Development Guidelines:MISRA C: Difference between revisions
Jump to navigation
Jump to search
| Line 22: | Line 22: | ||
=== '''char''' shall be used only for the storage and use of character values === | === '''char''' shall be used only for the storage and use of character values === | ||
=== Typedefs that indicate size and signedness should be used in place of the basic numerical types === | |||
Use stdint type instead of the old C types (Ex: '''uint32_t''' instead of '''unsigned long") | |||
=== Bit fields shall only be defined to be of type unsigned int or signed int === | |||
=== Bit fields of signed type shall be at least 2 bits long === | |||
Latest revision as of 00:58, 16 February 2014
General Guidelines
- Encapsulate and isolate assembly language
- Code shall not be "commented out"
- No use of floating-point arithmetics
- No hiding of identifiers defined in outer scopes
- Typedefs are unique (device_t?)
- Functions shall have prototype declarations
- Local functions should be declared static
- No definitions in header files
- All variables are assigned before use
- All objects should have fully qualified types (unsigned int instead of unsigned)
- We suggest trying to import more such rules, such as additional ones described in MISRA-C 2012 (Guidelines for the use of C in critical systems)
Required guidelines
Assembly language shall be encapsulated and isolated.
Assembly instructions should be encapsulated in either assembler functions, C functions or macros.
Identifiers in inner scopes shall not shadow identifiers in outer scopes
char shall be used only for the storage and use of character values
Typedefs that indicate size and signedness should be used in place of the basic numerical types
Use stdint type instead of the old C types (Ex: uint32_t instead of unsigned long")