Re: [PATCH] docs/misra: add rules 10.1 10.2 10.3 10.4

Fri, 25 Aug 2023 06:45:19 -0700 



On 25/08/2023 14:40, Jan Beulich wrote:

On 24.08.2023 01:14, Stefano Stabellini wrote:

--- a/docs/misra/rules.rst
+++ b/docs/misra/rules.rst
@@ -318,6 +318,58 @@ maintainers if you want to suggest a change.
       - An element of an object shall not be initialized more than once
       -

  
+   * - `Rule 10.1 <https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_10_01.c>`_

+     - Required
+     - Operands shall not be of an inappropriate essential type
+     - The following are allowed:
+         - Value-preserving conversions of integer constants
+         - Bitwise and, or, xor, one's complement, bitwise and assignment,
+           bitwise or assignment, bitwise xor assignment (bitwise and, or, xor
+           are safe on non-negative integers; also Xen assumes two's complement
+           representation)
+         - Left shift, right shift, left shift assignment, right shift
+           assignment (see C-language-toolchain.rst for assumptions on
+           compilers' extensions)


Is "assumptions" the right term here? We don't just assume these are there,
we actually checked their doc and behavior. Maybe simply "uses of" instead?


+         - Implicit conversions to boolean for logical operators' arguments


What is "logical operators" here? Perhaps this wants to be "conditionals"
instead, to cover all of ?:, if(), while(), for() (did I forget any?), of
which only the first is an operator?


+   * - `Rule 10.3 
<https://gitlab.com/MISRA/MISRA-C/MISRA-C-2012/Example-Suite/-/blob/master/R_10_03.c>`_
+     - Required
+     - The value of an expression shall not be assigned to an object
+       with a narrower essential type or of a dierent essential type


Nit: ff missing?


+       category
+     - Please beware that this rule has many violations in the Xen
+       codebase today, and its adoption is aspirational. However, when
+       submitting new patches please try to decrease the number of
+       violations when possible.
+
+       gcc has a helpful warning that can help you spot and remove
+       violations of this kind: conversion. For instance, you can use
+       it as follows:
+
+       cd xen; CFLAGS="-Wconversion -Wno-error=sign-conversion 
-Wno-error=conversion" make


Maybe slightly shorter as

CFLAGS="-Wconversion -Wno-error=sign-conversion -Wno-error=conversion" make -C 
xen

?



+1. It also means that the command can be called multiple time without 
having to type 'cd -' between.


Cheers,

--
Julien Grall























					Reply via email to