Rule 17.1 compatibility

6.17 Pointers and Arrays

Moderators: misra-c, david ward

Post Reply
misterb
Posts: 4
Joined: Fri Sep 09, 2011 4:21 pm
Company: Müller-BBM AST GmbH

Rule 17.1 compatibility

Post by misterb » Wed Oct 05, 2011 8:54 am

Dear all,

below, you find code that shall be full MISRA-C:2004 compatible except MISRA rule 17.1 (according to my compiler). I removed the header file module.h for readability.

Code: Select all

/* now module.c begins */
float32_t Defaults[6];

void misra17_1test(const float32_t in[6])
{
  uint32_t s = 0u;
  float32_t mythreshold = 0.0f;
  float32_t tmpMax = 0.0f;
  for (s = 0u; s < 6u; s++) {
       mythreshold = in[s]; /* a MISRA 17.1 violation is detected here by compiler */ 

    /* do something */ 
       
    if (tmpMax > mythreshold) {
      /* do something */
    }
    else {
      /* do something */
    }
  }
}
*-----------------------------------------------------------------------------------------*/
/* now the main.c module begins */
extern float32_t Defaults[6];

int32_t main(void)
{
  int32_t j = 0;
	for(j=0; j<10000; j++){
  	misra17_1test(Defaults);
	}
	return 0;
}
The compiler detects a MISRA rule 17.1 violation in misra17_1test() , but I can't understand the violation, because mythreshold isn't a pointer and in[] isn't a pointer to. So who is correct, the compiler or me? If I'm not correct, why?

Kind regards,

Michael

fpeelo
Posts: 15
Joined: Fri Jul 20, 2007 3:31 pm

Re: Rule 17.1 compatibility

Post by fpeelo » Wed Oct 05, 2011 2:32 pm

Rule 17.1 is "Pointer arithmetic shall only be applied to pointers that address an array or array element".

So it looks like your compiler is treating the parameter in as a pointer, not recognising that it points to an array.

According to K&R 2nd edition, "As formal parameters in a function definition,
char s[];
and
char *s;
are equivalent; we prefer the latter because it says more explicitly that the parameter is a pointer."
So maybe the compiler is reducing "const float32_t in[6]" to "const float32_t *in" before checking for MISRA violations?

Yes, your function prototype says "in[6]" but I don't believe C pays any attention to the "6".

This worries me, because I would like to have code that is as compliant as possible, and I don't see how to declare a function that operates on an array, that would be compliant. I asked here about whether it is possible (even the innocuous strlen() cannot be defined in a compliant way, unless I misunderstand).

Frank

misra-c
Posts: 561
Joined: Thu Jan 05, 2006 1:11 pm

Re: Rule 17.1 compatibility

Post by misra-c » Thu Oct 06, 2011 11:44 am

The parameter "in" is pointing to the first element of the array "Defaults" so the array indexing operation does not break Rule 17.1.
---
Posted by and on behalf of
the MISRA C Working Group

Post Reply

Return to “6.17 Pointers and Arrays”