Essential Types in MISRA C Rules 10.x
MISRA C™:2012 and MISRA C:2023 rules 10.x classify data types in categories. The rules treat data types in the same category as essentially similar.
For instance, the data types float, double and
long double are considered as essentially floating. Rule 10.1 states that
the % operation must not have essentially floating operands. This statement
implies that the operands cannot have one of these three data types: float,
double and long double.
Categories of Essential Types
The essential types fall in these categories:
| Essential type category | Standard types |
|---|---|
Essentially Boolean |
If you define a boolean type through a
|
Essentially character | char |
Essentially enum | named enum |
Essentially signed | signed char, signed short, signed
int, signed long, signed long
long |
Essentially unsigned | unsigned char, unsigned short, unsigned
int, unsigned long, unsigned long
long |
Essentially floating | Essentially real floating: float, double,
long double |
Essentially complex floating: float _Complex,
double _Complex, long double
_Complex |
How MISRA C Uses Essential Types
These rules use essential types in their statements.
| MISRA C:2012 | MISRA C:2023 | Description | Example |
|---|---|---|---|
MISRA C:2012 Rule
10.1 | MISRA C:2023 Rule
10.1 | Operands shall not be of an inappropriate essential type. | The right operand of the |
MISRA C:2012 Rule
10.2 | MISRA C:2023 Rule
10.2 | Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations. | The type |
MISRA C:2012 Rule
10.3 | MISRA C:2023 Rule
10.3 | The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category. | Do not assign a variable of data type |
MISRA C:2012 Rule
10.4 | MISRA C:2023 Rule
10.4 | Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category. | Do not perform an addition operation with a signed
|
MISRA C:2012 Rule
10.5 | MISRA C:2023 Rule
10.5 | The value of an expression should not be cast to an inappropriate essential type. | Do not perform a cast between essentially floating types and essentially character types. |
MISRA C:2012 Rule
10.6 | MISRA C:2023 Rule
10.6 | The value of a composite expression shall not be assigned to an object with wider essential type. | If a multiplication, binary addition or bitwise operation involves
unsigned |
MISRA C:2012 Rule
10.7 | MISRA C:2023 Rule
10.7 | If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type. | If one operand of an addition operation is a composite expression with
two unsigned |
MISRA C:2012 Rule
10.8 | MISRA C:2023 Rule
10.8 | The value of a composite expression shall not be cast to a different essential type category or a wider essential type. | If a multiplication, binary addition or bitwise operation involves unsigned
char operands, do not assign the result to a variable having
the wider type unsigned int. |
Essential Types of Constants
If the standard type of an integer constant is signed int, then its
essential type is the lowest ranked signed type required to represent the integer constant
value. Likewise, if the standard type of an integer constant is unsigned
int, then its essential type is the lowest ranked unsigned type required to
represent the integer constant value.
Consider the expression:
void bitShift(uint32_t shiftVal) {
uint32_t shiftResult;
shiftResult = 1U << shiftVal;
}1U is essentially
unsigned char because the lowest ranked type that can hold the value 1
is char.Essential Types of Results of Expressions
The following sections list the essential types of results of expressions involving certain kinds of operations. Note that this list only contains cases where the essential type is not trivial to determine, and is not an exhaustive list of the rules.
Relational Operator
The type of the result is the essentially Boolean.
Bitwise Shift Operator
If the left hand operand is essentially unsigned, the result has the same essential type as that of the operand, unless both operands are integer constants (in which case, the essential type of the result is the lowest ranked unsigned type that can hold the result value).
Bitwise Complement
If the operand is essentially unsigned, the result has the same essential type as that of the operand, unless the operand is an integer constant (in which case, the essential type of the result is the lowest ranked unsigned type that can hold the result value).
Unary Plus
If the operand is essentially signed or essentially unsigned, the result has the same essential type as the operand.
Unary Minus
If the operand is essentially signed, the result has the same essential type as the operand unless the operand is an integer constant (in which case, the essential type of the result is the lowest ranked signed type that can hold the result value).
Conditional
If the essential type of the second and third operand are the same, then the result also has this essential type. If their essential types are different but the operands are both essentially signed (unsigned), then the essential type of the result is the same as the essentially signed (unsigned) type of the operand with the higher rank.
Essential type of expression involving the operators *, /, %, +, -,
&, |, and ^
The operators *, /, %,
+, -, &,
|, and ^ create a composite expression.
Polyspace® assumes:
The essential type of an expression is
charif the expression involves an essentially character type, a+or-operand, and an integral type (essentially signed or unsigned) that has a rank lower or equal toint. For example, the essential type of the expressions(chA + siA)and(chA - siA)in this code ischar:char chA; int siA; unsigned int suA; char exp1 = chA + siA; char exp2 = chA - suA;The essential type of an expression is the signed type of lowest rank (STLR) required to represent the result of the expression if the expression is an integer constant expression. For example, the essential type of the expression
(250+350)issigned shortbecause the STLR of the result600issigned short.The essential type of an expression is the unsigned type of lowest rank (UTLR) required to represent the result of the expression if the expression involves essentially unsigned integer constants. For example, the essential type of the expression
(5U+4U)isunsigned charbecause the UTLR of the result9Uisunsigned char.The essential type of an expression is the essential type of the operand with highest rank if both operands are essentially signed or essentially unsigned.
If an expression does not match any of the cases mentioned above, the essential type of the expression is same as the standard type of the expression.
If a composite expression has one essentially unsigned integral type operand and a
signed integer constant operand, Polyspace checks the binary representation of the signed integer constant operand. If
the binary representation of this operand is the same as its unsigned equivalent,
Polyspace analyzes the code assuming the essential type of the integral constant is
unsigned. The type of the expression is then assumed to the essentially unsigned. For
example, in the code, Polyspace assumes that the type of the expression (var + 1) is
essentially unsigned integer because 1 and 1U has
same binary representation:
unsigned int var;
int signed_var = (int) (var + 1);
MISRA C:2023 Rule
10.4. Because Polyspace assumes the type of (var + 1) is essentially unsigned
integer, casting this expression to essentially signed int type results
in a violation of MISRA C:2023 Rule
10.8.
