreturn' attribute do not alter the calling 
convention or behavior of the resulting code."
+-config=MC3A2.R11.1,casts+={safe,
+  "kind(bitcast)&&to(type(pointer(inner(return(builtin(void))&&all_param(1, 
pointer(builtin(void)))))))&&from(expr(skip(!syntactic(),
+   ref(property(noreturn)))))"} 
+-doc_end
+
 -doc_begin="The conversion from a pointer to an incomplete type to unsigned 
long does not lose any information, provided that the target type has enough 
bits to store it."
 -config=MC3A2.R11.2,casts+={safe,
   "from(type(any()))
diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst
index e78179fcb8..4e430bb17e 100644
--- a/docs/misra/deviations.rst
+++ b/docs/misra/deviations.rst
@@ -342,6 +342,12 @@ Deviations related to MISRA C:2012 Rules:
        semantics that do not lead to unexpected behaviour.
      - Tagged as `safe` for ECLAIR.
 
+   * - R11.1
+     - The conversion from 'void noreturn (*)(void *)' to 'void (*)(void *)'
+       is safe because the semantics of the 'noreturn' attribute do not alter
+       the calling convention or behavior of the resulting code.
+     - Tagged as `safe` for ECLAIR.
+
    * - R11.2
      - The conversion from a pointer to an incomplete type to unsigned long
        does not lose any information, provided that the target type has enough
diff --git a/docs/misra/rules.rst b/docs/misra/rules.rst
index 3e014a6298..82a26162a9 100644
--- a/docs/misra/rules.rst
+++ b/docs/misra/rules.rst
@@ -404,7 +404,8 @@ maintainers if you want to suggest a change.
        function and any other type
      - All conversions to integer types are permitted if the destination
        type has enough bits to hold the entire value. Conversions to
-       bool and void* are permitted.
+       bool and void* are permitted. Conversions from 'void noreturn (*)(void 
*)'
+       to 'void (*)(void *)' are permitted.
 
    * - `Rule 11.2 
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_02.c>`_
      - Required
-- 
2.43.0



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.