MSC12-C. Detect and remove code that has no effect

Code that is executed but does not perform any action, or that has an unintended effect, most likely results from a coding error and can cause unexpected behavior. Statements or expressions that have no effect should be identified and removed from code. Most modern compilers, in many cases, can warn about code that has no effect. (See MSC00-C. Compile cleanly at high warning levels.)

This recommendation is related to MSC07-C. Detect and remove dead code.

Noncompliant Code Example (Assignment)

In this noncompliant code example, the comparison of a to b has no effect:

int a;
int b;
/* ... */
a == b;

This code is likely a case of the programmer mistakenly using the equals operator == instead of the assignment operator =.

Compliant Solution (Assignment)

The assignment of b to a is now properly performed:

int a;
int b;
/* ... */
a = b;

Noncompliant Code Example (Dereference)

In this example, a pointer increment and then a dereference occur, but the dereference has no effect:

int *p;
/* ... */
*p++;

Compliant Solution (Dereference)

Correcting this example depends on the intent of the programmer. For example, if dereferencing p was a mistake, then p should not be dereferenced.

int *p;
/* ... */
++p;

If the intent was to increment the value referred to by p, then parentheses can be used to ensure p is dereferenced and then incremented. (See EXP00-C. Use parentheses for precedence of operation.)

int *p;
/* ... */
(*p)++;

Compliant Solution (Memory-Mapped Devices)

Another possibility is that p is being used to reference a memory-mapped device. In this case, the variable p should be declared as volatile.

volatile int *p;
/* ... */
(void) *(p++);

Noncompliant Code Example (if/else if)

A chain of if/else if statements is evaluated from top to bottom. At most, only one branch of the chain will be executed: the first one with a condition that evaluates to true. Consequently, duplicating a condition in a sequence of if/else if statements automatically leads to dead code.

if (param == 1)
   openWindow();
 else if (param == 2)
   closeWindow();
 else if (param == 1) /* Duplicated condition */
   moveWindowToTheBackground();

Compliant Solution (if/else if)

In this compliant solution, the third conditional expression has been corrected.

if (param == 1)
   openWindow();
 else if (param == 2)
   closeWindow();
 else if (param == 3)
   moveWindowToTheBackground();

Noncompliant Code Example (logical operators)

Using the same subexpression on either side of a logical operator is almost always a mistake.  In this noncompliant code example, the rightmost subexpression of the controlling expression of each if statement has no effect.  

if (a == b && a == b) { // if the first one is true, the second one is too
  do_x();
}
if (a == c || a == c ) { // if the first one is true, the second one is too
  do_w();
}

Compliant Solution (logical operators)

In this compliant solution, the rightmost subexpression of the controlling expression of each if statement has been removed.

if (a == b) { 
  do_x();
}
if (a == c) { 
  do_w();
}

Risk Assessment

The presence of code that has no effect can indicate logic errors that may result in unexpected behavior and vulnerabilities.

Automated Detection

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Bibliography