From: eachus@spectre.mitre.org (Robert I. Eachus)
Subject: Re: Child packages [nn,pedo,incest,cons]
Date: 17 Oct 94 11:52:40
Date: 1994-10-17T11:52:40+00:00 [thread overview]
Message-ID: <EACHUS.94Oct17115240@spectre.mitre.org> (raw)
In-Reply-To: Robb.Nebbe@di.epfl.ch's message of 17 Oct 1994 08:18:23 GMT
In article <1994Oct17.091621@di.epfl.ch> Robb.Nebbe@di.epfl.ch (Robb Nebbe) writes:
> But you have to want to shoot yourself in the foot. I would think it
> would be almost impossible to "accidently" declare a child package
> and muck around with private information.
Never underestimate stupidity, you can't overestimate it.
"Against stupidity, the Gods themselves contend in vain." Schiller(sp?)
You have to know why it is a bad thing. There are no warning signs
posted. And I don't expect people to spend lots of effort adding
comments to package specifications explaining what catastrophes can be
created by illegitimate children.
Also, it is possible to write packages so that illegitimate
children are inherently safe. It takes a little more effort, but
since it is possible many coding practices will favor it.
But look what happens when someone whose entire experience was in
such an envirionment moves to a company with different practices.
Maybe what we need are a few "stickers." One line comments to be
put as the first thing in a private part and explain the relative risk
of illegitimate children:
"This package is designed to freely allow child units to be added."
"Any child unit which updates state in this private part must
observe the locking protocol."
"This subsystem was not designed to allow addition of child units.
User defined child units may be broken by new implementations of the
subsystem."
"This package will break in the presence of unanticipated child units."
I guess I'll have to start doing that for Ada 9X code. They
certainly belong in any published code (including in RM9X) but there
is a lot of Ada 83 code around without the stickers on it.
(I'll turn this into an "official" 9X comment. The private parts
of all the language defined packages say:
private
... -- not specified by the language
end...
At a minimum, either paragraphs 1.1.3(18-19) should specify that
not specified is the same as unspecified, or all those comments shoul
change. But I think the best idea would be to also explicitly define
for which language defined packages, if any, user defined children
should not take advantage of visibility into the private part. (As I
indicated, and I hope as implementors will do it, it should be
possible to allow (implementation dependant) user defined child units
for most language defined packages without risk.)
--
Robert I. Eachus
with Standard_Disclaimer;
use Standard_Disclaimer;
function Message (Text: in Clever_Ideas) return Better_Ideas is...
next prev parent reply other threads:[~1994-10-17 11:52 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
1994-09-29 20:08 Is Ada the future? [was: Is C++ the future?] John DiCamillo
1994-09-30 13:45 ` David Weller
1994-10-01 21:40 ` John DiCamillo
1994-10-03 9:53 ` Robert I. Eachus
1994-10-03 20:41 ` John DiCamillo
1994-10-04 8:41 ` Robb Nebbe
[not found] ` <85C825A689A@annwfn.com>
1994-10-13 14:40 ` John Volan
1994-10-13 21:14 ` Matt Kennel
1994-10-14 0:37 ` Robert Dewar
1994-10-14 10:16 ` Robb Nebbe
1994-10-14 20:43 ` Bob Duff
1994-10-13 22:01 ` Val Kartchner
1994-10-14 1:38 ` Robert Dewar
1994-10-14 9:31 ` Robb Nebbe
1994-10-14 16:16 ` Child packages [nn,pedo,incest,cons] Robert Firth
1994-10-14 17:13 ` Robert I. Eachus
1994-10-17 8:18 ` Robb Nebbe
1994-10-17 11:52 ` Robert I. Eachus [this message]
1994-10-17 21:54 ` Bob Duff
1994-10-18 10:30 ` Child packages Robb Nebbe
1994-10-18 9:37 ` Robert I. Eachus
1994-10-18 19:09 ` Robert Dewar
1994-10-19 11:03 ` Robert I. Eachus
1994-10-19 16:24 ` Norman H. Cohen
1994-10-19 23:13 ` Robert Dewar
1994-10-20 14:06 ` Norman H. Cohen
1994-10-20 11:09 ` Robert I. Eachus
1994-10-20 19:02 ` Benjamin Ketcham
1994-10-20 17:08 ` Robert I. Eachus
1994-10-20 16:37 ` Bob Duff
1994-10-20 16:40 ` Bob Duff
1994-10-21 14:02 ` Mark Biggar, 5172
1994-10-21 8:48 ` Robb Nebbe
1994-10-19 18:54 ` Robert Dewar
1994-10-20 0:27 ` Matt Kennel
1994-10-20 8:21 ` Magnus Kempe
1994-10-20 13:52 ` John Volan
1994-10-19 16:19 ` Norman H. Cohen
1994-10-04 14:44 ` Is Ada the future? [was: Is C++ the future?] Robert Dewar
1994-10-04 15:53 ` Richard Kenner
[not found] ` <36h4pc$9dd@starbase.neosoft.com>
1994-09-30 20:15 ` Benjamin Ketcham
1994-10-02 16:30 ` Robin Rowe
1994-10-02 18:00 ` David Weller
1994-10-03 15:55 ` Netspeak: What is "trolling"? Norman H. Cohen
1994-10-03 17:04 ` Kenneth Aubey 913-4481
1994-10-03 21:06 ` Is Ada the future? [was: Is C++ the future?] John DiCamillo
1994-10-04 0:29 ` David Weller
1994-10-04 17:42 ` John DiCamillo
1994-10-05 8:18 ` Magnus Kempe
1994-10-05 13:49 ` Tucker Taft
[not found] ` <36q7m5$4ef@starbase.neosoft.com>
1994-10-04 17:55 ` Robin Rowe
1994-10-04 22:42 ` Tucker Taft
1994-10-03 9:22 ` Andrew Lees
1994-10-03 21:31 ` John DiCamillo
1994-10-04 23:29 ` John DiCamillo
1994-10-05 3:52 ` Robin Rowe
1994-10-05 13:15 ` Robert Dewar
1994-10-05 13:54 ` David Weller
[not found] ` <36uhnl$4c1@gnat.cs.nyu.edu>
[not found] ` <37dp17$gp6@goanna.cs.rmit.oz.au>
1994-10-11 13:37 ` Robert Dewar
1994-10-19 11:24 ` Stephen J Bevan
1994-10-19 15:51 ` Robert Dewar
1994-10-25 12:21 ` Stephen J Bevan
1994-10-05 17:08 ` Ted Dennison
[not found] ` <36msgr$qq2@starbase.neosoft.com>
1994-10-04 7:21 ` Ada compared to C++ Robin Rowe
1994-10-05 6:44 ` Bob Kitzberger
1994-10-05 12:02 ` Robert Dewar
1994-10-05 18:20 ` Bob Kitzberger
1994-10-05 8:44 ` Magnus Kempe
1994-10-05 19:55 ` David Weller
[not found] ` <1994Oct6.133002.1@rapnet.sanders.lockheed.com>
1994-10-16 3:30 ` Mark S. Hathaway
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox