From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,c70f02b79bc3d231
X-Google-Attributes: gid103376,public
From: dewar@merv.cs.nyu.edu (Robert Dewar)
Subject: Re: dynamic memory allocation
Date: 1997/06/17
Message-ID: <dewar.866539898@merv>#1/1
X-Deja-AN: 249031172
References: <33A55F1B.63FE@gsfc.nasa.gov>
Organization: New York University
Newsgroups: comp.lang.ada
Date: 1997-06-17T00:00:00+00:00
List-Id: <comp.lang.ada>


Stephen says

<<They are proposing a message passing scheme where sending tasks allocate
buffers for each message from a heap, and receiving tasks deallocate. I
have suggested that the heap could become fragmented (the buffers are
NOT all the same size). They say "we'll just test it thoroughly".>>

In this case, thorough testing would have to mean that they will test all
conceivable inputs and sequences of inputs. If they can do that, fine, but
note that this is often difficult :-)

In particular, for example, Intel could not or at least did not thoroughly
test the divide on the Pentium (if you need an example in discussing this).

Obviously we have to assume this is non-critical software where it does
not matter if it sometimes fails. We deduce that from the fact that someone
thinks that testing is an adequate indicator of correctness. Often for
non-critical software this is the case, and indeed such software does often
use dynamic allocation.

For critical software however, where reliability and correctness are
required, it is out of the question to use dynamic allocation unless
you can prove that storage error cannot occur.