-
This clause defines restrictions that can be used with pragma
Restrictions, See section 13.12 Pragma Restrictions, these facilitate the demonstration of
program correctness by allowing tailored versions of the run-time
system.
Static Semantics
-
The following restrictions, the same as in See section D.7 Tasking Restrictions, apply in this
Annex: No_Task_Hierarchy, No_Abort_Statement,
No_Implicit_Heap_Allocation, Max_Task_Entries is 0,
Max_Asynchronous_Select_Nesting is 0, and Max_Tasks is 0. The last three
restrictions are checked prior to program execution.
-
The following additional restrictions apply in this Annex.
-
Tasking-related restriction:
-
No_Protected_Types
There are no declarations of protected types or protected
objects.
-
Memory-management related restrictions:
-
No_Allocators
There are no occurrences of an allocator.
-
No_Local_Allocators
Allocators are prohibited in subprograms, generic sub-programs,
tasks, and entry bodies; instantiations of generic
packages are also prohibited in these contexts.
-
No_Unchecked_Deallocation
Semantic dependence on Unchecked_Deallocation is not allowed.
-
Immediate_Reclamation
Except for storage occupied by objects created by allocators
and not deallocated via unchecked deallocation, any storage
reserved at run time for an object is immediately reclaimed
when the object no longer exists.
-
Exception-related restriction:
-
No_Exceptions
Raise_statements and exception_handlers are not allowed. No
language-defined run-time checks are generated; however, a
run-time check performed automatically by the hardware is
permitted.
-
Other restrictions:
-
No_Floating_Point
Uses of predefined floating point types and operations, and
declarations of new floating point types, are not allowed.
-
No_Fixed_Point
Uses of predefined fixed point types and operations, and
declarations of new fixed point types, are not allowed.
-
No_Unchecked_Conversion
Semantic dependence on the predefined generic
Unchecked_Conversion is not allowed.
-
No_Access_Subprograms
The declaration of access-to-subprogram types is not allowed.
-
No_Unchecked_Access
The Unchecked_Access attribute is not allowed.
-
No_Dispatch
Occurrences of T'Class are not allowed, for any (tagged)
subtype T.
-
No_IO
Semantic dependence on any of the library units
Sequential_IO, Direct_IO, Text_IO, Wide_Text_IO, or Stream_IO
is not allowed.
-
No_Delay
Delay_Statements and semantic dependence on package Calendar
are not allowed.
-
No_Recursion
As part of the execution of a subprogram, the same subprogram
is not invoked.
-
No_Reentrancy
During the execution of a subprogram by a task, no other task
invokes the same subprogram.
Implementation Requirements
-
If an implementation supports pragma Restrictions for a particular
argument, then except for the restrictions No_Unchecked_Deallocation,
No_Unchecked_Conversion, No_Access_Subprograms, and No_Unchecked_Access,
the associated restriction applies to the run-time system.
Documentation Requirements
-
If a pragma Restrictions(No_Exceptions) is specified, the implementation
shall document the effects of all constructs where language-defined
checks are still performed automatically (for example, an overflow check
performed by the processor).
Erroneous Execution
-
Program execution is erroneous if pragma Restrictions(No_Exceptions) has
been specified and the conditions arise under which a generated
language-defined run-time check would fail.
-
Program execution is erroneous if pragma Restrictions(No_Recursion) has
been specified and a subprogram is invoked as part of its own execution,
or if pragma Restrictions(No_Reentrancy) has been specified and during
the execution of a subprogram by a task, another task invokes the same
subprogram.