From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!aioe.org!.POSTED!not-for-mail
From: anon@att.net
Newsgroups: comp.lang.ada
Subject: Re: Deallocating an object twice
Date: Sun, 27 Jul 2014 11:30:23 +0000 (UTC)
Organization: Aioe.org NNTP Server
Message-ID: <lr2nse$ahi$1@speranza.aioe.org>
References: <lr1142$log$1@speranza.aioe.org>
Reply-To: anon@att.net
NNTP-Posting-Host: QLRqV9h5E7zBSIXIWd4/yQ.user.speranza.aioe.org
X-Complaints-To: abuse@aioe.org
X-Notice: Filtered by postfilter v. 0.8.2
X-Newsreader: IBM NewsReader/2 2.0
Xref: news.eternal-september.org comp.lang.ada:21278
Date: 2014-07-27T11:30:23+00:00
List-Id: <comp.lang.ada>


For most OS, deallocation of memory happens only if the program 
exits and returns it's allocated resources back to the OS. And 
for speed the underlying C library routine "free" does not truly
deallocate or mark the memory as unused. Which means passing a 
null pointer to the underlying C library function "free" will not 
generate an error, so neither does Ada.  This is apart of a bigger 
topic call "Garbage Collection".

Note: In the GNAT design if a storage pool is not present, the 
memory access is done by calling "System.Memory.Free" routine 
which only calls the underlying C library. So, no exception 
will be generated.

To correct this and limit the number of memory leaks, a program 
may employ a storage pool ( like the generic abstract package 
System.Storage_Pool ), and add the exception in the deallocation 
routine. But this feature does have this down sides, like slower 
speed and larger footprint for maintaining a allocation tables.

Note: GNAT does have a number of storage pools designs.

As for the exception it would fall under the Storage_Error scope.
The "Program_Error" exception are for special cases. 


In <lr1142$log$1@speranza.aioe.org>, Victor Porton <porton@narod.ru> writes:
>If I understand correctly, it is an undefined behavior (or is it called 
>unbounded error?) if a pool access is deallocated twice with 
>Unchecked_Deallocation.
>
>I think it should be a Program_Error (if checks are on).
>
>Why was not this done even in Ada2012 (not speaking about older Ada)?
>
>It's bad.
>
>Or is it done and I just miss it?
>
>-- 
>Victor Porton - http://portonvictor.org