10.3. Casting to a narrower type

[eirik.midttun]

Original question at comp.arch.embedded:

In MISRA-C 2004:
Rule 10.4:
The value of a complex expression of integer type may only be cast to
a type that is narrower and of the same signedness as the underlying
type of the expression.

Rule 10.3:
The value of a complex expression of floating type may only be cast to
a type that is narrower floating type.



So why should the cast be more narrow? The Guidelines gives a
reference to section 6.10, but don't offer much insight. The only
consequence I see is that the result potentially missing the most
significant bits.

Anyone who cares to enlighten me?

Best answer so far:

> If the emphasis had been on explicit casting, it would have made sense -
> \"the value may only be *explicitly cast* to a type that is narrower, not
> implicitly\", then it would have made sense. But (according to the above
> link), Misra-C allows:

> u16x = (U16)(u32a + u32b);

> but not:

> u32x = (U32)(u16a + u16b);

If so, that's quite positive achievement. Too many people believe that

u16a = 40000;
u16b = 40000;
u32x = (U32)(u16a + u16b);

will end up with u32x = 80000. If MISRA can invent rules that trigger
on precisely this case and convince those people to write what they
actually wanted:

u32x = (U32) u16a + (U32) u16b;

that would be a very good thing indeed.

But in general people, me included, seems puzzled by this rule.