From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,7d83a6223f4f2443,start X-Google-Attributes: gid103376,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news3.google.com!news1.google.com!border1.nntp.dca.giganews.com!nntp.giganews.com!newsfeed00.sul.t-online.de!t-online.de!npeer.de.kpn-eurorings.net!npeer-ng2.de.kpn-eurorings.net!npeer-ng1.de.kpn-eurorings.net!newsfeed.arcor.de!newsspool4.arcor-online.net!news.arcor.de.POSTED!not-for-mail From: "Dmitry A. Kazakov" Subject: Run-time accessibility checks (was: Construction initialization problem) Newsgroups: comp.lang.ada User-Agent: 40tude_Dialog/2.0.15.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Reply-To: mailbox@dmitry-kazakov.de Organization: cbb software GmbH Date: Sat, 6 Dec 2008 11:15:04 +0100 Message-ID: NNTP-Posting-Date: 06 Dec 2008 11:15:04 CET NNTP-Posting-Host: a286767e.newsspool1.arcor-online.net X-Trace: DXC=LFF1`FHCb??^cW`WBF>WQ4Fo<]lROoR1^YC2XCjHcb9PGQ:iP4GL^1DNcfSJ;bb[5IRnRBaCd`4R;Q6ZoO>?gS@?<;]E`I2 X-Complaints-To: usenet-abuse@arcor.de Xref: g2news1.google.com comp.lang.ada:2901 Date: 2008-12-06T11:15:04+01:00 List-Id: On Fri, 5 Dec 2008 19:42:40 -0600, Randy Brukardt wrote: "Dmitry A. Kazakov" wrote in message news:d16z537mbee4$.wp9rmx0b7kjf.dlg@40tude.net... >> The language problem is lack of abstraction. If there were abstract access >> types, then you could make an instance of A implement the interface of >> "access A" and them simply put an object of A as a discriminant for B: >> >> type AA is new A and access A with null record; -- A and access to A >> overriding function "'Access" (X : A) return access A; >> function Create return AA; -- Creates an instance of AA >> B_with_A : B (Create); -- Constrain it by an object > > I don't understand this point at all. But it doesn't matter, because a > function like your function "access" doesn't work: the accessibility will be > wrong. Know what, nobody cares. The bad thing is that programmers used to use Unchecked_Access everywhere. The idea of accessibility checks was good, but its implementation in Ada was a flop. It would be interesting to make a poll, how many programmers 1. start straight with Unchecked_Access 2. write Access first and then switch to Unchecked_Access after the first compiler message without analyzing the message 3. try to understand the message and change the design My guess is 65-30-5. Yours? > I've been trying to work on this problem, but the obvious solutions would > require full dynamic accessibility checks, including passing the > accessibility of all by-reference parameters -- and that is way too > expensive to consider. Plus dynamic checks provide a new failure mechanism > for code; it's not clear that is an advantage. Ooch, this is the major contributor to the group 1. If I had any danger that X'Access might fail at run-time, I would immediately switch to X'Unchecked_Access. It is absolutely unacceptable to me that a correct program might fail at run-time because of accessibility checks. The only case I could buy it, if exceptions where contracted, so that I would get an compile-time error at some other place. Like "Constraint_Error may be propagated, but the contract states otherwise." > I think that I might be able to fix the problem in the context of the > containers only, and for dereference of the objects only, but it is not > clear that the fix is worth the effort. It certainly does not. IMO Ada needs "setters" with the syntax sugar of an assignment, it does not need outward access types. The whole idea is just not Ada. -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de