| blob | 24f4ba2085acb1d2a297e01c0fb6d2aa383fa294 |
1 ------------------------------------------------------------------------------
2 -- --
3 -- GNAT RUN-TIME LIBRARY (GNARL) COMPONENTS --
4 -- --
5 -- S Y S T E M . T A S K I N G . I N I T I A L I Z A T I O N --
6 -- --
7 -- B o d y --
8 -- --
9 -- Copyright (C) 1992-2023, Free Software Foundation, Inc. --
10 -- --
11 -- GNARL is free software; you can redistribute it and/or modify it under --
12 -- terms of the GNU General Public License as published by the Free Soft- --
13 -- ware Foundation; either version 3, or (at your option) any later ver- --
14 -- sion. GNAT is distributed in the hope that it will be useful, but WITH- --
15 -- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY --
16 -- or FITNESS FOR A PARTICULAR PURPOSE. --
17 -- --
18 -- As a special exception under Section 7 of GPL version 3, you are granted --
19 -- additional permissions described in the GCC Runtime Library Exception, --
20 -- version 3.1, as published by the Free Software Foundation. --
21 -- --
22 -- You should have received a copy of the GNU General Public License and --
23 -- a copy of the GCC Runtime Library Exception along with this program; --
24 -- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see --
25 -- <http://www.gnu.org/licenses/>. --
26 -- --
27 -- GNARL was developed by the GNARL team at Florida State University. --
28 -- Extensive contributions were provided by Ada Core Technologies, Inc. --
29 -- --
30 ------------------------------------------------------------------------------
33 -- Turn off subprogram alpha ordering check, since we group soft link bodies
34 -- and dummy soft link bodies together separately in this unit.
46 -- Make sure the body of Secondary_Stack is elaborated before calling
47 -- Init_Tasking_Soft_Links. See comments for this routine for explanation.
58 -- This is a global lock; it is used to execute in mutual exclusion from
59 -- all other tasks. It is only used by Task_Lock, Task_Unlock, and
60 -- Final_Task_Unlock.
62 ----------------------------------------------------------------------
63 -- Tasking versions of some services needed by non-tasking programs --
64 ----------------------------------------------------------------------
67 -- NON-INLINE versions without Self_ID for soft links
70 -- NON-INLINE versions without Self_ID for soft links
73 -- Locks out other tasks. Preceding a section of code by Task_Lock and
74 -- following it by Task_Unlock creates a critical region. This is used
75 -- for ensuring that a region of non-tasking code (such as code used to
76 -- allocate memory) is tasking safe. Note that it is valid for calls to
77 -- Task_Lock/Task_Unlock to be nested, and this must work properly, i.e.
78 -- only the corresponding outer level Task_Unlock will actually unlock.
81 -- Releases lock previously set by call to Task_Lock. In the nested case,
82 -- all nested locks must be released before other tasks competing for the
83 -- tasking lock are released.
86 -- Task-safe version of SSL.Get_Current_Excep
89 -- Returns current task's name
91 ------------------------
92 -- Local Subprograms --
93 ------------------------
95 ----------------------------
96 -- Tasking Initialization --
97 ----------------------------
100 -- This procedure completes the initialization of the GNARL. The first part
101 -- of the initialization is done in the body of System.Tasking. It consists
102 -- of initializing global locks, and installing tasking versions of certain
103 -- operations used by the compiler. Init_RTS is called during elaboration.
105 --------------------------
106 -- Change_Base_Priority --
107 --------------------------
109 -- Call only with abort deferred and holding Self_ID locked
112 begin
119 ------------------------
120 -- Check_Abort_Status --
121 ------------------------
125 begin
130 then
132 else
137 -----------------
138 -- Defer_Abort --
139 -----------------
142 begin
149 -- pragma Assert
150 -- (Self_ID.Pending_ATC_Level >= Self_ID.ATC_Nesting_Level);
152 -- The above check has been useful in detecting mismatched defer/undefer
153 -- pairs. You may uncomment it when testing on systems that support
154 -- preemptive abort.
156 -- If the OS supports preemptive abort (e.g. pthread_kill), it should
157 -- have happened already. A problem is with systems that do not support
158 -- preemptive abort, and so rely on polling. On such systems we may get
159 -- false failures of the assertion, since polling for pending abort does
160 -- no occur until the abort undefer operation.
162 -- Even on systems that only poll for abort, the assertion may be useful
163 -- for catching missed abort completion polling points. The operations
164 -- that undefer abort poll for pending aborts. This covers most of the
165 -- places where the core Ada semantics require abort to be caught,
166 -- without any special attention. However, this generally happens on
167 -- exit from runtime system call, which means a pending abort will not
168 -- be noticed on the way into the runtime system. We considered adding a
169 -- check for pending aborts at this point, but chose not to, because of
170 -- the overhead. Instead, we searched for RTS calls where abort
171 -- completion is required and a task could go farther than Ada allows
172 -- before undeferring abort; we then modified the code to ensure the
173 -- abort would be detected.
178 --------------------------
179 -- Defer_Abort_Nestable --
180 --------------------------
183 begin
188 -- The following assertion is by default disabled. See the comment in
189 -- Defer_Abort on the situations in which it may be useful to uncomment
190 -- this assertion and enable the test.
192 -- pragma Assert
193 -- (Self_ID.Pending_ATC_Level >= Self_ID.ATC_Nesting_Level or else
194 -- Self_ID.Deferral_Level > 0);
199 -----------------
200 -- Abort_Defer --
201 -----------------
205 begin
214 -----------------------
215 -- Get_Current_Excep --
216 -----------------------
219 begin
223 -----------------------
224 -- Do_Pending_Action --
225 -----------------------
227 -- Call only when holding no locks
231 begin
234 -- Needs loop to recheck for pending action in case a new one occurred
235 -- while we had abort deferred below.
237 loop
238 -- Temporarily defer abort so that we can lock Self_ID
246 -- Restore the original Deferral value
254 pragma Debug
262 -- The solution really belongs in the Abort_Signal handler
263 -- for async. entry calls. The present hack is very
264 -- fragile. It relies that the very next point after
265 -- Exit_One_ATC_Level at which the task becomes abortable
266 -- will be the call to Undefer_Abort in the
267 -- Abort_Signal handler.
271 pragma Debug
283 -----------------------
284 -- Final_Task_Unlock --
285 -----------------------
287 -- This version is only for use in Terminate_Task, when the task is
288 -- relinquishing further rights to its own ATCB.
290 -- There is a very interesting potential race condition there, where the
291 -- old task may run concurrently with a new task that is allocated the old
292 -- tasks (now reused) ATCB. The critical thing here is to not make any
293 -- reference to the ATCB after the lock is released. See also comments on
294 -- Terminate_Task and Unlock.
297 begin
302 --------------
303 -- Init_RTS --
304 --------------
308 begin
311 -- Terminate run time (regular vs restricted) specific initialization
312 -- of the environment task.
326 -- Normally, a task starts out with internal master nesting level one
327 -- larger than external master nesting level. It is incremented to one
328 -- by Enter_Master, which is called in the task body only if the
329 -- compiler thinks the task may have dependent tasks. There is no
330 -- corresponding call to Enter_Master for the environment task, so we
331 -- would need to increment it to 2 here. Instead, we set it to 3. By
332 -- doing this we reserve the level 2 for server tasks of the runtime
333 -- system. The environment task does not need to wait for these server
337 -- Initialize lock used to implement mutual exclusion between all tasks
341 -- Notify that the tasking run time has been elaborated so that
342 -- the tasking version of the soft links can be used.
355 -- Initialize the tasking soft links (if not done yet) that are common
356 -- to the full and the restricted run times.
360 -- Abort is deferred in a new ATCB, so we need to undefer abort at this
361 -- stage to make the environment task abortable.
366 ---------------------------
367 -- Locked_Abort_To_Level--
368 ---------------------------
370 -- Abort a task to the specified ATC nesting level.
371 -- Call this only with T locked.
373 -- An earlier version of this code contained a call to Wakeup. That should
374 -- not be necessary here, if Abort_Task is implemented correctly, since
375 -- Abort_Task should include the effect of Wakeup. However, the above call
376 -- was in earlier versions of this file, and at least for some targets
377 -- Abort_Task has not been doing Wakeup. It should not hurt to uncomment
378 -- the above call, until the error is corrected for all targets.
380 -- See extended comments in package body System.Tasking.Abort for the
381 -- overall design of the implementation of task abort.
382 -- ??? there is no such package ???
384 -- If the task is sleeping it will be in an abort-deferred region, and will
385 -- not have Abort_Signal raised by Abort_Task. Such an "abort deferral" is
386 -- just to protect the RTS internals, and not necessarily required to
387 -- enforce Ada semantics. Abort_Task should wake the task up and let it
388 -- decide if it wants to complete the aborted construct immediately.
390 -- Note that the effect of the low-level Abort_Task is not persistent.
391 -- If the target task is not blocked, this wakeup will be missed.
393 -- We don't bother calling Abort_Task if this task is aborting itself,
394 -- since we are inside the RTS and have abort deferred. Similarly, We don't
395 -- bother to call Abort_Task if T is terminated, since there is no need to
396 -- abort a terminated task, and it could be dangerous to try if the task
397 -- has stopped executing.
399 -- Note that an earlier version of this code had some false reasoning about
400 -- being able to reliably wake up a task that had suspended on a blocking
401 -- system call that does not atomically release the task's lock (e.g., UNIX
402 -- nanosleep, which we once thought could be used to implement delays).
403 -- That still left the possibility of missed wakeups.
405 -- We cannot safely call Vulnerable_Complete_Activation here, since that
406 -- requires locking Self_ID.Parent. The anti-deadlock lock ordering rules
407 -- would then require us to release the lock on Self_ID first, which would
408 -- create a timing window for other tasks to lock Self_ID. This is
409 -- significant for tasks that may be aborted before their execution can
410 -- enter the task body, and so they do not get a chance to call
411 -- Complete_Task. The actual work for this case is done in Terminate_Task.
413 procedure Locked_Abort_To_Level
417 is
418 begin
421 when Terminated
422 | Unactivated
423 =>
427 when Activating
428 | Runnable
429 =>
431 -- This scenario occurs when an asynchronous protected entry
432 -- call is canceled during a requeue with abort.
434 T.Entry_Calls
441 when AST_Server_Sleep
442 | Async_Select_Sleep
443 | Delay_Sleep
444 | Interrupt_Server_Blocked_Interrupt_Sleep
445 | Interrupt_Server_Idle_Sleep
446 | Timer_Server_Sleep
447 =>
450 when Acceptor_Delay_Sleep
451 | Acceptor_Sleep
452 =>
459 T.Entry_Calls
463 when Activator_Sleep
464 | Asynchronous_Hold
465 | Master_Completion_Sleep
466 | Master_Phase_2_Sleep
467 =>
480 -- This prevents aborted task from accepting calls
484 -- The test above is just a heuristic, to reduce wasteful
485 -- calls to Abort_Task. We are holding T locked, and this
486 -- value will not be set to False except with T also locked,
487 -- inside Exit_One_ATC_Level, so we should not miss wakeups.
490 or else
492 then
500 -- The task is blocked on a system call waiting for the
501 -- completion event. In this case Abort_Task may need to take
502 -- special action in order to succeed.
504 then
510 --------------------------------
511 -- Remove_From_All_Tasks_List --
512 --------------------------------
518 begin
519 pragma Debug
528 else
542 ---------------
543 -- Task_Lock --
544 ---------------
547 begin
558 begin
562 ---------------
563 -- Task_Name --
564 ---------------
568 begin
572 -----------------
573 -- Task_Unlock --
574 -----------------
577 begin
589 begin
593 -------------------
594 -- Undefer_Abort --
595 -------------------
597 -- Precondition : Self does not hold any locks
599 -- Undefer_Abort is called on any abort completion point (aka.
600 -- synchronization point). It performs the following actions if they
601 -- are pending: (1) change the base priority, (2) abort the task.
603 -- The priority change has to occur before abort. Otherwise, it would
604 -- take effect no earlier than the next abort completion point.
607 begin
625 ----------------------------
626 -- Undefer_Abort_Nestable --
627 ----------------------------
629 -- An earlier version would re-defer abort if an abort is in progress.
630 -- Then, we modified the effect of the raise statement so that it defers
631 -- abort until control reaches a handler. That was done to prevent
632 -- "skipping over" a handler if another asynchronous abort occurs during
633 -- the propagation of the abort to the handler.
635 -- There has been talk of reversing that decision, based on a newer
636 -- implementation of exception propagation. Care must be taken to evaluate
637 -- how such a change would interact with the above code and all the places
638 -- where abort-deferral is used to bridge over critical transitions, such
639 -- as entry to the scope of a region with a finalizer and entry into the
640 -- body of an accept-procedure.
643 begin
662 -------------------
663 -- Abort_Undefer --
664 -------------------
668 begin
677 -- In case there are different views on whether Abort is supported
678 -- between the expander and the run time, we may end up with
679 -- Self_ID.Deferral_Level being equal to zero, when called from
680 -- the procedure created by the expander that corresponds to a
681 -- task body. In this case, there's nothing to be done.
683 -- See related code in System.Tasking.Stages.Create_Task resetting
684 -- Deferral_Level when System.Restrictions.Abort_Allowed is False.
701 --------------------------
702 -- Wakeup_Entry_Caller --
703 --------------------------
705 -- This is called at the end of service of an entry call, to abort the
706 -- caller if he is in an abortable part, and to wake up the caller if it
707 -- is on Entry_Caller_Sleep. It assumes that the call is already off-queue.
709 -- (This enforces the rule that a task must be off-queue if its state is
710 -- Done or Cancelled.) Call it holding the lock of Entry_Call.Self.
712 -- Timed_Call or Simple_Call:
713 -- The caller is waiting on Entry_Caller_Sleep, in
714 -- Wait_For_Completion, or Wait_For_Completion_With_Timeout.
716 -- Conditional_Call:
717 -- The caller might be in Wait_For_Completion,
718 -- waiting for a rendezvous (possibly requeued without abort)
719 -- to complete.
721 -- Asynchronous_Call:
722 -- The caller may be executing in the abortable part o
723 -- an async. select, or on a time delay,
724 -- if Entry_Call.State >= Was_Abortable.
726 procedure Wakeup_Entry_Caller
730 is
733 begin
744 -- Abort the caller in his abortable part, but do so only if call has
745 -- been queued abortably.
756 -------------------------
757 -- Finalize_Attributes --
758 -------------------------
763 begin
774 begin
775 Init_RTS;