MISRA Discussion Forums

Full Version: C versus C++
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

We are looking to adopt the MISRA guidelines in our company to improve our coding standards. Most of our existing projects contain both C and C++ source files. We like to use the benefits that C++ offers for writing things like a menu system (user interface), where a well-defined class hierarchy can help with modularising our code. However, it is our opinion that C offers a better solution for medium-speed applications such as an LCD display driver (to actually display our C++ based menu system).

In this case, which MISRA standard should we adopt ? Do we use the MISRA C++:2008 guidelines for both our C++ and C source files or do we check C++ files against this standard and use the MISRA-C:2004 guidelines for our C source code ?


I believe you will have to use the MISRA C++, since you compile the C files on a C++ compiler. MISRA-C : 2004 chapter 3.5 explicitly states that it doesn't cover C++ issues.
Because there are some subtle differences between C and C compiled on a C++ compiler. Some examples:

C++ enforces explicit typecasting:
unsigned char* str = malloc(N); /* ok in C but not in C++ */
unsigned char* str = (void*) malloc(N); /* ok in both languages */

C++ doesn't allow file extensions in library headers, while C requires it. #include instead of #include .
C++ defines NULL as 0, while C can define NULL as 0 or (void*)0.
C++ allows // comments while C doesn't.
C++ will create default constructors etc for struct types, while C will not.

And so on.
I think the original question asked which version of MISRA to use for each project.
Obviously MISRA C++ should be used for C++ code. One can also suggest that MISRA C can be used for the C code, however I believe, in your case, that it won't be long before your C code becomes C++ code and thus one should apply both to the C code.
Ideally, I would suggest that you develop your own standards which include both sets of MISRA rules and also addresses the C/C++ incompatibility issues (these are all detailed in the C++ standard). For example...

int test( void )
    return 2 //* 2 */

... is both legal C and C++ code (although not MISRA compliant!) but will return different results in C90 and C++!

This way one can write C code that can be later ported to C++ without too much heart ache.
I have found that Programming Researches QA-C provides some excellent C/C++ compatibility checks that can also be used as part of your own standards. Other static analysis tools exist but I have limited experience with them.
In my view MISRA should be regarded as a minimum set of requirements for your code. You coding standards can address further issues specifically not covered in MISRA C.
I think Les Hattons 'Safer C' is an essential read for anyone involved in writing ANY software.