Xen project Mailing List

Re: [PATCH v2] docs/misra: add R21.6 R21.9 R21.10 R21.14 R21.15 R21.16

From: Stefano Stabellini <sstabellini@xxxxxxxxxx>

Date: Fri, 26 Apr 2024 14:30:37 -0700 (PDT)

Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

Delivery-date: Fri, 26 Apr 2024 21:30:48 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, 26 Apr 2024, Jan Beulich wrote: > On 26.04.2024 01:31, Stefano Stabellini wrote: > > --- a/docs/misra/rules.rst > > +++ b/docs/misra/rules.rst > > @@ -652,12 +652,72 @@ maintainers if you want to suggest a change. > > declared > > - See comment for Rule 21.1 > > > > + * - `Rule 21.6 > > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_21_06.c>`_ > > + - Required > > + - The Standard Library input/output routines shall not be used > > + - Xen doesn't provide, use, or link against any Standard Library. > > + Xen implements itself a few functions with names that match the > > + corresponding function names of the Standard Library for > > + developers' convenience. These functions are part of the Xen code > > + and subject to analysis. > > + > > + * - `Rule 21.9 > > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_21_09.c>`_ > > + - Required > > + - The library functions bsearch and qsort of <stdlib.h> shall not be > > used > > + - Xen doesn't provide, use, or link against any Standard Library. > > + Xen implements itself a few functions with names that match the > > + corresponding function names of the Standard Library for > > + developers' convenience. These functions are part of the Xen code > > + and subject to analysis. > > + > > + * - `Rule 21.10 > > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_21_10.c>`_ > > + - Required > > + - The Standard Library time and date routines shall not be used > > + - Xen doesn't provide, use, or link against any Standard Library. > > + Xen implements itself a few functions with names that match the > > + corresponding function names of the Standard Library for > > + developers' convenience. These functions are part of the Xen code > > + and subject to analysis. > > + > > * - `Rule 21.13 > > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_21_13.c>`_ > > - Mandatory > > - Any value passed to a function in <ctype.h> shall be representable > > as an > > unsigned char or be the value EOF > > - > > Up to here, did you consider adding a short reference to some common blob > (footnote or alike), rather than repeating the same text verbatim several > times? I can look into it > > + * - `Rule 21.14 > > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_21_14.c>`_ > > + - Required > > + - The Standard Library function memcmp shall not be used to compare > > + null terminated strings > > + - Xen doesn't provide, use, or link against any Standard Library. > > + Xen implements itself a few functions with names that match the > > + corresponding function names of the Standard Library for > > + developers' convenience. These functions are part of the Xen code > > + and subject to analysis. > > + > > + * - `Rule 21.15 > > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_21_15.c>`_ > > + - Required > > + - The pointer arguments to the Standard Library functions memcpy, > > + memmove and memcmp shall be pointers to qualified or unqualified > > + versions of compatible types > > + - Xen doesn't provide, use, or link against any Standard Library. > > + Xen implements itself a few functions with names that match the > > + corresponding function names of the Standard Library for > > + developers' convenience. These functions are part of the Xen code > > + and subject to analysis. > > + > > + * - `Rule 21.16 > > <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_21_16.c>`_ > > + - Required > > + - The pointer arguments to the Standard Library function memcmp > > + shall point to either a pointer type, an essentially signed type, > > + an essentially unsigned type, an essentially Boolean type or an > > + essentially enum type > > + - void* arguments are allowed. Xen doesn't provide, use, or link > > + against any Standard Library. Xen implements itself a few > > + functions with names that match the corresponding function names > > + of the Standard Library for developers' convenience. These > > + functions are part of the Xen code and subject to analysis. > > For all three of these I'm not convinced the remark is appropriate. These > talk about specific properties of the functions, which aren't related to > risks associated with particular (and hence potentially varying) library > implementations. Good point

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.