From: Nicola Vetrini <nicola.vetrini@bugseng.com>
To: Jan Beulich <jbeulich@suse.com>
Cc: sstabellini@kernel.org, michal.orzel@amd.com,
xenia.ragiadakou@amd.com, ayan.kumar.halder@amd.com,
consulting@bugseng.com,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"George Dunlap" <george.dunlap@citrix.com>,
"Julien Grall" <julien@xen.org>, "Wei Liu" <wl@xen.org>,
"Roger Pau Monné" <roger.pau@citrix.com>,
xen-devel@lists.xenproject.org
Subject: Re: [XEN PATCH v2] x86/cpu-policy: justify a violation of MISRA C:2012 Rule 1.3
Date: Wed, 02 Aug 2023 12:01:40 +0200 [thread overview]
Message-ID: <796058860d0536799e40fc14f169efd2@bugseng.com> (raw)
In-Reply-To: <5ff38731-fed7-91eb-c933-28d191fb429b@suse.com>
On 02/08/2023 11:47, Jan Beulich wrote:
> On 02.08.2023 10:57, Nicola Vetrini wrote:
>> The empty feature set 'str_7c1' in 'tools/misc/xen-cpuid.c' causes the
>> struct declaration to have no named members, hence violating
>> Rule 1.3:
>> "There shall be no occurrence of undefined or critical unspecified
>> behaviour"
>> because it is forbidden by ISO/IEC 9899:1999(E), Section 6.7.2.1.7:
>> "If the struct-declaration-list contains no named
>> members, the behavior is undefined."
>>
>> Given that Xen is using an undocumented GCC extension that specifies
>> the
>> behaviour upon defining a struct with no named member, this construct
>> is
>> well-defined and thus it is marked as safe.
>
> Especially after realizing that I was wrong here (I was under the wrong
> impression that we'd generate a struct without members, when it's one
> without named members, yet [to me at least] only the former is a known
> gcc extension we use), I've sent an alternative proposal. Let's see
> whether in particular Andrew considers this acceptable.
>
Well, I don't know the exact discussion on this in that MISRA meeting
(25/07 iirc),
but the outcome I'm aware of was to deviate that construct because there
are possibly
others like that in other configurations/future patches. Anyway, this
usage does not
fall under gcc's documented extensions (either the one you mentioned or
the one about
unnamed fields, 6.63), but it does allow it (has a warning only on
-pedantic afaict),
hence why I put undocumented here.
In the meantime, I can test your patch to see if it has no unintended
impact on other code
w.r.t. Rule 1.3.
Regards,
--
Nicola Vetrini, BSc
Software Engineer, BUGSENG srl (https://bugseng.com)
next prev parent reply other threads:[~2023-08-02 10:02 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-02 8:57 [XEN PATCH v2] x86/cpu-policy: justify a violation of MISRA C:2012 Rule 1.3 Nicola Vetrini
2023-08-02 9:47 ` Jan Beulich
2023-08-02 10:01 ` Nicola Vetrini [this message]
2023-08-02 11:07 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=796058860d0536799e40fc14f169efd2@bugseng.com \
--to=nicola.vetrini@bugseng.com \
--cc=andrew.cooper3@citrix.com \
--cc=ayan.kumar.halder@amd.com \
--cc=consulting@bugseng.com \
--cc=george.dunlap@citrix.com \
--cc=jbeulich@suse.com \
--cc=julien@xen.org \
--cc=michal.orzel@amd.com \
--cc=roger.pau@citrix.com \
--cc=sstabellini@kernel.org \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
--cc=xenia.ragiadakou@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.