[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] misra: tailor the definition of Rule 12.2 to C standard types

  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>
  • Date: Wed, 16 Jul 2025 12:07:56 +0000
  • Accept-language: en-US, uk-UA, ru-RU
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HDbNjGaYD8yV9+VttaUaCF0qxIZx4mdAh+Vdd/hW/iI=; b=KvXuTTyrEjEUliHsL1vsBOtMWA63/pBrXH+AWYHPivnj6XlTD1NN/pEZFeldCgbCP+F141Elyfak5rTrambbk9qfGRsz2uhMgZF6cUa/xl3LJ5mECkV+iuEKhKkS4VQ1TAMjOl5qmSotw8gyCLlV+Ouk1+RDsYJ9Vjcb55HLk1F/9tDSfFv+ZWNE8FCnT0aGsc7PKsBsn3EpO8g3BR20ugCDYxPG2MYQaXmss9r5O4VAPpcR55h0zf/4d5b1U+CQnTIRy6UgWIIX2G/3kKZeXiRnaRDLtoX6l+J9yRa0+2o/seAVVpv7E298uGKCV9REFgY4iJdwsx8a2c6znkKA8A==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=vVI9U66QfScmxFVk6qwCZnkjggVhfdySY5WnM58cvBM6XDe9hGDlh8SSytarH4AzBgQ0jXk7ixoAM5wugNSmjgeaMq0fpw/akUK2tV8aUjvNSPB174lbm1txKvh9/N0NsZn5CDnK6b8LbcgR5jByX5cOLSWkGyE2JLtmlZOBCJYA67ZmA4cHx9cJ3S9zSIVt8qUnzj+Z9PySfUTEX3OwHbCbvoAwbdEGCJ08GYLRD2XRJn3xcKB8BmM0qwR+fQQRwBtxTascmS8DwBpJrcLlf0/LoTyQsi7jvxqVXMEqkTldC3rGKmyvNyrik2HEq/rD1cZIJzU21zl+fDsXswAC4A==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
  • Cc: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Wed, 16 Jul 2025 12:08:09 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHb9kpD31dTcYF/7UCF8hLOSjEN6g==
  • Thread-topic: [PATCH] misra: tailor the definition of Rule 12.2 to C standard types
From: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>

The definition of MISRA C Rule 12.2 ("The right hand operand of a shift
operator shall lie in the range zero to one less than the width in bits
of the essential type of the left hand operand") is concerned with the
essential type of an expression, while the C Undefined Behaviour is
related to C standard types, which may be wider but not narrower than
the MISRA C essential type. For this reason, it is safe to consider the
C standard type, rather than the essential type when checking the rule.

To avoid regressions, tag the rule as clean and add it to the
monitored set.

Signed-off-by: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
---
 automation/eclair_analysis/ECLAIR/deviations.ecl | 8 ++++++++
 automation/eclair_analysis/ECLAIR/monitored.ecl  | 1 +
 automation/eclair_analysis/ECLAIR/tagging.ecl    | 1 +
 docs/misra/deviations.rst                        | 8 ++++++++
 4 files changed, 18 insertions(+)

diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl 
b/automation/eclair_analysis/ECLAIR/deviations.ecl
index 8504e850c1..483507e7b9 100644
--- a/automation/eclair_analysis/ECLAIR/deviations.ecl
+++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
@@ -413,6 +413,14 @@ write or not"
 }
 -doc_end
 
+#
+# Series 12
+#
+
+-doc_begin="Consider the C standard type instead of the essential type for the 
purposes of determining the width in bits of the operand."
+-config=MC3A2.R12.2,out_of_bounds=negative_or_too_big_for_type
+-doc_end
+
 #
 # Series 13
 #
diff --git a/automation/eclair_analysis/ECLAIR/monitored.ecl 
b/automation/eclair_analysis/ECLAIR/monitored.ecl
index e2ad224d79..00bff9edbe 100644
--- a/automation/eclair_analysis/ECLAIR/monitored.ecl
+++ b/automation/eclair_analysis/ECLAIR/monitored.ecl
@@ -48,6 +48,7 @@
 -enable=MC3A2.R11.7
 -enable=MC3A2.R11.8
 -enable=MC3A2.R11.9
+-enable=MC3A2.R12.2
 -enable=MC3A2.R12.5
 -enable=MC3A2.R13.1
 -enable=MC3A2.R13.2
diff --git a/automation/eclair_analysis/ECLAIR/tagging.ecl 
b/automation/eclair_analysis/ECLAIR/tagging.ecl
index f39beced9b..879485b680 100644
--- a/automation/eclair_analysis/ECLAIR/tagging.ecl
+++ b/automation/eclair_analysis/ECLAIR/tagging.ecl
@@ -63,6 +63,7 @@ MC3A2.R11.2||
 MC3A2.R11.6||
 MC3A2.R11.7||
 MC3A2.R11.9||
+MC3A2.R12.2||
 MC3A2.R12.5||
 MC3A2.R13.2||
 MC3A2.R13.6||
diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst
index 620e97f0bd..e78179fcb8 100644
--- a/docs/misra/deviations.rst
+++ b/docs/misra/deviations.rst
@@ -386,6 +386,14 @@ Deviations related to MISRA C:2012 Rules:
        integers for this purpose is allowed.
      - Tagged as `deliberate` for ECLAIR.
 
+   * - R12.2
+     - The width in bits of the C standard type is considered instead of
+       the width of the essential type of the left-hand operand of a shift
+       operator. This is safe because the occurrence of Undefined Behavior
+       only relates to the width of the C standard type, which is possibly
+       wider than its essential type.
+     - Project-wide deviation.
+
    * - R13.5
      - All developers and reviewers can be safely assumed to be well aware of
        the short-circuit evaluation strategy for logical operators.
-- 
2.43.0

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.