All geek questions in one place

How is dynamic memory allocation handled when high reliability is required?

It seems that dynamically allocating memory without garbage collection is a way to disaster. Hanging pointers there, memory leak here. It is very easy to fix a mistake that is sometimes difficult to find and which has serious consequences.

How are these problems solved when writing mission-critical programs? I mean, if I write a program that controls a spaceship, for example Voyager 1 , which should run for years and leave the smallest leak that can accumulate, and stop the program sooner or later, and when that happens, it will go into an epic glitch .

How is dynamic memory allocation allocated when a program needs to be extremely reliable?

+4
source share
4 answers

This is the same problem as a long web server or something like an integrated control system in a heating and ventilation system.

When I worked at Potterton and then at Schlumberger in the building energy management sector, we did not use dynamic memory allocation. We had fixed size blocks. This block will be used for a specific purpose and nothing else. The sizes of the blocks determined how many of them can be, so you can choose X from this and Y from this function, etc.

Sounds are limited, but for fixed, discrete tasks, that was enough.

This is important, because if you are mistaken, you can blow up the boiler and take half of the school building with you: - (

Summary. In some situations, you generally avoid dynamic memory.

+3
source

Usually in such cases, the memory will not be dynamically allocated. Fixed sections of memory are used to store arguments and results, and memory usage is tightly monitored and verified.

+4
source

Even without garbage collection and memory leaks, classic malloc / free can fail if you have fragmentation, so a static memory layout is the only reliable way to ensure that the problem does not occur.

+1
source

You can also develop a system with fault tolerance in case of errors during testing. Checkpoint and recovery methods can presumably be used for long-term programs such as the Voyager example, but it is probably difficult to implement when there are strict real-time requirements.

0
source

Source: https://habr.com/ru/post/1304230/

More articles:


All Articles