MISRA C:2012 Rule 17.8

A function parameter should not be modified

Description

Rule Definition

A function parameter should not be modified.

Rationale

When you modify a parameter, the function argument corresponding to the parameter is not modified. However, you or another programmer unfamiliar with C can expect by mistake that the argument is also modified when you modify the parameter.

Polyspace Implementation

Polyspace^® reports a violation of this rule when you modify the function parameters in the body of the function. Polyspace does not report a violation of this rule when a function parameter is passed by address as const to another function.

Troubleshooting

If you expect a rule violation but do not see it, refer to Diagnose Why Coding Standard Violations Do Not Appear as Expected.

Examples

expand all

Function Parameter Modified

In this example, the rule is violated when the parameter param1 is modified. Polyspace reports a violation. Because param3 is passed to foo as a const, it is not modified. Polyspace does not report a violation.

int input(void);
int foo(const int*);
void func(int param1, int* param2, int param3) {
    
    param1 = input();   /* Non-compliant */
    *param2 = input();  /* Compliant */
    foo(&param3); /*Compliant*/
}

The rule is not violated when a pointer parameter, such as param2 is modified.

Check Information

Group: Functions

Category: Advisory

AGC Category: Readability

Version History

Introduced in R2015b

expand all

R2024a: Taking address of parameter inside cast or function call no longer causes violations

The rule checker does not report a violation of this rule if, in the function body, you take the address of a parameter inside a cast operation or a function call. For example:

void myFcn(const void *param);

void myCall(int long_word)
{
	myFcn((void *)&long_word); //Compliant
}

Polyspace recognizes that the operation &long_word does not modify the parameter and a violation is not reported.

R2022b: Pointer-to-`const` parameters no longer flagged

The rule checker does not report a violation of this rule when a function parameter is passed by address as const to another function. For instance:

int foo(const int*);
void bar(int param){
    foo(&param); //Compliant
}

Because foo() accepts const int* objects, the parameter param is not modified when it is passed by address to foo.

MISRA C:2012 Rule 17.8

Description

Rule Definition

Rationale

Polyspace Implementation

Troubleshooting

Examples

Function Parameter Modified

Check Information

Version History

R2024a: Taking address of parameter inside cast or function call no longer causes violations

R2022b: Pointer-to-`const` parameters no longer flagged

See Also

Topics

MISRA C:2012 Rule 17.8

Description

Rule Definition

Rationale

Polyspace Implementation

Troubleshooting

Examples

Function Parameter Modified

Check Information

Version History

R2024a: Taking address of parameter inside cast or function call no longer causes violations

R2022b: Pointer-to-const parameters no longer flagged

See Also

Topics

R2022b: Pointer-to-`const` parameters no longer flagged