MISRA Discussion Forums
Portal

Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  

  MISRA C++ 2008 Example Suite
Posted by: jungsun.goh - 08-03-2019, 06:24 AM - Forum: C++ General - No Replies

I could not find the MISRA C ++ 2008 example suites.
There is only MISRA C related stuff in Resources.
Is there MISRA C ++ 2008 example suites deployment plan?

Print this item

  MISRA C:2012 revision 1 available
Posted by: david ward - 05-03-2019, 04:20 PM - Forum: Announcements - No Replies

A revised version of MISRA C:2012 is now available in both hardcopy and PDF formats. This revised version consolidates the 2012 edition with Amendment 1 (Additional Security Guidelines) that was published in 2016, and the 2017 Technical Corrigendum 1.

The revised document is available now to purchase from the webstore, and PDF versions purchased from today (5 March 2019) will also deliver the new edition. If you previously purchased MISRA C, we regret that upgrades to single-user PDFs are not available, but the Technical Corrigendum and Amendment 1 are still available as a standalone document from the Resources section of this Bulletin Board. Tool vendors and corporate licensees who wish to upgrade should contact us for details.

Print this item

  Gotos in switches and Rule 6-4-5
Posted by: rgamble - 01-03-2019, 05:39 PM - Forum: 6.6 Statements (C++) - Replies (1)

Consider the following example:

Code:
typedef unsigned short uint16_t;
uint16_t foo(uint16_t x) {
    switch(x) {
        case 1:
            { goto end; }
        case 2:
            ++x;
            break;
        default:
            break;
    }  
end:
    ++x;
    return x;
}
The first case containing the goto appears to violate rule 6-4-5 which states that a case must end in a break or throw statement. If a break is added anywhere after the goto, it will be unreachable and would seemingly violate Rule 0-1-1 which forbids unreachable code. Rule 6-4-3 seems to consider the use of goto in a switch as it says that jump-statements (which includes goto) "are permitted within the compound statements forming the body of a switch-clause". Is it intended that an unconditional goto in a switch will require a deviation from either 6-4-5 or 0-1-1?

Print this item

  Is CERT C FIO34-C really NOT covered by MISRA rules as stated in MISRA C:2012 Addendum 3
Posted by: alexporto - 28-02-2019, 10:55 AM - Forum: General Questions - Replies (1)

The document MISRA:C Addendum 3 classifies the CERT C rule FIO34-C as NOT COVERED by MISRA (Coverage is None/None)

However, the condition detailed in this rule FIO34-C seems to be fully covered by MISRA rule 22.7

FIO34-C: Distinguish between characters read from a file and EOF or WEOF
MISRA C:2012 Amendment 1, Rule 22.7: The macro EOF shall only be compared with the unmodified return value from any Standard Library function capable of returning EOF

Is that correct?

Print this item

  Rule 10-2-1
Posted by: nishiyama - 26-02-2019, 10:06 AM - Forum: 6.10 Derived classes (C++) - Replies (1)

The following description is in section 10.2 of the C ++ language standard.

Quote:Name lookup can result in an ambiguity, in which case the program is ill-formed.

Therefore, the compiler always issues an error.
I think that this rule is excessive.

Print this item

  Rules 21.1 and 21.2. Possible contradiction with rule 11.9 and directive 4.6.
Posted by: l.inc - 22-02-2019, 07:44 PM - Forum: 8.21 Standard libraries - Replies (1)

Good day. I'm analyzing a few findings reported by a static analysis tool for a project that per project guidelines disallows any use of standard libraries. This maximizes control over the code and makes all the project code subject to MISRA C compliance. To comply with MISRA C:2012 and to avoid possible clashes with unit testing frameworks that do make use of standard libraries the internal standard-like macros and functions (like "offsetof" and "memcpy") have customized names.

Problems arise when trying to adhere to the rule 11.9 by defining the macro "NULL" and to the directive 4.6 by defining the exact-width integer types. These rules prescribe the use of standard names while the rules 21.1 and 21.2 prohibit such definitions. The project employs static assertions to guarantee that all the standard properties of the exact-width integer types and other integer types (like "size_t" and "ptrdiff_t") hold true for whatever (32-bit or 64-bit) target the project is compiled. The project is C99-specific, and I assume the MISRA C Working Group would rightfully point out that the directive 4.6 recommends inclusion of "stdint.h" in this case and therefore does not strictly contradict the rule 21.2 due to the standard headers being out of the MISRA C compliance scope. In any case the rationale of the rule 21.2 does not seem to apply here, as the typedef-names have no linkage and are therefore not reserved as per "C99. 7.1.3 Reserved identifiers" as long as no associated header is included.

My questions are:
1) How can the contradiction between the rules 11.9 and 21.1 be resolved with respect to the macro "NULL" in the context of the given project?
2) How can the contradiction between the directive 4.6 and the rule 21.2 be resolved with respect to the exact-width integer types in the context of the given project?
3) Rule 21.1 acknowledges that defining identifiers being subject to the question 2 "is well-defined provided that the header is not included", but still prohibits such definitions to avoid confusion. Does this prohibition also apply for the rule 21.2? What exactly causes confusion provided all the properties guaranteed by the standard are also ensured for the definitions made outside of the standard headers?

Kind regards

Print this item

  Doubts about Rule 21.3 and 21.8
Posted by: chenzhuowansui - 21-02-2019, 02:32 AM - Forum: 8.21 Standard libraries - Replies (2)

Hello,

We have some doubts about Rule 21.3 and Rule 21.8, please help clarify

Rule 21.3 The memory allocation and deallocation functions of shall not be used
Rule 21.8 The library functions abort, exit, getenv and system of shall not be used

From the titles and Rationale of these two rules, they are talking about only functions with the forbidden identifiers, but in the Amplification of these two rules, all these identifiers and macros are forbidden including using these identifiers to define variables or fields of structs. So my question is that can we use these identifiers in the following cases:

Code:
int free = 0; //Violate Rule 21.3?
struct s {
    int free;   //Violate Rule 21.3?
    int malloc; //Violate Rule 21.3?
    int exit; //Violate Rule 21.8?
    };

Please help clarify, thanks a lot!

Print this item

  MISRA2004 Rule 17.4 How to solve the Rule violation
Posted by: Tejas Kore - 19-02-2019, 04:17 AM - Forum: 6.17 Pointers and Arrays - Replies (3)

I have an issue regarding the rule violation in which I'm using a 2D array inside a structure and apparently The Rule 17.4 says it isn't compliant. Is Declaring arryas inside a structure/union not compliant and why is it so? What exactly is the alternative for it?
Help would be appreciated ASAP. Following is the example code. Thanks in advance.

Code:
#include
void func1(unsigned char abc);

typedef struct teststructure
{
    float buf[5][3];
}teststruct;

int main()
{
    unsigned char abc;

    func1(abc);

}

void func1(unsigned char abc)
{
    teststruct TEST;

    float fData = 54.0;
    TEST.buf[2][1] = fData;
}
Print this item

  Dir 4.14 - How to check pointer to structure
Posted by: apereira - 15-02-2019, 07:52 AM - Forum: 7.4 Code design - Replies (5)

For example:

Code:
typedef struct myStruct{
    int myParam;
} myStruct;

void fcn(myStruct *const ptr)
{
    ptr->myParam = 1;
}

What is the recommended way to check the struct pointer in this function?

Print this item

  2-10-2 "block scope" for classes and namespaces
Posted by: abgs - 14-02-2019, 11:11 AM - Forum: 6.2 Lexical conventions (C++) - Replies (1)

Rule 2-10-2 is defined in terms of "block scopes" and "nested blocks". The only example is of a function and there is no mention of classes nor namespaces. Does "block" refer only to a compound statement as part of a function body, or is the intention to include other curly-brace-enclosed regions or scopes? For example, are any of the indicated lines violations of rule 2-10-2?

Code:
int i;
namespace n { int i; } // A
namespace { int i; } // B
class c { int i; }; // C

class c2 { int k; void f() { int k; } }; // D

class base { int z; };
class derived : public base { int z; }; // E
Print this item

Search Forums

(Advanced Search)

Forum Statistics
» Members: 6,171
» Latest member: stephanmuench
» Forum threads: 998
» Forum posts: 2,752

Full Statistics

Online Users
There are currently 438 online users.
» 0 Member(s) | 436 Guest(s)
Bing, Google

Latest Threads
Rule 6.2.1: non-inline co...
Forum: 4.6 Basic concepts
Last Post: cgpzs
Yesterday, 10:11 AM
» Replies: 0
» Views: 18
Rule 0.1.2
Forum: 4.0 Language independent issues
Last Post: stephanmuench
21-11-2024, 01:12 PM
» Replies: 0
» Views: 30
A18-9-4
Forum: AUTOSAR C++:2014 rules
Last Post: cgpzs
23-10-2024, 12:04 PM
» Replies: 2
» Views: 353
A8-4-5: are partial moves...
Forum: AUTOSAR C++:2014 rules
Last Post: misra cpp
22-10-2024, 02:03 PM
» Replies: 1
» Views: 315
model information blocks ...
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
22-10-2024, 01:27 PM
» Replies: 1
» Views: 4,436
MISRA AL SLSF - Rule 043I
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
22-10-2024, 01:11 PM
» Replies: 1
» Views: 8,850
MISRA AC EC guidelines
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 08:21 AM
» Replies: 4
» Views: 15,478
News on future releases
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 08:05 AM
» Replies: 1
» Views: 5,678
Signal naming convention ...
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 07:57 AM
» Replies: 1
» Views: 7,231
Rule 7.0.2: operator cons...
Forum: 4.7 Standard conversions
Last Post: karos
14-10-2024, 08:52 PM
» Replies: 2
» Views: 414