From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!feeder.eternal-september.org!gandalf.srv.welterde.de!news.jacob-sparre.dk!franka.jacob-sparre.dk!pnx.dk!.POSTED.rrsoftware.com!not-for-mail
From: "Randy Brukardt" <randy@rrsoftware.com>
Newsgroups: comp.lang.ada
Subject: Re: Reference counter in smart pointers are not updated properly when
 used by multiple tasks
Date: Thu, 1 Feb 2018 18:09:37 -0600
Organization: JSA Research & Innovation
Message-ID: <p50a81$o5v$1@franka.jacob-sparre.dk>
References: <a89d76e4-a2b2-4ad9-8816-f3bfe9686930@googlegroups.com>
 <p4v9b8$8o1$1@dont-email.me>
Injection-Date: Fri, 2 Feb 2018 00:09:37 -0000 (UTC)
Injection-Info: franka.jacob-sparre.dk;
 posting-host="rrsoftware.com:24.196.82.226";
	logging-data="24767"; mail-complaints-to="news@jacob-sparre.dk"
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.5931
X-RFC2646: Format=Flowed; Response
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.7246
Xref: reader02.eternal-september.org comp.lang.ada:50270
Date: 2018-02-01T18:09:37-06:00
List-Id: <comp.lang.ada>

"Jeffrey R. Carter" <spam.jrcarter.not@spam.not.acm.org> wrote in message 
news:p4v9b8$8o1$1@dont-email.me...
> The referenced code has a library-level generic package 
> Orka.Smart_Pointers with the public declaration
>
> type Free_Ptr is not null access procedure (Value : in out Object_Type);
>
> The body of the generic pkg has
>
>    procedure Set
>      (Object : in out Abstract_Pointer;
>       Value  : Object_Type;
>       Free   : not null access procedure (Value : in out Object_Type))
>    is
>       Procedure_Free : constant Free_Ptr := Free;

This is illegal. An anonymous access-to-subprogram has "infinite" 
accessibility, so it cannot be assigned to any other kind of 
access-to-subprogram type. The entire idea is that such parameters don't 
live longer than the call that created them.

GNAT allows doing this with the distinctly non-Standard 
'Unrestricted_Access, so it probably can actually execute it, but that would 
not be the case for other Ada compilers.

If the parameter Free had type Free_Ptr, then this would work.

...
> Set's parameter Free is an anonymous access-to-subprogram parameter; one 
> is not supposed to be able to assign those and call them later, but that 
> is exactly what this code does. Is this code legal? GNAT compiles it fine. 
> If it is legal, should it be?

It's definitely not legal.

                    Randy.