问题
I am validating MISRA C:2012 standard to my MCU code using PC-Lint. I got following errors.Here I posted a sample code where I got errors on condition statements.
1] unsigned integer literal without a 'U' suffix [MISRA 2012 Rule 7.2, required] S_LCB_100,
2] side effects on right hand of logical operator, '&&' [MISRA 2012 Rule 13.5, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
3] : a signed value and an unsigned value cannot be used together as operands to != [MISRA 2012 Rule 10.4, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
4] : a signed value and an unsigned value cannot be used together as operands to != [MISRA 2012 Rule 10.4, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
5] an unsigned value and a signed value cannot be used together as operands to == [MISRA 2012 Rule 10.4, required] if ( List[Loop] == 0x00000000 )
How can I make it MISRA C:2012 compliance?
typedef unsigned char UINT8;
typedef unsigned char BYTE;
typedef unsigned long int UINT32;
#define S_LCB_100 0xF0BB12DE;
#define MULTI 0x1A;
volatile static BYTE Counter = 0;
static UINT8 Loop = 0;
static UINT32 List[]=
{
S_LCB_100,
0x00000000,
};
while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
{
.......some code
}
if ( List[Loop] == 0x00000000 )
{
.....some code
}
回答1:
General remarks:
- Before worrying about MISRA-C compliance, get the code to compile on a C compiler.
- Then make sure you have the MISRA-C:2012 document available or you simply cannot work with MISRA.
- Get rid of nonsense like "Yoda conditions".
- Get rid of custom typedefs and use
stdint.h. If you are on C90 thentypedefwith the names used bystdint.h.
1] unsigned integer literal without a 'U' suffix [MISRA 2012 Rule 7.2, required] S_LCB_100,
Pretty self-explaining. Add U or u to integer constants that should be unsigned. Read rule 7.2 for details.
2] side effects on right hand of logical operator, '&&' [MISRA 2012 Rule 13.5, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
Counter is voltatile-qualified and accessing it is a side-effect. So it should not exist inside complex expressions in general, and particularly not on the right hand side of a boolean && expression - that's quite questionable code. In this case you could simply rewrite the code as this:
uint32_t count = (uint32_t)Counter;
while((count != 0u) && (List[Loop] != 0u))
{
...
count = (uint32_t)Counter; // read volatile variable in an expression of its own
}
3] a signed value and an unsigned value cannot be used together as operands to != [MISRA 2012 Rule 10.4, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
This is because Counter is declared as BYTE. Drop all such home-brewed crap types and declare it as uint8_t instead. Then use the while form as shown above. Use u suffix. This should fix 2) to 5).
来源:https://stackoverflow.com/questions/54084453/how-to-make-c-code-to-misra-c2012-compliance