From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,INVALID_MSGID, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,3ccb707f4c91a5f2 X-Google-Attributes: gid103376,public From: "Norman H. Cohen" Subject: Re: Java vs Ada 95 (Was Re: Once again, Ada absent from DoD SBIR solicitation) Date: 1996/11/18 Message-ID: <3290915C.57B7@watson.ibm.com>#1/1 X-Deja-AN: 197307953 references: <325BC3B3.41C6@hso.link.com> <55gkch$gg6@fozzie.sun3.iaf.nl> <1996Nov4.072757.1@eisner> <56kt98$6at@fozzie.sun3.iaf.nl> content-type: text/plain; charset=us-ascii organization: IBM Thomas J. Watson Research Center mime-version: 1.0 reply-to: ncohen@watson.ibm.com newsgroups: comp.lang.ada x-mailer: Mozilla 3.0 (Win95; I) Date: 1996-11-18T00:00:00+00:00 List-Id: Robert Dewar wrote: > You cannot assume anything about the bodies of standard units that is > not specified in the reference manual. The question here focuses on > whether RM A.3 applies to implicit calls to finalize, and what exactly > "perform as specified" means for these implicit calls, given that no > specification for finalize is given. > > I think it is a real reach to say that RM A.3 forbids the reference count > approach, but it is certainaly discussable. ... > By the way, here is A.e for easy reference: > > Implementation Requirements > > 3 The implementation shall ensure that each language defined subprogram is > reentrant in the sense that concurrent calls on the same subprogram perform > as specified, so long as all parameters that could be passed by reference > denote nonoverlapping objects. > > oops, thats A.3 not A.e Robert means A(3), i.e., the third paragraph of RM Annex A, not A.3 (the third subsection of Annex A). I agree with Bob Duff that an implementation of Unbounded_String is incorrect if it can trigger implicit calls on Finalize that cause execution to become erroneous. I agree with Robert Dewar that this can't be inferred from a literal reading of A(3), but I think it is the clear intent of A(3) that the overall behavior of a type in a predefined package--not just the behavior of its subprograms--should be task-safe. The wording of A(3) needs to be strengthened. (The intent can be inferred, for example, from paragraph A(3.c) of the Annotated Ada Reference Manual. The AARM is not a part of the standard, but is an indication of what the authors of the standard were thinking. This paragraph says: Ramification: The rule implies that any data local to the private part or body of the package has to be somehow protected against simultaneous access. This isn't exactly the case of a reference count, which resides in individual objects of the data type provided by the package rather than in variables declared inside the private part or body of the package, but similar issues apply. In particular, the AARM asserts that protection against simultaneous access is necessary regardless of whether this access arises directly from an invocation of one of the package's explicit subprograms.) -- Norman H. Cohen mailto:ncohen@watson.ibm.com http://www.research.ibm.com/people/n/ncohen +-----------------------------------------------------------------------+ | Message found at the bottom of my Netscape window: | | | | Connect: Host godot.watson.ibm.com contacted. Waiting for reply... | +-----------------------------------------------------------------------+