Welcome to the MISRA discussion forum

Dears,
Rule 2-10-3 said that Octal constants (other than zero) and octal escape sequences (other than “\0”) shall not be used.

From the description we know that '\0' and 0 comply with the rule.
How about '\00', '\000' , 00 and 000 ?

Thanks,
Longfem

Hi.
It is not completely clear what is meant by use of a macro in Rule 2.5. There is definition of a use of an expression in the Glossary, but not of a macro.
If taken literally, rule 2.5 means that standard include guards are forbidden:

#ifndef HEADER_H
#define HEADER_H // Not used unless another #ifndef is encountered somewhere inside
...
#endif

The rationale provided for this rule is to avoid reading or writing passed the bounds of an object argument, resulting in "undefined behavior".

The Amplification specifies that the value be "positive". However, that can be interpreted as "greater than" zero. However, according the to C standard (C99 7.21.1/2) it is well defined to call these functions with a value of 0:

Quote:Where an argument declared as size_t n specifies the length of the array for a function, n can have the value zero on a call to that function. Unless explicitly stated otherwise in the description of a particular function in this subclause, pointer arguments on such a call shall still have valid values, as described in 7.1.4. On such a call, a function that locates a character finds no occurrence, a function that compares two character sequences returns zero, and a function that copies characters copies zero characters.

I would like to adress some questions about the actual MISRA Coverage.
The main file reffered to is MISRA_C2012_Guidelines_for_the_use_of_the_C_language_in_critical_systems.
Then, as far as I understood, Safety/Security related topics brought up the new Ammendment 1 along with Addendum 1 ( Rule mapping ) and Addendum 2.

My question would be, does MISRA and the extensions above cover the entire ISO/IEC TS 17961 descriptions ?
And also, what would the difference be between MISRA with extensions and SEI CERT C Coding Standard ?

Thank you all in advance for the answers !

Best regards, Alex.

Dear All,

Is the following code the violation of Rule 16.1?
The code has statements after the first break statement in case 10.

// from here
typedef unsigned int uint32_t;
extern uint32_t func_a( uint32_t x );
uint32_t func_a( uint32_t x )
{
uint32_t rtn = 0;
switch( x )
{
case 10:
break;
rtn = 50; /* Rule 16.1 violation? */
break;
default:
break;
}
return rtn;
}
// to here

Best regards,

Which of the following is a 'variable' and thus suitable for use as loop counter (and subject to the restrictions on loop-control-variables)?

• local variable
  
• static/global variable
  
• class member variable
  
• function parameter [code]void f(int x) { for (; x

Just to make sure since several of our customers brought this up lately:

Is the following code compliant on a target where 'int' is 16 bits?

Dear MISRA team,

the term "unrelated type" leads to the question whether casting from a base to derived class pointer type and vice versa using reinterpret_cast shall be covered by the rule or not. Remark: I am perfectly aware that dynamic_cast and static_cast , resp., would be the right way for these purposes, so my question is rather academic.

I refer to the term "related type" as Stroustrup uses it concerning types "in the same class hierarchy" which is surely the case here.

Do these rules apply to class members?

If so, do they apply to instances of template class members?

C++ has the concepts:

• default initialization ("T var;")
  Calls the default constructor (if it exists); otherwise the memory is left uninitialized.
  
  
• value initialization ("T var = {};")
  Calls the default constructor if it exists and is user-defined.
  Otherwise, performs zero-initialization and then calls the compiler-generated default constructor (if it exists).
  
  
• zero initialization
  Roughly equivalent to a memset(..., 0, ...)