Hello, All! Do you have any comments on this patch? Вoes it need any improvement?
BR, Dmytro. On 6/24/25 04:19, Stefano Stabellini wrote: > MISRA C Directive 4.10 states that "Precautions shall be taken in order > to prevent the contents of a header file being included more than > once". > > Add a SAF tag and update the comment on top of cpufeatures.h. > Add a header inclusion guard to compile.h. > Generate header guards for hypercall-defs.h > > Update ECLAIR configuration to: > - extend existing deviation to other comments explicitly saying a file > is intended for multiple inclusion; > - extend existing deviation to other autogenerated files; > - tag the guidelines as clean. > > Update deviations.rst accordingly. > > Signed-off-by: Federico Serafini <federico.seraf...@bugseng.com> > Signed-off-by: Stefano Stabellini <stefano.stabell...@amd.com> > Acked-by: Jan Beulich <jbeul...@suse.com> # x86 > --- > Changes in v6: > - remove in-code comment and use SAF-8-safe instead > - add header guards for hypercall-defs.h > > Successful pipeline: > https://gitlab.com/xen-project/people/sstabellini/xen/-/pipelines/1885561040 > --- > > diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl > b/automation/eclair_analysis/ECLAIR/deviations.ecl > index 9c67358d46..3b5bc87e1d 100644 > --- a/automation/eclair_analysis/ECLAIR/deviations.ecl > +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl > @@ -72,11 +72,14 @@ they are not instances of commented-out code." > -config=MC3A2.D4.3,reports+={deliberate, > "any_area(any_loc(file(arm64_bitops))&&context(name(int_clear_mask16)))"} > -doc_end > > --doc_begin="Files that are intended to be included more than once do not > need to > -conform to the directive." > +-doc_begin="Files that are intended to be included more than once (and have > +a comment that says this explicitly) do not need to conform to the > directive." > -config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* This file is > intended to be included multiple times\\. \\*/$, begin-4))"} > --config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated file, > do not edit! \\*/$, begin-3))"} > --config=MC3A2.D4.10,reports+={safe, > "all_area(all_loc(file(^xen/include/generated/autoconf.h$)))"} > +-config=MC3A2.D4.10,reports+={safe, "first_area(text(^/\\* Generated file, > do not edit! \\*/$, begin-3...begin-2))"} > +-doc_end > + > +-doc_begin="Autogenerated files that do not need to conform to the > directive." > +-config=MC3A2.D4.10,reports+={safe, > "all_area(all_loc(file(^xen/include/generated/autoconf\\.h$)))"} > -doc_end > > -doc_begin="Including multiple times a .c file is safe because every > function or data item > diff --git a/automation/eclair_analysis/ECLAIR/tagging.ecl > b/automation/eclair_analysis/ECLAIR/tagging.ecl > index f9da5d5f4d..b95f07feb0 100644 > --- a/automation/eclair_analysis/ECLAIR/tagging.ecl > +++ b/automation/eclair_analysis/ECLAIR/tagging.ecl > @@ -23,6 +23,7 @@ > "MC3A2.D1.1|| > MC3A2.D2.1|| > MC3A2.D4.1|| > +MC3A2.D4.10|| > MC3A2.D4.11|| > MC3A2.D4.14|| > MC3A2.R1.1|| > diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst > index fe0b1e10a2..63caa8f4a2 100644 > --- a/docs/misra/deviations.rst > +++ b/docs/misra/deviations.rst > @@ -30,6 +30,18 @@ Deviations related to MISRA C:2012 Directives: > not to add an additional encapsulation layer. > - Tagged as `deliberate` for ECLAIR. > > + * - D4.10 > + - Files that are intended to be included more than once (and have > + a comment that says this explicitly) do not need to conform to the > + directive. > + - Tagged as `safe` for ECLAIR. > + > + * - D4.10 > + - There are autogenerated files that do not need to comply to the > + directive. > + - Tagged as `safe` for ECLAIR. Such files are: > + - xen/include/generated/autoconf.h > + > * - D4.10 > - Including multiple times a .c file is safe because every function or > data item > it defines would in (the common case) be already defined. > diff --git a/xen/arch/x86/include/asm/cpufeatures.h > b/xen/arch/x86/include/asm/cpufeatures.h > index 9e3ed21c02..dce0713adf 100644 > --- a/xen/arch/x86/include/asm/cpufeatures.h > +++ b/xen/arch/x86/include/asm/cpufeatures.h > @@ -1,7 +1,6 @@ > -/* > - * Explicitly intended for multiple inclusion. > - */ > +/* This file is intended to be included multiple times. */ > > +/* SAF-8-safe */ > #include <xen/lib/x86/cpuid-autogen.h> > > /* Number of capability words covered by the featureset words. */ > diff --git a/xen/include/xen/compile.h.in b/xen/include/xen/compile.h.in > index 3151d1e7d1..9206341ba6 100644 > --- a/xen/include/xen/compile.h.in > +++ b/xen/include/xen/compile.h.in > @@ -1,3 +1,6 @@ > +#ifndef XEN_COMPILE_H > +#define XEN_COMPILE_H > + > #define XEN_COMPILE_DATE "@@date@@" > #define XEN_COMPILE_TIME "@@time@@" > #define XEN_COMPILE_BY "@@whoami@@" > diff --git a/xen/scripts/gen_hypercall.awk b/xen/scripts/gen_hypercall.awk > index 1a7e051fde..47a18cd75e 100644 > --- a/xen/scripts/gen_hypercall.awk > +++ b/xen/scripts/gen_hypercall.awk > @@ -2,6 +2,8 @@ > # the calls of the handlers inside a switch() statement. > > BEGIN { > + printf("#ifndef XEN_HYPERCALL_DEFS_H\n"); > + printf("#define XEN_HYPERCALL_DEFS_H\n\n"); > printf("/* Generated file, do not edit! */\n\n"); > e = 0; > n = 0; > @@ -311,4 +313,5 @@ END { > printf("[__HYPERVISOR_%s] = %d, \\\n", fn[call_fn[i]], > n_args[call_fn[i]]); > printf("}\n"); > } > + printf("\n#endif /* XEN_HYPERCALL_DEFS_H */\n"); > } > diff --git a/xen/tools/process-banner.sed b/xen/tools/process-banner.sed > index 56c76558bc..4cf3f9a116 100755 > --- a/xen/tools/process-banner.sed > +++ b/xen/tools/process-banner.sed > @@ -12,3 +12,8 @@ s_(.*)_"\1\\n"_ > > # Trailing \ on all but the final line. > $!s_$_ \\_ > + > +# Append closing header guard > +$a\ > +\ > +#endif /* XEN_COMPILE_H */
