From: Stefano Stabellini <stefano.stabell...@amd.com>
During the discussions that led to the acceptance of Rule 2.1, we
decided on a few exceptions that were not properly recorded in
rules.rst. Add them now.
Signed-off-by: Stefano Stabellini <stefano.stabell...@amd.com>
Acked-by: Jan Beulich <jbeul...@suse.com>
---
Note that safe.json and the codebase are not yet updated with an
appropriate tag for BUG, panic and friends.
v2:
- fix typo in commit message
- use "only referenced from assembly"
- use "Deliberate unreachability caused by"
- add "See safe.json"
- add acked-by (although I also added "See safe.json")
---
docs/misra/rules.rst | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/docs/misra/rules.rst b/docs/misra/rules.rst
index 8f0e4d3f25..4f33ed4ba6 100644
--- a/docs/misra/rules.rst
+++ b/docs/misra/rules.rst
@@ -106,7 +106,18 @@ maintainers if you want to suggest a change.
* - `Rule 2.1
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_02_01_1.c>`_
- Required
- A project shall not contain unreachable code
- -
+ - The following are allowed:
+ - Invariantly constant conditions, e.g. if(IS_ENABLED(CONFIG_HVM)) {
S; }
+ - Switch with a controlling value statically determined not to
+ match one or more case statements
+ - Functions that are intended to be referenced only from
+ assembly code (e.g. 'do_trap_fiq')
+ - Deliberate unreachability caused by certain macros/functions,
+ e.g. BUG, assert_failed, panic, etc. See safe.json.
+ - asm-offsets.c, as they are not linked deliberately, because
+ they are used to generate definitions for asm modules
+ - Declarations without initializer are safe, as they are not
+ executed
* - `Rule 2.6
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_02_06.c>`_
- Advisory
--
2.25.1
