|
|
|
|
|
|
by Nokinside
3134 days ago
|
|
|
> double free or a memory leak, what should happen Both offensive and defensive programming is important in safety critical programs and I get your point, but those things you mention don't' happen in safety critical systems. There is no dynamic memory allocation. RTOS used will support "brick wall partitioning" for memory, processing and other resources. Different systems can run in the same OS but they cant' compete for processing time, locks or memory access. Everyone has been dealt the resources they can have from the start. It's not possible to run out file descriptors, memory if you allocate them statically from the start. Assertion errors or monitoring errors in safety critical systems usually cause reset or change into backup system. If the program state is large and reset is not safe, retreating to some earlier state (constant backups) is likely. |
|
|
Errors in logic happen everywhere.