Polyspace Code Verification: Coding Standards Report For Project: Polyspace

Polyspace Code Verification
Coding Standards Report for Project: polyspace

Report Author: ctreille
Polyspace Code Verification: Coding Standards Report for Project: polyspace
by Report Author: ctreille
Published 15-Jun-2020 10:13:30

Verification Author(s): Polyspace
Polyspace Version(s): Polyspace Code Prover 10.3 (R2020b)
Project Version(s): 1.0
Result Folder(s):
C:\qualkits_R2020b\do\codeprover\tests\code-prover-results\reporting\template-codingstandards\OR-414-6-codingstandards_3
Table of Contents
Chapter 1. Custom Coding Rules ................................................................................................................................................................................................................ 1
Custom Coding Rules Summary - Violations by File ........................................................................................................................................................................ 1
Custom Coding Rules Summary - Violations by Rule ...................................................................................................................................................................... 1
Custom Coding Rules Summary for all Files ..................................................................................................................................................................................... 2
Custom Coding Rules Summary for Enabled Rules ......................................................................................................................................................................... 2
Custom Coding Rules Violations ........................................................................................................................................................................................................ 3
Chapter 2. MISRA C:2004 Coding Standard ............................................................................................................................................................................................... 6
MISRA C:2004 Coding Standard Summary - Violations by File ....................................................................................................................................................... 6
MISRA C:2004 Coding Standard Summary - Violations by Rule ..................................................................................................................................................... 7
MISRA C:2004 Coding Standard Summary for all Files ................................................................................................................................................................... 7
MISRA C:2004 Coding Standard Summary for Enabled Rules ....................................................................................................................................................... 8
MISRA C:2004 Coding Standard Violations .....................................................................................................................................................................................13
Chapter 3. Appendix 1 - Configuration Settings .....................................................................................................................................................................................17
Polyspace Settings ............................................................................................................................................................................................................................. 17
Analysis Assumptions ............................................................................................................................................................................................................... 17
Coding Standard Configuration .......................................................................................................................................................................................................18
Chapter 4. Appendix 2 - Definitions .......................................................................................................................................................................................................... 26
............................................................................................................................................................................................................................................................... 26
i
Chapter 1. Custom Coding Rules
Custom Coding Rules Summary - Violations by File
Custom Coding Rules Summary - Violations by Rule
1
Custom Coding Rules Summary for all Files
File Total
C:\qualkits_R2020b\do\codeprover\tests\reporting\template-codingstandards\OR-414-6-codingstandards_3.c 18
Total 18
Custom Coding Rules Summary for Enabled Rules

Rule Description Pattern Total
1.1 All source file names must follow the specified pattern. Geck_C.*.c 1
1.2 All source folder names must follow the specified pattern. .*sources 1
2.1 All macros must follow the specified pattern. MACRO_[A-Z0-9_]* 1
2.2 All macro parameters must follow the specified pattern. _mp_.* 1
3.1 All integer types must follow the specified pattern. .*_s 0
3.2 All float types must follow the specified pattern. .*_f 0
3.3 All pointer types must follow the specified pattern. .*_p 0
3.4 All array types must follow the specified pattern. .*_a 0
3.5 All function pointer types must follow the specified pattern. .*_fp 0
4.1 All struct tags must follow the specified pattern. _s_.* 1
4.2 All struct type must follow the specified pattern. s_.* 0
4.3 All struct fields must follow the specified pattern. f_.* 0
4.4 All struct bit fields must follow the specified pattern. bf_.* 0
5.1 All class names must follow the specified pattern. c_.* 0
5.2 All class types must follow the specified pattern. c_.*_t 0
5.3 All data members must follow the specified pattern. m_.* 0
5.4 All function members must follow the specified pattern. fm_.* 0
5.5 All static data members must follow the specified pattern. sm_.* 0
5.6 All static function members must follow the specified pattern. sf_.* 0
5.7 All bitfield members must follow the specified pattern. bm_.* 0
Total 18
2
Rule Description Pattern Total
6.1 All enumeration tags must follow the specified pattern. _e_.* 0
6.2 All enumeration types must follow the specified pattern. e_.* 0
6.3 All enumeration constants must follow the specified pattern. E_[A-Z_]+ 0
7.1 All global functions must follow the specified pattern. gf_.* 4
7.2 All static functions must follow the specified pattern. sf_.* 0
7.3 All function parameters must follow the specified pattern. .*_p 2
8.1 All global constants must follow the specified pattern. G_[A-Z][A-Z0-9_]* 0
8.2 All static constants must follow the specified pattern. S_[A-Z][A-Z0-9_]* 0
8.3 All local constants must follow the specified pattern. L_[A-Z][A-Z0-9_]* 0
8.4 All static local constants must follow the specified pattern. SL_[A-Z][A-Z0-9_]* 0
9.1 All global variables must follow the specified pattern. gv_[a-z][a-z0-9_]* 0
9.2 All static variables must follow the specified pattern. sv_[a-z][a-z0-9_]* 0
9.3 All local variables must follow the specified pattern. lv_[a-z][a-z0-9_]* 7
9.4 All static local variables must follow the specified pattern. slv_[a-z][a-z0-9_]* 0
10.1 All namespaces must follow the specified pattern. nm_.* 0
11.1 All class templates must follow the specified pattern. Tmp_.* 0
11.2 All class template parameters must follow the specified pattern. T_.* 0
12.1 All function templates must follow the specified pattern. F_.* 0
12.2 All function template parameters must follow the specified pattern. FT_.* 0
12.3 All function template members must follow the specified pattern. FM_.* 0
Total 18
Custom Coding Rules Violations

Table 1.1. C:\qualkits_R2020b\do\codeprover\tests\reporting\template-codingstandards\OR-414-6-codingstandards_3.c
ID Rule Message Function Line Col Jus Severity Status Comment
4 1.2 All source folder names must follow the specified pattern. File Scope 1 0 No Unset Unreviewed
files dirname
The source dir name 'C:\qualkits_R2020b\do\codeprover\te
sts\reporting\template-codingstandards' does not match th
e specified pattern.
3
6 1.1 All source file names must follow the specified pattern. File Scope 1 0 No Unset Unreviewed
files basename
The source file name 'OR-414-6-codingstandards_3.c' does
not match the specified pattern.
2 2.1 All macros must follow the specified pattern. File Scope 4 9 No Unset Unreviewed
macros
The macro 'offsetof' does not match the specified pattern.
3 2.2 All macro parameters must follow the specified pattern. File Scope 4 9 No Unset Unreviewed
macro parameters
The macro parameter 'type' does not match the specified
pattern.
macro parameters
The macro parameter 'field' does not match the specified
pattern.
37 7.1 All global functions must follow the specified pattern. File Scope 7 4 No Unset Unreviewed
global functions
The global function 'foo1' does not match the specified pat
tern.
29 4.1 All struct tags must follow the specified pattern. foo1() 8 11 No Unset Unreviewed
struct tag names
The struct tag 'new_stc_2' does not match the specified pat
tern.
45 9.3 All local variables must follow the specified pattern. foo1() 8 22 No Unset Unreviewed
local variables
The local variable 'ptr_str_1' does not match the specified
pattern.
23 9.3 All local variables must follow the specified pattern. foo1() 10 25 No Unset Unreviewed
local variables
The local variable 'ptr_union_2_2_1' does not match the
specified pattern.
global functions
The global function 'foo' does not match the specified patt
ern.
global functions
The global function 'bar' does not match the specified patt
ern.
46 9.3 All local variables must follow the specified pattern. bar() 20 17 No Unset Unreviewed
local variables
The local variable 'rd' does not match the specified patter
n.
4
global functions
The global function 'func' does not match the specified pat
tern.
27 7.3 All function parameters must follow the specified pattern. main() 35 13 No Unset Unreviewed
function parameters
The function parameter 'argc' does not match the specifie
d pattern.
16 7.3 All function parameters must follow the specified pattern. main() 35 25 No Unset Unreviewed
function parameters
The function parameter 'argv' does not match the specifie
d pattern.
33 9.3 All local variables must follow the specified pattern. main() 38 8 No Unset Unreviewed
local variables
The local variable 'a' does not match the specified pattern.
local variables
The local variable 'b' does not match the specified pattern.
local variables
The local variable 'ptr' does not match the specified patter
n.
local variables
The local variable 'p' does not match the specified pattern.
5
Chapter 2. MISRA C:2004 Coding Standard
MISRA C:2004 Coding Standard Summary - Violations by File
6
MISRA C:2004 Coding Standard Summary - Violations by Rule
MISRA C:2004 Coding Standard Summary for all Files

File Total
C:\qualkits_R2020b\do\codeprover\tests\reporting\template-codingstandards\OR-414-6-codingstandards_3.c 37
Total 37
7
MISRA C:2004 Coding Standard Summary for Enabled Rules
Rule Description Mode Total
1.1 All code shall conform to ISO 9899:1990 'Programming languages - C', amended and corrected by ISO/IEC 9899/COR1:1995, required 0
ISO/IEC 9899/AMD1:1995, and ISO/IEC 9899/COR2:1996.
2.1 Assembly language shall be encapsulated and isolated. required 0
2.2 Source code shall only use /* ... */ style comments. required 0
2.3 The character sequence /* shall not be used within a comment. required 0
2.4 Sections of code should not be 'commented out'. advisory 0
3.4 All uses of the #pragma directive shall be documented and explained. required 0
4.1 Only those escape sequences which are defined in the ISO C standard shall be used. required 0
4.2 Trigraphs shall not be used. required 5
5.1 Identifiers (internal and external) shall not rely on the significance of more than 31 characters. required 0
5.2 Identifiers in an inner scope shall not use the same name as an identifier in an outer scope, and therefore hide that identifier. required 0
5.3 A typedef name shall be a unique identifier. required 0
5.4 A tag name shall be a unique identifier. required 0
5.5 No object or function identifier with static storage duration should be reused. advisory 0
5.6 No identifier in one name space should have the same spelling as an identifier in another name space, with the exception of advisory 0
structure and union member names.
5.7 No identifier name should be reused. advisory 0
6.1 The plain char type shall be used only for the storage and use of character values. required 0
6.2 Signed and unsigned char type shall be used only for the storage and use of numeric values. required 0
6.3 Typedefs that indicate size and signedness should be used in place of the basic types. advisory 12
6.4 Bit fields shall only be defined to be of type unsigned int or signed int. required 0
6.5 Bit fields of type signed int shall be at least 2 bits long. required 0
7.1 Octal constants (other than zero) and octal escape sequences shall not be used. required 0
8.1 Functions shall have prototype declarations and the prototype shall be visible at both the function definition and call. required 3
8.2 Whenever an object or function is declared or defined, its type shall be explicitly stated. required 0
8.3 For each function parameter the type given in the declaration and definition shall be identical, and the return types shall also be required 0
identical.
Total 37
8
8.4 If objects or functions are declared more than once their types shall be compatible. required 0
8.5 There shall be no definitions of objects or functions in a header file. required 0
8.6 Functions shall be declared at file scope. required 0
8.7 Objects shall be defined at block scope if they are only accessed from within a single function. required 0
8.8 An external object or function shall be declared in one and only one file. required 0
8.9 An identifier with external linkage shall have exactly one external definition. required 0
8.10 All declarations and definitions of objects or functions at file scope shall have internal linkage unless external linkage is require required 3
d.
8.11 The static storage class specifier shall be used in definitions and declarations of objects and functions that have internal linkage. required 0
8.12 When an array is declared with external linkage, its size shall be stated explicitly or defined implicitly by initialisation. required 0
9.1 All automatic variables shall have been assigned a value before being used. required 0
9.2 Braces shall be used to indicate and match the structure in the non-zero initialization of arrays and structures. required 0
9.3 In an enumerator list, the '=' construct shall not be used to explicitly initialise members other than the first, unless all items are required 0
explicitly initialised.
10.1 The value of an expression of integer type shall not be implicitly converted to a different underlying type. required 0
10.2 The value of an expression of floating type shall not be implicitly converted to a different type. required 0
10.3 The value of a complex expression of integer type may only be cast to a type that is narrower and of the same signedness as the required 0
underlying type of the expression.
10.4 The value of a complex expression of floating type may only be cast to narrower floating type. required 0
10.5 If the bitwise operator ~ and << are applied to an operand of underlying type unsigned char or unsigned short, the result shall required 0
be immediatly cast to the underlying type of the operand.
10.6 The 'U' suffix shall be applied to all constants of unsigned types. required 0
11.1 Conversion shall not be performed between a pointer to a function and any type other than an integral type. required 0
11.2 Conversion shall not be performed between a pointer to an object and any type other than an integral type, another pointer to required 0
object type or a pointer to void.
11.3 A cast should not be performed between a pointer type and an integral type. advisory 0
11.4 A cast should not be performed between a pointer to object type and a different pointer to object type. advisory 0
11.5 A cast shall not be performed that removes any const or volatile qualification from the type addressed by a pointer. required 0
12.1 Limited dependence should be placed on C's operator precedence rules in expressions. advisory 0
12.2 The value of an expression shall be the same under any order of evaluation that the standard permits. required 0
12.3 The sizeof operator should not be used on expressions that contain side effects. required 0
Total 37
9
12.4 The right hand operand of a logical && or || operator shall not contain side effects. required 0
12.5 The operands of a logical && or || shall be primary-expressions. required 0
12.6 The operands of a logical operators (&&, || and !) should be effectively Boolean. Expressions that are effectively Boolean should advisory 0
not be used as operands to operators other than (&&, || and !).
12.7 Bitwise operators shall not be applied to operands whose underlying type is signed. required 0
12.8 The right hand operand of a shift operator shall lie between zero and one less than the width in bits of the underlying type of required 0
the left hand operand.
12.9 The unary minus operator shall not be applied to an expression whose underlying type is unsigned. required 0
12.10 The comma operator shall not be used. required 0
12.11 Evaluation of constant unsigned integer expressions should not lead to wrap-around. advisory 0
12.12 The underlying bit representations of floating-point values shall not be used. required 0
12.13 The increment (++) and decrement (--) operators should not be mixed with other operators in an expression advisory 0
13.1 Assignment operators shall not be used in expressions that yield a Boolean value. required 0
13.2 Tests of a value against zero should be made explicit, unless the operand is effectively Boolean. advisory 1
13.3 Floating-point expressions shall not be tested for equality or inequality. required 0
13.4 The controlling expression of a for statement shall not contain any objects of floating type. required 0
13.5 The three expressions of a for statement shall be concerned only with loop control. required 0
13.6 Numeric variables being used within a for loop for iteration counting should not be modified in the body of the loop. required 0
13.7 Boolean operations whose results are invariant shall not be permitted. required 1
14.1 There shall be no unreachable code. required 0
14.2 All non-null statements shall either have at least one side effect however executed, or cause control flow to change. required 0
14.3 Before preprocessing, a null statement shall only occur on a line by itself; it may be followed by a comment provided that the required 0
first character following the null statement is white-space character.
14.4 The goto statement shall not be used. required 0
14.5 The continue statement shall not be used. required 0
14.6 For any iteration statement there shall be at most one break statement used for loop termination. required 0
14.7 A function shall have a single point of exit at the end of the function. required 1
14.8 The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement. required 0
14.9 An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compou required 2
nd statement, or another if statement.
14.10 All if ... else if constructs should contain a final else clause. required 0
Total 37
10
15.0 A switch statement shall conform to MISRA-C syntax. required 0
15.1 A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement. required 0
15.2 An unconditional break statement shall terminate every non-empty switch clause. required 0
15.3 The final clause of a switch statement shall be the default clause. required 0
15.4 A switch expression should not represent a value that is effectively Boolean. required 0
15.5 Every switch statement shall have at least one case clause. required 0
16.1 Functions shall not be defined with variable numbers of arguments. required 0
16.2 Functions shall not call themselves, either directly or indirectly. required 1
16.3 Identifiers shall be given for all of the parameters in a function prototype declaration. required 0
16.4 The identifiers used in the declaration and definition of a function shall be identical. required 0
16.5 Functions with no parameters shall be declared with parameter type void. required 0
16.6 The number of arguments passed to a function shall match the number of parameters. required 0
16.7 A pointer parameter in a function prototype should be declared as pointer to const if the pointer is not used to modify the advisory 0
addressed object.
16.8 All exit paths from a function with non-void return type shall have an explicit return statement with an expression. required 0
16.9 A function identifier shall only be used with either a preceding &, or with a parenthesised parameter list, which may be empty. required 0
16.10 If a function returns error information, then that error information should be tested. required 3
17.1 Pointer arithmetic shall only be applied to pointers that address an array or array element. required 0
17.2 Pointer subtraction shall only be applied to pointers that address elements of the same array. required 0
17.3 >, >=, <, <= shall not be applied to pointer types except where they point to the same array. required 0
17.4 Array indexing shall be the only allowed form of pointer arithmetic. required 0
17.5 The declaration of objects should contain no more than 2 levels of pointer indirection. advisory 0
17.6 The address of an object with automatic storage shall not be assigned to an object that may persist after the object has ceased to required 0
exist.
18.1 All structure or union types shall be complete at the end of a translation unit. required 2
18.2 An object shall not be assigned to an overlapping object. required 0
18.4 Unions shall not be used. required 1
19.1 #include statements in a file shall only be preceded by other pre-processor directives or comments. advisory 0
19.2 Non-standard characters should not occur in header file names in #include directives. advisory 0
19.3 The #include directive shall be followed by either a <filename> or "filename" sequence. required 0
Total 37
11
19.4 C macros shall only expand to a braced initialiser, a constant, a parenthesised expression,a type qualifier, a storage class specifie required 0
r, or a do-while-zero construct.
19.5 Macros shall not be #define'd and #undef'd within a block. required 0
19.6 #undef shall not be used. required 0
19.7 A function should be used in preference to a macro. advisory 1
19.8 A function-like macro shall not be invoked without all of its arguments. required 0
19.9 Arguments to a function-like macro shall not contain tokens that look like pre-processing directives. required 0
19.10 In the definition of a function-like macro each instance of a parameter shall be enclosed in parentheses unless it is used as the required 0
operand of # or ##.
19.11 All macro identifiers in preprocessor directives shall be defined before use, except in #ifdef and #ifndef preprocessor directives required 0
and the defined() operator.
19.12 There shall be at most one occurrence of the # or ## pre-processor operators in a single macro definition. required 0
19.13 The # and ## preprocessor operators should not be used. advisory 0
19.14 The defined pre-processor operator shall only be used in one of the two standard forms. required 0
19.15 Precautions shall be taken in order to prevent the contents of a header file being included twice. required 0
19.16 Preprocessing directives shall be syntactically meaningful even when excluded by the preprocessor. required 0
19.17 All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if or #ifdef directive to which they are required 0
related.
20.1 Reserved identifiers, macros and functions in the standard library, shall not be defined, redefined or undefined. required 1
20.2 The names of standard library macros, objects and functions shall not be reused. required 0
20.3 The validity of values passed to library functions shall be checked. required 0
20.4 Dynamic heap memory allocation shall not be used. required 0
20.5 The error indicator errno shall not be used. required 0
20.6 The macro offsetof, in library <stddef.h>, shall not be used. required 0
20.7 The setjmp macro and the longjmp function shall not be used. required 0
20.8 The signal handling facilities of <signal.h> shall not be used. required 0
20.9 The input/output library <stdio.h> shall not be used in production code. required 0
20.10 The library functions atof, atoi and atol from library <stdlib.h> shall not be used. required 0
20.11 The library functions abort, exit, getenv and system from library <stdlib.h> shall not be used. required 0
20.12 The time handling functions of library <time.h> shall not be used. required 0
21.1 Minimisation of run-time failures shall be ensured by the use of at least one tool/technique. required 0
Total 37
12
MISRA C:2004 Coding Standard Violations
Table 2.1. C:\qualkits_R2020b\do\codeprover\tests\reporting\template-codingstandards\OR-414-6-codingstandards_3.c
8 20.1 Reserved identifiers, macros and functions in the standar File Scope 4 0 No Unset Unreviewed
d library, shall not be defined, redefined or undefined.
The macro 'offsetof' shall not be redefined.
1 19.7 A function should be used in preference to a macro. File Scope 4 8 No Unset Unreviewed
12 6.3 Typedefs that indicate size and signedness should be used File Scope 6 0 No Unset Unreviewed
in place of the basic types.
'int' doesn't provide information about its size. Define and
use typedefs clarifying type and size for numerical types
or use one of the exact-width numerical types defined in
<stdint.h>.
<stdint.h>.
44 18.1 All structure or union types shall be complete at the end File Scope 8 11 No Unset Unreviewed
of a translation unit.
15 18.4 Unions shall not be used. foo1() 10 4 No Unset Unreviewed
35 18.1 All structure or union types shall be complete at the end File Scope 10 10 No Unset Unreviewed
of a translation unit.
<stdint.h>.
21 8.1 Functions shall have prototype declarations and the proto File Scope 15 4 No Unset Unreviewed
type shall be visible at both the function definition and
call.
Function 'foo' has no visible prototype at definition.
55 8.10 All declarations and definitions of objects or functions at File Scope 15 4 No Unset Unreviewed
file scope shall have internal linkage unless external linka
13
ge is required.
Function 'foo' should have internal linkage
<stdint.h>.
20 14.7 A function shall have a single point of exit at the end of bar() 19 4 No Unset Unreviewed
the function.
call.
Function 'bar' has no visible prototype at definition.
ge is required.
Function 'bar' should have internal linkage
32 6.3 Typedefs that indicate size and signedness should be used bar() 20 13 No Unset Unreviewed
<stdint.h>.
36 14.9 An if (expression) construct shall be followed by a compo bar() 21 4 No Unset Unreviewed
und statement. The else keyword shall be followed by eith
er a compound statement, or another if statement.
An if (expression) construct shall be followed by a compo
und statement.
40 13.2 Tests of a value against zero should be made explicit, unle bar() 21 4 No Unset Unreviewed
ss the operand is effectively Boolean.
19 14.9 An if (expression) construct shall be followed by a compo bar() 23 4 No Unset Unreviewed
und statement. The else keyword shall be followed by eith
er a compound statement, or another if statement.
The else keyword shall be followed by either a compound
statement, or another if statement.
49 16.2 Functions shall not call themselves, either directly or indi bar() 24 16 No Unset Unreviewed
rectly.
Function 'bar' shall not call itself, either directly or indirec
tly.
14
call.
Function 'func' has no visible prototype at definition.
ge is required.
Function 'func' should have internal linkage
43 16.10 If a function returns error information, then that error func() 28 7 No Unset Unreviewed
information should be tested.
50 16.10 If a function returns error information, then that error func() 29 7 No Unset Unreviewed
<stdint.h>.
<stdint.h>.
<stdint.h>.
<stdint.h>.
28 6.3 Typedefs that indicate size and signedness should be used main() 38 4 No Unset Unreviewed
<stdint.h>.
15
<stdint.h>.
<stdint.h>.
5 4.2 Trigraphs shall not be used. File Scope 46 60 No Unset Unreviewed
17 13.7 Boolean operations whose results are invariant shall not main() 49 12 No Unset Unreviewed
be permitted.
Expression is always false.
13 16.10 If a function returns error information, then that error main() 64 7 No Unset Unreviewed
16
Chapter 3. Appendix 1 - Configuration Settings
Polyspace Settings
Option Value
-author Polyspace
-compiler generic
-custom-rules C:\qualkits_R2020b\do\codeprover\tests\reporting\custom_rules.txt
-date 15/06/2020
-I C:\qualkits_R2020b\do\codeprover\tests\options-api\lib
-lang C
-misra2 all-rules
-O2 -O2
-prog polyspace
-results-dir C:\qualkits_R2020b\do\codeprover\tests\code-prover-results\reporting\template-codingstandards\OR-414-6-codingstandards_3
-target i386
-to pass2
-verif-version 1.0
Analysis Assumptions
Assumption Issuer
External arrays of unspecified size can be safely accessed at any index Product
Nonfinite floats (infinities and NaNs) are not considered Product
Computations involving unsigned integers do not overflow Product
Results of floating-point arithmetic are rounded following the IEE754 rule: round to nearest, ties to even Product
Structure fields are not volatile unless the entire structure is volatile-qualified Product
Stack pointers can be safely dereferenced even outside the pointed variable's scope Product
External pointers cannot be null. They point to allocated data of sufficient size for safe dereference Product
17
Assumption Issuer
Absolute addresses can be safely dereferenced Product
Coding Standard Configuration

Table 3.1. Custom Coding Rules Configuration
Rule Description Convention Pattern Comment Enabled
1.1 All source file names must follow the specified pattern. files basename Geck_C.*.c - yes
1.2 All source folder names must follow the specified pattern. files dirname .*sources - yes
1.3 All include file names must follow the specified pattern. - - - no
1.4 All include folder names must follow the specified pattern. - - - no
2.1 All macros must follow the specified pattern. macros MACRO_[A-Z0-9_]* - yes
2.2 All macro parameters must follow the specified pattern. macro parameters _mp_.* - yes
3.1 All integer types must follow the specified pattern. integer type names .*_s - yes
3.2 All float types must follow the specified pattern. float type names .*_f - yes
3.3 All pointer types must follow the specified pattern. pointer type names .*_p - yes
3.4 All array types must follow the specified pattern. array type names .*_a - yes
3.5 All function pointer types must follow the specified pattern. function pointer type nam .*_fp - yes
es
4.1 All struct tags must follow the specified pattern. struct tag names _s_.* - yes
4.2 All struct type must follow the specified pattern. struct type names s_.* - yes
4.3 All struct fields must follow the specified pattern. struct fields f_.* - yes
4.4 All struct bit fields must follow the specified pattern. struct bit fields bf_.* - yes
5.1 All class names must follow the specified pattern. class names c_.* C++ yes
5.2 All class types must follow the specified pattern. class type names c_.*_t C++ yes
5.3 All data members must follow the specified pattern. data members m_.* C++ yes
5.4 All function members must follow the specified pattern. function members fm_.* C++ yes
5.5 All static data members must follow the specified pattern. static data members sm_.* C++ yes
5.6 All static function members must follow the specified pattern. static function members sf_.* C++ yes
5.7 All bitfield members must follow the specified pattern. bitfield members bm_.* C++ yes
6.1 All enumeration tags must follow the specified pattern. enumeration tag names _e_.* - yes
18
Rule Description Convention Pattern Comment Enabled
6.2 All enumeration types must follow the specified pattern. enumeration type names e_.* - yes
6.3 All enumeration constants must follow the specified pattern. enumeration constants E_[A-Z_]+ - yes
7.1 All global functions must follow the specified pattern. global functions gf_.* - yes
7.2 All static functions must follow the specified pattern. static functions sf_.* - yes
7.3 All function parameters must follow the specified pattern. function parameters .*_p - yes
8.1 All global constants must follow the specified pattern. global constants G_[A-Z][A-Z0-9_]* - yes
8.2 All static constants must follow the specified pattern. static constants S_[A-Z][A-Z0-9_]* - yes
8.3 All local constants must follow the specified pattern. local constants L_[A-Z][A-Z0-9_]* - yes
8.4 All static local constants must follow the specified pattern. static local constants SL_[A-Z][A-Z0-9_]* - yes
9.1 All global variables must follow the specified pattern. global variables gv_[a-z][a-z0-9_]* - yes
9.2 All static variables must follow the specified pattern. static variables sv_[a-z][a-z0-9_]* - yes
9.3 All local variables must follow the specified pattern. local variables lv_[a-z][a-z0-9_]* - yes
9.4 All static local variables must follow the specified pattern. static local variables slv_[a-z][a-z0-9_]* - yes
10.1 All namespaces must follow the specified pattern. namespaces nm_.* C++ yes
11.1 All class templates must follow the specified pattern. class templates Tmp_.* C++ yes
11.2 All class template parameters must follow the specified pattern. class template parameters T_.* C++ yes
12.1 All function templates must follow the specified pattern. function templates F_.* C++ yes
12.2 All function template parameters must follow the specified pattern. function template parame FT_.* C++ yes
ters
12.3 All function template members must follow the specified pattern. function template membe FM_.* C++ yes
rs
20.1 Source line length must not exceed specified number of characters. - - - no
Table 3.2. MISRA C:2004 Coding Standard Configuration

Rule Description Mode Comment Enabled
1.1 All code shall conform to ISO 9899:1990 'Programming languages - C', amended and corrected by ISO/IEC required - yes
9899/COR1:1995, ISO/IEC 9899/AMD1:1995, and ISO/IEC 9899/COR2:1996.
1.2 No reliance shall be placed on undefined or unspecified behaviour. required Not enforceable no
1.3 Multiple compilers and/or languages shall only be used if there is a common defined interface standard required Not enforceable no
for object code to which the language/compilers/assemblers conform.
1.4 The compiler/linker shall be checked to ensure that 31 character significance and case sensitivity are required Not enforceable no
supported for external identifiers.
19
1.5 Floating point implementations should comply with a defined floating point standard. advisory Not implemented no
2.1 Assembly language shall be encapsulated and isolated. required - yes
2.2 Source code shall only use /* ... */ style comments. required - yes
2.3 The character sequence /* shall not be used within a comment. required - yes
2.4 Sections of code should not be 'commented out'. advisory - yes
3.1 All usage of implementation-defined behaviour shall be documented. required Not enforceable no
3.2 The character set and the corresponding encoding shall be documented. required Not enforceable no
3.3 The implementation of integer division in the chosen compiler should be determined, documented and advisory Not implemented no
taken into account.
3.4 All uses of the #pragma directive shall be documented and explained. required - yes
3.5 If it is being relied upon, the implementation-defined behaviour and packing of bitfields shall be documen required Not enforceable no
ted.
3.6 All libraries used in production code shall be written to comply with the provisions of this document, and required Not enforceable no
shall have been subject to appropriate validation.
4.1 Only those escape sequences which are defined in the ISO C standard shall be used. required - yes
4.2 Trigraphs shall not be used. required - yes
5.1 Identifiers (internal and external) shall not rely on the significance of more than 31 characters. required - yes
5.2 Identifiers in an inner scope shall not use the same name as an identifier in an outer scope, and therefore required - yes
hide that identifier.
5.3 A typedef name shall be a unique identifier. required - yes
5.4 A tag name shall be a unique identifier. required - yes
5.5 No object or function identifier with static storage duration should be reused. advisory - yes
5.6 No identifier in one name space should have the same spelling as an identifier in another name space, advisory - yes
with the exception of structure and union member names.
5.7 No identifier name should be reused. advisory - yes
6.1 The plain char type shall be used only for the storage and use of character values. required - yes
6.2 Signed and unsigned char type shall be used only for the storage and use of numeric values. required - yes
6.3 Typedefs that indicate size and signedness should be used in place of the basic types. advisory - yes
6.4 Bit fields shall only be defined to be of type unsigned int or signed int. required - yes
6.5 Bit fields of type signed int shall be at least 2 bits long. required - yes
7.1 Octal constants (other than zero) and octal escape sequences shall not be used. required - yes
8.1 Functions shall have prototype declarations and the prototype shall be visible at both the function definiti required - yes
on and call.
20
8.2 Whenever an object or function is declared or defined, its type shall be explicitly stated. required - yes
8.3 For each function parameter the type given in the declaration and definition shall be identical, and the required - yes
return types shall also be identical.
8.4 If objects or functions are declared more than once their types shall be compatible. required - yes
8.5 There shall be no definitions of objects or functions in a header file. required - yes
8.6 Functions shall be declared at file scope. required - yes
8.7 Objects shall be defined at block scope if they are only accessed from within a single function. required - yes
8.8 An external object or function shall be declared in one and only one file. required - yes
8.9 An identifier with external linkage shall have exactly one external definition. required - yes
8.10 All declarations and definitions of objects or functions at file scope shall have internal linkage unless required - yes
external linkage is required.
8.11 The static storage class specifier shall be used in definitions and declarations of objects and functions that required - yes
have internal linkage.
8.12 When an array is declared with external linkage, its size shall be stated explicitly or defined implicitly by required - yes
initialisation.
9.1 All automatic variables shall have been assigned a value before being used. required - yes
9.2 Braces shall be used to indicate and match the structure in the non-zero initialization of arrays and struct required - yes
ures.
9.3 In an enumerator list, the '=' construct shall not be used to explicitly initialise members other than the required - yes
first, unless all items are explicitly initialised.
10.1 The value of an expression of integer type shall not be implicitly converted to a different underlying type. required - yes
10.2 The value of an expression of floating type shall not be implicitly converted to a different type. required - yes
10.3 The value of a complex expression of integer type may only be cast to a type that is narrower and of the required - yes
same signedness as the underlying type of the expression.
10.4 The value of a complex expression of floating type may only be cast to narrower floating type. required - yes
10.5 If the bitwise operator ~ and << are applied to an operand of underlying type unsigned char or unsigned required - yes
short, the result shall be immediatly cast to the underlying type of the operand.
10.6 The 'U' suffix shall be applied to all constants of unsigned types. required - yes
11.1 Conversion shall not be performed between a pointer to a function and any type other than an integral required - yes
type.
11.2 Conversion shall not be performed between a pointer to an object and any type other than an integral required - yes
type, another pointer to object type or a pointer to void.
11.3 A cast should not be performed between a pointer type and an integral type. advisory - yes
11.4 A cast should not be performed between a pointer to object type and a different pointer to object type. advisory - yes
21
11.5 A cast shall not be performed that removes any const or volatile qualification from the type addressed by required - yes
a pointer.
12.1 Limited dependence should be placed on C's operator precedence rules in expressions. advisory - yes
12.2 The value of an expression shall be the same under any order of evaluation that the standard permits. required - yes
12.3 The sizeof operator should not be used on expressions that contain side effects. required - yes
12.4 The right hand operand of a logical && or || operator shall not contain side effects. required - yes
12.5 The operands of a logical && or || shall be primary-expressions. required - yes
12.6 The operands of a logical operators (&&, || and !) should be effectively Boolean. Expressions that are advisory - yes
effectively Boolean should not be used as operands to operators other than (&&, || and !).
12.7 Bitwise operators shall not be applied to operands whose underlying type is signed. required - yes
12.8 The right hand operand of a shift operator shall lie between zero and one less than the width in bits of the required - yes
underlying type of the left hand operand.
12.9 The unary minus operator shall not be applied to an expression whose underlying type is unsigned. required - yes
12.10 The comma operator shall not be used. required - yes
12.11 Evaluation of constant unsigned integer expressions should not lead to wrap-around. advisory - yes
12.12 The underlying bit representations of floating-point values shall not be used. required - yes
12.13 The increment (++) and decrement (--) operators should not be mixed with other operators in an expressio advisory - yes
n
13.1 Assignment operators shall not be used in expressions that yield a Boolean value. required - yes
13.2 Tests of a value against zero should be made explicit, unless the operand is effectively Boolean. advisory - yes
13.3 Floating-point expressions shall not be tested for equality or inequality. required - yes
13.4 The controlling expression of a for statement shall not contain any objects of floating type. required - yes
13.5 The three expressions of a for statement shall be concerned only with loop control. required - yes
13.6 Numeric variables being used within a for loop for iteration counting should not be modified in the body required - yes
of the loop.
13.7 Boolean operations whose results are invariant shall not be permitted. required - yes
14.1 There shall be no unreachable code. required - yes
14.2 All non-null statements shall either have at least one side effect however executed, or cause control flow required - yes
to change.
14.3 Before preprocessing, a null statement shall only occur on a line by itself; it may be followed by a commen required - yes
t provided that the first character following the null statement is white-space character.
14.4 The goto statement shall not be used. required - yes
14.5 The continue statement shall not be used. required - yes
22
14.6 For any iteration statement there shall be at most one break statement used for loop termination. required - yes
14.7 A function shall have a single point of exit at the end of the function. required - yes
14.8 The statement forming the body of a switch, while, do ... while or for statement shall be a compound required - yes
statement.
14.9 An if (expression) construct shall be followed by a compound statement. The else keyword shall be follow required - yes
ed by either a compound statement, or another if statement.
14.10 All if ... else if constructs should contain a final else clause. required - yes
15.0 A switch statement shall conform to MISRA-C syntax. required - yes
15.1 A switch label shall only be used when the most closely-enclosing compound statement is the body of a required - yes
switch statement.
15.2 An unconditional break statement shall terminate every non-empty switch clause. required - yes
15.3 The final clause of a switch statement shall be the default clause. required - yes
15.4 A switch expression should not represent a value that is effectively Boolean. required - yes
15.5 Every switch statement shall have at least one case clause. required - yes
16.1 Functions shall not be defined with variable numbers of arguments. required - yes
16.2 Functions shall not call themselves, either directly or indirectly. required - yes
16.3 Identifiers shall be given for all of the parameters in a function prototype declaration. required - yes
16.4 The identifiers used in the declaration and definition of a function shall be identical. required - yes
16.5 Functions with no parameters shall be declared with parameter type void. required - yes
16.6 The number of arguments passed to a function shall match the number of parameters. required - yes
16.7 A pointer parameter in a function prototype should be declared as pointer to const if the pointer is not advisory - yes
used to modify the addressed object.
16.8 All exit paths from a function with non-void return type shall have an explicit return statement with an required - yes
expression.
16.9 A function identifier shall only be used with either a preceding &, or with a parenthesised parameter list, required - yes
which may be empty.
16.10 If a function returns error information, then that error information should be tested. required - yes
17.1 Pointer arithmetic shall only be applied to pointers that address an array or array element. required - yes
17.2 Pointer subtraction shall only be applied to pointers that address elements of the same array. required - yes
17.3 >, >=, <, <= shall not be applied to pointer types except where they point to the same array. required - yes
17.4 Array indexing shall be the only allowed form of pointer arithmetic. required - yes
17.5 The declaration of objects should contain no more than 2 levels of pointer indirection. advisory - yes
23
17.6 The address of an object with automatic storage shall not be assigned to an object that may persist after required - yes
the object has ceased to exist.
18.1 All structure or union types shall be complete at the end of a translation unit. required - yes
18.2 An object shall not be assigned to an overlapping object. required - yes
18.3 An area of memory shall not be reused for unrelated purposes. required Not enforceable no
18.4 Unions shall not be used. required - yes
19.1 #include statements in a file shall only be preceded by other pre-processor directives or comments. advisory - yes
19.2 Non-standard characters should not occur in header file names in #include directives. advisory - yes
19.3 The #include directive shall be followed by either a <filename> or "filename" sequence. required - yes
19.4 C macros shall only expand to a braced initialiser, a constant, a parenthesised expression,a type qualifier, required - yes
a storage class specifier, or a do-while-zero construct.
19.5 Macros shall not be #define'd and #undef'd within a block. required - yes
19.6 #undef shall not be used. required - yes
19.7 A function should be used in preference to a macro. advisory - yes
19.8 A function-like macro shall not be invoked without all of its arguments. required - yes
19.9 Arguments to a function-like macro shall not contain tokens that look like pre-processing directives. required - yes
19.10 In the definition of a function-like macro each instance of a parameter shall be enclosed in parentheses required - yes
unless it is used as the operand of # or ##.
19.11 All macro identifiers in preprocessor directives shall be defined before use, except in #ifdef and #ifndef required - yes
preprocessor directives and the defined() operator.
19.12 There shall be at most one occurrence of the # or ## pre-processor operators in a single macro definition. required - yes
19.13 The # and ## preprocessor operators should not be used. advisory - yes
19.14 The defined pre-processor operator shall only be used in one of the two standard forms. required - yes
19.15 Precautions shall be taken in order to prevent the contents of a header file being included twice. required - yes
19.16 Preprocessing directives shall be syntactically meaningful even when excluded by the preprocessor. required - yes
19.17 All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if or #ifdef directive required - yes
to which they are related.
20.1 Reserved identifiers, macros and functions in the standard library, shall not be defined, redefined or required - yes
undefined.
20.2 The names of standard library macros, objects and functions shall not be reused. required - yes
20.3 The validity of values passed to library functions shall be checked. required - yes
20.4 Dynamic heap memory allocation shall not be used. required - yes
20.5 The error indicator errno shall not be used. required - yes
24
20.6 The macro offsetof, in library <stddef.h>, shall not be used. required - yes
20.7 The setjmp macro and the longjmp function shall not be used. required - yes
20.8 The signal handling facilities of <signal.h> shall not be used. required - yes
20.9 The input/output library <stdio.h> shall not be used in production code. required - yes
20.10 The library functions atof, atoi and atol from library <stdlib.h> shall not be used. required - yes
20.11 The library functions abort, exit, getenv and system from library <stdlib.h> shall not be used. required - yes
20.12 The time handling functions of library <time.h> shall not be used. required - yes
21.1 Minimisation of run-time failures shall be ensured by the use of at least one tool/technique. required - yes
25
Chapter 4. Appendix 2 - Definitions
Table 4.1. Abbreviations

Abbreviation Definition
Col Column
Jus Justified
SQO Software Quality Objectives
NA Not Available
26

Polyspace Code Verification: Coding Standards Report For Project: Polyspace

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Polyspace Code Verification: Coding Standards Report For Project: Polyspace

Uploaded by

Copyright:

Available Formats

Polyspace Code Verification

Coding Standards Report for Project: polyspace

Published 15-Jun-2020 10:13:30

Custom Coding Rules Summary - Violations by Rule

Custom Coding Rules Summary for Enabled Rules

Custom Coding Rules Violations

MISRA C:2004 Coding Standard Summary for all Files

Coding Standard Configuration

Table 3.2. MISRA C:2004 Coding Standard Configuration

Table 4.1. Abbreviations

You might also like