[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] docs/misra: add R11.1 R11.2 R11.3 R11.6

On Tue, 14 Nov 2023, Jan Beulich wrote:
> On 14.11.2023 00:44, Stefano Stabellini wrote:
> > --- a/docs/misra/rules.rst
> > +++ b/docs/misra/rules.rst
> > @@ -383,6 +383,38 @@ maintainers if you want to suggest a change.
> >  
> >         CFLAGS="-Warith-conversion -Wno-error=arith-conversion" make -C xen
> >  
> > +   * - `Rule 11.1 
> > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_01.c>`_
> > +     - Required
> > +     - Conversions shall not be performed between a pointer to a
> > +       function and any other type
> > +     - All conversions to integer types are permitted if the destination
> > +       type has enough bits to hold the entire value. Conversions to
> > +       bool and void* are permitted.
> > +
> > +   * - `Rule 11.2 
> > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_02.c>`_
> > +     - Required
> > +     - Conversions shall not be performed between a pointer to an
> > +       incomplete type and any other type
> > +     - All conversions to integer types are permitted if the destination
> > +       type has enough bits to hold the entire value. Conversions to
> > +       bool and void* are permitted.
> 
> Assuming the rule's exception 2 really means void, not void*, the mentioning
> of void* here is still fine.
> 
> > +   * - `Rule 11.3 
> > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_03.c>`_
> > +     - Required
> > +     - A cast shall not be performed between a pointer to object type
> > +       and a pointer to a different object type
> > +     - All conversions to integer types are permitted if the destination
> > +       type has enough bits to hold the entire value. Conversions to
> > +       bool and void* are permitted.
> 
> Here and ...
> 
> > +   * - `Rule 11.6 
> > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_06.c>`_
> > +     - Required
> > +     - A cast shall not be performed between pointer to void and an
> > +       arithmetic type
> > +     - All conversions to integer types are permitted if the destination
> > +       type has enough bits to hold the entire value. Conversions to
> > +       bool and void* are permitted.
> 
> ... here, however I consider its mentioning misleading: "void" is neither
> an object type nor an arithmetic one.

Yes I think here it is misleading. I'll remove the mention of void* for
Rule 11.6. I'll keep it for Rule 11.1 and 11.2.

For Rule 11.3, I think I should remove the entire note as it is not
helpful.


---
[PATCH v2] docs/misra: add R11.1 R11.2 R11.3 R11.6

Add MISRA C Rules 11.1, 11.2, 11.3, 11.6 as discussed.

Explicitly add in the notes that conversions to integer types are
permitted if the destination type has enough bits to hold the entire
value. GCC gives enough guarantees in terms of preserving the bit
content in such situations.

Also allow for bool conversions (e.g. to check if a function point is
valid).

Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxx>

diff --git a/docs/misra/rules.rst b/docs/misra/rules.rst
index aa65eb4dd0..da343ab3ac 100644
--- a/docs/misra/rules.rst
+++ b/docs/misra/rules.rst
@@ -383,6 +383,36 @@ maintainers if you want to suggest a change.
 
        CFLAGS="-Warith-conversion -Wno-error=arith-conversion" make -C xen
 
+   * - `Rule 11.1 
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_01.c>`_
+     - Required
+     - Conversions shall not be performed between a pointer to a
+       function and any other type
+     - All conversions to integer types are permitted if the destination
+       type has enough bits to hold the entire value. Conversions to
+       bool and void* are permitted.
+
+   * - `Rule 11.2 
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_02.c>`_
+     - Required
+     - Conversions shall not be performed between a pointer to an
+       incomplete type and any other type
+     - All conversions to integer types are permitted if the destination
+       type has enough bits to hold the entire value. Conversions to
+       bool and void* are permitted.
+
+   * - `Rule 11.3 
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_03.c>`_
+     - Required
+     - A cast shall not be performed between a pointer to object type
+       and a pointer to a different object type
+     -
+
+   * - `Rule 11.6 
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_06.c>`_
+     - Required
+     - A cast shall not be performed between pointer to void and an
+       arithmetic type
+     - All conversions to integer types are permitted if the destination
+       type has enough bits to hold the entire value. Conversions to
+       bool are permitted.
+
    * - `Rule 11.7 
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_11_07.c>`_
      - Required
      - A cast shall not be performed between pointer to object and a 
noninteger arithmetic type

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.