On 05/06/23 09:35, Jan Beulich wrote:
On 05.06.2023 07:28, Roberto Bagnara wrote:
Finally, Xen seems to rely on explicitly undefined behavior, namely
C99 UB 58: "A structure or union is defined as containing no named
members (6.7.2.1)." All instances but one occur via macro BUILD_BUG_ON_ZERO,
the remaining instance concerns struct
`cpu_policy::<anonymous union>::<anonymous struct>::<anonymous union>::<anonymous
struct>'.
Reliance on undefined behavior might be hard to justify.
For starters just a comment here: I'm pretty sure this case was discussed
before, and that it was agreed that if need be we'd simply add _ as the
name there. Yet then - how did you notice this? Code inspection? I would
expect no analysis tool would spot it because it's used for gcc < 4.6
only. And I doubt you run analysis tools in combination with this old a
gcc?
It is detected by ECLAIR, but the analysis is based on GCC 12,
and the detection of implementation-defined behaviors (including
predefined macros) is completely automatic, so I don't think there
is any configuration error.
One of the instances arises from
xen/arch/arm/dm.c:50.19-50.37:
all the members of struct `dm_op(const struct dmop_args*)::<anonymous struct>' are
unnamed (undefined for the C99 standard, ISO/IEC 9899:1999 Annex J.2 item 58: "A structure
or union is defined as containing no named members (6.7.2.1)." [STD.anonstct]). Tool used
is `/usr/bin/aarch64-linux-gnu-gcc-12'
and, in turn:
xen/include/xen/lib.h:54.12-54.17: expanded from macro `BUILD_BUG_ON_ZERO'
xen/include/xen/compiler.h:126.3-126.77: expanded from macro `__must_be_array'
xen/include/xen/lib.h:77.53-77.70: expanded from macro `ARRAY_SIZE'
I apologize in advance if I have misunderstood something.
Kind regards,
Roberto