Further guidance on MISRA-C 2012 Rule 10.6

[mshawa]

MISRA-C 2012 D.3 states that UTLR/STLR rules are only applied to integer constant expressions for operators that explicitly specify this in D.7. D.7 further states that the essential type is the standard type unless otherwise listed and does not specify a non-standard essential type for sizeof.

---

Given the following example: 

Code:

typedef unsigned int uint32_t;
typedef unsigned short uint16_t;
extern uint16_t u16;
extern uint32_t u32;

extern void foo( void );
void foo( void ) {
    uint32_t case1 = (sizeof(uint32_t) + sizeof(uint32_t)) + u16; /*Case 1*/
    uint32_t case2 = u32 + u32 + u16; /*Case 2*/
    uint32_t case3 = sizeof(uint32_t) + (sizeof(uint32_t) + u16);/*Case 3*/
    uint32_t case4 = sizeof(uint32_t) + u16 + sizeof(uint32_t); /*Case 4*/
}

Which of the cases violates Rule 10.6 while providing the rationale?

[misra-c]

C18 para 6.5.3.4 defines that sizeof(x) generates an unsigned integer constant (long or long long?) and is therefore not within the scope of MISRA C Appendix D.7

By MISRA C Appendix D.6.1(2) an integer constant of unsigned type is the UTLR of the value (hence essentially unsigned char)

Case 1: uint32_t = ( uint8_t + uint8_t ) + uint16_t
==> uint8_t + uint16_t /* Non-compliant - widened u16 -> u32 */
Case 2: uint32_t = uint32_t + uint32_t + uint16_t /* Compliant - all in u32 */
Case 3: uint32_t = uint8_t + ( uint8_t + uint16_t ) /* Non-compliant */
Case 4: uint32_t = uint8_t + uint16_t + uint8_t /* Non-compliant */