From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,
	REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: 103376,1888e8caa20a2f2d
X-Google-Attributes: gid103376,public
X-Google-Language: ENGLISH,ASCII-7-bit
Path: 
 g2news1.google.com!news3.google.com!border1.nntp.dca.giganews.com!nntp.giganews.com!newsfeed00.sul.t-online.de!newsfeed01.sul.t-online.de!t-online.de!newsfeed.arcor.de!news.arcor.de!not-for-mail
From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: Controlled types and exception safety
Newsgroups: comp.lang.ada
User-Agent: 40tude_Dialog/2.0.14.1
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Reply-To: mailbox@dmitry-kazakov.de
Organization: cbb software GmbH
References: <wccoe3zs43b.fsf@shell01.TheWorld.com>
 <8sKdnXNeIZMxIg3eRVn-ig@comcast.com> <dn3jvn$fdg$1@sunnews.cern.ch>
 <3trncoj4t0va.19bs46zhm4xbe.dlg@40tude.net>
 <2Rklf.171$n1.114@newsread2.news.pas.earthlink.net>
Date: Tue, 6 Dec 2005 21:43:40 +0100
Message-ID: <1ugz5ky1m9mby$.8c8ipmbl0l99$.dlg@40tude.net>
NNTP-Posting-Date: 06 Dec 2005 21:43:33 MET
NNTP-Posting-Host: cf780112.newsread4.arcor-online.net
X-Trace: 
 DXC=>Ui01Q?m:HBVg>C^g8i1FI:ejgIfPPldDjW\KbG]kaMHFYk:AnJB[CMBI5eS1fH4QH[6LHn;2LCVN[<mhadbfdUKbGVf^5o624J
X-Complaints-To: usenet-abuse@arcor.de
Xref: g2news1.google.com comp.lang.ada:6755
Date: 2005-12-06T21:43:33+01:00
List-Id: <comp.lang.ada>

On Tue, 06 Dec 2005 18:34:38 GMT, Jeffrey R. Carter wrote:

> Dmitry A. Kazakov wrote:
> 
>> generic
>>    type Object is limited private;
>>    with procedure Deep_Copy (Left : in out Object; Right : Object) is <>;
>> package Container is
>>    ...
>> end Container;
>> -------------------------------
>> with Container;
>> generic
>>    type Object is private;
>> package Specialized_Container is
>>    procedure Deep_Copy (Left : in out Object; Right : Object);
>>    pragma Inline (Deep_Copy);
>>    package Copying_By_Assignment is new Container (Object);   
>> end Specialized_Container;
>> -------------------------------
>> package body Specialized_Container is
>>    procedure Deep_Copy (Left : in out Object; Right Object) is
>>    begin
>>       Left := Right;
>>    end Deep_Copy;
>> end Specialized_Container;
> 
> There's a gotcha in here. Suppose we have
> 
> subtype S is Integer range 3 .. 4;
> 
> and we instantiate
> 
> package S_Container is new Specialized_Container (Object => S);
> 
> Now suppose that Container has something like
> 
> procedure Op (Item : in Object) is
>     X : Object;
> begin -- Op
>     Deep_Copy (Left => X, Right => Item);
>     ...
> end Op;
> 
> This is actually quite likely for a container, except X will be a component of 
> the structure.
> 
> For scalars, there is a check on "in" and "in out" parameters that the actual 
> value is of the subtype; Constraint_Error is raised if it is not. The check is 
> likely to fail in this case; X probably is not in 3 .. 4.
>
> So, for Container to work correctly for all possible actual types, the 
> assignment procedure must have Left be mode "out". Now the uninitialized actual 
> for Left is not checked on entry to the procedure, and it works correctly for 
> scalars. For composite types, there is a whole collection of situations in which 
> "out" really means "in out", so the user can still write a meaningful procedure 
> that can inspect the contents of Left.

Good point.

> Personally, I would have preferred
> 
> procedure R'Assign (To : in out R; From : in R);
> 
> for any record type R. This can be redefined by the user:
> 
> for R'Assign use My_Assignment_Procedure;
> 
> I have seen objections to this approach, but none that aren't handled by one of 
> the following rules:
> 
> * Within the body of a procedure used to implement 'Assign, ":=" refers to the 
> predefined, bitwise copy assignment.
> 
> or
> 
> * There exists a procedure
> 
> R'Bitwise_Copy (To : in out R; From : in R);

I think that a more general approach could be to have some naming
convention for the base type. When a type is composed by some predefined
operation like type ... is record I wished to have a name of the subtype
that still has all predefined operations. Maybe this name should be only
visible in the private part of the unit.

> that cannot be redefined by the user and is the default procedure for R'Assign. 
> 'Bitwise_Copy can be called explicitly inside a procedure used to implement 
> 'Assign to invoke default assignment.

But what about the following problems / issues:

1. How will it work with indefinite types?

2. Safe inheritance by derived types and composition out of assignments of
the components.

3. Dispatching on the arguments.

4. Interplay of assignments of class-wide and specific objects.

5. When initialization is construction and when it is assignment. How much
freedom should the compiler have to choose?

6. How should interact "functional" and "procedural" assignments? Let I
override it as a procedure. Then derive and override now as a function?

> Perhaps I'm missing something, but in any case, it's an elephant.

Yes.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de