AI22-0061-1

!standard 11.4.2(23/2) 23-04-18 AI22-0061-1/03

!class binding interpretation 23-03-17

!status Corrigendum 1-2022 23-03-30

!status ARG Approved 12-0-0 23-03-30

!status work item 23-03-17

!status received 23-02-21

!priority Low

!difficulty Easy

!qualifier Omission

!subject Assertion policy for duplicated expressions

A declare expression may contain an Assert pragma (AI22-0045-1). If full conformance is required between two such expressions, then the assertion is enabled or disabled depending on the Assert assertion policy that is in effect at the place of the first of the two expressions.

If we have a pair of full-conformance-required expressions (for example, a default value for a formal parameter of a subprogram that has both a declaration and a body), then different assertion policies may be in effect at the places of the two expressions. If the expression contains an Assert pragma, then which assertion policy “wins”?. Similarly what if there are more than two copies of the expression, perhaps because a subprogram also has a subprogram_body_stub?

If we have two (or more) full-conformance-required copies of an expression, then the assertion policy that is in effect for the expression is the policy in effect at the place of the first of the copies. (Recall that there is always an assertion policy in effect for any place, even when no pragma applies to the place - see 11.4.2(10.4/3).)

Add after 11.4.2(23/2): [Dynamic Semantics]:

If two or more expressions are required to be fully conformant then only the assertion policy in effect at the place of the first of the expressions is considered in determining the dynamic semantics of evaluating the expression.

AARM Discussion: An example of where this rule can make a difference is two required-to-fully-conform declare_expressions which each include an Assert pragma. In this case, the Assert assertion policy that is in effect at the place of the second expression has no effect on the evaluation of the declare_expression.

An Assert pragma occurring within a declare_expression is the only known construct that can occur within an expression and that also has dynamic semantics which are impacted by the assertion policy that is in effect at the place of the construct. In any case where full conformance of two expressions is required, the assertion policy in effect at the place of the second expression is ignored.

The case of a default parameter of a formal subprogram having different assertion policies could look like the following:

**procedure **Example **is
**

(

**pragma** Assertion_Policy (Ignore);

**procedure** Proc (X : T :=

(**declare
pragma** Assert (...); **begin** ...)) **is
**

An executable test based on the example would be appropriate.