From: Maciej Sobczak <see.my.homepage@gmail.com>
Subject: Re: Limited use for limited with?
Date: Fri, 8 Oct 2010 01:05:36 -0700 (PDT)
Date: 2010-10-08T01:05:36-07:00 [thread overview]
Message-ID: <37e167dc-1741-4627-bef4-1fd8b32bdbeb@c10g2000yqh.googlegroups.com> (raw)
In-Reply-To: i8ekgk$ie8$1@munin.nbi.dk
On 5 Paź, 09:35, "Randy Brukardt" <ra...@rrsoftware.com> wrote:
> > Not at all. In my design Object knows nothing about registry. There is
> > no such dependency and therefore it does not have to be broken.
>
> But the Registries are completely unsafe! They have no way to protect
> against dangling pointers,
That's right. The problem is that none of the proposed solutions is
adequate here, for reasons that I have explained already.
My point is that this is one of those places where using plain
pointers is the best solution, even taking into account all its
potential problems.
Important note: in my design dangling pointers are prevented not by
registry or its obscure API, but by the purpose of the whole. In 100%
cases that are known to me the objects outlive the registry, so there
is no possibility to create dangling pointers. Granted, users *can*
write an artificial and nonsense code (perhaps to prove the point)
that will create dangling pointers, but no amount of protection will
prevent such intentional misuse.
Note that even now creating a dangling pointer requires explicit use
of 'Unchecked_Access. No matter what you do, you cannot protect the
user against him using Unchecked_XXX tools, which will always make all
your protections useless, no matter how sophisticated.
In short: you can protect against Murphy, but not against Machiavelli.
> It's always better to prevent abuse in the interface.
Unless the "protection" makes the system unusable. Clarity and ease of
use are important goals, too. Ironically, they even promote
correctness.
--
Maciej Sobczak * http://www.inspirel.com
next prev parent reply other threads:[~2010-10-08 8:05 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-28 7:37 Limited use for limited with? Maciej Sobczak
2010-09-28 9:04 ` Alex R. Mosteo
2010-09-30 7:24 ` Stephen Leake
2010-09-30 9:21 ` Alex R. Mosteo
2010-09-28 9:18 ` Ludovic Brenta
2010-09-28 12:59 ` Maciej Sobczak
2010-09-28 13:45 ` Dmitry A. Kazakov
2010-09-28 21:57 ` Maciej Sobczak
2010-09-29 6:03 ` Ludovic Brenta
2010-09-29 8:25 ` Maciej Sobczak
2010-09-29 7:51 ` Dmitry A. Kazakov
2010-09-29 8:38 ` Maciej Sobczak
2010-09-29 9:16 ` Dmitry A. Kazakov
2010-09-29 12:22 ` Maciej Sobczak
2010-09-29 13:41 ` Dmitry A. Kazakov
2010-09-29 15:07 ` Georg Bauhaus
2010-09-29 19:22 ` Dmitry A. Kazakov
2010-09-29 20:51 ` Maciej Sobczak
2010-09-29 21:18 ` Dmitry A. Kazakov
2010-10-05 7:35 ` Randy Brukardt
2010-10-08 8:05 ` Maciej Sobczak [this message]
2010-10-09 6:29 ` Randy Brukardt
2010-10-05 7:25 ` Randy Brukardt
2010-10-08 8:23 ` Maciej Sobczak
2010-10-09 6:13 ` Randy Brukardt
2010-10-10 14:13 ` Maciej Sobczak
2010-10-11 6:23 ` Randy Brukardt
2010-10-12 19:29 ` Maciej Sobczak
2010-10-12 20:19 ` Dmitry A. Kazakov
2010-10-13 2:09 ` Randy Brukardt
2010-10-13 8:44 ` Georg Bauhaus
2010-10-15 0:59 ` Randy Brukardt
2010-10-13 9:43 ` Maciej Sobczak
2010-09-28 15:15 ` Ludovic Brenta
2010-09-28 22:04 ` Maciej Sobczak
2010-09-28 15:54 ` Robert A Duff
2010-09-30 7:27 ` Stephen Leake
2010-09-30 7:33 ` Ludovic Brenta
2010-09-30 16:03 ` Adam Beneschan
2010-10-07 11:55 ` Stephen Leake
2010-10-07 18:27 ` Martin Krischik
2010-10-07 21:30 ` Adam Beneschan
2010-10-09 6:29 ` Martin Krischik
2010-10-09 18:35 ` Robert A Duff
2010-10-08 0:07 ` Randy Brukardt
2010-10-09 6:21 ` Martin Krischik
2010-09-28 9:32 ` Vadim Godunko
2010-09-28 11:34 ` stefan-lucks
2010-09-28 13:15 ` stefan-lucks
2010-09-28 16:55 ` Adam Beneschan
2010-09-28 17:31 ` Robert A Duff
2010-09-28 19:24 ` Adam Beneschan
2010-09-28 20:32 ` Vadim Godunko
2010-09-28 21:32 ` Adam Beneschan
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox