CDT and structured analysis / Misra-C

MDSD is one way to improve quality and speed in software development. However, not all code in a system will be generated. There is usually a certain amount of code that is still handcoded. Manually written code is more error-prone, especially when you use languages that give you a high degree of freedom – such as C, which is still one of the most important languages in embedded systems. To prevent some of the pitfalls that C might have, especially for safety-relevant systems, programming guidelines are usually introduced. One of the best known set of guidelines is the Misra-C specification, which has its roots in the automotive industry.

It has several rules that intend to reduce ambiguities (it requires {} around the if/else-clauses), to avoid memory-related problems (no use of recursive function calls, no malloc) and things that make code hard to maintain (no more than two level of pointer indirection – **x is OK, ***x is not).

Obviously, this needs to be checked, and there is a number of commercial tools available that do this, most often as a command-line tool. However, Eclipse provides the CODAN framework, which makes structured analysis (and writing e.g. a Misra checker) much easier. It also has the advantage, that the analysis is done in the IDE, during coding and no build cycle is necessary. In a short time, I have implemented the following Misra-checks:

M2.2, M2.3

M12.9,M12.10

M14.8,M14.9,M14.10

M7.1

(sorry for the numbers, Misra has a copyright that does not allow you to freely reproduce their check descriptions). Some of these checks took only minutes to write, once you get to know the framework. Here is a screenshot of M14.8 (if, while, etc… have to be followed by {} )

Note the error markers.

I will add more checks when I have time. However, from the Miscra-licensing, it seems not possible to release it as open source. However, if you are interested, contact me and we could discuss.

6 thoughts on “CDT and structured analysis / Misra-C

  1. Dear andreas, I’m starting usign eclipse with codan because I would like to enforce some coding rules in my time .. writing them on a paper is usually not enough.
    I would like to see what you have done to better understand how can I code rules to add them (for example rule M14.8 should be one of them).
    I checked codan site but it’s not so easy for me to understand how to do that and probably I could reuse something you did. Could you provide me your checker?
    Thanks
    best regards
    michele

  2. The first steps should be checking the examples in org.eclipse.cdt.codan.internal.checkers. If you are not familiar with these, just getting my code won’t help much. I am writing up a summary blog on how to do all this, but it will take at least to weeks before being finished.

  3. thanks andreas.
    I’m new to eclipse and cdt and to be honest I tried to browse the repository to get the examples but I didn’t understand where they are and what I have to do to compile them.
    thanks
    michele

  4. AFAIK you can technically implement them, but you seem not allowed to label them Misra-rules and publish them under that label. Misra charges for a license for that.

  5. Hi..
    I am very pleased you develop misra rule checker based cdt.
    I am searching misra-c rule checker to use for our software quality.

    Is that possible to show your misra-c rule checker source?
    or Can you give me some hint for developing misra-c rule checker?

    Thank you so much.

Leave a Reply

Your email address will not be published. Required fields are marked *