Development Guidelines:MISRA C

From coreboot
Jump to navigation Jump to search

The wiki is being retired!

Documentation is now handled by the same processes we use for code: Add something to the Documentation/ directory in the coreboot repo, and it will be rendered to Contributions welcome!

General Guidelines

  • Encapsulate and isolate assembly language
  • Code shall not be "commented out"
  • No use of floating-point arithmetics
  • No hiding of identifiers defined in outer scopes
  • Typedefs are unique (device_t?)
  • Functions shall have prototype declarations
  • Local functions should be declared static
  • No definitions in header files
  • All variables are assigned before use
  • All objects should have fully qualified types (unsigned int instead of unsigned)
  • We suggest trying to import more such rules, such as additional ones described in MISRA-C 2012 (Guidelines for the use of C in critical systems)

Required guidelines

Assembly language shall be encapsulated and isolated.

Assembly instructions should be encapsulated in either assembler functions, C functions or macros.

Identifiers in inner scopes shall not shadow identifiers in outer scopes

char shall be used only for the storage and use of character values

Typedefs that indicate size and signedness should be used in place of the basic numerical types

Use stdint type instead of the old C types (Ex: uint32_t instead of unsigned long")

Bit fields shall only be defined to be of type unsigned int or signed int

Bit fields of signed type shall be at least 2 bits long