MISRA C Rule 16.2 states:
"A switch label shall only be used when the most closely-enclosing
compound statement is the body of a switch statement".
The PROGRESS_VCPU local helper specifies a case that is directly
inside the compound statement of a for loop, hence violating the rule.
To avoid this, the construct is deviated with a text-based deviation.
No functional change.
Signed-off-by: Nicola Vetrini <nicola.vetrini@bugseng.com>
---
I chose a text-based deviation, rather than exempting PROGRESS_VCPU,
because it's more refined and it's unlikely that more violations
are introduced, since the rule has only very few violations left on
both ARM and x86.
---
docs/misra/safe.json | 8 ++++++++
xen/common/domain.c | 1 +
2 files changed, 9 insertions(+)
diff --git a/docs/misra/safe.json b/docs/misra/safe.json
index d361d0e65ceb..64178ba2ef7d 100644
--- a/docs/misra/safe.json
+++ b/docs/misra/safe.json
@@ -36,6 +36,14 @@
},
{
"id": "SAF-4-safe",
+ "analyser": {
+ "eclair": "MC3R1.R16.2"
+ },
+ "name": "MC3R1.R16.2: using a case label when the most closely-enclosing compound statement is not a switch statement",
+ "text": "A switch label enclosed by some compound statement that is not the body of a switch is permitted within local helper macros that are unlikely to be misused or misunderstood."
+ },
+ {
+ "id": "SAF-5-safe",
"analyser": {},
"name": "Sentinel",
"text": "Next ID to be used"
diff --git a/xen/common/domain.c b/xen/common/domain.c
index ceb44c826685..1388b9e7cefa 100644
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -457,6 +457,7 @@ static int domain_teardown(struct domain *d)
for_each_vcpu ( d, v )
{
+ /* SAF-4-safe MISRA C Rule 16.2: switch label enclosed by for loop*/
PROGRESS_VCPU(teardown);
rc = vcpu_teardown(v);
--
2.34.1
"A switch label shall only be used when the most closely-enclosing
compound statement is the body of a switch statement".
The PROGRESS_VCPU local helper specifies a case that is directly
inside the compound statement of a for loop, hence violating the rule.
To avoid this, the construct is deviated with a text-based deviation.
No functional change.
Signed-off-by: Nicola Vetrini <nicola.vetrini@bugseng.com>
---
I chose a text-based deviation, rather than exempting PROGRESS_VCPU,
because it's more refined and it's unlikely that more violations
are introduced, since the rule has only very few violations left on
both ARM and x86.
---
docs/misra/safe.json | 8 ++++++++
xen/common/domain.c | 1 +
2 files changed, 9 insertions(+)
diff --git a/docs/misra/safe.json b/docs/misra/safe.json
index d361d0e65ceb..64178ba2ef7d 100644
--- a/docs/misra/safe.json
+++ b/docs/misra/safe.json
@@ -36,6 +36,14 @@
},
{
"id": "SAF-4-safe",
+ "analyser": {
+ "eclair": "MC3R1.R16.2"
+ },
+ "name": "MC3R1.R16.2: using a case label when the most closely-enclosing compound statement is not a switch statement",
+ "text": "A switch label enclosed by some compound statement that is not the body of a switch is permitted within local helper macros that are unlikely to be misused or misunderstood."
+ },
+ {
+ "id": "SAF-5-safe",
"analyser": {},
"name": "Sentinel",
"text": "Next ID to be used"
diff --git a/xen/common/domain.c b/xen/common/domain.c
index ceb44c826685..1388b9e7cefa 100644
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -457,6 +457,7 @@ static int domain_teardown(struct domain *d)
for_each_vcpu ( d, v )
{
+ /* SAF-4-safe MISRA C Rule 16.2: switch label enclosed by for loop*/
PROGRESS_VCPU(teardown);
rc = vcpu_teardown(v);
--
2.34.1