tags:

views:

409

answers:

8

I am writing a large C program for embedded use. Every module in this program has an init() function (like a constructor) to set up its static variables.

The problem is that I have to remember to call all of these init functions from main(). I also have to remember to put them back if I have commented them out for some reason.

Is there anything clever I do to make sure that all of these functions are getting called? Something along the lines of putting a macro in each init function that, when you call a check_inited() function later, sends a warning to STDOUT if not all the functions are called.

I could increment a counter, but I'd have to maintain the correct number of init functions somewhere and that is also prone to error.

Thoughts?

The following is the solution I decided on, with input from several people in this thread

My goal is to make sure that all my init functions are actually being called. I want to do this without maintaining lists or counts of modules across several files. I can't call them automatically as Nick D suggested because they need to be called in a certain order.

To accomplish this, a macro included in every module uses the gcc constructor attribute to add the init function name to a global list.

Another macro included in the body of the init function updates the global list to make a note that the function was actually called.

Finally, a check function is called in main() after all of the inits are done.

Notes:

  1. I chose to copy the strings into an array. This not strictly necessary because the function names passed will always be static strings in normal usage. If memory was short you could just store a pointer to the string that was passed in.

  2. My reusable library of utility functions is called "nx_lib". Thus all the 'nxl' designations.

  3. This isn't the most efficient code in the world but it's only called a boot time so that doesn't matter for me.

  4. There are two lines of code that need to be added to each module. If either is omitted, the check function will let you know.

  5. you might be able to make the constructor function static, which would avoid the need to give it a name that is unique across the project.

  6. this code is only lightly tested and it's really late so please check carefully before trusting it.

Thank you to:

pierr who introduced me to the constructor attribute.

Nick D for demonstrating the ## preprocessor trick and giving me the framework.

tod frye for a clever linker-based approach that will work with many compilers.

Everyone else for helping out and sharing useful tidbits.

nx_lib_public.h

This is the relevant fragment of my library header file

#define NX_FUNC_RUN_CHECK_NAME_SIZE 20

typedef struct _nxl_function_element{
  char func[NX_FUNC_RUN_CHECK_NAME_SIZE];
  BOOL called;
} nxl_function_element;

void nxl_func_run_check_add(char *func_name);
BOOL nxl_func_run_check(void);
void nxl_func_run_check_hit(char *func_name);

#define NXL_FUNC_RUN_CHECK_ADD(function_name) \
  void cons_ ## function_name() __attribute__((constructor)); \
  void cons_ ## function_name() { nxl_func_run_check_add(#function_name); }

nxl_func_run_check.c

This is the libary code that is called to add function names and check them later.

#define MAX_CHECKED_FUNCTIONS 100

static nxl_function_element  m_functions[MAX_CHECKED_FUNCTIONS]; 
static int                   m_func_cnt = 0; 


// call automatically before main runs to register a function name.
void nxl_func_run_check_add(char *func_name)
{
  // fail and complain if no more room.
  if (m_func_cnt >= MAX_CHECKED_FUNCTIONS) {
    print ("nxl_func_run_check_add failed, out of space\r\n");
    return; 
  }

  strncpy (m_functions[m_func_cnt].func, func_name, 
           NX_FUNC_RUN_CHECK_NAME_SIZE);

  m_functions[m_func_cnt].func[NX_FUNC_RUN_CHECK_NAME_SIZE-1] = 0;

  m_functions[m_func_cnt++].called = FALSE;
}

// call from inside the init function
void nxl_func_run_check_hit(char *func_name)
{
  int i;

  for (i=0; i< m_func_cnt; i++) {
    if (! strncmp(m_functions[i].func, func_name, 
                  NX_FUNC_RUN_CHECK_NAME_SIZE)) {
      m_functions[i].called = TRUE;   
      return;
    }
  }

  print("nxl_func_run_check_hit(): error, unregistered function was hit\r\n");
}

// checks that all registered functions were called
BOOL nxl_func_run_check(void) {
  int i;
  BOOL success=TRUE;

  for (i=0; i< m_func_cnt; i++) {
    if (m_functions[i].called == FALSE) {
      success = FALSE;
      xil_printf("nxl_func_run_check error: %s() not called\r\n", 
                 m_functions[i].func);
     } 
  }
  return success;
}

solo.c

This is an example of a module that needs initialization

#include "nx_lib_public.h"

NXL_FUNC_RUN_CHECK_ADD(solo_init)
void solo_init(void)
{
  nxl_func_run_check_hit((char *) __func__);

  /* do module initialization here */
}
+1  A: 

Why not write a post processing script to do the checking for you. Then run that script as part of your build process... Or better yet, make it one of your tests. You are writing tests, right? :)

For example, if each of your modules has a header file, modX.c. And if the signature of your init() function is "void init()"...

Have your script grep through all your .h files, and create a list of module names that need to be init()ed. Then have the script check that init() is indeed called on each module in main().

Jody
+1  A: 

Splint (and probably other Lint variants) can give a warning about functions that are defined but not called.

It's interesting that most compilers will warn you about unused variables, but not unused functions.

Jeanne Pindar
It's rather hard to detect unused functions. Function pointers can make it rather hard to detect whether a function can ever actually be called.
Chris Lutz
GCC warns you about unused static functions, which is handy.
NXT
+1  A: 

I don't know how ugly the following looks but I post it anyway :-)

(The basic idea is to register function pointers, like what atexit function does.
Of course atexit implementation is different)

In the main module we can have something like this:

typedef int (*function_t)(void);

static function_t  vfunctions[100]; // we can store max 100 function pointers
static int         vcnt = 0; // count the registered function pointers

int add2init(function_t f)
{
  // todo: error checks
  vfunctions[vcnt++] = f;
  return 0;
}
...

int main(void) {
 ...
 // iterate vfunctions[] and call the functions
 ...
}

... and in some other module:

typedef int (*function_t)(void);
extern int add2init(function_t f);
#define M_add2init(function_name)  static int int_ ## function_name = add2init(function_name)

int foo(void)
{
   printf("foo\n");
   return 0;
}
M_add2init(foo); // <--- register foo function
Nick D
OK, I think I get it. very clever. But can C call a function in a static initializer? I tried a simple test and got an error from gcc: initializer element is not constant I wish I could put code in a comment so I could show you what I tried.
NXT
@NXT, it doens't work in C ? Aaah, I'll try to come up with a workaround if you don't find a better solution to your problem.
Nick D
@Nick D, I'm about to post a solution using the `constructor` attribute. But if you happen to know of another approach off the top of your head I'd love to hear it.
NXT
@NXT, I was going to propose a solution exactly like your `NXL_FUNC_RUN_CHECK_ADD` macro. Your solution seems ok. I'll experiment with it later. BTW, you could (can) have posted your solution as an answer and accepted it - you can still do it if you want.
Nick D
+1  A: 

If your single module represents "class" entity and has instance constructor, you can use following construction:

static inline void init(void) { ... }
static int initialized = 0;
#define INIT if (__predict_false(!initialized)) { init(); initialized = 1; }
struct Foo *
foo_create(void)
{
    INIT;
    ...
}

where "__predict_false" is your compiler's branch prediction hint. When first object is created, module is auto-initialized (for once).

Artur
+3  A: 

You can use gcc's extension __attribute__((constructor)) if gcc is ok for your project.

#include <stdio.h>
void func1() __attribute__((constructor));
void func2() __attribute__((constructor));

void func1()
{
    printf("%s\n",__func__);
}

void func2()
{
    printf("%s\n",__func__);
}

int main()
{
    printf("main\n");
    return 0;
}

//the output
func2
func1
main
pierr
Yes, GCC is what I'm using. This, combined with Nick D's idea, is probably the best answer. I'm trying it now.
NXT
+1  A: 

you can do something along these lines with a linker section. whenever you define an init function, place a pointer to it in a linker section just for init function pointers. then you can at least find out how many init functions have been compiled.

and if it does not matter what order the init functions are called, and the all have the same prototype, you can just call them all in a loop from main.

the exact details elude my memory, but it works soemthing like this:: in the module file...

//this is the syntax in GCC..(or would be if the underscores came through in this text editor)
initFuncPtr thisInit __attribute((section(.myinits)))__= &moduleInit;

void moduleInit(void)
{
// so init here
}

this places a pointer to the module init function in the .myinits section, but leaves the code in the .code section. so the .myinits section is nothing but pointers. you can think of this as a variable length array that module files can add to.

then you can access the section start and end address from the main. and go from there.

if the init functions all have the same protoytpe, you can just iterate over this section, calling them all.

this, in effect, is creating your own static constructor system in C.

if you are doing a large project and your linker is not at least this fully featured, you may have a problem...

tod frye
Very nice. Do you happen to know the syntax for accessing segment start and end addresses from C code? If you don't know it off the top of your head, I'll look it up myself.
NXT
IIRC, it every section gets at least a a start and end, soextern unsigned int myinits_start andextern unsigned int myinits_end should get the start and end address.you may have to touch up the linker script to add the section, and add these symbols...
tod frye
A: 

Can I put up an answer to my question?

My idea was to have each function add it's name to a global list of functions, like Nick D's solution.

Then I would run through the symbol table produced by -gstab, and look for any functions named init_* that had not been called.

This is an embedded app so I have the elf image handy in flash memory.

However I don't like this idea because it means I always have to include debugging info in the binary.

NXT
You can put up an answer to your question. You can even accept it as correct, if you wait two days, but you won't get any reputation.
Chris Lutz
+1  A: 

Larger running time is not a problem

You can conceivably implement a kind of "state-machine" for each module, wherein the actions of a function depend on the state the module is in. This state can be set to BEFORE_INIT or INITIALIZED.

For example, let's say we have module A with functions foo and bar.

The actual logic of the functions (i.e., what they actually do) would be declared like so:

void foo_logic();
void bar_logic();

Or whatever the signature is.

Then, the actual functions of the module (i.e., the actual function declared foo()) will perform a run-time check of the condition of the module, and decide what to do:

void foo() {
       if (module_state == BEFORE_INIT) {
           handle_not_initialized_error();
       }
       foo_logic();
}

This logic is repeated for all functions.

A few things to note:

  1. This will obviously incur a huge penalty performance-wise, so is probably not a good idea (I posted anyway because you said runtime is not a problem).
  2. This is not a real state-machine, since there are only two states which are checked using a basic if, without some kind of smart general logic.
  3. This kind of "design-pattern" works great when you're using separate threads/tasks, and the functions you're calling are actually called using some kind of IPC.
  4. A state machine can be nicely implemented in C++, might be worth reading up on it. The same kind of idea can conceivably be coded in C with arrays of function pointers, but it's almost certainly not worth your time.
Edan Maor
Sorry, I meant that running time is not an issue for the init() function, it is an issue everywhere else. But thanks for posting it anyway.
NXT