From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,3ccb707f4c91a5f2
X-Google-Attributes: gid103376,public
From: dewar@merv.cs.nyu.edu (Robert Dewar)
Subject: Re: Java vs Ada 95 (Was Re: Once again,
 Ada absent from DoD SBIR solicitation)
Date: 1996/11/17
Message-ID: <dewar.848239512@merv>#1/1
X-Deja-AN: 197039338
references: <325BC3B3.41C6@hso.link.com>
 <EACHUS.96Nov1103759@spectre.mitre.org>  <E07Dwq.5L@world.std.com>
 <55gkch$gg6@fozzie.sun3.iaf.nl>  <E0B6CL.84r@world.std.com>
 <dewar.847053681@merv>  <1996Nov4.072757.1@eisner>
 <EACHUS.96Nov4182340@spectre.mitre.org> <dewar.848026322@merv>
 <56kt98$6at@fozzie.sun3.iaf.nl>
organization: New York University
newsgroups: comp.lang.ada
Date: 1996-11-17T00:00:00+00:00
List-Id: <comp.lang.ada>


Geert says

"It is a suprise, because the user of the Unbounded_String package
would not expect that the package body contains code that may lead to
erroneous execution.

A correct and efficient implementation of the Unbounded_String package
is easy if the system provides Test_And_Increment and
Decrement_And_Test, where the Test tests wether the value is zero.
Both of these primitives can be implemented easily using Test_And_Set."

Robert replies

You cannot assume anything about the bodies of standard units that is
not specified in the reference manual. The question here focuses on
whether RM A.3 applies to implicit calls to finalize, and what exactly
"perform as specified" means for these implicit calls, given that no
specification for finalize is given.

I think it is a real reach to say that RM A.3 forbids the reference count
approach, but it is certainaly discussable.

Note that Geert's claim about test and set is wrong, or at least wrong if
you claim to implemnt Annex D. Simple minded use of test and set can
lead to priority inversions of a type forbidden by Annex D, so I would
say that using test and set in the body of unbounded strings in an
implementation that claims to support annex D is a much clearer violation
of the RM, which has nothing to do with erroneous execution. It just has
to do with choosing an impermissible implementation strategy (test and
set) that does not conform to Ada semantics.

By the way, here is A.e for easy reference:

                         Implementation Requirements

3   The implementation shall ensure that each language defined subprogram is
reentrant in the sense that concurrent calls on the same subprogram perform
as specified, so long as all parameters that could be passed by reference
denote nonoverlapping objects.

oops, thats A.3 not A.e