[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Notes from FuSa meeting 2022-06-22 about Deviations

  • To: Luca Fancellu <Luca.Fancellu@xxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Tue, 28 Jun 2022 10:58:03 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gYx8nC2RLD5uj0uY0GCskSn7nz4eKZMSQA+Rbhmq2SY=; b=S3X5Vhgijz6gUcIyhYd3eR/anAMnVC+TM3NaX73a8bmuVGnW70+YBlnnZWAxKUGsvTgySxZ75I05YHVYgAVn6arVG7u/UnhpY0yDasNY3HvcqA4/dnaWwGbCtoxcIxmXu1nrQmCNzvYeDD8NGnCkXHj7zi5Zj5f595Xpc2nu0LIF2Qv1M4jOAS29+VzqFxakpq/Nmyu3rV2oyL+x4CHdirvQt/hFMFFswl2Ti40+Th6jDJI8SLb7enfv43vYc84c7Y/sKZmScvMfJMTO1qJB9YGCHc1/f2mXqX1OOFHaZ8tgx3jTvAcWm0yYNR4CwJWTFpkr6u6C+x8Rf9IrhPnuUA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=asozXZp+LgzK3pwRzOiDtHLw1ULWp8ED1VNSd/orCfjtlnrOWQmJ0bqan3IUl0JtCh25akQDbY+1tlzJEDpfCuRjRtNpGDkEX7f3+Tfl1Rlp12MaT1patveRCaB2XlWnpHCWK3aUgUoseoVMneDwjoqepZSgoKWWBxl4RJ97kgkSsGM8fR4cDc06WgO5sM/rM6Ih1Myiegvmss/YdCvGfQdKzNRfY9RhsVLmwJ6ENYBejxbp28L97NlT+V6pXfIPnY589rV5DP5M1M0WGMLYBiLF0I+gyzaTytbuUhBkSlrRowjZLO5U8hv6hc9NmdPUoTaq4zbQFqbo9FN2EZ+lbA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, "fusa-sig@xxxxxxxxxxxxxxxxxxxx" <fusa-sig@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Tue, 28 Jun 2022 15:54:02 +0000
  • Ironport-data: A9a23:P97H0KxvqJr7lK3ZF4l6t+czxyrEfRIJ4+MujC+fZmUNrF6WrkVWy DZKUTyHaarYamqkKIogOovjoUhUvJKHn4RkS1NuqiAxQypGp/SeCIXCJC8cHc8zwu4v7q5Dx 59DAjUVBJlsFhcwnj/0bv656yMUOZigHtIQMsadUsxKbVIiGX1JZS5LwbZj2NY224jhWmthh PupyyHhEA79s9JLGjp8B5Kr8HuDa9yr5Vv0FnRnDRx6lAe2e0s9VfrzFonoR5fMeaFGH/bSe gr25OrRElU1XfsaIojNfr7TKiXmS1NJVOSEoiI+t6OK2nCuqsGuu0qS2TV1hUp/0l20c95NJ Npll7arETstB5P1qekgCR5cLhlxJZNaweqSSZS/mZT7I0zuVVLJmqwrJ2ZveIoS96BwHH1E8 uEeJHYVdBefiumqwbW9DO5xmsAkK8qtN4Qa0p1i5WiBUbB6HtaeHeOTuoEwMDQY36iiGd7EY MUUc3x3ZQnoaBxTIFYHTpk5mY9Eg1GgLGQD9w3N+cLb5UDD61ZI/eDoLuP7d4zWROd1p3/B9 mzvqjGR7hYycYb3JSC+2laxjeaJsyr9U48WEKCQ/+RvxlaUwwQ7EwYKXFG2pf24jE+WWN9FL UEQvC00osAa+lGwR5zmXhKQpH+fogVaS9dWC/c96gyG1uzT+QnxO4QfZjtIadhjv8hvQzUvj waNh4mwWmIpt6CJQ3WA8LvStSm1JSUeMW4FY2kDUBcB5N7g5oo0i3ojU+peLUJ8tfWtcRmY/ txAhHJm71nPpabnD5mGwG0=
  • Ironport-hdrordr: A9a23:zTxXrq3l0SOQnphrNqKl+AqjBSlyeYIsimQD101hICG9Lfb0qy n+pp4mPEHP4wr5OEtOpTlPAtjkfZr5z+8M3WB3B8bYYOCGghrQEGgG1+ffKlLbexEWmtQttp uINpIOcuEYbmIK8voSgjPIdOrIqePvmM7IuQ6d9QYKcegDUdAd0+4TMHf+LqQZfnglOXJvf6 Dsm/av6gDQD0g/X4CePD0oTuLDr9rEmNbPZgMHPQcu7E2rgSmz4LD3PhCE1lNGOgk/iYsKwC zgqUjU96+ju/a0xlv10HLS1Y1fnJ/ExsFYDMKBp8AJInHHixquZq5mR7qe1QpF6d2H2RIPqp 3hsh0gN8N85zf4eXy0mwLk303a3DMn+xbZuCqlqEqmhfa8aCMxCsJHi44cWADe8VAcsNZ117 8O936FtrJMZCmw0BjV1pztbVVHh0C0qX0tnao4lHpES7YTb7dXsMg24F5VKpEdByj3gbpXXd WGNPusqsq+TGnqLkww5gJUsZyRtzUIb127q3E5y4OoO2M8pgE786MarPZv7EvouqhNCaWs3N 60Q5iApIs+MPP+UpgNdNvpYfHHflAlEii8R166EBDAKJwtHU7rhtre3IgVjdvaC6DgiqFC06 j8bA==
  • List-id: This is a discussion list for members of the Xen Project FuSa SIG <fusa-sig.lists.xenproject.org>
On Tue, Jun 28, 2022 at 08:16:33AM +0000, Luca Fancellu wrote:
> 
> 
> > On 28 Jun 2022, at 08:37, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
> > 
> > On Mon, Jun 27, 2022 at 12:23:32PM -0700, Stefano Stabellini wrote:
> >> Hi all,
> >> 
> >> These are some of the notes that I took today during the meeting about
> >> deviations
> >> 
> >> Cheers,
> >> 
> >> Stefano
> >> 
> >> 
> >> ---
> >> 
> >> 
> >> reasons for deviations:
> >> - code quality
> >> - access to hardware (need compiler extensions to access hardware)
> >> - adopted code integration
> >> - non-compliant adopted code
> >> 
> >> Purpose of tagging:
> >> - I don't want to see this report from the tools again
> >> - This is the reason why I am deviating
> >> 
> >> 
> >> Tags:
> >> - adopted
> >> this is adopted code
> >> - safe
> >> it is a violation but actually the code is safe
> >> - relied
> >> this is for adopted code again and only concern dev confusion
> >> - false-positive
> >> - compliant
> >> for *possible* violations which are safe
> >> - false-negative
> >> Flagging a violation that is present in the code even if the tool
> >> doesn't spot it. Probably not applicable to Xen as we want to enable
> >> multiple tools
> >> 
> >> 
> >> Probably none of our code can be claimed to be "adopted" according to
> >> MISRA, even the one coming from Linux.
> > 
> > So that would limit the tags that we use to: safe, compliant and
> > false-positive?
> 
> Hi Roger,
> 
> I’m afraid we don’t have an answer yet, the meeting run out of time
> yesterday because there was a lot to talk about each tag, probably
> In the following meetings we will have the chance to talk about it.
> 
> > 
> > I'm not sure the difference between safe and compliant is worth having
> > a different tag: both will need a written justification anyway. Maybe
> > would be clearer if there was some example of the different usage of
> > safe vs compliant.
> 
> my understanding from Roberto Bagnara’s explanation is that Compliant is
> a tag marking a *possible* violation emitted by the tool, so the tool tells 
> you
> that there might be a violation because there are probably variables above its
> control (for example it doesn’t have a full path graph because a function is 
> called
> by interrupt vectors, architectural behaviours, …) so the tool’s job is to 
> warn you
> about that and our job is to have a look on that piece of code and prove that 
> it
> works under all the conditions the code is meant to work.

OK, so a 'compliant' is a possible violation, at which point a human
should go and analyze whether it's a real violation (and thus requires
a 'safe' tag) or it's a tool 'false-positive'.

I'm not sure I see the need for such tag, but I might be missing the
point.  It seems to be a tag designed to cover for a checker
deficiency (ie: unable to determine without uncertainty whether a code
is a violation), but we already have false-positive for that.

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.