On 11.10.2023 18:56, andrew.coop...@citrix.com wrote: > On 11/10/2023 8:46 pm, Nicola Vetrini wrote: >> diff --git a/docs/misra/deviations.rst b/docs/misra/deviations.rst >> index ee7aed0609d2..1b00e4e3e9b7 100644 >> --- a/docs/misra/deviations.rst >> +++ b/docs/misra/deviations.rst >> @@ -199,6 +199,11 @@ Deviations related to MISRA C:2012 Rules: >> See automation/eclair_analysis/deviations.ecl for the full >> explanation. >> - Tagged as `safe` for ECLAIR. >> >> + * - R11.9 >> + - __ACCESS_ONCE uses a 0 as a null pointer constant to check if a type >> is >> + scalar, therefore its usage for this purpose is allowed. >> + - Tagged as `deliberate` for ECLAIR. > > Really? > > #define __ACCESS_ONCE(x) > (void)(typeof(x))0; /* Scalar typecheck. */ > > That's not a pointer. > > If someone were to pass in an x who's type was pointer-to-object, then > yes it is technically a NULL pointer constant for long enough for the > build to error out.
Why would it error out? ACCESS_ONCE() on a variable of pointer type is as okay as one on a variable of (some kind of) integer type. (Sadly the check as is would even let floating point types pass. At the same time the check is too strict to allow e.g. single-machine-word struct/union to also pass.) Jan
