Questions about 18.3

6.18 Structures and Unions

Moderators: misra-c, david ward

bigpan
Posts: 2
Joined: Mon Feb 28, 2005 8:20 am
Location: China

Questions about 18.3

Postby bigpan » Mon Feb 28, 2005 12:30 pm

I have the following patterns, anybody please kindly give me some advises on them.

/*pattern1*/
int counter;
for (counter = 0; counter < 100; counter++)
{...}
...
counter = a*b; <-- complaint?
...

/*pattern2*/
int index;
...
arr[index] = 0;
index = i *j; <-- complaint?

/*pattern3*/
int i = 0;
float f = 0;
i = (int) f; <-- complaint?

/*pattern4*/
char *pc = (char *)malloc(100);
int *pi = (int *)pc; <-- complaint? suggestive of overlapping use

/*pattern5*/
union { int i; int j; } u;
...
u.i = 0;
x = u.j <-- complaint?

MISRA Reply
Posts: 49
Joined: Mon Dec 06, 2004 12:24 pm

Postby MISRA Reply » Thu Jun 30, 2005 8:43 am

I have the following patterns, anybody please kindly give me some advises on them.

Code: Select all

/*pattern1*/
int counter;
for (counter = 0; counter < 100; counter++)
{...}
...
counter = a*b; <-- complaint?
...

This is ok, as the loop counter is not modified within the body of the loop.

Code: Select all

/*pattern2*/
int index;
...
arr[index] = 0;
index = i *j; <-- complaint?


This would not generate a complaint, assuming that the underlying types of 'i' and 'j' are suitable. However, it would be good practice to either add a check to ensure that the calculated value of 'index' was still valid and/or prove that 'i * j' could not generate an out-of-range value. Reusing 'index' in this way is not considered to be a case of an overlapping object.

Code: Select all

/*pattern3*/
int i = 0;
float f = 0;
i = (int) f; <-- complaint?


The cast is not a rule violation as it is an explicit cast. An implicit cast (i.e. without (int)) would be a violation. Also, the initialisation of 'f' to '0' violates rule 10.1 as '0' has an underlying type of int.

Code: Select all

/*pattern4*/
char *pc = (char *)malloc(100);
int *pi = (int *)pc; <-- complaint? suggestive of overlapping use


Firstly, the use of malloc() is a violation of rule 20.4. The use of the allocated block of memory to store int's would not be considered to be overlapping storage. However, this assumes that the memory is only ever used to store one type of information - it is the use of storage for different uses that we are prohibiting.

Code: Select all

/*pattern5*/
union { int i; int j; } u;
...
u.i = 0;
x = u.j <-- complaint?


A: The use of 'union' is a violation of rule 18.4. The use above shows why unions are not recommemded - all that the union has done is create an alias for a piece of data, reducing the clarity of the code.

Rule 18.2 is there to protect against undefined behaviour. For example, 'memmove' is the only library function guaranteed to work with overlapping memory regions.

Code: Select all

                 /*           111111111 */
                 /* 0123456789012345678 */
char_t Buffer[] = \"The quick brown fox\";
...
memmove(&Buffer[4], &Buffer[10], 10); /* Gives    \"The brown fox\" */
memcpy (&Buffer[4], &Buffer[10], 10); /* May give \"The foxwn fox\" */

memcpy is not required to ensure that the overlapping region is copied first, possibly giving an unexpected result. The behaviour of memcpy is not defined for overlapping regions of memory.


Return to “6.18 Structures and Unions”

Who is online

Users browsing this forum: No registered users and 3 guests