Development Guidelines:MISRA C: Difference between revisions

From coreboot
Jump to navigation Jump to search
(Created page with "== General Guidelines == * Encapsulate and isolate assembly language * Code shall not be "commented out" * No use of floating-point arithmetics * No hiding of identifiers def...")
 
 
(One intermediate revision by the same user not shown)
Line 12: Line 12:
* All objects should have fully qualified types (''unsigned int'' instead of ''unsigned'')
* All objects should have fully qualified types (''unsigned int'' instead of ''unsigned'')
* We suggest trying to import more such rules, such as additional ones described in [http://www.misra.org.uk/index.htm MISRA-C 2012] (''Guidelines for the use of C in critical systems'')
* We suggest trying to import more such rules, such as additional ones described in [http://www.misra.org.uk/index.htm MISRA-C 2012] (''Guidelines for the use of C in critical systems'')
== Required guidelines ==
=== Assembly language shall be encapsulated and isolated. ===
Assembly instructions should be encapsulated in either assembler functions, C functions or macros.
=== Identifiers in inner scopes shall not shadow identifiers in outer scopes ===
=== '''char''' shall be used only for the storage and use of character values ===
=== Typedefs that indicate size and signedness should be used in place of the basic numerical types ===
Use stdint type instead of the old C types (Ex: '''uint32_t''' instead of '''unsigned long")
=== Bit fields shall only be defined to be of type unsigned int or signed int ===
=== Bit fields of signed type shall be at least 2 bits long ===

Latest revision as of 00:58, 16 February 2014

General Guidelines

  • Encapsulate and isolate assembly language
  • Code shall not be "commented out"
  • No use of floating-point arithmetics
  • No hiding of identifiers defined in outer scopes
  • Typedefs are unique (device_t?)
  • Functions shall have prototype declarations
  • Local functions should be declared static
  • No definitions in header files
  • All variables are assigned before use
  • All objects should have fully qualified types (unsigned int instead of unsigned)
  • We suggest trying to import more such rules, such as additional ones described in MISRA-C 2012 (Guidelines for the use of C in critical systems)

Required guidelines

Assembly language shall be encapsulated and isolated.

Assembly instructions should be encapsulated in either assembler functions, C functions or macros.

Identifiers in inner scopes shall not shadow identifiers in outer scopes

char shall be used only for the storage and use of character values

Typedefs that indicate size and signedness should be used in place of the basic numerical types

Use stdint type instead of the old C types (Ex: uint32_t instead of unsigned long")


Bit fields shall only be defined to be of type unsigned int or signed int

Bit fields of signed type shall be at least 2 bits long