[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] misra: add ASSERT_UNREACHABLE() in default clauses

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
  • Date: Tue, 12 Aug 2025 11:55:29 +0200
  • Arc-authentication-results: i=1; bugseng.com; arc=none smtp.remote-ip=162.55.131.47
  • Arc-message-signature: i=1; d=bugseng.com; s=openarc; a=rsa-sha256; c=relaxed/relaxed; t=1754992529; h=DKIM-Signature:MIME-Version:Date:From:To:Cc:Subject:In-Reply-To: References:Message-ID:X-Sender:Organization:Content-Type: Content-Transfer-Encoding; bh=zgCLErdLpKs/wpfDwOMcpwvPL3ZgyljHBF8UneGlrrk=; b=apfakXfvuo2VLpd9x2uPMSj0wBevjoB2MGfM/oUX9CEY2UDFqGqTFP3PsgOJgZgKYCk2 Q/aiuz7u32rIVNR6tjMlh2qlttO4KEpIzD+uehfn9lJM351EzkmD3oFzQpCE72YVy3AbP cbnpALtTcXrotPn5FJrUUBzczhrRk4keFkER1i0xUY9ZEX5R7DuSBouo+nkKbS77az+3O J5/c4D34E069R8Vm7PqGtOYNe1HrTgcwNF57xeliH1QKWRFmNg1HIhq3tPuRDP8htShxy exvEDv6jy9IBs5vqYn2/yGc56Po/QA7wN6AaqnoSJvuBVXPYVBO6xtaM11UIeBZmua/Bm zpLmtT6oVYE+XHBMcRpprqsEZm0jYz0PN6S9DTIza3NnkQb2RILQs7j/AXjMHUw8RF5gE CDF3Z+lboSMolIi3oU4Vx4kCanZ+8rDg2Z8Ed25lCrmsuIIOugpquPWAq7JXVfBoQyWKF 1IfpwWt3XM5ke1ZZkkCSZM2kiJlnpamFrlGjOHj4gBDwY3gkjTW2gn6w66mbWtK72xBfB rRCz9z0jraESNjsjDyhbhviEaQcmliPtT8YfHI75Q6khFgQ1G+us/NuOhpEY5I5Ty7Xct RMqIwiGc0q0TaO/7CgXe1yJeLHvDdIxeLA0Qd7RLablK/rZ0PbydPvjmmMhLvyQ=
  • Arc-seal: i=1; d=bugseng.com; s=openarc; a=rsa-sha256; cv=none; t=1754992529; b=QpGX9XTTywofc4gI0da7rNhdizWJH4bqW2CjHmFHECTw014W2wDtg5xYnoEsils3FkM/ wX+Kz0MVJeGJUnZzZf4Yv8DBSX2A3+UyRNGFMpN6138btBKJV7xKzAfMSfMHmJ02XE0Ny rGML3AdHtq7mKLpQ1ZR0ob4nIC95GHO/EbVGGAFSH5jr09rMv1Yb46tpxpuDS8/vTuo/S 4Fnu78cJkRtRGXpIG74YeOVoiZDnBaUgHrk+ahGNzfZAxhY5syDCbcmJ78PX7N26mNV6T 5zscf9ZsHptPsJBP4/IIV96qW69MxQrykCA3JKRqNe08HLioiLal/PXj+DeMgnPaNjwyp xJb+2KYyfRee0rUIkQ9+dS1CJmG5m2/1oQlEXrO34GGnouzQ/RPzpv6A9GbR7a5u1GIPP nSXUydEORKT30HCCUorKuh3PqB5BqksleqX2eAAS9L9B+zCVa87UOMKBWkCW8B4qb50Lj 9WgwWn8QtCHO9LPxN4X9UIH0hoInOgGMvJmvyHChSv/9cg4Mqp/WNMbbBUdae0UxmknYm R+QJ6b3M9viUqZm6lGPF8BqcoSe8OzkgJ6jLW1BkC9/DME4r2IRmxohvg90FxvuTo+1GR q3sEnBvjPH5H17EHXoHGv3YMqtOkzK9JnCaqzToh9EkGbyUZj9FyCl1+nlXI0lo=
  • Authentication-results: bugseng.com; arc=none smtp.remote-ip=162.55.131.47
  • Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>
  • Delivery-date: Tue, 12 Aug 2025 09:55:36 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 2025-08-12 09:25, Jan Beulich wrote:

On 11.08.2025 23:25, Nicola Vetrini wrote:

On 2025-08-11 22:30, Dmytro Prokopchuk1 wrote:

--- a/xen/arch/arm/decode.c
+++ b/xen/arch/arm/decode.c
@@ -178,6 +178,9 @@ static int decode_thumb(register_t pc, struct
hsr_dabt *dabt)
         case 3: /* Signed byte */
             update_dabt(dabt, reg, 0, true);
             break;
+        default:
+            ASSERT_UNREACHABLE();
+            break;
         }



I think this is fine, and there should be no problems with the break
being unreachable in some configs due to the call property for
ASSERT_UNREACHABLE
-doc_begin="Calls to function `__builtin_unreachable()' in the expansion 
of macro
`ASSERT_UNREACHABLE()' are not considered to have the `noreturn'
property."
-call_properties+={"name(__builtin_unreachable)&&stmt(begin(any_exp(macro(name(ASSERT_UNREACHABLE)))))",
{"noreturn(false)"}}
-doc_end


Did you also see Julien's reply? Imo, to address a complaint from one
rule, another rule is then being violated: The "default" label itself
is unreachable here.

Jan
Unfortunately only after sending my reply, however the point here is that ASSERT_UNREACHABLE() is now considered as if it was not actually a source of unreachability for any statement below (which is the case only in configurations where NDEBUG is undefined iirc). This was done mainly to allow stubs for Rule 2.1 so that their return statement just after an ASSERT_UNREACHABLE() is not seen as a problem, but given that the configuration to obtain that is global it influences treatment for other rules as well, and its addition is relatively recent compared to the text written in rules.rst. 

--
Nicola Vetrini, B.Sc.
Software Engineer
BUGSENG (https://bugseng.com)
LinkedIn: https://www.linkedin.com/in/nicola-vetrini-a42471253

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.