[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] misra: address Rule 11.3 in spin_unlock_common()

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
  • Date: Mon, 03 Nov 2025 14:07:00 +0100
  • Arc-authentication-results: i=1; bugseng.com; arc=none smtp.remote-ip=162.55.131.47
  • Arc-message-signature: i=1; d=bugseng.com; s=openarc; a=rsa-sha256; c=relaxed/relaxed; t=1762175221; h=DKIM-Signature:MIME-Version:Date:From:To:Cc:Subject:In-Reply-To: References:Message-ID:X-Sender:Organization:Content-Type: Content-Transfer-Encoding; bh=L0vPos1n2LyqS4BcAgaP2dPupdnaWfIzSSvZRK/wlck=; b=dG0bu/oJm610U1j3cLGJUB6zHeIXcJzTQEGQAbAH50Kcn4rjuw/kkvVn9Ag6ORyjNzoa EbWX2f4y04pzUi9Iwon8oqbH9cdR1ct1QaVAuW5ERI4/b6+SS3WzewXnqf6bXLMptgggO Qf5psMuCSHmVswzGFDSg9wJoVha9iKKiHFfHqHBH0+eIGZqmSjlmLnC2AApijO8CvkHva cbODl91iAii/xXSqWTKjJiGfHOYYNFAq4+Pu4LTBLFFtJz5RLUm+nh3pFU9KCbqfWOIAH Eu254TiePcxbvDOMVXv0Oxh/oTNUPiyqH6Nio5+eylu1VQwcvhuCfPVyUvQ4FdXlpkuYx Sl6K8IUL1uFxQ3aIu3X99PZG9lThSKfVwZnxNR+Rm461/iKqplPLSZ39IBDi9cr7xxhVi naxIRCoPmAnHxpIsX7EBEaVRJRsk2FG1kxkXgmDjzHU+RS/GZQMhpe6c+8bPIE/7O01CI YB94+LJ45/2+d2nIIcEr9bnLu9mKL2H5XwMe0Fu19gdWOxs7d90LKomImvaZY/9iDEVIO FyviJ0hwjkshsAFGT3GuaGTxsVEyVbDDURjzRVyPVjDLoVjxBeCIsLF4YfIpxM+QaJhO4 ncE5LrkiaXfZwsNqSTvKh2Y3x1H8Mv4NbfrPQAoRwwegombFB7aB4/GArw7jNOM=
  • Arc-seal: i=1; d=bugseng.com; s=openarc; a=rsa-sha256; cv=none; t=1762175221; b=KVSIHJiUphHSluETuCAn8drUJd+QSevuHEAWOT29BJm0mpEd+Hyl/97bQj3JhNGxb8ID Myi3ACs/f9qMGcBHP6NsmRe+lqAmuILluleA6Al2o+OpjWDMOpR7xCGN5VSuQVOq5JMGe wfi/Gd1gTPEthvgXwrgkbqVxt8d5jyX6phSPh0aNHHjHYWVeneAHXuOz4IO+Aj8RS7mdC 1UXnj1DlpUwqQ/i3VlfyQ1JzWr6c4tiL1bnke17iJnBTDYeHXviCOOM4XKAU2sgL/hgFg k1Agi/d51EBRFtdfi75EMVw/nonZT6CADqfbbMo6o/F2X3/2rxTZrqKRR09qlK9pFUYR4 EI+vxS8gj6iXbLKvy4DrRx13gRctFENrPH2vPdRcN1pI/ba8k5j2FxrtE/LewYlnB1Pdn mOuSoH13kMDM3hMB2Jt+7GoMQaiOiln09rfhCXPjf4PGEwpWEjqcJOxnvIbjaFVhB9bZH eA1D3+vDUJucfw7FVml30J21ZViRHhkFoWsjzk/YtuQwdfO3dI3lr+hGNSTDZkSokr9Vd Z86Fn4VUFZI8wUFuum+g01PnMzIYEVvXpRHonLihWuz+lzE2Pes/8Vk+6ZzEvVb9lEmhM RbP8Lr5WPEpn0PU/HUF17KlP+MJko2xkMcuzHC31DCu8OBPkTW6nRMpz719pZC8=
  • Authentication-results: bugseng.com; arc=none smtp.remote-ip=162.55.131.47
  • Cc: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Alistair Francis <alistair.francis@xxxxxxx>, Bob Eshleman <bobbyeshleman@xxxxxxxxx>, Connor Davis <connojdavis@xxxxxxxxx>, Oleksii Kurochko <oleksii.kurochko@xxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • Delivery-date: Mon, 03 Nov 2025 13:07:34 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 2025-11-03 12:26, Andrew Cooper wrote:

On 03/11/2025 10:11 am, Dmytro Prokopchuk1 wrote:

diff --git a/xen/common/spinlock.c b/xen/common/spinlock.c
index 0389293b09..d9dc9998e6 100644
--- a/xen/common/spinlock.c
+++ b/xen/common/spinlock.c
@@ -367,7 +367,8 @@ static void always_inline spin_unlock_common(spinlock_tickets_t *t, 
     LOCK_PROFILE_REL;
     rel_lock(debug);
     arch_lock_release_barrier();
-    add_sized(&t->head, 1);
+    BUILD_BUG_ON(sizeof(t->head) != sizeof(uint16_t));
+    add_u16_sized(&t->head, 1);
This is an example where MISRA's opinions actively making the logic less 
safe.

It's not possible for add_sized() to use the wrong type (as it
calculates it internally), whereas it's quite possible to update the
BUILD_BUG_ON() and fail to adjust the add.
I agree, we should devise a way to argue that the casts are safe and write a proper deviation. If I recall correctly, {read,write}_atomic have exactly the same issues. 


Specifically, you've made it more complicated to reason about, and
created an opportunity to make an unsafe change where that opportunity
does not exist in the code as-is.

Furthermore, read and write atomic have exactly the same internal
pattern as add_sized(), so how does this not just kick the can down the
road?

~Andrew


--
Nicola Vetrini, B.Sc.
Software Engineer
BUGSENG (https://bugseng.com)
LinkedIn: https://www.linkedin.com/in/nicola-vetrini-a42471253

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.