QA-C Rule 4303 states that An expression of ’essentially Boolean’ type is being cast to signed type. I want to understand what could be actual problem if we typecast essentially boolean to signed type with example? In C90 as there is no boolean data type typedefs are used which are categorized as essentially boolean. Please someone explain the real issues with examples
CodePudding user response:
Using strange type combinations could be an indication of unintentional bugs. With rules in place, the static analyser can then catch such bugs.
For example, lets say we want to do some bitwise arithmetic. We do it on an unsigned type to save us from lots of signed type problems, then assign the result to a signed type:
int32_t result = (int32_t)(1u << n);
This code is fine, sensible, and at a glance also MISRA compliant. However, since programmers have a tendency to baptise their new keyboards with coffee, they get sticky keys and therefore maybe type this instead:
int32_t result = (int32_t)(1u < n);
This is nonsense code, but perfectly valid C, so the compiler might be silent about this bug. For example gcc with max warnings happily skips past it - not even -Wconversion
helps.
But since (1u < n)
is "essentially boolean" and 10.5 doesn't allow such an expression to be cast to any other type, the bug should get spotted by your static analyser.