[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [XEN PATCH 2/2] Address violation of MISRA C Rule 13.1 involving asm side effects.

To: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
From: Stefano Stabellini <sstabellini@xxxxxxxxxx>
Date: Fri, 15 Aug 2025 12:51:11 -0700 (PDT)
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, sstabellini@xxxxxxxxxx, consulting@xxxxxxxxxxx, dmytro_prokopchuk1@xxxxxxxx, andrew.cooper3@xxxxxxxxxx, jbeulich@xxxxxxxx, Doug Goldstein <cardoe@xxxxxxxxxx>
Delivery-date: Fri, 15 Aug 2025 19:51:22 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, 8 Aug 2025, Nicola Vetrini wrote:
> The rule states: "Initializer lists shall not contain persistent side 
> effects".
> The specific way in which the 'mrs' instruction is used does not lead to
> visible side effects for the surrounding code.
> 
> Signed-off-by: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>

Acked-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>

Ideally, with the improved doc as suggested by Dmytro.


> ---
> Not yet tested on the Xen ECLAIR runner, as the syntax used in the deviation
> is only supported after updating the runner.
> 
> What the tool is reporting is that due to the '=r' constraint and the
> semantics of the instruction, there is the side effect of writing to '_r',
> but this is not observable outside the stmt expr. The deviation ends up being
> a bit too general for my taste, but the restriction on the actual istruction
> should be enough to limit applicability to cases that are arguably safe in
> practice.
> 
> An alternative approach would be represented by stating that side effects in
> 'READ_SYSREG64' are safe, but this is not true in general.
> ---
>  automation/eclair_analysis/ECLAIR/deviations.ecl | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl 
> b/automation/eclair_analysis/ECLAIR/deviations.ecl
> index ec0cac797e5f..6b492e38505d 100644
> --- a/automation/eclair_analysis/ECLAIR/deviations.ecl
> +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
> @@ -437,6 +437,10 @@ write or not"
>  # Series 13
>  #
>  
> +-doc_begin="Consider the asm instruction to read an Arm system register to 
> have no side effects."
> +-asm_properties+={"asm(any())&&child(text, ast_field(value,^mrs\\s+%0.*$))", 
> {no_side_effect}}
> +-doc_end
> +
>  -doc_begin="All developers and reviewers can be safely assumed to be well 
> aware
>  of the short-circuit evaluation strategy of such logical operators."
>  -config=MC3A2.R13.5,reports+={disapplied,"any()"}
> -- 
> 2.43.0
>

References:
- [XEN PATCH 1/2] automation/eclair: ECLAIR configuration changes due to GitLab runner update
  - From: Nicola Vetrini
- [XEN PATCH 2/2] Address violation of MISRA C Rule 13.1 involving asm side effects.
  - From: Nicola Vetrini

Prev by Date: Re: [PATCH v4] misra: add deviations of MISRA C Rule 5.5
Next by Date: Re: [PATCH] misra: add missing noreturn attribute for __div0()
Previous by thread: Re: [XEN PATCH 2/2] Address violation of MISRA C Rule 13.1 involving asm side effects.
Next by thread: Re: [XEN PATCH 1/2] automation/eclair: ECLAIR configuration changes due to GitLab runner update
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.