[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Why would anyone want opacity?
> | Date: Wed, 8 May 1996 13:55:45 -0400
> | From: Mitchell Wand <wand@ccs.neu.edu>
> | Cc: will@ccs.neu.edu, rrrs-authors@martigny.ai.mit.edu
>
> | The solution that was arrived at in the 70's was the concept of
> | information hiding and abstract data types. The point of this was
> | that it is insufficient to merely decree, as Jeff suggests that
>
> | ...
>
> | The arguments in favor of strong abstraction resemble in many ways
> | the arguments in favor of strong static typing, and the objections
> | to strong abstraction resemble those against static typic. This
> | is not a coincidence: static typing is one way of building certain
> | kinds of abstraction boundary.
> |
> | For a good short discussion of information hiding, see
> |
> | Steve McConnell, "Missing in Action: Information Hiding", IEEE Software,
> | March 1996, p 128.
>
> As Jeff has arguled, your example does not argue for opacity. It
> argues for disjointness of new types.
>
> Disjointness eliminates the accidental use of the concrete representation.
>
> Your position (not justified by your examples) implies that such
> access should be disallowed (rather than strongly discouraged and
> unlikely to happen accidentally). However, as we've been discussing
> for a while, this also disallows the existence and creation of generic
> a-posteriori tools.
in the "..." part, he said:
| 1. It would be desirable for the language to detect violations of an
| abstraction boundary. This may happen prior to execution, as in CLU, the ML
| module system, etc., or at run-time in a dynamically typed language.
|
| Note that I am _not_ presupposing what should happen when such a violation is
| detected. The system might refuse to continue, issue a warning, raise an
| exception, check some kind of privileges or passkeys before proceeding, etc.
| But a manager (instructor, ADT implementor, etc) should be given some tools to
| protect his or her abstractions.
how did this become a position that implies "such access should be
disallowed (rather than strongly discouraged and unlikely to happen
accidentally)" all of a sudden?
is it impossible to build a language which can switch between
detecting abstraction violations, warns and allows them [for the
purpose of constructing these important "generic" tools] and detecting
such violation and disallows them? i think that is what mitch was
saying. have i read him too generously? :-|
oz