Re: Limited use for limited with?

["Randy Brukardt" <randy@rrsoftware.com>]

"Maciej Sobczak" <see.my.homepage@gmail.com> wrote in message 
news:37e167dc-1741-4627-bef4-1fd8b32bdbeb@c10g2000yqh.googlegroups.com...
...
>Important note: in my design dangling pointers are prevented not by
>registry or its obscure API, but by the purpose of the whole. In 100%
>cases that are known to me the objects outlive the registry, so there
>is no possibility to create dangling pointers.

I suppose it depends upon the use. If you are the *only* person that will 
ever work on this code, and you never make mistakes, then that might in fact 
be OK.

>Granted, users *can* write an artificial and nonsense code (perhaps to 
>prove
>the point) that will create dangling pointers, but no amount of protection 
>will
>prevent such intentional misuse.

Careful: I agree that intentional misuse (such as using Unchecked_Conversion 
to avoid checks) isn't really protectable. But most misuse is accidental, 
and can even happen by someone that knows better.

It's really easy to declare an object inside of a subprogram by mistake. 
Someone (probably you) *will* do it sometime soon. Accessibility *might* 
protect you, but I've only have one single instance in my entire programming 
career where I was able to use 'Access; everywhere else I *had* to use 
'Unchecked_Access (usually because the argument was a parameter) -- so I 
wouldn't count on that to be much help.

If there are other programming using your packages, then you pretty much 
have to assume these sorts errors will happen. So what do you want to happen 
when someone accidentally misuses your code? The entire program mysteriously 
locks up? Or some sort of detection? I know which I prefer -- in Claw, we 
went to great lengths to ensure that everything will work cleanly no matter 
where someone declares a window -- in part because handling support calls 
are expensive. (And even helping programmers on your team in such cases is 
expensive.)

>> It's always better to prevent abuse in the interface.
>
>Unless the "protection" makes the system unusable. Clarity and ease of
>use are important goals, too. Ironically, they even promote
>correctness.

True, but there is nothing clear about a callback registry. It completely 
sacrifies safety (not just via dangling pointers, but also type safety) in 
order to make something easier for the programmer (the one person for whom 
"ease" is irrelevant). I think it is just a hack.

                              Randy.