From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: Accessibility checks
Date: Wed, 17 Jul 2013 18:44:30 -0500
Date: 2013-07-17T18:44:30-05:00 [thread overview]
Message-ID: <ks7a8v$4nj$1@loke.gir.dk> (raw)
In-Reply-To: ks718g$aim$2@dont-email.me
"Jeffrey Carter" <spam.jrcarter.not@spam.not.acm.org> wrote in message
news:ks718g$aim$2@dont-email.me...
> On 07/17/2013 01:09 PM, Florian Weimer wrote:
>> One thing in Ada I could never quite grasp where the accessiblity
>> checks. I haven't seen much Ada code, and personally, I didn't have
>> much need for nested access types anyway. If I have used them, they
>> were still potentially unsafe due to aliasing or calls to
>> Unchecked_Deallocation in neighboring code.
>>
>> So what's the point for this language feature? It seems to add quite
>> a bit of complexity to the language.
>
> Ada 83 didn't have these checks, and had only named access types that
> could only designate objects created by an allocator ("new").
>
> Accessibility rules were introduced in Ada 95, along with general access
> types (declared with "all") that can access objects allocated on the
> stack, the 'Access and 'Unchecked_Access attributes, and anonymous access
> types in the forms of access parameters and access discriminants.
>
> Anonymous types are a Bad Idea, and anonymous access types are a Very Bad
> Idea. The language would be better off without them.
>
> Brukardt, ARG member and editor of the ARM, claims that 'Access never
> works and 'Unchecked_Access is always required, bypassing the
> accessibility checks. While this is not entirely true, it's quite common
> that one must use 'Unchecked_Access, so we could do without these rules
> and checks in the majority of cases.
That's not entirely true: I did find one (and only one) instance where I was
able to use 'Access in my code (it had to do with a library-level
initialization).
But for the most part, accessibility gets in the way more than it helps
anything. It does prevent some gross errors, but that's about it. The
dynamic checks are actually better, but that assumes that they're
implemented properly, and that has some distributed overhead.
The biggest advantage of the accessibility checks is that they taught us
(the ARG) what not to do. :-) When we designed anti-aliasing rules for Ada
2012, one of the big concerns was that they wouldn't turn into accessibility
checks. So we only make checks in cases where it's obvious that there is
something dubious going on, and there is no attempt at completeness.
It would be tempting to dump the entire accessibility mess into trash, but
the only alternative is erroneousness, which is too awful to contemplate.
Randy.
next prev parent reply other threads:[~2013-07-17 23:44 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-17 20:09 Accessibility checks Florian Weimer
2013-07-17 20:20 ` Alan Jump
2013-07-17 21:16 ` Jeffrey Carter
2013-07-17 23:44 ` Randy Brukardt [this message]
2013-07-18 0:39 ` Bill Findlay
2013-07-18 7:14 ` Simon Wright
2013-07-19 8:41 ` Georg Bauhaus
2013-07-19 4:48 ` Randy Brukardt
2013-07-22 6:11 ` ake.ragnar.dahlgren
2013-07-22 9:03 ` Bill Findlay
2013-07-24 13:01 ` ake.ragnar.dahlgren
2013-07-24 13:27 ` Dmitry A. Kazakov
2013-07-29 6:18 ` ake.ragnar.dahlgren
2013-07-18 0:41 ` Jeffrey Carter
2013-07-19 4:51 ` Randy Brukardt
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox