AUTOSAR C++14 Rule A12-8-3
Description
Rule Definition
Moved-from object shall not be read-accessed.
Rationale
Because the content of a source object is generally unspecified after a move operation, it is unsafe to perform operations that access the contents of the source object after a move operation. Accessing the contents of the source object after a move operation might result in a data integrity violation, an unexpected value, or an illegal dereferencing of a pointer.
Operations that make no assumptions about the state of an object do not violate this rule.
The C++ standard specifies that these move operations leave the source object in a well-specified state after the move:
- Move construction, move assignment, converting1 move construction, and converting move assignment of - std::unique_ptrtype
- Move construction, move assignment, converting move construction, converting move assignment of - std::shared_ptrtype
- Move construction and move assignment from a - std::unique_ptrof- std::shared_ptrtype
- Move construction, move assignment, converting move construction, and converting move assignment of - std::weak_ptrtype
- std::move()of- std::basic_iostype
- Move constructor and move assignment of - std::basic_filebuftype
- Move constructor and move assignment of - std::threadtype
- Move constructor and move assignment of - std: unique_locktype
- Move constructor and move assignment of - std::shared_locktype
- Move constructor and move assignment of - std::promisetype
- Move constructor and move assignment of - std::futuretype
- Move construction, move assignment, converting move construction, and converting move assignment of - std::shared_futuretype
- Move constructor and move assignment of - std::packaged_tasktype
Because these move operations leave the source object in a well-specified state, accessing the source object after calling these functions is compliant with this rule.
Polyspace Implementation
Polyspace® raises a flag if the source object is read after its contents are moved to a
        destination object by calling the std::move function explicitly.
          Polyspace does not flag accessing a source object if:
- The source object of an explicit move operation is of these types: - std::unique_ptr
- std::shared_ptr
- std::weak_ptr
- std::basic_ios
- std::basic_filebuf
- std::thread
- std::unique_lock
- std::shared_lock
- std::promise
- std::future
- std::shared_future
- std::packaged_task
- std::vector
 
- The move operation is performed implicitly. For instance, the function - std::removemoves objects implicitly. Polyspace does not flag accessing the object moved implicitly. To avoid accidentally accessing a moved object, erase the removed object using- std::erase. For details about using- std::remove, see- Improper erase-remove idiom.
- The source object is of a built-in base type, such as: - int,- enum,- float,- double, pointer,- std::intptr_t,- std::nullptr_t.
Troubleshooting
If you expect a rule violation but Polyspace does not report it, see Diagnose Why Coding Standard Violations Do Not Appear as Expected.
Examples
Check Information
| Group: Special member functions | 
| Category: Required, Partially automated | 
Version History
Introduced in R2021aSee Also
1 A converting constructor is a constructor that is not declared with the
                  specifier explicit. See Converting constructor.