Questions tagged [misra]

Use this tag for questions about code that must conform to the coding guidelines called MISRA-C and MISRA-C++.

Document full titles:

Guidelines for the use of the C language in critical systems
Guidelines for the use of the C++ language in critical systems

Originally written by-and-for the automotive industry, now more widely used, including in the aerospace and defence industries.

Three editions of the C guidelines exist:

MISRA-C:1998 - 1^st Edition (informally MISRA C1).
Compatible with C90 only.
MISRA-C:2004 - 2^nd Edition (informally MISRA C2).
Compatible with C90 only.
MISRA C:2012 - 3^rd Edition (informally MISRA C3).
Released at Embedded World 2013. Compatible with C90 and C99.

An updated MISRA C:2012, 3^rd Edition, 1^st Revision (informally MISRA C3.1) was released at Embedded World 2019, incorporating Amendment 1 and Technical Corrigendum 1.

MISRA C:2012 Amendment 2 (published February 2020) brings C11 and C17 into scope (albeit with some restrictions).

MISRA C:2012 is the current industry de facto standard and the one recommended to use. The older ones are still available, but not recommended for new projects.

MISRA-C++ only exists in its current revision, MISRA-C++:2008.

Tag usage: Use this tag for all questions related to MISRA C and MISRA C++. It shall always be used together with either the c or the c++ tag.

When asking about the MISRA rules, please specify exactly which version you are using: C:1998, C:2004, C:2012 or C++:2008.

421 questions

148

votes

13 answers

What is the benefit of terminating if … else if constructs with an else clause?

Our organization has a required coding rule (without any explanation) that: if … else if constructs should be terminated with an else clause Example 1: if ( x < 0 ) { x = 0; } /* else not needed */ Example 2: if ( x < 0 ) { x = 0; } else…

c misra safety-critical

asked Jan 28 '16 at 05:16

Van Tr

5,889
2
20
44

votes

8 answers

Why does MISRA C state that a copy of pointers can cause a memory exception?

MISRA C 2012 directive 4.12 is "Dynamic memory allocation should not be used". As an example, the document provides this sample of code: char *p = (char *) malloc(10); char *q; free(p); q = p; /* Undefined behaviour - value of p is indeterminate…

c pointers memory-management misra

asked Nov 02 '14 at 21:00

toto

votes

3 answers

How standard is the {0} initializer in C89?

In my current project, which uses the MISRA 2004 standard, we use three GCC compilers, versions 3.2.3, 4.4.2 and 5.4.0. We run build checks with the pedantic switch and c89 standard and a load of other restrictions. One of the restrictions is that…

c gcc initialization c89 misra

asked Aug 11 '20 at 09:54

Walkingbeard

votes

4 answers

What's the difference between "dead code" and "unreachable code"?

I thought those terms where synonymous, but a note in MISRA regarding dead code indicates this to be wrong? What's the difference? Is one a subset of the other?

standards standards-compliance misra

asked Apr 02 '14 at 05:58

Lord_Gestalter

votes

2 answers

When should I use UINT32_C(), INT32_C(),... macros in C?

I switched to fixed-length integer types in my projects mainly because they help me think about integer sizes more clearly when using them. Including them via #include also includes a bunch of other macros like the printing macros…

c fixed-width misra uint32-t

asked Nov 26 '16 at 19:38

TimFinnegan

votes

2 answers

Free tools to check compliance with MISRA C?

Are there any open-source or free tools out there, that check the MISRA C compliance?

c standards misra

asked Feb 18 '11 at 16:33

Vladimir Keleshev

13,753
17
64
93

votes

4 answers

Why "continue" is considered as a C violation in MISRA C:2004?

MISRA 14.5 says continue statement must not be used. Can anyone explain the reason? Thank you.

c misra

asked Jun 11 '12 at 07:04

Lance

votes

3 answers

MISRA incrementation in C

While debugging some embedded code, I came across something like this: buffPtr = &a[5]; buffEndPtr = &a[10]; while (buffPtr != buffEndPtr) { *buffPtr = 0xFF; buffPtr = &buffPtr[1]; /* MISRA improvement for: buffPtr++ */ } Why…

c pointers embedded misra

asked May 14 '15 at 14:02

Adrian Suciu

votes

6 answers

Misra standard for embedded software

I have a requirement to make a large amount of code MISRA compliant. First question: Can somebody to give an estimation for passing well written code for embedded system based on experience. I understand that "well written" is poorly defined and…

c code-analysis embedded misra

asked Sep 15 '08 at 13:39

Ilya

3,104
3
23
30

votes

5 answers

Best practice for compute the function return value

Often I built functions, in C, that checks some parameters and return an error code. Which is the best approach to stop the values checking when I found an error? First example: ErrorCode_e myCheckFunction( some params ) { ErrorCode_e error =…

c return misra

asked Mar 03 '17 at 09:38

Federico

1,117
6
20
37

votes

3 answers

How to implement the CRTP following MISRA C++

My team is developing a embedded system where we need to follow MISRA C++. We are refactoring the code to use less virtual methods so we are trying to implement the CRTP to use static polymorphism instead of the dynamic one. But we have the problem…

c++ c++03 crtp static-cast misra

asked Oct 11 '18 at 08:42

LeDYoM

votes

5 answers

Alternative of system() in c Linux to execute a terminal command on linux

I want to execute a terminal command of Linux in a C program. Currently I am using system() function but I want to use any other as the system() function is banned as per MISRA. For example, how can I replace system("hwclock --systohc --utc");

c linux misra

asked Jun 05 '15 at 09:01

BKT

votes

5 answers

C/C++ conditional return statements

I am working on embedded program and in certain cases if a condition is not meant, I would like to return from function as quickly as possible. if I have the following code and I am doing embedded programming: foo() { if (a < b) { return…

c++ c misra

asked Jun 18 '13 at 19:29

user1135541

1,781
3
19
41

votes

1 answer

Use of small integer with bits operator in C

Related to a previous question, I can't understand some rules of MISRA C 2004. In ISO C99 draft 2007, in 6.5 section §4 : Some operators (the unary operator ~, and the binary operators <<, >>, &, ^, and |, collectively described as bitwise…

c misra type-promotion

asked Oct 07 '14 at 15:00

no_name

votes

5 answers

Is There a Java Equivalent to MISRA C?

In some languages, there are rules/best practices/etc. that promote software safety, ensure expected runtime behavior, etc. Two that come to mind are MISRA for C/C++, and the Ravenscar profile for Ada. There is typically a warm fuzzy feeling about…

java misra

asked May 18 '11 at 20:26

gmletzkojr

2 3

…

28 29 Next