如何使C代码符合MISRA C:2012标准? [英] How to make C code to MISRA C:2012 compliance?
问题描述
我正在使用PC-Lint将MISRA C:2012标准验证为我的MCU代码. 我遇到了以下错误.在这里发布了示例代码,其中条件语句出现了错误.
I am validating MISRA C:2012 standard to my MCU code using PC-Lint. I got following errors.Here I posted a sample code where I got errors on condition statements.
1]无符号整数文字,不带'U'后缀[MISRA 2012 Rule 7.2,必填] S_LCB_100,
1] unsigned integer literal without a 'U' suffix [MISRA 2012 Rule 7.2, required] S_LCB_100,
2]逻辑运算符'&&'右侧的副作用[MISRA 2012规则13.5,必填] while(((0x00000000!= List [Loop])&&(0!= Counter))
2] side effects on right hand of logical operator, '&&' [MISRA 2012 Rule 13.5, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
3]:带符号的值和无符号的值不能同时用作!=的操作数[MISRA 2012 Rule 10.4,必需] while(((0x00000000!= List [Loop])&&(0!= Counter))
3] : a signed value and an unsigned value cannot be used together as operands to != [MISRA 2012 Rule 10.4, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
4]:带符号的值和无符号的值不能同时用作!= [MISRA 2012 Rule 10.4,required]的操作数while(((0x00000000!= List [Loop])&&(0!=计数器))
4] : a signed value and an unsigned value cannot be used together as operands to != [MISRA 2012 Rule 10.4, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
5]如果(List [Loop] == 0x00000000)
5] an unsigned value and a signed value cannot be used together as operands to == [MISRA 2012 Rule 10.4, required] if ( List[Loop] == 0x00000000 )
如何使它符合MISRA C:2012?
typedef unsigned char UINT8;
typedef unsigned char BYTE;
typedef unsigned long int UINT32;
#define S_LCB_100 0xF0BB12DE;
#define MULTI 0x1A;
volatile static BYTE Counter = 0;
static UINT8 Loop = 0;
static UINT32 List[]=
{
S_LCB_100,
0x00000000,
};
while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
{
.......some code
}
if ( List[Loop] == 0x00000000 )
{
.....some code
}
推荐答案
一般说明:
- 在担心是否符合MISRA-C要求之前,请先获取要在C编译器上编译的代码.
- 然后确保您拥有MISRA-C:2012文档,或者您根本无法使用MISRA.
- 摆脱"Yoda条件"之类的废话.
- 摆脱自定义typedef并使用
stdint.h.如果您使用的是C90,请使用stdint.h使用的名称来命名typedef.
- Before worrying about MISRA-C compliance, get the code to compile on a C compiler.
- Then make sure you have the MISRA-C:2012 document available or you simply cannot work with MISRA.
- Get rid of nonsense like "Yoda conditions".
- Get rid of custom typedefs and use
stdint.h. If you are on C90 thentypedefwith the names used bystdint.h.
1]无符号整数文字,不带'U'后缀[MISRA 2012 Rule 7.2,必填] S_LCB_100,
1] unsigned integer literal without a 'U' suffix [MISRA 2012 Rule 7.2, required] S_LCB_100,
很容易解释.将U或u添加到应无符号的整数常量.有关详细信息,请阅读规则7.2.
Pretty self-explaining. Add U or u to integer constants that should be unsigned. Read rule 7.2 for details.
2]逻辑运算符'&&'右侧的副作用[MISRA 2012规则13.5,必填] while(((0x00000000!= List [Loop])&&(0!= Counter))
2] side effects on right hand of logical operator, '&&' [MISRA 2012 Rule 13.5, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
Counter具有挥发性限制,访问它是一种副作用.因此,一般来说,它不应该存在于复杂的表达式中,尤其是不应该位于布尔&&的右侧.表达式-这是非常可疑的代码.在这种情况下,您可以简单地将代码重写为:
Counter is voltatile-qualified and accessing it is a side-effect. So it should not exist inside complex expressions in general, and particularly not on the right hand side of a boolean && expression - that's quite questionable code. In this case you could simply rewrite the code as this:
uint32_t count = (uint32_t)Counter;
while((count != 0u) && (List[Loop] != 0u))
{
...
count = (uint32_t)Counter; // read volatile variable in an expression of its own
}
3]带符号的值和无符号的值不能同时用作!= [MISRA 2012 Rule 10.4,required]的操作数while(((0x00000000!= List [Loop])&&(0!= Counter) )
3] a signed value and an unsigned value cannot be used together as operands to != [MISRA 2012 Rule 10.4, required] while(( 0x00000000 != List[Loop] ) && ( 0 != Counter ))
这是因为Counter被声明为BYTE.删除所有此类自制的废话类型,并将其声明为uint8_t.然后使用while形式,如上所示.使用u后缀.这应该将2)修复为5).
This is because Counter is declared as BYTE. Drop all such home-brewed crap types and declare it as uint8_t instead. Then use the while form as shown above. Use u suffix. This should fix 2) to 5).
这篇关于如何使C代码符合MISRA C:2012标准?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
