[pdelbarba]

I really hope rust gains a foothold in the embedded market. We need these features badly. As uCs get more powerful (you can get 200mhz chips for a few dollars) with more RAM and complicated networked peripherals, it's a no-brainer to have these features available in a safe way. Currently if you have an application relying on dynamic memory usage, for instance, most developers will write their own simple memory management, usually in which you have an array that various things hold pointers to and get's freed all at once. All that just to spread some memory around, and concurrency is an even dirtier word than the heap...

[pjmlp]

Many of those features are already available in Ada, and to a lesser extent Pascal and Basic.

But yeah, more options is even better.

[dbcurtis]

On an ARM Cortex M4?

[pjmlp]

Yes, some examples, this list is not exhaustive.

- Oberon, http://www.astrobe.com/default.htm

- Java, http://www.microej.com/resources/supported-platforms/

- Pascal and Basic, https://www.mikroe.com/stm32/

- Ada, http://blog.adacore.com/tag/STM32

[pdelbarba]

No offense, but nobody in their right mind is going to use any of this in a production environment.

For instance, what will your hypersonic rocket do while garbage collection is running instead of it's real-time control loops?

[pjmlp]

I guess the French and US military using Aonix real time JVMs for weapons control and monitoring are the right set of persons to answer your question.

Also some military think memory leaks are irrelevant on missiles, given the ultimate garbage collector.

[touisteur]

Well it all depends how 'hard' your real-time is. If you go with Atego/aonix, you can get down to almost-C-Ada-like latencies but be ready to change your java coding style. Sliced-time GC works OK until you put too much pressure on it (concatenating logging strings that you're not going to record or display... allocating tons of small objets for local uses... Programming in 'Classic' java...) and it can't clean up fast enough... In the end you code in a small and sad watered down subset of java... I mean : java is everything (almost, except for primitive types) on the heap ! Avoid java collections (use javolution or hppc-rt instead), avoid auto-boxing, no local allocation, no String concatenation, no Selector API ('select' in java nio...) because it allocates like mad... God help you if you need to stream some amount of data via TCP. And be prepared to spend some time to fine tune the GC. You also take a hit on performance and compilation time compared to hotspot (you need aot compilation for real-time, the java runtime seems not as optimised... Not as many man-decades of work on it).

All in all I'd rank it 'easier' than C in developer comfort and proficiency but frankly, if you don't do C, I'd just go directly to Ada...

[bigiain]

Heh - saw that on Twitter last week: https://twitter.com/pomeranian99/status/858856994438094848

"Memory leaks on missiles don't matter, so long as the missile explodes before too much leaks."

[analognoise]

Hypersonic rockets are probably already running Ada.

[pdelbarba]

Good point :) I probably should have stuck to picking on Java. Ada is a pretty good example of a language that handles real time use cases with concurrency and memory pools well. That said, it's fallen out of favor in "recent" years.

[nickpsecurity]

There's a lot of them:

https://en.wikipedia.org/wiki/Embedded_Java

A particular vendor (formerly Aonix) that always had interesting innovations in runtimes, tradeoffs, FFI's, and so on:

http://www.businesswire.com/news/home/20050307005203/en/Aoni...

https://www.ptc.com/developer-tools/perc

Each of them is a company making serious money in embedded systems. A few do safety-critical. I'll let you wonder whether they were in their right mind for building Java apps and using Java runtimes that don't seem to fail in high-stakes circumstances.

[amelius]

Otoh controllers cost almost nothing, so you can get safe concurrency just by duplicating the CPU.

[pdelbarba]

You're not wrong, but this is sort of like saying that CPU's cost nothing, so just replace your i5 with 4 celerons. Distributed programming is even harder than multi-threaded programming if you need tightly coupled communication. Imagine you need to read an ADC (think oscilloscope output if you're not familiar) at 1MB/s and also need to be analyzing the data while talking to other devices on various peripherals about what you've found. You'll have to use Direct Memory Access most likely so communicating that data stream over SPI to another microcontroller might not be the best idea unless you have a lot of extra RAM to buffer everything in.

Edit: and the real reason you don't want to do this is because the EEs and manufacturing engineers on your project will try to kill you. Two uCs means two codebases and two devices to program during production, plus extra testing, more complicated design, and more parts to place (uC, crystal, caps, etc)

[VLM]

All problems disappear with enough speed. Eventually the main loop is fast enough that you can poll.

If you're doing something truly cutting edge your competitors aren't better than you are so you can afford that second uC and more parts.

Most of engineering judgment is finding the point where the goal is ambitious enough to keep up with or pass the competition while conservative enough that it'll likely work, or at least you won't get sued.

[pdelbarba]

In abstract this is true, but in real life, you get presented with a microcontroller and are told to make X happen in Y time. The current trend is where microcontrollers are becoming fast enough to essentially be bare-bones computers. Maybe they're so fast that you can poll a dozen sensors fast enough to respond to an event, but now clients want you need to drive a graphic display with all the system performance stats in real time and stream cat videos via UDP to it whenever the user gets bored.

Being able to squeeze the full potential out of these devices is getting harder and harder with current methods. Safe concurrency and memory management can allow developers to fully utilize their hardware without needing a grey beard to write some unreadable assembly that you later find out was just a plagiarized version of the Windows ME memory manager.

[kevin_thibedeau]

You can't just thrown in more, beefier hardware with hard power and volume constraints.

[dbcurtis]

Never trust a sentence with the word "just" in it.

Duplicating the microcontroller on a project where people spend all afternoon arguing about 10 cents on the BOM is not a welcome idea. Also, the most eye-opening required course I took as an undergrad was reliability engineering. After you learn to do the reliability math, adding several solder joints to the product purely out of laziness looks profoundly stupid. Neither idea makes you look good to the old grey-beards on the other side of the table at the design review.

[LeifCarrotson]

> Never trust a sentence with the word "just" in it.

Or the word 'never'. There are no absolutes! :)

[jandrese]

On the other hand building a system out of a lot of small processors tends to lead to very complex systems in the end, since the different parts almost always need to communicate at some point. In the end it doesn't buy you much since you end up having to write message passing systems and their associated handlers everywhere.