Abstract
Reactive systems are systems that respond to stimuli from the environment within the time constraints imposed by the environment. This paper identifies an ease-of-use issue with Ada for developing small reactive systems. The problem is that Ada defines program termination solely in terms of whether all tasks have terminated. There are, however, some advantages in adopting a purely interrupt-driven design in the implementation of small reactive systems. With such programs, there are no tasks other than the environment task, which typically terminates when it finishes executing the main program. We argue that this is not the expected behaviour. To avoid this unexpected premature program termination, this paper proposes changes to the program termination conditions in the language so that the environment task of an active partition terminates when (1) all its dependent tasks have terminated, (2) the partition has no active timing events, and (3) no handlers are attached to interrupts that are to be serviced by the partition. However, this would be a nonbackward compatible change, and some programs that currently terminate would not terminate with the new rules if they still have attached interrupt handlers or outstanding timing events.
- Greg Bollella, James Gosling, Benjamin Brosgol, P. Dibble, S. Furr, and M. Turnbull. The Real-Time Specification for Java. Java Series. Addison-Wesley, June 2000. Google Scholar
Digital Library
- F. Boussinot and R. de Simone. The Esterel language. Proceedings of the IEEE, 79(9):1293--1304, sept 1991.Google Scholar
Cross Ref
- Nicolas Halbwachs. Synchronous Programming of Reactive Systems. Kluwer Academic Publishers, 1993. Google Scholar
Digital Library
- N.K. Singh, A.J. Wellings, and A.L.C. Cavalcanti. The cardiac pacemaker case study and its implementation in Safety-Critical Java and Ravenscar Ada. In Proceedings of the 10th International Workshop on Java Technologies for Real-time and Embedded Systems - JTRES 2012., 2012. Google Scholar
Digital Library
Recommendations
Simple termination of context-sensitive rewriting
RULE '02: Proceedings of the 2002 ACM SIGPLAN workshop on Rule-based programmingSimple termination is the (often indirect) basis of most existing automatic techniques for proving termination of rule-based programs (e.g., Knuth-Bendix, polynomial, or recursive path orderings, but also DP-simple termination, etc.). An interesting ...
Closed Symbolic Execution for Verifying Program Termination
SCAM '12: Proceedings of the 2012 IEEE 12th International Working Conference on Source Code Analysis and ManipulationSymbolic execution, originally introduced as a method for program testing and debugging, is usually incomplete because of infinite symbolic execution paths. In this work, we adapt some well-known notions from partial evaluation in order to have a ...






Comments