Quote:
|
Originally Posted by Narue
>Our client does not like this memory reallocation, he thinks it's possibly dangerous and would like us to do something about it.
It sounds like your client is stupid. Clients dictate how the software is to behave and perform, but the inner workings are the decision of the developer based on those requirements and the client typically has no say in the matter. If a client told me to use an array because dynamic memory is possibly dangerous when a binary tree would be vastly superior, I would tell him to mind his own business and leave the programming to someone who actually knows how to do it right.
|
Dictating something like this is not necessarily the sign of a stupid client.
One characteristic of safety critical code (eg code which, if it fails, causes loss of life) is that its behaviour to all possible sets of inputs must be completely characterised and completely predictable. The reason for that requirement is that, if the behaviour is not completely characterised and predictable, it is extremely difficult to prove that it does not have undesirable failure modes. The behaviour of dynamic memory allocation is rarely predictable so it is difficult to prove that anything which does dynamic memory allocation cannot fail in some undesirable manner. For example, it is not possible to guarantee that a memory allocation will succeed, or (if it succeeds) that it will occur within a fixed interval of time. Hence, one VERY common guideline for safety critical code is to avoid ANY use of dynamic memory allocation (except possibly at program startup). An intelligent client with a safety critical application (eg medical equipment, aircraft control systems, control of nuclear reactors, etc etc) could therefore quite easily go to the level of detail of stipulating no dynamic memory allocation.