Re: Linux is not reliable enough?

linuxppc-dev.lists.ozlabs.org archive mirror
 help / color / mirror / Atom feed

From: "Mark Chambers" <markc@mail.com>
To: "Marius Groeger" <mgroeger@sysgo.com>
Cc: <linuxppc-embedded@lists.linuxppc.org>
Subject: Re: Linux is not reliable enough?
Date: Mon, 26 Jul 2004 09:46:58 -0400	[thread overview]
Message-ID: <004701c47317$073ce590$0301a8c0@chuck2> (raw)
In-Reply-To: Pine.LNX.4.61.0407260940220.2134@mag.sysgo.com

> On Sat, 24 Jul 2004, Mark Chambers wrote:
>
> > that the only way to prove reliability is with testing.  Linux is open
> > source, it won't cost anything to put it on a side by side test, and let
> > Linux speak for itself.
>
> Getting to the point where you can run this side by side test *will*
> cost money, and typically rather much, what's more. It is not likely
> that Kevin's customer is going to pay the implementation for two OSes,
> even if it is only to the prototype stage.
>

Yes, a good point.  But I'm speaking with a salesman voice.  For someone who
is an expert like Kevin he can no doubt prototype something fairly quickly,
and getting the customer to see something actually working is very powerful.
It puts the ball in the Chief Software Architect's (the CSA, hereafter :-)
court to justify the additional expense of QNX.

> So, thinking about the right OS for the job in advance, as they do, is
> a good idea. Only the thinking must be done right, of course :-)
>

Indeed.  I guess I should spell out what I think is wrong with the CSAs
apparent thinking:  He points out an aspect of linux, namely that drivers
can crash the system, as an issue that somehow makes linux intrinsically
unreliable.  But if you write drivers that don't crash the system then linux
is not unreliable.  The only operating system that doesn't allow a clever
programmer to crash is one that doesn't do anything.  Microkernels, they
say, allow you to do nifty things like replace the file system without
rebooting.  So that means you could swap in a buggy filesystem and destroy
the data on your disc/flash.  Without rebooting.  Which is good since you
won't be able to boot from your corrupted filesystem, which won't show up
until the next power failure, while the poor nurse with a flashlight talks
to a guy on the phone who assures her QNX can't fail.  So every OS, and
every feature, has its pro's and con's.  The question for any CSA is not 'is
this reliable' but 'can I make a reliable system using this component'?
Will the OS eat itself, or do I only have to worry about the mistakes I
make?  A carefully constructed linux system should be good for 5 or even 6
nines of reliability.

Mark Chambers

** Sent via the linuxppc-embedded mail list. See http://lists.linuxppc.org/

next prev parent reply	other threads:[~2004-07-26 13:46 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-07-22 12:00 random ramblings on 8xx patches (long and tedious :-) Robert P. J. Day
2004-07-22 17:46 ` Matt Porter
2004-07-23 12:34   ` Robert P. J. Day
2004-07-23 13:36     ` Wolfgang Denk
2004-07-23 14:09       ` Robert P. J. Day
2004-07-23 14:56         ` Wolfgang Denk
     [not found]         ` <410123EE.4000602@intracom.gr>
2004-07-23 15:56           ` Mark Chambers
2004-07-23 17:22           ` Wolfgang Denk
2004-07-23 21:06             ` Linux is not reliable enough? Kevin P. Dankwardt
2004-07-24  3:02               ` Linh Dang
2004-07-24  6:29                 ` Der Herr Hofrat
2004-07-25 16:23                 ` Wolfgang Denk
2004-07-24 11:35               ` Mark Chambers
2004-07-24 22:14                 ` MPC8245 Error No. 26 DeLaGarza, Robert
2004-07-26  7:49                 ` Linux is not reliable enough? Marius Groeger
2004-07-26 13:46                   ` Mark Chambers [this message]
2004-07-26 14:31                     ` Der Herr Hofrat
2004-07-26 15:42                     ` Marius Groeger
2004-07-27 11:20                     ` Robert Kaiser
2004-07-27 13:29                       ` Mark Chambers
2004-07-24 21:44               ` Sylvain Munaut
2004-07-25  3:00             ` Could 2_4_devel support RPXlite DW LCD panel? Song Sam
  -- strict thread matches above, loose matches on Subject: below --
2004-07-27 14:41 Linux is not reliable enough? Wells, Charles
2004-07-27 15:20 ` Mark Chambers
2004-07-27 15:59 Mészáros Lajos
2004-07-27 17:10 ` Oliver Korpilla
2004-07-27 23:08   ` Conn Clark

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='004701c47317$073ce590$0301a8c0@chuck2' \
    --to=markc@mail.com \
    --cc=linuxppc-embedded@lists.linuxppc.org \
    --cc=mgroeger@sysgo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).