CVS difference for ai12s/ai12-0422-1.txt

Differences between 1.2 and version 1.3
Log of other versions for file ai12s/ai12-0422-1.txt

--- ai12s/ai12-0422-1.txt	2021/01/15 07:18:39	1.2
+++ ai12s/ai12-0422-1.txt	2021/01/19 07:03:07	1.3
@@ -1,4 +1,4 @@
-!standard 3.3(13/3)                                  21-01-14  AI12-0422-1/01
+!standard 3.3(13/3)                                  21-01-15  AI12-0422-1/02
 !standard 6.1.1(22.1/5)
 !standard 6.1.2(10/5)
 !class Amendment 21-01-14
@@ -16,15 +16,17 @@
 
 There are two issues with 6.1.1(22.1/5).
 
-First, this rule about a constant "for which all views are constant"
-and references 3.3. Is the definition in 3.3 right? It seems to
+First, this rule is about a constant "for which all views are constant"
+and then references 3.3. Is the definition in 3.3 right? It seems to
 suggest that an object "for which all views are constant" can have
 a controlled subcomponent, which is wrong.
 
 Second, even if that was correct, it seems to require breaking privacy to
 check this rule. If a component has a private type, and the full type has
-a controlled component, then certainly But this definition is eventually used
-in a Legality Rule, so breaking privacy should be a last resort.
+a controlled component, then certainly a variable view of a part of the 
+object exists. That is what we're trying to fix. But this definition is 
+eventually used in a Legality Rule, so breaking privacy should be a last
+resort.
 
 !proposal
 
@@ -34,14 +36,14 @@
 
 Add after 3.3(13/3):
 
-   AARM Ramification: If some part has a variable view, then the object as a
-   whole has a variable view, and not all views of the object are constant.
-   That's true even if only a subcomponent has a variable view.
+   AARM Ramification: If some part of an object has a variable view, then 
+   the object as a whole has a variable view, and not all views of the object
+   are constant. That's true even if only a subcomponent has a variable view.
 
 Also add after 3.3(13/3):
 
-   A constant object is /known to have no variable views if it does not have
-   a part being immutably limited, or of a controlled type, private type, or
+   A constant object is /known to have no variable views/ if it does not have
+   a part that is immutably limited, or of a controlled type, private type, or
    private extension.
 
    AARM Reason: This definition can be used in Legality Rules as it respects
@@ -67,6 +69,21 @@
 
 !discussion
 
+We do not try to prevent the possible misreading of 3.3(13/3) noted in the
+question. Rather, we add an AARM note to clarify the meaning when a
+subcomponent may have a variable view.
+
+If we did not either assume-the-worst or look into private types, we could
+have a "constant" whose value changes during a period of interest. A value
+which could be changed cannot be "known on entry", and it needs to be covered
+by a Global aspect.
+
+It seemed best to add a term to describe the "assume-the-worst" list of
+items that potentially could have a variable view of a part of a constant
+object. Repeating that list in each rule just makes it more likely to make
+a mistake, and it will simplify writing any similar rules in the future.
+
+
 ** Temporary discussion **
 
 This issue was raised in Steve Baird's AARM review. We ran out of time to
@@ -95,7 +112,8 @@
 better reworded in any case.
 
 Tucker suggested using "all parts are known to have all views constant". Randy
-thinks that needs some definition or a lengthy explanatory note.
+thinks that needs some definition or a lengthy explanatory note. And it seems
+backwards for the privacy issue.
 
 Randy then created this AI from his fertile imagination. He has no illusions
 that anyone else agrees with it. He's expecting someone to complain about the

Questions? Ask the ACAA Technical Agent