MISRA Compliance π
MISRA C is a widely accepted model for best practices used by automotive, telecom, aerospace, medical, and other critical industries. Unicorn honors all Mandatory, most Required, and most Advisory rules defined by MIRSA C:2012. This page documents compliance with MISRA C:2012 and documents all deviations.
Conformance to most MISRA rules is verified with static analysis tools. Readers are encouraged to run their own static analysis tools to verify conformance and that noted deviations are acceptable.
If you believe there is a MISRA violation and/or an inaccuracy in the compliance table, then please report it here.
Compliance Summary Table π
If Unicorn is compliant with a directive or rule then the Compliance column will begin with the text βCompliantβ optionally followed by the verification method in parentheses. If no verification method is listed, then static analysis is assumed (this is how most rules are verified). If Unicorn is non-compliant with a directive or rule then the Compliance column will begin with the text βNon-compliantβ in bold followed by documentation explaining why.
The MISRA C:2012 rule texts can not be freely distributed therefore the compliance summary table lists the rule number, but omits the description. It is assumed the reader has access to the MISRA C:2012 standard and can cross-reference the rule numbers with the standard.
Implementation π
| Directive
|
Category
|
Compliance
|
| D1.1
|
Required
|
Compliant (manually verified)
|
Compilation and Build π
| Directive
|
Category
|
Compliance
|
| D2.1
|
Required
|
Compliant (verified with GCC, Clang, and MSVC)
|
Requirements Traceability π
| Directive
|
Category
|
Compliance
|
| D3.1
|
Required
|
Compliant (manually verified)
|
Code Design π
| Directive
|
Category
|
Compliance
|
| D4.1
|
Required
|
Compliant (manually verified)
|
| D4.2
|
Advisory
|
Compliant (Unicorn does not use assembly language)
|
| D4.3
|
Required
|
Compliant (Unicorn does not use assembly language)
|
| D4.4
|
Advisory
|
Compliant (manually verified)
|
| D4.5
|
Advisory
|
Compliant (manually verified)
|
| D4.6
|
Advisory
|
Compliant (manually verified)
|
| D4.7
|
Required
|
Compliant (manually verified)
|
| D4.8
|
Advisory
|
Non-compliant [1]
|
| D4.9
|
Advisory
|
Compliant (manually verified) [2]
|
| D4.10
|
Required
|
Compliant (manually verified)
|
| D4.11
|
Required
|
Compliant (verified by unit tests)
|
| D4.12
|
Required
|
Compliant (manually verified)
|
| D4.13
|
Advisory
|
Compliant (manually verified)
|
[1] The programmatically generated Unicode data tables are collected into a single header/source amalgamation in the commercial implementation of Unicorn. The generated header is included by multiple translation units, but each translation unit only uses a subset of the generated definitions.
[2] Where a function-like macro should become a function is a trade-off between code size and execution speed. In Unicorn, most function-like macros are small expressions and programmatically generated.
Standard C Environment π
| Rule
|
Category
|
Compliance
|
| 1.1
|
Required
|
Compliant
|
| 1.2
|
Required
|
Compliant (verified by compiling with Clang's -pedantic flag)
|
| 1.3
|
Required
|
Compliant (verified by Clang's undefined behavior sanitizer)
|
Unused Code π
| Rule
|
Category
|
Compliance
|
| 2.1
|
Required
|
Compliant
|
| 2.2
|
Required
|
Compliant
|
| 2.3
|
Advisory
|
Compliant
|
| 2.4
|
Advisory
|
Compliant
|
| 2.5
|
Advisory
|
Compliant [1]
|
| 2.6
|
Advisory
|
Compliant
|
| 2.7
|
Advisory
|
Compliant
|
[1] Some macros in unicorn.h are part of the public API, but are not used internally by the library. Static analysis tools may report these macros as being unused, but this is a false positive.
Comments π
| Rule
|
Category
|
Compliance
|
| 3.1
|
Required
|
Compliant
|
| 3.2
|
Required
|
Compliant
|
Character Sets and Lexical Conventions π
| Rule
|
Category
|
Compliance
|
| 4.1
|
Required
|
Compliant
|
| 4.2
|
Advisory
|
Compliant
|
Identifiers π
| Rule
|
Category
|
Compliance
|
| 5.1
|
Required
|
Compliant
|
| 5.2
|
Required
|
Compliant
|
| 5.3
|
Required
|
Compliant
|
| 5.4
|
Required
|
Compliant
|
| 5.5
|
Required
|
Compliant
|
| 5.6
|
Required
|
Compliant
|
| 5.7
|
Required
|
Compliant
|
| 5.8
|
Required
|
Compliant
|
| 5.9
|
Advisory
|
Compliant
|
| Rule
|
Category
|
Compliance
|
| 6.1
|
Required
|
Compliant
|
| 6.2
|
Required
|
Compliant
|
Literals and Constants π
| Rule
|
Category
|
Compliance
|
| 7.1
|
Required
|
Compliant
|
| 7.2
|
Required
|
Compliant
|
| 7.3
|
Required
|
Compliant
|
| 7.4
|
Required
|
Compliant
|
Declarations and Definitions π
| Rule
|
Category
|
Compliance
|
| 8.1
|
Required
|
Compliant
|
| 8.2
|
Required
|
Compliant
|
| 8.3
|
Required
|
Compliant
|
| 8.4
|
Required
|
Compliant
|
| 8.5
|
Required
|
Compliant
|
| 8.6
|
Required
|
Compliant
|
| 8.7
|
Advisory
|
Compliant [1]
|
| 8.8
|
Required
|
Compliant
|
| 8.9
|
Advisory
|
Non-compliant [2]
|
| 8.10
|
Required
|
Compliant
|
| 8.11
|
Advisory
|
Compliant
|
| 8.13
|
Advisory
|
Compliant
|
| 8.14
|
Required
|
Compliant
|
[1] This rule is not observed for the single header/source amalgamation (the public release). This is because the amalgamation combines all translation units into a single translation unit and does not update linkages in the process. The unamalgamated, MISRA compliant implementation is exclusively available to commercial licensees.
[2] The Unicode data tables are programmatically generated and therefore are not inlined in the functions that depend on them.
Initialization π
| Rule
|
Category
|
Compliance
|
| 9.1
|
Mandatory
|
Compliant
|
| 9.2
|
Required
|
Compliant
|
| 9.3
|
Required
|
Compliant
|
| 9.4
|
Required
|
Compliant
|
| 9.5
|
Required
|
Compliant
|
The Essential Type Modal π
| Rule
|
Category
|
Compliance
|
| 10.1
|
Required
|
Compliant [1]
|
| 10.2
|
Required
|
Compliant
|
| 10.3
|
Required
|
Compliant [1]
|
| 10.4
|
Required
|
Compliant [1]
|
| 10.5
|
Advisory
|
Non-compliant [2]
|
| 10.6
|
Required
|
Compliant
|
| 10.7
|
Required
|
Compliant
|
| 10.8
|
Required
|
Compliant
|
[1] The implementation of Unicorn uses the UINT8_C and UINT16_C macros when declaring constants, however, if your MISRA tool does not recognize these macros as creating unsigned values, then it may report a violation.
[2] The programmatically generated Unicode data tables use the smallest C integer types they can. When returning this data to the user, it may be cast to an enum type.
Pointer Type Conversion π
| Rule
|
Category
|
Compliance
|
| 11.1
|
Required
|
Compliant
|
| 11.2
|
Required
|
Compliant
|
| 11.3
|
Required
|
Compliant
|
| 11.4
|
Advisory
|
Compliant
|
| 11.5
|
Advisory
|
Non-compliant [1]
|
| 11.6
|
Required
|
Compliant
|
| 11.7
|
Required
|
Compliant
|
| 11.8
|
Required
|
Compliant
|
| 11.9
|
Required
|
Compliant
|
[1] In a few select locations Unicorn casts from a void* to a uint8_t*, uint16_t*, or uint32_t*. These casts are performed because Unicorn accepts encoded text as a void* and must internally cast it to an integer pointer with the appropriate storage class. While Unicorn casts are known to be safe via unit testing the caller must ensure they specify the correct encoding form. Specifying the incorrect encoding form will result in a cast to an incorrect storage class resulting in undefined behavior.
Expressions π
| Rule
|
Category
|
Compliance
|
| 12.1
|
Advisory
|
Compliant
|
| 12.2
|
Required
|
Compliant
|
| 12.3
|
Advisory
|
Compliant
|
| 12.4
|
Advisory
|
Compliant
|
| 12.5
|
Mandatory
|
Compliant
|
Side Effects π
| Rule
|
Category
|
Compliance
|
| 13.1
|
Required
|
Compliant
|
| 13.2
|
Required
|
Compliant
|
| 13.3
|
Advisory
|
Compliant
|
| 13.4
|
Advisory
|
Compliant
|
| 13.5
|
Required
|
Compliant
|
| 13.6
|
Mandatory
|
Compliant
|
Control Statement Expressions π
| Rule
|
Category
|
Compliance
|
| 14.1
|
Required
|
Compliant
|
| 14.2
|
Required
|
Compliant
|
| 14.3
|
Required
|
Compliant
|
| 14.4
|
Required
|
Compliant
|
Control Flow π
| Rule
|
Category
|
Compliance
|
| 15.1
|
Advisory
|
Compliant
|
| 15.2
|
Required
|
Compliant
|
| 15.3
|
Required
|
Compliant
|
| 15.4
|
Advisory
|
Compliant
|
| 15.5
|
Advisory
|
Compliant
|
| 15.6
|
Required
|
Compliant
|
| 15.7
|
Required
|
Compliant [1]
|
[1] The unamalgamated implementation of Unicorn is compliant, however, the amalgmation is non-compliant because all comments are removed from it.
Switch Statements π
| Rule
|
Category
|
Compliance
|
| 16.1
|
Required
|
Compliant
|
| 16.2
|
Required
|
Compliant
|
| 16.3
|
Required
|
Compliant
|
| 16.4
|
Required
|
Compliant
|
| 16.5
|
Required
|
Compliant
|
| 16.6
|
Required
|
Compliant
|
| 16.7
|
Required
|
Compliant
|
Functions π
| Rule
|
Category
|
Compliance
|
| 17.1
|
Required
|
Compliant
|
| 17.2
|
Required
|
Non-compliant [1]
|
| 17.3
|
Mandatory
|
Compliant (verified via Clang)
|
| 17.4
|
Mandatory
|
Compliant
|
| 17.5
|
Advisory
|
Compliant
|
| 17.6
|
Mandatory
|
Compliant
|
| 17.7
|
Required
|
Compliant
|
| 17.8
|
Advisory
|
Compliant
|
[1] Recursion is used when processing immutable pregenerated data structures. In these cases the maximum recursion depth is known.
Pointers and Arrays π
| Rule
|
Category
|
Compliance
|
| 18.1
|
Required
|
Compliant
|
| 18.2
|
Required
|
Compliant
|
| 18.3
|
Required
|
Compliant
|
| 18.4
|
Advisory
|
Compliant
|
| 18.5
|
Advisory
|
Compliant
|
| 18.6
|
Required
|
Compliant
|
| 18.7
|
Required
|
Compliant
|
| 18.8
|
Required
|
Compliant
|
Overlapping Storage π
| Rule
|
Category
|
Compliance
|
| 19.1
|
Mandatory
|
Compliant
|
| 19.2
|
Advisory
|
Compliant
|
Preprocessing Directives π
| Rule
|
Category
|
Compliance
|
| 20.1
|
Advisory
|
Compliant
|
| 20.2
|
Required
|
Compliant
|
| 20.3
|
Required
|
Compliant
|
| 20.4
|
Required
|
Compliant
|
| 20.5
|
Advisory
|
Compliant
|
| 20.7
|
Required
|
Compliant
|
| 20.8
|
Required
|
Compliant
|
| 20.9
|
Required
|
Compliant
|
| 20.10
|
Advisory
|
Compliant
|
| 20.11
|
Required
|
Compliant
|
| 20.12
|
Required
|
Compliant
|
| 20.13
|
Required
|
Compliant
|
| 20.14
|
Required
|
Compliant
|
Standard Libraries π
| Rule
|
Category
|
Compliance
|
| 21.1
|
Required
|
Compliant
|
| 21.2
|
Required
|
Compliant
|
| 21.3
|
Required
|
Non-compliant [1]
|
| 21.4
|
Required
|
Compliant
|
| 21.5
|
Required
|
Compliant
|
| 21.6
|
Required
|
Compliant
|
| 21.7
|
Required
|
Compliant
|
| 21.8
|
Required
|
Compliant
|
| 21.9
|
Required
|
Compliant
|
| 21.10
|
Required
|
Compliant
|
| 21.11
|
Required
|
Compliant
|
| 21.12
|
Advisory
|
Compliant
|
| 21.13
|
Mandatory
|
Compliant
|
| 21.14
|
Required
|
Compliant
|
| 21.15
|
Required
|
Compliant
|
| 21.16
|
Required
|
Compliant
|
| 21.17
|
Mandatory
|
Compliant
|
| 21.18
|
Mandatory
|
Compliant
|
| 21.19
|
Mandatory
|
Compliant
|
[1] The realloc and free functions are present but optional.
Resources π
| Rule
|
Category
|
Compliance
|
| 22.1
|
Required
|
Compliant
|
| 22.2
|
Mandatory
|
Compliant
|
| 21.20
|
Mandatory
|
Compliant
|
| 22.3
|
Required
|
Compliant
|
| 22.4
|
Mandatory
|
Compliant
|
| 22.5
|
Mandatory
|
Compliant
|
| 22.6
|
Mandatory
|
Compliant
|
| 22.7
|
Required
|
Compliant
|
| 22.8
|
Required
|
Compliant
|
| 22.9
|
Required
|
Compliant
|
| 22.10
|
Required
|
Compliant
|
