Rule 8.10 and init functions

6.8 Declarations and Definitions

Moderators: misra-c, david ward

Locked
Christoph
Posts: 1
Joined: Fri Nov 28, 2008 7:58 am
Company: TRW
Location: Radolfzell, Germany

Rule 8.10 and init functions

Post by Christoph » Fri Nov 28, 2008 9:41 am

Hi,

usualy when a C module is designed (at our company), it consists of at least one external function. An example:

module.h:
extern void initModule()
extern void setData(uint8_t data)
extern uint8_t getData()

now initModule() is called in main (once in the whole software), as it is an init function. From a design point of
view module.* is the right place for initModule(), but Misra suggests to define it in main, since it is only called there.
I think this is bad design and not always possible (e.g. because module variables are hidden and not accessible form main).

So what is your recommendation in such a case? Is there a best practice for this pattern?

Best Regards
Christoph

Lundin
Posts: 70
Joined: Mon Dec 10, 2007 1:57 pm

Re: Rule 8.10 and init functions

Post by Lundin » Tue Dec 02, 2008 2:33 pm

I think you have misunderstood the MISRA rule. It states:

"...if a function is only called from elsewhere within the same file, use static."

Your init function is not called from within the same file (module.c), it is called from main.c.
This rule only applies to cases with internal (private) functions:

Code: Select all

static void _fiddleWithInternalVariables (void);

void initModule (void)
{
  /* ... */
  fiddleWithInternalVariables();
}

static void _fiddleWithInternalVariables (void)
{
  /* ... */
}
So just keep doing the way you have always done, since it is indeed good program design to give program modules private encapsulation.

misra-c
Posts: 555
Joined: Thu Jan 05, 2006 1:11 pm

Re: Rule 8.10 and init functions

Post by misra-c » Thu Dec 04, 2008 9:18 am

MISRA C Rule 8.10 seeks to reduce the number of externally visible objects and functions – this is generally accepted as a good design principle. The rule states that any objects or functions that do not require external linkage should be given internal linkage using the static storage class specifier.

In your example, which is a good design, even though the init function is called only once, it requires external visibility because it is called from a function that is defined in another module. Therefore, Rule 8.10 does not apply.

As an example of when Rule 8.10 would apply, suppose you had a function defined in the main module. Suppose that this function should only ever be called by functions that are also defined in the main module. This function should be given internal linkage.
---
Posted by and on behalf of
the MISRA C Working Group

Locked

Return to “6.8 Declarations and Definitions”