Rule 10.3, conversion of constant expression - Printable Version +- MISRA Discussion Forums (https://forum.misra.org.uk) +-- Forum: MISRA C (https://forum.misra.org.uk/forumdisplay.php?fid=4) +--- Forum: MISRA C:2012 and MISRA C:2023 guidelines (https://forum.misra.org.uk/forumdisplay.php?fid=21) +---- Forum: 8.10 The essential type model (https://forum.misra.org.uk/forumdisplay.php?fid=165) +---- Thread: Rule 10.3, conversion of constant expression (/showthread.php?tid=1288) |
Rule 10.3, conversion of constant expression - Motozo Mario Ikeda - 19-10-2016 It is hard to understand the reason to add Amplification 2 "The conversion of the constant expression in a switch statement's case label to the promoted type of the controlling expression". What kind of risks should be eliminated with this? Thank you, Mario Ikeda Re: Rule 10.3, conversion of constant expression - dg1980 - 20-10-2016 Code: #include Re: Rule 10.3, conversion of constant expression - Motozo Mario Ikeda - 20-10-2016 Thank you. But I think unreachable code should be detected by Rule 2.1. What confuses me is the phrase "The conversion .. to the promoted type of the controlling expression". In this sample code, x is promoted to int(int16_t or int32_t) and -1 is converted to int. As a result int is assigned to int. It should be compliant. I may understand if the phrase is "The conversion .. to the essential type of the controlling expression". Re: Rule 10.3, conversion of constant expression - dg1980 - 21-10-2016 Actually, both operands are promoted to unsigned int, so on a 32bit processor you compare 0x000000FFh with 0xFFFFFFFFh, which is always false: Code: 19: switch (x) (C99 6.8.4.2 Item 5 and 6.3.8.1). Re: Rule 10.3, conversion of constant expression - Motozo Mario Ikeda - 16-11-2016 Sorry for late reply. In my understanding both operands are promoted to signed int based on the Integral promotion rule. When a cotrol expression is "x", case -1: is not reachable. But if the control expression is "x-1", case -1: is reachable when x is 0. I still do not understand what kind of risk should be eliminated by the Amplification 2. Essential type should be discussed in this rule instead of "The conversion .. to the promoted type". Re: Rule 10.3, conversion of constant expression - Motozo Mario Ikeda - 16-11-2016 Sorry for late reply. In my understanding both operands are promoted to signed int based on the Integral promotion rule. When a cotrol expression is "x", case -1: is not reachable. But if the control expression is "x-1", case -1: is reachable when x is 0. I still do not understand what kind of risk should be eliminated by the Amplification 2. Essential type should be discussed in this rule instead of "The conversion .. to the promoted type". Re: Rule 10.3, conversion of constant expression - misra-c - 09-12-2016 First some background on the C standard conversions in switch statements. Quote:C99 6.8.4.2(5) The integer promotions are performed on the controlling expression. The constant expression in each case label is converted to the promoted type of the controlling expression.The Amplification is written in a way which describes the relevent conversion in the C standard. The actual check that should be performed is between the essential type of the case label expression and the essential type of controlling expression. We agree that the wording is not clear and will clarify it in a later version. In the example given by dg1980, "x" will be promoted from uint8_t ( assumed to be unsigned char ) to the C standard type of "signed int" if all the values of "unsigned char" fit in the "signed int" ( assumed to be 32-bit). The C standard type of "-1" is "signed int". This is not compliant with rule 10.3. It will also violate rule 2.1 as suggested. |