MISRA C:2012

ToolVersion
PC-Lint V9.00L
ViolationsTotal
Required Directives0
Required Rules8
Advisory Directives1
Advisory Rules7
DirectiveTypeRationale

PC-Lint Results

1.1Required (tick)
2.1Required (tick)
3.1Required (tick)
4.1Required (tick)
4.2Advisory (tick)
4.3Required (tick)
4.4Advisory (tick)
4.5Advisory (tick)
4.6Advisory (tick)
4.7Required (tick)
4.8Advisory (tick)
4.9Advisory
  1. Function-like macros are used instead of functions for several reasons in uC/OS-III. They improve code clarity without increasing overhead for bitwise operations. Additionally, operations such as disabling interrupts and context switching can be optimized by the port developer since they need not incur the overhead of a function call. This style of macro also provides a clean way to add hooks for external instrumentation.
(error)
4.10Required (tick)
4.11Required (tick)
4.12Required (tick)
4.13Advisory (tick)
RuleTypeRationalePC-Lint Results
1.1Required (tick)
1.2Advisory (tick)
1.3Required (tick)
2.1Required
  1. The DEF_BIT_IS_SET(val, mask) and DEF_BIT_IS_CLR(val, mask) macros check to see if mask is 0 in order to return the proper value. Since mask is often a #define constant in the context of uC/OS-III, the expression is a constant value boolean.

  2. DEF_BIT_FIELD(bit_field, bit_shift) is used to calculate the threshold value for detecting if a delay has completed before the task was added to the tick list. The threshold value, OS_TICK_TH_RDY, is purely a function of the size of the OS_TICK datatype and is evaluated at compile-time. The boolean expression in DEF_BIT_FIELD(bit_field, bit_shift) will therefore be a constant-value boolean.
(error)
2.2Required

 

(tick)
2.3Advisory
  1. All kernel types are defined regardless of the kernel features which are enabled. Some types will be unused in certain kernel configurations or are unused but remain in the code for legacy reasons.
(error)
2.4Advisory
  1. The uC/OS-III coding standard requires that all structs have a tag as well as a  type name. However, only the type names may be used in the code. Therefore,  the struct tags remain unused outside of typedefs.
(error)
2.5Advisory
  1. Certain macros are defined for application use, debugging use, or as required by the coding standards. Others are present for backwards-compatibility with older software. These macros may not be referenced by the kernel code in some or all circumstances.
(error)
2.6Advisory (tick)
2.7Advisory (tick)
3.1Required (tick)
3.2Required (tick)
4.1Required (tick)
4.2Advisory (tick)
5.1Required (tick)
5.2Required (tick)
5.3Required (tick)
5.4Required (tick)
5.5Required (tick)
5.6Required (tick)
5.7Required (tick)
5.8Required (tick)
5.9Advisory (tick)
6.1Required (tick)
6.2Required (tick)
7.1Required (tick)
7.2Required (tick)
7.3Required (tick)
7.4Required (tick)
8.1Required (tick)
8.2Required (tick)
8.3Required (tick)
8.4Required
  1. Global variables for uC/OS-III are declared in os.h using the OS_EXT macro as a qualifier. If a file defines OS_GLOBALS before including os.h, the macro is empty and the globals are defined in that file; otherwise, the macro resolves to "extern". This approach provides a simple way to declare and define global variables without duplicating code. However, with this approach the file which defines OS_GLOBALS, os_var.c, will not  have any extern declarations.
(error)
8.5Required (tick)
8.6Required (tick)
8.7Advisory (tick)
8.8Required (tick)
8.9Advisory (tick)
8.10Required (tick)
8.11Advisory (tick)
8.12Required (tick)
8.13Advisory (tick)
8.14Required (tick)
9.1Mandatory (tick)
9.2Required (tick)
9.3Required (tick)
9.4Required (tick)
9.5Required (tick)
10.1Required (tick)
10.2Required (tick)
10.3Required (tick)
10.4Required (tick)
10.5Advisory (tick)
10.6Required (tick)
10.7Required (tick)
10.8Required (tick)
11.1Required (tick)
11.2Required (tick)
11.3Required
  1. uC/OS-III defines a number of kernel objects which may be pended on, such as semaphores, flags, and mutexes. Internally, the kernel manages all of these objects using pointers to a generic type, OS_PEND_OBJ. In order to do this each object is represented by a struct type which is a superset of the os_pend_obj struct type. When a pointer to a kernel object is passed to the appropriate Pend function, it is type cast to first to (void *) and then to  (OS_PEND_OBJ *). The cast to (void *) is used to suppress MISRA Rule 1.3. Because of the overlap in the struct declarations, casts to (OS_PEND_OBJ *) maintain proper alignment and ensure that the common member variables can be legally accessed.

  2. Memory partitions are structured as a linked list of memory blocks. Maintaining this structure requires casting from (void *) to (void **) and vice versa when creating, adding and removing memory blocks to, or traversing the linked list.
(error)
11.4Advisory (tick)
11.5Advisory
  1. Casting from (void *) to other types is performed as described in 11.3
(error)
11.6Required
  1. A pointer is cast to integer type in order to check for proper alignment.
(error)
11.7Required (tick)
11.8Required (tick)
11.9Required (tick)
12.1Advisory (tick)
12.2Required (tick)
12.3Required (tick)
12.4Required (tick)
13.1Required (tick)
13.2Required (tick)
13.3Advisory (tick)
13.4Advisory (tick)
13.5Required (tick)
13.6Mandatory (tick)
14.1Required (tick)
14.2Required (tick)
14.3Required
  1. An if statement uses an invariant boolean expression in order to determine  the width of the architecture's pointer type at run-time. This is an  optimization for checking pointer alignment on 8-bit architectures.
(error)
14.4Required (tick)
15.1Advisory (tick)
15.2Required (tick)
15.3Required (tick)
15.4Advisory (tick)
15.5Advisory
  1. uC/OS-III functions can return from several points before the end of their function block. This is a tightly integrated into the kernel's design and cannot be changed.
(error)
15.6Required (tick)
15.7Required (tick)
16.1Required
  1. Certain switch statements use a return in the final switch case in lieu of  an unconditional break. This is done to improve execution time and code clarity when returning from an error state.
(error)
16.2Required (tick)
16.3Required
  1. Certain switch statements use a return in the final switch case in lieu of  an unconditional break. This is done to improve execution time and code clarity when returning from an error state.
(error)
16.4Required (tick)
16.5Required (tick)
16.6Required (tick)
16.7Required (tick)
17.1Required (tick)
17.2Required (tick)
17.3Mandatory (tick)
17.4Mandatory (tick)
17.5Advisory (tick)
17.6Mandatory (tick)
17.7Required (tick)
17.8Advisory
  1. In order to reduce the overall memory footprint and call stack size, some functions will  modify their parameters rather than declare new variables.
(error)
18.1Required (tick)
18.2RequiredPlease see Note 1.(tick)
18.3Required
  1. A pointer comparison is used to check for a stack overflow when creating the initial stack frame for a new task.
(error)
18.4Advisory
  1. Pointer arithmetic is used to calculate pointers to the individual memory blocks when creating memory partitions.

  2. Pointer arithmetic is used to calculate the stack limit when creating a task stack.
(error)
18.5Advisory (tick)
18.6Required (tick)
18.7Required (tick)
18.8Required (tick)
19.1Mandatory (tick)
19.2Advisory (tick)
20.1Advisory (tick)
20.2Required (tick)
20.3Required (tick)
20.4Required (tick)
20.5Advisory (tick)
20.6Required (tick)
20.7Required (tick)
20.8Required (tick)
20.9Required (tick)
20.10Advisory (tick)
20.11Required (tick)
20.12Required (tick)
20.13Required (tick)
20.14Required (tick)
21.1Required (tick)
21.2Required (tick)
21.3Required (tick)
21.4Required (tick)
21.5Required (tick)
21.6Required (tick)
21.7Required (tick)
21.8Required (tick)
21.9Required (tick)
21.10Required (tick)
21.11Required (tick)
21.12Advisory (tick)
22.1Required (tick)
22.2Mandatory (tick)
22.3Required (tick)
22.4Mandatory (tick)
22.5Mandatory (tick)
22.6Mandatory (tick)

 

Note 1 - uC/OS-III uses a relational operator to compare pointers when checking for stack overflows.
This potentially violates rule 18.3 but not rule 18.2, which prohibits subtraction operators between pointers unless they point to elements of same array.
Because PC-Lint uses the same error message for both rules, a manual check should be made to verify that rule 18.3 is not violated.

 

Related pages