Xen project Mailing List

Re: [XEN PATCH][for-4.19 v3] xen: address violations of Rule 11.9

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>

Date: Thu, 19 Oct 2023 09:03:59 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Nm7zzDCNquY95ZThtAd9HyPjgROfnWsn8rVzmO8/BgI=; b=mpb4m0ZK8AG2k3Y3deskk83GLFH0+XgzFhWv6cklsrDJcllSl1jQitiTyfBwRbl/dUldYT0+ZRBd4VID53hc4MLDeXuIFILXDZoJFcaU6OtVdd35jV10tQMDL/zPOMmKI1YLcFsXHJWHrZ3eqyU3h/RFZZegcvMUwY5jeClVAW+W/BgCias3vvMPjSYjOqol4yver7XI+5Pr2oFSbe4VF7NJs9V74QYnaQ+2ia4iUc+83YIL148QzIAcSyDt9RVxPdGB2aoCjA/eoz5fOOw57XGQ5a5AHNVZ4tUNdomf7O8zgDwjkxWzXizYYxA2eTnNY1OjwyLMXmftLP0xzLDvqg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aR05aOQU1TFEPMK22rBGFVQhzFnUxFIqmdDikYpnbpUbLkC6/xwv58aInW2zO8Hb2nAHlhkeNHegFfIlDRZMJ7A47hpDPARpMbeGGkpSC1m0lrYvLxF+D/pzTQ371GuHJ8lnXa7qhYKeg2NrZYpgBSfeQ5rTaMKI9GJnUh0Ea3LQKA9/FbuFgYVaE80AK/gYZDdJtkoWfVtjTA/TbLqm6j44EjvNfDMHsv8H0IVWDRteAFeu0Zagw1IR3pRKl7fttnzGc0hEXCV16ofKsWXukwEaNSmKJg8JtPvXmyIHSO3vzAwujzcNM4xgZVDIM+u6yFgCqz97/zwfCrWaqBTQmA==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, michal.orzel@xxxxxxx, xenia.ragiadakou@xxxxxxx, ayan.kumar.halder@xxxxxxx, consulting@xxxxxxxxxxx, roger.pau@xxxxxxxxxx, Simone Ballarin <simone.ballarin@xxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Wei Liu <wl@xxxxxxx>, andrew.cooper3@xxxxxxxxxx

Delivery-date: Thu, 19 Oct 2023 07:04:12 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 19.10.2023 02:54, Stefano Stabellini wrote: > On Thu, 19 Oct 2023, andrew.cooper3@xxxxxxxxxx wrote: >> On 18/10/2023 2:42 pm, Nicola Vetrini wrote: >>> diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst >>> index ee7aed0609d2..1b00e4e3e9b7 100644 >>> --- a/docs/misra/deviations.rst >>> +++ b/docs/misra/deviations.rst >>> @@ -199,6 +199,11 @@ Deviations related to MISRA C:2012 Rules: >>> See automation/eclair_analysis/deviations.ecl for the full >>> explanation. >>> - Tagged as `safe` for ECLAIR. >>> >>> + * - R11.9 >>> + - __ACCESS_ONCE uses a 0 as a null pointer constant to check if a >>> type is >>> + scalar, therefore its usage for this purpose is allowed. >> >> This is still deeply misleading. >> >> There is an integer, which happens to be 0 but could be anything, used >> for a compile time typecheck[1]. In some cases this may be interpreted >> as a pointer constant, and is permitted for this purpose. >> >> ~Andrew >> >> [1] I know I wrote scalar typecheck in the comment, but I suspect that >> what I actually meant was non-compound-type typecheck. > > To help Nicola find the right wording do you have a concrete suggestion > for the text to use? > > Reading your reply, I am guessing it would be: > > * - R11.9 > - __ACCESS_ONCE uses an integer, which happens to be zero, as a > non-compound-type typecheck. The typecheck uses a cast. The usage of > zero or other integers for this purpose is allowed. "non-compound" isn't correct either: __int128_t, for example, isn't a compound type but may not be used with ACCESS_ONCE(). Furthermore certain compound types are, as indicated earlier, in principle okay to use with ACCESS_ONCE(). Both are shortcomings of the present implementation, which imo shouldn't propagate into this document. I'd say just "as a compile time check". Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.