Questions tagged [misra]

2

votes
0

answer
22

Views

MISRAC:2012: Rule 4.1 Octal and hex adecimal escape sequences shall be terminated

I have the following code in C whith the violation of MISRAC:2012 Rule 4.1 (i.e., Octal and hex adecimal escape sequences shall be terminated). I have not clear which is the right Compliant Solution to solve this following code. static const char rcsid[] = "\[email protected](#) $Revision: 243501 $\n"; and rerrs[...
Gianni Spear
0

votes
0

answer
7

Views

Why are FIFO One-quarter full, Half-full, three-quarter full interrupts provided in a UART RX FIFO? What are their use cases?

I am implementing a protocol decoder which receives bytes through UART of a microcontroller. The ISR takes bytes from the UART peripheral and puts it in a ring buffer. The main loop reads from the ring buffer and runs a state machine to decode it. The UART internally has a 32-byte receive FIFO, and...
Sreekesh Sreelal
1

votes
1

answer
1.3k

Views

MISRA C 2004 and c99

Rule 1.1 of the MISRA C 2004 specifies that the spec covers c90 and not c99. I would like to use the stdint and stdbool libraries instead of coding my own. Has anyone made this exception in their MISRA implementation?
JeffV
1

votes
1

answer
424

Views

Why does redlib define INT8_MIN as (-0x80) and not as (-0x7F) or (-INT8_MAX - 1)

As the title says, REDLIB defines INT8_MIN as (-0x80). This is giving warnings when using QAC to check for MISRA-C compatibility: (the same goes for INT16 and INT32, which are -0x8000 and -0x80000000 respectively) Msg(4:1281) Integer literal constant is of an unsigned type but does not include a "U"...
Daan Timmer
0

votes
1

answer
33

Views

Is declaring a variable inside an if statement in c a bad habit?

My assumption is that this is going to mess with checkers and stack analysis. I can't prove my assumption and I don't think C99 will complain. Probably neither c89 will because the definition is immediately after the opening of the curly brace: if(true == condition){ int i = 0; /* do stuff with i...
Catosh
1

votes
2

answer
753

Views

What is the most suitable alternative for Linked List?

I am working on Embedded C, Task related implementation in OS. I have implemented the Linked List. Now it needs to minimize the use of pointers to satisfy MISRA C, in my present implementation I am searching for the best alternative for the Linked List, in Embedded OS for task operation.
Nilesh Pardesi
18

votes
2

answer
1.2k

Views

When should I use UINT32_C(), INT32_C(),… macros in C?

I switched to fixed-length integer types in my projects mainly because they help me think about integer sizes more clearly when using them. Including them via #include also includes a bunch of other macros like the printing macros PRIu32, PRIu64,... To assign a constant value to a fixed length vari...
TimFinnegan
2

votes
4

answer
2.2k

Views

Why does an anonymous enum fails MISRA C 2012 rule 10.3 and a named enum doesn't?

In question: Why do I have to cast an enum element when assigning it to a same enum variable type in C? I was having problems with this code for failing the MISRA C 2012 rule 10.3 that states: The value of an expression shall not be assigned to an object with a narrower essential type or of a differ...
m4l490n
2

votes
2

answer
104

Views

Safe assign of values to bitfield in C

Suppose I have typedef struct { unsigned short bar : 1; } foo_bf; typedef union { unsigned short val; foo_bf bf; } foo_t; How do I correctly assign a value to this bitfield from an type e.g uint16_t? uint16_t myValue = 1; foo_t foo; foo.bf.bar = myValue Running PC-Lint, this turns into a MISR...
MergeMaster
3

votes
3

answer
4.2k

Views

thoughts on unions in C, with regards to MISRA

Misra says to ban all unions. I also know that deviations are allowed as long as they are discussed and documented thoroughly. We have a microcontroller and an external eeprom to store statistical data (event/error logging, parameter settings and whatnot). The eventlog consists of around 80+ event c...
Daan Timmer
5

votes
1

answer
188

Views

How to encode East-European (Polish) signs using simple escape sequences?

I'm developing an embedded application in C, which has to conform to MISRA standards. It will involve the use of strings containing Polish signs (ąęćłńśźż). I tried encoding them using octal/hex escape sequences: dictionary[archive_error] = "B" "\x88" "ąd pamieci"; but those are prohibited...
1

votes
1

answer
486

Views

How to create a std::shared_ptr without violating MISRA C++ 2008 Advisory Rule 14-8-2?

I get this error in PC-Lint (au-misra-cpp.lnt): ParameterTest.cpp(40): error 1963: (Note -- Violates MISRA C++ 2008 Advisory Rule 14-8-2, Viable set contains both function and template: std::shared_ptr::shared_ptr (line 499, file C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\include\memory,...
MathiasWestin
6

votes
4

answer
705

Views

MISRA equivalent for medical industry? [closed]

Pretty much as the title, is there a medical industry equivalent document, standard or set of either to the auto industry's MISRA? I'm working in the area of C, but anything language agnostic would be good too
Toby
2

votes
2

answer
385

Views

Popular use of Dynamic memory allocation

I have been reading coding standards in C and most of them discourages use of dynamic memory allocation.But In popular use Dynamic memory allocation leads .Any solid reason for this.I am asking the reasons for its use despite the Demerits it posses ? These are my references JPL Standards :http://l...
achoora
5

votes
2

answer
485

Views

MISRA 2012 violation - Type mismatch (Rules 10.1, 10.4)

I'm facing MISRA C 2012 violation that I can't understand. Following is the code: #define I2C_CCRH_FS ((uint8_t)0x80) #define I2C_CCRH_DUTY ((uint8_t)0x40) #define I2C_CCRH_CCR ((uint8_t)0x0F) typedef struct I2C_struct { volatile uint8_t CR1; volatile uint8_t CR2; volatile uint8_t CCRL;...
Salahuddin
5

votes
3

answer
164

Views

How to use setters properly when the object to be accessed is encapsulated more than once?

I struggle with this question very often and couldn't find any clear solution. I think I know the motivation of getters/setters. Prior Information: When realizing real life data, usually the data is encapsulated in more than one layers. For example: // 1st stage data types --------------------------...
ozercik
6

votes
3

answer
1.5k

Views

Why do the MISRA rules prohibit the use of '#undef'?

Why do the MISRA rules prohibit the use of #undef in a program? If I want to limit the scope of any macro, how to do it without using #undef?
bubble
5

votes
3

answer
1.1k

Views

How are integer types converted implicitly?

The following code fails on a MISRA check. The concrete error message is: (MISRA-C:2004 10.1/R) The value of an expression of integer type shall not be implicitly converted to a different underlying type if it is not a conversion to a wider integer type of the same signedness typedef enum _MyEnum...
harper
3

votes
2

answer
399

Views

Why function prototypes are they required in MISRA:2012?

I am wondering why function prototypes are required by MISRA:2012. In the example below, the two prototypes aren't really necessary. #include #include // >>> Truly useless in my opinion void display(void); int main(void); //
nowox
11

votes
3

answer
4.1k

Views

MISRA incrementation in C

While debugging some embedded code, I came across something like this: buffPtr = &a[5]; buffEndPtr = &a[10]; while (buffPtr != buffEndPtr) { *buffPtr = 0xFF; buffPtr = &buffPtr[1]; /* MISRA improvement for: buffPtr++ */ } Why would this construct be an improvement over (*buffPtr)++ ?
Adrian Suciu
2

votes
2

answer
383

Views

Does MISRA C++ rule 7-1-1 affect references?

Rule 7-1-1 (Required) A variable which is not modified shall be const qualified If a variable does not need to be modified, then it shall be declared with const qualification so that it cannot be modified. A non-parametric variable will then require its initialization at the point of declaration. Al...
Melebius
2

votes
1

answer
758

Views

How to write a memcpy function full MISRA:2012 compatible?

I wrote this memcpy function, but I still need to disable rules 11.5 and 11.8. Is there a solution to be full MISRA:2012 compatible? #pragma cstat_suppress="MISRAC2012-Rule-21.6" // Uses of stdio.h were found. #include #include #include #include extern int main(void); static int_least8_t _memcp...
nowox
2

votes
4

answer
128

Views

MISRA C:2012 Rule 14.4

As per the MISRA rule The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type #include #include void foo(void){ int i = 0; if(i){} /* Non-compliant - int32_t is not boolean */ if(i != 0){} /* C...
Hariom Singh
2

votes
4

answer
2.6k

Views

Casting a NULL pointer function argument resulted in violation of Misra Rule 11.3

I define a NULL_PTR as 0U Then call a function with this NULL_PTR as argument. read_some_data(2U, (uint8_t *const) NULL_PTR, (uint8_t *const) NULL_PTR); Called function prototype: int16_t read_some_data(const uint8_t id, uint8_t *const data_1, uint8_t *const data_2); On compilation, Misra raised a...
Ammamon
2

votes
1

answer
408

Views

How do I create a module in MISRAC:2012 that follows Dir 4.12 and 4.8?

This question relates to coding in ISO C99 following the MISRAC:2012 guidelines. I am looking for guidance on Dir 4.8 “If a pointer to a structure or union is never dereferenced within a translation unit, then the implementation of the object should be hidden” in conjunction with Dir 4.12 “Dyn...
crisls
1

votes
2

answer
962

Views

Misra C Rule 12.2 - false positive warning?

My CCS 6.1 ARM compiler (for LM3Sxxxx Stellaris) throws a warning : "MISRA Rule 12.2. The value of an expression shall be the same under any order of evaluation that the standard permits" for following code: typedef struct { ... uint32_t bufferCnt; uint8_t buffer[100]; ... } DIAG_INTERFACE_T; static...
tk_
3

votes
2

answer
558

Views

Misra violation with bitwise operator

I have written the following piece of code which MISRA does not like: UartPtr->C &= ((uint8_t)(~SIO_C2_SBK)); with #define SIO_C2_SBK ((uint8_t)0x01u) and UartPtr is defined as UartPtr = (UartStruct*) 0x12345678; /* I know that this is also a violation of MISRA */ with the underlying datastructure:...
m47h
2

votes
5

answer
8.7k

Views

Is there a way to make an enum unsigned in the C90 standard (MISRA-C 2004 Compliant)

I'm trying to find a way to make an enum "unsigned". enum{ x1 = 0, x2, x3 }; uint8_t = x2; /*
Tom
1

votes
1

answer
1.2k

Views

MISRA 2004 Required Rule 10.1, Prohibited Implicit Conversion: Non-constant argument to function

I am changing my code to meet the MISRA standard. I have come across the warning Required Rule 10.1, Prohibited Implicit Conversion: Non-constant argument to function. memcpy(&Final_buff[index], Main_cal, buffer_size); // where buffer_size is uint8, uint8 *Final_buff, and const uint8 *buffer Then I...
Cool_Binami
1

votes
2

answer
386

Views

Is avoiding prototype declaration for private function (defined before its use) a MISRA violation?

Making prototype declaration for all functions defined in a C file is considered as a good programming. It also satisfies MISRA guideline. But I have seen developers ignoring prototype declarations for functions which are defined before it's used - It seems prototype declaration is unnecessary in su...
Mayank
2

votes
2

answer
2.4k

Views

Pointer to Array of Bytes

I'm having some trouble with a pointer declaration that one of my co-workers wants to use because of Misra C requirements. Misra (Safety Critical guideline) won't let us mere Programmers use pointers, but will let us operate on arrays bytes. He intends to procur a pointer to an array of bytes (so...
user1970907
4

votes
3

answer
3.5k

Views

rationale behind Misra 2012 not allowing cast between different pointers

I am currently working on a project which requires the code to be Misra 2012 compliant. Throughout the project we have lots of required misra warnings telling us we cant convert pointer to one type to a pointer to another type. Things as simple as void *memcpy(void *to, const void *from, size_t n) p...
thunderbird
3

votes
1

answer
339

Views

Why do I have to cast an enum element when assigning it to a same enum variable type in C?

I have the following: typedef enum { FLS_PROG_SUCCESS, FLS_PROG_FAIL, FLS_ERASE_SUCCESS2U, FLS_ERASE_FAIL, FLS_READ_SUCCESS, FLS_READ_FAIL, FLS_FORMAT_SUCCESS, FLS_FORMAT_FAIL }FLS_JobResult_t; void Foo(void) { FLS_JobResult_t ProgramStatus; /* Then I try to initialize the variable value */ ProgramS...
m4l490n
4

votes
7

answer
868

Views

How to resolve this MISRA warning: C++

Here is the code as below: std::stringstream os; os
suhel
2

votes
2

answer
268

Views

What would be an alternate way to properly discard a volatile variable content in C?

When programming micro-controllers, there sometimes are registers that need to be read in order to reset some flags. These registers are memory mapped and are declared as pointers to volatile in the code. Assume the next snippet as example: typedef volatile struct _Ifx_SCU { ... uint32_t reg; ... }I...
m4l490n
4

votes
3

answer
2.1k

Views

MISRA C++ 2008 Rule 5-2-7 violation: An object with pointer type shall not be converted to an unrelated pointer type, either directly or indirectly

In the following example: bool bad_function() { char_t * ptr = 0; // MISRA doesn't complains here, it allows cast of char* to void* pointer void* p2 = ptr; // the following 2 MISRA violations are reported in each of the casts bellow (two per code line) // (1) Event misra_violation: [Required]...
Baj Mile
2

votes
2

answer
702

Views

Both sides have side effects?

I ran static code analysis for MISRA 2004 and MISRA 2012 on the following C code: BOOL_TYPE Strings_Are_Equal(const char *s1, const char *s2) { BOOL_TYPE result = True; const char *str1 = s1; const char *str2 = s2; if (NULL == s1 || NULL == s2) { result = False; } else if (strlen(s1) != strlen(s2))...
Akay
3

votes
2

answer
1.7k

Views

MISRA-C coding guidelines for personal use programs?

I am usually a wood worker and not a developer. I'm learning C/C++ for embedded systems while trying to make some of my tool autonomous to save me hours of repetitive work. For now, its fun and going well, I have spend maybe a hundred of hours coding/learning and already saved more time*. As I want...
A.albin
2

votes
5

answer
1.8k

Views

What is a faithful alternative to a linked list in C?

This question might be too broad, or opinion-biased, but I know this site to be full of experienced programmers, and I think it might encourage a good discussion. I am implementing an embedded application in C, in which I use a linked list, containing structures: struct my { uint16_t x; uint16_t y;...
7

votes
2

answer
2.9k

Views

Rationale for comment rules in MISRA

Rule 2.2 in MISRA states that "source code shall only use /* ... */ style comments". Does any one know what is the rationale for this rule? what is wrong with // style comments?
Kamyar Souri

View additional questions