regarding 38b and 48a - Printable Version +- MISRA Discussion Forums (https://forum.misra.org.uk) +-- Forum: MISRA Autocode (https://forum.misra.org.uk/forumdisplay.php?fid=8) +--- Forum: MISRA AC SLSF discussions (https://forum.misra.org.uk/forumdisplay.php?fid=152) +--- Thread: regarding 38b and 48a (/showthread.php?tid=886) |
regarding 38b and 48a - stefania.botta - 02-03-2012 Hi, I have some doubt about the use in stateflow of matlab functions as min or max. The tools for autocoding haven't limitation to use in this way these matlab functions. So, why it is wrong to use these functions in stateflow? Thanks a lot, Stefania Botta. Re: regarding 38b and 48a - MISRA Reply - 08-03-2012 The underlying reason for these rules is to maximize the likelihood of the generated code being of the form intended, and maintain the greatest level of control over the generated code, by the model developer. In the Stateflow environment there is generally reduced capability to tailor the content, to affect the generated code, and more is left to the discretion of the code generator. Application of 38B will persuade the developer to implement any more complex functionality in the Simulink domain where there is more scope to ensure the generated code is as expected, especially with respect to data typing and scaling application across operations. 48A reinforces that, but also rules out using complex MATLAB functions for which generated code could easily be considerably more lengthy and complex than expected, e.g. a simple looking expression like inv(A) can yield more complex code than the developer might expect and, more importantly, it could lead to unexpected consequences that are hard to deal with; what happens if A is a singular matrix? However, neither of the guidelines completely rule out the use of MATLAB functions. If you believe there is a legitimate need for using simple functions, like min and max, for which you can easily demonstrate that the generated code is robust and without unexpected side-effects, then it is legitimate to raise a formal deviation against 48A, as per Section 2.2 of MISRA AC SLSF. Re: regarding 38b and 48a - stefania.botta - 03-04-2012 Are you going to introduce a deviation for min/max/abs matlab function, in the next version of the misra ac slsf document? Re: regarding 38b and 48a - MISRA Reply - 09-05-2012 The nature of generated code that will result from inlined MATLAB functions in a Stateflow chart is auto-code generator specific so it is very unlikely that deviation/exceptions will be identified for use of min/max/abs/any matlab function in that context in the MISRA AC SLSF document. Future versions of supporting auto-code generator guideline documents, e.g. MISRA AC TL, may provide specific guidance on interpretation of MISRA AC SLSF guidelines. For instance, in this case there could be scope to identify allowable exceptions/deviations in the auto-code specific guidelines for use of min/max/abs functions in Stateflow charts when using the specified auto-code generator with particular settings where resultant generated code may be assured by following a specified style/guidance. |