From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,FORGED_GMAIL_RCVD, FREEMAIL_FROM autolearn=no autolearn_force=no version=3.4.4 X-Received: by 2002:a6b:6f0a:: with SMTP id k10mr6624335ioc.185.1553252044412; Fri, 22 Mar 2019 03:54:04 -0700 (PDT) X-Received: by 2002:aca:61c4:: with SMTP id v187mr1260556oib.122.1553252044132; Fri, 22 Mar 2019 03:54:04 -0700 (PDT) Path: eternal-september.org!reader01.eternal-september.org!feeder.eternal-september.org!weretis.net!feeder6.news.weretis.net!feeder.usenetexpress.com!feeder-in1.iad1.usenetexpress.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!w126no101334ita.0!news-out.google.com!l81ni138itl.0!nntp.google.com!78no101523itl.0!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail Newsgroups: comp.lang.ada Date: Fri, 22 Mar 2019 03:54:03 -0700 (PDT) In-Reply-To: Complaints-To: groups-abuse@google.com Injection-Info: glegroupsg2000goo.googlegroups.com; posting-host=70.109.61.2; posting-account=QF6XPQoAAABce2NyPxxDAaKdAkN6RgAf NNTP-Posting-Host: 70.109.61.2 References: <6e1977a5-701e-4b4f-a937-a1b89d9127f0@googlegroups.com> <6f9ea847-2903-48c8-9afc-930201f2765a@googlegroups.com> <74339f3f-9591-45a3-8632-8834b4b466ab@googlegroups.com> User-Agent: G2/1.0 MIME-Version: 1.0 Message-ID: <5be8a4cc-84de-4716-9f0c-10907f451312@googlegroups.com> Subject: Re: Intervention needed? From: Jere Injection-Date: Fri, 22 Mar 2019 10:54:04 +0000 Content-Type: text/plain; charset="UTF-8" Xref: reader01.eternal-september.org comp.lang.ada:55927 Date: 2019-03-22T03:54:03-07:00 List-Id: On Friday, March 22, 2019 at 4:38:29 AM UTC-4, Optikos wrote: > On Thursday, March 21, 2019 at 10:16:24 PM UTC-4, Randy Brukardt wrote: > > "Optikos" wrote in message > > ... > > >What you describe as (a[n ab]use case for) cursors is in reality > > >a pointer in the end, ... > > > > Not a pointer, since a pointer is essentially a raw machine address which > > cannot detect problems. I'd call it a reference, as the abstract way of > > designating something. > > > > And cursors can be and often are implemented so that the likelihood of an > > undetected dangling reference is low to impossible. That's not possible for > > any sort of pointer. (You can do the Rust thing and do some sort of > > compile-time rules, but that doesn't help build complex data structures.) > > I am suspecting the same failure there in Rust. > Not really. In Rust they don't even use cursors. They go straight to iterators. On top of that, the combination of being able to specify the lifetime of all of your variables (if you need to) and the ownership rules gives them 100% safety from dangling references when they create and use those iterators. I can't speak for all of Ada, but it looks like GNAT starts with the assumption that the internal access type is valid (verifies not null), de-references it, and starts checking various elements of the de-referenced element/container (things like Next and Previous links when they exist, or Parent if it exists). I think it even traverses a few nodes down whatever data structure they happen to be using for good measure. It's a good sequence of checks, but not full proof. You could, theoretically (but very unlikely) have de-referenced random memory that just happened to look correct. I don't know how other compilers do it though. I don't think (or mean to imply) that Ada can't do equivalent or better to Rust. I am just saying, the couple of versions of GNAT I currently have do no yet.