本文整理了MISAR-2012标准中常见的错误及其解决方法,涉及赋值运算符误用、括号缺失、未使用的参数等问题,并提供了详细的错误示例代码。
整理MISAR-2012错误解决方法-带编号,本文根据文档整理了部分常见的MISAR-2012错误及解决方法,顺序是错误码顺序,参考文档《LDRA standards for C/C++》,侵权即删。
- 《LDRA standards for C/C++》 链接:https://pan.baidu.com/s/1p1zGtmrOyjmwDQmWhnvNIQ 提取码:6666
- 代码注释compliant:代表合格的、正确的
- 代码注释not compliant:代表不合格的、不正确的
- S类
- 9 S :ssignment operator in expression
- 12 S :No brackets to then/else
- 35 S :Static procedure is not explicitly called in code analysed.
- 47 S :Array bound exceeded.
- 59 S :Else alternative missing in if.
- 87 S :Use of pointer arithmetic.
- 90 S :Basic type declaration used
- 94 S :Casting operation on a pointer.
- 95 S :Casting operation to a pointer.
- 96 S :ssignment operator in expression
- 101 S :Function return type inconsistent.
- 104 S :Struct field initialisation incorrect.
- 114 S :Expression is not Boolean
- 139 S :Construct leads to infeasible code.
- 203 S :Cast on a constant value.
- 219 S :User name starts with underscore.
- 252 S :Lower case suffix to literal number.
- 270 S :For loop initialisation is not simple.
- 302 S :Comment possibly contains code.
- 331 S :Literal value requires a U suffix.
- 332 S :Widening cast on complex integer expression.
- 361 S :Expression needs brackets.
- 382 S :(void) missing for discarded return value.
- 397 S:Array initialisation has insufficient items.
- 410 S :Switch empty default has no comment.
- 433 S :Type conversion without cast
- 434 S :Signed/unsigned conversion without cast.
- 436 S :Declaration does not specify an array.
- 443 S :Unsigned integral type cast to signed.
- 458 S :Implicit conversion: actual to formal param.
- 628 S :Macro not used in translation unit.
- D类
- 1 D :Unused Procedure Parameter
- 18 D :Identifier name reused
- 27 D :Variable should be declared static.
- 28 D :Potentially Infinite loop found.
- 61 D :Procedure should be declared static.
- 63 D :No definition in system for prototyped procedure
- 65 D :void function has no side effects.
- 69 D :UR anomaly, variable used before assignment.
- 76 D :Procedure is not called or referenced in code analysed.
- 91 D : Function return value potentially unused.
- 105 D :DU anomaly dead code, var value is unused on all paths.
- 120 D :Pointer param should be declared pointer to const.
- 128 D :Global pointer not checked within this procedure
- 135 D :Pointer assigned to NULL may be dereferenced.
《LDRA standards for C/C++》 链接:https://pan.baidu.com/s/1p1zGtmrOyjmwDQmWhnvNIQ 提取码:6666
代码注释compliant:代表合格的、正确的
代码注释not compliant:代表不合格的、不正确的
S类
9 S :ssignment operator in expression
中文含义:表达式中有赋值运算符
错误代码示例:
BOOL static_9(BOOL test)
{
BOOL result,flag;
result = ( flag = test ); /*not compliant:不合规*/
return result;
}
12 S :No brackets to then/else
中文含义:then/else缺少括号
代码示例:
SINT_32 static_12(SINT_32 p_1, SINT_32 p_2)
{
SINT_32 i = 1;
SINT_32 j = 0;
if (p_1 > 0)
{
i = i - 1;
}
else
i = i + 1; /* not compliant */
}
35 S :Static procedure is not explicitly called in code analysed.
中文含义:static函数没有显示调用
错误代码示例:
static BOOL static_35(UINT_32 p_1) /* not compliant */
{
BOOL ret = ( p_1 == 1U );
return ret;
}
47 S :Array bound exceeded.
中文含义:数组越界
代码示例:
void static_047(void)
{
SINT_32 array[5] = {0,0,0,0,0};
SINT_32 *ptr;
array[5] = 1; /* not compliant */
ptr = &array[5]; /* compliant */
ptr = &array[6]; /* not compliant */
}
59 S :Else alternative missing in if.
中文含义:if后缺少else,规定if之后必须接else
代码示例:
void static_59 (void)
{
UINT_32 x = 2u;
if ( x == 2u )
{
/* ... */ ;
}
else if ( x == 3u)
{
/* ... */ ;
}
/* not compliant 后面应该再接else {} */
}
87 S :Use of pointer arithmetic.
中文含义:使用了指针运算,这是不允许的
代码示例:
void static_87(void)
{
UINT_32 w;
UINT_32 array[5];
UINT_32 * p1_ptr;
p1_ptr = array;
w = *(p1_ptr + 8); /* not compliant */
}
90 S :Basic type declaration used
中文含义:使用了int、char、float、double等基础类型,这是不允许的
代码示例:
unsigned int static_90 (void) /* not compliant */
{
char ch; /* not compliant unless modifier 219 set to 1 */
unsigned char uc; /* not compliant */
unsigned int ui_32; /* not compliant */
unsigned short ui_16; /* not compliant */
int i_32; /* not compliant */
float f_32; /* not compliant */
double f_64; /* not compliant */
signed char sc; /* not compliant */
wchar_t wc; /* not compliant unless modifier 219 or 462 set to 1 */
/* ... */
return ui_32;
}
94 S :Casting operation on a pointer.
中文含义:对指针执行强制转换操作
错误代码示例:
static void static_94(UINT_32 * p1_ptr)
{
UINT_32 *ptr2;
CHAR * ptr_ch;
ptr2 = (UINT_32 *) p1_ptr; /* not compliant, but permitted with modifier 396 */
(void) get_ptr(); /* not compliant, but permitted with modifier 439 */
ptr_ch = (CHAR *) p1_ptr; /* not compliant, but permitted with modifier 440 */
}
95 S :Casting operation to a pointer.
中文含义:将操作强制转换为指针
错误代码示例:
struct Astruct { UINT_32 a; };
void static_95 (UINT_32 *intptr)
{
struct Astruct *Astructptr;
Astructptr = (struct Astruct *) intptr; /* not compliant */
}
96 S :ssignment operator in expression
中文含义:不同类型混合计算
错误代码示例:
static void static_96(void)
{
INT_32 i32 = 10;
FLOAT_64 f64 = 20.5;
FLOAT_32 f32 = 2.0F;
f64 = i32 + f64; /* not compliant 不合格的*/
f64 = f64 * f32; /* compliant 代表合格的*/
}
}
101 S :Function return type inconsistent.
中文含义:返回值和函数类型对应不上
代码示例:
UINT_32 static_101( UINT_32 par_1)
{
switch (par_1)
{
case 0:
return (-1); /* not compliant */
break;
case 1:
return (1U);
break;
case 2:
return (1L); /* not compliant */
break;
case 3:
return (1.0f); /* not compliant */
break;
default:
break;
}
}
104 S :Struct field initialisation incorrect.
中文含义:结构字段初始化不正确。
代码示例:
struct s_type_a { SINT_32 xs; FLOAT_32 fs;};
void static_104(void)
{
struct s_type_a sta = {3.14F, 0.0f}; /* not compliant */
/* 3.14F不符合SINT_32类型,0.0f应该写成0.0F */
}
114 S :Expression is not Boolean
中文含义:表达式不能有boolean类型
错误代码示例:
void static_114(BOOL bl, UINT_32 a)
{
UINT_32 x;
BOOL flag;
flag = bl + bl; /* not compliant */
if (a) /* not compliant */
{
; /* ... */
}
x = ( a && bl ? 1U : 0U ); /* not compliant */
}
139 S :Construct leads to infeasible code.
中文含义:if的条件可能不成立,导致if里面的语句不能抵达
代码示例:
#define defval 0
typedef enum { LANE_0 = 0, LANE_1 = 1, LANE_LAST = 3 } lane_t;
extern lane_t get_lane ( void );
void static_139( void )
{
lane_t lane = get_lane();
if ( (lane > LANE_0) && ( lane <= LANE_LAST))
/* not compliant - False branch of 'lane <= LANE_LAST' never reached */
{ /* ... */ }
if (defval)
/* not compliant - True branch never reached*/
{ /* ... */ }
}
203 S :Cast on a constant value.
中文含义:同种类型之间使用强制转换
错误代码示例:
const INT_16 con = 19;
const INT_16 * pcon;
static void static_203(void)
{
INT_16 x;
INT_16 *p;
x = (INT_16)con; /* not compliant if modifier = 0 */
p = (INT_16 *)pcon; /* not compliant */
}
219 S :User name starts with underscore.
中文含义:使用了下划线作为函数或变量开头
错误代码示例:
typedef int _INT_NOK; /* not compliant */
static void static_219 ( void )
{
INT_32 _ohno; /* not compliant */
}
252 S :Lower case suffix to literal number.
中文含义:数字后面不能写小写后缀,得要是U或L,uint8这种无符号型数据后缀必须是U,比如uint8 i = 0U;
错误代码示例:
const SINT_64 fr1 = 64l; /* not compliant - looks too much like 641 */
const SINT_64 fr2 = 64L; /* compliant */
void static_252(void)
{
SINT_64 x1 = fr2;
}
270 S :For loop initialisation is not simple.
中文含义:for循环的初始化条件过于复杂
代码示例:
void static_270(void)
{
UINT_32 loop;
UINT_32 myVar = 0U;
const UINT_32 max = 10U;
for ( ++myVar, loop = 0U; loop < max; loop++ ) /* not compliant */
{
/* ... */
}
}
302 S :Comment possibly contains code.
中文含义:屏蔽的部分可能包含代码,可以用#if 0和#endif,不会报错
错误代码示例:
void static_302 (UINT_32 myParam)
{
if (myParam > limit)
{
myParam = limit;
/* myParam--;*/ /* not compliant */
}
}
331 S :Literal value requires a U suffix.
中文含义:文字值需要U后缀
错误代码示例:
void static_331(void)
{
UINT_32 x1 = 5; /* not compliant */
UINT_32 y1 = 6U; /* compliant */
UINT_64 z1 = 0; /* not compliant, but permitted by modifier 358 */
y1 = y1 * 7; /* not compliant */
/* Integer constant '7' should be '7U' when forming part
of an expression containing unsigned int types. */
}
332 S :Widening cast on complex integer expression.
中文含义:加宽对复杂整数表达式的强制转换。
错误代码示例:
typedef unsigned short Uint_16;
typedef unsigned int Uint_32;
Uint_16 u16a = 40000U;
Uint_16 u16b = 30000U;
void static_332( void )
{
Uint_32 u32 = (Uint_32) (u16a + u16b); /* not compliant */
/*...*/
}
361 S :Expression needs brackets.
中文含义:表达式需要括号
错误代码示例:
SINT_32 static_361(SINT_32 x1,
SINT_32 x2,
SINT_32 x3)
{
SINT_32 z1;
z1 = z1 * x2 >> 3U; /* not compliant */
z1 = x1 * x2 + x3; /* not compliant, but permitted by modifier 264 */
z1 = x1 * x2++; /* not compliant, but permitted by modifier 420 */
z1 = x1 + x2 - x3; /* not compliant, when modifier 119 set to 1 and 421 set to 0 */
z1 = x1 + x2 + x3; /* compliant */
return z1;
}
382 S :(void) missing for discarded return value.
中文含义:意思就是函数前要加(void)
错误代码示例:
UINT_32 a_fn(UINT_32 us1)
{
return us1;
}
void static_382(void)
{
a_fn(my_const); /* not compliant */
(void)a_fn(my_const); /* compliant */
}
397 S:Array initialisation has insufficient items.
中文含义:数组初始化没有足够的项
代码示例:
void static_397 (void)
{
INT_32 my_array[3] = { 1, 2 }; /* Not Compliant */
INT_32 array2[2][2] = { {0}, {1,2} }; /* Compliant, unless modifier 450 set to 1 */
CHAR char_10[10] = "Hello"; /* Not Compliant, unless modifier 415 set to 1 */
}
410 S :Switch empty default has no comment.
中文含义:switch语句应包含一个默认条款,如果之前的case条款未得到满足,则该默认条款将采取适当的措施,或者至少包含一条注释,表明程序员已经考虑了这种可能性。注释必须放在默认值之后和中断之前。
代码示例:
void static_410( void )
{
switch (season)
{
case spring:
x1 = 1U;
break;
case summer:
x1 = 4U;
break;
case autumn:
x1 = 7U;
break;
case winter:
x1 = 10U;
break;
/* not compliant */
default:
/*此处应该包含注释*/
break;
}
}
433 S :Type conversion without cast
中文含义:无强制转换的类型转换
错误代码示例:
void static_433(long s64)
{
char ch = s64; /* not compliant */
}
434 S :Signed/unsigned conversion without cast.
中文含义:没使用强制转换,就把A类型变量赋值给B类型变量
错误代码示例:
void static_434(UINT_32 us1)
{
SINT_32 ss1 = us1; /* not compliant */
/* converting to signed may result in a loss of information */
}
436 S :Declaration does not specify an array.
中文含义:声明未指定数组
错误代码示例:
void static_436 (INT_8 * ptr, INT_8 arr[10])
{
INT_8 * p1 = ptr;
INT_8 * p2 = arr;
ptr[5] = 0; /* not compliant - ptr was not declared as an array */
p1[5] = 0; /* not compliant - p1 and ptr were not declared as an array */
p2[5] = 0; /* not compliant if modifier 400 is set
- p2 not declared as an array, but does point to an array */
}
443 S :Unsigned integral type cast to signed.
中文含义:无符号整型转换为有符号整型。
代码示例:
void static_443( void )
{
INT_32 s32;
UINT_32 u32a,
u32b;
s32 = (INT_32)(u32a + u32b); /* not compliant */
s32 = (INT_32)(u32a); /* not compliant unless modifier 191 is set to 1 */
}
458 S :Implicit conversion: actual to formal param.
中文含义:隐式转换:实际参数到形式参数,调用的函数参数类型是A,结果传入的是B类型
错误代码示例:
static void narrow_int(Uint_32 u32b)
{
; /* ... */
}
static void static_458(void)
{
Uint_64 u64a;
narrow_int(u64a); /* not compliant */
}
628 S :Macro not used in translation unit.
中文含义:#define定义的数据没有被使用过
错误代码示例:
#define SIZE_USED 6 /* compliant */
#define DATA 3 /* not compliant */
INT_32 static_628(void)
{
#define SIZE_NOT_USED 6 /* not compliant */
return SIZE_USED;
}
D类
1 D :Unused Procedure Parameter
中文含义:存在未使用的程序参数
代码示例:
UINT_32 SDA_001( UINT_32 p_1, UINT_32 p_2 )
{
UINT_32 v_1;
v_1 = p_1;
v_1++;
return v_1;
} /* not compliant - p_2 is not used */
18 D :Identifier name reused
中文含义:局部变量名称与全局变量一致
代码示例:
UINT_32 Re_Used;
UINT_32 SDA_018( void )
{
UINT_32 Re_Used; /* not compliant */
Re_Used = 1;
return Re_Used;
}
27 D :Variable should be declared static.
中文含义:意思是只在本文件使用的变量,前面要加static,在其他文件要使用的可不加
错误代码示例:
第一个文件:Sda_027_1.c
#include "c_standards.h"
INT_32 global_1 = 1; /* not compliant */
INT_32 global_2 = 2; /* compliant as used in other file */
static INT_32 SDA_027( void )
{
return global_2 - global_1;
}
INT_32 main( void )
{
return SDA_027() + SDA_027_2();
}
第二个文件:Sda_027_2.c
#include "c_standards.h"
INT_32 global_2;
INT_32 SDA_027_2 ( void )
{
return global_2;
}
28 D :Potentially Infinite loop found.
中文含义:发现潜在的无限循环
错误代码示例:
void SDA_028( void )
{
INT_32 i = 1;
BOOL flag = TRUE;
while (flag) /* not compliant */
{
if (i==0)
{
flag = FALSE;
}
}
}
61 D :Procedure should be declared static.
中文含义:只在当前文件使用的函数应该被声明为static,在其他文件使用的就不声明static
错误代码示例:
Sda_061_1.c
#include "c_standards.h"
static void helper_proc1( void ) { ; } /* compliant */
void helper_proc2( void) { ; } /* not compliant */
void sda_061( void ) /* 因为在第二个文件使用了,所以可不用声明为static */
{
helper_proc1();
helper_proc2();
}
第二个文件:Sda_061_2.c
#include "c_standards.h"
int main(void)
{
sda_061();
return 0;
}
63 D :No definition in system for prototyped procedure
中文含义:函数声明了,但没定义内容
代码示例:
void sda_063_1( void );
void sda_063_2( void ); /* Not compliant */
void sda_063_1( void )
{
/***/
}
int main(void)
{
sda_063_1();
sda_063_2();
return 0;
}
65 D :void function has no side effects.
中文含义:具有无效返回类型的功能应具有外部副作用。未能为生成任何输出做出贡献可能不是开发人员的意图或期望。
个人理解:可能是说函数没有返回值,参数又没有输入指针或结构体去改变什么值,没有任何产出,说这种函数没啥实际意义。
错误代码示例:
static void sda_065_1( void ) /* not compliant */
{
UINT_32 local_int = 1U;
local_int++;
}
69 D :UR anomaly, variable used before assignment.
中文含义:在赋值前使用的变量
错误代码示例:
void sda_069 ( void )
{
UINT_32 var_1; /* not compliant */
var_1++;
}
76 D :Procedure is not called or referenced in code analysed.
中文含义:意思是这个函数未被调用过
代码示例:
static void SDA_076 ( void) /*函数未被调用过 not complaint */
{
;
}
SINT_32 main(void)
{
}
91 D : Function return value potentially unused.
中文含义:函数返回值可能未被使用
代码示例:
static UINT_32 return_unsigned ( void )
{
return 4U;
}
static void SDA_091 ( UINT_32 x )
{
UINT_32 partused;
partused = return_unsigned ( ); /* not compliant */
if ( x == 3 ) /*因为有条件,所以可能未被使用到*/
{
glob_res = partused;
}
/* partused not used down else branch of if statement */
}
105 D :DU anomaly dead code, var value is unused on all paths.
中文含义:意思就是变量的值,在此函数区域内没有使用过
代码示例:
static void sda_105 ( const UINT_32 p1 )
{
UINT_32 var_1 = 0U;
UINT_32 var_2 = p1;
var_1++; /* not compliant - var_1 is not used */
if ( p1 > 42U )
{
printf("%u\n", var_2); /* Compliant - var_2 is used */
}
}
120 D :Pointer param should be declared pointer to const.
中文含义:指针参数应该被定义为const
代码示例:
void sda_120( UINT_32 * pptr1,
const UINT_32 * pptr2, /* compliant */
UINT_32 * pptr3, /* not compliant - should be const */
UINT_32 arr1[ ], /* not compliant - should be const */
const UINT_32 arr2[ ] /* compliant */
)
{
*pptr1 = *pptr2 + *pptr3; /* data at address pptr3 not changed */
/***/
*pptr1 = arr1[0] + arr2[0]; /* array data not changed */
}
128 D :Global pointer not checked within this procedure
中文含义:在使用全局指针之前,没有检查它是否为NULL
代码示例:
UINT_32 *glob1;
UINT_32 *glob2;
void SDA_128(void)
{
UINT_32 loc = *glob1; /* not compliant */
UINT_32 loc2;
if (glob2 != NULL)
{
loc2 = *glob2; /* compliant */
}
}
135 D :Pointer assigned to NULL may be dereferenced.
中文含义:分配给NULL的指针可能会被取消引用,还是要检查空指针的意思,防止有的指针通过判断条件才给其定义指向,但有时候判断不成立,就没有定义指向,指针依旧是NULL,而后面使用前,如果不做NULL判断,就会出问题。
代码示例:
SINT_32 glob = 1;
void sda135(SINT_32 flag)
{
SINT_32 *ptr1 = NULL;
SINT_32 *ptr2 = NULL;
SINT_32 val;
if (flag == 1)
{
ptr1 = &glob;
ptr2 = &glob;
}
val = *ptr1; /* not compliant - ptr1 could be NULL */
if (ptr2 != NULL)
{
val = *ptr2; /* compliant - ptr2 checked for NULL */
}
}
扫一扫
3338
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
