From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: Run-time accessibility checks
Date: Wed, 10 Dec 2008 19:03:23 -0600
Date: 2008-12-10T19:03:23-06:00 [thread overview]
Message-ID: <ghpot9$laq$1@munin.nbi.dk> (raw)
In-Reply-To: ggyyafzb06rk.1fkbqhnepowug$.dlg@40tude.net
"Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de> wrote in message
news:ggyyafzb06rk.1fkbqhnepowug$.dlg@40tude.net...
> On Sat, 6 Dec 2008 09:10:49 -0800 (PST), Ludovic Brenta wrote:
>
>> Dmitry A. Kazakov wrote:
>
>>> It is absolutely unacceptable to me that a correct
>>> program might fail at run-time because of accessibility checks.
>>
>> I differ here; to me, a program that fails an accessibility check at
>> run time is incorrect.
>
> Ah, I used to think this way too. But then I realized that this form of
> constraint is not a semantic one. Comparing to the constraint range 1..10,
> accessibility constraint is an implementation detail. It has no semantic
> meaning. When you assign a value outside the range that is semantically
> incorrect. When you assign a pointer that potentially might become
> dangling, that has no semantic meaning. The pointer is not yet dangling.
> The program correctness depends on whether it will become dangling.
You are wrong here; that occurs when an *static* accessibility check is
triggered that has to be checked at runtime because the source has dynamic
accessibility. That conversion between worlds is the problem. IMHO, the
static accessibility model is a pile of steaming dung - it never, ever works
(I have yet to successfully write 'Access in anything outside of ACATS
tests). OTOH, a fully dynamic model would only fail when the pointer really
is dangling, because the accessibility would stay with the access type and
there would never be any conversion to the static world. So that would only
represent a real bug. But of course it is a lot more expensive at runtime.
I'm going to write up a proposal for a fully dynamic model. I don't really
expect it to get anywhere, but at least we'll have it around the next time
someone starts realizing that static accessibility is complete junk.
Randy.
P.S. Although it is not completely clear from the Standard, Ada has two
virtually separate sets of definitions for static accessibility and
"dynamic" accessibility (the latter is called just plain "accessibility" to
add to the confusion). It's the static model that is such a mess; the
dynamic model is just fine.
Randy.
next prev parent reply other threads:[~2008-12-11 1:03 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-06 10:15 Run-time accessibility checks (was: Construction initialization problem) Dmitry A. Kazakov
2008-12-06 17:10 ` Ludovic Brenta
2008-12-07 8:44 ` Run-time accessibility checks Dmitry A. Kazakov
2008-12-07 14:56 ` Ludovic Brenta
2008-12-07 19:22 ` Dmitry A. Kazakov
2008-12-11 1:03 ` Randy Brukardt [this message]
2008-12-11 9:08 ` Dmitry A. Kazakov
2008-12-11 0:55 ` Run-time accessibility checks (was: Construction initialization problem) Randy Brukardt
2008-12-11 9:48 ` Run-time accessibility checks Dmitry A. Kazakov
2008-12-11 11:21 ` Georg Bauhaus
2008-12-11 11:40 ` Dmitry A. Kazakov
2008-12-11 22:15 ` Run-time accessibility checks (was: Construction initialization problem) Randy Brukardt
2008-12-11 22:31 ` Randy Brukardt
2008-12-13 0:49 ` Randy Brukardt
2008-12-13 9:06 ` Run-time accessibility checks Dmitry A. Kazakov
2008-12-16 1:53 ` Randy Brukardt
2008-12-16 9:28 ` Dmitry A. Kazakov
2008-12-16 22:21 ` Randy Brukardt
2008-12-17 8:54 ` Dmitry A. Kazakov
2008-12-12 9:21 ` Dmitry A. Kazakov
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox