[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [XEN PATCH] xen/evtchn: address violations of MISRA C:2012 Rules 16.3 and 16.4

To: Jan Beulich <jbeulich@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
From: Federico Serafini <federico.serafini@xxxxxxxxxxx>
Date: Mon, 11 Mar 2024 10:02:21 +0100
Cc: consulting@xxxxxxxxxxx, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 11 Mar 2024 09:02:30 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 11/03/24 08:40, Jan Beulich wrote:

On 08.03.2024 12:51, Federico Serafini wrote:

--- a/xen/common/event_channel.c
+++ b/xen/common/event_channel.c
@@ -130,9 +130,12 @@ static bool virq_is_global(unsigned int virq)

case VIRQ_ARCH_0 ... VIRQ_ARCH_7:

          return arch_virq_is_global(virq);
+
+    default:
+        ASSERT(virq < NR_VIRQS);
+        break;
      }

- ASSERT(virq < NR_VIRQS);

      return true;
  }


Just for my understanding: The ASSERT() is moved so the "default" would
consist of more than just "break". Why is it that then the "return" isn't
moved, too?


No reason in particular.
If preferred, I can move it too.

@@ -846,6 +849,7 @@ int evtchn_send(struct domain *ld, unsigned int lport)
          break;
      default:
          ret = -EINVAL;
+        break;
      }


I certainly agree here.

@@ -1672,6 +1676,9 @@ static void domain_dump_evtchn_info(struct domain *d)
          case ECS_VIRQ:
              printk(" v=%d", chn->u.virq);
              break;
+        default:
+            /* Nothing to do in other cases. */
+            break;
          }


Yes this, just to mention it, while in line with what Misra demands is
pretty meaningless imo: The absence of "default" says exactly what the
comment now says. FTAOD - this is a comment towards the Misra guideline,
not so much towards the specific change here.


Both you and Stefano reviewed the code and agreed on the fact that doing
nothing for the default case is the right thing and now the code
explicitly says that without letting any doubts.
Furthermore, during the reviews it could happen that you notice a switch
where something needs to be done for the default case.

--
Federico Serafini, M.Sc.

Software Engineer, BUGSENG (http://bugseng.com)

Follow-Ups:
- Re: [XEN PATCH] xen/evtchn: address violations of MISRA C:2012 Rules 16.3 and 16.4
  - From: Jan Beulich

References:
- [XEN PATCH] xen/evtchn: address violations of MISRA C:2012 Rules 16.3 and 16.4
  - From: Federico Serafini
- Re: [XEN PATCH] xen/evtchn: address violations of MISRA C:2012 Rules 16.3 and 16.4
  - From: Jan Beulich

Prev by Date: [XEN PATCH v3 16/16] xen/lz4: address violations of MISRA C:2012 Directive 4.10
Next by Date: Re: [PATCH v2 3/5] xen/domctl, tools: Introduce a new domctl to get guest memory map
Previous by thread: Re: [XEN PATCH] xen/evtchn: address violations of MISRA C:2012 Rules 16.3 and 16.4
Next by thread: Re: [XEN PATCH] xen/evtchn: address violations of MISRA C:2012 Rules 16.3 and 16.4
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.