Re: Ada 2005 puzzle

[Adam Beneschan <adam@irvine.com>]

On Thursday, July 12, 2012 5:54:08 AM UTC-7, Dmitry A. Kazakov wrote:
> Here is a simplified case illustrating an issue with constructing functions
> and limited aggregates:
> 
> -------------------------------------------- package P
> with Ada.Finalization;
> package P is
>    type T (<>) is new Ada.Finalization.Limited_Controlled with private;
>    function Create return T;
> private
>    type T is new Ada.Finalization.Limited_Controlled with null record;
> end P;
> - - - - - - - - - - - - - - - - - - - - - - - - 
> package body P is
>    function Create return T is
>    begin
>       return (Ada.Finalization.Limited_Controlled with null record);
>    end Create;
> end P;
> -------------------------------------------- package Q
> with P;  use P;
> package Q is
>    type S is abstract new T with null record;
>    type R is new S with null record;
>    overriding function Create return R;
> end Q;
> - - - - - - - - - - - - - - - - - - - - - - - - 
> package body Q is
>    function Create return R is
>    begin
>       return (T'(Create) with null record); -- Error!
>    end Create;
> end Q;
> 
> Is there a way to implement Create (without compromising the package P)?

Well, there seem to be a couple bogus things about your example: (1) your extension aggregate in Q doesn't have any additional components, and (2) the title of your post is "Ada 2005 puzzle".  I'm guessing that the error is supposed to refer to 4.3.2(5.1ff), which puts some restrictions on when the ancestor part of an extension aggregate can be a function call whose return subtype is an unconstrained subtype.  (T is unconstrained because it is declared with (<>).)  However, those restrictions only apply only if the rest of the aggregate needs at least one component (and yours doesn't).  Furthermore, the restrictions were added in Ada 2012, so this shouldn't have been illegal in Ada 2005 even if there were another component.  So I think there's a compiler bug.  I can't find another reason why the above example would be illegal.

However, if you were to make R (or S) a type extension with at least one new component, rather than a null extension, there would be a problem.  This was made illegal because in the private part of P, you *could* define T like this:

   type T (D : Positive) is new Ada.Finalization.Limited_Controlled with record
       Name : String (1 .. D);
   end record;

and now the size of T would depend on the discriminant.  Since the extension aggregate has to be built in place (no copying allowed, since this is a limited type), this means that the caller (in Q) has to reserve an unknown amount of space for the ancestor part of the aggregate before it calls P.Create to fill in that space.  Or something like that.  I haven't really studied all the details of the problem, but it does appear that there's a major implementation difficulty.  See 

http://www.ada-auth.org/cgi-bin/cvsweb.cgi/ai05s/ai05-0067-1.txt?rev=1.18

for a discussion of the problem.  (Yes, I know that it isn't a problem in your case because the full definition of T doesn't have discriminants.  But the language rules about what's legal and what isn't aren't supposed to depend on private parts that aren't visible.)

I'm guessing that if you really want this to work in a case where T has a varying size, it's just asking too much.  It's not feasible to implement, apparently.  However, if you want to declare T with unknown discriminants in the visible part, but the intent is that the full declaration of T has a fixed size, then perhaps this could be solved with a language change that lets you put a "Fixed_Size" aspect on the first declaration of T.  That would make it illegal for the full declaration of T to contain anything that would make its size variable, and it could mean that the rule in 4.3.2(5.1ff) wouldn't have to apply.   If this is a real issue (and not simply a hypothetical one), then maybe ARG would be open to a proposed change like this.  

Hope this helps, but please keep in mind that I don't fully understand the issues involved because I haven't studied them carefully.

                             -- Adam