Welcome to the MISRA discussion forum

Is the following code compliant with rule 8.9 “An object should not be defined at block scope if its identifier only appears in a single function”?

What happens if there are 2 pointers to a struct/union in a translation unit. One which accesses the details of the struct/union and the other does not. For Example:
File1.h

Just wanted to clarify the rule, i understand this is non-compliance:
==========================================================
static void xyz();
void xyz() /*Non_compliant */
{
...........
}
==========================================================

But the i have query regarding the following:
==========================================================
void xyz();
static void xyz() /* Is this non-compliance*/
{
...............
}
==========================================================
So in the above case where first the function is declared as extern(by default), would it be non complaint under this rule to define it static?

The following code is Auto generated code from Embedded Coder of Matlab Simulink.

Dear colleagues,
I have received a paper where the authors talk about three different "subsets of MISRA-C 2004 rules". Each subset is related to a different "quality objective", that are in turn related to the SW criticality.
I have checked the MISRA-C 2004 document and I think that it does not contain any reference to these "rule subsets", with the exception of the advisory or required character and the classification of the rules by type.

I would like to know if this practice (having "rules subsets") is common in the automotive industry, and whether there is a shared reference to make this categorization of the rules subsets depending on the SW criticality.

Thanks in advance,

Ricardo

My name is Igor Gvero and I am a Product Manager/Owner at Klocwork. Our developers had few questions with respect to ambiguity of some rules. Questions are below.
NOTE: THESE ARE NOT SECTION 6 INQUIRIES - SO I AM POSTING THE QUESTIONS HERE

1. Concerning the Rule 5-0-15 of the MISRA C++ 2008 standard, is the following example compliant with the rule?

struct Bar
{
int32_t* dataP[2];
};

void f()
{
int32_t myarray[10];
Bar b;
b.dataP[0] = myarray;
b.dataP[1] = myarray;

int32_t c = (b.dataP[1])[3]; // Is this expression compliant with the rule 5-0-15?
}

The reason that I am asking this question is that the examples for the rule 5-0-15 seem to be contradictory about the use of pointers as arrays. For example, the following are examples from the documentation of the rule 5-0-15:

void my_fn(uint8_t * p1, uint8_t * p2[ ])
{
...
p1[ 5 ] = 0; // Non-compliant – p1 was not declared as array
...
}

uint8_t a[ 10 ];
uint8_t * p;
p = a;
p[ 5 ] = 0; // Compliant : seems to be contradictory with the previous example where it is non-compliant.

I would appreciate if you could explain the exact rule for the use of pointers as arrays in your answer.


2. Concerning the Rule 2-10-2 of the MISRA C++ 2008 standard, is operator overloading allowed for this rule? I think it should be allowed, but I would like to be sure. The rule discuss about identifiers. An operator name should not be an identifier, thus operator overloading should be allowed, but it is not clear from the rule. For example, is the following example compliant with the rule?

#include
#include

namespace myNamespace {
class myClass {
public:
static void* operator new(size_t); // Is this operator overloading compliant with rule 2-10-2?
};
}


3. Concerning the Rule 5-0-2 of the MISRA C++ 2008 standard, can one use parentheses for the operand of the sizeof operator? The rule states that “Parentheses are not required for the operand of a unary operator”. Sizeof is unary operator, thus parentheses should not be required. However, it is common practice to use parentheses with this operator (and even some MISRA examples use this style like rule 5-3-4). Here are some examples to help understand my question:

uint8_t* a = ...;

sizeof *a; // Should be compliant with the rule.
sizeof (int); // Should be compliant with the rule too since the operand is a cast.

sizeof(*a); // This is the one that I am not sure of. I think that it should be accepted but the rule seems to say otherwise.

I am using Parasoft's C++ test and I'm getting a line flagged. The code is as follows:

Hello

Please teach me the definition of "Declaration" in MISRA-C:2012.

We have read the amplification of rule 8.5.
A member say, "MISRA-C declaration does not include definition, always."
And another member say, "normally, MISRA-C declaration is same as standard-C (include definition)."

We understand that the "Declaration" in Rule 8.5 does not contain "Definition".
In basically, does "Declaration" include "Definition" ?

Best Regards,
Satoshi Kawajiri

Does the essential type system intended to apply to preprocessing expressions?
For example:

In the example below, is the cast to uint32 in the statement in which r2 is assigned a violation of Rule 10.8?