Use of Unchecked_Deallocation and pragma Controlled

Use of Unchecked_Deallocation and pragma Controlled

[Mark Lorenzen]

When Unchecked_Deallocation is used to reclaim the storage claimed by
an object, the pragma Controlled must be use to prevent automatic
reclamation (ie. "garbage collection") of storage which would otherwise result
in "double deallocation" of the object.

Example:

type Access_T is access T;
Pragma Controlled (Access_T);

procedure Free is new Ada.Unchecked_Deallocation(T, Access_T);

begin
  A : Access_T := new T;
  B : Access_T := A;

  ...

  Free(T);    -- OK, reclaim the storage.
end;          -- OK only if pragma Controlled has been applied.
              -- Otherwise B could be reclaimed by garbage collection,
              -- resulting in double deallocation of A.

Question: Do you guys actually use pragma Controlled even if no
current Ada compiler generates code with garbage collection?

Regards,
- Mark Lorenzen

Re: Use of Unchecked_Deallocation and pragma Controlled

[David Botton]

On 2004-11-24 18:47:59 -0500, Mark Lorenzen <mark.lorenzen@ofir.dk> said:

> When Unchecked_Deallocation is used to reclaim the storage claimed by
> an object, the pragma Controlled must be use to prevent automatic
> reclamation (ie. "garbage collection") of storage which would otherwise result
> in "double deallocation" of the object.

Never used it, not used or practical in most cases. Not sure if jGNAT 
or A# even support it where garbage collection actually exists.

David Botton

Re: Use of Unchecked_Deallocation and pragma Controlled

[Simon Wright]

Mark Lorenzen <mark.lorenzen@ofir.dk> writes:

> When Unchecked_Deallocation is used to reclaim the storage claimed
> by an object, the pragma Controlled must be use to prevent automatic
> reclamation (ie. "garbage collection") of storage which would
> otherwise result in "double deallocation" of the object.
> 
> Example:
> 
> type Access_T is access T;
> Pragma Controlled (Access_T);
> 
> procedure Free is new Ada.Unchecked_Deallocation(T, Access_T);
> 
> begin
>   A : Access_T := new T;
>   B : Access_T := A;
> 
>   ...
> 
>   Free(T);    -- OK, reclaim the storage.
> end;          -- OK only if pragma Controlled has been applied.
>               -- Otherwise B could be reclaimed by garbage collection,
>               -- resulting in double deallocation of A.
> 
> Question: Do you guys actually use pragma Controlled even if no
> current Ada compiler generates code with garbage collection?

I don't believe there are any Ada compilers (other than those targeted
to a JVM) that do garbage collection.

But even if there were, it seems to me it would be a pretty crappy
implementation that didn't notice you doing the Free and remember
somehow not to collect the garbage. I rather suspect it wouldn't pass
ACATS either. I wouldn't buy it.

On the other hand, the AARM
<http://www.adaic.org/standards/95aarm/html/AA-13-11-3.html> goes into
a lot of detail about it, so perhaps I'm just confused .. thank
heavens the compiler I'm using doesn't do it! One less thing to worry
about.

-- 
Simon Wright                               100% Ada, no bugs.

Re: Use of Unchecked_Deallocation and pragma Controlled

[Nick Roberts]

"Simon Wright" <simon@pushface.org> wrote in message 
news:x7v3byyzbqb.fsf@smaug.pushface.org...

> I don't believe there are any Ada compilers (other than those targeted
> to a JVM) that do garbage collection.

I gather this is true. I intend to make ECLAT support full GC, but (as is 
often pointed out) it may be a while before ECLAT comes to life.

> But even if there were, it seems to me it would be a pretty crappy
> implementation that didn't notice you doing the Free and remember
> somehow not to collect the garbage. I rather suspect it wouldn't pass
> ACATS either. I wouldn't buy it.

I think this is also true. AARM95A 7.6 (4a):

Ramification: As explained in 3.10.2, the set of objects with the same 
accessibility level as that of the master includes objects declared 
immediately within the master, objects declared in nested packages, objects 
created by allocators (if the ultimate ancestor access type is declared in 
one of those places) and subcomponents of all of these things. If an object 
was already finalized by Unchecked_Deallocation, then it is not finalized 
again when the master is left.

> On the other hand, the AARM
> <http://www.adaic.org/standards/95aarm/html/AA-13-11-3.html> goes into
> a lot of detail about it, so perhaps I'm just confused .. thank
> heavens the compiler I'm using doesn't do it! One less thing to worry
> about.

Well, I believe an implementation that provides GC (by default) should 
provide a mechanism (e.g. a pragma) to turn it off. I guess this is 
impossible for a JVM targetted compiler (but that's one of my objections to 
Java and the JVM).

But I'd also point out that built-in full GC will give you one less thing to 
worry about if your program: executes (or might execute) for extended 
periods of time; performs (or might perform) dynamic allocation of objects 
that will, in time, become unreachable (unused); must be reliable, 
especially in not running out of memory unnecessarily. I suggest that a few 
Ada programs, in practice, will be like this (consider AWS, for example).

-- 
Nick Roberts