From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,c08a7609345f4e5 X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news3.google.com!proxad.net!feeder1-2.proxad.net!news.in2p3.fr!in2p3.fr!news.ecp.fr!news.jacob-sparre.dk!pnx.dk!not-for-mail From: "Randy Brukardt" Newsgroups: comp.lang.ada Subject: Re: Limited use for limited with? Date: Sat, 9 Oct 2010 01:29:24 -0500 Organization: Jacob Sparre Andersen Message-ID: References: <853314bc-0f79-435f-86a5-d7bcdd610731@c10g2000yqh.googlegroups.com> <36e886fa-b272-461f-bf86-a6b18366b64f@i5g2000yqe.googlegroups.com> <1eug9v5h5mf8d$.ud00hrz48lyr.dlg@40tude.net> <67044906-dacc-4526-b3f6-27e5323ab8fc@n3g2000yqb.googlegroups.com> <12chb4kbqt9ln$.zumsv1z9hqvk$.dlg@40tude.net> <292dd0bd-1fc4-4715-bb70-7655d0dc04eb@j24g2000yqa.googlegroups.com> <1ffdzc3fkapks$.15g452pvvgrem$.dlg@40tude.net> <37e167dc-1741-4627-bef4-1fd8b32bdbeb@c10g2000yqh.googlegroups.com> NNTP-Posting-Host: static-69-95-181-76.mad.choiceone.net X-Trace: munin.nbi.dk 1286605766 23535 69.95.181.76 (9 Oct 2010 06:29:26 GMT) X-Complaints-To: news@jacob-sparre.dk NNTP-Posting-Date: Sat, 9 Oct 2010 06:29:26 +0000 (UTC) X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.5931 X-RFC2646: Format=Flowed; Original X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5931 Xref: g2news1.google.com comp.lang.ada:14458 Date: 2010-10-09T01:29:24-05:00 List-Id: "Maciej Sobczak" wrote in message news:37e167dc-1741-4627-bef4-1fd8b32bdbeb@c10g2000yqh.googlegroups.com... ... >Important note: in my design dangling pointers are prevented not by >registry or its obscure API, but by the purpose of the whole. In 100% >cases that are known to me the objects outlive the registry, so there >is no possibility to create dangling pointers. I suppose it depends upon the use. If you are the *only* person that will ever work on this code, and you never make mistakes, then that might in fact be OK. >Granted, users *can* write an artificial and nonsense code (perhaps to >prove >the point) that will create dangling pointers, but no amount of protection >will >prevent such intentional misuse. Careful: I agree that intentional misuse (such as using Unchecked_Conversion to avoid checks) isn't really protectable. But most misuse is accidental, and can even happen by someone that knows better. It's really easy to declare an object inside of a subprogram by mistake. Someone (probably you) *will* do it sometime soon. Accessibility *might* protect you, but I've only have one single instance in my entire programming career where I was able to use 'Access; everywhere else I *had* to use 'Unchecked_Access (usually because the argument was a parameter) -- so I wouldn't count on that to be much help. If there are other programming using your packages, then you pretty much have to assume these sorts errors will happen. So what do you want to happen when someone accidentally misuses your code? The entire program mysteriously locks up? Or some sort of detection? I know which I prefer -- in Claw, we went to great lengths to ensure that everything will work cleanly no matter where someone declares a window -- in part because handling support calls are expensive. (And even helping programmers on your team in such cases is expensive.) >> It's always better to prevent abuse in the interface. > >Unless the "protection" makes the system unusable. Clarity and ease of >use are important goals, too. Ironically, they even promote >correctness. True, but there is nothing clear about a callback registry. It completely sacrifies safety (not just via dangling pointers, but also type safety) in order to make something easier for the programmer (the one person for whom "ease" is irrelevant). I think it is just a hack. Randy.