C.6 Shared Variable Control
This subclause defines representation aspects that
control the use of shared variables.
Static Semantics
Atomic
The type of aspect Atomic is Boolean.
Independent
The type of aspect Independent is Boolean.
Volatile
The type of aspect Volatile is Boolean.
Atomic_Components
The type of aspect Atomic_Components is Boolean.
Volatile_Components
The type of aspect Volatile_Components is Boolean.
Independent_Components
The type of aspect Independent_Components is Boolean.
If any of these aspects are directly specified,
the
aspect_definition
shall be a static expression. If not specified (including by inheritance),
each of these aspects is False.
An
atomic type is one
for which the aspect Atomic is True. An
atomic object (including
a component) is one for which the aspect Atomic is True, or a component
of an array for which the aspect Atomic_Components is True for the associated
type, or any object of an atomic type, other than objects obtained by
evaluating a slice.
A
volatile type is one
for which the aspect Volatile is True. A
volatile object (including
a component) is one for which the aspect Volatile is True, or a component
of an array for which the aspect Volatile_Components is True for the
associated type, or any object of a volatile type. In addition, every
atomic type or object is also defined to be volatile. Finally, if an
object is volatile, then so are all of its subcomponents (the same does
not apply to atomic).
When True, the aspects Independent and Independent_Components
specify as independently addressable the named object or component(s),
or in the case of a type, all objects or components of that type. All
atomic objects and aliased objects are considered to be specified as
independently addressable.
Legality Rules
If aspect Independent_Components is specified for
a
full_type_declaration,
the declaration shall be that of an array or record type.
It is illegal to specify either
of the aspects Atomic or Atomic_Components to have the value True for
an object or type if the implementation cannot support the indivisible
and independent reads and updates required by the aspect (see below).
It is illegal to specify the Size attribute of an
atomic object, the Component_Size attribute for an array type with atomic
components, or the layout attributes of an atomic component, in a way
that prevents the implementation from performing the required indivisible
and independent reads and updates.
If an atomic object is passed as a parameter, then
the formal parameter shall either have an atomic type or allow pass by
copy. If an atomic object is used as an actual for a generic formal object
of mode
in out, then the type of the generic formal object shall
be atomic. If the
prefix
of an
attribute_reference
for an Access attribute denotes an atomic object (including a component),
then the designated type of the resulting access type shall be atomic.
If an atomic type is used as an actual for a generic formal derived type,
then the ancestor of the formal type shall be atomic. Corresponding rules
apply to volatile objects and types.
If a volatile type is used as an actual for a
generic formal array type, then the element type of the formal type shall
be volatile.
If an aspect Volatile, Volatile_Components, Atomic,
or Atomic_Components is directly specified to have the value True for
a stand-alone constant object, then the aspect Import shall also be specified
as True for it.
It is illegal to specify the aspect Independent
or Independent_Components as True for a component, object or type if
the implementation cannot provide the independent addressability required
by the aspect (see
9.10).
It is illegal to specify a representation aspect
for a component, object or type for which the aspect Independent or Independent_Components
is True, in a way that prevents the implementation from providing the
independent addressability required by the aspect.
Dynamic Semantics
For an atomic object (including an atomic component)
all reads and updates of the object as a whole are indivisible.
All tasks of the program (on all processors) that
read or update volatile variables see the same order of updates to the
variables. A use of an atomic variable or other mechanism may be necessary
to avoid erroneous execution and to ensure that access to nonatomic volatile
variables is sequential (see
9.10).
Two actions are sequential (see
9.10) if each is the read or update of the
same atomic object.
If a type is atomic or volatile
and it is not a by-copy type, then the type is defined to be a by-reference
type. If any subcomponent of a type is atomic or volatile, then the type
is defined to be a by-reference type.
If an actual parameter is atomic or volatile, and
the corresponding formal parameter is not, then the parameter is passed
by copy.
Implementation Requirements
The external effect of a program
(see
1.1.3) is defined to include each read
and update of a volatile or atomic object. The implementation shall not
generate any memory reads or updates of atomic or volatile objects other
than those specified by the program.
This paragraph was
deleted.
Implementation Advice
A load or store of a volatile object whose size
is a multiple of System.Storage_Unit and whose alignment is nonzero,
should be implemented by accessing exactly the bits of the object and
no others.
A load or store of an atomic object should, where
possible, be implemented by a single load or store instruction.
9 An imported volatile or atomic constant
behaves as a constant (i.e. read-only) with respect to other parts of
the Ada program, but can still be modified by an “external source.”
10 Specifying the Pack aspect cannot override
the effect of specifying an Atomic or Atomic_Components aspect.
Ada 2005 and 2012 Editions sponsored in part by Ada-Europe