From: Maciej Sobczak <no.spam@no.spam.com>
Subject: [SPARK] Code safety and information hiding
Date: Wed, 16 Aug 2006 09:56:55 +0200
Date: 2006-08-16T09:56:55+02:00 [thread overview]
Message-ID: <ebuj47$bal$1@sunnews.cern.ch> (raw)
Consider the following simple SPARK example:
package Random_Numbers is
--# own Seed
type Seed_Type is private;
procedure Rand(X out Float);
--# global Seed
--# derives Seed from Seed & X from Seed;
private
-- ...
end Random_Numbers;
The issue with this example is the apparent strong coupling between the
specification of Rand (of the whole package, in fact) and the
implementation details that pop up in specs in terms of the Seed name
used in annotations.
It looks that the dependency between the body and spec is no longer
one-way, as it logically should be, but the coupling is stronger - I
cannot even change the name of the own Seed object, because it will
force me to update the annotations in the specs; which in turn will
force other packages (which should not depend on what name I use for
Seed) that depend on these specs to recompile.
I don't find the above to be particularly disturbing, but I'm tempted to
conclude that in SPARK increased code safety has the price of reduced
information hiding, which itself was always considered to be a good
engineering practice.
Your comments are welcome.
--
Maciej Sobczak : http://www.msobczak.com/
Programming : http://www.msobczak.com/prog/
next reply other threads:[~2006-08-16 7:56 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-08-16 7:56 Maciej Sobczak [this message]
2006-08-16 8:53 ` Code safety and information hiding roderick.chapman
2006-08-16 11:18 ` Stuart
2006-08-16 13:23 ` Maciej Sobczak
2006-08-16 19:49 ` [SPARK] " Jeffrey R. Carter
2006-08-17 7:01 ` Maciej Sobczak
2006-08-17 18:08 ` Jeffrey R. Carter
2006-08-17 20:00 ` Björn Persson
2006-08-18 1:22 ` Jeffrey R. Carter
2006-08-18 19:39 ` Björn Persson
2006-08-19 5:35 ` Jeffrey R. Carter
2006-08-19 12:47 ` Björn Persson
2006-08-20 3:58 ` Jeffrey R. Carter
2006-08-20 11:35 ` Björn Persson
2006-08-18 23:02 ` Robert A Duff
2006-08-19 5:40 ` Jeffrey R. Carter
2006-08-19 9:49 ` Stephen Leake
2006-08-20 3:52 ` Jeffrey R. Carter
2006-08-20 19:06 ` Stephen Leake
2006-08-21 1:07 ` Jeffrey R. Carter
2006-08-21 7:25 ` Maciej Sobczak
2006-08-21 19:31 ` Jeffrey R. Carter
2006-08-21 19:58 ` Dmitry A. Kazakov
2006-08-21 21:06 ` Björn Persson
2006-08-22 7:16 ` Maciej Sobczak
2006-08-22 9:45 ` Björn Persson
2006-08-22 12:42 ` Maciej Sobczak
2006-08-22 7:27 ` Dmitry A. Kazakov
2006-08-21 11:30 ` Colin Paul Gloster
2006-08-22 10:51 ` Stephen Leake
2006-08-23 9:44 ` Peter Amey
2006-08-23 22:37 ` Jeffrey R. Carter
2006-08-24 10:55 ` Peter Amey
2006-08-24 23:33 ` Jeffrey R. Carter
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox