MISRA Discussion Forums
Portal

Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  

  9.1 Variable may not have been initialized
Posted by: ankitshah413 - 19-02-2018, 11:51 AM - Forum: 6.9 Initialisation - Replies (4)

Hello,

I have an issue with MISRA 9.1 rule. In my code i have a "if" loop and inside that a variable is initialized and then is read after that. But when i do static analysis using pclint then i have a warning for 9.1 rule. Below is my code :

struct mgm2_info_return msg_ascu_info;

Code:
if(klr_ecuConf_t->feat_multislave)
    {
        msg_ascu_info = mgmF_massage_get_ascu_info();
    }
    msg_info = mgmF_massage_get_info();

The line where it is read and where warning occurs:
Code:
if( (((vF_mcms_fl_on((tm_uint8)V_FLONCMD_ACK)) ||
          (msg_info.pmcu_state ==  LDF_MASSSQC_STATE_ACTIVE))
                    &&((klr_ecuConf_t->feat_multislave)
                    || (msg_ascu_info.ascu_state ==  LDF_MASSSQC_STATE_ACTIVE))
        ) &&
        (msg_info.pmcu_trig_source == RqSource_ActvComf))

Do i need to write a justification or i need to initialize the entire structure first?

Print this item

  Rule 8.3: Symbol redeclared
Posted by: ankitshah413 - 16-02-2018, 12:34 PM - Forum: 6.8 Declarations and Definitions - Replies (11)

Hello,

I am facing an issue relating to rule 8.3. I am fixing MISRA violations in the project. The following code line is where i have issue:

in one of the files in the project i have the following code line:

dies->DrvPosn_D_SvRc_Rq = get_DrvPosn_D_SvRc_Rq();

get_DrvPosn_D_SvRc_Rq() is defined in other file as below:

tm_uint8 get_DrvPosn_D_SvRc_Rq(void)
{
return cio_DrvPosn_D_SvRc_Rq;
}

When i am performing the MISRA check , i get a error at 'dies->DrvPosn_D_SvRc_Rq = get_DrvPosn_D_SvRc_Rq();' line saying that Symbol 'get_DrvPosn_D_SvRc_Rq(void)' redeclared .

All the variables have same datatype tm_uint8;

Can you point out where the issue lies?

Thank you!

Ankit

Print this item

  Rule 8.3: int n[4] vs. int n[] ?
Posted by: swestin - 06-02-2018, 02:46 PM - Forum: 8.8 Declarations and defnitions - Replies (1)

Within the context of this rule, is the following definition/declaration pair allowed?

Code:
int n[4];


int n[];
Print this item

  MISRA Guidelines for secure coding - further updates
Posted by: david ward - 01-02-2018, 01:32 PM - Forum: Announcements - No Replies

The MISRA C Working Group are pleased to announce the publication of two Addenda to the MISRA C:2012 guidelines.

The 2nd edition of MISRA C:2012 Addendum 2 (Coverage of MISRA C:2012 against ISO/IEC TS 17961:2013 "C Secure") updates the document to include coverage provided by Amendment 1 (Additional security guidelines for MISRA C:2012).

MISRA C:2012 Addendum 3 (Coverage of MISRA C:2012 against CERT C) provides an analysis of the coverage provided by MISRA C:2012 (including Amendment 1) against the recommendations provided by CERT C.

Together, these two documents demonstrate that MISRA C provides best practice guidelines for the development of secure applications, as well as the widely considered applicability of MISRA C for safety-related systems.

Future work within the MISRA C Working Group on the Standard Library for Hosted Applications, and to add the new features of C11 are underway, and will enhance the coverage of MISRA C in these areas.

Both documents are available as free downloads from the "Resources" section of this Bulletin Board.

If you have questions on the new Guidelines then they can be asked under the relevant forum topic (e.g. a question about Rule 12.5 should be added under "MISRA C > MISRA C:2012 guidelines > 8.12 Expressions").

Print this item

  MISRA C:2012 Addendum 3
Posted by: david ward - 01-02-2018, 01:24 PM - Forum: MISRA resources - Replies (2)

While it is widely considered that MISRA C provides best practice guidelines for the development of safety-related systems, the publication of "CERT C" has generated discussion on the applicability of MISRA C for secure applications.

This document contains a mapping of MISRA C coverage of the "CERT C" requirements and shows that for freestanding applications, MISRA C already has excellent coverage of those recommendations.



Attached Files
.pdf   MISRA C 2012 Addendum 3.pdf (Size: 129.97 KB / Downloads: 221)
Print this item

  5-2-2: why only virtual base class???
Posted by: dg1980 - 22-01-2018, 08:15 AM - Forum: 6.5 Expressions (C++) - Replies (1)

Hi,

the code below crashes as a result of the undefined behavior referenced in this rule.
Yet, no virtual base class is used as stated in the headline, the text and the example.
So, i think it could mislead any static analysis tool vendor when implementing this rule.

Code:
namespace nMISRA
{
  typedef signed int si32;

  class cBase
  {
  public:
    virtual void f1(void){}
  private:
  };

  class cDerived : public cBase// no virtual base
  {
  public:
    cDerived(void) : x(0){}
    void f2(void){++x;}
  private:
    si32 x;
  };

  void undefined_behaviour(cBase* arg_ptr)
  {
    cDerived* ptr = static_cast(arg_ptr);// undefined as per ISO/IEC 14882:2003 5.2.9 subsection 8
    ptr->f2();
  }
}

nMISRA::si32 main(void)
{
  nMISRA::cBase b;
  nMISRA::undefined_behaviour(&b);
  return 0;
}
Print this item

  Rule 8-5-2: what about strings?
Posted by: jocob - 10-01-2018, 01:15 PM - Forum: 6.8 Declarators (C++) - Replies (2)

struct Test
{
char str1[20];
char str2[20];
};

struct Test t =
{
"Hello",
"World"
};

LDRA flags this with 397 S (Array initialisation has insufficient items.) violation of 8-5-2 (Braces shall be used to indicate and match the structure in the non-zero initialization of arrays and structures.)

Looking at the details of the rule in the guidelines, I see why: "The non-zero initialization of arrays or structures requires an explicit initializer for each element."

It seems there should be an exception for initializing a character array with the string syntax, since:
a. the unused characters are implicitly null character 0
b. there is no MISRA compliant way to explicitly add null characters to a "string"

I think MISRA C 2004 has a similar problem, but I haven't looked at 2012 yet.

Print this item

  Rule 7-5-4 and safety
Posted by: dg1980 - 19-12-2017, 07:13 AM - Forum: 6.7 Declarations (C++) - Replies (1)

Hi,

I was just reading this article about the Toyota incident (http://www.safetyresearch.net/Library/Ba...RUBBED.pdf) and was wondering why this rule is advisory compared to MISRA C 2004 and MISRA C 2012?

Print this item

  5-2-3 possibly flawed
Posted by: dg1980 - 19-12-2017, 07:13 AM - Forum: 6.5 Expressions (C++) - Replies (1)

Dear MISRA team,

i was wondering why is this rule advisory, when basically the same undefined behaviour applies as referenced in rule 5-2-2 (ISO 5.2.9(8))?
The result of

Code:
static_cast(&a)
is undefined if
Code:
(&a)
does not point to a B.
Granted, most compiler vendors tend to return a null pointer but it is by no means defined in the standard.
Very important: if the intention of MISRA was to prevent the usage of static_cast and allow only dynamic_cast, the rule text does not mention that at all. My suspicion rose when i studied the given example code: it shows only dynamic_cast.

BTW: am i right that rule 5-2-2 is only for old, non-ISO-compliant compilers? An attempt to use static_cast with a virtual base does not compile on any i have seen.

Thanks.

Print this item

  MISRA AC AGC vs. MISRA-C:2012-Appendix-E
Posted by: msteding - 13-12-2017, 12:34 PM - Forum: MISRA AC AGC discussions - Replies (1)

Hello community,

recently, I bought the publication "MISRA AC AGC - Guidelines for the application of MISRA-C:2004 in the context of automatic code generation".
I bought this document because my code analyzer tools POLYSPACE from MATHWORKS support the analysis based on either MISRA-C:2004, MISRA-C:2012 or MISRA AC AC. As the latter one is based on MISRA-C:2004 I wonder, whether the standard MISRA-C:2012 with the exceptions resp. modifications described in Appendix E would be the 'better' choice?

Thank you for any response and
Best Regards.
Manfred

Print this item

Search Forums

(Advanced Search)

Forum Statistics
» Members: 6,171
» Latest member: stephanmuench
» Forum threads: 998
» Forum posts: 2,752

Full Statistics

Online Users
There are currently 567 online users.
» 0 Member(s) | 565 Guest(s)
Bing, Google

Latest Threads
Rule 6.2.1: non-inline co...
Forum: 4.6 Basic concepts
Last Post: cgpzs
Yesterday, 10:11 AM
» Replies: 0
» Views: 21
Rule 0.1.2
Forum: 4.0 Language independent issues
Last Post: stephanmuench
21-11-2024, 01:12 PM
» Replies: 0
» Views: 31
A18-9-4
Forum: AUTOSAR C++:2014 rules
Last Post: cgpzs
23-10-2024, 12:04 PM
» Replies: 2
» Views: 355
A8-4-5: are partial moves...
Forum: AUTOSAR C++:2014 rules
Last Post: misra cpp
22-10-2024, 02:03 PM
» Replies: 1
» Views: 317
model information blocks ...
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
22-10-2024, 01:27 PM
» Replies: 1
» Views: 4,437
MISRA AL SLSF - Rule 043I
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
22-10-2024, 01:11 PM
» Replies: 1
» Views: 8,854
MISRA AC EC guidelines
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 08:21 AM
» Replies: 4
» Views: 15,484
News on future releases
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 08:05 AM
» Replies: 1
» Views: 5,682
Signal naming convention ...
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 07:57 AM
» Replies: 1
» Views: 7,237
Rule 7.0.2: operator cons...
Forum: 4.7 Standard conversions
Last Post: karos
14-10-2024, 08:52 PM
» Replies: 2
» Views: 424