MISRA C++:2023 Rule 8.14.1

The right-hand operand of a logical && or || operator should not contain persistent side effects

Since R2024b

Description

The right-hand operand of a logical && or || operator should not contain persistent side effects. ¹

Rationale

The right operand of the || operator is not evaluated if the left operand is true. The right operand of the && operator is not evaluated if the left operand is false. In these cases, if the right operand modifies the value of a variable, the modification does not take place.

Polyspace Implementation

The rule checker reports situations where the right operand of a logical || or && operator has persistent side effects. For example, if the right operand contains a function call and the function modifies a global variable, the rule checker reports a violation.

The rule checker does not report a violation if the right operand contains a call to a pure function, that is, a function without side effects. The checker considers a function as pure if the function performs only simple operations such as:

Reading a nonvolatile parameter or global variable
Writing to a local variable

In addition to simple operations, if the function contains a call to another function, the checker attempts to determine if the called function is a pure function. If the checker determines that the callee is a pure function, then the calling function is considered a pure function (as long as the other operations in the calling function are simple operations).

The rule checker does not consider a function as pure if the function does one of the following:

Writes to a global variable or dereferences a parameter
Reads or writes to a volatile variable, or contains an asm block

To determine if a function is pure, the checker needs to analyze the function definition. The checker looks for function definitions only within the same translation unit as the function call. A translation unit is a source file plus all headers included in the source. If a function definition is not found in the current translation unit, the checker does not report a violation of this rule.

If the right operand of the logical || or && operator invokes a function by using a function pointer, Polyspace^® cannot determine whether the invoked function has side effects. Polyspace does not report a violation in this case.

Troubleshooting

If you expect a rule violation but Polyspace does not report it, see Diagnose Why Coding Standard Violations Do Not Appear as Expected.

Examples

expand all

Right Operand of Logical Operator with Persistent Side Effects

int check (int arg) {
    static int count;
    if(arg > 0) {
        count++;                   /* Persistent side effect */
        return 1;
    }
    else
        return 0;
}

int getSwitch(void);
int getVal(void);

void main(void) {
    int val = getVal();
    int mySwitch = getSwitch();
    int checkResult;

    if(mySwitch && check(val)) {   /* Noncompliant */
    }

    checkResult = check(val);
    if(checkResult && mySwitch) {  /* Compliant */
    }
    
    if(check(val) && mySwitch) {   /* Compliant */
    }
}

In this example, the rule is violated when the right operand of the && operator contains a call to the function check(). The function call has a persistent side effect because check() modifies the static variable count. Depending on the value of mySwitch, this modification might or might not happen.

The rule is not violated when the left operand contains a function call. Alternatively, to avoid the rule violation, assign the result of the function call to a variable. Use this variable in the logical operation in place of the function call.

Check Information

Group: Expressions

Category: Advisory

PQL Name: std.misra_cpp_2023.R8_14_1

Version History

Introduced in R2024b