Hi Nicola,
On 24/07/2023 13:58, Nicola Vetrini wrote:
On 24/07/23 12:24, Julien Grall wrote:
From: Julien Grall <[email protected]>
Eclair vXXX is unable to prove the parameter out_string will only be
used the return of dt_property_read_string() is 0. So it will consider
that MISRA C:2012 Rule 9.1 was violated.
This is not correct: ECLAIR cannot prove that the rule is not violated,
and hence emits a caution, because the analysis is sound.
Ok. How about: "So it will not be able to prove that MISR C:2012 Rule
9.1 wasn't violated"?
Rework the prototype so the string is returned and use ERR_PTR() to
embed the error code.
Signed-off-by: Julien Grall <[email protected]>
---
The XXX should be replaced with the version of Eclair. Nicola, can you
provide it?
I don't see as valuable mentioning ECLAIR at all, but rather explain
what the change is about (encoding the error value as a return value and
removing the **out_value parameter).
If Eclair didn't report a caution, then I would not have spent time
writing this patch.
Also, the point of mentioning the Eclair version is that if someone ever
want to change the prototype back to where it was (e.g. because another
tools is unhappy), then we have some details on why it was done and way
to reproduce. This would avoid endless argument on the ML on whether it
is safe to revert it.
So overall, the value is not necessarily for today, but for the future
reader.
Cheers,
--
Julien Grall
