CVS difference for ai05s/ai05-0111-3.txt
--- ai05s/ai05-0111-3.txt 2010/11/12 04:15:49 1.4
+++ ai05s/ai05-0111-3.txt 2010/11/12 04:22:18 1.5
@@ -1,4 +1,4 @@
-!standard 4.8(2) 10-10-28 AI05-0111-3/03
+!standard 4.8(2) 10-10-30 AI05-0111-3/04
!standard 4.8(3/2)
!standard 4.8(10.3/2)
!standard 13.11(16/3)
@@ -75,13 +75,13 @@
Add at the end of 4.8(3/1):
- The expected type for a *subpool_handle*_name is
- System.Storage_Subpools.Subpool_Handle, the type used to identify a subpool
- defined in the language-defined package System.Storage_Subpools (see 13.11.4).
+ The expected type for a *subpool_handle*_name is a descendant of
+ System.Storage_Pools.Subpools.Subpool_Handle, the type used to identify a subpool
+ defined in the language-defined package System.Storage_Pools.Subpools (see 13.11.4).
Add after 4.8(10.3/2):
- If the allocator includes a subpool_handle_name, the allocator raises
+ If the allocator includes a *subpool_handle_*name, the allocator raises
Program_Error if the subpool is non-null and does not *belong* (see 13.11.4)
to the storage pool of the access type of the allocator.
@@ -114,12 +114,12 @@
The following language-defined library package exists:
- with System.Storage_Pools;
with System.Storage_Elements;
- package System.Subpools is
+ package System.Storage_Pools.Subpools is
+ pragma Preelaborated (System.Storage_Pools.Subpools);
type Root_Storage_Pool_with_Subpools is
- abstract new Storage_Pools.Root_Storage_Pool with private;
+ abstract new Root_Storage_Pool with private;
-- An access type must have a storage pool of a type
-- descended from this type to use subpools.
@@ -133,24 +133,24 @@
-- This provides a reference to a subpool, and serves to identify
-- the subpool within the program.
- function Create_Subpool(Pool : aliased in out Root_Storage_Pool_with_Subpools;
+ function Create_Subpool(Pool : in out Root_Storage_Pool_with_Subpools;
Storage_Size : Storage_Elements.Storage_Count :=
- Storage_Elements.Storage_Count'Last) return Subpool_Handle is abstract;
+ Storage_Elements.Storage_Count'Last) return not null Subpool_Handle is abstract;
-- Create subpool within given storage pool manager. Storage_Size
-- specifies a limit on the amount of storage for the subpool.
-- NOTE: Additional functions that create subpools may be
- -- defined for a given Subpool manager type.
- -- [Editor's Note: This uses AI05-0142-4 and AI05-0143-1 features; "access"
- -- could be used instead.]
+ -- defined for a given storage pool that supports subpools.
+ -- [Editor's Note: This uses AI05-0143-1 to allow an in out parameter; "access"
+ -- could be used instead but would be less convenient.]
- function Pool_of_Subpool(Subpool : Subpool_Handle)
+ function Pool_of_Subpool(Subpool : not null Subpool_Handle)
return access Root_Storage_Pool_with_Subpools'Class;
-- Return access to underlying storage pool of given handle.
- procedure Set_Pool_of_Subpool(Subpool : Subpool_Handle;
+ procedure Set_Pool_of_Subpool(Subpool : not null Subpool_Handle;
To : in out Root_Storage_Pool_with_Subpools'Class);
-- Set the Pool for a newly created subpool or a subpool which
- -- be being reused after a call to Deallocate_Subpool (this routine
+ -- is being reused after a call to Deallocate_Subpool (this routine
-- should only be used as part of the implementation of Create_Subpool
-- or similar subpool constructors).
-- Raises Program_Error if the Pool has already been set for Subpool
@@ -161,10 +161,9 @@
Storage_Address : out Address;
Size_In_Storage_Elements : in Storage_Elements.Storage_Count;
Alignment : in Storage_Elements.Storage_Count;
- Subpool : Subpool_Handle) is abstract
+ Subpool : not null Subpool_Handle) is abstract
with Pre'Class => Pool_of_Subpool(Subpool) = Pool'Access;
-- Allocate space from specified subpool.
- -- If the subpool handle is null, use the default subpool (if any).
-- [Editor's note: The precondition is as described in AI05-0145-2 and
-- AI05-0183-1. It could be omitted if necessary.]
@@ -176,18 +175,27 @@
-- specified subpool, and destroy the subpool. The subpool handle
-- is set to null after this call.
+ function Default_Subpool_for_Pool(
+ Pool : in Root_Storage_Pool_with_Subpools) return not null Subpool_Handle;
+ -- Returns a handle of the default subpool for Pool.
+ -- Note: If no default subpool is supported, this routine should
+ -- raise Storage_Error.
+
private
... -- not specified by the language
- end System.Subpools;
+ end System.Storage_Pools.Subpools;
A *subpool* is a separately reclaimable portion of a storage pool, identified by
an object of type Subpool_Handle (a *subpool handle*). A subpool handle also
identifies the enclosing storage pool, a *storage pool that supports subpools*,
which is a storage pool whose type is descended from Root_Storage_Pool_with_Subpools.
-When an allocator with a subpool_specification is evaluated, a call is made on
-Allocate_From_Subpool passing in the given Subpool_Handle, in addition to the
-parameters as defined for calls on Allocate (see 13.11). All requirements on
+When an allocator for a type whose storage pool supports subpools is evaluated,
+a call is made on Allocate_From_Subpool passing in a Subpool_Handle, in addition
+to the parameters as defined for calls on Allocate (see 13.11). The subpool handle
+is the one given in the allocator if a *subpool_handle_*name is specified,
+or otherwise the handle obtained by calling Default_Subpool_for_Pool
+on the pool of the type of the allocator. All requirements on
the Allocate procedure also apply to Allocate_from_Subpool.
[Redundant: There is a master associated with the execution of certain
@@ -233,14 +241,14 @@
objects exist at least as long as the storage pool object, so that the subpools
are finalized (which finalizes any remaining allocated objects) before the type
of the objects cease to exist. The access type itself will cease to exist before
- the storage pool.
+ the storage pool.
13.11.5 Subpool Reclamation
The following language-defined library procedure exists:
- procedure System.Subpools.Unchecked_Deallocate_Subpool
- (Subpool : in out Subpool_Handle);
+ procedure Ada.Unchecked_Deallocate_Subpool
+ (Subpool : in out System.Storage_Pools.Subpools.Subpool_Handle);
A subpool may be explicitly deallocated using Unchecked_Deallocate_Subpool.
@@ -251,11 +259,13 @@
allocated from a subpool; otherwise it is the (construct) master of the
ultimate ancestor of the type of the allocator.]
-A call on System.Subpools.Unchecked_Deallocate_Subpool causes the
-subpool to be explicitly finalized (see 13.11.4); followed by a
+If Subpool is null, a call on Unchecked_Deallocate_Subpool
+has no effect. Otherwise, a call on Unchecked_Deallocate_Subpool causes
+the subpool designated by Subpool
+to be explicitly finalized (see 13.11.4); followed by a
Redundant[dispatching] call on
-System.Subpools.Deallocate_Subpool (
- System.Subpools.Pool_of_Subpool(Subpool).all, Subpool);
+System.Storage_Pools.Subpools.Deallocate_Subpool (
+ System.Storage_Pools.Subpools.Pool_of_Subpool(Subpool).all, Subpool);
finally Subpool is set to null.
It is a bounded error if nonterminable tasks depend
@@ -263,9 +273,218 @@
effects are as given for the unchecked deallocation of an
object with a task part (see 13.11.2).
+Example
+
+Here is a simple but complete implementation of the classic Mark/Release pool
+using subpools:
+
+with System.Storage_Pools.Subpools;
+with Ada.Unchecked_Deallocate_Subpool;
+package MR_Pool is
+
+ -- Mark and Release work in a stack fashion, and allocations are not allowed
+ -- from a subpool other than the one at the top of the stack. This is also
+ -- the default pool.
+
+ subtype Subpool_Handle is System.Storage_Pools.Subpools.Subpool_Handle;
+
+ type Mark_Release_Pool_Type (Pool_Size : System.Storage_Elements.Storage_Count) is new
+ System.Storage_Pools.Subpools.Root_Storage_Pool_with_Subpools with private;
+Root_Storage_Pool_with_Subpools;
+ Subpool : in out Subpool_Handle
+ function Mark (Pool : in out Mark_Release_Pool_Type;
+ Storage_Size : System.Storage_Elements.Storage_Count :=
+ System.Storage_Elements.Storage_Count'Last) return not null Subpool_Handle;
+
+ procedure Release (Subpool : in out Subpool_Handle) renames
+ Ada.Unchecked_Deallocate_Subpool;
+
+private
+
+ type MR_Subpool is new System.Storage_Pools.Subpools.Root_Subpool with record
+ Start : System.Storage_Elements.Storage_Count;
+ end record;
+ subtype Subpool_Indexes is Positive range 1 .. 10;
+ type Subpool_Array is array (Subpool_Indexes) of aliased MR_Subpool;
+
+ type Mark_Release_Pool_Type (Pool_Size : System.Storage_Elements.Storage_Count) is new
+ System.Storage_Pools.Subpools.Root_Storage_Pool_with_Subpools with record
+ Storage : System.Storage_Elements.Storage_Array (1..Pool_Size);
+ Next_Allocation : System.Storage_Elements.Storage_Count := 1;
+ Markers : Subpool_Array;
+ Current_Pool : Subpool_Indexes := 1;
+ end record;
+
+ overriding
+ function Create_Subpool (Pool : aliased in out Mark_Release_Pool_Type;
+ Storage_Size : System.Storage_Elements.Storage_Count :=
+ System.Storage_Elements.Storage_Count'Last) return not null Subpool_Handle;
-discussion
+ function Mark (Pool : in out Mark_Release_Pool_Type;
+ Storage_Size : System.Storage_Elements.Storage_Count :=
+ System.Storage_Elements.Storage_Count'Last) return not null Subpool_Handle
+ renames Create_Subpool;
+ overriding
+ procedure Allocate_From_Subpool (
+ Pool : in out Mark_Release_Pool_Type;
+ Storage_Address : out System.Address;
+ Size_In_Storage_Elements : in System.Storage_Elements.Storage_Count;
+ Alignment : in System.Storage_Elements.Storage_Count;
+ Subpool : not null Subpool_Handle);
+
+ overriding
+ procedure Deallocate_Subpool (
+ Pool : in out Mark_Release_Pool_Type;
+ Subpool : in out Subpool_Handle);
+
+ overriding
+ function Default_Subpool_for_Pool (
+ Pool : in Mark_Release_Pool_Type) return not null Subpool_Handle;
+
+ overriding
+ procedure Allocate (
+ Pool : in out Mark_Release_Pool_Type;
+ Storage_Address : out System.Address;
+ Size_In_Storage_Elements : in System.Storage_Elements.Storage_Count;
+ Alignment : in System.Storage_Elements.Storage_Count);
+
+ overriding
+ procedure Deallocate (
+ Pool : in out Mark_Release_Pool_Type;
+ Storage_Address : in System.Address;
+ Size_In_Storage_Elements : in System.Storage_Elements.Storage_Count;
+ Alignment : in System.Storage_Elements.Storage_Count);
+
+ overriding
+ function Storage_Size (Pool : Mark_Release_Pool_Type)
+ return System.Storage_Elements.Storage_Count;
+
+ overriding
+ procedure Initialize (Pool : in out Mark_Release_Pool_Type);
+
+ -- We don't need Finalize.
+
+end MR_Pool;
+
+package body MR_Pool is
+
+ procedure Initialize (Pool : in out Mark_Release_Pool_Type) is
+ -- Initialize the first default subpool.
+ begin
+ Pool.Markers(1).Start := 1;
+ System.Storage_Pools.Subpools.Set_Pool_for_Subpool
+ (Pool.Markers(1)'Unchecked_Access,
+ Pool'Unchecked_Access);
+ end Initialize;
+
+ function Create_Subpool (Pool : in out Mark_Release_Pool_Type;
+ Storage_Size : System.Storage_Elements.Storage_Count :=
+ System.Storage_Elements.Storage_Count'Last) return not null Subpool_Handle is
+ -- Mark the current allocation location.
+ begin
+ if Pool.Current_Pool = Subpool_Indexes'Last then
+ raise Storage_Error; -- No more subpools.
+ end if;
+ Pool.Current_Pool := Pool.Current_Pool + 1; -- More to the next subpool
+ Pool.Markers(Pool.Current_Pool).Start := Pool.Next_Allocation;
+ System.Storage_Pools.Subpools.Set_Pool_for_Subpool
+ (Pool.Markers(Pool.Current_Pool)'Unchecked_Access,
+ Pool'Unchecked_Access);
+ return Pool(Pool.Current_Pool).Markers'Unchecked_Access;
+ end Create_Subpool;
+
+ procedure Deallocate_Subpool (
+ Pool : in out Mark_Release_Pool_Type;
+ Subpool : in out Subpool_Handle) is
+ begin
+ if Subpool /= Pool(Pool.Current_Pool).Markers'Unchecked_Access then
+ raise Program_Error; -- Only the last marked subpool can be released.
+ end if;
+ if Pool.Current_Pool /= 1 then
+ Pool.Next_Allocation := Pool.Markers(Pool.Current_Pool);
+ Pool.Current_Pool := Pool.Current_Pool - 1; -- More to the previous subpool
+ else -- Reinitialize the default subpool:
+ Pool.Next_Allocation := 1;
+ System.Storage_Pools.Subpools.Set_Pool_for_Subpool
+ (Pool.Markers(1)'Unchecked_Access,
+ Pool'Unchecked_Access);
+ end if;
+ end Deallocate_Subpool;
+
+ function Default_Subpool_for_Pool (
+ Pool : in Mark_Release_Pool_Type) return not null Subpool_Handle is
+ begin
+ return Pool(Pool.Current_Pool).Markers'Unchecked_Access;
+ end Default_Subpool_for_Pool;
+
+ procedure Allocate_From_Subpool (
+ Pool : in out Mark_Release_Pool_Type;
+ Storage_Address : out System.Address;
+ Size_In_Storage_Elements : in System.Storage_Elements.Storage_Count;
+ Alignment : in Storage_Elements.Storage_Count;
+ Subpool : not null Subpool_Handle) is
+ begin
+ if Subpool /= Pool(Pool.Current_Pool).Markers'Unchecked_Access then
+ raise Program_Error; -- Only the last marked subpool can be used for allocations.
+ end if;
+ Allocate (Pool, Storage_Address, Size_In_Storage_Elements, Alignment);
+ end Allocate_From_Subpool;
+
+ procedure Allocate (
+ Pool : in out Mark_Release_Pool_Type;
+ Storage_Address : out System.Address;
+ Size_In_Storage_Elements : in System.Storage_Elements.Storage_Count;
+ Alignment : in System.Storage_Elements.Storage_Count) is
+ -- Allocate from the default subpool:
+ begin
+ -- Correct the alignment if necessary:
+ Pool.Next_Allocation := Pool.Next_Allocation +
+ ((-Pool.Next_Allocation) mod Alignment);
+ if Pool.Next_Allocation + Size_In_Storage_Elements > Pool.Pool_Size then
+ raise Storage_Error; -- Out of space.
+ end if;
+ Storage_Address := Pool.Storage (Pool.Next_Allocation)'Address;
+ Pool.Next_Allocation := Pool.Next_Allocation + Size_In_Storage_Elements;
+ end Allocate;
+
+ procedure Deallocate (
+ Pool : in out Mark_Release_Pool_Type;
+ Storage_Address : in System.Address;
+ Size_In_Storage_Elements : in System.Storage_Elements.Storage_Count;
+ Alignment : in System.Storage_Elements.Storage_Count) is
+ begin
+ -- No deallocation other than from Release, so do nothing here.
+ null;
+ end Deallocate;
+
+ function Storage_Size (Pool : Mark_Release_Pool_Type)
+ return System.Storage_Elements.Storage_Count is
+ begin
+ return Pool.Pool_Size;
+ end Storage_Size;
+
+end MR_Pool;
+
+[End 13.11.5.]
+
+Update the existing pool example to depend on package MR_Pool as defined above:
+
+Modify 13.11(38):
+
+As usual, a derivative of Root_Storage_Pool may define additional operations.
+For example, [presuming that]{consider the} Mark_Release_Pool_Type {defined in
+13.11.5, that} has two additional operations, Mark and Release, the following is
+a possible use:
+
+Delete the Block_Size discriminant from 13.11(39/1), and add a comment "As
+defined in 13.11.5".
+
+Delete the Block_Size discriminant from 13.11(41).
+
+
+!discussion
+
The implementor of the storage pool type is supposed to worry about
actually managing the storage and keeping track of which storage has
been allocated to which subpools. The subpool object type can also be
@@ -381,182 +600,28 @@
counting -- but of course that brings us back to the more complex proposal of
AI05-0111-2. So this option was rejected.
-
-
-!example
-
-Here is a simple but complete implementation of the classic Mark/Release pool
-using subpools:
-
-with System.Subpools;
-with System.Subpools.Unchecked_Deallocate_Subpool;
-package MR_Pool is
-
- -- Mark and Release work in a stack fashion, and allocations are not allowed
- -- from a subpool other than the one at the top of the stack. This is also
- -- the default pool.
-
- subtype Subpool_Handle is System.Subpools.Subpool_Handle;
-
- type Mark_Release_Pool_Type (Pool_Size : Storage_Elements.Storage_Count) is new
- System.Subpools.Root_Storage_Pool_with_Subpools with private;
-
- function Create_Subpool (Pool : aliased in out Mark_Release_Pool_Type;
- Storage_Size : Storage_Elements.Storage_Count :=
- Storage_Elements.Storage_Count'Last) return Subpool_Handle;
-
- function Mark (Pool : aliased in out Mark_Release_Pool_Type;
- Storage_Size : Storage_Elements.Storage_Count :=
- Storage_Elements.Storage_Count'Last) return Subpool_Handle renames Create_Subpool;
-
- procedure Release (Subpool : in out Subpool_Handle) renames
- System.Subpools.Unchecked_Deallocate_Subpool;
-
- procedure Allocate_From_Subpool (
- Pool : in out Mark_Release_Pool_Type;
- Storage_Address : out Address;
- Size_In_Storage_Elements : in Storage_Elements.Storage_Count;
- Alignment : in Storage_Elements.Storage_Count;
- Subpool : Subpool_Handle);
-
- procedure Deallocate_Subpool (
- Pool : in out Mark_Release_Pool_Type;
- Subpool : in out Subpool_Handle);
-
- procedure Allocate (
- Pool : in out Mark_Release_Pool_Type;
- Storage_Address : out Address;
- Size_In_Storage_Elements : in Storage_Elements.Storage_Count;
- Alignment : in Storage_Elements.Storage_Count);
- procedure Deallocate (
- Pool : in out Mark_Release_Pool_Type;
- Storage_Address : in Address;
- Size_In_Storage_Elements : in Storage_Elements.Storage_Count;
- Alignment : in Storage_Elements.Storage_Count);
+USE AS A BUILDING BLOCK
- function Storage_Size (Pool : Mark_Release_Pool_Type)
- return Storage_Elements.Storage_Count;
+This package provides facilities that can be used to provide safer abstractions.
-private
-
- type MR_Subpool is new System.Subpools.Root_Subpool with record
- Start : Storage_Elements.Storage_Count;
- end record;
- subtype Subpool_Indexes is Positive range 1 .. 10;
- type Subpool_Array is array (Subpool_Indexes) of aliased MR_Subpool;
-
- type Mark_Release_Pool_Type (Pool_Size : Storage_Elements.Storage_Count) is new
- System.Subpools.Root_Storage_Pool_with_Subpools with record
- Storage : Storage_Elements.Storage_Array (1..Pool_Size);
- Next_Allocation : Storage_Elements.Storage_Count := 1;
- Markers : Subpool_Array;
- Current_Pool : Subpool_Indexes := 1;
- end record;
+One possibility would be to wrap the subpool handle in a controlled object that
+managed reference counting. When the count reached zero, the subpool would be
+automatically deallocated. This is basically the idea of AI05-0111-2 (without
+the checks on the contained pointers).
+
+One could even imagine going further, by wrapping the access type in a similar
+reference counted record, with an indication of the containing pool. Checks
+could be done at assignments and uses to prevent dangling pointers.
+
+Creative use of the reference aspect (see AI05-139-2) could make these wrappers
+easy to use. (Unfortunately, the wrappers themselves can't have a reference
+aspect, as the required access discriminant would prevent useful assignments.
+But a helper function and object could do the job safely.)
- procedure Initialize (Pool : in out Mark_Release_Pool_Type);
-
- -- We don't need Finalize.
-
-end MR_Pool;
-
-package body MR_Pool is
-
- procedure Initialize (Pool : in out Mark_Release_Pool_Type) is
- -- Initialize the first default subpool.
- begin
- Pool.Markers(1).Start := 1;
- System.Subpools.Set_Pool_for_Subpool (Pool.Markers(1)'Unchecked_Access,
- Pool'Unchecked_Access);
- end Initialize;
-
- function Create_Subpool (Pool : aliased in out Mark_Release_Pool_Type;
- Storage_Size : Storage_Elements.Storage_Count :=
- Storage_Elements.Storage_Count'Last) return Subpool_Handle is
- -- Mark the current allocation location.
- begin
- if Pool.Current_Pool = Subpool_Indexes'Last then
- raise Storage_Error; -- No more subpools.
- end if;
- Pool.Current_Pool := Pool.Current_Pool + 1; -- More to the next subpool
- Pool.Markers(Pool.Current_Pool).Start := Pool.Next_Allocation;
- System.Subpools.Set_Pool_for_Subpool (Pool.Markers(Pool.Current_Pool)'Unchecked_Access,
- Pool'Unchecked_Access);
- return Pool(Pool.Current_Pool).Markers'Unchecked_Access;
- end Create_Subpool;
-
- procedure Deallocate_Subpool (
- Pool : in out Mark_Release_Pool_Type;
- Subpool : in out Subpool_Handle) is
- begin
- if Subpool /= Pool(Pool.Current_Pool).Markers'Unchecked_Access then
- raise Program_Error; -- Only the last marked subpool can be released.
- end if;
- if Pool.Current_Pool /= 1 then
- Pool.Next_Allocation := Pool.Markers(Pool.Current_Pool);
- Pool.Current_Pool := Pool.Current_Pool - 1; -- More to the previous subpool
- else -- Reinitialize the default subpool:
- Pool.Next_Allocation := 1;
- System.Subpools.Set_Pool_for_Subpool (Pool.Markers(1)'Unchecked_Access,
- Pool'Unchecked_Access);
- end if;
- end Deallocate_Subpool;
-
- procedure Allocate_From_Subpool (
- Pool : in out Mark_Release_Pool_Type;
- Storage_Address : out Address;
- Size_In_Storage_Elements : in Storage_Elements.Storage_Count;
- Alignment : in Storage_Elements.Storage_Count;
- Subpool : Subpool_Handle) is
- begin
- if Subpool /= Pool(Pool.Current_Pool).Markers'Unchecked_Access then
- raise Program_Error; -- Only the last marked subpool can be used for allocations.
- end if;
- Allocate (Pool, Storage_Address, Size_In_Storage_Elements, Alignment);
- end Allocate_From_Subpool;
-
- procedure Allocate (
- Pool : in out Mark_Release_Pool_Type;
- Storage_Address : out Address;
- Size_In_Storage_Elements : in Storage_Elements.Storage_Count;
- Alignment : in Storage_Elements.Storage_Count) is
- -- Allocate from the default subpool:
- begin
- -- Correct the alignment if necessary:
- while Pool.Next_Allocation mod Alignment /= 0 loop
- Pool.Next_Allocation := Pool.Next_Allocation + 1;
- end loop;
- -- [Editor's note: Yes, this sucks. But it's also correct.
- -- Every other one I've written is wrong until it is extensively tested.
- -- I don't have time for that...]
- if Pool.Next_Allocation + Size_In_Storage_Elements > Pool.Pool_Size then
- raise Storage_Error; -- Out of space.
- end if;
- Storage_Address := Pool.Storage (Pool.Next_Allocation)'Address;
- Pool.Next_Allocation := Pool.Next_Allocation + Size_In_Storage_Elements;
- end Allocate;
-
- procedure Deallocate (
- Pool : in out Mark_Release_Pool_Type;
- Storage_Address : in Address;
- Size_In_Storage_Elements : in Storage_Elements.Storage_Count;
- Alignment : in Storage_Elements.Storage_Count) is
- begin
- -- No deallocation other than from Release, so do nothing here.
- null;
- end Deallocate;
-
- function Storage_Size (Pool : Mark_Release_Pool_Type)
- return Storage_Elements.Storage_Count is
- begin
- return Pool.Pool_Size;
- end Storage_Size;
-
-end MR_Pool;
+!example
-[Editor's note: It might be worth considering including this example in the
-Standard, as it shows one way to use the subpool feature. Or possibly a
-block allocator of some sort.]
+See the example given in the !wording.
---
@@ -583,6 +648,13 @@
Create ACATS C-Tests to test this facility.
+!ASIS
+
+Some new ASIS routine needs to be added to handle the subpool syntax for
+allocators.
+
+Details TBD. ***
+
!appendix
From: Randy Brukardt
@@ -612,10 +684,87 @@
I don't have the time or energy to update the version of ai05-0111 I had been
working on before. I suggest we use Randy's proposal as a new starting point,
and see if we can get it to be acceptable to the group.
+
+I'll spend some time reviewing it in detail before the meeting, and I see Steve
+has already weighed in on it. Others interested in this functionality, I
+encourage you also to look at this proposal in advance.
+
+****************************************************************
+
+From: Brad Moore
+Sent: Friday, October 29, 2010 7:17 PM
+
+Looks really good!
+Much easier to understand than other versions.
+
+I have a few comments.
+
+
+1) 4.8(10.3/2) AARM Reason: "it is likely that
+ this check will still detect the problem,"
+
+"Likely" seems a bit strong here, as it implies that most vendors will implement
+this, when that remains to be seen. I suggest replacing "likely" with
+"possibly".
+
+2) I am just raising the question whether it makes sense to have the package
+ Subpools as a child of Storage_Pools? I think I prefer it the way it is
+ currently, but it is probably good to at least ask the question.
+
+3) Can the Subpools package be Preelaborated? Storage_Pools is, so it seems a
+ bit odd that Storage_Pools isn't.
+
+4) Set_Pool_of_Subpool spec comments.
+ "which be being reused"
+
+5) In the example, I think it would be nice if the overriding indicator were
+ used where appropriate.
+
+6) In the example, I presume the package is designed to allow further
+ derivations. If it were desired that this be a final derivation in a class
+ hierarchy, then the calls Allocate_From_Subpoop, Deallocate_Subpool,
+ Allocate, and Deallocate, could be moved into the private section, to hide
+ those details from the client, thus providing a simpler interface. If this is
+ a possibility, perhaps it would improve the example if this were done.
+
+7) In the problem section it mentions that this package could be used as a
+ building block to create safer allocations, though the current package allows
+ for dangling references. It would be helpful to add a few sentences to
+ provide this vision to suggest how such safer storage pools might be created.
+
+
+****************************************************************
+
+From: Randy Brukardt
+Sent: Saturday, October 30, 2010 9:54 PM
+
+> 1) 4.8(10.3/2) AARM Reason: "it is likely that
+> this check will still detect the problem,"
+>
+> "Likely" seems a bit strong here, as it implies that most vendors
+> will implement this, when that remains to be seen. I suggest replacing
+> "likely" with "possibly".
+
+We certainly assume an Ada 2012 implementation in the Ada 2012 standard. And
+this check is not optional. So I think I stand by my original comment (I might
+have misunderstood your concern, however).
+
+...
+> 6) In the example, I presume the package is designed to allow further derivations.
+> If it were desired that this be a final derivation in a class hierarchy, then
+> the calls Allocate_From_Subpoop, Deallocate_Subpool, Allocate, and
+> Deallocate, could be moved into the private section, to hide those details from
+> the client, thus providing a simpler interface. If this is a possibility, perhaps it
+> would improve the example if this were done.
+
+Tucker suggested something on this line. I'll try to do that.
+
+> 7) In the problem section it mentions that this package could be used as a building
+> block to create safer allocations, though the current package allows for dangling
+> references. It would be helpful to add a few sentences to provide this vision to
+> suggest how such safer storage pools might be created.
-I'll spend some time reviewing it in detail before the meeting, and I see Steve has
-already weighed in on it. Others interested in this functionality, I encourage you
-also to look at this proposal in advance.
+OK.
****************************************************************
Questions? Ask the ACAA Technical Agent