[XEN,v2,1/7] xen/shutdown: address MISRA C:2012 Rule 2.1

Commit Message

Nicola Vetrini Dec. 18, 2023, 10:17 a.m. UTC

Given that 'hwdom_shutdown' is a noreturn function, unreachable
breaks can be eliminated to resolve violations of Rule 2.1.

The rename s/maybe_reboot/reboot_or_halt/ is done to clarify
that the function is noreturn.

No functional change.

Signed-off-by: Nicola Vetrini <nicola.vetrini@bugseng.com>
---
Changes in v2:
- rename maybe_reboot to reboot_or_halt.
---
 automation/eclair_analysis/ECLAIR/deviations.ecl |  2 +-
 xen/common/shutdown.c                            | 15 ++++-----------
 2 files changed, 5 insertions(+), 12 deletions(-)

Comments

Stefano Stabellini Dec. 19, 2023, 1:31 a.m. UTC | #1

On Mon, 18 Dec 2023, Nicola Vetrini wrote:
> Given that 'hwdom_shutdown' is a noreturn function, unreachable
> breaks can be eliminated to resolve violations of Rule 2.1.
> 
> The rename s/maybe_reboot/reboot_or_halt/ is done to clarify
> that the function is noreturn.
> 
> No functional change.
> 
> Signed-off-by: Nicola Vetrini <nicola.vetrini@bugseng.com>


Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>

Patch

diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/automation/eclair_analysis/ECLAIR/deviations.ecl
index 683f2bbfe89b..85741a2c01a9 100644
--- a/automation/eclair_analysis/ECLAIR/deviations.ecl
+++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
@@ -16,7 +16,7 @@  Constant expressions and unreachable branches of if and switch statements are ex
 
 -doc_begin="Unreachability caused by calls to the following functions or macros is deliberate and there is no risk of code being unexpectedly left out."
 -config=MC3R1.R2.1,statements+={deliberate,"macro(name(BUG||assert_failed))"}
--config=MC3R1.R2.1,statements+={deliberate, "call(decl(name(__builtin_unreachable||panic||do_unexpected_trap||machine_halt||machine_restart||maybe_reboot)))"}
+-config=MC3R1.R2.1,statements+={deliberate, "call(decl(name(__builtin_unreachable||panic||do_unexpected_trap||machine_halt||machine_restart||reboot_or_halt)))"}
 -doc_end
 
 -doc_begin="Unreachability inside an ASSERT_UNREACHABLE() and analogous macro calls is deliberate and safe."
diff --git a/xen/common/shutdown.c b/xen/common/shutdown.c
index 37901a4f3391..dfd5e41097e9 100644
--- a/xen/common/shutdown.c
+++ b/xen/common/shutdown.c
@@ -15,7 +15,7 @@ 
 bool __read_mostly opt_noreboot;
 boolean_param("noreboot", opt_noreboot);
 
-static void noreturn maybe_reboot(void)
+static void noreturn reboot_or_halt(void)
 {
     if ( opt_noreboot )
     {
@@ -38,39 +38,32 @@  void hwdom_shutdown(u8 reason)
         printk("Hardware Dom%u halted: halting machine\n",
                hardware_domain->domain_id);
         machine_halt();
-        break; /* not reached */
 
     case SHUTDOWN_crash:
         debugger_trap_immediate();
         printk("Hardware Dom%u crashed: ", hardware_domain->domain_id);
         kexec_crash(CRASHREASON_HWDOM);
-        maybe_reboot();
-        break; /* not reached */
+        reboot_or_halt();
 
     case SHUTDOWN_reboot:
         printk("Hardware Dom%u shutdown: rebooting machine\n",
                hardware_domain->domain_id);
         machine_restart(0);
-        break; /* not reached */
 
     case SHUTDOWN_watchdog:
         printk("Hardware Dom%u shutdown: watchdog rebooting machine\n",
                hardware_domain->domain_id);
         kexec_crash(CRASHREASON_WATCHDOG);
         machine_restart(0);
-        break; /* not reached */
 
     case SHUTDOWN_soft_reset:
         printk("Hardware domain %d did unsupported soft reset, rebooting.\n",
                hardware_domain->domain_id);
         machine_restart(0);
-        break; /* not reached */
 
     default:
         printk("Hardware Dom%u shutdown (unknown reason %u): ",
                hardware_domain->domain_id, reason);
-        maybe_reboot();
-        break; /* not reached */
+        reboot_or_halt();
     }
-}  
-
+}