MISRA Discussion Forums
Memory allocation when throwing an exception. - Printable Version

+- MISRA Discussion Forums (https://forum.misra.org.uk)
+-- Forum: MISRA C++ (https://forum.misra.org.uk/forumdisplay.php?fid=18)
+--- Forum: MISRA C++:2008 rules (https://forum.misra.org.uk/forumdisplay.php?fid=19)
+---- Forum: 6.15 Exception handling (C++) (https://forum.misra.org.uk/forumdisplay.php?fid=143)
+---- Thread: Memory allocation when throwing an exception. (/showthread.php?tid=1442)



Memory allocation when throwing an exception. - apasternak - 24-07-2018

Dear all

While doing a memory audit of our framework for autonomous driving cars we realized that throwing any kind of exception dynamically allocates memory on compilers using the Itanium C++ ABI (notably gcc and clang). Further, throwing an exception may block for which is not acceptable for safety-critical real-time systems.

Neither Misra 2008 nor Autosar 14 or other guidelines forbid exceptions in safety-critical environments. What were the considerations when investigating this issue?

To solve this issue we created a library which replaces the dynamic memory allocation with a memory pool. This library is freely available here: https://github.com/ApexAI/static_exception

Any inputs or other approaches would be very welcome!

Best regards,

Andreas


Re: Memory allocation when throwing an exception. - misra cpp - 25-10-2018

MISRA rules only apply to source code, not the binary. So any allocation of memory 'behind the scenes' by the compiler, without the explicit use of new or malloc in the source, doesn't violate the 'no dynamic memory' requirement.

However, it would be prudent to consider the suitability of the compiler's runtime system, e.g. whether the system may run out of memory whilst throwing the exception