Pour obtenir une clé
d'essai remplissez le formulaire ci-dessous
Demandez des tariffs
Nouvelle licence
Renouvellement de licence
--Sélectionnez la devise--
USD
EUR
RUB
* En cliquant sur ce bouton, vous acceptez notre politique de confidentialité

Free PVS-Studio license for Microsoft MVP specialists
To get the licence for your open-source project, please fill out this form
** En cliquant sur ce bouton, vous acceptez notre politique de confidentialité.

I am interested to try it on the platforms:
** En cliquant sur ce bouton, vous acceptez notre politique de confidentialité.

Votre message a été envoyé.

Nous vous répondrons à


Si vous n'avez toujours pas reçu de réponse, vérifiez votre dossier
Spam/Junk et cliquez sur le bouton "Not Spam".
De cette façon, vous ne manquerez la réponse de notre équipe.

>
>
>
V2531. MISRA. Expression of essential t…
Analyzer diagnostics
General Analysis (C++)
General Analysis (C#)
General Analysis (Java)
Diagnosis of micro-optimizations (C++)
Diagnosis of 64-bit errors (Viva64, C++)
Customer specific requests (C++)
MISRA errors
AUTOSAR errors
OWASP errors (C#)
Problems related to code analyzer
Additional information
Contents

V2531. MISRA. Expression of essential type 'foo' should not be explicitly cast to essential type 'bar'.

18 Avr 2019

This diagnostic rule is based on the software development guidelines developed by MISRA (Motor Industry Software Reliability Association).

This diagnostic applies only to code written in C.

A value of one essential type should not be explicitly cast to a value of another incompatible essential type. The MISRA standard introduces the essential type model, where variables can have the following types:

  • Boolean, if it operates true/false values: '_Bool';
  • signed, if operates signed integer numbers, or is an unnamed enum: 'signed char', 'signed short', 'signed int', 'signed long', 'signed long long', 'enum { .... }';
  • unsigned, if operates unsigned integer numbers: 'unsigned char', 'unsigned short', 'unsigned int', 'unsigned long', 'unsigned long long';
  • floating, if operates floating point numbers: 'float', 'double', 'long double';
  • character, if operates only characters: 'char';
  • Named enum, if operates a named set of user-specific values: 'enum name { .... };'.

This model does not include pointers.

The following table shows situations that developers should avoid:

V2531/image1.png

Exceptions:

  • A variable of type 'enum' can be cast to an alias for that type.
  • Constant integers '0' and '1' can be cast to 'Boolean'.

Reasons for explicit type conversion are as follows:

  • to make code easier to read;
  • to change a type to use it in a subsequent arithmetic operation;
  • deliberate truncation of the value (when casting from a wider type to a narrower type, i.e. 'long' -> 'short').

For some reasons, casts from one essential type to another may be dangerous or meaningless, for example:

  • casting from 'signed'/'unsigned' integer to named 'enum' may be dangerous as the value may not fit into the range determined by the maximum size of the given 'enum' type;
  • casts from 'Boolean' to any other type are usually meaningless;
  • casts between essential 'floating' and 'character' types are also meaningless as there is no precise mapping between the two representations.

The following example will trigger the corresponding warnings:

enum A {ONE, TWO = 2};

float foo(int x, char ch)
{
    enum A a = (enum A) x;  // signed to enum, may lead to 
                            // unspecified behavior

    int y = int(x == 4);    // Meaningless cast Boolean to signed

    return float(ch) + .01; // Meaningless cast character to floating,
                            // there is no precise mapping between
                            // two representations
}

This diagnostic is classified as:

  • MISRA-C-10.5
Unicorn with delicious cookie
Nous utilisons des cookies pour améliorer votre expérience de navigation. En savoir plus
Accepter