Xen project Mailing List

Re: [PATCH] generic/altp2m: address violations of MISRA C Rule 2.1

From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>

Date: Mon, 22 Jun 2026 10:29:28 +0000

Accept-language: en-US, uk-UA, ru-RU

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OPj2m8WuMXVs5yKVJD9WdJyJiuolgLjdQcFIMGlPs3c=; b=ldCPhEZtQWdCdnDDQKBc96bhLOhKVWbOExV18nOKYOztfhtlATJwCqI3WVFS2Cgr9u+DLkctxbIfWVmHgZrKQo/frqA7t5p0eH3D+KuTntCNtiI+erhMnIyVpsdA+9gO938bTRGbNZGlVIzkN9+fpyoJbxysmGhmpVUVpxVW29lbFayBmyVgK6tD3cMNBemXQPRgh5Wz+YAFEcRu5IaCJf2szEwte16Nscnuy6YZn79DyKTGdxnI3kEcGJz5m5vtIsSy+W75k5LW3gx7QRHfdSq/7uNawrMAHmNGStErR6m4M3N0KjHa4Kq/DON10O7k8hlOektzg73/3q23DFLP8Q==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Uj6u4GJuv5+kG06bS4rfdSBsrUzK8z9fX2V8Zm+McURm5sDu4WpDF0lMWhu/p7OZ7/mqgP540s8TgadfShuVjDCyULiDBKe1TdmpBxn6zXzY+OXToxwwgE95oUus99CNgFl5AFza3WTBsOiFavJGinc/STOiS9/azQqygh8a7UGOFTYddpETKrOsB6etY+5XsStt1JdW5ny2vXE3NqjBdT4wYdxnhL9JePJHLYF5RpBQkSe98BMvvUELRnP+v4qI7rJZFxI6e07uc6zNg3WmV7SpN903muih8Qxy2W/ndb2lhpa8/TLC5ArAayVGzGPajKZ5JzyKLPW/XBTuL0uvwQ==

Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=epam.com header.i="@epam.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:x-ms-exchange-senderadcheck"

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Mon, 22 Jun 2026 10:29:53 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHcyEeH3FAPJgz8C0q4McY6u5ZElbXXzxqAgHMEWQA=

Thread-topic: [PATCH] generic/altp2m: address violations of MISRA C Rule 2.1

Hello, Jan On 4/10/26 09:04, Jan Beulich wrote: > On 09.04.2026 19:37, Dmytro Prokopchuk1 wrote: >> MISRA C Rule 2.1 states: "A project shall not contain unreachable code". >> >> In certain build configurations, > > Can you give an example where ... If CONFIG_VM_EVENT is enabled on ARM. > >> the function 'altp2m_vcpu_idx()' is defined >> as an inline function that contains the 'BUG()' macro. This resulted in a >> violation because the 'BUG()' macro makes the function non-returning. >> >> To ensure compliance with MISRA C Rule 2.1, this patch removes the inline >> function implementation and its BUG()-based unreachable code. It is replaced >> with an unconditional function declaration for 'altp2m_vcpu_idx()'. > > ... a declaration is needed? The sole non-x86 reference I see is from Yes, declaration is needed. The file 'common/monitor.c' contains a usage of the 'altp2m_vcpu_idx()' and compiler must see it to avoid "error: implicit declaration of function ‘altp2m_vcpu_idx’". > common/monitor.c, and the sole relevant Kconfig option I can spot is > VM_EVENT. When that's off, the file won't be built at all. But when 'CONFIG_VM_EVENT=y' this file is compiled on ARM. > > Further, BUG() and a few more constructs have a dedicated deviation > already in place. I don't mind a useless function to be shrunk (or, as > per above, perhaps even dropped), but the justification then needs to > be different. Well, with Stefano's comment regarding return type, the commit subject and message could be rewritten like: generic/altp2m: align and simplify altp2m_vcpu_idx() The return type of 'altp2m_vcpu_idx()' in the generic altp2m.h header is currently 'unsigned int', which is inconsistent with its 'uint16_t' return type on x86 and the 'altp2m_idx' member of the monitor structures. To fix this type inconsistency and simplify the header, this patch replaces the static inline implementation of 'altp2m_vcpu_idx()' (contained a BUG() stub) with a simple function declaration returning uint16_t. For architectures using the generic altp2m.h header (such as ARM when CONFIG_VM_EVENT is enabled), common code calls to 'altp2m_vcpu_idx()' in common/monitor.c are guarded by 'altp2m_active()', which statically returns 'false'. The compiler's DCE will optimize out these calls, avoiding any linker issues for the missing definition. > > Jan BR, Dmytro.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.