[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] misra: add deviations of MISRA C Rule 5.5

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>
  • Date: Mon, 28 Jul 2025 12:28:07 +0000
  • Accept-language: en-US, uk-UA, ru-RU
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BPm69sDucNqttJD9A0r5zXMOA5Ln3CP0phoraqzUc7Y=; b=b9l6axMUXLVDioOjRKZ49EmNCky7tXfu7AK4zyfd6hGqz/jKl1hF6xCRujbSuV7xP0LHCX3N/jjfr4poUj+2YUuRILFxV1j337vhmhBnp5MuK8V3P/u29o9jerkJmWX2i6RmflnWlIa322HMZvg+cMMwqmRqJdZOa+sW9HCDB+IZnYv7h2y9j29jdoHL6x8QqK2fDjJvqNk3l5e1dUvQNOgtVex8CyuFx/xk2hOrN0T1UsRbh5t6HKbS4J5TCDQzM+cIBB/LHPIVJMROikc5TccMHomSy0sAlLEMr/FBDQkoJGeLKAZBwrQZTlwpzbfmOdNDC4Qhg1vzovvrjC0c5g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=TIh097bKp3mfNNUdAKLGBjk3xZHH/ttTvvvKRovpUL5KiXhUEoCU2CQyUQivSpJWRTb6KhUO9taUeFKYruenifp9n9/jXkno2qiZasYjID0GdotLX0jMmZdFCaaakEAm0F6gScxDuq107t/SUBTpfoIFQ9vLte+oLEyZ7g160Nj689qA21xJZJAi54c4c0SonHbCiEzNrSpCGU9VVnWdzhsFjY+uWLypK+jQZegFgt2xLDXgB96Sb5c/DkBqnDKCQjvbGhNxnFk98yV1RSTOQzuqzxNyBPWc5zIafrV31bhXSebu5wxeGocIRhEvvBCYiVwDts+PCzHm1XSnLfOlwQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
  • Cc: Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Jbeulich <jbeulich@xxxxxxxx>, Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
  • Delivery-date: Mon, 28 Jul 2025 12:28:28 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHb/YCHt9uHUQWtj0esBUS8Oj/ZKbRHS1IAgAARIYCAAAXwAIAAGL8A
  • Thread-topic: [PATCH v2] misra: add deviations of MISRA C Rule 5.5

On 7/28/25 13:59, Andrew Cooper wrote:
> On 28/07/2025 11:38 am, Nicola Vetrini wrote:
>> On 2025-07-28 11:36, Jan Beulich wrote:
>>> On 25.07.2025 18:24, Dmytro Prokopchuk1 wrote:
>>>> --- a/docs/misra/deviations.rst
>>>> +++ b/docs/misra/deviations.rst
>>>> @@ -142,6 +142,31 @@ Deviations related to MISRA C:2012 Rules:
>>>>          memmove.
>>>>        - Tagged as `deliberate` for ECLAIR.
>>>>
>>>> +   * - R5.5
>>>> +     - Clashes between bitops functions and macros names are
>>>> deliberate and are
>>>> +       needed for input validation and error handling, ensures that
>>>> the size of
>>>> +       the object being pointed to by 'addr' meets the minimum
>>>> requirements for
>>>> +       the bit operation, preventing unsafe operations on
>>>> improperly sized data
>>>> +       types that could lead to undefined behavior or memory
>>>> corruption.
>>>> +       The macros encapsulate this conditional logic into a single,
>>>> reusable form;
>>>> +       which simplifies the code, avoids redundant function call.
>>>> +     - Specified macros should be ignored.
>>>
>>> At the risk of going too far with nitpicking: Who are "specified
>>> macros" here? The
>>> text doesn't mention any names. In fact, the way it's written it
>>> could be taken to
>>> mean all macros there, including any that are yet to be added. I
>>> don't think such
>>> is appropriate for a deviation.
>>>
>>
>> I agree with Jan here. Either you make a single deviation record
>> encompassing all deviated macros or you have one per deviation (e.g.,
>> one for irq.h, one for grant_table.h and one for bitops.h) listing the
>> macros that are considered. For bitops it might be a concern the
>> actual functions going out of sync, but in that case you could just
>> spell out the deviation and say "all pairs functions/macros in file
>> <file> that are defined using the same identifier" or something similar.
> 
> Honestly, while these examples might be deliberate, they're also bad code.
> 
> I do not intent to let the bitops aliases survive the cleanup/fixes I
> have planned, but I also don't have any idea when I'll get to that work.
> 
> What we really want to express is "these are begrudgingly accepted in
> the short term.  don't copy this pattern, and if you can fix it, please do".
> 
> ~Andrew

Hi Andrew!

Perhaps I can try to fix these names clashes.

For clarity.
I would like to rename macros names with capital letters.
Like this:
-#define __test_and_change_bit(nr, addr) ({              \
+#define TEST_AND_CHANGE_BIT(nr, addr) ({              \
      if ( bitop_bad_size(addr) ) __bitop_bad_size();     \
      __test_and_change_bit(nr, addr);                    \
  })

Are you OK with such approach?

Or did you mean other?

Dmytro.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.