Unofficial Autosar C++ Guidelines Reference

Rule A12-0-2 (required, implementation, partially automated)

Bitwise operations and operations that assume data representation in memory shall not be performed on objects.

Rationale

Object representations may consist of more than only the declared fields (unless the objects are standard-layout or trivially copyable). Performing bitwise operations on objects may access bits that are not part of the value representation, which may lead to undefined behavior. Operations on objects (e.g. initialization, copying, comparing, setting, accessing) shall be done by dedicated constructors, overloaded operators, accessors or mutators.

Example

// $Id: A12-0-2.cpp 305629 2018-01-29 13:29:25Z piotr.serwa $

//
#include <cstdint>
#include <cstring>

class A
{
public:
A() = default;
A(uint8_t c, uint32_t i, int8_t d, int32_t h) : c(c), i(i), d(d), h(h) {}

bool operator==(const A& rhs) const noexcept
{
return c==rhs.c && i==rhs.i && d==rhs.d && h==rhs.h;
}

private:
uint8_t c;
uint32_t i;
int8_t d;
int32_t h;
};

int main(void)
{
A noninit;

//setting field c
std::memset(&noninit, 3, 1); //non-compliant
//setting field i

std::memset(((uint8_t*)&noninit)+sizeof(uint8_t)+3, 5, 1); //non-compliant

A init(3, 5, 7, 9); //compliant

if (noninit == init) //compliant
{

}

if (0 == std::memcmp(&noninit, &init, sizeof(init)))
{ //non-compliant, includes padding bytes

}

return 0;

}

See also

JSF December 2005 [8]: AV Rule 156: All the members of a structure (or class) shall be named and shall only be accessed via their names.

JSF December 2005 [8]: AV Rule 210: Algorithms shall not make assumptions concerning how data is represented in memory (e.g. big endian vs. little endian, base class subobject ordering in derived classes, nonstatic data member ordering across access specifiers, etc.) JSF December 2005 [8]: AV Rule 210.1: Algorithms shall not make assumptions concerning the order of allocation of nonstatic data members separated by an access specifier. JSF December 2005 [8]: AV Rule 211: Algorithms shall not assume that shorts, ints, longs, floats, doubles or long doubles begin at particular addresses. SEI CERT C++ Coding Standard [10]: EXP42-C: Do not compare padding data SEI CERT C++ Coding Standard [10]: EXP62-C: Do not access the bits of an object representation that are not part of the object’s value representation SEI CERT C++ Coding Standard [10]: OOP57-CPP: Prefer special member functions and overloaded operators to C Standard Library functions