On 30.07.2025 23:39, Dmytro Prokopchuk1 wrote:
> MISRA C Rule 5.5 states that: "Identifiers shall
> be distinct from macro names".
>
> Update ECLAIR configuration to deviate clashes:
> specify the macros that should be ignored.
> Update deviations.rst and rules.rst accordingly.
>
> Signed-off-by: Dmytro Prokopchuk <dmytro_prokopch...@epam.com>
Nit (along the lines of my comments on the other patch): Make better use of line
capacity here.
> --- a/automation/eclair_analysis/ECLAIR/deviations.ecl
> +++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
> @@ -117,6 +117,16 @@ it defines would (in the common case) be already
> defined. Peer reviewed by the c
> -config=MC3A2.R5.5,reports+={deliberate,
> "any_area(decl(kind(function))||any_loc(macro(name(memcpy||memset||memmove))))&&any_area(any_loc(file(^xen/common/libelf/libelf-private\\.h$)))"}
> -doc_end
>
> +-doc_begin="Clashes between bitops function and macro names are deliberate.
> +These macros are needed for input validation and error handling."
> +-config=MC3A2.R5.5,ignored_macros+="name(__test_and_set_bit||__test_and_clear_bit||__test_and_change_bit||test_bit||set_bit||clear_bit||change_bit||test_and_set_bit||test_and_clear_bit||test_and_change_bit)"
> +-doc_end
I have no idea whether regular expressions could be used here. If so, shortening
this at least some may be desirable.
> +-doc_begin="Clashes between grant table functions and macros names are
> deliberate.
> +These macros address differences in argument count during compile-time,
> effectively discarding unused parameters to avoid warnings or errors related
> to them."
> +-config=MC3A2.R5.5,ignored_macros+="name(update_gnttab_par||parse_gnttab_limit)"
> +-doc_end
No restriction to common/grant_table.c?
> --- a/docs/misra/deviations.rst
> +++ b/docs/misra/deviations.rst
> @@ -142,6 +142,28 @@ Deviations related to MISRA C:2012 Rules:
> memmove.
> - Tagged as `deliberate` for ECLAIR.
>
> + * - R5.5
> + - Clashes between bitops ('__test_and_set_bit', '__test_and_clear_bit',
> + '__test_and_change_bit', 'test_bit', 'set_bit', 'clear_bit',
> 'change_bit',
> + 'test_and_set_bit', 'test_and_clear_bit', 'test_and_change_bit')
> + functions and macros names are deliberate and are needed for input
Nit: "macro names"
> + validation and error handling, ensures that the size of the object
> being
s/ensures/to ensure/ ?
> + pointed to by 'addr' meets the minimum requirements for the bit
> operation,
'addr' is pretty meaningless here.
> + preventing unsafe operations on improperly sized data types that could
> + lead to undefined behavior or memory corruption.
> + The macros encapsulate this conditional logic into a single, reusable
> form;
> + which simplifies the code, avoids redundant function call.
What's "redundant" referring to here?
> + Also this bitops API was inherited from Linux and should be kept for
> familiarity.
At least this line is clearly beyond 80 chars.
Jan
