Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Rule 10.1, Rule 6.5 and Boolean bit-fields
#1
Is there a MISRA-compliant way to have effectively boolean bit-fields? Single bit-fields can't be signed per Rule 6.5. So the bit-fields must be unsigned. Now we need to pick the signedness of the boolean type.

If we go with
Code:
typedef signed int TBool;
then we're going to be violating Rule 10.1 whenever we assign between the unsigned bit-field and the signed boolean type. E.g.:
Code:
myFlags.unsignedBit = signedBoolFlag; /* Implicitly converting signed to unsigned */
   signedBoolFlag = myFlags.unsignedBit; /* Implicitly converting unsigned to signed */
If we go with
Code:
typedef unsigned int TBool;
then we're going to be violating Rule 10.1 whenever we do something like
Code:
unsignedBoolFlag = (c > d); /* Implicitly converting signed to unsigned */
because the boolean expression is technically signed int.

Are boolean bit-fields something that MISRA C is trying to prevent? Are they dangerous? I know I could be using casts, but that gets ugly quickly, and pervasive casts bypass type checking and pretty much defeat the purpose of the MISRA rules in the first place.

One thing I thought of is to define something like
Code:
#define ISTRUE(cond) ((cond) ? TRUE : FALSE)
and then I can use
Code:
unsignedBoolFlag = ISTRUE(c > d); /* Fine as long as TRUE and FALSE are unsigned */
This may or may not be less efficient than without the ISTRUE() macro, depending on the compiler and optimizations. But it's still ugly.

Thanks,
- Joel
<t></t>
Reply


Messages In This Thread

Forum Jump:


Users browsing this thread: 2 Guest(s)