CVS difference for ais/ai-00237.txt

--- ais/ai-00237.txt	2000/12/07 04:35:35	1.6
+++ ais/ai-00237.txt	2000/12/08 00:03:42	1.7
@@ -1,4 +1,4 @@
-!standard C.07.02  (17)                               00-06-01  AI95-00237/02
+!standard C.07.02  (17)                               00-12-07  AI95-00237/03
 !class binding interpretation 00-05-31
 !status work item 00-06-01
 !status received 00-05-16
@@ -41,8 +41,12 @@
 
 Add the following after C.7.2(29):
    After a task terminates, an implementation may finalize all attributes of
-   the task, and reclaim any other storage associated with the attributes.
+   the task (instead of when the master of the instantiation is finalized), and
+   reclaim any other storage associated with the attributes.
 
+Add "finalization of a task attribute" to C.7.1(17).
+
+
 !discussion
 
 Although it is not clear from the RM, it is not possible in general for a
@@ -72,17 +76,40 @@
 
 Therefore, we convert this rule to an implementation permission, allowing
 finalization at any point after a task terminates. We leave it as an
-implementation permission (rather than deleting it outright) for two reasons:
-   * So that existing implementation need not changed;
+implementation permission (rather than deleting it outright) for three reasons:
+   * So that existing implementation needs not changed;
+   * So that storage can be recovered when a task terminates. For long-running
+     applications which dynamically create tasks, this storage can be
+     significant;
    * So that attributes can be implemented as a property of a task (say, as
      space in a task control block [TCB]). In order to support that, we have
      to be able to finalize attributes when task data structures are freed.
 
+An implementation taking advantage of this permission must insure that only
+a single task finalizes the attributes. (It is possible for a task to terminate
+at the same time that the master containing the instantation is left. It must
+never be the case that both tasks finalize the attributes.)
+
 It is important that attributes are not finalized before task termination,
 because they can be accessed until T'Terminated becomes True. We do not want
 to be able to access finalized task attributes.
 
+Since we do not define which task finalizes the attributes (or even if it is
+a real task), we make the use of Current_Task in the Finalize routine of a
+task attribute a bounded error.
+
 
+!corrigendum  C.7.1(17)
+
+@drepl
+It is a bounded error to call the Current_Task function from an entry
+body or an interrupt handler. Program_Error is raised, or an
+implementation-defined value of the type Task_ID is returned.
+@dby
+It is a bounded error to call the Current_Task function from an entry
+body, interrupt handler, or finalization of a task attribute. Program_Error is
+raised, or an implementation-defined value of the type Task_ID is returned.
+
 !corrigendum  C.7.2(13)
 
 @dinsa
@@ -107,7 +134,8 @@
 storage size allocated for all attributes of a task.
 @dinst
 After a task terminates, an implementation may finalize all attributes of
-the task, and reclaim any other storage associated with the attributes.
+the task (instead of when the master of the instantiation is finalized), and
+reclaim any other storage associated with the attributes.
 
 !ACATS test
 
@@ -1995,6 +2023,25 @@
 You are correct here. I meant to fix that; I changed the wording of the
 permission to "After the task terminates, ...". I'm not sure that reads well,
 but it was easy. :-)
+
+*************************************************************
+
+From: Randy Brukardt (Editor)
+
+The following points were raised at the November 2000 ARG meeting:
+
+  It is possible to have a memory leak if you don't finalize attribute when
+  the task is terminated.
+
+  It is possible that the instantiation to go away at the same time that a task
+  is going away. Thus, two threads could try to finalize the same object at the
+  time. An implementation must prevent this.
+
+  The current task is undefined in the finalization (it might be a terminated
+  task).
+
+These points were added to the discussion, and the use oc Current_Task during
+the finalization of a task attribute was made into a bounded error.
 
 *************************************************************