[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Workspace location (vote)




On Wed, 7 Jul 1999, Trevor Higgins wrote:

> 
> As valid as any generalisation can be, my 'vote' is that the workspace stay
> located seperately from the heap. Setting it  at the opposite end
> to the heap with the stack between is a good start. While I could be 
> considered paranoid I do not have a lot of faith in using dynamic memory 
> allocation (malloc/free) as emperical evidence shows it is a major cause 
> of software failure, if a task is going to miscalculate a pointer then 
> I want it to be as statistically low as possible to write to kernel data 
> structures.
> Debugging programs on custom hardware without a MMU is much more 
> difficult if the kernel is crashed by a miscreant task.

This is the traditional argument for any RTOS that keeps its resource pool 
separate from that of the application.  In RTEMS, after the system is
initialized, the only things allocated dynamically are task stacks and
message buffers (at task and message queue create time, respectively).
Both of those are subject to the type of corruption you are referring to.  

I recall a patch to make the use of a separate workspace an optional
feature.  :)

--joel
Joel Sherrill, Ph.D.             Director of Research & Development
joel at OARcorp.com                 On-Line Applications Research
Ask me about RTEMS: a free RTOS  Huntsville AL 35805
   Support Available             (256) 722-9985