Re: Ravenscar - program termination

[Niklas Holsti <niklas.holsti@nospam.please>]

Ludovic Brenta wrote:
> Niklas Holsti writes:
> 
>>If Ravenscar really requires that the main procedure be
>>non-terminating, I'm happy to learn that. From a very formal point
>>of view I guess this requirement means that the kernel need not
>>implement "await for task termination" even in the environment task.
> 
> 
> Indeed, one of Ravenscar's goals is to make the necessary kernel easy
> to certify to the most stringent safety standards.  As with all
> high-integrity software, the best way to achieve this is to make
> things small and simple.  So, not only does Ravenscar avoid the need
> to wait for task termination [snip]...

Yes, but waiting for task termination in a Ravenscar environment task, 
after calling the main procedure, is surely very simple:

    if (there are any tasks in the system) then
       -- The tasks will never terminate.
       loop null; end loop;
    else
       (error because the environment task is terminating)
    end if;

> Ravenscar is beautiful, IMHO.

I agree with that.

-- 
Niklas Holsti
Tidorum Ltd
niklas holsti tidorum fi
       .      @       .