Avoid Calls Via Function Pointer

I suggest avoiding calls via function pointer, because they can cause your embedded system to head off into la-la land when a stray pointer reference corrupts the data structure with the function pointer; and stray pointer references are notoriously difficult to find in an embedded system.

Code executed from ROM or flash memory is inherently less volatile than code executed from RAM. CPU's with memory protection help even if the code is executed from RAM, provided you can make the code section read-only. Simple subroutine calls in most languages are resolved at link time, meaning that the program flow can never get corrupted no matter how bad the data structures (except for the stack, which usually stores return addresses) get trashed. This means avoiding virtual functions in C++, since they are implemented using function pointers; but that's probably a good idea anyway unless you're actually relying on inheritance.

Note that I'm only suggesting avoiding calls via function pointers, not outlawing them. There are times like state machines and inherited functions when the benefit of using a function pointer (namely, it's easier to write code that works correctly) outweighs the cost (namely, it's harder to debug the system due to greater likelihood of CPU control flow getting lost).

---

Social Bookmark this page: