* [PATCH v2] add more MISRA C rules to docs/misra/rules.rst
@ 2022-06-10 21:27 Stefano Stabellini
2022-06-13 7:36 ` Jan Beulich
0 siblings, 1 reply; 4+ messages in thread
From: Stefano Stabellini @ 2022-06-10 21:27 UTC (permalink / raw)
To: xen-devel
Cc: sstabellini, George.Dunlap, roger.pau, Artem_Mygaiev,
Andrew.Cooper3, julien, Bertrand.Marquis, jbeulich,
Stefano Stabellini, Bertrand Marquis, Julien Grall
Add the new MISRA C rules agreed by the MISRA C working group to
docs/misra/rules.rst.
Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Acked-by: Julien Grall <jgrall@amazon.com>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
---
Given the minimal/trivial changes I kept the acked/reviewed-by.
Changes in v2:
- use max_t/min_t instead of MAX/MIN in the Rule 5.3 example
- improve wording for the note of Rule 5.3
---
docs/misra/rules.rst | 90 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 90 insertions(+)
diff --git a/docs/misra/rules.rst b/docs/misra/rules.rst
index 6ccff07765..c0bdc75987 100644
--- a/docs/misra/rules.rst
+++ b/docs/misra/rules.rst
@@ -89,6 +89,29 @@ existing codebase are work-in-progress.
(xen/include/public/) are allowed to retain longer identifiers
for backward compatibility.
+ * - `Rule 5.2 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_05_02.c>`_
+ - Required
+ - Identifiers declared in the same scope and name space shall be
+ distinct
+ - The Xen characters limit for identifiers is 40. Public headers
+ (xen/include/public/) are allowed to retain longer identifiers
+ for backward compatibility.
+
+ * - `Rule 5.3 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_05_03.c>`_
+ - Required
+ - An identifier declared in an inner scope shall not hide an
+ identifier declared in an outer scope
+ - Using macros as macro parameters at invocation time is allowed
+ even if both macros use identically named local variables, e.g.
+ max_t(var0, min_t(var1, var2))
+
+ * - `Rule 5.4 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_05_04.c>`_
+ - Required
+ - Macro identifiers shall be distinct
+ - The Xen characters limit for macro identifiers is 40. Public
+ headers (xen/include/public/) are allowed to retain longer
+ identifiers for backward compatibility.
+
* - `Rule 6.2 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_06_02.c>`_
- Required
- Single-bit named bit fields shall not be of a signed type
@@ -123,8 +146,75 @@ existing codebase are work-in-progress.
declarations of objects and functions that have internal linkage
-
+ * - `Rule 8.10 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_08_10.c>`_
+ - Required
+ - An inline function shall be declared with the static storage class
+ - gnu_inline (without static) is allowed.
+
* - `Rule 8.12 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_08_12.c>`_
- Required
- Within an enumerator list the value of an implicitly-specified
enumeration constant shall be unique
-
+
+ * - `Rule 9.1 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_09_01.c>`_
+ - Mandatory
+ - The value of an object with automatic storage duration shall not
+ be read before it has been set
+ - Rule clarification: do not use variables before they are
+ initialized. An explicit initializer is not necessarily required.
+ Try reducing the scope of the variable. If an explicit
+ initializer is added, consider initializing the variable to a
+ poison value.
+
+ * - `Rule 9.2 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_09_02.c>`_
+ - Required
+ - The initializer for an aggregate or union shall be enclosed in
+ braces
+ -
+
+ * - `Rule 13.6 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_13_06.c>`_
+ - Mandatory
+ - The operand of the sizeof operator shall not contain any
+ expression which has potential side effects
+ -
+
+ * - `Rule 14.1 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_14_01.c>`_
+ - Required
+ - A loop counter shall not have essentially floating type
+ -
+
+ * - `Rule 16.7 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_16_07.c>`_
+ - Required
+ - A switch-expression shall not have essentially Boolean type
+ -
+
+ * - `Rule 17.3 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_17_03.c>`_
+ - Mandatory
+ - A function shall not be declared implicitly
+ -
+
+ * - `Rule 17.4 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_17_04.c>`_
+ - Mandatory
+ - All exit paths from a function with non-void return type shall
+ have an explicit return statement with an expression
+ -
+
+ * - `Rule 20.7 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_20_07.c>`_
+ - Required
+ - Expressions resulting from the expansion of macro parameters
+ shall be enclosed in parentheses
+ -
+
+ * - `Rule 20.13 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_20_13.c>`_
+ - Required
+ - A line whose first token is # shall be a valid preprocessing
+ directive
+ -
+
+ * - `Rule 20.14 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_20_14.c>`_
+ - Required
+ - All #else #elif and #endif preprocessor directives shall reside
+ in the same file as the #if #ifdef or #ifndef directive to which
+ they are related
+ -
--
2.25.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH v2] add more MISRA C rules to docs/misra/rules.rst
2022-06-10 21:27 [PATCH v2] add more MISRA C rules to docs/misra/rules.rst Stefano Stabellini
@ 2022-06-13 7:36 ` Jan Beulich
2022-06-13 23:29 ` Stefano Stabellini
0 siblings, 1 reply; 4+ messages in thread
From: Jan Beulich @ 2022-06-13 7:36 UTC (permalink / raw)
To: Stefano Stabellini
Cc: George.Dunlap, roger.pau, Artem_Mygaiev, Andrew.Cooper3, julien,
Bertrand.Marquis, Stefano Stabellini, Julien Grall, xen-devel
On 10.06.2022 23:27, Stefano Stabellini wrote:
> + * - `Rule 5.3 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_05_03.c>`_
> + - Required
> + - An identifier declared in an inner scope shall not hide an
> + identifier declared in an outer scope
> + - Using macros as macro parameters at invocation time is allowed
> + even if both macros use identically named local variables, e.g.
> + max_t(var0, min_t(var1, var2))
Nit: I would have been okay with the prior use of MIN() and MAX() in this
example, but now that you have switched to min_t() / max_t() I think the
example also wants to match our macros of these names. Hence I'd like to
suggest that either you switch to using min() / max() (which also use
local variables), or you add the missing "type" arguments in both macro
invocations.
Jan
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v2] add more MISRA C rules to docs/misra/rules.rst
2022-06-13 7:36 ` Jan Beulich
@ 2022-06-13 23:29 ` Stefano Stabellini
2022-06-14 6:59 ` Jan Beulich
0 siblings, 1 reply; 4+ messages in thread
From: Stefano Stabellini @ 2022-06-13 23:29 UTC (permalink / raw)
To: Jan Beulich
Cc: Stefano Stabellini, George.Dunlap, roger.pau, Artem_Mygaiev,
Andrew.Cooper3, julien, Bertrand.Marquis, Stefano Stabellini,
Julien Grall, xen-devel
On Mon, 13 Jun 2022, Jan Beulich wrote:
> On 10.06.2022 23:27, Stefano Stabellini wrote:
> > + * - `Rule 5.3 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_05_03.c>`_
> > + - Required
> > + - An identifier declared in an inner scope shall not hide an
> > + identifier declared in an outer scope
> > + - Using macros as macro parameters at invocation time is allowed
> > + even if both macros use identically named local variables, e.g.
> > + max_t(var0, min_t(var1, var2))
>
> Nit: I would have been okay with the prior use of MIN() and MAX() in this
> example, but now that you have switched to min_t() / max_t() I think the
> example also wants to match our macros of these names. Hence I'd like to
> suggest that either you switch to using min() / max() (which also use
> local variables), or you add the missing "type" arguments in both macro
> invocations.
I see your point. I'll use min/max as follows:
max(var0, min(var1, var2))
If you are OK with that and there are no other suggestions this tiny
change could be done on commit.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v2] add more MISRA C rules to docs/misra/rules.rst
2022-06-13 23:29 ` Stefano Stabellini
@ 2022-06-14 6:59 ` Jan Beulich
0 siblings, 0 replies; 4+ messages in thread
From: Jan Beulich @ 2022-06-14 6:59 UTC (permalink / raw)
To: Stefano Stabellini
Cc: George.Dunlap, roger.pau, Artem_Mygaiev, Andrew.Cooper3, julien,
Bertrand.Marquis, Stefano Stabellini, Julien Grall, xen-devel
On 14.06.2022 01:29, Stefano Stabellini wrote:
> On Mon, 13 Jun 2022, Jan Beulich wrote:
>> On 10.06.2022 23:27, Stefano Stabellini wrote:
>>> + * - `Rule 5.3 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_05_03.c>`_
>>> + - Required
>>> + - An identifier declared in an inner scope shall not hide an
>>> + identifier declared in an outer scope
>>> + - Using macros as macro parameters at invocation time is allowed
>>> + even if both macros use identically named local variables, e.g.
>>> + max_t(var0, min_t(var1, var2))
>>
>> Nit: I would have been okay with the prior use of MIN() and MAX() in this
>> example, but now that you have switched to min_t() / max_t() I think the
>> example also wants to match our macros of these names. Hence I'd like to
>> suggest that either you switch to using min() / max() (which also use
>> local variables), or you add the missing "type" arguments in both macro
>> invocations.
>
> I see your point. I'll use min/max as follows:
>
> max(var0, min(var1, var2))
>
> If you are OK with that and there are no other suggestions this tiny
> change could be done on commit.
Yes, that's fine with me.
Jan
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-06-14 6:59 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-10 21:27 [PATCH v2] add more MISRA C rules to docs/misra/rules.rst Stefano Stabellini
2022-06-13 7:36 ` Jan Beulich
2022-06-13 23:29 ` Stefano Stabellini
2022-06-14 6:59 ` Jan Beulich
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.