[英]Resources for memory management in embedded application
How should I manage memory in my mission critical embedded application? 我应该如何管理关键任务嵌入式应用程序中的内存?
I found some articles with google, but couldn't pinpoint a really useful practical guide. 我发现了谷歌的一些文章,但无法确定一个非常有用的实用指南。
The DO-178b
forbids dynamic memory allocations, but how will you manage the memory then? DO-178b
禁止动态内存分配,但是如何管理内存呢? Preallocate everything in advance and send a pointer to each function that needs allocation? 提前预先分配所有内容并发送指向需要分配的每个函数的指针? Allocate it on the stack?
在堆栈上分配它? Use a global static allocator (but then it's very similar to dynamic allocation)?
使用全局静态分配器(但它与动态分配非常相似)?
Answers can be of the form of regular answer, reference to a resource, or reference to good opensource embedded system for example. 例如,答案可以是常规答案,对资源的引用或对良好的开源嵌入式系统的引用。
clarification: The issue here is not whether or not memory management is availible for the embedded system. 澄清:这里的问题不在于内存管理是否适用于嵌入式系统。 But what is a good design for an embedded system, to maximize reliability.
但是什么是嵌入式系统的优秀设计,以最大限度地提高可靠性。
I don't understand why statically preallocating a buffer pool, and dynamically getting and dropping it, is different from dynamically allocating memory. 我不明白为什么静态预分配缓冲池,并动态地获取和删除它,与动态分配内存不同。
As someone who has dealt with embedded systems, though not to such rigor so far (I have read DO-178B, though): 作为处理过嵌入式系统的人,虽然到目前为止还没有这么严格(但我已经读过DO-178B):
Really, though, I think your answers might be found in joining http://www.do178site.com/ 但实际上,我认为您的答案可能会在加入http://www.do178site.com/时找到。
I've worked in a DO-178B environment (systems for airplanes). 我曾在DO-178B环境(飞机系统)工作过。 What I have understood, is that the main reason for not allowing dynamic allocation is mainly certification.
我所理解的是,不允许动态分配的主要原因主要是认证。 Certification is done through tests (unitary, coverage, integration, ...).
认证通过测试(单一,覆盖,集成......)完成。 With those tests you have to prove that you the behavior of your program is 100% predictable, nearly to the point that the memory footprint of your process is the same from one execution to the next.
通过这些测试,您必须证明您的程序行为是100%可预测的,几乎到了从一个执行到下一个执行的过程的内存占用量相同的程度。 As dynamic allocation is done on the heap (and can fail) you can not easily prove that (I imagine it should be possible if you master all the tools from the hardware to any piece of code written, but ...).
由于动态分配是在堆上完成的(并且可能失败),因此您无法轻易证明(我认为如果您掌握从硬件到编写的任何代码的所有工具,但是......)应该是可能的。 You have not this problem with static allocation.
静态分配没有这个问题。 That also why C++ was not used at this time in such environments.
这也是为什么此类环境中此时不使用C ++的原因。 (it was about 15 years ago, that might have changed ...)
(大约15年前,这可能已经改变了......)
Practically, you have to write a lot of struct pools and allocation functions that guarantee that you have something deterministic. 实际上,你必须编写很多结构池和分配函数,以保证你有一些确定性的东西。 You can imagine a lot of solutions.
你可以想象很多解决方案。 The key is that you have to prove (with TONS of tests) a high level of deterministic behavior.
关键是你必须证明(通过TONS测试)高水平的确定性行为。 It's easier to prove that your hand crafted developpement work deterministically that to prove that linux + gcc is deterministic in allocating memory.
更容易证明你的手工制作开发工作确定性地证明linux + gcc在分配内存方面是确定性的。
Just my 2 cents. 只需2美分。 It was a long time ago, things might have changed, but concerning certification like DO-178B, the point is to prove your app will work the same any time in any context.
很久以前,事情可能已经发生了变化,但是关于像DO-178B这样的认证,关键在于证明你的应用程序在任何情况下都可以随时工作。
Real-time, long running, mission critical systems should not dynamically allocate and free memory from heap. 实时,长时间运行,关键任务系统不应动态分配和释放堆中的内存。 If you need and cannot design around it to then write your own allocated and fixed pool management scheme.
如果您需要并且无法围绕它进行设计,那么请编写自己的分配和固定池管理方案。 Yes, allocated fixed ahead of time whenever possible.
是的,尽可能提前分配固定。 Anything else is asking for eventual trouble.
还有其他事情要求最终的麻烦。
Disclaimer: I've not worked specifically with DO-178b, but I have written software for certified systems. 免责声明:我没有专门使用DO-178b,但我已经为认证系统编写了软件。
On the certified systems for which I have been a developer, ... 在我作为开发人员的认证系统上,......
This left us with the following options ... 这给我们留下了以下选择......
Our company found that pools of structures and then get/releasing from/back into the pool was most useful. 我们公司发现,结构池然后从/返回池中获取/释放是最有用的。 We were able to keep to the model, and keep things deterministic with minimal problems.
我们能够保持模型,并以最小的问题保持确定性。
Hope that helps. 希望有所帮助。
Allocating everything from stack is commonly done in embedded systems or elsewhere where the possibility of an allocation failing is unacceptable. 从堆栈中分配所有内容通常在嵌入式系统或其他地方进行,其中分配失败的可能性是不可接受的。 I don't know what DO-178b is, but if the problem is that malloc is not available on your platform, you can also implement it yourself (implementing your own heap), but this still may lead to an allocation failing when you run out of space, of course.
我不知道DO-178b是什么,但是如果问题是你的平台上没有malloc,你也可以自己实现它(实现你自己的堆),但这仍然可能导致你运行时分配失败当然,没有太空了。
There's no way to be 100% sure. 没有办法百分百肯定。
You may look at FreeRTOS' memory allocators examples. 您可以查看FreeRTOS的内存分配器示例。 Those use static pool, if i'm not mistaken.
那些使用静态池,如果我没有弄错的话。
You might find this question interesting as well, dynamic allocation is often prohibited in space hardened settings (actually, core memory is still useful there). 您可能会发现此问题也很有趣,在空间强化设置中通常禁止动态分配(实际上,核心内存在那里仍然有用)。
Typically, when malloc() is not available, I just use the stack. 通常,当malloc()不可用时,我只使用堆栈。 As Tronic said, the whole reason behind not using malloc() is that it can fail.
正如Tronic所说,不使用malloc()背后的全部原因是它可能会失败。 If you are using a global static pool, it is conceivable that your internal malloc() implementation could be made fail proof.
如果您使用的是全局静态池,则可以想象您的内部malloc()实现可以进行故障验证。
It really, really, really depends on the task at hand and what the board is going to be exposed to. 它真的,真的,真的,取决于手头的任务以及董事会将要接触到的内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.