MISRA Discussion Forums
Portal

Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  

  regarding 38b and 48a
Posted by: stefania.botta - 02-03-2012, 03:26 PM - Forum: MISRA AC SLSF discussions - Replies (3)

Hi,

I have some doubt about the use in stateflow of matlab functions as min or max. The tools for autocoding haven't limitation to use in this way these matlab functions.

So, why it is wrong to use these functions in stateflow?

Thanks a lot,
Stefania Botta.

Print this item

  Casting pointers & Rule 5-2-7
Posted by: rfrutos - 28-02-2012, 01:38 PM - Forum: 6.4 Standard conversions (C++) - Replies (2)

The 5-2-7 rule says:

Quote:An object with pointer type sall not be converted to an unrelated pointer type, either directly or indirectly

and then shows some examples of casting between classes and structs, my question is if that is extensible to castings to primary types.
What I would like to do is something like:

Code:
typedef struct SC_MsgFrameToRbc
{
  uint32_t idIxl;
  uint32_t size;
  uint8_t frame[MAX_SIZE_FRAME];
} SC_MsgFrameToRbc;

SC_MsgFrameToRbc *msgReceived = NULL;
SC_MsgFrameToRbc msgSended = NULL;
char *buffer = NULL;


msgSended.idIxl = 1;
msgSended.size = 2
...

// Simulates sending message
memcpy(buffer, reinterpret_cast(&msgSended), sizeof(SC_MsgFrameToRbc)); // Compliant ??

// Message reception
msgReceived = reinterpret_cast(buffer); // Compliant ??

where the memcpy simulates other system-dependent code that implements message sending, would the two castings be compliant?

Print this item

  Writing a FLOSS checker for MISRA-C
Posted by: pkrebs - 28-02-2012, 08:44 AM - Forum: General Questions - Replies (1)

Good morning,

I'm (once more) thinking of implementing a static analysis tool for checking C sources against the MISRA-C:200 rules and release it as FLOSS (e. g. under GPL or a similar permissive license). However, I would need some questions answered before I can meaningfully undertake this task - I figure, that this is the best place to ask. What I would like to know is:

- Are there any legal restrictions when implementing a static analyser that claims to check the MISRA rules, i. e. is it even allowed to advertise this as a feature?
- Is it allowed to release such an analyser under a FLOSS license? The only problem I can think of is, that it is in principle possible to "reverse engineer" the rules out of the tool's source code, which could be seen as distributing the guidelines "for free".
- If a FLOSS release is permitted, are there any legal obligations to inform the MISRA Consortium of the release and subsequent additions to the tool (e. g. implementation of further MISRA rules)?

If someone can think of additional problems considering MISRA and FLOSS, don't hesitate to mention them (I am by no means a FLOSS license expert, those are just the problems I can immediately see).

Many thanks in advance for all pointers and answers.

Best Regards,

Peter

Print this item

  Does this code violate rule #8.7?
Posted by: gs - 15-02-2012, 07:30 PM - Forum: 6.8 Declarations and Definitions - Replies (3)

Given this example

Code:
file1.c:
        static int i;
        int j[1] = { i };
file2.c:
        extern int j[1];
        void f()
            {
            int k = j[0];
            }
Does this code violate rule #8.7, "Objects shall be defined at block scope if they are only accessed from within a single function"?

Print this item

  9.1 and Addressing
Posted by: gs - 13-02-2012, 10:37 PM - Forum: 6.9 Initialisation - Replies (1)

Suppose I have two functions:

Code:
void f( int * );
void g( const int * );
and the following usage:
Code:
void h()
{
int i;
int j;

f( &i );
g( &j );
}
Do these violate rule #9.1? The variable is used. Furthermore, in the case of the call to g(), no possibility exists of j becoming initialized by the call, unlike the call to f() with respect to i.

Print this item

  Rule 12.6 and functions taking/returning Boolean values.
Posted by: zaffanella - 10-02-2012, 09:22 AM - Forum: 6.12 Expressions - Replies (3)

The second part of Rule 12.6 says that:
"Expressions that are effectively Boolean should not be used as operands to operators other than ..."
The list of the allowed operators has been corrected in TC1 to include &&, ||, !, =, ==, != and ?:

What about the function call operator () ?

If a Boolean value (by enforcement or by construction) is used as an argument to a function having a parameter whose type is Boolean (by enforcement), are we violating Rule 12.6? For instance:

Code:
typedef /* Boolean-by-enforcement type */ bool_t;
void foo(bool_t b);

void bar(int32_t a, int32_t b) {
  bool_t b = (a == b);
  foo(b); /* Non-compliant? */
}

A similar conversion problem exists when returning a Boolean value. In this case Rule 12.6 never applies (even though a Boolean value is being "abused") merely because, strictly speaking, the return statement is not an operator. For instance:
Code:
int32_t bar(int32_t a, int32_t b) {
  bool_t b = (a == b);
  return b; /* Compliant? */
}

Are the two examples above matching what was really meant by Rule 12.6 and TC1?

Print this item

  MISRA rule 17.4 violation ?
Posted by: misterb - 26-01-2012, 08:14 AM - Forum: 6.17 Pointers and Arrays - Replies (1)

Hello,

my compiler find in the following code a MISRA violation 17.4 at the last view code lines. Is this correct? If yes, please tell me how to solve the above mentioned code. In my opinion there is no MISRA rule 17.4 violation.

Code:
#define BUF_LEN1     (512u)

/* this violates rule 8.7, but this is intentionaly. It is only a rule 17.4 example */
static uint32_t buf1[BUF_LEN1];
  
static struct TestStruct
{
  uint32_t *buf;
  uint32_t len;
} data1 = {NULL, 0u};

static void InitStruct(uint32_t _len, uint32_t _buf[]);
static void UseStruct(struct TestStruct * data);

int32_t main( void )
{
    
    InitStruct(BUF_LEN1, buf1);
    UseStruct(&data1);

    return 0;
}

static void InitStruct(uint32_t _len, uint32_t _buf[])
{
  data1.len = _len;
  data1.buf = _buf;
}

static void UseStruct(struct TestStruct * data)
{
  uint32_t i;
  
  for (i=0u; ilen; i++)
  {
    /* process data in any way ... */
    /* this code line causes a MISRA 17.4 violation error by the compiler */
    data->buf[i] = 1u;
  }
}

Many thanks in advance and best regards,

Michael

Print this item

  MISRA rule 7.1 Octal constants vs. Linux permissions
Posted by: tharris - 25-01-2012, 01:59 PM - Forum: 6.7 Constants - Replies (2)

MISRA rule 7.1 says don't use octal constants, and gives good reasons.
But code which sets and uses constants which represent Linux file permissions (see, for example, http://www.zzee.com/solutions/linux-perm...ml#numeric), are necessarily octal and code is more readable in that case in octal -- the "native" format for such constants.

Of course an octal number can be written, with the same digits, as hexadecimal, and that would meet the MISRA constraint. But IMHO would not meet the spirit of this rule, which is to avoid writing digits outside the base of the number by mistake. Writing a Linux file permissions constant as hex would mean that by mistake the developer could write a digit between 8 and F, and static analysis (compiler etc) would not catch it because it's legal hex. But illegal file permission digit.

Would people see this as a good place for a deviation from MISRA rule 7.1?

Print this item

  15.1 and "switch(0) case 0:"
Posted by: gs - 10-01-2012, 03:01 PM - Forum: 6.15 Switch Statements - Replies (1)

Hi,
Given the following code:

Code:
...
switch(0)
case 0:
...
does the example presented violate rule #15.1? Syntactically, the "switch(expression)" is followed by a "statement" and not necessarily a "compound statement" as stated in the rule. Therefore, can we correctly presume said code violates said rule?

Print this item

  designated initializers
Posted by: alon - 08-01-2012, 03:11 PM - Forum: General Questions - Replies (1)

This is a C99 feature.

Will Misra- C3 support it ?

Print this item

Search Forums

(Advanced Search)

Forum Statistics
» Members: 6,171
» Latest member: stephanmuench
» Forum threads: 998
» Forum posts: 2,752

Full Statistics

Online Users
There are currently 255 online users.
» 0 Member(s) | 253 Guest(s)
Bing, Google

Latest Threads
Rule 6.2.1: non-inline co...
Forum: 4.6 Basic concepts
Last Post: cgpzs
22-11-2024, 10:11 AM
» Replies: 0
» Views: 31
Rule 0.1.2
Forum: 4.0 Language independent issues
Last Post: stephanmuench
21-11-2024, 01:12 PM
» Replies: 0
» Views: 38
A18-9-4
Forum: AUTOSAR C++:2014 rules
Last Post: cgpzs
23-10-2024, 12:04 PM
» Replies: 2
» Views: 383
A8-4-5: are partial moves...
Forum: AUTOSAR C++:2014 rules
Last Post: misra cpp
22-10-2024, 02:03 PM
» Replies: 1
» Views: 329
model information blocks ...
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
22-10-2024, 01:27 PM
» Replies: 1
» Views: 4,450
MISRA AL SLSF - Rule 043I
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
22-10-2024, 01:11 PM
» Replies: 1
» Views: 8,866
MISRA AC EC guidelines
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 08:21 AM
» Replies: 4
» Views: 15,510
News on future releases
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 08:05 AM
» Replies: 1
» Views: 5,697
Signal naming convention ...
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 07:57 AM
» Replies: 1
» Views: 7,250
Rule 7.0.2: operator cons...
Forum: 4.7 Standard conversions
Last Post: karos
14-10-2024, 08:52 PM
» Replies: 2
» Views: 439