I watched a video about how NASA writes code and the Rule of 10. In it, they discuss not using the heap memory.
Is that even possible in c#? If so, is it possible on EndPoint?
The rule of 10 is specifically for the C language.
Given C# objects can only be create on the heap, it is hard not to use the heap.
The C# version of the rule would say preallocate as much as you can at startup, and reuse objects, to avoid fragmenting the heap.
2 Likes
In C#, you can avoid heap memory by using value types (structs) and preallocating buffers instead of dynamic allocations. For EndPoint, check if it supports fixed-size buffers or custom memory management to help minimize heap usage. 
1 Like
Like most rules, the heap rule is subject to exceptions. If you treat heap allocation failures just like any other resource (sensor, actuator, peripheral) failure and have adequate handlers and recovery strategies for that situation, then it’s not a fatal design choice.
Even if you try to ‘only’ use value types, can you actually avoid all string operations? That will result in some pretty twisted looking C# code. And with the new darling of bare-metal programming, Rust, you’re faced with similar issues - strings and Box’d structs are all heap objects just like in C#, except with stricter allocation rules.
If you’re prepared for malloc/new failures, and you code so that you can recover by prioritizing tasks and/or calling for the parts of your program to dispose of existing heap references that they can recover later, then I don’t think strict banning of malloc makes much sense in the context of modern languages. Certainly not for Rust with the level of static analysis that gets done at compile time. For C#, ensure that where you do have dynamic allocations that you accommodate the case where they throw and then execute your recovery from that (or start searching for your mem leak).
fwiw, Rust can mem-leak if you use Arc or Rc types (ref-counted allocations) but it’s otherwise near impossible to mem-leak unless you also have runaway recursion somewhere.
2 Likes
But I can do things like have upper bounds on all loops and declare reusable loop variables outside the loop’s scope, right? Man, this should be a textbook.
Those things all sound like things that would be on the stack, not the heap, so yeah.