Moderators: misra-c, david ward
- Posts: 87
- Joined: Thu Nov 18, 2004 1:39 am
Suppose I have two functions:
Code: Select all
void f( int * );
void g( const int * );
and the following usage:
Code: Select all
f( &i );
g( &j );
Do these violate rule #9.1? The variable is used. Furthermore, in the case of the call to g(), no possibility exists of j becoming initialized by the call, unlike the call to f() with respect to i.
- Posts: 572
- Joined: Thu Jan 05, 2006 1:11 pm
The intention of the Rule 9.1 is that an object must have been given a value before the first read access of the object. So, either the object's definition must initialise it or there must be a modification access before any read access.
In the example given, whether or not the code complies depends on what functions f() and g() do with their parameters. If execution of f() results in a read access of the object pointed to by its parameter before a modification access then the code is non-compliant. If execution of f() does not result in any read access, or that read access occurs after a modification access then the code is compliant. The accesses need not occur in the body of f() itself because the parameter might be passed to other functions.
In the case of g(), it is still possible for the object pointed to by its parameter to be modified because it could be cast to "pointer to int", removing the const qualification from the object. This could break Rule 11.5 but, since j has type int, and not const int, there is no undefined behaviour. Therefore, the same considerations apply to j as to i.
Some tools might issue a diagnostic regardless of the behaviour of functions f() and g(), while others might perform a deeper analysis and be capable of issuing fewer false positive diagnostics.
Posted by and on behalf of
the MISRA C Working Group