The C++ standard for the F-35 Fighter Jet [video]

(www.youtube.com)

327 points AareyBaba | 2 comments | 07 Dec 25 18:07 UTC | HN request time: 0.47s | source

PDF: https://www.stroustrup.com/JSF-AV-rules.pdf

Show context

anonymousiam ◴[07 Dec 25 20:15 UTC] No.46184727[source]▶

The same is true for the software that runs many satellites. Use of the STL is prohibited.

The main issue is mission assurance. Using the stack or the heap means your variables aren't always at the same memory address. This can be bad if a particular memory cell has failed. If every variable has a fixed address, and one of those addresses goes bad, a patch can be loaded to move that address and the mission can continue.

replies(7): >>46185566 #>>46187219 #>>46188652 #>>46189307 #>>46190613 #>>46191199 #>>46196185 #

1. 0xffff2 ◴[08 Dec 25 18:57 UTC] No.46196185[source]▶

>>46184727 #

For what it's worth, I am an active developer of space flight software. This might be true somewhere, but it's not true anywhere I've ever encountered. The contortions required to avoid using the stack would be insane and cause far more bugs than it could ever prevent. I'm pretty confident asserting that this is simply not a thing. Even heap allocation is very often allowed, but restricted to program initialization only. Furthermore, these rules are relaxing all the time. I am aware of at least one mission currently in space that is flying the C++14 STL with no restrictions on heap allocation and exceptions enabled. Unmodified `std::map` is currently flying in space with no ill effects.

replies(1): >>46201517 #

2. anonymousiam ◴[09 Dec 25 05:23 UTC] No.46201517[source]▶

>>46196185 (TP) #

I'm guessing that you work for SpaceX.

↑