[cap-talk] "Composite", was "Same" key

David Hopwood david.nospam.hopwood at blueyonder.co.uk
Thu Feb 15 19:49:38 CST 2007 

Norman Hardy wrote:
> On Feb 15, 2007, at 8:11 AM, David Hopwood wrote:
>> Charles Landau wrote:
>>
>>> I couldn't find a formal definition of "composite" in MarkM's thesis,
>>> so perhaps he can clarify. But it seems to defy common English to say a
>>> single atomic object is also a "composite".
>>
>> In section 6.2:
>>
>> # For compactness of description, we often aggregate a set of  objects
>> # into a composite.
>>
>> So a composite is a set of objects, which may be a singleton set. 
>> Nothing else in section 6.2 contradicts a single object being a special
>> case of a composite. More to the point, it is useful to view it as such,
>> because clients of a composite cannot necessarily tell whether it is made
>> up of more than one object.
> 
> Thanks for quoting chapter and verse.
> I also agree with your point.
> I think that the purpose of such 'composites' can generally be explained
> only in a context where it is known that there is just one underlying
> entangled state of that composite.
> But known to whom?
> If I get a powerful key to an object and from that key generate several
> facets, then I know the relationship between these keys.
> (It makes no difference here whether the facet technology is primitive.)
> I typically disseminate these facets to others who I trust to some 
> limited extent.
> Now those others will each hold just one of the facets typically.
> The correctness of my code demands reasoning about the distribution of
> facets and the relations between them.
> The correctness of the code of the others does not.
> My code knows and that is enough.
> The reasoning about the correctness of the other programs does not 
> require knowledge of the relations between the facets.
> 
> Conjecture, Those who need to know relations between keys, are in a 
> position to know.

It is plausible that this is true in programs that follow POLA, since such
programs would try to limit how much code has access to each facet.

> If I hold two keys to mutable objects, it is often (generally?) 
> necessary for me to learn whether their state is entangled.
> A formalism is needed here. Perhaps it is available.
> It is a common source of bugs.

Anecdotally, there does seem to a class of bugs involving aliasing that
are avoided by writing in a purely functional language or by minimizing
the use of mutable state, but I'm not aware of any published studies on
the frequency of such bugs.

However, this is a separate question to whether we need an agreed terminology
for describing abstractions made up of multiple objects that share state.
We clearly do need this.

-- 
David Hopwood <david.nospam.hopwood at blueyonder.co.uk>

More information about the cap-talk mailing list