|
|
|
| R2012a Documentation → Simulink | |
Learn more about Simulink |
|
| Contents | Index |
| ID: Title | hisf_0064: Shift operations for Stateflow data to improve MISRA-C:2004 compliance | ||
|---|---|---|---|
| Description | To improve MISRA-C:2004 compliance of the generated code with Stateflow bit-shifting operations, do not perform: | ||
| A | Right-shift operations greater than the bit-width of the input type | ||
| B | Left-shift operations greater than the bit-width of the output type | ||
| Note | If you follow this and other modeling guidelines, you increase the likelihood of generating code that complies with the MISRA-C:2004 standard. | ||
| Rationale | A,B | To avoid shift operations in the generated code that might be a MISRA-C:2004 violation. | |
| References |
| ||
| Prerequisites | hisl_0060: Configuration parameters that improve MISRA-C:2004 compliance | ||
| Last Changed | R2011a | ||
| Example | In the first equation,
shifting 17 bits to the right pushes data stored in a 16–bit
word out of range. The resulting output is zero. In the second equation,
shifting the data 33 bits pushes data beyond the range of storage
for a 32–bit word. Again, the resulting output is zero.
| ||
| ID: Title | hisf_0065: Type cast operations in Stateflow to improve MISRA-C:2004 compliance | ||
|---|---|---|---|
| Description | To improve MISRA-C:2004 compliance of the generated code, protect against Stateflow casting integer and fixed-point calculations to wider data types than the input data types by: | ||
| A | Explicitly type casting the calculations | ||
| B | Using the := notation in Stateflow | ||
| Note | If you follow this and other modeling guidelines, you increase the likelihood of generating code that complies with the MISRA-C:2004 standard. | ||
| Rationale | A,B | To avoid shift operations in the generated code that might be a MISRA-C:2004 violation. | |
| References |
| ||
| Prerequisites | hisl_0060: Configuration parameters that improve MISRA-C:2004 compliance | ||
| Last Changed | R2011a | ||
| Example | The example shows the
default behavior and both methods of controlling the casting (explicitly
type casting and using the colon operator).
| ||
| ID: Title | hisf_0211: Protect against use of unary operators in Stateflow Charts to improve MISRA-C:2004 compliance | ||
|---|---|---|---|
| Description | To improve MISRA-C:2004 compliance of the generated code: | ||
| A | Do not use unary minus operators on unsigned data types | ||
| Note | The Stateflow action language does not restrict the use of unary minus operators on unsigned expressions. | ||
| Rationale | A | Improve MISRA-C:2004 compliance of the generated code. | |
| References |
| ||
| Last Changed | R2011b | ||
| Example | Not Recommended:
Applying the unary minus operator to the unsigned integer results in a MISRA-C:2004 Rule 12.9 violation. The resulting output wraps around the maximum value of 256 (uint8). In this example, if the input variable In_SF_uint8 equals 7, then the output variable varOut_uint8 equals 256 – (7 * 3), or 235. The simulation and code generation values are in agreement. | ||
| ID: Title | hisf_0212: Data type of Stateflow for loop control variables to improve MISRA-C: 2004 compliance | ||
|---|---|---|---|
| Description | To improve MISRA-C:2004 compliance of the generated code: | ||
| A | Explicitly select an integer data type as the control variable in a Stateflow for loop | ||
| Note | The default data type in Simulink and Stateflow is double. Explicitly select an integer data type. | ||
| Rationale | A | Improve MISRA-C:2004 compliance of the generated code | |
| References |
| ||
| Last Changed | R2011b | ||
| ID: Title | hisf_0213: Protect against divide-by-zero calculations in Stateflow charts to improve MISRA-C: 2004 compliance | ||
|---|---|---|---|
| Description | To improve MISRA-C:2004 compliance of the generated code for floating point and integer-based operations, do one of the following: | ||
| A | Perform static analysis of the model to prove that division by zero is not possible | ||
| B | Provide run-time error checking in the generated C code by explicitly modeling the error checking in Stateflow | ||
| C | Modify the code generation process using Code Replacement Libraries (CRLs) to protect against division by zero | ||
| D | For integer-based operations, in the Configuration Parameters dialog box, on the Optimization pane, clear Remove code that protects against division arithmetic exceptions | ||
| Note | Using run-time error checking introduces additional computational and memory overhead in the generated code. It is preferable to use static analysis tools to limit errors in the generated code. You can use Simulink Design Verifier™ or Polyspace® to perform the static analysis. If static analysis determines that sections of the code can have a division by zero, then add run-time protection into that section of the model (see example). Using a modified CRL or selecting the parameter Remove code that protects against division arithmetic exceptions protects division operations against divide-by-zero operations. However, this action does introduce additional computational and memory overhead. Use only one of the run-time protections (B, C or D) in a model. Using more than one option can result in redundant protection operations. | ||
| Rationale | A,B, C,D | Improve MISRA-C:2004 compliance of the generated code | |
| References |
| ||
| See Also | |||
| Last Changed | R2011b | ||
| Example | Run-time divide by zero
protection can be realized using a graphical function. Unique functions
should be provided for each data type.
| ||
 | Configuration Settings | System Level |  |
Learn more about Simulink through this collection of videos, articles, technical literature and the Getting Started with Simulink Guide.
| © 1984-2012- The MathWorks, Inc. - Site Help - Patents - Trademarks - Privacy Policy - Preventing Piracy - RSS |
