Skip to main content

Secondary navigation

  • Downloads
  • Integrations
  • Blog
  • Company
    • About Us
    • Team
    • Culture
    • Careers
    • Partners
    • Press
    • Events
  • Contact
    • Contact Us
    • Request Support
    • Subscribe
  • Language
    • English
    • 日本語
    • 简体中文
    • 한국어
    • Deutsche
Home
Perforce

Main Navigation - Mega Menu

  • Products

    Main Navigation - Mega Menu

    • Explore Products
    • All Products

    Main Navigation - Mega Menu

    • Plan
    • Create & Develop
    • Test & Validate
    • Operate, Manage, & Scale
    Helix Core
    Helix4Git
    Helix TeamHub
    Helix ALM
    Hansoft
    Gliffy
    Perfecto
    TestCraft
    Helix QAC
    Klocwork
    Akana
    OpenLogic
    Zend Server
    TotalView
    XRebel
    HostAccess
    SourcePro
    Stingray
    HydraExpress
    PV-WAVE
    Visualization
    IMSL
    Methodics IPLM
    VersIC
    JRebel
  • Solutions

    Main Navigation - Mega Menu

    • Explore Solutions
    • Solutions Overview

    Main Navigation - Mega Menu

    • By Need
    • By Industry

    Main Navigation - Mega Menu

    • Plan
    • Create & Develop
    • Test & Validate
    • Operate, Manage, & Scale

    Main Navigation - Mega Menu

    • Aerospace & Defense
    • Automotive
    • Embedded Systems
    • Semiconductor
    • Energy
    • Financial
    • Game Development
    • Virtual Production
    • Government
    • Medical Devices
      Icon
    • Software

    Main Navigation - Mega Menu

    • Application Lifecycle Management
    • Agile Project Management
    • Diagramming

    Main Navigation - Mega Menu

    • DevOps
    • Version Control
    • IP Lifecycle Management
    • Java Application Development

    Main Navigation - Mega Menu

    • Web & Mobile App Testing
    • Codeless Selenium Automation
    • Static Analysis
    • Audit & Compliance

    Main Navigation - Mega Menu

    • API Management
    • Open Source Support
    • Enterprise PHP
    • HPC Debugging
    • Development Tools & Libraries
  • Customers
  • Resources

    Main Navigation - Mega Menu

    • Explore Resources
    • Papers & Videos
    • Recorded Webinars
    • Events
    • Blog
    • Demos
    • Subscribe
    Image VCS IPreuse Preview new

    How to Make IP Reuse Work For You

    Read Now
  • Support

    Main Navigation - Mega Menu

    • Explore Support
    • Support Plans
    • Self-Service Resources
    • Documentation
    • Video Tutorials
    • Training
    • Consulting
    • Release Notes
    • Download Software
    • Request Support

    Support

    Get answers quick by searching our public knowledgebase

    Visit Perforce KB

  • Try Free
  • Downloads
  • Integrations
  • Blog
  • Company

    Main Navigation - Mega Menu

    • About Us
    • Careers
    • Culture
    • Events
    • Partners
    • Press
    • Team
  • Contact

Version 4.0

High Integrity C++ Coding Standard

Released October 3, 2013

Request PDF Version
High Integrity C++ Coding Standard
0. Introduction
1. General
2. Lexical Conventions
3. Basic Concepts
4. Standard Conversions
5. Expressions
6. Statements
7. Declarations
8. Definitions
9. Classes
10. Derived Classes
11. Member Access Control
12. Special Member Functions
13. Overloading
14. Templates
15. Exception Handling
16. Preprocessing
17. Standard Library
18. Concurrency
19. References
20. Revision History
21. Conditions of Use

6. Statements

6.1 Selection Statements


6.1.1 Enclose the body of a selection or an iteration statement in a compound statement

Follow each control flow primitive (if, else, while, for, do and switch) by a block enclosed by braces, even if the block is empty or contains only one line. Use of null statements or statement expressions in these contexts reduces code readability and making it harder to maintain.

#include <cstdint>
               
void doSomething ();
               
void foo (int32_t i)
{
if (0 == i)
doSomething (); // @@- Non-Compliant [email protected]@
else
;               // @@- Non-Compliant [email protected]@
                   
if (0 == i)
{                 // @@+ Compliant [email protected]@
doSomething ();
}
else
{                 // @@+ Compliant [email protected]@
}
                 
switch (i)
case 0:
doSomething (); // @@- Non-Compliant [email protected]@
}

References

  • HIC++ v3.3 – 5.1

View references >

6.1.2 Explicitly cover all paths through multi-way selection statements

Make sure that each if-else-if chain has a final else clause, and every switch statement has a default clause. The advantage is that all execution paths are explicitly considered, which in turn helps reduce the risk that an unexpected value will result in incorrect execution.

#include <cstdint>
               
void foo (int32_t i)
{
// @@- Non-Compliant: missing else clause to cover <tt>0 == i</tt> path [email protected]@
if (i > 0)
{
}
else if (i < 0)
{
}
                 
// @@- Non-Compliant: missing default clause [email protected]@
switch (i)
{
case 0:
break;
case 1:
break;
}
}

References

  • HIC++ v3.3 - 5.11

View references >

6.1.3 Ensure that a non-empty case statement block does not fall through to the next label

Fall through from a non-empty case block of a switch statement makes it more difficult to reason about the code, and therefore harder to maintain.

#include <cstdint>
               
void foo (int32_t i)
{
switch (i)
{
case 0:      // @@+ Compliant [email protected]@
case 1:
++i; 
break;
case 2:      // @@- Non-Compliant [email protected]@
++i;  
default:
break;
}
}

References

  • HIC++ v3.3 – 5.4

View references >

6.1.4 Ensure that a switch statement has at least two case labels, distinct from the default label

A switch statement with fewer than two case labels can be more naturally expressed as a single if statement.

#include <cstdint>
               
void doSomething ();
void doSomethingElse (); 
               
void foo (int32_t i)
{
// @@- Non-Compliant: 1 case label [email protected]@
switch (i)
{
case 0:
doSomething ();
break;
default:
doSomethingElse ();
break;
}
                 
// @@+ Compliant: an equivalent if statement [email protected]@
if (0 == i)
{
doSomething ();
}
else
{
doSomethingElse ();
}
                 
// @@- Non-Compliant: only 1 case label distinct from the default label [email protected]@
switch (i)
{
case 0:
doSomething ();
break;
case 1:
default:
doSomethingElse ();
break;
}
                 
// @@+ Compliant: 2 case labels distinct from the default label [email protected]@
switch (i)
{
case 0:
case 1:
doSomething ();
break;
default:
doSomethingElse ();
break;
}
}

Note: By virtue of this rule and Rule <hicpp ref=”intro.execution.reachable”/>, switch statements with a boolean condition should not be used.

void bar (bool b)
{
switch (b)
{
case true:
break;
case false:
break;
default:
break;  // @@- Non-Compliant: unreachable statement [email protected]@
}
                 
switch (b)
{
case true:
break;
case false:
default:
break;  // @@- Non-Compliant: only 1 case label distinct from the default label [email protected]@
}
}

References

  • JSF AV C++ Rev C – 195
  • JSF AV C++ Rev C – 196
  • MISRA C++:2008 – 6-4-7
  • MISRA C++:2008 – 6-4-8

View references >

6.2 Iteration Statements


6.2.1 Implement a loop that only uses element values as a range-based loop

A range-based for statement reduces the amount of boilerplate code required to maintain correct loop semantics. A range-based loop can normally replace an explicit loop where the index or iterator is only used for accessing the container value.

#include <iterator>
#include <cstdint>
                           
void bar ()
{
uint32_t array[] = { 0, 1, 2, 3, 4, 5, 6 };
uint32_t sum = 0;
     
// @@- Non-Compliant [email protected]@
for (uint32_t * p = std::begin (array); p != std::end (array); ++p)
{
sum += *p;
}
     
sum = 0;
// @@+ Compliant [email protected]@            
for (uint32_t v : array )
{
sum += v;
}
     
// @@+ Compliant [email protected]@
for (size_t i = 0; i != (sizeof(array)/sizeof(*array)); ++i)
{
if ((i % 2) == 0)       // Using the loop index
{
sum += array[i];
}
}
     
}

6.2.2 Ensure that a loop has a single loop counter, an optional control variable, and is not degenerate

A loop is considered ‘degenerate’ if:

  • When entered, the loop is infinite, or
  • The loop will always terminate after the first iteration.

To improve maintainability it is recommended to avoid degenerate loops and to limit them to a single counter variable.

#include <cstdint>
               
int32_t foo ();
               
void bar (int32_t max)
{
// @@- Non-Compliant: 2 loop counters [email protected]@
for (int32_t i (0), j (foo ()) ; (i < max) && (j > 0); ++i, j = foo ())
{
}
                 
bool keepGoing (true);
// @@+ Compliant: 1 loop counter and 1 control variable [email protected]@
for (int32_t i (0) ; keepGoing && (i < max); ++i)
{
keepGoing = foo () > 0;
}
                 
for (int32_t i (0) ; i < max; ++i) // @@+ Compliant [email protected]@
{
if (foo () <= 0)
{
break;
}
}
}

References

  • MISRA C++:2008 - 6-5-1
  • MISRA C++:2008 - 6-5-6

View references >

6.2.3 Do not alter a control or counter variable more than once in a loop

The behavior of iteration statements with multiple modifications of control or counter variables is difficult to understand and maintain.

#include <cstdint>
               
void foo()
{
for ( int32_t i (0); i != 10; ++i ) //@@- Non-Compliant: does this loop terminate? [email protected]@
{
if ( 0 == i % 3 )
{
++i;
}
}
}

References

  • HIC++ v3.3 – 5.6

View references >

6.2.4 Only modify a for loop counter in the for expression

It is expected that a for loop counter is modified for every iteration. To improve code readability and maintainability, the counter variable should be modified in the loop expression.

#include <cstdint>
               
bool foo ();
               
void bar (int32_t max)
{
for (int i (0) ; i < max; ) // @@- Non-Compliant [email protected]@
{
if (foo ())
{
++i;
}
}
}

References

  • HIC++ v3.3 - 5.5

View references >

6.3 Jump Statements


6.3.1 Ensure that the label(s) for a jump statement or a switch condition appear later, in the same or an enclosing block

Backward jumps and jumps into nested blocks make it more difficult to reason about the flow through the function. Loops should be the only constructs that perform backward jumps, and the only acceptable use of a goto statement is to jump forward to an enclosing block.

#include <cstdint>
               
void f1 (int32_t i)
{
start:           // @@- Non-Compliant [email protected]@
++i;
if (i < 10)
{
goto start;
}
}
   
void f2 (int32_t i)
{
do             // @@+ Compliant: Same as 'f1' using do/while loop [email protected]@
{
++i;
} while (i < 10);
}
   
   
bool f3 (int (&array)[10][10])
{
for (int j1 = 0; j1 < 10; ++j1)
{
for (int j2 = 0; j2 < 10; ++j2)
{
if (array[j1][j2] == 0)
{
goto finished;
}
   
// ...
                     
}
}
                 
finished:           // @@+ Compliant [email protected]@
return true;
}

Control can also be transferred forward into a nested block by virtue of a switch label. Unless case and default labels are placed only into the top level compound statement of the switch, the code will be difficult to understand and maintain.

#include <cstdint>
               
void f1 (int32_t i)
{
switch (i)
{
case 0:
break;
default:
if (i < 0)
{
case 1:    // @@- Non-Compliant: jump into a nested block [email protected]@
break;
}
break;
}
}

References

  • HIC++ v3.3 - 5.8

View references >

6.3.2 Ensure that execution of a function with a non-void return type ends in a return statement with a value

Undefined behavior will occur if execution of a function with a non-void return type (other than main) flows off the end of the function without encountering a return statement with a value.

#include <cstdint>
               
int32_t foo (bool b)
{
if (b)
{
return -1;
}
} // @@- Non-Compliant: flows off the end of the function [email protected]@

Exception

The main function is exempt from this rule, as an implicit return 0; will be executed, when an explicit return statement is missing.

References

  • HIC++ v3.3 – 5.10

View references >

6.4 Declaration Statement


6.4.1 Postpone variable definitions as long as possible

To preserve locality of reference, variables with automatic storage duration should be defined just before they are needed, preferably with an initializer, and in the smallest block containing all the uses of the variable.

#include <cstdint>
               
int32_t f1 (int32_t v)
{
int32_t i;         // @@- Non-Compliant [email protected]@
                 
if ((v > 0) && (v < 10))
{
i = v * v;
--i;
return i;
}
return 0;
}
               
int32_t f2 (int32_t v)
{
if ((v > 0) && (v < 10))
{
int32_t i (v*v); // @@+ Compliant [email protected]@
--i;
return i;
}
return 0;
}

The scope of a variable declared in a for loop initialization statement extends only to the complete for statement. Therefore, potential use of a control variable outside of the loop is naturally avoided.

#include <cstdint>
               
int32_t f3 (int32_t max)
{
int32_t i;
for (i = 0; i < max; ++i)         // @@- Non-Compliant [email protected]@
{
}
return i;
}
               
void f4 (int32_t max)
{
for (int32_t i (0); i < max; ++i) // @@+ Compliant [email protected]@
{
}
}

References

  • HIC++ v3.3 - 5.12
  • HIC++ v3.3 - 8.4.4

View references >

Request PDF Version

 

 

Book traversal links for 6. Statements

  • ‹ 5. Expressions
  • High Integrity C++ Coding Standard
  • 7. Declarations ›

Footer menu

  • Products
    • Version Control System
    • Helix Core
    • Methodics IPLM
    • VersIC
    • Enterprise Agile Planning
    • Hansoft
    • Dev Collaboration
    • Helix TeamHub
    • Helix Swarm
    • Helix4Git
    • Development Lifecycle Management
    • Helix ALM
    • Surround SCM
    • Static Analysis
    • Helix QAC
    • Klocwork
    • Development Tools & Libraries
    • HostAccess
    • HydraExpress
    • PV-WAVE
    • SourcePro
    • Stingray
    • Visualization
  • Solutions
    • By need
    • Version Control
    • Application Lifecycle Management
    • Agile Project Management
    • Backlog Management
    • Project Portfolio Management
    • Audit & Compliance
    • DevOps
    • Static Analysis
    • IP Lifecycle Management
    • By industry
    • Game Development
    • Life Sciences
    • Software
    • Automotive
    • Embedded Systems
    • Government
    • Finance
    • Energy & Utilities
    • Aerospace & Defense
    • Virtual Production
    • Semiconductor
  • Resources
    • Papers & Videos
    • Events & Webinars
    • Recorded Webinars
    • Blog
  • Support
    • Documentation
    • Request Support
    • Video Tutorials
    • Training
    • Consulting
    • Release Notes
    • Download
  • Customers
    • Case Studies
  • About
    • Our Team
    • Our Culture
    • Careers
    • Press
    • Contact
  • Partners
    • Integrations
    • Resellers
  • Quick links
    • Try For Free
    • Helix Core Demo
    • Helix ALM Demo
    • Subscription Center
    • Customer Support Login
    • Licensing Requests
    • Educational Licenses
    • How to Buy
Home
Perforce

Copyright © 2021 Perforce Software, Inc. All rights reserved.  |  Sitemap  |  Terms of Use  |  Privacy Policy

Social menu

  • Facebook
  • Twitter
  • Google+
  • LinkedIn
  • YouTube
  • RSS