CVS difference for ai12s/ai12-0042-1.txt

Differences between 1.12 and version 1.13
Log of other versions for file ai12s/ai12-0042-1.txt

--- ai12s/ai12-0042-1.txt	2014/02/06 02:48:25	1.12
+++ ai12s/ai12-0042-1.txt	2014/06/23 23:23:56	1.13
@@ -1,4 +1,4 @@
-!standard 7.3.2(6/3)                                 13-12-11    AI12-0042-1/08
+!standard 7.3.2(6/3)                                 14-06-23    AI12-0042-1/09
 !standard 7.3.2(17/3)
 !standard 7.3.2(18/3)
 !standard 7.3.2(19/3)
@@ -10,7 +10,7 @@
 !status received 12-04-09
 !priority Medium
 !difficulty Medium
-!subject Type invariants inherited by nonprivate extensions
+!subject Type invariant checking rules
 !summary
 
 If a class-wide invariant applies to an ancestor, then
@@ -32,6 +32,15 @@
 
 !wording
 
+Add before 7.3.2(6/3):
+
+  [AARM: Language Design Principle -- we require overriding (or
+   abstractness) in the case of inherited subprograms that have different
+   contracts (this includes pre/post-conditions as well as type_invariants)
+   than the "original" ancestor subprogram. We don't want an
+   implicitly-declared inherited subprogram that performs checks that were
+   not performed by the original subprogram.]
+
 Add after 7.3.2(6/3):
 
   If a private extension occurs at a point where a private operation of
@@ -46,30 +55,46 @@
 
       * is declared within the immediate scope of type T (or by an
         instance of a generic unit, and the generic is declared within the
-        immediate scope of type T), and
+        immediate scope of type T), [and]
 
      [* is visible outside the immediate scope of type T or overrides an
         operation that is visible outside the immediate scope of T, and]
 
-      * has a result with a part of type T, or one or more parameters
-        with a part of type T, or an access to variable parameter whose
-        designated type has a part of type T[.]{,}
+     {* and either:}
 
+        {*} has a result with a part of type T, or
+        {*  has} one or more {OUT or IN OUT} parameters with a
+            part of type T, or
+        {*  has} an access{-to-object}[ to variable]
+            parameter whose designated type has a part of type T[.]{, or}
+        {*  is a procedure or entry that has an IN parameter with a
+            part of type T,}
+
      {* and either:
 
-        * T is a private type or a private extension and the subprogram
-          or entry is visible outside the immediate scope of type T or
-          overrides an inherited operation that is visible outside the
-          immediate scope of T, or
-
-        * T is a record extension and the subprogram or entry is a primitive
-          operation that corresponds to a visible operation of a private
-          or private extension ancestor to which the same (class-wide)
-          invariant applies.}
+        * T is a private type or a private extension, and the subprogram
+           or entry is visible outside the immediate scope of type T or
+           overrides an inherited operation that is visible outside the
+           immediate scope of T, or
+
+        * T is a record extension, and the subprogram or entry is a primitive
+           operation visible outside the immediate scope of type T or
+           overrides an inherited operation that is visible outside the
+           immediate scope of T.}
+
+Add after 7.2.3 (20/3)
+  * For a view conversion to a class-wide type occurring
+    within the immediate scope of T, from a specific type that is
+    a descendant of T (including T itself), a check is performed
+    on the part of the object that is of type T.
+
+    [AARM Reason: Class-wide objects are treated as though they exist outside
+     the scope of every type, and may be passed across package "borders" freely
+     without further invariant checks.]
 
 !discussion
 
-This AI addresses two issues:
+This AI addresses three issues:
 
     1) If a private extension inherits from some ancestor both a
        Type_Invariant'Class and a private operation, then we've
@@ -105,6 +130,9 @@
        of a parent type. But a derived type never overrides operations
        of its parent type - instead, it may override implicitly-declared
        operations that were inherited from the parent type.
+
+   3)  Class-wide objects, which could represent a hole in the checking
+       mechanism.
 
 We considered the more general issue of invariants that apply to record
 extensions. This can happen two ways. One is a Type_Invariant'Class inherited

Questions? Ask the ACAA Technical Agent