Questions tagged [misra]

1

votes
0

answer
43

Views

How to change which file an external checker uses

Following this guide https://www.ibm.com/developerworks/library/j-codan/index.html I've been able to make a Cppcheck plugin for Eclipse. (It seems to do the exact same thing as CPPCheclipse.) Now I'd like to do a similar plugin for Cppcheck's MISRA addon. I've got the MISRA addon working when runnin...
Krehn
1

votes
2

answer
415

Views

Inhibit lint message 9007

According to MISRA rule 13.5 the right hand operand of a logical && or || operator shall not contain persistent side effects. Our code is checked with PC-Lint, message 9007 (http://gimpel-online.com/MsgRef.html#9007). We have code of the form if((GET_SIGNAL1() < CONST_1) || (GET_SIGNAL2() == CONST_2...
Lord_Gestalter
1

votes
3

answer
630

Views

Reading a value from raw memory (MISRA compliant)

I'm trying to read the value of a variable previously write on NVM flash. My code is: uintptr_t address = getAddress(); //[MISRA C++ Rule 5-2-8] cast from unsigned int to pointer uint16_t value = *(reinterpret_cast(address)); The problem is the cast from uintptr_t to pointer is not allowed in MISRA...
Ivan Pajuelo
1

votes
1

answer
384

Views

Misra C rule 10.1 - false positive warning?

My CCS 6.1 ARM compiler (for LM3Sxxxx Stellaris) throws a warning: 'MISRA Rule 10.1. The value of an expression of integer type shall not be implicitly converted to a different underlying type if the expression is not constant and is a function argument' for following code: static uint32_t diagBase...
tk_
1

votes
0

answer
32

Views

Whats the correct rule file to build to provide to the cppcheck MISRA add-on?

This is a general question about the expected layout and content of a rule file to provide to the misra.py cppcheck application. The cppcheck source located on github: source cppcheck There are multiple ways I think? Appendix A Summary of guidelines Rule 1.1 Rule text description or is it Appendix...
RkingDev
1

votes
4

answer
1.3k

Views

MISRA C 2012 Rule 16.1 All switch statements should be well formed

I am trying to get rid of violation og rule 16.1 from my code. Sample code: switch (cmd) { case ADD: result = add(op1, op2); break; case SUB: if (!flag) { // Problem here! break; } //Fallthrough case ALU_CMD_SUB: result = sub(op1, op2); . . . . . . break; case ALU_CMD_DIV: result = divide(o...
Salim
1

votes
1

answer
97

Views

Do template specialized class with static methods occupy storage?

(I am sorry for the messy title. I will gladly accept suggestions to improve it.) I will try to be as straightforward as possible. I have the folowing code: file1.hpp template struct MatOps; file2.hpp: #include 'file1.hpp' template struct MatOps{ static void method1(){ // Do something } static voi...
enanone
1

votes
1

answer
162

Views

c++: Need correct syntax to avoid MISRA 14-6-1 warning. Class template with dependent base class

I've written a lexer/parser for a language called SML. It is used in electronic meters. I am in the phase of static code analysis. Lint is reporting a MISRA violation 14-6-1. The rule (required) is: 'In a class template with a dependent base, any name that may be found in that dependent base shall b...
Armin
1

votes
1

answer
136

Views

MISRA compatible alternatives to sprintf?

I know the reason why sprintf and similar functions such as snprintf are banned by MISRA. However, what's the alternative way to do something like sprintf(buf, 'The values are a: %d, b: %d', a, b)? itoa seems a candidate, but it has to be used together with functions like strcat.
iuradz
1

votes
2

answer
0

Views

How to use resolve MISRA C error for assembly language inline function?

I am using compiler related assembly language function asm() in my PIC32 MCU C code. My code is compiled and working fine with just using asm('reset') function in my C code.When checking MISRA compliance I am getting following MISRA error: function 'asm' undeclared, assumed to return int [MISRA 201...
raj123
1

votes
2

answer
2.1k

Views

How to remove MISRA C errors/warnings on bitwise operations in firmware?

I am using MISRA C 2004 standards in Code Composer Studio. I am always getting errors with respect to bitwise operations during initialization of the peripherals. In the compiler .h file, the definition is like this. #define SFR_8BIT(addr) extern volatile unsigned char addr SFR_8BIT(REG1); #define...
Chaithra
1

votes
3

answer
1.9k

Views

Initializing char arrays and MISRA errors

I have the following line (reduced to minimally demonstrate issue): char version_text[64U] = {'\0'}; This line generates the following MISRA error: Error[Pm023]: missing elements - braces shall be used to indicate and match the structure in the non-zero initialization of arrays and structures (MISRA...
Thomas Matthews
1

votes
3

answer
461

Views

How to include a variable-sized array as stuct member in C?

I must say, I have quite a conundrum in a seemingly elementary problem. I have a structure, in which I would like to store an array as a field. I'd like to reuse this structure in different contexts, and sometimes I need a bigger array, sometimes a smaller one. C prohibits the use of variable-sized...
1

votes
1

answer
680

Views

How to fix MISRA warning: MISRA 18.4 (C90-2012 adv.)

I have used one API in which it catched the address of the parameter in a formal arguement. But there was I used log and used that address for printing purposes in that I got the MISRA warning such as below as you can see: MISRA.PTR.ARITH Pointer is used in arithmetic or array index expression Ho...
Kanji Viroja
1

votes
1

answer
133

Views

MISRA-C: cast literal number

I read a source code, there is a statement like: uint32 XYZ; ... XYZ = (uint32)0x0000000U. I wonder if the cast is necessary, is XYZ = 0U OK? Thanks
cssam
1

votes
1

answer
454

Views

MISRA Violation Rule 15.5 : Multiple points of exit detected. Function should have a single point of exit at the end of the function [duplicate]

This question already has an answer here: Best practice for compute the function return value 4 answers I am trying to get rid of rule 15.5 from my code. This is basically because of multiple returns in the function. Code looks like: int32_t do_test(int32_t array[]) { for(int32_t i=0; i < VAL; i+...
Salim
2

votes
0

answer
22

Views

MISRAC:2012: Rule 4.1 Octal and hex adecimal escape sequences shall be terminated

I have the following code in C whith the violation of MISRAC:2012 Rule 4.1 (i.e., Octal and hex adecimal escape sequences shall be terminated). I have not clear which is the right Compliant Solution to solve this following code. static const char rcsid[] = '\[email protected](#) $Revision: 243501 $\n'; and rerrs[...
Gianni Spear
0

votes
0

answer
7

Views

Why are FIFO One-quarter full, Half-full, three-quarter full interrupts provided in a UART RX FIFO? What are their use cases?

I am implementing a protocol decoder which receives bytes through UART of a microcontroller. The ISR takes bytes from the UART peripheral and puts it in a ring buffer. The main loop reads from the ring buffer and runs a state machine to decode it. The UART internally has a 32-byte receive FIFO, and...
Sreekesh Sreelal
1

votes
1

answer
1.3k

Views

MISRA C 2004 and c99

Rule 1.1 of the MISRA C 2004 specifies that the spec covers c90 and not c99. I would like to use the stdint and stdbool libraries instead of coding my own. Has anyone made this exception in their MISRA implementation?
JeffV
1

votes
1

answer
435

Views

Why does redlib define INT8_MIN as (-0x80) and not as (-0x7F) or (-INT8_MAX - 1)

As the title says, REDLIB defines INT8_MIN as (-0x80). This is giving warnings when using QAC to check for MISRA-C compatibility: (the same goes for INT16 and INT32, which are -0x8000 and -0x80000000 respectively) Msg(4:1281) Integer literal constant is of an unsigned type but does not include a 'U'...
Daan Timmer
0

votes
1

answer
33

Views

Is declaring a variable inside an if statement in c a bad habit?

My assumption is that this is going to mess with checkers and stack analysis. I can't prove my assumption and I don't think C99 will complain. Probably neither c89 will because the definition is immediately after the opening of the curly brace: if(true == condition){ int i = 0; /* do stuff with i...
Catosh
1

votes
2

answer
788

Views

What is the most suitable alternative for Linked List?

I am working on Embedded C, Task related implementation in OS. I have implemented the Linked List. Now it needs to minimize the use of pointers to satisfy MISRA C, in my present implementation I am searching for the best alternative for the Linked List, in Embedded OS for task operation.
Nilesh Pardesi
18

votes
2

answer
1.2k

Views

When should I use UINT32_C(), INT32_C(),… macros in C?

I switched to fixed-length integer types in my projects mainly because they help me think about integer sizes more clearly when using them. Including them via #include also includes a bunch of other macros like the printing macros PRIu32, PRIu64,... To assign a constant value to a fixed length vari...
TimFinnegan
2

votes
4

answer
2.2k

Views

Why does an anonymous enum fails MISRA C 2012 rule 10.3 and a named enum doesn't?

In question: Why do I have to cast an enum element when assigning it to a same enum variable type in C? I was having problems with this code for failing the MISRA C 2012 rule 10.3 that states: The value of an expression shall not be assigned to an object with a narrower essential type or of a differ...
m4l490n
2

votes
2

answer
104

Views

Safe assign of values to bitfield in C

Suppose I have typedef struct { unsigned short bar : 1; } foo_bf; typedef union { unsigned short val; foo_bf bf; } foo_t; How do I correctly assign a value to this bitfield from an type e.g uint16_t? uint16_t myValue = 1; foo_t foo; foo.bf.bar = myValue Running PC-Lint, this turns into a MISR...
MergeMaster
3

votes
3

answer
4.2k

Views

thoughts on unions in C, with regards to MISRA

Misra says to ban all unions. I also know that deviations are allowed as long as they are discussed and documented thoroughly. We have a microcontroller and an external eeprom to store statistical data (event/error logging, parameter settings and whatnot). The eventlog consists of around 80+ event c...
Daan Timmer
5

votes
1

answer
188

Views

How to encode East-European (Polish) signs using simple escape sequences?

I'm developing an embedded application in C, which has to conform to MISRA standards. It will involve the use of strings containing Polish signs (ąęćłńśźż). I tried encoding them using octal/hex escape sequences: dictionary[archive_error] = 'B' '\x88' 'ąd pamieci'; but those are prohibited...
1

votes
1

answer
506

Views

How to create a std::shared_ptr without violating MISRA C++ 2008 Advisory Rule 14-8-2?

I get this error in PC-Lint (au-misra-cpp.lnt): ParameterTest.cpp(40): error 1963: (Note -- Violates MISRA C++ 2008 Advisory Rule 14-8-2, Viable set contains both function and template: std::shared_ptr::shared_ptr (line 499, file C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\include\memory,...
MathiasWestin
6

votes
4

answer
705

Views

MISRA equivalent for medical industry? [closed]

Pretty much as the title, is there a medical industry equivalent document, standard or set of either to the auto industry's MISRA? I'm working in the area of C, but anything language agnostic would be good too
Toby
2

votes
2

answer
385

Views

Popular use of Dynamic memory allocation

I have been reading coding standards in C and most of them discourages use of dynamic memory allocation.But In popular use Dynamic memory allocation leads .Any solid reason for this.I am asking the reasons for its use despite the Demerits it posses ? These are my references JPL Standards :http://l...
achoora
5

votes
2

answer
485

Views

MISRA 2012 violation - Type mismatch (Rules 10.1, 10.4)

I'm facing MISRA C 2012 violation that I can't understand. Following is the code: #define I2C_CCRH_FS ((uint8_t)0x80) #define I2C_CCRH_DUTY ((uint8_t)0x40) #define I2C_CCRH_CCR ((uint8_t)0x0F) typedef struct I2C_struct { volatile uint8_t CR1; volatile uint8_t CR2; volatile uint8_t CCRL;...
Salahuddin
5

votes
3

answer
164

Views

How to use setters properly when the object to be accessed is encapsulated more than once?

I struggle with this question very often and couldn't find any clear solution. I think I know the motivation of getters/setters. Prior Information: When realizing real life data, usually the data is encapsulated in more than one layers. For example: // 1st stage data types --------------------------...
ozercik
6

votes
3

answer
1.5k

Views

Why do the MISRA rules prohibit the use of '#undef'?

Why do the MISRA rules prohibit the use of #undef in a program? If I want to limit the scope of any macro, how to do it without using #undef?
bubble
5

votes
3

answer
1.1k

Views

How are integer types converted implicitly?

The following code fails on a MISRA check. The concrete error message is: (MISRA-C:2004 10.1/R) The value of an expression of integer type shall not be implicitly converted to a different underlying type if it is not a conversion to a wider integer type of the same signedness typedef enum _MyEnum...
harper
3

votes
2

answer
399

Views

Why function prototypes are they required in MISRA:2012?

I am wondering why function prototypes are required by MISRA:2012. In the example below, the two prototypes aren't really necessary. #include #include // >>> Truly useless in my opinion void display(void); int main(void); //
nowox
11

votes
3

answer
4.1k

Views

MISRA incrementation in C

While debugging some embedded code, I came across something like this: buffPtr = &a[5]; buffEndPtr = &a[10]; while (buffPtr != buffEndPtr) { *buffPtr = 0xFF; buffPtr = &buffPtr[1]; /* MISRA improvement for: buffPtr++ */ } Why would this construct be an improvement over (*buffPtr)++ ?
Adrian Suciu
2

votes
2

answer
383

Views

Does MISRA C++ rule 7-1-1 affect references?

Rule 7-1-1 (Required) A variable which is not modified shall be const qualified If a variable does not need to be modified, then it shall be declared with const qualification so that it cannot be modified. A non-parametric variable will then require its initialization at the point of declaration. Al...
Melebius
2

votes
1

answer
758

Views

How to write a memcpy function full MISRA:2012 compatible?

I wrote this memcpy function, but I still need to disable rules 11.5 and 11.8. Is there a solution to be full MISRA:2012 compatible? #pragma cstat_suppress='MISRAC2012-Rule-21.6' // Uses of stdio.h were found. #include #include #include #include extern int main(void); static int_least8_t _memcp...
nowox
2

votes
4

answer
128

Views

MISRA C:2012 Rule 14.4

As per the MISRA rule The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type #include #include void foo(void){ int i = 0; if(i){} /* Non-compliant - int32_t is not boolean */ if(i != 0){} /* C...
Hariom Singh
2

votes
4

answer
2.6k

Views

Casting a NULL pointer function argument resulted in violation of Misra Rule 11.3

I define a NULL_PTR as 0U Then call a function with this NULL_PTR as argument. read_some_data(2U, (uint8_t *const) NULL_PTR, (uint8_t *const) NULL_PTR); Called function prototype: int16_t read_some_data(const uint8_t id, uint8_t *const data_1, uint8_t *const data_2); On compilation, Misra raised a...
Ammamon

View additional questions