[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen staging] misra: add deviation of Rule 10.1 for unary minus

commit 53dd9f3e92c12abe3e5ae9207d608bb7afb6dca8
Author:     Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
AuthorDate: Mon Jul 14 16:14:57 2025 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Mon Jul 14 16:14:57 2025 +0200

    misra: add deviation of Rule 10.1 for unary minus
    
    MISRA C Rule 10.1 states:
    "Operands shall not be of an inappropriate essential type"
    
    The unary minus operator applied to an unsigned type(s) has
    a semantics (wrap around) that is well-defined by the toolchains.
    Thus, this operation is deemed safe.
    
    No functional change.
    
    Signed-off-by: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
    Signed-off-by: Federico Serafini <federico.serafini@xxxxxxxxxxx>
    Signed-off-by: Victor Lira <victorm.lira@xxxxxxx>
    Reviewed-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>
    Signed-off-by: Dmytro Prokopchuk <dmytro_prokopchuk1@xxxxxxxx>
---
 automation/eclair_analysis/ECLAIR/deviations.ecl | 6 ++++++
 docs/misra/deviations.rst                        | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/automation/eclair_analysis/ECLAIR/deviations.ecl 
b/automation/eclair_analysis/ECLAIR/deviations.ecl
index e8f513fbc5..8504e850c1 100644
--- a/automation/eclair_analysis/ECLAIR/deviations.ecl
+++ b/automation/eclair_analysis/ECLAIR/deviations.ecl
@@ -342,6 +342,12 @@ constant expressions are required.\""
   "any()"}
 -doc_end
 
+-doc_begin="Unary minus operations on unsigned type(s) have a semantics (wrap 
around) that is well-defined by the toolchains."
+-config=MC3A2.R10.1,etypes+={safe,
+  "stmt(node(unary_operator)&&operator(minus))",
+  "src_expr(definitely_in(0..))"}
+-doc_end
+
 #
 # Series 11
 #
diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst
index 0d56d45b66..620e97f0bd 100644
--- a/docs/misra/deviations.rst
+++ b/docs/misra/deviations.rst
@@ -325,6 +325,12 @@ Deviations related to MISRA C:2012 Rules:
        If no bits are set, 0 is returned.
      - Tagged as `safe` for ECLAIR.
 
+   * - R10.1
+     - Applying the unary minus operator to unsigned type(s) has a
+       semantics (wrap around) that is well-defined by the toolchains.
+       For this reason, the operation is safe.
+     - Tagged as `safe` for ECLAIR.
+
    * - R11.1
      - The conversion from a function pointer to unsigned long or (void \*) 
does
        not lose any information, provided that the target type has enough bits
--
generated by git-patchbot for /home/xen/git/xen.git#staging

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.