From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: a07f3367d7,9cccd7364739aea1 X-Google-Attributes: gida07f3367d7,public,usenet X-Google-NewGroupId: yes X-Google-Language: ENGLISH,ASCII Path: g2news1.google.com!postnews.google.com!s21g2000prm.googlegroups.com!not-for-mail From: Adam Beneschan Newsgroups: comp.lang.ada Subject: Re: Passing the same actual as both in and out formal parameters? Date: Tue, 17 Nov 2009 08:26:47 -0800 (PST) Organization: http://groups.google.com Message-ID: <7dde1f20-1b53-4ccf-8344-a60c9f500130@s21g2000prm.googlegroups.com> References: <1fbe454c-52b0-408b-9159-982fc019a53c@j19g2000yqk.googlegroups.com> NNTP-Posting-Host: 66.126.103.122 Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: posting.google.com 1258475207 32421 127.0.0.1 (17 Nov 2009 16:26:47 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: Tue, 17 Nov 2009 16:26:47 +0000 (UTC) Complaints-To: groups-abuse@google.com Injection-Info: s21g2000prm.googlegroups.com; posting-host=66.126.103.122; posting-account=duW0ogkAAABjRdnxgLGXDfna0Gc6XqmQ User-Agent: G2/1.0 X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; WOW64; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.21022; .NET CLR 3.5.30729; .NET CLR 3.0.30618),gzip(gfe),gzip(gfe) Xref: g2news1.google.com comp.lang.ada:8130 Date: 2009-11-17T08:26:47-08:00 List-Id: On Nov 17, 1:50=A0am, Ludovic Brenta wrote: > Consider: > > =A0 =A0type T is tagged private; > =A0 =A0procedure P (A : in T; B : out T) is separate; > =A0 =A0Object : T; > begin > =A0 =A0P (A =3D> Object, B =3D> Object); > > This seems legal but I suspect the execution might lead to bugs if P > reads and writes components of A and B in arbitrary order, e.g. > > type T is tagged record > =A0 =A0L, M : Integer; > end record; > > procedure P (A : in T; B : out T) is > begin > =A0 =A0B.L :=3D A.M; -- does this change A.L too? > =A0 =A0B.M :=3D A.L; -- bug: A.L has been clobbered, now B.M =3D B.L? > end P; > > My concern stems from the fact that T is tagged (I cannot change > that), so Object is passed by reference as both A and B. > > Am I right to be concerned? As the others have pointed out, the answers to your questions are "yes", changing B.L does change A.L if the same object is passed as a parameter to both A and B. The semantics are well-defined. My concern would be whether optimization could change the order of the operations inside P in a way that affects the results if A and B are aliases for the same object; I don't know offhand whether this is allowable for parameters of by-reference types. I'd have to hunt through the RM to figure this out, unless someone already knows the answer. Whether this (the simpler problem, without optimization) is a concern or not depends on the situation. I've written procedures that are specifically designed to allow the same object to be passed as an IN and an OUT parameter. Of course, the body of the procedure has to be written carefully to allow for this. There's no way in Ada to enforce any of this; right now it's just mentioned in the comments in the package spec ("A and B may be the same object", or "A and B may not be the same object"), and the caller is expected to obey this, and the body is expected to perform correctly when they are the same object, if they are indeed allowed to be the same. I think AI05-191 is related to this. Offhand, it appears that if this AI is addressed, you could put an assertion somewhere (as a precondition of P, if AI05-145 is addressed) to ensure that P is never called with aliased (or overlapping) components, if that would be bad. -- Adam