1. Patchew
  2. Xen
  3. [PATCH 0/6] MISRA D4.10: fix header guards
  4. View patch

[PATCH 6/6] automation/eclair: update configuration of D4.10

Stefano Stabellini posted 6 patches 5 months, 2 weeks ago
[PATCH 6/6] automation/eclair: update configuration of D4.10
Posted by Stefano Stabellini 5 months, 2 weeks ago 
From: Federico Serafini <federico.serafini@bugseng.com>

MISRA C Directive 4.10 states that "Precautions shall be taken in order
to prevent the contents of a header file being included more than
once".

Update ECLAIR configuration to:
- extend existing deviation to other comments explicitly saying a file
  is intended for multiple inclusion;
- extend existing deviation to other autogenerated files;
- tag the guidelines as clean.

Update deviations.rst accordingly.

Signed-off-by: Federico Serafini <federico.serafini@bugseng.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@amd.com>
---
 automation/eclair_analysis/ECLAIR/deviations.ecl | 14 +++++++++++---
 automation/eclair_analysis/ECLAIR/tagging.ecl    |  1 +
 docs/misra/deviations.rst                        | 15 +++++++++++++++
 3 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/automation/eclair_analysis/ECLAIR/deviations.ecl
index 9c67358d46..3fb6d9f971 100644
--- a/automation/eclair_analysis/ECLAIR/deviations.ecl
+++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
@@ -72,11 +72,19 @@ they are not instances of commented-out code."
 -config=MC3A2.D4.3,reports+={deliberate, "any_area(any_loc(file(arm64_bitops))&&context(name(int_clear_mask16)))"}
 -doc_end
 
--doc_begin="Files that are intended to be included more than once do not need to
-conform to the directive."
+-doc_begin="Files that are intended to be included more than once (and have
+a comment that says this explicitly) do not need to conform to the directive."
 -config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* This file is intended to be included multiple times\\. \\*/$, begin-4))"}
+-config=MC3A2.D4.10,reports+={safe, "first_area(text(^.*Explicitly intended for multiple inclusion.*$, begin-3))"}
+-config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated file, do not edit! \\*/$, begin-2))"}
 -config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated file, do not edit! \\*/$, begin-3))"}
--config=MC3A2.D4.10,reports+={safe, "all_area(all_loc(file(^xen/include/generated/autoconf.h$)))"}
+-doc_end
+
+-doc_begin="Autogenerated files that do not need to conform to the directive."
+-config=MC3A2.D4.10,reports+={safe, "all_area(all_loc(file(^xen/include/generated/autoconf\\.h$)))"}
+-config=MC3A2.D4.10,reports+={safe, "all_area(all_loc(file(^xen/include/xen/compile\\.h$)))"}
+-config=MC3A2.D4.10,reports+={safe, "all_area(all_loc(file(^xen/include/compat/xlat\\.h$)))"}
+-config=MC3A2.D4.10,reports+={safe, "all_area(all_loc(file(^xen/arch/(arm||x86)/include/generated/asm/.*$)))"}
 -doc_end
 
 -doc_begin="Including multiple times a .c file is safe because every function or data item
diff --git a/automation/eclair_analysis/ECLAIR/tagging.ecl b/automation/eclair_analysis/ECLAIR/tagging.ecl
index 5bc35db1fd..7e3095423b 100644
--- a/automation/eclair_analysis/ECLAIR/tagging.ecl
+++ b/automation/eclair_analysis/ECLAIR/tagging.ecl
@@ -23,6 +23,7 @@
 "MC3A2.D1.1||
 MC3A2.D2.1||
 MC3A2.D4.1||
+MC3A2.D4.10||
 MC3A2.D4.11||
 MC3A2.D4.14||
 MC3A2.R1.1||
diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst
index fe0b1e10a2..87ed81c918 100644
--- a/docs/misra/deviations.rst
+++ b/docs/misra/deviations.rst
@@ -30,6 +30,21 @@ Deviations related to MISRA C:2012 Directives:
        not to add an additional encapsulation layer.
      - Tagged as `deliberate` for ECLAIR.
 
+   * - D4.10
+     - Files that are intended to be included more than once (and have
+       a comment that says this explicitly) do not need to conform to the
+       directive.
+     - Tagged as `safe` for ECLAIR.
+
+   * - D4.10
+     - There are autogenerated files that do not need to comply to the
+       directive.
+     - Tagged as `safe` for ECLAIR. Such files are:
+        - xen/include/generated/autoconf.h
+        - xen/include/compat/xlat.h
+        - xen/include/xen/compile.h
+        - xen/arch/{arm,x86}/include/generated/asm/\*
+
    * - D4.10
      - Including multiple times a .c file is safe because every function or data item
        it defines would in (the common case) be already defined.
-- 
2.25.1
Re: [PATCH 6/6] automation/eclair: update configuration of D4.10
Posted by Andrew Cooper 5 months, 2 weeks ago 
On 17/05/2025 12:21 am, Stefano Stabellini wrote:
> diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/automation/eclair_analysis/ECLAIR/deviations.ecl
> index 9c67358d46..3fb6d9f971 100644
> --- a/automation/eclair_analysis/ECLAIR/deviations.ecl
> +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
> @@ -72,11 +72,19 @@ they are not instances of commented-out code."
>  -config=MC3A2.D4.3,reports+={deliberate, "any_area(any_loc(file(arm64_bitops))&&context(name(int_clear_mask16)))"}
>  -doc_end
>  
> --doc_begin="Files that are intended to be included more than once do not need to
> -conform to the directive."
> +-doc_begin="Files that are intended to be included more than once (and have
> +a comment that says this explicitly) do not need to conform to the directive."
>  -config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* This file is intended to be included multiple times\\. \\*/$, begin-4))"}
> +-config=MC3A2.D4.10,reports+={safe, "first_area(text(^.*Explicitly intended for multiple inclusion.*$, begin-3))"}

xen.git/xen$ git grep "Explicitly intended for multiple"
arch/x86/include/asm/cpufeatures.h:2: * Explicitly intended for multiple
inclusion.

I'd suggest altering that one file, rather than adding an special
exclusion pattern.

> +-config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated file, do not edit! \\*/$, begin-2))"}
>  -config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated file, do not edit! \\*/$, begin-3))"}

These seem to only differ by the begin-$N.  Why doesn't the regex work
in both cases?

> --config=MC3A2.D4.10,reports+={safe, "all_area(all_loc(file(^xen/include/generated/autoconf.h$)))"}
> +-doc_end
> +
> +-doc_begin="Autogenerated files that do not need to conform to the directive."
> +-config=MC3A2.D4.10,reports+={safe, "all_area(all_loc(file(^xen/include/generated/autoconf\\.h$)))"}
> +-config=MC3A2.D4.10,reports+={safe, "all_area(all_loc(file(^xen/include/xen/compile\\.h$)))"}

I see your exception, and raise you some sed.

diff --git a/xen/include/xen/compile.h.in b/xen/include/xen/compile.h.in
index 3151d1e7d1bf..9206341ba692 100644
--- a/xen/include/xen/compile.h.in
+++ b/xen/include/xen/compile.h.in
@@ -1,3 +1,6 @@
+#ifndef XEN_COMPILE_H
+#define XEN_COMPILE_H
+
 #define XEN_COMPILE_DATE       "@@date@@"
 #define XEN_COMPILE_TIME       "@@time@@"
 #define XEN_COMPILE_BY         "@@whoami@@"
diff --git a/xen/tools/process-banner.sed b/xen/tools/process-banner.sed
index 56c76558bcd9..4cf3f9a1163a 100755
--- a/xen/tools/process-banner.sed
+++ b/xen/tools/process-banner.sed
@@ -12,3 +12,8 @@ s_(.*)_"\1\\n"_
 
 # Trailing \ on all but the final line.
 $!s_$_ \\_
+
+# Append closing header guard
+$a\
+\
+#endif /* XEN_COMPILE_H */

and now compile.h looks like a normal header.

~Andrew
Re: [PATCH 6/6] automation/eclair: update configuration of D4.10
Posted by Federico Serafini 5 months, 2 weeks ago 
Hi,

On 17/05/25 01:57, Andrew Cooper wrote:
> 
>> +-config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated file, do not edit! \\*/$, begin-2))"}
>>   -config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated file, do not edit! \\*/$, begin-3))"}
> 
> These seem to only differ by the begin-$N.  Why doesn't the regex work
> in both cases?

"begin-N" expresses the position of a single line, not a range.
For example, begin-2 means "two lines before the first reported area"
and deviates:

https://saas.eclairit.com:3787/fs/var/local/eclair/xen-project.ecdf/xen-project/hardware/xen/ECLAIR_normal/staging/X86_64/10063944407/PROJECT.ecd;/sources/xen/include/xen/hypercall-defs.h.html#R174_1{"select":true,"selection":{"hiddenAreaKinds":[],"hiddenSubareaKinds":[],"show":false,"selector":{"enabled":true,"negated":false,"kind":2,"children":[]}}}

If you prefer, I think we can use ranges and merge the two
configurations.

-- 
Federico Serafini, MSc
Software Engineer, BUGSENG (https://bugseng.com)
LinkedIn: https://linkedin.com/in/federico-serafini
Re: [PATCH 6/6] automation/eclair: update configuration of D4.10
Posted by Stefano Stabellini 5 months, 2 weeks ago 
On Mon, 19 May 2025, Federico Serafini wrote:
> Hi,
> 
> On 17/05/25 01:57, Andrew Cooper wrote:
> > 
> > > +-config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated
> > > file, do not edit! \\*/$, begin-2))"}
> > >   -config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated
> > > file, do not edit! \\*/$, begin-3))"}
> > 
> > These seem to only differ by the begin-$N.  Why doesn't the regex work
> > in both cases?
> 
> "begin-N" expresses the position of a single line, not a range.
> For example, begin-2 means "two lines before the first reported area"
> and deviates:
> 
> https://saas.eclairit.com:3787/fs/var/local/eclair/xen-project.ecdf/xen-project/hardware/xen/ECLAIR_normal/staging/X86_64/10063944407/PROJECT.ecd;/sources/xen/include/xen/hypercall-defs.h.html#R174_1{"select":true,"selection":{"hiddenAreaKinds":[],"hiddenSubareaKinds":[],"show":false,"selector":{"enabled":true,"negated":false,"kind":2,"children":[]}}}
> 
> If you prefer, I think we can use ranges and merge the two
> configurations.

I think that would be better
Re: [PATCH 6/6] automation/eclair: update configuration of D4.10
Posted by Federico Serafini 5 months, 1 week ago 
On 19/05/25 23:36, Stefano Stabellini wrote:
> On Mon, 19 May 2025, Federico Serafini wrote:
>> Hi,
>>
>> On 17/05/25 01:57, Andrew Cooper wrote:
>>>
>>>> +-config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated
>>>> file, do not edit! \\*/$, begin-2))"}
>>>>    -config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated
>>>> file, do not edit! \\*/$, begin-3))"}
>>>
>>> These seem to only differ by the begin-$N.  Why doesn't the regex work
>>> in both cases?
>>
>> "begin-N" expresses the position of a single line, not a range.
>> For example, begin-2 means "two lines before the first reported area"
>> and deviates:
>>
>> https://saas.eclairit.com:3787/fs/var/local/eclair/xen-project.ecdf/xen-project/hardware/xen/ECLAIR_normal/staging/X86_64/10063944407/PROJECT.ecd;/sources/xen/include/xen/hypercall-defs.h.html#R174_1{"select":true,"selection":{"hiddenAreaKinds":[],"hiddenSubareaKinds":[],"show":false,"selector":{"enabled":true,"negated":false,"kind":2,"children":[]}}}
>>
>> If you prefer, I think we can use ranges and merge the two
>> configurations.
> 
> I think that would be better


The configurations can be merged into a single one:

-config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated 
file, do not edit! \\*/$, begin-3...begin-2))"}

-- 
Federico Serafini, MSc
Software Engineer, BUGSENG (https://bugseng.com)
LinkedIn: https://linkedin.com/in/federico-serafini

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.