Page 1 of 1

13.5 clarification on loop index iusage

Posted: Thu Sep 04, 2008 10:23 am
by Alexandre Langenieux
Dear Misra Committee,

Rule 13.5 seems not clearly explicit about the content of the for expressions.
  • First expression: Initialization of the loop coounter if present. Can we consider as valid code the following examples:

    Code: Select all

    int32_t i=0;
    
    for (i++;i<100;i++){  /* i is assigned to 1, but not clearly. Does is comply to Misra philosophy ? */
    }
    

    Code: Select all

    void Init_Index(int32_t *p){
       *p = 0;
    }
    void bar(void){
       int32_t i;
    
       for (Init_Index(&i);i<100;i++){  /* i is indirectly assigned to 0, but not clearly. Does is comply to Misra philosophy ? */
       }
    }
    
    Second expression: Shall include the loop counter testing ... Can we consider the following code as Misra compliant ?

    Code: Select all

    bool Test_Index(int32_t index, int32_t bound){
       return (bool)(p<bound);
    }
    void bar(void){
       int32_t i;
    
       for (i=0;Test_Index(i, 100);i++){  /* i is tested outside the for loop. Does is comply to Misra philosophy ? */
       }
    }
    
    The same question for the third expression if the loop counter is incremented or decremented by a function call.
Thanks to clarify these cases.
Alexandre.

Re: 13.5 clarification on loop index iusage

Posted: Thu Sep 04, 2008 12:42 pm
by Lundin
My opinion is that MISRA 13.5 could be formulated clearer. It says that the first expression of the loop should only initialize the loop counter. But if we are speaking of strict programming terms, initialization refers only to:

int i = 0;

and not to

int i;
i=0;

The first example is initialization, the second one is assignment. The difference is very important if the code for example is ported to C++, where there is a big difference between initialization and assignment. C++ programmers would definitely only consider the first example as initialization, and it is safe to assume that plenty of C++ programmers end up writing C programs.
C++ also allows initialization within the for-loop, as it allows variable declarations there. C does not.

Perhaps the MISRA rule should be formulated as this:
"Fist expression Assigning a value to the loop counter by using the assignment operator (=)."

---

Regarding the second expression in the original post: calling a function from the test part of the loop is usually not smart performance-wise. You will get the function calling overhead each time you run the loop. Though as long as the counter test code is clear, I don't see how it would make the code less safe, which should be MISRA's only concern.

Re: 13.5 clarification on loop index iusage

Posted: Wed Sep 24, 2008 11:32 am
by misra-c
These forms of loop are far from ideal, but do comply with the requirements of Rule 13.5 as written.

Use of for loops in this way will be reviewed and may be deprecated in subsequent versions of MISRA C.

[ID:0000011]