The accurate procedure flows and controls

The execution procedure of the procedure is judged, jumped to rotate and circulated and formed from the terms, no procedure will lack control that the procedure flowed. Then do the incomparable sentences that know of these programmers well such as if, for, while, switch have a hidden danger too? In fact, C language is very flexible, this kind of flexibility wrote codes for the programmer to bring a lot of facilities, but brought a lot expressions apts to cause confusion at the same time. These expressions totally accord with C language standard, but the programmer is difficult to find that made mistakes by oneself sometimes, the final result is to make the procedure enter wrong execution procedure. Even if programmer make mistakes, some apt expression that obscure can understand the procedure to bring and perplex for other people too, make the maintenance of the procedure difficult. Besides this, control procedure way will also produce the uncertain operation result on a small quantity, and these results are difficult to be discovered.

How to make the procedure of the procedure control clearly, accurately, do not produce the expression obscured? MISRA-C provides a lot of relevant regulations, the control making the procedure flow makes the norm, avoid producing various obscurity and uncertainty, the fault in flowing and controlling that thus reduce the procedure on the biggest intensity, and make the maintenance of the procedure easier.

Now proceed from several examples, tell how the obscurity was produced, provide MISRA-C relevant rule regarding the procedure flows and controls finally, help readers to standardize the habit of programming.

An expression way apt to obscure
See two sections of such codes first:


In C standard, what the condition sentence needs is the cloth value, the cloth value of the sentence expression formula of the condition was actually dealt with according to the integrated type, so there is not any question in grammar and logic in these two sections of codes. Judge whether x equals y in first section of codes. If is equal, transfer foo ‘ Function; Compose the value of y to x at first in second section of codes, then judge whether x is O, if not 0, transfer foo ‘ Function. These two sections of codes only differ by an equal sign, but make to judge the condition differs widely, the execution procedure of the procedure will present the difference greatly.

It is believed that readers will all meet it when writing the procedure ” ==”Sentence of this judgement is written as the assignment sentence by mistake ” =”Situation. While facing these two sentences, how can judge fast and accurately this is a fault of a correct or programmer? At the simpler time of procedure, very easy to judge, but when the procedure procedure is more complicated, it is difficult to spend a large amount of time to provide the definite answer, and is extremely probably incorrect in these places.

Such obscurity, in fact can avoid easily, MISRA-C has put forward the following mandatory rule.
Rule 13. 1: The expression formula of assignment can’t be used in and need the place of the value of cloth. According to the standard of MISRA-C, the second section of codes should be written:


In this way, as seeing that needs the place of the value of cloth to present the expression formula of assignment, can judge immediately this is a mistake. Under this rule, the following expression is not allowed either:


Similar to this rule, MISRA-C has also put forward the rule to recommend as follows, to avoid the obscurity of integrated type variable and cloth type.

Rule 13.2 give a recommendation ; Judge whether a value should be explicit for 0, it is a cloth value unless should operate and count.

This rule has forbidden the following expression:


Likewise, there is not any question in grammar and logic in this section of codes, the compiler will not provide any mistake or warn either. In the procedure carries out, when x equals l, composes the value of b to a, then add a by 2, withdraw; When x equals 2, add the value of a by 2 directly, then withdraw. But here will be probably a section of wrong code, probably x equals 1 o’clock for the programmer’s original idea, compose the value of b to a, when x equals 2, adds the value of a by 2 directly.

In order to avoid such obscurity, MISRA-C has put forward the following mandatory rule.

The rule 15.2: All non- empty switch clauses should end up with break sentence.
According to this rule, the procedure above should write:


Have some rules to present and is obscured while controlling of preventing the procedure from flowing in MISRA-C.
Rule 13. 5: 3 expression formulae that for sentence hits can only and circulate and control relevantly. Can only compose initial value in order to circulate the variable in first expression formula, the second expression formula can only circulate the judgement of the terms, third expression formula can only be gone on and circulated variabled to increase make a reduction of Value.

The rule 13.6: In for circulates, circulating the variable can only be revised in the third expression formula of for sentence, do not allow to revise in circulating the body.

The rule 13.7: The value of the expression formula of cloth must change.
For example, the following code is not allowed:


The result that the mistake lies in this condition judges is real all the time.
The rule 14.1: There can’t be code unable to carry out.
The rule 14.2: Only if the empty sentence must or produce the side effect side effect ; Or make the procedure procedure change.

For example, the following code is not allowed:


x

Tags: ,

This entry was posted on Tuesday, April 26th, 2011 at 12:39 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

«
»

Leave a Reply