Skip to main content

Secondary navigation

  • Downloads
  • Integrations
  • Blog
  • Company
    • About Us
    • Team
    • Culture
    • Careers
    • Partners
    • Press
    • Events
    • Security & Compliance
  • Contact
    • Contact Us
    • Request Support
    • Subscribe
  • Language
    • English
    • 日本語
    • 简体中文
    • 한국어
Home
Perforce

Main Navigation - Mega Menu

  • Products

    Main Navigation - Mega Menu

    • Explore Products
    • All Products
    Helix Core
    Version Control
    Helix TeamHub
    Code Hosting for Git, SVN, Hg
    Methodics IPLM
    IP Lifecycle Management
    Gliffy
    Diagramming
    JRebel
    Java Application Development
    Helix DAM
    Digital Asset Management
    Helix Core
    Version Control
    Helix TeamHub
    Code Hosting for Git, SVN, Hg
    Methodics IPLM
    IP Lifecycle Management
    Gliffy
    Diagramming
    JRebel
    Java Application Development
    Helix DAM
    Digital Asset Management
  • Solutions

    Main Navigation - Mega Menu

    • Explore Solutions
    • Solutions Overview

    Main Navigation - Mega Menu

    • By Need
    • By Industry

    Main Navigation - Mega Menu

    • Application Lifecycle Management
    • Agile Project Management
    • Diagramming
    • DevOps
    • Version Control
    • IP Lifecycle Management
    • Java Application Development
    • Web & Mobile App Testing
    • Codeless Selenium Automation
    • Static Analysis & SAST
    • Audit & Compliance
    • API Management
    • Open Source Support
    • Enterprise PHP
    • HPC Debugging
    • Development Tools & Libraries

    Main Navigation - Mega Menu

    • Aerospace & Defense
    • Automotive
    • Embedded Systems
    • Semiconductor
    • Energy
    • Financial
    • Game Development
    • Virtual Production
    • Government
    • Medical Devices
    • Software
    • Digital Twins

    Main Navigation - Mega Menu

    Main Navigation - Mega Menu

    Main Navigation - Mega Menu

    Main Navigation - Mega Menu

  • Customers
  • Resources

    Main Navigation - Mega Menu

    • Explore Resources
    • Papers & Videos
    • Recorded Webinars
    • Events & Webinars
    • Blog
    • Free Trials
    • Subscribe
    Version Control in Virtual Production

    Version Control in Virtual Production Field Guide

    Read Now
  • Support
  • Services

    Main Navigation - Mega Menu

    • Consulting/Professional Services
    • Training

    Main Navigation - Mega Menu

    • Consulting Services Overview
    • Akana
    • BlazeMeter
    • Helix ALM
    • Helix Core
    • Helix QAC
    • Klocwork
    • Methodics IPLM
    • OpenLogic
    • Perfecto
    • Zend

    Main Navigation - Mega Menu

    • Training Overview
    • Hansoft
    • Helix ALM
    • Helix Core
    • Helix QAC
    • Klocwork
    • OpenLogic
    • Perfecto
    • Zend
  • Try Free
  • Downloads
  • Integrations
  • Blog
  • Company

    Main Navigation - Mega Menu

    • About Us
    • Careers
    • Culture
    • Events
    • Partners
    • Press
    • Team
  • Contact

Version 4.0

High Integrity C++ Coding Standard

Released October 3, 2013

Request PDF Version
High Integrity C++ Coding Standard
0. Introduction
1. General
2. Lexical Conventions
3. Basic Concepts
4. Standard Conversions
5. Expressions
6. Statements
7. Declarations
8. Definitions
9. Classes
10. Derived Classes
11. Member Access Control
12. Special Member Functions
13. Overloading
14. Templates
15. Exception Handling
16. Preprocessing
17. Standard Library
18. Concurrency
19. References
20. Revision History
21. Conditions of Use

6. Statements

6.1 Selection Statements


6.1.1 Enclose the body of a selection or an iteration statement in a compound statement

Follow each control flow primitive (if, else, while, for, do and switch) by a block enclosed by braces, even if the block is empty or contains only one line. Use of null statements or statement expressions in these contexts reduces code readability and making it harder to maintain.

#include <cstdint>
               
void doSomething ();
               
void foo (int32_t i)
{
if (0 == i)
doSomething (); // @@- Non-Compliant [email protected]@
else
;               // @@- Non-Compliant [email protected]@
                   
if (0 == i)
{                 // @@+ Compliant [email protected]@
doSomething ();
}
else
{                 // @@+ Compliant [email protected]@
}
                 
switch (i)
case 0:
doSomething (); // @@- Non-Compliant [email protected]@
}

References

  • HIC++ v3.3 – 5.1

View references >

6.1.2 Explicitly cover all paths through multi-way selection statements

Make sure that each if-else-if chain has a final else clause, and every switch statement has a default clause. The advantage is that all execution paths are explicitly considered, which in turn helps reduce the risk that an unexpected value will result in incorrect execution.

#include <cstdint>
               
void foo (int32_t i)
{
// @@- Non-Compliant: missing else clause to cover <tt>0 == i</tt> path [email protected]@
if (i > 0)
{
}
else if (i < 0)
{
}
                 
// @@- Non-Compliant: missing default clause [email protected]@
switch (i)
{
case 0:
break;
case 1:
break;
}
}

References

  • HIC++ v3.3 - 5.11

View references >

6.1.3 Ensure that a non-empty case statement block does not fall through to the next label

Fall through from a non-empty case block of a switch statement makes it more difficult to reason about the code, and therefore harder to maintain.

#include <cstdint>
               
void foo (int32_t i)
{
switch (i)
{
case 0:      // @@+ Compliant [email protected]@
case 1:
++i; 
break;
case 2:      // @@- Non-Compliant [email protected]@
++i;  
default:
break;
}
}

References

  • HIC++ v3.3 – 5.4

View references >

6.1.4 Ensure that a switch statement has at least two case labels, distinct from the default label

A switch statement with fewer than two case labels can be more naturally expressed as a single if statement.

#include <cstdint>
               
void doSomething ();
void doSomethingElse (); 
               
void foo (int32_t i)
{
// @@- Non-Compliant: 1 case label [email protected]@
switch (i)
{
case 0:
doSomething ();
break;
default:
doSomethingElse ();
break;
}
                 
// @@+ Compliant: an equivalent if statement [email protected]@
if (0 == i)
{
doSomething ();
}
else
{
doSomethingElse ();
}
                 
// @@- Non-Compliant: only 1 case label distinct from the default label [email protected]@
switch (i)
{
case 0:
doSomething ();
break;
case 1:
default:
doSomethingElse ();
break;
}
                 
// @@+ Compliant: 2 case labels distinct from the default label [email protected]@
switch (i)
{
case 0:
case 1:
doSomething ();
break;
default:
doSomethingElse ();
break;
}
}

Note: By virtue of this rule and Rule <hicpp ref=”intro.execution.reachable”/>, switch statements with a boolean condition should not be used.

void bar (bool b)
{
switch (b)
{
case true:
break;
case false:
break;
default:
break;  // @@- Non-Compliant: unreachable statement [email protected]@
}
                 
switch (b)
{
case true:
break;
case false:
default:
break;  // @@- Non-Compliant: only 1 case label distinct from the default label [email protected]@
}
}

References

  • JSF AV C++ Rev C – 195
  • JSF AV C++ Rev C – 196
  • MISRA C++:2008 – 6-4-7
  • MISRA C++:2008 – 6-4-8

View references >

6.2 Iteration Statements


6.2.1 Implement a loop that only uses element values as a range-based loop

A range-based for statement reduces the amount of boilerplate code required to maintain correct loop semantics. A range-based loop can normally replace an explicit loop where the index or iterator is only used for accessing the container value.

#include <iterator>
#include <cstdint>
                           
void bar ()
{
uint32_t array[] = { 0, 1, 2, 3, 4, 5, 6 };
uint32_t sum = 0;
     
// @@- Non-Compliant [email protected]@
for (uint32_t * p = std::begin (array); p != std::end (array); ++p)
{
sum += *p;
}
     
sum = 0;
// @@+ Compliant [email protected]@            
for (uint32_t v : array )
{
sum += v;
}
     
// @@+ Compliant [email protected]@
for (size_t i = 0; i != (sizeof(array)/sizeof(*array)); ++i)
{
if ((i % 2) == 0)       // Using the loop index
{
sum += array[i];
}
}
     
}

6.2.2 Ensure that a loop has a single loop counter, an optional control variable, and is not degenerate

A loop is considered ‘degenerate’ if:

  • When entered, the loop is infinite, or
  • The loop will always terminate after the first iteration.

To improve maintainability it is recommended to avoid degenerate loops and to limit them to a single counter variable.

#include <cstdint>
               
int32_t foo ();
               
void bar (int32_t max)
{
// @@- Non-Compliant: 2 loop counters [email protected]@
for (int32_t i (0), j (foo ()) ; (i < max) && (j > 0); ++i, j = foo ())
{
}
                 
bool keepGoing (true);
// @@+ Compliant: 1 loop counter and 1 control variable [email protected]@
for (int32_t i (0) ; keepGoing && (i < max); ++i)
{
keepGoing = foo () > 0;
}
                 
for (int32_t i (0) ; i < max; ++i) // @@+ Compliant [email protected]@
{
if (foo () <= 0)
{
break;
}
}
}

References

  • MISRA C++:2008 - 6-5-1
  • MISRA C++:2008 - 6-5-6

View references >

6.2.3 Do not alter a control or counter variable more than once in a loop

The behavior of iteration statements with multiple modifications of control or counter variables is difficult to understand and maintain.

#include <cstdint>
               
void foo()
{
for ( int32_t i (0); i != 10; ++i ) //@@- Non-Compliant: does this loop terminate? [email protected]@
{
if ( 0 == i % 3 )
{
++i;
}
}
}

References

  • HIC++ v3.3 – 5.6

View references >

6.2.4 Only modify a for loop counter in the for expression

It is expected that a for loop counter is modified for every iteration. To improve code readability and maintainability, the counter variable should be modified in the loop expression.

#include <cstdint>
               
bool foo ();
               
void bar (int32_t max)
{
for (int i (0) ; i < max; ) // @@- Non-Compliant [email protected]@
{
if (foo ())
{
++i;
}
}
}

References

  • HIC++ v3.3 - 5.5

View references >

6.3 Jump Statements


6.3.1 Ensure that the label(s) for a jump statement or a switch condition appear later, in the same or an enclosing block

Backward jumps and jumps into nested blocks make it more difficult to reason about the flow through the function. Loops should be the only constructs that perform backward jumps, and the only acceptable use of a goto statement is to jump forward to an enclosing block.

#include <cstdint>
               
void f1 (int32_t i)
{
start:           // @@- Non-Compliant [email protected]@
++i;
if (i < 10)
{
goto start;
}
}
   
void f2 (int32_t i)
{
do             // @@+ Compliant: Same as 'f1' using do/while loop [email protected]@
{
++i;
} while (i < 10);
}
   
   
bool f3 (int (&array)[10][10])
{
for (int j1 = 0; j1 < 10; ++j1)
{
for (int j2 = 0; j2 < 10; ++j2)
{
if (array[j1][j2] == 0)
{
goto finished;
}
   
// ...
                     
}
}
                 
finished:           // @@+ Compliant [email protected]@
return true;
}

Control can also be transferred forward into a nested block by virtue of a switch label. Unless case and default labels are placed only into the top level compound statement of the switch, the code will be difficult to understand and maintain.

#include <cstdint>
               
void f1 (int32_t i)
{
switch (i)
{
case 0:
break;
default:
if (i < 0)
{
case 1:    // @@- Non-Compliant: jump into a nested block [email protected]@
break;
}
break;
}
}

References

  • HIC++ v3.3 - 5.8

View references >

6.3.2 Ensure that execution of a function with a non-void return type ends in a return statement with a value

Undefined behavior will occur if execution of a function with a non-void return type (other than main) flows off the end of the function without encountering a return statement with a value.

#include <cstdint>
               
int32_t foo (bool b)
{
if (b)
{
return -1;
}
} // @@- Non-Compliant: flows off the end of the function [email protected]@

Exception

The main function is exempt from this rule, as an implicit return 0; will be executed, when an explicit return statement is missing.

References

  • HIC++ v3.3 – 5.10

View references >

6.4 Declaration Statement


6.4.1 Postpone variable definitions as long as possible

To preserve locality of reference, variables with automatic storage duration should be defined just before they are needed, preferably with an initializer, and in the smallest block containing all the uses of the variable.

#include <cstdint>
               
int32_t f1 (int32_t v)
{
int32_t i;         // @@- Non-Compliant [email protected]@
                 
if ((v > 0) && (v < 10))
{
i = v * v;
--i;
return i;
}
return 0;
}
               
int32_t f2 (int32_t v)
{
if ((v > 0) && (v < 10))
{
int32_t i (v*v); // @@+ Compliant [email protected]@
--i;
return i;
}
return 0;
}

The scope of a variable declared in a for loop initialization statement extends only to the complete for statement. Therefore, potential use of a control variable outside of the loop is naturally avoided.

#include <cstdint>
               
int32_t f3 (int32_t max)
{
int32_t i;
for (i = 0; i < max; ++i)         // @@- Non-Compliant [email protected]@
{
}
return i;
}
               
void f4 (int32_t max)
{
for (int32_t i (0); i < max; ++i) // @@+ Compliant [email protected]@
{
}
}

References

  • HIC++ v3.3 - 5.12
  • HIC++ v3.3 - 8.4.4

View references >

Request PDF Version

 

 

Book traversal links for 6. Statements

  • ‹ 5. Expressions
  • High Integrity C++ Coding Standard
  • 7. Declarations ›

Footer menu

  • Products
    • Plan
    • Helix ALM
    • Hansoft
    • Create & Develop
    • Helix Core
    • Helix4Git
    • Helix DAM
    • Helix TeamHub
    • Helix Swarm
    • Methodics IPLM
    • VersIC
    • Test & Validate
    • Helix QAC
    • Klocwork
    • Operate, Manage, & Scale
    • SourcePro
    • HostAccess
    • HydraExpress
    • PV-WAVE
    • Stingray
    • Visualization
  • Solutions
    • By need
    • Application Lifecycle Management
    • Agile Project Management
    • DevOps
    • Version Control
    • IP Lifecycle Management
    • Static Analysis
    • Audit & Compliance
    • Backlog Management
    • Project Portfolio Management
    • By industry
    • Aerospace & Defense
    • Automotive
    • Embedded Systems
    • Semiconductor
    • Energy & Utilities
    • Finance
    • Game Development
    • Virtual Production
    • Government
    • Life Sciences
    • Software
  • Services
    • Consulting/Professional Services
    • Consulting Services Overview
    • Akana
    • BlazeMeter
    • Helix ALM
    • Helix Core
    • Helix QAC
    • Klocwork
    • Methodics IPLM
    • OpenLogic
    • Perfecto
    • Zend
    • Training
    • Training Overview
    • Hansoft
    • Helix ALM
    • Helix Core
    • Helix QAC
    • Klocwork
    • OpenLogic
    • Perfecto
    • Zend
  • Resources
    • Papers & Videos
    • Events & Webinars
    • Recorded Webinars
    • Blog
    • Perforce U
  • Support
  • Customers
    • Case Studies
  • About
    • Our Team
    • Our Culture
    • Careers
    • Press
    • Contact Us
  • Partners
    • Integrations
    • Resellers
  • Quick links
    • Free Trials
    • Subscription Center
    • Customer Support Login
    • Educational Licenses
    • How to Buy
Home
Perforce

Copyright © Perforce Software, Inc. All rights reserved.  |  Sitemap  |  Terms of Use  |  Privacy Policy

Social menu

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • RSS
Send Feedback