From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Thread: 103376,4e5770c49b971630
X-Google-NewGroupId: yes
X-Google-Attributes: gida07f3367d7,domainid0,public,usenet
X-Google-Language: ENGLISH,ASCII-7-bit
Path: 
 g2news2.google.com!news2.google.com!newsfeed2.dallas1.level3.net!news.level3.com!newsfeed-00.mathworks.com!nntp.TheWorld.com!not-for-mail
From: Robert A Duff <bobduff@shell01.TheWorld.com>
Newsgroups: comp.lang.ada
Subject: Re: High-Integrity OO and controlled types
Date: Mon, 02 May 2011 20:08:43 -0400
Organization: The World Public Access UNIX, Brookline, MA
Message-ID: <wcchb9csl10.fsf@shell01.TheWorld.com>
References: <d8204576-14ff-41a4-b850-ace9c15872d4@v8g2000yqb.googlegroups.com>
 <wccoc3mcdp5.fsf@shell01.TheWorld.com>
 <cyto1lalneg3$.lfdeey81xgqv.dlg@40tude.net>
 <wccmxj5rrka.fsf@shell01.TheWorld.com>
 <47nrp21n5a5b.1tmmgxawdp4ko$.dlg@40tude.net>
NNTP-Posting-Host: shell01.theworld.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: pcls6.std.com 1304381323 26391 192.74.137.71 (3 May 2011 00:08:43
 GMT)
X-Complaints-To: abuse@TheWorld.com
NNTP-Posting-Date: Tue, 3 May 2011 00:08:43 +0000 (UTC)
User-Agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.3 (irix)
Cancel-Lock: sha1:0iqmIAM65pXTJvz4AsIn5PmMEsQ=
Xref: g2news2.google.com comp.lang.ada:20098
Date: 2011-05-02T20:08:43-04:00
List-Id: <comp.lang.ada>

"Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de> writes:

> On Mon, 02 May 2011 12:32:53 -0400, Robert A Duff wrote:
>> Note that we're talking about pragmas Restrictions and Profile.
>
> Rather about rationale behind such restrictions.

OK.

>...You gave an example of an
> overhead caused by local access-to-controlled types.

No, all access-to-controlled types -- not just local ones.
And access to non-controlled types that contain controlled components.

And it's not just overhead (as in run-time efficiency) -- it's the complexity of
the run-time support.

And it's not access types per se -- it's heap-allocated objects
(i.e. "new") that introduces most of the complexity.

>..That has a far
> narrower scope than *any* usage of controlled types.

Yes, that's a fair point.  Perhaps the restrictions should have been
somewhat narrower.  But note that until recently, GNAT used a bunch of
run-time system calls (and linked lists) for stack-allocated controlled
objects, too.  It was a huge amount of work to fix that.

Another thing to consider: limited controlled types are simpler than
non-limited ones.

>...A restriction of such
> access types can be reasonable (as well as, and much more importantly,
> precluding dynamic accessibility checks).

Well, dynamic accessibility checks are a separate issue, but I must say:
I do NOT like dynamic accessibility checks.

>...Prohibiting all controlled types
> is just irrational.

I think "irrational" is too strong.  The people who want these sorts
of restrictions tend to like conservative rules.

- Bob