MISRA C:2004 rules mapped to Klocwork certified checkers
| Rule | Checker name and description |
|---|---|
| 1.1 |
Enforced by the Klocwork compiler |
| 1.2 |
Partially statically verifiable – as yet not done |
| 1.3 |
Unsupported - not statically verifiable |
| 1.4 |
Unsupported - not statically verifiable |
| 1.5 |
Unsupported - not statically verifiable |
| 2.1 |
MISRA.ASM.ENCAPS Assembly language is not isolated. |
| 2.2 |
MISRA.TOKEN.CPCOM C++ style comments |
| 2.3 |
MISRA.TOKEN.BADCOM Inappropriate character sequence in a comment |
| 2.4 |
Unsupported - no plans to support |
| 3.1 |
Unsupported - not statically verifiable |
| 3.2 |
Unsupported - not statically verifiable |
| 3.3 |
Unsupported - not statically verifiable |
| 3.4 |
MISRA.PRAGMA Non-documented pragma directive |
| 3.5 |
Unsupported - not statically verifiable |
| 3.6 |
Unsupported - not statically verifiable |
| 4.1 |
MISRA.TOKEN.WRONGESC Incorrect escape sequence in a literal |
| 4.2 |
MISRA.CHAR.TRIGRAPH Trigraph usage |
| 5.1 |
MISRA.DEFINE.LONGNAME Macro name is too long MISRA.IDENT.LONG Identifier is longer than 31 characters |
| 5.2 |
MISRA.VAR.HIDDEN Identifier declared in an inner scope hides identifier in outer scope |
| 5.3 |
MISRA.TYPEDEF.NOT_UNIQUE Typedef name is used for another entity |
| 5.4 |
MISRA.CT.UNIQUE.ID Identifier clashes with tag name |
| 5.5 |
MISRA.VAR.UNIQUE.STATIC Identifier with static storage specifier clashes with other identifier |
| 5.6 |
MISRA.TYPE.NAMECLASH.C.2004 Identifier in one name space has same spelling as identifier in other name space |
| 5.7 |
MISRA.VAR.UNIQUE Identifier clashes with other identifier |
| 6.1 |
MISRA.CHAR.NOT_CHARACTER 'char' is used for non-character value |
| 6.2 |
MISRA.SIGNED_CHAR.NOT_NUMERIC 'signed char' or 'unsigned char' is used for non-numeric value |
| 6.3 |
MISRA.BUILTIN_NUMERIC Builtin numeric type is used |
| 6.4 |
MISRA.BITFIELD.TYPE Type of bit-field is not signed/unsigned integer |
| 6.5 |
MISRA.BITFIELD.SIGNED Length of a named signed bit-field is less than 2 MISRA.BITFIELD.SIGNED.UNNAMED Length of an unnamed signed bit-field is less than 2 |
| 7.1 |
MISRA.TOKEN.OCTAL.ESCAPE Usage of octal escape sequences MISRA.TOKEN.OCTAL.INT Usage of octal integer constants |
| 8.1 |
MISRA.FUNC.NOPROT.CALL Function is called but has no prototype MISRA.FUNC.NOPROT.DEF Function has a definition but no prototype |
| 8.10 |
Unsupported - no plans to support |
| 8.11 |
MISRA.FUNC.STATIC.REDECL Function or object redeclaration does not include 'static' modifier |
| 8.12 |
MISRA.DECL.ARRAY_SIZE Declaration of array with unknown size |
| 8.2 |
MISRA.DECL.NO_TYPE Declaration without a type |
| 8.3 |
MISRA.OBJ.TYPE.IDENT Type not identical with type of other declaration |
| 8.4 |
MISRA.OBJ.TYPE.COMPAT Type not compatible with type of other declaration |
| 8.5 |
MISRA.ONEDEFRULE.FUNC Global function definition in a header file MISRA.ONEDEFRULE.VAR Global variable definition in a header file |
| 8.6 |
MISRA.DECL.FUNC_LOCAL Function is declared locally |
| 8.7 |
MISRA.VAR.MIN.VIS Name visibility is too wide |
| 8.8 |
Unsupported - no plans to support |
| 8.9 |
Unsupported - no plans to support |
| 9.1 |
UNINIT.HEAP.MIGHT Uninitialized Heap Use - possible UNINIT.HEAP.MUST Uninitialized Heap Use UNINIT.STACK.ARRAY.MIGHT Uninitialized Array - possible UNINIT.STACK.ARRAY.MUST Uninitialized Array UNINIT.STACK.ARRAY.PARTIAL.MUST Partially Uninitialized Array UNINIT.STACK.MIGHT Uninitialized Variable - possible UNINIT.STACK.MUST Uninitialized Variable |
| 9.2 |
MISRA.INIT.BRACES Incorrect initializer braces placement. |
| 9.3 |
MISRA.ENUM.INIT Non-first enumerator is explicitly initialized, but not all elements are explicitly initialized. |
| 10.1 |
MISRA.CVALUE.IMPL.CAST The value of an expression implicitly converted to a different type |
| 10.2 |
MISRA.CVALUE.IMPL.CAST The value of an expression implicitly converted to a different type |
| 10.3 |
MISRA.CAST.INT Non-trivial integer expression is cast to a wider type, or type with a different signedness |
| 10.4 |
MISRA.CAST.FLOAT Non-trivial float expression is cast to a wider type |
| 10.5 |
MISRA.CAST.UNSIGNED_BITS The result of bitwise operation on unsigned char or short is not cast back to original type |
| 10.6 |
MISRA.LITERAL.UNSIGNED.SUFFIX Unsigned integer literal without 'U' suffix |
| 11.1 |
MISRA.CAST.FUNC_PTR Cast between a function pointer and a non-integral type |
| 11.2 |
MISRA.CAST.PTR.UNRELATED Object of pointer type cast to unrelated type |
| 11.3 |
MISRA.CAST.PTR_TO_INT Cast between a pointer and an integral type |
| 11.4 |
MISRA.CAST.PTR Cast between a pointer to object type and a different pointer to object type |
| 11.5 |
MISRA.CAST.CONST Cast operation removes const or volatile modifier from a pointer or reference |
| 12.1 |
MISRA.EXPR.PARENS.INSUFFICIENT Limited dependence required for operator precedence rules in expressions MISRA.EXPR.PARENS.REDUNDANT Limited dependence required for operator precedence rules in expressions |
| 12.10 |
MISRA.COMMA Comma operator is used |
| 12.11 |
MISRA.COMP.WRAPAROUND Wrap-around in a condition MISRA.ELIF.WRAPAROUND Wrap-around in #elif directive MISRA.IF.WRAPAROUND Wrap-around in #if directive NUM.OVERFLOW.DF Possible numeric overflow or wraparound |
| 12.12 |
MISRA.FLOAT.BIT.REPR Use of bit manipulations of floating-point values which rely on storage layout |
| 12.13 |
MISRA.INCR_DECR.OTHER Increment or decrement operator is mixed with other operators in expression |
| 12.2 |
PORTING.VAR.EFFECTS Variable used twice in one expression where one usage is subject to side-effects |
| 12.3 |
MISRA.SIZEOF.SIDE_EFFECT Operand of sizeof has side effects |
| 12.4 |
MISRA.LOGIC.SIDEEFF Right operand in a logical 'and' or 'or' expression contains side effects MISRA.LOGIC.SIDEEFF.COND Branch expression in a conditional expression contains side effects |
| 12.5 |
MISRA.LOGIC.PRIMARY Operand in a logical 'and' or 'or' expression is not a primary expression |
| 12.6 |
MISRA.LOGIC.OPERAND.NOT_BOOL Operand of logical operator is not effectively boolean MISRA.LOGIC.OPERATOR.NOT_BOOL Operand of non-logical operator is effectively boolean |
| 12.7 |
MISRA.BITS.NOT_UNSIGNED Operand of bitwise operation is not unsigned integer MISRA.BITS.NOT_UNSIGNED.PREP Operand of bitwise operation is not unsigned integer |
| 12.8 |
MISRA.SHIFT.RANGE Right operand of shift operation is out of range - greater or equal to max bit-length of left operand, or negative |
| 12.9 |
MISRA.UMINUS.UNSIGNED Operand of unary minus is unsigned |
| 13.1 |
MISRA.ASSIGN.COND Assignment operator is used in a condition |
| 13.2 |
MISRA.ZERO_EQ.IMPLICIT Non-boolean expression is implicitly tested against zero |
| 13.3 |
MISRA.FLOAT_EQUAL Floating point expression is tested for equality |
| 13.4 |
MISRA.FOR.COND.FLT Floating point object is used in the condition section of a 'for' loop |
| 13.5 |
MISRA.FOR.COND For loop condition does not depend on loop counter MISRA.FOR.INCR.CHANGE For loop increment expression does not change loop counter |
| 13.6 |
MISRA.FOR.STMT.CHANGE For loop counter is modified within the loop statement |
| 13.7 |
INVARIANT_CONDITION.GEN Invariant expression in a condition INVARIANT_CONDITION.UNREACH Invariant expression in a condition |
| 14.1 |
UNREACH.ENUM Code is unreachable due to the possible value(s) of an enum UNREACH.GEN Unreachable code UNREACH.RETURN Unreachable Void Return |
| 14.10 |
MISRA.IF.NO_ELSE A chain of if/else-if statements is not terminated with else or is terminated with an empty else clause |
| 14.2 |
MISRA.STMT.NO_EFFECT The statement has no side effects, and does not change control flow |
| 14.3 |
MISRA.NULL.STMT Null statement is not the only statement on line or comments are placed incorrectly |
| 14.4 |
MISRA.GOTO Goto statement is used |
| 14.5 |
MISRA.CONTINUE Continue statement is used |
| 14.6 |
MISRA.ITER.ONETERM Iteration statement has more than one break or goto for loop termination. |
| 14.7 |
MISRA.RETURN.NOT_LAST Return is not the last statement in a function |
| 14.8 |
MISRA.STMT.NO_COMPOUND The body of switch, while, do/while or for statement is not a compound statement |
| 14.9 |
MISRA.IF.NO_COMPOUND The body of if/else statement is not a compound statement |
| 15.0 |
Supported. If no violations of rules 15.1 through 15.5 exist, then the source code also conforms to rule 15.0. Therefore, no checker is required for rule 15.0. |
| 15.1 |
MISRA.SWITCH.LABEL A switch label belongs to nested compound statement inside switch body |
| 15.2 |
MISRA.SWITCH.NO_BREAK No break or throw statement at the end of switch-clause |
| 15.3 |
MISRA.SWITCH.NODEFAULT No default clause at the end of a switch statement |
| 15.4 |
MISRA.SWITCH.BOOL Condition of switch statement is boolean expression |
| 15.5 |
MISRA.SWITCH.NO_CASE No case-clause in a switch statement |
| 16.1 |
MISRA.FUNC.VARARG Function with variable number of arguments |
| 16.10 |
SV.RVT.RETVAL_NOTTESTED Ignored Return Value |
| 16.10 |
Partially supported by SV.RVT.RETVAL_NOTTESTED |
| 16.2 |
MISRA.FUNC.RECUR Recursive function |
| 16.3 |
MISRA.FUNC.UNNAMED.PARAMS Function declaration has unnamed parameters |
| 16.4 |
MISRA.FUNC.PARAMS.IDENT Identifiers used in declaration and definition of function are not identical |
| 16.5 |
MISRA.FUNC.NO_PARAMS Function without parameters is missing void parameter type |
| 16.6 |
MISRA.FUNC.UNMATCHED.PARAMS Number of formal and actual parameters passed to function do not match |
| 16.7 |
MISRA.PPARAM.NEEDS.CONST Pointer parameter is not used to modify the addressed object but is not declared as a pointer to const |
| 16.8 |
FUNCRET.GEN Non-void function does not return value FUNCRET.IMPLICIT Non-void function implicitly returning int does not return value |
| 16.9 |
MISRA.FUNC.ADDR Address of a function is used without & operator |
| 17.1 |
MISRA.PTR.ARITH Pointer is used in arithmetic or array index expression |
| 17.2 |
MISRA.PTR.SUB Pointer subtraction shall only be applied if pointing to same array MISRA.PTR.SUB.OBJECT Pointer subtraction shall only be applied if pointing to same object |
| 17.2 |
Unsupported - no plans to support |
| 17.3 |
MISRA.PTR.CMP.2008 Pointer comparison using comparison operators shall only be applied if pointing to same array and within the range MISRA.PTR.CMP.OBJECT.2008 Pointer comparison using comparison operators shall only be applied if pointing to same object and within the range |
| 17.3 |
Unsupported - no plans to support |
| 17.4 |
MISRA.PTR.ARITH Pointer is used in arithmetic or array index expression |
| 17.5 |
MISRA.PTR.TO_PTR_TO_PTR Pointer declaration has more than two levels of indirection |
| 17.6 |
LOCRET.ARG Function returns address of local variable LOCRET.GLOB Function returns address of local variable LOCRET.RET Function returns address of local variable |
| 18.1 |
MISRA.INCOMPLETE.STRUCT Incomplete struct type is used MISRA.INCOMPLETE.STRUCT.UNNAMED Incomplete unnamed struct type is used MISRA.INCOMPLETE.UNION Incomplete union type is used MISRA.INCOMPLETE.UNION.UNNAMED Incomplete unnamed union type is used |
| 18.2 |
MISRA.ASSIGN.OVERLAP Object is assigned to an overlapping object |
| 18.3 |
Unsupported - not statically verifiable |
| 18.4 |
MISRA.UNION Union is used |
| 19.1 |
MISRA.INCL.INSIDE Include directive preceded by a preprocessor output token |
| 19.10 |
MISRA.DEFINE.NOPARS Macro parameter with no parentheses |
| 19.11 |
MISRA.ELIF.UNDEF Undefined macros in #elif directive MISRA.IF.UNDEF Undefined macros in #if directive |
| 19.12 |
MISRA.DEFINE.SHARP.MANY Several # or ## operators in a macro definition |
| 19.13 |
MISRA.DEFINE.SHARP # or ## operator in a macro definition |
| 19.14 |
MISRA.ELIF.DEFINED Incorrect 'defined' usage in #elif directive MISRA.IF.DEFINED Incorrect 'defined' usage in #if directive |
| 19.15 |
MISRA.INCGUARD Include guard is not provided |
| 19.16 |
Unsupported - no plans to support |
| 19.17 |
MISRA.ELIF.OTHERFILE #elif in an improper file MISRA.ELSE.OTHERFILE #else in an improper file MISRA.ENDIF.OTHERFILE #endif in an improper file |
| 19.2 |
MISRA.INCL.SYMS Non-standard characters in header file names |
| 19.3 |
MISRA.INCL.BAD Non-standard include directive |
| 19.4 |
MISRA.DEFINE.BADEXP Inappropriate macro expansion |
| 19.5 |
MISRA.DEFINE.NOTGLOBAL Define not at the global level MISRA.UNDEF.NOTGLOBAL Undef not at the global level |
| 19.6 |
MISRA.UNDEF Undef usage |
| 19.7 |
MISRA.DEFINE.FUNC Function-like macro definition |
| 19.8 |
MISRA.EXPANSION.NARGS Missing macro argument |
| 19.9 |
MISRA.EXPANSION.DIRECTIVE Directive-like tokens within a macro argument |
| 20.1 |
MISRA.DEFINE.WRONGNAME Usage of a name from the standard library for naming a macro MISRA.DEFINE.WRONGNAME.UNDERSCORE Usage of a reserved name for naming a macro MISRA.EXPANSION.UNSAFE Unsafe macro usage MISRA.INCL.UNSAFE Unsafe header inclusion |
| 20.10 |
MISRA.STDLIB.ATOI Use of 'atof', 'atoi' or 'atol' from library stdlib.h |
| 20.11 |
MISRA.STDLIB.ABORT Use of 'abort', 'exit', 'getenv' or 'system' from library stdlib.h |
| 20.12 |
MISRA.INCL.UNSAFE Unsafe header inclusion MISRA.STDLIB.TIME Use of the time handling functions of library time.h |
| 20.2 |
MISRA.STDLIB.WRONGNAME Reused name of standard library macro, object or function MISRA.STDLIB.WRONGNAME.UNDERSCORE Usage of a reserved name for naming a language entity MISRA.UNDEF.WRONGNAME Undefinition of a name from the standard library MISRA.UNDEF.WRONGNAME.UNDERSCORE Undefinition of a reserved name |
| 20.3 |
Unsupported - not statically verifiable |
| 20.4 |
MISRA.STDLIB.MEMORY Use of dynamic heap memory allocation |
| 20.5 |
MISRA.EXPANSION.UNSAFE Unsafe macro usage MISRA.STDLIB.ERRNO Use of error indicator 'errno' |
| 20.6 |
MISRA.EXPANSION.UNSAFE Unsafe macro usage |
| 20.7 |
MISRA.EXPANSION.UNSAFE Unsafe macro usage MISRA.STDLIB.LONGJMP Use of setjmp macro or longjmp function |
| 20.8 |
MISRA.EXPANSION.UNSAFE Unsafe macro usage MISRA.INCL.UNSAFE Unsafe header inclusion MISRA.STDLIB.SIGNAL Use of the signal handling facilities of signal.h |
| 20.9 |
MISRA.INCL.UNSAFE Unsafe header inclusion MISRA.STDLIB.STDIO Use of input/output library stdio.h in production code |
| 21.1 |
Unsupported - not statically verifiable |
Support Summary
Number of rules not statically verifiable: 11 of 142
Number of statically verifiable rules supported: 124 of 131
MISRA C:2004 coverage = 95% (excludes rules that are not statically verifiable)
