Version 1.1 of acs/ac-00105.txt

Unformatted version of acs/ac-00105.txt version 1.1
Other versions for file acs/ac-00105.txt

!standard A(3)          05-01-20 AC95-00105/01
!class confirmation 05-01-20
!status received no action 05-01-20
!status received 04-11-16
!subject Appendix A para 3 - re-entrancy of language defined subprograms
!summary
!appendix

From: Nick Roberts
Sent: Tuesday, November 16, 2004  9:49 AM

Regarding A(3), I think the wording should be amended to require all
language defined functions to be re-entrant regardless of parameters.

A(3), which currently states:

BEGIN

The implementation shall ensure that each language defined subprogram is re-
entrant in the sense that concurrent calls on the same subprogram perform as
specified, so long as all parameters that could be passed by reference
denote nonoverlapping objects.

END

I suggest that this is changed to:

BEGIN

Two subprogram call executions are concurrent if (they are executed by
different tasks and) the time when the execution of one begins is between
the times when the other begins and finishes.

Two subprogram call executions are mutually disjoint if there is no
parameter of one which overlaps with any parameter of the other. Two actual
parameters overlap if they provide an access path to the same object (see
6.2).

The implementation shall ensure that each language defined subprogram is
re-entrant in the sense that any two concurrent call executions of the same
subprogram perform as specified, so long as the subprogram is a function or
(it is a procedure and) the call executions are mutually disjoint.

There is one exception to this rule. For the package
Ada.Numerics.Float_Random and instantiations of the package
Ada.Numerics.Discrete_Random, any two concurrent call executions of the
function Random which are not mutually disjoint may not be re-entrant.

END

I believe this change would not harm existing software, because it appears
to me that all existing standard functions (apart from the noted Random
functions) are likely to have a pure implementation -- and I believe any new
functions should be like this too -- and it would make it easy to wrap
standard ADTs inside a protected object and expose its standard functions as
protected functions (which must support concurrent reading).

I have actually trawled through the whole of Appendix A to check this. It
seems conceivable that some functions could have an impure implementation
-- for example, some of the wide string functions might construct a (large)
lookup table upon first call -- but I'm doubtful that there are actually any
such implementations, and they could be readily replaced by pure
equivalents.

I have also taken the liberty of defining what concurrent execution of
subprograms means, and I have improved upon the phrase "so long as all
parameters that could be passed by reference denote nonoverlapping objects",
since this could be misinterpreted to mean that, for example, a call of
P(A,A) concurrent with a call of P(B,B) may not be not re-entrant (whilst
calling P(A,B) concurrently with P(C,D) must be). I've also carefully
distinguished between a 'subprogram call' and a 'subprogram call execution'
(an execution of a subprogram call, as in 6.4).

****************************************************************

From: Nick Roberts
Sent: Sunday, November 21, 2004  9:57 AM

On reviewing my suggested wording, I think the wording needs to be widened
in meaning to ensure non-interference between parallel executions of any
two language defined functions, and between any LD procedure with another
LD procedure or function so long as one doesn't share a parameter with the
other.

Also, since I've defined overlapping in terms of access paths, I've added
a paragraph which allows the user to assume that X, Y: T for any language
defined type T guarantees that X and Y do not overlap (with an exception
for file objects).

Plus, I've excluded two read-only paths from the definition of
overlapping, since two concurrent executions both a with read-only path
to an object cannot interfere with one another thereby.

BEGIN

Two subprogram call executions are concurrent if (they are executed by
different tasks and) the time when the execution of one begins is between
the times when the other begins and finishes.

Two subprogram call executions are mutually disjoint if there is no
parameter of one which overlaps with any parameter of the other. Two actual
parameters overlap if they provide an access path to the same object (see
6.2), where either path permits updating of the object (or both do).

The implementation shall ensure that no two different objects of a language
defined type overlap, except for file objects which refer to the same
external file.

The implementation shall ensure that all language defined subprograms are
re-entrant in the sense that any two concurrent call executions of any two
(or the same one) language defined subprogram(s) perform as specified, so
long as either:

* both subprograms are functions;

or

* (at least one subprogram is a procedure and) the call executions are
  mutually disjoint.

There is one exception to this rule, for functions named Random of either
the package Ada.Numerics.Float_Random or of any instantiation of the
generic package Ada.Numerics.Discrete_Random. Any two concurrent call
executions which are not mutually disjoint of two subprograms one of
which is (or both of which are) such a function are not necessarily re-
entrant in the above sense.

END

Sorry.

I'm conscious of the fact that I've expanded one innocent paragraph
(A(3)) to five. Perhaps you could use a smaller font? :-/

****************************************************************


Questions? Ask the ACAA Technical Agent