Misra-C与X-macros兼容吗?
[英]Is Misra-C compatible with X-macros?
问题描述
It could be argued that in many cases X-macros increase safety, because it makes easier to make sure that generated arrays are the same length for example. 
可以说,在许多情况下,X宏增加了安全性,因为例如,更容易确保生成的数组长度相同。
However, Misra C (from 2004 reference) rules seem to have a lot of preprocessor rules that restrict the usage: 但是,Misra C(来自2004参考)规则似乎有很多限制使用的预处理器规则:
Rule 19.1 (advisory) #include statements in a file should only be preceded by other preprocessor directives or comments.
Troublesome if source table is in other file which is included to generate array for example. 如果源表位于包含的其他文件中,例如生成数组,则很麻烦。 But this is advisory rule so it can be worked around. 但这是一个咨询规则,因此可以解决。
Rule 19.4 (required) C macros shall only expand to a braced initializer, a constant, a string literal, a parenthesized expression, a type qualifier, a storage class specifier, or a do-while-zero construct.
Should not be issue since most X-macros are used to generate array initializers or constants. 不应该是问题,因为大多数X宏用于生成数组初始化器或常量。
Rule 19.6 (required) #undef shall not be used.
Makes some X-macro usage patterns impossible. 使一些X-macro使用模式变得不可能。 Unfortunate, but doesn't outright prevent X-macros. 不幸的是,但并没有完全阻止X-macros。
Rule 19.7 (advisory) A function should be used in preference to a function-like macro.
Advisory rule only. 仅限咨询规则。
Rule 19.12 (required) There shall be at most one occurrence of the # or ## preprocessor operators in a single macro definition.
Can be worked around using nested macros. 可以使用嵌套宏来解决。
Rule 19.13 (advisory) The # and ## preprocessor operators should not be used.
Troublesome when generating enums for example, but again this is only advisory rule. 例如,在生成枚举时很麻烦,但这只是一个建议规则。
Rule 19.15 (required) Precautions shall be taken in order to prevent the contents of a header file being included twice.
Troublesome in some scenarios, but can be worked around. 在某些情况下很麻烦,但可以解决。
Looking at the above, it seems that it is possible to use X-macros with Misra C code, if you are careful. 看看上面的内容,如果你小心的话,似乎可以使用带有Misra C代码的X-macros。
Is my conclusion correct, or is there some rule I am missing? 我的结论是正确的,还是有一些我失踪的规则?
2 个解决方案
解决方案1
5 已采纳 2018-09-27 09:50:33
Using X-macros to increase type safety is in my opinion a rather weak argument. 在我看来,使用X-macro来提高类型安全性是一个相当弱的论点。 The main thing they do is to ease maintenance and eliminate problems with code repetition. 他们做的主要是简化维护并消除代码重复的问题。 But like any function-like macros, they are the last resort when everything else fails. 但是像任何类似函数的宏一样,当其他一切都失败时,它们是最后的手段。
The proper way to ensure that arrays are of the correct lengths etc is to use static_assert (or some hack:ish pre-C11 mechanism) that yields a compile-time error. 确保数组长度正确等的正确方法是使用static_assert (或一些hack:ish pre-C11机制),这会产生编译时错误。
Addressing your concerns one at a time: 一次解决一个问题:
-
include statements in a file should only be preceded by other preprocessor directives or comments.
文件中的include语句只能在其他预处理程序指令或注释之前。 ... Troublesome if source table is in other file which is included... ...如果源表位于包含的其他文件中,则很麻烦...... This is a sound rule and there is no reason to deviate from it.
这是一个合理的规则,没有理由偏离它。 If you have a source table in another file which you #include, then what's the problem?如果你在#include另一个文件中有一个源表,那么问题是什么? The rule doesn't speak of the pre-processed header file.规则没有提到预处理的头文件。 The main reason for the rule is to prevent people from tossing in
#includein the middle of a file somewhere.规则的主要原因是防止人们在某个文件中间的#include中抛出。 (Which is most likely caused by some left-over debug code.)(这很可能是由一些遗留调试代码引起的。) -
Rule 19.4 (required) C macros shall only expand to a braced initializer, a constant, a string literal, a parenthesized expression, a type qualifier, a storage class specifier, or a do-while-zero construct.
规则19.4(必需)C宏只能扩展为支撑初始值设定项,常量,字符串文字,带括号的表达式,类型限定符,存储类说明符或do-while-zero结构。 If interpreted as the (recursively) expanded macros, it shouldn't be a problem, since X macros should boil down to constants, types etc in the end.
如果解释为(递归)扩展宏,它应该不是问题,因为X宏最终应该归结为常量,类型等。 The rule says "expand" so my take is that it refers to the fully expanded macros. 规则说“扩展”所以我的看法是它指的是完全扩展的宏。 This rule has been dropped entirely in MISRA-C:2012 and replaced with other more specific rules, such as not making macros with the same name as a language keyword etc.
此规则已完全在MISRA-C:2012中删除,并替换为其他更具体的规则,例如不使用与语言关键字同名的宏等。 -
Rule 19.6 (required) #undef shall not be used.
规则19.6(必填)#undef不得使用。 This rule has been relaxed in MISRA-C:2012, from required to advisory.
这条规则在MISRA-C:2012中已经放宽,从需求到咨询。 One valid argument raised against the rule is indeed that #undefis necessary for X-macros, though I can't say if this is why it was relaxed.提出反对该规则的一个有效论据确实是#undef对于X宏是必要的,但我不能说这是否是它放松的原因。Mostly the rule is there to prevent code like
#undef NULLor other strange and obscure ideas some people might get.大多数情况下,规则是防止像#undef NULL这样的代码或者某些人可能获得的其他奇怪和模糊的想法。 -
Rule 19.7 (advisory) A function should be used in preference to a function-like macro.
规则19.7(建议)应该优先使用函数,而不是像函数一样的宏。 In general, MISRA-C is against using function-like macros, this is an advisory rule in both MISRA-C:2004 and the current MISRA-C:2012.
一般来说,MISRA-C反对使用类似函数的宏,这是MISRA-C:2004和当前MISRA-C:2012中的一个建议规则。 And for very good reasons: we all know that function-like macros in general are evil, but we also know that they are often a necessary evil. 并且有很好的理由:我们都知道类似函数的宏通常是邪恶的,但我们也知道它们通常是必要的邪恶。 -
Rule 19.12 (required) There shall be at most one occurrence of the # or ## preprocessor operators in a single macro definition.
规则19.12(必需)在单个宏定义中最多只能出现一次#或##预处理器运算符。 This rule has been relaxed in MISRA-C:2012 to advisory.
这条规则已在MISRA-C:2012中放宽至咨询。 It might be hard to write some X macros without these two. 如果没有这两个,可能很难编写一些X宏。 There are a couple of valid dangers associated with them, but that's addressed by other rules. 有一些与之相关的有效危险,但其他规则已经解决了这个问题。 I see no conflict with X macros in MISRA-C:2012. 我认为在MISRA-C:2012中与X宏没有冲突。 -
Rule 19.15 (required) Precautions shall be taken in order to prevent the contents of a header file being included twice.
规则19.15(必需)应采取预防措施,以防止头文件的内容被包含两次。 Sound rule that enforces the use of header guards.
强制使用标题保护的声音规则。 There should be no reason to deviate from it, with or without X macros. 无论是否有X宏,都没有理由偏离它。
Conclusion: 结论:
You cannot use X macros in the previous MISRA-C:2004, but you can use them in the current MISRA-C:2012. 您不能在之前的MISRA-C:2004中使用X宏,但您可以在当前的MISRA-C:2012中使用它们。 I would strongly recommend to upgrade, since MISRA-C:2012 is a major change for the better. 我强烈建议升级,因为MISRA-C:2012是一个更好的重大改变。 Various pedantic rules have been dropped, relaxed or re-written. 各种迂腐规则已被放弃,放松或重写。 Complicated rules like the ones regarding implicit type promotions have been significantly improved. 像隐式类型促销这样的复杂规则已得到显着改善。 There is now C99 support. 现在有C99支持。 And so on. 等等。
I have used X-macros myself with MISRA-C:2012, and as far as I remember, without the need to raise deviations from any required rules. 我自己使用X-macros与MISRA-C:2012,据我记忆,不需要提出任何所需规则的偏差。
解决方案2
0 2018-09-28 10:55:25
Please remember that MISRA-C:2004 is a set of Guidelines... it even gives you a process to follow in event that you want to do something that the Guidelines say don't. 请记住,MISRA-C:2004是一套指南......它甚至会为您提供一个流程,以便您希望执行指南所说的事情。
Looking at the above, it seems that it is possible to use X-macros with Misra C code, if you are careful.
Yes... you can raise a Deviation - this requires you to understand the consequences of your decision to violate a Guideline, to justify that violation, and to gain appropriate approval. 是的......您可以提出偏差 - 这要求您了解您违反指南的决定的后果,为违规行为辩护,并获得适当的批准。
In which case, Deviate away. 在这种情况下,偏离。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.