Re: MISRA-C and Zephyr


Flavio ceolin
 

Agree, we have to automate it as much as possible. But we can't just wait have all tools ready to start fixing the issues. Currently there are almost 8k violations on kernel. Any tool we setup will make a lot of noise. 

Some rules we will be able to check with coccinelle, but ideally we need a qualified tool with Misra c support. 

On Fri, Sep 14, 2018, 21:07 Kumar Gala <kumar.gala@...> wrote:
Not support MISRA directly, but I assume we can implement the MISRA checks either by configuring specific rules of cppcheck or implementing our own.  If there’s some MISRA checker out there, even better.

My point is we need something as part of the GitHub PR workflow that does a bunch of the checking otherwise this isn’t really going to work.  Plus it would be nice to have something we can add our own style rules into to help automate code review.

- k

> On Sep 14, 2018, at 10:54 PM, Nashif, Anas <anas.nashif@...> wrote:
>
> AFAIK none of the services you list below support MISRA, some do not even support C.
> We are looking at https://sonarcloud.io which has an integration with GH.
>
> Anas
>
>
>
> -----Original Message-----
> From: devel@... [mailto:devel@...] On Behalf Of Kumar Gala
> Sent: Friday, September 14, 2018 11:47 PM
> To: Ceolin, Flavio <flavio.ceolin@...>
> Cc: zephyr-devel@...; Nashif, Anas <anas.nashif@...>; Hibberd, Amber M <amber.m.hibberd@...>
> Subject: Re: [Zephyr-devel] MISRA-C and Zephyr
>
>
>> On Sep 14, 2018, at 1:46 PM, Flavio Ceolin <flavio.ceolin@...> wrote:
>>
>> Hi guys,
>>
>> Recently I start working on Zephyr to be compliant with MISRA-C. I'd
>> like to give you a brief overview about MISRA-C and why this is
>> valuable to Zephyr.
>>
>> MISRA-C is code guideline that define a subset of C that aims to make
>> embedded software safer, more secure and especially more portable. It
>> does it defining a set of guidelines that try to fill the gaps between
>> C specification and different implementations, it means things with
>> undefined behavior, unspecified behavior and things that the compiler
>> implementation is free to choose the behavior.
>>
>> That's been said, every MISRA-C guideline is classified as rule or
>> directive. These rules and directives are classified in mandatory,
>> required or advisory. Mandatory means that the code must be compliant
>> with the guideline, required the code also must be compliant but it's
>> possible creating a deviation, advisory are recommendations and don't
>> need a formal deviation if ignored.
>>
>> So, what about Zephyr ? Zephyr currently contains ~8k violations and
>> approximately half are either required or mandatory (~10). I'm filling
>> issues on github
>> (https://github.com/zephyrproject-rtos/zephyr/labels/MISRA-C) that
>> contains (I hope) enough information about the problem and some
>> suggestions to approach them. I ask everybody to take a look on them
>> and give opinions. Some of them required collaboration of diverse
>> code-owners and developers.
>>
>> To finish, why MISRA-C is valuable to Zephyr ?
>>
>> - Following a standard helps with maintainability of the code.
>> - Process standards like ISO26262 and IEC61508 used to develop
>> critical  products require that the code follows a code guideline
>> (ISO26262  explicitly recommends MISRA-C).
>> - Other proprietary RTOs are MISRA-C compliant, if we want to be more
>> with them, is good too.
>> - It'll help us spot problems bugs and avoid them. I've worked this
>> week  in two guidelines that are not that intrusive and I found at
>> least  three real bugs.
>> - We'll have less problems with different compilers, the mandatory
>> violations are regarding using specific gcc builtin functions.
>>
>> If you have any questions regarding MISRA-C lets discuss it :)
>>
>> Regards,
>> Flavio Ceolin
>
> Have you looked at various GitHub integration tools that might help check code for MISRA guidelines so we can automate such reviews in the future.
>
> Tools like:
>
> https://lgtm.com
> https://www.codacy.com
> https://www.codefactor.io/
>
> I think we need some automated way to check new PRs for issues before we invest a large amount of time fixing the code base, otherwise its just going to bitrot back to being non-MISRA compliant.
>
> - k
>
>




Join devel@lists.zephyrproject.org to automatically receive all group messages.