MISRA Discussion Forums
Do not use the sizeof() operator - Printable Version

+- MISRA Discussion Forums (https://forum.misra.org.uk)
+-- Forum: MISRA C (https://forum.misra.org.uk/forumdisplay.php?fid=4)
+--- Forum: MISRA-C: 2004 rules (https://forum.misra.org.uk/forumdisplay.php?fid=17)
+---- Forum: 6.20 Standard Libraries (https://forum.misra.org.uk/forumdisplay.php?fid=42)
+---- Thread: Do not use the sizeof() operator (/showthread.php?tid=672)



Do not use the sizeof() operator - hanthen - 03-08-2009

I would suggest a new rule for MISRA C.
"Do not use the sizeof() operator".
Output seems to be compiler dependent, e.g. TI compiler for TMS320C2x/C2xx/C5x series returns the number of 16bit units.

They (TI) claim, that there is an ambiguity in the ANSI C definition:
- sizeof() shall return the number of bytes
- sizeof(char) shall return 1
As they implement a char as 16 bit, their solution of the dilemma is to define a byte as 16 bit.

This sounds problematic and will cause issues while porting code, which uses the sizeof() operator.


Re: Do not use the sizeof() operator - William Forbes - 03-08-2009

The definition of "byte" is defined in clause 3.4 of ISO/IEC 9899:1990
Basically, a byte is the size of a character. If a character is 16 bits then a byte is 16 bits.
Thus in my view, the implementation is compliant and the C standard is not ambiguous in this respect.
A byte is not always 8 bits.


Re: Do not use the sizeof() operator - Lundin - 12-08-2009

William Forbes Wrote:The definition of "byte" is defined in clause 3.4 of ISO/IEC 9899:1990
Basically, a byte is the size of a character. If a character is 16 bits then a byte is 16 bits.
Thus in my view, the implementation is compliant and the C standard is not ambiguous in this respect.
A byte is not always 8 bits.

Question: Is there a difference between C90 and C99 in this case? C99 (3.6) defines a byte as:

"addressable unit of data storage large enough to hold any member of the basic character set of the execution environment"

This is a very good definition, since the basic character set == the standard 7-bit ASCII. In reality this means 8 bits, ISO C
explicitly makes a difference between basic and extended character sets. So we can be certain that a byte is always 8 bits in C99.
Can anyone cite C90 in this case?

Also, C99 explicitly defines a char as 8 bits. The char type can never have any other size by that standard.

The question is what ISO C 1990 defines the size of a char as. This should be written in the Annex "Implementation Limits".


Re: Do not use the sizeof() operator - William Forbes - 13-08-2009

The C90 definition of a byte is essentially identical to the C99 one. The notes in C99 are part of the clause in C90.
I see not clause in C99 that defines a char as 8 bits. Do you have a clause reference number please?
The CHAR_BIT macro defined in defines how many bits is a char in both C90 and C99.
CHAR_BIT is required to by AT LEAST 8 in C90 and C99 so 7 bits in a byte is not allowed whereas 16 is.

I would say that Rule 6.3 should cover this issue?
Rules 6.1 and 6.2 discuss char so perhaps a note about the size of a byte/char could be included there?


Re: Do not use the sizeof() operator - Lundin - 17-08-2009

Well, after reading through C99, it seems every definition of char or a byte I can find is stated as "large enough...", ie at least 8 bits.
On the other hand, there is no text anywhere saying that char is allowed to be larger than 8 bits either.

The only text that is clearly written in the standard regarding this topic is actually the text below the sizeof() operator, which could be
interpreted as a statement of how large the char type is, by using plain logic:

sizeof() shall return the number of bytes of its operand
sizeof(char) shall return 1
Logical conclusion: the size of char is 1 byte

One may argue about whether the sizeof() chapter is a good place to write that definition, but still the text is just as normative as the rest of the standard.
So by that, one could say that 16 bit char is non-standard C. (There is the wchar_t, so there is no reason to make a mess of the ordinary char type...)

Also, there is always a need in embedded programming to communicate with hardware on byte-basis. With a compiler implementing char as 16 bit, you must
write all such code in inline assembler. Therefore I would definitely label such a compiler entirely unsuitable for embedded systems.


Re: Do not use the sizeof() operator - William Forbes - 17-08-2009

Hi Lundin,

I feel that you are assuming that a byte has 8 bits.
This assumption holds for 99% of cases but not all as hanthem has found out.

A byte is large enough to hold a character of the basic execution character set. (C90 3.4)
A char is large enough to hold a character of the basic execution character set (C90 6.1.2.5 p2)
The number of bits in a char is defined in the macro CHAR_BIT (C90 5.2.4.2.1)
CHAR_BIT can be any value but must be at least 8 (c90 5.2.4.2.1)
The sizeof(char) = 1 byte (C90 6.3.3.4)

From this one can conclude that char holds a byte and a byte has CHAR_BIT bits.

C99 is more explicit in that footnote 40 of clause 6.2.6.1 paragraph 3 says:
Quote:A byte contains CHAR_BIT bits, and the values of type unsigned char range from 0 to (2^CHAR_BIT) - 1.

The size of things in C is not defined in C and hence the need for MISRA rule 6.3.
You can write MISRA compliant code on 16 bit character systems but you can't use int8_t or uint8_t (or similar) as they can't exist!

Similar problem:
http://www.misra.org.uk/forum/viewtopic.php?f=62&t=593&start=0&sid=99ed01f5d5658fda7295510d149b6620


Re: Do not use the sizeof() operator - Lundin - 19-08-2009

It would seem that the real issue here is the poor definition of a byte in ISO C. A better proposal for a new rule would be "A byte shall always be regarded as 8 bits".

Because... making a byte 16 bits or 555 bits is like asking to have your product shot down in horrible ways over and over until everyone is fed up and it becomes obsolete.
I don't think it is motivated to change MISRA-C to support some weird >25 years old CPU core.


Re: Do not use the sizeof() operator - misra-c - 09-09-2009

The MISRA C Working Group does not believe that a rule precluding all use of sizeof() is warranted.

We note the comments regarding potential improvements to the text of rules 6.1 and 6.2.


Re: Do not use the sizeof() operator - jbezem - 11-11-2009

Lundin Wrote:I don't think it is motivated to change MISRA-C to support some weird >25 years old CPU core.
You'd be amazed to learn how many 8080 processors with old compilers are still in use resp. develeopment...

BR,

Johan