Memory allocation when throwing an exception.

Moderators: david ward, misra cpp

Post Reply
apasternak
Posts: 1
Joined: Tue Jul 10, 2018 1:01 pm
Company: Apex AI

Memory allocation when throwing an exception.

Post by apasternak » Tue Jul 24, 2018 1:15 pm

Dear all

While doing a memory audit of our framework for autonomous driving cars we realized that throwing any kind of exception dynamically allocates memory on compilers using the Itanium C++ ABI (notably gcc and clang). Further, throwing an exception may block for which is not acceptable for safety-critical real-time systems.

Neither Misra 2008 nor Autosar 14 or other guidelines forbid exceptions in safety-critical environments. What were the considerations when investigating this issue?

To solve this issue we created a library which replaces the dynamic memory allocation with a memory pool. This library is freely available here: https://github.com/ApexAI/static_exception

Any inputs or other approaches would be very welcome!

Best regards,

Andreas

misra cpp
Posts: 148
Joined: Mon Jun 02, 2008 1:55 pm
Company: MISRA

Re: Memory allocation when throwing an exception.

Post by misra cpp » Thu Oct 25, 2018 10:40 am

MISRA rules only apply to source code, not the binary. So any allocation of memory 'behind the scenes' by the compiler, without the explicit use of new or malloc in the source, doesn't violate the 'no dynamic memory' requirement.

However, it would be prudent to consider the suitability of the compiler's runtime system, e.g. whether the system may run out of memory whilst throwing the exception
Posted by and on behalf of
the MISRA C++ Working Group

Post Reply

Return to “6.15 Exception handling (C++)”