[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Misra R17.1 in Xen
- To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, "consulting@xxxxxxxxxxx" <consulting@xxxxxxxxxxx>
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Tue, 30 Dec 2025 17:05:38 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=q63IqMXSNUUEhyRsssGKpy01kGGBkJUz6SDQk1wca1k=; b=wZg0TKWKdrC5JIuqtdVKqmOkiJgnrbKvWCxLMAJMbNCVHBwhCYG/555OTjD/2hlCGmrBj+B9FQYMTlFawArPA8KNIp7Wagzr/o8JiwwsD2ERVnV0NEBVzjqFUdOnDQmSqzmwcioyW51fp37FU2om/jr2Kn4k9c7SLlamtTbfucfo9Btku8Dx06cg5bZB6QrFqtGAGdXZGlXezUrwu2mkeVLoxmJ8JVAWNe7rz3aVD3Rync9eluwwPkrrBqpfSAM0vvNw5uGJydmlyWLqoEG/nnqCcjX2w6mFEDmyUJjP4i13eWx1T1KHoVz52sehw6SCjqfSI3MnNkjHVTCZDk8XiA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=HlPqDOZddeqUw7ktnlbv8gMLWK7VprypJvQe7ngFx4JPRoOF1CnybKjcONQsLdworEAwCDErBD37Rz/3d+LZKxboswJ7fnpCYDltlsZMC/+s9a4E57jUidh9WI2x84aWk2GzoKqW4iIpk+xvbtNR4ZqzRmg8gD4gZHUyztLuNgUuURlDxErySNg8Qwv3jXeOZBLOxzEwVTTC6Uqlnu+tgBX5lSslrDIrgraC4epBAAZGFn1q8ZPuXZQ6RTJA/5maDqKCaHMI4IFMENJJq5Pv0jmW69WH/39S1pilZ/alyi6nWMGVQhoNBrmbYbbtaYjYj2RXNcRdDZhIDh/d1ZPqCw==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>
- Delivery-date: Tue, 30 Dec 2025 17:06:08 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Hello,
The x86_64-allcode run highlights one new violation of R17.1,
vmcoreinfo_append_str(). In writing this email, I've found another in
debugtrace_printk() meaning that we're missing some options in the
-allcode configuration.
In deviations.ecl we have:
-doc_begin="printf()-like functions are allowed to use the variadic features
provided by stdarg.h."
-config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(^.*printk\\(.*\\)$)))"}
-config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(^.*printf\\(.*\\)$)))"}
-config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(panic)&&kind(function))))"}
-config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(elf_call_log_callback)&&kind(function))))"}
-config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(vprintk_common)&&kind(function))))"}
-config=MC3A2.R17.1,macros+={hide , "^va_(arg|start|copy|end)$"}
-doc_end
First, we have no printf() so that row should be removed.
But, more importantly this is safe if and only if the function
declaration uses __attribute__((__format__(printf, ...))) to cause the
compiler to perform format typechecking.
Is it possible to encode this attribute requirement in the Eclair
expression, so that e.g. accidentally dropping the attribute causes a
violation to be reported? This would also be rather safer than assuming
that any prefix on printk() is safe.
Thanks,
~Andrew
|
