CVS difference for ais/ai-00305.txt

Differences between 1.3 and version 1.4
Log of other versions for file ais/ai-00305.txt

--- ais/ai-00305.txt	2002/10/29 20:24:57	1.3
+++ ais/ai-00305.txt	2002/12/04 23:43:39	1.4
@@ -1,20 +1,20 @@
-!standard D.7 (10)                                   02-10-23  AI95-00305/03
+!standard D.7 (10)                                   02-12-03  AI95-00305/04
 !standard D.7 (15)
 !standard D.7 (19)
 !standard H.5 (01)
 !class amendment 02-07-17
 !status Amendment 200Y 02-10-23
-!status ARG approved 10-0-1  02-10-11
+!status ARG Approved 10-0-1  02-10-11
 !status work item 02-07-17
 !status received 02-07-17
 !priority High
 !difficulty Medium
-!subject New pragma and additional restriction identifiers for Real-Time Systems
+!subject New pragma and additional restriction identifiers for real-time systems
 
 !summary
 
-A new pragma and restrictions are proposed to enhance the ability to
-create highly-efficient and predictable tasking runtime systems.
+A new pragma and addition restriction identifiers are defined to enhance the
+ability to create highly efficient and predictable tasking runtime systems.
 
 !problem
 
@@ -41,57 +41,57 @@
 inserted after D.7(10):
 
 No_Calendar
-	There are no semantic dependencies on package Ada.Calendar.
+        There are no semantic dependencies on package Ada.Calendar.
 
 No_Dynamic_Attachment
-	There is no call to any of the operations defined in package
-	Ada.Interrupts (Is_Reserved, Is_Attached, Current_Handler,
-	Attach_Handler, Exchange_Handler, Detach_Handler, Reference).
+        There is no call to any of the operations defined in package
+        Ada.Interrupts (Is_Reserved, Is_Attached, Current_Handler,
+        Attach_Handler, Exchange_Handler, Detach_Handler, and Reference).
 
 No_Local_Protected_Objects
-	All protected objects are created via library-level declarations.
+        Protected objects shall be declared only at library level.
 
 No_Protected_Type_Allocators
-	There are no allocators for protected types or types containing
-	protected type components.
+        There are no allocators for protected types or types containing
+        protected type components.
 
 No_Relative_Delay
-	Delay_relative statements are not allowed.
+        There are no delay_relative_statements.
 
 No_Requeue_Statements
-	There are no requeue_statements.
+        There are no requeue_statements.
 
 No_Select_Statements
-	There are no select_statements.
+        There are no select_statements.
 
 No_Task_Attributes_Package
-	There are no semantic dependencies on package Ada.Task_Attributes.
+        There are no semantic dependencies on package Ada.Task_Attributes.
 
 Simple_Barriers
-	The Boolean expression in an entry barrier shall be either a
-	static Boolean expression or the value of a Boolean component
-	of the enclosing protected object.
+        The Boolean expression in an entry barrier shall be either a
+        static Boolean expression or a Boolean component of the enclosing
+        protected object.
 
 
-The following new dynamic restrictions_identifier is defined and
+The following new dynamic restriction_identifier is defined and
 replaces D.7(15/1):
 
 No_Task_Termination
-	All tasks are non-terminating. It is implementation-defined what
-	happens if a task attempts to terminate.
+        All tasks are non-terminating. It is implementation-defined what
+        happens if a task attempts to terminate.
 
 
-The following new dynamic restrictions_parameter_identifier is defined and
+The following new dynamic restriction_parameter_identifier is defined and
 inserted after D.7(19/1):
 
 Max_Entry_Queue_Length
-	Max_Entry_Queue_Length defines the maximum number of calls
-	that are queued on an entry. Violation of this restriction
-	results in the raising of Program_Error exception at the point
-	of the call.
+        Max_Entry_Queue_Length defines the maximum number of calls
+        that are queued on an entry. Violation of this restriction
+        results in the raising of Program_Error at the point
+        of the call.
 
 
-The following pragma is defined as a new subsection H.5:
+The following pragma is defined in a new subsection H.5:
 
 H.5 Pragma Detect_Blocking
 
@@ -107,36 +107,46 @@
 
 Dynamic Semantics
 An implementation is required to detect a potentially blocking
-operation within a protected operation, and to raise Program_Error
-(see 9.5.1).
+operation within a protected operation[, and to raise Program_Error
+(see 9.5.1)].
 
+Implementation Permissions
+An implementation is allowed to reject a compilation_unit if a potentially
+blocking operation is present directly within an entry_body or the body of a
+protected subprogram.
+
 Notes
 An operation that causes a task to be blocked within a foreign language
 domain is not defined to be potentially blocking, and need not be detected.
 
-!example
-
 !discussion
 
-a) The pragma No_Task_Hierarchy must impose the constraint that all tasks
-depend directly on the Environment task as a result of all task objects being
+The pragma No_Task_Hierarchy must impose the constraint that all tasks
+depend directly on the environment task as a result of all task objects being
 created by library level declarations. The restriction means that no support
 is needed for "masters" and "waiting for dependent tasks". This also matches
 the semantics for pragma No_Local_Protected_Objects.
 
-b) No_Protected_Type_Allocators matches the existing restriction
+No_Protected_Type_Allocators is similar to the existing restriction
 No_Task_Allocators.
 
-c) No_Delay in H.4 is too strong for the Ravenscar Profile since we want to
+No_Delay in H.4 is too strong for the Ravenscar Profile since we want to
 allow delay_until Ada.Real_Time.Time, but not relative delay (non-
 deterministic) nor package Ada.Calendar (too coarse).
 
-d) No_Select_Statements excludes selective_accept, timed and
+No_Select_Statements excludes selective_accept, timed and
 conditional (protected) entry calls, and asynchronous_select.
 
-e) Some restriction identifiers concerning tasking are actually defined in
-H.4. For reasons of minimum change it is not proposed to move them.
+Some restriction identifiers concerning tasking are actually defined in
+H.4. For reasons of minimum change we did not move them.
 
+When pragma Detect_Blocking is in force, we allow implementations to reject
+protected bodies that contain potentially blocking operations. Such a static
+check prevents problems from appearing in fielded systems from a potentially
+blocking operation which is rarely executed. We limit the check to protected
+bodies so that libraries which contain potentially blocking operations (such
+as a lock) which cannot be executed do not cause the program to be rejected.
+
 !ACATS test
 
 ACATS tests should be constructed for these features.
@@ -153,10 +163,10 @@
 @xhang<@xterm<No_Dynamic_Attachment>
 There is no call to any of the operations defined in package
 Ada.Interrupts (Is_Reserved, Is_Attached, Current_Handler,
-Attach_Handler, Exchange_Handler, Detach_Handler, Reference).>
+Attach_Handler, Exchange_Handler, Detach_Handler, and Reference).>
 
 @xhang<@xterm<No_Local_Protected_Objects>
-All protected objects are created via library-level declarations.>
+Protected objects shall be declared only at library level.>
 
 @xhang<@xterm<No_Protected_Type_Allocators>
 There are no allocators for protected types or types containing
@@ -175,9 +185,8 @@
 There are no semantic dependencies on package Ada.Task_Attributes.>
 
 @xhang<@xterm<Simple_Barriers>
-The Boolean expression in an entry barrier shall be either a
-static Boolean expression or the value of a Boolean component
-of the enclosing protected object.>
+The Boolean expression in an entry barrier shall be either a static Boolean
+expression or a Boolean component of the enclosing protected object.>
 
 !corrigendum D.7(15)
 
@@ -202,8 +211,7 @@
 @xhang<@xterm<Max_Entry_Queue_Length>
 Max_Entry_Queue_Length defines the maximum number of calls
 that are queued on an entry. Violation of this restriction
-results in the raising of Program_Error exception at the point
-of the call.>
+results in the raising of Program_Error at the point of the call.>
 
 !corrigendum H.5(1)
 
@@ -226,6 +234,12 @@
 An implementation is required to detect a potentially blocking
 operation within a protected operation, and to raise Program_Error
 (see 9.5.1).
+
+@i<@s8<Implementation Permissions>>
+
+An implementation is allowed to reject a @fa<compilation_unit> if a potentially
+blocking operation is present directly within an @fa<entry_body> or the body of
+a protected subprogram.
 
 @xindent<@i<@s8<NOTES>>@hr
 10 An operation that causes a task to be blocked within a foreign language

Questions? Ask the ACAA Technical Agent