From: Florian Weimer <fw@deneb.enyo.de>
Subject: Re: Type safety on wikipedia
Date: Thu, 26 Jan 2006 20:07:50 +0100
Date: 2006-01-26T20:07:50+01:00 [thread overview]
Message-ID: <87fynaajuh.fsf@mid.deneb.enyo.de> (raw)
In-Reply-To: 1138283608.433842.76060@z14g2000cwz.googlegroups.com
> Even with unchecked conversion Ada has the 'Valid attribute, allowing
> the programmer to determine if the result of an unchecked conversion is
> a valid value.
Only in very limited cases.
> I do not see how Unchecked_Deallocation interferes with type safety.
The following is just a rough sketch, but maybe it helps to clarify
the terms.
A type system gives you a subset of all expressions which are
well-typed (in Ada, 1 + 1 is well-typed, but 1.0 + 1 is not).
A type-safe language has a type system with these two properties: any
well-typed expression which is not a value can be reduced to a simpler
expression, according to a set of run-time evaluation rules (which
define the semantics of the language) -- and these simplification
steps preserve the well-typedness of expressions.
(Of course, considerable notational overhead is needed to apply this
definitions in a rigorous manner to real-world programming languages.)
Now, suppose that X is a pool-specific access value for some type T,
and Free is a corresponding instance of Ada.Unchecked_Deallocation.
Suppose that
Free (X);
has just been exected. Suppose the next thing to be evaluated is
declare
Y : T := X.all;
begin
...
Now X.all is not a value, so it has to reduce (at run-time) to some
other expression. But the language definition explicitly tells you
that no such rule exists. Therefore, the first rule I mentioned is
violated, and Ada with Ada.Unchecked_Deallocation is not type-safe.
next prev parent reply other threads:[~2006-01-26 19:07 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-01-26 7:28 Type safety on wikipedia Martin Krischik
2006-01-26 11:58 ` Alex R. Mosteo
2006-01-26 17:10 ` Martin Krischik
2006-01-26 20:24 ` Simon Wright
2006-01-26 20:43 ` Simon Wright
2006-01-27 6:58 ` Martin Krischik
2006-01-26 23:43 ` Bobby D. Bryant
2006-01-27 11:14 ` Alex R. Mosteo
2006-01-27 11:57 ` Martin Krischik
2006-01-27 15:30 ` Larry Kilgallen
2006-01-27 19:04 ` Martin Krischik
2006-01-27 22:06 ` Larry Kilgallen
2006-01-28 7:04 ` Martin Krischik
2006-01-29 21:48 ` Florian Weimer
2006-01-27 12:43 ` Georg Bauhaus
2006-01-26 13:49 ` Rod Chapman
2006-01-26 17:05 ` Martin Krischik
2006-01-26 18:14 ` Martin Krischik
2006-01-26 13:53 ` jimmaureenrogers
2006-01-26 15:18 ` Alex R. Mosteo
2006-01-26 16:49 ` Martin Krischik
2006-01-26 18:19 ` Alex R. Mosteo
2006-01-26 20:38 ` Simon Wright
2006-01-27 11:13 ` Alex R. Mosteo
2006-01-27 19:38 ` Simon Wright
2006-01-27 23:24 ` Randy Brukardt
2006-01-28 6:53 ` Martin Krischik
2006-01-27 18:58 ` Martin Krischik
2006-01-27 19:50 ` Simon Wright
2006-01-28 6:52 ` Martin Krischik
2006-01-26 19:22 ` Dmitry A. Kazakov
2006-01-26 19:07 ` Florian Weimer [this message]
2006-01-27 0:38 ` jimmaureenrogers
2006-01-27 18:54 ` Martin Krischik
2006-01-28 1:48 ` Jan Andres
2006-01-28 6:44 ` Martin Krischik
2006-01-31 2:13 ` Randy Brukardt
2006-02-06 5:02 ` Dave Thompson
2006-02-06 8:29 ` Larry Kilgallen
2006-01-27 11:34 ` Alex R. Mosteo
2006-01-27 12:18 ` Martin Krischik
2006-01-27 15:27 ` Florian Weimer
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox