MISRA C:2004 rules mapped to Klocwork certified checkers
MISRA C Rule | Klocwork Checker Code and Description |
---|---|
1.1 |
Enforced by the Klocwork compiler |
1.2 |
Partially statically verifiable – as yet not done |
1.3 |
Unsupported - not statically verifiable |
1.4 |
Unsupported - not statically verifiable |
1.5 |
Unsupported - not statically verifiable |
2.1 |
MISRA.ASM.ENCAPS Assembly language is not isolated. |
2.2 |
MISRA.TOKEN.CPCOM C++ style comments |
2.3 |
MISRA.TOKEN.BADCOM Inappropriate character sequence in a comment |
2.4 |
Unsupported - no plans to support |
3.1 |
Unsupported - not statically verifiable |
3.2 |
Unsupported - not statically verifiable |
3.3 |
Unsupported - not statically verifiable |
3.4 |
MISRA.PRAGMA Non-documented pragma directive |
3.5 |
Unsupported - not statically verifiable |
3.6 |
Unsupported - not statically verifiable |
4.1 |
MISRA.TOKEN.WRONGESC Incorrect escape sequence in a literal |
4.2 |
MISRA.CHAR.TRIGRAPH Trigraph usage |
5.1 |
MISRA.DEFINE.LONGNAME Macro name is too long MISRA.IDENT.LONG Identifier is longer than 31 characters |
5.2 |
MISRA.VAR.HIDDEN Identifier declared in an inner scope hides identifier in outer scope |
5.3 |
MISRA.TYPEDEF.NOT_UNIQUE Typedef name is used for another entity |
5.4 |
MISRA.CT.UNIQUE.ID Identifier clashes with tag name |
5.5 |
MISRA.VAR.UNIQUE.STATIC Identifier with static storage specifier clashes with other identifier |
5.6 |
MISRA.TYPE.NAMECLASH.C.2004 Identifier in one name space has same spelling as identifier in other name space |
5.7 |
MISRA.VAR.UNIQUE Identifier clashes with other identifier |
6.1 |
MISRA.CHAR.NOT_CHARACTER 'char' is used for non-character value |
6.2 |
MISRA.SIGNED_CHAR.NOT_NUMERIC 'signed char' or 'unsigned char' is used for non-numeric value |
6.3 |
MISRA.BUILTIN_NUMERIC Builtin numeric type is used |
6.4 |
MISRA.BITFIELD.TYPE Type of bit-field is not signed/unsigned integer |
6.5 |
MISRA.BITFIELD.SIGNED Length of a named signed bit-field is less than 2 MISRA.BITFIELD.SIGNED.UNNAMED Length of an unnamed signed bit-field is less than 2 |
7.1 |
MISRA.TOKEN.OCTAL.ESCAPE Usage of octal escape sequences MISRA.TOKEN.OCTAL.INT Usage of octal integer constants |
8.1 |
MISRA.FUNC.NOPROT.CALL Function is called but has no prototype MISRA.FUNC.NOPROT.DEF Function has a definition but no prototype |
8.2 |
MISRA.DECL.NO_TYPE Declaration without a type |
8.3 |
MISRA.OBJ.TYPE.IDENT Type not identical with type of other declaration |
8.4 |
MISRA.OBJ.TYPE.COMPAT Type not compatible with type of other declaration |
8.5 |
MISRA.ONEDEFRULE.FUNC Global function definition in a header file MISRA.ONEDEFRULE.VAR Global variable definition in a header file |
8.6 |
MISRA.DECL.FUNC_LOCAL Function is declared locally |
8.7 |
MISRA.VAR.MIN.VIS Name visibility is too wide |
8.8 |
Unsupported - no plans to support |
8.9 |
Unsupported - no plans to support |
8.10 |
Unsupported - no plans to support |
8.11 |
MISRA.FUNC.STATIC.REDECL Function or object redeclaration does not include 'static' modifier |
8.12 |
MISRA.DECL.ARRAY_SIZE Declaration of array with unknown size |
9.1 |
UNINIT.HEAP.MIGHT Uninitialized Heap Use - possible UNINIT.HEAP.MUST Uninitialized Heap Use UNINIT.STACK.ARRAY.MIGHT Uninitialized Array - possible UNINIT.STACK.ARRAY.MUST Uninitialized Array UNINIT.STACK.ARRAY.PARTIAL.MUST Partially Uninitialized Array UNINIT.STACK.MIGHT Uninitialized Variable - possible UNINIT.STACK.MUST Uninitialized Variable |
9.2 |
MISRA.INIT.BRACES Incorrect initializer braces placement. |
9.3 |
MISRA.ENUM.INIT Non-first enumerator is explicitly initialized, but not all elements are explicitly initialized. |
10.1 |
MISRA.CVALUE.IMPL.CAST The value of an expression implicitly converted to a different type |
10.2 |
MISRA.CVALUE.IMPL.CAST The value of an expression implicitly converted to a different type |
10.3 |
MISRA.CAST.INT Non-trivial integer expression is cast to a wider type, or type with a different signedness |
10.4 |
MISRA.CAST.FLOAT Non-trivial float expression is cast to a wider type |
10.5 |
MISRA.CAST.UNSIGNED_BITS The result of bitwise operation on unsigned char or short is not cast back to original type |
10.6 |
MISRA.LITERAL.UNSIGNED.SUFFIX Unsigned integer literal without 'U' suffix |
11.1 |
MISRA.CAST.FUNC_PTR Cast between a function pointer and a non-integral type |
11.2 |
MISRA.CAST.PTR.UNRELATED Object of pointer type cast to unrelated type |
11.3 |
MISRA.CAST.PTR_TO_INT Cast between a pointer and an integral type |
11.4 |
MISRA.CAST.PTR Cast between a pointer to object type and a different pointer to object type |
11.5 |
MISRA.CAST.CONST Cast operation removes const or volatile modifier from a pointer or reference |
12.1 |
MISRA.EXPR.PARENS.INSUFFICIENT Limited dependence required for operator precedence rules in expressions MISRA.EXPR.PARENS.REDUNDANT Limited dependence required for operator precedence rules in expressions |
12.2 |
PORTING.VAR.EFFECTS Variable used twice in one expression where one usage is subject to side-effects |
12.3 |
MISRA.SIZEOF.SIDE_EFFECT Operand of sizeof has side effects |
12.4 |
MISRA.LOGIC.SIDEEFF Right operand in a logical 'and' or 'or' expression contains side effects MISRA.LOGIC.SIDEEFF.COND Branch expression in a conditional expression contains side effects |
12.5 |
MISRA.LOGIC.PRIMARY Operand in a logical 'and' or 'or' expression is not a primary expression |
12.6 |
MISRA.LOGIC.OPERAND.NOT_BOOL Operand of logical operator is not effectively boolean MISRA.LOGIC.OPERATOR.NOT_BOOL Operand of non-logical operator is effectively boolean |
12.7 |
MISRA.BITS.NOT_UNSIGNED Operand of bitwise operation is not unsigned integer MISRA.BITS.NOT_UNSIGNED.PREP Operand of bitwise operation is not unsigned integer |
12.8 |
MISRA.SHIFT.RANGE Right operand of shift operation is out of range - greater or equal to max bit-length of left operand, or negative |
12.9 |
MISRA.UMINUS.UNSIGNED Operand of unary minus is unsigned |
12.10 |
MISRA.COMMA Comma operator is used |
12.11 |
MISRA.COMP.WRAPAROUND Wrap-around in a condition MISRA.ELIF.WRAPAROUND Wrap-around in #elif directive MISRA.IF.WRAPAROUND Wrap-around in #if directive |
12.12 |
MISRA.FLOAT.BIT.REPR Use of bit manipulations of floating-point values which rely on storage layout |
12.13 |
MISRA.INCR_DECR.OTHER Increment or decrement operator is mixed with other operators in expression |
13.1 |
MISRA.ASSIGN.COND Assignment operator is used in a condition |
13.2 |
MISRA.ZERO_EQ.IMPLICIT Non-boolean expression is implicitly tested against zero |
13.3 |
MISRA.FLOAT_EQUAL Floating point expression is tested for equality |
13.4 |
MISRA.FOR.COND.FLT Floating point object is used in the condition section of a 'for' loop |
13.5 |
MISRA.FOR.COND For loop condition does not depend on loop counter MISRA.FOR.INCR.CHANGE For loop increment expression does not change loop counter |
13.6 |
MISRA.FOR.STMT.CHANGE For loop counter is modified within the loop statement |
13.7 |
INVARIANT_CONDITION.GEN Invariant expression in a condition INVARIANT_CONDITION.UNREACH Invariant expression in a condition |
14.1 |
UNREACH.ENUM Code is unreachable due to the possible value(s) of an enum UNREACH.GEN Unreachable code UNREACH.RETURN Unreachable Void Return |
14.2 |
MISRA.STMT.NO_EFFECT The statement has no side effects, and does not change control flow |
14.3 |
MISRA.NULL.STMT Null statement is not the only statement on line or comments are placed incorrectly |
14.4 |
MISRA.GOTO Goto statement is used |
14.5 |
MISRA.CONTINUE Continue statement is used |
14.6 |
MISRA.ITER.ONETERM Iteration statement has more than one break or goto for loop termination. |
14.7 |
MISRA.RETURN.NOT_LAST Return is not the last statement in a function |
14.8 |
MISRA.STMT.NO_COMPOUND The body of switch, while, do/while or for statement is not a compound statement |
14.9 |
MISRA.IF.NO_COMPOUND The body of if/else statement is not a compound statement |
14.10 |
MISRA.IF.NO_ELSE A chain of if/else-if statements is not terminated with else or is terminated with an empty else clause |
15.0 |
Supported. If no violations of rules 15.1 through 15.5 exist, then the source code also conforms to rule 15.0. Therefore, no checker is required for rule 15.0. |
15.1 |
MISRA.SWITCH.LABEL A switch label belongs to nested compound statement inside switch body |
15.2 |
MISRA.SWITCH.NO_BREAK No break or throw statement at the end of switch-clause |
15.3 |
MISRA.SWITCH.NODEFAULT No default clause at the end of a switch statement |
15.4 |
MISRA.SWITCH.BOOL Condition of switch statement is boolean expression |
15.5 |
MISRA.SWITCH.NO_CASE No case-clause in a switch statement |
16.1 |
MISRA.FUNC.VARARG Function with variable number of arguments |
16.2 |
MISRA.FUNC.RECUR Recursive function |
16.3 |
MISRA.FUNC.UNNAMED.PARAMS Function declaration has unnamed parameters |
16.4 |
MISRA.FUNC.PARAMS.IDENT Identifiers used in declaration and definition of function are not identical |
16.5 |
MISRA.FUNC.NO_PARAMS Function without parameters is missing void parameter type |
16.6 |
MISRA.FUNC.UNMATCHED.PARAMS Number of formal and actual parameters passed to function do not match |
16.7 |
MISRA.PPARAM.NEEDS.CONST Pointer parameter is not used to modify the addressed object but is not declared as a pointer to const |
16.8 |
FUNCRET.GEN Non-void function does not return value FUNCRET.IMPLICIT Non-void function implicitly returning int does not return value |
16.9 |
MISRA.FUNC.ADDR Address of a function is used without & operator |
16.10 |
SV.RVT.RETVAL_NOTTESTED Ignored Return Value |
16.10 |
Partially supported by SV.RVT.RETVAL_NOTTESTED |
17.1 |
MISRA.PTR.ARITH Pointer is used in arithmetic or array index expression |
17.2 |
Unsupported - no plans to support |
17.3 |
Unsupported - no plans to support |
17.4 |
MISRA.PTR.ARITH Pointer is used in arithmetic or array index expression |
17.5 |
MISRA.PTR.TO_PTR_TO_PTR Pointer declaration has more than two levels of indirection |
17.6 |
LOCRET.ARG Function returns address of local variable LOCRET.GLOB Function returns address of local variable LOCRET.RET Function returns address of local variable |
18.1 |
MISRA.INCOMPLETE.STRUCT Incomplete struct type is used MISRA.INCOMPLETE.STRUCT.UNNAMED Incomplete unnamed struct type is used MISRA.INCOMPLETE.UNION Incomplete union type is used MISRA.INCOMPLETE.UNION.UNNAMED Incomplete unnamed union type is used |
18.2 |
MISRA.ASSIGN.OVERLAP Object is assigned to an overlapping object |
18.3 |
Unsupported - not statically verifiable |
18.4 |
MISRA.UNION Union is used |
19.1 |
MISRA.INCL.INSIDE Include directive preceded by a preprocessor output token |
19.2 |
MISRA.INCL.SYMS Non-standard characters in header file names |
19.3 |
MISRA.INCL.BAD Non-standard include directive |
19.4 |
MISRA.DEFINE.BADEXP Inappropriate macro expansion |
19.5 |
MISRA.DEFINE.NOTGLOBAL Define not at the global level MISRA.UNDEF.NOTGLOBAL Undef not at the global level |
19.6 |
MISRA.UNDEF Undef usage |
19.7 |
MISRA.DEFINE.FUNC Function-like macro definition |
19.8 |
MISRA.EXPANSION.NARGS Missing macro argument |
19.9 |
MISRA.EXPANSION.DIRECTIVE Directive-like tokens within a macro argument |
19.10 |
MISRA.DEFINE.NOPARS Macro parameter with no parentheses |
19.11 |
MISRA.ELIF.UNDEF Undefined macros in #elif directive MISRA.IF.UNDEF Undefined macros in #if directive |
19.12 |
MISRA.DEFINE.SHARP.MANY Several # or ## operators in a macro definition |
19.13 |
MISRA.DEFINE.SHARP # or ## operator in a macro definition |
19.14 |
MISRA.ELIF.DEFINED Incorrect 'defined' usage in #elif directive MISRA.IF.DEFINED Incorrect 'defined' usage in #if directive |
19.15 |
MISRA.INCGUARD Include guard is not provided |
19.16 |
Unsupported - no plans to support |
19.17 |
MISRA.ELIF.OTHERFILE #elif in an improper file MISRA.ELSE.OTHERFILE #else in an improper file MISRA.ENDIF.OTHERFILE #endif in an improper file |
20.1 |
MISRA.DEFINE.WRONGNAME Usage of a name from the standard library for naming a macro MISRA.DEFINE.WRONGNAME.UNDERSCORE Usage of a reserved name for naming a macro MISRA.EXPANSION.UNSAFE Unsafe macro usage MISRA.INCL.UNSAFE Unsafe header inclusion |
20.2 |
MISRA.STDLIB.WRONGNAME Reused name of standard library macro, object or function MISRA.STDLIB.WRONGNAME.UNDERSCORE Usage of a reserved name for naming a language entity MISRA.UNDEF.WRONGNAME Undefinition of a name from the standard library MISRA.UNDEF.WRONGNAME.UNDERSCORE Undefinition of a reserved name |
20.3 |
Unsupported - not statically verifiable |
20.4 |
MISRA.STDLIB.MEMORY Use of dynamic heap memory allocation |
20.5 |
MISRA.EXPANSION.UNSAFE Unsafe macro usage MISRA.STDLIB.ERRNO Use of error indicator 'errno' |
20.6 |
MISRA.EXPANSION.UNSAFE Unsafe macro usage |
20.7 |
MISRA.EXPANSION.UNSAFE Unsafe macro usage MISRA.STDLIB.LONGJMP Use of setjmp macro or longjmp function |
20.8 |
MISRA.EXPANSION.UNSAFE Unsafe macro usage MISRA.INCL.UNSAFE Unsafe header inclusion MISRA.STDLIB.SIGNAL Use of the signal handling facilities of signal.h |
20.9 |
MISRA.INCL.UNSAFE Unsafe header inclusion MISRA.STDLIB.STDIO Use of input/output library stdio.h in production code |
20.10 |
MISRA.STDLIB.ATOI Use of 'atof', 'atoi' or 'atol' from library stdlib.h |
20.11 |
MISRA.STDLIB.ABORT Use of 'abort', 'exit', 'getenv' or 'system' from library stdlib.h |
20.12 |
MISRA.INCL.UNSAFE Unsafe header inclusion MISRA.STDLIB.TIME Use of the time handling functions of library time.h |
21.1 |
Unsupported - not statically verifiable |
Support Summary
Number of rules not statically verifiable: 11 of 142
Number of statically verifiable rules supported: 124 of 131
MISRA C:2004 coverage = 95% (excludes rules that are not statically verifiable)