Re: Passing the same actual as both in and out formal parameters?

[Niklas Holsti <niklas.holsti@tidorum.invalid>]

Ludovic Brenta wrote:
> Consider:
> 
>    type T is tagged private;
>    procedure P (A : in T; B : out T) is separate;
>    Object : T;
> begin
>    P (A => Object, B => Object);
> 
> This seems legal but I suspect the execution might lead to bugs if P
> reads and writes components of A and B in arbitrary order, e.g.

I think this situation is defined in RM 6.2(12) where A and B are 
defined as "distinct access paths" to the same object. It is a bounded 
error if the parameter passing mechanism is not specified, but (by 
default) should work as expected when the parameters are passed by 
reference.

> type T is tagged record
>    L, M : Integer;
> end record;
> 
> procedure P (A : in T; B : out T) is
> begin
>    B.L := A.M; -- does this change A.L too?

Yes, as far as I understand RM 6.2(12).

>    B.M := A.L; -- bug: A.L has been clobbered, now B.M = B.L?

I believe so.

> end P;
> 
> My concern stems from the fact that T is tagged (I cannot change
> that), so Object is passed by reference as both A and B.
> 
> Am I right to be concerned?

Yes, if you expect A to be immutable during the execution of P.

There is a Note to RM 6.2(12), which is 6.2(13): "A formal parameter of 
mode in is a constant view (see 3.3); it cannot be updated within the 
subprogram body". But I think this means only that the "in" mode access 
path to this object cannot be used to update it. It does not mean that 
the value of the object cannot change at all, due to assignments from 
other access paths.

If P is mean to return B as A with L and M swapped, you should use an 
aggregate assignment, B := (L => A.M, M => A.L).

-- 
Niklas Holsti
Tidorum Ltd
niklas holsti tidorum fi
       .      @       .