CVS difference for ais/ai-00394.txt
--- ais/ai-00394.txt 2005/01/28 19:02:17 1.1
+++ ais/ai-00394.txt 2005/03/01 22:12:32 1.2
@@ -1,7 +1,14 @@
-!standard 04.06(12) 05-01-20 AI95-00394/01
-!standard 04.06(39)
-!standard 04.06(24)
+!standard D.07(09) 05-02-16 AI95-00394/02
+!standard D.07(10)
+!standard D.07(15)
+!standard D.13.1(01)
+!standard H.4(2)
+!standard H.4(9)
+!standard H.4(16)
+!standard J.13(1)
!class amendment 05-01-20
+!status Amendment 200Y 05-02-25
+!status ARG Approved 9-0-1 05-02-13
!status work item 05-01-20
!status received 05-01-20
!priority High
@@ -26,7 +33,7 @@
To complete the definition of Ravenscar it is necessary to restrict the
use of the following new features:
-1. Timers
+1. CPU Timers
2. Group Timers
3. Specific handlers for task termination.
@@ -49,44 +56,46 @@
(See wording.)
-Also remove entries in AI-305 for No_Calendar and No_Task_Attributes_Package.
-Ignore AI-353.
-
!wording
+
+Delete D.7(9), (the original) D.7(10), H.4(9), and H.4(16).
-Delete D.7(9), D.7 (10), H.4 (9), H.4 (16), H.4 (20).
+Delete No_Calendar and No_Task_Attributes_Package from the wording changes of
+AI-305.
+AI-353 should be dropped from the Amendment.
+
Add new Section in Annex J:
+
+J.13 Dependence Restrictions Identifiers
-J.10 Restrictions Identifiers
+The following restrictions involve dependence on specific language-defined
+units. The more general No_Dependence restriction should be used for this
+purpose.
Static Semantics
The following restrictions_identifiers exist:
-No_Dynamic_Priorities
- There are no semantic dependences on package Dynamic_Priorities.
-
-
No_Asynchronous_Control
There are no semantic dependences on package Asynchronous_Task_Control.
-
-No_Unchecked_Deallocation
- Semantic dependence on Unchecked_Deallocation is not allowed.
-
+No_Dynamic_Priorities
+ There are no semantic dependences on package Dynamic_Priorities.
No_Unchecked_Conversion
Semantic dependence on the predefined generic Unchecked_Conversion is
not allowed.
+No_Unchecked_Deallocation
+ Semantic dependence on Unchecked_Deallocation is not allowed.
-No_IO
- Semantic dependence on any of the library units Sequential_IO, Direct_IO,
- Text_IO, Wide_Text_IO, or Stream_IO is not allowed.
+Add the following to the end of H.4(2):
+The following uses of restriction identifier No_Dependence apply in this
+Annex: No_Dependence => Ada.Unchecked_Deallocation and No_Dependence => Ada.Unchecked_Conversion.
Add the following new static restriction_identifier after D.7(10):
@@ -96,15 +105,13 @@
Set_Specific_Handler and Specific_Handler.
-
Modify the definition of restriction_identifier in AI-305 to the following:
No_Task_Termination
All tasks are non-terminating. It is implementation-defined what
happens if a task attempts to terminate. If there is a fall-back
- handler set for the partition it should be called when the first task
- attempts to terminate.
-
+ handler (see C.7.3) set for the partition it should be called when
+ the first task attempts to terminate.
The static semantic section of the Ravenscar profile definition
@@ -112,8 +119,7 @@
Static Semantics
-A profile is equivalent to the set of configuration pragmas that is
-defined for each profile_identifier. The profile_identifier Ravenscar
+The run-time profile Ravenscar
is equivalent to the following set of pragmas:
pragma Task_Dispatching_Policy (FIFO_Within_Priorities);
@@ -123,16 +129,7 @@
pragma Detect_Blocking;
pragma Restrictions (
- Max_Entry_Queue_Length => 1,
- Max_Protected_Entries => 1,
- Max_Task_Entries => 0,
No_Abort_Statements,
- No_Dependence => Ada.Asynchronous_Task_Control,
- No_Dependence => Ada.Calendar,
- No_Dependence => Ada.Dynamic_Priorities,
- No_Dependence => Ada.Execution_Time.Group_Budget,
- No_Dependence => Ada.Execution_Time.Timers,
- No_Dependence => Ada.Task_Attributes,
No_Dynamic_Attachment,
No_Implicit_Heap_Allocations,
No_Local_Protected_Objects,
@@ -145,18 +142,157 @@
No_Task_Allocators,
No_Task_Hierarchy,
No_Task_Termination,
- Simple_Barriers);
-
+ Simple_Barriers,
+ Max_Entry_Queue_Length => 1,
+ Max_Protected_Entries => 1,
+ Max_Task_Entries => 0,
+ No_Dependence => Ada.Asynchronous_Task_Control,
+ No_Dependence => Ada.Calendar,
+ No_Dependence => Ada.Dynamic_Priorities,
+ No_Dependence => Ada.Execution_Time.Group_Budget,
+ No_Dependence => Ada.Execution_Time.Timers,
+ No_Dependence => Ada.Task_Attributes);
!discussion
-The identifier No_IO has a use in covering several separate library package but
-has been moved to Annex J. All other changes are obvious.
+The identifier No_IO covers a set of library packages
+and thus was not moved to Annex J.
The minimum requirement for task termination when No_Task_Termination is in
force is to ensure that any fall-back handler is executed at least once. Given
that no tasks are meant to terminate this would seem to be sufficient.
+
+!corrigendum D.7(09)
+
+@ddel
+@xhang<@xterm<No_Dynamic_Priorities>
+There are no semantic dependences on the package Dynamic_Priorities.>
+
+!corrigendum D.7(10)
+!comment The AI-305 changes are made in the conflict text only.
+@drepl
+@xhang<@xterm<No_Asynchronous_Control>
+There are no semantic dependences on the package Asynchronous_Task_Control.>
+@dby
+@xhang<@xterm<No_Specific_Termination_Handlers>
+There are no calls to the Set_Specific_Handler and Specific_Handler subprograms
+in Ada.Task_Termination.
+
+!corrigendum D.7(15)
+
+@drepl
+@i<This paragraph was deleted>
+@dby
+@xhang<@xterm<No_Task_Termination>
+All tasks are non-terminating. It is implementation-defined what
+happens if a task attempts to terminate. If there is a fall-back
+handler (see C.7.3) set for the partition it should be called when
+the first task attempts to terminate.>
+
+!corrigendum D.13.1(01)
+
+@dinsc
+
+This clause defines the Ravenscar profile.
+
+@i<@s8<Legality Rules>>
+
+The @i<profile_>@fa<identifier> Ravenscar names a run-time profile.
+For run-time profile Ravenscar, there shall be no
+@i<profile_>@fa<pragma_argument_association>s.
+
+@i<@s8<Static Semantics>>
+
+The run-time profile Ravenscar
+is equivalent to the following set of pragmas:
+
+@xcode<@b<pragma> Task_Dispatching_Policy (FIFO_Within_Priorities);
+@b<pragma> Locking_Policy (Ceiling_Locking);
+@b<pragma> Detect_Blocking;
+@b<pragma> Restrictions (
+ No_Abort_Statements,
+ No_Dynamic_Attachment,
+ No_Implicit_Heap_Allocations,
+ No_Local_Protected_Objects,
+ No_Local_Timing_Events,
+ No_Protected_Type_Allocators,
+ No_Relative_Delay,
+ No_Requeue_Statements,
+ No_Select_Statements,
+ No_Specific_Termination_Handlers,
+ No_Task_Allocators,
+ No_Task_Hierarchy,
+ No_Task_Termination,
+ Simple_Barriers,
+ Max_Entry_Queue_Length =@> 1,
+ Max_Protected_Entries =@> 1,
+ Max_Task_Entries =@> 0,
+ No_Dependence =@> Ada.Asynchronous_Task_Control,
+ No_Dependence =@> Ada.Calendar,
+ No_Dependence =@> Ada.Dynamic_Priorities,
+ No_Dependence =@> Ada.Execution_Time.Group_Budget,
+ No_Dependence =@> Ada.Execution_Time.Timers,
+ No_Dependence =@> Ada.Task_Attributes);>
+
+@xindent<@s9<NOTES@hr
+37 The effect of the Max_Entry_Queue_Length =@> 1 restriction applies
+only to protected entry queues due to the accompanying restriction of
+Max_Task_Entries =@> 0.>>
+
+!corrigendum H.4(2)
+
+@drepl
+The following restrictions, the same as in D.7, apply in this Annex:
+No_Task_Hierarchy, No_Abort_Statement, No_Implicit_Heap_Allocation,
+Max_Task_Entries is 0, Max_Asynchronous_Select_Nesting is 0, and Max_Tasks is
+0. The last three restrictions are checked prior to program execution.
+@dby
+The following restrictions, the same as in D.7, apply in this Annex:
+No_Task_Hierarchy, No_Abort_Statement, No_Implicit_Heap_Allocation,
+Max_Task_Entries is 0, Max_Asynchronous_Select_Nesting is 0, and Max_Tasks is
+0. The last three restrictions are checked prior to program execution.
+The following uses of restriction identifier No_Dependence apply in this
+Annex: No_Dependence =@> Ada.Unchecked_Deallocation and No_Dependence =@>
+Ada.Unchecked_Conversion.
+
+!corrigendum H.4(9)
+
+@ddel
+@xhang<@xterm<No_Unchecked_Deallocation>
+Semantic dependence on Unchecked_Deallocation is not allowed.>
+
+!corrigendum H.4(16)
+
+@ddel
+@xhang<@xterm<No_Unchecked_Conversion>
+Semantic dependence on the predefined generic Unchecked_Conversion is not
+allowed.>
+
+!corrigendum J.13(1)
+
+@dinsc
+
+The following @fa<restrictions> involve dependence on specific language-defined
+units. The more general restriction No_Dependence (see 13.12.1) should be
+used for this purpose.
+
+@i<@s8<Static Semantics>>
+
+The following @i<restrictions_>@fa<identifiers> exist:
+
+@xhang<@xterm<No_Asynchronous_Control>
+There are no semantic dependences on package Asynchronous_Task_Control.>
+
+@xhang<@xterm<No_Dynamic_Priorities>
+There are no semantic dependences on package Dynamic_Priorities.>
+
+@xhang<@xterm<No_Unchecked_Conversion>
+Semantic dependence on the predefined generic Unchecked_Conversion is
+ot allowed.>
+
+@xhang<@xterm<No_Unchecked_Deallocation>
+Semantic dependence on Unchecked_Deallocation is not allowed.>
!ACATS test
Questions? Ask the ACAA Technical Agent