[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] misra: add deviation of Rule 2.1 for BUG() macro

  • To: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
  • From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>
  • Date: Mon, 25 Aug 2025 09:56:46 +0000
  • Accept-language: en-US, uk-UA, ru-RU
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=P7LHE8R+NRn6nA6086+NvLSBSdkIk3irEvPuc0vAdQ0=; b=ul+t2dlMugnaZI4/7DdhOmak/X6OjMVwApES40jq0uHkn6wPF5kmRAHFb2lNvTFizvFaN/VLJKZzy7iFvuLqO1yFavQuxDTKJ1+Yx/GOQ7Q2KHleKIyaUSY3Gr7RpdHSoXNY2/sLPmn9ZDO8mFdZb5i58vktCYRl5P7Fy8OAkIAZI1PcEEIgZO6DrKrbPGbGuBmf26n1KY6tODjE92aWrmlzTX9WL+21deuajbe/K9NWDXHSmMJzR3A1OU2avfOFrqOajR7nDzNkj+kTMttuqdIsApTUsPZ/H6RzNAeFh+cxuzav+Xam7ZcMdRLE0WnvS8R8NqFZN1WtszYVH+BJcA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=UtNE77vmLuJ0iBpbgAM2zNALkFg3JB6T8ah7kgmum86fiK0iRs+n1kR5nGxATkKh7nw+glhoSURgqldqxacJD//+lJJmQzmwnItKK3Z1icTcoZafBJFXA55n7avM14ndhd1XUE6fxxueFjxvVCE+RNRfHbVHOw4zW59Uec3YglA4BH0bz6wKUL59iywN4/wgKsvlteyZ463TQqK4a3PbCjmthFW6cQfe7IYZyLY2R4xImvCh9R3yueRXJH1xDsTt2zvv2D+jSlEnDU4cT5tgrYNqRc29uW0OfrnZw6xo7lpoYuBTTFDU8kvOgaRJWTdnJHJivluFOczUP6gGPgVgfg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Mon, 25 Aug 2025 09:57:03 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHcFQc77bBOPokbA0m9oV6J6fEgkLRx7dcAgAE1O4A=
  • Thread-topic: [PATCH] misra: add deviation of Rule 2.1 for BUG() macro

On 8/24/25 18:29, Nicola Vetrini wrote:
> On 2025-08-24 16:56, Dmytro Prokopchuk1 wrote:
>> MISRA C Rule 2.1 states: "A project shall not contain unreachable code".
>> Functions that are non-returning and are not explicitly annotated with
>> the 'noreturn' attribute are considered a violation of this rule.
>>
>> In certain cases, some functions might be non-returning in specific build
>> configurations due to call to '__builtin_unreachable()' in the expansion
>> of the macro 'BUG()':
>>  - functions 'gicv3_do_LPI()' and 'gicv3_its_setup_collection()' when the
>> config CONFIG_HAS_ITS is not defined, it is intentionally used to catch
>> and prevent any unintended execution of code that should only run when
>> ITS is available;
>>  - function 'prepare_acpi()' when the config CONFIG_ACPI is not defined,
>> to trigger an error if ACPI-related features are used incorrectly.
>>
>> To account for that in specific builds, update the ECLAIR configuration
>> to deviate these violations. Update deviations.rst file accordingly.
>> No functional changes.
>>
>> Signed-off-by: Dmytro Prokopchuk <dmytro_prokopchuk1@xxxxxxxx>
>> ---
>> Test CI pipeline:
>> https://eur01.safelinks.protection.outlook.com/? 
>> url=https%3A%2F%2Fgitlab.com%2Fxen- 
>> project%2Fpeople%2Fdimaprkp4k%2Fxen%2F- 
>> %2Fpipelines%2F2000738682&data=05%7C02%7Cdmytro_prokopchuk1%40epam.com%7C08437a04f690436abce108dde323160d%7Cb41b72d04e9f4c268a69f949f367c91d%7C1%7C0%7C638916462021941023%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=MV6luTeth3rosis1dC2kvVvGBEVSkOzyQGe9HDWftaM%3D&reserved=0
>> ---
> 
> https://eur01.safelinks.protection.outlook.com/? 
> url=https%3A%2F%2Fgitlab.com%2Fxen- 
> project%2Fpeople%2Fdimaprkp4k%2Fxen%2F- 
> %2Fjobs%2F11119212994&data=05%7C02%7Cdmytro_prokopchuk1%40epam.com%7C08437a04f690436abce108dde323160d%7Cb41b72d04e9f4c268a69f949f367c91d%7C1%7C0%7C638916462021972965%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=J1GNdrIG1ApqIOqsSyygSZbU%2B3H%2BFvHZKxtBMgz2CXY%3D&reserved=0
> 
> Build failure here

Restarted the failed job. Finished successfully.

Dmytro.
> 
>>  automation/eclair_analysis/ECLAIR/deviations.ecl | 11 +++++++++++
>>  docs/misra/deviations.rst                        | 13 +++++++++++++
>>  2 files changed, 24 insertions(+)
>>
>> diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/ 
>> automation/eclair_analysis/ECLAIR/deviations.ecl
>> index 7f3fd35a33..336aec58c2 100644
>> --- a/automation/eclair_analysis/ECLAIR/deviations.ecl
>> +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
>> @@ -41,6 +41,17 @@ not executable, and therefore it is safe for them 
>> to be unreachable."
>>
>> - 
>> call_properties+={"name(__builtin_unreachable)&&stmt(begin(any_exp(macro(name(ASSERT_UNREACHABLE)))))",
>>  {"noreturn(false)"}}
>>  -doc_end
>>
>> +-doc_begin="The 'BUG()' macro is intentionally used in the 
>> 'prepare_acpi()' function in specific build configuration
>> +(when the config CONFIG_ACPI is not defined) to trigger an error if 
>> ACPI-related features are used incorrectly."
>> +-config=MC3A2.R2.1,reports+={deliberate, "any_area(any_loc(file(^xen/ 
>> arch/arm/include/asm/domain_build\\.h$))&&context(name(prepare_acpi)))"}
>> +-doc_end
>> +
>> +-doc_begin="The 'BUG()' macro is intentionally used in 
>> 'gicv3_do_LPI'() and 'gicv3_its_setup_collection()' functions
>> +in specific build configuration (when the config CONFIG_HAS_ITS is 
>> not defined) to catch and prevent any unintended
>> +execution of code that should only run when ITS is available."
>> +-config=MC3A2.R2.1,reports+={deliberate, "any_area(any_loc(file(^xen/ 
>> arch/arm/include/asm/gic_v3_its\\.h$))&&context(name(gicv3_do_LPI|| 
>> gicv3_its_setup_collection)))"}
>> +-doc_end
>> +
>>  -doc_begin="Proving compliance with respect to Rule 2.2 is generally 
>> impossible:
>>  see https://eur01.safelinks.protection.outlook.com/? 
>> url=https%3A%2F%2Farxiv.org%2Fabs%2F2212.13933&data=05%7C02%7Cdmytro_prokopchuk1%40epam.com%7C08437a04f690436abce108dde323160d%7Cb41b72d04e9f4c268a69f949f367c91d%7C1%7C0%7C638916462021989821%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=N2i2wigU3ol8M2DsYhb8DcwrIvyYEhlbQrlaMlYoWJw%3D&reserved=0
>>  for details. Moreover, peer review gives us
>>  confidence that no evidence of errors in the program's logic has been 
>> missed due
>> diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst
>> index 2119066531..96eb202502 100644
>> --- a/docs/misra/deviations.rst
>> +++ b/docs/misra/deviations.rst
>> @@ -97,6 +97,19 @@ Deviations related to MISRA C:2012 Rules:
>>         Xen expects developers to ensure code remains safe and 
>> reliable in builds,
>>         even when debug-only assertions like `ASSERT_UNREACHABLE() are 
>> removed.
>>
>> +   * - R2.1
>> +     - The 'BUG()' macro is intentionally used in the 
>> 'prepare_acpi()' function
>> +       in specific build configuration (when the config CONFIG_ACPI 
>> is not
>> +       defined) to trigger an error if ACPI-related features are used 
>> incorrectly.
>> +     - Tagged as `deliberate` for ECLAIR.
>> +
>> +   * - R2.1
>> +     - The 'BUG()' macro is intentionally used in 'gicv3_do_LPI'() and
>> +       'gicv3_its_setup_collection()' functions in specific build 
>> configuration
>> +       (when the config CONFIG_HAS_ITS is not defined) to catch and 
>> prevent any
>> +       unintended execution of code that should only run when ITS is 
>> available.
>> +     - Tagged as `deliberate` for ECLAIR.
>> +
>>     * - R2.2
>>       - Proving compliance with respect to Rule 2.2 is generally 
>> impossible:
>>         see `<https://eur01.safelinks.protection.outlook.com/? 
>> url=https%3A%2F%2Farxiv.org%2Fabs%2F2212.13933&data=05%7C02%7Cdmytro_prokopchuk1%40epam.com%7C08437a04f690436abce108dde323160d%7Cb41b72d04e9f4c268a69f949f367c91d%7C1%7C0%7C638916462022006666%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=fT1IM0bnst9%2FkJ2rI7GiMRkbWJVG%2F%2FD%2B82z3QDVyD9s%3D&reserved=0>`_
>>  for details. Moreover, peer
>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.