1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>AARM95 - Protected Subprograms and Protected Actions</TITLE>
<META NAME="Author" CONTENT="JTC1/SC22/WG9/ARG, by Randall Brukardt, ARG Editor">
<META NAME="GENERATOR" CONTENT="Arm_Form.Exe, Ada Reference Manual generator">
<STYLE type="text/css">
DIV.paranum {position: absolute; font-family: Arial, Helvetica, sans-serif; left: 0.5 em; top: auto}
TT {font-family: "Courier New", monospace}
DT {display: compact}
DIV.Normal {font-family: "Times New Roman", Times, serif; margin-bottom: 0.6em}
DIV.Wide {font-family: "Times New Roman", Times, serif; margin-top: 0.6em; margin-bottom: 0.6em}
DIV.Annotations {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-bottom: 0.6em}
DIV.WideAnnotations {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-top: 0.6em; margin-bottom: 0.6em}
DIV.Index {font-family: "Times New Roman", Times, serif}
DIV.SyntaxSummary {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-bottom: 0.4em}
DIV.Notes {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-bottom: 0.6em}
DIV.NotesHeader {font-family: "Times New Roman", Times, serif; margin-left: 2.0em}
DIV.SyntaxIndented {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-bottom: 0.4em}
DIV.Indented {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-bottom: 0.6em}
DIV.CodeIndented {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-bottom: 0.6em}
DIV.SmallIndented {font-family: "Times New Roman", Times, serif; margin-left: 10.0em; margin-bottom: 0.6em}
DIV.SmallCodeIndented {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-bottom: 0.6em}
DIV.Examples {font-family: "Courier New", monospace; margin-left: 2.0em; margin-bottom: 0.6em}
DIV.SmallExamples {font-family: "Courier New", monospace; font-size: 80%; margin-left: 7.5em; margin-bottom: 0.6em}
DIV.IndentedExamples {font-family: "Courier New", monospace; margin-left: 8.0em; margin-bottom: 0.6em}
DIV.SmallIndentedExamples {font-family: "Courier New", monospace; font-size: 80%; margin-left: 15.0em; margin-bottom: 0.6em}
UL.Bulleted {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-right: 2.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.SmallBulleted {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.NestedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-right: 4.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.SmallNestedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-right: 8.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.IndentedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-right: 8.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.CodeIndentedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.CodeIndentedNestedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-right: 8.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.SyntaxIndentedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-right: 4.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.NotesBulleted {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-right: 4.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.NotesNestedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
DL.Hanging {font-family: "Times New Roman", Times, serif; margin-top: 0em; margin-bottom: 0.6em}
DD.Hanging {margin-left: 6.0em}
DL.IndentedHanging {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-top: 0em; margin-bottom: 0.6em}
DD.IndentedHanging {margin-left: 2.0em}
DL.HangingInBulleted {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-right: 2.0em; margin-top: 0em; margin-bottom: 0.5em}
DD.HangingInBulleted {margin-left: 4.0em}
DL.SmallHanging {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-top: 0em; margin-bottom: 0.6em}
DD.SmallHanging {margin-left: 7.5em}
DL.SmallIndentedHanging {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-top: 0em; margin-bottom: 0.6em}
DD.SmallIndentedHanging {margin-left: 2.0em}
DL.SmallHangingInBulleted {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
DD.SmallHangingInBulleted {margin-left: 5.0em}
DL.Enumerated {font-family: "Times New Roman", Times, serif; margin-right: 0.0em; margin-top: 0em; margin-bottom: 0.5em}
DD.Enumerated {margin-left: 2.0em}
DL.SmallEnumerated {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-right: 4.0em; margin-top: 0em; margin-bottom: 0.5em}
DD.SmallEnumerated {margin-left: 2.5em}
DL.NestedEnumerated {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-right: 2.0em; margin-top: 0em; margin-bottom: 0.5em}
DL.SmallNestedEnumerated {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
</STYLE>
</HEAD>
<BODY TEXT="#000000" BGCOLOR="#FFFFF0" LINK="#0000FF" VLINK="#800080" ALINK="#FF0000">
<P><A HREF="AA-TOC.html">Contents</A> <A HREF="AA-0-29.html">Index</A> <A HREF="AA-9-5.html">Previous</A> <A HREF="AA-9-5-2.html">Next</A></P>
<HR>
<H1> 9.5.1 Protected Subprograms and Protected Actions</H1>
<DIV Class="Paranum"><FONT SIZE=-2>1</FONT></DIV>
<DIV Class="Normal"> <A NAME="I3584"></A><A NAME="I3585"></A><A NAME="I3586"></A>A
<I>protected subprogram</I> is a subprogram declared immediately within
a <FONT FACE="Arial, Helvetica">protected_definition</FONT>. Protected
procedures provide exclusive read-write access to the data of a protected
object; protected functions provide concurrent read-only access to the
data. </DIV>
<DIV Class="Paranum"><FONT SIZE=-2>1.a</FONT></DIV>
<DIV Class="Annotations"><FONT SIZE=-1><B>Ramification: </B>A subprogram
declared immediately within a <FONT FACE="Arial, Helvetica">protected_body</FONT>
is not a protected subprogram; it is an intrinsic subprogram. See <A HREF="AA-6-3-1.html">6.3.1</A>,
``<A HREF="AA-6-3-1.html">Conformance Rules</A>''. </FONT></DIV>
<H4 ALIGN=CENTER>Static Semantics</H4>
<DIV Class="Paranum"><FONT SIZE=-2>2</FONT></DIV>
<DIV Class="Normal"> Within the body of a protected function (or a
function declared immediately within a <FONT FACE="Arial, Helvetica">protected_body</FONT>),
the current instance of the enclosing protected unit is defined to be
a constant [(that is, its subcomponents may be read but not updated)].
Within the body of a protected procedure (or a procedure declared immediately
within a <FONT FACE="Arial, Helvetica">protected_body</FONT>), and within
an <FONT FACE="Arial, Helvetica">entry_body</FONT>, the current instance
is defined to be a variable [(updating is permitted)]. </DIV>
<DIV Class="Paranum"><FONT SIZE=-2>2.a</FONT></DIV>
<DIV Class="Annotations"><FONT SIZE=-1><B>Ramification: </B>The current
instance is like an implicit parameter, of mode <B>in</B> for a protected
function, and of mode <B>in out</B> for a protected procedure (or protected
entry). </FONT></DIV>
<H4 ALIGN=CENTER>Dynamic Semantics</H4>
<DIV Class="Paranum"><FONT SIZE=-2>3</FONT></DIV>
<DIV Class="Normal"> <A NAME="I3587"></A>For the execution of a call
on a protected subprogram, the evaluation of the <FONT FACE="Arial, Helvetica">name</FONT>
or <FONT FACE="Arial, Helvetica">prefix</FONT> and of the parameter associations,
and any assigning back of <B>in out</B> or <B>out</B> parameters, proceeds
as for a normal subprogram call (see <A HREF="AA-6-4.html">6.4</A>).
If the call is an internal call (see <A HREF="AA-9-5.html">9.5</A>),
the body of the subprogram is executed as for a normal subprogram call.
If the call is an external call, then the body of the subprogram is executed
as part of a new <I>protected action</I> on the target protected object;
the protected action completes after the body of the subprogram is executed.
[A protected action can also be started by an entry call (see <A HREF="AA-9-5-3.html">9.5.3</A>).]</DIV>
<DIV Class="Paranum"><FONT SIZE=-2>4</FONT></DIV>
<DIV Class="Normal" Style="margin-bottom: 0.4em"> <A NAME="I3588"></A>A
new protected action is not started on a protected object while another
protected action on the same protected object is underway, unless both
actions are the result of a call on a protected function. This rule is
expressible in terms of the execution resource associated with the protected
object: </DIV>
<DIV Class="Paranum"><FONT SIZE=-2>5</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC><A NAME="I3589"></A><A NAME="I3590"></A><I>Starting</I>
a protected action on a protected object corresponds to <I>acquiring</I>
the execution resource associated with the protected object, either for
concurrent read-only access if the protected action is for a call on
a protected function, or for exclusive read-write access otherwise;</LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>6</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC><A NAME="I3591"></A><A NAME="I3592"></A><I>Completing</I>
the protected action corresponds to <I>releasing</I> the associated execution
resource. </LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>7</FONT></DIV>
<DIV Class="Normal"> [After performing an operation on a protected
object other than a call on a protected function, but prior to completing
the associated protected action, the entry queues (if any) of the protected
object are serviced (see <A HREF="AA-9-5-3.html">9.5.3</A>).] </DIV>
<H4 ALIGN=CENTER>Bounded (Run-Time) Errors</H4>
<DIV Class="Paranum"><FONT SIZE=-2>8</FONT></DIV>
<DIV Class="Normal" Style="margin-bottom: 0.4em"> <A NAME="I3593"></A>During
a protected action, it is a bounded error to invoke an operation that
is <I>potentially blocking</I>. <A NAME="I3594"></A><A NAME="I3595"></A>The
following are defined to be potentially blocking operations: </DIV>
<DIV Class="Paranum"><FONT SIZE=-2>8.a</FONT></DIV>
<DIV Class="Annotations"><FONT SIZE=-1><B>Reason: </B>Some of these operations
are not directly blocking. However, they are still treated as bounded
errors during a protected action, because allowing them might impose
an undesirable implementation burden. </FONT></DIV>
<DIV Class="Paranum"><FONT SIZE=-2>9</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC>a <FONT FACE="Arial, Helvetica">select_statement</FONT>;</LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>10</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC>an <FONT FACE="Arial, Helvetica">accept_statement</FONT>;</LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>11</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC>an <FONT FACE="Arial, Helvetica">entry_call_statement</FONT>;</LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>12</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC>a <FONT FACE="Arial, Helvetica">delay_statement</FONT>;</LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>13</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC>an <FONT FACE="Arial, Helvetica">abort_statement</FONT>;</LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>14</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC>task creation or activation;</LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>15</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC>an external call on a protected subprogram (or an external
requeue) with the same target object as that of the protected action;
</LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>15.a</FONT></DIV>
<DIV Class="Annotations"><FONT SIZE=-1><B>Reason: </B>This is really
a deadlocking call, rather than a blocking call, but we include it in
this list for simplicity. </FONT></DIV>
<DIV Class="Paranum"><FONT SIZE=-2>16</FONT></DIV>
<UL Class="Bulleted"><LI TYPE=DISC>a call on a subprogram whose body contains a potentially
blocking operation. </LI></UL>
<DIV Class="Paranum"><FONT SIZE=-2>16.a</FONT></DIV>
<DIV Class="Annotations"><FONT SIZE=-1><B>Reason: </B>This allows an
implementation to check and raise Program_Error as soon as a subprogram
is called, rather than waiting to find out whether it actually reaches
the potentially blocking operation. This in turn allows the potentially
blocking operation check to be performed prior to run time in some environments.
</FONT></DIV>
<DIV Class="Paranum"><FONT SIZE=-2>17</FONT></DIV>
<DIV Class="Normal"> <A NAME="I3596"></A>If the bounded error is detected,
Program_Error is raised. If not detected, the bounded error might result
in deadlock or a (nested) protected action on the same target object.</DIV>
<DIV Class="Paranum"><FONT SIZE=-2>18</FONT></DIV>
<DIV Class="Normal"> Certain language-defined subprograms are potentially
blocking. In particular, the subprograms of the language-defined input-output
packages that manipulate files (implicitly or explicitly) are potentially
blocking. Other potentially blocking subprograms are identified where
they are defined. When not specified as potentially blocking, a language-defined
subprogram is nonblocking. </DIV>
<DIV Class="NotesHeader"><FONT SIZE=-1>NOTES</FONT></DIV>
<DIV Class="Paranum"><FONT SIZE=-2>19</FONT></DIV>
<DIV Class="Notes"><FONT SIZE=-1>18 If two tasks both try
to start a protected action on a protected object, and at most one is
calling a protected function, then only one of the tasks can proceed.
Although the other task cannot proceed, it is not considered blocked,
and it might be consuming processing resources while it awaits its turn.
There is no language-defined ordering or queuing presumed for tasks competing
to start a protected action -- on a multiprocessor such tasks might use
busy-waiting; for monoprocessor considerations, see <A HREF="AA-D-3.html">D.3</A>,
``<A HREF="AA-D-3.html">Priority Ceiling Locking</A>''. </FONT></DIV>
<DIV Class="Paranum"><FONT SIZE=-2>19.a</FONT></DIV>
<DIV Class="Annotations"><FONT SIZE=-1><B>Discussion: </B>The intended
implementation on a multi-processor is in terms of ``spin locks'' --
the waiting task will spin. </FONT></DIV>
<DIV Class="Paranum"><FONT SIZE=-2>20</FONT></DIV>
<DIV Class="Notes"><FONT SIZE=-1>19 The body of a protected
unit may contain declarations and bodies for local subprograms. These
are not visible outside the protected unit.</FONT></DIV>
<DIV Class="Paranum"><FONT SIZE=-2>21</FONT></DIV>
<DIV Class="Notes"><FONT SIZE=-1>20 The body of a protected
function can contain internal calls on other protected functions, but
not protected procedures, because the current instance is a constant.
On the other hand, the body of a protected procedure can contain internal
calls on both protected functions and procedures.</FONT></DIV>
<DIV Class="Paranum"><FONT SIZE=-2>22</FONT></DIV>
<DIV Class="Notes"><FONT SIZE=-1>21 From within a protected
action, an internal call on a protected subprogram, or an external call
on a protected subprogram with a different target object is not considered
a potentially blocking operation. </FONT></DIV>
<DIV Class="Paranum"><FONT SIZE=-2>22.a</FONT></DIV>
<DIV Class="Annotations"><FONT SIZE=-1><B>Reason: </B>This is because
a task is not considered blocked while attempting to acquire the execution
resource associated with a protected object. The acquisition of such
a resource is rather considered part of the normal competition for execution
resources between the various tasks that are ready. External calls that
turn out to be on the same target object are considered potentially blocking,
since they can deadlock the task indefinitely. </FONT></DIV>
<H4 ALIGN=CENTER>Examples</H4>
<DIV Class="Paranum"><FONT SIZE=-2>23</FONT></DIV>
<DIV Class="Normal" Style="margin-bottom: 0.4em"> <I>Examples of
protected subprogram calls (see <A HREF="AA-9-4.html">9.4</A>):</I> </DIV>
<DIV Class="Paranum"><FONT SIZE=-2>24</FONT></DIV>
<DIV Class="Examples"><TT>Shared_Array.Set_Component(N, E);<BR>
E := Shared_Array.Component(M);<BR>
Control.Release;</TT></DIV>
<HR>
<P><A HREF="AA-TOC.html">Contents</A> <A HREF="AA-0-29.html">Index</A> <A HREF="AA-9-5.html">Previous</A> <A HREF="AA-9-5-2.html">Next</A> <A HREF="AA-TTL.html">Legal</A></P>
</BODY>
</HTML>
|
