From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,34d47d048b177d0b
X-Google-Attributes: gid103376,public
From: bobduff@world.std.com (Robert A Duff)
Subject: Re: limited/non-limited in Ada95
Date: 1997/10/21
Message-ID: <EIFDy2.1uo@world.std.com>#1/1
X-Deja-AN: 282344725
References: <3442C2A3.3781@bix.com> <ufhgaghueo.fsf@synquiry.com>
 <mheaney-ya023680001810971145040001@news.ni.net>
 <JSA.97Oct20202120@alexandria.synquiry.com>
Organization: The World Public Access UNIX, Brookline, MA
Newsgroups: comp.lang.ada
Date: 1997-10-21T00:00:00+00:00
List-Id: <comp.lang.ada>


In article <JSA.97Oct20202120@alexandria.synquiry.com>,
Jon S Anthony <jsa@alexandria.synquiry.com> wrote:
>In article <mheaney-ya023680001810971145040001@news.ni.net> mheaney@ni.net (Matthew Heaney) writes:
>> I agree that aliasing can comprimise the safely of a limited type (everyone
>> ought to read Baker's Limited Robbery paper), but if the programmer always
>> implements a limited private type by using a full view that is itself
>> limited - which one can do in Ada 95 - then there is no problem.
>
>There are important cases where this is at _best_ impractical and
>actually is more like not _feasible_.  The _view_ for the
>implementation should not (can _not_) have limited semantics.  This is
>particularly evident when you are constructing GC for Ada _within_ the
>language.  Since this is one of Henry's main baileywicks, and since
>I've constructed such a GC asset suite _within_ the language, I can
>very easily understand where he is coming from.  It's _painfully_
>obvious when you have to actually deal with the situation.

Well, the rest of the world hasn't seen your GC stuff.  At least I
haven't.  So I can't quite understand what you're getting at, here.
What's wrong with having:

    type T is limited private;

then:

    type T_Contents is ...; -- not limited!
    type T is
        limited record -- to keep Henry from stealing bank accounts ;-)
            Contents: T_Contents;
        end record;

Now clients see a by-reference (return-by-reference, even!) type T, but
the implementation of the package itself can do assignments via
X.Contents := Y.Contents.

?

>> If the programmer doesn't use a by-reference type, then it's a case of
>> programmer indolence, not a language problem.
>
>Rubbish.

Perhaps others more intelligent than I can understand what you're saying
here, but for me, a mere "Rubbish" isn't quite detailed enough for me to
understand your point.  Perhaps you would care to elaborate?  Maybe give
an example from your GC stuff?  I'd like to see an example illustrating
the problem, and perhaps even a suggestion as to how the rules of the
language ought to be changed.

Yes, I understand Henry's paper, but that was before "limited record"
existed.  (I read Henry's paper before Ada 9X existed, so if there's a
new version that talks about Ada 95, please tell me to go read it.)

- Bob