| blob | fae86d65b1d98a9f24d7efbe349371465c5b5db1 |
1 ------------------------------------------------------------------------------
2 -- --
3 -- GNU ADA RUN-TIME LIBRARY (GNARL) COMPONENTS --
4 -- --
5 -- S Y S T E M . T A S K _ P R I M I T I V E S .O P E R A T I O N S --
6 -- --
7 -- S p e c --
8 -- --
9 -- --
10 -- Copyright (C) 1992-2001, Free Software Foundation, Inc. --
11 -- --
12 -- GNARL is free software; you can redistribute it and/or modify it under --
13 -- terms of the GNU General Public License as published by the Free Soft- --
14 -- ware Foundation; either version 2, or (at your option) any later ver- --
15 -- sion. GNARL is distributed in the hope that it will be useful, but WITH- --
16 -- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY --
17 -- or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License --
18 -- for more details. You should have received a copy of the GNU General --
19 -- Public License distributed with GNARL; see file COPYING. If not, write --
20 -- to the Free Software Foundation, 59 Temple Place - Suite 330, Boston, --
21 -- MA 02111-1307, USA. --
22 -- --
23 -- As a special exception, if other files instantiate generics from this --
24 -- unit, or you link this unit with other files to produce an executable, --
25 -- this unit does not by itself cause the resulting executable to be --
26 -- covered by the GNU General Public License. This exception does not --
27 -- however invalidate any other reasons why the executable file might be --
28 -- covered by the GNU Public License. --
29 -- --
30 -- GNARL was developed by the GNARL team at Florida State University. It is --
31 -- now maintained by Ada Core Technologies, Inc. (http://www.gnat.com). --
32 -- --
33 ------------------------------------------------------------------------------
35 -- This package contains all the GNULL primitives that interface directly
36 -- with the underlying OS.
39 -- used for Size_Type
42 -- used for Task_ID
45 -- used for Thread_Id
55 -- This must be called once, before any other subprograms of this
56 -- package are called.
58 procedure Create_Task
65 -- Create a new low-level task with ST.Task_ID T and place other needed
66 -- information in the ATCB.
67 --
68 -- A new thread of control is created, with a stack of at least Stack_Size
69 -- storage units, and the procedure Wrapper is called by this new thread
70 -- of control. If Stack_Size = Unspecified_Storage_Size, choose a default
71 -- stack size; this may be effectively "unbounded" on some systems.
72 --
73 -- The newly created low-level task is associated with the ST.Task_ID T
74 -- such that any subsequent call to Self from within the context of the
75 -- low-level task returns T.
76 --
77 -- The caller is responsible for ensuring that the storage of the Ada
78 -- task control block object pointed to by T persists for the lifetime
79 -- of the new task.
80 --
81 -- Succeeded is set to true unless creation of the task failed,
82 -- as it may if there are insufficient resources to create another task.
86 -- Initialize data structures specific to the calling task.
87 -- Self must be the ID of the calling task.
88 -- It must be called (once) by the task immediately after creation,
89 -- while abortion is still deferred.
90 -- The effects of other operations defined below are not defined
91 -- unless the caller has previously called Initialize_Task.
95 -- Destroy the thread of control.
96 -- Self must be the ID of the calling task.
97 -- The effects of further calls to operations defined below
98 -- on the task are undefined thereafter.
102 -- Allocate a new ATCB with the specified number of entries.
106 -- Initialize all fields of the TCB
110 -- Finalizes Private_Data of ATCB, and then deallocates it.
111 -- This is also responsible for recovering any storage or other resources
112 -- that were allocated by Create_Task (the one in this package).
113 -- This should only be called from Free_Task.
114 -- After it is called there should be no further
115 -- reference to the ATCB that corresponds to T.
119 -- Abort the task specified by T (the target task). This causes
120 -- the target task to asynchronously raise Abort_Signal if
121 -- abort is not deferred, or if it is blocked on an interruptible
122 -- system call.
123 --
124 -- precondition:
125 -- the calling task is holding T's lock and has abort deferred
126 --
127 -- postcondition:
128 -- the calling task is holding T's lock and has abort deferred.
130 -- ??? modify GNARL to skip wakeup and always call Abort_Task
134 -- Return a pointer to the Ada Task Control Block of the calling task.
138 Global_Task_Level,
139 RTS_Lock_Level,
140 ATCB_Level);
141 -- Type used to describe kind of lock for second form of Initialize_Lock
142 -- call specified below.
143 -- See locking rules in System.Tasking (spec) for more details.
148 -- Initialize a lock object.
149 --
150 -- For Lock, Prio is the ceiling priority associated with the lock.
151 -- For RTS_Lock, the ceiling is implicitly Priority'Last.
152 --
153 -- If the underlying system does not support priority ceiling
154 -- locking, the Prio parameter is ignored.
155 --
156 -- The effect of either initialize operation is undefined unless L
157 -- is a lock object that has not been initialized, or which has been
158 -- finalized since it was last initialized.
159 --
160 -- The effects of the other operations on lock objects
161 -- are undefined unless the lock object has been initialized
162 -- and has not since been finalized.
163 --
164 -- Initialization of the per-task lock is implicit in Create_Task.
165 --
166 -- These operations raise Storage_Error if a lack of storage is detected.
171 -- Finalize a lock object, freeing any resources allocated by the
172 -- corresponding Initialize_Lock operation.
178 -- Lock a lock object for write access. After this operation returns,
179 -- the calling task holds write permission for the lock object. No other
180 -- Write_Lock or Read_Lock operation on the same lock object will return
181 -- until this task executes an Unlock operation on the same object. The
182 -- effect is undefined if the calling task already holds read or write
183 -- permission for the lock object L.
184 --
185 -- For the operation on Lock, Ceiling_Violation is set to true iff the
186 -- operation failed, which will happen if there is a priority ceiling
187 -- violation.
188 --
189 -- For the operation on RTS_Lock, Global_Lock should be set to True
190 -- if L is a global lock (Single_RTS_Lock, Global_Task_Lock).
191 --
192 -- For the operation on ST.Task_ID, the lock is the special lock object
193 -- associated with that task's ATCB. This lock has effective ceiling
194 -- priority high enough that it is safe to call by a task with any
195 -- priority in the range System.Priority. It is implicitly initialized
196 -- by task creation. The effect is undefined if the calling task already
197 -- holds T's lock, or has interrupt-level priority. Finalization of the
198 -- per-task lock is implicit in Exit_Task.
202 -- Lock a lock object for read access. After this operation returns,
203 -- the calling task has non-exclusive read permission for the logical
204 -- resources that are protected by the lock. No other Write_Lock operation
205 -- on the same object will return until this task and any other tasks with
206 -- read permission for this lock have executed Unlock operation(s) on the
207 -- lock object. A Read_Lock for a lock object may return immediately while
208 -- there are tasks holding read permission, provided there are no tasks
209 -- holding write permission for the object. The effect is undefined if
210 -- the calling task already holds read or write permission for L.
211 --
212 -- Alternatively: An implementation may treat Read_Lock identically to
213 -- Write_Lock. This simplifies the implementation, but reduces the level
214 -- of concurrency that can be achieved.
215 --
216 -- Note that Read_Lock is not defined for RT_Lock and ST.Task_ID.
217 -- That is because (1) so far Read_Lock has always been implemented
218 -- the same as Write_Lock, (2) most lock usage inside the RTS involves
219 -- potential write access, and (3) implementations of priority ceiling
220 -- locking that make a reader-writer distinction have higher overhead.
226 -- Unlock a locked lock object.
227 --
228 -- The effect is undefined unless the calling task holds read or write
229 -- permission for the lock L, and L is the lock object most recently
230 -- locked by the calling task for which the calling task still holds
231 -- read or write permission. (That is, matching pairs of Lock and Unlock
232 -- operations on each lock object must be properly nested.)
234 -- For the operation on RTS_Lock, Global_Lock should be set to True
235 -- if L is a global lock (Single_RTS_Lock, Global_Task_Lock).
236 --
237 -- Note that Write_Lock for RTS_Lock does not have an out-parameter.
238 -- RTS_Locks are used in situations where we have not made provision
239 -- for recovery from ceiling violations. We do not expect them to
240 -- occur inside the runtime system, because all RTS locks have ceiling
241 -- Priority'Last.
243 -- There is one way there can be a ceiling violation.
244 -- That is if the runtime system is called from a task that is
245 -- executing in the Interrupt_Priority range.
247 -- It is not clear what to do about ceiling violations due
248 -- to RTS calls done at interrupt priority. In general, it
249 -- is not acceptable to give all RTS locks interrupt priority,
250 -- since that whould give terrible performance on systems where
251 -- this has the effect of masking hardware interrupts, though we
252 -- could get away with allowing Interrupt_Priority'last where we
253 -- are layered on an OS that does not allow us to mask interrupts.
254 -- Ideally, we would like to raise Program_Error back at the
255 -- original point of the RTS call, but this would require a lot of
256 -- detailed analysis and recoding, with almost certain performance
257 -- penalties.
259 -- For POSIX systems, we considered just skipping setting a
260 -- priority ceiling on RTS locks. This would mean there is no
261 -- ceiling violation, but we would end up with priority inversions
262 -- inside the runtime system, resulting in failure to satisfy the
263 -- Ada priority rules, and possible missed validation tests.
264 -- This could be compensated-for by explicit priority-change calls
265 -- to raise the caller to Priority'Last whenever it first enters
266 -- the runtime system, but the expected overhead seems high, though
267 -- it might be lower than using locks with ceilings if the underlying
268 -- implementation of ceiling locks is an inefficient one.
270 -- This issue should be reconsidered whenever we get around to
271 -- checking for calls to potentially blocking operations from
272 -- within protected operations. If we check for such calls and
273 -- catch them on entry to the OS, it may be that we can eliminate
274 -- the possibility of ceiling violations inside the RTS. For this
275 -- to work, we would have to forbid explicitly setting the priority
276 -- of a task to anything in the Interrupt_Priority range, at least.
277 -- We would also have to check that there are no RTS-lock operations
278 -- done inside any operations that are not treated as potentially
279 -- blocking.
281 -- The latter approach seems to be the best, i.e. to check on entry
282 -- to RTS calls that may need to use locks that the priority is not
283 -- in the interrupt range. If there are RTS operations that NEED to
284 -- be called from interrupt handlers, those few RTS locks should then
285 -- be converted to PO-type locks, with ceiling Interrupt_Priority'Last.
287 -- For now, we will just shut down the system if there is a
288 -- ceiling violation.
292 -- Yield the processor. Add the calling task to the tail of the
293 -- ready queue for its active_priority.
294 -- The Do_Yield argument is only used in some very rare cases very
295 -- a yield should have an effect on a specific target and not on regular
296 -- ones.
298 procedure Set_Priority
303 -- Set the priority of the task specified by T to T.Current_Priority.
304 -- The priority set is what would correspond to the Ada concept of
305 -- "base priority" in the terms of the lower layer system, but
306 -- the operation may be used by the upper layer to implement
307 -- changes in "active priority" that are not due to lock effects.
308 -- The effect should be consistent with the Ada Reference Manual.
309 -- In particular, when a task lowers its priority due to the loss of
310 -- inherited priority, it goes at the head of the queue for its new
311 -- priority (RM D.2.2 par 9).
312 -- Loss_Of_Inheritance helps the underlying implementation to do it
313 -- right when the OS doesn't.
317 -- Returns the priority last set by Set_Priority for this task.
321 -- Returns "absolute" time, represented as an offset
322 -- relative to "the Epoch", which is Jan 1, 1970.
323 -- This clock implementation is immune to the system's clock changes.
327 -- Returns the resolution of the underlying clock used to implement
328 -- RT_Clock.
330 ----------------
331 -- Extensions --
332 ----------------
334 -- Whoever calls either of the Sleep routines is responsible
335 -- for checking for pending aborts before the call.
336 -- Pending priority changes are handled internally.
338 procedure Sleep
342 -- Wait until the current task, T, is signaled to wake up.
343 --
344 -- precondition:
345 -- The calling task is holding its own ATCB lock
346 -- and has abort deferred
347 --
348 -- postcondition:
349 -- The calling task is holding its own ATCB lock
350 -- and has abort deferred.
352 -- The effect is to atomically unlock T's lock and wait, so that another
353 -- task that is able to lock T's lock can be assured that the wait has
354 -- actually commenced, and that a Wakeup operation will cause the waiting
355 -- task to become ready for execution once again. When Sleep returns,
356 -- the waiting task will again hold its own ATCB lock. The waiting task
357 -- may become ready for execution at any time (that is, spurious wakeups
358 -- are permitted), but it will definitely become ready for execution when
359 -- a Wakeup operation is performed for the same task.
361 procedure Timed_Sleep
368 -- Combination of Sleep (above) and Timed_Delay
370 procedure Timed_Delay
374 -- Implements the semantics of the delay statement. It is assumed that
375 -- the caller is not abort-deferred and does not hold any locks.
377 procedure Wakeup
381 -- Wake up task T if it is waiting on a Sleep call (of ordinary
382 -- or timed variety), making it ready for execution once again.
383 -- If the task T is not waiting on a Sleep, the operation has no effect.
387 -- returns the task ID of the environment task
388 -- Consider putting this into a variable visible directly
389 -- by the rest of the runtime system. ???
392 -- returns the thread id of the specified task.
394 -----------------------
395 -- RTS Entrance/Exit --
396 -----------------------
398 -- Following two routines are used for possible operations needed
399 -- to be setup/cleared upon entrance/exit of RTS while maintaining
400 -- a single thread of control in the RTS. Since we intend these
401 -- routines to be used for implementing the Single_Lock RTS,
402 -- Lock_RTS should follow the first Defer_Abortion operation
403 -- entering RTS. In the same fashion Unlock_RTS should preceed
404 -- the last Undefer_Abortion exiting RTS.
405 --
406 -- These routines also replace the functions Lock/Unlock_All_Tasks_List
409 -- Take the global RTS lock.
412 -- Release the global RTS lock.
414 --------------------
415 -- Stack Checking --
416 --------------------
418 -- Stack checking in GNAT is done using the concept of stack probes. A
419 -- stack probe is an operation that will generate a storage error if
420 -- an insufficient amount of stack space remains in the current task.
422 -- The exact mechanism for a stack probe is target dependent. Typical
423 -- possibilities are to use a load from a non-existent page, a store
424 -- to a read-only page, or a comparison with some stack limit constant.
425 -- Where possible we prefer to use a trap on a bad page access, since
426 -- this has less overhead. The generation of stack probes is either
427 -- automatic if the ABI requires it (as on for example DEC Unix), or
428 -- is controlled by the gcc parameter -fstack-check.
430 -- When we are using bad-page accesses, we need a bad page, called a
431 -- guard page, at the end of each task stack. On some systems, this
432 -- is provided automatically, but on other systems, we need to create
433 -- the guard page ourselves, and the procedure Stack_Guard is provided
434 -- for this purpose.
437 -- Ensure guard page is set if one is needed and the underlying thread
438 -- system does not provide it. The procedure is as follows:
439 --
440 -- 1. When we create a task adjust its size so a guard page can
441 -- safely be set at the bottom of the stack
442 --
443 -- 2. When the thread is created (and its stack allocated by the
444 -- underlying thread system), get the stack base (and size, depending
445 -- how the stack is growing), and create the guard page taking care of
446 -- page boundaries issues.
447 --
448 -- 3. When the task is destroyed, remove the guard page.
449 --
450 -- If On is true then protect the stack bottom (i.e make it read only)
451 -- else unprotect it (i.e. On is True for the call when creating a task,
452 -- and False when a task is destroyed).
453 --
454 -- The call to Stack_Guard has no effect if guard pages are not used on
455 -- the target, or if guard pages are automatically provided by the system.
457 -----------------------------------------
458 -- Runtime System Debugging Interfaces --
459 -----------------------------------------
461 -- These interfaces have been added to assist in debugging the
462 -- tasking runtime system.
466 -- Check that the current task is holding only Global_Task_Lock.
470 -- Check that current task is holding no locks.
472 function Suspend_Task
476 -- Suspend a specific task when the underlying thread library provides
477 -- such functionality, unless the thread associated with T is Thread_Self.
478 -- Such functionality is needed by gdb on some targets (e.g VxWorks)
479 -- Return True is the operation is successful
481 function Resume_Task
485 -- Resume a specific task when the underlying thread library provides
486 -- such functionality, unless the thread associated with T is Thread_Self.
487 -- Such functionality is needed by gdb on some targets (e.g VxWorks)
488 -- Return True is the operation is successful