!standard 12.03 (11) 06-03-15 AI05-0005-1/00 !class confirmation 06-03-15 !status received 06-03-15 !priority Low !difficulty Easy !qualifier Omission !subject Editorial comments on AARM 2005 !summary This AI serves as a holder for editorial comments on AARM-only annotations. This AI serves the same purpose as AI95-00114 for Ada 2005. Because the AARM has no official status as far as ISO is concerned, these will be considered low priority. If a change cross-references this AI, find it in the Appendix below. !question !response !appendix From: Stephen Leake Sent: Tuesday, April 18, 2006 7:04 PM I'm reading the Ada 2005 LRM "cover-to-cover" (to be sure I know about all the new stuff), and noticed that paragraphs 3.1 7, 8 are identical. I suspect 8 should be deleted. **************************************************************** From: Tucker Taft Sent: Wednesday, April 19, 2006 12:57 PM Good point! **************************************************************** From: Randy Brukardt Sent: Wednesday, April 19, 2006 1:09 PM Note that all of the paragraph numbers of that clause (after number 7) are wrong (because of the extra junk paragraph). This bug is only in (draft 16 of the) RM/AARM, and not in the Amendment proper. **************************************************************** From: Randy Brukardt Sent: Wednesday, December 20, 2006 8:35 PM 10.1.4(5.e/2) says that the "second" rule applies, but there is only one (very long) sentence in 10.1.4(5). 10.1.4(5.e/2) should say that the "consistency" rule applies so that there is no ambiguity. **************************************************************** From: Pascal Leroy Sent: Wednesday, January 3, 2007 1:39 PM I am looking at the example in 3.10.1(2.a-2.d), and specifically at the first comment in 3.10.1(2.d). I surely hope that this comment is incorrect, otherwise adding "with P" in front of the body of P would change the semantics. Surely we did not design a language where withing yourself has any observable effect... I actually think that this comment is just inconsistent with the rules: even if you are in the scope of a nonlimited_with_clause for P, 3.10.1(2.4/2) doesn't apply because the completion of T is not declared in a visible part. I am not exactly sure how the example should be modified. Perhaps it should say "note that the second rule ensures that a nonlimited_with_clause for P doesn't make Ptr.all'Size legal before the completion of T". **************************************************************** From: Randy Brukardt Sent: Wednesday, January 3, 2007 12:20 PM > I actually think that this comment is just inconsistent with the rules: > even if you are in the scope of a nonlimited_with_clause for P, > 3.10.1(2.4/2) doesn't apply because the completion of T is not declared in > a visible part. Yes, that's obviously true. > I am not exactly sure how the example should be modified. Perhaps it > should say "note that the second rule ensures that a > nonlimited_with_clause for P doesn't make Ptr.all'Size legal before the > completion of T". I think the entire part after the comma should be dropped. I don't think anything useful can be said for this example. The sentence is nonsense in any case, because we know that "with P.C" is the same as "with P, P.C;". This is just the example of why we need the "in whose visible part", and it hardly makes sense to mention the other case (it would be a very different example). [Editor's note: This text meant that the location of the comment was within the scope of a nonlimited_with_clause for P.] **************************************************************** From: Pascal Leroy Sent: Thursday, January 4, 2007 9:44 AM Another one to put in this AI: 4.1(7/2) has apparently been changed by the Amendment (otherwise it wouldn't say /2, right?) but it has no cross-reference to an AI. **************************************************************** From: Randy Brukardt Sent: Thursday, January 4, 2007 12:27 PM This is one of the changes from AI05-0004; the tools didn't support such cross-references when those were put in. That needs to be done, and the version really ought to be /3 on those (see AI95-0004 for a complete list). **************************************************************** From: Randy Brukardt Sent: Friday, January 12, 2007 6:53 PM The reason behind the first half of 10.2.1(15.3/2) is very obscure, the AARM Reason note should explain: Such an allocator would provide a backdoor way to get a global variable into a pure unit, so it is prohibited. Most such allocators are illegal anyway, as their type is required to have Storage_Size = 0. But access parameters and access discriminants don't necessarily disallow allocators. However, a call is also illegal here (by the preelaboration rules), so access parameters cannot cause trouble. So this rule is really about prohibiting allocators in discriminant constraints: type Rec (Acc : access Integer) is record C : Character; end record; Not_Const : constant Rec (Acc => new Integer'(2)); -- Illegal. The second half of the rule is needed because aggregates can specify the default initialization of a private type or extension using <> or the ancestor subtype of an extension aggregate. The subtype of a component could use an allocator to initialize an access discriminant; the type still could have a pragma Preelaborable_Initialization given. Ada 95 did not allow such private types to have preelaborable initialization, so such a default initialization could not have occurred. Thus this rule is not incompatible with Ada 95. **************************************************************** From: Randy Brukardt Sent: Tuesday, January 16, 2007 5:53 PM The rules 4.3(3/2), 4.3.1(8/2), 4.3.2(4/2), and 4.3.3(7/2) can be confusing. These are the rules that determine how an aggregate is resolved. Tucker says (privately) that these rules are "additive"; 4.3(3/2) says don't look inside an aggregate until you have a single array, record, or record extension type. 4.3.1(8/2) says that you don't start considering the "record aggregate" possibility until you have a single record or record extension type. And so on. There should be AARM notes that explain this on 4.3(3/2) and 4.3.2(4/2). (There are already notes on 4.3.1(8/2) and 4.3.3(7/2). After 4.3(3/2), we should have something like: AARM Ramification: There are additional rules for each kind of aggregate. These aggregate rules are additive; a legal expression needs to satisfy all of the applicable rules. That means the rule given here must be satisfied even when it is syntactally possible to tell which specific kind of aggregate is being used. After 4.3.2(4/2), we should have something like: AARM Ramification: This rule is additive with the rule given in 4.3. That means that rule must be satisfied even though it is alway syntactally possible to tell that something is an extension aggregate. Specifically, that means that an extension aggregate is ambiguous if the context is overloaded on array and/or record types, even though those are never legal contexts for an extension aggregate. Thus, this rule acts more like a legality rule than a name resolution rule. **************************************************************** From: Robert A. Duff Sent: Friday, January 19, 2007 3:43 PM I just got my "author's copies" of the Ada RM published by Springer. Thank you, Randy. And my name, and several others, appear prominently on the cover. Cool. However, I have a concern: The name "Jean Ichbiah" appears nowhere, as far as I can tell, in the RM nor AARM. This seems like an outrageous lack of proper attribution. Is there some way to correct it, at this late date? What about the members of JDI's team? The "Acknowledgments" sections of this document commemerate many people -- but the pre-95 folks are left out. **************************************************************** From: Tucker Taft Sent: Friday, January 19, 2007 4:55 PM I don't remember what process was used to produce the "front material" of the Ada 95 standard. But if you look at it in comparison to the Ada 83 "green book," the Ada 83 "foreword" which was effectively the acknowledgments was not officially part of the standard (or at least that is what it says at the bottom of the page). In the Ada 95 standard, the "foreword" is some boilerplate provided by ISO, and makes no acknowledgments to authors. There is an "acknowledgments" page in the Ada 95 standard, but since there was no direct equivalent in the Ada 83 standard, I suspect it was developed from scratch, and I think we presumed it was obvious that this was an acknowledgment about the revision process, not about the original standard. It does seem a bit unfortunate that there is no acknowledgment to the original Ada language team, but I certainly don't feel anyone should blame Randy for the current situation. If anyone goofed, it was the Ada 9X team. **************************************************************** From: Pascal Leroy Sent: Saturday, January 20, 2007 3:41 AM > What about the members of JDI's team? The "Acknowledgments" > sections of this document commemerate many people -- but the > pre-95 folks are left out. I definitely agree. I actually find it quite outrageous that the original team is not mentioned (I am not blaming anyone, I'm sure it was not on purpose, but it's certainly unfair). What do we do about this? We are certainly not going to reprint the paper copies. I would also object to modifying the PDF and HTML files, since it is essential that they remain as close as possible to the printed version. We took extra steps (e.g., publishing SHA-1 signatures) to ensure that people would not be confused about which version is the "right" one. We don't want to start changing those files at the drop of a hat. My view is that if you make a mistake, the best you can do is to own up to it. My suggestion would be add on the official page for the Ada 05 RM (www.adaic.org/standards/ada05.html) a blurb like: "The development of Ada 95 and Ada 2005 would of course have been impossible without the strong foundation provided by Ada 83. As part of the numerous rounds of edits on the Reference Manual, the acknowledgments regarding the design team for the original language were unfortunately lost. We apologize for this error. The acknowledgment section for the Ada 83 language can be found ." Where the last word would hyperlink to a page containing the text of the acknowledgment section of RM 83. [Editor's note: A short acknowledgement based on the Ada 83 Foreword should be added in front of the Ada 95 acknowledgement. This is recorded here as this is text which does not appear in the actual Standard, so it shouldn't be mentioned in a real AI.] **************************************************************** From: Randy Brukardt Sent: Monday, January 22, 2007 8:53 PM The mail on AI05-0037 says (on the topic of whether <> needs to be added to any existing aggregate wording): 4.3.3(23) worried me a bit, but I concluded it is already OK. <> means the component "initialized by default". If there are multiple associated components, each one will be initialized by default (and if that means that each component ends up with a different value, so be it). It doesn't say that one component is initialized by default, and then others are copied from it. 4.3.1(20) also appears worrisome. But here it doesn't make sense to talk about "for each associated component" in the case of <>, because we're considering the value of <> for each individual associated component. (see 4.3.1(19.1/2)). And each component has its own default expression or its own default initialization. After all, even the types of the components can be different for a single association. It might make sense to add an AARM note to make that point clear (for both 4.3.1(20) and 4.3.3(23)), but I don't think any wording changes are needed. **************************************************************** From: Randy Brukardt Sent: Friday, February 16, 2007 10:53 PM AC-0140 says that improved AARM notes are needed in 3.10.2(3), 3.10.2(29), and 13.10(3). Here are those notes: 3.10.2(3): Discussion: The Unchecked_Access attribute acts as if the object was declared at library-level; this applies even when it is used as the value of anonymous access type. See 13.10. 3.10.2(12.1): Ramification: If the value for this rule and the next one is derived from an Unchecked_Access attribute, the accessibility is library-level no matter what the accessibility level of the object is (see 13.10). 3.10.2(13): Ramification: If the value of the actual is derived from an Unchecked_Access attribute, the accessibility is always library-level (see 13.10). 13.10(3): Ramification: We say "rules and semantics" here so that library-level accessibility applies to the value created by X'Unchecked_Access as well as to the checks needed for the attribute itself. This means that any anonymous access values that inherit the accessibility of this attribute (such as access parameters) also act as if they have library-level accessibility. We don't want the "real" accessibility of the created value re-emerging at a later point - that would create hard-to-understand bugs. **************************************************************** From: Randy Brukardt Sent: Friday, March 23, 2007 7:55 PM 3.9.1(4.c/2) should talk about subprograms that require overriding, not abstract subprograms. (While the example only talks about abstract types, the problem can happen with all types being concrete; consider deriving directly from type TT in the generic body.) **************************************************************** From: Randy Brukardt Sent: Wednesday, March 28, 2007 8:52 PM 10.1.2(11.j/2) is no longer needed as a To be honest rule, as the normative wording now says this (see AI95-00220). It isn't very worthwhile as a note, so it should be deleted. **************************************************************** From: Randy Brukardt Sent: Tuesday, April 10, 2007 9:12 PM AC-141 talks about a confusion in reading the wording of 8.3.1(5/2). It's thought that alternative readings don't make much sense, but adding an AARM note would be helpful: To Be Honest: This doesn't require that the overriding happen at precisely the place of the declaration or body; it only requires that the region in which the overriding is known to have happened includes this place. That is, the overriding can happen at or before the place of the declaration or body. **************************************************************** From: Adam Beneschan Sent: Friday, June 8, 2007 7:25 PM !topic Minor error in AARM 6.5 !reference AARM 6.5(5.f/2) !from Adam Beneschan 07-06-08 !discussion AARM 6.5(5.f) says about an extended_return_statement: "If the return statement is left without resulting in a return (for example, due to an exception propagated from the _expression_ or the _handled_sequence_of_statements_, or a goto out of the _handled_sequence_of_statements_), the return object is finalized prior to leaving the return statement. Is "expression" correct in this note? It would seem to me that if an exception is propagated from the evaluation of the expression, the return object is not initialized (according to the order that things are performed in 6.5(5.8)) and therefore does not need to be finalized (see 7.6.1(4)). **************************************************************** From: Gary Dismukes Sent: Friday, June 8, 2007 7:37 PM Looks like you're right about that. The return object can hardly be finalized if it hasn't even been created! (Fortunately that's only in the AARM.:) **************************************************************** !topic Bogus AARM information !reference AARM 7.6(21.b/2), AARM 7.6.1(24.c/2) !from Adam Beneschan 07-06-20 !discussion There are a couple places in the AARM that I believe provide incorrect information when dealing with a "built-in-place" function call. I saw these when I was trying to figure out what would happen with an extended return, and the information threw me off; it took some time before I figured out that the AARM was probably incorrect. Consider: with Ada.Finalization; package Pak1 is type String_Acc is access String; type Typ1 is new Ada.Finalization.Controlled with record F1 : Integer; F2 : Integer; F3 : String_Acc; end record; -- procedure Initialize (Obj : in out Typ1); procedure Adjust (Obj : in out Typ1); -- procedure Finalize (Obj : in out Typ1); function Func1 (Val : Integer) return Typ1; end Pak1; with Text_IO; package body Pak1 is procedure Adjust (Obj : in out Typ1) is begin if Obj.F3 /= null then Obj.F3 := new String' (Obj.F3.all); end if; end Adjust; function Func1 (Val : Integer) return Typ1 is begin return Ret : Typ1 do Ret.F1 := Val * 2; Ret.F2 := Val * 3; Ret.F3 := new String' (1 .. Val => '?'); end return; end Func1; end Pak1; with Pak1; procedure Test1 is Z : Pak1.Typ1 := Pak1.Func1 (1000); begin Pak2.Do_Something_With (Z); end Test1; When Z is initialized, 7.6(21) gives the implementation permission to have Func1 build its result directly in Z, without requiring an anonymous object; but this isn't a requirement. If the call to Func1 creates an anonymous object, then Adjust will be called on Z after this anonymous object is copied to Z, and then Finalize will be called on the anonymous object (presumably there would be a real Finalize that deallocates F3). If the implementation takes advantage of the permission, then it would seem the extended return statement would essentially be setting up Z.F1, Z.F2, and Z.F3. No Adjust would be necessary on Z, and an Adjust would not be desirable since it would result in two copies of the same string, one of which would not be part of any object of type Typ1 and thus would never be deallocated by Finalize. So it would seem that Adjust is not called at all by the declaration of Z. Am I right, that this is how things are "supposed" to work? In fact, this seems to be confirmed by AARM 7.6(2.b/2): "When an object is created, if it is explicitly assigned an initial value, the object is either built-in-place from an aggregate or function call (in which case neither Adjust nor Initialize is applied), or the assignment copies and adjusts the initial value." But 7.6(21.b/2) seems to directly contradict this. After mentioning the aggregate case in 21.a, 21.b says, "Similarly, in the function call case, the anonymous object can be eliminated. Note, however, that Adjust must be called directly on the target object as the last step of the assignment, since some of the subcomponents may be self-referential or otherwise position-dependent. This Adjust can be eliminated only by using one of the following permissions." (The "following permissions" refer to cases where a variable isn't actually used except by dead code, so they wouldn't apply in the above example.) This seems wrong. If I'm correct, then 7.6.1(24.c/2) is wrong also: "Either Initialize or Adjust, but not both, is applied to (almost) every controlled object when it is created: Initialize is done when no initial value is assigned to the object, whereas Adjust is done as part of assigning the initial value. The one exception is the anonymous object initialized created by an aggregate (both the anonymous object created for an aggregate, or an object initialized by an aggregate that is built-in-place); Initialize is not applied to the aggregate as a whole, nor is the value of the aggregate or object adjusted." since there are now two exceptions instead of one. I realize that this is probably low priority since it's "just" the AARM. But I do refer to the AARM, and I think it's important that the AARM not give bad information. **************************************************************** From: Randy Brukardt Sent: Wednesday, June 20, 2007 2:53 PM > There are a couple places in the AARM that I believe provide incorrect > information when dealing with a "built-in-place" function call. I saw > these when I was trying to figure out what would happen with an > extended return, and the information threw me off; it took some time > before I figured out that the AARM was probably incorrect. I don't think the AARM is incorrect, although it might not be clear as it could be. (That's true for the normative wording as well.) >Consider: > > with Ada.Finalization; > package Pak1 is > type String_Acc is access String; > type Typ1 is new Ada.Finalization.Controlled with record > F1 : Integer; > F2 : Integer; > F3 : String_Acc; > end record; >-- procedure Initialize (Obj : in out Typ1); > procedure Adjust (Obj : in out Typ1); >-- procedure Finalize (Obj : in out Typ1); > function Func1 (Val : Integer) return Typ1; > end Pak1; > > with Text_IO; > package body Pak1 is > > procedure Adjust (Obj : in out Typ1) is > begin > if Obj.F3 /= null then > Obj.F3 := new String' (Obj.F3.all); > end if; > end Adjust; > > function Func1 (Val : Integer) return Typ1 is > begin > return Ret : Typ1 do > Ret.F1 := Val * 2; > Ret.F2 := Val * 3; > Ret.F3 := new String' (1 .. Val => '?'); > end return; > end Func1; > > end Pak1; > > with Pak1; > procedure Test1 is > Z : Pak1.Typ1 := Pak1.Func1 (1000); > begin > Pak2.Do_Something_With (Z); > end Test1; > When Z is initialized, 7.6(21) gives the implementation permission to > have Func1 build its result directly in Z, without requiring an > anonymous object; but this isn't a requirement. If the call to Func1 > creates an anonymous object, then Adjust will be called on Z after > this anonymous object is copied to Z, and then Finalize will be called > on the anonymous object (presumably there would be a real Finalize > that deallocates F3). If the implementation takes advantage of the > permission, then it would seem the extended return statement would > essentially be setting up Z.F1, Z.F2, and Z.F3. No Adjust would be > necessary on Z, and an Adjust would not be desirable since it would > result in two copies of the same string, one of which would not be > part of any object of type Typ1 and thus would never be deallocated by > Finalize. So it would seem that Adjust is not called at all by the > declaration of Z. Am I right, that this is how things are "supposed" > to work? But you forgot to include a call to Initialize in your description. I see that you have Initialize commented out, but a null Initialize is still called. It's a mistake to ignore those null calls just because they have no effect, it is hard enough to figure out what is supposed to happen without leaving out part of the equation. The declaration of Ret : Typ1 in your example calls Initialize. (If that had been initialized with an aggregate, there would have been no call to Initialize, different story.) 6.5(5.8/2) says that the object is initialized by default, and that wording is a defined term which includes all of the stuff, including calling Initialize. The only thing that is a real rule is that only "pairs" of finalization operations are removed, so if a Finalize is removed, an Adjust is removed somewhere, too. (We didn't write it that way because there may be more than two operations in a "pair" if control flow intercedes, but at run time it is always a pair.) I do agree that Adjust isn't called by the declaration of Z, because Initialize is instead (and you never call them both on the same object for the same operation). > In fact, this seems to be confirmed by AARM 7.6(2.b/2): "When an > object is created, if it is explicitly assigned an initial value, the > object is either built-in-place from an aggregate or function call (in > which case neither Adjust nor Initialize is applied), or the > assignment copies and adjusts the initial value." > > But 7.6(21.b/2) seems to directly contradict this. After mentioning > the aggregate case in 21.a, 21.b says, "Similarly, in the function > call case, the anonymous object can be eliminated. Note, however, that > Adjust must be called directly on the target object as the last step > of the assignment, since some of the subcomponents may be > self-referential or otherwise position-dependent. This Adjust can be > eliminated only by using one of the following permissions." 7.6(21.b/2) is just a continuation of the Ada 95 note 7.6(21.a), and it says *exactly* the same thing (with more words). Clearly, if either are wrong, both are. In any case, it is clear that these are talking about assignments into existing objects (including those that were previously Initialized), and not build-in-place into new objects. (The later has completely different [null] semantics and can never be combined with any discussion of "real" assignment.) That's true in virtually every note in the AARM that talks about dynamic semantics of assignment; you don't "assign" into a new object, only into existing ones. Now, maybe there is some wording that could be added that would help clarify this, but it would have to be added in literally dozens of places, and in such a way that it would not make the information harder to understand (the point of AARM notes is to clarify, after all). > (The "following permissions" refer to cases where a variable isn't > actually used except by dead code, so they wouldn't apply in the above > example.) > > This seems wrong. > > If I'm correct, then 7.6.1(24.c/2) is wrong also: > > "Either Initialize or Adjust, but not both, is applied to (almost) > every controlled object when it is created: Initialize is done when no > initial value is assigned to the object, whereas Adjust is done as > part of assigning the initial value. The one exception is the > anonymous object initialized created by an aggregate (both the > anonymous object created for an aggregate, or an object initialized by > an aggregate that is built-in-place); Initialize is not applied to the > aggregate as a whole, nor is the value of the aggregate or object > adjusted." > > since there are now two exceptions instead of one. No, this is correct as written. There may be intermediate function calls, but they're irrelevant. Ultimately, you either get initialized directly by an aggregate, or Initialize is called. In your example, Initialize is called. So I don't see any other exceptions. > I realize that this is probably low priority since it's "just" the > AARM. But I do refer to the AARM, and I think it's important that the > AARM not give bad information. It's low priority because not much (if anything) is wrong. It looks like you're just confused about where Initialize is called. The only reason I see for making a change is that you were confused, and that always suggests that things aren't as clear as they should be somewhere. **************************************************************** From: Tucker Taft Sent: Wednesday, June 20, 2007 2:52 PM I believe what is misleading about 7.6(21.b/2) is that it only applies to assignment_statement, while it uses the term "assignment." The wording it replaced properly used the term "assignment_statement," and I think that term should continue to be used in the revised wording. I don't see what is wrong with 7.6.1(24.c/2), since I believe the only case where Adjust is not called is when, at least "deep down," there is an aggregate. It might be returned through several function calls that use build-in-place for return, but underneath it all there needs to be an aggregate. It could probably be a bit clearer, I suppose, about the possibility of intervening function returns. **************************************************************** From: Adam Beneschan Sent: Wednesday, June 20, 2007 4:18 PM > > When Z is initialized, 7.6(21) gives the implementation permission to > > have Func1 build its result directly in Z, without requiring an > > anonymous object; but this isn't a requirement. If the call to Func1 > > creates an anonymous object, then Adjust will be called on Z after > > this anonymous object is copied to Z, and then Finalize will be called > > on the anonymous object (presumably there would be a real Finalize > > that deallocates F3). If the implementation takes advantage of the > > permission, then it would seem the extended return statement would > > essentially be setting up Z.F1, Z.F2, and Z.F3. No Adjust would be > > necessary on Z, and an Adjust would not be desirable since it would > > result in two copies of the same string, one of which would not be > > part of any object of type Typ1 and thus would never be deallocated by > > Finalize. So it would seem that Adjust is not called at all by the > > declaration of Z. Am I right, that this is how things are "supposed" > > to work? > > But you forgot to include a call to Initialize in your > description.... Right, I could have been more precise about that. I really didn't see that it made a difference, though, since the AARM paragraph I was questioning made no reference to Initializing. OK, now I see how this affects the *second* one I was complaining about (7.6(24.c/2)). > 7.6(21.b/2) is just a continuation of the Ada 95 note 7.6(21.a), and it says > *exactly* the same thing (with more words). Clearly, if either are wrong, > both are. Interesting---I didn't see it that way at all when I read it. The way the paragraph breaks are organized, it made it look like the part of 7.6(21.b/2) after the first sentence applied only to this paragraph, not to the previous one. > In any case, it is clear that these are talking about assignments into > existing objects (including those that were previously Initialized), and not > build-in-place into new objects. Why is this clear? The notes 7.6(21.a-21.b) follow, and seem to apply to, 7.6(21), which talks *both* about build-in-place for new objects *and* assignment statements; I don't see anything in the text that would indicate that 21.a-21.b apply to the assignment-statement part of 21 but not to the build-in-place-for-new-objects part. I think Tuck already addressed this... the previous version of 21.b referred to an "assignment_statement", which would have made things clearer in the rest of the paragraph, but that reference got deleted. > (The later has completely different [null] > semantics and can never be combined with any discussion of "real" > assignment.) That's true in virtually every note in the AARM that talks > about dynamic semantics of assignment; you don't "assign" into a new object, > only into existing ones. Well, I was going to respond that 3.3.1(19) used the term "assigned" to put an initial value into a new object. But now I notice that this language got moved up to the preceding paragraph which only applies to objects with no initialization expression. So I guess that change made your statement correct. :) There's still 7.6(13): "When a target object with any controlled parts is assigned a value, either when created or in a subsequent assignment_statement, the assignment operation proceeds as follows:" which does make it seem that you *do* assign into a new object. But I guess you could say this is only the case if the Implementation Permission (or Implementation Requirement, for limited types) not to create a temporary anonymous object is followed, in which case 7.6(15) of course does not apply either. It appears to me that the whole build-in-place concept seems to make some statements in the Dynamic Semantics sections false, which suggests to me that it should have been defined and dealt with in Dynamic Semantics rather than in Implementation Requirements/Permissions, but it's probably too late to change that now. > > If I'm correct, then 7.6.1(24.c/2) is wrong also: > > > > "Either Initialize or Adjust, but not both, is applied to (almost) > > every controlled object when it is created: Initialize is done when no > > initial value is assigned to the object, whereas Adjust is done as > > part of assigning the initial value. The one exception is the > > anonymous object initialized created by an aggregate (both the > > anonymous object created for an aggregate, or an object initialized by > > an aggregate that is built-in-place); Initialize is not applied to the > > aggregate as a whole, nor is the value of the aggregate or object > > adjusted." > > > > since there are now two exceptions instead of one. > > No, this is correct as written. There may be intermediate function calls, > but they're irrelevant. Ultimately, you either get initialized directly by > an aggregate, or Initialize is called. In your example, Initialize is > called. So I don't see any other exceptions. Yeah, I'll concede this... I forgot about the Initialize on Ret. **************************************************************** From: Randy Brukardt Sent: Wednesday, June 20, 2007 5:48 PM > I believe what is misleading about 7.6(21.b/2) is > that it only applies to assignment_statement, while > it uses the term "assignment." The wording it replaced > properly used the term "assignment_statement," and > I think that term should continue to be used in the revised > wording. But that would be wrong, because it equally applies to initial assignments where an anonymous object was used (as Adam pointed out in his analysis). Also, whatever applies here also applies to 7.6(21.a), which talks about a "value adjustment". One way to fix this would be to rewrite both paragraphs to make clear that they do not apply to "build-in-place assignment to a newly created object", but it's not clear to me that that would help the understandability of it. Realistically, build-in-place is not really assignment at all (no bits are copied), and considering it that is really confusing. I suppose we don't have any hope of fixing that directly, but maybe we could at least do something to make sense for the notes. Maybe we need to define "genuine assignment" for use in the AARM to describe cases where bits are actually copied. (I'd prefer "real assignment" for that, but that could be confused.) **************************************************************** From: Randy Brukardt Sent: Wednesday, June 20, 2007 6:04 PM ... > > 7.6(21.b/2) is just a continuation of the Ada 95 note > 7.6(21.a), and it says > > *exactly* the same thing (with more words). Clearly, if either > are wrong, > > both are. > > Interesting---I didn't see it that way at all when I read it. The way > the paragraph breaks are organized, it made it look like the part of > 7.6(21.b/2) after the first sentence applied only to this paragraph, > not to the previous one. They were originally separate paragraphs, but there really is no interesting difference between then and they should not really be separate. You have to do an adjust anytime that you copy bits. > > In any case, it is clear that these are talking about assignments into > > existing objects (including those that were previously Initialized), and not > > build-in-place into new objects. > > Why is this clear? Because it's clear to me, and I wrote these notes. ;-) As I wrote in response to Tucker, build-in-place is a different animal altogether, and describing it as an assignment is very confusing to the casual reader. Or even the casual (or rushed) writer. > The notes 7.6(21.a-21.b) follow, and seem to apply > to, 7.6(21), which talks *both* about build-in-place for new objects > *and* assignment statements; I don't see anything in the text that > would indicate that 21.a-21.b apply to the assignment-statement part > of 21 but not to the build-in-place-for-new-objects part. I think > Tuck already addressed this... the previous version of 21.b referred > to an "assignment_statement", which would have made things clearer in > the rest of the paragraph, but that reference got deleted. I as I mentioned to Tuck, that would be wrong. OK, it would be right but it would make the note far more narrow than it should be. Both notes apply anytime bits are copied (but not build-in-place). I suppose trying to fix these notes rather than deleting them and starting over got me into trouble. It happens a lot in the AARM. In any case, the note had better be true whenever there is a copying of bits, because packages like Claw depend totally on that. Not just in assignment_statement, but anywhere that bits are copied. You don't need an Adjust for build-in-place, because no bits are being copied and presumably the object was properly created (most likely with an Initialize) in the first place. > > (The later has completely different [null] > > semantics and can never be combined with any discussion of "real" > > assignment.) That's true in virtually every note in the AARM that talks > > about dynamic semantics of assignment; you don't "assign" into a new object, > > only into existing ones. ... > There's still 7.6(13): > > "When a target object with any controlled parts is assigned a value, > either when created or in a subsequent assignment_statement, the > assignment operation proceeds as follows:" > > which does make it seem that you *do* assign into a new object. You misunderstood me. I said *in notes* of the AARM, I was *not* talking about the formal definition of the language. Yes, of course build-in-place is technically assignment. *Informal* uses generally *exclude* build-in-place because no bits are copied, no finalization operations happen, etc. -- it's generally not interesting. Would you (if you were not language lawyering) consider build-in-place to be an assignment? If so, I think you're pretty unusual. It's highly unfortunate that the useful term "assignment" has been corrupted by the language into something meaningless, but I guess that can't be helped. But I doubt that there are many AARM notes that I wrote or that the Ada 9x team wrote that consider (or except) the vastly different rules for build-in-place. So it would not surprise me if you found many more examples where notes don't take that into account. If you find them, I'll put them on the list to be fixed. But I still not sure of an appropriate fix that doesn't greatly confuse the issue. **************************************************************** From: Adam Beneschan Sent: Wednesday, June 20, 2007 6:17 PM > You misunderstood me. I said *in notes* of the AARM, I was *not* talking > about the formal definition of the language. Yes, of course build-in-place > is technically assignment. > *Informal* uses generally *exclude* build-in-place because no bits are > copied, no finalization operations happen, etc. -- it's generally not > interesting. Would you (if you were not language lawyering) consider > build-in-place to be an assignment? If so, I think you're pretty unusual. Well, you're probably right. But not *that* unusual. :) No, I wouldn't consider that to be assignment---but I do tend to look through language-lawyer eyes when trying to figure out what the standard requires, which is approximately the same problem I had when trying to figure out when an extended return is "completed". > It's highly unfortunate that the useful term "assignment" has been corrupted > by the language into something meaningless, but I guess that can't be > helped. But I doubt that there are many AARM notes that I wrote or that the > Ada 9x team wrote that consider (or except) the vastly different rules for > build-in-place. So it would not surprise me if you found many more examples > where notes don't take that into account. > > If you find them, I'll put them on the list to be fixed. But I still not > sure of an appropriate fix that doesn't greatly confuse the issue. Perhaps the best fix would be: "An implementation is permitted to omit the separate anonymous object for an aggregate or function call, and to omit Initialize, Adjust, and Finalize calls, when it can do so and still make things work right." Not very precise, but at least it wouldn't be confusing. :) **************************************************************** From: Randy Brukardt Sent: Wednesday, June 20, 2007 6:45 PM I take it you are suggesting that there be no notes at all? (Useless notes like this one add nothing to the language-defined permission, after all.) That surely would be one solution to the confusion. BTW, your suggested wording is very close to something someone else proposed a couple of months ago (for a different but related issue). I think it captures the essence nicely, but of course it is completely meaningless (what does "work right" mean?). **************************************************************** From: Tucker Taft Sent: Wednesday, June 20, 2007 11:45 PM >> I believe what is misleading about 7.6(21.b/2) is >> that it only applies to assignment_statement, while >> it uses the term "assignment." The wording it replaced >> properly used the term "assignment_statement," and >> I think that term should continue to be used in the revised >> wording. > > But that would be wrong, because it equally applies to initial assignments > where an anonymous object was used (as Adam pointed out in his analysis). > Also, whatever applies here also applies to 7.6(21.a), which talks about a > "value adjustment". I still don't agree. The last sentence of 7.6(21.b/2) is referring to an assignment statement based on my reading. 7.6(21/2) talks about two things. One is build-in-place when the RHS is an aggregate or function call. The other is about an assignment statement where the RHS is non-overlapping, or the assignment is done component-at-a-time (carefully). I believe the last sentence of 7.6(21.b/2) is referring to this last part of 7.6(21/2), which is specifically talking about assignment statements. The whole point of the last sentence of 7.6(21.b/2) is that you cannot eliminate the Adjust, even if you eliminate the anonymous intermediate object. On the other hand, it is no problem to eliminate the Adjust when doing build-in-place where the RHS is an aggregate, and in fact it would be wrong to do an Adjust for any build-in-place assignment from an aggregate. For what it is worth, I find the *first* sentence of 7.6(21.b/2) to be curious, as it seems to be repeating the content of the first sentence of 7.6(21/2), and I think may be an unintentional remnant, and should be deleted. Otherwise, someone needs to explain what "function call" it is referring to, if not to the one already mentioned in the first part of 7.6(21/2). > > One way to fix this would be to rewrite both paragraphs to make clear that > they do not apply to "build-in-place assignment to a newly created object", > but it's not clear to me that that would help the understandability of it. You seem to be implying that build-in-place on a preexisting object in an assignment statement requires an Adjust. I don't understand that. I think build-in-place eliminates the need for Adjust, both when creating a new object and when assigning to a preexisting object. If there is no separate object that is going to be finalized after the adjust, then we don't want to do the adjust. One challenge is that I don't believe it is really feasible to do build-in-place for an assignment *statement* when the RHS is a function call, since you clearly need to evaluate the RHS before finalizing the LHS, but you must finalize the LHS before changing it. So build-in-place for an assignment *statement* really only works if you can evaluate all of the subcomponents of the aggregate *without* storing them in the target object, then finalize the target object, and then (with aborts deferred) assign each of the subcomponents into the LHS. I believe you need to defer aborts since you don't want a Finalize to be applied to the LHS when is in the middle of being overwritten. But in any case, you don't want to call Adjust if you build-in-place. Adjust really only makes sense if you are copying the bits of a fully-formed object into another location. I believe that is what 7.6(17.1/2) is saying. Even though the requirement to build-in-place only exists for assignments which are *not* part of an assignment statement, I believe the *meaning* of build-in-place and the requirement to *omit* the Adjust is provided by 7.6(17.1/2), and then applies to the use of the term in 7.6(21/2). It would be weird if you would have to use slightly different aggregates depending on whether you were assigning to a newly created object versus a pre-existing object. In both cases you want the aggregates to represent fully adjusted values. For example, if an adjust increments a reference count for a pointed-to object, and finalize decrements the reference count, the aggregate would want to initialize the reference count of the pointed-to object to "1". E.g. (x, y, new indir_obj'(ref_count => 1, ...), z) would be the appropriate way to write an aggregate for such a type, no matter in what context it is used. I am coming around to thinking that the AARM notes following 7.6(21/2) are pretty badly broken. I would recommend we make them simpler and clearer, perhaps as follows: Replace 7.6(21.a & b) with: Ramification: Note that in the second case, where the anonymous object is eliminated but the new value is not created directly in the target object, Adjust must be called directly on the target object as the last step of the assignment, since some of the subcomponents may be self-referential or otherwise position- dependent. This Adjust can be eliminated only by using one of the following permissions. **************************************************************** From: Randy Brukardt Sent: Thursday, June 21, 2007 12:38 AM > I still don't agree. The last sentence of 7.6(21.b/2) > is referring to an assignment statement based on > my reading. 7.6(21/2) talks about two things. One > is build-in-place when the RHS is an aggregate or > function call. The other is about an assignment > statement where the RHS is non-overlapping, or > the assignment is done component-at-a-time (carefully). > I believe the last sentence of 7.6(21.b/2) is referring > to this last part of 7.6(21/2), which is specifically > talking about assignment statements. The whole point > of the last sentence of 7.6(21.b/2) is that you cannot > eliminate the Adjust, even if you eliminate the anonymous > intermediate object. On the other hand, it is no > problem to eliminate the Adjust when doing build-in-place > where the RHS is an aggregate, and in fact it would > be wrong to do an Adjust for any build-in-place > assignment from an aggregate. Why do you never, even comment on 7.6(21.a)? What possible value adjustment is there in a build-in-place initialization by an aggregate??? Anyway, I can't believe that you are telling me, the author of the sentence in question what it means. I *know* what it means; maybe what I intended isn't right, but I deleted the "assignment_statement" from 7.6(21.b/2) on purpose because this (I think) covers more than just assignment statements. It applies any time bits of the entire cbject are copied as part of an assignment operation, no matter what permissions are applied -- as long as there still is an overall bit copy of the whole object (not just individual components). Now I see you are trying to tie it solely to 7.6(21/2), but I often try to make generally useful statements: there is always an Adjust. ... > For what it is worth, I find the *first* sentence of 7.6(21.b/2) > to be curious, as it seems to be repeating the content of > the first sentence of 7.6(21/2), and I think may be an > unintentional remnant, and should be deleted. Otherwise, > someone needs to explain what "function call" it is > referring to, if not to the one already mentioned in > the first part of 7.6(21/2). I put it there to set the stage for the rest of it. If it just followed a paragraph about aggregates, the reader would reasonably think that we were only talking about aggregates in 7.6(21.b/2). Feel free to suggest something better. > > One way to fix this would be to rewrite both paragraphs to make clear that > > they do not apply to "build-in-place assignment to a newly created object", > > but it's not clear to me that that would help the understandability of it. > > You seem to be implying that build-in-place on a preexisting object > in an assignment statement requires an Adjust. I don't think that there can be any such thing, at least if there is a non-trivial Adjust. Otherwise, the model of 0 or 1 Initialize followed by (Finalize/Adjust) followed by Finalize no longer works (you have objects that are potentially Initialized multiple times). > I don't understand > that. I think build-in-place eliminates the need for Adjust, > both when creating a new object and when assigning to a > preexisting object. If there is no separate object that is going to > be finalized after the adjust, then we don't want to do the adjust. I don't see how you can "build-in-place" self-referencing pointers properly. (Especially now that we know return objects aren't aliased; you can't even write such a thing.) If you can prove that they don't exist, you can remove the Adjust, but only then. > One challenge is that I don't believe it is really feasible > to do build-in-place for an assignment *statement* when the RHS is > a function call, since you clearly need to evaluate the > RHS before finalizing the LHS, but you must finalize the LHS > before changing it. So build-in-place for an assignment *statement* > really only works if you can evaluate all of the subcomponents > of the aggregate *without* storing them in the target object, > then finalize the target object, and then (with aborts deferred) > assign each of the subcomponents into the LHS. I believe > you need to defer aborts since you don't want a Finalize > to be applied to the LHS when is in the middle of being > overwritten. Exactly; it's impractical, if not impossible (I think it is impossible). > But in any case, you don't want to call Adjust > if you build-in-place. Adjust really only makes sense if you > are copying the bits of a fully-formed object into another > location. I believe that is what 7.6(17.1/2) is saying. Even though > the requirement to build-in-place only exists for assignments > which are *not* part of an assignment statement, I believe the > *meaning* of build-in-place and the requirement to *omit* the > Adjust is provided by 7.6(17.1/2), and then applies to the > use of the term in 7.6(21/2). But 7.6(17.1/2 explicitly excludes assignment_statement; surely it doesn't apply to them. > It would be weird if you would have to use > slightly different aggregates depending on > whether you were assigning to a newly created object versus > a pre-existing object. You do, because you have to do *assignment* differently for each. I can't imagine how build-in-place would suddenly change that dynamic. One obvious requirement is to allocate the memory for sub-components (which only happens with a new object). What the user writes may be the same, but what the compiler generates is quite different for the two cases. Build-in-place is impractical in general for non-limited types (of course it can be used on types with no controlled or discriminant-dependent components). ... > I am coming around to thinking that the AARM notes following > 7.6(21/2) are pretty badly broken. Apparently because the model I have of Finalization isn't the same as yours. We're going to need to reconcile that... At least you decided to mention 7.6(21.a) finally. > I would recommend > we make them simpler and clearer, perhaps as follows: > > Replace 7.6(21.a & b) with: > > Ramification: Note that in the second case, What second case? That's way too vague (I don't see any obvious "second case" in 7.6(21/2)). > ... where the anonymous > object is eliminated but the new value is not created directly > in the target object, Adjust must be called directly on the target > object as the last step of the assignment, since some of the > subcomponents may be self-referential or otherwise position- > dependent. This Adjust can be eliminated only by using one > of the following permissions. That's OK and I suppose we can agree on this in the sense that it is very limited in scope. (And it mainly is intended to tell implementers not to make the optimization that the early Intermetrics compilers did.) I do think that you'll find similar problems in other notes in the manual. I don't think we think about build-in-place ever when thinking about assignment, and it really is not an assignment. But one problem at a time... **************************************************************** From: Randy Brukardt Sent: Friday, August 3, 2007 10:10 PM AARM "To Be Honest" notes should be added to 6.6(2) and possibly 6.4(3) to make it clear that "function_call" includes infix operator calls when it is used in RM rules other than syntax definitions. (There are at least 7 rules and many AARM notes which use "function_call" this way.) See AC-00143 for a full discussion. **************************************************************** From: Randy Brukardt Sent: Wednesday, September 5, 2007 11:38 PM I was fixing 7.6(16) as we discussed before I left on my ill-fated vacation, and I got to reading 7.6(16.b): Reason: The verbiage in the Initialize rule about access discriminants constrained by per-object expressions is not necessary here, since such types are limited, and therefore are never adjusted. ["here" being the definition of "adjustment".] This looks like it is no longer true, as we surely can have access discriminants of nonlimited types these days. The "verbiage" in question gives a required order for operations. Do we need such an order? I don't think so, because an Adjust can't change the discriminant values of an object (only the assignment of the bits can do that). So I think that the reason above should say that and not depend on limited types. But if I forgot some case where an ordering is required, then we probably need an AI. Any idea if it is needed and if so, what it should say?? **************************************************************** From: Tucker Taft Sent: Thursday, September 6, 2007 2:13 AM You can't give defaults to access discriminants in a non-limited type (3.7(10/2)). This means access discriminants never change after creation, and in particular can't be changed in an Adjust. **************************************************************** From: Randy Brukardt Sent: Thursday, September 6, 2007 9:45 PM Humm, I think we intended that, but I don't think it is actually true in *every* case. The rule about defaults does not apply to discriminants that have a named access type, so I think you could have a changeable per-object access discriminant. Making my best Steve Baird impression, consider the following: type Comp_Type (CD : access Integer) is record ... end record; type Acc_Int is access all Integer; One : constant aliased Integer := 1; Two : constant aliased Integer := 2; type Obj_Type (D : Acc_Int := One'access) is record Comp : Comp_Type (D); end record; Obj : Obj_Type; Obj2 : Obj_Type (Two'access); Obj := Obj2; -- Seems to change the discriminant of Comp. The discriminant D of Obj_Type is not an access discriminant, so 3.7(10/2) does not apply and it can have a default. D then is then used as a per-object constraint for Comp. When the assignment happens, D goes from One'access to Two'access, and surely the discriminant of Comp does too. This construct seems to not cause the problems that we fixed by dropping the discriminant default, because the accessibility check that was needed on the assignment is going to be done by the conversion to the named type of the outer discriminant. Consider: procedure Fooey is Three : constant aliased Integer := 3; Obj3 : Obj_Type (Three'access); -- Error: Accessibility check fails. begin Obj := Obj3; -- Which is good 'cause we sure wouldn't want to allow this. end Fooey; The net seems to be that you can change an access discriminant in very restricted circumstances, as there is no reason to disallow it. So the question remains: does this matter for Adjust? Initialize specifies that per-object constrained components are done last. But I can't think of a way where it might matter where they are done for adjustment, because an Adjust of a component cannot change the discriminant of the per-object constrained component; only the outer assignment can do that. And there is a requirement that inner (component) Adjusts be done first, so a surrounding one that changed such a discriminant would necessarily happen after any component Adjusts were completed, eliminating any issue. So 7.6(16.b) should just be fixed. **************************************************************** From: Tucker Taft Sent: Friday, September 7, 2007 7:23 AM My head hurts... ;-) Interesting example. It is generally true that by changing the discriminant of an object in a whole-object assignment you can do all kinds of violence to its components, including having them disappear or appear (if the component is in a discriminant-dependent variant), get shorter or longer, etc. I guess we need to add that you can change the value of an access discriminant of a component as another kind of violence. I'm pretty sure we *did* include the case of an access discriminant initialized from an enclosing discriminant when we analyzed the safety of allowing access discriminants on nonlimited types. On the other hand, I don't remember considering this particular nastiness, and I am comforted that you see no accessibility holes opening as part of the enclosing assignment. In some ways, when doing a whole-object assignment that changes discriminants, one might best view it as destroying one object and creating a new one. And in fact, since Finalize is applied to the left hand side, and then it is completely overwritten followed by an Adjust, it closely resembles the process of destruction and recreation. On the other hand, renames of components and access-values designating components are permitted to survive across these "mutating" assignments so long as the components aren't "discriminant dependent." Any component whose access discriminant comes from an enclosing discriminant is clearly discriminant dependent, so we that means we *can* think of the component as disappearing and then reappearing with a new discriminant value after the assignment. I suppose if it is a subcomponent but not a direct component, then it is possible that the Adjust might involve another whole-object assignment to an enclosing component. E.g. procedure Adjust(X : in out Outer_Rec) is begin X.Go_Between := Massage(X.Go_Between); -- Presume our subcomponent of interest is -- inside "Go_Between" and has an access discrim -- passed down from the "Go_Between" component -- This could change its discriminant again. end Adjust; Note that it would be quite unwise if Outer_Rec's Adjust involved a whole-object assignment to X itself; e.g.: X := Massage_Outer_Rec(X); as this would trigger an infinitely recursive call on Outer_Rec's Adjust. I've reached the point of blathering... ;-) In any case, thanks for doing the analysis of this nasty case. **************************************************************** !topic AARM refers to return-by-reference types !reference AARM 6.2(11.a) !from Adam Beneschan 07-10-29 !discussion Small nit: AARM 6.2(11.a) contains a couple of references to return-by-reference types, which don't exist any more. The paragraph should probably be rewritten. **************************************************************** !topic universal_access not in index !reference RM05 index !from Adam Beneschan 07-11-06 !discussion A very minor issue: In the index (at least the one available at http://www.adaic.org/standards/05aarm/html/AA-0-5.html), there are entries for universal_integer, universal_real, and universal_fixed, but not universal_access. It seems that it should be there for consistency/completeness. **************************************************************** From the minutes of the 33rd ARG meeting: In unrelated news, Tucker says that "needs finalization" needs more index entries. Specifically, there should be an index entry for each standard type defined to "need finalization". **************************************************************** !topic Missed '|' in formal_object_declaration syntax !reference Ada 2005 RM 12.4(2/2) !from Maxim Reznik 07-12-27 !keywords formal_object_declaration !discussion Alternative separator '|' is missed in syntax rule for formal_object_declaration. Should be: formal_object_declaration ::= defining_identifier_list : mode [null_exclusion] subtype_mark [:= default_expression]; | defining_identifier_list : mode access_definition [:= default_expression]; [Editor's note: This error occurs only in the Ada Europe consolidated RM; it is correct in the Amendment document, which is the official standard. Thus, this is recorded here.] **************************************************************** From: John Barnes Sent: Friday, December 28, 2007 12:10 PM It's like it in Annex P as well. (But my book is OK). Happy New Year **************************************************************** From: Tucker Taft Sent: Wednesday, March 26, 2008 3:29 PM In an AARM annotation (13.13.1(9.b/2), we indicate that it is unwise to use Stream_Element_Offset'First as the low bound for the Item passed to a stream Read procedure, because you will get a Constraint_Error if the stream is empty. We then go on to say that a better choice of lower bound is 1. But earlier we indicate that either 0 or 1 makes sense, and this last bit of advice will probably make the reader think that Stream_Element_Offset'First = 0, when in fact it is probably -Stream_Element_Offset'Last-1. Here is my suggested minor presentation fix: This implies that the Stream_Element_Array passed to these subprograms should not have a lower bound of Stream_Element_Offset'First, because then a read of 0 elements would always raise Constraint_Error. A better choice of lower bound is {0 or} 1. I am suggesting this fix because I read the original wording several times, and then stared at the Streams package, and had to work hard to assure myself that Stream_Element_Offset'First was not zero. If it had said "0 or 1" to begin with, I would have understood it immediately. **************************************************************** From: Adam Beneschan Sent: Monday, April 28, 2008 12:37 PM The term "mentioned" has a specific definition in 10.2.1(6), but it is not in the correct place in index at: http://www.adaic.org/standards/05aarm/html/AA-0-5.html It looks like it's supposed to be there but somehow got stuck under T: Term=[mentioned],Sec=[in a with_clause] 10.1.2(6/2) **************************************************************** !topic universal_access is not in the index !reference 3.4.1(6) !from Adam Beneschan 08-06-05 !discussion Presentation issue: 3.4.1(6) says, "Universal types are defined for (and belong to) the integer, real, and fixed point, and access classes, and are referred to in this standard as respectively, universal_integer, universal_real, universal_fixed, and universal_access. universal_integer, universal_real, and universal_fixed are all listed in the index, but universal_access is not. This is a problem, since I was planning to look in the RM to find out what the semantic ramifications of "universal_access" are, but the index doesn't tell me where any discussions of this might be. Specifically, I'd hope that the index entry for universal_access (assuming it does get added) should refer to 4.5.2(7.2) and/or 4.5.2(9.1). **************************************************************** From: Randy Brukardt Sent: Thursday, June 12, 2008 12:11 AM !topic universal_access is not in the index ... Is this the dept. of redundancy department?? Some guy by the name of Adam Beneschan sent the following to this very list on November 6th, 2007: !topic universal_access not in index !reference RM05 index !from Adam Beneschan 07-11-06 !discussion A very minor issue: In the index (at least the one available at http://www.adaic.org/standards/05aarm/html/AA-0-5.html), there are entries for universal_integer, universal_real, and universal_fixed, but not universal_access. It seems that it should be there for consistency/completeness. --- Let me make a couple of other points: The index is not technically part of the standard. So suggestions for the index are handled like AARM comments, and attached to AI05-0005-1. Moreover, I generally make those to the working version of the Standard immediately (like all AARM comments). So this was all handled back in November. Looking all of this up has wasted quite a bit of time, unfortunately. > Specifically, I'd hope that the index entry for universal_access > (assuming it does get added) > should refer to 4.5.2(7.2) and/or 4.5.2(9.1). That would be inconsistent with the rest of the standard, for which we only index definitions, not uses. If we were to start indexing uses, there are many, many places where such indexes would be valuable (and that would imply a *lot* of work). For instance, I would like to see a list of all of the places where predefined routines raise (specific) exceptions (we do index language-defined checks). Most importantly, we'd want "definition" index entries to look different somehow than "use" index entries, which implies new commands and formatting for the formatting tool. A very slippery slope. **************************************************************** From: Adam Beneschan Sent: Thursday, June 12, 2008 11:06 AM > !topic universal_access is not in the index ... > > Is this the dept. of redundancy department?? Yes, and yes. :-) > Some guy by the name of Adam > Beneschan sent the following to this very list on November 6th, 2007: > > !topic universal_access not in index > !reference RM05 index > !from Adam Beneschan 07-11-06 > !discussion > > A very minor issue: In the index (at least the one available at > http://www.adaic.org/standards/05aarm/html/AA-0-5.html), there are > entries for universal_integer, universal_real, and universal_fixed, > but not universal_access. It seems that it should be there for > consistency/completeness. Yep. I had completely forgotten that I had sent this earlier. > Let me make a couple of other points: > > The index is not technically part of the standard. So suggestions for > the index are handled like AARM comments, and attached to AI05-0005-1. I wasn't aware of that. I did look at the AI05's to see if this issue had been submitted already, whether by people with names identical to mine or not, but it didn't occur to me to look at this particular one since nothing about the title made it seem relevant. Thanks for the info---I'll try to remember this next time. > Moreover, > I generally make those to the working version of the Standard > immediately (like all AARM comments). So this was all handled back in > November. Looking all of this up has wasted quite a bit of time, unfortunately. The version I use (noted above) doesn't have this change. Is the working version of the Standard available online? If so, I can check that first to help make sure I don't submit more redundant comments. My apologies for making you look this up unnecessarily. **************************************************************** From: Randy Brukardt Sent: Thursday, June 12, 2008 12:55 PM > The version I use (noted above) doesn't have this change. Is the > working version of the Standard available online? If so, I can check > that first to help make sure I don't submit more redundant comments. The super secret working version is not available to the public. The reason is that WG 9 has not decided on any plan for future work on the Ada standard, and for me and/or the ARG to make a working document available makes it appear that they have. (The changes are identified as belonging to "Corrigendum 2", a document that does not exist and may never exist.) It would be nice to let you have access to it (it is useful for the very reason that you note -- there are already too many approved AI05s to remember them all), but my hands are tied. **************************************************************** !topic Clarification requested on Wide_Bounded_IO definition !reference A.11(4), A.10.11(3) !from Adam Beneschan 08-06-11 !discussion A.11(4) says, when describing how to create the definition of Wide_Bounded_IO in terms of the Bounded_IO definition: any occurrence of package Bounded is replaced by Wide_Bounded. Does this refer only to the "Bounded" package defined as a child of Ada.Strings, or does it also refer to the generic formal package that is a parameter of the generic Ada.Text_IO.Bounded_IO? I suspect the answer is that it refers to both, but I think it's not 100% clear, and a clarification one way or the other would be useful. **************************************************************** !topic Ungrammatical sentence in AARM !reference Ada 2005 AARM 13.7.2(5.a/2) !from Christoph Grein 2008-06-17 !discussion The following sentence in parentheses, a quote from the paragraph cited above, does not make sense. Perhaps with the changes indicated, this is what is meant. (If Object is not a [not] by-reference type, the object ought to be aliased; recall that the Address attribute is not required to provide a useful result {for} other objects.) **************************************************************** !topic 12.4 presentation nitpick !reference RM05 12.4(2/2) !from Adam Beneschan 08-09-11 !discussion In 12.4(2/2), there should be a vertical bar somewhere separating the two different syntaxes for the generic formal object definition, but it seems to be missing. (It was present in the AI-423 text.) It is missing on both web pages: http://www.adaic.org/standards/05rm/html/RM-12-4.html http://www.adaic.org/standards/05aarm/html/AA-12-4.html **************************************************************** From: Randy Brukardt Sent: Thursday, September 25, 2008 12:55 PM It's correct in the actual Amendment document, so this is just a bug in the unofficial consolidated versions. As such, this isn't a change that needs to go through the ARG. Moreover, it was already noted here (Ada-Comment) in December (not that you or anyone else could be expected to remember that). **************************************************************** !topic Definition of "assignment operation" !reference 7.6(13-15), 7.6(21), 9.8(11) !from Adam Beneschan 08-09-24 !discussion When an assignment statement has a target that is a variable V of a controlled type, V is finalized, then the new value is copied into V, then V is adjusted. However, according to 7.6(13-15), only the last two steps of this process are considered an "assignment operation". When possibly overlapping slices are copied, the implementation permission in 7.6(21) allows this to take place one component at a time. This would mean, that for a case like A (N1 .. N2) := A (N3 .. N4); where A's element type is controlled or has controlled subcomponents, then the operations could be implemented as Finalize A(N1), copy into A(N1), adjust A(N1) Finalize A(N1+1), copy into A(N1+1), adjust A(N1+1), etc. or Finalize A(N2), copy into A(N2), adjust A(N2) Finalize A(N2-1), copy into A(N2-1), adjust A(N2-1), etc. where the order (forward or reverse) would be determined at runtime. How many "assignment operations" does this involve? If the Implementation Permission were not used, I think there would be just two assignment operations: *** START OF ASSIGNMENT OPERATION 1 *** Copy into anonymous object Adjust anonymous object *** END OF ASSIGNMENT OPERATION 1 *** Finalize A(N1..N2) *** START OF ASSIGNMENT OPERATION 2 *** Copy A(N1..N2) from anonymous object Adjust A(N1..N2) *** END OF ASSIGNMENT OPERATION 2 *** Finalize anonymous object But when an anonymous object isn't used, it's not clear to me how many assignment operations there are. Is the whole loop just one big assignment operation, or is there one assignment operation for each component? The reason this matters (somewhat) is because of 9.8(11). The question, of course, is: if the Implementation Permission of 7.6(21) is used in an overlapping slice case, at what points in the loop is an abort allowed to take place? I'm not sure the RM answers this question. **************************************************************** From: Tucker Taft Sent: Wednesday, September 24, 2008 7:33 PM If you take advantage of 7.6(20), then each subcomponent assignment can be separate, and the abort deferral only applies to the copy-and-adjust combination for that particular subcomponent. You would allow aborts between individual components. The only reason to defer abort is that you don't want the copy step separated from the adjust step. I believe the RM is relatively clear in 7.6(20) when it says: ... the implementation may finalize and assign each component of the variable separately ... I agree the wording in 7.6(21) which refers to 7.6(20) muddies the waters a bit. In any case, it wouldn't hurt to have an AARM note to emphasize that abort deferral needs to last only across an individual component assignment, and aborts can be handled between component assignments. **************************************************************** From: Christoph Grein Sent: Thursday, November 13, 2008 5:19 AM I could not find the policy identifiers FIFO_Within_Priorities etc in the RM index. So there is no place where you can find all predefined policies in one list. I would propose to enter them under "locking policy" in the index. **************************************************************** From: Adam Beneschan Sent: Thursday, November 13, 2008 12:47 PM I think you meant "task dispatching policy"? Lots of predefined identifiers occur in two places, e.g. language-defined pragmas and attributes appear both as themselves and under the "predefined" or "attribute" index entries respectively. That probably ought to be the case here, too. For one thing, having the identifier findable under its own name would help in a case where someone tries to find a task dispatching policy name in the "locking policy" index entry and can't find it. :) :) The identifier Ceiling_Locking doesn't seem to be anywhere in the index, either. **************************************************************** From: Christoph Grein Sent: Friday, November 14, 2008 1:34 AM Of course. In fact, I was looking for task dispatching policy identifiers, locking policy identifiers and restriction identifiers in the index, especially for No_Delay. It wasn't under N, and finally I found it under R, "Restrictions", which is the last place where to look. So I do think, these missing identifiers (FIFO_Within_Priorities, Ceiling_Locking etc) all have to appear in the index. **************************************************************** !topic Missing blanks before inserted text !reference Ada 2005 RM-6.5 [This is a comment on the draft consolidated standard - ED.] !from Christoph Grein 2008-12-16 !discussion Newly inserted text is missing a space. I found two such cases, but am sure there are a lot more occurrences like those. RM 6.5(5.2/3) ... The type of the subtype_indication shall be{ }covered by the result type of the function. (22/3) ... Upon completion of a return statement that applies to a callable construct{ }by the normal completion of a simple_return_statement... I found three more: RM 10.7(8/3,10/3,12/3) ... Status_Error is propagated if the file is not open.{ }Mode_Error is propagated if the mode of the file is not In_File. [He means A.10.7 - ED.] A simply typo: (28.f.1/3) ... However, it allows raising a[n] Constraint_Error in some cases... **************************************************************** !topic Grammatically wrong new text !reference Ada 2005 AARM 6.4.1(17.g/3) [This is a comment on the draft consolidated standard - ED.] !from Christoph Grein 2008-12-16 !discussion ... and requiring such cases to work would be a major change of the user model (in parameters {c}[w]ould no longer [could] be assumed constant). **************************************************************** !topic Wrong AI referenced !reference Ada 2005 AARM 4.1(17.h/3) [This is a comment on the draft consolidated standard - ED.] !from Christoph Grein 2008-12-18 !discussion This paragraph references AI05-0015-1, but the correct one is AI05-0003-1. **************************************************************** !reference Ada 2005 RM 4.5.6(11/3) [This is a comment on the draft consolidated standard - ED.] !topic The value of X**N with the value of the exponent N positive {is} the same as the value of... **************************************************************** From: Adam Beneschan Sent: Thursday, January 15, 2009 12:36 PM Last June, I posted a question to Ada-Comment, but I never received a response, nor did this end up in any AI's or AC's. So I think it may have fallen through the cracks. I'm reposting it in case that's what happened. [Followed by a reposting of the message filed June 11, 2008. - ED] **************************************************************** From: Randy Brukardt Sent: Thursday, January 15, 2009 1:03 PM Not true; it got filed into AI05-0005-1, and an appropriate AARM note added (A.11(4.a/3)). (No one I queried could imagine how it could mean anything else than both packages -- everything else in this section works that way -- so we didn't see the point of doing a full ARG resolution on it - especially as we had dozens of other comments [mostly from you! :-)] that actually need discussion.) See the working AARM at http://www.adaic.com/standards/1zaarm/html/AA-A-11.html. **************************************************************** From: Adam Beneschan Sent: Thursday, January 15, 2009 12:36 PM > Not true; it got filed into AI05-0005-1, and an appropriate AARM note > added (A.11(4.a/3)). (No one I queried could imagine how it could mean > anything else than both packages -- everything else in this section > works that way -- Actually, I didn't think there was anything else in the section to which that would even apply---i.e. there are no generic formal parameter *names* that are mentioned as names that are to be replaced. > so we didn't see the point of doing a full ARG resolution on it - > especially as we had dozens of other comments [mostly from you! :-)] > that actually need > discussion.) My fault. I searched the AI text files and didn't find it, but I must have either made a typo or searched for a string that got word-wrapped or something stupid like that. I'm not off to a good start this week... Time to go back to bed, I guess. (I can't even blame the extreme cold the way you could because it's been close to 90 here...) **************************************************************** !topic "/=" in the index !reference RM05 index !from Adam Beneschan 09-03-10 !discussion Index nitpick: The index has these two entries: / operator 4.4(1), 4.5.5(1) /= operator 4.4(1), 4.5.2(1) but I think the second one should also refer to 6.6(6) since this is a case where "/=" is implicitly defined by the language. **************************************************************** From: Christoph Grein Sent: Wednesday, April 1, 2009 4:12 AM [No joke!] Editorial comments (missing spaces between words, grammar mistakes etc...) [on Draft 7 - ED] 3.9.3(4/3) ... result, or if a type other than a non-abstract{ }null extension... 3.9.3(10/3) ... controlling result or a controlling access result{ }shall not... 6.5(24.a/3) ... The intention is that the exception is raised at {the} same point that it would have been raised without the permission; Question: 6.5(24.a/3) replaces build-in-place by built-in-place, but (24.d/3) keeps it. Is this intended? 6.6(6/3) An explicit declaration of "=" whose result type is Boolean implicitly declares an operator [of] "/=" that gives the complementary result. 6.6(6.a/3) There is an index entry "Number of the Beast". ??? You're reading too much in the Holy Bible - Ada was not a prophet, or was she? :-) 7.3.1(3/3) ... operators are implicitly declared at that place.{ }If there is no such place, ... 10.1.1(12.g.1/3) ... a discriminant_part even if the [the] type_declaration does have one. A.18.17(23/3) ... they guard against certain actions by the designated subprogram[.]{;} in particular, ... A.18.17(30.a/3) ... However, the order and number of calls on the formal equality function is unspecified, [so an implementation does not need to call ]so an implementation need not call ... 3.7(10.h.1/3) Any type may have an access discriminant, but access discriminants may have defaults only if they are an immutably {limited} type. Remark: was deleted and was meant to be replaced by , but was also inadvertantly deleted. BTW: Can a discriminant be a type? I presume the sentence should be: ... if they are {of} an immutably {limited} type **************************************************************** From: Randy Brukardt Sent: Friday, April 3, 2009 9:50 PM > Question: 6.5(24.a/3) replaces build-in-place by built-in-place, but > (24.d/3) keeps it. Is this intended? I don't think so; the next line uses "built-in-place". Probably incorrect muscle memory. ... > 6.6(6.a/3) There is an index entry "Number of the Beast". ??? > You're reading too much in the Holy Bible - Ada was not a > prophet, or was she? > :-) I'm just keeping up the tradition of joke index entries. But I'm probably not as funny as Bob Duff. Look up "unpolluted" in the AARM's index for an example. ... > A.18.17(23/3) ... they guard against certain actions by the > designated subprogram[.]{;} in particular, ... According to the AI, and according to the practice in the other clauses, this is supposed to start a sentence. That means that the problem is one of capitalization, not punctuation. > A.18.17(30.a/3) ... However, the order and number of calls on > the formal equality function is unspecified, [so an > implementation does not need to call ]so an implementation > need not call ... The AI was wrong on this one, having the dept. of redundancy department wording. **************************************************************** From: Bob Duff Sent: Sunday, June 7, 2009 8:08 AM > Unrelated aside: 13.14(1.j) is misleading, as all of these entities > have freezing and get frozen at particular points (for Convention and > address clauses at least); I think the point of the note is that we > don't use freezing per-se to handle most issues of premature access. Right, that was the intent. >...Probably ought to > be rewritten. **************************************************************** From: Christoph Grein Sent: Friday, June 19, 2009 12:03 AM There is a layout problem within the "task dispatching policy" on page 1117 (the PDF version). Non_Preemptive_FIFO_Within_Priorities (center column on top of page) is too long, so it merges with "termination handler" on the third column and the last 's' goes to the next line. (I see that other long entries like e.g. Ada.Numerics.Generic_Complex_- Elementary_Functions on the same page (withing Tan) are separated correctly. The separation algorithm somehow does not produce Non_Preemptive_FIFO_Within_- Priorities as it should.) **************************************************************** From: Christoph Grein Sent: Thursday, September 24, 2009 12:40 AM It appears to me that the sample code given in 6.3.1(21.d) is incorrect: with A; package B is package A_View renames A; function F_View(X : Integer := 9999) return Boolean renames F; -- wrong end B; should be "renames A.F" or "A_View.F" (F is not directly visible). **************************************************************** !topic Minor misspelling in AARM !reference 7.3(7.cc/2) !from Adam Beneschan 09-10-28 !discussion The second sentence of this paragraph reads, "A interface, like all types, is a descendant of itself, and thus this rule is triggered". That should be "An interface..." **************************************************************** !topic Wrong AI reference in AARM !reference AARM05 10.1.1(12.2/3, 12.3/3, 12.g.2/3) !from Adam Beneschan 09-11-12 !discussion In the AARM (www.adaic.org/standards/1zaarm/html/AA-10-1-1.html), the noted paragraphs have links to AI05-0134-1. This is wrong; they should refer to AI05-0129-1. [This refers to Draft 8 of the Ada 2012 manual.] **************************************************************** !topic Ada.Task_Termination and environment task !reference C.7.3, 10.2(11-12) !from Adam Beneschan 09-11-23 !discussion The semantics of Ada.Task_Termination seem to make it possible to call Set_Specific_Handler on the environment task, e.g. by using this Ada.Task_Termination.Set_Specific_Handler (Ada.Task_Identification.Current_Task, Prot_Object.Handler'access); in the main program. However, it appears to me that such a handler can never be successfully executed---or, at least, it is a bounded error to do so, since C.7.3(14/2) says that the handler is executed after other finalizations for the task are executed, and 10.2(11-12) implies that for the environment task, all library-level objects will be finalized, which includes all protected objects, which means that calling the termination handler is necessarily calling a protected subprogram of a protected object that has been finalized. Maybe this will work and maybe it won't (9.4(20.1/2)). This concerns me because I think the above call is something that someone is bound to try, since it seems like it would be a neat way to get something to happen when the environment task exits (perhaps due to an unhandled exception), but it's going to bite them. I believe that perhaps C.7.3 should clarify what happens when Set_Specific_Handler is called on the environment task (maybe in the Notes section), or perhaps the dynamic semantics should be changed to make Set_Specific_Handler raise a Program_Error if the task ID refers to the environment task. **************************************************************** From: Dan Eilers Sent: Saturday, January 9, 2010 5:44 PM in AARM 2012 6.3.1, paragraph 25.a.2/3 {AI05-0132-1} should be {AI05-0134-1} **************************************************************** From: Randy Brukardt Sent: Tuesday, April 6, 2010 4:28 PM In A.16(124.kk/2), "User_Id" in the first sentence should be "Group_Id". **************************************************************** !topic AARM error in 3.10.2 !reference AARM 3.10.2(22.n-22.r) !from Adam Beneschan 10-04-06 !discussion AARM 3.10.2(22.n through 22.q/2) says: 22.n: Most accessibility checking is done at compile time; the rules are stated in terms of "statically deeper than". The exceptions are: 22.q/2: Checks during function return and allocators, for nested type extensions and access discriminants. Then 22.r says Note that run-time checks are not required for access discriminants... which contradicts 22.q/2. Obviously this is a holdover from AARM95 and should be removed. **************************************************************** From: Randy Brukardt Sent: Tuesday, April 6, 2010 4:48 PM I think it would be more useful to add an exception for the cases mentioned in 22.q/2, since the model still is that run-time checks are not made for access discriminants in most cases. (General run-time checks for access discriminants would be very complex.) The checks that are made occur only on object creation (not use as one might expect) and only in cases where the object might live longer than the context of creation. So I suggest something like: Note that run-time checks are not required for access discriminants {(except during function returns and allocators)}, because ... **************************************************************** From: Tucker Taft Sent: Tuesday, May 11, 2010 4:36 PM The recently adjusted wording for this AARM note in 3.9.2 is grammatically incorrect: 20.b/3 Reason: {AI05-0005-1} The wording of the above rules [are] {is} intended to ensure ... **************************************************************** From: Randy Brukardt Sent: Wednesday, May 26, 2010 10:32 PM Storage_IO was added by Ada 95, but documentation of that fact is missing from the AARM. (And to think no one ever complained about that; the AARM has existed for 16 years...but Storage_IO was a late addition to Ada 95 - it first appeared in the July 1994 version.) **************************************************************** From: Christoph Grein Sent: Monday, June 14, 2010 5:44 AM 1.1.2(24.b/2) ... does not appear in the Ada 2005 {or Ada 2012} RM. [Editor's note: This particular item should only mention Ada 2012, since that is the document in hand.] **************************************************************** From: Christoph Grein Sent: Thursday, June 17, 2010 7:36 AM 4.1.4(6.h/2) ... The same would be true if (2) [was] {had} been a procedure; This is already in Ada 2005. **************************************************************** From: Adam Beneschan Sent: Thursday, July 1, 2010 7:50 PM Re: Typo in AARM 9.6.1(84.a/2) The last sentence of this says For example, "2005-08-31 24:0:0" should raise Constraint_Error (the hour is out or range). I think that was intended to be "2005-08-31 24:00:00"; otherwise it would raise Constraint_Error for an entirely different reason---the string isn't formatted as described for Image. **************************************************************** From: Christoph Grein Sent: Friday, July 30, 2010 2:16 AM Browsing thru AARM 2012 Draft 9, I've been wondering about the new operation Assign introduced in Lists, Maps, Sets what's the difference between Assign (A, B) and A := B. Finally I found in AI05-0001 the reason: "The Assign and Copy subprograms are needed for the bounded forms in order that containers with different capacities can be assigned or copied. The built-in assignment would raise Constraint_Error if the capacities were different. In order to keep the unbounded and bounded forms as similar as possible (to allow almost painless switching between forms), these subprograms were added to all of the existing containers." Shouldn't there be a little note in the RM at the end of each chapter or at least an annotation in the AARM about this? I guess more people will be wondering about the difference (where there is none). **************************************************************** From: Christoph Grein Sent: Thursday, February 3, 2011 7:24 AM 4.5.7(5.l/3) An if_expression and a{n} if_statement are very similar syntactically... 3.5.9(28.b) ... with a fixed point type whose small equals its delta equals a power of 10... This reads awkward. No proposal how to improve it. **************************************************************** Editor's note (February 3, 2011): All of the items above this marker have been included in the working version of the AARM. ****************************************************************