CVS difference for ai12s/ai12-0422-1.txt

Differences between 1.1 and version 1.2
Log of other versions for file ai12s/ai12-0422-1.txt

--- ai12s/ai12-0422-1.txt	2021/01/15 07:18:07	1.1
+++ ai12s/ai12-0422-1.txt	2021/01/15 07:18:39	1.2
@@ -1,16 +1,30 @@
-!standard 5.5.2(2/3)                                  15-06-03  AI12-0161-1/01
-!standard 5.5.2(5/4)
-!standard 5.5.2(7/3)
-!class Amendment 15-06-03
-!status work item 15-06-03
-!status received 15-03-20
+!standard 3.3(13/3)                                  21-01-14  AI12-0422-1/01
+!standard 6.1.1(22.1/5)
+!standard 6.1.2(10/5)
+!class Amendment 21-01-14
+!status work item 21-01-14
+!status received 21-01-14
 !priority Low
 !difficulty Easy
-!subject 
+!subject When is a constant known-on-entry?
 !summary
 
+The notion of "known to have no variable views" is defined, and used in
+several rules.
+
 !problem
 
+There are two issues with 6.1.1(22.1/5).
+
+First, this rule about a constant "for which all views are constant"
+and references 3.3. Is the definition in 3.3 right? It seems to
+suggest that an object "for which all views are constant" can have
+a controlled subcomponent, which is wrong.
+
+Second, even if that was correct, it seems to require breaking privacy to
+check this rule. If a component has a private type, and the full type has
+a controlled component, then certainly But this definition is eventually used
+in a Legality Rule, so breaking privacy should be a last resort.
 
 !proposal
 
@@ -18,19 +32,85 @@
 
 !wording
 
+Add after 3.3(13/3):
 
+   AARM Ramification: If some part has a variable view, then the object as a
+   whole has a variable view, and not all views of the object are constant.
+   That's true even if only a subcomponent has a variable view.
+
+Also add after 3.3(13/3):
+
+   A constant object is /known to have no variable views if it does not have
+   a part being immutably limited, or of a controlled type, private type, or
+   private extension.
+
+   AARM Reason: This definition can be used in Legality Rules as it respects
+   privacy. It is an assume-the-worst rule, as all private types and
+   private extensions are assumed to have a controlled component.
+
+Modify 6.1.1(22.1/5):
+
+* a name statically denoting a full constant declaration [of a type for
+  which all views are constant]{which is known to have no variable 
+  views} (see 3.3);
+
+Modify 6.1.2(10/5):
+
+The Global aspect identifies the set of variables (which, for the purposes 
+of this clause includes all constants {except those which are known to have
+no variable views (see 3.3)}[with some part being immutably limited, or of a 
+controlled type, private type, or private extension]) that are global to a
+callable entity or task body, and that are read or updated as part of the 
+execution of the callable entity or task body. If specified for a protected
+unit, it refers to all of the protected operations of the protected unit. 
+Constants of any type may also be mentioned in a Global aspect.
+
 !discussion
 
+** Temporary discussion **
+
+This issue was raised in Steve Baird's AARM review. We ran out of time to
+resolve it before the agenda deadline.
+
+Steve had noted that 6.1.2(10/5) includes a list of items rather than depending
+upon 3.3(13/3). Specifically:
+
+  "...includes all constants with some part being immutably limited, or of a 
+  controlled type, private type, or private extension ..."
+
+He wondered why the difference. Randy explained that the reason is that this 
+list avoids breaking privacy for a Legality Rule by looking into private 
+types.
+
+But the 6.1.1(22.1/5) definition ultimately is used in a Legality Rule. So it
+appears these should be the same.
+
+Randy suggested just giving an AARM Ramification to help read 3.3(13/3):
+
+   AARM Ramification: If some part has a variable view, then the object as a
+   whole has a variable view, and not all views of the object are constant.
+   That's true even if only a subcomponent has a variable view.
+
+But this does not address the privacy problem, and probably 3.3(13/3) would be
+better reworded in any case.
+
+Tucker suggested using "all parts are known to have all views constant". Randy
+thinks that needs some definition or a lengthy explanatory note.
+
+Randy then created this AI from his fertile imagination. He has no illusions
+that anyone else agrees with it. He's expecting someone to complain about the
+double negative (which he has carefully hidden in the wording).
+
 !ASIS
 
-[Not sure. It seems like some new capabilities might be needed,
-but I didn't check - Editor.]
+No ASIS Effect.
 
 !ACATS test
-
-ACATS B- and C-Tests are needed to check that the new capabilities are
-supported.
 
+No separate ACATS tests ought to be needed. One could imagine a B-Test that
+uses a constant array with a component of a private type as the prefix of
+'Old and checks that a dynamic index is not allowed. But this seems rather
+low value as it is rather unlikely.
 
 !appendix
 

Questions? Ask the ACAA Technical Agent