1

Context

I'm designing the software architecture of a safety critical software written in C, under DO-178C (DAL A) and with a Code Standard based on MISRA-C 2012, but no fully compliant.

It is the first time I do this, and I don't want to fall in design issues that could be avoidable in advance.

Program description:

The program needs to:

  • read data from an external source (~1Gb),
  • cache it in main memory,
  • process the data, and
  • give a yes/no response depending on the input data

At high-level is as simple as that, and we expect around 10k LOC.

Question

I have common allocation restrictions in this kind of software, so all my space shall be pre-allocated statically. So, I want to pre-allocate memory statically and bind it to some data structures used in the application, in summary the design principle is based in the following example. Have you seen this approach before?, do you see some issue?, do you know some resource to deep research?

This is a summary of the pattern I'd like to implement, which I don't know if it has a name. Also, there is a project rule such as datadict.h can be only included by datadict.c

interfaces.h

#ifndef INTERFACES_H #define INTERFACES_H typedef float f32_t; typedef long unsigned int u64_t; typedef struct { f32_t * const data; u64_t const size; } fatf32_t; #endif

public_datadict.h

#ifndef PUBLIC_DATA_DICT_H #define PUBLIC_DATA_DICT_H #include "interfaces.h" #define SIZE 100 extern fatf32_t signal_1; extern fatf32_t signal_2; extern fatf32_t signal_N; #endif

datadict.h

#ifndef DATA_DICT_H #define DATA_DICT_H #include "public_datadict.h" #define SIZE 100 static f32_t prealloc_signal_1 [ SIZE ]; static f32_t prealloc_signal_2 [ SIZE ]; static f32_t prealloc_signal_N [ SIZE ]; #endif

datadict.c

#include "datadict.h" static f32_t prealloc_signal_1 [ SIZE ] = { 0 }; static f32_t prealloc_signal_2 [ SIZE ] = { 0 }; static f32_t prealloc_signal_N [ SIZE ] = { 0 }; /* key point: Binding preallocated arrays to extern structures */ fatf32_t signal_1 = { .data = prealloc_signal_1, .size = SIZE }; fatf32_t signal_2 = { .data = prealloc_signal_2, .size = SIZE }; fatf32_t signal_N = { .data = prealloc_signal_N, .size = SIZE };

main.c

/* Key point: the rest of the application only sees the extern binded structures */ #include "public_datadict.h" int main ( void ) { for ( u64_t i = 0; i < signal_1.size; i++ ) { signal_1.data[ i ] = i; } return 0; }
Improve this question
4
  • 2
    The corresponding C concept for "public/private visibility" is "internal/external linkage", which operates on the level of compilation units. So your approach to define static (= private) arrays in some compilation unit does seem appropriate. However, you can likely get rid of the datadict.h header. It achieves literally nothing other than including the public datadict. Also, note that _t names are reserved by Posix.
    – amon
    CommentedJul 2, 2023 at 17:03
  • Thanks for your comment @amon, I will consider the possibility to get rid of datadict.h.It was included because there is a rule in MISRA which forces you to always write a declaration before definition of any object or function.
    – Sam
    CommentedJul 3, 2023 at 16:22
  • I think that MISRA rule (C:2012 R 8.4) only applies to objects with external linkage, not to static objects.
    – amon
    CommentedJul 3, 2023 at 16:37
  • That's true, I thought it was applied to all linkages, thanks again.
    – Sam
    CommentedJul 3, 2023 at 16:43

0

Reset to default

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.