[C-safe-secure-studygroup] Last nights discussion on MISRA rule 7.2
Clive Pygott
clivepygott at gmail.com
Thu Jun 1 11:34:31 UTC 2017
Last night we sent quite a while discussing MISRA C:2012 rule 7.2, trying
to figure out when adding a 'U' suffix to an integer literal is required.
Having spoken to a couple of people on the MISRA C committee, I think I
misled you last night (my excuse is I was confusing 7.2 with a similar rule
in MISRA C++, and MISRA C's essential type rules 10.1+)
You were right, 7.2 only applies to octal and hexadecimal constants, where
on the particular target platform, because of the int or long sizes, the
compiler interprets the constant as an unsigned value (see 6.4.4.1 para 5
of the C11 standard)
So on a machine with a 16-bit int, 0x8000 must be written as 0x8000U
'Context of use' rules are all in section 10. The example I gave of
unsigned char x = 2;
is still actually compliant - by an exception to 10.3. Among other things,
10.3 doesn't allow you to assign a signed value to an unsigned object,
unless the signed value is a constant that can be represented in the
object's type (so x = 2; is OK, as is x = 128U; but x = 128; isn't)
However, Rule 10.1 stops you performing arithmetic on mixed signed and
unsigned values. So if x and y are unsigned, y = x + 1; is
non-compliant, unless a U suffix is added to the 1
Hope this helps
Clive
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.trustable.io/pipermail/c-safe-secure-studygroup/attachments/20170601/80a72781/attachment-0001.html>
More information about the C-safe-secure-studygroup
mailing list