|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen master] misra: tailor the definition of Rule 12.2 to C standard types
commit 79750f639acf752436af7ce00f3e0f19b71a20d8
Author: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
AuthorDate: Thu Jul 17 12:48:54 2025 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Thu Jul 17 12:48:54 2025 +0200
misra: tailor the definition of Rule 12.2 to C standard types
The definition of MISRA C Rule 12.2 ("The right hand operand of a shift
operator shall lie in the range zero to one less than the width in bits
of the essential type of the left hand operand") is concerned with the
essential type of an expression, while the C Undefined Behaviour is
related to C standard types, which may be wider but not narrower than
the MISRA C essential type. For this reason, it is safe to consider the
C standard type, rather than the essential type when checking the rule.
To avoid regressions, tag the rule as clean and add it to the
monitored set.
Signed-off-by: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
Signed-off-by: Dmytro Prokopchuk <dmytro_prokopchuk1@xxxxxxxx>
Reviewed-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>
---
automation/eclair_analysis/ECLAIR/deviations.ecl | 8 ++++++++
automation/eclair_analysis/ECLAIR/monitored.ecl | 1 +
automation/eclair_analysis/ECLAIR/tagging.ecl | 1 +
docs/misra/deviations.rst | 8 ++++++++
4 files changed, 18 insertions(+)
diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl
b/automation/eclair_analysis/ECLAIR/deviations.ecl
index 8504e850c1..483507e7b9 100644
--- a/automation/eclair_analysis/ECLAIR/deviations.ecl
+++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
@@ -413,6 +413,14 @@ write or not"
}
-doc_end
+#
+# Series 12
+#
+
+-doc_begin="Consider the C standard type instead of the essential type for the
purposes of determining the width in bits of the operand."
+-config=MC3A2.R12.2,out_of_bounds=negative_or_too_big_for_type
+-doc_end
+
#
# Series 13
#
diff --git a/automation/eclair_analysis/ECLAIR/monitored.ecl
b/automation/eclair_analysis/ECLAIR/monitored.ecl
index e2ad224d79..00bff9edbe 100644
--- a/automation/eclair_analysis/ECLAIR/monitored.ecl
+++ b/automation/eclair_analysis/ECLAIR/monitored.ecl
@@ -48,6 +48,7 @@
-enable=MC3A2.R11.7
-enable=MC3A2.R11.8
-enable=MC3A2.R11.9
+-enable=MC3A2.R12.2
-enable=MC3A2.R12.5
-enable=MC3A2.R13.1
-enable=MC3A2.R13.2
diff --git a/automation/eclair_analysis/ECLAIR/tagging.ecl
b/automation/eclair_analysis/ECLAIR/tagging.ecl
index f39beced9b..879485b680 100644
--- a/automation/eclair_analysis/ECLAIR/tagging.ecl
+++ b/automation/eclair_analysis/ECLAIR/tagging.ecl
@@ -63,6 +63,7 @@ MC3A2.R11.2||
MC3A2.R11.6||
MC3A2.R11.7||
MC3A2.R11.9||
+MC3A2.R12.2||
MC3A2.R12.5||
MC3A2.R13.2||
MC3A2.R13.6||
diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst
index 620e97f0bd..e78179fcb8 100644
--- a/docs/misra/deviations.rst
+++ b/docs/misra/deviations.rst
@@ -386,6 +386,14 @@ Deviations related to MISRA C:2012 Rules:
integers for this purpose is allowed.
- Tagged as `deliberate` for ECLAIR.
+ * - R12.2
+ - The width in bits of the C standard type is considered instead of
+ the width of the essential type of the left-hand operand of a shift
+ operator. This is safe because the occurrence of Undefined Behavior
+ only relates to the width of the C standard type, which is possibly
+ wider than its essential type.
+ - Project-wide deviation.
+
* - R13.5
- All developers and reviewers can be safely assumed to be well aware of
the short-circuit evaluation strategy for logical operators.
--
generated by git-patchbot for /home/xen/git/xen.git#master
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |