10-01-2013, 02:16 PM
As I understand it, all of the options you proposed would violate the rule 20.4.
The rule precludes all dynamic memory allocation, and not just specific functions. It therefore also precludes a custom/proprietary implementation.
However, the MISRA rules take into account that sometimes rules will have to be broken - see the "Deviation procedure" section in MISRA-C:2004. You then carry the burden of convincing QA/auditors/certification authorities/whatever that you have understood and addressed all relevant issues. (You have to do that anyway - complying with the MISRA rules is one (good) way towards achieving this.)
Depending on the specific nature of your system and your particular requirements, you may perhaps be able to motivate your 3rd option (dynamic memory allocation permitted only during startup, no deallocation whatsoever), even though it does violate rule 20.4. It would appear that the memory-management approach you are suggesting has been used before. See, for example, the second paragraph in 2.1 on page 9 of http://www.adacore.com/uploads/technical...s_GNAT.pdf
(I am not affiliated in any way with Adacore or VxWorks, and I am not advocating the use of either of their products or services.)
Michael
The rule precludes all dynamic memory allocation, and not just specific functions. It therefore also precludes a custom/proprietary implementation.
However, the MISRA rules take into account that sometimes rules will have to be broken - see the "Deviation procedure" section in MISRA-C:2004. You then carry the burden of convincing QA/auditors/certification authorities/whatever that you have understood and addressed all relevant issues. (You have to do that anyway - complying with the MISRA rules is one (good) way towards achieving this.)
Depending on the specific nature of your system and your particular requirements, you may perhaps be able to motivate your 3rd option (dynamic memory allocation permitted only during startup, no deallocation whatsoever), even though it does violate rule 20.4. It would appear that the memory-management approach you are suggesting has been used before. See, for example, the second paragraph in 2.1 on page 9 of http://www.adacore.com/uploads/technical...s_GNAT.pdf
(I am not affiliated in any way with Adacore or VxWorks, and I am not advocating the use of either of their products or services.)
Michael
<t></t>