Main Content

AUTOSAR C++14 Rule A18-5-7

If non-real-time implementation of dynamic memory management functions is used in the project, then memory shall only be allocated and deallocated during non-real-time program phases

Since R2022a

expand all in page

Description

Rule Definition

If non-real-time implementation of dynamic memory management functions is used in the project, then memory shall only be allocated and deallocated during non-real-time program phases.

Rationale

A real-time function is one with a known worst case execution time. That is, the execution time of real-time functions cannot exceed a specific and known value.

Inside a real-time function, you might be using functions that manage dynamic memory, such as new or delete. The execution time of these functions depends on how much memory the functions manage. Because their worst case execution time is not deterministic, using these functions in the real time phase of the application might result in unexpected behaviors, memory leaks, and memory fragmentation. Dynamic memory management in real time requires implementing deterministic implementations of these functions that have a known worst case execution time.

Avoid using non-real-time dynamic memory management functions in the real time phase of your application. Perform non-real-time memory operations in the non-real-time phase such as the initialization or the non-real-time state transitions.

Polyspace Implementation

To check for violations of this rule, specify your real-time functions by using the analysis option -code-behavior-specifications. In the code behavior specification XML file, specify a function as a real-time function by using the behavior REAL_TIME_FUNC. Polyspace® flags a specified real-time function if :

  • The function allocates or deallocates dynamic memory by using a non-real-time implementation.

  • The function calls a function that uses non-real-time dynamic memory management.

Polyspace assumes that these functions from the standard library use non-real-time implementation of dynamic memory management:

  • The operators new and delete.

  • std::make_unique()

  • std::vector::vector()

  • std::vector::reserve()

  • std::basic_string::basic_string()

You might use other functions in your code that use non-real-time implementation of dynamic memory management. Specify these functions as non-real-time dynamic memory management function by using the behavior MANAGES_MEMORY.

To use this rule, specify at least one entry that has the behavior REAL_TIME_FUNC. If you use this checker without specifying the code behavior, Polyspace produces a warning.

Troubleshooting

If you expect a rule violation but Polyspace does not report it, see Diagnose Why Coding Standard Violations Do Not Appear as Expected.

Examples

expand all

#include <cstdlib>
#include <new>
#include<vector>
extern bool pollSensor();
extern int getSize();
extern int getSensorData();
int* allocateIntArray(int size){
	return new int[size];  //Noncompliant
}
void deallocateIntArray(int* data){
	delete data;  //Noncompliant
}
void AppMain(){
	int* Data = allocateIntArray(getSize()); 
	int index = 0;
	while(1){
		if(pollSensor()){
			Data[index] = getSensorData(); ;
			//...
			
		}
		deallocateIntArray(Data);
	}
}
void AppMainAlt(){
	std::vector<int> Data;  //Noncompliant
	while(1){
		if(pollSensor()){
			Data.push_back(getSensorData());
		}
	}
}

To run this example, specify the functions AppMain and AppMainAlt as real-time functions. For instance, save this the code behavior specifications XML code as code_behavior.xml:

<specifications>
    <functions>
        <function name="AppMain">
            <behavior name="REAL_TIME_FUNC"/>
        </function>
        <function name="AppMainAlt">
            <behavior name="REAL_TIME_FUNC"/>
        </function>
    </functions>
</specifications>
After specifying the code behavior, add this option when running the analysis:
polyspace-bug-finder -sources source.c -autosar-cpp14 all -lang cpp -cpp-version cpp14 -code-behavior-specifications code_behavior.xml
polyspace-bug-finder -sources source.c -autosar-cpp14 all 
-lang cpp -cpp-version cpp14 -code-behavior-specifications code_behavior.xml

In this example, Polyspace flags non-real-time memory management in real-time functions.

  • The duration for the operation new in allocateIntArray() depends on the argument size and cannot be predetermined. Using this function in real time might result in a memory leak or a segmentation fault. Because allocateIntArray() is called from the real-time function AppMain, Polyspace raises a violation.

  • The non-real-time deallocation operation in deallocateIntArray() might result in a memory leak or a segmentation fault if the function is used in real time. Because deallocateIntArray() is called from the real-time function AppMain, Polyspace flags it.

  • Polyspace flags the non-real-time memory allocation operation allocateIntArray in the real-time function AppMain.

  • Polyspace flags the vector declaration, which is a non-real-time memory allocation operation, in the real-time function AppMainAlt.

#include <cstdlib>
#include <new>
#include<vector>
extern bool pollSensor();
extern int getSize();
extern int getSensorData();

void AppMain(std::vector<int>& Data){
	while(1){
		if(pollSensor()){
			Data.push_back(getSensorData());
		}
	}
}
int main(){
	std::vector<int> Data;
	Data.reserve(1024);
	AppMain(Data);
	return 0;
}

This example shows a best practice when using non-real-time memory management in a program that uses real-time functions. The memory allocation operation is performed in the function main(), which is not executed at real time. The real-time function is AppMain(), and this function does not perform any dynamic memory management. Separating memory management from real time functions might reduce the possibility of memory leaks, segmentation faults, and other unexpected behaviors.

Check Information

Group: Language support library
Category: Required, Non-automated

Version History

Introduced in R2022a

See Also

|

Topics