On 30.07.2025 12:19, Andrew Cooper wrote:
> On 30/07/2025 10:50 am, Jan Beulich wrote:
>> On 28.07.2025 07:03, Jiqian Chen wrote:
>>> +static int vpci_ext_capability_hide(
>>> + const struct pci_dev *pdev, unsigned int cap)
>>> +{
>>> + const unsigned int offset = pci_find_ext_capability(pdev->sbdf, cap);
>>> + struct vpci_register *r, *prev_r;
>>> + struct vpci *vpci = pdev->vpci;
>>> + uint32_t header, pre_header;
>>> +
>>> + if ( offset < PCI_CFG_SPACE_SIZE )
>>> + {
>>> + ASSERT_UNREACHABLE();
>>> + return 0;
>>> + }
>>> +
>>> + spin_lock(&vpci->lock);
>>> + r = vpci_get_register(vpci, offset, 4);
>>> + if ( !r )
>>> + {
>>> + spin_unlock(&vpci->lock);
>>> + return -ENODEV;
>>> + }
>>> +
>>> + header = (uint32_t)(uintptr_t)r->private;
>>> + if ( offset == PCI_CFG_SPACE_SIZE )
>>> + {
>>> + if ( PCI_EXT_CAP_NEXT(header) <= PCI_CFG_SPACE_SIZE )
>>> + r->private = (void *)(uintptr_t)0;
>> Eclair regards this a Misra rule 11.9 violation. Elsewhere we use (void *)0,
>> which I then would conclude is "fine". But I can't say why that is. Cc-ing
>> Bugseng for a possible explanation.
>
> Eclair is complaining that this isn't written r->private = NULL.
>
> Given that private is a pointer, I don't understand why NULL isn't used
> either.
As with the various uses in calls to vpci_add_register(), the goal is to
indicate we want a value of 0 (could in principle be non-0 values as well,
but happens to be 0 in a number of cases), disguised as a pointer. Which
NULL doesn't quite express. And NULL there would also be inconsistent with
some (void *)0x25 that may need using elsewhere.
Jan
