[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MISRA C meeting tomorrow, was: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC

To: Jan Beulich <jbeulich@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
From: Roberto Bagnara <roberto.bagnara@xxxxxxxxxxx>
Date: Thu, 9 Jun 2022 13:17:45 +0200
Cc: George Dunlap <George.Dunlap@xxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Artem Mygaiev <Artem_Mygaiev@xxxxxxxx>, Andrew.Cooper3@xxxxxxxxxx, julien@xxxxxxx, Bertrand.Marquis@xxxxxxx, fusa-sig@xxxxxxxxxxxxxxxxxxxx, roberto.bagnara@xxxxxxxxxxx
Delivery-date: Thu, 09 Jun 2022 11:17:55 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 09/06/22 09:04, Jan Beulich wrote:

On 09.06.2022 03:20, Stefano Stabellini wrote:

Finally, for Rule 13.2, I updated the link to ECLAIR's results. There
are a lot more violations than just 4, but I don't know if they are
valid or false positives.


I've picked just the one case in xen/common/efi/ebmalloc.c to check,
and it says "possibly". That's because evaluation of function call
arguments involves the calling of (in this case two) further
functions. If those functions had side effects (which apparently the
tool can't figure), there would indeed be a problem.

The (Arm based) count of almost 10k violations is clearly a concern.
I don't consider it even remotely reasonable to add 10k comments, no
matter how brief, to cover all the false positives.


Again, the MISRA approach is a preventive one.
If you have reasons you want to write

   f(g(), h());

then declare g() and h() as pure (or const, if they are const).
E.g.:

#if COMPILER_SUPPORTS_PURE
#define PURE __attribute__((pure))
#else
#define PURE
#endif

int g(void) PURE;
int h(void) PURE;

It's good documentation, it improves compiler diagnostics,
and it satisfies Rule 13.2.
Kind regards,

   Roberto

Follow-Ups:
- Re: MISRA C meeting tomorrow, was: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
  - From: Jan Beulich

References:
- MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
  - From: George Dunlap
- Re: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
  - From: Stefano Stabellini
- Re: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
  - From: Stefano Stabellini
- Re: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
  - From: Jan Beulich
- Re: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
  - From: Stefano Stabellini
- MISRA C meeting tomorrow, was: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
  - From: Stefano Stabellini
- Re: MISRA C meeting tomorrow, was: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
  - From: Jan Beulich

Prev by Date: Re: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
Next by Date: Re: [PATCH v5 7/8] xen/x86: add detection of memory interleaves for different nodes
Previous by thread: Re: MISRA C meeting tomorrow, was: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
Next by thread: Re: MISRA C meeting tomorrow, was: MOVING COMMUNITY CALL Call for agenda items for 9 June Community Call @ 1500 UTC
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.