1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>Ada95 - Safety and Security Restrictions</TITLE>
<META NAME="Author" CONTENT="JTC1/SC22/WG9/ARG, by Randall Brukardt, ARG Editor">
<META NAME="GENERATOR" CONTENT="Arm_Form.Exe, Ada Reference Manual generator">
<STYLE type="text/css">
DIV.paranum {position: absolute; font-family: Arial, Helvetica, sans-serif; left: 0.5 em; top: auto}
TT {font-family: "Courier New", monospace}
DT {display: compact}
DIV.Normal {font-family: "Times New Roman", Times, serif; margin-bottom: 0.6em}
DIV.Wide {font-family: "Times New Roman", Times, serif; margin-top: 0.6em; margin-bottom: 0.6em}
DIV.Annotations {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-bottom: 0.6em}
DIV.WideAnnotations {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-top: 0.6em; margin-bottom: 0.6em}
DIV.Index {font-family: "Times New Roman", Times, serif}
DIV.SyntaxSummary {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-bottom: 0.4em}
DIV.Notes {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-bottom: 0.6em}
DIV.NotesHeader {font-family: "Times New Roman", Times, serif; margin-left: 2.0em}
DIV.SyntaxIndented {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-bottom: 0.4em}
DIV.Indented {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-bottom: 0.6em}
DIV.CodeIndented {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-bottom: 0.6em}
DIV.SmallIndented {font-family: "Times New Roman", Times, serif; margin-left: 10.0em; margin-bottom: 0.6em}
DIV.SmallCodeIndented {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-bottom: 0.6em}
DIV.Examples {font-family: "Courier New", monospace; margin-left: 2.0em; margin-bottom: 0.6em}
DIV.SmallExamples {font-family: "Courier New", monospace; font-size: 80%; margin-left: 7.5em; margin-bottom: 0.6em}
DIV.IndentedExamples {font-family: "Courier New", monospace; margin-left: 8.0em; margin-bottom: 0.6em}
DIV.SmallIndentedExamples {font-family: "Courier New", monospace; font-size: 80%; margin-left: 15.0em; margin-bottom: 0.6em}
UL.Bulleted {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-right: 2.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.SmallBulleted {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.NestedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-right: 4.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.SmallNestedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-right: 8.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.IndentedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-right: 8.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.CodeIndentedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.CodeIndentedNestedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-right: 8.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.SyntaxIndentedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-right: 4.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.NotesBulleted {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-right: 4.0em; margin-top: 0em; margin-bottom: 0.5em}
UL.NotesNestedBulleted {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
DL.Hanging {font-family: "Times New Roman", Times, serif; margin-top: 0em; margin-bottom: 0.6em}
DD.Hanging {margin-left: 6.0em}
DL.IndentedHanging {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-top: 0em; margin-bottom: 0.6em}
DD.IndentedHanging {margin-left: 2.0em}
DL.HangingInBulleted {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-right: 2.0em; margin-top: 0em; margin-bottom: 0.5em}
DD.HangingInBulleted {margin-left: 4.0em}
DL.SmallHanging {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-top: 0em; margin-bottom: 0.6em}
DD.SmallHanging {margin-left: 7.5em}
DL.SmallIndentedHanging {font-family: "Times New Roman", Times, serif; margin-left: 8.0em; margin-top: 0em; margin-bottom: 0.6em}
DD.SmallIndentedHanging {margin-left: 2.0em}
DL.SmallHangingInBulleted {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
DD.SmallHangingInBulleted {margin-left: 5.0em}
DL.Enumerated {font-family: "Times New Roman", Times, serif; margin-right: 0.0em; margin-top: 0em; margin-bottom: 0.5em}
DD.Enumerated {margin-left: 2.0em}
DL.SmallEnumerated {font-family: "Times New Roman", Times, serif; margin-left: 4.0em; margin-right: 4.0em; margin-top: 0em; margin-bottom: 0.5em}
DD.SmallEnumerated {margin-left: 2.5em}
DL.NestedEnumerated {font-family: "Times New Roman", Times, serif; margin-left: 2.0em; margin-right: 2.0em; margin-top: 0em; margin-bottom: 0.5em}
DL.SmallNestedEnumerated {font-family: "Times New Roman", Times, serif; margin-left: 6.0em; margin-right: 6.0em; margin-top: 0em; margin-bottom: 0.5em}
</STYLE>
</HEAD>
<BODY TEXT="#000000" BGCOLOR="#FFFFF0" LINK="#0000FF" VLINK="#800080" ALINK="#FF0000">
<P><A HREF="RM-TOC.html">Contents</A> <A HREF="RM-0-29.html">Index</A> <A HREF="RM-H-3-2.html">Previous</A> <A HREF="RM-J.html">Next</A></P>
<HR>
<H1> H.4 Safety and Security Restrictions</H1>
<DIV Class="Paranum"><FONT SIZE=-2>1</FONT></DIV>
<DIV Class="Normal"> This clause defines restrictions that can be used
with pragma Restrictions (see <A HREF="RM-13-12.html">13.12</A>); these
facilitate the demonstration of program correctness by allowing tailored
versions of the run-time system. </DIV>
<H4 ALIGN=CENTER>Static Semantics</H4>
<DIV Class="Paranum"><FONT SIZE=-2>2</FONT></DIV>
<DIV Class="Normal"> The following restrictions, the same as in <A HREF="RM-D-7.html">D.7</A>,
apply in this Annex: No_Task_Hierarchy, No_Abort_Statement, No_Implicit_Heap_Allocation,
Max_Task_Entries is 0, Max_Asynchronous_Select_Nesting is 0, and Max_Tasks
is 0. The last three restrictions are checked prior to program execution.</DIV>
<DIV Class="Paranum"><FONT SIZE=-2>3</FONT></DIV>
<DIV Class="Normal" Style="margin-bottom: 0.9em"> The following additional
restrictions apply in this Annex.</DIV>
<DIV Class="Paranum"><FONT SIZE=-2>4</FONT></DIV>
<DIV Class="Normal" Style="margin-bottom: 0.4em"> <B>Tasking-related
restriction:</B> </DIV>
<DIV Class="Paranum"><FONT SIZE=-2>5</FONT></DIV>
<DL Class="Hanging" Style="margin-bottom: 0.9em"><DT> <A NAME="I7012"></A>No_Protected_Types <DD Class="Hanging">
There are no declarations of protected types or protected objects.</DL>
<DIV Class="Paranum"><FONT SIZE=-2>6</FONT></DIV>
<DL Class="Hanging" Style="margin-bottom: 0.4em"><DT> <B>Memory-management related restrictions:</B></DL>
<DIV Class="Paranum"><FONT SIZE=-2>7</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7013"></A>No_Allocators <DD Class="Hanging">
There are no occurrences of an <FONT FACE="Arial, Helvetica">allocator</FONT>.</DL>
<DIV Class="Paranum"><FONT SIZE=-2>8/1</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7014"></A>No_Local_Allocators <DD Class="Hanging">
<FONT FACE="Arial, Helvetica">Allocator</FONT>s are prohibited in subprograms,
generic subprograms, tasks, and entry bodies. </DL>
<DIV Class="Paranum"><FONT SIZE=-2>9</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7015"></A>No_Unchecked_Deallocation <DD Class="Hanging">
Semantic dependence on Unchecked_Deallocation is not allowed. </DL>
<DIV Class="Paranum"><FONT SIZE=-2>10</FONT></DIV>
<DL Class="Hanging" Style="margin-bottom: 0.9em"><DT> Immediate_Reclamation <DD Class="Hanging">
Except for storage occupied by objects created by <FONT FACE="Arial, Helvetica">allocator</FONT>s
and not deallocated via unchecked deallocation, any storage reserved
at run time for an object is immediately reclaimed when the object no
longer exists. <A NAME="I7016"></A></DL>
<DIV Class="Paranum"><FONT SIZE=-2>11</FONT></DIV>
<DL Class="Hanging" Style="margin-bottom: 0.4em"><DT> <B>Exception-related restriction:</B></DL>
<DIV Class="Paranum"><FONT SIZE=-2>12</FONT></DIV>
<DL Class="Hanging" Style="margin-bottom: 0.9em"><DT> <A NAME="I7017"></A>No_Exceptions <DD Class="Hanging">
<FONT FACE="Arial, Helvetica">Raise_statement</FONT>s and <FONT FACE="Arial, Helvetica">exception_handler</FONT>s
are not allowed. No language-defined run-time checks are generated; however,
a run-time check performed automatically by the hardware is permitted.
</DL>
<DIV Class="Paranum"><FONT SIZE=-2>13</FONT></DIV>
<DL Class="Hanging" Style="margin-bottom: 0.4em"><DT> <B>Other restrictions:</B></DL>
<DIV Class="Paranum"><FONT SIZE=-2>14</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7018"></A>No_Floating_Point <DD Class="Hanging">
Uses of predefined floating point types and operations, and declarations
of new floating point types, are not allowed. </DL>
<DIV Class="Paranum"><FONT SIZE=-2>15</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7019"></A>No_Fixed_Point <DD Class="Hanging">
Uses of predefined fixed point types and operations, and declarations
of new fixed point types, are not allowed. </DL>
<DIV Class="Paranum"><FONT SIZE=-2>16</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7020"></A>No_Unchecked_Conversion <DD Class="Hanging">
Semantic dependence on the predefined generic Unchecked_Conversion is
not allowed. </DL>
<DIV Class="Paranum"><FONT SIZE=-2>17</FONT></DIV>
<DL Class="Hanging"><DT> No_Access_Subprograms <DD Class="Hanging">
The declaration of access-to-subprogram types is not allowed. <A NAME="I7021"></A></DL>
<DIV Class="Paranum"><FONT SIZE=-2>18</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7022"></A>No_Unchecked_Access <DD Class="Hanging">
The <A NAME="I7023"></A>Unchecked_Access attribute is not allowed.</DL>
<DIV Class="Paranum"><FONT SIZE=-2>19</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7024"></A>No_Dispatch <DD Class="Hanging">
Occurrences of T'Class are not allowed, for any (tagged) subtype T.</DL>
<DIV Class="Paranum"><FONT SIZE=-2>20</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7025"></A>No_IO <DD Class="Hanging">
Semantic dependence on any of the library units Sequential_IO, Direct_IO,
Text_IO, Wide_Text_IO, or Stream_IO is not allowed. </DL>
<DIV Class="Paranum"><FONT SIZE=-2>21</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7026"></A>No_Delay <DD Class="Hanging">
<FONT FACE="Arial, Helvetica">Delay_Statement</FONT>s and semantic dependence
on package Calendar are not allowed. </DL>
<DIV Class="Paranum"><FONT SIZE=-2>22</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7027"></A>No_Recursion <DD Class="Hanging">
As part of the execution of a subprogram, the same subprogram is not
invoked.</DL>
<DIV Class="Paranum"><FONT SIZE=-2>23</FONT></DIV>
<DL Class="Hanging"><DT> <A NAME="I7028"></A>No_Reentrancy <DD Class="Hanging">
During the execution of a subprogram by a task, no other task invokes
the same subprogram.</DL>
<H4 ALIGN=CENTER>Implementation Requirements</H4>
<DIV Class="Paranum"><FONT SIZE=-2>24</FONT></DIV>
<DIV Class="Normal"> If an implementation supports <FONT FACE="Arial, Helvetica">pragma</FONT>
Restrictions for a particular argument, then except for the restrictions
No_Unchecked_Deallocation, No_Unchecked_Conversion, No_Access_Subprograms,
and No_Unchecked_Access, the associated restriction applies to the run-time
system. </DIV>
<H4 ALIGN=CENTER>Documentation Requirements</H4>
<DIV Class="Paranum"><FONT SIZE=-2>25</FONT></DIV>
<DIV Class="Normal"> If a pragma Restrictions(No_Exceptions) is specified,
the implementation shall document the effects of all constructs where
language-defined checks are still performed automatically (for example,
an overflow check performed by the processor). </DIV>
<H4 ALIGN=CENTER>Erroneous Execution</H4>
<DIV Class="Paranum"><FONT SIZE=-2>26</FONT></DIV>
<DIV Class="Normal"> <A NAME="I7029"></A>Program execution is erroneous
if pragma Restrictions(No_Exceptions) has been specified and the conditions
arise under which a generated language-defined run-time check would fail.
</DIV>
<DIV Class="Paranum"><FONT SIZE=-2>27</FONT></DIV>
<DIV Class="Normal"> <A NAME="I7030"></A>Program execution is erroneous
if pragma Restrictions(No_Recursion) has been specified and a subprogram
is invoked as part of its own execution, or if pragma Restrictions(No_Reentrancy)
has been specified and during the execution of a subprogram by a task,
another task invokes the same subprogram. </DIV>
<HR>
<P><A HREF="RM-TOC.html">Contents</A> <A HREF="RM-0-29.html">Index</A> <A HREF="RM-H-3-2.html">Previous</A> <A HREF="RM-J.html">Next</A> <A HREF="RM-TTL.html">Legal</A></P>
</BODY>
</HTML>
|
