Programming Simple Reactive Systems in Ada: Premature Program Termination

Reactive systems are systems that respond to stimuli from the environment within the time constraints imposed by the environment. This paper identifies an ease-of-use issue with Ada for developing small reactive systems. The problem is that Ada defines program termination solely in terms of whether all tasks have terminated. There are, however, some advantages in adopting a purely interrupt-driven design in the implementation of small reactive systems. With such programs, there are no tasks other than the environment task, which typically terminates when it finishes executing the main program. We argue that this is not the expected behaviour. To avoid this unexpected premature program termination, this paper proposes changes to the program termination conditions in the language so that the environment task of an active partition terminates when (1) all its dependent tasks have terminated, (2) the partition has no active timing events, and (3) no handlers are attached to interrupts that are to be serviced by the partition. However, this would be a nonbackward compatible change, and some programs that currently terminate would not terminate with the new rules if they still have attached interrupt handlers or outstanding timing events.