SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 95

changes.mady.by.user Astha Singhal

Saved on

compared with

New Version 96

changes.mady.by.user Astha Singhal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

Evaluation of an expression may produce side effects. At specific points during execution, known as sequence points, all side effects of previous evaluations have completed, and no side effects of subsequent evaluations have yet taken place.

Wiki MarkupAccording to C99, Section 6.5 \[ [ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\]

Between the previous and next sequence point an object can only have its stored value modified once by the evaluation of an expression. Additionally, the prior value can be read only to determine the value to be stored.

...

This requirement must be met for each allowable ordering of the subexpressions of a full expression; otherwise, the behavior is undefined.

Wiki MarkupThe following sequence points are defined in Annex C, Sequence Points, of C99 \[ [ISO/IEC 9899-1999|AA. Bibliography#ISO/IEC 9899-1999]\]:

  • The call to a function, after the arguments have been evaluated.
  • The end of the first operand of the following operators:
    • logical AND: &&
    • logical OR: ||
    • conditional: ?
    • comma operator: ,
  • The end of a full declarator.
  • The end of a full expression:
    • an initializer
    • the expression in an expression statement (that is, at the semicolon)
    • the controlling expression of a selection statement (if or switch)
    • the controlling expression of a while or do statement
    • each of the expressions of a for statement
    • the expression in a return statement.
  • Immediately before a C standard library function returns.
  • After the actions associated with each formatted input/output function conversion specifier.
  • Immediately before and immediately after each call to a comparison function, by a standard searching or sorting function, and between any call to a comparison function and any movement of the objects passed as arguments to that call.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP30-C

medium

probable

medium

P8

L2

Automated Detection

Tool

Version

Checker

Description

Section

Splint

Include Page
c:Splint_Vc:
Splint_V

 

 

Section

GCC

Include Page
c:GCC_Vc:
GCC_V

 

Section

can detect violations of this rule when the -Wsequence-point flag is used.

Section

Compass/ROSE

 

 

Section

can detect simple violations of this rule. It needs to examine each expression and make sure that no variable is modified twice in the expression. Also no variable is modified once, and read elsewhere, with the single exception that a variable may appear on both the left and right of an assignment operator.

Section

Coverity Prevent

Include Page
c:Coverity_Vc:
Coverity_V
Section

EVALUATION_ORDER

Section

can detect the specific instance where Statement contains multiple side-effects on the same value with an undefined evaluation order because with different compiler flags or different compilers or platforms, the statement may behave differently.

Section

LDRA tool suite

Include Page
c:LDRA_Vc:
LDRA_V
Section

35 D
1 Q
9 S
30 S
134 S

Section

Fully Implemented

...

MISRA Rule 12.1

Bibliography

...

\[[Summit 2005|AA. Bibliography#Summit 05]\] Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, and 3.11 \[
[Saks 2007|AA. Bibliography#Saks 07]\]

...

EXP21-C. Place constants on the left of equality comparisons      EXP30-C. Do not depend on order of evaluation between sequence points      EXP30-C. Do not depend on order of evaluation between sequence points