+- MISRA Discussion Forums (https://forum.misra.org.uk)
+-- Forum: MISRA C (https://forum.misra.org.uk/forumdisplay.php?fid=4)
+--- Forum: MISRA C:2012 and MISRA C:2023 guidelines (https://forum.misra.org.uk/forumdisplay.php?fid=21)
+---- Forum: 8.10 The essential type model (https://forum.misra.org.uk/forumdisplay.php?fid=165)
+---- Thread: 10.3 "promoted type" of controlling expression (/showthread.php?tid=1530)
10.3 "promoted type" of controlling expression - grunwald - 27-02-2020
What exactly is meant by Rule 10.3 using "promoted type" in "The conversion of the constant expression in a switch statement’s case label to the promoted type of the controlling expression." ?
Using the promoted type kinds of contradicts the rule title, which is using essential types.
The following examples assume 10.3 uses the standard C type (after integer promotions) for the controlling expression.
Does the promotion also apply to the case labels, or do we keep using the essential type there? Assuming we keep using the essential type for case labels, that leads to some surprising violations:
Code:
uint8_t a = 1;
switch (a) { // type promoted to "signed int"
case 1u: // 10.3 violation because 1u is essentially unsigned, but the controlling expression is promoted to an essentially signed type?
case -200: // compliant with 10.3, even though the case is impossible to reach due to the sign mismatch?
break;
}Is there a way to write the following switch that is compliant on both 16-bit and 32-bit machines?
Code:
uint16_t num = ...;
switch (num >> 1u) { // uint16_t promotes to 'signed int' or 'unsigned int' depending on "sizeof(uint16_t) == sizeof(int)"
case 1u: // 10.3 violation where sizeof(int)>2, because the controlling expression is promoted to an essentially signed type?
case (uint16_t)2u: // 10.3 violation where sizeof(int)>2, because the controlling expression is promoted to an essentially signed type?
case 2: // I guess signed literals work in all cases, thanks to exception 3.
break;
}It would make more sense to use the essential type for both controlling expression and labels; or use the standard type for both.
Re: 10.3 "promoted type" of controlling expression - misra-c - 31-03-2020
First some background on the C standard conversions in switch statements.
Quote:C99 6.8.4.2(5) "The integer promotions are performed on the controlling expression. The constant expression in each case label is converted to the promoted type of the controlling expression."The Amplification to rule 10.3 is written in a way which describes the relevent conversion in the C standard.
The actual check that should be performed is between the essential type of the case label expression and the essential type of controlling expression.
The MISRA C working group agree that the wording is not clear and it will be clarified in the next Technical Corigendum.
Quote:From:
2. The conversion of the constant expression in a switch statement's case label to the promoted type of the controlling expression.
To:
2. The conversion of the constant expression in a switch statement's case label to the essential type of the controlling expression.
Concerning your examples:
Code:
uint8_t a = 1;
switch (a) // essential type of unsigned 8 bit
{
case 1u: // compliant
case -200: // not compliant with 10.3
break;
}
uint16_t num = ...;
switch (num >> 1u) // essential type always unsigned 16 bit
(
case 1u: // compliant
case (uint16_t)2u: // compliant
case 2: // Compliant due to exception 3.
break;
}