[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] misra: add deviation of Rule 2.1 for BUG() macro

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>
  • Date: Wed, 17 Sep 2025 18:51:49 +0000
  • Accept-language: en-US, uk-UA, ru-RU
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5B1mwtcXkpRXJJU4/uGxyVCJHB2Wt/7atY34Xqz/edc=; b=BfXt6N3s9EWZpN/Z+SQn8+J1/r9fidRTJlv1C+mu74J01NWm9dOuGdCdCGf1d+YwsTpwc1eZ1pbGACGV87kAC7/G8b/yeCQJyqtdCWZWETpsCGskfTxmJtAv7AnKSujLRkzp8XCk8EV2Q3RypvWu4M7m6KlHnLp/X2mlTMiVPpy4gMkUWSQgwUh1X3glMT/ixzP/TNMUFbjv1gtkKxTpNs0g+4OVtosgIXRkmpBxu1OidjNST6MwthTwRB77jP6ylF+NCph10SCRHGAJGCQVgDduE3f6sxJH73kQizV6+6SqHNZ/TNhYuXz8oVGtyfg9Wsn9yhmBnGdCxHafOsLLbQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=mOIKz349jGS/wKELwU0khXNNPLXemWlGUulkeGKkZBdR5nFCBSHDhvumWOERln2svwRurSh8B6iMGQqzQIjoSBmVIB1RTvy4bA+YABWMj+LRckUa/ZGh0PxmNWNlYSWgMgX6J74ptrazWeCm9DLrJDg/Y6fzdOj7Wuxa2pCbuh4KlIJwRpYEwygU8N5Ux6yaoD52oVyr3PuOtJyE3ZPECnvVrIYudfQAEP7GeiXkjzadpD1fUhgV95DwxTMeA5+LPC1qwVdixNiC4H/gkdKTyDjxFRUoGdhBk80t4NLuTeWjV2WYF2R6WTgcW90TsQQrYjxgPdZwxgvQYIN86tHKSw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
  • Cc: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Wed, 17 Sep 2025 18:52:12 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHcJwfEWjVU7vF+102YDgRq9OEY77SV3fSAgABWKoCAAAe4AIABLJwAgAAEy4CAAEzxAA==
  • Thread-topic: [PATCH v2] misra: add deviation of Rule 2.1 for BUG() macro

On 9/17/25 17:16, Jan Beulich wrote:
> On 17.09.2025 15:59, Dmytro Prokopchuk1 wrote:
>>
>>
>> On 9/16/25 23:03, Jan Beulich wrote:
>>> On 16.09.2025 21:35, Dmytro Prokopchuk1 wrote:
>>>>
>>>>
>>>> On 9/16/25 17:27, Jan Beulich wrote:
>>>>> On 16.09.2025 14:45, Dmytro Prokopchuk1 wrote:
>>>>>> --- a/docs/misra/deviations.rst
>>>>>> +++ b/docs/misra/deviations.rst
>>>>>> @@ -98,6 +98,23 @@ Deviations related to MISRA C:2012 Rules:
>>>>>>            even when debug-only assertions like `ASSERT_UNREACHABLE()` 
>>>>>> are removed.
>>>>>>          - ECLAIR has been configured to ignore those statements.
>>>>>>
>>>>>> +   * - R2.1
>>>>>> +     - In the specific build configuration (when the config CONFIG_ACPI 
>>>>>> is not
>>>>>> +       defined) the 'BUG()' macro is intentionally used in the 
>>>>>> 'prepare_acpi()'
>>>>>> +       function in the header file 
>>>>>> 'xen/arch/arm/include/asm/domain_build.h'
>>>>>> +       defined as 'static inline' to trigger a runtime error if 
>>>>>> ACPI-related
>>>>>> +       features are used incorrectly.
>>>>>> +     - Tagged as `deliberate` for ECLAIR.
>>>>>
>>>>> I response to me outlining a deviation-less alternative you tried it out
>>>>> and said it works. Then why is the deviation still being put in place?
>>>>
>>>> Yes, that's true.
>>>> I started with that prepare_acpi() function and I tried to move it into
>>>> xen/include/xen/acpi.h header file under appropriate #ifdef:
>>>> https://gitlab.com/xen-project/people/dimaprkp4k/xen/-/commit/d15cf91de92f1f8ec67911c51a13e7f095c1bcdd
>>>
>>> But an important part of my proposal was to have no #ifdef around
>>> the declaration, iirc. With that, no violation should result.
>> I don't understand, how it can help to avoid scanning by the Eclair?
>
> I didn't say it would. Scanning will always happen. The question is
> whether Eclair would flag anything.
>
>> In particular build configuration the "static inline" version of the
>> function will be present after preproccesor, and Eclair will scan it.
>>
>> Jan, please, explain your thought. I think, I missed something.
>
> If acpi_disabled is compile-time-constant false, all you need is a
> declaration for prepare_acpi(). The call to it will then be DCE-ed.
> No inline function, no #ifdef, no violation.
>
> Jan

Yeah... The key words were "No inline function". Now it's clear to me.
And it works fine for the 'prepare_acpi()' and
'gicv3_its_setup_collection()' functions.
No inline functions -> no violations. The Eclair is happy.
Instead of runtime checking we've got compile-time checking of the
functions invalid usage. Original idea is preserved.

Unfortunately, the function 'gicv3_do_LPI()' doesn't have a
compile-time-constant guard around it. Furthermore, it's assigned to the
callback pointer:

     .do_LPI              = gicv3_do_LPI,

It's possible to remove inline variant of this function,
put the following code inside #ifdef

     #ifdef CONFIG_HAS_ITS
         .do_LPI              = gicv3_do_LPI,
     #endif

and check callback pointer later

     if ( gic_hw_ops->do_LPI )
         gic_hw_ops->do_LPI(irq);

But we will lost the original idea (I mean having checking mechanism:
runtime or compile-time).

If you have some ideas, please let me know.
Otherwise, SAF comment should be created there.

Thanks,
Dmytro.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.