From: Mats Weber <Mats.Weber@elca-matrix.ch>
Subject: Re: Blocking protected ops (was: Tasks and C/C++ code)
Date: 1998/11/25
Date: 1998-11-25T00:00:00+00:00 [thread overview]
Message-ID: <365BE117.59209A5@elca-matrix.ch> (raw)
In-Reply-To: EACHUS.98Nov24143823@spectre.mitre.org
"Robert I. Eachus" wrote:
>
> In article <365AD980.5729FCD8@elca-matrix.ch> Mats Weber <Mats.Weber@elca-matrix.ch> writes:
>
> > Anyway, the question remains: is it legal for a protected body to call
> > some imported subprogram that could block (in the pthreads sense of the
> > term) ?
>
> You quoted the answer yourself, it is a bounded error per
> 9.5.1(8&16) seem to cover it completely.
I don't think so. Look closely at 9.5.1(16&18). Subprograms imported
with pragma Import are not covered.
> > Does someone know why the rule 9.5.1(8-18) is there at all ?
>
> To rigorously define the conditions where you should allow for
> the possibility of deadlocks and other blocking problems. Some
> deadlocks (or worse, race conditions) can't be ruled out, because they
> are inherent in the nature of the beast. Subclause 9.5.1 limits the
> number of programs that are potentially affected by this, in part by
> strongly encouraging programmers not to do that!
I still don't see why an accept statement is allowed to contain a
potentially blocking call, but a protected procedure is not.
To me, this looks a little like incorrect order dependences in Ada 83,
where the compiler was allowed to raise Program_Error if it detected
one, but it is generally not able to detect them. How could a protected
body detect that a blocking operation is being called, if that operation
was imported ?
> This is a perfect example. Most compilers will generate code to
> call gethostbyname within a protected subprogram, but most users will
> be encouraged by the RM to do it right. In this case really right is
> probably to put the potentially offensive call in a task (or protected
> object) that encapsulates all potentially locking OS calls. [...]
I think this should be a task, but _not_ a protected object. If you want
to use a protected object and not call gethostbyname from within the
protected body, you have to make two calls:
Semaphore.Seize; -- Semaphore is a protected object
gethostbyname();
Semaphore.Release;
which seems silly because you need two protected calls.
next prev parent reply other threads:[~1998-11-25 0:00 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
1998-11-09 0:00 Tasks and C/C++ code Barry L. Dorough
1998-11-09 0:00 ` Mats Weber
1998-11-10 0:00 ` dennison
1998-11-11 0:00 ` dbotton
1998-11-11 0:00 ` Barry L. Dorough
1998-11-11 0:00 ` dennison
1998-11-12 0:00 ` Jerry van Dijk
1998-11-13 0:00 ` Mats Weber
1998-11-11 0:00 ` dennison
1998-11-18 0:00 ` Samuel Tardieu
1998-11-19 0:00 ` Mats Weber
1998-11-20 0:00 ` Samuel Tardieu
1998-11-23 0:00 ` Mats Weber
1998-11-23 0:00 ` Tom Moran
1998-11-24 0:00 ` Blocking protected ops (was: Tasks and C/C++ code) Mats Weber
1998-11-24 0:00 ` Robert I. Eachus
1998-11-25 0:00 ` Mats Weber [this message]
1998-11-25 0:00 ` Jean-Pierre Rosen
1998-11-27 0:00 ` Mats Weber
1998-11-25 0:00 ` Robert I. Eachus
1998-11-26 0:00 ` Simon Wright
1998-11-27 0:00 ` David Botton
1998-11-27 0:00 ` Tom Moran
1998-11-27 0:00 ` Jerry van Dijk
1998-11-28 0:00 ` Tom Moran
1998-11-27 0:00 ` Mats Weber
1998-11-29 0:00 ` Tucker Taft
1998-11-30 0:00 ` Simon Wright
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox