[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [XEN PATCH] xen: rework deviation to address varargs MISRA violations

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
  • Date: Fri, 02 Jan 2026 12:53:13 +0100
  • Arc-authentication-results: i=1; bugseng.com; arc=none smtp.remote-ip=162.55.131.47
  • Arc-message-signature: i=1; d=bugseng.com; s=openarc; a=rsa-sha256; c=relaxed/relaxed; t=1767354793; h=DKIM-Signature:MIME-Version:Date:From:To:Cc:Subject:In-Reply-To: References:Message-ID:X-Sender:Organization:Content-Type: Content-Transfer-Encoding; bh=GBQdkdQCLkFLBwvjCkDIdwxPjwFznPD3sgAMOHZLt9I=; b=s2k9kVC0d06DjDnjYj3++oONo0LkKVNJavym+BKQu7V0jdU+2N5GmhMgOj+ea1CiK/Ax G+HfLZ/MAGvAl1akUszlMyI4hAsqselXHMBzMDRL1HYmMFfpszqwWFkCdcXQ9MPj13Mfd x+kdvz28+8Ex2o9MRdIakGwImxbEvuzEbDQNAD71SWEafbryC4+tKe/9OtcuoCyapTl23 hYfQaf73lZB3hpYiA2atykzZpvP2VVC2ZzCMgJ7J3JkxK1t/C4aX3r4txcsv544oMFzEo BRJcnNXqfzt/YKYZjQqwUUXE3d9kGdUzMcYpEAhyqQPaLWUFBmEnhKS0Mglx5NeFlILoM 3GcvT6YMzUqF6FiKBcBmPaS7sQu27Y25E7E6+PZa3S7+1fOKl9qf0X0B14mqsCcUPId28 SkUOIlM4gbnm2Wr+jf++TRP/sPZG8auGkzZZK+PfiqTT5MLzfK91NQR+pjBXHKER7GasE LLDs2uzIZA8eIg3fyC/4R6+dTWGvI9pkq18PI+oye73RC41XQOSHKBIVilUijJDnlSTkh tjGODwRhYrEU2EQK5V77DSdAJvdmYTOyAg4sPZeLSnJGwqeRxe1XWhhsGJ6dMk/bWayjn mjgsfWPjX9zPwm+JPWz87q86FyJPxm18nbO63IyMMt6IInGwGcW62OTaHL7QWRA=
  • Arc-seal: i=1; d=bugseng.com; s=openarc; a=rsa-sha256; cv=none; t=1767354793; b=lWHe1KvKwMy5ygJTclDXNClhXYzLMMu8LTcFTc73BTyjpTAHtYhY+J2hhjDaj1N36Bwh +NoH5UR53JsmUHUb4ohH4Mtx1NqWDA5D+F1SQ4nI3Nzanaf7R/ikPyKSE1yeIEphOGbAZ ghu6oavOq/QDK9KtRGPYGMa4X1pCCaLjGDmZQql7eOTxI/rz/XldB/Yhf/gV1VXX/ivWJ FYsh1a+35iXJrZ7HH+0to7t6tXRsDJsLJwVL8SpGs9FpqKrtZMnzMg5pnC2C/J0gF/Hl3 t271Q++lRDiuh+Z8jKK1OHO84/CSWOHJjIsaAM20ujlwH6yaFURpsj3zKM5HQSZB5pvEb 28FTdVc7+f4/g+JjfG+0e8npgzC/9WyRRB7C6qgC4tTY5NFG1/N34i98sqvy+phi9nstY YIW2M2Vjhd6+lpgLssRYd6ux8tA0NJqumyUHJZelU0XaFsb60Ba4xaux2S1YALHVsf8CY 85eLLh1dNgFBbRj+jAn8/Z6/AwSR00sa7aT5pHprcArFYDyOYrOSmH4nQaI5jSQcUl6/B 7V3mjn2b2qZuuQ1e2Ckn04PCErbzIshEURi+75f11FmquB8sDBlDBy8p8WVtryb2Q/tEP kAumo+Eddov6V9vHWBNSecki12n1+iS+rdOPIzJTW6/PvMaPKSc37eTVoo0YIog=
  • Authentication-results: bugseng.com; arc=none smtp.remote-ip=162.55.131.47
  • Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, sstabellini@xxxxxxxxxx, consulting@xxxxxxxxxxx, Doug Goldstein <cardoe@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Fri, 02 Jan 2026 11:53:37 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 2026-01-02 10:42, Andrew Cooper wrote:

On 31/12/2025 11:22 am, Nicola Vetrini wrote:
diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/automation/eclair_analysis/ECLAIR/deviations.ecl 
index 219ba6993b90..7dee4a488d45 100644
--- a/automation/eclair_analysis/ECLAIR/deviations.ecl
+++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
@@ -570,13 +570,11 @@ safe."
 # Series 17.
 #
--doc_begin="printf()-like functions are allowed to use the variadic features provided by stdarg.h." 
--config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(^.*printk\\(.*\\)$)))"}
--config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(^.*printf\\(.*\\)$)))"}
--config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(panic)&&kind(function))))"}
--config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(elf_call_log_callback)&&kind(function))))"}
--config=MC3A2.R17.1,reports+={deliberate,"any_area(^.*va_list.*$&&context(ancestor_or_self(name(vprintk_common)&&kind(function))))"}
--config=MC3A2.R17.1,macros+={hide , "^va_(arg|start|copy|end)$"}
+-doc_begin="printf()-like or scanf()-like functions are allowed to use the variadic features provided by stdarg.h, 
+provided that they are declared using the `format' attribute."
+-decl_selector+={format_attr, "property(format)"}
+-config=MC3A2.R17.1,reports+={deliberate, "any_area(^.*va_list.*$&&context(ancestor_or_self(format_attr)))"} +-config=MC3A2.R17.1,macros+={deliberate , "^va_(arg|start|copy|end)$"} 
 -doc_end
-doc_begin="Not using the return value of a function does not endanger safety if it coincides with an actual argument." 
diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst
index b3431ef24e26..584907b048ec 100644
--- a/docs/misra/deviations.rst
+++ b/docs/misra/deviations.rst
@@ -570,8 +570,8 @@ Deviations related to MISRA C:2012 Rules:
      - Tagged as `deliberate` for ECLAIR.

    * - R17.1
- - printf()-like functions are allowed to use the variadic features provided 
-       by `stdarg.h`.
+ - printf()-like or scanf()-like functions are allowed to use the variadic 
+       features provided by `stdarg.h`.
      - Tagged as `deliberate` for ECLAIR.


Much nicer.  But don't we want to repeat the part about
__attribute__((format(...))) here?  After all, that is the justification 
of why it's safer than nothing.
Ok, that would be more accurate for sure. I didn't do that to preserve the original intention of the deviation, but they are practically equivalent with the current codebase, so changing the text makes little difference. I'll tweak that. 


~Andrew


--
Nicola Vetrini, B.Sc.
Software Engineer
BUGSENG (https://bugseng.com)
LinkedIn: https://www.linkedin.com/in/nicola-vetrini-a42471253

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.