On 30/07/2025 3:06 pm, Dmytro Prokopchuk1 wrote: > diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst > index e78179fcb8..fba75be2ee 100644 > --- a/docs/misra/deviations.rst > +++ b/docs/misra/deviations.rst > @@ -86,6 +86,14 @@ Deviations related to MISRA C:2012 Rules: > generate definitions for asm modules. > - Tagged as `deliberate` for ECLAIR. > > + * - R2.1 > + - Calls to the `__builtin_unreachable` function inside the expansion of > + the `ASSERT_UNREACHABLE()` macro may cause a function to be marked as > + non-returning. Since this only happens in debug configurations, > + the `noreturn` property for `__builtin_unreachable` is overridden in > + these contexts, resulting in the absence of reports that do not have > + an impact on safety, despite being true positives. > +
I'm not sure how best to phrase this, but it's probably worth saying that Xen expects developers to write code which would fail safe in a release build when the assertion was removed. I.e. it's more than just "there may be code there". It's expected that there is. ~Andrew
