Development Guidelines:MISRA C
The wiki is being retired!
Documentation is now handled by the same processes we use for code: Add something to the Documentation/ directory in the coreboot repo, and it will be rendered to https://doc.coreboot.org/. Contributions welcome!
- 1 General Guidelines
- 2 Required guidelines
- 2.1 Assembly language shall be encapsulated and isolated.
- 2.2 Identifiers in inner scopes shall not shadow identifiers in outer scopes
- 2.3 char shall be used only for the storage and use of character values
- 2.4 Typedefs that indicate size and signedness should be used in place of the basic numerical types
- 2.5 Bit fields shall only be defined to be of type unsigned int or signed int
- 2.6 Bit fields of signed type shall be at least 2 bits long
- Encapsulate and isolate assembly language
- Code shall not be "commented out"
- No use of floating-point arithmetics
- No hiding of identifiers defined in outer scopes
- Typedefs are unique (device_t?)
- Functions shall have prototype declarations
- Local functions should be declared static
- No definitions in header files
- All variables are assigned before use
- All objects should have fully qualified types (unsigned int instead of unsigned)
- We suggest trying to import more such rules, such as additional ones described in MISRA-C 2012 (Guidelines for the use of C in critical systems)
Assembly language shall be encapsulated and isolated.
Assembly instructions should be encapsulated in either assembler functions, C functions or macros.
Identifiers in inner scopes shall not shadow identifiers in outer scopes
char shall be used only for the storage and use of character values
Typedefs that indicate size and signedness should be used in place of the basic numerical types
Use stdint type instead of the old C types (Ex: uint32_t instead of unsigned long")