From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!feeder.eternal-september.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!newsfeed.xs3.de!news.jacob-sparre.dk!franka.jacob-sparre.dk!pnx.dk!.POSTED.rrsoftware.com!not-for-mail From: "Randy Brukardt" Newsgroups: comp.lang.ada Subject: Re: Intervention needed? Date: Tue, 19 Mar 2019 18:01:19 -0500 Organization: JSA Research & Innovation Message-ID: References: <6e1977a5-701e-4b4f-a937-a1b89d9127f0@googlegroups.com><6f9ea847-2903-48c8-9afc-930201f2765a@googlegroups.com> <874l7y4i7x.fsf@nightsong.com> Injection-Date: Tue, 19 Mar 2019 23:01:20 -0000 (UTC) Injection-Info: franka.jacob-sparre.dk; posting-host="rrsoftware.com:24.196.82.226"; logging-data="24418"; mail-complaints-to="news@jacob-sparre.dk" X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.5931 X-RFC2646: Format=Flowed; Original X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.7246 Xref: reader01.eternal-september.org comp.lang.ada:55904 Date: 2019-03-19T18:01:19-05:00 List-Id: "Paul Rubin" wrote in message news:874l7y4i7x.fsf@nightsong.com... > "Randy Brukardt" writes: >> A lot of what the ownership scheme does well isn't really necessary in >> Ada in the first place, as one can use a discriminant-dependent >> component to get the same effect without any pointers at all. > > Does that mean just some kind of tagged record? Of course that would > work the same way in other languages, maybe with different surface > syntax. No, I just mean a discriminanted record: subtype Short_Natural range 0 .. 100; type Short_List is (Len : Short_Natural := 0) is record Data : array (1 .. Len) of Element_Type; end record; Depending on the implementation, there might be no pointers at all in the implementation, or there might be some hidden ones that are handled automatically. Either way, there is no exposed pointers and thus no danger associated with them. One has to assign this as a whole, but that's usually easy. Janus/Ada has a lot of tiny linked lists that could probably have been done this way (and would be safer, but a bit less control over memory management). >> and singly-linked lists (which are just sequences of elements, can be >> modeled as an array just as well as with a list). > > I think that's not so easy: a common practice with linked lists is to > have multiple lists with different heads sharing the same tail. So > there has to be some indirection. True, but you (probably) can't do that in Rust anyway. Some background here: The basic idea behind pointer ownership is to prevent various issues by enforcing an invariant -- that each allocated object is stored in exactly one pointer object. This is enforced with a variety of runtime and compile-time rules. Now, it's clear that one can't even walk a data structure that way, so the idea of "borrowing" a pointer for a limited time was invented. Such borrowing has to be done in carefully controlled ways in order to keep it being safe -- for instance, no one can read or write the original pointer while it is borrowed. Multiple long-lived pointers that point at a single object are simply not allowed. In part, that's done by making assignment either illegal or a move (where the source is nulled when the pointer is assigned). For something like a cursor, that means that Rust-pointers couldn't be used to create the object. The entire point of a cursor is that it is a long-lived handle to a specific element in a larger data structure. One can't null out part of the data structure to create the handle, and if the assignment is banned completely, you could never create a valid cursor object in the first place. There are similar issues with back pointers in a data structure, as you might guess. Randy. Randy.