Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
9.1 Variable may not have been initialized
#1
Hello,

I have an issue with MISRA 9.1 rule. In my code i have a "if" loop and inside that a variable is initialized and then is read after that. But when i do static analysis using pclint then i have a warning for 9.1 rule. Below is my code :

struct mgm2_info_return msg_ascu_info;
Code:
if(klr_ecuConf_t->feat_multislave)
    {
        msg_ascu_info = mgmF_massage_get_ascu_info();
    }
    msg_info = mgmF_massage_get_info();

The line where it is read and where warning occurs:
Code:
if( (((vF_mcms_fl_on((tm_uint8)V_FLONCMD_ACK)) ||
          (msg_info.pmcu_state ==  LDF_MASSSQC_STATE_ACTIVE))
                    &&((klr_ecuConf_t->feat_multislave)
                    || (msg_ascu_info.ascu_state ==  LDF_MASSSQC_STATE_ACTIVE))
        ) &&
        (msg_info.pmcu_trig_source == RqSource_ActvComf))

Do i need to write a justification or i need to initialize the entire structure first?
<t></t>
Reply
#2
Be advised that MISRA 2004 is superseded by MISRA 2012 and that rule 9.1 has become mandatory - no deviation permitted.
If msg_ascu_info is a stack variable and the two if statements shown are sequential you have a serious problem if klr_ecuConf_t->feat_multislave is zero.
<t></t>
Reply
#3
Yes, the two IF statements are sequential. But here klr_ecuConf_t->feat_multislave is assigned a value that is greater then zero at runtime as it is a slave variant.

But, it is not assigned any value in this function.
<t></t>
Reply
#4
This code will be a violation of rule 9.1 if it can be shown that this code can be reached when "klr_ecuConf_t->feat_multislave" is False and "msg_ascu_info" is unset. Without the full code it is not possible to give a definite answer.

If the code is very complex, it may not be possible for a static analysis to determine whether the above conditions are met or not.
Posted by and on behalf of the MISRA C Working Group
Reply
#5
You may have to write your code differently and less complex.

1. The first IF doesn't perform a real test. Actually you're only test that the variable is not empty, instead of "== true/false/on/off/etc .
2. For the second IF, you know that the compiler will generate/use temporary variables/registers to store temporary test results.
My opinion is: Do it yourself :). Create local variables to store your checks.
Small tasks are easier to read/maintain/debug/optimize ^^

One example:
Code:
..(vF_mcms_fl_on((tm_uint8)V_FLONCMD_ACK)) || (msg_info.pmcu_state ==  LDF_MASSSQC_STATE_ACTIVE)...

You're comparing return of a function with the result of a test.
i assume that the result of the function, even if you define a boolean type, is not the same type of the "==" test result...
<t></t>
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)