Go here to sign up for The Embedded Muse.
The Embedded Muse Logo The Embedded Muse
Issue Number 396, April 20, 2020
Copyright 2020 The Ganssle Group

Editor: Jack Ganssle, jack@ganssle.com

   Jack Ganssle, Editor of The Embedded Muse

You may redistribute this newsletter for non-commercial purposes. For commercial use contact info@ganssle.com. To subscribe or unsubscribe go here or drop Jack an email.

Editor's Notes

Express Logic

It has been two years since my last salary survey. Follow this link to take the 2020 version (it's only a dozen questions), which also has a question probing your work in these coronavirus times. I'll publish the results in the May 4 Muse. Three copies of The Art of Designing Embedded Systems will be awarded to three randomly-selected participants. Based on early results, the vast majority of us report we're working from home due to the virus.

Jack's latest blog: Lessons From a Failure

I'm on the AmpHour ("Keeping You Current") this week.

Quotes and Thoughts

The schedule you develop will seem like a complete work of fiction up until the time your customer fires you for not meeting it. David Akin

Tools and Tips

SEGGER SystemView analyzing embedded systems

Please submit clever ideas or thoughts about tools, techniques and resources you love or hate. Here are the tool reviews submitted in the past.

When faced with an intractable bug... wash your hands!

A new(ish) site for industrial IOT is interesting.

Percepio, responding to engineers working at home during the Coronavirus pandemic, are offering two months free use of their Tracealyzer.

Freebies and Discounts

This month's giveaway is a BBC Micro:bit Go Bundle.

Enter via this link.

More on Reuse

In reply to the last Muse's comments on reuse, Stuart Jobbins wrote:

With regards your re-use, I'm pretty sure that in a previous life (at Rolls-Royce as their CTO for Software Intensive Systems) we did a similar study (around the same time that Richard Selby came to speak at our Software Forum) and found that we were able to refine these findings according to 'dispersion' of the percentage of change. (I'm talking embedded control systems for Gas Turbines (Jet engines), Nuclear controls, Marine controls)

For instance if a software re-use of a product containing 4 modules had 3 modules completely re-used and the fourth entirely changed (25 % re-use) it was much better cost than if all 4 modules got hit for 25%. It may be obvious, but changes that cross boundaries (interfaces) generally cost more. Just looking at the dispersion allows you an easy modifier to Rick's findings.

I can't remember the 'tipping point' but if I recall correctly at about 10% change (replaced or modified lines of code) you hit about 50% of original (all new) costs and by 25% change about > 75% of costs. That may have been because the high-integrity software world of Aerospace and Nuclear has a lot of 'evidence' in the verification and validation.. and ad-hoc re-use tends to make engineers less considerate of the impact to the original design intent.

I have long been a believer in changes corroding ('rusting') software designs, where it takes a good deal of effort to keep true to the original architecture (structural and behavioural) intent, when often a 'change' may achieve the functionality.. but in the longer run is compromising the design, so I've also been a long-term advocate as a Product Line architect.

Its easy to modify a well-architected product, if you have a limited product life expectation... but takes a good deal of effort if you want an architectural concept to hold up over a long time as a core product  or strategic core for  a product line approach which can deliberately support configuration or variation (by design, with in-built controls for specific variant sets).

There is a very great deal of difference regards ad-hoc re-use and  a Software Product line approach.. and I am lucky enough to have spent many hours with the likes of Linda Northrop, Paul Clements, Frank van der Linden who are the gurus… if you have a number of products that you can assess as sufficiently 'derivative' to make the commercial investment!

John Carter commented:

In someway this has been my daily battle for decades...

A couple of things I observe in daily practice are...

  • Advocates of reuse sometimes fail by being overzealous and not following the 3 times rule. (ie. Copy and paste and tweak once, refactor and abstract on the third use when the line of abstraction is clear.)
  • Those most against code reuse often write the most unreusable code. Connascent coupling to other modules everywhere, globals causing sprawling side-effects, exponential call graph fan out, loose layering, cyclic dependencies, masses of hidden state, vast amounts of copy and paste, zero unit tests (or whole subsystem tests rather than fine grain unit tests), out of date documentation, no precondition checks in the code (often the very notion of what the preconditions are, is undefined (whatever the current and only client sets them up to be).

Sadly, this self fulling prophecy of "Oh, reuse costs too much" has many other costs....

  • Tests are a code's first reuse. Unreusable code  is Untestable code.
  • Code evolution is a code's second reuse. ie. If you change a client of a subsystem, you have effectively reused the subsystem. Undocumented coupling and dependencies are exposed and things break. ie. The code is fragile, leading to that evil mindset "If it ain't broke, don't fix it". (Subtext: "It's such a bloody fragile house of cards, touch it and the whole thing collapses irretrievably.")
  • Platform evolution is the third. We may argue "if it work's don't touch it" until we blue in the face.... but then component obsolescence comes along and we have to hack it all over the place.

I would argue that "Writing unreusable code, in the long term, costs the company".

Sequence Points in C

Do you know what this code does?

  sum = sum * 10 - '0' + (*p++ = getchar());   

Don't feel bad; no one does. As the standard says: "the actual increment of p can occur at any time between the previous sequence point and the next sequence point (the ;), and the call to getchar can occur at any point prior to the need of its returned value."

The standard lets compilers evaluate parts of an expression with all of the discipline of sailors at a bar on shore leave. It says "The order in which subexpressions are evaluated and the order in which side effects take place, except as specified for the function-call (), &&, ||, ?:, and comma operators" is unspecified.

To give us predictability the standard has the concept of sequence points, To quote the standard again: "The presence of a sequence point between the evaluation of expressions A and B implies that every value computation and side effect associated with A is sequenced before every value computation and side effect associated with B."

A sequence point occurs on:

  • A call to a function, after the arguments have been evaluated
  • The end of the first operand of the following operators:
    •   logical AND &&
    •   logical OR ||
    •   conditional ?
    •   comma ,
  • The end of a full declarator (a declarator is the part of a declaration (definition or initialization) that is not the type)
  • The end of a full expression:
    •    an initializer
    •    the expression in an expression statement (e.g., p(0);)
    •    the controlling expression of a if, switch, while or do
    •    each of the expressions of a for statement
    •    the expression in a return statement
  • Immediately before a library function returns
  • After the actions associated with each formatted input/output function conversion specifier
  • Immediately before and after each call to a comparison function (e.g., qsort), and also between any call to a comparison function and any movement of the arguments

So be very wary of expressions like:

b = a + a++;

The value of b is going to depend on the order of evaluation of the expression.

Because logical ANDs cause sequence points an expression like:

a++ && a++

is perfectly legitimate. But my preference is to avoid such constructs that may confuse the unwary.

Do note that adding a Lisp-like swarm of parenthesis will not change the compiler-generated order of evaluation.

MISRA rule 13.2 addresses sequence points: "The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders." (Emphasis in original).

CERT rule EXP30-C is more succinct: "Do not depend on order of evaluation between sequence points. "

Precedence Rules

Do you know C operator precedence rules? I don't. At least, not well. Most of us stumble when queried about this. In fact, in Developer Beliefs About Binary Operator Precedence by Derek M. Jones shows that even experienced developers strike out when asked which of C's 18 operators is evaluated before the others:

operator precedence results

John Watson was surprised when he found out that Sherlock Holmes didn't know that the Earth revolves around the sun. Holmes said "What the deuce is it to me? You say that we go round the sun. If we went round the moon it would not make a pennyworth of difference to me or to my work." I feel the same way about precedence rules. They are arcane and uninteresting. Much better: use parenthesis when the order of evaluation isn't crystal clear.

Clarity is our goal.

This Week's Cool Product

iRobot is launching a robot programming education initiative. They have (free!) on-line tools which let students develop and simulate robots. Looks like fun!

Note: This section is about something I personally find cool, interesting or important and want to pass along to readers. It is not influenced by vendors.


Let me know if you’re hiring embedded engineers. No recruiters please, and I reserve the right to edit ads to fit the format and intent of this newsletter. Please keep it to 100 words. There is no charge for a job ad.

Joke For The Week

These jokes are archived here.

Tis the dream of each programmer,
Before his life is done,
To write three lines of APL,
And make the damn thing run.

About The Embedded Muse

The Embedded Muse is Jack Ganssle's newsletter. Send complaints, comments, and contributions to me at jack@ganssle.com.

The Embedded Muse is supported by The Ganssle Group, whose mission is to help embedded folks get better products to market faster. We offer seminars at your site offering hard-hitting ideas - and action - you can take now to improve firmware quality and decrease development time. Contact us at info@ganssle.com for more information.