Version 1.3 of ai12s/ai12-0117-1.txt

Unformatted version of ai12s/ai12-0117-1.txt version 1.3
Other versions for file ai12s/ai12-0117-1.txt

!standard D.7(10.8/3)          14-11-17 AI12-0117-1/03
!class binding interpretation 14-10-19
!status Corrigendum 2015 14-11-17
!status ARG Approved 7-0-1 14-10-19
!status promising 9-0-0 14-06-28
!status work item 14-06-19
!status received 14-06-19
!priority Low
!difficulty Easy
!subject Restriction No_Tasks_Unassigned_To_CPU
!summary
Add restriction No_Tasks_Unassigned_To_CPU to provide safe use of Ravenscar.
!question
The Ravenscar Profile on multiprocessors requires that all tasks are assigned to CPUs. In order to do this safely, we need a new restriction to be defined to ensure that every task is assigned to a known, particular CPU.
We need to know the CPU of each task so that it is possible to analyze the scheduling of each task, since each CPU has a separate ready queue. This means that two tasks assigned to the same CPU will behave differently than the same two tasks assigned to different CPUs.
Should we define such a restriction? (Yes.)
!recommendation
(See Summary.)
!wording
This AI assumes that AI12-0055-1 has been adopted.
Add a new restriction after D.7(10.8/3):
No_Tasks_Unassigned_To_CPU
The CPU aspect is specified for the environment task. No CPU aspect is specified to be statically equal to Not_A_Specific_CPU. If aspect CPU is specified (dynamically) to the value Not_A_Specific_CPU, then Program_Error is raised. If Set_CPU or Delay_Until_And_Set_CPU are called with the CPU parameter equal to Not_A_Specific_CPU, then Program_Error is raised.
AARM Ramification: If this restriction is used in a context for which restriction No_Dynamic_CPU_Assignment is in effect, then no runtime check is needed when specifying the CPU aspect. If the restriction is used with the Ravenscar profile, no runtime checks are needed.
!discussion
We add a new restriction:
No_Tasks_Unassigned_To_CPU
to signify that (1) no task is assigned a CPU value of Not_A_Specific_CPU, and (2) the environment task has a CPU specified.
This ensures that all tasks are assigned to a known, particular CPU. (If a task does not have a specified CPU, it will run on the CPU of the task that activated it -- that is the standard semantics for CPU assignment. Thus we only have to ensure that the environment task has a specified CPU and that no task is explicitly assigned Not_A_Specific_CPU.)
The purpose of this restriction is to ensure that there is no implementation-defined assignment of CPUs; that ensures that the scheduling of tasks can be analyzed.
!corrigendum D.7(10.8/3)
Insert after the paragraph:
No_Specific_Termination_Handlers
There is no use of a name denoting the Set_Specific_Handler and Specific_Handler subprograms in Task_Termination.
the new paragraph:
No_Tasks_Unassigned_To_CPU
The CPU aspect is specified for the environment task. No CPU aspect is specified to be statically equal to Not_A_Specific_CPU. If aspect CPU is specified (dynamically) to the value Not_A_Specific_CPU, then Program_Error is raised. If Set_CPU or Delay_Until_And_Set_CPU are called with the CPU parameter equal to Not_A_Specific_CPU, then Program_Error is raised.
!ASIS
No ASIS impact.
!ACATS test
An ACATS B-Test and C-Test is needed to verify that the restriction is implemented as specified.
!appendix

****************************************************************


Questions? Ask the ACAA Technical Agent