21-01-2011, 01:25 PM
It is correct to assume that any single-bit bit-field must have unsigned int type and it is therefore reasonable to assume that any type used for storing Boolean values must also be unsigned int.
MISRA C introduces the concept of effectively Boolean expressions and gives guidance on when these expressions can and cannot be used. However, the treatment of Boolean values and types in MISRA C is incomplete as your question shows. The rules in Section 10 were designed to be applied to arithmetic types and do not cover plain char, enumerated types, Boolean types or bit-fields.
Firstly, it should be possible to assign the value of an effectively Boolean expression to an object with effectively Boolean type without violating any MISRA rules. Unfortunately, Rule 10.1 is violated in the example you give.
Secondly, it may well be that unsigned char is a better effectively Boolean type than unsigned int. On most implementations an object with unsigned char type will require less storage space than one with unsigned int type. It may also be quicker to access and operate on unsigned char on some implementations. However, the behaviour is undefined in C90 if a bit-field is defined with unsigned char type.
You should have little trouble in justifying a deviation for Rule 10.1 provided that the right-hand side of the assignment is effectively Boolean and the left-hand side is either an unsigned bit-field or has effectively Boolean type. Since the value of the effectively Boolean expression is guaranteed to be 0 or 1 there is no chance of loss of information.
As has been mentioned in earlier postings, e.g. http://www.misra-c2.com/forum/viewtopic.php?f=66&t=265, the MISRA C Working Group is developing a new revision of the MISRA C Guidelines. This version has a full treatment of Boolean values and types and therefore avoids problems such as the one you have identified.
MISRA C introduces the concept of effectively Boolean expressions and gives guidance on when these expressions can and cannot be used. However, the treatment of Boolean values and types in MISRA C is incomplete as your question shows. The rules in Section 10 were designed to be applied to arithmetic types and do not cover plain char, enumerated types, Boolean types or bit-fields.
Firstly, it should be possible to assign the value of an effectively Boolean expression to an object with effectively Boolean type without violating any MISRA rules. Unfortunately, Rule 10.1 is violated in the example you give.
Secondly, it may well be that unsigned char is a better effectively Boolean type than unsigned int. On most implementations an object with unsigned char type will require less storage space than one with unsigned int type. It may also be quicker to access and operate on unsigned char on some implementations. However, the behaviour is undefined in C90 if a bit-field is defined with unsigned char type.
You should have little trouble in justifying a deviation for Rule 10.1 provided that the right-hand side of the assignment is effectively Boolean and the left-hand side is either an unsigned bit-field or has effectively Boolean type. Since the value of the effectively Boolean expression is guaranteed to be 0 or 1 there is no chance of loss of information.
As has been mentioned in earlier postings, e.g. http://www.misra-c2.com/forum/viewtopic.php?f=66&t=265, the MISRA C Working Group is developing a new revision of the MISRA C Guidelines. This version has a full treatment of Boolean values and types and therefore avoids problems such as the one you have identified.
Posted by and on behalf of the MISRA C Working Group