Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





  Rule 14.3 and preprocessor constants
Posted by: hummelvario - 01-10-2021, 09:31 AM - Forum: 8.14 Control statement expressions - Replies (1)

Hi,


I have a question regarding a reported MISRA violation in our code, which isn't completely clear to me after reading the MISRA Guidelines.

Does the MISRA C:2012 Rule 14.3 (Controlling expressions shall not be invariant) also apply to predefined constants, which include function-lika macros?

Example:

Code:
#define ROUND_TO(type, val) ((type) (((val) < 0.0) ? ((val) - 0.5) : ((val) + 0.5)))

#define RMS_TO_AVERAGE  ROUND_TO(uint16_t, ((70.0) / (1.11)))


In this case the expression ((val) < 0.0) is invariant, but it is only once used initialising a constant (RMS_TO_AVERAGE).


Regards, Kevin

Print this item

  Rule8.9 applicability to const ?
Posted by: Soren_Kolbach_Hansen - 24-09-2021, 01:49 PM - Forum: 8.8 Declarations and defnitions - Replies (1)

Hello,

I have a question regarding rule 8.9.

We are currenly using static const instead of defines at the top of our files to manage implementation specific constants, however this is being flagged as a violation of rule8.9 if only used in one function, however as per the rationale of 8.9 this does not make all that much sense to us, is this really the intent of the rule?

Best regards

Soren

Print this item

Rainbow R4-5-1 Alternative tokens
Posted by: ELovisari - 23-09-2021, 10:26 AM - Forum: 6.4 Standard conversions (C++) - Replies (2)

Hello,

I have a request for clarification for rule 4-5-1:

Quote:Rule 4–5–1
(Required)
Expressions with type bool shall not be used as operands to built-in operators other than the assignment operator = , the logical operators && , || , ! , the equality operators == and !=, the unary & operator, and the conditional operator.



Rule 4-5-1 and its Rationale do not seem to explicitly forbid the alternative operator representations and, or and not, which, if I understand correctly, are equivalent to the allowed &&, || and !. Rule 2-5-1 explicitly forbids digraphs, but restricts the notion of digraph to the six cases given in its Rationale.

Can I therefore interpret the rule as implicitly allowing and, or and not (and then maybe also not_eq) tokens?

Print this item

  Essential types of constant variables
Posted by: LordMordac - 30-07-2021, 10:27 PM - Forum: 6.5 Expressions (C++) - Replies (2)

I'm having a disagreement with my tool vendor over the essential types of constant variables.

Code:
uint32_t v1 = 1U;
const uint32_t v2 = 1U;
static const uint32_t v3 = 1U;
constexpr uint32_t v4 = 1U;

My interpretation of the spec is that all the identifiers (v1, v2, v3 and v4) have uint32_t essential type.

My tool vendor's interpretation is that v1 has a uint32_t essential type. While v2, v3 and v4 have a uint8_t essential type.  (I don't have any insight into their reasoning)

Clarification on this issue would be much appreciated.

Print this item

  Initialisation of multiple constant arrays WITHOUT #define
Posted by: misra cpp - 22-07-2021, 02:22 PM - Forum: 6.16 Preprocessing directives (C++) - No Replies

Note this post was made by jonesthechip, but was lost when the bulletin board was migrated to MISRA's new website. It's been resubmitted by  misra cpp


Unread post by jonesthechip » Wed May 26, 2021 10:27 am

A code base derived from an earlier C product has a large number of #define XYZ = {{1,2,3}} statements in a header.
The string defined by XYZ is used to initialise part of a ROM constant array, as follows:-

SpecialType ABC = {XYZ, 0, 1, pointer};

'SpecialType' is a structure with a three byte array that gets loaded with the replacement data from XYZ, and other sundry components.

This gets expanded to SpecialType ABC = {{{1,2,3}}, 0, 1, pointer};

The header file groups a number of replacements strings defined as XYZ, PQR, UTC, etc to keep the data (access parameters for comms) in one 'logical' place. Some replacement strings are used once, some in several other files to initialise other structures.

To achieve MISRA compliance means getting rid of all of these *&!^%$ macros. (Or more deviations than you can shake a stick at... Not ideal!)

However, it appears to be a classic case of "you don't really want to start from here"...

The optimum fix would be to re-write the code to use a pointer to a fixed string and bin the macros, putting all of the three byte arrays into a set of constant structures and sharing pointers to individual elements. This would lead to an unholy amount of retesting (and possibly my head on a stake, to deter others).

The least worst practical approach appears to be to bin the macros and edit the text replacement directly into all of the files, which although time-consuming does generate identical output binary files and therefore requires no re-testing. However, this does break the link between copies of the same data sets, so that a change to a particular set would require a search and edit through the code base.

So, today's question is: any better suggestions, please?

Regard

Sid Jones


You are right, this is currently non-compliant

See MISRA compliance 2020 for how this sort of issue can be managed.

The rule 16-2-2 is currently under review for the next issue

Print this item

  New forum release notes
Posted by: david ward - 20-07-2021, 03:36 PM - Forum: Announcements - No Replies

Hello everyone, just a few notes concerning the new forum. Due to database migration issues please note the following:

  • If you registered after 21 May 2021 for the old forum you will need to register again.
  • If you registered before this date your account has been ported across but you will need to reset your password, please see the link at the top of this page.
  • We are working on reinstating posts made after 21 May – these will be reposted by one of the official MISRA accounts with the headline "Originally posted by nnn".
  • Downloads in the "Resources" section have now been reinstated.
If you find any other issues please get in touch via the "Contact us" form.

Print this item

  Comments are needed for Rule 6-4-2? and should be placed inside the "else" block?
Posted by: chenzhuowansui - 02-04-2021, 03:02 AM - Forum: 6.6 Statements (C++) - Replies (2)

Hi,

With regards to Rule 6-4-2

Quote:All if … else if constructs shall be terminated with an
else clause.
we have some different interpretations, so could you kindly help clarify the following questions for us:
1. The rule only talks about "if … else if constructs shall be terminated with an else clause." in the title, and doesn't mention anything about adding necessary comments for the else clause in the title. However, in the rationale part, it indeed mentions that the final else statement should "either take appropriate action or contain a suitable comment", the question is: shall we take the rationale part into account to interpret this rule, more specifically, is the following code snippet compliant?
Code:
if ( x < 0 )
{
log_error ( 3 );
x = 0;
}
else if ( y < 0 )
{
x = 3;
}
else
{
}

2. If the comments are necessary, where shall it be placed: right in the else block? or any places around the else clause, for example, are the following cases compliant?
Code:
if ( x < 0 )
{
log_error ( 3 );
x = 0;
}
else if ( y < 0 )
{
x = 3;
}
// No change in value of x
else
{
}
Code:
if ( x < 0 )
{
log_error ( 3 );
x = 0;
}
else if ( y < 0 )
{
x = 3;
}
else // No change in value of x
{
}
Code:
if ( x < 0 )
{
log_error ( 3 );
x = 0;
}
else if ( y < 0 )
{
x = 3;
}
else
// No change in value of x
{
}
Many thanks in advance!

Print this item

  Rule 11-0-1 and POD types
Posted by: cgpzs - 24-03-2021, 01:57 PM - Forum: 6.11 Member access control (C++) - Replies (1)

Hi,

I have a few questions about rule M11-0-1:

Rule 11–0–1
(Required)
Member data in non-POD class types shall be private.

* As posted in a previous question, "class types" here means "class, struct or union". Is my understanding correct?
* Why should the fact that a type is POD or not influence access control?

Let's have the following controversial example. Having the following POD type:

Code:
struct Foo
{  
   int x;
   int y;
};

The design for this struct is to aggregate 2 variables together, but there's no invariance to hold. x and y can vary independently. The struct is POD, so it's compliant with M11-0-1.

Now, in the future we want to extend `Foo` with another variable independent from x and y:

Code:
struct Foo
{
    int x;
    int y;
    std::string name;
};

Now, since `Foo` contains a `std::string`, and `std::string` is not a POD, then `Foo` becomes a non-POD. In turn, this now violates M11-0-1, which forces us to make these fields private. This leads to adding trivial boilerplate getters and setters to `Foo`, and every consumer of this struct needs to change their way of interacting with `Foo`.

This wouldn't happen if `name` was a `char const*`:

Code:
struct Foo
{
    int x;
    int y;
    char const* name;
};

The semantics of `Foo` are identical to before, just using a different type for one of its members. Why should that lead to such dramatic changes?

A similar example:

Code:
struct Bar
{
    std::vector points_x;
    std::vector points_y;
};

`Bar` is a collection of points that are independent from each other; there's no invariant.

Besides, POD types are types that are "compatible with the types used in the C programming language". Why should this be a concern if we are programming in C++? Why should we make our structs "C-compatible", if they are meant to be used in C++ code?

Print this item

  choosing C compiler
Posted by: scb1993 - 04-03-2021, 02:11 AM - Forum: General Questions - Replies (1)

Hello Sir,

I was going through MISRA C 2012 rules, Does MISRA says any guidelines to choose compiler for C as there are many compilers available in the market.

Regards
Subhra

Print this item

  MISRA C:2012 permits published
Posted by: david ward - 01-03-2021, 02:28 PM - Forum: Announcements - No Replies

The MISRA C:2012 Permits are now available as a free download from the "Resources" section of this Bulletin Board.

The MISRA C:2012 Permits presents a number of deviation permits covering commonly-encountered use cases for use with the MISRA C:2012 guidelines. It should be used in conjunction with MISRA Compliance:2020, a companion document which describes the purpose of deviation permits and which sets out the principles by which the concept of MISRA Compliance is governed.

Print this item

Search Forums

(Advanced Search)

Forum Statistics
» Members: 5,681
» Latest member: DelayShot
» Forum threads: 880
» Forum posts: 2,427

Full Statistics

Online Users
There are currently 72 online users.
» 0 Member(s) | 70 Guest(s)
Bing, Google

Latest Threads
MISRA C++ new version
Forum: C++ Announcements
Last Post: david ward
30-11-2021, 03:53 PM
» Replies: 7
» Views: 10,931
CWE Coverage by MISRA
Forum: General Questions
Last Post: susanne.goldammer
30-11-2021, 12:23 PM
» Replies: 0
» Views: 24
Rule8.9 applicability to ...
Forum: 8.8 Declarations and defnitions
Last Post: misra-c
27-11-2021, 11:10 AM
» Replies: 1
» Views: 228
Rule 14.3 and preprocesso...
Forum: 8.14 Control statement expressions
Last Post: misra-c
27-11-2021, 11:00 AM
» Replies: 1
» Views: 149
Rule 17.4 and main
Forum: 8.17 Functions
Last Post: misra-c
27-11-2021, 09:58 AM
» Replies: 1
» Views: 166
2.2 Dead code, 'operation...
Forum: 8.2 Unused code
Last Post: misra-c
27-11-2021, 09:18 AM
» Replies: 1
» Views: 170
for loop iterator being c...
Forum: 8.10 The essential type model
Last Post: misra-c
27-11-2021, 09:10 AM
» Replies: 1
» Views: 183
5-2-12 - Does the rule ap...
Forum: 6.5 Expressions (C++)
Last Post: DavidFriberg
24-11-2021, 03:23 PM
» Replies: 0
» Views: 67
6-5-2 and 6-5-4 on while ...
Forum: 6.6 Statements (C++)
Last Post: cgpzs
18-11-2021, 12:09 PM
» Replies: 4
» Views: 244
A3-1-5 - Rationale and ex...
Forum: AUTOSAR C++:2014 rules
Last Post: cgpzs
15-11-2021, 08:45 AM
» Replies: 2
» Views: 191