Классификация предупреждений PVS-Studio согласно стандартам: MISRA C, MISRA C++
MISRA C и MISRA C++ - это стандарты разработки программного обеспечения, созданные организацией MISRA (Motor Industry Software Reliability Association). Цель стандартов - улучшить безопасность, переносимость и надежность программ для встраиваемых систем.
Анализатор ориентирован на последние версии стандартов: MISRA C:2012 и MISRA C++:2008.
C/C++ диагностики
|
Error Code |
Error Description |
Mapping |
|---|---|---|
|
Octal constants should not be used. |
MISRA-C-7.1, MISRA-CPP-2.13.2 |
|
|
The 'goto' statement should not be used. |
MISRA-C-15.1 |
|
|
Implicitly specified enumeration constants should be unique – consider specifying non-unique constants explicitly. |
MISRA-C-8.12 |
|
|
Size of an array is not specified. |
MISRA-C-8.11, MISRA-CPP-3.1.3 |
|
|
The 'goto' statement shouldn't jump to a label declared earlier. |
MISRA-C-15.2, MISRA-CPP-6.6.2 |
|
|
A function should have a single point of exit at the end. |
MISRA-C-15.5, MISRA-CPP-6.6.5 |
|
|
The body of a loop\conditional statement should be enclosed in braces. |
MISRA-C-15.6, MISRA-CPP-6.3.1, MISRA-CPP-6.4.1 |
|
|
The function with the 'atof/atoi/atol/atoll' name should not be used. |
MISRA-C-21.7, MISRA-CPP-18.0.2 |
|
|
The function with the 'abort/exit/getenv/system' name should not be used. |
MISRA-C-21.8, MISRA-CPP-18.0.3 |
|
|
The function with the 'qsort/bsearch' name should not be used. |
MISRA-C-21.9 |
|
|
Memory allocation and deallocation functions should not be used. |
MISRA-C-21.3, MISRA-CPP-18.4.1 |
|
|
The macro with the 'setjmp' name and the function with the 'longjmp' name should not be used. |
MISRA-C-21.4, MISRA-CPP-17.0.5 |
|
|
Unbounded functions performing string operations should not be used. |
MISRA-CPP-18.0.5 |
|
|
Unions should not be used. |
MISRA-C-19.2, MISRA-CPP-9.5.1 |
|
|
Declaration should contain no more than two levels of pointer nesting. |
MISRA-C-18.5, MISRA-CPP-5.0.19 |
|
|
The 'if' ... 'else if' construct should be terminated with an 'else' statement. |
MISRA-C-15.7, MISRA-CPP-6.4.2 |
|
|
Literal suffixes should not contain lowercase characters. |
MISRA-C-7.3, MISRA-CPP-2.13.4 |
|
|
The 'default' label should be either the first or the last label of a 'switch' statement. |
MISRA-C-16.5 |
|
|
Every 'switch' statement should have a 'default' label, which, in addition to the terminating 'break' statement, should contain either a statement or a comment. |
MISRA-C-16.4 |
|
|
Every switch-clause should be terminated by an unconditional 'break' or 'throw' statement. |
MISRA-C-16.3, MISRA-CPP-6.4.5 |
|
|
Only the first member of enumerator list should be explicitly initialized, unless all members are explicitly initialized. |
MISRA-CPP-8.5.3 |
|
|
The 'switch' statement should have 'default' as the last label. |
MISRA-CPP-6.4.6 |
|
|
All integer constants of unsigned type should have 'u' or 'U' suffix. |
MISRA-C-7.2, MISRA-CPP-2.13.3 |
|
|
A switch-label should only appear at the top level of the compound statement forming the body of a 'switch' statement. |
MISRA-C-16.2, MISRA-CPP-6.4.4 |
|
|
Every 'switch' statement should contain non-empty switch-clauses. |
MISRA-C-16.6, MISRA-CPP-6.4.8 |
|
|
The functions from time.h/ctime should not be used. |
MISRA-C-21.10, MISRA-CPP-18.0.4 |
|
|
A switch-expression should not have Boolean type. Consider using of 'if-else' construct. |
MISRA-C-16.7, MISRA-CPP-6.4.7 |
|
|
The comma operator should not be used. |
MISRA-C-12.3, MISRA-CPP-5.18.1 |
|
|
Any label should be declared in the same block as 'goto' statement or in any block enclosing it. |
MISRA-C-15.3, MISRA-CPP-6.6.1 |
|
|
Any loop should be terminated with no more than one 'break' or 'goto' statement. |
MISRA-C-15.4, MISRA-CPP-6.6.4 |
|
|
Expression of essential type 'foo' should not be explicitly cast to essential type 'bar'. |
MISRA-C-10.5 |
|
|
String literal should not be assigned to object unless it has type of pointer to const-qualified char. |
MISRA-C-7.4 |
|
|
C-style and functional notation casts should not be performed. |
MISRA-CPP-5.2.4 |
|
|
The loop counter should not have floating-point type. |
MISRA-C-14.1, MISRA-CPP-6.5.1 |
|
|
Unreachable code should not be present in the project. |
MISRA-C-2.1, MISRA-CPP-0.1.1 |
|
|
Function should not contain labels not used by any 'goto' statements. |
MISRA-C-2.6 |
|
|
Functions should not have unused parameters. |
MISRA-C-2.7, MISRA-CPP-0.1.11 |
|
|
The value of uninitialized variable should not be used. |
MISRA-C-9.1, MISRA-CPP-8.5.1 |
|
|
Class destructor should not exit with an exception. |
MISRA-CPP-15.5.1 |
|
|
Arrays should not be partially initialized. |
MISRA-C-9.3 |
|
|
Function should not be declared implicitly. |
MISRA-C-17.3 |
|
|
Function with a non-void return type should return a value from all exit paths. |
MISRA-C-17.4, MISRA-CPP-8.4.3 |
|
|
Value of the essential character type should be used appropriately in the addition/subtraction operations. |
MISRA-C-10.2 |
|
|
The values used in expressions should have appropriate essential types. |
MISRA-C-10.1 |
|
|
Conversion between pointers of different object types should not be performed. |
MISRA-C-11.3 |
|
|
Expression resulting from the macro expansion should be surrounded by parentheses. |
MISRA-C-20.7, MISRA-CPP-16.0.6 |
|
|
The return value of non-void function should be used. |
MISRA-C-17.7, MISRA-CPP-0.1.7 |
|
|
The address of an object with local scope should not be passed out of its scope. |
MISRA-C-18.6, MISRA-CPP-7.5.2 |
|
|
Pointer to FILE should not be dereferenced. |
MISRA-C-22.5 |
|
|
Floating-point values should not be tested for equality or inequality. |
MISRA-CPP-6.2.2 |
|
|
Variable should be declared in a scope that minimizes its visibility. |
MISRA-CPP-3.4.1 |
|
|
Expressions with enum underlying type should have values corresponding to the enumerators of the enumeration. |
MISRA-CPP-7.2.1 |
|
|
Unary minus operator should not be applied to an expression of the unsigned type. |
MISRA-CPP-5.3.2 |
|
|
Expression containing increment (++) or decrement (--) should not have other side effects. |
MISRA-C-13.3, MISRA-CPP-5.2.10 |
|
|
Incorrect shifting expression. |
MISRA-C-12.2, MISRA-CPP-5.8.1 |
|
|
Use of a pointer to FILE when the associated stream has already been closed. |
MISRA-C-22.6 |
|
|
Operand of sizeof() operator should not have other side effects. |
MISRA-C-13.6, MISRA-CPP-5.3.4 |
|
|
A pointer/reference parameter in a function should be declared as pointer/reference to const if the corresponding object was not modified. |
MISRA-CPP-7.1.2 |
|
|
Subtraction, >, >=, <, <= should be applied only to pointers that address elements of the same array. |
MISRA-CPP-5.0.17, MISRA-CPP-5.0.18 |
|
|
There should be no user-defined variadic functions. |
MISRA-CPP-8.4.1 |
|
|
The result of an assignment expression should not be used. |
MISRA-C-13.4, MISRA-CPP-6.2.1 |
|
|
Expressions with pointer type should not be used in the '+', '-', '+=' and '-=' operations. |
MISRA-C-18.4, MISRA-CPP-5.0.15 |
|
|
Array indexing should be the only form of pointer arithmetic and it should be applied only to objects defined as an array type. |
MISRA-CPP-5.0.15 |
|
|
There should be no implicit integral-floating conversion. |
MISRA-CPP-5.0.5 |
|
|
A function should not call itself either directly or indirectly. |
MISRA-C-17.2, MISRA-CPP-7.5.4 |
|
|
Constant expression evaluation should not result in an unsigned integer wrap-around. |
MISRA-C-12.4, MISRA-CPP-5.19.1 |
|
|
Cast should not remove 'const' / 'volatile' qualification from the type that is pointed to by a pointer or a reference. |
MISRA-C-11.8, MISRA-CPP-5.2.5 |
|
|
Both operands of an operator should be of the same type category. |
MISRA-C-10.4 |
|
|
The 'operator &&', 'operator ||', 'operator ,' and the unary 'operator &' should not be overloaded. |
MISRA-CPP-5.2.11, MISRA-CPP-5.3.3 |
|
|
Operands of the logical '&&' or the '||' operators, the '!' operator should have 'bool' type. |
MISRA-CPP-5.3.1 |
|
|
Conversions between pointers to objects and integer types should not be performed. |
MISRA-C-11.4, MISRA-C-11.5, MISRA-CPP-5.2.8, MISRA-CPP-5.2.9 |
|
|
Value of the expression should not be converted to the different essential type or the narrower essential type. |
MISRA-C-10.3 |
|
|
Identifiers that start with '__' or '_[A-Z]' are reserved. |
MISRA-C-21.1, MISRA-C-21.2, MISRA-CPP-17.0.1 |
|
|
Functions should not be declared at block scope. |
MISRA-CPP-3.1.2 |
|
|
The global namespace should only contain 'main', namespace declarations and 'extern "C"' declarations. |
MISRA-CPP-7.3.1 |
|
|
The identifier 'main' should not be used for a function other than the global function 'main'. |
MISRA-CPP-7.3.2 |
|
|
The function argument corresponding to a parameter declared to have an array type should have an appropriate number of elements. |
MISRA-C-17.5 |
|
|
An identifier with array type passed as a function argument should not decay to a pointer. |
MISRA-CPP-5.2.12 |
|
|
Macro should not be defined with the same name as a keyword. |
MISRA-C-20.4 |
|
|
The 'restrict' specifier should not be used. |
MISRA-C-8.14 |
|
|
Single-line comments should not end with a continuation token. |
MISRA-C-3.2 |
|
|
Block of memory should only be freed if it was allocated by a Standard Library function. |
MISRA-C-22.2 |
|
|
Line whose first token is '#' should be a valid preprocessing directive. |
MISRA-C-20.13 |
|
|
Expression used in condition should have essential Boolean type. |
MISRA-C-14.4 |
|
|
Casts between a void pointer and an arithmetic type should not be performed. |
MISRA-C-11.6 |
|
|
Flexible array members should not be declared. |
MISRA-C-18.7 |
|
|
The '//' and '/*' character sequences should not appear within comments. |
MISRA-C-3.1 |
|
|
All memory or resources allocated dynamically should be explicitly released. |
MISRA-C-22.1 |
|
|
Casts between a pointer and a non-integer arithmetic type should not be performed. |
MISRA-C-11.7 |
|
|
Conversions should not be performed between pointer to function and any other type. |
MISRA-C-11.1 |
|
|
Bit fields should only be declared with explicitly signed or unsigned integer type |
MISRA-C-6.1 |
|
|
An identifier declared in an inner scope should not hide an identifier in an outer scope. |
MISRA-C-5.3 |
|
|
Single-bit bit fields should not be declared as signed type. |
MISRA-C-6.2 |
|
|
Controlling expressions should not be invariant. |
MISRA-C-14.3 |
|
|
Array size should be specified explicitly when array declaration uses designated initialization. |
MISRA-C-9.5 |
|
|
The value of a composite expression should not be assigned to an object with wider essential type. |
MISRA-C-10.6 |
|
|
Cast should not convert pointer to function to any other pointer type. |
MISRA-CPP-5.2.6 |
|
|
Variable length array types are not allowed. |
MISRA-C-18.8 |
|
|
The standard signal handling functions should not be used. |
MISRA-C-21.5, MISRA-CPP-18.7.1 |
|
|
The standard input/output functions should not be used. |
MISRA-C-21.6, MISRA-CPP-27.0.1 |
|
|
Functions should be declared in prototype form with named parameters. |
MISRA-C-8.2 |
|
|
Octal and hexadecimal escape sequences should be terminated. |
MISRA-C-4.1 |
|
|
The 'static' keyword shall not be used between [] in the declaration of an array parameter. |
MISRA-C-17.6 |
|
|
Features from <stdarg.h> should not be used. |
MISRA-C-17.1 |
|
|
Features from <tgmath.h> should not be used. |
MISRA-C-21.11 |
|
|
There should be no attempt to write to a stream that has been opened for reading. |
MISRA-C-22.4 |
|
|
Inline functions should be declared with the static storage class. |
MISRA-C-8.10 |
|
|
The 'static' storage class specifier should be used in all declarations of object and functions that have internal linkage. |
MISRA-C-8.8, MISRA-CPP-3.3.2 |
|
|
There should be no occurrence of undefined or critical unspecified behaviour. |
MISRA-C-1.3 |
|
|
The ', " or \ characters and the /* or // character sequences should not occur in a header file name. |
MISRA-C-20.2 |
|
|
Casts between a pointer to an incomplete type and any other type shouldn't be performed. |
MISRA-C-11.2 |
|
|
Array element should not be initialized more than once. |
MISRA-C-9.4 |
|
|
Operand that is a composite expression has more narrow essential type than the other operand. |
MISRA-C-10.7 |
|
|
External identifiers should be distinct. |
MISRA-C-5.1 |
|
|
A compatible declaration should be visible when an object or function with external linkage is defined. |
MISRA-C-8.4 |
|
|
All conditional inclusion preprocessor directives should reside in the same file as the conditional inclusion directive to which they are related. |
MISRA-C-20.4, MISRA-CPP-16.1.2 |
|
|
Object should not be assigned or copied to an overlapping object. |
MISRA-C-19.1 |
|
|
Identifiers declared in the same scope and name space should be distinct. |
MISRA-C-5.2 |
|
|
Typedef names should be unique across all name spaces. |
MISRA-C-5.6 |
|
|
Value of a composite expression should not be cast to a different essential type category or a wider essential type. |
MISRA-C-10.8 |
|
|
Tag names should be unique across all name spaces. |
MISRA-C-5.7 |
|
|
External object or function should be declared once in one and only one file. |
MISRA-C-8.5 |
|
|
Macro identifiers should be distinct. |
MISRA-C-5.4 |
|
|
The initializer for an aggregate or union should be enclosed in braces. |
MISRA-C-9.2 |
|
|
Identifiers that define objects or functions with external linkage shall be unique. |
MISRA-C-5.8 |