All of lore.kernel.org
 help / color / mirror / Atom feed
From: Roberto Bagnara <roberto.bagnara@bugseng.com>
To: Jan Beulich <jbeulich@suse.com>
Cc: Bertrand Marquis <Bertrand.Marquis@arm.com>,
	Michal Orzel <Michal.Orzel@arm.com>,
	Julien Grall <julien@xen.org>,
	Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	George Dunlap <george.dunlap@citrix.com>, Wei Liu <wl@xen.org>,
	Juergen Gross <jgross@suse.com>,
	Dario Faggioli <dfaggioli@suse.com>,
	Daniel De Graaf <dgdegra@tycho.nsa.gov>,
	"Daniel P. Smith" <dpsmith@apertussolutions.com>,
	"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>,
	Stefano Stabellini <sstabellini@kernel.org>
Subject: Re: [PATCH 0/9] MISRA C 2012 8.1 rule fixes
Date: Thu, 23 Jun 2022 23:14:40 +0200	[thread overview]
Message-ID: <9f315162-f88f-9d96-04a6-480313cd83f1@bugseng.com> (raw)
In-Reply-To: <3e86d233-7c9a-cd80-a744-c4bdd42ac85c@suse.com>


Hi Jan.

I know I will sound pedantic ;-)  but an important fact about
the MISRA standards is that reading the headline alone is almost
never enough.  In the specific of (advisory) Directive 4.6,
the Rationale says, among other things:

     It might be desirable not to apply this guideline when
     interfacing with The Standard Library or code outside
     the project’s control.

For this reason, size_t is typically set as an exception in the
tool configuration.  To properly deal with the many Standard Library
functions returning int, one can use a typedef named something
like "lib_int_t" to write, e.g.,

   const lib_int_t r = strncmp(...);

The lib_int_t typedef can be used with a suitable tool configuration,
just as I mentioned one would do with size_t.
Kind regards,

    Roberto

On 23/06/22 09:51, Jan Beulich wrote:
> On 23.06.2022 09:37, Roberto Bagnara wrote:
>> Rule 8.1 only applies to C90 code, as all the violating instances are
>> syntax errors in C99 and later versions of the language.  So,
>> the following line does not contain a violation of Rule 8.1:
>>
>>       unsigned x;
>>
>> It does contain a violation of Directive 4.6, though, whose correct
>> handling depends on the intention (uint32_t, uin64_t, size_t, ...).
> 
> Interesting - this goes straight against a rule we have set in
> ./CODING_STYLE. I'm also puzzled by you including size_t in your list
> of examples, when the spec doesn't. The sole "goal" of the directive
> (which is advisory only anyway) is to be able to determine allocation
> size. size_t size, however, varies as much as short, int, long, etc
> do.
> 
> Jan


      parent reply	other threads:[~2022-06-23 21:15 UTC|newest]

Thread overview: 39+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-20  7:02 [PATCH 0/9] MISRA C 2012 8.1 rule fixes Michal Orzel
2022-06-20  7:02 ` [PATCH 1/9] xen/arm: Use explicitly specified types Michal Orzel
2022-06-20  9:47   ` Julien Grall
2022-06-20  7:02 ` [PATCH 2/9] xen/domain: " Michal Orzel
2022-06-20  9:48   ` Julien Grall
2022-06-20  7:02 ` [PATCH 3/9] xen/common: " Michal Orzel
2022-06-20  9:49   ` Julien Grall
2022-06-20  9:51   ` Juergen Gross
2022-06-20  7:02 ` [PATCH 4/9] include/xen: " Michal Orzel
2022-06-20  9:53   ` Julien Grall
2022-06-20  7:02 ` [PATCH 5/9] include/public: " Michal Orzel
2022-06-20  9:54   ` Julien Grall
2022-06-20 10:07     ` Andrew Cooper
2022-06-21  8:43     ` Michal Orzel
2022-06-21  8:46       ` Julien Grall
2022-06-22 10:16   ` Jan Beulich
2022-06-22 10:56     ` Michal Orzel
2022-06-20  7:02 ` [PATCH 6/9] xsm/flask: " Michal Orzel
2022-06-21 14:27   ` Jason Andryuk
2022-06-20  7:02 ` [PATCH 7/9] common/libfdt: " Michal Orzel
2022-06-20  9:56   ` Julien Grall
2022-06-20  7:02 ` [PATCH 8/9] common/inflate: " Michal Orzel
2022-06-20  7:02 ` [PATCH 9/9] drivers/acpi: " Michal Orzel
2022-06-22 10:36   ` Jan Beulich
2022-06-22 11:09     ` Michal Orzel
2022-06-22 11:45       ` Jan Beulich
2022-06-22 10:25 ` [PATCH 0/9] MISRA C 2012 8.1 rule fixes Jan Beulich
2022-06-22 12:55   ` Michal Orzel
2022-06-22 13:01     ` Jan Beulich
2022-06-22 13:55       ` Bertrand Marquis
2022-06-22 14:10         ` Jan Beulich
2022-06-22 14:27           ` Bertrand Marquis
2022-06-22 14:41             ` Jan Beulich
2022-06-22 19:23               ` Stefano Stabellini
2022-06-23  7:32                 ` Jan Beulich
2022-06-23  7:37                 ` Roberto Bagnara
2022-06-23  7:51                   ` Jan Beulich
2022-06-23 18:23                     ` Stefano Stabellini
2022-06-23 21:14                     ` Roberto Bagnara [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9f315162-f88f-9d96-04a6-480313cd83f1@bugseng.com \
    --to=roberto.bagnara@bugseng.com \
    --cc=Bertrand.Marquis@arm.com \
    --cc=Michal.Orzel@arm.com \
    --cc=Volodymyr_Babchuk@epam.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=dfaggioli@suse.com \
    --cc=dgdegra@tycho.nsa.gov \
    --cc=dpsmith@apertussolutions.com \
    --cc=george.dunlap@citrix.com \
    --cc=jbeulich@suse.com \
    --cc=jgross@suse.com \
    --cc=julien@xen.org \
    --cc=sstabellini@kernel.org \
    --cc=wl@xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.