将灵活数组更改为指针
[英]Change of flexible array into pointer
问题描述
I am working to get rid of MISRA violations coming in my C code. 
我正在努力摆脱我的C代码中出现的MISRA违规行为。 It is violating rule 18.7 . 它违反了规则18.7 。
struct abc {
struct header;
uint8_t data[]; /* Line 1 */
};
Here, Line 1 is causing the MISRA violations. 这里,第1行导致MISRA违规。
I tried to convert it into: 我试着把它转换成:
struct abc {
struct header;
uint8_t *data;
};
Can we do like the above or is it violating something ? 我们可以像上面那样做,还是违反了什么?
3 个解决方案
解决方案1
2 已采纳 2019-05-11 10:49:02
Your solution is semantically different and won't work even if it clears the violation. 您的解决方案在语义上是不同的,即使它清除了违规也无法工作。
The intent here is to create a structure that can act as a header for the contiguous data that follows it. 这里的目的是创建一个结构,该结构可以作为其后面的连续数据的标题。 So for example if you have: 例如,如果你有:
struct Message
{
struct abc info ;
char data[128] ;
} message ;
Such that message.info.data and message.data refer to the same thing and casting a struct abc to a struct Message allows a function to be defined for passing any object with a struct abc header. 这样, message.info.data和message.data引用相同的东西并将struct abc转换为struct Message允许定义一个函数来传递带有struct abc头的任何对象。 Effectively supporting polymorphism in C. 有效支持C中的多态性
Replacing it with: 替换为:
struct abc
{
struct header;
uint8_t* data;
};
is semantically different because the data member does not refer to the data contiguous with header . 在语义上是不同的,因为data成员不引用与header连续的数据。 The copy semantics also differ, and it is unlikely in the context of the code that uses the original structure that it will work as intended. 复制语义也不同,并且在使用原始结构的代码的上下文中它不太可能按预期工作。
GCC supports the following syntax: GCC支持以下语法:
struct abc
{
struct header;
uint8_t data[0] ;
} ;
but it is likely that is not MISRA compliant either. 但它很可能也不符合MISRA标准。 A compliant solution is to have: 符合要求的解决方案是:
struct abc
{
struct header;
uint8_t data[1] ;
} ;
But that inserts an extra character and any code that uses this as a header may need to accommodate that when accessing the data through the data member. 但是,这会插入一个额外的字符,任何使用此字符作为标题的代码都可能需要在通过data成员访问数据时使用它。
解决方案2
1 2019-05-13 06:56:52
All safety-related systems bans dynamic memory allocation, and therefore MISRA-C:2012 does so as well. 所有与安全相关的系统都禁止动态内存分配,因此MISRA-C:2012也是如此。 This is the rationale for rule 18.7: flexible array members are closely associated with with dynamic allocation and therefore not allowed. 这是规则18.7的基本原理:灵活的数组成员与动态分配密切相关,因此不允许。
The reason why dynamic allocation is banned is that there can be no non-deterministic behavior in these kind of systems. 动态分配被禁止的原因是在这些系统中不存在非确定性行为。 In addition, it doesn't make any sense to use dynamic allocation in microcontroller/RTOS applications. 此外,在微控制器/ RTOS应用中使用动态分配没有任何意义 。
You can swap the flexible array member for a pointer if it makes sense to your application. 如果对应用程序有意义,可以将灵活数组成员交换为指针。 But if it is some manner of protocol or data structure header, you probably want a fixed-size array instead. 但是,如果它是某种方式的协议或数据结构头,您可能需要一个固定大小的数组。 (And mind struct padding: storing data communication protocols in structs can be problematic because of alignment and endianess.) (并且介意struct padding:在结构中存储数据通信协议可能会因为对齐和endianess而存在问题。)
解决方案3
0 2019-05-11 09:50:58
Yes you can, as it makes the structure size deterministic and static, but it also forces you to allocate then release the needed space for data with malloc() and free() , or explicitly make it point to some already available space somewhere, each time you instanciate the structure. 是的,你可以,因为它使结构大小确定性和静态,但它也迫使你分配然后释放data所需的空间与malloc()和free() ,或明确使它指向一些已经可用的空间某处,每个你实现结构的时间。
What you probably want to do here is to specify a definite length to your array. 你可能想要做的是为数组指定一个确定的长度。 If however this structure is meant to actually describe the header of a data block, you may use data[1] then let your index exceed this value to access the rest (ISO C forbids 0-length arrays, though). 但是,如果这个结构实际上是为了描述数据块的标题,你可以使用data[1]然后让你的索引超过这个值来访问其余的(尽管ISO C禁止0长度数组)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.