Version 1.2 of ai05s/ai05-0272-1.txt

Unformatted version of ai05s/ai05-0272-1.txt version 1.2
Other versions for file ai05s/ai05-0272-1.txt

!standard 13.12.1(6/2) 11-12-20 AI05-0272-1/02
!standard 13.12.1(7/2)
!standard 2.8(10)
!standard H.4(24)
!class Amendment 11-11-13
!status Amendment 2012 11-11-13
!status ARG Approved 7-0-0 11-11-13
!status work item 11-11-13
!status received 11-09-11
!priority Low
!difficulty Easy
!subject Pragma and Attribute restrictions

!summary

Two new restrictions are defined:

pragma Restrictions(No_Use_Of_Attribute => <attribute-identifier>); pragma Restrictions(No_Use_Of_Pragma => <pragma-identifier>);

!problem

Restrictions can be useful, but it is burdensome to create distinct restrictions for every attribute or pragma that might want to be restricted. Would it make sense to define general restrictions, analogous to No_Dependence and No_Specification_Of_Aspect, which allow individual attributes or pragmas to be restricted?

!proposal

(See wording.)

!wording

Modify 2.8(10):

“...is an identifier {or reserved word} that is used...”

Add after 13.12.1(6/2):

No_Use_Of_Attribute

Identifies an attribute for which no attribute_reference or attribute_definition_clause is given.

No_Use_Of_Pragma

Identifies a pragma which is not to be used.

Add after 13.12.1(7/2):

The restriction_parameter_argument of a No_Use_Of_Attribute restriction shall be an identifier or one of the reserved words Access, Delta, Digits, Mod, or Range.

The restriction_parameter_argument of a No_Use_Of_Pragma restriction shall be an identifier or the reserved word Interface.

AARM note:

Ramification: The restriction_parameter_argument is not resolved for these Restrictions. As for No_Dependence, there is no check that the attribute or pragma identifier is meaningful; it might refer to an implementation-defined attribute or pragma on one implementation, but nothing at all on another implementation. Of course, a good implementation will warn if the identifier is unknown to it.

AARM To Be Honest:

pragma Restrictions (No_Use_of_Pragma => Restrictions); necessarily will be rejected (either at compile-time or link-time) because it applies to itself.

Modify H.4(24/3):

"...No_Unchecked_Access, {No_Specification_of_Aspect, No_Use_of_Attribute, No_Use_of_Pragma,} and..."

!discussion

Note that No_Use_Of_Attribute and No_Use_Of_Pragma can be used for both language-defined and implementation-defined attributes and pragmas.

!example

pragma Restrictions(No_Use_Of_Attribute => Unrestricted_Access);

pragma Restrictions(No_Use_Of_Pragma => Import);

!corrigendum 2.8(10)

Replace the paragraph:

An identifier specific to a pragma is an identifier that is used in a pragma argument with special meaning for that pragma.

by:

An identifier specific to a pragma is an identifier or reserved word that is used in a pragma argument with special meaning for that pragma.

!corrigendum 13.12.1(6/2)

Insert after the paragraph:

No_Dependence: Specifies a library unit on which there are no semantic dependences.

the new paragraph:

No_Specification_of_Aspect: Identifies an aspect for which no aspect_specification, attribute_definition_clause, or pragma is given.

No_Use_Of_Attribute: Identifies an attribute for which no attribute_reference or attribute_definition_clause is given.

No_Use_Of_Pragma: Identifies a pragma which is not to be used.

!corrigendum 13.12.1(7/2)

Insert after the paragraph:

The restriction_parameter_argument of a No_Dependence restriction shall be a name; the name shall have the form of a full expanded name of a library unit, but need not denote a unit present in the environment.

the new paragraph:

The restriction_parameter_argument of a No_Specification_of_Aspect restriction shall be an identifier; this is an identifier specific to a pragma (see 2.8) and does not denote any declaration.

The restriction_parameter_argument of a No_Use_Of_Attribute restriction shall be an identifier or one of the reserved words Access, Delta, Digits, Mod, or Range; this is an identifier specific to a pragma.

The restriction_parameter_argument of a No_Use_Of_Pragma restriction shall be an identifier or the reserved word Interface; this is an identifier specific to a pragma.

!corrigendum H.4(24)

Replace the paragraph:

If an implementation supports pragma Restrictions for a particular argument, then except for the restrictions No_Unchecked_Deallocation, No_Unchecked_Conversion, No_Access_Subprograms, and No_Unchecked_Access, the associated restriction applies to the run-time system.

by:

If an implementation supports pragma Restrictions for a particular argument, then except for the restrictions No_Unchecked_Deallocation, No_Unchecked_Conversion, No_Access_Subprograms, No_Unchecked_Access, No_Specification_of_Aspect, No_Use_of_Attribute, No_Use_of_Pragma, and the equivalent use of No_Dependence, the associated restriction applies to the run-time system.

!ACATS Test

ACATS L-Tests should be created to check that these restrictions work, preferably in different units from the pragma.

!ASIS

No ASIS effect (Restrictions are not handled specially by ASIS).

!appendix


From: Robert Dewar
Sent: Sunday, September 11, 2011  9:29 AM

I am thinking of implementing restrictions No_Use_Of_Attribute and No_Use_Of_Pragma
(analogous to the newly defined No_Specification_Of_Aspect), since it seems quite useful
to be able to enforce coding restrictions that disallow certain pragmas and attributes.

Thoughts? Are these the right names?

Of course I know that we can do this anyway, but it seems worth getting ARG input in case
there is agreement that this makes sense, for possible inclusion in the standard later.

****************************************************************

Questions? Ask the ACAA Technical Agent