THE SUPERVISOR INTERFACE 91 Parameters are also passed that are used by CHILD TASK to start up the new task as

Aborting Task Aborted Tasks Dependents of Aborted Tasks

4.6. THE SUPERVISOR INTERFACE 91 Parameters are also passed that are used by CHILD TASK to start up the new task as

a separate thread of control. The execution entry point of the new dependent is passed in DEP ENTRY ADDR. GLOBAL FRAME PTR is the address of the activation record for the declarative part which contains the declaration of the body of the new dependent. The number of bytes to be allocated for the execution stack of the new dependent is passed in DEP STACK SIZE. The priority of the task is passed in DEP PRIORITY the Supervisor currently ignores this information. If the task is a single task or a task declared by an object declaration, then the IMMEDIATE parameter is set to FALSE. Otherwise, the IMMEDI- ATE parameter is set to TRUE, indicating that the task is to begin activation immediately in this case CHILD TASK subsumes the functionality of the ACTIVATE TASK procedure described below. In addition, the PRE BODY parameter indicates whether or not the task is being activated before its body has been elaborated this can occur only in the situation when a task is activated through execution of an allocator within the same declarative part that contains the declaration of its body.

CHILD TASK updates the task maps as described in Section 4.4 and assigns the new dependent to a system node, sending a NEW TASK MSG to a remote supervisor copy if necessary (see Section 4.5.2). The task activation semantics of Ada are enforced by the ACTIVATE TASK procedure and ELABORATE TASK function, described in the next two sections. Characteristics of CHILD TASK which are a consequence of the semantics of Ada are formally specied in Anna in Figure 39.

An overloading of CHILD TASK that returns a TASK NAME ARRAY is also supplied this form of CHILD TASK is used to activate an array of tasks. The number of new tasks to be activated is given by an extra

in

-mode parameter called DEPENDENT COUNT.

4.6.12 The ACTIVATE TASK Procedure

The ACTIVATE TASK procedure is executed at the end of every declarative part (i.e, as the rst action following the reserved word

begin

). Its declaration is shown in Figure 40. Its purpose is to enforce the task activation semantics of Ada, which requires that all dependents of a scope nish their activation before execution of the body of the scope may proceed. The procedure initiates the dependent activation message sequence of the Weath- erly protocol the ELABORATE TASK function described below carries out the remaining communication of this sequence. MY NAME is the identier of the task which is activating new dependents.

procedure ACTIVATE TASK (MYNAME : in TASK NAME ABORTED : outBOOLEAN MY NODE : in NODE IDTYPE) ;;jwhere

;; MY NAME's scope is unchanged:

;;j CURRENT SCOPE (MY NAME)= inCURRENT SCOPE (MYNAME), ;; An aborted task is no longer CALLABLE:

;;j out(ABORTED ;

>

;;j (for all T1 : TASK NAME N1: NODE IDTYPE =

>

;;j notCALLABLEATTR(T1,MY NAME, N1))),

;; Failed activation of a dependent causes propagation of TASKING ERROR: ;;j raiseTASKING ERROR

Figure 40: The Supervisor ACTIVATE TASK Procedure.

function ELABORATE TASK (MYNAME : in TASK NAME MYNODE : in NODE ID TYPE) returnNODE ID TYPE

;;jwhere

;; MY NAME is executing its outermost scope (scope 0): ;;j CURRENT SCOPE (MY NAME)=0,

;;j returnMY NODE

Figure 41: The Supervisor ELABORATE TASK Function.

4.6.13 The ELABORATE TASK Function

The ELABORATE TASK function is executed at the beginning of the outermost declarative part of each task the function returns the value of the MY NODE parameter. The declaration of this function is shown in Figure 41. Its purpose is to block execution of the calling task, MY NAME, until its master reaches the appropriate point for its activation. ELABORATE TASK carries out the remaining communication of the task activation message sequence of the Weatherly protocol.

4.6. THE SUPERVISOR INTERFACE 93

procedure TERMINATE TASK (MYNAME : in TASK NAME ABORTED : in BOOLEAN) MY NODE : in NODE IDTYPE) ;;jwhere

;; MY NAME's scope level number is decremented if ;; the current scope is not the outermost scope: ;;j out(inCURRENT SCOPE (MYNAME)

>

0 ;

>

;;j CURRENT SCOPE (MYNAME) =

;;j in CURRENT SCOPE (MY NAME);1),

;; If the current scope is the outermost scope, then evaluation of

;; CALLABLE and TERMINATED on MY NAME must yield

;; the values FALSE and TRUE, respectively:

;;j out(inCURRENT SCOPE (MYNAME) =0 ;

>

;;j for all T1 : TASK NAMEN1: NODE IDTYPE =

>

;;j notCALLABLEATTR (T1,MY NAME,N1) and ;;j TERMINATEDATTR(T1,MY NAME, N1)))

Figure 42: The Supervisor TERMINATE TASK Procedure.

4.6.14 The TERMINATE TASK Procedure

The TERMINATE TASK procedure, shown in Figure 42, is executed at the end of every declarative region (i.e, as the last action preceding the reserved word

end

). The main purpose of TERMINATE TASK is to block the calling task (MY NAME) at the end of a scope until all dependents of the scope have terminated. If the scope level of MY NAME is 0, the outermost scope level, then MY NAME is also terminated otherwise, the scope level number of MY NAME is decremented.

4.6.15 The ABORT TASKS Procedure

The

abort

statement is compiled into a call to the ABORT TASK procedure, whose declaration is shown in Figure 43. The ABORT TASK procedure of Weatherly's supervisor has been enhanced to accept in an array the names of all tasks named in an

abort

statement. Because a reply must be received from each aborted task, compilation of an

abort

N

tasks into

N

sequential calls to Weatherly's ABORT TASK procedure would be extremely inecient, since after sending an ABORT TASK MSG to a task, an ABORT REPLY MSG must be received before another ABORT TASK MSG can be sent. With the modication,

procedure ABORT TASKS (MYNAME : in TASK NAME

VICTIMS : in TASK NAME ARRAY ABORTED : out BOOLEAN

MY NODE : in out NODE IDTYPE) ;;jwhere

;; MY NAME's scope is unchanged:

;;j CURRENT SCOPE (MY NAME)= inCURRENT SCOPE (MYNAME), ;; If MY NAME is aborting itself, then ABORTED must be TRUE:

;;j out((exist I1: VICTIMS'RANGE=

>

MY NAME =VICTIMS(I1)) ;

>

;;j ABORTED),

;; Aborted tasks are no longer CALLABLE: ;;j out(ABORTED ;

>

;;j (for all T1 : TASK NAME N1: NODE IDTYPE =

>

;;j notCALLABLEATTR(T1,MY NAME, N1))), ;;j out(notABORTED ;

>

;;j (for all T1, T2: TASK NAME N1: NODE IDTYPE =

>

;;j (exist I1: VICTIMS'RANGE =

>

T2= VICTIMS(I1));

>

;;j not CALLABLEATTR (T1,T2, N1)))

Figure 43: The Supervisor ABORT TASKS Procedure.

all ABORT TASK MSGs can be sent simultaneously, allowing the responses to the messages to be received in parallel.

The identier of the task executing the

abort

statement is passed in MY NAME the identiers of the aborted tasks are passed in the VICTIMS array. Since an

abort

statement is a synchronization point for completion of an abnormal task, an ABORTED parameter is provided. This will be set to TRUE if either MY NAME is ABNORMAL upon input to the procedure, if MY NAME is ABNORMAL upon exit from the procedure, or if MY NAME is a component of VICTIMS. In the rst case, the

abort

statement is not carried out in the latter two cases, all VICTIMS are aborted. ABORT TASK initiates the abort message sequence described in Section 4.5.7. Characteristics of ABORT TASK which are a consequence of the semantics of Ada are formally specied in Anna in Figure 43.

4.6.16 The DELAY TASK Procedure

In document Design and verification of distributed tasking supervisors for concurrent programming languages (Page 109-113)