Essential Types in MISRA C Rules 10.x

Note

Starting in a future release, Code Prover will not support checking compliance with external coding standards and calculating code metrics. Migrate to Bug Finder for these workflows. See Essential Types in MISRA C Rules 10.x.

MISRA C™:2012 and MISRA C:2023 rules 10.x classify data types in categories. The rules treat data types in the same category as essentially similar.

For instance, the data types float, double and long double are considered as essentially floating. Rule 10.1 states that the % operation must not have essentially floating operands. This statement implies that the operands cannot have one of these three data types: float, double and long double.

Categories of Essential Types

The essential types fall in these categories:

Essential type category	Standard types
Essentially Boolean	`bool` or `_Bool` (defined in `stdbool.h`) If you define a boolean type through a `typedef`, you must specify this type name before coding rules checking. For more information, see `Effective boolean types (-boolean-types)`.
Essentially character	`char`
Essentially enum	named `enum`
Essentially signed	signed `char`, signed `short`, signed `int`, signed `long`, signed `long long`
Essentially unsigned	unsigned `char`, unsigned `short`, unsigned `int`, unsigned `long`, unsigned `long long`
Essentially floating	Essentially real floating: `float`, `double`, `long double`
Essentially floating	Essentially complex floating: `float _Complex`, `double _Complex`, `long double _Complex`

How MISRA C Uses Essential Types

These rules use essential types in their statements.

MISRA C:2012	MISRA C:2023	Description	Example
`MISRA C:2012 Rule 10.1`	`MISRA C:2023 Rule 10.1`	Operands shall not be of an inappropriate essential type.	The right operand of the `<<` or `>>` operator must be essentially unsigned. Otherwise, negative values can cause undefined behavior.
`MISRA C:2012 Rule 10.2`	`MISRA C:2023 Rule 10.2`	Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations.	The type `char` does not represent numeric values. Do not use a variable of this type in addition and subtraction operations.
`MISRA C:2012 Rule 10.3`	`MISRA C:2023 Rule 10.3`	The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category.	Do not assign a variable of data type `double` to a variable with the narrower data type `float`.
`MISRA C:2012 Rule 10.4`	`MISRA C:2023 Rule 10.4`	Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category.	Do not perform an addition operation with a signed `int` operand, which belongs to the essentially signed category, and an unsigned `int` operand, which belongs to the essentially unsigned category.
`MISRA C:2012 Rule 10.5`	`MISRA C:2023 Rule 10.5`	The value of an expression should not be cast to an inappropriate essential type.	Do not perform a cast between essentially floating types and essentially character types.
`MISRA C:2012 Rule 10.6`	`MISRA C:2023 Rule 10.6`	The value of a composite expression shall not be assigned to an object with wider essential type.	If a multiplication, binary addition or bitwise operation involves unsigned `char` operands, do not assign the result to a variable having the wider type unsigned `int`.
`MISRA C:2012 Rule 10.7`	`MISRA C:2023 Rule 10.7`	If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then the other operand shall not have wider essential type.	If one operand of an addition operation is a composite expression with two unsigned `char` operands, the other operand must not have the wider type unsigned `int`.
	`MISRA C:2023 Rule 10.8`	The value of a composite expression shall not be cast to a different essential type category or a wider essential type.	If a multiplication, binary addition or bitwise operation involves unsigned `char` operands, do not assign the result to a variable having the wider type unsigned `int`.

Essential Types of Constants

If the standard type of an integer constant is signed int, then its essential type is the lowest ranked signed type required to represent the integer constant value. Likewise, if the standard type of an integer constant is unsigned int, then its essential type is the lowest ranked unsigned type required to represent the integer constant value.

Consider the expression:

void bitShift(uint32_t shiftVal) {
    uint32_t shiftResult;
    shiftResult = 1U << shiftVal;
}

In this expression, the type of 1U is essentially unsigned char because the lowest ranked type that can hold the value 1 is char.

Essential Types of Results of Expressions

The following sections list the essential types of results of expressions involving certain kinds of operations. Note that this list only contains cases where the essential type is not trivial to determine, and is not an exhaustive list of the rules.

Relational Operator

The type of the result is the essentially Boolean.

Bitwise Shift Operator

If the left hand operand is essentially unsigned, the result has the same essential type as that of the operand, unless both operands are integer constants (in which case, the essential type of the result is the lowest ranked unsigned type that can hold the result value).

Bitwise Complement

If the operand is essentially unsigned, the result has the same essential type as that of the operand, unless the operand is an integer constant (in which case, the essential type of the result is the lowest ranked unsigned type that can hold the result value).

Unary Plus

If the operand is essentially signed or essentially unsigned, the result has the same essential type as the operand.

Unary Minus

If the operand is essentially signed, the result has the same essential type as the operand unless the operand is an integer constant (in which case, the essential type of the result is the lowest ranked signed type that can hold the result value).

Conditional

If the essential type of the second and third operand are the same, then the result also has this essential type. If their essential types are different but the operands are both essentially signed (unsigned), then the essential type of the result is the same as the essentially signed (unsigned) type of the operand with the higher rank.

Operations Subject to Arithmetic Conversions (`* / % + = & | ^`)

If both the operands are both essentially signed (unsigned), then the essential type of the result is the same as the essentially signed (unsigned) type of the operand with the higher rank. The only exception is when the expression involves integer constants only, in which case, the essential type of the result is the lowest ranked signed (unsigned) type that can hold the result value.