9.4 Protected Units and Protected Objects

From OC Systems Wiki!
Jump to: navigation, search

A protected object provides coordinated access to shared data, through calls on its visible protected operations, which can be protected subprograms or protected entries. A protected unit is declared by a protected declaration, which has a corresponding protected_body. A protected declaration may be a protected_type_declaration, in which case it declares a named protected type; alternatively, it may be a single_protected_declaration, in which case it defines an anonymous protected type, as well as declaring a named protected object of that type.


protected_type_declaration ::=
    protected type defining_identifier [known_discriminant_part] is protected_definition;

single_protected_declaration ::=
    protected defining_identifier is protected_definition;

protected_definition ::=
    { protected_operation_declaration }
[ privateprotected_element_declaration } ]
end [protected_identifier]

protected_operation_declaration ::= subprogram_declaration
  | entry_declaration
  | aspect_clause

protected_element_declaration ::= protected_operation_declaration
  | component_declaration

protected_body ::=
    protected body defining_identifier isprotected_operation_item }
    end [protected_identifier];

protected_operation_item ::= subprogram_declaration
  | subprogram_body
  | entry_body
  | aspect_clause

If a protected_identifier appears at the end of a protected_definition or protected_body, it shall repeat the defining_identifier.

Legality Rules

A protected declaration requires a completion, which shall be a protected_body, and every protected_body shall be the completion of some protected declaration.

Static Semantics

A protected_definition defines a protected type and its first subtype. The list of protected_operation_declarations of a protected_definition, together with the known_discriminant_part, if any, is called the visible part of the protected unit. The optional list of protected_element_declarations after the reserved word private is called the private part of the protected unit.

Dynamic Semantics

The elaboration of a protected declaration elaborates the protected_definition. The elaboration of a single_protected_declaration also creates an object of an (anonymous) protected type.

The elaboration of a protected_definition creates the protected type and its first subtype; it also includes the elaboration of the component_declarations and protected_operation_declarations in the given order.

As part of the initialization of a protected object, any per-object constraints (see 3.8) are elaborated.

The elaboration of a protected_body has no other effect than to establish that protected operations of the type can from then on be called without failing the Elaboration_Check.

The content of an object of a given protected type includes:

  • The values of the components of the protected object, including (implicitly) an entry queue for each entry declared for the protected object;
  • A representation of the state of the execution resource associated with the protected object (one such resource is associated with each protected object).

The execution resource associated with a protected object has to be acquired to read or update any components of the protected object; it can be acquired (as part of a protected action -- see 9.5.1) either for concurrent read-only access, or for exclusive read-write access.

As the first step of the finalization of a protected object, each call remaining on any entry queue of the object is removed from its queue and Program_Error is raised at the place of the corresponding entry_call_statement.


13  Within the declaration or body of a protected unit, the name of the protected unit denotes the current instance of the unit (see 8.6), rather than the first subtype of the corresponding protected type (and thus the name cannot be used as a subtype_mark).

14  A selected_component can be used to denote a discriminant of a protected object (see 4.1.3). Within a protected unit, the name of a discriminant of the protected type denotes the corresponding discriminant of the current instance of the unit.

15  A protected type is a limited type (see 7.5), and hence has neither an assignment operation nor predefined equality operators.

16  The bodies of the protected operations given in the protected_body define the actions that take place upon calls to the protected operations.

17  The declarations in the private part are only visible within the private part and the body of the protected unit.


Example of declaration of protected type and corresponding body:

protected type Resource is 
    entry Seize; 
    procedure Release;
    Busy : Boolean := False;
end Resource;

protected body Resource is
    entry Seize when not Busy is 
        Busy := True; 
    end Seize;

    procedure Release is 
        Busy := False;
    end Release;
end Resource;

Example of a single protected declaration and corresponding body:

protected Shared_Array is
    --  Index, Item, and Item_Array are global types 
    function  Component    (N in Index) return Item; 
    procedure Set_Component(N in Index; E in  Item);
    Table : Item_Array(Index) := (others => Null_Item);
end Shared_Array;

protected body Shared_Array is 
    function Component(N in Index) return Item is
        return Table(N);
    end Component;

    procedure Set_Component(N in Index; E in Item) is 
        Table(N) := E;
    end Set_Component;
end Shared_Array;

Examples of protected objects:

Control  : Resource; 
Flags    : array(1 .. 100) of Resource;

Copyright © 1992,1993,1994,1995 Intermetrics, Inc.
Copyright © 2000 The MITRE Corporation, Inc. Ada Reference Manual