CVS difference for ais/ai-00366.txt
--- ais/ai-00366.txt 2004/10/05 22:49:19 1.10
+++ ais/ai-00366.txt 2004/11/09 02:31:39 1.11
@@ -1,4 +1,4 @@
-!standard 10.2.1(16) 04-09-28 AI95-00366/05
+!standard 10.2.1(16) 04-11-05 AI95-00366/06
!standard 3.2(6)
!standard 10.2.1(17)
!standard 10.2.1(18)
@@ -20,10 +20,11 @@
for which no storage pool is created. Furthermore, declarations in generic
formal parts do not affect the purity of units.
-Various places in the RM, notably the semantics of remote types and remote call
-interfaces in E.2.2 and E.2.3, are fixed to preserve their intended semantics,
-given the above change. For this purpose, we introduce the concept of types
-supporting external streaming in 13.13.2.
+Various places in the RM, notably the semantics of remote types and
+remote call interfaces in E.2.2 and E.2.3, are fixed to preserve their
+intended semantics, given the above change. For this purpose, we
+introduce the concept of types supporting external streaming in
+13.13.2.
A missing definition of the term "part of a type" is added in 3.2.
@@ -42,19 +43,16 @@
!proposal
-(For details, see wording.)
+Allowing access types in pure packages requires changes in the
+description of pragma Pure, and also of the remote type and remote
+interface semantics of the language to preserve the prohibition of a
+semantic dependence on access types that do not support external
+streaming.
-Allowing access types in pure packages requires changes in the description of
-the remote type and remote interface semantics of the language to preserve the
-prohibition of a semantic dependence on access types that do not support
-external streaming.
+(For details, see wording.)
!wording
-<<< for the purpose of discussing the AI, relevant paragraphs that I believe
- need no change are included here. E.2.3(11) requires some scrutiny.
- The final version of the AI should delete them. >>>
-
Replace 3.2(6):
The term subcomponent is used in this International
@@ -71,9 +69,10 @@
or a component of another subcomponent. Where other subcomponents are
excluded, the term component is used instead.
Similarly, a part of an object or value is used to mean the whole object or
- value, or any set of its subcomponents. The terms component, subcomponent and
- part are also applied to types meaning the component, subcomponent or part
- of objects and values of the type.
+ value, or any set of its subcomponents.
+ The terms component, subcomponent and part are also applied to a type
+ meaning the component, subcomponent or part of objects and values of
+ the type.
Note for Corrigendum: "component" is incorrectly italicised in 3.8(9).
@@ -142,12 +141,16 @@
partitions, with Write marshalling the representation, and Read
unmarshalling the representation.
- A type with a part that is of an access type supports external streaming
- only if that access type or the type of some part that includes the access
- type component, has user-defined Read and Write attributes. [An anonymous
- access type does not support external streaming.] A limited type supports
- external streaming only if it has available Read and Write attributes.
- All other types support external streaming.
+ A limited type supports external streaming only if it has available
+ Read and Write attributes. A type with a part that is of an access
+ type supports external streaming only if that access type or the type
+ of some part that includes the access type component, has available
+ Read and Write attributes. [An anonymous access type does not support
+ external streaming.] All other types support external streaming.
+
+Add after the above an AARM note:
+ A limited type with a part that is of an access type needs to satisfy
+ both rules.
Replace E.2.2(8):
if the full view of a type declared in the visible part of the library
@@ -188,22 +191,13 @@
The Storage_Pool attribute is not defined for a
remote access-to-class-wide type; the expected type for an allocator
- shall not be a remote access-to-class-wide type; a remote
+ shall not be a remote access-to-class-wide type. A remote
access-to-class-wide type shall not be an actual parameter for a
generic formal access type. The Storage_Size attribute of a remote
access-to-class-wide type yields 0; it is not allowed in an
attribute_definition_clause.
-Leave unchanged the Note E.2.2(18):
- 5 A remote types library unit need not be pure, and the types it defines
- may include levels of indirection implemented by using access types.
- User-specified Read and Write attributes (see 13.13.2) provide for
- sending values of such a type between active partitions, with
- Write marshalling the representation, and Read unmarshalling any levels
- of indirection.
-
-
Change E.2.3(14.1) from
* it shall not be, nor shall its visible part contain, a subprogram
@@ -214,21 +208,26 @@
to
* it shall not be, nor shall its visible part contain, a subprogram (or
- access-to-subprogram) declaration whose profile has [an access parameter]
- or a parameter of a type that does not support external streaming;
-
-
-Leave E.2.3(11/1+11.a) unchanged:
- its visible part shall not contain the declaration of a
- limited type;
+ access-to-subprogram) declaration whose profile has [an access
+ parameter or] a parameter of a type that does not support external
+ streaming;
+Replace AARM E.2.3(11.a)
Reason: We disallow the declaration of task and protected types, since
- calling an entry or a protected subprogram implicitly passes an object of a
- limited type (the target task or protected object). We disallow other
- limited types since we require that such types have user-defined Read
- and Write attributes, but we certainly don't want the Read and Write
- attributes themselves to involve remote calls (thereby defeating their
- purpose of marshalling the value for remote calls).
+ calling an entry or a protected subprogram implicitly passes an object
+ of a limited type (the target task or protected object). We disallow
+ other limited types since we require that such types have user-defined
+ Read and Write attributes, but we certainly don't want the Read and
+ Write attributes themselves to involve remote calls (thereby defeating
+ their purpose of marshalling the value for remote calls).
+by
+ Reason: We disallow the declaration of task and protected types, since
+ calling an entry or a protected subprogram implicitly passes an object
+ of a limited type (the target task or protected object). We disallow
+ other limited types since we require that such types have available
+ Read and Write attributes, but we certainly don't want the Read and
+ Write attributes themselves to involve remote calls (thereby defeating
+ their purpose of marshalling the value for remote calls).
!discussion
@@ -236,19 +235,14 @@
Pure implies that a unit has no state. Access-to-object types are
associated with storage pools, which constitute state. However,
access-to-subprogram types have no such implications. Hence they
-should not be excluded. A corresponding correction of 10.2.1(16) would
-read:
-A pure library_item is a preelaborable library_item that does not
-contain the declaration of any variable or named access-to-object type,
-except within a subprogram, generic subprogram, task unit, or protected
-unit.
+should not be excluded.
Beyond access-to-subprogram types, some packages have a need for an
access-to-object type, without a need for a storage pool for the
-type, however. Setting the Storage_size of the type to zero implies
+type, however. Setting the Storage_Size of the type to zero implies
that no storage pool (and hence no state) needs to be created. The
wording is intentionally formulated to allow for easy static checking
-whether the storage size is zero.
+whether the Storage_Size is zero.
Declarations in generic formal parts do not establish state and hence
should be added to the enumerated exclusions of the restriction on the
@@ -274,6 +268,10 @@
term throughout Section E wherever user-defined Read and Write attributes
are required.
+To avoid privacy issues, we add a rule that ensures that all types
+declared in the visible part of Pure units (on which Remote Types or
+Remote Call Invocation units may depend) support streaming.
+
!example
--!corrigendum
@@ -281,7 +279,8 @@
!ACATS test
An ACATS test checking that such types are allowed in Pure units should be
-constructed.
+constructed. An ACATS B-Test checking that a unit with a private access part
+and no streaming operations is reject should be constructed.
!appendix
Questions? Ask the ACAA Technical Agent