Do not use the sizeof() operator

6.20 Standard Libraries

Moderators: misra-c, david ward

Post Reply
hanthen
Posts: 3
Joined: Mon Aug 03, 2009 12:59 pm
Company: Baker Hughes INTEQ

Do not use the sizeof() operator

Post by hanthen » Mon Aug 03, 2009 2:13 pm

I would suggest a new rule for MISRA C.
"Do not use the sizeof() operator".
Output seems to be compiler dependent, e.g. TI compiler for TMS320C2x/C2xx/C5x series returns the number of 16bit units.

They (TI) claim, that there is an ambiguity in the ANSI C definition:
- sizeof() shall return the number of bytes
- sizeof(char) shall return 1
As they implement a char as 16 bit, their solution of the dilemma is to define a byte as 16 bit.

This sounds problematic and will cause issues while porting code, which uses the sizeof() operator.

William Forbes
Posts: 29
Joined: Wed Dec 17, 2008 9:48 pm
Company: TRW Automotive

Re: Do not use the sizeof() operator

Post by William Forbes » Mon Aug 03, 2009 8:21 pm

The definition of "byte" is defined in clause 3.4 of ISO/IEC 9899:1990
Basically, a byte is the size of a character. If a character is 16 bits then a byte is 16 bits.
Thus in my view, the implementation is compliant and the C standard is not ambiguous in this respect.
A byte is not always 8 bits.

Lundin
Posts: 70
Joined: Mon Dec 10, 2007 1:57 pm

Re: Do not use the sizeof() operator

Post by Lundin » Wed Aug 12, 2009 3:38 pm

William Forbes wrote:The definition of "byte" is defined in clause 3.4 of ISO/IEC 9899:1990
Basically, a byte is the size of a character. If a character is 16 bits then a byte is 16 bits.
Thus in my view, the implementation is compliant and the C standard is not ambiguous in this respect.
A byte is not always 8 bits.
Question: Is there a difference between C90 and C99 in this case? C99 (3.6) defines a byte as:

"addressable unit of data storage large enough to hold any member of the basic character set of the execution environment"

This is a very good definition, since the basic character set == the standard 7-bit ASCII. In reality this means 8 bits, ISO C
explicitly makes a difference between basic and extended character sets. So we can be certain that a byte is always 8 bits in C99.
Can anyone cite C90 in this case?

Also, C99 explicitly defines a char as 8 bits. The char type can never have any other size by that standard.

The question is what ISO C 1990 defines the size of a char as. This should be written in the Annex "Implementation Limits".

William Forbes
Posts: 29
Joined: Wed Dec 17, 2008 9:48 pm
Company: TRW Automotive

Re: Do not use the sizeof() operator

Post by William Forbes » Thu Aug 13, 2009 8:56 pm

The C90 definition of a byte is essentially identical to the C99 one. The notes in C99 are part of the clause in C90.
I see not clause in C99 that defines a char as 8 bits. Do you have a clause reference number please?
The CHAR_BIT macro defined in <limits.h> defines how many bits is a char in both C90 and C99.
CHAR_BIT is required to by AT LEAST 8 in C90 and C99 so 7 bits in a byte is not allowed whereas 16 is.

I would say that Rule 6.3 should cover this issue?
Rules 6.1 and 6.2 discuss char so perhaps a note about the size of a byte/char could be included there?

Lundin
Posts: 70
Joined: Mon Dec 10, 2007 1:57 pm

Re: Do not use the sizeof() operator

Post by Lundin » Mon Aug 17, 2009 8:00 am

Well, after reading through C99, it seems every definition of char or a byte I can find is stated as "large enough...", ie at least 8 bits.
On the other hand, there is no text anywhere saying that char is allowed to be larger than 8 bits either.

The only text that is clearly written in the standard regarding this topic is actually the text below the sizeof() operator, which could be
interpreted as a statement of how large the char type is, by using plain logic:

sizeof() shall return the number of bytes of its operand
sizeof(char) shall return 1
Logical conclusion: the size of char is 1 byte

One may argue about whether the sizeof() chapter is a good place to write that definition, but still the text is just as normative as the rest of the standard.
So by that, one could say that 16 bit char is non-standard C. (There is the wchar_t, so there is no reason to make a mess of the ordinary char type...)

Also, there is always a need in embedded programming to communicate with hardware on byte-basis. With a compiler implementing char as 16 bit, you must
write all such code in inline assembler. Therefore I would definitely label such a compiler entirely unsuitable for embedded systems.

William Forbes
Posts: 29
Joined: Wed Dec 17, 2008 9:48 pm
Company: TRW Automotive

Re: Do not use the sizeof() operator

Post by William Forbes » Mon Aug 17, 2009 8:51 pm

Hi Lundin,

I feel that you are assuming that a byte has 8 bits.
This assumption holds for 99% of cases but not all as hanthem has found out.

A byte is large enough to hold a character of the basic execution character set. (C90 3.4)
A char is large enough to hold a character of the basic execution character set (C90 6.1.2.5 p2)
The number of bits in a char is defined in the macro CHAR_BIT (C90 5.2.4.2.1)
CHAR_BIT can be any value but must be at least 8 (c90 5.2.4.2.1)
The sizeof(char) = 1 byte (C90 6.3.3.4)

From this one can conclude that char holds a byte and a byte has CHAR_BIT bits.

C99 is more explicit in that footnote 40 of clause 6.2.6.1 paragraph 3 says:
A byte contains CHAR_BIT bits, and the values of type unsigned char range from 0 to (2^CHAR_BIT) - 1.
The size of things in C is not defined in C and hence the need for MISRA rule 6.3.
You can write MISRA compliant code on 16 bit character systems but you can't use int8_t or uint8_t (or similar) as they can't exist!

Similar problem:
http://www.misra.org.uk/forum/viewtopic ... 0d149b6620

Lundin
Posts: 70
Joined: Mon Dec 10, 2007 1:57 pm

Re: Do not use the sizeof() operator

Post by Lundin » Wed Aug 19, 2009 3:09 pm

It would seem that the real issue here is the poor definition of a byte in ISO C. A better proposal for a new rule would be "A byte shall always be regarded as 8 bits".

Because... making a byte 16 bits or 555 bits is like asking to have your product shot down in horrible ways over and over until everyone is fed up and it becomes obsolete.
I don't think it is motivated to change MISRA-C to support some weird >25 years old CPU core.

misra-c
Posts: 560
Joined: Thu Jan 05, 2006 1:11 pm

Re: Do not use the sizeof() operator

Post by misra-c » Wed Sep 09, 2009 11:07 am

The MISRA C Working Group does not believe that a rule precluding all use of sizeof() is warranted.

We note the comments regarding potential improvements to the text of rules 6.1 and 6.2.
---
Posted by and on behalf of
the MISRA C Working Group

jbezem
Posts: 20
Joined: Mon Aug 01, 2005 8:24 pm
Company: JB Enterprises
Location: Germany
Contact:

Re: Do not use the sizeof() operator

Post by jbezem » Wed Nov 11, 2009 6:57 am

Lundin wrote:I don't think it is motivated to change MISRA-C to support some weird >25 years old CPU core.
You'd be amazed to learn how many 8080 processors with old compilers are still in use resp. develeopment...

BR,

Johan
Johan Bezem
Email: [email protected]
Tel: +49 172 5463210
Web: http://www.bezem.de/

Post Reply

Return to “6.20 Standard Libraries”