Author Topic: MISRA C & OpenSource  (Read 12844 times)

0 Members and 1 Guest are viewing this topic.

Offline legacy

  • Super Contributor
  • ***
  • !
  • Posts: 4415
  • Country: ch
MISRA C & OpenSource
« on: November 18, 2015, 07:13:49 am »
hi guys
I am looking for a Misra C checker, I know there are commercial solutions which include a Misra C checker, I'd like to know if an open source alternative exists, and if not, I might think to implement a Misra C checker as - yet another Clang toy -

thank you in advance
 

Online coppice

  • Super Contributor
  • ***
  • Posts: 6535
  • Country: gb
Re: MISRA C & OpenSource
« Reply #1 on: November 18, 2015, 07:22:00 am »
hi guys
I am looking for a Misra C checker, I know there are commercial solutions which include a Misra C checker, I'd like to know if an open source alternative exists, and if not, I might think to implement a Misra C checker as - yet another Clang toy -

thank you in advance
I was looking for an open source Misra checker a few months ago. I found a couple of abandoned projects, but nothing useful.
 

Online nctnico

  • Super Contributor
  • ***
  • Posts: 22008
  • Country: nl
    • NCT Developments
Re: MISRA C & OpenSource
« Reply #2 on: November 18, 2015, 07:49:18 am »
AFAIK GCC can do several of the checks by settings some options. Maybe there are no specific tools because the tool already exists.
For example: Try and find a GUI based CD/DVD to ISO image program for Linux. There aren't any because the dd command is so simple to use for this purpose.
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline richardman

  • Frequent Contributor
  • **
  • Posts: 427
  • Country: us
Re: MISRA C & OpenSource
« Reply #3 on: November 18, 2015, 08:00:18 am »
AFAIK GCC can do several of the checks by settings some options. Maybe there are no specific tools because the tool already exists.
For example: Try and find a GUI based CD/DVD to ISO image program for Linux. There aren't any because the dd command is so simple to use for this purpose.

If only :-)

Some MISRA checks are fairly simple. Some require whole program analysis and is not trivial.
// richard http://imagecraft.com/
JumpStart C++ for Cortex (compiler/IDE/debugger): the fastest easiest way to get productive on Cortex-M.
Smart.IO: phone App for embedded systems with no app or wireless coding
 

Offline neslekkim

  • Super Contributor
  • ***
  • Posts: 1305
  • Country: no
Re: MISRA C & OpenSource
« Reply #4 on: November 18, 2015, 09:10:26 am »
AFAIK GCC can do several of the checks by settings some options. Maybe there are no specific tools because the tool already exists.
For example: Try and find a GUI based CD/DVD to ISO image program for Linux. There aren't any because the dd command is so simple to use for this purpose.

http://www.k3b.org/
http://sourceforge.net/projects/gnomebaker/

took me 1sec, I could find lots more if I needed..
 

Offline legacy

  • Super Contributor
  • ***
  • !
  • Posts: 4415
  • Country: ch
Re: MISRA C & OpenSource
« Reply #5 on: November 18, 2015, 09:40:54 am »
plenty of good reasons, I guess i'd better implement a code checker from scratch. Clang is good for that: I can allocate 3 months to the task

gcc can enforce its (ANSI-compliance) checks if invoked with
Code: [Select]
-ansi -pedantic -Wall -W
 

Offline legacy

  • Super Contributor
  • ***
  • !
  • Posts: 4415
  • Country: ch
Re: MISRA C & OpenSource
« Reply #6 on: November 18, 2015, 09:41:36 am »
I forget, i need MISRA-2004 && MISRA 2012
 

Offline legacy

  • Super Contributor
  • ***
  • !
  • Posts: 4415
  • Country: ch
Re: MISRA C & OpenSource
« Reply #7 on: November 19, 2015, 12:46:44 pm »
looking for advice: some good commercial static analyzer?
 

Offline paf

  • Regular Contributor
  • *
  • Posts: 75
Re: MISRA C & OpenSource
« Reply #8 on: November 19, 2015, 02:17:28 pm »
Not commercial, but free:
http://www.splint.org

Also free, more Windows oriented:
http://cppcheck.sourceforge.net


If you can run your C/C++ code under Unix, you should use Valgrind:
http://valgrind.org

 

Offline ale500

  • Frequent Contributor
  • **
  • Posts: 390
Re: MISRA C & OpenSource
« Reply #9 on: November 19, 2015, 04:53:44 pm »
We use lint, but which one, I have to look again. It is ok. But good ?....
There is QAC for instance... or klocwork I think is called, that one is a bit better and integrates with eclipse, but for multi-person teams with a versioning system... there is a bit more work needed.

One of the "strong" points of the rules are enforcing strong types, something C does not have, you should check if -ansi and -pedantic catch them.... but lint is a good start...
 

Online coppice

  • Super Contributor
  • ***
  • Posts: 6535
  • Country: gb
Re: MISRA C & OpenSource
« Reply #10 on: November 19, 2015, 04:56:54 pm »
Confluence picks up quite a lot of dumb stuff that most people miss.
 

Offline paf

  • Regular Contributor
  • *
  • Posts: 75
Re: MISRA C & OpenSource
« Reply #11 on: November 19, 2015, 05:39:31 pm »
Confluence picks up quite a lot of dumb stuff that most people miss.

I think the name you want is Coverity:
http://www.coverity.com

 

Online coppice

  • Super Contributor
  • ***
  • Posts: 6535
  • Country: gb
Re: MISRA C & OpenSource
« Reply #12 on: November 20, 2015, 12:02:03 am »
Confluence picks up quite a lot of dumb stuff that most people miss.

I think the name you want is Coverity:
http://www.coverity.com
AH, yes. There have been some name changes, purely to make things confusing.  :)

Coverity is available for free for some open source projects, and I have used it to good effect in that way. The measure of these tools is not so much what they spot, but the number of false alarms. A flood of false alarms is a dreadful time waster, and drives people away. Coverity is very good on that front.
 

Offline paf

  • Regular Contributor
  • *
  • Posts: 75
Re: MISRA C & OpenSource
« Reply #13 on: November 23, 2015, 06:15:33 pm »
 

Offline ehughes

  • Frequent Contributor
  • **
  • Posts: 406
  • Country: us
Re: MISRA C & OpenSource
« Reply #14 on: November 24, 2015, 06:07:24 pm »
http://www.gimpel.com/html/pcl.htm

Ask yourself what you are worth and if writing your own will be more than $389 of your time.     

If you are trying to do real MISRA check compliance for an external customer,   they will not generally accept checks from half baked tools.





 

Offline semir-t

  • Contributor
  • Posts: 22
  • Country: ba
Re: MISRA C & OpenSource
« Reply #15 on: October 14, 2021, 02:14:39 pm »
Hello,

Today I started using cppcheck because I need a free tool to check if my code complies with MISRA standard. I wrote simple program and I can't seem to solve this issue that I have. So for this code, a get the [main.c:19] (style) Function types shall be in prototype form with named parameters (Required) [misra-c2012-8.2].

Code: [Select]
#include <stdint.h>


int getValue (int p);

int main(void)
{
uint8_t k = 0;
uint8_t p[10];
while(1)
{
int res = getValue(k);
k++;
p[100] = 5;
}
return 0;
}

int getValue (int p)
{
int k = 0;
switch(p)
{
case(1):
{
k = p;
break;
}
case(2):
{
k = 55;
break;
}
default
{

break;
}
}
return 0;
}


I get the following report from the cppcheck:
Code: [Select]
python misra.py --rule-texts=MISRA_C_2012.txt main.c.dump
Checking main.c.dump...
Checking main.c.dump, config ...
[main.c:19] (style) Function types shall be in prototype form with named parameters (Required) [misra-c2012-8.2]
[main.c:6] (style) Function types shall be in prototype form with named parameters (Required) [misra-c2012-8.2]

MISRA rules violations found:
Required: 2

MISRA rules violated:
misra-c2012-8.2 (-): 2

 

Online RoGeorge

  • Super Contributor
  • ***
  • Posts: 3491
  • Country: ro
Re: MISRA C & OpenSource
« Reply #16 on: October 14, 2021, 02:29:56 pm »
Isn't the main() function supposed to be typed last, at the end of the C source file?

Offline newbrain

  • Super Contributor
  • ***
  • Posts: 1265
  • Country: se
Re: MISRA C & OpenSource
« Reply #17 on: October 14, 2021, 02:55:56 pm »
Isn't the main() function supposed to be typed last, at the end of the C source file?
Is that a MISRA C requirement?

In general, the answer is no.

The diagnostic is quite strange, as the function is declared with a prototype with a named parameter, it matches the definition, and it's visible both at the point of use and at the definition.
Nandemo wa shiranai wa yo, shitteru koto dake.
 

Online RoGeorge

  • Super Contributor
  • ***
  • Posts: 3491
  • Country: ro
Re: MISRA C & OpenSource
« Reply #18 on: October 14, 2021, 04:21:20 pm »
Isn't the main() function supposed to be typed last, at the end of the C source file?
Is that a MISRA C requirement?

In general, the answer is no.

That was only a guess of mine, so I've asked to clarify, thanks for the answer.

Online nctnico

  • Super Contributor
  • ***
  • Posts: 22008
  • Country: nl
    • NCT Developments
Re: MISRA C & OpenSource
« Reply #19 on: October 14, 2021, 04:27:58 pm »
First: the parameter of main isn't named. If there is no parameter, then it should be empty. Secondly the case statement has the wrong syntax.. It should be case <value>:
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline newbrain

  • Super Contributor
  • ***
  • Posts: 1265
  • Country: se
Re: MISRA C & OpenSource
« Reply #20 on: October 14, 2021, 04:58:07 pm »
First: the parameter of main isn't named. If there is no parameter, then it should be empty. Secondly the case statement has the wrong syntax.. It should be case <value>:
What?
No - wrong on both counts!

First:
A function declaration with an empty parameter list is not a prototype (just a declarator, see C11 §6.7.6.3, and specifically the examples in paragraph 16).
For a prototype to specify no parameters you MUST use void, as an empty parameter list makes no statement about the arguments the function takes.
In fact, this is perfectly standard C - but bad practice (and of course not MISRA compliant!):
Code: [Select]
int f();

int f(int i)
{
     /* My function body */
}
Misra C makes an explicit note that for functions taking no arguments void must be used.

Second:
The syntax is not  "case <value>:" and it's described in "6.8.4.2  The switch statement" as (paragraph 3):
Quote
The expression of each case label shall be an integer constant expression [...]
I hope you agree that (1) is a perfectly cromulent integer constant expression, as is e.g. (0xFF - 5*8 ).


« Last Edit: October 14, 2021, 05:04:45 pm by newbrain »
Nandemo wa shiranai wa yo, shitteru koto dake.
 
The following users thanked this post: nctnico, AndersJ

Online nctnico

  • Super Contributor
  • ***
  • Posts: 22008
  • Country: nl
    • NCT Developments
Re: MISRA C & OpenSource
« Reply #21 on: October 14, 2021, 05:18:43 pm »
But the OP is putting code through a syntax checking tool with a specific rule set so all bets are off... If someone uses case(1) in code I start to doubt that person's coding skills.
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline newbrain

  • Super Contributor
  • ***
  • Posts: 1265
  • Country: se
Re: MISRA C & OpenSource
« Reply #22 on: October 14, 2021, 05:23:27 pm »
That was only a guess of mine, so I've asked to clarify, thanks for the answer.
"main" is obviously a very special function*, but in this respect behaves just like any other function.
It might be practical to put it a the end so that one needs not provide prototypes for functions, used in its body and defined in the same translation unit.

*Invoked at startup, possible to define with different prototypes but you should not provide one, falling off the end is equivalent to "return 0;" etc.
Nandemo wa shiranai wa yo, shitteru koto dake.
 

Offline newbrain

  • Super Contributor
  • ***
  • Posts: 1265
  • Country: se
Re: MISRA C & OpenSource
« Reply #23 on: October 14, 2021, 05:28:41 pm »
But the OP is putting code through a syntax checking tool with a specific rule set so all bets are off... If someone uses case(1) in code I start to doubt that person's coding skills.
I also would not write that way (when using a simple literal) but it's not wrong.
Still, none of the diagnostics was referring to the switch statement - one was for main and one for the other function.  :-//
Nandemo wa shiranai wa yo, shitteru koto dake.
 

Online SiliconWizard

  • Super Contributor
  • ***
  • Posts: 8267
  • Country: fr
Re: MISRA C & OpenSource
« Reply #24 on: October 14, 2021, 06:20:52 pm »
Didn't realize it was an old resurected thread when I started replying...

cppcheck has partial coverage: https://cppcheck.sourceforge.io/misra.php
(It's not particularly Windows-oriented, cppcheck builds fine on Linux/MacOS and is even available as a plugin in a number of automated build tools and IDEs. It's just that there is GUI front-end for Windows, but the CLI version is perfectly adequate.)

cppcheck is quite useful in general. But as you saw, it doesn't have full MISRA-C 2012 coverage. The status is probably better than what it was in 2015 though. AFAIK, if you want FULL coverage, there aren't many open source tools and you might need to look at commercial ones.
 
The following users thanked this post: newbrain


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf