Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Does constness count as a type difference in rule 11.2?
#1
I have an incomplete struct type, as per Directive 4.8. I declare types for pointers to the hidden struct:

typedef struct s_EthBuf *TEthBuf;
typedef struct s_EthBuf const *CTEthBuf;

The actual type, and an instance of the type, are declared in the translation unit that also defines the functions which operate on it.

Some functions need to modify the contents of the object, so they take a parameter of type TEthBuf. Some do not; they take a parameter of type CTEthBuf.

PC-Lint tells me that assigning a TEthBuf pointer to a variable of type CTEthBuf, or const TEthBuf, or passing it to a function which takes CTEthBuf as its parameter type, violates rule 11.2.

So: if I have struct s_EthBuf X then the following get the warning the 11.2 is violated:
CTEthBuf a = X;
const TEthBuf b = X;
foo(x)
- where foo is declared as void foo(CTEthBuf buf);

But it's OK to do
TEthBuf c = X;

But the type is the same, it's just that foo() doesn't change anything in the object.

Is PC-Lint correct here, when it believes that the types are different from the point of view of rule 11.2?
<t></t>
#2
fpeelo Wrote:typedef struct s_EthBuf *TEthBuf;
typedef struct s_EthBuf const *CTEthBuf;

Sorry, that latter type should have been

typedef const struct s_EthBuf *CTEthBuf;

It's for rule 8.13

But whichever way around it's put, PC-Lint still recognises TEthBuf and CTEthBuf as distinct types, so a function with a parameter TEthBuf cannot pass it to a function which takes CTEthBuf, or const struct s_EthBuf *
<t></t>
#3
This response refers to code in the following form. It is assumed that X is a pointer as mentioned in the wording.
Code:
struct s_EthBuf;
typedef struct s_EthBuf *TEthBuf;
typedef const struct s_EthBuf *CTEthBuf;

extern void foo(CTEthBuf buf);

void fn ( struct s_EthBuf *X )
{
   CTEthBuf a = X;
   const TEthBuf b = X;
   TEthBuf c = X;

   foo(X);
}
Where pointers are involved, Rule 11.2 applies to the unqualified types that are pointed to by the pointer. Therefore none of these examples violate rule 11.2.

The destination pointer must contain all the type qualifications of the source type, otherwise the result is a constraint error in C99. See section 8.11 of the MISRA-C guidelines. There is no restriction on the destination having more type qualifiers than the source.
Posted by and on behalf of the MISRA C Working Group


Forum Jump:


Users browsing this thread: 2 Guest(s)