Version 1.2 of ais/ai-00356.txt
!standard D.03 (00) 03-09-27 AI95-00356/01
!class amendment 03-09-27
!status work item 03-09-27
!status received 03-09-27
!subject Support for Preemption Level Locking Policy
A new locking policy is defined that is more general than ceiling
locking (but which is equivalent to ceiling locking when priority
based dispatching is used).
For many scheduling schemes, including for example EDF (Earliest
Deadline First), the most effective locking policy for protected
objects is one known as the Stack Resource Policy. This was defined
by Baker in 1991  and has the advantage that is does not enforce the
same policy on task dispatching and PO locking; but it does lead to
effective implementation of POs. Moreover when priority dispatching
is used the SRP policy is the same as ceiling locking.
Preemption-Level locking (which is the more general term for this
protocol) requires all tasks and POs (that use the policy) to
define a preemption-level. A POs preemption-level must not be
lower than the preemption-level of any tasks that uses the PO.
To integrate preemption-level locking with ceiling locking we propose that
preemption levels are only used with Priority_Specific dispatching
and hence only apply to tasks and POs that have identical priority/
ceiling-priority. Hence the scheme is one of preemption-levels
Add to System:
subtype Preemption_Level is Integer range implementation-defined
Default_Preemption_Level is constant Preemption_Level :=
(Premption_Level'First + Preemption_Level'Last)/2;
Define new policy_identifier for Locking_Policy:
If Locking_Policy is Preemption_Level_Within_Ceiling_Locking
then Dispatching_Policy must be Priority_Specific.
Add new pragma
The expected type of the expression is a Preemption_Level.
A new static rule:
Anywhere that Ceiling_Locking is required, Preemption_Level_Within_
Ceiling_Locking is acceptable.
All the rules for Ceiling_Locking apply, with the addition:
When a task calls a protected operation with a priority equal to
the ceiling of the corresponding protected object a check is made
that the preemption_level of the task is not higher than that of
the corresponding protected object; Program_Error is raised if
this check fails.
The NOTE, D.3(18) is wrong. This is only true if FIFO_Within_Priority
is the dispatching policy; but Ceiling_Locking does not require
FIFO_Within_Priority. Although FIFO_Within_Priority does require
This locking policy enables other dispatching policies to be defined.
See for example the AI-00357 on EDF scheduling. Only static preemption
levels are defined although a more dynamic scheme that allows
these levels to be set dynamically would be possible.
Tests should be created to check on the implementation of this feature.
 Baker, T.P., Stack-Based Scheduling of Real-Time Processes,
Journal of Real-Time, Vol 3, No 1, pp67-99, March 1991.
Questions? Ask the ACAA Technical Agent