| Message ID | 38d6b849e0ed868f1025d4af548dcebe89bda42d.1718117557.git.nicola.vetrini@bugseng.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | address several violations of MISRA Rule 20.7 | expand |
On 11.06.2024 17:53, Nicola Vetrini wrote: > MISRA C Rule 20.7 states: "Expressions resulting from the expansion > of macro parameters shall be enclosed in parentheses". Therefore, some > macro definitions should gain additional parentheses to ensure that all > current and future users will be safe with respect to expansions that > can possibly alter the semantics of the passed-in macro parameter. > > No functional change. > > Signed-off-by: Nicola Vetrini <nicola.vetrini@bugseng.com> > --- > In this case the use of parentheses can detect misuses of the COMPILE_CHECK > macro for the fn argument that happen to pass the compile-time check > (see e.g. https://godbolt.org/z/n4zTdz595). While readability suffers a little, I'm okay with the approach taken: Reviewed-by: Jan Beulich <jbeulich@suse.com> I'd like to give in particular Andrew some time to possibly object, though. And anyway I don't think we want to rush any more Misra changes into 4.19. Jan
diff --git a/xen/include/xen/self-tests.h b/xen/include/xen/self-tests.h index 42a4cc4d17fe..58484fe5a8ae 100644 --- a/xen/include/xen/self-tests.h +++ b/xen/include/xen/self-tests.h @@ -19,11 +19,11 @@ #if !defined(CONFIG_CC_IS_CLANG) || CONFIG_CLANG_VERSION >= 80000 #define COMPILE_CHECK(fn, val, res) \ do { \ - typeof(fn(val)) real = fn(val); \ + typeof((fn)(val)) real = (fn)(val); \ \ if ( !__builtin_constant_p(real) ) \ asm ( ".error \"'" STR(fn(val)) "' not compile-time constant\"" ); \ - else if ( real != res ) \ + else if ( real != (res) ) \ asm ( ".error \"Compile time check '" STR(fn(val) == res) "' failed\"" ); \ } while ( 0 ) #else @@ -37,9 +37,9 @@ */ #define RUNTIME_CHECK(fn, val, res) \ do { \ - typeof(fn(val)) real = fn(HIDE(val)); \ + typeof((fn)(val)) real = (fn)(HIDE(val)); \ \ - if ( real != res ) \ + if ( real != (res) ) \ panic("%s: %s(%s) expected %u, got %u\n", \ __func__, #fn, #val, real, res); \ } while ( 0 )
MISRA C Rule 20.7 states: "Expressions resulting from the expansion of macro parameters shall be enclosed in parentheses". Therefore, some macro definitions should gain additional parentheses to ensure that all current and future users will be safe with respect to expansions that can possibly alter the semantics of the passed-in macro parameter. No functional change. Signed-off-by: Nicola Vetrini <nicola.vetrini@bugseng.com> --- In this case the use of parentheses can detect misuses of the COMPILE_CHECK macro for the fn argument that happen to pass the compile-time check (see e.g. https://godbolt.org/z/n4zTdz595). An alternative would be to deviate these macros, but since they are used to check the correctness of other code it seemed the better alternative to futher ensure that all usages of the macros are safe. --- xen/include/xen/self-tests.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)