MISRA C Rule 20.7 states: "Expressions resulting from the expansion
of macro parameters shall be enclosed in parentheses". Therefore, some
macro definitions should gain additional parentheses to ensure that all
current and future users will be safe with respect to expansions that
can possibly alter the semantics of the passed-in macro parameter.
No functional change.
Signed-off-by: Nicola Vetrini <nicola.vetrini@bugseng.com>
---
In this case the use of parentheses can detect misuses of the COMPILE_CHECK
macro for the fn argument that happen to pass the compile-time check
(see e.g. https://godbolt.org/z/n4zTdz595).
An alternative would be to deviate these macros, but since they are used
to check the correctness of other code it seemed the better alternative
to futher ensure that all usages of the macros are safe.
---
xen/include/xen/self-tests.h | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/xen/include/xen/self-tests.h b/xen/include/xen/self-tests.h
index 42a4cc4d17fe..58484fe5a8ae 100644
--- a/xen/include/xen/self-tests.h
+++ b/xen/include/xen/self-tests.h
@@ -19,11 +19,11 @@
#if !defined(CONFIG_CC_IS_CLANG) || CONFIG_CLANG_VERSION >= 80000
#define COMPILE_CHECK(fn, val, res) \
do { \
- typeof(fn(val)) real = fn(val); \
+ typeof((fn)(val)) real = (fn)(val); \
\
if ( !__builtin_constant_p(real) ) \
asm ( ".error \"'" STR(fn(val)) "' not compile-time constant\"" ); \
- else if ( real != res ) \
+ else if ( real != (res) ) \
asm ( ".error \"Compile time check '" STR(fn(val) == res) "' failed\"" ); \
} while ( 0 )
#else
@@ -37,9 +37,9 @@
*/
#define RUNTIME_CHECK(fn, val, res) \
do { \
- typeof(fn(val)) real = fn(HIDE(val)); \
+ typeof((fn)(val)) real = (fn)(HIDE(val)); \
\
- if ( real != res ) \
+ if ( real != (res) ) \
panic("%s: %s(%s) expected %u, got %u\n", \
__func__, #fn, #val, real, res); \
} while ( 0 )
--
2.34.1