Main Content

AUTOSAR C++14 Rule A15-0-7

Exception handling mechanism shall guarantee a deterministic worst-case time execution time

Since R2022a

expand all in page

Description

Rule Definition

Exception handling mechanism shall guarantee a deterministic worst-case time execution time.

Rationale

Compilers, such as GCC or CLang, use dynamic memory allocation in the implementations of their exception handling mechanism. Dynamic memory allocation during exception handling results in a nondeterministic worst-case execution time. Such exception handling functions might raise memory allocation errors during run time. Avoid dynamic memory allocation in exception handling functions. Implement the exception handling functions so that memory is allocated before the run time.

Polyspace Implementation

Violations of this rule are raised when the exception handling functions in your code allocates or deallocates memory dynamically. Polyspace® recognizes the commonly used dynamic memory allocation functions and exception handling functions, including:

  • __cxa_allocate_exception

  • __cxa_throw

  • __cxa_free_exception

  • __cxa_begin_catch

  • __cxa_end_catch

  • Stack unwinding functions, such as _Unwind_RaiseException, _Unwind_Resume, _Unwind_DeleteException.

To check user-defined exception handling implementations, specify the user-defined exception handling and dynamic memory managing functions by using the analysis option -code-behavior-specifications. In the code behavior specification XML file, specify a function as an exception handling function by using the behavior EXCEPTION_HANDLING. Specify a function as a dynamic memory managing function by using the behavior MANAGES_MEMORY.

Troubleshooting

If you expect a rule violation but Polyspace does not report it, see Diagnose Why Coding Standard Violations Do Not Appear as Expected.

Examples

expand all

#include <cstdlib>
extern "C" void * __cxa_allocate_exception(size_t thrown_size) {
  return new char[thrown_size];   //Noncompliant
}

char bigBuffer[10*1024];
char* bigBufferPtr = bigBuffer;

extern "C" void* __cxa_begin_catch(void* unwind_arg) {
  char* ptr = bigBufferPtr;       // Compliant

  bigBufferPtr += *(int*)unwind_arg;

  return (void*)ptr;
}

In this example, the operator new allocates dynamic memory in the exception handling function __cxa_allocate_exception. Polyspace flags the use of dynamic memory allocation in the exception handling function. The best practice is to allocate memory elsewhere and use the allocated memory during exception handling. For instance, in the exception handling function __cxa_begin_catch, there is no dynamic memory allocation. Instead, memory is allocated statically in bigBuffer, which is then used in the function. This method of memory allocation for exception handling purposes is compliant with this rule.

Check Information

Group: Exception handling
Category: Required, Partially automated

Version History

Introduced in R2022a

See Also

Topics