At 05:30 PM 3/25/01 +0200, you wrote:
> > Ultra reliable systems dont contain memory allocators. There are good
> reasons
> > for this but the design trade offs are rather hard to make in a real world
> > environment
>
>I esp. they run on CPU's without a stack or what?
No dynamic memory allocation AT ALL. That includes the prohibition of a
stack. I've seen avionics-loop systems that abstract a stack but the
"allocators" are part of the application and are designed to fall over
gracefully when they become full -- but getting this past a project manager
is hard, as it should be.
Then there are those systems with rather interesting watchdog timers. If
you don't tickle them just right, they fire and force a restart. The
nastiest of these required that you send four specific values to a specific
I/O port, and the hardware looked to see if the values violated certain
timing guidelines. If you sent the code too early or too late, or if the
value in the sequence was incorrect, BAM. The hardware was designed by a
guy with some rather interesting experiences with software "engineers"
dealing with watchdog timers...
Satch
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
