Version 1.2 of ai12s/ai12-0432-1.txt
!standard 3.2.4(31/5) 21-05-28 AI12-0432-1/01
!standard 4.6(51.1/5)
!class Amendment 21-05-28
!status work item 21-05-28
!status received 21-05-28
!priority Low
!difficulty Easy
!subject View conversions of assignments and predicate checks
!summary
Exclude view conversions of targets of assignment_statements from predicate
checks.
[Editor's note: This was classified as an Amendment, since the previous AI that
created the 4.6 rule that is modified here, AI12-0333-1, was an Amendment. I'm
not sure why the previous AI was an Amendment (it would seem that we don't
want such checks in Ada 2012, either), but in the absence of a change to that
we can't have this one be a Binding Interpretation.]
!problem
We have decided that no predicate checks should be performed "on the way in"
for an OUT parameter. It seems the same should apply to a view conversion
applied to the LHS of a (tagged) assignment. If the specified subtype has a
predicate, the value being assigned should be checked that it satisfies the
predicate, but there seems no reason the prior value of the LHS should satisfy
the predicate. For example:
subtype Is_Boiling is Some_Tagged_Type with Is_Boiling.Temp_In_Celsius >= 100;
Is_Boiling(X) := (Temp_In_Celsius => 101, ...);
--
!proposal
(See Summary.)
!wording
Modify 3.2.4(31/5):
[Redundant: On a subtype conversion, a check is performed that the operand
satisfies the predicates of the target subtype, [unless it is a conversion
for] {except for certain view conversions applied to the target of an
assignment or} an actual parameter of mode out (see 4.6).] ...
[Editor's note: I'd prefer to simplify this more, as the important thing is
not to lie, rather than repeat rules defined elsewhere. I'd suggest:
On a subtype conversion, a check is performed that the operand
satisfies the predicates of the target subtype, except for certain view
conversions (see 4.6). ...
End Editor's note.]
Modify 4.6(51.1/5):
a view conversion that is {the target of an assignment statement and
is not referenced with a target_name, or} an actual parameter of
mode out; or
!discussion
A reference to a target via a target_name ('@') is a read of the object, and
it would be unusual if it didn't meet the predicate of its nominal subtype.
But there's no need for the object being written to meet the predicate (only
the source expression needs to do that).
!ASIS
No ASIS change.
!ACATS test
An ACATS C-Test is needed to make sure no check is made in this case, and that
the check is made on the source expression and on any target_names.
!appendix
From WG 9 review issue #113 (Tucker Taft)
We have decided that no predicate checks should be performed "on the way in"
for an OUT parameter. It seems the same should apply to a view conversion
applied to the LHS of a (tagged) assignment. If the specified subtype has a
predicate, the value being assigned should be checked that it satisfies the
predicate, but there seems no reason the prior value of the LHS should satisfy
the predicate. E.g.:
subtype Is_Boiling is Some_Tagged_Type with Is_Boiling.Temp_In_Celsius >= 100;
Is_Boiling(X) := (Temp_In_Celsius => 101, ...);
-- should be OK even if X.Temp_In_Celsius < 100 before the assignment.
I would suggest we alter 4.6(51.1/5) as follows:
a view conversion that is {the target of an assignment or} an actual
parameter of mode out; or
A similar fix is needed in 3.2.4(31/5):
[Redundant: On a subtype conversion, a check is performed that the operand
satisfies the predicates of the target subtype, unless it is a conversion
for {the target of an assignment or} an actual parameter of mode
out (see 4.6).] ...
---
We need to take references by "target_name" into account ('@'), which leads to
something like:
Modify 4.6(51.1/5):
a view conversion that is {the target of an assignment statement and
is not referenced with a target_name, or} an actual parameter of
mode out; or
It is painful to have to copy all of this into 3.2.4(31/5), so perhaps we could say:
[Redundant: On a subtype conversion, a check is performed that the operand
satisfies the predicates of the target subtype, [unless it is a conversion
for] {except for certain view conversions applied to the target of an
assignment or} an actual parameter of mode out (see 4.6).]
[Editor's comment:]
If we're going to simplify 3.2.4(31/5) anyway, why don't we go all the way and
just say "except for certain view conversions (see 4.6)"? The less text we
duplicate, the better, and this is already marked as redundant. We just don't
want this to be wrong (since Redundant markings aren't normative, so this text
is normative).
****************************************************************
Questions? Ask the ACAA Technical Agent