Re: [XEN PATCH] xen: Add SAF deviations for MISRA C:2012 Rule 7.1

[Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>]

On 10/10/2023 09:29, Luca Fancellu wrote:
> > > > /* SAF-x-safe */
> > > > if ( modrm_mod == MASK_EXTR(instr_modrm, 0300) && (modrm_reg & 7) ==
> > > > MASK_EXTR(instr_modrm, 0070) && (modrm_rm & 7)  == 
> > > > MASK_EXTR(instr_modrm,
> > > > 0007) )
> > > >
> > > > Any other ideas?
> > > Could we have a number in the comment to indicate the number of lines 
> > > the
> > > comment applies to?
> > Luca can confirm that what I am about to write is correct; my
> > understanding is that ECLAIR supports it, but cppcheck does not. Which
> > means for cppcheck we would have to translate the SAF tag with
> > xen_analyize to:
> >
> > /* cppcheck tag */
> > line1
> > /* cppcheck tag */
> > line2
> > /* cppcheck tag */
> > line3
> >
> > and that would end up changing the line numbers in the source files so
> > the cppcheck report wouldn't match with the original line numbers any
> > longer
> Yes, but it’s not only Cppcheck, it’s also Coverity that supports only
> the above notation.
>
> For Cppcheck we could do something, but for Coverity we can’t.
>
> Anyway, Stefano or Nicola, I would like to understand where Eclair
> reports the violation
> in the case of #define, does it report at the usage or at the 
> definition?
> Cheers,
> Luca
The report is at the usage site, but ECLAIR can be configured to deviate 
based on a comment
at the macro definition, or also just the macro name for reports of that 
rule (e.g. Q[1-3]):
#define M(a, b) (b)
/* -E> safe MC3R1.R7.1 1 blabla */
#define Q1(s) M(s, 0300)
/* -E> safe MC3R1.R7.1 1 blabla */
#define Q2(s) M(s, 0070)
/* -E> safe MC3R1.R7.1 1 blabla */
#define Q3(s) M(s, 0007)

void f(void) {
  int x = 1;
  int y = 2;
  if ( (x & 2) == Q1(y) &&
       (x & 3) == Q2(y) &&
       (x & 7) == Q3(y) )
  {
     y = y + 1;
  }
}

--
Nicola Vetrini, BSc
Software Engineer, BUGSENG srl (https://bugseng.com)