[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] misra: add deviation for PrintErrMesg() function

  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>
  • Date: Tue, 19 Aug 2025 13:12:59 +0000
  • Accept-language: en-US, uk-UA, ru-RU
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kPZxSKcQaWuKR5coz534mrGqoRFpYRqP222CZDriAyU=; b=Y06dDKw20JVaKtZKQa0sAyDNhHVrdrki19oq4TlqabShxI2asqi8AEFMOOVzUCg2SthkogU86oh8QxYI8JNSof4qSr5exIRekR069h5dZXojDoGDXfjlKdUdavNcFPV7lOrqRNOMCRozSFN3/5eZHhERriDStuCwcmit4Z0gtJE3kI/+JH6uKHt0CaenandkJ5AklcIk/diyYwn4etBE6JPTXblvL9xe9/IZ+5lS8rVipZKOea11QssoyAi4HjX6PqDcpts2NZkMLqHGPx1d6atl/E7atGy+ISxV90o53lW4xWQF4LVlmVg4FVL0Cy+O1r0i1Tv3/afcSFyE8Tn1qQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=gR5A7h9/YP2PSK6jiwDC2CWlrrn4u12SEMqnTCayGo41j2zNnHD7M5YEuNLUvbEbwVIpf77UFbZwUC9VQB9GNfG+e9jaVFeget+SNL2wEbA3Aeyrq+eN1sBSBTYiQSfAngVvRgomgUr466GvlygWW2Q0LgdA8scOECEGwLiEER07u6H/5gqlR9xPL0KopTZnD/VjWGEpRAJz8l62YkVRjTF2VM23sard5j6wb3/Wuq8XrWuCaurh+eGaXBVzknxHyZAsAMj1FbokQzD/wLwjO4kJOUm8l7f/7FH5RkhCzil0ta1QL1fbimifUnBva0EBYM3U4SVXM0q+0dmXwTflRQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
  • Cc: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>, Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Tue, 19 Aug 2025 13:13:06 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHcEQr89D/JS5GCrUaBbORYWk1wAQ==
  • Thread-topic: [PATCH] misra: add deviation for PrintErrMesg() function
MISRA C Rule 2.1 states: "A project shall not contain unreachable code."

The function 'PrintErrMesg()' is implemented to never return control to
its caller. At the end of its execution, it calls 'blexit()', which, in
turn, invokes '__builtin_unreachable()'. This makes the 'return false;'
statement in 'read_file()' function unreachable.

Configure Eclair to do not report this violation.

Signed-off-by: Dmytro Prokopchuk <dmytro_prokopchuk1@xxxxxxxx>
---
Test CI pipeline:
https://gitlab.com/xen-project/people/dimaprkp4k/xen/-/pipelines/1991518214
---
 automation/eclair_analysis/ECLAIR/deviations.ecl | 4 ++++
 docs/misra/deviations.rst                        | 7 +++++++
 2 files changed, 11 insertions(+)

diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl 
b/automation/eclair_analysis/ECLAIR/deviations.ecl
index 7f3fd35a33..5c262aa5ad 100644
--- a/automation/eclair_analysis/ECLAIR/deviations.ecl
+++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
@@ -41,6 +41,10 @@ not executable, and therefore it is safe for them to be 
unreachable."
 
-call_properties+={"name(__builtin_unreachable)&&stmt(begin(any_exp(macro(name(ASSERT_UNREACHABLE)))))",
 {"noreturn(false)"}}
 -doc_end
 
+-doc_begin="Unreachability caused by the call to the 'PrintErrMesg()' function 
is deliberate, as it terminates execution, ensuring no control flow continues 
past this point."
+-config=MC3A2.R2.1,reports+={deliberate, "any_area(^.*PrintErrMesg.*$ && 
any_loc(file(^xen/common/efi/boot\\.c$)))"}
+-doc_end
+
 -doc_begin="Proving compliance with respect to Rule 2.2 is generally 
impossible:
 see https://arxiv.org/abs/2212.13933 for details. Moreover, peer review gives 
us
 confidence that no evidence of errors in the program's logic has been missed 
due
diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst
index 2119066531..8df3c207ff 100644
--- a/docs/misra/deviations.rst
+++ b/docs/misra/deviations.rst
@@ -97,6 +97,13 @@ Deviations related to MISRA C:2012 Rules:
        Xen expects developers to ensure code remains safe and reliable in 
builds,
        even when debug-only assertions like `ASSERT_UNREACHABLE() are removed.
 
+   * - R2.1
+     - Function `PrintErrMesg()` terminates execution (at the end it calls
+       `blexit()`, which, in turn, invokes `__builtin_unreachable()`), ensuring
+       no code beyond this point is ever reached. This guarantees that 
execution
+       won't incorrectly proceed or introduce unwanted behavior.
+     - Tagged as `deliberate` for ECLAIR.
+
    * - R2.2
      - Proving compliance with respect to Rule 2.2 is generally impossible:
        see `<https://arxiv.org/abs/2212.13933>`_ for details. Moreover, peer
-- 
2.43.0

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.