CVS difference for ai05s/ai05-0269-1.txt
--- ai05s/ai05-0269-1.txt 2012/01/28 08:19:51 1.5
+++ ai05s/ai05-0269-1.txt 2012/02/04 09:07:39 1.6
@@ -1,4 +1,4 @@
-!standard 3.2.4(0) 12-01-27 AI05-0269-1/05
+!standard 3.2.4(0) 12-02-03 AI05-0269-1/06
!standard 3.5(56/2)
!standard 3.10.1(13)
!standard 4.1.5(0)
@@ -7,6 +7,12 @@
!standard 4.5.2(28)
!standard 4.5.2(30.2/2)
!standard 4.9(33)
+!standard 6.1.1(0)
+!standard 7.3(15)
+!standard 7.3.2(0)
+!standard 7.4(2)
+!standard 7.6(17/2)
+!standard 7.6.1(13/2)
!standard 13.3(65)
!standard 13.11(21)
!standard 13.11.3(5)
@@ -34,6 +40,9 @@
!standard B.1(1)
!standard B.1(51)
!standard B.3.3(1/2)
+!standard D.2.4(11/2)
+!standard D.10(10)
+!standard D.14(11/2)
!standard D.16.1(0)
!class Amendment 11-11-09
!status Amendment 2012 12-01-12
@@ -124,6 +133,33 @@
(26) The definition of "decendant" and "ancestor" in A.18.10 is inconsistent (and inconsistent
with the use of these terms elsewhere in the Standard). Some other text is unclear.
+(27) The definition of Separate_Interrupt_Clocks_Supported should have a forward reference
+to D.14.3 where it is used.
+
+(28) D.10(10) raises Program_Error if a second is suspended on a suspension object; D.10(10.1/3)
+does not have this rule. That appears to be an omission.
+
+(29) D.2.4(11/3) would allow priority inversion if Yield_To_Higher was called during a protected
+action. In addition, it isn't clear that this permission only applies to partitions using the
+Non_Premptive_FIFO_Withing_Priorities policy.
+
+(30) In 6.1.1(32/3) [Draft 14], "primitive" is used as a noun; this should be "primitive subprogram".
+
+(31) 7.3(15) is not really a definition, but the italics imply that it is. Now that we've decided
+that this definition is in 3.4 (see AI-0110-1), this wording should reflect that.
+
+(32) 7.3.2(22/3) shows that it is intended for invariant checks to apply to all visible subprograms,
+including inherited ones. But 7.3.2(15/3) says "explicitly declared", which excludes inherited
+subprograms from the checks of 7.3.2(14-18/3). This should be fixed.
+
+(33) 7.4(2/3) is awkward, as the "unless" seems to bind with "shall".
+
+(34) 7.6(17.1/3) has the definition on the second use of the term. Move it to the first use.
+
+(35) 7.6.1(13/3) talks about an anonymous object being "part of the actual parameter expression".
+But of course it can't be part of the expression, it's part of the result of evaluating the
+expression.
+
!wording
(1) Remove pragma Preelaborate from D.16.1(3/3).
@@ -291,10 +327,60 @@
... If Source_Parent is an ancestor of Target_Parent {other than
Target_Parent itself}, then ...
+(27) Add "(see D.14.3)" to the end of D.14(11/3).
+
+(28) Add "Program_Error is raised upon calling Suspend_Until_True_And_Set_Deadline
+if another task is already waiting on that suspension object." as the
+penultimate sentence of D.10(10.1/3).
+
+(29) Modify D.2.4(11/3):
+"...may allow a task {of a partition using the
+Non_Premptive_FIFO_Within_Priorities policy} to execute..."
+"...does not contain {any calls to Yield_to_Higher, } any subprograms..."
+
+(30) Modify 6.1.1(32/3):
+
+"...primitive {subprogram}..." (three places).
+
+(31) In 7.3(15), replace the italisized "characteristics" with "characteristics
+(see 3.4)", as the definition of these things live there, not here.
+
+(32) In 7.3.2(15/3), delete "explicitly" (these checks need to apply to
+inherited routines as well as explictly declared ones).
+
+(33) In 7.4(2/3), replace the last sentence with:
+"Unless the Import aspect (see B.1) is True for a deferred constant declaration,
+the deferred constant declaration requires a completion, which shall be a
+full constant declaration (called the *full declaration* of the deferred
+constant)."
+
+(34) Replace the latter part of 7.6(17.1/3) with:
+
+For such an assignment, the anonymous object might be *built in place*, in which case
+the assignment does not involve any copying. Under certain circumstances, the anonymous
+object is required to be built in place. In particular:
+
+(35) Modify 7.6.1(13/3):
+"...If such an anonymous object is part of {the result of evaluating} the actual
+parameter expression for..."
+
!discussion
For (23), we copy the wording of 13.3(26.3/2).
+For (34), the commenter would have preferred wording closer to the Ada 2005 wording,
+something along the lines of:
+
+"For such an assignment, the result may be *built in place*, that is, directly in the
+target object and not by means of an anonymous object."
+
+Unfortunately, that's wrong with the model used by the Standard. The anonymous object
+always exists (even when built-in-place), it just is colocated with the target object and
+thus no copying is needed to assign it (this is called *mutation*). We had to adopt this
+(admittedly bizarre) model to deal with corner cases where it is possible to tell the
+differences between the target object and the anonymous object, which may have different
+types, tags, and finalization.
+
!corrigendum 3.2.4(0)
@@ -389,7 +475,93 @@
is performed exactly, without performing Overflow_Checks. For a static
expression that is evaluated:
+!corrigendum 6.1.1(0)
+
+@dinsc
+[A placeholder to cause a conflict; the real wording is found in the conflict
+file.]
+!corrigendum 7.3(15)
+
+@drepl
+A declaration of a partial view and the corresponding @fa<full_type_declaration> define
+two views of a single type. The declaration of a partial view together with the visible part
+define the operations that are available to outside program units; the declaration of the
+full view together with the private part define other operations whose direct use is possible
+only within the declarative region of the package itself. Moreover, within the scope of the
+declaration of the full view, the @i<characteristics> of the type are determined by the
+full view; in particular, within its scope, the full view determines the classes that include
+the type, which components, entries, and protected subprograms are visible, what attributes
+and other predefined operations are allowed, and whether the first subtype is static. See 7.3.1.
+@dby
+A declaration of a partial view and the corresponding @fa<full_type_declaration> define
+two views of a single type. The declaration of a partial view together with the visible part
+define the operations that are available to outside program units; the declaration of the
+full view together with the private part define other operations whose direct use is possible
+only within the declarative region of the package itself. Moreover, within the scope of the
+declaration of the full view, the characteristics (see 3.4) of the type
+are determined by the full view; in particular, within its scope, the full view determines
+the classes that include the type, which components, entries, and protected subprograms are
+visible, what attributes and other predefined operations are allowed, and whether the first
+subtype is static. See 7.3.1.
+
+!corrigendum 7.3.2(0)
+
+@dinsc
+[A placeholder to cause a conflict; the real wording is found in the conflict
+file.]
+
+!corrigendum 7.4(2)
+
+@drepl
+A @i<deferred constant declaration> is an @fa<object_declaration>
+with the reserved word @b<constant> but no initialization expression.
+The constant declared by a deferred constant declaration is called
+a @i<deferred constant>.
+A deferred constant declaration requires a completion,
+which shall be a full constant declaration
+(called the @i<full declaration> of the deferred constant),
+or a @fa<pragma> Import (see Annex B).
+@dby
+A @i<deferred constant declaration> is an @fa<object_declaration>
+with the reserved word @b<constant> but no initialization expression.
+The constant declared by a deferred constant declaration is called
+a @i<deferred constant>. Unless the Import aspect (see B.1) is True
+for a deferred constant declaration, the deferred constant declaration
+requires a completion, which shall be a full constant declaration
+(called the @i<full declaration> of the deferred constant).
+
+!corrigendum 7.6(17/2)
+
+@dinsa
+[A placeholder to cause a conflict; the real wording is found in the conflict
+file.]
+@dinst
+The real text is not here.
+
+!corrigendum 7.6.1(13/2)
+!AI-0066-1
+!AI-0142-4
+!AI-0269-1
+
+@drepl
+The master of an object is the master enclosing its creation whose
+accessibility level (see 3.10.2) is equal to that of the object.
+@dby
+The master of an object is the master enclosing its creation whose
+accessibility level (see 3.10.2) is equal to that of the object,
+except in the case of an anonymous object representing the result of
+an @fa<aggregate> or function call. If such an anonymous object
+is part of the result of evaluating the actual parameter expression for
+an explicitly aliased parameter of a function call, the master of the object is
+the innermost master enclosing the evaluation of the @fa<aggregate> or
+function call, excluding
+the @fa<aggregate> or function call itself. Otherwise, the master of such
+an anonymous object is the innermost master enclosing the evaluation of the
+@fa<aggregate> or function call, which may be the @fa<aggregate> or function
+call itself.
+
+
!corrigendum 13.3(65)
@ddel
@@ -644,6 +816,56 @@
between a given discriminated type and some C union. The aspect requires that the associated type shall
be given a representation that allocates no space for its discriminant(s).
+!corrigendum D.2.4(11/2)
+
+@drepl
+Since implementations are allowed to round all ceiling priorities in subrange System.Priority to
+System.Priority'Last (see D.3), an implementation may allow a task to execute within a protected object
+without raising its active priority provided the associated protected unit does not contain
+pragma Interrupt_Priority, Interrupt_Handler, or Attach_Handler.
+@dby
+Since implementations are allowed to round all ceiling priorities in subrange System.Priority to
+System.Priority'Last (see D.3), an implementation may allow a task of a partition using the
+Non_Premptive_FIFO_Within_Priorities policy to execute within a protected object
+without raising its active priority provided the associated protected unit does not contain
+any calls to Yield_To_Higher, any subprograms with Interrupt_Handler or Attach_Handler specified, nor
+does the unit have aspect Interrupt_Priority specified.
+
+!corrigendum D.10(10)
+
+@dinsa
+Program_Error is raised upon calling Suspend_Until_True if another task is already
+waiting on that suspension object. Suspend_Until_True is a potentially blocking
+operation (see 9.5.1).
+@dinst
+The procedure Suspend_Until_True_And_Set_Deadline blocks the calling task until
+the state of the object S is True; at that point the task becomes ready with a
+deadline of Ada.Real_Time.Clock + TS, and the state of the object becomes
+False. Program_Error is raised upon calling Suspend_Until_True_And_Set_Deadline
+if another task is already waiting on that suspension object.
+Suspend_Until_True_And_Set_Deadline is a potentially blocking operation.
+
+!corrigendum D.14(11/2)
+
+@drepl
+The @i<execution time> or CPU time of a given task is defined as the time spent
+by the system executing that task, including the time spent executing run-time or
+system services on its behalf. The mechanism used to measure execution time is
+implementation defined. It is implementation defined which task, if any, is
+charged the execution time that is consumed by interrupt handlers and run-time
+services on behalf of the system.
+@dby
+The @i<execution time> or CPU time of a given task is defined as the time spent
+by the system executing that task, including the time spent executing run-time
+or system services on its behalf. The mechanism used to measure execution time
+is implementation defined. The Boolean constant Interrupt_Clocks_Supported is
+set to True if the implementation separately accounts for the execution time
+of interrupt handlers. If it is set to False it is implementation defined which
+task, if any, is charged the execution time that is consumed by interrupt
+handlers. The Boolean constant Separate_Interrupt_Clocks_Supported is set to
+True if the implementation separately accounts for the execution time of
+individual interrupt handlers (see D.14.3).
+
!corrigendum D.16.1(0)
@dinsc
@@ -985,6 +1207,32 @@
The language-defined aspect Default_Storage_Pool may be {specified for a generic
instance; it defines} [used to define] the default pool for access types within
an instance.
+
+****************************************************************
+
+From: Randy Brukardt
+Sent: Saturday, February 3, 2012 12:35 AM
+
+7.3.2(14-15/3) says:
+
+Upon successful return from a call on any subprogram or entry that:
+*is explicitly declared within the immediate scope of type T (or by an instance of a
+generic unit, and the generic is declared within the immediate scope of type T), and
+
+Erhard points out (in a very convoluted way, unfortunately, I wasted 20 minutes
+writing an explanation before stumbling onto his point), that this means that
+implicitly declared subprograms, like inherited primitives, aren't covered by invariant
+checks "on the way back". And this means that 7.3.2(22/3) is a lie, which is surely
+not our intent.
+
+I can't find any reason for the "explicitly" in this bullet, so I've just deleted it,
+in which case the rules work and the note is true. But I worry that it was there for
+some good reason. If the reason was to avoid wrappers, well, we decided that we didn't
+want to do that (as evidenced by the 7.3.2(22/3) note), so then the word is just wrong.
+
+If there was any other reason, I can't figure it out, and I didn't find anything in the
+AIs to help. Anyone else remember? (Tucker in particular.) More generally, anyone know
+of a reason not to delete this stray "explicitly"?
****************************************************************
Questions? Ask the ACAA Technical Agent