[xen staging] automation/eclair: add deviations for Rule 20.7

[patchbot@xxxxxxx]

commit 80d28865e181ae51d2a2f7cea5f0332ea5d845ee
Author:     Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
AuthorDate: Fri Mar 29 10:11:33 2024 +0100
Commit:     Stefano Stabellini <stefano.stabellini@xxxxxxx>
CommitDate: Fri Apr 5 11:15:47 2024 -0700

    automation/eclair: add deviations for Rule 20.7
    
    These deviations deal with the following cases:
    - macro arguments used directly as initializer list arguments;
    - uses of the __config_enabled macro, that can't be brought
      into compliance without breaking its functionality;
    - exclude files that are out of scope (efi headers and cpu_idle);
    - uses of alternative_{call,vcall}[0-9] macros.
    
    The existing configuration for R20.7 is reordered so that it matches the
    cases listed in its documentation comment.
    
    Signed-off-by: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
    Reviewed-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>
---
 automation/eclair_analysis/ECLAIR/deviations.ecl | 25 ++++++++++++++++++++++--
 docs/misra/deviations.rst                        | 14 ++++++++++++-
 docs/misra/rules.rst                             |  2 +-
 3 files changed, 37 insertions(+), 4 deletions(-)

diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl 
b/automation/eclair_analysis/ECLAIR/deviations.ecl
index de9ba723fb..70756503f5 100644
--- a/automation/eclair_analysis/ECLAIR/deviations.ecl
+++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
@@ -401,12 +401,33 @@ unexpected result when the structure is given as argument 
to a sizeof() operator
 
 -doc_begin="Code violating Rule 20.7 is safe when macro parameters are used: 
(1)
 as function arguments; (2) as macro arguments; (3) as array indices; (4) as lhs
-in assignments."
+in assignments; (5) as initializers, possibly designated, in initalizer lists."
 -config=MC3R1.R20.7,expansion_context=
 {safe, "context(__call_expr_arg_contexts)"},
+{safe, "left_right(^[(,\\[]$,^[),\\]]$)"},
 {safe, "context(skip_to(__expr_non_syntactic_contexts, 
stmt_child(node(array_subscript_expr), subscript)))"},
 {safe, "context(skip_to(__expr_non_syntactic_contexts, 
stmt_child(operator(assign), lhs)))"},
-{safe, "left_right(^[(,\\[]$,^[),\\]]$)"}
+{safe, "context(skip_to(__expr_non_syntactic_contexts, 
stmt_child(node(init_list_expr||designated_init_expr), init)))"}
+-doc_end
+
+-doc_begin="Violations involving the __config_enabled macros cannot be fixed 
without
+breaking the macro's logic; futhermore, the macro is only ever used in the 
context
+of the IS_ENABLED or STATIC_IF/STATIC_IF_NOT macros, so it always receives a 
literal
+0 or 1 as input, posing no risk to safety."
+-config=MC3R1.R20.7,reports+={safe, 
"any_area(any_loc(any_exp(macro(^___config_enabled$))))"}
+-doc_end
+
+-doc_begin="Violations due to the use of macros defined in files that are
+not in scope for compliance are allowed, as that is imported code."
+-file_tag+={gnu_efi_include, "^xen/include/efi/.*$"}
+-file_tag+={acpi_cpu_idle, "^xen/arch/x86/acpi/cpu_idle\\.c$"}
+-config=MC3R1.R20.7,reports+={safe, "any_area(any_loc(file(gnu_efi_include)))"}
+-config=MC3R1.R20.7,reports+={safe, "any_area(any_loc(file(acpi_cpu_idle)))"}
+-doc_end
+
+-doc_begin="To avoid compromising readability, the macros 
alternative_(v)?call[0-9] are allowed
+not to parenthesize their arguments."
+-config=MC3R1.R20.7,reports+={safe, 
"any_area(any_loc(any_exp(macro(^alternative_(v)?call[0-9]$))))"}
 -doc_end
 
 -doc_begin="Uses of variadic macros that have one of their arguments defined as
diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst
index eb5ef2bd9d..5fdacfd420 100644
--- a/docs/misra/deviations.rst
+++ b/docs/misra/deviations.rst
@@ -345,7 +345,19 @@ Deviations related to MISRA C:2012 Rules:
        (1) as function arguments;
        (2) as macro arguments;
        (3) as array indices;
-       (4) as lhs in assignments.
+       (4) as lhs in assignments;
+       (5) as initializers, possibly designated, in initalizer lists.
+     - Tagged as `safe` for ECLAIR.
+
+   * - R20.7
+     - Violations due to the use of macros defined in files that are not
+       in scope for compliance are allowed, as that is imported code.
+     - Tagged as `safe` for ECLAIR.
+
+   * - R20.7
+     - To avoid compromising readability, the macros 
`alternative_(v)?call[0-9]`
+       are allowed not to parenthesize their arguments, as there are already
+       sanity checks in place.
      - Tagged as `safe` for ECLAIR.
 
    * - R20.12
diff --git a/docs/misra/rules.rst b/docs/misra/rules.rst
index 79487cf91c..86f4ad0ab3 100644
--- a/docs/misra/rules.rst
+++ b/docs/misra/rules.rst
@@ -561,7 +561,7 @@ maintainers if you want to suggest a change.
        shall be enclosed in parentheses
      - Extra parentheses are not required when macro parameters are used
        as function arguments, as macro arguments, array indices, lhs in
-       assignments
+       assignments or as initializers in initalizer lists.
 
    * - `Rule 20.9 
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_20_09.c>`_
      - Required
--
generated by git-patchbot for /home/xen/git/xen.git#staging