| Message ID | 787aa5a65135796c825d366b43e00ba018c0065b.1710145041.git.simone.ballarin@bugseng.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | xen: address violation of MISRA C:2012 Directive 4.10 | expand |
On 11.03.2024 09:59, Simone Ballarin wrote: > From: Maria Celeste Cesario <maria.celeste.cesario@bugseng.com> > > Add safe deviation for *.c files, as estabilished in past discussion. > Add SAF deviation for files that need an #include directive before guard. While similar topics, the two are technically entirely different, and hence would likely again better be split. In fact I think I might ack the former as is, while ... > --- a/xen/include/public/arch-x86/xen.h > +++ b/xen/include/public/arch-x86/xen.h > @@ -7,6 +7,7 @@ > * Copyright (c) 2004-2006, K A Fraser > */ > > +/* SAF-7-safe include before guard needed for correct code generation */ > #include "../xen.h" > > #ifndef __XEN_PUBLIC_ARCH_X86_XEN_H__ ... I fear I lack details about the need for this, not even taking into account my earlier remark regarding the insertion of such comments in public headers. Why is the #include needed for our own purposes (we can't easily (re)move it entirely, as external consumers may rely on it)? The common case is for this header to be included from ../xen.h. In that case, aiui, the #include above has no effect at all, due to the guard in ../xen.h. Which leaves direct inclusions of the header here. There I'd expect a change like the one here to be accompanied by clarification of why those few cases can't be switched to including public/xen.h instead. Because if that was possible, doing so would allow us to get away here without any deviation. Jan
diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl b/automation/eclair_analysis/ECLAIR/deviations.ecl index 039ffaf52a..8082239ccc 100644 --- a/automation/eclair_analysis/ECLAIR/deviations.ecl +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl @@ -69,6 +69,11 @@ conform to the directive." -config=MC3R1.D4.10,reports+={safe, "first_area(text(^/\\* Generated file, do not edit! \\*/$, begin-3))"} -doc_end +-doc_begin="Including multiple times a .c file is safe because every function or data item +it defines would (in the common case) be already defined. Peer reviewed by the community." +-config=MC3R1.D4.10,reports+={safe, "all_area(all_loc(^.*\\.c$))"} +-doc_end + # # Series 5. # diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst index ce855ddae6..7b32dbd23f 100644 --- a/docs/misra/deviations.rst +++ b/docs/misra/deviations.rst @@ -30,6 +30,13 @@ Deviations related to MISRA C:2012 Directives: not to add an additional encapsulation layer. - Tagged as `deliberate` for ECLAIR. + * - D4.10 + - Including multiple times a .c file is safe because every function or data item + it defines would in (the common case) be already defined. + Peer reviewed by the community. + - Tagged as `safe` for ECLAIR. + + Deviations related to MISRA C:2012 Rules: ----------------------------------------- diff --git a/docs/misra/safe.json b/docs/misra/safe.json index 13208d18ec..dd61b47194 100644 --- a/docs/misra/safe.json +++ b/docs/misra/safe.json @@ -60,6 +60,14 @@ }, { "id": "SAF-7-safe", + "analyser": { + "eclair": "MC3R1.D4.10" + }, + "name": "Dir 4.10: include needed before guard", + "text": "These files need to start with an include directive to generate preprocessed code in the correct order." + }, + { + "id": "SAF-8-safe", "analyser": {}, "name": "Sentinel", "text": "Next ID to be used" diff --git a/xen/include/public/arch-x86/xen.h b/xen/include/public/arch-x86/xen.h index c0f4551247..0b2e9271f8 100644 --- a/xen/include/public/arch-x86/xen.h +++ b/xen/include/public/arch-x86/xen.h @@ -7,6 +7,7 @@ * Copyright (c) 2004-2006, K A Fraser */ +/* SAF-7-safe include before guard needed for correct code generation */ #include "../xen.h" #ifndef __XEN_PUBLIC_ARCH_X86_XEN_H__