MISRA Discussion Forums

Welcome, Guest

You have to register before you can post on our site.

6.4 and 6.5 with respect to unnamed bit fields?

Posted by: gs - 27-04-2010, 04:24 PM - Forum: 6.6 Types - Replies (1)

	Do rules #6.4 and 6.4 apply to unnamed bit fields? I would think, since the such fields are unnamed, one would not easily access them.

Assembly encapsulation in macros?

Posted by: gs - 26-04-2010, 06:41 PM - Forum: 6.2 Language Extensions - Replies (1)

Is this code compliant with rule #2.1?

Code:
#define ASM_MACRO_1 asm { "abc" }

#define ASM_MACRO_2 asm { "xyz" }

extern void g();

void f( void )

    {

    ASM_MACRO_1;    /* Do something in assembly.    */

    g();            /* Do something in C.           */

    ASM_MACRO_2;    /* Do something in assembly.    */

    }

Rules 12.1 and 12.5 and unary operators

Posted by: pmhill - 22-04-2010, 08:06 AM - Forum: 6.12 Expressions - Replies (3)

It is said in rules 12.1 and 12.5 that 12.5 is a special case of 12.1.

However, in rule 12.1, it is stated that no parentheses are required for the operand of a unary operator
while in rule 12.5 it is said that the operands of the logical operators && and || must be primary expressions;
the latter is exemplified in 12.5 with the following example:

if ( x && ( !y ) ) /* make !y primary */

So for rule 12.1, is something like:
if ( x && !y )
...
a violation?

Rule 8.10 Register Mapping

Posted by: mshearer123 - 31-03-2010, 07:52 AM - Forum: 6.8 Declarations and Definitions - Replies (3)

Hi,
I am using IBM logiscope to bring a pic24 project to MISRA compliance.

Due to the use of unions in the standard PIC header file (which maps all the registers to the locations in the linker) I have created my own local register mappings whenever needed.

i.e. for PORT configuration source, the header contains

Code:
extern volatile unsigned int  TRISA;

typedef struct 

{

  unsigned TRISA0:1;

  unsigned TRISA1:1;

  unsigned TRISA2:1;

  unsigned TRISA3:1;

  unsigned TRISA4:1;

  unsigned :2;

  unsigned TRISA7:1;

  unsigned TRISA8:1;

  unsigned TRISA9:1;

  unsigned TRISA10:1;

} TRISABITS;

extern volatile TRISABITS TRISAbits;

extern volatile unsigned int TRISB;

typedef struct

 {

  unsigned TRISB0:1;

  unsigned TRISB1:1;

  unsigned TRISB2:1;

  unsigned TRISB3:1;

  unsigned TRISB4:1;

  unsigned TRISB5:1;

  unsigned TRISB6:1;

  unsigned TRISB7:1;

  unsigned TRISB8:1;

  unsigned TRISB9:1;

  unsigned TRISB10:1;

  unsigned TRISB11:1;

  unsigned TRISB12:1;

  unsigned TRISB13:1;

  unsigned TRISB14:1;

  unsigned TRISB15:1;

} TRISBBITS;

extern volatile TRISBBITS TRISBbits;

extern volatile unsigned int  TRISC;

typedef struct

{

  unsigned TRISC0:1;

  unsigned TRISC1:1;

  unsigned TRISC2:1;

  unsigned TRISC3:1;

  unsigned TRISC4:1;

  unsigned TRISC5:1;

  unsigned TRISC6:1;

  unsigned TRISC7:1;

  unsigned TRISC8:1;

  unsigned TRISC9:1;

} TRISCBITS;

extern volatile TRISCBITS TRISCbits;

extern volatile unsigned int  LATA;

typedef struct

{

  unsigned LATA0:1;

  unsigned LATA1:1;

  unsigned LATA2:1;

  unsigned LATA3:1;

  unsigned LATA4:1;

  unsigned :2;

  unsigned LATA7:1;

  unsigned LATA8:1;

  unsigned LATA9:1;

  unsigned LATA10:1;

} LATABITS;

extern volatile LATABITS LATAbits;

The problem is, I don't have the linker file contained in my project, so therefore logiscope misses it and suggests all the extern variables should be static.
How can get around this?

Matthew Shearer

Rule 17.4

Posted by: mshearer123 - 31-03-2010, 07:25 AM - Forum: 6.17 Pointers and Arrays - Replies (2)

Hi,
I am finding a violation (with IBM logiscope) when i use an array within a structure.

so my structure is:

Code:
typedef struct

{

unsigned char a;

unsigned char b;

unsigned char c[10];

unsigned char d;

}mID;

and my main:

mID tester;

Code:
int main(void)

{

tester.a = 0x01;

tester.c[2] = 0x02;

tester.c[3] = 0x06;

tester.c[4] = 0x05;

return 0;

}

for each assignment to .c i am told "pointer arithmetic only with array indexing"

thanks for any advice

matt

Formal verification of MISRA-C programs

Posted by: dcrocker - 29-03-2010, 11:17 AM - Forum: General Questions - Replies (1)

We're working on a tool to perform formal verification of programs written in MISRA-C 2004. The idea is to annotate MISRA C functions (e.g. by writing preconditions) so that we can prove automatically that array indices are always in bounds, null pointers are never deferenced, division is never by zero, and so on. Then we prove that the callers of those functions meet the preconditions... and so on up to the main program. So we aim to prove compliance with the "hard" MISRA rules like 1.2, 17.1, 17.6 and of course 21.1. We'll also be able to prove other things, such as safety properties that can be expressed functionally.

I'm interested to know the extent to which MISRA-C users are prepared to write extra annotations to get this increased level of assurance. Please reply if you have a view on this, if possible saying what safety standard (if any) you are working to.

I've also started a blog about this approach, which you can find at http://blog.eschertech.com.

Regards - David

Relational operators and plain chars and wchar_t

Posted by: gs - 26-03-2010, 03:41 PM - Forum: 6.4 Standard conversions (C++) - Replies (1)

The documentation for MISRA C++ rule #4-5-3 includes the following:

Quote:The relational operators = may be used to determine if a character (or wide character) represents a digit.

The document then includes several examples which demonstrate compliance (or lack thereof) for the '>=' and '

Do enumerators count as "numeric values"?

Posted by: gs - 25-03-2010, 01:04 PM - Forum: 6.6 Types - Replies (1)

The commentary in the MISRA guidelines leaves the answer to this question unclear in my opinion due to the wording

Quote:Numeric values/data are numbers such as 0, 5, 23, \x10, -3.

Mixing plain char and non-plain char within ?:

Posted by: gs - 24-03-2010, 02:03 PM - Forum: 6.6 Types - Replies (1)

The commentary for rules #6.1 and #6.2 state,

Quote:[T]he second and third operands of the ternary conditional operator may both be of plain char type.

Do these rules permit one of these two operands to have plain char type and the other to have signed char or unsigned char type?

For that matter, what about the mixing of such operands with operators considered acceptable for use with objects of plain char type? For example, do the rules permit the following:

Code:
void function( char a, signed char b )

    {

    if( a == b )

        { /*  do something  */ }

    }

Plain chars within structs?

Posted by: gs - 18-03-2010, 03:53 PM - Forum: 6.6 Types - Replies (4)

The commentary for rule 6.1 and 6.2 states

Quote:The permissible operators on plain char types are the simple assignment operator (=), equality operators (==, !=) and explicit casts to integral types. Additionally, the second and third operands of the ternary conditional operator may both be of plain char type.

What about the '.' operator? Or the '->' operator? Could not an object of structure type contain a plain char member, making that member the second operand of the operator?

What about bit addressing or sizeof?

Pages (100): « Previous 1 … 71 72 73 74 75 … 100 Next »

Search Forums

(Advanced Search)

Forum Statistics

» Members: 6,171
» Latest member: stephanmuench
» Forum threads: 998
» Forum posts: 2,752

Full Statistics

Online Users

There are currently 289 online users.
» 0 Member(s) | 287 Guest(s)
Bing, Google

Latest Threads

Rule 6.2.1: non-inline co...
Forum: 4.6 Basic concepts
Last Post: cgpzs
22-11-2024, 10:11 AM
» Replies: 0
» Views: 35

Rule 0.1.2
Forum: 4.0 Language independent issues
Last Post: stephanmuench
21-11-2024, 01:12 PM
» Replies: 0
» Views: 44

A18-9-4
Forum: AUTOSAR C++:2014 rules
Last Post: cgpzs
23-10-2024, 12:04 PM
» Replies: 2
» Views: 394

A8-4-5: are partial moves...
Forum: AUTOSAR C++:2014 rules
Last Post: misra cpp
22-10-2024, 02:03 PM
» Replies: 1
» Views: 336

model information blocks ...
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
22-10-2024, 01:27 PM
» Replies: 1
» Views: 4,459

MISRA AL SLSF - Rule 043I
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
22-10-2024, 01:11 PM
» Replies: 1
» Views: 8,875

MISRA AC EC guidelines
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 08:21 AM
» Replies: 4
» Views: 15,522

News on future releases
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 08:05 AM
» Replies: 1
» Views: 5,706

Signal naming convention ...
Forum: MISRA AC SLSF discussions
Last Post: misra-ac
21-10-2024, 07:57 AM
» Replies: 1
» Views: 7,258

Rule 7.0.2: operator cons...
Forum: 4.7 Standard conversions
Last Post: karos
14-10-2024, 08:52 PM
» Replies: 2
» Views: 448

Login
Username:
Password:
	Remember me Lost Password?

Welcome to the MISRA discussion forum