Contenu principal

MISRA C:2023 Dir 4.3

Assembly language shall be encapsulated and isolated

Since R2024a

Description

Directive Definition

Assembly language shall be encapsulated and isolated1 .

Rationale

Encapsulating assembly language is beneficial because:

  • Encapsulating assembly instructions in a C source files clearly marks the boundary between C and assembly, making the code easier to read.

  • The name, and documentation, of the encapsulating macro or function makes the intent of the assembly language clear.

  • All uses of assembly language for a given purpose can share encapsulation, which improves maintainability.

  • You can easily substitute the assembly language for a different target or for static analysis purposes.

Polyspace Implementation

Polyspace® reports a violation of this rule if assembly language code is used without encapsulation. It is not a violation if the assembly code is encapsulated in:

  • Assembly language functions. Consider this code:

    asm int h(int tt)  //Compliant            
    { 
      % reg val;                   
      mtmsr val;                  
      return 3;                   
    }; 
    
    void f(void) { 
      int x; 
      x = h(3);                    
    }
    The function h() is declared as an asm function which encapsulate the assembly code. Polyspace does not report a violation.

  • #pragma directives. For example, in this code:

    #pragma inline_asm(h)
    int h(int tt)  //Compliant            
    { 
      % reg val;                   
      mtmsr val;                  
      return 3;                   
    }; 
    
    void f(void) { 
      int x; 
      x = h(3);                    
    }
    The #inline_asm pragma designates the function h() as an assembly language function. Polyspace does not report a violation.

  • Macros. For instance:

    #define FUNC_H\
    asm\
    {\
     % reg val; \                  
      mtmsr val;\                  
      return 3; \                  
    }; \
    
    void f(void) { 
      int x; 
      x = FUNC_H(3);                    
    } 
    The macro FUNC_H encapsulates the assembly code. Polyspace does not report a violation. You can also define such macros at the command line during the Polyspace analysis by using the options Preprocessor definitions (-D).

Troubleshooting

If you expect a rule violation but do not see it, refer to Diagnose Why Coding Standard Violations Do Not Appear as Expected.

Examples

expand all

enum boolVal {TRUE, FALSE};
enum boolVal isTaskActive;
void taskHandler(void);

void taskHandler(void) { 
    isTaskActive = FALSE; 
    // Software interrupt for task switching 
    asm volatile   /* Non-compliant */
    ( 
        "SWI &02"     /* Service #1: calculate run-time */ 
    ); 
    return; 
} 

In this example, the rule violation occurs because the assembly language code is embedded directly in a C function taskHandler that contains other C language statements.

Correction — Encapsulate Assembly Code in Macro

One correction is to encapsulate the assembly language code in a macro and invoke the macro in the function taskHandler.

#define  RUN_TIME_CALC \
asm volatile \
    ( \
        "SWI &02"     /* Service #1: calculate run-Time */ \
    )\

enum boolVal {TRUE, FALSE};
enum boolVal isTaskActive;
void taskHandler(void);

void taskHandler(void) {
    isTaskActive = FALSE;
    RUN_TIME_CALC;
    return;
}

Check Information

Group: Code design
Category: Required
AGC Category: Required

Version History

Introduced in R2024a


1 All MISRA coding rules and directives are © Copyright The MISRA Consortium Limited 2021.

The MISRA coding standards referenced in the Polyspace Bug Finder™ documentation are from the following MISRA standards:

  • MISRA C:2004

  • MISRA C:2012

  • MISRA C:2023

  • MISRA C++:2008

  • MISRA C++:2023

MISRA and MISRA C are registered trademarks of The MISRA Consortium Limited 2021.