Scribd
Upload
109 views

Polyspace Code Verification: Coding Standards Report For Project: Polyspace

The document is a coding standards report for a project called "polyspace" that was analyzed by Polyspace Code Prover Server. It found a total of 35 violations of the MISRA-C++ coding standard across the single source file analyzed. The violations were broken down by file, rule, and specific rules that were enabled for analysis. Configuration settings for the analysis are also included in an appendix.

Uploaded by

Loc Huynh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
109 views

Polyspace Code Verification: Coding Standards Report For Project: Polyspace

The document is a coding standards report for a project called "polyspace" that was analyzed by Polyspace Code Prover Server. It found a total of 35 violations of the MISRA-C++ coding standard across the single source file analyzed. The violations were broken down by file, rule, and specific rules that were enabled for analysis. Configuration settings for the analysis are also included in an appendix.

Uploaded by

Loc Huynh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 27

Polyspace Code Verification

Coding Standards Report for Project: polyspace


Report Author: ctreille
Polyspace Code Verification: Coding Standards Report for Project: polyspace
by Report Author: ctreille

Published 15-Jun-2020 15:47:22


Verification Author(s): Polyspace
Polyspace Version(s): Polyspace Code Prover Server 10.3 (R2020b)
Project Version(s): 1.0

Result Folder(s):
C:\qualkits_R2020b\iec\codeprover\tests\code-prover-server-results\reporting\template-codingstandards\OR-414-6-codingstandards_2
Table of Contents
Chapter 1. MISRA-C++ Coding Standard .................................................................................................................................................................................................... 1
MISRA-C++ Coding Standard Summary - Violations by File ............................................................................................................................................................ 1
MISRA-C++ Coding Standard Summary - Violations by Rule .......................................................................................................................................................... 2
MISRA-C++ Coding Standard Summary for all Files ........................................................................................................................................................................ 3
MISRA-C++ Coding Standard Summary for Enabled Rules ............................................................................................................................................................. 3
MISRA-C++ Coding Standard Violations ..........................................................................................................................................................................................10
Chapter 2. Appendix 1 - Configuration Settings .....................................................................................................................................................................................13
Polyspace Settings ............................................................................................................................................................................................................................. 13
Analysis Assumptions ............................................................................................................................................................................................................... 13
Coding Standard Configuration .......................................................................................................................................................................................................14
Chapter 3. Appendix 2 - Definitions .......................................................................................................................................................................................................... 24
............................................................................................................................................................................................................................................................... 24

i
Chapter 1. MISRA-C++ Coding Standard
MISRA-C++ Coding Standard Summary - Violations by File

1
MISRA-C++ Coding Standard Summary - Violations by Rule

2
MISRA-C++ Coding Standard Summary for all Files
File Total
C:\qualkits_R2020b\iec\codeprover\tests\reporting\template-codingstandards\OR-414-6-codingstandards_2.cpp 35
Total 35

MISRA-C++ Coding Standard Summary for Enabled Rules


Rule Description Mode Total
0-1-1 A project shall not contain unreachable code. required 0
0-1-2 A project shall not contain infeasible paths. required 1
0-1-3 A project shall not contain unused variables. required 2
0-1-4 A project shall not contain non-volatile POD variables having only one use. required 0
0-1-5 A project shall not contain unused type declarations. required 0
0-1-7 The value returned by a function having a non-void return type that is not an overloaded operator shall always be used. required 3
0-1-9 There shall be no dead code. required 0
0-1-10 Every defined function shall be called at least once. required 0
0-1-11 There shall be no unused parameters (named or unnamed) in non-virtual functions. required 1
0-1-12 There shall be no unused parameters (named or unnamed) in the set of parameters for a virtual function and all the functions required 0
that override it.
0-2-1 An object shall not be assigned to an overlapping object. required 0
1-0-1 All code shall conform to ISO/IEC 14882:2003 "The C++ Standard Incorporating Technical Corrigendum 1". required 0
2-3-1 Trigraphs shall not be used. required 5
2-7-1 The character sequence /* shall not be used within a C-style comment. required 0
2-7-2 Sections of code shall not be "commented out" using C-style comments. required 0
2-10-1 Different identifiers shall be typographically unambiguous. required 0
2-10-2 Identifiers declared in an inner scope shall not hide an identifier declared in an outer scope. required 0
2-10-3 A typedef name (including qualification, if any) shall be a unique identifier. required 0
2-10-4 A class, union or enum name (including qualification, if any) shall be a unique identifier. required 0
2-10-6 If an identifier refers to a type, it shall not also refer to an object or a function in the same scope. required 0
Total 35

3
Rule Description Mode Total
2-13-1 Only those escape sequences that are defined in ISO/IEC 14882:2003 shall be used. required 0
2-13-2 Octal constants (other than zero) and octal escape sequences (other than "\0") shall not be used. required 0
2-13-3 A "U" suffix shall be applied to all octal or hexadecimal integer literals of unsigned type. required 0
2-13-4 Literal suffixes shall be upper case. required 0
2-13-5 Narrow and wide string literals shall not be concatenated. required 0
3-1-1 It shall be possible to include any header file in multiple translation units without violating the One Definition Rule. required 0
3-1-2 Functions shall not be declared at block scope. required 0
3-1-3 When an array is declared, its size shall either be stated explicitly or defined implicitly by initialization. required 0
3-2-1 All declarations of an object or function shall have compatible types. required 0
3-2-2 The One Definition Rule shall not be violated. required 0
3-2-3 A type, object or function that is used in multiple translation units shall be declared in one and only one file. required 0
3-2-4 An identifier with external linkage shall have exactly one definition. required 0
3-3-1 Objects or functions with external linkage shall be declared in a header file. required 4
3-3-2 If a function has internal linkage then all re-declarations shall include the static storage class specifier. required 0
3-4-1 An identifier declared to be an object or type shall be defined in a block that minimizes its visibility. required 2
3-9-1 The types used for an object, a function return type, or a function parameter shall be token-for-token identical in all declaration required 0
s and re-declarations.
3-9-3 The underlying bit representations of floating-point values shall not be used. required 0
4-5-1 Expressions with type bool shall not be used as operands to built-in operators other than the assignment operator =, the logical required 0
operators &&, ||, !, the equality operators == and !=, the unary & operator, and the conditional operator.
4-5-2 Expressions with type enum shall not be used as operands to built- in operators other than the subscript operator [ ], the required 0
assignment operator =, the equality operators == and !=, the unary & operator, and the relational operators <, <=, >, >=.
4-5-3 Expressions with type (plain) char and wchar_t shall not be used as operands to built-in operators other than the assignment required 0
operator =, the equality operators == and !=, and the unary & operator.
4-10-1 NULL shall not be used as an integer value. required 0
4-10-2 Literal zero (0) shall not be used as the null-pointer-constant. required 0
5-0-1 The value of an expression shall be the same under any order of evaluation that the standard permits. required 0
5-0-3 A cvalue expression shall not be implicitly converted to a different underlying type. required 0
5-0-4 An implicit integral conversion shall not change the signedness of the underlying type. required 0
5-0-5 There shall be no implicit floating-integral conversions. required 0
5-0-6 An implicit integral or floating-point conversion shall not reduce the size of the underlying type. required 0
Total 35

4
Rule Description Mode Total
5-0-7 There shall be no explicit floating-integral conversions of a cvalue expression. required 0
5-0-8 An explicit integral or floating-point conversion shall not increase the size of the underlying type of a cvalue expression. required 0
5-0-9 An explicit integral conversion shall not change the signedness of the underlying type of a cvalue expression. required 0
5-0-10 If the bitwise operators ~ and << are applied to an operand with an underlying type of unsigned char or unsigned short, the required 0
result shall be immediately cast to the underlying type of the operand.
5-0-11 The plain char type shall only be used for the storage and use of character values. required 0
5-0-12 signed char and unsigned char type shall only be used for the storage and use of numeric values. required 0
5-0-13 The condition of an if-statement and the condition of an iteration-statement shall have type bool. required 1
5-0-14 The first operand of a conditional-operator shall have type bool. required 0
5-0-15 Array indexing shall be the only form of pointer arithmetic. required 0
5-0-17 Subtraction between pointers shall only be applied to pointers that address elements of the same array. required 0
5-0-18 >, >=, <, <= shall not be applied to objects of pointer type, except where they point to the same array. required 0
5-0-19 The declaration of objects shall contain no more than two levels of pointer indirection. required 0
5-0-20 Non-constant operands to a binary bitwise operator shall have the same underlying type. required 0
5-0-21 Bitwise operators shall only be applied to operands of unsigned underlying type. required 0
5-2-1 Each operand of a logical && or || shall be a postfix-expression. required 0
5-2-2 A pointer to a virtual base class shall only be cast to a pointer to a derived class by means of dynamic_cast. required 0
5-2-4 C-style casts (other than void casts) and functional notation casts (other than explicit constructor calls) shall not be used. required 0
5-2-5 A cast shall not remove any const or volatile qualification from the type of a pointer or reference. required 0
5-2-6 A cast shall not convert a pointer to a function to any other pointer type, including a pointer to function type. required 0
5-2-7 An object with pointer type shall not be converted to an unrelated pointer type, either directly or indirectly. required 0
5-2-8 An object with integer type or pointer to void type shall not be converted to an object with pointer type. required 0
5-2-11 The comma operator, && operator and the || operator shall not be overloaded. required 0
5-2-12 An identifier with array type passed as a function argument shall not decay to a pointer. required 0
5-3-1 Each operand of the ! operator, the logical && or the logical || operators shall have type bool. required 0
5-3-2 The unary minus operator shall not be applied to an expression whose underlying type is unsigned. required 0
5-3-3 The unary & operator shall not be overloaded. required 0
5-3-4 Evaluation of the operand to the sizeof operator shall not contain side effects. required 0
5-8-1 The right hand operand of a shift operator shall lie between zero and one less than the width in bits of the underlying type of required 0
the left hand operand.
Total 35

5
Rule Description Mode Total
5-14-1 The right hand operand of a logical && or || operator shall not contain side effects. required 0
5-18-1 The comma operator shall not be used. required 0
6-2-1 Assignment operators shall not be used in sub-expressions. required 0
6-2-2 Floating-point expressions shall not be directly or indirectly tested for equality or inequality. required 0
6-2-3 Before preprocessing, a null statement shall only occur on a line by itself; it may be followed by a comment, provided that the required 0
first character following the null statement is a white - space character.
6-3-1 The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement. required 0
6-4-1 An if ( condition ) construct shall be followed by a compound statement. The else keyword shall be followed by either a compou required 2
nd statement, or another if statement.
6-4-2 All if ... else if constructs shall be terminated with an else clause. required 0
6-4-3 A switch statement shall be a well-formed switch statement. required 0
6-4-4 A switch-label shall only be used when the most closely-enclosing compound statement is the body of a switch statement. required 0
6-4-5 An unconditional throw or break statement shall terminate every non - empty switch-clause. required 0
6-4-6 The final clause of a switch statement shall be the default-clause. required 0
6-4-7 The condition of a switch statement shall not have bool type. required 0
6-4-8 Every switch statement shall have at least one case-clause. required 0
6-5-1 A for loop shall contain a single loop-counter which shall not have floating type. required 0
6-5-2 If loop-counter is not modified by -- or ++, then, within condition, the loop-counter shall only be used as an operand to <=, <, > or required 0
>=.
6-5-3 The loop-counter shall not be modified within condition or statement. required 0
6-5-4 The loop-counter shall be modified by one of: --, ++, -=n, or +=n ; where n remains constant for the duration of the loop. required 0
6-5-5 A loop-control-variable other than the loop-counter shall not be modified within condition or expression. required 0
6-5-6 A loop-control-variable other than the loop-counter which is modified in statement shall have type bool. required 0
6-6-1 Any label referenced by a goto statement shall be declared in the same block, or in a block enclosing the goto statement. required 0
6-6-2 The goto statement shall jump to a label declared later in the same function body. required 0
6-6-3 The continue statement shall only be used within a well-formed for loop. required 0
6-6-4 For any iteration statement there shall be no more than one break or goto statement used for loop termination. required 0
6-6-5 A function shall have a single point of exit at the end of the function. required 1
7-1-1 A variable which is not modified shall be const qualified. required 4
7-1-2 A pointer or reference parameter in a function shall be declared as pointer to const or reference to const if the corresponding required 0
object is not modified.
Total 35

6
Rule Description Mode Total
7-3-1 The global namespace shall only contain main, namespace declarations and extern "C" declarations. required 4
7-3-2 The identifier main shall not be used for a function other than the global function main. required 0
7-3-3 There shall be no unnamed namespaces in header files. required 0
7-3-4 using-directives shall not be used. required 0
7-3-5 Multiple declarations for an identifier in the same namespace shall not straddle a using-declaration for that identifier. required 0
7-3-6 using-directives and using-declarations (excluding class scope or function scope using-declarations) shall not be used in header required 0
files.
7-4-2 Assembler instructions shall only be introduced using the asm declaration. required 0
7-4-3 Assembly language shall be encapsulated and isolated. required 0
7-5-1 A function shall not return a reference or a pointer to an automatic variable (including parameters), defined within the function required 0
.
7-5-2 The address of an object with automatic storage shall not be assigned to another object that may persist after the first object has required 0
ceased to exist.
7-5-3 A function shall not return a reference or a pointer to a parameter that is passed by reference or const reference. required 0
8-0-1 An init-declarator-list or a member-declarator-list shall consist of a single init-declarator or member-declarator respectively. required 0
8-3-1 Parameters in an overriding virtual function shall either use the same default arguments as the function they override, or else required 0
shall not specify any default arguments.
8-4-1 Functions shall not be defined using the ellipsis notation. required 0
8-4-2 The identifiers used for the parameters in a re-declaration of a function shall be identical to those in the declaration. required 0
8-4-3 All exit paths from a function with non-void return type shall have an explicit return statement with an expression. required 0
8-4-4 A function identifier shall either be used to call the function or it shall be preceded by &. required 0
8-5-1 All variables shall have a defined value before they are used. required 0
8-5-2 Braces shall be used to indicate and match the structure in the non-zero initialization of arrays and structures. required 0
8-5-3 In an enumerator list, the = construct shall not be used to explicitly initialize members other than the first, unless all items are required 0
explicitly initialized.
9-3-1 const member functions shall not return non-const pointers or references to class-data. required 0
9-3-2 Member functions shall not return non-const handles to class-data. required 0
9-3-3 If a member function can be made static then it shall be made static, otherwise if it can be made const then it shall be made required 0
const.
9-5-1 Unions shall not be used. required 1
9-6-2 Bit-fields shall be either bool type or an explicitly unsigned or signed integral type. required 0
9-6-3 Bit-fields shall not have enum type. required 0
Total 35

7
Rule Description Mode Total
9-6-4 Named bit-fields with signed integer type shall have a length of more than one bit. required 0
10-1-2 A base class shall only be declared virtual if it is used in a diamond hierarchy. required 0
10-1-3 An accessible base class shall not be both virtual and non-virtual in the same hierarchy. required 0
10-3-1 There shall be no more than one definition of each virtual function on each path through the inheritance hierarchy. required 0
10-3-2 Each overriding virtual function shall be declared with the virtual keyword. required 0
10-3-3 A virtual function shall only be overridden by a pure virtual function if it is itself declared as pure virtual. required 0
11-0-1 Member data in non-POD class types shall be private. required 0
12-1-1 An object's dynamic type shall not be used from the body of its constructor or destructor. required 0
12-1-3 All constructors that are callable with a single argument of fundamental type shall be declared explicit. required 0
12-8-1 A copy constructor shall only initialize its base classes and the non-static members of the class of which it is a member. required 0
12-8-2 The copy assignment operator shall be declared protected or private in an abstract class. required 0
14-5-1 A non-member generic function shall only be declared in a namespace that is not an associated namespace. required 0
14-5-2 A copy constructor shall be declared when there is a template constructor with a single parameter that is a generic parameter. required 0
14-5-3 A copy assignment operator shall be declared when there is a template assignment operator with a parameter that is a generic required 0
parameter.
14-6-1 In a class template with a dependent base, any name that may be found in that dependent base shall be referred to using a required 0
qualified-id or this->.
14-6-2 The function chosen by overload resolution shall resolve to a function declared previously in the translation unit. required 0
14-7-3 All partial and explicit specializations for a template shall be declared in the same file as the declaration of their primary required 0
template.
14-8-1 Overloaded function templates shall not be explicitly specialized. required 0
15-0-3 Control shall not be transferred into a try or catch block using a goto or a switch statement. required 0
15-1-2 NULL shall not be thrown explicitly. required 0
15-1-3 An empty throw (throw;) shall only be used in the compound- statement of a catch handler. required 0
15-3-3 Handlers of a function-try-block implementation of a class constructor or destructor shall not reference non-static members required 0
from this class or its bases.
15-3-4 Each exception explicitly thrown in the code shall have a handler of a compatible type in all call paths that could lead to that required 0
point.
15-3-5 A class type exception shall always be caught by reference. required 0
15-3-6 Where multiple handlers are provided in a single try-catch statement or function-try-block for a derived class and some or all of required 0
its bases, the handlers shall be ordered most-derived to base class.
Total 35

8
Rule Description Mode Total
15-3-7 Where multiple handlers are provided in a single try-catch statement or function-try-block, any ellipsis (catch-all) handler shall required 0
occur last.
15-4-1 If a function is declared with an exception-specification, then all declarations of the same function (in other translation units) required 0
shall be declared with the same set of type-ids.
15-5-1 A class destructor shall not exit with an exception. required 0
15-5-2 Where a function's declaration includes an exception-specification, the function shall only be capable of throwing exceptions of required 0
the indicated type(s).
15-5-3 The terminate() function shall not be called implicitly. required 1
16-0-1 #include directives in a file shall only be preceded by other preprocessor directives or comments. required 0
16-0-2 Macros shall only be #define 'd or #undef 'd in the global namespace. required 0
16-0-3 #undef shall not be used. required 0
16-0-4 Function-like macros shall not be defined. required 1
16-0-5 Arguments to a function-like macro shall not contain tokens that look like preprocessing directives. required 0
16-0-6 In the definition of a function-like macro, each instance of a parameter shall be enclosed in parentheses, unless it is used as the required 0
operand of # or ##.
16-0-7 Undefined macro identifiers shall not be used in #if or #elif preprocessor directives, except as operands to the defined operator. required 0
16-0-8 If the # token appears as the first token on a line, then it shall be immediately followed by a preprocessing token. required 0
16-1-1 The defined preprocessor operator shall only be used in one of the two standard forms. required 0
16-1-2 All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if or #ifdef directive to which they are required 0
related.
16-2-1 The pre-processor shall only be used for file inclusion and include guards. required 1
16-2-2 C++ macros shall only be used for: include guards, type qualifiers, or storage class specifiers. required 0
16-2-3 Include guards shall be provided. required 0
16-2-4 The ', ", /* or // characters shall not occur in a header file name. required 0
16-2-6 The #include directive shall be followed by either a <filename> or "filename" sequence. required 0
16-3-1 There shall be at most one occurrence of the # or ## operators in a single macro definition. required 0
17-0-1 Reserved identifiers, macros and functions in the standard library shall not be defined, redefined or undefined. required 1
17-0-2 The names of standard library macros and objects shall not be reused. required 0
17-0-3 The names of standard library functions shall not be overridden. required 0
17-0-5 The setjmp macro and the longjmp function shall not be used. required 0
18-0-1 The C library shall not be used. required 0
Total 35

9
Rule Description Mode Total
18-0-2 The library functions atof, atoi and atol from library <cstdlib> shall not be used. required 0
18-0-3 The library functions abort, exit, getenv and system from library <cstdlib> shall not be used. required 0
18-0-4 The time handling functions of library <ctime> shall not be used. required 0
18-0-5 The unbounded functions of library <cstring> shall not be used. required 0
18-2-1 The macro offsetof shall not be used. required 0
18-4-1 Dynamic heap memory allocation shall not be used. required 0
18-7-1 The signal handling facilities of <csignal> shall not be used. required 0
19-3-1 The error indicator errno shall not be used. required 0
27-0-1 The stream input/output library <cstdio> shall not be used. required 0
Total 35

MISRA-C++ Coding Standard Violations


Table 1.1. C:\qualkits_R2020b\iec\codeprover\tests\reporting\template-codingstandards\OR-414-6-codingstandards_2.cpp
ID Rule Message Function Line Col Jus Severity Status Comment
1 16-2-1 The pre-processor shall only be used for file inclusion and File Scope 4 0 No Unset Unreviewed
include guards.
#define should only be used for include guards.
4 17-0-1 Reserved identifiers, macros and functions in the standar File Scope 4 0 No Unset Unreviewed
d library shall not be defined, redefined or undefined.
The macro 'offsetof' shall not be redefined.
2 16-0-4 Function-like macros shall not be defined. File Scope 4 16 No Unset Unreviewed
12 3-3-1 Objects or functions with external linkage shall be declare File Scope 6 4 No Unset Unreviewed
d in a header file.
10 7-3-1 The global namespace shall only contain main, namespac File Scope 7 4 No Unset Unreviewed
e declarations and extern "C" declarations.
24 7-1-1 A variable which is not modified shall be const qualified. foo1() 8 22 No Unset Unreviewed
The pointer 'ptr_str_1' does not point to a different locatio
n after initialization. The pointer can be declared 'const'.
35 0-1-3 A project shall not contain unused variables. File Scope 8 22 No Unset Unreviewed
Variable 'ptr_str_1' is never used or used only in unreacha
ble code.
19 9-5-1 Unions shall not be used. foo1() 10 4 No Unset Unreviewed

10
ID Rule Message Function Line Col Jus Severity Status Comment
20 7-1-1 A variable which is not modified shall be const qualified. foo1() 10 25 No Unset Unreviewed
The pointer 'ptr_union_2_2_1' does not point to a different
location after initialization. The pointer can be declared
'const'.
34 0-1-3 A project shall not contain unused variables. File Scope 10 25 No Unset Unreviewed
Variable 'ptr_union_2_2_1' is never used or used only in
unreachable code.
9 7-3-1 The global namespace shall only contain main, namespac File Scope 15 4 No Unset Unreviewed
e declarations and extern "C" declarations.
11 3-3-1 Objects or functions with external linkage shall be declare File Scope 15 4 No Unset Unreviewed
d in a header file.
13 3-3-1 Objects or functions with external linkage shall be declare File Scope 19 4 No Unset Unreviewed
d in a header file.
26 6-6-5 A function shall have a single point of exit at the end of bar() 19 4 No Unset Unreviewed
the function.
32 7-3-1 The global namespace shall only contain main, namespac File Scope 19 4 No Unset Unreviewed
e declarations and extern "C" declarations.
14 6-4-1 An if ( condition ) construct shall be followed by a compou bar() 21 4 No Unset Unreviewed
nd statement. The else keyword shall be followed by eithe
r a compound statement, or another if statement.
An if (expression) construct shall be followed by a compo
und statement.
18 5-0-13 The condition of an if-statement and the condition of an bar() 21 8 No Unset Unreviewed
iteration-statement shall have type bool.
15 6-4-1 An if ( condition ) construct shall be followed by a compou bar() 23 4 No Unset Unreviewed
nd statement. The else keyword shall be followed by eithe
r a compound statement, or another if statement.
The else keyword shall be followed by either a compound
statement, or another if statement.
17 3-3-1 Objects or functions with external linkage shall be declare File Scope 27 5 No Unset Unreviewed
d in a header file.
30 7-3-1 The global namespace shall only contain main, namespac File Scope 27 5 No Unset Unreviewed
e declarations and extern "C" declarations.
22 0-1-7 The value returned by a function having a non-void retur func() 28 7 No Unset Unreviewed
n type that is not an overloaded operator shall always be
used.
23 0-1-7 The value returned by a function having a non-void retur func() 29 7 No Unset Unreviewed
n type that is not an overloaded operator shall always be
used.

11
ID Rule Message Function Line Col Jus Severity Status Comment
33 0-1-11 There shall be no unused parameters (named or unname main() 35 4 No Unset Unreviewed
d) in non-virtual functions.
Function main has unused parameters.
28 15-5-3 The terminate() function shall not be called implicitly. main() 35 31 No Unset Unreviewed
21 3-4-1 An identifier declared to be an object or type shall be defi main() 39 8 No Unset Unreviewed
ned in a block that minimizes its visibility.
31 7-1-1 A variable which is not modified shall be const qualified. main() 39 8 No Unset Unreviewed
The value of variable 'b' does not change after initializatio
n. The variable can be declared 'const'.
25 7-1-1 A variable which is not modified shall be const qualified. main() 40 9 No Unset Unreviewed
The pointer 'ptr' does not point to a different location afte
r initialization. The pointer can be declared 'const'.
27 3-4-1 An identifier declared to be an object or type shall be defi main() 41 10 No Unset Unreviewed
ned in a block that minimizes its visibility.
5 2-3-1 Trigraphs shall not be used. File Scope 46 60 No Unset Unreviewed
3 2-3-1 Trigraphs shall not be used. File Scope 47 35 No Unset Unreviewed
6 2-3-1 Trigraphs shall not be used. File Scope 47 47 No Unset Unreviewed
16 0-1-2 A project shall not contain infeasible paths. main() 49 12 No Unset Unreviewed
Expression is always false.
7 2-3-1 Trigraphs shall not be used. File Scope 49 19 No Unset Unreviewed
8 2-3-1 Trigraphs shall not be used. File Scope 53 8 No Unset Unreviewed
29 0-1-7 The value returned by a function having a non-void retur main() 64 7 No Unset Unreviewed
n type that is not an overloaded operator shall always be
used.

12
Chapter 2. Appendix 1 - Configuration Settings
Polyspace Settings
Option Value
-author Polyspace
-compiler generic
-date 15/06/2020
-I C:\qualkits_R2020b\iec\codeprover\tests\options-api\lib
-lang CPP
-misra-cpp required-rules
-O2 -O2
-prog polyspace
-results-dir C:\qualkits_R2020b\iec\codeprover\tests\code-prover-server-results\reporting\template-codingstandards\OR-414-6-codingstandards_2
-target i386
-to pass2
-verif-version 1.0

Analysis Assumptions
Assumption Issuer
External arrays of unspecified size can be safely accessed at any index Product
Nonfinite floats (infinities and NaNs) are not considered Product
Computations involving unsigned integers do not overflow Product
Results of floating-point arithmetic are rounded following the IEE754 rule: round to nearest, ties to even Product
Structure fields are not volatile unless the entire structure is volatile-qualified Product
Stack pointers can be safely dereferenced even outside the pointed variable's scope Product
External pointers cannot be null. They point to allocated data of sufficient size for safe dereference Product
Absolute addresses can be safely dereferenced Product

13
Coding Standard Configuration
Table 2.1. MISRA-C++ Coding Standard Configuration
Rule Description Mode Comment Enabled
0-1-1 A project shall not contain unreachable code. required - yes
0-1-2 A project shall not contain infeasible paths. required - yes
0-1-3 A project shall not contain unused variables. required - yes
0-1-4 A project shall not contain non-volatile POD variables having only one use. required - yes
0-1-5 A project shall not contain unused type declarations. required - yes
0-1-6 A project shall not contain instances of non-volatile variables being given values that are never subseque required Not implemented no
ntly used.
0-1-7 The value returned by a function having a non-void return type that is not an overloaded operator shall required - yes
always be used.
0-1-8 All functions with void return type shall have external side effect(s). required Not implemented no
0-1-9 There shall be no dead code. required - yes
0-1-10 Every defined function shall be called at least once. required - yes
0-1-11 There shall be no unused parameters (named or unnamed) in non-virtual functions. required - yes
0-1-12 There shall be no unused parameters (named or unnamed) in the set of parameters for a virtual function required - yes
and all the functions that override it.
0-2-1 An object shall not be assigned to an overlapping object. required - yes
0-3-1 Minimization of run-time failures shall be ensured by the use of at least one of: (a) static analysis tools/tec document Not implemented no
hniques; (b) dynamic analysis tools/techniques; (c) explicit coding of checks to handle run-time faults.
0-3-2 If a function generates error information, then that error information shall be tested. required Supported in Bug Finder only no
0-4-1 Use of scaled-integer or fixed-point arithmetic shall be documented. document Not implemented no
0-4-2 Use of floating-point arithmetic shall be documented. document Not implemented no
0-4-3 Floating-point implementations shall comply with a defined floating-point standard. document Not implemented no
1-0-1 All code shall conform to ISO/IEC 14882:2003 "The C++ Standard Incorporating Technical Corrigendum 1". required - yes
1-0-2 Multiple compilers shall only be used if they have a common, defined interface. document Not implemented no
1-0-3 The implementation of integer division in the chosen compiler shall be determined and documented. document Not implemented no
2-2-1 The character set and the corresponding encoding shall be documented. document Not implemented no
2-3-1 Trigraphs shall not be used. required - yes

14
Rule Description Mode Comment Enabled
2-5-1 Digraphs should not be used. advisory - no
2-7-1 The character sequence /* shall not be used within a C-style comment. required - yes
2-7-2 Sections of code shall not be "commented out" using C-style comments. required - yes
2-7-3 Sections of code should not be "commented out" using C++ comments. advisory - no
2-10-1 Different identifiers shall be typographically unambiguous. required - yes
2-10-2 Identifiers declared in an inner scope shall not hide an identifier declared in an outer scope. required - yes
2-10-3 A typedef name (including qualification, if any) shall be a unique identifier. required - yes
2-10-4 A class, union or enum name (including qualification, if any) shall be a unique identifier. required - yes
2-10-5 The identifier name of a non-member object or function with static storage duration should not be reused. advisory - no
2-10-6 If an identifier refers to a type, it shall not also refer to an object or a function in the same scope. required - yes
2-13-1 Only those escape sequences that are defined in ISO/IEC 14882:2003 shall be used. required - yes
2-13-2 Octal constants (other than zero) and octal escape sequences (other than "\0") shall not be used. required - yes
2-13-3 A "U" suffix shall be applied to all octal or hexadecimal integer literals of unsigned type. required - yes
2-13-4 Literal suffixes shall be upper case. required - yes
2-13-5 Narrow and wide string literals shall not be concatenated. required - yes
3-1-1 It shall be possible to include any header file in multiple translation units without violating the One required - yes
Definition Rule.
3-1-2 Functions shall not be declared at block scope. required - yes
3-1-3 When an array is declared, its size shall either be stated explicitly or defined implicitly by initialization. required - yes
3-2-1 All declarations of an object or function shall have compatible types. required - yes
3-2-2 The One Definition Rule shall not be violated. required - yes
3-2-3 A type, object or function that is used in multiple translation units shall be declared in one and only one required - yes
file.
3-2-4 An identifier with external linkage shall have exactly one definition. required - yes
3-3-1 Objects or functions with external linkage shall be declared in a header file. required - yes
3-3-2 If a function has internal linkage then all re-declarations shall include the static storage class specifier. required - yes
3-4-1 An identifier declared to be an object or type shall be defined in a block that minimizes its visibility. required - yes
3-9-1 The types used for an object, a function return type, or a function parameter shall be token-for-token required - yes
identical in all declarations and re-declarations.
3-9-2 Typedefs that indicate size and signedness should be used in place of the basic numerical types. advisory - no
3-9-3 The underlying bit representations of floating-point values shall not be used. required - yes

15
Rule Description Mode Comment Enabled
4-5-1 Expressions with type bool shall not be used as operands to built-in operators other than the assignment required - yes
operator =, the logical operators &&, ||, !, the equality operators == and !=, the unary & operator, and the
conditional operator.
4-5-2 Expressions with type enum shall not be used as operands to built- in operators other than the subscript required - yes
operator [ ], the assignment operator =, the equality operators == and !=, the unary & operator, and the
relational operators <, <=, >, >=.
4-5-3 Expressions with type (plain) char and wchar_t shall not be used as operands to built-in operators other required - yes
than the assignment operator =, the equality operators == and !=, and the unary & operator.
4-10-1 NULL shall not be used as an integer value. required - yes
4-10-2 Literal zero (0) shall not be used as the null-pointer-constant. required - yes
5-0-1 The value of an expression shall be the same under any order of evaluation that the standard permits. required - yes
5-0-2 Limited dependence should be placed on C++ operator precedence rules in expressions. advisory - no
5-0-3 A cvalue expression shall not be implicitly converted to a different underlying type. required - yes
5-0-4 An implicit integral conversion shall not change the signedness of the underlying type. required - yes
5-0-5 There shall be no implicit floating-integral conversions. required - yes
5-0-6 An implicit integral or floating-point conversion shall not reduce the size of the underlying type. required - yes
5-0-7 There shall be no explicit floating-integral conversions of a cvalue expression. required - yes
5-0-8 An explicit integral or floating-point conversion shall not increase the size of the underlying type of a required - yes
cvalue expression.
5-0-9 An explicit integral conversion shall not change the signedness of the underlying type of a cvalue expressi required - yes
on.
5-0-10 If the bitwise operators ~ and << are applied to an operand with an underlying type of unsigned char or required - yes
unsigned short, the result shall be immediately cast to the underlying type of the operand.
5-0-11 The plain char type shall only be used for the storage and use of character values. required - yes
5-0-12 signed char and unsigned char type shall only be used for the storage and use of numeric values. required - yes
5-0-13 The condition of an if-statement and the condition of an iteration-statement shall have type bool. required - yes
5-0-14 The first operand of a conditional-operator shall have type bool. required - yes
5-0-15 Array indexing shall be the only form of pointer arithmetic. required - yes
5-0-16 A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both addres required Not implemented no
s elements of the same array.
5-0-17 Subtraction between pointers shall only be applied to pointers that address elements of the same array. required - yes
5-0-18 >, >=, <, <= shall not be applied to objects of pointer type, except where they point to the same array. required - yes
5-0-19 The declaration of objects shall contain no more than two levels of pointer indirection. required - yes
5-0-20 Non-constant operands to a binary bitwise operator shall have the same underlying type. required - yes

16
Rule Description Mode Comment Enabled
5-0-21 Bitwise operators shall only be applied to operands of unsigned underlying type. required - yes
5-2-1 Each operand of a logical && or || shall be a postfix-expression. required - yes
5-2-2 A pointer to a virtual base class shall only be cast to a pointer to a derived class by means of dynamic_cast required - yes
.
5-2-3 Casts from a base class to a derived class should not be performed on polymorphic types. advisory - no
5-2-4 C-style casts (other than void casts) and functional notation casts (other than explicit constructor calls) required - yes
shall not be used.
5-2-5 A cast shall not remove any const or volatile qualification from the type of a pointer or reference. required - yes
5-2-6 A cast shall not convert a pointer to a function to any other pointer type, including a pointer to function required - yes
type.
5-2-7 An object with pointer type shall not be converted to an unrelated pointer type, either directly or indirectl required - yes
y.
5-2-8 An object with integer type or pointer to void type shall not be converted to an object with pointer type. required - yes
5-2-9 A cast should not convert a pointer type to an integral type. advisory - no
5-2-10 The increment ( ++ ) and decrement ( -- ) operators should not be mixed with other operators in an advisory - no
expression.
5-2-11 The comma operator, && operator and the || operator shall not be overloaded. required - yes
5-2-12 An identifier with array type passed as a function argument shall not decay to a pointer. required - yes
5-3-1 Each operand of the ! operator, the logical && or the logical || operators shall have type bool. required - yes
5-3-2 The unary minus operator shall not be applied to an expression whose underlying type is unsigned. required - yes
5-3-3 The unary & operator shall not be overloaded. required - yes
5-3-4 Evaluation of the operand to the sizeof operator shall not contain side effects. required - yes
5-8-1 The right hand operand of a shift operator shall lie between zero and one less than the width in bits of the required - yes
underlying type of the left hand operand.
5-14-1 The right hand operand of a logical && or || operator shall not contain side effects. required - yes
5-17-1 The semantic equivalence between a binary operator and its assignment operator form shall be preserve required Not implemented no
d.
5-18-1 The comma operator shall not be used. required - yes
5-19-1 Evaluation of constant unsigned integer expressions should not lead to wrap-around. advisory - no
6-2-1 Assignment operators shall not be used in sub-expressions. required - yes
6-2-2 Floating-point expressions shall not be directly or indirectly tested for equality or inequality. required - yes
6-2-3 Before preprocessing, a null statement shall only occur on a line by itself; it may be followed by a commen required - yes
t, provided that the first character following the null statement is a white - space character.

17
Rule Description Mode Comment Enabled
6-3-1 The statement forming the body of a switch, while, do ... while or for statement shall be a compound required - yes
statement.
6-4-1 An if ( condition ) construct shall be followed by a compound statement. The else keyword shall be followe required - yes
d by either a compound statement, or another if statement.
6-4-2 All if ... else if constructs shall be terminated with an else clause. required - yes
6-4-3 A switch statement shall be a well-formed switch statement. required - yes
6-4-4 A switch-label shall only be used when the most closely-enclosing compound statement is the body of a required - yes
switch statement.
6-4-5 An unconditional throw or break statement shall terminate every non - empty switch-clause. required - yes
6-4-6 The final clause of a switch statement shall be the default-clause. required - yes
6-4-7 The condition of a switch statement shall not have bool type. required - yes
6-4-8 Every switch statement shall have at least one case-clause. required - yes
6-5-1 A for loop shall contain a single loop-counter which shall not have floating type. required - yes
6-5-2 If loop-counter is not modified by -- or ++, then, within condition, the loop-counter shall only be used as an required - yes
operand to <=, <, > or >=.
6-5-3 The loop-counter shall not be modified within condition or statement. required - yes
6-5-4 The loop-counter shall be modified by one of: --, ++, -=n, or +=n ; where n remains constant for the duratio required - yes
n of the loop.
6-5-5 A loop-control-variable other than the loop-counter shall not be modified within condition or expression. required - yes
6-5-6 A loop-control-variable other than the loop-counter which is modified in statement shall have type bool. required - yes
6-6-1 Any label referenced by a goto statement shall be declared in the same block, or in a block enclosing the required - yes
goto statement.
6-6-2 The goto statement shall jump to a label declared later in the same function body. required - yes
6-6-3 The continue statement shall only be used within a well-formed for loop. required - yes
6-6-4 For any iteration statement there shall be no more than one break or goto statement used for loop termin required - yes
ation.
6-6-5 A function shall have a single point of exit at the end of the function. required - yes
7-1-1 A variable which is not modified shall be const qualified. required - yes
7-1-2 A pointer or reference parameter in a function shall be declared as pointer to const or reference to const required - yes
if the corresponding object is not modified.
7-2-1 An expression with enum underlying type shall only have values corresponding to the enumerators of the required Not implemented no
enumeration.
7-3-1 The global namespace shall only contain main, namespace declarations and extern "C" declarations. required - yes
7-3-2 The identifier main shall not be used for a function other than the global function main. required - yes

18
Rule Description Mode Comment Enabled
7-3-3 There shall be no unnamed namespaces in header files. required - yes
7-3-4 using-directives shall not be used. required - yes
7-3-5 Multiple declarations for an identifier in the same namespace shall not straddle a using-declaration for required - yes
that identifier.
7-3-6 using-directives and using-declarations (excluding class scope or function scope using-declarations) shall required - yes
not be used in header files.
7-4-1 All usage of assembler shall be documented. document Not implemented no
7-4-2 Assembler instructions shall only be introduced using the asm declaration. required - yes
7-4-3 Assembly language shall be encapsulated and isolated. required - yes
7-5-1 A function shall not return a reference or a pointer to an automatic variable (including parameters), required - yes
defined within the function.
7-5-2 The address of an object with automatic storage shall not be assigned to another object that may persist required - yes
after the first object has ceased to exist.
7-5-3 A function shall not return a reference or a pointer to a parameter that is passed by reference or const required - yes
reference.
7-5-4 Functions should not call themselves, either directly or indirectly. advisory - no
8-0-1 An init-declarator-list or a member-declarator-list shall consist of a single init-declarator or member-decla required - yes
rator respectively.
8-3-1 Parameters in an overriding virtual function shall either use the same default arguments as the function required - yes
they override, or else shall not specify any default arguments.
8-4-1 Functions shall not be defined using the ellipsis notation. required - yes
8-4-2 The identifiers used for the parameters in a re-declaration of a function shall be identical to those in the required - yes
declaration.
8-4-3 All exit paths from a function with non-void return type shall have an explicit return statement with an required - yes
expression.
8-4-4 A function identifier shall either be used to call the function or it shall be preceded by &. required - yes
8-5-1 All variables shall have a defined value before they are used. required - yes
8-5-2 Braces shall be used to indicate and match the structure in the non-zero initialization of arrays and struct required - yes
ures.
8-5-3 In an enumerator list, the = construct shall not be used to explicitly initialize members other than the first, required - yes
unless all items are explicitly initialized.
9-3-1 const member functions shall not return non-const pointers or references to class-data. required - yes
9-3-2 Member functions shall not return non-const handles to class-data. required - yes
9-3-3 If a member function can be made static then it shall be made static, otherwise if it can be made const required - yes
then it shall be made const.

19
Rule Description Mode Comment Enabled
9-5-1 Unions shall not be used. required - yes
9-6-1 When the absolute positioning of bits representing a bit-field is required, then the behaviour and packing document Not implemented no
of bit-fields shall be documented.
9-6-2 Bit-fields shall be either bool type or an explicitly unsigned or signed integral type. required - yes
9-6-3 Bit-fields shall not have enum type. required - yes
9-6-4 Named bit-fields with signed integer type shall have a length of more than one bit. required - yes
10-1-1 Classes should not be derived from virtual bases. advisory - no
10-1-2 A base class shall only be declared virtual if it is used in a diamond hierarchy. required - yes
10-1-3 An accessible base class shall not be both virtual and non-virtual in the same hierarchy. required - yes
10-2-1 All accessible entity names within a multiple inheritance hierarchy should be unique. advisory - no
10-3-1 There shall be no more than one definition of each virtual function on each path through the inheritance required - yes
hierarchy.
10-3-2 Each overriding virtual function shall be declared with the virtual keyword. required - yes
10-3-3 A virtual function shall only be overridden by a pure virtual function if it is itself declared as pure virtual. required - yes
11-0-1 Member data in non-POD class types shall be private. required - yes
12-1-1 An object's dynamic type shall not be used from the body of its constructor or destructor. required - yes
12-1-2 All constructors of a class should explicitly call a constructor for all of its immediate base classes and all advisory - no
virtual base classes.
12-1-3 All constructors that are callable with a single argument of fundamental type shall be declared explicit. required - yes
12-8-1 A copy constructor shall only initialize its base classes and the non-static members of the class of which it required - yes
is a member.
12-8-2 The copy assignment operator shall be declared protected or private in an abstract class. required - yes
14-5-1 A non-member generic function shall only be declared in a namespace that is not an associated namespac required - yes
e.
14-5-2 A copy constructor shall be declared when there is a template constructor with a single parameter that is required - yes
a generic parameter.
14-5-3 A copy assignment operator shall be declared when there is a template assignment operator with a param required - yes
eter that is a generic parameter.
14-6-1 In a class template with a dependent base, any name that may be found in that dependent base shall be required - yes
referred to using a qualified-id or this->.
14-6-2 The function chosen by overload resolution shall resolve to a function declared previously in the translati required - yes
on unit.
14-7-1 All class templates, function templates, class template member functions and class template static membe required Not implemented no
rs shall be instantiated at least once.

20
Rule Description Mode Comment Enabled
14-7-2 For any given template specialization, an explicit instantiation of the template with the template-argumen required Not implemented no
ts used in the specialization shall not render the program ill-formed.
14-7-3 All partial and explicit specializations for a template shall be declared in the same file as the declaration required - yes
of their primary template.
14-8-1 Overloaded function templates shall not be explicitly specialized. required - yes
14-8-2 The viable function set for a function call should either contain no function specializations, or only contai advisory - no
n function specializations.
15-0-1 Exceptions shall only be used for error handling. document Not implemented no
15-0-2 An exception object should not have pointer type. advisory - no
15-0-3 Control shall not be transferred into a try or catch block using a goto or a switch statement. required - yes
15-1-1 The assignment-expression of a throw statement shall not itself cause an exception to be thrown. required Supported in Bug Finder only no
15-1-2 NULL shall not be thrown explicitly. required - yes
15-1-3 An empty throw (throw;) shall only be used in the compound- statement of a catch handler. required - yes
15-3-1 Exceptions shall be raised only after start-up and before termination of the program. required Supported in Bug Finder only no
15-3-2 There should be at least one exception handler to catch all otherwise unhandled exceptions advisory - no
15-3-3 Handlers of a function-try-block implementation of a class constructor or destructor shall not reference required - yes
non-static members from this class or its bases.
15-3-4 Each exception explicitly thrown in the code shall have a handler of a compatible type in all call paths required - yes
that could lead to that point.
15-3-5 A class type exception shall always be caught by reference. required - yes
15-3-6 Where multiple handlers are provided in a single try-catch statement or function-try-block for a derived required - yes
class and some or all of its bases, the handlers shall be ordered most-derived to base class.
15-3-7 Where multiple handlers are provided in a single try-catch statement or function-try-block, any ellipsis required - yes
(catch-all) handler shall occur last.
15-4-1 If a function is declared with an exception-specification, then all declarations of the same function (in required - yes
other translation units) shall be declared with the same set of type-ids.
15-5-1 A class destructor shall not exit with an exception. required - yes
15-5-2 Where a function's declaration includes an exception-specification, the function shall only be capable of required - yes
throwing exceptions of the indicated type(s).
15-5-3 The terminate() function shall not be called implicitly. required - yes
16-0-1 #include directives in a file shall only be preceded by other preprocessor directives or comments. required - yes
16-0-2 Macros shall only be #define 'd or #undef 'd in the global namespace. required - yes
16-0-3 #undef shall not be used. required - yes
16-0-4 Function-like macros shall not be defined. required - yes

21
Rule Description Mode Comment Enabled
16-0-5 Arguments to a function-like macro shall not contain tokens that look like preprocessing directives. required - yes
16-0-6 In the definition of a function-like macro, each instance of a parameter shall be enclosed in parentheses, required - yes
unless it is used as the operand of # or ##.
16-0-7 Undefined macro identifiers shall not be used in #if or #elif preprocessor directives, except as operands to required - yes
the defined operator.
16-0-8 If the # token appears as the first token on a line, then it shall be immediately followed by a preprocessing required - yes
token.
16-1-1 The defined preprocessor operator shall only be used in one of the two standard forms. required - yes
16-1-2 All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if or #ifdef directive required - yes
to which they are related.
16-2-1 The pre-processor shall only be used for file inclusion and include guards. required - yes
16-2-2 C++ macros shall only be used for: include guards, type qualifiers, or storage class specifiers. required - yes
16-2-3 Include guards shall be provided. required - yes
16-2-4 The ', ", /* or // characters shall not occur in a header file name. required - yes
16-2-5 The \ character should not occur in a header file name. advisory - no
16-2-6 The #include directive shall be followed by either a <filename> or "filename" sequence. required - yes
16-3-1 There shall be at most one occurrence of the # or ## operators in a single macro definition. required - yes
16-3-2 The # and ## operators should not be used. advisory - no
16-6-1 All uses of the #pragma directive shall be documented. document - no
17-0-1 Reserved identifiers, macros and functions in the standard library shall not be defined, redefined or unde required - yes
fined.
17-0-2 The names of standard library macros and objects shall not be reused. required - yes
17-0-3 The names of standard library functions shall not be overridden. required - yes
17-0-4 All library code shall conform to MISRA C++. document Not implemented no
17-0-5 The setjmp macro and the longjmp function shall not be used. required - yes
18-0-1 The C library shall not be used. required - yes
18-0-2 The library functions atof, atoi and atol from library <cstdlib> shall not be used. required - yes
18-0-3 The library functions abort, exit, getenv and system from library <cstdlib> shall not be used. required - yes
18-0-4 The time handling functions of library <ctime> shall not be used. required - yes
18-0-5 The unbounded functions of library <cstring> shall not be used. required - yes
18-2-1 The macro offsetof shall not be used. required - yes
18-4-1 Dynamic heap memory allocation shall not be used. required - yes

22
Rule Description Mode Comment Enabled
18-7-1 The signal handling facilities of <csignal> shall not be used. required - yes
19-3-1 The error indicator errno shall not be used. required - yes
27-0-1 The stream input/output library <cstdio> shall not be used. required - yes

23
Chapter 3. Appendix 2 - Definitions

Table 3.1. Abbreviations


Abbreviation Definition
Col Column
Jus Justified
SQO Software Quality Objectives
NA Not Available

24

You might also like