From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Thread: 103376,25e091afe1184988
X-Google-Attributes: gid103376,public
X-Google-Language: ENGLISH,ASCII-7-bit
Path: 
 g2news2.google.com!news4.google.com!news3.google.com!border1.nntp.dca.giganews.com!nntp.giganews.com!newsfeed00.sul.t-online.de!newsfeed01.sul.t-online.de!t-online.de!news.belwue.de!newsfeed.arcor.de!newsspool4.arcor-online.net!news.arcor.de.POSTED!not-for-mail
Date: Fri, 03 Nov 2006 12:59:21 +0100
From: Georg Bauhaus <bauhaus@futureapps.de>
Organization: elsewhere
User-Agent: Thunderbird 1.5.0.7 (Macintosh/20060909)
MIME-Version: 1.0
Newsgroups: comp.lang.ada
Subject: Re: Reference-oriented language and high-integrity software
References: <eiet3r$2on$1@cernne03.cern.ch>
	<87mz78zz1w.fsf@ludovic-brenta.org> <eif0qu$4k8$1@cernne03.cern.ch>
 <87hcxgye5b.fsf@ludovic-brenta.org>
In-Reply-To: <87hcxgye5b.fsf@ludovic-brenta.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID: <454b2e1b$0$18842$9b4e6d93@newsspool4.arcor-online.net>
NNTP-Posting-Date: 03 Nov 2006 12:55:07 CET
NNTP-Posting-Host: f10560be.newsspool4.arcor-online.net
X-Trace: 
 DXC=YII1^IJX]\h]l@YUW5NBkn4IUK<Cl32<a4Fo<]lROoRa4nDHegD_]Re27QRV281objA:ho7QcPOVcN?OFB1UcFod`PlI5;d;`ll
X-Complaints-To: usenet-abuse@arcor.de
Xref: g2news2.google.com comp.lang.ada:7355
Date: 2006-11-03T12:55:07+01:00
List-Id: <comp.lang.ada>

Ludovic Brenta wrote:
> Maciej Sobczak <no.spam@no.spam.com> writes:

>> So - let's imagine a language, which is reference-oriented with all
>> objects immutable. Apart from dynamic memory, is there any problem?
> 
> Yes.  Tracing the object code to the source text, and certifying the
> object code.  I'm not saying it's impossible to do; just that it's
> unacceptably expensive to do.

On what premises?
I could argue that an index value, while being in
range of its subtype, points(!) to the wrong half of an array.
While this looks like an algorithmical issue, 
deterministic handling of preallocated storage can be an algorithmic
issue, too. What about placement new or storage pools?
How expensive is proving an algorithm that maps a finite number
of source text variables to a fixed size storage pool as a function
of <...experts insert here...>?