| Ada 95 Quality and Style Guide | Chapter 6 |
6.2.3 Attributes 'Count, 'Callable, and 'Terminatedguideline
Do not depend on the values of the task attributes 'Callable or 'Terminated ( Nissen and Wallis 1984).
Do not depend on attributes to avoid Tasking_Error on an entry call.
For tasks, do not depend on the value of the entry attribute 'Count.
Using the 'Count attribute with protected entries is more reliable than using the 'Count attribute with task entries. example
In the following examples, Dispatch'Callable is a Boolean expression, indicating whether a call can be made to the task Intercept without raising the exception Tasking_Error. Dispatch'Count indicates the number of callers currently waiting at entry Transmit. Dispatch'Terminated is a Boolean expression, indicating whether the task Dispatch is in a terminated state.
This task is badly programmed because it relies upon the values of the 'Count attributes not changing between evaluating and acting upon them:
--------------------------------------------------------------------- task body Dispatch is ... select when Transmit'Count > 0 and Receive'Count = 0 => accept Transmit; ... or accept Receive; ... end select; ... end Dispatch; ---------------------------------------------------------------------If the following code is preempted between evaluating the condition and initiating the call, the assumption that the task is still callable might no longer be valid:
... if Dispatch'Callable then Dispatch.Receive; end if; ...rationale
Attributes 'Callable, 'Terminated, and 'Count are all subject to race conditions. Between the time you reference an attribute and the time you take action, the value of the attribute might change. Attributes 'Callable and 'Terminated convey reliable information once they become False and True, respectively. If 'Callable is False, you can expect the callable state to remain constant. If 'Terminated is True, you can expect the task to remain terminated. Otherwise, 'Terminated and 'Callable can change between the time your code tests them and the time it responds to the result.
The Ada Reference Manual (1995, §9.9) itself warns about the asynchronous increase and decrease of the value of 'Count. A task can be removed from an entry queue due to execution of an abort statement as well as expiration of a timed entry call. The use of this attribute in guards of a selective accept statement might result in the opening of alternatives that should not be opened under a changed value of 'Count.
The value of the attribute 'Count is stable for protected units because any change to an entry queue is itself a protected action, which will not occur while any other protected action is already proceeding. Nevertheless, when you use 'Count within an entry barrier of a protected unit, you should remember that the condition of the barrier is evaluated both before and after queueing a given caller.
| < Previous Page | Search | Contents | Index | Next Page > |
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| TOC | TOC | TOC | TOC | TOC | TOC | TOC | TOC | TOC | TOC | TOC |
| Appendix | References | Bibliography |