Version 1.6 of ai05s/ai05-0168-1.txt
!standard D.10(5) 10-06-07 AI05-0168-1/05
!standard D.10(10)
!standard D.10(11)
!class Amendment 09-10-22
!status Amendment 2012 10-04-05
!status WG9 Approved 10-06-18
!status ARG Approved 11-0-0 10-02-26
!status work item 09-10-22
!status received 09-10-22
!priority Medium
!difficulty Easy
!subject Extended suspension objects
!summary
Ada 2005 includes EDF scheduling and the routine Delay_Until_
and_Set_Deadline. Similar functionality is added to be used with
synchronous task control.
!problem
In the definition of EDF scheduling it was recognised as
necessary to define a procedure that would allow a task
to delay until a specified time but then become runnable with
a different absolute deadline. Sporadic tasks that use suspension
objects to control dispatching do not have this facility.
!proposal
Add a child package to the current Synchronous Task Control package:
with Ada.Real_Time;
package Ada.Synchronous_Task_Control.EDF is
procedure Suspend_Until_True_And_Set_Deadline
(S : in out Suspension_Object;
TS : in Ada.Real_Time.Time_Span);
end Ada.Synchronous_Task_Control.EDF;
At the point a task becomes runnable again following a
call of Suspend_Until_True_And_Set_Deadline it is assigned
an absolute deadline of Ada.Real_Time.Clock + TS.
!wording
Add after D.10(5):
The following language-defined library package exists:
with Ada.Real_Time;
package Ada.Synchronous_Task_Control.EDF is
procedure Suspend_Until_True_And_Set_Deadline
(S : in out Suspension_Object;
TS : in Ada.Real_Time.Time_Span);
end Ada.Synchronous_Task_Control.EDF;
Add after D.10(10):
The procedure Suspend_Until_True_And_Set_Deadline blocks the calling task until
the state of the object S is True; at that point the task becomes ready with a
deadline of Ada.Real_Time.Clock + TS, and the state of the object becomes
False. Suspend_Until_True_And_Set_Deadline is a potentially blocking operation.
Add after D.10(11):
NOTE: More complex schemes, such as setting the deadline relative
to when Set_True is called, can be programmed using a protected
object.
!discussion
This AI was raised by an industrial user of 'low level' scheduling,
and was discussed and endorses by the 14th IRTAW. Details are
contained in the workshop paper: Providing Additional Real-Time
Capability and Flexibility for Ada 2005, by Rod White.
There is an issue as to what value the deadline should
be set if the object is already True at the time of the
call of Suspend_Until_True_And_Set_Deadline. Although there
is an argument that the new deadline should relate to the time
the object was set True, this was deemed to add too much
overhead to a 'light weight' mechanism. A more flexible protocol
can always be programmed using protected objects.
!example
A sporadic task that has a relative deadline of 50ms, and uses
synchronous task control would have the form:
with Ada.Synchronous_Task_Control;
with Ada.Synchronous_Task_Control.EDF;
with Ada.Real_Time;
...
SO : Suspension_Object;
...
task Sporadic;
task body Sporadic is
Interval : Ada.Real_Time.Time_Span := Ada.Real_Time.Milliseconds(50);
begin
Ada.Synchronous_Task_Control.Set_False(SO);
loop
Ada.Synchronous_Task_Control.EDF.
Suspend_Until_True_And_Set_Deadline(SO, Interval);
--
end loop;
end Sporadic;
the releasing task would call:
Ada.Synchronous_Task_Control.Set_True(SO);
!corrigendum D.10(5)
the new paragraph:
The type Suspension_Object is a by-reference type.
the new paragraphs:
The following language-defined library package exists:
with Ada.Real_Time;
package Ada.Synchronous_Task_Control.EDF is
procedure Suspend_Until_True_And_Set_Deadline
(S : in out Suspension_Object;
TS : in Ada.Real_Time.Time_Span);
end Ada.Synchronous_Task_Control.EDF;
!corrigendum D.10(10)
Insert after the paragraph:
Program_Error is raised upon calling Suspend_Until_True if another task is already
waiting on that suspension object. Suspend_Until_True is a potentially blocking
operation (see 9.5.1).
the new paragraph:
The procedure Suspend_Until_True_And_Set_Deadline blocks the calling task until
the state of the object S is True; at that point the task becomes ready with a
deadline of Ada.Real_Time.Clock + TS, and the state of the object becomes
False. Suspend_Until_True_And_Set_Deadline is a potentially blocking operation.
!corrigendum D.10(11)
Insert after the paragraph:
The implementation is required to allow the calling of Set_False and Set_True
during any protected action, even one that has its ceiling priority in the
Interrupt_Priority range.
the new paragraph:
NOTES
5 More complex schemes, such as setting the deadline relative to when Set_True
is called, can be programmed using a protected object.
!ACATS test
Add an ACATS C-Test of this package.
!appendix
From: Tucker Taft
Sent: Thursday, October 22, 2009 7:50 AM
For what it's worth, the SofCheck Ada RTS already has a
Suspend_Until_True_Or_Timeout operation on its internal version of
suspension objects, so providing that to the user version is pretty
trivial.
I'll admit I can't quite imagine what it means to "change the deadline"
on a suspension object, so I can't comment on the implementability of that.
****************************************************************
From: Alan Burns
Sent: Thursday, October 22, 2009 8:11 AM
With EDF you wont a task to run under the influence of one deadline until
suspended, but when you are woken up have another (later deadline) apply.
****************************************************************
From: Randy Brukardt
Sent: Monday, April 5, 2010 2:22 PM
A couple of unnoticed wording glitches in this AI:
The last paragraph of the new wording belongs in in the Dynamic Semantics
section after D.10(10). Right now, it occurs before the description of the
other subprograms defined in this clause, even though it follows them in the
Static Semantics.
It also needs the wording from D.10(10): Suspend_Until_True_and_Set_Deadline
needs to be a "potentially blocking operation" (it's defined to block).
I'll just make these changes unless anyone objects.
****************************************************************
Questions? Ask the ACAA Technical Agent