Total rules: 216
Number of implemented: 205
| Rule | Text | Cppcheck ID(s) |
| Dir 1.1 | Any implementation-defined behaviour on which the output of the program depends shall be documented and understood | |
| Dir 2.1 | All source files shall compile without any compilation errors | |
| Dir 3.1 | All code shall be traceable to documented requirements | |
| Dir 4.1 | Run-time failures shall be minimized | |
| Dir 4.2 | All usage of assembly language should be documented | |
| Dir 4.3 | Assembly language shall be encapsulated and isolated | misra-c2012-dir-4.3 |
| Dir 4.4 | Sections of code should not be “commented out” | misra-c2012-dir-4.4 |
| Dir 4.5 | Identifiers in the same name space with overlapping visibility should be typographically unambiguous | misra-c2012-dir-4.5 |
| Dir 4.6 | typedefs that indicate size and signedness should be used in place of the basic numerical types | misra-c2012-dir-4.6 |
| Dir 4.7 | If a function returns error information, then that error information shall be tested | |
| Dir 4.8 | If a pointer to a structure or union is never dereferenced within a translation unit, then the implementation of the object should be hidden | |
| Dir 4.9 | A function should be used in preference to a function-like macro where they are interchangeable | misra-c2012-dir-4.9 |
| Dir 4.10 | Precautions shall be taken in order to prevent the contents of a header file being included more than once | |
| Dir 4.11 | The validity of values passed to library functions shall be checked | |
| Dir 4.12 | Dynamic memory allocation shall not be used | |
| Dir 4.13 | Functions which are designed to provide operations on a resource should be called in an appropriate sequence | |
| 1.1 | The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's translation limits | syntaxError |
| 1.2 | Language extensions should not be used | misra-c2012-1.2 |
| 1.3 | There shall be no occurrence of undefined or critical unspecified behaviour | error |
| 1.4 | Emergent language features shall not be used. | misra-c2012-1.4 |
| 1.5 | Obsolescent language features shall not be used | misra-c2012-1.5 |
| 2.1 | A project shall not contain unreachable code | duplicateBreak unreachableCode |
| 2.2 | There shall be no dead code | redundantCondition redundantAssignment redundantAssignInSwitch unreadVariable |
| 2.3 | A project should not contain unused type declarations | misra-c2012-2.3 |
| 2.4 | A project should not contain unused tag declarations | misra-c2012-2.4 |
| 2.5 | A project should not contain unused macro declarations | misra-c2012-2.5 |
| 2.6 | A function should not contain unused label declarations | unusedLabel |
| 2.7 | A function should not contain unused parameters | misra-c2012-2.7 |
| 2.8 | A project should not contain unused object definitions | unusedVariable |
| 3.1 | The character sequences /* and // shall not be used within a comment | misra-c2012-3.1 |
| 3.2 | Line-splicing shall not be used in // comments | misra-c2012-3.2 |
| 4.1 | Octal and hexadecimal escape sequences shall be terminated | misra-c2012-4.1 |
| 4.2 | Trigraphs should not be used | misra-c2012-4.2 |
| 5.1 | External identifiers shall be distinct. | misra-c2012-5.1 |
| 5.2 | Identifiers declared in the same scope and name space shall be distinct | misra-c2012-5.2 |
| 5.3 | An identifier declared in an inner scope shall not hide an identifier declared in an outer scope | shadowVariable |
| 5.4 | Macro identifiers shall be distinct | misra-c2012-5.4 |
| 5.5 | Identifiers shall be distinct from macro names | misra-c2012-5.5 |
| 5.6 | A typedef name shall be a unique identifier | misra-c2012-5.6 |
| 5.7 | A tag name shall be a unique identifier | misra-c2012-5.7 |
| 5.8 | Identifiers that define objects or functions with external linkage shall be unique | misra-c2012-5.8 |
| 5.9 | Identifiers that define objects or functions with internal linkage should be unique | misra-c2012-5.9 |
| 6.1 | Bit-fields shall only be declared with an appropriate type. | misra-c2012-6.1 |
| 6.2 | Single-bit named bit fields shall not be of a signed type | misra-c2012-6.2 |
| 6.3 | A bit field shall not be declared as a member of a union. | misra-c2012-6.3 |
| 7.1 | Octal constants shall not be used | misra-c2012-7.1 |
| 7.2 | A "u" or "U" suffix shall be applied to all integer constants that are represented in an unsigned type | misra-c2012-7.2 |
| 7.3 | The lowercase character "l" shall not be used in a literal suffix | misra-c2012-7.3 |
| 7.4 | A string literal shall not be assigned to an object unless the object's type is \"pointer to const-qualified char\". | misra-c2012-7.4 |
| 7.5 | The argument of an integer constant macro shall have an appropriate form. | misra-c2012-7.5 |
| 7.6 | The small integer variants of the minimum-width integer constant macros shall not be used | misra-c2012-7.6 |
| 8.1 | Types shall be explicitly specified. | misra-c2012-8.1 |
| 8.2 | Function types shall be in prototype form with named parameters | misra-c2012-8.2 |
| 8.3 | All declarations of an object or function shall use the same names and type qualifiers. | funcArgNamesDifferent |
| 8.4 | A compatible declaration shall be visible when an object or function with external linkage is defined. | misra-c2012-8.4 |
| 8.5 | An external object or function shall be declared once in one and only one file | misra-c2012-8.5 |
| 8.6 | An identifier with external linkage shall have exactly one definition. | misra-c2012-8.6 |
| 8.7 | Functions and objects should not be defined with external linkage if they are referenced in only one translation unit | misra-c2012-8.7 |
| 8.8 | The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage. | misra-c2012-8.8 |
| 8.9 | An object should be defined at block scope if its identifier only appears in a single function | misra-c2012-8.9 |
| 8.10 | An inline function shall be declared with the static storage class | misra-c2012-8.10 |
| 8.11 | When an array with external linkage is declared, its size should be explicitly specified | misra-c2012-8.11 |
| 8.12 | Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique | misra-c2012-8.12 |
| 8.13 | A pointer should point to a const-qualified type whenever possible | constParameterPointer |
| 8.14 | The restrict type qualifier shall not be used | misra-c2012-8.14 |
| 8.15 | All declarations of an object with an explicit alignment specification shall specify the same alignment. | misra-c2012-8.15 |
| 8.16 | The alignment specification of zero should not appear in an object declaration. | misra-c2012-8.16 |
| 8.17 | At most one explicit alignment specifier should appear in an object declaration. | misra-c2012-8.17 |
| 9.1 | The value of an object with automatic storage duration shall not be read before it has been set | uninitvar |
| 9.2 | The initializer for an aggregate or union shall be enclosed in braces | misra-c2012-9.2 |
| 9.3 | Arrays shall not be partially initialized | misra-c2012-9.3 |
| 9.4 | An element of an object shall not be initialized more than once | misra-c2012-9.4 |
| 9.5 | Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly | misra-c2012-9.5 |
| 9.6 | An initializer using chained designators shall not contain initializers without designators | misra-c2012-9.6 |
| 9.7 | Atomic objects shall be appropriately initialized before being accessed | misra-c2012-9.7 |
| 10.1 | Operands shall not be of an inappropriate essential type. | misra-c2012-10.1 |
| 10.2 | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations. | misra-c2012-10.2 |
| 10.3 | The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category. | misra-c2012-10.3 |
| 10.4 | Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category. | misra-c2012-10.4 |
| 10.5 | The value of an expression should not be cast to an inappropriate essential type. | misra-c2012-10.5 |
| 10.6 | The value of a composite expression shall not be assigned to an object with wider essential type. | misra-c2012-10.6 |
| 10.7 | If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type. | misra-c2012-10.7 |
| 10.8 | The value of a composite expression shall not be cast to a different essential type category or a wider essential type. | misra-c2012-10.8 |
| 11.1 | Conversions shall not be performed between a pointer to a function and any other type | misra-c2012-11.1 |
| 11.2 | Conversions shall not be performed between a pointer to an incomplete type and any other type | misra-c2012-11.2 |
| 11.3 | A cast shall not be performed between a pointer to object type and a pointer to a different object type | misra-c2012-11.3 |
| 11.4 | A conversion should not be performed between a pointer to object and an integer type | misra-c2012-11.4 |
| 11.5 | A conversion should not be performed from pointer to void into pointer to object | misra-c2012-11.5 |
| 11.6 | A cast shall not be performed between pointer to void and an arithmetic type | misra-c2012-11.6 |
| 11.7 | A cast shall not be performed between pointer to object and a non-integer arithmetic type | misra-c2012-11.7 |
| 11.8 | A conversion shall not remove any const, volatile or _Atomic qualification from the type pointed to by a pointer | misra-c2012-11.8 |
| 11.9 | The macro NULL shall be the only permitted form of integer null pointer constant | misra-c2012-11.9 |
| 11.10 | The _Atomic qualifier shall not be applied to the incomplete type void | misra-c2012-11.10 |
| 12.1 | The precedence of operators within expressions should be made explicit | misra-c2012-12.1 |
| 12.2 | The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand | misra-c2012-12.2 |
| 12.3 | The comma operator should not be used. | misra-c2012-12.3 |
| 12.4 | Evaluation of constant expressions should not lead to unsigned integer wrap-around | misra-c2012-12.4 |
| 12.5 | The sizeof operator shall not have an operand which is a function parameter declared as "array of type" | sizeofwithsilentarraypointer |
| 12.6 | Structure and union members of atomic objects shall not be directly accessed | misra-c2012-12.6 |
| 13.1 | Initializer lists shall not contain persistent side effects. | misra-c2012-13.1 |
| 13.2 | The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders and shall be independent from thread interleaving. | unknownEvaluationOrder |
| 13.3 | A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator. | misra-c2012-13.3 |
| 13.4 | The result of an assignment operator should not be used. | misra-c2012-13.4 |
| 13.5 | The right hand operand of a logical && or || operator shall not contain persistent side effects. | misra-c2012-13.5 |
| 13.6 | The operand of the sizeof operator shall not contain any expression which has potential side effects. | sizeofCalculation |
| 14.1 | A loop counter shall not have essentially floating type | misra-c2012-14.1 |
| 14.2 | A for loop shall be well-formed | misra-c2012-14.2 |
| 14.3 | Controlling expressions shall not be invariant | compareValueOutOfTypeRangeError knownConditionTrueFalse |
| 14.4 | The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boolean type | misra-c2012-14.4 |
| 15.1 | The goto statement should not be used | misra-c2012-15.1 |
| 15.2 | The goto statement shall jump to a label declared later in the same function | misra-c2012-15.2 |
| 15.3 | Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement | misra-c2012-15.3 |
| 15.4 | There should be no more than one break or goto statement used to terminate any iteration statement | misra-c2012-15.4 |
| 15.5 | A function should have a single point of exit at the end. | misra-c2012-15.5 |
| 15.6 | The body of an iteration-statement or a selection-statement shall be a compound-statement | misra-c2012-15.6 |
| 15.7 | All if ... else if constructs shall be terminated with an else statement | misra-c2012-15.7 |
| 16.1 | All switch statements shall be well-formed | misra-c2012-16.1 |
| 16.2 | A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement | misra-c2012-16.2 |
| 16.3 | An unconditional break statement shall terminate every switch-clause. | misra-c2012-16.3 |
| 16.4 | Every switch statement shall have a default label | misra-c2012-16.4 |
| 16.5 | A default label shall appear as either the first or the last switch label of a switch statement | misra-c2012-16.5 |
| 16.6 | Every switch statement shall have at least two switch-clauses | misra-c2012-16.6 |
| 16.7 | A switch-expression shall not have essentially Boolean type | misra-c2012-16.7 |
| 17.1 | The features of <stdarg.h> shall not be used | misra-c2012-17.1 |
| 17.2 | Functions shall not call themselves, either directly or indirectly | misra-c2012-17.2 |
| 17.3 | A function shall not be declared implicitly. | misra-c2012-17.3 |
| 17.4 | All exit paths from a function with non-void return type shall have an explicit return statement with an expression. | missingReturn |
| 17.5 | The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elements | argumentSize |
| 17.6 | The declaration of an array parameter shall not contain the static keyword between the [ ] | misra-c2012-17.6 |
| 17.7 | The value returned by a function having non-void return type shall be used | misra-c2012-17.7 |
| 17.8 | A function parameter should not be modified | misra-c2012-17.8 |
| 17.9 | A function declared with a _Noreturn function specifier shall not return to its caller. | misra-c2012-17.9 |
| 17.10 | A function declared with a _Noreturn function specifier shall have void return type. | misra-c2012-17.10 |
| 17.11 | A function that never returns should be declared with a _Noreturn function specifier. | misra-c2012-17.11 |
| 17.12 | A function identifier should only be used with either a preceding &, or with a parenthesized parameter list. | misra-c2012-17.12 |
| 17.13 | A function type shall not be type qualified | misra-c2012-17.13 |
| 18.1 | A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand | pointerOutOfBounds |
| 18.2 | Subtraction between pointers shall only be applied to pointers that address elements of the same array | comparePointers |
| 18.3 | The relational operators >, >=, < and <= shall not be applied to objects of pointer type except where they point into the same object | comparePointers |
| 18.4 | The +, -, += and -= operators should not be applied to an expression of pointer type | misra-c2012-18.4 |
| 18.5 | Declarations should contain no more than two levels of pointer nesting. | misra-c2012-18.5 |
| 18.6 | The address of an object with automatic storage shall not be copied to another object that persists after the first object has ceased to exist | danglingLifetime danglingTemporaryLifetime returnDanglingLifetime |
| 18.7 | Flexible array members shall not be declared | misra-c2012-18.7 |
| 18.8 | Variable-length array types shall not be used. | misra-c2012-18.8 |
| 18.9 | An object with temporary lifetime shall not undergo array-to-pointer conversion. | misra-c2012-18.9 |
| 18.10 | Pointers to variably-modified array types shall not be used | misra-c2012-18.10 |
| 19.1 | An object shall not be assigned or copied to an overlapping object | overlappingWriteUnion overlappingWriteFunction |
| 19.2 | The union keyword should not be used | misra-c2012-19.2 |
| 20.1 | #include directives should only be preceded by preprocessor directives or comments | misra-c2012-20.1 |
| 20.2 | The ', " or \ characters and the /* or // character sequences shall not occur in a header file name | misra-c2012-20.2 |
| 20.3 | The #include directive shall be followed by either a <filename> or \"filename\" sequence. | misra-c2012-20.3 |
| 20.4 | A macro shall not be defined with the same name as a keyword | misra-c2012-20.4 |
| 20.5 | #undef should not be used | misra-c2012-20.5 |
| 20.6 | Tokens that look like a preprocessing directive shall not occur within a macro argument | preprocessorErrorDirective |
| 20.7 | Parentheses shall be used to ensure macro arguments are expanded appropriately | misra-c2012-20.7 |
| 20.8 | The controlling expression of a #if or #elif preprocessing directive shall evaluate to 0 or 1 | misra-c2012-20.8 |
| 20.9 | All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be #define'd before evaluation | misra-c2012-20.9 |
| 20.10 | The # and ## preprocessor operators should not be used | misra-c2012-20.10 |
| 20.11 | A macro parameter immediately following a # operator shall not immediately be followed by a ## operator | misra-c2012-20.11 |
| 20.12 | A macro parameter used as an operand to the # or ## operators, which is itself subject to further macro replacement, shall only be used as an operand to these operators | misra-c2012-20.12 |
| 20.13 | A line whose first token is # shall be a valid preprocessing directive | misra-c2012-20.13 |
| 20.14 | All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they are related | misra-c2012-20.14 |
| 21.1 | #define and #undef shall not be used on a reserved identifier or reserved macro name. | misra-c2012-21.1 |
| 21.2 | A reserved identifier or reserved macro name shall not be declared. | misra-c2012-21.2 |
| 21.3 | The memory allocation and deallocation functions of <stdlib.h> shall not be used | misra-c2012-21.3 |
| 21.4 | The standard header file <setjmp.h> shall not be used | misra-c2012-21.4 |
| 21.5 | The standard header file <signal.h> shall not be used | misra-c2012-21.5 |
| 21.6 | The Standard Library input/output functions shall not be used | misra-c2012-21.6 |
| 21.7 | The atof, atoi, atol and atoll functions of <stdlib.h> shall not be used | misra-c2012-21.7 |
| 21.8 | The library functions abort, exit, getenv and system of <stdlib.h> shall not be used | misra-c2012-21.8 |
| 21.9 | The library functions bsearch and qsort of <stdlib.h> shall not be used | misra-c2012-21.9 |
| 21.10 | The Standard Library time and date functions shall not be used | misra-c2012-21.10 |
| 21.11 | The standard header file <tgmath.h> shall not be used | misra-c2012-21.11 |
| 21.12 | The standard header file <fenv.h> shall not be used. | misra-c2012-21.12 |
| 21.13 | Any value passed to a function in <ctype.h> shall be representable as an unsigned char or be the value EOF | invalidFunctionArg |
| 21.14 | The Standard Library function memcmp shall not be used to compare null terminated strings | misra-c2012-21.14 |
| 21.15 | The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types | misra-c2012-21.15 |
| 21.16 | The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type. | misra-c2012-21.16 |
| 21.17 | Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters | bufferAccessOutOfBounds |
| 21.18 | The size_t argument passed to any function in <string.h> shall have an appropriate value | bufferAccessOutOfBounds |
| 21.19 | The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type | misra-c2012-21.19 |
| 21.20 | The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerror shall not be used following a subsequent call to the same function | misra-c2012-21.20 |
| 21.21 | The standard library function system of <stdlib.h> shall not be used | misra-c2012-21.21 |
| 21.22 | All operand arguments to any type-generic macros declared in <tgmath.h> shall have an appropriate essential type. sqrt() has a non-arithmetic type of argument 'p1' | misra-c2012-21.22 |
| 21.23 | All operand arguments to any multi-argument type-generic macros declared in <tgmath.h> shall have the same standard type. | misra-c2012-21.23 |
| 21.24 | The random number generator functions of <stdlib.h> shall not be used. Calling rand() | misra-c2012-21.24 |
| 21.25 | All memory synchronization operations shall be executed in sequentially consistent order | misra-c2012-21.25 |
| 21.26 | The Standard Library function mtx_timedlock() shall only be invoked on mutex objects of appropriate mutex type | misra-c2012-21.26 |
| 22.1 | All resources obtained dynamically by means of Standard Library functions shall be explicitly released | memleak resourceLeak memleakOnRealloc leakReturnValNotUsed leakNoVarFunctionCall |
| 22.2 | A block of memory shall only be freed if it was allocated by means of a Standard Library function | autovarInvalidDeallocation |
| 22.3 | The same file shall not be open for read and write access at the same time on different streams | incompatibleFileOpen |
| 22.4 | There shall be no attempt to write to a stream which has been opened as read-only | writeReadOnlyFile |
| 22.5 | A pointer to a FILE object shall not be dereferenced | misra-c2012-22.5 |
| 22.6 | The value of a pointer to a FILE shall not be used after the associated stream has been closed | useClosedFile |
| 22.7 | The macro EOF shall only be compared with the unmodified return value from any Standard Library function capable of returning EOF | misra-c2012-22.7 |
| 22.8 | The value of errno shall be set to zero prior to a call to an errno-setting-function | misra-c2012-22.8 |
| 22.9 | The value of errno shall be tested against zero after calling an errno-setting-function | misra-c2012-22.9 |
| 22.10 | The value of errno shall only be tested when the last function to be called was an errno-setting-function | misra-c2012-22.10 |
| 22.11 | A thread that was previously either joined or detached shall not be subsequently joined nor detached | misra-c2012-22.11 |
| 22.12 | Thread objects, thread synchronization objects, and thread-specific storage pointers shall only be accessed by the appropriate Standard Library functions | misra-c2012-22.12 |
| 22.13 | Thread objects, thread synchronization objects and thread-specific storage pointers shall have appropriate storage duration | misra-c2012-22.13 |
| 22.14 | Thread synchronization objects shall be initialized before being accessed | misra-c2012-22.14 |
| 22.15 | Thread synchronization objects and thread-specific storage pointers shall not be destroyed until after all threads accessing them have terminated | misra-c2012-22.15 |
| 22.16 | All mutex objects locked by a thread shall be explicitly unlocked by the same thread | misra-c2012-22.16 |
| 22.17 | No thread shall unlock a mutex or call cnd_wait() or cnd_timedwait() for a mutex it has not locked before | misra-c2012-22.17 |
| 22.18 | Non-recursive mutexes shall not be recursively locked | misra-c2012-22.18 |
| 22.19 | A condition variable shall be associated with at most one mutex object | misra-c2012-22.19 |
| 22.20 | Thread-specific storage pointers shall be created before being accessed | misra-c2012-22.20 |
| 23.1 | A generic selection should only be expanded from a macro. | misra-c2012-23.1 |
| 23.2 | A generic selection that is not expanded from a macro shall not contain potential side effects in the controlling expression. | misra-c2012-23.2 |
| 23.3 | A generic selection should contain at least one non-default association. | misra-c2012-23.3 |
| 23.4 | A generic association shall list an appropriate type. | misra-c2012-23.4 |
| 23.5 | A generic selection should not depend on implicit pointer type conversion. | misra-c2012-23.5 |
| 23.6 | The controlling expression of a generic selection shall have an essential type that matches its standard type. | misra-c2012-23.6 |
| 23.7 | A generic selection that is expanded from a macro should evaluate its argument only once. | misra-c2012-23.7 |
| 23.8 | A default association shall appear as either the first or the last association of a generic selection. | misra-c2012-23.8 |