Questions tagged [misra]

Use this tag for questions about code that must conform to the coding guidelines called MISRA-C and MISRA-C++.

Document full titles:

Guidelines for the use of the C language in critical systems
Guidelines for the use of the C++ language in critical systems

Originally written by-and-for the automotive industry, now more widely used, including in the aerospace and defence industries.

Three editions of the C guidelines exist:

MISRA-C:1998 - 1^st Edition (informally MISRA C1).
Compatible with C90 only.
MISRA-C:2004 - 2^nd Edition (informally MISRA C2).
Compatible with C90 only.
MISRA C:2012 - 3^rd Edition (informally MISRA C3).
Released at Embedded World 2013. Compatible with C90 and C99.

An updated MISRA C:2012, 3^rd Edition, 1^st Revision (informally MISRA C3.1) was released at Embedded World 2019, incorporating Amendment 1 and Technical Corrigendum 1.

MISRA C:2012 Amendment 2 (published February 2020) brings C11 and C17 into scope (albeit with some restrictions).

MISRA C:2012 is the current industry de facto standard and the one recommended to use. The older ones are still available, but not recommended for new projects.

MISRA-C++ only exists in its current revision, MISRA-C++:2008.

Tag usage: Use this tag for all questions related to MISRA C and MISRA C++. It shall always be used together with either the c or the c++ tag.

When asking about the MISRA rules, please specify exactly which version you are using: C:1998, C:2004, C:2012 or C++:2008.

421 questions

votes

3 answers

rationale behind Misra 2012 not allowing cast between different pointers

I am currently working on a project which requires the code to be Misra 2012 compliant. Throughout the project we have lots of required misra warnings telling us we cant convert pointer to one type to a pointer to another type. Things as simple as…

c misra

asked Feb 17 '16 at 19:19

thunderbird

2,715
5
27
51

votes

1 answer

How to encode East-European (Polish) signs using simple escape sequences?

I'm developing an embedded application in C, which has to conform to MISRA standards. It will involve the use of strings containing Polish signs (ąęćłńśźż). I tried encoding them using octal/hex escape sequences: dictionary[archive_error] = "B"…

c character-encoding escaping embedded misra

asked Apr 13 '15 at 10:18

Michał Szydłowski

3,261
5
33
55

votes

2 answers

Document MISRA/QA-C message suppression with Doxygen

I'm currently working on a project, which has to be MISRA 2012 compliant. But in the embedded world, you can't fulfill every MISRA rule. So I have to suppress some messages generated by QA-C. What's he best solution to do this? I was thinking about…

c embedded doxygen misra

asked Jan 08 '15 at 07:39

m0nKeY

votes

5 answers

Misra violation 12.6

How to get rid of MISRA violation on following statement typedef unsigned char boolean; boolean A, B; A = !B; Operand of logical ! operator is not an 'effectively Boolean' expression. MISRA-C:2004 Rule 12.6; REFERENCE - ISO:C90-6.3.3.3 Unary …

c boolean typedef misra safety-critical

asked Feb 13 '14 at 17:16

user3285192

votes

3 answers

How are integer types converted implicitly?

The following code fails on a MISRA check. The concrete error message is: (MISRA-C:2004 10.1/R) The value of an expression of integer type shall not be implicitly converted to a different underlying type if it is not a conversion to a wider…

c misra

asked May 14 '12 at 11:34

harper

13,345
8
56
105

votes

3 answers

MISRA C:2004, error with bit shifting

I'm using IAR Workbench compiler with MISRA C:2004 checking on. The fragment is: #define UNS_32 unsigned int UNS_32 arg = 3U; UNS_32 converted_arg = (UNS_32) arg; /* Error line --> */ UNS_32 irq_source = (UNS_32)(1U << converted_arg); The MISRA…

c unsigned iar integer-promotion misra

asked Feb 04 '12 at 01:47

Thomas Matthews

56,849
17
98
154

votes

1 answer

MISRA 2012 Rule 2.2 The result of this logical operation is always 'false'

I need to check if a parameters fits in a well known list. To do so I wrote this function #define INV (0x1UL << 15U) #define NON_INV 0X00000000U #define RISING 0X00000000U #define FALLING (0x1UL << 1U) #define BOTH_EDGE ((0x1UL <<…

c misra qa-c

asked Jul 26 '22 at 10:09

Vincenzo Cristiano

votes

2 answers

Disable Rule 2.2 checker

My shop is using Coverity 2019.3. We have MISRA-C 2004 enabled. I want to disable MISRA-C 2004 Rule 2.2: Source code shall only use /* ... */ comments. The cov-analyze command has disable option, but it only shows checkers. For example, one could…

c misra coverity

asked Apr 25 '22 at 22:19

Thomas Matthews

56,849
17
98
154

votes

1 answer

Can anybody provide a MISRA C++ compliant 'offsetof' macro/template/function that works with static_assert?

I'm trying to write defensive code and put static_assert<> to ensure a structure's member has a specific offset to satisfy some hardware requirements MISRA C++ Rule 18-2-1 says "The macro offsetof shall not be used", so we've 'undef'd…

c++ c++11 misra

asked Apr 20 '22 at 03:47

Russ Schultz

2,545
20
22

votes

4 answers

Alternatives to printf() for MISRA C : 2004 compliant code

I am new to coding using MISRA C guidelines. The following are two rules in MISRA C 2004: Rule 16.1 (required): Functions shall not be defined with a variable number of arguments. Rule 20.9 (required): The input/output library shall not be…

c stdio misra

asked Mar 22 '21 at 06:21

Wait What

votes

1 answer

MISRA Violation 12.9 Operand of unary minus is unsigned

I'm currently dealing with some MISRA issues and therefore trying to understand the integer conversion rules in C. I'm getting a violation of MISRA-C 2004 rule 12.9 The unary minus operator shall not be applied to an expression whose underlying type…

c integer implicit-conversion misra

asked Apr 02 '20 at 10:32

RobertAlpha

votes

4 answers

How to assign bitfield variable to uint8_t variable without violating MISRA rules?

I have a typedef struct named Character. typedef struct { unsigned int a : 1; unsigned int b : 1; unsigned int c : 1; unsigned int d : 1; unsigned int o : 1; unsigned int p : 1; unsigned int q : 1; unsigned int x :…

c bit-fields misra uint8t

asked Jan 27 '20 at 09:36

Salahuddin

1,617
3
23
37

votes

1 answer

defined macro '__CCP_H__' is reserved to the compiler [MISRA 2012 Rule 21.1, required]

I have two use case for this Misra warning as mentioned below. Does compiler reserve some or specific name for #if defines which can't be used? Currently, I have disabled this warning by //lint !e9071 but do we really need to do anything for such…

c misra

asked Aug 22 '19 at 13:52

kapilddit

1,729
4
26
51

votes

3 answers

Am I allowed to choose to disable these two MISRA rules: one statement per function and mandatory function prototypes?

Our company are now ISO-13485 (Medical devices) and wants to use MISRAC2012. I read the standard, but I cannot figure out whether or not I am allowed to disable some rules if I think it could improve both stability and readability. Two examples:…

c misra

asked Oct 03 '17 at 19:00

nowox

25,978
39
143
293

votes

3 answers

MISRA C++ rule 5-0-3 false positive warning

My static analyzer is throwing the following warning: MCPP Rule 5-0-3: This complex expression is implicitly converted to a different essential type for the following code: void func(const uint32_t arg) { //32U has underlying type uint8_t …

c++ misra

asked Apr 04 '17 at 11:53

mikearmagedon

Prev 1 2 3

…

28 29 Next