Re: Bug in Ada (SuSe 10.2) ?

["Randy Brukardt" <randy@rrsoftware.com>]

<billjones6789@yahoo.com> wrote in message
news:d8a465d3-9eae-480b-954f-93236e3a6203@s19g2000prg.googlegroups.com...
On Feb 22, 11:52 am, "Randy Brukardt" <ra...@rrsoftware.com> wrote:
>> These aren't "dangling pointer" checks (which would occur on the
>> dereference). If you wanted to talk about them informally, I'd call them
>> "lifetime" checks, but it is best to call them by their real name (which
you
>> finally did above). I thought you were talking about something completely
>> different.

>Sorry to confuse you.  Maybe my English is not so good.
>I was referring to this language-defined check by its high-level purpose
>rather than its low-level implementation model, the same way it is
>introduced in RM 3.10.2 paragraph 1, "The accessibility rules prevent
>dangling references ...".

I spend so much time in the language-lawyer cave (which requires only formal
terminology) that I can get confused by informal terminology -- especially
that which is not used in the standard. (Yes, I realize you found a mention
of it in a non-normative introduction paragraph, but of course I hardly ever
read those...)

>> Anyway, accessibility checks contain both a static and dynamic part, and
it
>> is fairly difficult to write an interesting program that passes the
static
>> check and fails the dynamic check.

>I provided what I thought to be a rather simple example program that
>demonstrated the dynamic case.  Do you mean to say that this example is
>fairly difficult to use in an interesting program?

I've completely forgotten your original point (or mine, for that matter), so
I'm probably babbling at this point.

You are using anonymous access parameters to achieve the effect. You are
quite correct that this is easy to do. That is in fact the problem: it is
easy to get a Program_Error from passing the "wrong" thing to a subprogram
that has an anonymous access parameter. Moreover, there is no way to
indicate in the specification what is required. Contrast this to parameters
that will be used as array indexes -- the specification ought to include the
appropriate range, in which case any check will take place at the call site
(and the error will be immediately obvious).

On top of that, the use of access parameters (rather than "in" or "in out")
clutters up the call site: both with a 'access and with "aliased"
declarations. Plus, there is a substantial runtime overhead for them
compared to named access types (where the checks are mainly static).

Thus, I believe that they should be avoided if at all possible. (I admit
that there are a few cases where they can't be avoided.) Indeed, a good ADT
should not contain the keyword "access" anywhere in the visible part - the
memory management of the top-level objects should be left to the client.

Net-net I tend to forget about the accessibility checks on anonymous access
parameters, because if you encounter them you probably are doing something
bad (using anonymous access parameters). Of course, all of this is personal
stylistic preferences; it is legal within the language.

Anyway, I'm pretty sure this is getting wildly off-topic.

                                    Randy.