[XEN,v2,0/3] xen: address violations of MISRA C:2012 Rule 13.1

Message

Simone Ballarin Nov. 24, 2023, 5:29 p.m. UTC

This series contains some changes and deviation to address
reports of MISRA C:2012 Rule 13.1:
Initializer lists shall not contain persistent side effects

An assignment has been moved outside the initializer lists, other
violations have been deviated with SAF comments.

Function calls do not necessarily have side-effects, in these cases this
patch proposes to add ECLAIR pure, const or noeffect attributes whenever
possible.

ECLAIR pure and const attributes have the same definition of the corresponding
GCC attributes, noeffect attribute has the following definition:
"like pure but can also read volatile variable not triggering side effects"

It has been decided to avoid GCC/clang attributes to avoid potentially
dangerous optimisations from the compiler.

Changes in v2:
- prefer ECLAIR attributes over GCC attributes;
- replace ECL deviations with equivalent SAF deviations;
- deviate violations caused by harmless volatile asm;
- deviate violations caused by debug and logging macros/functions.

Simone Ballarin (3):
  automation/eclair: tag function calls to address violations of MISRA
    C:2012 Rule 13.1
  xen/arm: add SAF deviation for debugging and logging effects
  xen: address violations of MISRA C:2012 Rule 13.1

 .../ECLAIR/call_properties.ecl                | 22 +++++++++++++++++++
 docs/misra/safe.json                          | 16 ++++++++++++++
 xen/arch/arm/device.c                         |  1 +
 xen/arch/arm/guestcopy.c                      |  4 ++++
 xen/arch/x86/hvm/hvm.c                        |  1 +
 xen/common/sched/core.c                       |  3 +++
 xen/drivers/char/ns16550.c                    |  6 +++--
 7 files changed, 51 insertions(+), 2 deletions(-)