Real Time Systems

IOAN Andrei 28.05.
2013

1

Real Time Systems

MISRA/JSF
Code Safety Checkers

IOAN Andrei 28.05.2013

2

Cosmic Software MISRA CHECKER
The Cosmic Software MISRA Checker is a standalone software utility that
aids in the production of well structured and portable C language code using
guidelines prescribed by the Motor Industry Software Reliability Association.
The Cosmic MISRA Checker is designed to provide comprehensive static MISRA
compliance checking that executes fast enough to be used on every compile.
Features:
Can be used with any ANSI C compiler
Can be configured to check any combination of rules on a whole
project or one file at a time
Save conformance errors for the whole project or individual files for
use in conformance reports and application documentation
A command line interface is included for automated reports using
batch or make files

QA C++
QA C++ is a static analysis solution for advanced C++ environments which
includes language compliance (up to C++ 11) and advanced language and
dataflow analysis. QA C++ includes copliance packages for MISRA C++, HIC++
and JSF AV C++ coding standards, it also offers and effective automated means
of code analyzing.
Features:
Automated code inspection provides instant, object, repeatable
code audits
Dataflow analysis to catch bugs
Minimal false positives


3
Splint (MISRA)
Splint is a tool for statically checking C programs for security vulnerabilities
and coding mistakes. With minimal effort, Splint can be used as a better lint. If
additional effort is invested adding annotations to programs, Splint can
perform stronger checking than can be done by any standard lint.
Output sample provided by Splint:
C:\splint-3.1.2\bin>splint.exe test.c
Splint 3.1.2 --- 25 Aug 2010

test.c: (in function init_inventory)
test.c(32,2): Assignment of double to unsigned char: inv->slot[0].uc_price_10cent = (1.10 * 10ul)
Types are incompatible. (Use -type to inhibit warning)
test.c(33,2): Assignment of int to unsigned char: inv->slot[0].uc_amount_left = 10
To make char and int types equivalent, use +charint.
test.c(49,2): Assignment of int to unsigned char: inv->slot[4].uc_amount_left = 10 - 6
test.c(52,2): Assignment of int to unsigned char: inv->uc_change_10cts = 20 / 2
test.c: (in function show_inventory)
test.c(60,26): Variable z initialized to type int, expects unsigned char: 0
test.c(60,19): Variable i initialized to type int, expects unsigned char: 0
test.c(61,6): Assignment of int to unsigned char: i = 0
test.c(61,10): Operands of < have incompatible types (unsigned char, int):i < 5
test.c(61,14): Operand of ++ is non-numeric (unsigned char): i
test.c(62,39): Incompatible types for + (unsigned char, int): i + 1
test.c(62,43): Array fetch using non-integer, unsigned char: inv->slot[i]
To allow char types to index arrays, use +charindex. (Use +charindex to
inhibit warning)
test.c(63,8): Assignment of int to unsigned char: z = 0
test.c(63,15): Operands of < have incompatible types (unsigned char, int): z < 10
test.c(63,23): Operand of ++ is non-numeric (unsigned char): z
test.c(63,15): Incompatible types for < (unsigned char, int) (in post loop test): z < 10
test.c(61,10): Incompatible types for < (unsigned char, int) (in post loop test): i < 5
test.c: (in function main)
test.c(75,35): Variable i initialized to type int, expects unsigned char: 0

4
test.c(75,47): Variable helper initialized to type int, expects unsigned char: 0
test.c(75,59): Variable change initialized to type int, expects unsigned char: 0
test.c(75,28): Variable uc_choice initialized to type int, expects unsigned char: 0
test.c(76,63): Variable uc_coin_count_20cts initialized to type int, expects unsigned char: 0
test.c(80,17): Passed storage *(inv.slot) contains 3 undefined fields: c_name, uc_amount_left,
uc_price_10cent
Storage derivable from a parameter, return value or global is not defined.
Use /*@out@*/ to denote passed or returned storage which need not be defined.
(Use -compdef to inhibit warning)
test.c(80,17): Passed storage inv contains 6 undefined fields: uc_change_10cts, uc_change_20cts,
uc_change_50cts, uc_change_100cts, ...
test.c(83,3): Return value (type int) ignored: system("cls")
Result returned by function call is not used. If this is intended, can cast
result to (void) to eliminate message. (Use -retvalint to inhibit warning)
test.c(88,10): Operand of ! is non-boolean (unsigned char): !inv.uc_change_10cts
The operand of a boolean operator is not a boolean. Use +ptrnegate to allow !
to be used on pointers. (Use -boolops to inhibit warning)
test.c(91,5): Return value (type int) ignored: scanf("%s", input)
test.c(92,5): Assignment of int to unsigned char: uc_choice = atoi(input) - 1
test.c(93,9): Operands of < have incompatible types (unsigned char, int): uc_choice < 5
test.c(95,10): Array fetch using non-integer, unsigned char: inv.slot[uc_choice]
test.c(95,10): Test expression for if not boolean, type unsigned char:
inv.slot[uc_choice].uc_amount_left
Test expression type is not boolean. (Use -predboolothers to inhibit warning)
test.c(100,14): Operands of == have incompatible types (unsigned char, int): uc_choice == 254
test.c(106,5): Assignment of int to unsigned char: inv.uc_inserted_m = 0
test.c(109,6): Return value (type int) ignored: system("cls")
test.c(114,6): Return value (type int) ignored: scanf("%s", input)
test.c(117,11): Operands of == have incompatible types (unsigned char, int): helper == 1
test.c(123,9): Operand of ++ is non-numeric (unsigned char): inv.uc_change_200cts
test.c(148,17): Operands of < have incompatible types (unsigned char, int): i < 10
test.c(148,17): Incompatible types for < (unsigned char, int) (in post looptest): i < 10
test.c(154,5): Unrecognized identifier: Sleep Identifier used in code has not been declared. (Use -
unrecog to inhibit warning)

5
test.c(157,5): Operand of -- is non-numeric (unsigned char): inv.slot[uc_choice].uc_amount_left
test.c(173,5): Assignment of int to unsigned char: uc_coin_count_10cts = 0
test.c(179,9): Test expression for if not boolean, type unsigned char: inv.uc_change_10cts
test.c(182,13): Test expression for while not boolean, type unsigned char: change
test.c(184,12): Operands of >= have incompatible types (unsigned char, int): change >= 20
test.c(184,29): Right operand of && is non-boolean (unsigned char): (change >= 20) &&
inv.uc_change_200cts
test.c(186,8): Operand of -- is non-numeric (unsigned char): inv.uc_change_200cts
test.c(187,8): Incompatible types for -= (unsigned char, int): change -= 20
test.c(188,8): Operand of ++ is non-numeric (unsigned char): uc_coin_count_200cts
inv.uc_change_100cts
inv.uc_change_50cts
inv.uc_change_20cts
inv.uc_change_10cts
test.c(216,83): Format argument 1 to printf (%u) expects unsigned int getsunsigned char:
uc_coin_count_10cts
test.c(216,15): Corresponding format code
test.c(216,103): Format argument 2 to printf (%u) expects unsigned int gets unsigned char:
uc_coin_count_20cts

6
uc_coin_count_50cts
uc_coin_count_100cts
uc_coin_count_200cts
test.c(222,12): Unrecognized identifier: kbhit
test.c(12,70): Variable exported but not used outside test: state
A declaration is exported, but not used outside this module. Declaration can
use static qualifier. (Use -exportlocal to inhibit warning)
test.c(30,6): Function exported but not used outside test: init_inventory
test.c(57,1): Definition of init_inventory
test.c(59,6): Function exported but not used outside test: show_inventory
test.c(70,1): Definition of show_inventory

Finished checking --- 142 code warnings

Real Time Systems

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Real Time Systems

Transféré par

Droits d'auteur :

Formats disponibles

IOAN Andrei 28.05.

Vous aimerez peut-être aussi