1------------------------------------------------------------------------------ 2-- -- 3-- GNAT COMPILER COMPONENTS -- 4-- -- 5-- S Y S T E M . R I D E N T -- 6-- -- 7-- S p e c -- 8-- -- 9-- Copyright (C) 1992-2019, Free Software Foundation, Inc. -- 10-- -- 11-- GNAT is free software; you can redistribute it and/or modify it under -- 12-- terms of the GNU General Public License as published by the Free Soft- -- 13-- ware Foundation; either version 3, or (at your option) any later ver- -- 14-- sion. GNAT is distributed in the hope that it will be useful, but WITH- -- 15-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -- 16-- or FITNESS FOR A PARTICULAR PURPOSE. -- 17-- -- 18-- As a special exception under Section 7 of GPL version 3, you are granted -- 19-- additional permissions described in the GCC Runtime Library Exception, -- 20-- version 3.1, as published by the Free Software Foundation. -- 21-- -- 22-- You should have received a copy of the GNU General Public License and -- 23-- a copy of the GCC Runtime Library Exception along with this program; -- 24-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see -- 25-- <http://www.gnu.org/licenses/>. -- 26-- -- 27-- GNAT was originally developed by the GNAT team at New York University. -- 28-- Extensive contributions were provided by Ada Core Technologies Inc. -- 29-- -- 30------------------------------------------------------------------------------ 31 32-- This package defines the set of restriction identifiers. It is a generic 33-- package that is instantiated by the compiler/binder in package Rident, and 34-- is instantiated in package System.Restrictions for use at run-time. 35 36-- The reason that we make this a generic package is so that in the case of 37-- the instantiation in Rident for use at compile time and bind time, we can 38-- generate normal image tables for the enumeration types, which are needed 39-- for diagnostic and informational messages. At run-time we really do not 40-- want to waste the space for these image tables, and they are not needed, 41-- so we can do the instantiation under control of Discard_Names to remove 42-- the tables. 43 44--------------------------------------------------- 45-- Note On Compile/Run-Time Consistency Checking -- 46--------------------------------------------------- 47 48-- This unit is with'ed by the run-time (to make System.Restrictions which is 49-- used for run-time access to restriction information), by the compiler (to 50-- determine what restrictions are implemented and what their category is) and 51-- by the binder (in processing ali files, and generating the information used 52-- at run-time to access restriction information). 53 54-- Normally the version of System.Rident referenced in all three contexts 55-- should be the same. However, problems could arise in certain inconsistent 56-- builds that used inconsistent versions of the compiler and run-time. This 57-- sort of thing is not strictly correct, but it does arise when short-cuts 58-- are taken in build procedures. 59 60-- Previously, this kind of inconsistency could cause a significant problem. 61-- If versions of System.Rident accessed by the compiler and binder differed, 62-- then the binder could fail to recognize the R (restrictions line) in the 63-- ali file, leading to bind errors when restrictions were added or removed. 64 65-- The latest implementation avoids both this problem by using a named 66-- scheme for recording restrictions, rather than a positional scheme which 67-- fails completely if restrictions are added or subtracted. Now the worst 68-- that happens at bind time in inconsistent builds is that unrecognized 69-- restrictions are ignored, and the consistency checking for restrictions 70-- might be incomplete, which is no big deal. 71 72pragma Compiler_Unit_Warning; 73 74generic 75package System.Rident is 76 pragma Preelaborate; 77 78 -- The following enumeration type defines the set of restriction 79 -- identifiers that are implemented in GNAT. 80 81 -- To add a new restriction identifier, add an entry with the name to be 82 -- used in the pragma, and add calls to the Restrict.Check_Restriction 83 -- routine as appropriate. 84 85 type Restriction_Id is 86 87 -- The following cases are checked for consistency in the binder. The 88 -- binder will check that every unit either has the restriction set, or 89 -- does not violate the restriction. 90 91 (Simple_Barriers, -- Ada 2012 (D.7 (10.9/3)) 92 Pure_Barriers, -- GNAT 93 No_Abort_Statements, -- (RM D.7(5), H.4(3)) 94 No_Access_Parameter_Allocators, -- Ada 2012 (RM H.4 (8.3/3)) 95 No_Access_Subprograms, -- (RM H.4(17)) 96 No_Allocators, -- (RM H.4(7)) 97 No_Anonymous_Allocators, -- Ada 2012 (RM H.4(8/1)) 98 No_Asynchronous_Control, -- (RM J.13(3/2) 99 No_Calendar, -- GNAT 100 No_Coextensions, -- Ada 2012 (RM H.4(8.2/3)) 101 No_Default_Stream_Attributes, -- Ada 2012 (RM 13.12.1(4/2)) 102 No_Delay, -- (RM H.4(21)) 103 No_Direct_Boolean_Operators, -- GNAT 104 No_Dispatch, -- (RM H.4(19)) 105 No_Dispatching_Calls, -- GNAT 106 No_Dynamic_Attachment, -- Ada 2012 (RM E.7(10/3)) 107 No_Dynamic_Priorities, -- (RM D.9(9)) 108 No_Enumeration_Maps, -- GNAT 109 No_Entry_Calls_In_Elaboration_Code, -- GNAT 110 No_Entry_Queue, -- GNAT (Ravenscar) 111 No_Exception_Handlers, -- GNAT 112 No_Exception_Propagation, -- GNAT 113 No_Exception_Registration, -- GNAT 114 No_Exceptions, -- (RM H.4(12)) 115 No_Finalization, -- GNAT 116 No_Fixed_IO, -- GNAT 117 No_Fixed_Point, -- (RM H.4(15)) 118 No_Floating_Point, -- (RM H.4(14)) 119 No_IO, -- (RM H.4(20)) 120 No_Implicit_Conditionals, -- GNAT 121 No_Implicit_Dynamic_Code, -- GNAT 122 No_Implicit_Heap_Allocations, -- (RM D.8(8), H.4(3)) 123 No_Implicit_Task_Allocations, -- GNAT 124 No_Implicit_Protected_Object_Allocations, -- GNAT 125 No_Initialize_Scalars, -- GNAT 126 No_Local_Allocators, -- (RM H.4(8)) 127 No_Local_Timing_Events, -- (RM D.7(10.2/2)) 128 No_Local_Protected_Objects, -- Ada 2012 (D.7(10/1.3)) 129 No_Long_Long_Integers, -- GNAT 130 No_Multiple_Elaboration, -- GNAT 131 No_Nested_Finalization, -- (RM D.7(4)) 132 No_Protected_Type_Allocators, -- Ada 2012 (D.7 (10.3/2)) 133 No_Protected_Types, -- (RM H.4(5)) 134 No_Recursion, -- (RM H.4(22)) 135 No_Reentrancy, -- (RM H.4(23)) 136 No_Relative_Delay, -- Ada 2012 (D.7 (10.5/3)) 137 No_Requeue_Statements, -- Ada 2012 (D.7 (10.6/3)) 138 No_Secondary_Stack, -- GNAT 139 No_Select_Statements, -- Ada 2012 (D.7 (10.7/4)) 140 No_Specific_Termination_Handlers, -- (RM D.7(10.7/2)) 141 No_Standard_Allocators_After_Elaboration, -- Ada 2012 (RM D.7(19.1/2)) 142 No_Standard_Storage_Pools, -- GNAT 143 No_Stream_Optimizations, -- GNAT 144 No_Streams, -- GNAT 145 No_Task_Allocators, -- (RM D.7(7)) 146 No_Task_Attributes_Package, -- GNAT 147 No_Task_At_Interrupt_Priority, -- GNAT 148 No_Task_Hierarchy, -- (RM D.7(3), H.4(3)) 149 No_Task_Termination, -- GNAT (Ravenscar) 150 No_Tasking, -- GNAT 151 No_Terminate_Alternatives, -- (RM D.7(6)) 152 No_Unchecked_Access, -- (RM H.4(18)) 153 No_Unchecked_Conversion, -- (RM J.13(4/2)) 154 No_Unchecked_Deallocation, -- (RM J.13(5/2)) 155 Static_Priorities, -- GNAT 156 Static_Storage_Size, -- GNAT 157 158 -- The following require consistency checking with special rules. See 159 -- individual routines in unit Bcheck for details of what is required. 160 161 No_Default_Initialization, -- GNAT 162 163 -- The following cases do not require consistency checking and if used 164 -- as a configuration pragma within a specific unit, apply only to that 165 -- unit (e.g. if used in the package spec, do not apply to the body) 166 167 -- Note: No_Elaboration_Code is handled specially. Like the other 168 -- non-partition-wide restrictions, it can only be set in a unit that 169 -- is part of the extended main source unit (body/spec/subunits). But 170 -- it is sticky, in that if it is found anywhere within any of these 171 -- units, it applies to all units in this extended main source. 172 173 Immediate_Reclamation, -- (RM H.4(10)) 174 No_Dynamic_Sized_Objects, -- GNAT 175 No_Implementation_Aspect_Specifications, -- Ada 2012 AI-241 176 No_Implementation_Attributes, -- Ada 2005 AI-257 177 No_Implementation_Identifiers, -- Ada 2012 AI-246 178 No_Implementation_Pragmas, -- Ada 2005 AI-257 179 No_Implementation_Restrictions, -- GNAT 180 No_Implementation_Units, -- Ada 2012 AI-242 181 No_Implicit_Aliasing, -- GNAT 182 No_Implicit_Loops, -- GNAT 183 No_Elaboration_Code, -- GNAT 184 No_Obsolescent_Features, -- Ada 2005 AI-368 185 No_Wide_Characters, -- GNAT 186 Static_Dispatch_Tables, -- GNAT 187 SPARK_05, -- GNAT 188 189 -- The following cases require a parameter value 190 191 No_Specification_Of_Aspect, -- 2012 (RM 13.12.1 (6.1/3)) 192 No_Use_Of_Attribute, -- 2012 (RM 13.12.1 (6.2/3)) 193 No_Use_Of_Pragma, -- 2012 (RM 13.12.1 (6.3/3)) 194 195 -- The following entries are fully checked at compile/bind time, which 196 -- means that the compiler can in general tell the minimum value which 197 -- could be used with a restrictions pragma. The binder can deduce the 198 -- appropriate minimum value for the partition by taking the maximum 199 -- value required by any unit. 200 201 Max_Protected_Entries, -- (RM D.7(14)) 202 Max_Select_Alternatives, -- (RM D.7(12)) 203 Max_Task_Entries, -- (RM D.7(13), H.4(3)) 204 205 -- The following entries are also fully checked at compile/bind time, 206 -- and the compiler can also at least in some cases tell the minimum 207 -- value which could be used with a restriction pragma. The difference 208 -- is that the contributions are additive, so the binder deduces this 209 -- value by adding the unit contributions. 210 211 Max_Tasks, -- (RM D.7(19), H.4(3)) 212 213 -- The following entries are checked at compile time only for zero/ 214 -- nonzero entries. This means that the compiler can tell at compile 215 -- time if a restriction value of zero is (would be) violated, but that 216 -- the compiler cannot distinguish between different non-zero values. 217 218 Max_Asynchronous_Select_Nesting, -- (RM D.7(18), H.4(3)) 219 Max_Entry_Queue_Length, -- Ada 2012 (RM D.7 (19.1/2)) 220 221 -- The remaining entries are not checked at compile/bind time 222 223 Max_Storage_At_Blocking, -- (RM D.7(17)) 224 225 Not_A_Restriction_Id); 226 227 -- Synonyms permitted for historical purposes of compatibility. 228 -- Must be coordinated with Restrict.Process_Restriction_Synonym. 229 230 Boolean_Entry_Barriers : Restriction_Id renames Simple_Barriers; 231 Max_Entry_Queue_Depth : Restriction_Id renames Max_Entry_Queue_Length; 232 No_Dynamic_Interrupts : Restriction_Id renames No_Dynamic_Attachment; 233 No_Requeue : Restriction_Id renames No_Requeue_Statements; 234 No_Task_Attributes : Restriction_Id renames No_Task_Attributes_Package; 235 SPARK : Restriction_Id renames SPARK_05; 236 237 subtype All_Restrictions is Restriction_Id range 238 Simple_Barriers .. Max_Storage_At_Blocking; 239 -- All restrictions (excluding only Not_A_Restriction_Id) 240 241 subtype All_Boolean_Restrictions is Restriction_Id range 242 Simple_Barriers .. SPARK_05; 243 -- All restrictions which do not take a parameter 244 245 subtype Partition_Boolean_Restrictions is All_Boolean_Restrictions range 246 Simple_Barriers .. Static_Storage_Size; 247 -- Boolean restrictions that are checked for partition consistency. 248 -- Note that all parameter restrictions are checked for partition 249 -- consistency by default, so this distinction is only needed in the 250 -- case of Boolean restrictions. 251 252 subtype Cunit_Boolean_Restrictions is All_Boolean_Restrictions range 253 Immediate_Reclamation .. SPARK_05; 254 -- Boolean restrictions that are not checked for partition consistency 255 -- and that thus apply only to the current unit. Note that for these 256 -- restrictions, the compiler does not apply restrictions found in 257 -- with'ed units, parent specs etc. to the main unit, and vice versa. 258 259 subtype All_Parameter_Restrictions is 260 Restriction_Id range 261 No_Specification_Of_Aspect .. Max_Storage_At_Blocking; 262 -- All restrictions that take a parameter 263 264 subtype Integer_Parameter_Restrictions is 265 Restriction_Id range 266 Max_Protected_Entries .. Max_Storage_At_Blocking; 267 -- All restrictions taking an integer parameter 268 269 subtype Checked_Parameter_Restrictions is 270 All_Parameter_Restrictions range 271 Max_Protected_Entries .. Max_Entry_Queue_Length; 272 -- These are the parameter restrictions that can be at least partially 273 -- checked at compile/binder time. Minimally, the compiler can detect 274 -- violations of a restriction pragma with a value of zero reliably. 275 276 subtype Checked_Max_Parameter_Restrictions is 277 Checked_Parameter_Restrictions range 278 Max_Protected_Entries .. Max_Task_Entries; 279 -- Restrictions with parameters that can be checked in some cases by 280 -- maximizing among statically detected instances where the compiler 281 -- can determine the count. 282 283 subtype Checked_Add_Parameter_Restrictions is 284 Checked_Parameter_Restrictions range 285 Max_Tasks .. Max_Tasks; 286 -- Restrictions with parameters that can be checked in some cases by 287 -- summing the statically detected instances where the compiler can 288 -- determine the count. 289 290 subtype Checked_Val_Parameter_Restrictions is 291 Checked_Parameter_Restrictions range 292 Max_Protected_Entries .. Max_Tasks; 293 -- Restrictions with parameter where the count is known at least in some 294 -- cases by the compiler/binder. 295 296 subtype Checked_Zero_Parameter_Restrictions is 297 Checked_Parameter_Restrictions range 298 Max_Asynchronous_Select_Nesting .. Max_Entry_Queue_Length; 299 -- Restrictions with parameters where the compiler can detect the use of 300 -- the feature, and hence violations of a restriction specifying a value 301 -- of zero, but cannot detect specific values other than zero/nonzero. 302 303 subtype Unchecked_Parameter_Restrictions is 304 All_Parameter_Restrictions range 305 Max_Storage_At_Blocking .. Max_Storage_At_Blocking; 306 -- Restrictions with parameters where the compiler cannot ever detect 307 -- corresponding compile time usage, so the binder and compiler never 308 -- detect violations of any restriction. 309 310 ------------------------------------- 311 -- Restriction Status Declarations -- 312 ------------------------------------- 313 314 -- The following declarations are used to record the current status or 315 -- restrictions (for the current unit, or related units, at compile time, 316 -- and for all units in a partition at bind time or run time). 317 318 type Restriction_Flags is array (All_Restrictions) of Boolean; 319 type Restriction_Values is array (All_Parameter_Restrictions) of Natural; 320 type Parameter_Flags is array (All_Parameter_Restrictions) of Boolean; 321 322 type Restrictions_Info is record 323 Set : Restriction_Flags; 324 -- An entry is True in the Set array if a restrictions pragma has been 325 -- encountered for the given restriction. If the value is True for a 326 -- parameter restriction, then the corresponding entry in the Value 327 -- array gives the minimum value encountered for any such restriction. 328 329 Value : Restriction_Values; 330 -- If the entry for a parameter restriction in Set is True (i.e. a 331 -- restrictions pragma for the restriction has been encountered), then 332 -- the corresponding entry in the Value array is the minimum value 333 -- specified by any such restrictions pragma. Note that a restrictions 334 -- pragma specifying a value greater than Int'Last is simply ignored. 335 336 Violated : Restriction_Flags; 337 -- An entry is True in the violations array if the compiler has detected 338 -- a violation of the restriction. For a parameter restriction, the 339 -- Count and Unknown arrays have additional information. 340 341 Count : Restriction_Values; 342 -- If an entry for a parameter restriction is True in Violated, the 343 -- corresponding entry in the Count array may record additional 344 -- information. If the actual minimum count is known (by taking 345 -- maximums, or sums, depending on the restriction), it will be 346 -- recorded in this array. If not, then the value will remain zero. 347 -- The value is also zero for a non-violated restriction. 348 349 Unknown : Parameter_Flags; 350 -- If an entry for a parameter restriction is True in Violated, the 351 -- corresponding entry in the Unknown array may record additional 352 -- information. If the actual count is not known by the compiler (but 353 -- is known to be non-zero), then the entry in Unknown will be True. 354 -- This indicates that the value in Count is not known to be exact, 355 -- and the actual violation count may be higher. 356 357 -- Note: If Violated (K) is True, then either Count (K) > 0 or 358 -- Unknown (K) = True. It is possible for both these to be set. 359 -- For example, if Count (K) = 3 and Unknown (K) is True, it means 360 -- that the actual violation count is at least 3 but might be higher. 361 end record; 362 363 No_Restrictions : constant Restrictions_Info := 364 (Set => (others => False), 365 Value => (others => 0), 366 Violated => (others => False), 367 Count => (others => 0), 368 Unknown => (others => False)); 369 -- Used to initialize Restrictions_Info variables 370 371 ---------------------------------- 372 -- Profile Definitions and Data -- 373 ---------------------------------- 374 375 -- Note: to add a profile, modify the following declarations appropriately, 376 -- add Name_xxx to Snames, and add a branch to the conditions for pragmas 377 -- Profile and Profile_Warnings in the body of Sem_Prag. 378 379 type Profile_Name is 380 (No_Profile, 381 No_Implementation_Extensions, 382 Restricted_Tasking, 383 Restricted, 384 Ravenscar, 385 GNAT_Extended_Ravenscar, 386 GNAT_Ravenscar_EDF); 387 -- Names of recognized profiles. No_Profile is used to indicate that a 388 -- restriction came from pragma Restrictions[_Warning], as opposed to 389 -- pragma Profile[_Warning]. Restricted_Tasking is a non-user profile that 390 -- contaings the minimal set of restrictions to trigger the user of the 391 -- restricted tasking runtime. Restricted is the corresponding user profile 392 -- that also restrict protected types. 393 394 subtype Profile_Name_Actual is Profile_Name 395 range No_Implementation_Extensions .. Profile_Name'Last; 396 -- Actual used profile names 397 398 type Profile_Data is record 399 Set : Restriction_Flags; 400 -- Set to True if given restriction must be set for the profile, and 401 -- False if it need not be set (False does not mean that it must not be 402 -- set, just that it need not be set). If the flag is True for a 403 -- parameter restriction, then the Value array gives the maximum value 404 -- permitted by the profile. 405 406 Value : Restriction_Values; 407 -- An entry in this array is meaningful only if the corresponding flag 408 -- in Set is True. In that case, the value in this array is the maximum 409 -- value of the parameter permitted by the profile. 410 end record; 411 412 Profile_Info : constant array (Profile_Name_Actual) of Profile_Data := ( 413 414 -- No_Implementation_Extensions profile 415 416 No_Implementation_Extensions => 417 418 (Set => 419 (No_Implementation_Aspect_Specifications => True, 420 No_Implementation_Attributes => True, 421 No_Implementation_Identifiers => True, 422 No_Implementation_Pragmas => True, 423 No_Implementation_Units => True, 424 others => False), 425 426 -- Value settings for Restricted profile (none 427 428 Value => 429 (others => 0)), 430 431 -- Restricted_Tasking Profile 432 433 Restricted_Tasking => 434 435 -- Restrictions for Restricted_Tasking profile 436 437 (Set => 438 (No_Abort_Statements => True, 439 No_Asynchronous_Control => True, 440 No_Dynamic_Attachment => True, 441 No_Dynamic_Priorities => True, 442 No_Local_Protected_Objects => True, 443 No_Protected_Type_Allocators => True, 444 No_Requeue_Statements => True, 445 No_Task_Allocators => True, 446 No_Task_Attributes_Package => True, 447 No_Task_Hierarchy => True, 448 No_Terminate_Alternatives => True, 449 Max_Asynchronous_Select_Nesting => True, 450 Max_Select_Alternatives => True, 451 Max_Task_Entries => True, 452 others => False), 453 454 -- Value settings for Restricted_Tasking profile 455 456 Value => 457 (Max_Asynchronous_Select_Nesting => 0, 458 Max_Select_Alternatives => 0, 459 Max_Task_Entries => 0, 460 others => 0)), 461 462 -- Restricted Profile 463 464 Restricted => 465 466 -- Restrictions for Restricted profile 467 468 (Set => 469 (No_Abort_Statements => True, 470 No_Asynchronous_Control => True, 471 No_Dynamic_Attachment => True, 472 No_Dynamic_Priorities => True, 473 No_Entry_Queue => True, 474 No_Local_Protected_Objects => True, 475 No_Protected_Type_Allocators => True, 476 No_Requeue_Statements => True, 477 No_Task_Allocators => True, 478 No_Task_Attributes_Package => True, 479 No_Task_Hierarchy => True, 480 No_Terminate_Alternatives => True, 481 Max_Asynchronous_Select_Nesting => True, 482 Max_Protected_Entries => True, 483 Max_Select_Alternatives => True, 484 Max_Task_Entries => True, 485 others => False), 486 487 -- Value settings for Restricted profile 488 489 Value => 490 (Max_Asynchronous_Select_Nesting => 0, 491 Max_Protected_Entries => 1, 492 Max_Select_Alternatives => 0, 493 Max_Task_Entries => 0, 494 others => 0)), 495 496 -- Ravenscar Profile 497 498 -- Note: the table entries here only represent the 499 -- required restriction profile for Ravenscar. The 500 -- full Ravenscar profile also requires: 501 502 -- pragma Dispatching_Policy (FIFO_Within_Priorities); 503 -- pragma Locking_Policy (Ceiling_Locking); 504 -- pragma Detect_Blocking; 505 506 Ravenscar => 507 508 -- Restrictions for Ravenscar = Restricted profile .. 509 510 (Set => 511 (No_Abort_Statements => True, 512 No_Asynchronous_Control => True, 513 No_Dynamic_Attachment => True, 514 No_Dynamic_Priorities => True, 515 No_Entry_Queue => True, 516 No_Local_Protected_Objects => True, 517 No_Protected_Type_Allocators => True, 518 No_Requeue_Statements => True, 519 No_Task_Allocators => True, 520 No_Task_Attributes_Package => True, 521 No_Task_Hierarchy => True, 522 No_Terminate_Alternatives => True, 523 Max_Asynchronous_Select_Nesting => True, 524 Max_Protected_Entries => True, 525 Max_Select_Alternatives => True, 526 Max_Task_Entries => True, 527 528 -- plus these additional restrictions: 529 530 No_Calendar => True, 531 No_Implicit_Heap_Allocations => True, 532 No_Local_Timing_Events => True, 533 No_Relative_Delay => True, 534 No_Select_Statements => True, 535 No_Specific_Termination_Handlers => True, 536 No_Task_Termination => True, 537 Simple_Barriers => True, 538 others => False), 539 540 -- Value settings for Ravenscar (same as Restricted) 541 542 Value => 543 (Max_Asynchronous_Select_Nesting => 0, 544 Max_Protected_Entries => 1, 545 Max_Select_Alternatives => 0, 546 Max_Task_Entries => 0, 547 others => 0)), 548 549 GNAT_Extended_Ravenscar => 550 551 -- Restrictions for GNAT_Extended_Ravenscar = 552 -- Restricted profile .. 553 554 (Set => 555 (No_Abort_Statements => True, 556 No_Asynchronous_Control => True, 557 No_Dynamic_Attachment => True, 558 No_Dynamic_Priorities => True, 559 No_Local_Protected_Objects => True, 560 No_Protected_Type_Allocators => True, 561 No_Requeue_Statements => True, 562 No_Task_Allocators => True, 563 No_Task_Attributes_Package => True, 564 No_Task_Hierarchy => True, 565 No_Terminate_Alternatives => True, 566 Max_Asynchronous_Select_Nesting => True, 567 Max_Select_Alternatives => True, 568 Max_Task_Entries => True, 569 570 -- plus these additional restrictions: 571 572 No_Implicit_Task_Allocations => True, 573 No_Implicit_Protected_Object_Allocations 574 => True, 575 No_Local_Timing_Events => True, 576 No_Select_Statements => True, 577 No_Specific_Termination_Handlers => True, 578 No_Task_Termination => True, 579 Pure_Barriers => True, 580 others => False), 581 582 -- Value settings for Ravenscar (same as Restricted) 583 584 Value => 585 (Max_Asynchronous_Select_Nesting => 0, 586 Max_Select_Alternatives => 0, 587 Max_Task_Entries => 0, 588 others => 0)), 589 590 -- GNAT_Ravenscar_EDF Profile 591 592 -- Note: the table entries here only represent the 593 -- required restriction profile for GNAT_Ravenscar_EDF. 594 -- The full GNAT_Ravenscar_EDF profile also requires: 595 596 -- pragma Dispatching_Policy (EDF_Across_Priorities); 597 -- pragma Locking_Policy (Ceiling_Locking); 598 -- pragma Detect_Blocking; 599 600 GNAT_Ravenscar_EDF => 601 602 -- Restrictions for Ravenscar = Restricted profile .. 603 604 (Set => 605 (No_Abort_Statements => True, 606 No_Asynchronous_Control => True, 607 No_Dynamic_Attachment => True, 608 No_Dynamic_Priorities => True, 609 No_Entry_Queue => True, 610 No_Local_Protected_Objects => True, 611 No_Protected_Type_Allocators => True, 612 No_Requeue_Statements => True, 613 No_Task_Allocators => True, 614 No_Task_Attributes_Package => True, 615 No_Task_Hierarchy => True, 616 No_Terminate_Alternatives => True, 617 Max_Asynchronous_Select_Nesting => True, 618 Max_Protected_Entries => True, 619 Max_Select_Alternatives => True, 620 Max_Task_Entries => True, 621 622 -- plus these additional restrictions: 623 624 No_Calendar => True, 625 No_Implicit_Heap_Allocations => True, 626 No_Local_Timing_Events => True, 627 No_Relative_Delay => True, 628 No_Select_Statements => True, 629 No_Specific_Termination_Handlers => True, 630 No_Task_Termination => True, 631 Simple_Barriers => True, 632 others => False), 633 634 -- Value settings for Ravenscar (same as Restricted) 635 636 Value => 637 (Max_Asynchronous_Select_Nesting => 0, 638 Max_Protected_Entries => 1, 639 Max_Select_Alternatives => 0, 640 Max_Task_Entries => 0, 641 others => 0))); 642 643end System.Rident; 644