13.5 clarification on loop index iusage

6.13 Control Statement Expressions

Moderators: misra-c, david ward

Locked
Alexandre Langenieux
Posts: 2
Joined: Fri Aug 08, 2008 2:19 pm
Company: The MathWorks

13.5 clarification on loop index iusage

Post by Alexandre Langenieux » Thu Sep 04, 2008 10:23 am

Dear Misra Committee,

Rule 13.5 seems not clearly explicit about the content of the for expressions.
  • First expression: Initialization of the loop coounter if present. Can we consider as valid code the following examples:

    Code: Select all

    int32_t i=0;
    
    for (i++;i<100;i++){  /* i is assigned to 1, but not clearly. Does is comply to Misra philosophy ? */
    }
    

    Code: Select all

    void Init_Index(int32_t *p){
       *p = 0;
    }
    void bar(void){
       int32_t i;
    
       for (Init_Index(&i);i<100;i++){  /* i is indirectly assigned to 0, but not clearly. Does is comply to Misra philosophy ? */
       }
    }
    
    Second expression: Shall include the loop counter testing ... Can we consider the following code as Misra compliant ?

    Code: Select all

    bool Test_Index(int32_t index, int32_t bound){
       return (bool)(p<bound);
    }
    void bar(void){
       int32_t i;
    
       for (i=0;Test_Index(i, 100);i++){  /* i is tested outside the for loop. Does is comply to Misra philosophy ? */
       }
    }
    
    The same question for the third expression if the loop counter is incremented or decremented by a function call.
Thanks to clarify these cases.
Alexandre.

Lundin
Posts: 70
Joined: Mon Dec 10, 2007 1:57 pm

Re: 13.5 clarification on loop index iusage

Post by Lundin » Thu Sep 04, 2008 12:42 pm

My opinion is that MISRA 13.5 could be formulated clearer. It says that the first expression of the loop should only initialize the loop counter. But if we are speaking of strict programming terms, initialization refers only to:

int i = 0;

and not to

int i;
i=0;

The first example is initialization, the second one is assignment. The difference is very important if the code for example is ported to C++, where there is a big difference between initialization and assignment. C++ programmers would definitely only consider the first example as initialization, and it is safe to assume that plenty of C++ programmers end up writing C programs.
C++ also allows initialization within the for-loop, as it allows variable declarations there. C does not.

Perhaps the MISRA rule should be formulated as this:
"Fist expression Assigning a value to the loop counter by using the assignment operator (=)."

---

Regarding the second expression in the original post: calling a function from the test part of the loop is usually not smart performance-wise. You will get the function calling overhead each time you run the loop. Though as long as the counter test code is clear, I don't see how it would make the code less safe, which should be MISRA's only concern.

misra-c
Posts: 569
Joined: Thu Jan 05, 2006 1:11 pm

Re: 13.5 clarification on loop index iusage

Post by misra-c » Wed Sep 24, 2008 11:32 am

These forms of loop are far from ideal, but do comply with the requirements of Rule 13.5 as written.

Use of for loops in this way will be reviewed and may be deprecated in subsequent versions of MISRA C.

[ID:0000011]
---
Posted by and on behalf of
the MISRA C Working Group

Locked

Return to “6.13 Control Statement Expressions”