CVS difference for ais/ai-00279.txt

Differences between 1.4 and version 1.5
Log of other versions for file ais/ai-00279.txt

--- ais/ai-00279.txt	2002/04/26 20:15:17	1.4
+++ ais/ai-00279.txt	2002/06/12 00:36:45	1.5
@@ -1,4 +1,6 @@
-!standard  13.13.02 (34)                              01-12-21  AI95-00279/01
+!standard  13.13.02 (34)                              02-06-11  AI95-00279/02
+!standard  3.09 (12)
+!standard  13.13.02 (36/1)
 !class binding interpretation 01-12-21
 !status work item 01-12-21
 !status received 01-11-08
@@ -8,13 +10,17 @@
 !subject Tag read by T'Class'Input
 !summary
 
+If Ada.Tags.Internal_Tag is given a string identifying a type in the partition
+which never has been frozen, Tag_Error is raised.
+
 If the tag identified by T'Class'Input identifies a type:
    -- that is the tag of some type not covered by T'Class, Constraint_Error
       is raised;
    -- that is the tag of an abstract type, Constraint_Error is raised;
-   -- that is the tag of a type whose freezing point has not yet been
-      elaborated, a bounded error occurs - either the call works normally, or
-      Program_Error is raised.
+   -- that is the tag of a type which currently does not exist in the
+      partition, the program is erroneous. (This can only happen for local
+      tagged types; library level types either have been frozen or Tag_Error
+      is raised when reading the tag.)
 
 !question
 
@@ -35,8 +41,29 @@
 (See summary.)
 
 !wording
+
+Add to 3.9(12):
+
+Tag_Error is raised if the specific type identified has never been frozen in
+the partition.
+
+Add to 13.13.2(34):
+
+If the specific type identifed by the internal tag is not covered by T'Class
+or is abstract, Constraint_Error is raised.
+
+Add after 13.13.2(36/1):
+
+Erroneous Execution
+
+If the internal tag provided to T'Class'Input identifies a specific type that
+does not exist or has been elaborated but not frozen, execution is erroneous.
+
+AARM Note
 
-(See corrigendum.)
+The definition of Internal_Tag prevents such a tag from being provided to
+T'Class'Input. However, this is needed for nested tagged types and potentially
+for user-provided 'Tag_Read routines.
 
 !discussion
 
@@ -68,18 +95,61 @@
 choose to raise Constraint_Error to be similar to the previous case.
 
 If the tag dispatched on is for a type that has not yet been frozen, we could
-have an access-before-elaboration problem. If the approriate 'Input is
-user-defined, the body of the 'Input routine could not yet be frozen (as a body
-is a freezing point), so that any normal call to this routine should raise
-Program_Error. For the default implementation for 'Input, it is unclear whether
-the overhead of checking for access-before-elaboration is worthwhile. This
-overhead would be required on all uses of the Input attribute, in order to
-handle a very unlikely case. Therefore, we define this case to be a bounded
-error, requiring either the attribute to work as defined by the RM, or raising
-Program_Error. This allows implementations to only check for
-access-before-elaboration in default implementations of Input where there
-would might be a problem if the routine is called before the type is frozen.
+have an access-before-elaboration problem. Making a check in this case could
+be difficult. The type may be nested, or not even declared yet, so the normal
+solution of associated a Boolean value with the type does not work.
+
+Thus, the only practical solution is for the use of such a tag to be erroneous.
+This is a rather unfortunate case of erroneousness, however, since it requires
+a particular flow of control to occur. A perfectly safe subprogram can be
+called from elaboration code, and suddenly cause this erroneousness to occur.
+Thus, to insure that this does not occur would require either full program
+flow analysis, or completely avoiding T'Class'Input. Luckily, we can mitigate
+this problem.
+
+The problem is really that Internal_Tag is returning the tag for a type that
+is not frozen or does not currently exist. If Internal_Tag is implemented
+dynamically, this cannot happen (such a type must necessarily raise Tag_Error).
+However, if Internal_Tag is implemented statically (as allowed by the standard),
+this can happen.
+
+We can mandate that Internal_Tag behave as if tags are allocated dynamically.
+For a static implementation, this only requires a Boolean value associated with
+each tag; For Internal_Tag, if the value is False for the appropriate tag,
+Tag_Error is raised, otherwise the tag is returned. However, this approach
+runs into problem with nested tagged types, which may be elaborated by multiple
+tasks at the same time. In this case, a single Boolean does not work.
+
+However, nested tagged types are exceedingly rare. We do not lose much by not
+covering them. Therefore, we adopt the rule that Internal_Tag must raise
+Tag_Error if the string identifies a type that has never been frozen in the
+partition. This rule allows a single Boolean value to be used, and does not
+have any race conditions.
+
+With this rule, the erroneous case can only occur for nested tagged types (that
+is, a tagged type not declared at the library-level). For any library-level
+type, either the type has been frozen and exists normally, or Tag_Error is
+raised if the tag is prematurely read. This means that we can verify that a
+program does not contain T'Class'Input erroneousness simply by verifying that
+there are no nested tagged types (a virtual certainty).
+
+The wording for erroneous execution includes "does not exist" so that a type
+which existed earlier but now does not exist is covered. Such a type can only
+be a problem if it is derived from a type which now exists (presumably just
+below the call to T'Class'Input).
 
+!corrigendum 3.09(12)
+
+@drepl
+The function Internal_Tag returns the tag that corresponds to the given
+external tag, or raises Tag_Error if the given string is not the external tag
+for any specific type of the partition.
+@dby
+The function Internal_Tag returns the tag that corresponds to the given
+external tag, or raises Tag_Error if the given string is not the external tag
+for any specific type of the partition. Tag_Error is also raised if the
+specific type identified has never been frozen in the partition.
+
 !corrigendum 13.13.02(34)
 
 @drepl
@@ -93,13 +163,31 @@
 corresponding internal tag (by calling Tags.Internal_Tag(String'Input(@i<Stream>))
 -- see 3.9) and then dispatches to the subprogram denoted by the Input
 attribute of the specific type identified by the internal tag; returns that
-result.>
-[Note: I didn't provide wording, since I'm uncertain that I have the "correct"
-answer here. - ED]
+result. If the specific type identifed by the internal tag is not covered by
+T'Class or is abstract, Constraint_Error is raised.>
+
+!corrigendum 13.13.02(36/1)
+
+@dinsa
+The stream-oriented attributes may be specified for any type via an
+@fa<attribute_definition_clause>. All nonlimited types have default
+implementations for these operations. An @fa<attribute_reference> for one of
+these attributes is illegal if the type is limited, unless the attribute has
+been specified by an @fa<attribute_definition_clause> or (for a type
+extension) the attribute has been specified for an ancestor type. For an
+@fa<attribute_definition_clause> specifying one of these attributes, the
+subtype of the Item parameter shall be the base subtype if scalar, and the
+first subtype otherwise. The same rule applies to the result of the Input
+function.
+@dinst
+@i<@s8<Erroneous Execution>>
+
+If the internal tag provided to T'Class'Input identifies a specific type that
+does not exist or has been elaborated but not frozen, execution is erroneous.
 
 !ACATS test
 
-A C-Test could be written to test these cases.
+A C-Test should be written to test these cases (other than the erroneous case).
 
 !appendix
 

Questions? Ask the ACAA Technical Agent