From patchwork Mon Dec 18 10:17:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicola Vetrini X-Patchwork-Id: 13496519 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DFB2FC35274 for ; Mon, 18 Dec 2023 10:17:56 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.655802.1023598 (Exim 4.92) (envelope-from ) id 1rFAgw-0005LO-W2; Mon, 18 Dec 2023 10:17:42 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 655802.1023598; Mon, 18 Dec 2023 10:17:42 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAgw-0005LD-TN; Mon, 18 Dec 2023 10:17:42 +0000 Received: by outflank-mailman (input) for mailman id 655802; Mon, 18 Dec 2023 10:17:41 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAgv-00055P-Ki for xen-devel@lists.xenproject.org; Mon, 18 Dec 2023 10:17:41 +0000 Received: from support.bugseng.com (mail.bugseng.com [162.55.131.47]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id ac6cff72-9d8e-11ee-9b0f-b553b5be7939; Mon, 18 Dec 2023 11:17:40 +0100 (CET) Received: from nico.bugseng.com (unknown [147.123.100.131]) by support.bugseng.com (Postfix) with ESMTPSA id 81AEE4EE0747; Mon, 18 Dec 2023 11:17:38 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ac6cff72-9d8e-11ee-9b0f-b553b5be7939 From: Nicola Vetrini To: xen-devel@lists.xenproject.org Cc: consulting@bugseng.com, Nicola Vetrini , Simone Ballarin , Doug Goldstein , Stefano Stabellini , Andrew Cooper , George Dunlap , Jan Beulich , Julien Grall , Wei Liu Subject: [XEN PATCH v2 1/7] xen/shutdown: address MISRA C:2012 Rule 2.1 Date: Mon, 18 Dec 2023 11:17:27 +0100 Message-Id: <22881ed8e7e28d66a730deb8812b6a4b7becc750.1702891792.git.nicola.vetrini@bugseng.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 Given that 'hwdom_shutdown' is a noreturn function, unreachable breaks can be eliminated to resolve violations of Rule 2.1. The rename s/maybe_reboot/reboot_or_halt/ is done to clarify that the function is noreturn. No functional change. Signed-off-by: Nicola Vetrini Reviewed-by: Stefano Stabellini --- Changes in v2: - rename maybe_reboot to reboot_or_halt. --- automation/eclair_analysis/ECLAIR/deviations.ecl | 2 +- xen/common/shutdown.c | 15 ++++----------- 2 files changed, 5 insertions(+), 12 deletions(-) diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/automation/eclair_analysis/ECLAIR/deviations.ecl index 683f2bbfe89b..85741a2c01a9 100644 --- a/automation/eclair_analysis/ECLAIR/deviations.ecl +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl @@ -16,7 +16,7 @@ Constant expressions and unreachable branches of if and switch statements are ex -doc_begin="Unreachability caused by calls to the following functions or macros is deliberate and there is no risk of code being unexpectedly left out." -config=MC3R1.R2.1,statements+={deliberate,"macro(name(BUG||assert_failed))"} --config=MC3R1.R2.1,statements+={deliberate, "call(decl(name(__builtin_unreachable||panic||do_unexpected_trap||machine_halt||machine_restart||maybe_reboot)))"} +-config=MC3R1.R2.1,statements+={deliberate, "call(decl(name(__builtin_unreachable||panic||do_unexpected_trap||machine_halt||machine_restart||reboot_or_halt)))"} -doc_end -doc_begin="Unreachability inside an ASSERT_UNREACHABLE() and analogous macro calls is deliberate and safe." diff --git a/xen/common/shutdown.c b/xen/common/shutdown.c index 37901a4f3391..dfd5e41097e9 100644 --- a/xen/common/shutdown.c +++ b/xen/common/shutdown.c @@ -15,7 +15,7 @@ bool __read_mostly opt_noreboot; boolean_param("noreboot", opt_noreboot); -static void noreturn maybe_reboot(void) +static void noreturn reboot_or_halt(void) { if ( opt_noreboot ) { @@ -38,39 +38,32 @@ void hwdom_shutdown(u8 reason) printk("Hardware Dom%u halted: halting machine\n", hardware_domain->domain_id); machine_halt(); - break; /* not reached */ case SHUTDOWN_crash: debugger_trap_immediate(); printk("Hardware Dom%u crashed: ", hardware_domain->domain_id); kexec_crash(CRASHREASON_HWDOM); - maybe_reboot(); - break; /* not reached */ + reboot_or_halt(); case SHUTDOWN_reboot: printk("Hardware Dom%u shutdown: rebooting machine\n", hardware_domain->domain_id); machine_restart(0); - break; /* not reached */ case SHUTDOWN_watchdog: printk("Hardware Dom%u shutdown: watchdog rebooting machine\n", hardware_domain->domain_id); kexec_crash(CRASHREASON_WATCHDOG); machine_restart(0); - break; /* not reached */ case SHUTDOWN_soft_reset: printk("Hardware domain %d did unsupported soft reset, rebooting.\n", hardware_domain->domain_id); machine_restart(0); - break; /* not reached */ default: printk("Hardware Dom%u shutdown (unknown reason %u): ", hardware_domain->domain_id, reason); - maybe_reboot(); - break; /* not reached */ + reboot_or_halt(); } -} - +} From patchwork Mon Dec 18 10:17:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicola Vetrini X-Patchwork-Id: 13496515 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 4845FC46CCD for ; Mon, 18 Dec 2023 10:17:55 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.655803.1023602 (Exim 4.92) (envelope-from ) id 1rFAgx-0005O0-8T; Mon, 18 Dec 2023 10:17:43 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 655803.1023602; Mon, 18 Dec 2023 10:17:43 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAgx-0005NF-3f; Mon, 18 Dec 2023 10:17:43 +0000 Received: by outflank-mailman (input) for mailman id 655803; Mon, 18 Dec 2023 10:17:42 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAgv-00055V-V8 for xen-devel@lists.xenproject.org; Mon, 18 Dec 2023 10:17:41 +0000 Received: from support.bugseng.com (mail.bugseng.com [162.55.131.47]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id ad1d3069-9d8e-11ee-98eb-6d05b1d4d9a1; Mon, 18 Dec 2023 11:17:41 +0100 (CET) Received: from nico.bugseng.com (unknown [147.123.100.131]) by support.bugseng.com (Postfix) with ESMTPSA id 103064EE0C81; Mon, 18 Dec 2023 11:17:39 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ad1d3069-9d8e-11ee-98eb-6d05b1d4d9a1 From: Nicola Vetrini To: xen-devel@lists.xenproject.org Cc: consulting@bugseng.com, Nicola Vetrini , Jan Beulich , Andrew Cooper , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Wei Liu Subject: [XEN PATCH v2 2/7] x86/mm: address MISRA C:2012 Rule 2.1 Date: Mon, 18 Dec 2023 11:17:28 +0100 Message-Id: <1cd82cf19a613a122a770bf6670e681ca7fccd44.1702891792.git.nicola.vetrini@bugseng.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 The "return 0" after the swich statement in 'xen/arch/x86/mm.c' is unreachable because all switch clauses end with returns, and can thus be dropped. No functional changes. Signed-off-by: Nicola Vetrini Reviewed-by: Stefano Stabellini --- Changes in v2: - Drop the final return instead. A stripped-down version of this switch has been tested on godbolt.org with gcc-4.1.2 and shows no compile-time issues. --- xen/arch/x86/mm.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c index 0a66db10b959..49d9f371f35c 100644 --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -4887,8 +4887,6 @@ long arch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) default: return subarch_memory_op(cmd, arg); } - - return 0; } int cf_check mmio_ro_emulated_write( From patchwork Mon Dec 18 10:17:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicola Vetrini X-Patchwork-Id: 13496520 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3C325C4706C for ; Mon, 18 Dec 2023 10:17:57 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.655804.1023618 (Exim 4.92) (envelope-from ) id 1rFAgy-0005pA-Fa; Mon, 18 Dec 2023 10:17:44 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 655804.1023618; Mon, 18 Dec 2023 10:17:44 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAgy-0005p1-C6; Mon, 18 Dec 2023 10:17:44 +0000 Received: by outflank-mailman (input) for mailman id 655804; Mon, 18 Dec 2023 10:17:42 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAgw-00055V-T3 for xen-devel@lists.xenproject.org; Mon, 18 Dec 2023 10:17:42 +0000 Received: from support.bugseng.com (mail.bugseng.com [162.55.131.47]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id addb1bd8-9d8e-11ee-98eb-6d05b1d4d9a1; Mon, 18 Dec 2023 11:17:42 +0100 (CET) Received: from nico.bugseng.com (unknown [147.123.100.131]) by support.bugseng.com (Postfix) with ESMTPSA id 301BB4EE0C8A; Mon, 18 Dec 2023 11:17:41 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: addb1bd8-9d8e-11ee-98eb-6d05b1d4d9a1 From: Nicola Vetrini To: xen-devel@lists.xenproject.org Cc: consulting@bugseng.com, Nicola Vetrini , Stefano Stabellini , Julien Grall , Bertrand Marquis , Michal Orzel , Volodymyr Babchuk Subject: [XEN PATCH v2 3/7] xen/arm: address MISRA C:2012 Rule 2.1 Date: Mon, 18 Dec 2023 11:17:29 +0100 Message-Id: <06857c133d1db8ab3a2eec5e0363be4358a0ec81.1702891792.git.nicola.vetrini@bugseng.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 There are no paths that can reach the last return statement of function 'vgic_v3_its_mmio_write' in 'vcig-v3-its.c' and 'arch_memory_op' in 'arch/arm/mm.c', thus violating MISRA C:2012 Rule 2.1: "A project shall not contain unreachable code". Therefore, an ASSERT_UNREACHABLE() is inserted to remove the unreachable return statement and protect against possible mistakes. Signed-off-by: Nicola Vetrini Reviewed-by: Stefano Stabellini --- Changes in v2: - Changed resolution strategy to have an ASSERT_UNREACHABLE() before the return. --- xen/arch/arm/mm.c | 1 + xen/arch/arm/vgic-v3-its.c | 1 + 2 files changed, 2 insertions(+) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index eeb65ca6bb79..b15a18a49412 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -283,6 +283,7 @@ long arch_memory_op(int op, XEN_GUEST_HANDLE_PARAM(void) arg) return -ENOSYS; } + ASSERT_UNREACHABLE(); return 0; } diff --git a/xen/arch/arm/vgic-v3-its.c b/xen/arch/arm/vgic-v3-its.c index 05429030b539..70b5aeb82219 100644 --- a/xen/arch/arm/vgic-v3-its.c +++ b/xen/arch/arm/vgic-v3-its.c @@ -1409,6 +1409,7 @@ static int vgic_v3_its_mmio_write(struct vcpu *v, mmio_info_t *info, return 0; } + ASSERT_UNREACHABLE(); return 1; write_ignore_64: From patchwork Mon Dec 18 10:17:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicola Vetrini X-Patchwork-Id: 13496514 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 77E1EC35274 for ; Mon, 18 Dec 2023 10:17:54 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.655805.1023628 (Exim 4.92) (envelope-from ) id 1rFAh0-00066y-On; Mon, 18 Dec 2023 10:17:46 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 655805.1023628; Mon, 18 Dec 2023 10:17:46 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAh0-00066l-JT; Mon, 18 Dec 2023 10:17:46 +0000 Received: by outflank-mailman (input) for mailman id 655805; Mon, 18 Dec 2023 10:17:45 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAgz-00055P-4s for xen-devel@lists.xenproject.org; Mon, 18 Dec 2023 10:17:45 +0000 Received: from support.bugseng.com (mail.bugseng.com [162.55.131.47]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id ae7ffbaf-9d8e-11ee-9b0f-b553b5be7939; Mon, 18 Dec 2023 11:17:43 +0100 (CET) Received: from nico.bugseng.com (unknown [147.123.100.131]) by support.bugseng.com (Postfix) with ESMTPSA id 674F14EE0C8D; Mon, 18 Dec 2023 11:17:42 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ae7ffbaf-9d8e-11ee-9b0f-b553b5be7939 From: Nicola Vetrini To: xen-devel@lists.xenproject.org Cc: consulting@bugseng.com, Nicola Vetrini , Stefano Stabellini , Julien Grall , Bertrand Marquis , Michal Orzel , Volodymyr Babchuk Subject: [XEN PATCH v2 4/7] xen/arm: traps: add ASSERT_UNREACHABLE() where needed Date: Mon, 18 Dec 2023 11:17:30 +0100 Message-Id: <02070d1bb4bfc0e88d548a529bef8bedab5b3488.1702891792.git.nicola.vetrini@bugseng.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 The statements after a call to the noreturn function 'do_unexpected_trap' can't be reached, thus violating MISRA C:2012 Rule 2.1 ("A project shall not contain unreachable code."). ASSERT_UNREACHABLE() is used to signal that the unreachable break-s are used as a defensive coding measure to prevent inadvertent fallthrough. Signed-off-by: Nicola Vetrini Reviewed-by: Stefano Stabellini --- Changes in v2: - Use ASSERT_UNREACHABLE() to prevent mistakes. --- xen/arch/arm/traps.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 3784e8276ef6..77220ba0927a 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -2152,6 +2152,7 @@ void do_trap_hyp_sync(struct cpu_user_regs *regs) case HSR_EC_SVE: /* An SVE exception is a bug somewhere in hypervisor code */ do_unexpected_trap("SVE trap at EL2", regs); + ASSERT_UNREACHABLE(); break; #endif case HSR_EC_DATA_ABORT_CURR_EL: @@ -2171,7 +2172,7 @@ void do_trap_hyp_sync(struct cpu_user_regs *regs) dump_hyp_walk(get_hfar(is_data)); do_unexpected_trap(fault, regs); - + ASSERT_UNREACHABLE(); break; } default: From patchwork Mon Dec 18 10:17:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicola Vetrini X-Patchwork-Id: 13496518 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id AC258C46CD7 for ; Mon, 18 Dec 2023 10:17:56 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.655806.1023634 (Exim 4.92) (envelope-from ) id 1rFAh1-0006BV-83; Mon, 18 Dec 2023 10:17:47 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 655806.1023634; Mon, 18 Dec 2023 10:17:47 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAh1-0006B7-0C; Mon, 18 Dec 2023 10:17:47 +0000 Received: by outflank-mailman (input) for mailman id 655806; Mon, 18 Dec 2023 10:17:45 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAgz-00055V-7C for xen-devel@lists.xenproject.org; Mon, 18 Dec 2023 10:17:45 +0000 Received: from support.bugseng.com (mail.bugseng.com [162.55.131.47]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id af30754f-9d8e-11ee-98eb-6d05b1d4d9a1; Mon, 18 Dec 2023 11:17:44 +0100 (CET) Received: from nico.bugseng.com (unknown [147.123.100.131]) by support.bugseng.com (Postfix) with ESMTPSA id 84A224EE0746; Mon, 18 Dec 2023 11:17:43 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: af30754f-9d8e-11ee-98eb-6d05b1d4d9a1 From: Nicola Vetrini To: xen-devel@lists.xenproject.org Cc: consulting@bugseng.com, Nicola Vetrini , Jan Beulich , Andrew Cooper , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Wei Liu Subject: [XEN PATCH v2 5/7] x86/platform: removed break to address MISRA C:2012 Rule 2.1 Date: Mon, 18 Dec 2023 11:17:31 +0100 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 The break statement is redundant, hence it can be removed. Signed-off-by: Nicola Vetrini Reviewed-by: Stefano Stabellini --- Changes in v2: - Remove the outer break, instead of the inner one. --- xen/arch/x86/platform_hypercall.c | 1 - 1 file changed, 1 deletion(-) diff --git a/xen/arch/x86/platform_hypercall.c b/xen/arch/x86/platform_hypercall.c index 4dde71db275c..7a2e4b9b603e 100644 --- a/xen/arch/x86/platform_hypercall.c +++ b/xen/arch/x86/platform_hypercall.c @@ -725,7 +725,6 @@ ret_t do_platform_op( 0, cpu_down_helper, (void *)(unsigned long)cpu); break; } - break; case XENPF_cpu_hotadd: ret = xsm_resource_plug_core(XSM_HOOK); From patchwork Mon Dec 18 10:17:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicola Vetrini X-Patchwork-Id: 13496516 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 66054C46CA2 for ; Mon, 18 Dec 2023 10:17:55 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.655807.1023639 (Exim 4.92) (envelope-from ) id 1rFAh1-0006Ha-J2; Mon, 18 Dec 2023 10:17:47 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 655807.1023639; Mon, 18 Dec 2023 10:17:47 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAh1-0006GI-BI; Mon, 18 Dec 2023 10:17:47 +0000 Received: by outflank-mailman (input) for mailman id 655807; Mon, 18 Dec 2023 10:17:46 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAh0-00055V-Fw for xen-devel@lists.xenproject.org; Mon, 18 Dec 2023 10:17:46 +0000 Received: from support.bugseng.com (mail.bugseng.com [162.55.131.47]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id affa4c52-9d8e-11ee-98eb-6d05b1d4d9a1; Mon, 18 Dec 2023 11:17:46 +0100 (CET) Received: from nico.bugseng.com (unknown [147.123.100.131]) by support.bugseng.com (Postfix) with ESMTPSA id A4D0C4EE0747; Mon, 18 Dec 2023 11:17:44 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: affa4c52-9d8e-11ee-98eb-6d05b1d4d9a1 From: Nicola Vetrini To: xen-devel@lists.xenproject.org Cc: consulting@bugseng.com, Nicola Vetrini , Stefano Stabellini , Julien Grall , Bertrand Marquis , Michal Orzel , Volodymyr Babchuk Subject: [XEN PATCH v2 6/7] xen/arm: vcpreg: address violation of MISRA C Rule 2.1 Date: Mon, 18 Dec 2023 11:17:32 +0100 Message-Id: <9816362a11aeb7b9618500dea9bbf32e4b5483a9.1702891792.git.nicola.vetrini@bugseng.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 There is no path that reaches the call to 'advance_pc', thus violating MISRA C Rule 2.1. A call to ASSERT_UNREACHABLE() is added after the switch, despite this being useful to detect errors only in debug builds; if that marker is ever reached, a domain crash is triggered, as a defensive coding measure. No functional change. Signed-off-by: Julien Grall Signed-off-by: Nicola Vetrini Reviewed-by: Stefano Stabellini --- The code changes (including the comment) were made by Julien in [1]; I added the commit text and all other informations. All the switch clauses, when expanded, end with a return statement and the default clause has an unconditional return, therefore advance_pc() is never reached. However, it has been deemed safer to crash the domain if the switch is ever exited. [1] https://lore.kernel.org/xen-devel/alpine.DEB.2.22.394.2312151232580.3175268@ubuntu-linux-20-04-desktop/T/#maa91d8025532455a6317119a1e4affa00a99e1ce --- xen/arch/arm/vcpreg.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/xen/arch/arm/vcpreg.c b/xen/arch/arm/vcpreg.c index 39aeda9dab62..a2d050070473 100644 --- a/xen/arch/arm/vcpreg.c +++ b/xen/arch/arm/vcpreg.c @@ -707,8 +707,14 @@ void do_cp10(struct cpu_user_regs *regs, const union hsr hsr) inject_undef_exception(regs, hsr); return; } - - advance_pc(regs, hsr); + + /* + * All the cases in the switch should return. If this is not the + * case, then something went wrong and it is best to crash the + * domain. + */ + ASSERT_UNREACHABLE(); + domain_crash(current->domain); } void do_cp(struct cpu_user_regs *regs, const union hsr hsr) From patchwork Mon Dec 18 10:17:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicola Vetrini X-Patchwork-Id: 13496521 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9389FC46CD8 for ; Mon, 18 Dec 2023 10:17:58 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.655808.1023656 (Exim 4.92) (envelope-from ) id 1rFAh3-0006sZ-9H; Mon, 18 Dec 2023 10:17:49 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 655808.1023656; Mon, 18 Dec 2023 10:17:49 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAh3-0006rh-4d; Mon, 18 Dec 2023 10:17:49 +0000 Received: by outflank-mailman (input) for mailman id 655808; Mon, 18 Dec 2023 10:17:47 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rFAh1-00055V-Fm for xen-devel@lists.xenproject.org; Mon, 18 Dec 2023 10:17:47 +0000 Received: from support.bugseng.com (mail.bugseng.com [162.55.131.47]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id b0979b7a-9d8e-11ee-98eb-6d05b1d4d9a1; Mon, 18 Dec 2023 11:17:47 +0100 (CET) Received: from nico.bugseng.com (unknown [147.123.100.131]) by support.bugseng.com (Postfix) with ESMTPSA id 0196E4EE0746; Mon, 18 Dec 2023 11:17:45 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: b0979b7a-9d8e-11ee-98eb-6d05b1d4d9a1 From: Nicola Vetrini To: xen-devel@lists.xenproject.org Cc: consulting@bugseng.com, Nicola Vetrini , Simone Ballarin , Doug Goldstein , Stefano Stabellini Subject: [XEN PATCH v2 7/7] automation/eclair_analysis: avoid violation of MISRA Rule 2.1 Date: Mon, 18 Dec 2023 11:17:33 +0100 Message-Id: <6bf425b3d01dc16297ef45e58c03b3ffd803b9e0.1702891792.git.nicola.vetrini@bugseng.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 The presence of an unlinked object file triggers a violation of MISRA C Rule 2.1, which is deviated, as it's not part of the final Xen binary. No functional change. Signed-off-by: Nicola Vetrini Acked-by: Stefano Stabellini --- automation/eclair_analysis/ECLAIR/deviations.ecl | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/automation/eclair_analysis/ECLAIR/deviations.ecl index 85741a2c01a9..e3de0fb2adf8 100644 --- a/automation/eclair_analysis/ECLAIR/deviations.ecl +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl @@ -28,6 +28,11 @@ not executable, and therefore it is safe for them to be unreachable." -config=MC3R1.R2.1,ignored_stmts+={"any()", "pure_decl()"} -doc_end ++-doc_begin="The following autogenerated file is not linked deliberately." ++-file_tag+={C_runtime_failures,"^automation/eclair_analysis/C-runtime-failures\\.rst\\.c$"} ++-config=MC3R1.R2.1,reports+={deliberate, "any_area(any_loc(file(C_runtime_failures)))"} ++-doc_end + -doc_begin="Proving compliance with respect to Rule 2.2 is generally impossible: see https://arxiv.org/abs/2212.13933 for details. Moreover, peer review gives us confidence that no evidence of errors in the program's logic has been missed due