When your code absolutely, always, *has* to work :-).
Scott Lovenberg
scott.lovenberg at gmail.com
Tue Aug 7 10:09:16 MDT 2012
On Tue, Aug 7, 2012 at 12:01 PM, simo <idra at samba.org> wrote:
> On Tue, 2012-08-07 at 08:45 -0700, Jeremy Allison wrote:
>> On Tue, Aug 07, 2012 at 10:29:24AM +0200, Volker Lendecke wrote:
>> > On Mon, Aug 06, 2012 at 11:14:18AM -0700, Jeremy Allison wrote:
>> > > I found this really interesting:
>> > >
>> > > http://programmers.stackexchange.com/questions/159637/what-is-the-mars-curiosity-rovers-software-built-in/159638#159638
>> > >
>> > > http://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf
>> > >
>> > > Makes Samba seem a bit less reliable somehow :-).
>> >
>> > One problem here is that to me it seems those MISRA docs and
>> > tools are not available for free. I have looked at one
>> > point, but I could not find anything easily accessible. And,
>> > no malloc() is difficult for Samba I guess. We don't want a
>> > pre-allocated array of fsp's I think :-)
>>
>> No, I wasn't seriously suggesting no malloc, after all we're
>> not running on a spaceship :-).
>>
>> But I found the contraints really interesting - what you need
>> to do to C code to make it space-safe !
>
> Not just for space.
>
> The same guidelines are used for both military and civil aeronautics
> normally. And nuclear power plants, and anything really, really mission
> critical where failure would be super expensive or life threatening.
>
I was under the impression that avionics and most military code was
generally written in Ada because of the safety mechanisms built it?
A friend of mine works for a (large) company that does medical testing
and everything is written in Python. I thought he was joking when he
first told me.
--
Peace and Blessings,
-Scott.
More information about the samba-technical
mailing list