xen/arch/x86/irq.c | 3 ++- xen/arch/x86/time.c | 6 ++++-- xen/drivers/passthrough/amd/iommu_intr.c | 3 ++- 3 files changed, 8 insertions(+), 4 deletions(-)
MISRA Rule 13.6 doesn't like having an expression in a sizeof() which
potentially has side effects.
Address several violations by pulling the expression out into a local
variable.
No functional change.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Roberto Bagnara <roberto.bagnara@bugseng.com>
CC: consulting@bugseng.com <consulting@bugseng.com>
Slightly RFC.
---
xen/arch/x86/irq.c | 3 ++-
xen/arch/x86/time.c | 6 ++++--
xen/drivers/passthrough/amd/iommu_intr.c | 3 ++-
3 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/xen/arch/x86/irq.c b/xen/arch/x86/irq.c
index 0487f734a5d2..d73f687f7617 100644
--- a/xen/arch/x86/irq.c
+++ b/xen/arch/x86/irq.c
@@ -1150,8 +1150,9 @@ static void cf_check irq_guest_eoi_timer_fn(void *data)
{
struct domain *d = action->guest[i];
unsigned int pirq = domain_irq_to_pirq(d, irq);
+ struct pirq *pirq_info = pirq_info(d, pirq);
- if ( test_and_clear_bool(pirq_info(d, pirq)->masked) )
+ if ( test_and_clear_bool(pirq_info->masked) )
action->in_flight--;
}
diff --git a/xen/arch/x86/time.c b/xen/arch/x86/time.c
index 60870047894b..6f136f4b14bf 100644
--- a/xen/arch/x86/time.c
+++ b/xen/arch/x86/time.c
@@ -2503,7 +2503,9 @@ static long cmos_utc_offset; /* in seconds */
int time_suspend(void)
{
- if ( smp_processor_id() == 0 )
+ unsigned int cpu = smp_processor_id();
+
+ if ( cpu == 0 )
{
cmos_utc_offset = -get_wallclock_time();
cmos_utc_offset += get_sec();
@@ -2514,7 +2516,7 @@ int time_suspend(void)
}
/* Better to cancel calibration timer for accuracy. */
- clear_bit(TIME_CALIBRATE_SOFTIRQ, &softirq_pending(smp_processor_id()));
+ clear_bit(TIME_CALIBRATE_SOFTIRQ, &softirq_pending(cpu));
return 0;
}
diff --git a/xen/drivers/passthrough/amd/iommu_intr.c b/xen/drivers/passthrough/amd/iommu_intr.c
index d9eefcd8e411..7fc796dec25b 100644
--- a/xen/drivers/passthrough/amd/iommu_intr.c
+++ b/xen/drivers/passthrough/amd/iommu_intr.c
@@ -183,6 +183,7 @@ static void free_intremap_entry(const struct amd_iommu *iommu,
unsigned int bdf, unsigned int index)
{
union irte_ptr entry = get_intremap_entry(iommu, bdf, index);
+ struct ivrs_mappings *ivrs = get_ivrs_mappings(iommu->seg);
if ( iommu->ctrl.ga_en )
{
@@ -201,7 +202,7 @@ static void free_intremap_entry(const struct amd_iommu *iommu,
else
ACCESS_ONCE(entry.ptr32->raw) = 0;
- __clear_bit(index, get_ivrs_mappings(iommu->seg)[bdf].intremap_inuse);
+ __clear_bit(index, ivrs[bdf].intremap_inuse);
}
static void update_intremap_entry(const struct amd_iommu *iommu,
base-commit: 7a09966e7b2823b70f6d56d0cf66c11124f4a3c1
--
2.30.2
On 02.04.2024 17:43, Andrew Cooper wrote:
> MISRA Rule 13.6 doesn't like having an expression in a sizeof() which
> potentially has side effects.
>
> Address several violations by pulling the expression out into a local
> variable.
>
> No functional change.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
with one caveat:
> --- a/xen/arch/x86/irq.c
> +++ b/xen/arch/x86/irq.c
> @@ -1150,8 +1150,9 @@ static void cf_check irq_guest_eoi_timer_fn(void *data)
> {
> struct domain *d = action->guest[i];
> unsigned int pirq = domain_irq_to_pirq(d, irq);
> + struct pirq *pirq_info = pirq_info(d, pirq);
Misra won't like the var's name matching the macro's. Can we go with just
"info"?
Jan
On 02/04/2024 4:46 pm, Jan Beulich wrote:
> On 02.04.2024 17:43, Andrew Cooper wrote:
>> MISRA Rule 13.6 doesn't like having an expression in a sizeof() which
>> potentially has side effects.
>>
>> Address several violations by pulling the expression out into a local
>> variable.
>>
>> No functional change.
>>
>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> Reviewed-by: Jan Beulich <jbeulich@suse.com>
> with one caveat:
>
>> --- a/xen/arch/x86/irq.c
>> +++ b/xen/arch/x86/irq.c
>> @@ -1150,8 +1150,9 @@ static void cf_check irq_guest_eoi_timer_fn(void *data)
>> {
>> struct domain *d = action->guest[i];
>> unsigned int pirq = domain_irq_to_pirq(d, irq);
>> + struct pirq *pirq_info = pirq_info(d, pirq);
> Misra won't like the var's name matching the macro's. Can we go with just
> "info"?
Ah - missed that.
I can name it to just info, but I considered "struct pirq *info" to be a
little odd.
~Andrew
On 02/04/24 17:54, Andrew Cooper wrote:
> On 02/04/2024 4:46 pm, Jan Beulich wrote:
>> On 02.04.2024 17:43, Andrew Cooper wrote:
>>> MISRA Rule 13.6 doesn't like having an expression in a sizeof() which
>>> potentially has side effects.
>>>
>>> Address several violations by pulling the expression out into a local
>>> variable.
>>>
>>> No functional change.
>>>
>>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
>> Reviewed-by: Jan Beulich <jbeulich@suse.com>
>> with one caveat:
>>
>>> --- a/xen/arch/x86/irq.c
>>> +++ b/xen/arch/x86/irq.c
>>> @@ -1150,8 +1150,9 @@ static void cf_check irq_guest_eoi_timer_fn(void *data)
>>> {
>>> struct domain *d = action->guest[i];
>>> unsigned int pirq = domain_irq_to_pirq(d, irq);
>>> + struct pirq *pirq_info = pirq_info(d, pirq);
>> Misra won't like the var's name matching the macro's. Can we go with just
>> "info"?
>
> Ah - missed that.
>
> I can name it to just info, but I considered "struct pirq *info" to be a
> little odd.
The local variable is a non-callable entity;
"clashes" between function-like macros and non-callable entities
will be deviated (as agreed during MISRA meetings).
--
Federico Serafini, M.Sc.
Software Engineer, BUGSENG (http://bugseng.com)
On 02.04.2024 17:54, Andrew Cooper wrote:
> On 02/04/2024 4:46 pm, Jan Beulich wrote:
>> On 02.04.2024 17:43, Andrew Cooper wrote:
>>> MISRA Rule 13.6 doesn't like having an expression in a sizeof() which
>>> potentially has side effects.
>>>
>>> Address several violations by pulling the expression out into a local
>>> variable.
>>>
>>> No functional change.
>>>
>>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
>> Reviewed-by: Jan Beulich <jbeulich@suse.com>
>> with one caveat:
>>
>>> --- a/xen/arch/x86/irq.c
>>> +++ b/xen/arch/x86/irq.c
>>> @@ -1150,8 +1150,9 @@ static void cf_check irq_guest_eoi_timer_fn(void *data)
>>> {
>>> struct domain *d = action->guest[i];
>>> unsigned int pirq = domain_irq_to_pirq(d, irq);
>>> + struct pirq *pirq_info = pirq_info(d, pirq);
>> Misra won't like the var's name matching the macro's. Can we go with just
>> "info"?
>
> Ah - missed that.
>
> I can name it to just info, but I considered "struct pirq *info" to be a
> little odd.
I agree, but what do you do with another "pirq" already there.
Or wait, what about
struct pirq *pirq = pirq_info(d, domain_irq_to_pirq(d, irq));
?
Jan
On 02/04/2024 5:06 pm, Jan Beulich wrote:
> On 02.04.2024 17:54, Andrew Cooper wrote:
>> On 02/04/2024 4:46 pm, Jan Beulich wrote:
>>> On 02.04.2024 17:43, Andrew Cooper wrote:
>>>> MISRA Rule 13.6 doesn't like having an expression in a sizeof() which
>>>> potentially has side effects.
>>>>
>>>> Address several violations by pulling the expression out into a local
>>>> variable.
>>>>
>>>> No functional change.
>>>>
>>>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
>>> Reviewed-by: Jan Beulich <jbeulich@suse.com>
>>> with one caveat:
>>>
>>>> --- a/xen/arch/x86/irq.c
>>>> +++ b/xen/arch/x86/irq.c
>>>> @@ -1150,8 +1150,9 @@ static void cf_check irq_guest_eoi_timer_fn(void *data)
>>>> {
>>>> struct domain *d = action->guest[i];
>>>> unsigned int pirq = domain_irq_to_pirq(d, irq);
>>>> + struct pirq *pirq_info = pirq_info(d, pirq);
>>> Misra won't like the var's name matching the macro's. Can we go with just
>>> "info"?
>> Ah - missed that.
>>
>> I can name it to just info, but I considered "struct pirq *info" to be a
>> little odd.
> I agree, but what do you do with another "pirq" already there.
>
> Or wait, what about
>
> struct pirq *pirq = pirq_info(d, domain_irq_to_pirq(d, irq));
>
> ?
That should work. I'll switch to this locally, and wait for the
feedback on whether the patch works for 13.6.
~Andrew
On 02/04/24 18:09, Andrew Cooper wrote:
> On 02/04/2024 5:06 pm, Jan Beulich wrote:
>> On 02.04.2024 17:54, Andrew Cooper wrote:
>>> On 02/04/2024 4:46 pm, Jan Beulich wrote:
>>>> On 02.04.2024 17:43, Andrew Cooper wrote:
>>>>> MISRA Rule 13.6 doesn't like having an expression in a sizeof() which
>>>>> potentially has side effects.
>>>>>
>>>>> Address several violations by pulling the expression out into a local
>>>>> variable.
>>>>>
>>>>> No functional change.
>>>>>
>>>>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
>>>> Reviewed-by: Jan Beulich <jbeulich@suse.com>
>>>> with one caveat:
>>>>
>>>>> --- a/xen/arch/x86/irq.c
>>>>> +++ b/xen/arch/x86/irq.c
>>>>> @@ -1150,8 +1150,9 @@ static void cf_check irq_guest_eoi_timer_fn(void *data)
>>>>> {
>>>>> struct domain *d = action->guest[i];
>>>>> unsigned int pirq = domain_irq_to_pirq(d, irq);
>>>>> + struct pirq *pirq_info = pirq_info(d, pirq);
>>>> Misra won't like the var's name matching the macro's. Can we go with just
>>>> "info"?
>>> Ah - missed that.
>>>
>>> I can name it to just info, but I considered "struct pirq *info" to be a
>>> little odd.
>> I agree, but what do you do with another "pirq" already there.
>>
>> Or wait, what about
>>
>> struct pirq *pirq = pirq_info(d, domain_irq_to_pirq(d, irq));
>>
>> ?
>
> That should work. I'll switch to this locally, and wait for the
> feedback on whether the patch works for 13.6.
I confirm that both versions of the patch address some violations of
13.6.
--
Federico Serafini, M.Sc.
Software Engineer, BUGSENG (http://bugseng.com)
© 2016 - 2024 Red Hat, Inc.