Difference between revisions of "MansOS Coding Standard"
m (→Code flow and indenting) |
|||
Line 1: | Line 1: | ||
== General issues == |
|||
Be advised to use the following coding style when writing or editing '''[[MansOS]]''' source code. |
|||
== |
=== Comments === |
||
Respect the reader and write comments. In general, comment '''what''' your code does, not '''how'''. |
|||
* Write '''comments'''. Respect the reader! |
|||
==== Inline comments ==== |
|||
* Keep the '''line length under 80 characters''' to help the viewer and those that want to print your code. Break the line in several as necessary. |
|||
Comments inside functions comments only where necessary. In most cases, if you see some code that cannot be understood without commenting, that means you should rewrite it, not comment it. |
|||
* Set your editor as follows: '''do not use the TAB character, use spaces instead'''. Otherwise the code indentation may break when viewed by different developers. |
|||
Use descriptive function and variable names to reduce the need to comment your code. |
|||
Comments are not checked by compiler. That means they are often "broken" - invalid or out of date. And the more comments there are, the more difficult it is to keep them up to date. |
|||
== |
==== Comments in global scope ==== |
||
Describe what functions does before to it's prototype, unless that's obvious. |
|||
Indent new code blocks by 4 spaces |
|||
Example (quite obvious): |
|||
Note that TAB character is always 8 spaces. |
|||
// calculate greatest common divisor (GCD) of 'a' and 'b' |
|||
However, set your editor to use spaces instead of the TAB character to avoid confusion when loading text files that may contain tab characters and was written using a different editor. |
|||
uint32_t gcd(uint32_t a, uint32_t b); |
|||
In general, there is not need to document function definitions. All exported functions should have prototypes. |
|||
You may want to select TAB key to indent and Backspace key to un-indent in your text editor (SciTe, Emacs, ...) |
|||
==== Preprocessor directives and comments ==== |
|||
== Variable and function names == |
|||
When using <code>#ifdef</code> or <code>#if</code> constructs, you should always use comments for <code>#endif</code>. |
|||
Variable names and function names shall start in lowercase and be written in [http://en.wikipedia.org/wiki/Camelcase CamelCase] - <code>writeByte</code>, not <code>write_byte, wrt_byte</code> or <code>WrItEbYtE</code>. |
|||
The comment for <code>#endif</code> should match the expression used in the corresponding <code>#if</code> or <code>#ifdef</code>. The comment for <code>#else</code> and <code>#elif</code> should match the inverse of the expression(s) used in the preceding <code>#if</code> and/or <code>#elif</code> statements. |
|||
<code> |
<code> |
||
#ifdef MSP430 |
|||
int writeByte; |
|||
/* msp430 stuff here */ |
|||
void printByte(void *buf); |
|||
#else // !MSP430 |
|||
/* non msp430 stuff here */ |
|||
#endif // MSP430 |
|||
</code> |
</code> |
||
==== Special comments ==== |
|||
Note, that we prefer <code>()</code> over <code>(void)</code>, e.g.: |
|||
Use: |
|||
<code> |
|||
* '''XXX''' in comments to mark code that may not be strictly correct, but is working. |
|||
void foo() // We prefer this |
|||
* '''FIXME''' in comments to mark code that does not work correctly. |
|||
void bar(void) // We avoid this |
|||
* '''TODO''' in comments to mark places for not-yet-made features. |
|||
</code> |
|||
=== |
=== Indentation === |
||
'''Do not use the TAB character for indentation, use spaces instead'''. Otherwise the code indentation may break when viewed by different developers. |
|||
Add trailing "<code>_p</code>" to show this is a pointer |
|||
Use '''indentation at 4 spaces'''. You may find it useful to set TAB key to 4 spaces in your editor. |
|||
<code> |
|||
int writeByte; |
|||
int *writeByte_p = &writeByte; <-- like this |
|||
</code> |
|||
=== Cross platform code === |
|||
Try to put all platform specific code in appropriate .h or .c files; avoid having <code>#ifdef</code>'s in code, where possible. |
|||
Use: |
|||
... pc/platfor_header.h: |
|||
#define PLATFORM_SPECIFIC_CONST 1 |
|||
... telosb/platfor_header.h: |
|||
#define PLATFORM_SPECIFIC_CONST 2 |
|||
... .c file: |
|||
a = PLATFORM_SPECIFIC_CONST; |
|||
Avoid: |
|||
... .c file |
|||
#ifdef PC |
|||
a = 1; |
|||
#else |
|||
a = 2; |
|||
#endif |
|||
=== Inline functions === |
|||
Linux coding style manual suggests that "a reasonable rule of thumb is to not put inline at functions that have more |
|||
than 3 lines of code in them". For embedded systems this suggestion may be relaxed (to avoid function call overhead), but they should be kept at reasonable size. |
|||
The compiler can make decision to inline even functions that are not declared as inlines, but only if the definition of that function is visible at the point where it is called. |
|||
=== Warnings === |
|||
Do not ignore compilation warnings. Never commit code that compiles with warnings, unless you have a very good reason! |
|||
If there are really "invalid" warnings, it's better to disable them in Makefile than to ignore them. |
|||
== Types == |
|||
=== Constants and defines === |
=== Constants and defines === |
||
Define constants with '''#define''' preprocessor directive or (preferred) as '''enum''' member. |
|||
Use all-uppercase for <code>#define</code> constants, with underscore between the words |
|||
The '''enum''' way is preferred because a symbol table entry is created in this way (can be useful for debugging), and the scope of the declaration is honoured. |
|||
#define MAX_LENGTH 15 |
|||
#define HEIGHT 7 |
|||
Do no use '''const''' keyword, except in cases where it is really needed. '''const''' keyword should not be used, because in this way not only a symbol, but also a variable is always created. Note that this only applies to C, for C++ '''const''' can be used to make real constants. |
|||
For constants use first letter in uppercase with the rest in camelcase |
|||
Add trailing "<code>_c</code>" to show this is a constant. |
|||
Use all-uppercase names for constants, with underscore between the words. |
|||
<code> |
|||
const MaxBufferSize_c = 64; |
|||
</code> |
|||
Use: |
|||
When using <code>#ifdef</code> or <code>#if</code> constructs, |
|||
#define DEFINED_C 123u // acceptable |
|||
you should always use comments for <code>#endif</code>. |
|||
enum { ENUM_C = 123 }; // preferred |
|||
The comment for <code>#endif</code> should match the expression used in the corresponding |
|||
<code>#if</code> or <code>#ifdef</code>. The comment for <code>#else</code> and <code>#elif</code> should match the |
|||
Avoid: |
|||
inverse of the expression(s) used in the preceding <code>#if</code> and/or <code>#elif</code> |
|||
const unsigned VARIABLE_C = 123; |
|||
statements. |
|||
Avoid magic numbers. Use symbolic constants, defined in one way or another. |
|||
=== Integer types === |
|||
Use only in integer types with explicitly specified size. |
|||
This makes portability easier. |
|||
Use: |
|||
int8_t a; |
|||
uint32_t b; |
|||
Avoid: |
|||
char a; |
|||
unsigned long b; |
|||
=== Bool type === |
|||
Use <code>bool</code> type where possible. |
|||
=== Error code type === |
|||
[TODO] |
|||
== Syntax == |
|||
=== Variable and function names === |
|||
Variable names and function names shall start in lowercase and be written in [http://en.wikipedia.org/wiki/Camelcase CamelCase] - <code>writeByte</code>, not <code>write_byte, wrt_byte</code> or <code>WrItEbYtE</code>. |
|||
<code> |
<code> |
||
int writeByte; |
|||
#ifdef MSP430 |
|||
void printByte(void *buf); |
|||
/* msp430 stuff here */ |
|||
#else // !MSP430 |
|||
/* non msp430 stuff here */ |
|||
#endif // MSP430 |
|||
</code> |
</code> |
||
=== Enums, structs and all other types === |
=== Enums, structs and all other types === |
||
Use the first letter in uppercase, the rest is CamelCase. |
Use the first letter in uppercase, the rest is CamelCase. Add trailing "<code>_t</code>" to show this is a type, or "<code>_e</code>" to show this is an enum. |
||
Add trailing "<code>_t</code>" to show this is a type, or "<code>_e</code>" to show this is an enum |
|||
<code> |
<code> |
||
Line 92: | Line 147: | ||
int c; |
int c; |
||
} MyStruct_t; |
} MyStruct_t; |
||
</code> |
|||
Enums example: |
|||
<code> |
|||
typedef enum |
typedef enum |
||
{ |
{ |
||
Line 108: | Line 158: | ||
Enumeration values all should be written in uppercase. |
Enumeration values all should be written in uppercase. |
||
=== Code control structures === |
|||
<code> |
|||
typedef enum { WHITE, BLACK } Color_e; |
|||
</code> |
|||
== |
==== Using braces ==== |
||
Always use braces after <code>if(), else, for(), while(), do</code>, even when there is only one statement in the block. There might be a few exceptions when if and the statement is on the same line and unmistakeably has one simple statement such as an assignment. |
|||
=== if, else, for, while, do === |
|||
You may write the opening brace on the same or the next line. Use common sense. Generally to make a short <code>if()</code> with just one statement in the body I use it on the same line. |
|||
Always use braces after <code>if(), else, for(), while(), do</code>, even when there is only one statement in the block. |
|||
There might be a few exceptions when if and the statement is on the same line and unmistakeably has one simple statement such as an assignment. |
|||
Use: |
|||
You may write the opening brace on the same or the next line. Use common sense. Generally to make a short if() with just one statement in the body I use it on the same line. |
|||
<code> |
|||
if ( 17 == a ) b++; |
if ( 17 == a ) b++; |
||
if (...) { |
if (...) { |
||
foo(); |
foo(); |
||
} |
} |
||
if (...) |
if (...) |
||
{ |
{ |
||
Line 133: | Line 178: | ||
bar(); |
bar(); |
||
} |
} |
||
</code> |
|||
Avoid: |
|||
When using comparisons in control structures, always try to use left-hand comparisons. |
|||
if (foo) |
|||
Because these types of comparisons detects typo errors early. |
|||
bar(); |
|||
Typical errors arise in right-hand style when equality operator is required but assignment operator is used, |
|||
in left-hand style these typos will result in compilation error and crash early. |
|||
This should be avoid because the code is harder to modify (e.g. add more statements insides the body of the <code>if</code> statement) in the future; and because the code flow may be unclear in some cases. |
|||
daily usage of comparisons - right hand style |
|||
<code> |
|||
==== <code>switch</code> statement ==== |
|||
if ( a == 17 ) |
|||
{ |
|||
In all places where <code>break</code> keyword is not being used by intention, a <code>// falls through</code> comment should be inserted. |
|||
... |
|||
Example: |
|||
switch (condition) { |
|||
case A: |
|||
if (x == 13) return 5; |
|||
// falls through |
|||
case B: |
|||
case C: |
|||
return 6; |
|||
} |
|||
==== Spacing in expressions ==== |
|||
Use space to separate tokens in expressions and braces everywhere in the code. However, you may use no space between unary operation and operand, for example, <code>i++;</code> |
|||
x = y + 16 - z++; |
|||
if( 17 == a ) { |
|||
b = foo( c, d ); |
|||
} |
} |
||
Use spaces before braces with <code>if, for, while</code>. |
|||
Do not use space before braces in <code>foo()</code> (i.e. function calls). |
|||
Use spaces around binary and ternary operators: |
|||
x = a ? b + c : d; |
|||
=== Size limits === |
|||
Keep the '''line length under 80 characters''' to help the viewer and those that want to print your code. Break the line in several as necessary. |
|||
Functions in general should be no longer than ~50 lines (one screen). Functions that has only simple logic (e.g. initialization function) can be longer. |
|||
Try to not use too much levels of indentation - code is harder to read if there are too many. |
|||
=== Mixing variables and code === |
|||
Use C89 style; declare variables before code. |
|||
Use: |
|||
<code> |
|||
uint32_t foo; |
|||
do_something(); |
|||
foo = bar(); |
|||
</code> |
</code> |
||
Or: |
|||
left-hand style |
|||
<code> |
<code> |
||
uint32_t foo = bar(); |
|||
if ( 17 == a ) |
|||
do_something(); |
|||
{ |
|||
... |
|||
} |
|||
</code> |
</code> |
||
Avoid: |
|||
=== Spacing in expressions === |
|||
<code> |
|||
do_something(); |
|||
uint32_t foo; |
|||
foo = bar(); |
|||
</code> |
|||
=== Variable initialization === |
|||
Use space to separate tokens in expressions and braces everywhere in the code |
|||
However, you may use no space between unary operation and operand, for example, i++; |
|||
No explicit global variable initialization to zeros need, because by C standard all static variables (including global) are by default initialized to zero. |
|||
x = y + 16 - z++; |
|||
If for some reason you want to avoid initalization, use "noinit" attribute. For example, this may be need for large arrays, because apparently the initialization can take long enough time for watchdog timer to expire! |
|||
if( 17 == a ) { |
|||
b = foo( c, d ); |
|||
} |
|||
Example: |
|||
=== Function and procedure heads === |
|||
uint16_t array[500] __attribute__((section (".noinit"))); |
|||
For some compilers there is __no_init keyword that does the same: |
|||
Start every function or procedure with a comment block describing it. |
|||
__no_init uint16_t array[500]; |
|||
The return type for functions may be on a separate line prior to the function name to make the function fit in a single line. |
|||
Structures can be initialized like this: |
|||
//----------------------------------------------------------------------------- |
|||
typedef struct { |
|||
// Prints formated text in a box with x,y,w,h parameters. |
|||
uint16_t i; |
|||
//----------------------------------------------------------------------------- |
|||
int8_t c; |
|||
uint32_t |
|||
uint8_t a[3]; |
|||
printInBox(char* text, char *format, int16_t x, int16_t y, int16_t w, int16_t z) |
|||
} SomeStruct_t; |
|||
{ |
|||
... |
|||
SomeStruct_t var1 = {123, 'a', {1, 2, 3}}; |
|||
} |
|||
SomeStruct_t var2 = {123}; // member 'i' is 123, all other members are implicitly initialized to 0 |
|||
Or (the preferred way): |
|||
SomeStruct_t var3 = { |
|||
.i = 123, |
|||
.c = 'a', |
|||
.a = {1, 2, 3} |
|||
}; |
|||
=== Include paths === |
|||
All internal MansOS code should use include paths with directory explicitly specified. |
|||
E.g. use |
|||
#include <lib/dprint.h> |
|||
Avoid: |
|||
#include <dprint.h> |
|||
#include "dprint.h" |
|||
This is not a requirement for application code. |
|||
This is also not a requirement if the included file is under HAL or HPL directories, because in this case the path is platform specific. Because of this, it is recommended to add "_hal" or "_hpl" suffix in those filenames, for example, xxx_hal.h and yyy_hpl.h. |
|||
== Conclusion == |
|||
Remember that rules are made to be broken; do not follow them blindly! |
|||
== Sample Emacs configuration == |
|||
MansOS C mode for Emacs (add this to your Emacs configuration file): |
|||
(defun mansos-c-mode () |
|||
"C mode for MansOS" |
|||
(interactive) |
|||
; use C++ mode, for "//" comments |
|||
(c++-mode) |
|||
; convert tabe to spaces when typing |
|||
(setq indent-tabs-mode nil) |
|||
(setq default-tab-width 4)) |
|||
; Change the path to your MansOS repository! |
|||
(setq auto-mode-alist (cons '("/home/atis/sensors/mansos/.*\\.[ch]$" . mansos-c-mode) |
|||
auto-mode-alist)) |
Revision as of 12:15, 13 January 2010
General issues
Comments
Respect the reader and write comments. In general, comment what your code does, not how.
Inline comments
Comments inside functions comments only where necessary. In most cases, if you see some code that cannot be understood without commenting, that means you should rewrite it, not comment it.
Use descriptive function and variable names to reduce the need to comment your code.
Comments are not checked by compiler. That means they are often "broken" - invalid or out of date. And the more comments there are, the more difficult it is to keep them up to date.
Comments in global scope
Describe what functions does before to it's prototype, unless that's obvious.
Example (quite obvious):
// calculate greatest common divisor (GCD) of 'a' and 'b' uint32_t gcd(uint32_t a, uint32_t b);
In general, there is not need to document function definitions. All exported functions should have prototypes.
Preprocessor directives and comments
When using #ifdef
or #if
constructs, you should always use comments for #endif
.
The comment for #endif
should match the expression used in the corresponding #if
or #ifdef
. The comment for #else
and #elif
should match the inverse of the expression(s) used in the preceding #if
and/or #elif
statements.
#ifdef MSP430
/* msp430 stuff here */
#else // !MSP430
/* non msp430 stuff here */
#endif // MSP430
Special comments
Use:
- XXX in comments to mark code that may not be strictly correct, but is working.
- FIXME in comments to mark code that does not work correctly.
- TODO in comments to mark places for not-yet-made features.
Indentation
Do not use the TAB character for indentation, use spaces instead. Otherwise the code indentation may break when viewed by different developers.
Use indentation at 4 spaces. You may find it useful to set TAB key to 4 spaces in your editor.
Cross platform code
Try to put all platform specific code in appropriate .h or .c files; avoid having #ifdef
's in code, where possible.
Use:
... pc/platfor_header.h: #define PLATFORM_SPECIFIC_CONST 1 ... telosb/platfor_header.h: #define PLATFORM_SPECIFIC_CONST 2 ... .c file: a = PLATFORM_SPECIFIC_CONST;
Avoid:
... .c file #ifdef PC a = 1; #else a = 2; #endif
Inline functions
Linux coding style manual suggests that "a reasonable rule of thumb is to not put inline at functions that have more than 3 lines of code in them". For embedded systems this suggestion may be relaxed (to avoid function call overhead), but they should be kept at reasonable size.
The compiler can make decision to inline even functions that are not declared as inlines, but only if the definition of that function is visible at the point where it is called.
Warnings
Do not ignore compilation warnings. Never commit code that compiles with warnings, unless you have a very good reason!
If there are really "invalid" warnings, it's better to disable them in Makefile than to ignore them.
Types
Constants and defines
Define constants with #define preprocessor directive or (preferred) as enum member.
The enum way is preferred because a symbol table entry is created in this way (can be useful for debugging), and the scope of the declaration is honoured.
Do no use const keyword, except in cases where it is really needed. const keyword should not be used, because in this way not only a symbol, but also a variable is always created. Note that this only applies to C, for C++ const can be used to make real constants.
Use all-uppercase names for constants, with underscore between the words.
Use:
#define DEFINED_C 123u // acceptable enum { ENUM_C = 123 }; // preferred
Avoid:
const unsigned VARIABLE_C = 123;
Avoid magic numbers. Use symbolic constants, defined in one way or another.
Integer types
Use only in integer types with explicitly specified size.
This makes portability easier.
Use:
int8_t a; uint32_t b;
Avoid:
char a; unsigned long b;
Bool type
Use bool
type where possible.
Error code type
[TODO]
Syntax
Variable and function names
Variable names and function names shall start in lowercase and be written in CamelCase - writeByte
, not write_byte, wrt_byte
or WrItEbYtE
.
int writeByte;
void printByte(void *buf);
Enums, structs and all other types
Use the first letter in uppercase, the rest is CamelCase. Add trailing "_t
" to show this is a type, or "_e
" to show this is an enum.
typedef struct
{
int a;
int b;
int c;
} MyStruct_t;
typedef enum
{
RECTANGLE,
CIRCLE = 17,
LAST // Use "Last" as the last enum available, as needed
} ShapeType_e;
Enumeration values all should be written in uppercase.
Code control structures
Using braces
Always use braces after if(), else, for(), while(), do
, even when there is only one statement in the block. There might be a few exceptions when if and the statement is on the same line and unmistakeably has one simple statement such as an assignment.
You may write the opening brace on the same or the next line. Use common sense. Generally to make a short if()
with just one statement in the body I use it on the same line.
Use:
if ( 17 == a ) b++; if (...) { foo(); } if (...) { foo(); bar(); }
Avoid:
if (foo) bar();
This should be avoid because the code is harder to modify (e.g. add more statements insides the body of the if
statement) in the future; and because the code flow may be unclear in some cases.
switch
statement
In all places where break
keyword is not being used by intention, a // falls through
comment should be inserted.
Example:
switch (condition) { case A: if (x == 13) return 5; // falls through case B: case C: return 6; }
Spacing in expressions
Use space to separate tokens in expressions and braces everywhere in the code. However, you may use no space between unary operation and operand, for example, i++;
x = y + 16 - z++;
if( 17 == a ) { b = foo( c, d ); }
Use spaces before braces with if, for, while
.
Do not use space before braces in foo()
(i.e. function calls).
Use spaces around binary and ternary operators:
x = a ? b + c : d;
Size limits
Keep the line length under 80 characters to help the viewer and those that want to print your code. Break the line in several as necessary.
Functions in general should be no longer than ~50 lines (one screen). Functions that has only simple logic (e.g. initialization function) can be longer.
Try to not use too much levels of indentation - code is harder to read if there are too many.
Mixing variables and code
Use C89 style; declare variables before code.
Use:
uint32_t foo;
do_something();
foo = bar();
Or:
uint32_t foo = bar();
do_something();
Avoid:
do_something();
uint32_t foo;
foo = bar();
Variable initialization
No explicit global variable initialization to zeros need, because by C standard all static variables (including global) are by default initialized to zero.
If for some reason you want to avoid initalization, use "noinit" attribute. For example, this may be need for large arrays, because apparently the initialization can take long enough time for watchdog timer to expire!
Example:
uint16_t array[500] __attribute__((section (".noinit")));
For some compilers there is __no_init keyword that does the same:
__no_init uint16_t array[500];
Structures can be initialized like this:
typedef struct { uint16_t i; int8_t c; uint8_t a[3]; } SomeStruct_t; SomeStruct_t var1 = {123, 'a', {1, 2, 3}}; SomeStruct_t var2 = {123}; // member 'i' is 123, all other members are implicitly initialized to 0
Or (the preferred way):
SomeStruct_t var3 = { .i = 123, .c = 'a', .a = {1, 2, 3} };
Include paths
All internal MansOS code should use include paths with directory explicitly specified. E.g. use
#include <lib/dprint.h>
Avoid:
#include <dprint.h> #include "dprint.h"
This is not a requirement for application code.
This is also not a requirement if the included file is under HAL or HPL directories, because in this case the path is platform specific. Because of this, it is recommended to add "_hal" or "_hpl" suffix in those filenames, for example, xxx_hal.h and yyy_hpl.h.
Conclusion
Remember that rules are made to be broken; do not follow them blindly!
Sample Emacs configuration
MansOS C mode for Emacs (add this to your Emacs configuration file):
(defun mansos-c-mode () "C mode for MansOS" (interactive) ; use C++ mode, for "//" comments (c++-mode) ; convert tabe to spaces when typing (setq indent-tabs-mode nil) (setq default-tab-width 4)) ; Change the path to your MansOS repository! (setq auto-mode-alist (cons '("/home/atis/sensors/mansos/.*\\.[ch]$" . mansos-c-mode) auto-mode-alist))