[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: DO-178
- From: Enrico Colombini <erix@...>
- Date: Fri, 22 Jun 2012 16:08:40 +0200
On 21/06/2012 20.57, Gé Weijers wrote:
For insight into why MISRA C is well-intended but ultimately harmful:
http://www.leshatton.org/2005/11/language-subsetting-in-an-industrial-context-a-comparison-of-misra-c-1998-and-misra-c-2004/
Interesting reading, thanks. Shows how committees work :-)
I see two possible weak points in that paper, though:
- The analysis applies to retrofitting existing code, as opposed to code
written to comply with MISRA C rules from the beginning.
- I suspect those 'noise rankings' could be inaccurate even in a
retrofitting scenario, because the author implies a constant correlation
between a fix and its probability of introducing a new error, regardless
of the rule.
For example, making old code conform to a rule such as "single exit
point from a function" would have a much higher probability of
introducing new problems, compared to "always use braces in conditional
statements".
These are just my impressions; I have no experience of DO-178 or MISRA
C, even if I routinely apply a number of those 'noisy' rules to my own
coding.
--
Enrico