From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: Preventing Unchecked_Deallocation?
Date: Thu, 9 Feb 2012 19:18:59 -0600
Date: 2012-02-09T19:18:59-06:00 [thread overview]
Message-ID: <jh1ra6$h09$1@munin.nbi.dk> (raw)
In-Reply-To: 5d25ffd0-a73e-48c6-aac1-d5e3b00c4e0a@l1g2000vbc.googlegroups.com
"Maciej Sobczak" <see.my.homepage@gmail.com> wrote in message
news:5d25ffd0-a73e-48c6-aac1-d5e3b00c4e0a@l1g2000vbc.googlegroups.com...
> On 9 Lut, 03:57, "Randy Brukardt" <ra...@rrsoftware.com> wrote:
>
>> > The smart user will define his own access types and will make pointers
>> > from your objects at the nearest opportunity and there's lots of them
>> > if the type in question is, for example, tagged.
>>
>> There is absolutely no *requirement* to use access types with tagged
>> types.
>
> Tagged types are aliased, which allows to obtain access values from
> their objects, now there is only one step to
> Unchecked_Deallocation. :-)
>
> And this is what I had in mind - it is not possible to completely
> defend against stupidity and if the user really wants, he will
> deallocate his own pointers to your own objects, even if you have no
> access types in your package specs.
>
> Putting it in other words: make something idiot proof and somebody
> will invent better idiots.
Well, as I said, a library needs to expect the objects it exports to
disappear at any time. If that's done (often that means the objects have to
be controlled, so they can be removed from internal data structures before
they're gone), then the client can deallocate to their heart's content
without damaging the the library. (Remember, Ada finalizes when
Unchecked_Deallocation is called. Same if you use the new subpool
mechanisms, or containers, or static allocation.)
We took this approach in Claw, simply because I didn't relish having to
explain to users that their "bug" was caused by their misuse of the library.
So we tried to "idiot-proof" it as much as possible.
You're of course right that there always is a bigger idiot out there, but
nothing semi-reasonable should be crashing reusable libraries. (One-time use
things is a different story, but be careful - a lot of one-time use things
tend to stick around for a long time.)
Randy.
next prev parent reply other threads:[~2012-02-10 1:19 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-02 23:41 Preventing Unchecked_Deallocation? Simon Belmont
2012-02-04 14:40 ` AdaMagica
2012-02-05 16:42 ` Simon Belmont
2012-02-06 12:52 ` Julian Leyh
2012-02-06 16:05 ` Adam Beneschan
2012-02-06 16:21 ` Adam Beneschan
2012-02-06 18:34 ` AdaMagica
2012-02-07 0:14 ` Simon Belmont
2012-02-07 2:19 ` Shark8
2012-02-07 16:39 ` Robert A Duff
2012-02-07 11:42 ` Gautier write-only
2012-02-07 21:11 ` Simon Belmont
2012-02-07 21:30 ` Robert A Duff
2012-02-07 22:23 ` Simon Wright
2012-02-07 23:07 ` Robert A Duff
2012-02-08 8:43 ` Simon Wright
2012-02-08 15:06 ` Robert A Duff
2012-02-09 2:22 ` Randy Brukardt
2012-02-09 7:28 ` Simon Wright
2012-02-07 23:06 ` Alan Copeland
2012-02-07 23:10 ` Robert A Duff
2012-02-09 2:49 ` Randy Brukardt
2012-02-09 3:39 ` Jeffrey Carter
2012-02-09 15:47 ` Adam Beneschan
2012-02-09 19:16 ` Jeffrey Carter
2012-02-09 7:37 ` Simon Wright
2012-02-10 1:08 ` Randy Brukardt
2012-02-10 7:35 ` Simon Wright
2012-02-07 6:26 ` Jeffrey Carter
2012-02-08 8:49 ` Maciej Sobczak
2012-02-08 23:40 ` BrianG
2012-02-09 2:57 ` Randy Brukardt
2012-02-09 7:13 ` Pascal Obry
2012-02-10 1:12 ` Randy Brukardt
2012-02-09 8:08 ` Maciej Sobczak
2012-02-10 1:18 ` Randy Brukardt [this message]
2012-02-07 16:27 ` Robert A Duff
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox