diff options
| author | Martin Liska <mliska@suse.cz> | 2022-09-05 10:44:56 +0200 |
|---|---|---|
| committer | Martin Liska <mliska@suse.cz> | 2022-09-05 10:44:56 +0200 |
| commit | d8e441f4b8698f38e4564fe1bbe9ff112814ecff (patch) | |
| tree | 62aac45da0a2358e1ea29a07ab734f607a201e5b /gcc/ada | |
| parent | 4483fe115cef3eea1d64e913816e2d117b38ac73 (diff) | |
| parent | ca60bd93e216ae0425f790e1d4f4dc4a48763c0e (diff) | |
| download | gcc-d8e441f4b8698f38e4564fe1bbe9ff112814ecff.zip gcc-d8e441f4b8698f38e4564fe1bbe9ff112814ecff.tar.gz gcc-d8e441f4b8698f38e4564fe1bbe9ff112814ecff.tar.bz2 | |
Merge branch 'master' into devel/sphinx
Diffstat (limited to 'gcc/ada')
74 files changed, 4508 insertions, 3904 deletions
diff --git a/gcc/ada/ChangeLog b/gcc/ada/ChangeLog index 2469db4..7bad8a6 100644 --- a/gcc/ada/ChangeLog +++ b/gcc/ada/ChangeLog @@ -1,3 +1,96 @@ +2022-09-02 Eric Botcazou <ebotcazou@adacore.com> + + * exp_util.adb (Expand_Subtype_From_Expr): Be prepared for + rewritten aggregates as expressions. + +2022-09-02 Gary Dismukes <dismukes@adacore.com> + + * exp_ch6.adb (Expand_Simple_Function_Return) Bypass creation of an actual + subtype and unchecked conversion to that subtype when the underlying type + of the expression has discriminants without defaults. + +2022-09-02 Eric Botcazou <ebotcazou@adacore.com> + + * exp_util.adb (Expand_Subtype_From_Expr): Check for the presence + of the Is_Constr_Subt_For_U_Nominal flag instead of the absence + of the Is_Constr_Subt_For_UN_Aliased flag on the subtype of the + expression of an object declaration before reusing this subtype. + * sem_ch3.adb (Analyze_Object_Declaration): Do not incorrectly + set the Is_Constr_Subt_For_UN_Aliased flag on the actual subtype + of an array with definite nominal subtype. Remove useless test. + +2022-09-02 Eric Botcazou <ebotcazou@adacore.com> + + * doc/gnat_rm/standard_and_implementation_defined_restrictions.rst + (No_Dependence): Cite implicit dependences on the runtime library. + * gnat_rm.texi, gnat_ugn.texi: Regenerate. + +2022-09-02 Claire Dross <dross@adacore.com> + + * libgnat/a-strmap.adb: Add variants to simple and while loops. + * libgnat/a-strsea.adb: Idem. + +2022-09-02 Claire Dross <dross@adacore.com> + + * libgnat/s-expmod.adb (Lemma_Add_Mod): Add new lemma to factor + out a complex sub-proof. + (Exp_Modular): Add assertion to help proof. + +2022-09-02 Claire Dross <dross@adacore.com> + + * libgnat/s-widthu.adb (Lemma_Euclidean): Lemma to prove the + relation between the quotient/remainder of a division. + +2022-09-02 Yannick Moy <moy@adacore.com> + + * libgnat/s-aridou.adb: Add or rework ghost code. + * libgnat/s-aridou.ads: Add Big_Positive subtype. + +2022-09-02 Eric Botcazou <ebotcazou@adacore.com> + + * doc/gnat_ugn/gnat_and_program_execution.rst + (Non-Symbolic Traceback): Update section. + * gnat_rm.texi, gnat_ugn.texi, gnat-style.texi: Regenerate. + +2022-09-02 Claire Dross <dross@adacore.com> + + * libgnat/a-nbnbig.ads: Add Always_Return annotation. + * libgnat/s-vaispe.ads: New ghost unit for the specification of + System.Value_I. Restore proofs. + * libgnat/s-vauspe.ads: New ghost unit for the specification of + System.Value_U. Restore proofs. + * libgnat/s-valuei.adb: The specification only subprograms are + moved to System.Value_I_Spec. Restore proofs. + * libgnat/s-valueu.adb: The specification only subprograms are + moved to System.Value_U_Spec. Restore proofs. + * libgnat/s-valuti.ads + (Uns_Params): Generic unit used to bundle together the + specification functions of System.Value_U_Spec. + (Int_Params): Generic unit used to bundle together the + specification functions of System.Value_I_Spec. + * libgnat/s-imagef.adb: It is now possible to instantiate the + appropriate specification units instead of creating imported ghost + subprograms. + * libgnat/s-imagei.adb: Update to refactoring of specifications + and fix proofs. + * libgnat/s-imageu.adb: Likewise. + * libgnat/s-imgint.ads: Ghost parameters are grouped together in a + package now. + * libgnat/s-imglli.ads: Likewise. + * libgnat/s-imgllu.ads: Likewise. + * libgnat/s-imgllli.ads: Likewise. + * libgnat/s-imglllu.ads: Likewise. + * libgnat/s-imguns.ads: Likewise. + * libgnat/s-vallli.ads: Likewise. + * libgnat/s-valllli.ads: Likewise. + * libgnat/s-imagei.ads: Likewise. + * libgnat/s-imageu.ads: Likewise. + * libgnat/s-vaispe.adb: Likewise. + * libgnat/s-valint.ads: Likewise. + * libgnat/s-valuei.ads: Likewise. + * libgnat/s-valueu.ads: Likewise. + * libgnat/s-vauspe.adb: Likewise. + 2022-07-13 Eric Botcazou <ebotcazou@adacore.com> * gcc-interface/trans.cc (gnat_to_gnu) <N_Assignment_Statement>: Fix diff --git a/gcc/ada/ali.adb b/gcc/ada/ali.adb index bcc8822..3febd48 100644 --- a/gcc/ada/ali.adb +++ b/gcc/ada/ali.adb @@ -2079,15 +2079,24 @@ package body ALI is -- Processing for SS elsif C = 'S' then - -- Special case: a-tags.ali by itself should not set + -- Special case: a-tags/i-c* by themselves should not set -- Sec_Stack_Used, only if other code uses the secondary -- stack should we set this flag. This ensures that we do -- not bring the secondary stack unnecessarily when using - -- Ada.Tags and not actually using the secondary stack. + -- one of these packages and not actually using the + -- secondary stack. - if Get_Name_String (F) /= "a-tags.ali" then - Opt.Sec_Stack_Used := True; - end if; + declare + File : constant String := Get_Name_String (F); + begin + if File /= "a-tags.ali" + and then File /= "i-c.ali" + and then File /= "i-cstrin.ali" + and then File /= "i-cpoint.ali" + then + Opt.Sec_Stack_Used := True; + end if; + end; -- Invalid switch starting with S diff --git a/gcc/ada/aspects.ads b/gcc/ada/aspects.ads index 6559cda..2edb608 100644 --- a/gcc/ada/aspects.ads +++ b/gcc/ada/aspects.ads @@ -822,11 +822,11 @@ package Aspects is -- set on the parent type if it has delayed representation aspects. This -- flag Has_Delayed_Rep_Aspects indicates that if we derive from this type -- we have to worry about making sure we inherit any delayed aspects. The - -- second flag is set on a derived type: May_Have_Inherited_Rep_Aspects + -- second flag is set on a derived type: May_Inherit_Delayed_Rep_Aspects -- is set if the parent type has Has_Delayed_Rep_Aspects set. - -- When we freeze a derived type, if the May_Have_Inherited_Rep_Aspects - -- flag is set, then we call Freeze.Inherit_Delayed_Rep_Aspects when + -- When we freeze a derived type, if the May_Inherit_Delayed_Rep_Aspects + -- flag is set, then we call Sem_Ch13.Inherit_Delayed_Rep_Aspects when -- the derived type is frozen, which deals with the necessary copying of -- information from the parent type, which must be frozen at that point -- (since freezing the derived type first freezes the parent type). diff --git a/gcc/ada/bindgen.adb b/gcc/ada/bindgen.adb index c70268d..d5877c6 100644 --- a/gcc/ada/bindgen.adb +++ b/gcc/ada/bindgen.adb @@ -1544,6 +1544,7 @@ package body Bindgen is Check_Elab_Flag := Units.Table (Unum_Spec).Set_Elab_Entity + and then Check_Elaboration_Flags and then not CodePeer_Mode and then (Force_Checking_Of_Elaboration_Flags or Interface_Library_Unit diff --git a/gcc/ada/bindusg.adb b/gcc/ada/bindusg.adb index bfab985..3f99bae 100644 --- a/gcc/ada/bindusg.adb +++ b/gcc/ada/bindusg.adb @@ -156,6 +156,11 @@ package body Bindusg is (" -I- Don't look for sources & library files in default " & "directory"); + -- Line for -k switch + + Write_Line + (" -k Disable checking of elaboration flags"); + -- Line for -K switch Write_Line diff --git a/gcc/ada/doc/gnat_rm/standard_and_implementation_defined_restrictions.rst b/gcc/ada/doc/gnat_rm/standard_and_implementation_defined_restrictions.rst index 9ca4057..f8e2a58 100644 --- a/gcc/ada/doc/gnat_rm/standard_and_implementation_defined_restrictions.rst +++ b/gcc/ada/doc/gnat_rm/standard_and_implementation_defined_restrictions.rst @@ -184,7 +184,9 @@ No_Dependence .. index:: No_Dependence [RM 13.12.1] This restriction ensures at compile time that there are no -dependences on a library unit. +dependences on a library unit. For GNAT, this includes implicit implementation +dependences on units of the runtime library that are created by the compiler +to support specific constructs of the language. No_Direct_Boolean_Operators --------------------------- diff --git a/gcc/ada/doc/gnat_ugn/building_executable_programs_with_gnat.rst b/gcc/ada/doc/gnat_ugn/building_executable_programs_with_gnat.rst index 5442d55..37b6e95 100644 --- a/gcc/ada/doc/gnat_ugn/building_executable_programs_with_gnat.rst +++ b/gcc/ada/doc/gnat_ugn/building_executable_programs_with_gnat.rst @@ -6534,6 +6534,22 @@ be presented in subsequent sections. ALI file named in the ``gnatbind`` command line. + .. index:: -k (gnatbind) + +:switch:`-k` + Disable checking of elaboration flags. When using :switch:`-n` + either explicitly or implicitly, :switch:`-F` is also implied, + unless :switch:`-k` is used. This switch should be used with care + and you should ensure manually that elaboration routines are not called + twice unintentionally. + + + .. index:: -K (gnatbind) + +:switch:`-K` + Give list of linker options specified for link. + + .. index:: -l (gnatbind) :switch:`-l` diff --git a/gcc/ada/doc/gnat_ugn/gnat_and_program_execution.rst b/gcc/ada/doc/gnat_ugn/gnat_and_program_execution.rst index c514678..0d78e43 100644 --- a/gcc/ada/doc/gnat_ugn/gnat_and_program_execution.rst +++ b/gcc/ada/doc/gnat_ugn/gnat_and_program_execution.rst @@ -756,12 +756,14 @@ for a complete list of supported platforms. .. rubric:: Tracebacks From an Unhandled Exception A runtime non-symbolic traceback is a list of addresses of call instructions. -To enable this feature you must use the :switch:`-E` -``gnatbind`` option. With this option a stack traceback is stored as part -of exception information. You can retrieve this information using the -``addr2line`` tool. +To enable this feature you must use the :switch:`-E` ``gnatbind`` option. With +this option a stack traceback is stored as part of exception information. -Here is a simple example: +You can translate this information using the ``addr2line`` tool, provided that +the program is compiled with debugging options (see :ref:`Switches_for_gcc`) +and linked at a fixed position with :switch:`-no-pie`. + +Here is a simple example with ``gnatmake``: .. code-block:: ada @@ -783,94 +785,110 @@ Here is a simple example: :: - $ gnatmake stb -bargs -E + $ gnatmake stb -g -bargs -E -largs -no-pie $ stb - Execution terminated by unhandled exception - Exception name: CONSTRAINT_ERROR - Message: stb.adb:5 + Execution of stb terminated by unhandled exception + raised CONSTRAINT_ERROR : stb.adb:5 explicit raise + Load address: 0x400000 Call stack traceback locations: 0x401373 0x40138b 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 As we see the traceback lists a sequence of addresses for the unhandled exception ``CONSTRAINT_ERROR`` raised in procedure P1. It is easy to guess that this exception come from procedure P1. To translate these -addresses into the source lines where the calls appear, the -``addr2line`` tool, described below, is invaluable. The use of this tool -requires the program to be compiled with debug information. +addresses into the source lines where the calls appear, the ``addr2line`` +tool needs to be invoked like this: :: - $ gnatmake -g stb -bargs -E - $ stb - - Execution terminated by unhandled exception - Exception name: CONSTRAINT_ERROR - Message: stb.adb:5 - Call stack traceback locations: - 0x401373 0x40138b 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 - - $ addr2line --exe=stb 0x401373 0x40138b 0x40139c 0x401335 0x4011c4 + $ addr2line -e stb 0x401373 0x40138b 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 - 00401373 at d:/stb/stb.adb:5 - 0040138B at d:/stb/stb.adb:10 - 0040139C at d:/stb/stb.adb:14 - 00401335 at d:/stb/b~stb.adb:104 - 004011C4 at /build/.../crt1.c:200 - 004011F1 at /build/.../crt1.c:222 - 77E892A4 in ?? at ??:0 + d:/stb/stb.adb:5 + d:/stb/stb.adb:10 + d:/stb/stb.adb:14 + d:/stb/b~stb.adb:197 + crtexe.c:? + crtexe.c:? + ??:0 The ``addr2line`` tool has several other useful options: - ======================== ======================================================== - :samp:`--functions` to get the function name corresponding to any location - :samp:`--demangle=gnat` to use the gnat decoding mode for the function names. - Note that for binutils version 2.9.x the option is - simply :samp:`--demangle`. - ======================== ======================================================== + ========================= ==================================================== + :samp:`-a --addresses` to show the addresses alongside the line numbers + :samp:`-f --functions` to get the function name corresponding to a location + :samp:`-p --pretty-print` to print all the information on a single line + :samp:`--demangle=gnat` to use the GNAT decoding mode for the function names + ========================= ==================================================== :: - $ addr2line --exe=stb --functions --demangle=gnat 0x401373 0x40138b - 0x40139c 0x401335 0x4011c4 0x4011f1 + $ addr2line -e stb -a -f -p --demangle=gnat 0x401373 0x40138b + 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 + + 0x00401373: stb.p1 at d:/stb/stb.adb:5 + 0x0040138B: stb.p2 at d:/stb/stb.adb:10 + 0x0040139C: stb at d:/stb/stb.adb:14 + 0x00401335: main at d:/stb/b~stb.adb:197 + 0x004011c4: ?? at crtexe.c:? + 0x004011f1: ?? at crtexe.c:? + 0x77e892a4: ?? ??:0 - 00401373 in stb.p1 at d:/stb/stb.adb:5 - 0040138B in stb.p2 at d:/stb/stb.adb:10 - 0040139C in stb at d:/stb/stb.adb:14 - 00401335 in main at d:/stb/b~stb.adb:104 - 004011C4 in <__mingw_CRTStartup> at /build/.../crt1.c:200 - 004011F1 in <mainCRTStartup> at /build/.../crt1.c:222 -From this traceback we can see that the exception was raised in -:file:`stb.adb` at line 5, which was reached from a procedure call in -:file:`stb.adb` at line 10, and so on. The :file:`b~std.adb` is the binder file, -which contains the call to the main program. -:ref:`Running_gnatbind`. The remaining entries are assorted runtime routines, -and the output will vary from platform to platform. +From this traceback we can see that the exception was raised in :file:`stb.adb` +at line 5, which was reached from a procedure call in :file:`stb.adb` at line +10, and so on. The :file:`b~std.adb` is the binder file, which contains the +call to the main program. :ref:`Running_gnatbind`. The remaining entries are +assorted runtime routines and the output will vary from platform to platform. It is also possible to use ``GDB`` with these traceback addresses to debug the program. For example, we can break at a given code location, as reported -in the stack traceback: - - :: +in the stack traceback:: $ gdb -nw stb -Furthermore, this feature is not implemented inside Windows DLL. Only -the non-symbolic traceback is reported in this case. - - :: - (gdb) break *0x401373 Breakpoint 1 at 0x401373: file stb.adb, line 5. -It is important to note that the stack traceback addresses -do not change when debug information is included. This is particularly useful -because it makes it possible to release software without debug information (to -minimize object size), get a field report that includes a stack traceback -whenever an internal bug occurs, and then be able to retrieve the sequence -of calls with the same program compiled with debug information. +It is important to note that the stack traceback addresses do not change when +debug information is included. This is particularly useful because it makes it +possible to release software without debug information (to minimize object +size), get a field report that includes a stack traceback whenever an internal +bug occurs, and then be able to retrieve the sequence of calls with the same +program compiled with debug information. + +However the ``addr2line`` tool does not work with Position-Independent Code +(PIC), the historical example being Windows DLLs, which nowadays encompasses +Position-Independent Executables (PIE) on recent Windows versions. + +In order to translate addresses into the source lines with Position-Independent +Executables on recent Windows versions, in other words without using the switch +:switch:`-no-pie` during linking, you need to use the ``gnatsymbolize`` tool +with :switch:`--load` instead of the ``addr2line`` tool. The main difference +is that you need to copy the Load Address output in the traceback ahead of the +sequence of addresses. And the default mode of ``gnatsymbolize`` is equivalent +to that of ``addr2line`` with the above switches, so none of them is needed:: + + $ gnatmake stb -g -bargs -E + $ stb + + Execution of stb terminated by unhandled exception + raised CONSTRAINT_ERROR : stb.adb:5 explicit raise + Load address: 0x400000 + Call stack traceback locations: + 0x401373 0x40138b 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 + + $ gnatsymbolize --load stb 0x400000 0x401373 0x40138b 0x40139c 0x401335 + 0x4011c4 0x4011f1 0x77e892a4 + + 0x00401373 Stb.P1 at stb.adb:5 + 0x0040138B Stb.P2 at stb.adb:10 + 0x0040139C Stb at stb.adb:14 + 0x00401335 Main at b~stb.adb:197 + 0x004011c4 __tmainCRTStartup at ??? + 0x004011f1 mainCRTStartup at ??? + 0x77e892a4 ??? at ??? .. rubric:: Tracebacks From Exception Occurrences @@ -914,25 +932,24 @@ This program will output: $ stb - Exception name: CONSTRAINT_ERROR - Message: stb.adb:12 + raised CONSTRAINT_ERROR : stb.adb:12 range check failed + Load address: 0x400000 Call stack traceback locations: 0x4015e4 0x401633 0x401644 0x401461 0x4011c4 0x4011f1 0x77e892a4 .. rubric:: Tracebacks From Anywhere in a Program -It is also possible to retrieve a stack traceback from anywhere in a -program. For this you need to -use the ``GNAT.Traceback`` API. This package includes a procedure called -``Call_Chain`` that computes a complete stack traceback, as well as useful -display procedures described below. It is not necessary to use the -:switch:`-E` ``gnatbind`` option in this case, because the stack traceback mechanism -is invoked explicitly. +It is also possible to retrieve a stack traceback from anywhere in a program. +For this you need to use the ``GNAT.Traceback`` API. This package includes a +procedure called ``Call_Chain`` that computes a complete stack traceback, as +well as useful display procedures described below. It is not necessary to use +the :switch:`-E` ``gnatbind`` option in this case, because the stack traceback +mechanism is invoked explicitly. -In the following example we compute a traceback at a specific location in -the program, and we display it using ``GNAT.Debug_Utilities.Image`` to -convert addresses to strings: +In the following example we compute a traceback at a specific location in the +program, and we display it using ``GNAT.Debug_Utilities.Image`` to convert +addresses to strings: .. code-block:: ada @@ -976,16 +993,16 @@ convert addresses to strings: :: - $ gnatmake -g stb + $ gnatmake stb -g $ stb In STB.P1 : 16#0040_F1E4# 16#0040_14F2# 16#0040_170B# 16#0040_171C# 16#0040_1461# 16#0040_11C4# 16#0040_11F1# 16#77E8_92A4# -You can then get further information by invoking the ``addr2line`` -tool as described earlier (note that the hexadecimal addresses -need to be specified in C format, with a leading '0x'). +You can then get further information by invoking the ``addr2line`` tool or +the ``gnatsymbolize`` tool as described earlier (note that the hexadecimal +addresses need to be specified in C format, with a leading '0x'). .. index:: traceback, symbolic @@ -3716,12 +3733,13 @@ execution of this erroneous program: allocation and deallocation routines. This is done by linking with the :file:`libgmem.a` library. For correct symbolic backtrace information, the user program should also both be compiled with debugging options - (see :ref:`Switches_for_gcc`) and be linked at a fixed position. For - example to build :file:`my_program` with ``gnatmake``: + (see :ref:`Switches_for_gcc`) and be linked at a fixed position with + :switch:`-no-pie`. For example to build :file:`my_program` with + ``gnatmake``: :: - $ gnatmake -g my_program -largs -lgmem -no-pie + $ gnatmake my_program -g -largs -lgmem -no-pie As library :file:`libgmem.a` contains an alternate body for package ``System.Memory``, :file:`s-memory.adb` should not be compiled and linked diff --git a/gcc/ada/einfo-utils.adb b/gcc/ada/einfo-utils.adb index 27531f4..b7c9bdc 100644 --- a/gcc/ada/einfo-utils.adb +++ b/gcc/ada/einfo-utils.adb @@ -2081,7 +2081,7 @@ package body Einfo.Utils is -------------------- function Number_Entries (Id : E) return Nat is - N : Int; + N : Nat; Ent : Entity_Id; begin diff --git a/gcc/ada/exp_aggr.adb b/gcc/ada/exp_aggr.adb index 4493f0f..1857055 100644 --- a/gcc/ada/exp_aggr.adb +++ b/gcc/ada/exp_aggr.adb @@ -5734,7 +5734,8 @@ package body Exp_Aggr is procedure Check_Bounds (Aggr_Bounds_Node, Index_Bounds_Node : Node_Id); -- Checks that the bounds of Aggr_Bounds are within the bounds defined - -- by Index_Bounds. + -- by Index_Bounds. For null array aggregate (Ada 2022) check that the + -- aggregate bounds define a null range. procedure Check_Same_Aggr_Bounds (Sub_Aggr : Node_Id; Dim : Pos); -- Checks that in a multidimensional array aggregate all subaggregates @@ -5850,6 +5851,22 @@ package body Exp_Aggr is Cond : Node_Id := Empty; begin + -- For a null array aggregate check that high bound (i.e., low + -- bound predecessor) exists. Fail if low bound is low bound of + -- base subtype (in all cases, including modular). + + if Is_Null_Aggregate (N) then + Insert_Action (N, + Make_Raise_Constraint_Error (Loc, + Condition => + Make_Op_Eq (Loc, + New_Copy_Tree (Aggr_Bounds.First), + New_Copy_Tree + (Type_Low_Bound (Base_Type (Etype (Ind_Bounds.First))))), + Reason => CE_Range_Check_Failed)); + return; + end if; + -- Generate the following test: -- [constraint_error when @@ -6430,7 +6447,7 @@ package body Exp_Aggr is Left_Opnd => New_Occurrence_Of (Size_Id, Loc), Right_Opnd => Make_Integer_Literal (Loc, 1))); - One_Loop := Make_Loop_Statement (Loc, + One_Loop := Make_Implicit_Loop_Statement (N, Iteration_Scheme => Make_Iteration_Scheme (Loc, Iterator_Specification => New_Copy_Tree (Iter)), @@ -6536,7 +6553,7 @@ package body Exp_Aggr is Prefix => New_Occurrence_Of (TmpE, Loc), Expressions => New_List (New_Occurrence_Of (Index_Id, Loc))), - Expression => New_Copy_Tree (Expression (Assoc))); + Expression => Copy_Separate_Tree (Expression (Assoc))); -- Advance index position for insertion. @@ -6562,7 +6579,7 @@ package body Exp_Aggr is Attribute_Name => Name_Last)), Then_Statements => New_List (Incr)); - One_Loop := Make_Loop_Statement (Loc, + One_Loop := Make_Implicit_Loop_Statement (N, Iteration_Scheme => Make_Iteration_Scheme (Loc, Iterator_Specification => Copy_Separate_Tree (Iter)), @@ -7500,11 +7517,11 @@ package body Exp_Aggr is -- Iterated_Component_Association. - Loop_Id := - Make_Defining_Identifier (Loc, - Chars => Chars (Defining_Identifier (Comp))); - if Present (Iterator_Specification (Comp)) then + Loop_Id := + Make_Defining_Identifier (Loc, + Chars => Chars (Defining_Identifier + (Iterator_Specification (Comp)))); L_Iteration_Scheme := Make_Iteration_Scheme (Loc, Iterator_Specification => Iterator_Specification (Comp)); @@ -7513,6 +7530,9 @@ package body Exp_Aggr is -- Loop_Parameter_Specification is parsed with a choice list. -- where the range is the first (and only) choice. + Loop_Id := + Make_Defining_Identifier (Loc, + Chars => Chars (Defining_Identifier (Comp))); L_Range := Relocate_Node (First (Discrete_Choices (Comp))); L_Iteration_Scheme := @@ -7997,7 +8017,7 @@ package body Exp_Aggr is end if; return - Make_Loop_Statement (Loc, + Make_Implicit_Loop_Statement (C, Iteration_Scheme => Make_Iteration_Scheme (Sl, Loop_Parameter_Specification => diff --git a/gcc/ada/exp_attr.adb b/gcc/ada/exp_attr.adb index ad75453..52d47d9 100644 --- a/gcc/ada/exp_attr.adb +++ b/gcc/ada/exp_attr.adb @@ -5667,33 +5667,35 @@ package body Exp_Attr is -- which is illegal, because of the lack of aliasing. when Attribute_Priority => Priority : declare - Call : Node_Id; - Conctyp : Entity_Id; - New_Itype : Entity_Id; - Object_Parm : Node_Id; - Subprg : Entity_Id; - RT_Subprg_Name : Node_Id; + Call : Node_Id; + New_Itype : Entity_Id; + Object_Parm : Node_Id; + Prottyp : Entity_Id; + RT_Subprg : RE_Id; + Subprg : Entity_Id; begin - -- Look for the enclosing concurrent type + -- Look for the enclosing protected type - Conctyp := Current_Scope; - while not Is_Concurrent_Type (Conctyp) loop - Conctyp := Scope (Conctyp); + Prottyp := Current_Scope; + while not Is_Protected_Type (Prottyp) loop + Prottyp := Scope (Prottyp); end loop; - pragma Assert (Is_Protected_Type (Conctyp)); + pragma Assert (Is_Protected_Type (Prottyp)); -- Generate the actual of the call Subprg := Current_Scope; - while not Present (Protected_Body_Subprogram (Subprg)) loop + while not (Is_Subprogram_Or_Entry (Subprg) + and then Present (Protected_Body_Subprogram (Subprg))) + loop Subprg := Scope (Subprg); end loop; -- Use of 'Priority inside protected entries and barriers (in both -- cases the type of the first formal of their expanded subprogram - -- is Address) + -- is Address). if Etype (First_Entity (Protected_Body_Subprogram (Subprg))) = RTE (RE_Address) @@ -5708,7 +5710,7 @@ package body Exp_Attr is New_Itype := Create_Itype (E_Access_Type, N); Set_Etype (New_Itype, New_Itype); Set_Directly_Designated_Type (New_Itype, - Corresponding_Record_Type (Conctyp)); + Corresponding_Record_Type (Prottyp)); Freeze_Itype (New_Itype, N); -- Generate: @@ -5743,15 +5745,16 @@ package body Exp_Attr is -- Select the appropriate run-time subprogram - if Number_Entries (Conctyp) = 0 then - RT_Subprg_Name := New_Occurrence_Of (RTE (RE_Get_Ceiling), Loc); + if Has_Entries (Prottyp) then + RT_Subprg := RO_PE_Get_Ceiling; else - RT_Subprg_Name := New_Occurrence_Of (RTE (RO_PE_Get_Ceiling), Loc); + RT_Subprg := RE_Get_Ceiling; end if; Call := Make_Function_Call (Loc, - Name => RT_Subprg_Name, + Name => + New_Occurrence_Of (RTE (RT_Subprg), Loc), Parameter_Associations => New_List (Object_Parm)); Rewrite (N, Call); diff --git a/gcc/ada/exp_ch3.adb b/gcc/ada/exp_ch3.adb index 38552ef..0d82691 100644 --- a/gcc/ada/exp_ch3.adb +++ b/gcc/ada/exp_ch3.adb @@ -7850,6 +7850,7 @@ package body Exp_Ch3 is and then Present (DIC_Procedure (Typ)) and then not Has_Null_Body (DIC_Procedure (Typ)) and then not Has_Init_Expression (N) + and then No (Expr) and then not Is_Imported (Def_Id) then declare @@ -9182,9 +9183,12 @@ package body Exp_Ch3 is -- the runtime verification of all invariants that pertain to the type. -- This includes invariants on the partial and full view, inherited -- class-wide invariants from parent types or interfaces, and invariants - -- on array elements or record components. + -- on array elements or record components. But skip internal types. - if Is_Interface (Def_Id) then + if Is_Itype (Def_Id) then + null; + + elsif Is_Interface (Def_Id) then -- Interfaces are treated as the partial view of a private type in -- order to achieve uniformity with the general case. As a result, an diff --git a/gcc/ada/exp_ch5.adb b/gcc/ada/exp_ch5.adb index 9a2a110..2e14c97 100644 --- a/gcc/ada/exp_ch5.adb +++ b/gcc/ada/exp_ch5.adb @@ -2392,11 +2392,10 @@ package body Exp_Ch5 is if Ada_Version >= Ada_2005 then declare - Call : Node_Id; - Conctyp : Entity_Id; - Ent : Entity_Id; - Subprg : Entity_Id; - RT_Subprg_Name : Node_Id; + Call : Node_Id; + Ent : Entity_Id; + Prottyp : Entity_Id; + RT_Subprg : RE_Id; begin -- Handle chains of renamings @@ -2416,35 +2415,27 @@ package body Exp_Ch5 is if Is_Expanded_Priority_Attribute (Ent) then - -- Look for the enclosing concurrent type + -- Look for the enclosing protected type - Conctyp := Current_Scope; - while not Is_Concurrent_Type (Conctyp) loop - Conctyp := Scope (Conctyp); + Prottyp := Current_Scope; + while not Is_Protected_Type (Prottyp) loop + Prottyp := Scope (Prottyp); end loop; - pragma Assert (Is_Protected_Type (Conctyp)); - - -- Generate the first actual of the call - - Subprg := Current_Scope; - while not Present (Protected_Body_Subprogram (Subprg)) loop - Subprg := Scope (Subprg); - end loop; + pragma Assert (Is_Protected_Type (Prottyp)); -- Select the appropriate run-time call - if Number_Entries (Conctyp) = 0 then - RT_Subprg_Name := - New_Occurrence_Of (RTE (RE_Set_Ceiling), Loc); + if Has_Entries (Prottyp) then + RT_Subprg := RO_PE_Set_Ceiling; else - RT_Subprg_Name := - New_Occurrence_Of (RTE (RO_PE_Set_Ceiling), Loc); + RT_Subprg := RE_Set_Ceiling; end if; Call := Make_Procedure_Call_Statement (Loc, - Name => RT_Subprg_Name, + Name => + New_Occurrence_Of (RTE (RT_Subprg), Loc), Parameter_Associations => New_List ( New_Copy_Tree (First (Parameter_Associations (Ent))), Relocate_Node (Expression (N)))); diff --git a/gcc/ada/exp_ch6.adb b/gcc/ada/exp_ch6.adb index fad130d..fe3bb5b 100644 --- a/gcc/ada/exp_ch6.adb +++ b/gcc/ada/exp_ch6.adb @@ -6632,7 +6632,7 @@ package body Exp_Ch6 is begin if not Exp_Is_Function_Call - and then Has_Discriminants (Ubt) + and then Has_Defaulted_Discriminants (Ubt) and then not Is_Constrained (Ubt) and then not Has_Unchecked_Union (Ubt) then diff --git a/gcc/ada/exp_util.adb b/gcc/ada/exp_util.adb index 3286bf6..0bc22a4 100644 --- a/gcc/ada/exp_util.adb +++ b/gcc/ada/exp_util.adb @@ -2042,7 +2042,7 @@ package body Exp_Util is elsif Is_Underlying_Full_View (Work_Typ) then return; - -- Use the first subtype when dealing with various base types + -- Use the first subtype when dealing with implicit base types elsif Is_Itype (Work_Typ) then Work_Typ := First_Subtype (Work_Typ); @@ -5187,19 +5187,6 @@ package body Exp_Util is end if; end Ensure_Defined; - -------------------- - -- Entry_Names_OK -- - -------------------- - - function Entry_Names_OK return Boolean is - begin - return - not Restricted_Profile - and then not Global_Discard_Names - and then not Restriction_Active (No_Implicit_Heap_Allocations) - and then not Restriction_Active (No_Local_Allocators); - end Entry_Names_OK; - ------------------- -- Evaluate_Name -- ------------------- @@ -5732,14 +5719,17 @@ package body Exp_Util is then if Is_Itype (Exp_Typ) - -- If Exp_Typ was created for a previous declaration whose nominal - -- subtype is unconstrained, and that declaration is aliased, - -- we need to generate a new subtype, because otherwise the - -- Is_Constr_Subt_For_U_Nominal flag will be set on the wrong - -- subtype, causing failure to detect non-statically-matching - -- subtypes on 'Access of the previously-declared object. - - and then not Is_Constr_Subt_For_UN_Aliased (Exp_Typ) + -- When this is for an object declaration, the caller may want to + -- set Is_Constr_Subt_For_U_Nominal on the subtype, so we must make + -- sure that either the subtype has been built for the expression, + -- typically for an aggregate, or the flag is already set on it; + -- otherwise it could end up being set on the nominal constrained + -- subtype of an object and thus later cause the failure to detect + -- non-statically-matching subtypes on 'Access of this object. + + and then (Nkind (N) /= N_Object_Declaration + or else Nkind (Original_Node (Exp)) = N_Aggregate + or else Is_Constr_Subt_For_U_Nominal (Exp_Typ)) then -- Within an initialization procedure, a selected component -- denotes a component of the enclosing record, and it appears as diff --git a/gcc/ada/exp_util.ads b/gcc/ada/exp_util.ads index d854672..a21fb8b 100644 --- a/gcc/ada/exp_util.ads +++ b/gcc/ada/exp_util.ads @@ -509,11 +509,6 @@ package Exp_Util is -- used to ensure that an Itype is properly defined outside a conditional -- construct when it is referenced in more than one branch. - function Entry_Names_OK return Boolean; - -- Determine whether it is appropriate to dynamically allocate strings - -- which represent entry [family member] names. These strings are created - -- by the compiler and used by GDB. - procedure Evaluate_Name (Nam : Node_Id); -- Remove all side effects from a name which appears as part of an object -- renaming declaration. Similarly to Force_Evaluation, it removes the diff --git a/gcc/ada/freeze.adb b/gcc/ada/freeze.adb index 382e5b4..52858e2 100644 --- a/gcc/ada/freeze.adb +++ b/gcc/ada/freeze.adb @@ -6366,9 +6366,7 @@ package body Freeze is end; end if; - if Has_Delayed_Aspects (E) - or else May_Inherit_Delayed_Rep_Aspects (E) - then + if Has_Delayed_Aspects (E) then Analyze_Aspects_At_Freeze_Point (E); end if; @@ -6799,18 +6797,25 @@ package body Freeze is -- A subtype inherits all the type-related representation aspects -- from its parents (RM 13.1(8)). + if May_Inherit_Delayed_Rep_Aspects (E) then + Inherit_Delayed_Rep_Aspects (E); + end if; + Inherit_Aspects_At_Freeze_Point (E); -- For a derived type, freeze its parent type first (RM 13.14(15)) elsif Is_Derived_Type (E) then Freeze_And_Append (Etype (E), N, Result); - Freeze_And_Append (First_Subtype (Etype (E)), N, Result); -- A derived type inherits each type-related representation aspect -- of its parent type that was directly specified before the -- declaration of the derived type (RM 13.1(15)). + if May_Inherit_Delayed_Rep_Aspects (E) then + Inherit_Delayed_Rep_Aspects (E); + end if; + Inherit_Aspects_At_Freeze_Point (E); end if; @@ -9089,6 +9094,11 @@ package body Freeze is Set_Has_Delayed_Aspects (Ftyp, False); end if; + if May_Inherit_Delayed_Rep_Aspects (Ftyp) then + Inherit_Delayed_Rep_Aspects (Ftyp); + Set_May_Inherit_Delayed_Rep_Aspects (Ftyp, False); + end if; + -- Inherit the Small value from the first subtype in any case if Typ /= Ftyp then @@ -9653,9 +9663,7 @@ package body Freeze is Set_Has_Delayed_Freeze (T); L := Freeze_Entity (T, N); - if Is_Non_Empty_List (L) then - Insert_Actions (N, L); - end if; + Insert_Actions (N, L); end Freeze_Itype; -------------------------- diff --git a/gcc/ada/gnat-style.texi b/gcc/ada/gnat-style.texi index cbc11ac..f3b1c29 100644 --- a/gcc/ada/gnat-style.texi +++ b/gcc/ada/gnat-style.texi @@ -3,7 +3,7 @@ @setfilename gnat-style.info @documentencoding UTF-8 @ifinfo -@*Generated by Sphinx 4.3.1.@* +@*Generated by Sphinx 5.1.1.@* @end ifinfo @settitle GNAT Coding Style A Guide for GNAT Developers @defindex ge @@ -15,13 +15,11 @@ * gnat-style: (gnat-style.info). gnat-style @end direntry -@definfoenclose strong,`,' -@definfoenclose emph,`,' @c %**end of header @copying @quotation -GNAT Coding Style: A Guide for GNAT Developers , Jan 03, 2022 +GNAT Coding Style: A Guide for GNAT Developers , Aug 25, 2022 AdaCore @@ -255,7 +253,7 @@ When declarations are commented with ‘hanging’ comments, i.e. comments after the declaration, there is no blank line before the comment, and if it is absolutely necessary to have blank lines within the comments, e.g. to make paragraph separations within a single comment, -these blank lines @emph{do} have a @code{--} (unlike the +these blank lines `do' have a @code{--} (unlike the normal rule, which is to use entirely blank lines for separating comment paragraphs). The comment starts at same level of indentation as code it is commenting. @@ -304,12 +302,12 @@ Other_Id := 6; -- Second comment @end example @item -Short comments that fit on a single line are @emph{not} ended with a +Short comments that fit on a single line are `not' ended with a period. Comments taking more than a line are punctuated in the normal manner. @item -Comments should focus on @emph{why} instead of @emph{what}. +Comments should focus on `why' instead of `what'. Descriptions of what subprograms do go with the specification. @item @@ -319,7 +317,7 @@ depend on the names of things. The names are supplementary, not sufficient, as comments. @item -@emph{Do not} put two spaces after periods in comments. +`Do not' put two spaces after periods in comments. @end itemize @node Declarations and Types,Expressions and Names,Lexical Elements,Top @@ -958,7 +956,7 @@ Copyright 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. -@strong{Preamble} +`Preamble' The purpose of this License is to make a manual, textbook, or other functional and useful document “free” in the sense of freedom: to @@ -981,23 +979,23 @@ it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. -@strong{1. APPLICABILITY AND DEFINITIONS} +`1. APPLICABILITY AND DEFINITIONS' This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that -work under the conditions stated herein. The @strong{Document}, below, +work under the conditions stated herein. The `Document', below, refers to any such manual or work. Any member of the public is a -licensee, and is addressed as “@strong{you}”. You accept the license if you +licensee, and is addressed as “`you'”. You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. -A “@strong{Modified Version}” of the Document means any work containing the +A “`Modified Version'” of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. -A “@strong{Secondary Section}” is a named appendix or a front-matter section of +A “`Secondary Section'” is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document’s overall subject (or to related matters) and contains nothing that could fall directly @@ -1008,7 +1006,7 @@ connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. -The “@strong{Invariant Sections}” are certain Secondary Sections whose titles +The “`Invariant Sections'” are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not @@ -1016,12 +1014,12 @@ allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. -The “@strong{Cover Texts}” are certain short passages of text that are listed, +The “`Cover Texts'” are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. -A “@strong{Transparent}” copy of the Document means a machine-readable copy, +A “`Transparent'” copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of @@ -1032,7 +1030,7 @@ to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount -of text. A copy that is not “Transparent” is called @strong{Opaque}. +of text. A copy that is not “Transparent” is called `Opaque'. Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML @@ -1045,22 +1043,22 @@ processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. -The “@strong{Title Page}” means, for a printed book, the title page itself, +The “`Title Page'” means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, “Title Page” means the text near the most prominent appearance of the work’s title, preceding the beginning of the body of the text. -The “@strong{publisher}” means any person or entity that distributes +The “`publisher'” means any person or entity that distributes copies of the Document to the public. -A section “@strong{Entitled XYZ}” means a named subunit of the Document whose +A section “`Entitled XYZ'” means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a -specific section name mentioned below, such as “@strong{Acknowledgements}”, -“@strong{Dedications}”, “@strong{Endorsements}”, or “@strong{History}”.) -To “@strong{Preserve the Title}” +specific section name mentioned below, such as “`Acknowledgements'”, +“`Dedications'”, “`Endorsements'”, or “`History'”.) +To “`Preserve the Title'” of such a section when you modify the Document means that it remains a section “Entitled XYZ” according to this definition. @@ -1071,7 +1069,7 @@ License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. -@strong{2. VERBATIM COPYING} +`2. VERBATIM COPYING' You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the @@ -1086,7 +1084,7 @@ number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. -@strong{3. COPYING IN QUANTITY} +`3. COPYING IN QUANTITY' If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the @@ -1123,7 +1121,7 @@ It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. -@strong{4. MODIFICATIONS} +`4. MODIFICATIONS' You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release @@ -1240,7 +1238,7 @@ The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. -@strong{5. COMBINING DOCUMENTS} +`5. COMBINING DOCUMENTS' You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified @@ -1264,7 +1262,7 @@ in the various original documents, forming one section Entitled and any sections Entitled “Dedications”. You must delete all sections Entitled “Endorsements”. -@strong{6. COLLECTIONS OF DOCUMENTS} +`6. COLLECTIONS OF DOCUMENTS' You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this @@ -1277,7 +1275,7 @@ it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. -@strong{7. AGGREGATION WITH INDEPENDENT WORKS} +`7. AGGREGATION WITH INDEPENDENT WORKS' A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or @@ -1296,7 +1294,7 @@ electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. -@strong{8. TRANSLATION} +`8. TRANSLATION' Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. @@ -1316,7 +1314,7 @@ If a section in the Document is Entitled “Acknowledgements”, its Title (section 1) will typically require changing the actual title. -@strong{9. TERMINATION} +`9. TERMINATION' You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt @@ -1343,7 +1341,7 @@ this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. -@strong{10. FUTURE REVISIONS OF THIS LICENSE} +`10. FUTURE REVISIONS OF THIS LICENSE' The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new @@ -1364,7 +1362,7 @@ License can be used, that proxy’s public statement of acceptance of a version permanently authorizes you to choose that version for the Document. -@strong{11. RELICENSING} +`11. RELICENSING' “Massive Multiauthor Collaboration Site” (or “MMC Site”) means any World Wide Web server that publishes copyrightable works and also @@ -1393,7 +1391,7 @@ The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. -@strong{ADDENDUM: How to use this License for your documents} +`ADDENDUM: How to use this License for your documents' To use this License in a document you have written, include a copy of the License in the document and put the following copyright and diff --git a/gcc/ada/gnat_rm.texi b/gcc/ada/gnat_rm.texi index 1ffc146..fe2f434 100644 --- a/gcc/ada/gnat_rm.texi +++ b/gcc/ada/gnat_rm.texi @@ -3,7 +3,7 @@ @setfilename gnat_rm.info @documentencoding UTF-8 @ifinfo -@*Generated by Sphinx 4.3.1.@* +@*Generated by Sphinx 5.1.1.@* @end ifinfo @settitle GNAT Reference Manual @defindex ge @@ -15,13 +15,11 @@ * gnat_rm: (gnat_rm.info). gnat_rm @end direntry -@definfoenclose strong,`,' -@definfoenclose emph,`,' @c %**end of header @copying @quotation -GNAT Reference Manual , Jul 11, 2022 +GNAT Reference Manual , Aug 25, 2022 AdaCore @@ -48,7 +46,7 @@ Copyright @copyright{} 2008-2022, Free Software Foundation @c %**start of body @anchor{gnat_rm doc}@anchor{0} -@emph{GNAT, The GNU Ada Development Environment} +`GNAT, The GNU Ada Development Environment' @include gcc-common.texi @@ -943,7 +941,7 @@ invoked in Ada 83 compatibility mode. By default, GNAT assumes Ada 2012, but you can override with a compiler switch to explicitly specify the language version. -(Please refer to the @emph{GNAT User’s Guide} for details on these switches.) +(Please refer to the `GNAT User’s Guide' for details on these switches.) Throughout this manual, references to ‘Ada’ without a year suffix apply to all the Ada versions of the language. @@ -1109,7 +1107,7 @@ and @code{classes}. @code{Variables} @item -@emph{Emphasis} +`Emphasis' @item [optional information or parameters] @@ -1784,7 +1782,7 @@ type of the expression is either @code{Standard.Boolean}, or any type derived from this standard type. Assert checks can be either checked or ignored. By default they are ignored. -They will be checked if either the command line switch @emph{-gnata} is +They will be checked if either the command line switch `-gnata' is used, or if an @code{Assertion_Policy} or @code{Check_Policy} pragma is used to enable @code{Assert_Checks}. @@ -1906,10 +1904,10 @@ If the policy is @code{CHECK}, then assertions are enabled, i.e. the corresponding pragma or aspect is activated. If the policy is @code{IGNORE}, then assertions are ignored, i.e. the corresponding pragma or aspect is deactivated. -This pragma overrides the effect of the @emph{-gnata} switch on the +This pragma overrides the effect of the `-gnata' switch on the command line. If the policy is @code{SUPPRESSIBLE}, then assertions are enabled by default, -however, if the @emph{-gnatp} switch is specified all assertions are ignored. +however, if the `-gnatp' switch is specified all assertions are ignored. The implementation defined policy @code{DISABLE} is like @code{IGNORE} except that it completely disables semantic @@ -2143,7 +2141,7 @@ be independently controlled. The identifier @code{Assertion} is special, it refers to the normal set of pragma @code{Assert} statements. Checks introduced by this pragma are normally deactivated by default. They can -be activated either by the command line option @emph{-gnata}, which turns on +be activated either by the command line option `-gnata', which turns on all checks, or individually controlled using pragma @code{Check_Policy}. The identifiers @code{Assertions} and @code{Statement_Assertions} are not @@ -2166,7 +2164,7 @@ pragma Check_Float_Overflow; In Ada, the predefined floating-point types (@code{Short_Float}, @code{Float}, @code{Long_Float}, @code{Long_Long_Float}) are -defined to be @emph{unconstrained}. This means that even though each +defined to be `unconstrained'. This means that even though each has a well-defined base range, an operation that delivers a result outside this base range is not required to raise an exception. This implementation permission accommodates the notion @@ -2205,7 +2203,7 @@ will be generated. The @code{Constraint_Error} exception is raised if the result is out of range. This mode can also be set by use of the compiler -switch @emph{-gnateF}. +switch `-gnateF'. @node Pragma Check_Name,Pragma Check_Policy,Pragma Check_Float_Overflow,Implementation Defined Pragmas @anchor{gnat_rm/implementation_defined_pragmas pragma-check-name}@anchor{37} @@ -2315,7 +2313,7 @@ is given, then subsequent @code{Check} pragmas whose first argument is also The check policy is @code{OFF} to turn off corresponding checks, and @code{ON} to turn on corresponding checks. The default for a set of checks for which no @code{Check_Policy} is given is @code{OFF} unless the compiler switch -@emph{-gnata} is given, which turns on all checks by default. +`-gnata' is given, which turns on all checks by default. The check policy settings @code{CHECK} and @code{IGNORE} are recognized as synonyms for @code{ON} and @code{OFF}. These synonyms are provided for @@ -2414,7 +2412,7 @@ pragma Compile_Time_Warning @end example Same as pragma Compile_Time_Error, except a warning is issued instead -of an error message. If switch @emph{-gnatw_C} is used, a warning is only issued +of an error message. If switch `-gnatw_C' is used, a warning is only issued if the value of the expression is known to be True at compile time, not when the value of the expression is not known at compile time. Note that if this pragma is used in a package that @@ -2427,7 +2425,7 @@ of formal parameters are tested, and warnings given appropriately. Another use with a first parameter of True is to warn a client about use of a package, for example that it is not fully implemented. -In previous versions of the compiler, combining @emph{-gnatwe} with +In previous versions of the compiler, combining `-gnatwe' with Compile_Time_Warning resulted in a fatal error. Now the compiler always emits a warning. You can use @ref{3b,,Pragma Compile_Time_Error} to force the generation of an error. @@ -2507,7 +2505,7 @@ The meaning of the @code{Form} argument is as follows: @table @asis -@item @emph{Component_Size} +@item `Component_Size' Aligns scalar components and subcomponents of the array or record type on boundaries appropriate to their inherent size (naturally @@ -2519,7 +2517,7 @@ machines except the VAX. @geindex Component_Size_4 (in pragma Component_Alignment) -@item @emph{Component_Size_4} +@item `Component_Size_4' Naturally aligns components with a size of four or fewer bytes. Components that are larger than 4 bytes are placed on the next @@ -2527,7 +2525,7 @@ bytes. Components that are larger than 4 bytes are placed on the next @geindex Storage_Unit (in pragma Component_Alignment) -@item @emph{Storage_Unit} +@item `Storage_Unit' Specifies that array or record components are byte aligned, i.e., aligned on boundaries determined by the value of the constant @@ -2535,7 +2533,7 @@ aligned on boundaries determined by the value of the constant @geindex Default (in pragma Component_Alignment) -@item @emph{Default} +@item `Default' Specifies that array or record components are aligned on default boundaries, appropriate to the underlying hardware or operating system or @@ -2757,16 +2755,16 @@ must be of one of the following forms: @itemize * @item -@strong{function} @code{Fname} @strong{return} T` +`function' @code{Fname} `return' T` @item -@strong{function} @code{Fname} @strong{return} T’Class +`function' @code{Fname} `return' T’Class @item -@strong{function} @code{Fname} (…) @strong{return} T` +`function' @code{Fname} (…) `return' T` @item -@strong{function} @code{Fname} (…) @strong{return} T’Class +`function' @code{Fname} (…) `return' T’Class @end itemize where @code{T} is a limited record type imported from C++ with pragma @@ -2890,7 +2888,7 @@ semantics of the pragma is exactly equivalent to the procedure call statement corresponding to the argument with a terminating semicolon. Pragmas are permitted in sequences of declarations, so you can use pragma @code{Debug} to intersperse calls to debug procedures in the middle of declarations. Debug -pragmas can be enabled either by use of the command line switch @emph{-gnata} +pragmas can be enabled either by use of the command line switch `-gnata' or by use of the pragma @code{Check_Policy} with a first argument of @code{Debug}. @@ -2968,8 +2966,8 @@ package DSSO1 is end DSSO1; @end example -In this example record types with names starting with @emph{L} have @cite{Low_Order_First} scalar -storage order, and record types with names starting with @emph{H} have @code{High_Order_First}. +In this example record types with names starting with `L' have @cite{Low_Order_First} scalar +storage order, and record types with names starting with `H' have @code{High_Order_First}. Note that in the case of @code{H4a}, the order is not inherited from the parent type. Only an explicitly set @code{Scalar_Storage_Order} gets inherited on type derivation. @@ -3134,8 +3132,8 @@ pragma Elaboration_Checks (Dynamic | Static); This is a configuration pragma which specifies the elaboration model to be used during compilation. For more information on the elaboration models of -GNAT, consult the chapter on elaboration order handling in the @emph{GNAT User’s -Guide}. +GNAT, consult the chapter on elaboration order handling in the `GNAT User’s +Guide'. The pragma may appear in the following contexts: @@ -3582,14 +3580,14 @@ the Ada RM. However, other implementations, notably the DEC Ada 83 implementation, provide many extensions to package @code{System}. For each such implementation accommodated by this pragma, GNAT provides a -package @code{Aux_@emph{xxx}}, e.g., @code{Aux_DEC} for the DEC Ada 83 +package @code{Aux_@var{xxx}}, e.g., @code{Aux_DEC} for the DEC Ada 83 implementation, which provides the required additional definitions. You can use this package in two ways. You can @code{with} it in the normal way and access entities either by selection or using a @code{use} clause. In this case no special processing is required. However, if existing code contains references such as -@code{System.@emph{xxx}} where @emph{xxx} is an entity in the extended +@code{System.@var{xxx}} where `xxx' is an entity in the extended definitions provided in package @code{System}, you may use this pragma to extend visibility in @code{System} in a non-standard way that provides greater compatibility with the existing code. Pragma @@ -3597,8 +3595,8 @@ provides greater compatibility with the existing code. Pragma the name of the package containing the extended definition (e.g., @code{Aux_DEC} for the DEC Ada case). A unit compiled under control of this pragma will be processed using special visibility -processing that looks in package @code{System.Aux_@emph{xxx}} where -@code{Aux_@emph{xxx}} is the pragma argument for any entity referenced in +processing that looks in package @code{System.Aux_@var{xxx}} where +@code{Aux_@var{xxx}} is the pragma argument for any entity referenced in package @code{System}, but not found in package @code{System}. You can use this pragma either to access a predefined @code{System} @@ -3606,7 +3604,7 @@ extension supplied with the compiler, for example @code{Aux_DEC} or you can construct your own extension unit following the above definition. Note that such a package is a child of @code{System} and thus is considered part of the implementation. -To compile it you will have to use the @emph{-gnatg} switch +To compile it you will have to use the `-gnatg' switch for compiling System units, as explained in the GNAT User’s Guide. @@ -3627,7 +3625,7 @@ pragma Extensions_Allowed (On | Off); This configuration pragma enables or disables the implementation extension mode (the use of Off as a parameter cancels the effect -of the @emph{-gnatX} command switch). +of the `-gnatX' command switch). In extension mode, the latest version of the Ada language is implemented (currently Ada 2022), and in addition a number @@ -4033,7 +4031,7 @@ following operations are affected: @table @asis -@item @emph{Complex Multiplication} +@item `Complex Multiplication' The normal simple formula for complex multiplication can result in intermediate overflows for numbers near the end of the range. The Ada standard requires that @@ -4657,7 +4655,7 @@ program. Note that pragma @code{Initialize_Scalars} is particularly useful in conjunction with the enhanced validity checking that is now provided in GNAT, which checks for invalid values under more conditions. Using this feature (see description -of the @emph{-gnatV} flag in the GNAT User’s Guide) in conjunction with pragma +of the `-gnatV' flag in the GNAT User’s Guide) in conjunction with pragma @code{Initialize_Scalars} provides a powerful new tool to assist in the detection of problems caused by uninitialized variables. @@ -4708,7 +4706,7 @@ pragma Inline_Always (NAME [, NAME]); Similar to pragma @code{Inline} except that inlining is unconditional. Inline_Always instructs the compiler to inline every direct call to the subprogram or else to emit a compilation error, independently of any -option, in particular @emph{-gnatn} or @emph{-gnatN} or the optimization level. +option, in particular `-gnatn' or `-gnatN' or the optimization level. It is an error to take the address or access of @code{NAME}. It is also an error to apply this pragma to a primitive operation of a tagged type. Thanks to such restrictions, the compiler is allowed to remove the out-of-line body of @code{NAME}. @@ -5367,7 +5365,7 @@ unrolling, but there is no guarantee that the loop will be vectorized. These hints do not remove the need to pass the appropriate switches to the compiler in order to enable the relevant optimizations, that is to say -@emph{-funroll-loops} for unrolling and @emph{-ftree-vectorize} for +`-funroll-loops' for unrolling and `-ftree-vectorize' for vectorization. @node Pragma Loop_Variant,Pragma Machine_Attribute,Pragma Loop_Optimize,Implementation Defined Pragmas @@ -5433,10 +5431,10 @@ pragma Machine_Attribute ( Machine-dependent attributes can be specified for types and/or declarations. This pragma is semantically equivalent to -@code{__attribute__((@emph{attribute_name}))} (if @code{info} is not -specified) or @code{__attribute__((@emph{attribute_name(info})))} -or @code{__attribute__((@emph{attribute_name(info,...})))} in GNU C, -where @emph{attribute_name} is recognized by the compiler middle-end +@code{__attribute__((@var{attribute_name}))} (if @code{info} is not +specified) or @code{__attribute__((@var{attribute_name(info})))} +or @code{__attribute__((@var{attribute_name(info,...})))} in GNU C, +where `attribute_name' is recognized by the compiler middle-end or the @code{TARGET_ATTRIBUTE_TABLE} machine specific macro. Note that a string literal for the optional parameter @code{info} or the following ones is transformed by default into an identifier, @@ -5621,8 +5619,8 @@ pragma No_Inline (NAME @{, NAME@}); This pragma suppresses inlining for the callable entity or the instances of the generic subprogram designated by @code{NAME}, including inlining that results from the use of pragma @code{Inline}. This pragma is always active, -in particular it is not subject to the use of option @emph{-gnatn} or -@emph{-gnatN}. It is illegal to specify both pragma @code{No_Inline} and +in particular it is not subject to the use of option `-gnatn' or +`-gnatN'. It is illegal to specify both pragma @code{No_Inline} and pragma @code{Inline_Always} for the same @code{NAME}. @node Pragma No_Return,Pragma No_Strict_Aliasing,Pragma No_Inline,Implementation Defined Pragmas @@ -5732,28 +5730,28 @@ are as follows: @table @asis -@item @emph{Standard.Character} +@item `Standard.Character' Objects whose root type is Standard.Character are initialized to Character’Last unless the subtype range excludes NUL (in which case NUL is used). This choice will always generate an invalid value if one exists. -@item @emph{Standard.Wide_Character} +@item `Standard.Wide_Character' Objects whose root type is Standard.Wide_Character are initialized to Wide_Character’Last unless the subtype range excludes NUL (in which case NUL is used). This choice will always generate an invalid value if one exists. -@item @emph{Standard.Wide_Wide_Character} +@item `Standard.Wide_Wide_Character' Objects whose root type is Standard.Wide_Wide_Character are initialized to the invalid value 16#FFFF_FFFF# unless the subtype range excludes NUL (in which case NUL is used). This choice will always generate an invalid value if one exists. -@item @emph{Integer types} +@item `Integer types' Objects of an integer type are treated differently depending on whether negative values are present in the subtype. If no negative values are @@ -5768,26 +5766,26 @@ is in the subtype, and the largest positive number is not, in which case the largest positive value is used. This choice will always generate an invalid value if one exists. -@item @emph{Floating-Point Types} +@item `Floating-Point Types' Objects of all floating-point types are initialized to all 1-bits. For standard IEEE format, this corresponds to a NaN (not a number) which is indeed an invalid value. -@item @emph{Fixed-Point Types} +@item `Fixed-Point Types' Objects of all fixed-point types are treated as described above for integers, with the rules applying to the underlying integer value used to represent the fixed-point value. -@item @emph{Modular types} +@item `Modular types' Objects of a modular type are initialized to all one bits, except in the special case where zero is excluded from the subtype, in which case all zero bits are used. This choice will always generate an invalid value if one exists. -@item @emph{Enumeration types} +@item `Enumeration types' Objects of an enumeration type are initialized to all one-bits, i.e., to the value @code{2 ** typ'Size - 1} unless the subtype excludes the literal @@ -6001,7 +5999,7 @@ specifies a set of possible colors, and the order is unimportant. For unordered enumeration types, it is generally a good idea if clients avoid comparisons (other than equality or inequality) and -explicit ranges. (A @emph{client} is a unit where the type is referenced, +explicit ranges. (A `client' is a unit where the type is referenced, other than the unit where the type is declared, its body, and its subunits.) For example, if code buried in some client says: @@ -6044,7 +6042,7 @@ if D in Mon .. Fri then ... if D < Wed then ... @end example -The pragma @emph{Ordered} is provided to mark enumeration types that +The pragma `Ordered' is provided to mark enumeration types that are conceptually ordered, alerting the reader that clients may depend on the ordering. GNAT provides a pragma to mark enumerations as ordered rather than one to mark them as unordered, since in our experience, @@ -6056,7 +6054,7 @@ are considered to be ordered types, so each is declared with a pragma @code{Ordered} in package @code{Standard}. Normally pragma @code{Ordered} serves only as documentation and a guide for -coding standards, but GNAT provides a warning switch @emph{-gnatw.u} that +coding standards, but GNAT provides a warning switch `-gnatw.u' that requests warnings for inappropriate uses (comparisons and explicit subranges) for unordered types. If this switch is used, then any enumeration type not marked with pragma @code{Ordered} will be considered @@ -6067,7 +6065,7 @@ template can be instantiated for both cases), so we never generate warnings for the case of generic enumerated types. For additional information please refer to the description of the -@emph{-gnatw.u} switch in the GNAT User’s Guide. +`-gnatw.u' switch in the GNAT User’s Guide. @node Pragma Overflow_Mode,Pragma Overriding_Renamings,Pragma Ordered,Implementation Defined Pragmas @anchor{gnat_rm/implementation_defined_pragmas pragma-overflow-mode}@anchor{af} @@ -6298,7 +6296,7 @@ referenced in the postcondition expressions. The postconditions are collected and automatically tested just before any return (implicit or explicit) in the subprogram body. A postcondition is only recognized if postconditions are active -at the time the pragma is encountered. The compiler switch @emph{gnata} +at the time the pragma is encountered. The compiler switch `gnata' turns on all postconditions by default, and pragma @code{Check_Policy} with an identifier of @code{Postcondition} can also be used to control whether postconditions are active. @@ -7430,22 +7428,22 @@ run with various special switches as follows: @itemize * @item -@emph{Where compiler-generated run-time checks remain} +`Where compiler-generated run-time checks remain' -The switch @emph{-gnatGL} +The switch `-gnatGL' may be used to list the expanded code in pseudo-Ada form. Runtime checks show up in the listing either as explicit checks or operators marked with @{@} to indicate a check is present. @item -@emph{An identification of known exceptions at compile time} +`An identification of known exceptions at compile time' -If the program is compiled with @emph{-gnatwa}, +If the program is compiled with `-gnatwa', the compiler warning messages will indicate all cases where the compiler detects that an exception is certain to occur at run time. @item -@emph{Possible reads of uninitialized variables} +`Possible reads of uninitialized variables' The compiler warns of many such cases, but its output is incomplete. @end itemize @@ -7459,29 +7457,29 @@ possible points at which uninitialized data may be read. @itemize * @item -@emph{Where run-time support routines are implicitly invoked} +`Where run-time support routines are implicitly invoked' -In the output from @emph{-gnatGL}, +In the output from `-gnatGL', run-time calls are explicitly listed as calls to the relevant run-time routine. @item -@emph{Object code listing} +`Object code listing' -This may be obtained either by using the @emph{-S} switch, +This may be obtained either by using the `-S' switch, or the objdump utility. @item -@emph{Constructs known to be erroneous at compile time} +`Constructs known to be erroneous at compile time' -These are identified by warnings issued by the compiler (use @emph{-gnatwa}). +These are identified by warnings issued by the compiler (use `-gnatwa'). @item -@emph{Stack usage information} +`Stack usage information' Static stack usage data (maximum per-subprogram) can be obtained via the -@emph{-fstack-usage} switch to the compiler. -Dynamic stack usage data (per task) can be obtained via the @emph{-u} switch +`-fstack-usage' switch to the compiler. +Dynamic stack usage data (per task) can be obtained via the `-u' switch to gnatbind @end itemize @@ -7490,21 +7488,21 @@ to gnatbind @itemize * @item -@emph{Object code listing of entire partition} +`Object code listing of entire partition' -This can be obtained by compiling the partition with @emph{-S}, +This can be obtained by compiling the partition with `-S', or by applying objdump to all the object files that are part of the partition. @item -@emph{A description of the run-time model} +`A description of the run-time model' The full sources of the run-time are available, and the documentation of these routines describes how these run-time routines interface to the underlying operating system facilities. @item -@emph{Control and data-flow information} +`Control and data-flow information' @end itemize @@ -7810,7 +7808,7 @@ the pragma line (for use in error messages and debugging information). @code{string_literal} is a static string constant that specifies the file name to be used in error messages and debugging information. This is most notably used for the output of @code{gnatchop} -with the @emph{-r} switch, to make sure that the original unchopped +with the `-r' switch, to make sure that the original unchopped source file is the one referred to. The second argument must be a string literal, it cannot be a static @@ -8023,7 +8021,7 @@ the @code{gnat.adc} file). The form with a string literal specifies which style options are to be activated. These are additive, so they apply in addition to any previously set style check options. The codes for the options are the same as those -used in the @emph{-gnaty} switch to @emph{gcc} or @emph{gnatmake}. +used in the `-gnaty' switch to `gcc' or `gnatmake'. For example the following two methods can be used to enable layout checking: @@ -8909,7 +8907,7 @@ The form with a string literal specifies which validity options are to be activated. The validity checks are first set to include only the default reference manual settings, and then a string of letters in the string specifies the exact set of options required. The form of this string -is exactly as described for the @emph{-gnatVx} compiler switch (see the +is exactly as described for the `-gnatVx' compiler switch (see the GNAT User’s Guide for details). For example the following two methods can be used to enable validity checking for mode @code{in} and @code{in out} subprogram parameters: @@ -9033,8 +9031,8 @@ message string (it is not necessary to put an asterisk at the start and the end of the message, since this is implied). Another possibility for the static_string_EXPRESSION which works whether -or not error tags are enabled (@emph{-gnatw.d}) is to use a single -@emph{-gnatw} tag string, enclosed in brackets, +or not error tags are enabled (`-gnatw.d') is to use a single +`-gnatw' tag string, enclosed in brackets, as shown in the example below, to treat one category of warnings as errors. Note that if you want to treat multiple categories of warnings as errors, you can use multiple pragma Warning_As_Error. @@ -9042,7 +9040,7 @@ you can use multiple pragma Warning_As_Error. The above use of patterns to match the message applies only to warning messages generated by the front end. This pragma can also be applied to warnings provided by the back end and mentioned in @ref{11a,,Pragma Warnings}. -By using a single full @emph{-Wxxx} switch in the pragma, such warnings +By using a single full `-Wxxx' switch in the pragma, such warnings can also be treated as errors. The pragma can appear either in a global configuration pragma file @@ -9055,7 +9053,7 @@ pragma Warning_As_Error ("[-gnatwj]"); which will treat all obsolescent feature warnings as errors, the following program compiles as shown (compile options here are -@emph{-gnatwa.d -gnatl -gnatj55}). +`-gnatwa.d -gnatl -gnatj55'). @example 1. pragma Warning_As_Error ("*never assigned*"); @@ -9116,7 +9114,7 @@ expression (which does not exist in Ada 83). Note if the second argument of @code{DETAILS} is a @code{local_NAME} then the second form is always understood. If the intention is to use the fourth form, then you can write @code{NAME & ""} to force the -intepretation as a @emph{static_string_EXPRESSION}. +intepretation as a `static_string_EXPRESSION'. Note: if the first argument is a valid @code{TOOL_NAME}, it will be interpreted that way. The use of the @code{TOOL_NAME} argument is relevant only to users @@ -9164,9 +9162,9 @@ The warnings controlled by the @code{-gnatw} switch are generated by the front end of the compiler. The GCC back end can provide additional warnings and they are controlled by the @code{-W} switch. Such warnings can be identified by the appearance of a string of the form @code{[-W@{xxx@}]} in the -message which designates the @code{-W@emph{xxx}} switch that controls the message. -The form with a single @emph{static_string_EXPRESSION} argument also works for these -warnings, but the string must be a single full @code{-W@emph{xxx}} switch in this +message which designates the @code{-W`xxx'} switch that controls the message. +The form with a single `static_string_EXPRESSION' argument also works for these +warnings, but the string must be a single full @code{-W`xxx'} switch in this case. The above reference lists a few examples of these additional warnings. The specified warnings will be in effect until the end of the program @@ -9179,7 +9177,7 @@ also be used as a configuration pragma. The fourth form, with an @code{On|Off} parameter and a string, is used to control individual messages, based on their text. The string argument is a pattern that is used to match against the text of individual -warning messages (not including the initial “warning: ” tag). +warning messages (not including the initial “warning: “ tag). The pattern may contain asterisks, which match zero or more characters in the message. For example, you can use @@ -9196,7 +9194,7 @@ the end of the message, since this is implied). The above use of patterns to match the message applies only to warning messages generated by the front end. This form of the pragma with a string argument can also be used to control warnings provided by the back end and -mentioned above. By using a single full @code{-W@emph{xxx}} switch in the pragma, +mentioned above. By using a single full @code{-W`xxx'} switch in the pragma, such warnings can be turned on and off. There are two ways to use the pragma in this form. The OFF form can be used @@ -9214,7 +9212,7 @@ pragma Warnings (On, Pattern); @end example In this usage, the pattern string must match in the Off and On -pragmas, and (if @emph{-gnatw.w} is given) at least one matching +pragmas, and (if `-gnatw.w' is given) at least one matching warning must be suppressed. Note: if the ON form is not found, then the effect of the OFF form extends @@ -9471,15 +9469,15 @@ corresponding to @ref{29,,pragma Annotate}. @table @asis -@item @emph{Annotate => ID} +@item `Annotate => ID' Equivalent to @code{pragma Annotate (ID, Entity => Name);} -@item @emph{Annotate => (ID)} +@item `Annotate => (ID)' Equivalent to @code{pragma Annotate (ID, Entity => Name);} -@item @emph{Annotate => (ID ,ID @{, ARG@})} +@item `Annotate => (ID ,ID @{, ARG@})' Equivalent to @code{pragma Annotate (ID, ID @{, ARG@}, Entity => Name);} @end table @@ -10396,7 +10394,7 @@ supported by the target for the given type. @code{obj'Bit}, where @code{obj} is any object, yields the bit offset within the storage unit (byte) that contains the first bit of storage allocated for the object. The value of this attribute is of the -type @emph{universal_integer} and is always a nonnegative number smaller +type `universal_integer' and is always a nonnegative number smaller than @code{System.Storage_Unit}. For an object that is a variable or a constant allocated in a register, @@ -10428,7 +10426,7 @@ and implementation of the @code{Bit} attribute. of the fields of the record type, yields the bit offset within the record contains the first bit of storage allocated for the object. The value of this attribute is of the -type @emph{universal_integer}. The value depends only on the field +type `universal_integer'. The value depends only on the field @code{C} and is independent of the alignment of the containing record @code{R}. @@ -10775,7 +10773,7 @@ prefix) yields a static Boolean value that is True if pragma The prefix of attribute @code{Finalization_Size} must be an object or a non-class-wide type. This attribute returns the size of any hidden data reserved by the compiler to handle finalization-related actions. The type of -the attribute is @emph{universal_integer}. +the attribute is `universal_integer'. @code{Finalization_Size} yields a value of zero for a type with no controlled parts, an object whose type has no controlled parts, or an object of a @@ -11110,17 +11108,17 @@ the target. The result is a static constant. @code{func'Mechanism_Code} yields an integer code for the mechanism used for the result of function @code{func}, and @code{subprog'Mechanism_Code (n)} yields the mechanism -used for formal parameter number @emph{n} (a static integer value, with 1 +used for formal parameter number `n' (a static integer value, with 1 meaning the first parameter) of subprogram @code{subprog}. The code returned is: @table @asis -@item @emph{1} +@item `1' by copy (value) -@item @emph{2} +@item `2' by reference @end table @@ -11520,7 +11518,7 @@ the native ordering of the target, but this default can be overridden using pragma @code{Default_Scalar_Storage_Order}. If a component of @code{T} is itself of a record or array type, the specfied -@code{Scalar_Storage_Order} does @emph{not} apply to that nested type: an explicit +@code{Scalar_Storage_Order} does `not' apply to that nested type: an explicit attribute definition clause must be provided for the component type as well if desired. @@ -11624,7 +11622,7 @@ the primitive @code{Allocate} procedure for type @code{SSP}, passing @code{S'Simple_Storage_Pool} as the pool parameter. The detailed semantics of such allocators is the same as those defined for allocators in section 13.11 of the @cite{Ada Reference Manual}, with the term -@emph{simple storage pool} substituted for @emph{storage pool}. +`simple storage pool' substituted for `storage pool'. If an access type @code{S} has a specified simple storage pool of type @code{SSP}, then a call to an instance of the @code{Ada.Unchecked_Deallocation} @@ -11632,7 +11630,7 @@ for that access type invokes the primitive @code{Deallocate} procedure for type @code{SSP}, passing @code{S'Simple_Storage_Pool} as the pool parameter. The detailed semantics of such unchecked deallocations is the same as defined in section 13.11.2 of the Ada Reference Manual, except that the -term @emph{simple storage pool} is substituted for @emph{storage pool}. +term `simple storage pool' is substituted for `storage pool'. @node Attribute Small,Attribute Small_Denominator,Attribute Simple_Storage_Pool,Implementation Defined Attributes @anchor{gnat_rm/implementation_defined_attributes attribute-small}@anchor{19e} @@ -12576,7 +12574,9 @@ delay statements and no semantic dependences on package Calendar. @geindex No_Dependence [RM 13.12.1] This restriction ensures at compile time that there are no -dependences on a library unit. +dependences on a library unit. For GNAT, this includes implicit implementation +dependences on units of the runtime library that are created by the compiler +to support specific constructs of the language. @node No_Direct_Boolean_Operators,No_Dispatch,No_Dependence,Partition-Wide Restrictions @anchor{gnat_rm/standard_and_implementation_defined_restrictions no-direct-boolean-operators}@anchor{1cb} @@ -13923,7 +13923,7 @@ Explanation @item -@emph{Abort_Defer} +`Abort_Defer' @tab @@ -13931,7 +13931,7 @@ Affects semantics @item -@emph{Ada_83} +`Ada_83' @tab @@ -13939,7 +13939,7 @@ Affects legality @item -@emph{Assert} +`Assert' @tab @@ -13947,7 +13947,7 @@ Affects semantics @item -@emph{CPP_Class} +`CPP_Class' @tab @@ -13955,7 +13955,7 @@ Affects semantics @item -@emph{CPP_Constructor} +`CPP_Constructor' @tab @@ -13963,7 +13963,7 @@ Affects semantics @item -@emph{Debug} +`Debug' @tab @@ -13971,7 +13971,7 @@ Affects semantics @item -@emph{Interface_Name} +`Interface_Name' @tab @@ -13979,7 +13979,7 @@ Affects semantics @item -@emph{Machine_Attribute} +`Machine_Attribute' @tab @@ -13987,7 +13987,7 @@ Affects semantics @item -@emph{Unimplemented_Unit} +`Unimplemented_Unit' @tab @@ -13995,7 +13995,7 @@ Affects legality @item -@emph{Unchecked_Union} +`Unchecked_Union' @tab @@ -14160,7 +14160,7 @@ is a software rather than a hardware format. row-major order, consistent with the notation used for multidimensional array aggregates (see 4.3.3). However, if a pragma @code{Convention} (@code{Fortran}, …) applies to a multidimensional array type, then -column-major order should be used instead (see B.5, @emph{Interfacing with Fortran}).” +column-major order should be used instead (see B.5, `Interfacing with Fortran').” @end quotation Followed. @@ -14321,7 +14321,7 @@ The recommended level of support pragma @code{Pack} is: For a packed record type, the components should be packed as tightly as possible subject to the Sizes of the component subtypes, and subject to -any @emph{record_representation_clause} that applies to the type; the +any `record_representation_clause' that applies to the type; the implementation may, but need not, reorder components or cross aligned word boundaries to improve the packing. A component whose @code{Size} is greater than the word size may be allocated an integral number of words.” @@ -14579,7 +14579,7 @@ Followed. @quotation “The recommended level of support for -@emph{record_representation_clause}s is: +`record_representation_clause's is: An implementation should support storage places that can be extracted with a load, mask, shift sequence of machine code, and set with a load, @@ -14620,7 +14620,7 @@ clause for the tag field. @quotation -“An implementation need not support a @emph{component_clause} for a +“An implementation need not support a `component_clause' for a component of an extension part if the storage place is not after the storage places of all components of the parent type, whether or not those storage places had been specified.” @@ -15006,10 +15006,10 @@ packages. @quotation -“For each supported convention @emph{L} other than @code{Intrinsic}, an +“For each supported convention `L' other than @code{Intrinsic}, an implementation should support @code{Import} and @code{Export} pragmas -for objects of @emph{L}-compatible types and for subprograms, and pragma -@cite{Convention} for @emph{L}-eligible types and for subprograms, +for objects of `L'-compatible types and for subprograms, and pragma +@cite{Convention} for `L'-eligible types and for subprograms, presuming the other language has corresponding features. Pragma @code{Convention} need not be supported for scalar types.” @end quotation @@ -15482,10 +15482,10 @@ Followed. No such implementation-defined queuing policies exist. @quotation -“Even though the @emph{abort_statement} is included in the list of +“Even though the `abort_statement' is included in the list of potentially blocking operations (see 9.5.1), it is recommended that this statement be implemented in a way that never requires the task executing -the @emph{abort_statement} to block.” +the `abort_statement' to block.” @end quotation Followed. @@ -15841,7 +15841,7 @@ There are no variations from the standard. interactions. See 1.1.3(10).” @end itemize -Any @emph{code_statement} can potentially cause external interactions. +Any `code_statement' can potentially cause external interactions. @itemize * @@ -15882,8 +15882,8 @@ length. See 2.2(15).” The maximum line length is 255 characters and the maximum length of a lexical element is also 255 characters. This is the default setting -if not overridden by the use of compiler switch @emph{-gnaty} (which -sets the maximum to 79) or @emph{-gnatyMnn} which allows the maximum +if not overridden by the use of compiler switch `-gnaty' (which +sets the maximum to 79) or `-gnatyMnn' which allows the maximum line length to be specified to be any value up to 32767. The maximum length of a lexical element is the same as the maximum line length. @@ -15941,7 +15941,7 @@ Representation @item -@emph{Short_Short_Integer} +`Short_Short_Integer' @tab @@ -15949,7 +15949,7 @@ Representation @item -@emph{Short_Integer} +`Short_Integer' @tab @@ -15957,7 +15957,7 @@ Representation @item -@emph{Integer} +`Integer' @tab @@ -15965,7 +15965,7 @@ Representation @item -@emph{Long_Integer} +`Long_Integer' @tab @@ -15975,7 +15975,7 @@ depending on the C definition of long) @item -@emph{Long_Long_Integer} +`Long_Long_Integer' @tab @@ -15983,7 +15983,7 @@ depending on the C definition of long) @item -@emph{Long_Long_Long_Integer} +`Long_Long_Long_Integer' @tab @@ -16044,7 +16044,7 @@ Representation @item -@emph{Short_Float} +`Short_Float' @tab @@ -16052,7 +16052,7 @@ IEEE Binary32 (Single) @item -@emph{Float} +`Float' @tab @@ -16060,7 +16060,7 @@ IEEE Binary32 (Single) @item -@emph{Long_Float} +`Long_Float' @tab @@ -16068,7 +16068,7 @@ IEEE Binary64 (Double) @item -@emph{Long_Long_Float} +`Long_Long_Float' @tab @@ -16129,10 +16129,10 @@ small must lie in 1.0E-38 .. 1.0E+38 and the digits in 1 .. 38. @item “The result of @code{Tags.Expanded_Name} for types declared -within an unnamed @emph{block_statement}. See 3.9(10).” +within an unnamed `block_statement'. See 3.9(10).” @end itemize -Block numbers of the form @code{B@emph{nnn}}, where @emph{nnn} is a +Block numbers of the form @code{B@var{nnn}}, where `nnn' is a decimal integer are allocated. @@ -16233,7 +16233,7 @@ Difficult to characterize. “Any extensions of the Default_Initial_Condition aspect. See 7.3.3(11).” @end itemize -SPARK allows specifying @emph{null} as the Default_Initial_Condition +SPARK allows specifying `null' as the Default_Initial_Condition aspect of a type. See the SPARK reference manual for further details. @@ -16281,8 +16281,8 @@ setting for local time, as accessed by the C library function @itemize * @item -“Any limit on @emph{delay_until_statements} of -@emph{select_statements}. See 9.6(29).” +“Any limit on `delay_until_statements' of +`select_statements'. See 9.6(29).” @end itemize There are no such limits. @@ -16314,7 +16314,7 @@ There are no implementation-defined conflict check policies. @end itemize A compilation is represented by a sequence of files presented to the -compiler in a single invocation of the @emph{gcc} command. +compiler in a single invocation of the `gcc' command. @itemize * @@ -16358,11 +16358,11 @@ mentioned in the context clause of one of the needed Ada units. If the partition contains no main program, or if the main program is in a language other than Ada, then GNAT -provides the binder options @emph{-z} and @emph{-n} respectively, and in +provides the binder options `-z' and `-n' respectively, and in this case a list of units can be explicitly supplied to the binder for inclusion in the partition (all units needed by these units will also be included automatically). For full details on the use of these -options, refer to @emph{GNAT Make Program gnatmake} in the +options, refer to `GNAT Make Program gnatmake' in the @cite{GNAT User’s Guide}. @@ -16393,7 +16393,7 @@ corresponding @code{ALI} file as the input parameter to the binder. @itemize * @item -“The order of elaboration of @emph{library_items}. See 10.2(18).” +“The order of elaboration of `library_items'. See 10.2(18).” @end itemize The first constraint on ordering is that it meets the requirements of @@ -16465,11 +16465,11 @@ been passed by the program. @item “The result of @code{Exceptions.Exception_Name} for types -declared within an unnamed @emph{block_statement}. See 11.4.1(12).” +declared within an unnamed `block_statement'. See 11.4.1(12).” @end itemize -Blocks have implementation defined names of the form @code{B@emph{nnn}} -where @emph{nnn} is an integer. +Blocks have implementation defined names of the form @code{B@var{nnn}} +where `nnn' is an integer. @itemize * @@ -16735,7 +16735,7 @@ See the definition of package System.Storage_Elements in @code{s-stoele.ads}. @item “The contents of the visible part of package @code{System.Machine_Code}, -and the meaning of @emph{code_statements}. See 13.8(7).” +and the meaning of `code_statements'. See 13.8(7).” @end itemize See the definition and documentation in file @code{s-maccod.ads}. @@ -16969,7 +16969,7 @@ of the state vector. Annex is not supported. See A.5.3(72).” @end itemize -Running the compiler with @emph{-gnatS} to produce a listing of package +Running the compiler with `-gnatS' to produce a listing of package @code{Standard} displays the values of these attributes. @@ -17145,7 +17145,7 @@ Interpretation @item -@emph{Ada} +`Ada' @tab @@ -17153,7 +17153,7 @@ Ada @item -@emph{Ada_Pass_By_Copy} +`Ada_Pass_By_Copy' @tab @@ -17163,7 +17163,7 @@ with this convention to be passed by copy. @item -@emph{Ada_Pass_By_Reference} +`Ada_Pass_By_Reference' @tab @@ -17173,7 +17173,7 @@ with this convention to be passed by reference. @item -@emph{Assembler} +`Assembler' @tab @@ -17181,7 +17181,7 @@ Assembly language @item -@emph{Asm} +`Asm' @tab @@ -17189,7 +17189,7 @@ Synonym for Assembler @item -@emph{Assembly} +`Assembly' @tab @@ -17197,7 +17197,7 @@ Synonym for Assembler @item -@emph{C} +`C' @tab @@ -17205,7 +17205,7 @@ C @item -@emph{C_Pass_By_Copy} +`C_Pass_By_Copy' @tab @@ -17214,7 +17214,7 @@ is to be passed by copy rather than reference. @item -@emph{COBOL} +`COBOL' @tab @@ -17222,7 +17222,7 @@ COBOL @item -@emph{C_Plus_Plus (or CPP)} +`C_Plus_Plus (or CPP)' @tab @@ -17230,7 +17230,7 @@ C++ @item -@emph{Default} +`Default' @tab @@ -17238,7 +17238,7 @@ Treated the same as C @item -@emph{External} +`External' @tab @@ -17246,7 +17246,7 @@ Treated the same as C @item -@emph{Fortran} +`Fortran' @tab @@ -17254,7 +17254,7 @@ Fortran @item -@emph{Intrinsic} +`Intrinsic' @tab @@ -17263,7 +17263,7 @@ separate section on Intrinsic Subprograms. @item -@emph{Stdcall} +`Stdcall' @tab @@ -17274,7 +17274,7 @@ exit. This pragma cannot be applied to a dispatching call. @item -@emph{DLL} +`DLL' @tab @@ -17282,7 +17282,7 @@ Synonym for Stdcall @item -@emph{Win32} +`Win32' @tab @@ -17290,7 +17290,7 @@ Synonym for Stdcall @item -@emph{Stubbed} +`Stubbed' @tab @@ -17403,7 +17403,7 @@ Ada @item -@emph{Floating} +`Floating' @tab @@ -17411,7 +17411,7 @@ Float @item -@emph{Long_Floating} +`Long_Floating' @tab @@ -17419,7 +17419,7 @@ Float @item -@emph{Binary} +`Binary' @tab @@ -17427,7 +17427,7 @@ Integer @item -@emph{Long_Binary} +`Long_Binary' @tab @@ -17435,7 +17435,7 @@ Long_Long_Integer @item -@emph{Decimal_Element} +`Decimal_Element' @tab @@ -17443,7 +17443,7 @@ Character @item -@emph{COBOL_Character} +`COBOL_Character' @tab @@ -17540,12 +17540,12 @@ attribute. See C.7.1(7).” The result of this attribute is a string that identifies the object or component that denotes a given task. If a variable @code{Var} -has a task type, the image for this task will have the form @code{Var_@emph{XXXXXXXX}}, -where the suffix @emph{XXXXXXXX} +has a task type, the image for this task will have the form @code{Var_@var{XXXXXXXX}}, +where the suffix `XXXXXXXX' is the hexadecimal representation of the virtual address of the corresponding task control block. If the variable is an array of tasks, the image of each task will have the form of an indexed component indicating the position of a -given task in the array, e.g., @code{Group(5)_@emph{XXXXXXX}}. If the task is a +given task in the array, e.g., @code{Group(5)_@var{XXXXXXX}}. If the task is a component of a record, the image of the task will have the form of a selected component. These rules are fully recursive, so that the image of a task that is a subcomponent of a composite object corresponds to the expression that @@ -17648,7 +17648,7 @@ The value is 10 milliseconds. @itemize * @item -“Implementation-defined @emph{policy_identifiers} allowed +“Implementation-defined `policy_identifiers' allowed in a pragma @code{Locking_Policy}. See D.3(4).” @end itemize @@ -17900,7 +17900,7 @@ Value @item -@emph{Max_Scale} +`Max_Scale' @tab @@ -17908,7 +17908,7 @@ Value @item -@emph{Min_Scale} +`Min_Scale' @tab @@ -17916,7 +17916,7 @@ Value @item -@emph{Min_Delta} +`Min_Delta' @tab @@ -17924,7 +17924,7 @@ Value @item -@emph{Max_Delta} +`Max_Delta' @tab @@ -17932,7 +17932,7 @@ Value @item -@emph{Max_Decimal_Digits} +`Max_Decimal_Digits' @tab @@ -18024,7 +18024,7 @@ result type is @code{False}. See G.2.1(13).” Infinite and NaN values are produced as dictated by the IEEE floating-point standard. Note that on machines that are not fully compliant with the IEEE -floating-point standard, such as Alpha, the @emph{-mieee} compiler flag +floating-point standard, such as Alpha, the `-mieee' compiler flag must be used for achieving IEEE conforming behavior (although at the cost of a significant performance penalty), so infinite and NaN values are properly generated. @@ -18057,7 +18057,7 @@ is converted to the target type. @itemize * @item -“Conditions on a @emph{universal_real} operand of a fixed +“Conditions on a `universal_real' operand of a fixed point multiplication or division for which the result shall be in the perfect result set. See G.2.3(22).” @end itemize @@ -18476,7 +18476,7 @@ The default alignment values are as follows: @itemize * @item -@emph{Elementary Types}. +`Elementary Types'. For elementary types, the alignment is the minimum of the actual size of objects of the type divided by @code{Storage_Unit}, @@ -18493,7 +18493,7 @@ than 8, in which case objects of type @code{Long_Float} will be maximally aligned. @item -@emph{Arrays}. +`Arrays'. For arrays, the alignment is equal to the alignment of the component type for the normal case where no packing or component size is given. If the @@ -18506,7 +18506,7 @@ will be as described for elementary types, e.g. a packed array of length 31 bits will have an object size of four bytes, and an alignment of 4. @item -@emph{Records}. +`Records'. For the normal unpacked case, the alignment of a record is equal to the maximum alignment of any of its components. For tagged records, this @@ -18690,7 +18690,7 @@ Then @code{Default_Stack_Size} can be defined in a global package, and modified as required. Any tasks requiring stack sizes different from the default can have an appropriate alternative reference in the pragma. -You can also use the @emph{-d} binder switch to modify the default stack +You can also use the `-d' binder switch to modify the default stack size. For access types, the @code{Storage_Size} clause specifies the maximum @@ -18950,7 +18950,7 @@ discrete types are as follows: @item The @code{Object_Size} for base subtypes reflect the natural hardware -size in bits (run the compiler with @emph{-gnatS} to find those values +size in bits (run the compiler with `-gnatS' to find those values for numeric types). Enumeration types and fixed-point base subtypes have 8, 16, 32, or 64 bits for this size, depending on the range of values to be stored. @@ -19623,7 +19623,7 @@ an appropriate manner. @geindex Pragma Pack (for arrays) Pragma @code{Pack} applied to an array has an effect that depends upon whether the -component type is @emph{packable}. For a component type to be @emph{packable}, it must +component type is `packable'. For a component type to be `packable', it must be one of the following cases: @@ -19744,8 +19744,8 @@ since in this case the programmer intention is clear. Pragma @code{Pack} applied to a record will pack the components to reduce wasted space from alignment gaps and by reducing the amount of space -taken by components. We distinguish between @emph{packable} components and -@emph{non-packable} components. +taken by components. We distinguish between `packable' components and +`non-packable' components. Components of the following types are considered packable: @@ -19994,7 +19994,7 @@ be in the range: 0 .. System.Max_Binary_Modulus; @end example -A @emph{confirming} representation clause is one in which the values range +A `confirming' representation clause is one in which the values range from 0 in sequence, i.e., a clause that confirms the default representation for an enumeration type. Such a confirming representation @@ -20436,7 +20436,7 @@ There are four exceptions to this general rule: @itemize * @item -@emph{Convention Fortran and array subtypes}. +`Convention Fortran and array subtypes'. If pragma Convention Fortran is specified for an array subtype, then in accordance with the implementation advice in section 3.6.2(11) of the @@ -20444,7 +20444,7 @@ Ada Reference Manual, the array will be stored in a Fortran-compatible column-major manner, instead of the normal default row-major order. @item -@emph{Convention C and enumeration types} +`Convention C and enumeration types' GNAT normally stores enumeration types in 8, 16, or 32 bits as required to accommodate all values of the type. For example, for the enumeration @@ -20470,7 +20470,7 @@ warning in this situation. The warning can be suppressed by giving an explicit size clause specifying the desired size. @item -@emph{Convention C/Fortran and Boolean types} +`Convention C/Fortran and Boolean types' In C, the usual convention for boolean values, that is values used for conditions, is that zero represents false, and nonzero values represent @@ -20594,7 +20594,7 @@ fields placed? The section on pragma @code{Pack} in this chapter can be used to answer the second question, but it is often easier to just see what the compiler does. -For this purpose, GNAT provides the option @emph{-gnatR}. If you compile +For this purpose, GNAT provides the option `-gnatR'. If you compile with this option, then the compiler will output information on the actual representations chosen, in a format similar to source representation clauses. For example, if we compile the package: @@ -20643,7 +20643,7 @@ package q is end q; @end example -using the switch @emph{-gnatR} we obtain the following output: +using the switch `-gnatR' we obtain the following output: @example Representation information for unit q @@ -20753,56 +20753,56 @@ the unit is not implemented. @table @asis -@item @code{Ada} @emph{(A.2)} +@item @code{Ada} `(A.2)' This is a parent package for all the standard library packages. It is usually included implicitly in your program, and itself contains no useful data or routines. -@item @code{Ada.Assertions} @emph{(11.4.2)} +@item @code{Ada.Assertions} `(11.4.2)' @code{Assertions} provides the @code{Assert} subprograms, and also the declaration of the @code{Assertion_Error} exception. -@item @code{Ada.Asynchronous_Task_Control} @emph{(D.11)} +@item @code{Ada.Asynchronous_Task_Control} `(D.11)' @code{Asynchronous_Task_Control} provides low level facilities for task synchronization. It is typically not implemented. See package spec for details. -@item @code{Ada.Calendar} @emph{(9.6)} +@item @code{Ada.Calendar} `(9.6)' @code{Calendar} provides time of day access, and routines for manipulating times and durations. -@item @code{Ada.Calendar.Arithmetic} @emph{(9.6.1)} +@item @code{Ada.Calendar.Arithmetic} `(9.6.1)' This package provides additional arithmetic operations for @code{Calendar}. -@item @code{Ada.Calendar.Formatting} @emph{(9.6.1)} +@item @code{Ada.Calendar.Formatting} `(9.6.1)' This package provides formatting operations for @code{Calendar}. -@item @code{Ada.Calendar.Time_Zones} @emph{(9.6.1)} +@item @code{Ada.Calendar.Time_Zones} `(9.6.1)' This package provides additional @code{Calendar} facilities for handling time zones. -@item @code{Ada.Characters} @emph{(A.3.1)} +@item @code{Ada.Characters} `(A.3.1)' This is a dummy parent package that contains no useful entities -@item @code{Ada.Characters.Conversions} @emph{(A.3.2)} +@item @code{Ada.Characters.Conversions} `(A.3.2)' This package provides character conversion functions. -@item @code{Ada.Characters.Handling} @emph{(A.3.2)} +@item @code{Ada.Characters.Handling} `(A.3.2)' This package provides some basic character handling capabilities, including classification functions for classes of characters (e.g., test for letters, or digits). -@item @code{Ada.Characters.Latin_1} @emph{(A.3.3)} +@item @code{Ada.Characters.Latin_1} `(A.3.3)' This package includes a complete set of definitions of the characters that appear in type CHARACTER. It is useful for writing programs that @@ -20812,194 +20812,194 @@ the definition of @code{UC_E_Acute} in this package. Then your program will print in an understandable manner even if your environment does not support these extended characters. -@item @code{Ada.Command_Line} @emph{(A.15)} +@item @code{Ada.Command_Line} `(A.15)' This package provides access to the command line parameters and the name of the current program (analogous to the use of @code{argc} and @code{argv} in C), and also allows the exit status for the program to be set in a system-independent manner. -@item @code{Ada.Complex_Text_IO} @emph{(G.1.3)} +@item @code{Ada.Complex_Text_IO} `(G.1.3)' This package provides text input and output of complex numbers. -@item @code{Ada.Containers} @emph{(A.18.1)} +@item @code{Ada.Containers} `(A.18.1)' A top level package providing a few basic definitions used by all the following specific child packages that provide specific kinds of containers. @end table -@code{Ada.Containers.Bounded_Priority_Queues} @emph{(A.18.31)} +@code{Ada.Containers.Bounded_Priority_Queues} `(A.18.31)' -@code{Ada.Containers.Bounded_Synchronized_Queues} @emph{(A.18.29)} +@code{Ada.Containers.Bounded_Synchronized_Queues} `(A.18.29)' -@code{Ada.Containers.Doubly_Linked_Lists} @emph{(A.18.3)} +@code{Ada.Containers.Doubly_Linked_Lists} `(A.18.3)' -@code{Ada.Containers.Generic_Array_Sort} @emph{(A.18.26)} +@code{Ada.Containers.Generic_Array_Sort} `(A.18.26)' -@code{Ada.Containers.Generic_Constrained_Array_Sort} @emph{(A.18.26)} +@code{Ada.Containers.Generic_Constrained_Array_Sort} `(A.18.26)' -@code{Ada.Containers.Generic_Sort} @emph{(A.18.26)} +@code{Ada.Containers.Generic_Sort} `(A.18.26)' -@code{Ada.Containers.Hashed_Maps} @emph{(A.18.5)} +@code{Ada.Containers.Hashed_Maps} `(A.18.5)' -@code{Ada.Containers.Hashed_Sets} @emph{(A.18.8)} +@code{Ada.Containers.Hashed_Sets} `(A.18.8)' -@code{Ada.Containers.Indefinite_Doubly_Linked_Lists} @emph{(A.18.12)} +@code{Ada.Containers.Indefinite_Doubly_Linked_Lists} `(A.18.12)' -@code{Ada.Containers.Indefinite_Hashed_Maps} @emph{(A.18.13)} +@code{Ada.Containers.Indefinite_Hashed_Maps} `(A.18.13)' -@code{Ada.Containers.Indefinite_Hashed_Sets} @emph{(A.18.15)} +@code{Ada.Containers.Indefinite_Hashed_Sets} `(A.18.15)' -@code{Ada.Containers.Indefinite_Holders} @emph{(A.18.18)} +@code{Ada.Containers.Indefinite_Holders} `(A.18.18)' -@code{Ada.Containers.Indefinite_Multiway_Trees} @emph{(A.18.17)} +@code{Ada.Containers.Indefinite_Multiway_Trees} `(A.18.17)' -@code{Ada.Containers.Indefinite_Ordered_Maps} @emph{(A.18.14)} +@code{Ada.Containers.Indefinite_Ordered_Maps} `(A.18.14)' -@code{Ada.Containers.Indefinite_Ordered_Sets} @emph{(A.18.16)} +@code{Ada.Containers.Indefinite_Ordered_Sets} `(A.18.16)' -@code{Ada.Containers.Indefinite_Vectors} @emph{(A.18.11)} +@code{Ada.Containers.Indefinite_Vectors} `(A.18.11)' -@code{Ada.Containers.Multiway_Trees} @emph{(A.18.10)} +@code{Ada.Containers.Multiway_Trees} `(A.18.10)' -@code{Ada.Containers.Ordered_Maps} @emph{(A.18.6)} +@code{Ada.Containers.Ordered_Maps} `(A.18.6)' -@code{Ada.Containers.Ordered_Sets} @emph{(A.18.9)} +@code{Ada.Containers.Ordered_Sets} `(A.18.9)' -@code{Ada.Containers.Synchronized_Queue_Interfaces} @emph{(A.18.27)} +@code{Ada.Containers.Synchronized_Queue_Interfaces} `(A.18.27)' -@code{Ada.Containers.Unbounded_Priority_Queues} @emph{(A.18.30)} +@code{Ada.Containers.Unbounded_Priority_Queues} `(A.18.30)' -@code{Ada.Containers.Unbounded_Synchronized_Queues} @emph{(A.18.28)} +@code{Ada.Containers.Unbounded_Synchronized_Queues} `(A.18.28)' -@code{Ada.Containers.Vectors} @emph{(A.18.2)} +@code{Ada.Containers.Vectors} `(A.18.2)' @table @asis -@item @code{Ada.Directories} @emph{(A.16)} +@item @code{Ada.Directories} `(A.16)' This package provides operations on directories. -@item @code{Ada.Directories.Hierarchical_File_Names} @emph{(A.16.1)} +@item @code{Ada.Directories.Hierarchical_File_Names} `(A.16.1)' This package provides additional directory operations handling hiearchical file names. -@item @code{Ada.Directories.Information} @emph{(A.16)} +@item @code{Ada.Directories.Information} `(A.16)' This is an implementation defined package for additional directory operations, which is not implemented in GNAT. -@item @code{Ada.Decimal} @emph{(F.2)} +@item @code{Ada.Decimal} `(F.2)' This package provides constants describing the range of decimal numbers implemented, and also a decimal divide routine (analogous to the COBOL verb DIVIDE … GIVING … REMAINDER …) -@item @code{Ada.Direct_IO} @emph{(A.8.4)} +@item @code{Ada.Direct_IO} `(A.8.4)' This package provides input-output using a model of a set of records of fixed-length, containing an arbitrary definite Ada type, indexed by an integer record number. -@item @code{Ada.Dispatching} @emph{(D.2.1)} +@item @code{Ada.Dispatching} `(D.2.1)' A parent package containing definitions for task dispatching operations. -@item @code{Ada.Dispatching.EDF} @emph{(D.2.6)} +@item @code{Ada.Dispatching.EDF} `(D.2.6)' Not implemented in GNAT. -@item @code{Ada.Dispatching.Non_Preemptive} @emph{(D.2.4)} +@item @code{Ada.Dispatching.Non_Preemptive} `(D.2.4)' Not implemented in GNAT. -@item @code{Ada.Dispatching.Round_Robin} @emph{(D.2.5)} +@item @code{Ada.Dispatching.Round_Robin} `(D.2.5)' Not implemented in GNAT. -@item @code{Ada.Dynamic_Priorities} @emph{(D.5)} +@item @code{Ada.Dynamic_Priorities} `(D.5)' This package allows the priorities of a task to be adjusted dynamically as the task is running. -@item @code{Ada.Environment_Variables} @emph{(A.17)} +@item @code{Ada.Environment_Variables} `(A.17)' This package provides facilities for accessing environment variables. -@item @code{Ada.Exceptions} @emph{(11.4.1)} +@item @code{Ada.Exceptions} `(11.4.1)' This package provides additional information on exceptions, and also contains facilities for treating exceptions as data objects, and raising exceptions with associated messages. -@item @code{Ada.Execution_Time} @emph{(D.14)} +@item @code{Ada.Execution_Time} `(D.14)' This package provides CPU clock functionalities. It is not implemented on all targets (see package spec for details). -@item @code{Ada.Execution_Time.Group_Budgets} @emph{(D.14.2)} +@item @code{Ada.Execution_Time.Group_Budgets} `(D.14.2)' Not implemented in GNAT. -@item @code{Ada.Execution_Time.Timers} @emph{(D.14.1)’} +@item @code{Ada.Execution_Time.Timers} `(D.14.1)’' Not implemented in GNAT. -@item @code{Ada.Finalization} @emph{(7.6)} +@item @code{Ada.Finalization} `(7.6)' This package contains the declarations and subprograms to support the use of controlled types, providing for automatic initialization and finalization (analogous to the constructors and destructors of C++). -@item @code{Ada.Float_Text_IO} @emph{(A.10.9)} +@item @code{Ada.Float_Text_IO} `(A.10.9)' A library level instantiation of Text_IO.Float_IO for type Float. -@item @code{Ada.Float_Wide_Text_IO} @emph{(A.10.9)} +@item @code{Ada.Float_Wide_Text_IO} `(A.10.9)' A library level instantiation of Wide_Text_IO.Float_IO for type Float. -@item @code{Ada.Float_Wide_Wide_Text_IO} @emph{(A.10.9)} +@item @code{Ada.Float_Wide_Wide_Text_IO} `(A.10.9)' A library level instantiation of Wide_Wide_Text_IO.Float_IO for type Float. -@item @code{Ada.Integer_Text_IO} @emph{(A.10.9)} +@item @code{Ada.Integer_Text_IO} `(A.10.9)' A library level instantiation of Text_IO.Integer_IO for type Integer. -@item @code{Ada.Integer_Wide_Text_IO} @emph{(A.10.9)} +@item @code{Ada.Integer_Wide_Text_IO} `(A.10.9)' A library level instantiation of Wide_Text_IO.Integer_IO for type Integer. -@item @code{Ada.Integer_Wide_Wide_Text_IO} @emph{(A.10.9)} +@item @code{Ada.Integer_Wide_Wide_Text_IO} `(A.10.9)' A library level instantiation of Wide_Wide_Text_IO.Integer_IO for type Integer. -@item @code{Ada.Interrupts} @emph{(C.3.2)} +@item @code{Ada.Interrupts} `(C.3.2)' This package provides facilities for interfacing to interrupts, which includes the set of signals or conditions that can be raised and recognized as interrupts. -@item @code{Ada.Interrupts.Names} @emph{(C.3.2)} +@item @code{Ada.Interrupts.Names} `(C.3.2)' This package provides the set of interrupt names (actually signal or condition names) that can be handled by GNAT. -@item @code{Ada.IO_Exceptions} @emph{(A.13)} +@item @code{Ada.IO_Exceptions} `(A.13)' This package defines the set of exceptions that can be raised by use of the standard IO packages. -@item @code{Ada.Iterator_Interfaces} @emph{(5.5.1)} +@item @code{Ada.Iterator_Interfaces} `(5.5.1)' This package provides a generic interface to generalized iterators. -@item @code{Ada.Locales} @emph{(A.19)} +@item @code{Ada.Locales} `(A.19)' This package provides declarations providing information (Language and Country) about the current locale. @@ -21011,7 +21011,7 @@ throughout the numerics packages. Note that the constants pi and e are defined here, and it is better to use these definitions than rolling your own. -@item @code{Ada.Numerics.Complex_Arrays} @emph{(G.3.2)} +@item @code{Ada.Numerics.Complex_Arrays} `(G.3.2)' Provides operations on arrays of complex numbers. @@ -21118,15 +21118,15 @@ The following predefined instantiations of this package exist @code{Ada.Numerics.Long_Elementary_Functions} @end itemize -@item @code{Ada.Numerics.Generic_Real_Arrays} @emph{(G.3.1)} +@item @code{Ada.Numerics.Generic_Real_Arrays} `(G.3.1)' Generic operations on arrays of reals -@item @code{Ada.Numerics.Real_Arrays} @emph{(G.3.1)} +@item @code{Ada.Numerics.Real_Arrays} `(G.3.1)' Preinstantiation of Ada.Numerics.Generic_Real_Arrays (Float). -@item @code{Ada.Real_Time} @emph{(D.8)} +@item @code{Ada.Real_Time} `(D.8)' This package provides facilities similar to those of @code{Calendar}, but operating with a finer clock suitable for real time control. Note that @@ -21135,29 +21135,29 @@ guarantees this behavior, but of course if the external clock on which the GNAT runtime depends is deliberately reset by some external event, then such a backward jump may occur. -@item @code{Ada.Real_Time.Timing_Events} @emph{(D.15)} +@item @code{Ada.Real_Time.Timing_Events} `(D.15)' Not implemented in GNAT. -@item @code{Ada.Sequential_IO} @emph{(A.8.1)} +@item @code{Ada.Sequential_IO} `(A.8.1)' This package provides input-output facilities for sequential files, which can contain a sequence of values of a single type, which can be any Ada type, including indefinite (unconstrained) types. -@item @code{Ada.Storage_IO} @emph{(A.9)} +@item @code{Ada.Storage_IO} `(A.9)' This package provides a facility for mapping arbitrary Ada types to and from a storage buffer. It is primarily intended for the creation of new IO packages. -@item @code{Ada.Streams} @emph{(13.13.1)} +@item @code{Ada.Streams} `(13.13.1)' This is a generic package that provides the basic support for the concept of streams as used by the stream attributes (@code{Input}, @code{Output}, @code{Read} and @code{Write}). -@item @code{Ada.Streams.Stream_IO} @emph{(A.12.1)} +@item @code{Ada.Streams.Stream_IO} `(A.12.1)' This package is a specialization of the type @code{Streams} defined in package @code{Streams} together with a set of operations providing @@ -21165,76 +21165,76 @@ Stream_IO capability. The Stream_IO model permits both random and sequential access to a file which can contain an arbitrary set of values of one or more Ada types. -@item @code{Ada.Strings} @emph{(A.4.1)} +@item @code{Ada.Strings} `(A.4.1)' This package provides some basic constants used by the string handling packages. -@item @code{Ada.Strings.Bounded} @emph{(A.4.4)} +@item @code{Ada.Strings.Bounded} `(A.4.4)' This package provides facilities for handling variable length strings. The bounded model requires a maximum length. It is thus somewhat more limited than the unbounded model, but avoids the use of dynamic allocation or finalization. -@item @code{Ada.Strings.Bounded.Equal_Case_Insensitive} @emph{(A.4.10)} +@item @code{Ada.Strings.Bounded.Equal_Case_Insensitive} `(A.4.10)' Provides case-insensitive comparisons of bounded strings -@item @code{Ada.Strings.Bounded.Hash} @emph{(A.4.9)} +@item @code{Ada.Strings.Bounded.Hash} `(A.4.9)' This package provides a generic hash function for bounded strings -@item @code{Ada.Strings.Bounded.Hash_Case_Insensitive} @emph{(A.4.9)} +@item @code{Ada.Strings.Bounded.Hash_Case_Insensitive} `(A.4.9)' This package provides a generic hash function for bounded strings that converts the string to be hashed to lower case. -@item @code{Ada.Strings.Bounded.Less_Case_Insensitive} @emph{(A.4.10)} +@item @code{Ada.Strings.Bounded.Less_Case_Insensitive} `(A.4.10)' This package provides a comparison function for bounded strings that works in a case insensitive manner by converting to lower case before the comparison. -@item @code{Ada.Strings.Fixed} @emph{(A.4.3)} +@item @code{Ada.Strings.Fixed} `(A.4.3)' This package provides facilities for handling fixed length strings. -@item @code{Ada.Strings.Fixed.Equal_Case_Insensitive} @emph{(A.4.10)} +@item @code{Ada.Strings.Fixed.Equal_Case_Insensitive} `(A.4.10)' This package provides an equality function for fixed strings that compares the strings after converting both to lower case. -@item @code{Ada.Strings.Fixed.Hash_Case_Insensitive} @emph{(A.4.9)} +@item @code{Ada.Strings.Fixed.Hash_Case_Insensitive} `(A.4.9)' This package provides a case insensitive hash function for fixed strings that converts the string to lower case before computing the hash. -@item @code{Ada.Strings.Fixed.Less_Case_Insensitive} @emph{(A.4.10)} +@item @code{Ada.Strings.Fixed.Less_Case_Insensitive} `(A.4.10)' This package provides a comparison function for fixed strings that works in a case insensitive manner by converting to lower case before the comparison. -@item @code{Ada.Strings.Hash} @emph{(A.4.9)} +@item @code{Ada.Strings.Hash} `(A.4.9)' This package provides a hash function for strings. -@item @code{Ada.Strings.Hash_Case_Insensitive} @emph{(A.4.9)} +@item @code{Ada.Strings.Hash_Case_Insensitive} `(A.4.9)' This package provides a hash function for strings that is case insensitive. The string is converted to lower case before computing the hash. -@item @code{Ada.Strings.Less_Case_Insensitive} @emph{(A.4.10)} +@item @code{Ada.Strings.Less_Case_Insensitive} `(A.4.10)' This package provides a comparison function for\strings that works in a case insensitive manner by converting to lower case before the comparison. -@item @code{Ada.Strings.Maps} @emph{(A.4.2)} +@item @code{Ada.Strings.Maps} `(A.4.2)' This package provides facilities for handling character mappings and arbitrarily defined subsets of characters. For instance it is useful in defining specialized translation tables. -@item @code{Ada.Strings.Maps.Constants} @emph{(A.4.6)} +@item @code{Ada.Strings.Maps.Constants} `(A.4.6)' This package provides a standard set of predefined mappings and predefined character sets. For example, the standard upper to lower case @@ -21244,62 +21244,62 @@ characters, including extended characters like E with an acute accent, into account. You should use the mappings in this package (rather than adding 32 yourself) to do case mappings. -@item @code{Ada.Strings.Unbounded} @emph{(A.4.5)} +@item @code{Ada.Strings.Unbounded} `(A.4.5)' This package provides facilities for handling variable length strings. The unbounded model allows arbitrary length strings, but requires the use of dynamic allocation and finalization. -@item @code{Ada.Strings.Unbounded.Equal_Case_Insensitive} @emph{(A.4.10)} +@item @code{Ada.Strings.Unbounded.Equal_Case_Insensitive} `(A.4.10)' Provides case-insensitive comparisons of unbounded strings -@item @code{Ada.Strings.Unbounded.Hash} @emph{(A.4.9)} +@item @code{Ada.Strings.Unbounded.Hash} `(A.4.9)' This package provides a generic hash function for unbounded strings -@item @code{Ada.Strings.Unbounded.Hash_Case_Insensitive} @emph{(A.4.9)} +@item @code{Ada.Strings.Unbounded.Hash_Case_Insensitive} `(A.4.9)' This package provides a generic hash function for unbounded strings that converts the string to be hashed to lower case. -@item @code{Ada.Strings.Unbounded.Less_Case_Insensitive} @emph{(A.4.10)} +@item @code{Ada.Strings.Unbounded.Less_Case_Insensitive} `(A.4.10)' This package provides a comparison function for unbounded strings that works in a case insensitive manner by converting to lower case before the comparison. -@item @code{Ada.Strings.UTF_Encoding} @emph{(A.4.11)} +@item @code{Ada.Strings.UTF_Encoding} `(A.4.11)' This package provides basic definitions for dealing with UTF-encoded strings. -@item @code{Ada.Strings.UTF_Encoding.Conversions} @emph{(A.4.11)} +@item @code{Ada.Strings.UTF_Encoding.Conversions} `(A.4.11)' This package provides conversion functions for UTF-encoded strings. @end table -@code{Ada.Strings.UTF_Encoding.Strings} @emph{(A.4.11)} +@code{Ada.Strings.UTF_Encoding.Strings} `(A.4.11)' -@code{Ada.Strings.UTF_Encoding.Wide_Strings} @emph{(A.4.11)} +@code{Ada.Strings.UTF_Encoding.Wide_Strings} `(A.4.11)' @table @asis -@item @code{Ada.Strings.UTF_Encoding.Wide_Wide_Strings} @emph{(A.4.11)} +@item @code{Ada.Strings.UTF_Encoding.Wide_Wide_Strings} `(A.4.11)' These packages provide facilities for handling UTF encodings for Strings, Wide_Strings and Wide_Wide_Strings. @end table -@code{Ada.Strings.Wide_Bounded} @emph{(A.4.7)} +@code{Ada.Strings.Wide_Bounded} `(A.4.7)' -@code{Ada.Strings.Wide_Fixed} @emph{(A.4.7)} +@code{Ada.Strings.Wide_Fixed} `(A.4.7)' -@code{Ada.Strings.Wide_Maps} @emph{(A.4.7)} +@code{Ada.Strings.Wide_Maps} `(A.4.7)' @table @asis -@item @code{Ada.Strings.Wide_Unbounded} @emph{(A.4.7)} +@item @code{Ada.Strings.Wide_Unbounded} `(A.4.7)' These packages provide analogous capabilities to the corresponding packages without @code{Wide_} in the name, but operate with the types @@ -21307,33 +21307,33 @@ packages without @code{Wide_} in the name, but operate with the types and @code{Character}. Versions of all the child packages are available. @end table -@code{Ada.Strings.Wide_Wide_Bounded} @emph{(A.4.7)} +@code{Ada.Strings.Wide_Wide_Bounded} `(A.4.7)' -@code{Ada.Strings.Wide_Wide_Fixed} @emph{(A.4.7)} +@code{Ada.Strings.Wide_Wide_Fixed} `(A.4.7)' -@code{Ada.Strings.Wide_Wide_Maps} @emph{(A.4.7)} +@code{Ada.Strings.Wide_Wide_Maps} `(A.4.7)' @table @asis -@item @code{Ada.Strings.Wide_Wide_Unbounded} @emph{(A.4.7)} +@item @code{Ada.Strings.Wide_Wide_Unbounded} `(A.4.7)' These packages provide analogous capabilities to the corresponding packages without @code{Wide_} in the name, but operate with the types @code{Wide_Wide_String} and @code{Wide_Wide_Character} instead of @code{String} and @code{Character}. -@item @code{Ada.Synchronous_Barriers} @emph{(D.10.1)} +@item @code{Ada.Synchronous_Barriers} `(D.10.1)' This package provides facilities for synchronizing tasks at a low level with barriers. -@item @code{Ada.Synchronous_Task_Control} @emph{(D.10)} +@item @code{Ada.Synchronous_Task_Control} `(D.10)' This package provides some standard facilities for controlling task communication in a synchronous manner. -@item @code{Ada.Synchronous_Task_Control.EDF} @emph{(D.10)} +@item @code{Ada.Synchronous_Task_Control.EDF} `(D.10)' Not implemented in GNAT. @@ -21342,21 +21342,21 @@ Not implemented in GNAT. This package contains definitions for manipulation of the tags of tagged values. -@item @code{Ada.Tags.Generic_Dispatching_Constructor} @emph{(3.9)} +@item @code{Ada.Tags.Generic_Dispatching_Constructor} `(3.9)' This package provides a way of constructing tagged class-wide values given only the tag value. -@item @code{Ada.Task_Attributes} @emph{(C.7.2)} +@item @code{Ada.Task_Attributes} `(C.7.2)' This package provides the capability of associating arbitrary task-specific data with separate tasks. -@item @code{Ada.Task_Identifification} @emph{(C.7.1)} +@item @code{Ada.Task_Identifification} `(C.7.1)' This package provides capabilities for task identification. -@item @code{Ada.Task_Termination} @emph{(C.7.3)} +@item @code{Ada.Task_Termination} `(C.7.3)' This package provides control over task termination. @@ -21520,12 +21520,12 @@ unchecked conversion nor Ada.Address_To_Access_Conversions should be used in conjunction with pointers to unconstrained objects, since the bounds information cannot be handled correctly in this case. -@item @code{Ada.Unchecked_Deallocation} @emph{(13.11.2)} +@item @code{Ada.Unchecked_Deallocation} `(13.11.2)' This generic package allows explicit freeing of storage previously allocated by use of an allocator. -@item @code{Ada.Wide_Text_IO} @emph{(A.11)} +@item @code{Ada.Wide_Text_IO} `(A.11)' This package is similar to @code{Ada.Text_IO}, except that the external file supports wide character representations, and the internal types are @@ -21533,7 +21533,7 @@ file supports wide character representations, and the internal types are and @code{String}. The corresponding set of nested packages and child packages are defined. -@item @code{Ada.Wide_Wide_Text_IO} @emph{(A.11)} +@item @code{Ada.Wide_Wide_Text_IO} `(A.11)' This package is similar to @code{Ada.Text_IO}, except that the external file supports wide character representations, and the internal types are @@ -22070,7 +22070,7 @@ Encoding @item -@emph{h} +`h' @tab @@ -22078,7 +22078,7 @@ Hex ESC encoding @item -@emph{u} +`u' @tab @@ -22086,7 +22086,7 @@ Upper half encoding @item -@emph{s} +`s' @tab @@ -22094,7 +22094,7 @@ Shift-JIS encoding @item -@emph{e} +`e' @tab @@ -22102,7 +22102,7 @@ EUC Encoding @item -@emph{8} +`8' @tab @@ -22110,7 +22110,7 @@ UTF-8 encoding @item -@emph{b} +`b' @tab @@ -22133,7 +22133,7 @@ being brackets encoding if no coding method was specified with -gnatW). @table @asis -@item @emph{Hex Coding} +@item `Hex Coding' In this encoding, a wide character is represented by a five character sequence: @@ -22156,7 +22156,7 @@ example, ESC A345 is used to represent the wide character with code @table @asis -@item @emph{Upper Half Coding} +@item `Upper Half Coding' The wide character with encoding 16#abcd#, where the upper bit is on (i.e., a is in the range 8-F) is represented as two bytes 16#ab# and @@ -22164,7 +22164,7 @@ The wide character with encoding 16#abcd#, where the upper bit is on not required to be in the upper half. This method can be also used for shift-JIS or EUC where the internal coding matches the external coding. -@item @emph{Shift JIS Coding} +@item `Shift JIS Coding' A wide character is represented by a two character sequence 16#ab# and 16#cd#, with the restrictions described for upper half encoding as @@ -22173,7 +22173,7 @@ character according to the standard algorithm for Shift-JIS conversion. Only characters defined in the JIS code set table can be used with this encoding method. -@item @emph{EUC Coding} +@item `EUC Coding' A wide character is represented by a two character sequence 16#ab# and 16#cd#, with both characters being in the upper half. The internal @@ -22181,7 +22181,7 @@ character code is the corresponding JIS character according to the EUC encoding algorithm. Only characters defined in the JIS code set table can be used with this encoding method. -@item @emph{UTF-8 Coding} +@item `UTF-8 Coding' A wide character is represented using UCS Transformation Format 8 (UTF-8) as defined in Annex R of ISO @@ -22211,7 +22211,7 @@ will all invalid UTF-8 sequences.) @table @asis -@item @emph{Brackets Coding} +@item `Brackets Coding' In this encoding, a wide character is represented by the following eight character sequence: @@ -22352,7 +22352,7 @@ Encoding @item -@emph{h} +`h' @tab @@ -22360,7 +22360,7 @@ Hex ESC encoding @item -@emph{u} +`u' @tab @@ -22368,7 +22368,7 @@ Upper half encoding @item -@emph{s} +`s' @tab @@ -22376,7 +22376,7 @@ Shift-JIS encoding @item -@emph{e} +`e' @tab @@ -22384,7 +22384,7 @@ EUC Encoding @item -@emph{8} +`8' @tab @@ -22392,7 +22392,7 @@ UTF-8 encoding @item -@emph{b} +`b' @tab @@ -22415,7 +22415,7 @@ being brackets encoding if no coding method was specified with -gnatW). @table @asis -@item @emph{UTF-8 Coding} +@item `UTF-8 Coding' A wide character is represented using UCS Transformation Format 8 (UTF-8) as defined in Annex R of ISO @@ -22443,7 +22443,7 @@ characters. @table @asis -@item @emph{Brackets Coding} +@item `Brackets Coding' In this encoding, a wide wide character is represented by the following eight character sequence if is in wide character range @@ -22673,11 +22673,11 @@ variable. And if not set @code{utf8} is assumed. @table @asis -@item @emph{CP_ACP} +@item `CP_ACP' The current system Windows ANSI code page. -@item @emph{CP_UTF8} +@item `CP_UTF8' UTF-8 encoding @end table @@ -22700,19 +22700,19 @@ The possible values are those supported on Windows: @table @asis -@item @emph{TEXT} +@item `TEXT' Translated text mode -@item @emph{WTEXT} +@item `WTEXT' Translated unicode encoding -@item @emph{U16TEXT} +@item `U16TEXT' Unicode 16-bit encoding -@item @emph{U8TEXT} +@item `U8TEXT' Unicode 8-bit encoding @end table @@ -22741,11 +22741,11 @@ using the mode shown in the following table: @tab -@strong{OPEN} +`OPEN' @tab -@strong{CREATE} +`CREATE' @item @@ -24176,7 +24176,7 @@ C @code{timeval} format. This package implements the CRC-32 algorithm. For a full description of this algorithm see -@emph{Computation of Cyclic Redundancy Checks via Table Look-Up}, +`Computation of Cyclic Redundancy Checks via Table Look-Up', @cite{Communications of the ACM}, Vol. 31 No. 8, pp. 1008-1013, Aug. 1988. Sarwate, D.V. @@ -25846,7 +25846,7 @@ See @ref{7,,Implementation Defined Pragmas}, for more details. @table @asis -@item @code{pragma CPP_Class ([Entity =>] @emph{LOCAL_NAME})} +@item @code{pragma CPP_Class ([Entity =>] @var{LOCAL_NAME})} The argument denotes an entity in the current declarative region that is declared as a tagged or untagged record type. It indicates that the type @@ -25857,7 +25857,7 @@ Note: Pragma @code{CPP_Class} is currently obsolete. It is supported for backward compatibility but its functionality is available using pragma @code{Import} with @code{Convention} = @code{CPP}. -@item @code{pragma CPP_Constructor ([Entity =>] @emph{LOCAL_NAME})} +@item @code{pragma CPP_Constructor ([Entity =>] @var{LOCAL_NAME})} This pragma identifies an imported function (imported in the usual way with pragma @code{Import}) as corresponding to a C++ constructor. @@ -25941,30 +25941,30 @@ GNAT implements all of these annexes: @table @asis -@item @emph{Systems Programming (Annex C)} +@item `Systems Programming (Annex C)' The Systems Programming Annex is fully implemented. -@item @emph{Real-Time Systems (Annex D)} +@item `Real-Time Systems (Annex D)' The Real-Time Systems Annex is fully implemented. -@item @emph{Distributed Systems (Annex E)} +@item `Distributed Systems (Annex E)' Stub generation is fully implemented in the GNAT compiler. In addition, a complete compatible PCS is available as part of the GLADE system, a separate product. When the two products are used in conjunction, this annex is fully implemented. -@item @emph{Information Systems (Annex F)} +@item `Information Systems (Annex F)' The Information Systems annex is fully implemented. -@item @emph{Numerics (Annex G)} +@item `Numerics (Annex G)' The Numerics Annex is fully implemented. -@item @emph{Safety and Security / High-Integrity Systems (Annex H)} +@item `Safety and Security / High-Integrity Systems (Annex H)' The Safety and Security Annex (termed the High-Integrity Systems Annex in Ada 2005) is fully implemented. @@ -26079,7 +26079,7 @@ No support is provided for GNU C’s symbolic names for input parameters. If there are no input operands, this argument may either be omitted, or explicitly given as @code{No_Input_Operands}. The fourth argument, not present in the above example, is a list of register names, called the -@emph{clobber} argument. This argument, if given, must be a static string +`clobber' argument. This argument, if given, must be a static string expression, and is a space or comma separated list of names of registers that must be considered destroyed as a result of the @code{Asm} call. If this argument is the null string (the default value), then the code @@ -26088,7 +26088,7 @@ In addition to registers, the special clobbers @code{memory} and @code{cc} as described in the GNU C docs are both supported. The fifth argument, not present in the above example, called the -@emph{volatile} argument, is by default @code{False}. It can be set to +`volatile' argument, is by default @code{False}. It can be set to the literal value @code{True} to indicate to the code generator that all optimizations with respect to the instruction specified should be suppressed, and in particular an instruction that has outputs @@ -26259,13 +26259,13 @@ scheduling policy states: @quotation -@emph{When the active priority of a ready task that is not running +`When the active priority of a ready task that is not running changes, or the setting of its base priority takes effect, the task is removed from the ready queue for its old active priority and is added at the tail of the ready queue for its new active priority, except in the case where the active priority is lowered due to the loss of inherited priority, in which case the task is -added at the head of the ready queue for its new active priority.} +added at the head of the ready queue for its new active priority.' @end quotation While most kernels do put tasks at the end of the priority queue when @@ -26354,7 +26354,7 @@ extensive usage as follows: @table @asis -@item @emph{Communication between separate programs} +@item `Communication between separate programs' This allows separate programs to access the data in passive partitions, using protected objects for synchronization where @@ -26364,7 +26364,7 @@ running on different machines with different architectures (e.g., different endianness) to communicate via the data in a passive partition. -@item @emph{Persistence between program runs} +@item `Persistence between program runs' The data in a passive package can persist from one run of a program to another, so that a later program sees the final @@ -26618,7 +26618,7 @@ end T; Word : Rec; @end example -Such an object is said to be @emph{unconstrained}. +Such an object is said to be `unconstrained'. The discriminant of the object can be modified by a full assignment to the object, as long as it preserves the relation between the value of the discriminant, and the value of the components @@ -26671,7 +26671,7 @@ index type of ‘reasonable’ range so that unconstrained objects are not too large. One final wrinkle: if the object is declared to be @code{aliased}, or if it is -created in the heap by means of an allocator, then it is @emph{not} +created in the heap by means of an allocator, then it is `not' unconstrained: it is constrained by the default values of the discriminants, and those values cannot be modified by full assignment. This is because in the presence of @@ -26714,15 +26714,15 @@ perform this check by default). Strict conformance to the Ada Reference Manual can be achieved by adding two compiler options for dynamic checks for access-before-elaboration on subprogram -calls and generic instantiations (@emph{-gnatE}), and stack overflow checking -(@emph{-fstack-check}). +calls and generic instantiations (`-gnatE'), and stack overflow checking +(`-fstack-check'). Note that the result of a floating point arithmetic operation in overflow and invalid situations, when the @code{Machine_Overflows} attribute of the result type is @code{False}, is to generate IEEE NaN and infinite values. This is the case for machines compliant with the IEEE floating-point standard, but on machines that are not fully compliant with this standard, such as Alpha, the -@emph{-mieee} compiler flag must be used for achieving IEEE confirming +`-mieee' compiler flag must be used for achieving IEEE confirming behavior (although at the cost of a significant performance penalty), so infinite and NaN values are properly generated. @@ -26744,7 +26744,7 @@ infinite and NaN values are properly generated. This chapter contains a complete list of Ada 2012 features that have been implemented. Generally, these features are only -available if the @emph{-gnat12} (Ada 2012 features enabled) option is set, +available if the `-gnat12' (Ada 2012 features enabled) option is set, which is the default behavior, or if the configuration pragma @code{Ada_2012} is used. @@ -26776,7 +26776,7 @@ A complete description of the AIs may be found in @itemize * @item -@emph{AI-0176 Quantified expressions (2010-09-29)} +`AI-0176 Quantified expressions (2010-09-29)' Both universally and existentially quantified expressions are implemented. They use the new syntax for iterators proposed in AI05-139-2, as well as @@ -26791,9 +26791,9 @@ RM References: 1.01.04 (12) 2.09 (2/2) 4.04 (7) 4.05.09 (0) @itemize * @item -@emph{AI-0079 Allow other_format characters in source (2010-07-10)} +`AI-0079 Allow other_format characters in source (2010-07-10)' -Wide characters in the unicode category @emph{other_format} are now allowed in +Wide characters in the unicode category `other_format' are now allowed in source programs between tokens, but not within a token such as an identifier. RM References: 2.01 (4/2) 2.02 (7) @@ -26805,9 +26805,9 @@ RM References: 2.01 (4/2) 2.02 (7) @itemize * @item -@emph{AI-0091 Do not allow other_format in identifiers (0000-00-00)} +`AI-0091 Do not allow other_format in identifiers (0000-00-00)' -Wide characters in the unicode category @emph{other_format} are not permitted +Wide characters in the unicode category `other_format' are not permitted within an identifier, since this can be a security problem. The error message for this case has been improved to be more specific, but GNAT has never allowed such characters to appear in identifiers. @@ -26821,7 +26821,7 @@ RM References: 2.03 (3.1/2) 2.03 (4/2) 2.03 (5/2) 2.03 (5.1/2) 2.03 (5. @itemize * @item -@emph{AI-0100 Placement of pragmas (2010-07-01)} +`AI-0100 Placement of pragmas (2010-07-01)' This AI is an earlier version of AI-163. It simplifies the rules for legal placement of pragmas. In the case of lists that allow pragmas, if @@ -26836,7 +26836,7 @@ RM References: 2.08 (7) @itemize * @item -@emph{AI-0163 Pragmas in place of null (2010-07-01)} +`AI-0163 Pragmas in place of null (2010-07-01)' A statement sequence may be composed entirely of pragmas. It is no longer necessary to add a dummy @code{null} statement to make the sequence legal. @@ -26850,7 +26850,7 @@ RM References: 2.08 (7) 2.08 (16) @itemize * @item -@emph{AI-0080 ‘View of’ not needed if clear from context (0000-00-00)} +`AI-0080 ‘View of’ not needed if clear from context (0000-00-00)' This is an editorial change only, described as non-testable in the AI. @@ -26863,7 +26863,7 @@ RM References: 3.01 (7) @itemize * @item -@emph{AI-0183 Aspect specifications (2010-08-16)} +`AI-0183 Aspect specifications (2010-08-16)' Aspect specifications have been fully implemented except for pre and post- conditions, and type invariants, which have their own separate AI’s. All @@ -27221,7 +27221,7 @@ RM References: 3.02.01 (3) 3.02.02 (2) 3.03.01 (2/2) 3.08 (6) @itemize * @item -@emph{AI-0128 Inequality is a primitive operation (0000-00-00)} +`AI-0128 Inequality is a primitive operation (0000-00-00)' If an equality operator (“=”) is declared for a type, then the implicitly declared inequality operator (“/=”) is a primitive operation of the type. @@ -27237,7 +27237,7 @@ RM References: 3.02.03 (6) 6.06 (6) @itemize * @item -@emph{AI-0003 Qualified expressions as names (2010-07-11)} +`AI-0003 Qualified expressions as names (2010-07-11)' In Ada 2012, a qualified expression is considered to be syntactically a name, meaning that constructs such as @code{A'(F(X)).B} are now legal. This is @@ -27253,7 +27253,7 @@ RM References: 3.03 (11) 3.03 (21) 4.01 (2) 4.04 (7) 4.07 (3) @itemize * @item -@emph{AI-0120 Constant instance of protected object (0000-00-00)} +`AI-0120 Constant instance of protected object (0000-00-00)' This is an RM editorial change only. The section that lists objects that are constant failed to include the current instance of a protected object @@ -27269,7 +27269,7 @@ RM References: 3.03 (21) @itemize * @item -@emph{AI-0008 General access to constrained objects (0000-00-00)} +`AI-0008 General access to constrained objects (0000-00-00)' The wording in the RM implied that if you have a general access to a constrained object, it could be used to modify the discriminants. This was @@ -27285,7 +27285,7 @@ RM References: 3.03 (23) 3.10.02 (26/2) 4.01 (9) 6.04.01 (17) 8.05.01 ( @itemize * @item -@emph{AI-0093 Additional rules use immutably limited (0000-00-00)} +`AI-0093 Additional rules use immutably limited (0000-00-00)' This is an editorial change only, to make more widespread use of the Ada 2012 ‘immutably limited’. @@ -27299,7 +27299,7 @@ RM References: 3.03 (23.4/3) @itemize * @item -@emph{AI-0096 Deriving from formal private types (2010-07-20)} +`AI-0096 Deriving from formal private types (2010-07-20)' In general it is illegal for a type derived from a formal limited type to be nonlimited. This AI makes an exception to this rule: derivation is legal @@ -27316,7 +27316,7 @@ RM References: 3.04 (5.1/2) 6.02 (7) @itemize * @item -@emph{AI-0181 Soft hyphen is a non-graphic character (2010-07-23)} +`AI-0181 Soft hyphen is a non-graphic character (2010-07-23)' From Ada 2005 on, soft hyphen is considered a non-graphic character, which means that it has a special name (@code{SOFT_HYPHEN}) in conjunction with the @@ -27333,7 +27333,7 @@ RM References: 3.05.02 (2/2) A.01 (35/2) A.03.03 (21) @itemize * @item -@emph{AI-0182 Additional forms for} @code{Character'Value} @emph{(0000-00-00)} +`AI-0182 Additional forms for' @code{Character'Value} `(0000-00-00)' This AI allows @code{Character'Value} to accept the string @code{'?'} where @code{?} is any character including non-graphic control characters. GNAT has @@ -27351,7 +27351,7 @@ RM References: 3.05 (56/2) @itemize * @item -@emph{AI-0214 Defaulted discriminants for limited tagged (2010-10-01)} +`AI-0214 Defaulted discriminants for limited tagged (2010-10-01)' Ada 2012 relaxes the restriction that forbids discriminants of tagged types to have default expressions by allowing them when the type is limited. It @@ -27367,7 +27367,7 @@ RM References: 3.07 (9.1/2) 3.07.02 (3) @itemize * @item -@emph{AI-0102 Some implicit conversions are illegal (0000-00-00)} +`AI-0102 Some implicit conversions are illegal (0000-00-00)' It is illegal to assign an anonymous access constant to an anonymous access variable. The RM did not have a clear rule to prevent this, but GNAT has @@ -27382,7 +27382,7 @@ RM References: 3.07 (16) 3.07.01 (9) 6.04.01 (6) 8.06 (27/2) @itemize * @item -@emph{AI-0158 Generalizing membership tests (2010-09-16)} +`AI-0158 Generalizing membership tests (2010-09-16)' This AI extends the syntax of membership tests to simplify complex conditions that can be expressed as membership in a subset of values of any type. It @@ -27398,7 +27398,7 @@ RM References: 3.08.01 (5) 4.04 (3) 4.05.02 (3) 4.05.02 (5) 4.05.02 (27 @itemize * @item -@emph{AI-0173 Testing if tags represent abstract types (2010-07-03)} +`AI-0173 Testing if tags represent abstract types (2010-07-03)' The function @code{Ada.Tags.Type_Is_Abstract} returns @code{True} if invoked with the tag of an abstract type, and @code{False} otherwise. @@ -27412,7 +27412,7 @@ RM References: 3.09 (7.4/2) 3.09 (12.4/2) @itemize * @item -@emph{AI-0076 function with controlling result (0000-00-00)} +`AI-0076 function with controlling result (0000-00-00)' This is an editorial change only. The RM defines calls with controlling results, but uses the term ‘function with controlling result’ without an @@ -27427,7 +27427,7 @@ RM References: 3.09.02 (2/2) @itemize * @item -@emph{AI-0126 Dispatching with no declared operation (0000-00-00)} +`AI-0126 Dispatching with no declared operation (0000-00-00)' This AI clarifies dispatching rules, and simply confirms that dispatching executes the operation of the parent type when there is no explicitly or @@ -27443,7 +27443,7 @@ RM References: 3.09.02 (20/2) 3.09.02 (20.1/2) 3.09.02 (20.2/2) @itemize * @item -@emph{AI-0097 Treatment of abstract null extension (2010-07-19)} +`AI-0097 Treatment of abstract null extension (2010-07-19)' The RM as written implied that in some cases it was possible to create an object of an abstract type, by having an abstract extension inherit a non- @@ -27459,7 +27459,7 @@ RM References: 3.09.03 (4/2) @itemize * @item -@emph{AI-0203 Extended return cannot be abstract (0000-00-00)} +`AI-0203 Extended return cannot be abstract (0000-00-00)' A return_subtype_indication cannot denote an abstract subtype. GNAT has never permitted such usage. @@ -27473,7 +27473,7 @@ RM References: 3.09.03 (8/3) @itemize * @item -@emph{AI-0198 Inheriting abstract operators (0000-00-00)} +`AI-0198 Inheriting abstract operators (0000-00-00)' This AI resolves a conflict between two rules involving inherited abstract operations and predefined operators. If a derived numeric type inherits @@ -27489,7 +27489,7 @@ RM References: 3.09.03 (4/3) @itemize * @item -@emph{AI-0073 Functions returning abstract types (2010-07-10)} +`AI-0073 Functions returning abstract types (2010-07-10)' This AI covers a number of issues regarding returning abstract types. In particular generic functions cannot have abstract result types or access @@ -27507,7 +27507,7 @@ RM References: 3.09.03 (8) 3.09.03 (10) 6.05 (8/2) @itemize * @item -@emph{AI-0070 Elaboration of interface types (0000-00-00)} +`AI-0070 Elaboration of interface types (0000-00-00)' This is an editorial change only, there are no testable consequences short of checking for the absence of generated code for an interface declaration. @@ -27521,7 +27521,7 @@ RM References: 3.09.04 (18/2) @itemize * @item -@emph{AI-0208 Characteristics of incomplete views (0000-00-00)} +`AI-0208 Characteristics of incomplete views (0000-00-00)' The wording in the Ada 2005 RM concerning characteristics of incomplete views was incorrect and implied that some programs intended to be legal were now @@ -27537,7 +27537,7 @@ RM References: 3.10.01 (2.4/2) 3.10.01 (2.6/2) @itemize * @item -@emph{AI-0162 Incomplete type completed by partial view (2010-09-15)} +`AI-0162 Incomplete type completed by partial view (2010-09-15)' Incomplete types are made more useful by allowing them to be completed by private types and private extensions. @@ -27551,7 +27551,7 @@ RM References: 3.10.01 (2.5/2) 3.10.01 (2.6/2) 3.10.01 (3) 3.10.01 (4/2) @itemize * @item -@emph{AI-0098 Anonymous subprogram access restrictions (0000-00-00)} +`AI-0098 Anonymous subprogram access restrictions (0000-00-00)' An unintentional omission in the RM implied some inconsistent restrictions on the use of anonymous access to subprogram values. These restrictions were not @@ -27566,7 +27566,7 @@ RM References: 3.10.01 (6) 3.10.01 (9.2/2) @itemize * @item -@emph{AI-0199 Aggregate with anonymous access components (2010-07-14)} +`AI-0199 Aggregate with anonymous access components (2010-07-14)' A choice list in a record aggregate can include several components of (distinct) anonymous access types as long as they have matching designated @@ -27581,7 +27581,7 @@ RM References: 4.03.01 (16) @itemize * @item -@emph{AI-0220 Needed components for aggregates (0000-00-00)} +`AI-0220 Needed components for aggregates (0000-00-00)' This AI addresses a wording problem in the RM that appears to permit some complex cases of aggregates with nonstatic discriminants. GNAT has always @@ -27596,7 +27596,7 @@ RM References: 4.03.01 (17) @itemize * @item -@emph{AI-0147 Conditional expressions (2009-03-29)} +`AI-0147 Conditional expressions (2009-03-29)' Conditional expressions are permitted. The form of such an expression is: @@ -27605,10 +27605,10 @@ Conditional expressions are permitted. The form of such an expression is: @end example The parentheses can be omitted in contexts where parentheses are present -anyway, such as subprogram arguments and pragma arguments. If the @strong{else} -clause is omitted, @strong{else} @emph{True} is assumed; +anyway, such as subprogram arguments and pragma arguments. If the `else' +clause is omitted, `else' `True' is assumed; thus @code{(if A then B)} is a way to conveniently represent -@emph{(A implies B)} in standard logic. +`(A implies B)' in standard logic. RM References: 4.03.03 (15) 4.04 (1) 4.04 (7) 4.05.07 (0) 4.07 (2) 4.07 (3) 4.09 (12) 4.09 (33) 5.03 (3) 5.03 (4) 7.05 (2.1/2) @@ -27620,7 +27620,7 @@ RM References: 4.03.03 (15) 4.04 (1) 4.04 (7) 4.05.07 (0) 4.07 (2) @itemize * @item -@emph{AI-0037 Out-of-range box associations in aggregate (0000-00-00)} +`AI-0037 Out-of-range box associations in aggregate (0000-00-00)' This AI confirms that an association of the form @code{Indx => <>} in an array aggregate must raise @code{Constraint_Error} if @code{Indx} @@ -27637,7 +27637,7 @@ RM References: 4.03.03 (29) @itemize * @item -@emph{AI-0123 Composability of equality (2010-04-13)} +`AI-0123 Composability of equality (2010-04-13)' Equality of untagged record composes, so that the predefined equality for a composite type that includes a component of some untagged record type @@ -27663,7 +27663,7 @@ RM References: 4.05.02 (9.7/2) 4.05.02 (14) 4.05.02 (15) 4.05.02 (24) @itemize * @item -@emph{AI-0088 The value of exponentiation (0000-00-00)} +`AI-0088 The value of exponentiation (0000-00-00)' This AI clarifies the equivalence rule given for the dynamic semantics of exponentiation: the value of the operation can be obtained by repeated @@ -27680,7 +27680,7 @@ RM References: 4.05.06 (11) @itemize * @item -@emph{AI-0188 Case expressions (2010-01-09)} +`AI-0188 Case expressions (2010-01-09)' Case expressions are permitted. This allows use of constructs such as: @@ -27697,11 +27697,11 @@ RM References: 4.05.07 (0) 4.05.08 (0) 4.09 (12) 4.09 (33) @itemize * @item -@emph{AI-0104 Null exclusion and uninitialized allocator (2010-07-15)} +`AI-0104 Null exclusion and uninitialized allocator (2010-07-15)' The assignment @code{Ptr := new not null Some_Ptr;} will raise @code{Constraint_Error} because the default value of the allocated object is -@strong{null}. This useless construct is illegal in Ada 2012. +`null'. This useless construct is illegal in Ada 2012. RM References: 4.08 (2) @end itemize @@ -27712,7 +27712,7 @@ RM References: 4.08 (2) @itemize * @item -@emph{AI-0157 Allocation/Deallocation from empty pool (2010-07-11)} +`AI-0157 Allocation/Deallocation from empty pool (2010-07-11)' Allocation and Deallocation from an empty storage pool (i.e. allocation or deallocation of a pointer for which a static storage size clause of zero @@ -27728,7 +27728,7 @@ RM References: 4.08 (5.3/2) 13.11.02 (4) 13.11.02 (17) @itemize * @item -@emph{AI-0179 Statement not required after label (2010-04-10)} +`AI-0179 Statement not required after label (2010-04-10)' It is not necessary to have a statement following a label, so a label can appear at the end of a statement sequence without the need for putting a @@ -27744,7 +27744,7 @@ RM References: 5.01 (2) @itemize * @item -@emph{AI-0139-2 Syntactic sugar for iterators (2010-09-29)} +`AI-0139-2 Syntactic sugar for iterators (2010-09-29)' The new syntax for iterating over arrays and containers is now implemented. Iteration over containers is for now limited to read-only iterators. Only @@ -27759,7 +27759,7 @@ RM References: 5.05 @itemize * @item -@emph{AI-0134 Profiles must match for full conformance (0000-00-00)} +`AI-0134 Profiles must match for full conformance (0000-00-00)' For full conformance, the profiles of anonymous-access-to-subprogram parameters must match. GNAT has always enforced this rule. @@ -27773,7 +27773,7 @@ RM References: 6.03.01 (18) @itemize * @item -@emph{AI-0207 Mode conformance and access constant (0000-00-00)} +`AI-0207 Mode conformance and access constant (0000-00-00)' This AI confirms that access_to_constant indication must match for mode conformance. This was implemented in GNAT when the qualifier was originally @@ -27788,7 +27788,7 @@ RM References: 6.03.01 (16/2) @itemize * @item -@emph{AI-0046 Null exclusion match for full conformance (2010-07-17)} +`AI-0046 Null exclusion match for full conformance (2010-07-17)' For full conformance, in the case of access parameters, the null exclusion must match (either both or neither must have @code{not null}). @@ -27802,7 +27802,7 @@ RM References: 6.03.02 (18) @itemize * @item -@emph{AI-0118 The association of parameter associations (0000-00-00)} +`AI-0118 The association of parameter associations (0000-00-00)' This AI clarifies the rules for named associations in subprogram calls and generic instantiations. The rules have been in place since Ada 83. @@ -27816,7 +27816,7 @@ RM References: 6.04.01 (2) 12.03 (9) @itemize * @item -@emph{AI-0196 Null exclusion tests for out parameters (0000-00-00)} +`AI-0196 Null exclusion tests for out parameters (0000-00-00)' Null exclusion checks are not made for @code{out} parameters when evaluating the actual parameters. GNAT has never generated these checks. @@ -27830,9 +27830,9 @@ RM References: 6.04.01 (13) @itemize * @item -@emph{AI-0015 Constant return objects (0000-00-00)} +`AI-0015 Constant return objects (0000-00-00)' -The return object declared in an @emph{extended_return_statement} may be +The return object declared in an `extended_return_statement' may be declared constant. This was always intended, and GNAT has always allowed it. RM References: 6.05 (2.1/2) 3.03 (10/2) 3.03 (21) 6.05 (5/2) @@ -27845,7 +27845,7 @@ RM References: 6.05 (2.1/2) 3.03 (10/2) 3.03 (21) 6.05 (5/2) @itemize * @item -@emph{AI-0032 Extended return for class-wide functions (0000-00-00)} +`AI-0032 Extended return for class-wide functions (0000-00-00)' If a function returns a class-wide type, the object of an extended return statement can be declared with a specific type that is covered by the class- @@ -27863,7 +27863,7 @@ RM References: 6.05 (5.2/2) 6.05 (5.3/2) 6.05 (5.6/2) 6.05 (5.8/2) @itemize * @item -@emph{AI-0103 Static matching for extended return (2010-07-23)} +`AI-0103 Static matching for extended return (2010-07-23)' If the return subtype of a function is an elementary type or a constrained type, the subtype indication in an extended return statement must match @@ -27878,7 +27878,7 @@ RM References: 6.05 (5.2/2) @itemize * @item -@emph{AI-0058 Abnormal completion of an extended return (0000-00-00)} +`AI-0058 Abnormal completion of an extended return (0000-00-00)' The RM had some incorrect wording implying wrong treatment of abnormal completion in an extended return. GNAT has always implemented the intended @@ -27893,7 +27893,7 @@ RM References: 6.05 (22/2) @itemize * @item -@emph{AI-0050 Raising Constraint_Error early for function call (0000-00-00)} +`AI-0050 Raising Constraint_Error early for function call (0000-00-00)' The implementation permissions for raising @code{Constraint_Error} early on a function call when it was clear an exception would be raised were over-permissive and allowed @@ -27909,7 +27909,7 @@ RM References: 6.05 (24/2) @itemize * @item -@emph{AI-0125 Nonoverridable operations of an ancestor (2010-09-28)} +`AI-0125 Nonoverridable operations of an ancestor (2010-09-28)' In Ada 2012, the declaration of a primitive operation of a type extension or private extension can also override an inherited primitive that is not @@ -27924,7 +27924,7 @@ RM References: 7.03.01 (6) 8.03 (23) 8.03.01 (5/2) 8.03.01 (6/2) @itemize * @item -@emph{AI-0062 Null exclusions and deferred constants (0000-00-00)} +`AI-0062 Null exclusions and deferred constants (0000-00-00)' A full constant may have a null exclusion even if its associated deferred constant does not. GNAT has always allowed this. @@ -27938,7 +27938,7 @@ RM References: 7.04 (6/2) 7.04 (7.1/2) @itemize * @item -@emph{AI-0178 Incomplete views are limited (0000-00-00)} +`AI-0178 Incomplete views are limited (0000-00-00)' This AI clarifies the role of incomplete views and plugs an omission in the RM. GNAT always correctly restricted the use of incomplete views and types. @@ -27952,7 +27952,7 @@ RM References: 7.05 (3/2) 7.05 (6/2) @itemize * @item -@emph{AI-0087 Actual for formal nonlimited derived type (2010-07-15)} +`AI-0087 Actual for formal nonlimited derived type (2010-07-15)' The actual for a formal nonlimited derived type cannot be limited. In particular, a formal derived type that extends a limited interface but which @@ -27967,7 +27967,7 @@ RM References: 7.05 (5/2) 12.05.01 (5.1/2) @itemize * @item -@emph{AI-0099 Tag determines whether finalization needed (0000-00-00)} +`AI-0099 Tag determines whether finalization needed (0000-00-00)' This AI clarifies that ‘needs finalization’ is part of dynamic semantics, and therefore depends on the run-time characteristics of an object (i.e. its @@ -27983,7 +27983,7 @@ RM References: 7.06.01 (6) 7.06.01 (7) 7.06.01 (8) 7.06.01 (9/2) @itemize * @item -@emph{AI-0064 Redundant finalization rule (0000-00-00)} +`AI-0064 Redundant finalization rule (0000-00-00)' This is an editorial change only. The intended behavior is already checked by an existing ACATS test, which GNAT has always executed correctly. @@ -27997,7 +27997,7 @@ RM References: 7.06.01 (17.1/1) @itemize * @item -@emph{AI-0026 Missing rules for Unchecked_Union (2010-07-07)} +`AI-0026 Missing rules for Unchecked_Union (2010-07-07)' Record representation clauses concerning Unchecked_Union types cannot mention the discriminant of the type. The type of a component declared in the variant @@ -28016,7 +28016,7 @@ RM References: 7.06 (9.4/2) B.03.03 (9/2) B.03.03 (10/2) @itemize * @item -@emph{AI-0205 Extended return declares visible name (0000-00-00)} +`AI-0205 Extended return declares visible name (0000-00-00)' This AI corrects a simple omission in the RM. Return objects have always been visible within an extended return statement. @@ -28030,7 +28030,7 @@ RM References: 8.03 (17) @itemize * @item -@emph{AI-0042 Overriding versus implemented-by (0000-00-00)} +`AI-0042 Overriding versus implemented-by (0000-00-00)' This AI fixes a wording gap in the RM. An operation of a synchronized interface can be implemented by a protected or task entry, but the abstract @@ -28047,7 +28047,7 @@ RM References: 9.01 (9.2/2) 9.04 (11.1/2) @itemize * @item -@emph{AI-0030 Requeue on synchronized interfaces (2010-07-19)} +`AI-0030 Requeue on synchronized interfaces (2010-07-19)' Requeue is permitted to a protected, synchronized or task interface primitive providing it is known that the overriding operation is an entry. Otherwise @@ -28066,7 +28066,7 @@ RM References: 9.05 (9) 9.05.04 (2) 9.05.04 (3) 9.05.04 (5) @itemize * @item -@emph{AI-0201 Independence of atomic object components (2010-07-22)} +`AI-0201 Independence of atomic object components (2010-07-22)' If an Atomic object has a pragma @code{Pack} or a @code{Component_Size} attribute, then individual components may not be addressable by independent @@ -28085,7 +28085,7 @@ RM References: 9.10 (1/3) C.06 (22/2) C.06 (23/2) @itemize * @item -@emph{AI-0009 Pragma Independent[_Components] (2010-07-23)} +`AI-0009 Pragma Independent[_Components] (2010-07-23)' This AI introduces the new pragmas @code{Independent} and @code{Independent_Components}, @@ -28102,7 +28102,7 @@ C.06 (4) C.06 (6) C.06 (9) C.06 (13) C.06 (14) @itemize * @item -@emph{AI-0072 Task signalling using ‘Terminated (0000-00-00)} +`AI-0072 Task signalling using ‘Terminated (0000-00-00)' This AI clarifies that task signalling for reading @code{'Terminated} only occurs if the result is True. GNAT semantics has always been consistent with @@ -28117,7 +28117,7 @@ RM References: 9.10 (6.1/1) @itemize * @item -@emph{AI-0108 Limited incomplete view and discriminants (0000-00-00)} +`AI-0108 Limited incomplete view and discriminants (0000-00-00)' This AI confirms that an incomplete type from a limited view does not have discriminants. This has always been the case in GNAT. @@ -28131,7 +28131,7 @@ RM References: 10.01.01 (12.3/2) @itemize * @item -@emph{AI-0129 Limited views and incomplete types (0000-00-00)} +`AI-0129 Limited views and incomplete types (0000-00-00)' This AI clarifies the description of limited views: a limited view of a package includes only one view of a type that has an incomplete declaration @@ -28148,7 +28148,7 @@ RM References: 10.01.01 (12.2/2) 10.01.01 (12.3/2) @itemize * @item -@emph{AI-0077 Limited withs and scope of declarations (0000-00-00)} +`AI-0077 Limited withs and scope of declarations (0000-00-00)' This AI clarifies that a declaration does not include a context clause, and confirms that it is illegal to have a context in which both a limited @@ -28164,7 +28164,7 @@ RM References: 10.01.02 (12/2) 10.01.02 (21/2) 10.01.02 (22/2) @itemize * @item -@emph{AI-0122 Private with and children of generics (0000-00-00)} +`AI-0122 Private with and children of generics (0000-00-00)' This AI clarifies the visibility of private children of generic units within instantiations of a parent. GNAT has always handled this correctly. @@ -28178,7 +28178,7 @@ RM References: 10.01.02 (12/2) @itemize * @item -@emph{AI-0040 Limited with clauses on descendant (0000-00-00)} +`AI-0040 Limited with clauses on descendant (0000-00-00)' This AI confirms that a limited with clause in a child unit cannot name an ancestor of the unit. This has always been checked in GNAT. @@ -28192,7 +28192,7 @@ RM References: 10.01.02 (20/2) @itemize * @item -@emph{AI-0132 Placement of library unit pragmas (0000-00-00)} +`AI-0132 Placement of library unit pragmas (0000-00-00)' This AI fills a gap in the description of library unit pragmas. The pragma clearly must apply to a library unit, even if it does not carry the name @@ -28207,7 +28207,7 @@ RM References: 10.01.05 (7) @itemize * @item -@emph{AI-0034 Categorization of limited views (0000-00-00)} +`AI-0034 Categorization of limited views (0000-00-00)' The RM makes certain limited with clauses illegal because of categorization considerations, when the corresponding normal with would be legal. This is @@ -28222,7 +28222,7 @@ RM References: 10.02.01 (11/1) 10.02.01 (17/2) @itemize * @item -@emph{AI-0035 Inconsistencies with Pure units (0000-00-00)} +`AI-0035 Inconsistencies with Pure units (0000-00-00)' This AI remedies some inconsistencies in the legality rules for Pure units. Derived access types are legal in a pure unit (on the assumption that the @@ -28239,7 +28239,7 @@ RM References: 10.02.01 (15.1/2) 10.02.01 (15.4/2) 10.02.01 (15.5/2) 10.0 @itemize * @item -@emph{AI-0219 Pure permissions and limited parameters (2010-05-25)} +`AI-0219 Pure permissions and limited parameters (2010-05-25)' This AI refines the rules for the cases with limited parameters which do not allow the implementations to omit ‘redundant’. GNAT now properly conforms @@ -28254,7 +28254,7 @@ RM References: 10.02.01 (18/2) @itemize * @item -@emph{AI-0043 Rules about raising exceptions (0000-00-00)} +`AI-0043 Rules about raising exceptions (0000-00-00)' This AI covers various omissions in the RM regarding the raising of exceptions. GNAT has always implemented the intended semantics. @@ -28268,7 +28268,7 @@ RM References: 11.04.01 (10.1/2) 11 (2) @itemize * @item -@emph{AI-0200 Mismatches in formal package declarations (0000-00-00)} +`AI-0200 Mismatches in formal package declarations (0000-00-00)' This AI plugs a gap in the RM which appeared to allow some obviously intended illegal instantiations. GNAT has never allowed these instantiations. @@ -28282,7 +28282,7 @@ RM References: 12.07 (16) @itemize * @item -@emph{AI-0112 Detection of duplicate pragmas (2010-07-24)} +`AI-0112 Detection of duplicate pragmas (2010-07-24)' This AI concerns giving names to various representation aspects, but the practical effect is simply to make the use of duplicate @@ -28300,7 +28300,7 @@ RM References: 13.01 (8) @itemize * @item -@emph{AI-0106 No representation pragmas on generic formals (0000-00-00)} +`AI-0106 No representation pragmas on generic formals (0000-00-00)' The RM appeared to allow representation pragmas on generic formal parameters, but this was not intended, and GNAT has never permitted this usage. @@ -28314,7 +28314,7 @@ RM References: 13.01 (9.1/1) @itemize * @item -@emph{AI-0012 Pack/Component_Size for aliased/atomic (2010-07-15)} +`AI-0012 Pack/Component_Size for aliased/atomic (2010-07-15)' It is now illegal to give an inappropriate component size or a pragma @code{Pack} that attempts to change the component size in the case of atomic @@ -28330,7 +28330,7 @@ RM References: 13.02 (6.1/2) 13.02 (7) C.06 (10) C.06 (11) C.06 (21) @itemize * @item -@emph{AI-0039 Stream attributes cannot be dynamic (0000-00-00)} +`AI-0039 Stream attributes cannot be dynamic (0000-00-00)' The RM permitted the use of dynamic expressions (such as @code{ptr.all})` for stream attributes, but these were never useful and are now illegal. GNAT @@ -28345,7 +28345,7 @@ RM References: 13.03 (4) 13.03 (6) 13.13.02 (38/2) @itemize * @item -@emph{AI-0095 Address of intrinsic subprograms (0000-00-00)} +`AI-0095 Address of intrinsic subprograms (0000-00-00)' The prefix of @code{'Address} cannot statically denote a subprogram with convention @code{Intrinsic}. The use of the @code{Address} attribute raises @@ -28361,7 +28361,7 @@ RM References: 13.03 (11/1) @itemize * @item -@emph{AI-0116 Alignment of class-wide objects (0000-00-00)} +`AI-0116 Alignment of class-wide objects (0000-00-00)' This AI requires that the alignment of a class-wide object be no greater than the alignment of any type in the class. GNAT has always followed this @@ -28376,7 +28376,7 @@ RM References: 13.03 (29) 13.11 (16) @itemize * @item -@emph{AI-0146 Type invariants (2009-09-21)} +`AI-0146 Type invariants (2009-09-21)' Type invariants may be specified for private types using the aspect notation. Aspect @code{Type_Invariant} may be specified for any private type, @@ -28385,7 +28385,7 @@ only be specified for tagged types, and is inherited by any descendent of the tagged types. The invariant is a boolean expression that is tested for being true in the following situations: conversions to the private type, object declarations for the private type that are default initialized, and -[@strong{in}] @strong{out} +[`in'] `out' parameters and returned result on return from any primitive operation for the type that is visible to a client. GNAT defines the synonyms @code{Invariant} for @code{Type_Invariant} and @@ -28400,7 +28400,7 @@ RM References: 13.03.03 (00) @itemize * @item -@emph{AI-0078 Relax Unchecked_Conversion alignment rules (0000-00-00)} +`AI-0078 Relax Unchecked_Conversion alignment rules (0000-00-00)' In Ada 2012, compilers are required to support unchecked conversion where the target alignment is a multiple of the source alignment. GNAT always supported @@ -28416,7 +28416,7 @@ RM References: 13.09 (7) @itemize * @item -@emph{AI-0195 Invalid value handling is implementation defined (2010-07-03)} +`AI-0195 Invalid value handling is implementation defined (2010-07-03)' The handling of invalid values is now designated to be implementation defined. This is a documentation change only, requiring Annex M in the GNAT @@ -28436,7 +28436,7 @@ RM References: 13.09.01 (10) @itemize * @item -@emph{AI-0193 Alignment of allocators (2010-09-16)} +`AI-0193 Alignment of allocators (2010-09-16)' This AI introduces a new attribute @code{Max_Alignment_For_Allocation}, analogous to @code{Max_Size_In_Storage_Elements}, but for alignment instead @@ -28452,7 +28452,7 @@ RM References: 13.11 (16) 13.11 (21) 13.11.01 (0) 13.11.01 (1) @itemize * @item -@emph{AI-0177 Parameterized expressions (2010-07-10)} +`AI-0177 Parameterized expressions (2010-07-10)' The new Ada 2012 notion of parameterized expressions is implemented. The form is: @@ -28474,7 +28474,7 @@ RM References: 13.11.01 (3/2) @itemize * @item -@emph{AI-0033 Attach/Interrupt_Handler in generic (2010-07-24)} +`AI-0033 Attach/Interrupt_Handler in generic (2010-07-24)' Neither of these two pragmas may appear within a generic template, because the generic might be instantiated at other than the library level. @@ -28488,7 +28488,7 @@ RM References: 13.11.02 (16) C.03.01 (7/2) C.03.01 (8/2) @itemize * @item -@emph{AI-0161 Restriction No_Default_Stream_Attributes (2010-09-11)} +`AI-0161 Restriction No_Default_Stream_Attributes (2010-09-11)' A new restriction @code{No_Default_Stream_Attributes} prevents the use of any of the default stream attributes for elementary types. If this restriction is @@ -28504,7 +28504,7 @@ RM References: 13.12.01 (4/2) 13.13.02 (40/2) 13.13.02 (52/2) @itemize * @item -@emph{AI-0194 Value of Stream_Size attribute (0000-00-00)} +`AI-0194 Value of Stream_Size attribute (0000-00-00)' The @code{Stream_Size} attribute returns the default number of bits in the stream representation of the given type. @@ -28521,7 +28521,7 @@ RM References: 13.13.02 (1.2/2) @itemize * @item -@emph{AI-0109 Redundant check in S’Class’Input (0000-00-00)} +`AI-0109 Redundant check in S’Class’Input (0000-00-00)' This AI is an editorial change only. It removes the need for a tag check that can never fail. @@ -28535,7 +28535,7 @@ RM References: 13.13.02 (34/2) @itemize * @item -@emph{AI-0007 Stream read and private scalar types (0000-00-00)} +`AI-0007 Stream read and private scalar types (0000-00-00)' The RM as written appeared to limit the possibilities of declaring read attribute procedures for private scalar types. This limitation was not @@ -28550,7 +28550,7 @@ RM References: 13.13.02 (50/2) 13.13.02 (51/2) @itemize * @item -@emph{AI-0065 Remote access types and external streaming (0000-00-00)} +`AI-0065 Remote access types and external streaming (0000-00-00)' This AI clarifies the fact that all remote access types support external streaming. This fixes an obvious oversight in the definition of the @@ -28565,7 +28565,7 @@ RM References: 13.13.02 (52/2) @itemize * @item -@emph{AI-0019 Freezing of primitives for tagged types (0000-00-00)} +`AI-0019 Freezing of primitives for tagged types (0000-00-00)' The RM suggests that primitive subprograms of a specific tagged type are frozen when the tagged type is frozen. This would be an incompatible change @@ -28581,7 +28581,7 @@ RM References: 13.14 (2) 13.14 (3/1) 13.14 (8.1/1) 13.14 (10) 13.14 (14 @itemize * @item -@emph{AI-0017 Freezing and incomplete types (0000-00-00)} +`AI-0017 Freezing and incomplete types (0000-00-00)' So-called ‘Taft-amendment types’ (i.e., types that are completed in package bodies) are not frozen by the occurrence of bodies in the @@ -28596,7 +28596,7 @@ RM References: 13.14 (3/1) @itemize * @item -@emph{AI-0060 Extended definition of remote access types (0000-00-00)} +`AI-0060 Extended definition of remote access types (0000-00-00)' This AI extends the definition of remote access types to include access to limited, synchronized, protected or task class-wide interface types. @@ -28611,7 +28611,7 @@ RM References: A (4) E.02.02 (9/1) E.02.02 (9.2/1) E.02.02 (14/2) E.02. @itemize * @item -@emph{AI-0114 Classification of letters (0000-00-00)} +`AI-0114 Classification of letters (0000-00-00)' The code points 170 (@code{FEMININE ORDINAL INDICATOR}), 181 (@code{MICRO SIGN}), and @@ -28630,7 +28630,7 @@ RM References: A.03.02 (59) A.04.06 (7) @itemize * @item -@emph{AI-0185 Ada.Wide_[Wide_]Characters.Handling (2010-07-06)} +`AI-0185 Ada.Wide_[Wide_]Characters.Handling (2010-07-06)' Two new packages @code{Ada.Wide_[Wide_]Characters.Handling} provide classification functions for @code{Wide_Character} and @@ -28647,7 +28647,7 @@ RM References: A.03.05 (0) A.03.06 (0) @itemize * @item -@emph{AI-0031 Add From parameter to Find_Token (2010-07-25)} +`AI-0031 Add From parameter to Find_Token (2010-07-25)' A new version of @code{Find_Token} is added to all relevant string packages, with an extra parameter @code{From}. Instead of starting at the first @@ -28667,7 +28667,7 @@ A.04.05 (46) @itemize * @item -@emph{AI-0056 Index on null string returns zero (0000-00-00)} +`AI-0056 Index on null string returns zero (0000-00-00)' The wording in the Ada 2005 RM implied an incompatible handling of the @code{Index} functions, resulting in raising an exception instead of @@ -28684,7 +28684,7 @@ RM References: A.04.03 (56.2/2) A.04.03 (58.5/2) @itemize * @item -@emph{AI-0137 String encoding package (2010-03-25)} +`AI-0137 String encoding package (2010-03-25)' The packages @code{Ada.Strings.UTF_Encoding}, together with its child packages, @code{Conversions}, @code{Strings}, @code{Wide_Strings}, @@ -28710,7 +28710,7 @@ RM References: A.04.11 @itemize * @item -@emph{AI-0038 Minor errors in Text_IO (0000-00-00)} +`AI-0038 Minor errors in Text_IO (0000-00-00)' These are minor errors in the description on three points. The intent on all these points has always been clear, and GNAT has always implemented the @@ -28725,7 +28725,7 @@ RM References: A.10.05 (37) A.10.07 (8/1) A.10.07 (10) A.10.07 (12) A.1 @itemize * @item -@emph{AI-0044 Restrictions on container instantiations (0000-00-00)} +`AI-0044 Restrictions on container instantiations (0000-00-00)' This AI places restrictions on allowed instantiations of generic containers. These restrictions are not checked by the compiler, so there is nothing to @@ -28740,7 +28740,7 @@ RM References: A.18 (4/2) A.18.02 (231/2) A.18.03 (145/2) A.18.06 (56/2) @itemize * @item -@emph{AI-0127 Adding Locale Capabilities (2010-09-29)} +`AI-0127 Adding Locale Capabilities (2010-09-29)' This package provides an interface for identifying the current locale. @@ -28754,7 +28754,7 @@ A.19.07 A.19.08 A.19.09 A.19.10 A.19.11 A.19.12 A.19.13 @itemize * @item -@emph{AI-0002 Export C with unconstrained arrays (0000-00-00)} +`AI-0002 Export C with unconstrained arrays (0000-00-00)' The compiler is not required to support exporting an Ada subprogram with convention C if there are parameters or a return type of an unconstrained @@ -28772,7 +28772,7 @@ RM References: B.01 (17) B.03 (62) B.03 (71.1/2) @itemize * @item -@emph{AI-0216 No_Task_Hierarchy forbids local tasks (0000-00-00)} +`AI-0216 No_Task_Hierarchy forbids local tasks (0000-00-00)' It is clearly the intention that @code{No_Task_Hierarchy} is intended to forbid tasks declared locally within subprograms, or functions returning task @@ -28789,7 +28789,7 @@ RM References: D.07 (3/3) @itemize * @item -@emph{AI-0211 No_Relative_Delays forbids Set_Handler use (2010-07-09)} +`AI-0211 No_Relative_Delays forbids Set_Handler use (2010-07-09)' The restriction @code{No_Relative_Delays} forbids any calls to the subprogram @code{Ada.Real_Time.Timing_Events.Set_Handler}. @@ -28803,12 +28803,12 @@ RM References: D.07 (5) D.07 (10/2) D.07 (10.4/2) D.07 (10.7/2) @itemize * @item -@emph{AI-0190 pragma Default_Storage_Pool (2010-09-15)} +`AI-0190 pragma Default_Storage_Pool (2010-09-15)' This AI introduces a new pragma @code{Default_Storage_Pool}, which can be used to control storage pools globally. In particular, you can force every access -type that is used for allocation (@strong{new}) to have an explicit storage pool, +type that is used for allocation (`new') to have an explicit storage pool, or you can declare a pool globally to be used for all access types that lack an explicit one. @@ -28821,7 +28821,7 @@ RM References: D.07 (8) @itemize * @item -@emph{AI-0189 No_Allocators_After_Elaboration (2010-01-23)} +`AI-0189 No_Allocators_After_Elaboration (2010-01-23)' This AI introduces a new restriction @code{No_Allocators_After_Elaboration}, which says that no dynamic allocation will occur once elaboration is @@ -28840,7 +28840,7 @@ RM References: D.07 (19.1/2) H.04 (23.3/2) @itemize * @item -@emph{AI-0171 Pragma CPU and Ravenscar Profile (2010-09-24)} +`AI-0171 Pragma CPU and Ravenscar Profile (2010-09-24)' A new package @code{System.Multiprocessors} is added, together with the definition of pragma @code{CPU} for controlling task affinity. A new no @@ -28856,7 +28856,7 @@ RM References: D.13.01 (4/2) D.16 @itemize * @item -@emph{AI-0210 Correct Timing_Events metric (0000-00-00)} +`AI-0210 Correct Timing_Events metric (0000-00-00)' This is a documentation only issue regarding wording of metric requirements, that does not affect the implementation of the compiler. @@ -28870,7 +28870,7 @@ RM References: D.15 (24/2) @itemize * @item -@emph{AI-0206 Remote types packages and preelaborate (2010-07-24)} +`AI-0206 Remote types packages and preelaborate (2010-07-24)' Remote types packages are now allowed to depend on preelaborated packages. This was formerly considered illegal. @@ -28884,7 +28884,7 @@ RM References: E.02.02 (6) @itemize * @item -@emph{AI-0152 Restriction No_Anonymous_Allocators (2010-09-08)} +`AI-0152 Restriction No_Anonymous_Allocators (2010-09-08)' Restriction @code{No_Anonymous_Allocators} prevents the use of allocators where the type of the returned value is an anonymous access type. @@ -28922,7 +28922,7 @@ change. GNAT can generate code to zero-out hardware registers before returning from a subprogram. -It can be enabled with the @code{-fzero-call-used-regs=@emph{choice}} +It can be enabled with the @code{-fzero-call-used-regs=`choice'} command-line option, to affect all subprograms in a compilation, and with a @code{Machine_Attribute} pragma, to affect only specific subprograms. @@ -28976,7 +28976,7 @@ pragma Machine_Attribute (Var, "strub"); -- scrubbing of the stack space used by that subprogram. @end example -There are also @code{-fstrub=@emph{choice}} command-line options to +There are also @code{-fstrub=`choice'} command-line options to control default settings. For usage and more details on the command-line options, on the @code{strub} attribute, and their use with other programming languages, see @cite{Using the GNU Compiler Collection (GCC)}. @@ -29447,7 +29447,7 @@ Ada 95 and later versions of the standard: @itemize * @item -@emph{Character literals} +`Character literals' Some uses of character literals are ambiguous. Since Ada 95 has introduced @code{Wide_Character} as a new predefined character type, some uses of @@ -29467,7 +29467,7 @@ for Char in Character range 'A' .. 'Z' loop ... end loop; @end example @item -@emph{New reserved words} +`New reserved words' The identifiers @code{abstract}, @code{aliased}, @code{protected}, @code{requeue}, @code{tagged}, and @code{until} are reserved in Ada 95. @@ -29475,7 +29475,7 @@ Existing Ada 83 code using any of these identifiers must be edited to use some alternative name. @item -@emph{Freezing rules} +`Freezing rules' The rules in Ada 95 are slightly different with regard to the point at which entities are frozen, and representation pragmas and clauses are @@ -29489,7 +29489,7 @@ cannot be applied to a subprogram body. If necessary, a separate subprogram declaration must be introduced to which the pragma can be applied. @item -@emph{Optional bodies for library packages} +`Optional bodies for library packages' In Ada 83, a package that did not require a package body was nevertheless allowed to have one. This lead to certain surprises in compiling large @@ -29506,7 +29506,7 @@ circularities) is to add an @code{Elaborate_Body} pragma to the package spec, since one effect of this pragma is to require the presence of a package body. @item -@emph{Numeric_Error is the same exception as Constraint_Error} +`Numeric_Error is the same exception as Constraint_Error' In Ada 95, the exception @code{Numeric_Error} is a renaming of @code{Constraint_Error}. This means that it is illegal to have separate exception handlers for @@ -29515,7 +29515,7 @@ the two exceptions. The fix is simply to remove the handler for the @code{Constraint_Error} in place of @code{Numeric_Error} in all cases). @item -@emph{Indefinite subtypes in generics} +`Indefinite subtypes in generics' In Ada 83, it was permissible to pass an indefinite type (e.g, @code{String}) as the actual for a generic formal private type, but then the instantiation @@ -29544,7 +29544,7 @@ the fix is usually simply to add the @code{(<>)} to the generic declaration. @itemize * @item -@emph{Conversions} +`Conversions' Conversions from real types to integer types round away from 0. In Ada 83 the conversion Integer(2.5) could deliver either 2 or 3 as its value. This @@ -29556,7 +29556,7 @@ Note, though, that this issue is no worse than already existed in Ada 83 when porting code from one vendor to another. @item -@emph{Tasking} +`Tasking' The Real-Time Annex introduces a set of policies that define the behavior of features that were implementation dependent in Ada 83, such as the order in @@ -29583,7 +29583,7 @@ situation that you should be alert to is the change in the predefined type @itemize * @item -@emph{Range of type `@w{`}Character`@w{`}} +`Range of type `@w{`}Character`@w{`}' The range of @code{Standard.Character} is now the full 256 characters of Latin-1, whereas in most Ada 83 implementations it was restricted @@ -29614,7 +29614,7 @@ covers only the restricted range. @itemize * @item -@emph{-gnat83} switch +`-gnat83' switch All implementations of GNAT provide a switch that causes GNAT to operate in Ada 83 mode. In this mode, some but not all compatibility problems @@ -29655,7 +29655,7 @@ for a complete description please see the @itemize * @item -@emph{New reserved words.} +`New reserved words.' The words @code{interface}, @code{overriding} and @code{synchronized} are reserved in Ada 2005. @@ -29663,7 +29663,7 @@ A pre-Ada 2005 program that uses any of these as an identifier will be illegal. @item -@emph{New declarations in predefined packages.} +`New declarations in predefined packages.' A number of packages in the predefined environment contain new declarations: @code{Ada.Exceptions}, @code{Ada.Real_Time}, @code{Ada.Strings}, @@ -29675,26 +29675,26 @@ If an Ada 95 program does a @code{with} and @code{use} of any of these packages, the new declarations may cause name clashes. @item -@emph{Access parameters.} +`Access parameters.' A nondispatching subprogram with an access parameter cannot be renamed as a dispatching operation. This was permitted in Ada 95. @item -@emph{Access types, discriminants, and constraints.} +`Access types, discriminants, and constraints.' Rule changes in this area have led to some incompatibilities; for example, constrained subtypes of some access types are not permitted in Ada 2005. @item -@emph{Aggregates for limited types.} +`Aggregates for limited types.' The allowance of aggregates for limited types in Ada 2005 raises the possibility of ambiguities in legal Ada 95 programs, since additional types now need to be considered in expression resolution. @item -@emph{Fixed-point multiplication and division.} +`Fixed-point multiplication and division.' Certain expressions involving ‘*’ or ‘/’ for a fixed-point type, which were legal in Ada 95 and invoked the predefined versions of these operations, @@ -29704,7 +29704,7 @@ expression, or by explicitly invoking the operation from package @code{Standard}. @item -@emph{Return-by-reference types.} +`Return-by-reference types.' The Ada 95 return-by-reference mechanism has been removed. Instead, the user can declare a function returning a value from an anonymous access type. @@ -29813,7 +29813,7 @@ elaboration problems) by implicitly inserting @code{Elaborate} or @code{Elaborate_All} pragmas where needed. However, this can lead to the creation of elaboration circularities and a resulting rejection of the program by gnatbind. This issue is -thoroughly described in the @emph{Elaboration Order Handling in GNAT} appendix +thoroughly described in the `Elaboration Order Handling in GNAT' appendix in the @cite{GNAT User’s Guide}. In brief, there are several ways to deal with this situation: @@ -29829,7 +29829,7 @@ elaboration-time code into explicitly-invoked procedures Constrain the elaboration order by including explicit @code{Elaborate_Body} or @code{Elaborate} pragmas, and then inhibit the generation of implicit @code{Elaborate_All} -pragmas either globally (as an effect of the @emph{-gnatE} switch) or locally +pragmas either globally (as an effect of the `-gnatE' switch) or locally (by selectively suppressing elaboration checks via pragma @code{Suppress(Elaboration_Check)} when it is safe to do so). @end itemize @@ -29869,7 +29869,7 @@ when other compilers appear.) @itemize * @item -@emph{Ada 83 Pragmas and Attributes} +`Ada 83 Pragmas and Attributes' Ada 95 compilers are allowed, but not required, to implement the missing Ada 83 pragmas and attributes that are no longer defined in Ada 95. @@ -29878,7 +29878,7 @@ a compatibility concern, but some other Ada 95 compilers reject these pragmas and attributes. @item -@emph{Specialized Needs Annexes} +`Specialized Needs Annexes' GNAT implements the full set of special needs annexes. At the current time, it is the only Ada 95 compiler to do so. This means that @@ -29886,7 +29886,7 @@ programs making use of these features may not be portable to other Ada 95 compilation systems. @item -@emph{Representation Clauses} +`Representation Clauses' Some other Ada 95 compilers implement only the minimal set of representation clauses required by the Ada 95 reference manual. GNAT goes @@ -29918,7 +29918,7 @@ the cases most likely to arise in existing Ada 83 code. @itemize * @item -@emph{Implicit Packing} +`Implicit Packing' Some Ada 83 compilers allowed a Size specification to cause implicit packing of an array or record. This could cause expensive implicit @@ -29934,7 +29934,7 @@ the explicit pragma @code{Pack}, or for more fine tuned control, provide a Component_Size clause. @item -@emph{Meaning of Size Attribute} +`Meaning of Size Attribute' The Size attribute in Ada 95 (and Ada 2005) for discrete types is defined as the minimal number of bits required to hold values of the type. For example, @@ -29947,7 +29947,7 @@ Object_Size can provide a useful way of duplicating the behavior of some Ada 83 compiler systems. @item -@emph{Size of Access Types} +`Size of Access Types' A common assumption in Ada 83 code is that an access type is in fact a pointer, and that therefore it will be the same size as a System.Address value. This @@ -30000,13 +30000,13 @@ applicable to GNAT. @itemize * @item -@emph{Default floating-point representation} +`Default floating-point representation' In GNAT, the default floating-point format is IEEE, whereas in HP Ada 83, it is VMS format. @item -@emph{System} +`System' the package System in GNAT exactly corresponds to the definition in the Ada 95 reference manual, which means that it excludes many of the @@ -30029,7 +30029,7 @@ Copyright 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. -@strong{Preamble} +`Preamble' The purpose of this License is to make a manual, textbook, or other functional and useful document “free” in the sense of freedom: to @@ -30052,23 +30052,23 @@ it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. -@strong{1. APPLICABILITY AND DEFINITIONS} +`1. APPLICABILITY AND DEFINITIONS' This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that -work under the conditions stated herein. The @strong{Document}, below, +work under the conditions stated herein. The `Document', below, refers to any such manual or work. Any member of the public is a -licensee, and is addressed as “@strong{you}”. You accept the license if you +licensee, and is addressed as “`you'”. You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. -A “@strong{Modified Version}” of the Document means any work containing the +A “`Modified Version'” of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. -A “@strong{Secondary Section}” is a named appendix or a front-matter section of +A “`Secondary Section'” is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document’s overall subject (or to related matters) and contains nothing that could fall directly @@ -30079,7 +30079,7 @@ connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. -The “@strong{Invariant Sections}” are certain Secondary Sections whose titles +The “`Invariant Sections'” are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not @@ -30087,12 +30087,12 @@ allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. -The “@strong{Cover Texts}” are certain short passages of text that are listed, +The “`Cover Texts'” are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. -A “@strong{Transparent}” copy of the Document means a machine-readable copy, +A “`Transparent'” copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of @@ -30103,7 +30103,7 @@ to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount -of text. A copy that is not “Transparent” is called @strong{Opaque}. +of text. A copy that is not “Transparent” is called `Opaque'. Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML @@ -30116,22 +30116,22 @@ processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. -The “@strong{Title Page}” means, for a printed book, the title page itself, +The “`Title Page'” means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, “Title Page” means the text near the most prominent appearance of the work’s title, preceding the beginning of the body of the text. -The “@strong{publisher}” means any person or entity that distributes +The “`publisher'” means any person or entity that distributes copies of the Document to the public. -A section “@strong{Entitled XYZ}” means a named subunit of the Document whose +A section “`Entitled XYZ'” means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a -specific section name mentioned below, such as “@strong{Acknowledgements}”, -“@strong{Dedications}”, “@strong{Endorsements}”, or “@strong{History}”.) -To “@strong{Preserve the Title}” +specific section name mentioned below, such as “`Acknowledgements'”, +“`Dedications'”, “`Endorsements'”, or “`History'”.) +To “`Preserve the Title'” of such a section when you modify the Document means that it remains a section “Entitled XYZ” according to this definition. @@ -30142,7 +30142,7 @@ License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. -@strong{2. VERBATIM COPYING} +`2. VERBATIM COPYING' You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the @@ -30157,7 +30157,7 @@ number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. -@strong{3. COPYING IN QUANTITY} +`3. COPYING IN QUANTITY' If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the @@ -30194,7 +30194,7 @@ It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. -@strong{4. MODIFICATIONS} +`4. MODIFICATIONS' You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release @@ -30311,7 +30311,7 @@ The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. -@strong{5. COMBINING DOCUMENTS} +`5. COMBINING DOCUMENTS' You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified @@ -30335,7 +30335,7 @@ in the various original documents, forming one section Entitled and any sections Entitled “Dedications”. You must delete all sections Entitled “Endorsements”. -@strong{6. COLLECTIONS OF DOCUMENTS} +`6. COLLECTIONS OF DOCUMENTS' You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this @@ -30348,7 +30348,7 @@ it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. -@strong{7. AGGREGATION WITH INDEPENDENT WORKS} +`7. AGGREGATION WITH INDEPENDENT WORKS' A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or @@ -30367,7 +30367,7 @@ electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. -@strong{8. TRANSLATION} +`8. TRANSLATION' Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. @@ -30387,7 +30387,7 @@ If a section in the Document is Entitled “Acknowledgements”, its Title (section 1) will typically require changing the actual title. -@strong{9. TERMINATION} +`9. TERMINATION' You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt @@ -30414,7 +30414,7 @@ this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. -@strong{10. FUTURE REVISIONS OF THIS LICENSE} +`10. FUTURE REVISIONS OF THIS LICENSE' The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new @@ -30435,7 +30435,7 @@ License can be used, that proxy’s public statement of acceptance of a version permanently authorizes you to choose that version for the Document. -@strong{11. RELICENSING} +`11. RELICENSING' “Massive Multiauthor Collaboration Site” (or “MMC Site”) means any World Wide Web server that publishes copyrightable works and also @@ -30464,7 +30464,7 @@ The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. -@strong{ADDENDUM: How to use this License for your documents} +`ADDENDUM: How to use this License for your documents' To use this License in a document you have written, include a copy of the License in the document and put the following copyright and diff --git a/gcc/ada/gnat_ugn.texi b/gcc/ada/gnat_ugn.texi index 64ebd95..e1a4192 100644 --- a/gcc/ada/gnat_ugn.texi +++ b/gcc/ada/gnat_ugn.texi @@ -3,7 +3,7 @@ @setfilename gnat_ugn.info @documentencoding UTF-8 @ifinfo -@*Generated by Sphinx 4.3.1.@* +@*Generated by Sphinx 5.1.1.@* @end ifinfo @settitle GNAT User's Guide for Native Platforms @defindex ge @@ -15,13 +15,11 @@ * gnat_ugn: (gnat_ugn.info). gnat_ugn @end direntry -@definfoenclose strong,`,' -@definfoenclose emph,`,' @c %**end of header @copying @quotation -GNAT User's Guide for Native Platforms , Jul 11, 2022 +GNAT User's Guide for Native Platforms , Aug 25, 2022 AdaCore @@ -48,7 +46,7 @@ Copyright @copyright{} 2008-2022, Free Software Foundation @c %**start of body @anchor{gnat_ugn doc}@anchor{0} -@emph{GNAT, The GNU Ada Development Environment} +`GNAT, The GNU Ada Development Environment' @include gcc-common.texi @@ -705,7 +703,7 @@ and @code{classes}. @code{Variables} @item -@emph{Emphasis} +`Emphasis' @item [optional information or parameters] @@ -939,15 +937,15 @@ following three separate files: @table @asis -@item @emph{greetings.ads} +@item `greetings.ads' spec of package @code{Greetings} -@item @emph{greetings.adb} +@item `greetings.adb' body of package @code{Greetings} -@item @emph{gmain.adb} +@item `gmain.adb' body of main program @end table @@ -1175,8 +1173,8 @@ code is used to represent the end of file. Each file contains a single Ada compilation unit, including any pragmas associated with the unit. For example, this means you must place a -package declaration (a package @emph{spec}) and the corresponding body in -separate files. An Ada @emph{compilation} (which is a sequence of +package declaration (a package `spec') and the corresponding body in +separate files. An Ada `compilation' (which is a sequence of compilation units) is represented using a sequence of files. Similarly, you will place each subunit or child unit in a separate file. @@ -1234,7 +1232,7 @@ GNAT also supports several other 8-bit coding schemes: @table @asis -@item @emph{ISO 8859-2 (Latin-2)} +@item `ISO 8859-2 (Latin-2)' Latin-2 letters allowed in identifiers, with uppercase and lowercase equivalence. @@ -1247,7 +1245,7 @@ equivalence. @table @asis -@item @emph{ISO 8859-3 (Latin-3)} +@item `ISO 8859-3 (Latin-3)' Latin-3 letters allowed in identifiers, with uppercase and lowercase equivalence. @@ -1260,7 +1258,7 @@ equivalence. @table @asis -@item @emph{ISO 8859-4 (Latin-4)} +@item `ISO 8859-4 (Latin-4)' Latin-4 letters allowed in identifiers, with uppercase and lowercase equivalence. @@ -1273,7 +1271,7 @@ equivalence. @table @asis -@item @emph{ISO 8859-5 (Cyrillic)} +@item `ISO 8859-5 (Cyrillic)' ISO 8859-5 letters (Cyrillic) allowed in identifiers, with uppercase and lowercase equivalence. @@ -1286,7 +1284,7 @@ lowercase equivalence. @table @asis -@item @emph{ISO 8859-15 (Latin-9)} +@item `ISO 8859-15 (Latin-9)' ISO 8859-15 (Latin-9) letters allowed in identifiers, with uppercase and lowercase equivalence @@ -1297,7 +1295,7 @@ lowercase equivalence @table @asis -@item @emph{IBM PC (code page 437)} +@item `IBM PC (code page 437)' This code page is the normal default for PCs in the U.S. It corresponds to the original IBM PC character set. This set has some, but not all, of @@ -1311,14 +1309,14 @@ identifiers with uppercase and lowercase equivalence. @table @asis -@item @emph{IBM PC (code page 850)} +@item `IBM PC (code page 850)' This code page is a modification of 437 extended to include all the Latin-1 letters, but still not with the usual Latin-1 encoding. In this mode, all these letters are allowed in identifiers with uppercase and lowercase equivalence. -@item @emph{Full Upper 8-bit} +@item `Full Upper 8-bit' Any character in the range 80-FF allowed in identifiers, and all are considered distinct. In other words, there are no uppercase and lowercase @@ -1326,7 +1324,7 @@ equivalences in this range. This is useful in conjunction with certain encoding schemes used for some foreign character sets (e.g., the typical method of representing Chinese characters on the PC). -@item @emph{No Upper-Half} +@item `No Upper-Half' No upper-half characters in the range 80-FF are allowed in identifiers. This gives Ada 83 compatibility for identifier names. @@ -1349,7 +1347,7 @@ possible encoding schemes: @table @asis -@item @emph{Hex Coding} +@item `Hex Coding' In this encoding, a wide character is represented by the following five character sequence: @@ -1364,7 +1362,7 @@ example, ESC A345 is used to represent the wide character with code @code{16#A345#}. This scheme is compatible with use of the full Wide_Character set. -@item @emph{Upper-Half Coding} +@item `Upper-Half Coding' @geindex Upper-Half Coding @@ -1375,7 +1373,7 @@ character, but is not required to be in the upper half. This method can be also used for shift-JIS or EUC, where the internal coding matches the external coding. -@item @emph{Shift JIS Coding} +@item `Shift JIS Coding' @geindex Shift JIS Coding @@ -1387,7 +1385,7 @@ character according to the standard algorithm for Shift-JIS conversion. Only characters defined in the JIS code set table can be used with this encoding method. -@item @emph{EUC Coding} +@item `EUC Coding' @geindex EUC Coding @@ -1398,7 +1396,7 @@ character code is the corresponding JIS character according to the EUC encoding algorithm. Only characters defined in the JIS code set table can be used with this encoding method. -@item @emph{UTF-8 Coding} +@item `UTF-8 Coding' A wide character is represented using UCS Transformation Format 8 (UTF-8) as defined in Annex R of ISO @@ -1419,7 +1417,7 @@ other wide characters are represented as sequences of upper-half 6-byte sequences, and in the following section on wide wide characters, the use of these sequences is documented). -@item @emph{Brackets Coding} +@item `Brackets Coding' In this encoding, a wide character is represented by the following eight character sequence: @@ -1460,7 +1458,7 @@ possible encoding schemes: @table @asis -@item @emph{UTF-8 Coding} +@item `UTF-8 Coding' A wide character is represented using UCS Transformation Format 8 (UTF-8) as defined in Annex R of ISO @@ -1480,7 +1478,7 @@ is a four, five, or six byte sequence: where the @code{xxx} bits correspond to the left-padded bits of the 32-bit character value. -@item @emph{Brackets Coding} +@item `Brackets Coding' In this encoding, a wide wide character is represented by the following ten or twelve byte character sequence: @@ -1971,7 +1969,7 @@ Display Copyright and version, then exit disregarding all other options. If @code{--version} was not used, display usage, then exit disregarding all other options. -@item @code{--subdirs=@emph{dir}} +@item @code{--subdirs=`dir'} Real object, library or exec directories are subdirectories <dir> of the specified ones. @@ -1990,7 +1988,7 @@ Start another section of directories/patterns. @table @asis -@item @code{-c@emph{filename}} +@item @code{-c`filename'} Create a configuration pragmas file @code{filename} (instead of the default @code{gnat.adc}). @@ -2007,7 +2005,7 @@ specified, no switch @code{-P} may be specified (see below). @table @asis -@item @code{-d@emph{dir}} +@item @code{-d`dir'} Look for source files in directory @code{dir}. There may be zero, one or more spaces between @code{-d} and @code{dir}. @@ -2035,7 +2033,7 @@ specified with switch @code{-d} must exist and be readable. @table @asis -@item @code{-D@emph{filename}} +@item @code{-D`filename'} Look for source files in all directories listed in text file @code{filename}. There may be zero, one or more spaces between @code{-D} @@ -2052,7 +2050,7 @@ Follow symbolic links when processing project files. @geindex -f (gnatname) -@item @code{-f@emph{pattern}} +@item @code{-f`pattern'} Foreign patterns. Using this switch, it is possible to add sources of languages other than Ada to the list of sources of a project file. @@ -2075,7 +2073,7 @@ Output usage (help) information. The output is written to @code{stdout}. @geindex -P (gnatname) -@item @code{-P@emph{proj}} +@item @code{-P`proj'} Create or update project file @code{proj}. There may be zero, one or more space between @code{-P} and @code{proj}. @code{proj} may include directory @@ -2112,7 +2110,7 @@ the Naming Patterns, an indication is given that there is no match. @geindex -x (gnatname) -@item @code{-x@emph{pattern}} +@item @code{-x`pattern'} Excluded patterns. Using this switch, it is possible to exclude some files that would match the name patterns. For example, @@ -2202,7 +2200,7 @@ and GNAT, which use the prefixes respectively. @end itemize -The @code{-gnatk@emph{nn}} +The @code{-gnatk`nn'} switch of the compiler activates a ‘krunching’ circuit that limits file names to nn characters (where nn is a decimal integer). @@ -2611,10 +2609,10 @@ Causes @code{gnatchop} to operate in compilation mode, in which configuration pragmas are handled according to strict RM rules. See previous section for a full description of this mode. -@item @code{-gnat@emph{xxx}} +@item @code{-gnat`xxx'} -This passes the given @code{-gnat@emph{xxx}} switch to @code{gnat} which is -used to parse the given file. Not all @emph{xxx} options make sense, +This passes the given @code{-gnat`xxx'} switch to @code{gnat} which is +used to parse the given file. Not all `xxx' options make sense, but for example, the use of @code{-gnati2} allows @code{gnatchop} to process a source file that uses Latin-2 coding for identifiers. @@ -2629,7 +2627,7 @@ output file showing usage information. @table @asis -@item @code{-k@emph{mm}} +@item @code{-k`mm'} Limit generated file names to the specified number @code{mm} of characters. @@ -2732,7 +2730,7 @@ units to be skipped. @table @asis -@item @code{--GCC=@emph{xxxx}} +@item @code{--GCC=`xxxx'} Specify the path of the GNAT parser to be used. When this switch is used, no attempt is made to add the prefix to the GNAT parser executable. @@ -2904,7 +2902,7 @@ the type of restriction. Restrictions that require partition-wide consistency (like @code{No_Tasking}) are recognized wherever they appear -and can be freely inherited, e.g. from a @emph{with}ed unit to the @emph{with}ing +and can be freely inherited, e.g. from a `with'ed unit to the `with'ing unit. This makes sense since the binder will in any case insist on seeing consistent use, so any unit not conforming to any restrictions that are anywhere in the partition will be rejected, and you might as well find @@ -2945,7 +2943,7 @@ configuration pragmas, or more conveniently by direct editing of the Besides @code{gnat.adc}, additional files containing configuration pragmas may be applied to the current compilation using the switch -@code{-gnatec=@emph{path}} where @code{path} must designate an existing file that +@code{-gnatec=`path'} where @code{path} must designate an existing file that contains only configuration pragmas. These configuration pragmas are in addition to those found in @code{gnat.adc} (provided @code{gnat.adc} is present and switch @code{-gnatA} is not used). @@ -3060,10 +3058,10 @@ additional source files as follows: @itemize * @item -If a file being compiled @emph{with}s a unit @code{X}, the object file +If a file being compiled `with's a unit @code{X}, the object file depends on the file containing the spec of unit @code{X}. This includes -files that are @emph{with}ed implicitly either because they are parents -of @emph{with}ed child units or they are run-time units required by the +files that are `with'ed implicitly either because they are parents +of `with'ed child units or they are run-time units required by the language constructs used in a particular unit. @item @@ -3117,7 +3115,7 @@ The object file for a parent unit depends on all its subunit body files. The previous two rules meant that for purposes of computing dependencies and recompilation, a body and all its subunits are treated as an indivisible whole. -These rules are applied transitively: if unit @code{A} @emph{with}s +These rules are applied transitively: if unit @code{A} `with's unit @code{B}, whose elaboration calls an inlined procedure in package @code{C}, the object file for unit @code{A} will depend on the body of @code{C}, in file @code{c.adb}. @@ -3179,7 +3177,7 @@ checking. Categorization information (e.g., use of pragma @code{Pure}). @item -Information on all @emph{with}ed units, including presence of +Information on all `with'ed units, including presence of @code{Elaborate} or @code{Elaborate_All} pragmas. @item @@ -3249,8 +3247,8 @@ object files for the Ada units of the program. This section describes how to build and use libraries with GNAT, and also shows how to recompile the GNAT run-time library. You should be familiar with the -Project Manager facility (see the @emph{GNAT_Project_Manager} chapter of the -@emph{GPRbuild User’s Guide}) before reading this chapter. +Project Manager facility (see the `GNAT_Project_Manager' chapter of the +`GPRbuild User’s Guide') before reading this chapter. @menu * Introduction to Libraries in GNAT:: @@ -3299,14 +3297,14 @@ documentation purposes. Alternatively, it may expose only the units needed by an external user to make use of the library. That is to say, the specs reflecting the library services along with all the units needed to compile those specs, which can include generic bodies or any body implementing an -inlined routine. In the case of @emph{stand-alone libraries} those exposed -units are called @emph{interface units} (@ref{6b,,Stand-alone Ada Libraries}). +inlined routine. In the case of `stand-alone libraries' those exposed +units are called `interface units' (@ref{6b,,Stand-alone Ada Libraries}). All compilation units comprising an application, including those in a library, need to be elaborated in an order partially defined by Ada’s semantics. GNAT computes the elaboration order from the @code{ALI} files and this is why they constitute a mandatory part of GNAT libraries. -@emph{Stand-alone libraries} are the exception to this rule because a specific +`Stand-alone libraries' are the exception to this rule because a specific library elaboration routine is produced independently of the application(s) using the library. @@ -3328,9 +3326,9 @@ using the library. The easiest way to build a library is to use the Project Manager, -which supports a special type of project called a @emph{Library Project} -(see the @emph{Library Projects} section in the @emph{GNAT Project Manager} -chapter of the @emph{GPRbuild User’s Guide}). +which supports a special type of project called a `Library Project' +(see the `Library Projects' section in the `GNAT Project Manager' +chapter of the `GPRbuild User’s Guide'). A project is considered a library project, when two project-level attributes are defined in it: @code{Library_Name} and @code{Library_Dir}. In order to @@ -3451,9 +3449,9 @@ $ rm *.o $ chmod -w *.ali @end example -Please note that the library must have a name of the form @code{lib@emph{xxx}.a} -or @code{lib@emph{xxx}.so} (or @code{lib@emph{xxx}.dll} on Windows) in order to -be accessed by the directive @code{-l@emph{xxx}} at link time. +Please note that the library must have a name of the form @code{lib`xxx'.a} +or @code{lib`xxx'.so} (or @code{lib`xxx'.dll} on Windows) in order to +be accessed by the directive @code{-l`xxx'} at link time. @node Installing a library,Using a library,Building a library,General Ada Libraries @anchor{gnat_ugn/the_gnat_compilation_model id39}@anchor{71}@anchor{gnat_ugn/the_gnat_compilation_model installing-a-library}@anchor{72} @@ -3465,8 +3463,8 @@ be accessed by the directive @code{-l@emph{xxx}} at link time. @geindex GPR_PROJECT_PATH If you use project files, library installation is part of the library build -process (see the @emph{Installing a Library with Project Files} section of the -@emph{GNAT Project Manager} chapter of the @emph{GPRbuild User’s Guide}). +process (see the `Installing a Library with Project Files' section of the +`GNAT Project Manager' chapter of the `GPRbuild User’s Guide'). When project files are not an option, it is also possible, but not recommended, to install the library so that the sources needed to use the library are on the @@ -3519,7 +3517,7 @@ any part of it. Once again, the project facility greatly simplifies the use of libraries. In this context, using a library is just a matter of adding a -@emph{with} clause in the user project. For instance, to make use of the +`with' clause in the user project. For instance, to make use of the library @code{My_Lib} shown in examples in earlier sections, you can write: @@ -3532,7 +3530,7 @@ end My_Proj; Even if you have a third-party, non-Ada library, you can still use GNAT’s Project Manager facility to provide a wrapper for it. For example, the -following project, when @emph{with}ed by your main project, will link with the +following project, when `with'ed by your main project, will link with the third-party library @code{liba.a}: @example @@ -3662,12 +3660,12 @@ main routine is not written in Ada. GNAT’s Project facility provides a simple way of building and installing -stand-alone libraries; see the @emph{Stand-alone Library Projects} section -in the @emph{GNAT Project Manager} chapter of the @emph{GPRbuild User’s Guide}. +stand-alone libraries; see the `Stand-alone Library Projects' section +in the `GNAT Project Manager' chapter of the `GPRbuild User’s Guide'. To be a Stand-alone Library Project, in addition to the two attributes that make a project a Library Project (@code{Library_Name} and -@code{Library_Dir}; see the @emph{Library Projects} section in the -@emph{GNAT Project Manager} chapter of the @emph{GPRbuild User’s Guide}), +@code{Library_Dir}; see the `Library Projects' section in the +`GNAT Project Manager' chapter of the `GPRbuild User’s Guide'), the attribute @code{Library_Interface} must be defined. For example: @example @@ -4054,7 +4052,7 @@ end Config; The @code{Config} package exists in multiple forms for the various targets, with an appropriate script selecting the version of @code{Config} needed. -Then any other unit requiring conditional compilation can do a @emph{with} +Then any other unit requiring conditional compilation can do a `with' of @code{Config} to make the constants visible. @node Debugging - A Special Case,Conditionalizing Declarations,Use of Boolean Constants,Modeling Conditional Compilation in Ada @@ -4445,7 +4443,7 @@ For further discussion of conditional compilation in general, see @subsubsection Preprocessing Symbols -Preprocessing symbols are defined in @emph{definition files} and referenced in the +Preprocessing symbols are defined in `definition files' and referenced in the sources to be preprocessed. A preprocessing symbol is an identifier, following normal Ada (case-insensitive) rules for its syntax, with the restriction that all characters need to be in the ASCII set (no accented letters). @@ -4470,7 +4468,7 @@ where @table @asis -@item @emph{switches} +@item `switches' is an optional sequence of switches as described in the next section. @end table @@ -4479,7 +4477,7 @@ is an optional sequence of switches as described in the next section. @table @asis -@item @emph{infile} +@item `infile' is the full name of the input file, which is an Ada source file containing preprocessor directives. @@ -4489,7 +4487,7 @@ file containing preprocessor directives. @table @asis -@item @emph{outfile} +@item `outfile' is the full name of the output file, which is an Ada source in standard Ada form. When used with GNAT, this file name will @@ -4580,7 +4578,7 @@ this context since comments are ignored by the compiler in any case). @table @asis -@item @code{-D@emph{symbol}[=@emph{value}]} +@item @code{-D`symbol'[=`value']} Defines a new preprocessing symbol with the specified value. If no value is given on the command line, then symbol is considered to be @code{True}. This switch @@ -4830,7 +4828,7 @@ As noted above, a file to be preprocessed consists of Ada source code in which preprocessing lines have been inserted. However, instead of using @code{gnatprep} to explicitly preprocess a file as a separate step before compilation, you can carry out the preprocessing implicitly -as part of compilation. Such @emph{integrated preprocessing}, which is the common +as part of compilation. Such `integrated preprocessing', which is the common style with C, is performed when either or both of the following switches are passed to the compiler: @@ -4840,7 +4838,7 @@ are passed to the compiler: @itemize * @item -@code{-gnatep}, which specifies the @emph{preprocessor data file}. +@code{-gnatep}, which specifies the `preprocessor data file'. This file dictates how the source files will be preprocessed (e.g., which symbol definition files apply to which sources). @@ -4869,7 +4867,7 @@ When using project files: @item the builder switch @code{-x} should be used if any Ada source is compiled with @code{gnatep=}, so that the compiler finds the -@emph{preprocessor data file}. +`preprocessor data file'. @item the preprocessing data file and the symbol definition files should be @@ -4891,7 +4889,7 @@ that relate to integrated preprocessing. @table @asis -@item @code{-gnatep=@emph{preprocessor_data_file}} +@item @code{-gnatep=`preprocessor_data_file'} This switch specifies the file name (without directory information) of the preprocessor data file. Either place this file @@ -4911,12 +4909,12 @@ end Prj; @end example @end quotation -A preprocessor data file is a text file that contains @emph{preprocessor -control lines}. A preprocessor control line directs the preprocessing of +A preprocessor data file is a text file that contains `preprocessor +control lines'. A preprocessor control line directs the preprocessing of either a particular source file, or, analogous to @code{others} in Ada, all sources not specified elsewhere in the preprocessor data file. A preprocessor control line -can optionally identify a @emph{definition file} that assigns values to +can optionally identify a `definition file' that assigns values to preprocessor symbols, as well as a list of switches that relate to preprocessing. Empty lines and comments (using Ada syntax) are also permitted, with no @@ -5007,7 +5005,7 @@ Causes both preprocessor lines and the lines deleted by preprocessing to be retained as comments marked with the special string ‘@cite{–!}’. -@item @code{-D@emph{symbol}=@emph{new_value}} +@item @code{-D`symbol'=`new_value'} Define or redefine @code{symbol} to have @code{new_value} as its value. The permitted form for @code{symbol} is either an Ada identifier, or any Ada reserved word @@ -5036,7 +5034,7 @@ a @code{#if} or @code{#elsif} test will be treated as an error. @table @asis -@item @code{-gnateD@emph{symbol}[=@emph{new_value}]} +@item @code{-gnateD`symbol'[=`new_value']} Define or redefine @code{symbol} to have @code{new_value} as its value. If no value is supplied, then the value of @code{symbol} is @code{True}. @@ -5533,7 +5531,7 @@ The return type must be the same as the type of the first argument. The size of this type can only be 8, 16, 32, or 64. @item -Binary arithmetic operators: ‘+’, ‘-‘, ‘*’, ‘/’. +Binary arithmetic operators: ‘+’, ‘-’, ‘*’, ‘/’. The corresponding operator declaration must have parameters and result type that have the same root numeric type (for example, all three are long_float types). This simplifies the definition of operations that use type checking @@ -6461,7 +6459,7 @@ If you want to generate a single Ada file and not the transitive closure, you can use instead the @code{-fdump-ada-spec-slim} switch. You can optionally specify a parent unit, of which all generated units will -be children, using @code{-fada-spec-parent=@emph{unit}}. +be children, using @code{-fada-spec-parent=`unit'}. The simple @code{gcc}-based command works only for C headers. For C++ headers you need to use either the @code{g++} command or the combination @code{gcc -x c++}. @@ -6502,7 +6500,7 @@ $ gcc -c -fdump-ada-spec readline1.h Generating bindings for C++ headers is done using the same options, always -with the @emph{g++} compiler. Note that generating Ada spec from C++ headers is a +with the `g++' compiler. Note that generating Ada spec from C++ headers is a much more complex job and support for C++ headers is much more limited that support for C headers. As a result, you will need to modify the resulting bindings by hand more extensively when using C++ headers. @@ -6510,7 +6508,7 @@ bindings by hand more extensively when using C++ headers. In this mode, C++ classes will be mapped to Ada tagged types, constructors will be mapped using the @code{CPP_Constructor} pragma, and when possible, multiple inheritance of abstract classes will be mapped to Ada interfaces -(see the @emph{Interfacing to C++} section in the @cite{GNAT Reference Manual} +(see the `Interfacing to C++' section in the @cite{GNAT Reference Manual} for additional information on interfacing to C++). For example, given the following C++ header file: @@ -6629,7 +6627,7 @@ only. @table @asis -@item @code{-fada-spec-parent=@emph{unit}} +@item @code{-fada-spec-parent=`unit'} Specifies that all files generated by @code{-fdump-ada-spec} are to be child units of the specified parent unit. @@ -6780,7 +6778,7 @@ used for Ada 83. The GNAT model of compilation is close to the C and C++ models. You can think of Ada specs as corresponding to header files in C. As in C, you don’t need to compile specs; they are compiled when they are used. The -Ada @emph{with} is similar in effect to the @code{#include} of a C +Ada `with' is similar in effect to the @code{#include} of a C header. One notable difference is that, in Ada, you may compile specs separately @@ -6830,7 +6828,7 @@ previously compiled. In particular: @itemize * @item -When a unit is @emph{with}ed, the unit seen by the compiler corresponds +When a unit is `with'ed, the unit seen by the compiler corresponds to the version of the unit most recently compiled into the library. @item @@ -6849,7 +6847,7 @@ files can affect the results of a compilation. In particular: @itemize * @item -When a unit is @emph{with}ed, the unit seen by the compiler corresponds +When a unit is `with'ed, the unit seen by the compiler corresponds to the source version of the unit that is currently accessible to the compiler. @@ -7042,8 +7040,8 @@ dependencies, they will always be tracked exactly correctly by @code{gnatmake}. Note that for advanced forms of project structure, we recommend creating -a project file as explained in the @emph{GNAT_Project_Manager} chapter in the -@emph{GPRbuild User’s Guide}, and using the +a project file as explained in the `GNAT_Project_Manager' chapter in the +`GPRbuild User’s Guide', and using the @code{gprbuild} tool which supports building with project files and works similarly to @code{gnatmake}. @@ -7125,7 +7123,7 @@ all other options. @table @asis -@item @code{-P@emph{project}} +@item @code{-P`project'} Build GNAT project file @code{project} using GPRbuild. When this switch is present, all other command-line switches are treated as GPRbuild switches @@ -7140,7 +7138,7 @@ and not @code{gnatmake} switches. @table @asis -@item @code{--GCC=@emph{compiler_name}} +@item @code{--GCC=`compiler_name'} Program used for compiling. The default is @code{gcc}. You need to use quotes around @code{compiler_name} if @code{compiler_name} contains @@ -7163,7 +7161,7 @@ all the additional switches are also taken into account. Thus, @table @asis -@item @code{--GNATBIND=@emph{binder_name}} +@item @code{--GNATBIND=`binder_name'} Program used for binding. The default is @code{gnatbind}. You need to use quotes around @code{binder_name} if @code{binder_name} contains spaces @@ -7181,7 +7179,7 @@ itself must not include any embedded spaces. @table @asis -@item @code{--GNATLINK=@emph{linker_name}} +@item @code{--GNATLINK=`linker_name'} Program used for linking. The default is @code{gnatlink}. You need to use quotes around @code{linker_name} if @code{linker_name} contains spaces @@ -7198,7 +7196,7 @@ itself must not include any embedded spaces. When linking an executable, create a map file. The name of the map file has the same name as the executable with extension “.map”. -@item @code{--create-map-file=@emph{mapfile}} +@item @code{--create-map-file=`mapfile'} When linking an executable, create a map file with the specified name. @end table @@ -7210,7 +7208,7 @@ When linking an executable, create a map file with the specified name. @item @code{--create-missing-dirs} -When using project files (@code{-P@emph{project}}), automatically create +When using project files (@code{-P`project'}), automatically create missing object directories, library directories and exec directories. @@ -7219,7 +7217,7 @@ directories. Disallow simultaneous compilations in the same object directory when project files are used. -@item @code{--subdirs=@emph{subdir}} +@item @code{--subdirs=`subdir'} Actual object directory of each project file is the subdirectory subdir of the object directory specified or defaulted in the project file. @@ -7230,7 +7228,7 @@ By default, shared library projects are not allowed to import static library projects. When this switch is used on the command line, this restriction is relaxed. -@item @code{--source-info=@emph{source info file}} +@item @code{--source-info=`source info file'} Specify a source info file. This switch is active only when project files are used. If the source info file is specified as a relative path, then it is @@ -7341,7 +7339,7 @@ will add any newly accessed sources to the mapping file. @table @asis -@item @code{-C=@emph{file}} +@item @code{-C=`file'} Use a specific mapping file. The file, specified as a path name (absolute or relative) by this switch, should already exist, otherwise the switch is @@ -7373,7 +7371,7 @@ the compiler. These lines are displayed even in quiet output mode. @table @asis -@item @code{-D @emph{dir}} +@item @code{-D `dir'} Put all object files and ALI file in directory @code{dir}. If the @code{-D} switch is not used, all object files @@ -7387,7 +7385,7 @@ This switch cannot be used when using a project file. @table @asis -@item @code{-eI@emph{nnn}} +@item @code{-eI`nnn'} Indicates that the main source is a multi-unit source and the rank of the unit in the source file is nnn. nnn needs to be a positive number and a valid @@ -7499,7 +7497,7 @@ object and ALI files in the directory where it found the dummy file. @table @asis -@item @code{-j@emph{n}} +@item @code{-j`n'} Use @code{n} processes to carry out the (re)compilations. On a multiprocessor machine compilations will occur in parallel. If @code{n} is 0, then the @@ -7591,7 +7589,7 @@ is typically what you want. If you also specify the @code{-a} switch, dependencies of the GNAT internal files are also listed. Note that dependencies of the objects in external Ada libraries (see -switch @code{-aL@emph{dir}} in the following list) +switch @code{-aL`dir'} in the following list) are never reported. @end table @@ -7614,7 +7612,7 @@ file, will eventually result in recompiling all required units. @table @asis -@item @code{-o @emph{exec_name}} +@item @code{-o `exec_name'} Output executable name. The name of the final executable program will be @code{exec_name}. If the @code{-o} switch is omitted the default @@ -7732,7 +7730,7 @@ Verbosity level Medium. Potentially display fewer lines than in verbosity High. Verbosity level High. Equivalent to -v. -@item @code{-vP@emph{x}} +@item @code{-vP`x'} Indicate the verbosity of the parsing of GNAT project files. See @ref{cf,,Switches Related to Project Files}. @@ -7754,7 +7752,7 @@ be those specified on the command line. Even when @code{-x} is used, mains specified on the command line need to be sources of a project file. -@item @code{-X@emph{name}=@emph{value}} +@item @code{-X`name'=`value'} Indicate that external variable @code{name} has the value @code{value}. The Project Manager will use this value for occurrences of @@ -7789,7 +7787,7 @@ is passed to @code{gcc} (e.g., @code{-O}, @code{-gnato,} etc.) @table @asis -@item @code{-aI@emph{dir}} +@item @code{-aI`dir'} When looking for source files also look in directory @code{dir}. The order in which source files search is undertaken is @@ -7801,7 +7799,7 @@ described in @ref{73,,Search Paths and the Run-Time Library (RTL)}. @table @asis -@item @code{-aL@emph{dir}} +@item @code{-aL`dir'} Consider @code{dir} as being an externally provided Ada library. Instructs @code{gnatmake} to skip compilation units whose @code{.ALI} @@ -7809,7 +7807,7 @@ files have been located in directory @code{dir}. This allows you to have missing bodies for the units in @code{dir} and to ignore out of date bodies for the same units. You still need to specify the location of the specs for these units by using the switches -@code{-aI@emph{dir}} or @code{-I@emph{dir}}. +@code{-aI`dir'} or @code{-I`dir'}. Note: this switch is provided for compatibility with previous versions of @code{gnatmake}. The easier method of causing standard libraries to be excluded from consideration is to write-protect the corresponding @@ -7821,7 +7819,7 @@ ALI files. @table @asis -@item @code{-aO@emph{dir}} +@item @code{-aO`dir'} When searching for library and object files, look in directory @code{dir}. The order in which library files are searched is described in @@ -7836,15 +7834,15 @@ When searching for library and object files, look in directory @table @asis -@item @code{-A@emph{dir}} +@item @code{-A`dir'} -Equivalent to @code{-aL@emph{dir}} @code{-aI@emph{dir}}. +Equivalent to @code{-aL`dir'} @code{-aI`dir'}. @geindex -I (gnatmake) -@item @code{-I@emph{dir}} +@item @code{-I`dir'} -Equivalent to @code{-aO@emph{dir} -aI@emph{dir}}. +Equivalent to @code{-aO`dir' -aI`dir'}. @end table @geindex -I- (gnatmake) @@ -7870,11 +7868,11 @@ where @code{gnatmake} was invoked. @table @asis -@item @code{-L@emph{dir}} +@item @code{-L`dir'} Add directory @code{dir} to the list of directories in which the linker will search for libraries. This is equivalent to -@code{-largs} @code{-L@emph{dir}}. +@code{-largs} @code{-L`dir'}. Furthermore, under Windows, the sources pointed to by the libraries path set in the registry are not searched for. @end table @@ -7904,7 +7902,7 @@ Do not look for library files in the system default directory. @table @asis -@item @code{--RTS=@emph{rts-path}} +@item @code{--RTS=`rts-path'} Specifies the default location of the run-time library. GNAT looks for the run-time @@ -7916,13 +7914,13 @@ in the following directories, and stops as soon as a valid run-time is found @itemize * @item -@emph{<current directory>/$rts_path} +`<current directory>/$rts_path' @item -@emph{<default-search-dir>/$rts_path} +`<default-search-dir>/$rts_path' @item -@emph{<default-search-dir>/rts-$rts_path} +`<default-search-dir>/rts-$rts_path' @item The selected path is handled like a normal RTS path. @@ -7946,7 +7944,7 @@ designated component of GNAT. @table @asis -@item @code{-cargs @emph{switches}} +@item @code{-cargs `switches'} Compiler switches. Here @code{switches} is a list of switches that are valid switches for @code{gcc}. They will be passed on to @@ -7958,7 +7956,7 @@ all compile steps performed by @code{gnatmake}. @table @asis -@item @code{-bargs @emph{switches}} +@item @code{-bargs `switches'} Binder switches. Here @code{switches} is a list of switches that are valid switches for @code{gnatbind}. They will be passed on to @@ -7970,7 +7968,7 @@ all bind steps performed by @code{gnatmake}. @table @asis -@item @code{-largs @emph{switches}} +@item @code{-largs `switches'} Linker switches. Here @code{switches} is a list of switches that are valid switches for @code{gnatlink}. They will be passed on to @@ -7982,7 +7980,7 @@ all link steps performed by @code{gnatmake}. @table @asis -@item @code{-margs @emph{switches}} +@item @code{-margs `switches'} Make switches. The switches are directly interpreted by @code{gnatmake}, regardless of any previous occurrence of @code{-cargs}, @code{-bargs} @@ -8034,9 +8032,9 @@ unless @code{-a} is also specified. @item @code{gnatmake} has been designed to make the use of Ada libraries particularly convenient. Assume you have an Ada library organized -as follows: @emph{obj-dir} contains the objects and ALI files for +as follows: `obj-dir' contains the objects and ALI files for of your Ada compilation units, -whereas @emph{include-dir} contains the +whereas `include-dir' contains the specs of these units, but no bodies. Then to compile a unit stored in @code{main.adb}, which uses this Ada library you would just type: @@ -8070,7 +8068,7 @@ it may be useful to have some basic understanding of the @code{gnatmake} approach and in particular to understand how it uses the results of previous compilations without incorrectly depending on them. -First a definition: an object file is considered @emph{up to date} if the +First a definition: an object file is considered `up to date' if the corresponding ALI file exists and if all the source files listed in the dependency section of this ALI file have time stamps matching those in the ALI file. This means that neither the source file itself nor any @@ -8114,13 +8112,13 @@ by @code{gnatmake}. It may be necessary to use the switch @table @asis -@item @emph{gnatmake hello.adb} +@item `gnatmake hello.adb' Compile all files necessary to bind and link the main program @code{hello.adb} (containing unit @code{Hello}) and bind and link the resulting object files to generate an executable file @code{hello}. -@item @emph{gnatmake main1 main2 main3} +@item `gnatmake main1 main2 main3' Compile all files necessary to bind and link the main programs @code{main1.adb} (containing unit @code{Main1}), @code{main2.adb} @@ -8129,7 +8127,7 @@ Compile all files necessary to bind and link the main programs to generate three executable files @code{main1}, @code{main2} and @code{main3}. -@item @emph{gnatmake -q Main_Unit -cargs -O2 -bargs -l} +@item `gnatmake -q Main_Unit -cargs -O2 -bargs -l' Compile all files necessary to bind and link the main program unit @code{Main_Unit} (from file @code{main_unit.adb}). All compilations will @@ -8180,7 +8178,7 @@ the body file (@code{.adb}) for a library level package or generic package that has a body @end itemize -You need @emph{not} compile the following files +You need `not' compile the following files @itemize * @@ -8242,7 +8240,7 @@ two output files in the current directory, but you may specify a source file in any directory using an absolute or relative path specification containing the directory information. -TESTING: the @code{--foobar@emph{NN}} switch +TESTING: the @code{--foobar`NN'} switch @geindex gnat1 @@ -8407,7 +8405,7 @@ file directly. @item When you compile a unit, the source files for the specs of all units -that it @emph{with}s, all its subunits, and the bodies of any generics it +that it `with's, all its subunits, and the bodies of any generics it instantiates must be available (reachable by the search-paths mechanism described above), or you will receive a fatal error message. @end itemize @@ -8489,7 +8487,7 @@ compilation units. @table @asis -@item @code{-b @emph{target}} +@item @code{-b `target'} Compile your program to run on @code{target}, which is the name of a system configuration. You must have a GNAT cross-compiler built if @@ -8501,7 +8499,7 @@ system configuration. You must have a GNAT cross-compiler built if @table @asis -@item @code{-B@emph{dir}} +@item @code{-B`dir'} Load compiler executables (for example, @code{gnat1}, the Ada compiler) from @code{dir} instead of the default location. Only use this switch @@ -8587,7 +8585,7 @@ emitted in the debug information. @table @asis -@item @code{-flto[=@emph{n}]} +@item @code{-flto[=`n']} Enables Link Time Optimization. This switch must be used in conjunction with the @code{-Ox} switches (but not with the @code{-gnatn} switch @@ -8978,7 +8976,7 @@ ALI files. @table @asis -@item @code{-gnatec=@emph{path}} +@item @code{-gnatec=`path'} Specify a configuration pragma file (the equal sign is optional) @@ -9012,7 +9010,7 @@ Disable atomic synchronization @table @asis -@item @code{-gnateDsymbol[=@emph{value}]} +@item @code{-gnateDsymbol[=`value']} Defines a symbol, associated with @code{value}, for preprocessing. (@ref{90,,Integrated Preprocessing}). @@ -9084,7 +9082,7 @@ Save result of preprocessing in a text file. @table @asis -@item @code{-gnatei@emph{nnn}} +@item @code{-gnatei`nnn'} Set maximum number of instantiations during compilation of a single unit to @code{nnn}. This may be useful in increasing the default maximum of 8000 for @@ -9096,7 +9094,7 @@ the rare case when a single unit legitimately exceeds this limit. @table @asis -@item @code{-gnateI@emph{nnn}} +@item @code{-gnateI`nnn'} Indicates that the source is a multi-unit source and that the index of the unit to compile is @code{nnn}. @code{nnn} needs to be a positive number and need @@ -9135,7 +9133,7 @@ This switch turns off the info messages about implicit elaboration pragmas. @table @asis -@item @code{-gnatem=@emph{path}} +@item @code{-gnatem=`path'} Specify a mapping file (the equal sign is optional) @@ -9147,7 +9145,7 @@ Specify a mapping file @table @asis -@item @code{-gnatep=@emph{file}} +@item @code{-gnatep=`file'} Specify a preprocessing data file (the equal sign is optional) @@ -9184,7 +9182,7 @@ Synonym of @code{-fdump-scos}, kept for backwards compatibility. @table @asis -@item @code{-gnatet=@emph{path}} +@item @code{-gnatet=`path'} Generate target dependent information. The format of the output file is described in the section about switch @code{-gnateT}. @@ -9195,7 +9193,7 @@ described in the section about switch @code{-gnateT}. @table @asis -@item @code{-gnateT=@emph{path}} +@item @code{-gnateT=`path'} Read target dependent information, such as endianness or sizes and alignments of base type. If this switch is passed, the default target dependent @@ -9449,7 +9447,7 @@ For further details see @ref{f,,Elaboration Order Handling in GNAT}. @table @asis -@item @code{-gnati@emph{c}} +@item @code{-gnati`c'} Identifier character set (@code{c} = 1/2/3/4/5/9/p/8/f/n/w). For details of the possible selections for @code{c}, @@ -9482,7 +9480,7 @@ code is likely to malfunction at run time. @table @asis -@item @code{-gnatj@emph{nn}} +@item @code{-gnatj`nn'} Reformat error messages to fit on @code{nn} character lines @end table @@ -9543,7 +9541,7 @@ details see @ref{f,,Elaboration Order Handling in GNAT}. @table @asis -@item @code{-gnatk=@emph{n}} +@item @code{-gnatk=`n'} Limit file names to @code{n} (1-999) characters (@code{k} = krunch). @end table @@ -9575,7 +9573,7 @@ source output. @table @asis -@item @code{-gnatm=@emph{n}} +@item @code{-gnatm=`n'} Limit number of detected error or warning messages to @code{n} where @code{n} is in the range 1..999999. The default setting if @@ -9656,7 +9654,7 @@ Interpretation @item -@emph{1} +`1' @tab @@ -9664,7 +9662,7 @@ All intermediate overflows checked against base type (@code{STRICT}) @item -@emph{2} +`2' @tab @@ -9672,7 +9670,7 @@ Minimize intermediate overflows (@code{MINIMIZED}) @item -@emph{3} +`3' @tab @@ -9795,7 +9793,7 @@ Print package Standard. @table @asis -@item @code{-gnatT@emph{nnn}} +@item @code{-gnatT`nnn'} All compiler tables start at @code{nnn} times usual starting size. @end table @@ -9845,7 +9843,7 @@ Control level of validity checking (@ref{e7,,Validity Checking}). @table @asis -@item @code{-gnatw@emph{xxx}} +@item @code{-gnatw`xxx'} Warning mode where @code{xxx} is a string of option letters that denotes @@ -9858,7 +9856,7 @@ are enabled or disabled (@ref{eb,,Warning Message Control}). @table @asis -@item @code{-gnatW@emph{e}} +@item @code{-gnatW`e'} Wide character encoding method (@code{e}=n/h/u/s/e/8). @@ -9899,7 +9897,7 @@ Enable built-in style checks (@ref{ec,,Style Checking}). @table @asis -@item @code{-gnatz@emph{m}} +@item @code{-gnatz`m'} Distribution stub generation and compilation (@code{m}=r/c for receiver/caller stubs). @@ -9910,7 +9908,7 @@ Distribution stub generation and compilation @table @asis -@item @code{-I@emph{dir}} +@item @code{-I`dir'} @geindex RTL @@ -9938,7 +9936,7 @@ files in the directory containing the source file named in the command line @table @asis -@item @code{-o @emph{file}} +@item @code{-o `file'} This switch is used in @code{gcc} to redirect the generated object file and its associated ALI file. Beware of this switch with GNAT, because it may @@ -9973,7 +9971,7 @@ Library (RTL) ALI files. @table @asis -@item @code{-O[@emph{n}]} +@item @code{-O[`n']} @code{n} controls the optimization level: @@ -9981,7 +9979,7 @@ Library (RTL) ALI files. @multitable {xxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} @item -@emph{n} +`n' @tab @@ -9989,7 +9987,7 @@ Effect @item -@emph{0} +`0' @tab @@ -9997,7 +9995,7 @@ No optimization, the default setting if no @code{-O} appears @item -@emph{1} +`1' @tab @@ -10007,7 +10005,7 @@ time. @item -@emph{2} +`2' @tab @@ -10016,7 +10014,7 @@ the cost of substantially increased compilation time. @item -@emph{3} +`3' @tab @@ -10025,7 +10023,7 @@ subprograms in the same unit. @item -@emph{s} +`s' @tab @@ -10053,7 +10051,7 @@ exit status. @table @asis -@item @code{--RTS=@emph{rts-path}} +@item @code{--RTS=`rts-path'} Specifies the default location of the run-time library. Same meaning as the equivalent @code{gnatmake} flag (@ref{ce,,Switches for gnatmake}). @@ -10102,7 +10100,7 @@ compiler you are executing. @table @asis -@item @code{-V @emph{ver}} +@item @code{-V `ver'} Execute @code{ver} version of the compiler. This is the @code{gcc} version, not the GNAT version. @@ -10301,7 +10299,7 @@ warning messages generated. @table @asis -@item @code{-gnatl=@emph{fname}} +@item @code{-gnatl=`fname'} This has the same effect as @code{-gnatl} except that the output is written to a file instead of to standard output. If the given name @@ -10345,7 +10343,7 @@ format message or full listing (which as usual is written to @table @asis -@item @code{-gnatm=@emph{n}} +@item @code{-gnatm=`n'} The @code{m} stands for maximum. @code{n} is a decimal integer in the @@ -10607,7 +10605,7 @@ Wrong length on string assignment Violations of style rules if style checking is enabled @item -Unused @emph{with} clauses +Unused `with' clauses @item @code{Bit_Order} usage that does not have any effect @@ -10622,7 +10620,7 @@ Dereference of possibly null value Declaration that is likely to cause storage error @item -Internal GNAT unit @emph{with}ed by application unit +Internal GNAT unit `with'ed by application unit @item Values known to be out of range at compile time @@ -10676,7 +10674,7 @@ of the pragma in the @cite{GNAT_Reference_manual}). @item @code{-gnatwa} -@emph{Activate most optional warnings.} +`Activate most optional warnings.' This switch activates most optional warning messages. See the remaining list in this section for details on optional warning messages that can be @@ -10751,7 +10749,7 @@ All other optional warnings are turned on. @item @code{-gnatwA} -@emph{Suppress all optional errors.} +`Suppress all optional errors.' This switch suppresses all optional warning messages, see remaining list in this section for details on optional warning messages that can be @@ -10773,7 +10771,7 @@ the warnings for implicit dereferencing. @item @code{-gnatw.a} -@emph{Activate warnings on failing assertions.} +`Activate warnings on failing assertions.' @geindex Assert failures @@ -10790,7 +10788,7 @@ generated. @item @code{-gnatw.A} -@emph{Suppress warnings on failing assertions.} +`Suppress warnings on failing assertions.' @geindex Assert failures @@ -10805,7 +10803,7 @@ compile time that the assertion will fail. @item @code{-gnatw_a} -@emph{Activate warnings on anonymous allocators.} +`Activate warnings on anonymous allocators.' @geindex Anonymous allocators @@ -10822,7 +10820,7 @@ RM 3.10.2 (14). @item @code{-gnatw_A} -@emph{Supress warnings on anonymous allocators.} +`Supress warnings on anonymous allocators.' @geindex Anonymous allocators @@ -10836,7 +10834,7 @@ This switch suppresses warnings for anonymous access type allocators. @item @code{-gnatwb} -@emph{Activate warnings on bad fixed values.} +`Activate warnings on bad fixed values.' @geindex Bad fixed values @@ -10860,7 +10858,7 @@ are not generated. @item @code{-gnatwB} -@emph{Suppress warnings on bad fixed values.} +`Suppress warnings on bad fixed values.' This switch suppresses warnings for static fixed-point expressions whose value is not an exact multiple of Small. @@ -10873,7 +10871,7 @@ value is not an exact multiple of Small. @item @code{-gnatw.b} -@emph{Activate warnings on biased representation.} +`Activate warnings on biased representation.' @geindex Biased representation @@ -10890,7 +10888,7 @@ to represent 10/11). The default is that such warnings are generated. @item @code{-gnatw.B} -@emph{Suppress warnings on biased representation.} +`Suppress warnings on biased representation.' This switch suppresses warnings for representation clauses that force the use of biased representation. @@ -10903,7 +10901,7 @@ of biased representation. @item @code{-gnatwc} -@emph{Activate warnings on conditionals.} +`Activate warnings on conditionals.' @geindex Conditionals @geindex constant @@ -10940,7 +10938,7 @@ This warning can also be turned on using @code{-gnatwa}. @item @code{-gnatwC} -@emph{Suppress warnings on conditionals.} +`Suppress warnings on conditionals.' This switch suppresses warnings for conditional expressions used in tests that are known to be True or False at compile time. @@ -10953,7 +10951,7 @@ tests that are known to be True or False at compile time. @item @code{-gnatw.c} -@emph{Activate warnings on missing component clauses.} +`Activate warnings on missing component clauses.' @geindex Component clause @geindex missing @@ -10971,7 +10969,7 @@ component for which no component clause is present. @item @code{-gnatw.C} -@emph{Suppress warnings on missing component clauses.} +`Suppress warnings on missing component clauses.' This switch suppresses warnings for record components that are missing a component clause in the situation described above. @@ -10984,7 +10982,7 @@ missing a component clause in the situation described above. @item @code{-gnatw_c} -@emph{Activate warnings on unknown condition in Compile_Time_Warning.} +`Activate warnings on unknown condition in Compile_Time_Warning.' @geindex Compile_Time_Warning @@ -11003,7 +11001,7 @@ The default is that such warnings are generated. @item @code{-gnatw_C} -@emph{Suppress warnings on unknown condition in Compile_Time_Warning.} +`Suppress warnings on unknown condition in Compile_Time_Warning.' This switch supresses warnings on a pragma Compile_Time_Warning or Compile_Time_Error whose condition has a value that is not @@ -11017,7 +11015,7 @@ known at compile time. @item @code{-gnatwd} -@emph{Activate warnings on implicit dereferencing.} +`Activate warnings on implicit dereferencing.' If this switch is set, then the use of a prefix of an access type in an indexed component, slice, or selected component without an @@ -11035,7 +11033,7 @@ warnings are not generated. @item @code{-gnatwD} -@emph{Suppress warnings on implicit dereferencing.} +`Suppress warnings on implicit dereferencing.' @geindex Implicit dereferencing @@ -11053,7 +11051,7 @@ indexed components, slices, and selected components. @item @code{-gnatw.d} -@emph{Activate tagging of warning and info messages.} +`Activate tagging of warning and info messages.' If this switch is set, then warning messages are tagged, with one of the following strings: @@ -11064,35 +11062,35 @@ following strings: @itemize - @item -@emph{[-gnatw?]} +`[-gnatw?]' Used to tag warnings controlled by the switch @code{-gnatwx} where x is a letter a-z. @item -@emph{[-gnatw.?]} +`[-gnatw.?]' Used to tag warnings controlled by the switch @code{-gnatw.x} where x is a letter a-z. @item -@emph{[-gnatel]} +`[-gnatel]' Used to tag elaboration information (info) messages generated when the static model of elaboration is used and the @code{-gnatel} switch is set. @item -@emph{[restriction warning]} +`[restriction warning]' Used to tag warning messages for restriction violations, activated by use of the pragma @code{Restriction_Warnings}. @item -@emph{[warning-as-error]} +`[warning-as-error]' Used to tag warning messages that have been converted to error messages by use of the pragma Warning_As_Error. Note that such warnings are prefixed by -the string “error: ” rather than “warning: “. +the string “error: “ rather than “warning: “. @item -@emph{[enabled by default]} +`[enabled by default]' Used to tag all other warnings that are always given by default, unless -warnings are completely suppressed using pragma @emph{Warnings(Off)} or +warnings are completely suppressed using pragma `Warnings(Off)' or the switch @code{-gnatws}. @end itemize @end quotation @@ -11105,7 +11103,7 @@ the switch @code{-gnatws}. @item @code{-gnatw.D} -@emph{Deactivate tagging of warning and info messages messages.} +`Deactivate tagging of warning and info messages messages.' If this switch is set, then warning messages return to the default mode in which warnings and info messages are not tagged as described above for @@ -11122,7 +11120,7 @@ mode in which warnings and info messages are not tagged as described above for @item @code{-gnatwe} -@emph{Treat warnings and style checks as errors.} +`Treat warnings and style checks as errors.' This switch causes warning messages and style check messages to be treated as errors. @@ -11140,7 +11138,7 @@ are not treated as errors if this switch is present. @item @code{-gnatw.e} -@emph{Activate every optional warning.} +`Activate every optional warning.' @geindex Warnings @geindex activate every optional warning @@ -11164,7 +11162,7 @@ been specifically designed according to specialized coding rules. @item @code{-gnatwE} -@emph{Treat all run-time exception warnings as errors.} +`Treat all run-time exception warnings as errors.' This switch causes warning messages regarding errors that will be raised during run-time execution to be treated as errors. @@ -11177,7 +11175,7 @@ during run-time execution to be treated as errors. @item @code{-gnatwf} -@emph{Activate warnings on unreferenced formals.} +`Activate warnings on unreferenced formals.' @geindex Formals @geindex unreferenced @@ -11195,7 +11193,7 @@ default is that these warnings are not generated. @item @code{-gnatwF} -@emph{Suppress warnings on unreferenced formals.} +`Suppress warnings on unreferenced formals.' This switch suppresses warnings for unreferenced formal parameters. Note that the @@ -11211,7 +11209,7 @@ formals. @item @code{-gnatwg} -@emph{Activate warnings on unrecognized pragmas.} +`Activate warnings on unrecognized pragmas.' @geindex Pragmas @geindex unrecognized @@ -11230,7 +11228,7 @@ Manual requirement that such warnings appear). @item @code{-gnatwG} -@emph{Suppress warnings on unrecognized pragmas.} +`Suppress warnings on unrecognized pragmas.' This switch suppresses warnings for unrecognized pragmas. @end table @@ -11242,7 +11240,7 @@ This switch suppresses warnings for unrecognized pragmas. @item @code{-gnatw.g} -@emph{Warnings used for GNAT sources.} +`Warnings used for GNAT sources.' This switch sets the warning categories that are used by the standard GNAT style. Currently this is equivalent to @@ -11257,7 +11255,7 @@ but more warnings may be added in the future without advanced notice. @item @code{-gnatwh} -@emph{Activate warnings on hiding.} +`Activate warnings on hiding.' @geindex Hiding of Declarations @@ -11274,7 +11272,7 @@ code. The default is that warnings on hiding are not generated. @item @code{-gnatwH} -@emph{Suppress warnings on hiding.} +`Suppress warnings on hiding.' This switch suppresses warnings on hiding declarations. @end table @@ -11286,7 +11284,7 @@ This switch suppresses warnings on hiding declarations. @item @code{-gnatw.h} -@emph{Activate warnings on holes/gaps in records.} +`Activate warnings on holes/gaps in records.' @geindex Record Representation (gaps) @@ -11303,7 +11301,7 @@ should specify a contiguous layout, adding unused fill fields if needed. @item @code{-gnatw.H} -@emph{Suppress warnings on holes/gaps in records.} +`Suppress warnings on holes/gaps in records.' This switch suppresses warnings on component clauses in record representation clauses that leave holes (haps) in the record layout. @@ -11316,16 +11314,16 @@ representation clauses that leave holes (haps) in the record layout. @item @code{-gnatwi} -@emph{Activate warnings on implementation units.} +`Activate warnings on implementation units.' -This switch activates warnings for a @emph{with} of an internal GNAT +This switch activates warnings for a `with' of an internal GNAT implementation unit, defined as any unit from the @code{Ada}, @code{Interfaces}, @code{GNAT}, or @code{System} hierarchies that is not documented in either the Ada Reference Manual or the GNAT Programmer’s Reference Manual. Such units are intended only -for internal implementation purposes and should not be @emph{with}ed +for internal implementation purposes and should not be `with'ed by user programs. The default is that such warnings are generated @end table @@ -11336,9 +11334,9 @@ by user programs. The default is that such warnings are generated @item @code{-gnatwI} -@emph{Disable warnings on implementation units.} +`Disable warnings on implementation units.' -This switch disables warnings for a @emph{with} of an internal GNAT +This switch disables warnings for a `with' of an internal GNAT implementation unit. @end table @@ -11349,7 +11347,7 @@ implementation unit. @item @code{-gnatw.i} -@emph{Activate warnings on overlapping actuals.} +`Activate warnings on overlapping actuals.' This switch enables a warning on statically detectable overlapping actuals in a subprogram call, when one of the actuals is an in-out parameter, and the @@ -11363,7 +11361,7 @@ types of the actuals are not by-copy types. This warning is off by default. @item @code{-gnatw.I} -@emph{Disable warnings on overlapping actuals.} +`Disable warnings on overlapping actuals.' This switch disables warnings on overlapping actuals in a call. @end table @@ -11375,7 +11373,7 @@ This switch disables warnings on overlapping actuals in a call. @item @code{-gnatwj} -@emph{Activate warnings on obsolescent features (Annex J).} +`Activate warnings on obsolescent features (Annex J).' @geindex Features @geindex obsolescent @@ -11411,7 +11409,7 @@ Second, the restriction does flag uses of package @code{ASCII}. @item @code{-gnatwJ} -@emph{Suppress warnings on obsolescent features (Annex J).} +`Suppress warnings on obsolescent features (Annex J).' This switch disables warnings on use of obsolescent features. @end table @@ -11423,7 +11421,7 @@ This switch disables warnings on use of obsolescent features. @item @code{-gnatw.j} -@emph{Activate warnings on late declarations of tagged type primitives.} +`Activate warnings on late declarations of tagged type primitives.' This switch activates warnings on visible primitives added to a tagged type after deriving a private extension from it. @@ -11436,7 +11434,7 @@ tagged type after deriving a private extension from it. @item @code{-gnatw.J} -@emph{Suppress warnings on late declarations of tagged type primitives.} +`Suppress warnings on late declarations of tagged type primitives.' This switch suppresses warnings on visible primitives added to a tagged type after deriving a private extension from it. @@ -11449,7 +11447,7 @@ tagged type after deriving a private extension from it. @item @code{-gnatwk} -@emph{Activate warnings on variables that could be constants.} +`Activate warnings on variables that could be constants.' This switch activates warnings for variables that are initialized but never modified, and then could be declared constants. The default is that @@ -11463,7 +11461,7 @@ such warnings are not given. @item @code{-gnatwK} -@emph{Suppress warnings on variables that could be constants.} +`Suppress warnings on variables that could be constants.' This switch disables warnings on variables that could be declared constants. @end table @@ -11475,7 +11473,7 @@ This switch disables warnings on variables that could be declared constants. @item @code{-gnatw.k} -@emph{Activate warnings on redefinition of names in standard.} +`Activate warnings on redefinition of names in standard.' This switch activates warnings for declarations that declare a name that is defined in package Standard. Such declarations can be confusing, @@ -11492,7 +11490,7 @@ not included in this check. @item @code{-gnatw.K} -@emph{Suppress warnings on redefinition of names in standard.} +`Suppress warnings on redefinition of names in standard.' This switch disables warnings for declarations that declare a name that is defined in package Standard. @@ -11505,7 +11503,7 @@ is defined in package Standard. @item @code{-gnatwl} -@emph{Activate warnings for elaboration pragmas.} +`Activate warnings for elaboration pragmas.' @geindex Elaboration @geindex warnings @@ -11527,7 +11525,7 @@ are not generated. @item @code{-gnatwL} -@emph{Suppress warnings for elaboration pragmas.} +`Suppress warnings for elaboration pragmas.' This switch suppresses warnings for possible elaboration problems. @end table @@ -11539,7 +11537,7 @@ This switch suppresses warnings for possible elaboration problems. @item @code{-gnatw.l} -@emph{List inherited aspects.} +`List inherited aspects.' This switch causes the compiler to list inherited invariants, preconditions, and postconditions from Type_Invariant’Class, Invariant’Class, @@ -11553,7 +11551,7 @@ Pre’Class, and Post’Class aspects. Also list inherited subtype predicates. @item @code{-gnatw.L} -@emph{Suppress listing of inherited aspects.} +`Suppress listing of inherited aspects.' This switch suppresses listing of inherited aspects. @end table @@ -11565,7 +11563,7 @@ This switch suppresses listing of inherited aspects. @item @code{-gnatwm} -@emph{Activate warnings on modified but unreferenced variables.} +`Activate warnings on modified but unreferenced variables.' This switch activates warnings for variables that are assigned (using an initialization value or with one or more assignment statements) but @@ -11582,7 +11580,7 @@ The default is that these warnings are not given. @item @code{-gnatwM} -@emph{Disable warnings on modified but unreferenced variables.} +`Disable warnings on modified but unreferenced variables.' This switch disables warnings for variables that are assigned or initialized, but never read. @@ -11595,7 +11593,7 @@ initialized, but never read. @item @code{-gnatw.m} -@emph{Activate warnings on suspicious modulus values.} +`Activate warnings on suspicious modulus values.' This switch activates warnings for modulus values that seem suspicious. The cases caught are where the size is the same as the modulus (e.g. @@ -11615,7 +11613,7 @@ integers after wrap-around. The default is that these warnings are given. @item @code{-gnatw.M} -@emph{Disable warnings on suspicious modulus values.} +`Disable warnings on suspicious modulus values.' This switch disables warnings for suspicious modulus values. @end table @@ -11627,7 +11625,7 @@ This switch disables warnings for suspicious modulus values. @item @code{-gnatwn} -@emph{Set normal warnings mode.} +`Set normal warnings mode.' This switch sets normal warning mode, in which enabled warnings are issued and treated as warnings rather than errors. This is the default @@ -11648,7 +11646,7 @@ use of @code{-gnatg}. @item @code{-gnatw.n} -@emph{Activate warnings on atomic synchronization.} +`Activate warnings on atomic synchronization.' This switch actives warnings when an access to an atomic variable requires the generation of atomic synchronization code. These @@ -11662,7 +11660,7 @@ warnings are off by default. @item @code{-gnatw.N} -@emph{Suppress warnings on atomic synchronization.} +`Suppress warnings on atomic synchronization.' @geindex Atomic Synchronization @geindex warnings @@ -11681,7 +11679,7 @@ requires the generation of atomic synchronization code. @item @code{-gnatwo} -@emph{Activate warnings on address clause overlays.} +`Activate warnings on address clause overlays.' This switch activates warnings for possibly unintended initialization effects of defining address clauses that cause one variable to overlap @@ -11695,7 +11693,7 @@ another. The default is that such warnings are generated. @item @code{-gnatwO} -@emph{Suppress warnings on address clause overlays.} +`Suppress warnings on address clause overlays.' This switch suppresses warnings on possibly unintended initialization effects of defining address clauses that cause one variable to overlap @@ -11709,7 +11707,7 @@ another. @item @code{-gnatw.o} -@emph{Activate warnings on modified but unreferenced out parameters.} +`Activate warnings on modified but unreferenced out parameters.' This switch activates warnings for variables that are modified by using them as actuals for a call to a procedure with an out mode formal, where @@ -11729,7 +11727,7 @@ The default is that these warnings are not given. @item @code{-gnatw.O} -@emph{Disable warnings on modified but unreferenced out parameters.} +`Disable warnings on modified but unreferenced out parameters.' This switch suppresses warnings for variables that are modified by using them as actuals for a call to a procedure with an out mode formal, where @@ -11746,7 +11744,7 @@ the resulting assigned value is never read. @item @code{-gnatwp} -@emph{Activate warnings on ineffective pragma Inlines.} +`Activate warnings on ineffective pragma Inlines.' This switch activates warnings for failure of front end inlining (activated by @code{-gnatN}) to inline a particular call. There are @@ -11764,7 +11762,7 @@ separately, using the gcc switch -Winline. @item @code{-gnatwP} -@emph{Suppress warnings on ineffective pragma Inlines.} +`Suppress warnings on ineffective pragma Inlines.' This switch suppresses warnings on ineffective pragma Inlines. If the inlining mechanism cannot inline a call, it will simply ignore the @@ -11781,7 +11779,7 @@ request silently. @item @code{-gnatw.p} -@emph{Activate warnings on parameter ordering.} +`Activate warnings on parameter ordering.' This switch activates warnings for cases of suspicious parameter ordering when the list of arguments are all simple identifiers that @@ -11799,7 +11797,7 @@ default is that such warnings are not given. @item @code{-gnatw.P} -@emph{Suppress warnings on parameter ordering.} +`Suppress warnings on parameter ordering.' This switch suppresses warnings on cases of suspicious parameter ordering. @@ -11812,7 +11810,7 @@ ordering. @item @code{-gnatw_p} -@emph{Activate warnings for pedantic checks.} +`Activate warnings for pedantic checks.' This switch activates warnings for the failure of certain pedantic checks. The only case currently supported is a check that the subtype_marks given @@ -11828,7 +11826,7 @@ is that such warnings are not given. @item @code{-gnatw_P} -@emph{Suppress warnings for pedantic checks.} +`Suppress warnings for pedantic checks.' This switch suppresses warnings on violations of pedantic checks. @end table @@ -11843,7 +11841,7 @@ This switch suppresses warnings on violations of pedantic checks. @item @code{-gnatwq} -@emph{Activate warnings on questionable missing parentheses.} +`Activate warnings on questionable missing parentheses.' This switch activates warnings for cases where parentheses are not used and the result is potential ambiguity from a readers point of view. For example @@ -11862,7 +11860,7 @@ is that these warnings are given. @item @code{-gnatwQ} -@emph{Suppress warnings on questionable missing parentheses.} +`Suppress warnings on questionable missing parentheses.' This switch suppresses warnings for cases where the association is not clear and the use of parentheses is preferred. @@ -11878,7 +11876,7 @@ clear and the use of parentheses is preferred. @item @code{-gnatw.q} -@emph{Activate warnings on questionable layout of record types.} +`Activate warnings on questionable layout of record types.' This switch activates warnings for cases where the default layout of a record type, that is to say the layout of its components in textual @@ -11932,7 +11930,7 @@ The default is that these warnings are not given. @item @code{-gnatw.Q} -@emph{Suppress warnings on questionable layout of record types.} +`Suppress warnings on questionable layout of record types.' This switch suppresses warnings for cases where the default layout of a record type would very likely cause inefficiencies. @@ -11945,7 +11943,7 @@ a record type would very likely cause inefficiencies. @item @code{-gnatwr} -@emph{Activate warnings on redundant constructs.} +`Activate warnings on redundant constructs.' This switch activates warnings for redundant constructs. The following is the current list of constructs regarded as redundant: @@ -11993,7 +11991,7 @@ The default is that warnings for redundant constructs are not given. @item @code{-gnatwR} -@emph{Suppress warnings on redundant constructs.} +`Suppress warnings on redundant constructs.' This switch suppresses warnings for redundant constructs. @end table @@ -12005,7 +12003,7 @@ This switch suppresses warnings for redundant constructs. @item @code{-gnatw.r} -@emph{Activate warnings for object renaming function.} +`Activate warnings for object renaming function.' This switch activates warnings for an object renaming that renames a function call, which is equivalent to a constant declaration (as @@ -12020,7 +12018,7 @@ warnings are given. @item @code{-gnatw.R} -@emph{Suppress warnings for object renaming function.} +`Suppress warnings for object renaming function.' This switch suppresses warnings for object renaming function. @end table @@ -12032,7 +12030,7 @@ This switch suppresses warnings for object renaming function. @item @code{-gnatw_r} -@emph{Activate warnings for out-of-order record representation clauses.} +`Activate warnings for out-of-order record representation clauses.' This switch activates warnings for record representation clauses, if the order of component declarations, component clauses, @@ -12047,7 +12045,7 @@ The default is that these warnings are not given. @item @code{-gnatw_R} -@emph{Suppress warnings for out-of-order record representation clauses.} +`Suppress warnings for out-of-order record representation clauses.' @end table @geindex -gnatws (gcc) @@ -12057,7 +12055,7 @@ The default is that these warnings are not given. @item @code{-gnatws} -@emph{Suppress all warnings.} +`Suppress all warnings.' This switch completely suppresses the output of all warning messages from the GNAT front end, including @@ -12082,7 +12080,7 @@ handling of style check messages. @item @code{-gnatw.s} -@emph{Activate warnings on overridden size clauses.} +`Activate warnings on overridden size clauses.' This switch activates warnings on component clauses in record representation clauses where the length given overrides that @@ -12099,7 +12097,7 @@ component type. @item @code{-gnatw.S} -@emph{Suppress warnings on overridden size clauses.} +`Suppress warnings on overridden size clauses.' This switch suppresses warnings on component clauses in record representation clauses that override size clauses, and similar @@ -12119,7 +12117,7 @@ warnings when an array component size overrides a size clause. @item @code{-gnatwt} -@emph{Activate warnings for tracking of deleted conditional code.} +`Activate warnings for tracking of deleted conditional code.' This switch activates warnings for tracking of code in conditionals (IF and CASE statements) that is detected to be dead code which cannot be executed, and @@ -12134,7 +12132,7 @@ useful for detecting deactivated code in certified applications. @item @code{-gnatwT} -@emph{Suppress warnings for tracking of deleted conditional code.} +`Suppress warnings for tracking of deleted conditional code.' This switch suppresses warnings for tracking of deleted conditional code. @end table @@ -12146,7 +12144,7 @@ This switch suppresses warnings for tracking of deleted conditional code. @item @code{-gnatw.t} -@emph{Activate warnings on suspicious contracts.} +`Activate warnings on suspicious contracts.' This switch activates warnings on suspicious contracts. This includes warnings on suspicious postconditions (whether a pragma @code{Postcondition} or a @@ -12168,7 +12166,7 @@ warnings are generated. @item @code{-gnatw.T} -@emph{Suppress warnings on suspicious contracts.} +`Suppress warnings on suspicious contracts.' This switch suppresses warnings on suspicious contracts. @end table @@ -12180,22 +12178,22 @@ This switch suppresses warnings on suspicious contracts. @item @code{-gnatwu} -@emph{Activate warnings on unused entities.} +`Activate warnings on unused entities.' This switch activates warnings to be generated for entities that -are declared but not referenced, and for units that are @emph{with}ed +are declared but not referenced, and for units that are `with'ed and not referenced. In the case of packages, a warning is also generated if no entities in the package are referenced. This means that if a with’ed package is referenced but the only references are in @code{use} clauses or @code{renames} declarations, a warning is still generated. A warning is also generated -for a generic package that is @emph{with}ed but never instantiated. +for a generic package that is `with'ed but never instantiated. In the case where a package or subprogram body is compiled, and there -is a @emph{with} on the corresponding spec +is a `with' on the corresponding spec that is only referenced in the body, a warning is also generated, noting that the -@emph{with} can be moved to the body. The default is that +`with' can be moved to the body. The default is that such warnings are not generated. This switch also activates warnings on unreferenced formals (it includes the effect of @code{-gnatwf}). @@ -12208,7 +12206,7 @@ This switch also activates warnings on unreferenced formals @item @code{-gnatwU} -@emph{Suppress warnings on unused entities.} +`Suppress warnings on unused entities.' This switch suppresses warnings for unused entities and packages. It also turns off warnings on unreferenced formals (and thus includes @@ -12222,13 +12220,13 @@ the effect of @code{-gnatwF}). @item @code{-gnatw.u} -@emph{Activate warnings on unordered enumeration types.} +`Activate warnings on unordered enumeration types.' This switch causes enumeration types to be considered as conceptually unordered, unless an explicit pragma @code{Ordered} is given for the type. The effect is to generate warnings in clients that use explicit comparisons or subranges, since these constructs both treat objects of the type as -ordered. (A @emph{client} is defined as a unit that is other than the unit in +ordered. (A `client' is defined as a unit that is other than the unit in which the type is declared, or its body or subunits.) Please refer to the description of pragma @code{Ordered} in the @cite{GNAT Reference Manual} for further details. @@ -12242,7 +12240,7 @@ The default is that such warnings are not generated. @item @code{-gnatw.U} -@emph{Deactivate warnings on unordered enumeration types.} +`Deactivate warnings on unordered enumeration types.' This switch causes all enumeration types to be considered as ordered, so that no warnings are given for comparisons or subranges for any type. @@ -12257,7 +12255,7 @@ that no warnings are given for comparisons or subranges for any type. @item @code{-gnatwv} -@emph{Activate warnings on unassigned variables.} +`Activate warnings on unassigned variables.' This switch activates warnings for access to variables which may not be properly initialized. The default is that @@ -12278,7 +12276,7 @@ unless the relevant type fully initializes all components. @item @code{-gnatwV} -@emph{Suppress warnings on unassigned variables.} +`Suppress warnings on unassigned variables.' This switch suppresses warnings for access to variables which may not be properly initialized. @@ -12293,7 +12291,7 @@ may not be properly initialized. @item @code{-gnatw.v} -@emph{Activate info messages for non-default bit order.} +`Activate info messages for non-default bit order.' This switch activates messages (labeled “info”, they are not warnings, just informational messages) about the effects of non-default bit-order @@ -12310,7 +12308,7 @@ exact consequences of using this feature. @item @code{-gnatw.V} -@emph{Suppress info messages for non-default bit order.} +`Suppress info messages for non-default bit order.' This switch suppresses information messages for the effects of specifying non-default bit order on record components with component clauses. @@ -12325,7 +12323,7 @@ non-default bit order on record components with component clauses. @item @code{-gnatww} -@emph{Activate warnings on wrong low bound assumption.} +`Activate warnings on wrong low bound assumption.' This switch activates warnings for indexing an unconstrained string parameter with a literal or S’Length. This is a case where the code is assuming that the @@ -12340,7 +12338,7 @@ passed). The default is that such warnings are generated. @item @code{-gnatwW} -@emph{Suppress warnings on wrong low bound assumption.} +`Suppress warnings on wrong low bound assumption.' This switch suppresses warnings for indexing an unconstrained string parameter with a literal or S’Length. Note that this warning can also be suppressed @@ -12363,7 +12361,7 @@ procedure K (S : String) is @item @code{-gnatw.w} -@emph{Activate warnings on Warnings Off pragmas.} +`Activate warnings on Warnings Off pragmas.' This switch activates warnings for use of @code{pragma Warnings (Off, entity)} where either the pragma is entirely useless (because it suppresses no @@ -12382,7 +12380,7 @@ The default is that these warnings are not given. @item @code{-gnatw.W} -@emph{Suppress warnings on unnecessary Warnings Off pragmas.} +`Suppress warnings on unnecessary Warnings Off pragmas.' This switch suppresses warnings for use of @code{pragma Warnings (Off, ...)}. @end table @@ -12396,7 +12394,7 @@ This switch suppresses warnings for use of @code{pragma Warnings (Off, ...)}. @item @code{-gnatwx} -@emph{Activate warnings on Export/Import pragmas.} +`Activate warnings on Export/Import pragmas.' This switch activates warnings on Export/Import pragmas when the compiler detects a possible conflict between the Ada and @@ -12414,7 +12412,7 @@ generated. @item @code{-gnatwX} -@emph{Suppress warnings on Export/Import pragmas.} +`Suppress warnings on Export/Import pragmas.' This switch suppresses warnings on Export/Import pragmas. The sense of this is that you are telling the compiler that @@ -12429,7 +12427,7 @@ should not complain at you. @item @code{-gnatw.x} -@emph{Activate warnings for No_Exception_Propagation mode.} +`Activate warnings for No_Exception_Propagation mode.' This switch activates warnings for exception usage when pragma Restrictions (No_Exception_Propagation) is in effect. Warnings are given for implicit or @@ -12439,7 +12437,7 @@ these warnings are given for units that contain exception handlers. @item @code{-gnatw.X} -@emph{Disable warnings for No_Exception_Propagation mode.} +`Disable warnings for No_Exception_Propagation mode.' This switch disables warnings for exception usage when pragma Restrictions (No_Exception_Propagation) is in effect. @@ -12454,7 +12452,7 @@ This switch disables warnings for exception usage when pragma Restrictions @item @code{-gnatwy} -@emph{Activate warnings for Ada compatibility issues.} +`Activate warnings for Ada compatibility issues.' For the most part, newer versions of Ada are upwards compatible with older versions. For example, Ada 2005 programs will almost @@ -12476,7 +12474,7 @@ was called Ada 0Y, hence the choice of character. @item @code{-gnatwY} -@emph{Disable warnings for Ada compatibility issues.} +`Disable warnings for Ada compatibility issues.' This switch suppresses the warnings intended to help in identifying incompatibilities between Ada language versions. @@ -12491,7 +12489,7 @@ incompatibilities between Ada language versions. @item @code{-gnatw.y} -@emph{Activate information messages for why package spec needs body.} +`Activate information messages for why package spec needs body.' There are a number of cases in which a package spec needs a body. For example, the use of pragma Elaborate_Body, or the declaration @@ -12511,7 +12509,7 @@ body. The default is that such information messages are not output. @item @code{-gnatw.Y} -@emph{Disable information messages for why package spec needs body.} +`Disable information messages for why package spec needs body.' This switch suppresses the output of information messages showing why a package specification needs a body. @@ -12526,7 +12524,7 @@ a package specification needs a body. @item @code{-gnatwz} -@emph{Activate warnings on unchecked conversions.} +`Activate warnings on unchecked conversions.' This switch activates warnings for unchecked conversions where the types are known at compile time to have different @@ -12541,7 +12539,7 @@ generated for subprogram pointers with different conventions. @item @code{-gnatwZ} -@emph{Suppress warnings on unchecked conversions.} +`Suppress warnings on unchecked conversions.' This switch suppresses warnings for unchecked conversions where the types are known at compile time to have different @@ -12557,7 +12555,7 @@ sizes or conventions. @item @code{-gnatw.z} -@emph{Activate warnings for size not a multiple of alignment.} +`Activate warnings for size not a multiple of alignment.' This switch activates warnings for cases of array and record types with specified @code{Size} and @code{Alignment} attributes where the @@ -12575,7 +12573,7 @@ is that such warnings are generated. @item @code{-gnatw.Z} -@emph{Suppress warnings for size not a multiple of alignment.} +`Suppress warnings for size not a multiple of alignment.' This switch suppresses warnings for cases of array and record types with specified @code{Size} and @code{Alignment} attributes where the @@ -12615,7 +12613,7 @@ used in conjunction with an optimization level greater than zero. @table @asis -@item @code{-Wstack-usage=@emph{len}} +@item @code{-Wstack-usage=`len'} Warn if the stack usage of a subprogram might be larger than @code{len} bytes. See @ref{e6,,Static Stack Usage Analysis} for details. @@ -12956,7 +12954,7 @@ combination with optimization, since this can confuse the optimizer. If performance is a consideration, leading to the need to optimize, then the validity checking options should not be used. -The other @code{-gnatV@emph{x}} switches below allow finer-grained +The other @code{-gnatV`x'} switches below allow finer-grained control; you can enable whichever validity checks you desire. However, for most debugging purposes, @code{-gnatVa} is sufficient, and the default @code{-gnatVd} (i.e. standard Ada behavior) is usually @@ -12969,7 +12967,7 @@ the compiler can generate more efficient code, since the range of values is better known at compile time. However, an uninitialized variable can cause wild jumps and memory corruption in this mode. -The @code{-gnatV@emph{x}} switch allows control over the validity +The @code{-gnatV`x'} switch allows control over the validity checking mode as described below. The @code{x} argument is a string of letters that indicate validity checks that are performed or not performed in addition @@ -12982,7 +12980,7 @@ to the default checks required by Ada as described above. @item @code{-gnatVa} -@emph{All validity checks.} +`All validity checks.' All validity checks are turned on. That is, @code{-gnatVa} is @@ -12996,7 +12994,7 @@ equivalent to @code{gnatVcdfimoprst}. @item @code{-gnatVc} -@emph{Validity checks for copies.} +`Validity checks for copies.' The right hand side of assignments, and the initializing values of object declarations are validity checked. @@ -13009,7 +13007,7 @@ object declarations are validity checked. @item @code{-gnatVd} -@emph{Default (RM) validity checks.} +`Default (RM) validity checks.' Some validity checks are done by default following normal Ada semantics (RM 13.9.1 (9-11)). @@ -13033,7 +13031,7 @@ overwriting may occur. @item @code{-gnatVe} -@emph{Validity checks for elementary components.} +`Validity checks for elementary components.' In the absence of this switch, assignments to record or array components are not validity checked, even if validity checks for assignments generally @@ -13052,7 +13050,7 @@ are assigned component by component. @item @code{-gnatVf} -@emph{Validity checks for floating-point values.} +`Validity checks for floating-point values.' In the absence of this switch, validity checking occurs only for discrete values. If @code{-gnatVf} is specified, then validity checking also applies @@ -13072,7 +13070,7 @@ options. For example, @code{-gnatVif} or @code{-gnatVfi} @item @code{-gnatVi} -@emph{Validity checks for `@w{`}in`@w{`} mode parameters.} +`Validity checks for `@w{`}in`@w{`} mode parameters.' Arguments for parameters of mode @code{in} are validity checked in function and procedure calls at the point of call. @@ -13085,7 +13083,7 @@ and procedure calls at the point of call. @item @code{-gnatVm} -@emph{Validity checks for `@w{`}in out`@w{`} mode parameters.} +`Validity checks for `@w{`}in out`@w{`} mode parameters.' Arguments for parameters of mode @code{in out} are validity checked in procedure calls at the point of call. The @code{'m'} here stands for @@ -13103,7 +13101,7 @@ will be subject to validity checking. @item @code{-gnatVn} -@emph{No validity checks.} +`No validity checks.' This switch turns off all validity checking, including the default checking for case statements and left hand side subscripts. Note that the use of @@ -13119,7 +13117,7 @@ is used, it cancels any other @code{-gnatV} previously issued. @item @code{-gnatVo} -@emph{Validity checks for operator and attribute operands.} +`Validity checks for operator and attribute operands.' Arguments for predefined operators and attributes are validity checked. This includes all operators in package @code{Standard}, @@ -13137,7 +13135,7 @@ also made on explicit ranges using @code{..} (e.g., slices, loops etc). @item @code{-gnatVp} -@emph{Validity checks for parameters.} +`Validity checks for parameters.' This controls the treatment of parameters within a subprogram (as opposed to @code{-gnatVi} and @code{-gnatVm} which control validity testing @@ -13156,7 +13154,7 @@ will be checked (or rechecked) within the subprogram. @item @code{-gnatVr} -@emph{Validity checks for function returns.} +`Validity checks for function returns.' The expression in @code{return} statements in functions is validity checked. @@ -13169,7 +13167,7 @@ checked. @item @code{-gnatVs} -@emph{Validity checks for subscripts.} +`Validity checks for subscripts.' All subscripts expressions are checked for validity, whether they appear on the right side or left side (in default mode only left side subscripts @@ -13183,7 +13181,7 @@ are validity checked). @item @code{-gnatVt} -@emph{Validity checks for tests.} +`Validity checks for tests.' Expressions used as conditions in @code{if}, @code{while} or @code{exit} statements are checked, as well as guard expressions in entry calls. @@ -13248,7 +13246,7 @@ checks to be performed. The following checks are defined: @item @code{-gnaty0} -@emph{Specify indentation level.} +`Specify indentation level.' If a digit from 1-9 appears in the string after @code{-gnaty} @@ -13287,7 +13285,7 @@ non-blank line. @item @code{-gnatya} -@emph{Check attribute casing.} +`Check attribute casing.' Attribute names, including the case of keywords such as @code{digits} used as attributes names, must be written in mixed case, that is, the @@ -13302,7 +13300,7 @@ All other letters must be lowercase. @item @code{-gnatyA} -@emph{Use of array index numbers in array attributes.} +`Use of array index numbers in array attributes.' When using the array attributes First, Last, Range, or Length, the index number must be omitted for one-dimensional arrays @@ -13316,7 +13314,7 @@ and is required for multi-dimensional arrays. @item @code{-gnatyb} -@emph{Blanks not allowed at statement end.} +`Blanks not allowed at statement end.' Trailing blanks are not allowed at the end of statements. The purpose of this rule, together with h (no horizontal tabs), is to enforce a canonical format @@ -13330,7 +13328,7 @@ for the use of blanks to separate source tokens. @item @code{-gnatyB} -@emph{Check Boolean operators.} +`Check Boolean operators.' The use of AND/OR operators is not permitted except in the cases of modular operands, array operands, and simple stand-alone boolean variables or @@ -13345,7 +13343,7 @@ required. @item @code{-gnatyc} -@emph{Check comments, double space.} +`Check comments, double space.' Comments must meet the following set of rules: @@ -13407,7 +13405,7 @@ example: @item @code{-gnatyC} -@emph{Check comments, single space.} +`Check comments, single space.' This is identical to @code{c} except that only one space is required following the @code{--} of a comment instead of two. @@ -13420,7 +13418,7 @@ is required following the @code{--} of a comment instead of two. @item @code{-gnatyd} -@emph{Check no DOS line terminators present.} +`Check no DOS line terminators present.' All lines must be terminated by a single ASCII.LF character (in particular the DOS line terminator sequence CR/LF is not @@ -13434,7 +13432,7 @@ allowed). @item @code{-gnatyD} -@emph{Check declared identifiers in mixed case.} +`Check declared identifiers in mixed case.' Declared identifiers must be in mixed case, as in This_Is_An_Identifier. Use -gnatyr in addition to ensure @@ -13448,7 +13446,7 @@ that references match declarations. @item @code{-gnatye} -@emph{Check end/exit labels.} +`Check end/exit labels.' Optional labels on @code{end} statements ending subprograms and on @code{exit} statements exiting named loops, are required to be present. @@ -13461,7 +13459,7 @@ Optional labels on @code{end} statements ending subprograms and on @item @code{-gnatyf} -@emph{No form feeds or vertical tabs.} +`No form feeds or vertical tabs.' Neither form feeds nor vertical tab characters are permitted in the source text. @@ -13474,7 +13472,7 @@ in the source text. @item @code{-gnatyg} -@emph{GNAT style mode.} +`GNAT style mode.' The set of style check switches is set to match that used by the GNAT sources. This may be useful when developing code that is eventually intended to be @@ -13490,7 +13488,7 @@ advance notice. @item @code{-gnatyh} -@emph{No horizontal tabs.} +`No horizontal tabs.' Horizontal tab characters are not permitted in the source text. Together with the b (no blanks at end of line) check, this @@ -13505,7 +13503,7 @@ source tokens. @item @code{-gnatyi} -@emph{Check if-then layout.} +`Check if-then layout.' The keyword @code{then} must appear either on the same line as corresponding @code{if}, or on a line on its own, lined @@ -13519,7 +13517,7 @@ up under the @code{if}. @item @code{-gnatyI} -@emph{check mode IN keywords.} +`check mode IN keywords.' Mode @code{in} (the default mode) is not allowed to be given explicitly. @code{in out} is fine, @@ -13533,7 +13531,7 @@ but not @code{in} on its own. @item @code{-gnatyk} -@emph{Check keyword casing.} +`Check keyword casing.' All keywords must be in lower case (with the exception of keywords such as @code{digits} used as attribute names to which this check @@ -13548,7 +13546,7 @@ this rule even if multiple casing issues exist on a same line. @item @code{-gnatyl} -@emph{Check layout.} +`Check layout.' Layout of statement and declaration constructs must follow the recommendations in the Ada Reference Manual, as indicated by the @@ -13624,11 +13622,11 @@ Clear : @item @code{-gnatyL} -@emph{Set maximum nesting level.} +`Set maximum nesting level.' The maximum level of nesting of constructs (including subprograms, loops, blocks, packages, and conditionals) may not exceed the given value -@emph{nnn}. A value of zero disconnects this style check. +`nnn'. A value of zero disconnects this style check. @end table @geindex -gnatym (gcc) @@ -13638,7 +13636,7 @@ blocks, packages, and conditionals) may not exceed the given value @item @code{-gnatym} -@emph{Check maximum line length.} +`Check maximum line length.' The length of source lines must not exceed 79 characters, including any trailing blanks. The value of 79 allows convenient display on an @@ -13656,10 +13654,10 @@ a single character (however many bytes are needed in the encoding). @item @code{-gnatyM} -@emph{Set maximum line length.} +`Set maximum line length.' The length of lines must not exceed the -given value @emph{nnn}. The maximum value that can be specified is 32767. +given value `nnn'. The maximum value that can be specified is 32767. If neither style option for setting the line length is used, then the default is 255. This also controls the maximum length of lexical elements, where the only restriction is that they must fit on a single line. @@ -13672,7 +13670,7 @@ where the only restriction is that they must fit on a single line. @item @code{-gnatyn} -@emph{Check casing of entities in Standard.} +`Check casing of entities in Standard.' Any identifier from Standard must be cased to match the presentation in the Ada Reference Manual (for example, @@ -13686,7 +13684,7 @@ to match the presentation in the Ada Reference Manual (for example, @item @code{-gnatyN} -@emph{Turn off all style checks.} +`Turn off all style checks.' All style check options are turned off. @end table @@ -13698,7 +13696,7 @@ All style check options are turned off. @item @code{-gnatyo} -@emph{Check order of subprogram bodies.} +`Check order of subprogram bodies.' All subprogram bodies in a given scope (e.g., a package body) must be in alphabetical order. The ordering @@ -13715,7 +13713,7 @@ before Junk10). @item @code{-gnatyO} -@emph{Check that overriding subprograms are explicitly marked as such.} +`Check that overriding subprograms are explicitly marked as such.' This applies to all subprograms of a derived type that override a primitive operation of the type, for both tagged and untagged types. In particular, @@ -13732,7 +13730,7 @@ as an equality operator). @item @code{-gnatyp} -@emph{Check pragma casing.} +`Check pragma casing.' Pragma names must be written in mixed case, that is, the initial letter and any letter following an underscore must be uppercase. @@ -13747,7 +13745,7 @@ allowed as an alternative for Spark_Mode. @item @code{-gnatyr} -@emph{Check references.} +`Check references.' All identifier references must be cased in the same way as the corresponding declaration. No specific casing style is imposed on @@ -13762,7 +13760,7 @@ with declarations. @item @code{-gnatys} -@emph{Check separate specs.} +`Check separate specs.' Separate declarations (‘specs’) are required for subprograms (a body is not allowed to serve as its own declaration). The only @@ -13778,7 +13776,7 @@ the most frequent form of main program procedures. @item @code{-gnatyS} -@emph{Check no statements after then/else.} +`Check no statements after then/else.' No statements are allowed on the same line as a @code{then} or @code{else} keyword following the @@ -13793,7 +13791,7 @@ affected, and a special exception allows a pragma to appear after @code{else}. @item @code{-gnatyt} -@emph{Check token spacing.} +`Check token spacing.' The following token spacing rules are enforced: @@ -13858,7 +13856,7 @@ a @code{not} token and a following @code{in} token. @item @code{-gnatyu} -@emph{Check unnecessary blank lines.} +`Check unnecessary blank lines.' Unnecessary blank lines are not allowed. A blank line is considered unnecessary if it appears at the end of the file, or if more than @@ -13872,7 +13870,7 @@ one blank line occurs in sequence. @item @code{-gnatyx} -@emph{Check extra parentheses.} +`Check extra parentheses.' Unnecessary extra level of parentheses (C-style) are not allowed around conditions in @code{if} statements, @code{while} statements and @@ -13886,7 +13884,7 @@ around conditions in @code{if} statements, @code{while} statements and @item @code{-gnatyy} -@emph{Set all standard style check options.} +`Set all standard style check options.' This is equivalent to @code{gnaty3aAbcefhiklmnprst}, that is all checking options enabled with the exception of @code{-gnatyB}, @code{-gnatyd}, @@ -13901,15 +13899,15 @@ options enabled with the exception of @code{-gnatyB}, @code{-gnatyd}, @item @code{-gnaty-} -@emph{Remove style check options.} +`Remove style check options.' This causes any subsequent options in the string to act as canceling the corresponding style check option. To cancel maximum nesting level control, use the @code{L} parameter without any integer value after that, because any -digit following @emph{-} in the parameter string of the @code{-gnaty} +digit following `-' in the parameter string of the @code{-gnaty} option will be treated as canceling the indentation check. The same is true for the @code{M} parameter. @code{y} and @code{N} parameters are not -allowed after @emph{-}. +allowed after `-'. @end table @geindex -gnaty+ (gcc) @@ -13919,7 +13917,7 @@ allowed after @emph{-}. @item @code{-gnaty+} -@emph{Enable style check options.} +`Enable style check options.' This causes any subsequent options in the string to enable the corresponding style check option. That is, it cancels the effect of a previous -, @@ -14076,20 +14074,20 @@ controls the mode, using the codes @table @asis -@item @emph{1 = STRICT} +@item `1 = STRICT' In STRICT mode, intermediate operations are always done using the base type, and overflow checking ensures that the result is within the base type range. -@item @emph{2 = MINIMIZED} +@item `2 = MINIMIZED' In MINIMIZED mode, overflows in intermediate operations are avoided where possible by using a larger integer type for the computation (typically @code{Long_Long_Integer}). Overflow checking ensures that the result fits in this larger integer type. -@item @emph{3 = ELIMINATED} +@item `3 = ELIMINATED' In ELIMINATED mode, overflows in intermediate operations are avoided by using multi-precision arithmetic. In this case, overflow checking @@ -14216,7 +14214,7 @@ $ Otherwise, the output is simply the error messages, if any. No object file or ALI file is generated by a syntax-only compilation. Also, no units other than the one specified are accessed. For example, if a unit @code{X} -@emph{with}s a unit @code{Y}, compiling unit @code{X} in syntax +`with's a unit @code{Y}, compiling unit @code{X} in syntax check only mode does not access the source file containing unit @code{Y}. @@ -14325,7 +14323,7 @@ with optional bodies), it is not necessary to specify the exceptions, Ada 95 and Ada 2005 are upwardly compatible with Ada 83. Thus a correct Ada 83 program is usually also a correct program in these later versions of the language standard. For further information -please refer to the @emph{Compatibility and Porting Guide} chapter in the +please refer to the `Compatibility and Porting Guide' chapter in the @cite{GNAT Reference Manual}. @end table @@ -14434,7 +14432,7 @@ extensions, see the GNAT reference manual, @code{Pragma Extensions_Allowed}. @table @asis -@item @code{-gnati@emph{c}} +@item @code{-gnati`c'} Normally GNAT recognizes the Latin-1 character set in source program identifiers, as described in the Ada Reference Manual. @@ -14446,7 +14444,7 @@ single character indicating the character set, as follows: @multitable {xxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} @item -@emph{1} +`1' @tab @@ -14454,7 +14452,7 @@ ISO 8859-1 (Latin-1) identifiers @item -@emph{2} +`2' @tab @@ -14462,7 +14460,7 @@ ISO 8859-2 (Latin-2) letters allowed in identifiers @item -@emph{3} +`3' @tab @@ -14470,7 +14468,7 @@ ISO 8859-3 (Latin-3) letters allowed in identifiers @item -@emph{4} +`4' @tab @@ -14478,7 +14476,7 @@ ISO 8859-4 (Latin-4) letters allowed in identifiers @item -@emph{5} +`5' @tab @@ -14486,7 +14484,7 @@ ISO 8859-5 (Cyrillic) letters allowed in identifiers @item -@emph{9} +`9' @tab @@ -14494,7 +14492,7 @@ ISO 8859-15 (Latin-9) letters allowed in identifiers @item -@emph{p} +`p' @tab @@ -14502,7 +14500,7 @@ IBM PC letters (code page 437) allowed in identifiers @item -@emph{8} +`8' @tab @@ -14510,7 +14508,7 @@ IBM PC letters (code page 850) allowed in identifiers @item -@emph{f} +`f' @tab @@ -14518,7 +14516,7 @@ Full upper-half codes allowed in identifiers @item -@emph{n} +`n' @tab @@ -14526,7 +14524,7 @@ No upper-half codes allowed in identifiers @item -@emph{w} +`w' @tab @@ -14545,7 +14543,7 @@ implementation of these character sets. @table @asis -@item @code{-gnatW@emph{e}} +@item @code{-gnatW`e'} Specify the method of encoding for wide characters. @code{e} is one of the following: @@ -14554,7 +14552,7 @@ Specify the method of encoding for wide characters. @multitable {xxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} @item -@emph{h} +`h' @tab @@ -14562,7 +14560,7 @@ Hex encoding (brackets coding also recognized) @item -@emph{u} +`u' @tab @@ -14570,7 +14568,7 @@ Upper half encoding (brackets encoding also recognized) @item -@emph{s} +`s' @tab @@ -14578,7 +14576,7 @@ Shift/JIS encoding (brackets encoding also recognized) @item -@emph{e} +`e' @tab @@ -14586,7 +14584,7 @@ EUC encoding (brackets encoding also recognized) @item -@emph{8} +`8' @tab @@ -14594,7 +14592,7 @@ UTF-8 encoding (brackets encoding also recognized) @item -@emph{b} +`b' @tab @@ -14661,7 +14659,7 @@ This is a common mode for many programs with foreign language comments. @table @asis -@item @code{-gnatk@emph{n}} +@item @code{-gnatk`n'} Activates file name ‘krunching’. @code{n}, a decimal integer in the range 1-999, indicates the maximum allowable length of a file name (not @@ -14760,7 +14758,7 @@ react to a compilation failure. Those exit status are: @multitable {xxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} @item -@emph{5} +`5' @tab @@ -14768,7 +14766,7 @@ There was an error in at least one source file. @item -@emph{3} +`3' @tab @@ -14776,7 +14774,7 @@ At least one source file did not generate an object file. @item -@emph{2} +`2' @tab @@ -14784,7 +14782,7 @@ The compiler died unexpectedly (internal error for example). @item -@emph{0} +`0' @tab @@ -14809,7 +14807,7 @@ An object file has been generated for every source file. @table @asis -@item @code{-gnatd@emph{x}} +@item @code{-gnatd`x'} Activate internal debugging switches. @code{x} is a letter or digit, or string of letters or digits, which specifies the type of debugging @@ -14824,7 +14822,7 @@ file @code{debug.adb}. @table @asis -@item @code{-gnatG[=@emph{nn}]} +@item @code{-gnatG[=`nn']} This switch causes the compiler to generate auxiliary output containing a pseudo-source listing of the generated expanded code. Like most Ada @@ -14860,47 +14858,47 @@ in the expanded source (as comment lines with the original line number). @table @asis -@item @code{new @emph{xxx} [storage_pool = @emph{yyy}]} +@item @code{new @var{xxx} [storage_pool = @var{yyy}]} Shows the storage pool being used for an allocator. -@item @code{at end @emph{procedure-name};} +@item @code{at end @var{procedure-name};} Shows the finalization (cleanup) procedure for a scope. -@item @code{(if @emph{expr} then @emph{expr} else @emph{expr})} +@item @code{(if @var{expr} then @var{expr} else @var{expr})} Conditional expression equivalent to the @code{x?y:z} construction in C. -@item @code{@emph{target}^(@emph{source})} +@item @code{@var{target}^(@var{source})} A conversion with floating-point truncation instead of rounding. -@item @code{@emph{target}?(@emph{source})} +@item @code{@var{target}?(@var{source})} A conversion that bypasses normal Ada semantic checking. In particular enumeration types and fixed-point types are treated simply as integers. -@item @code{@emph{target}?^(@emph{source})} +@item @code{@var{target}?^(@var{source})} Combines the above two cases. @end table -@code{@emph{x} #/ @emph{y}} +@code{@var{x} #/ @var{y}} -@code{@emph{x} #mod @emph{y}} +@code{@var{x} #mod @var{y}} -@code{@emph{x} # @emph{y}} +@code{@var{x} # @var{y}} @table @asis -@item @code{@emph{x} #rem @emph{y}} +@item @code{@var{x} #rem @var{y}} A division or multiplication of fixed-point values which are treated as integers without any kind of scaling. -@item @code{free @emph{expr} [storage_pool = @emph{xxx}]} +@item @code{free @var{expr} [storage_pool = @var{xxx}]} Shows the storage pool associated with a @code{free} statement. @@ -14909,30 +14907,30 @@ Shows the storage pool associated with a @code{free} statement. Used to list an equivalent declaration for an internally generated type that is referenced elsewhere in the listing. -@item @code{freeze @emph{type-name} [@emph{actions}]} +@item @code{freeze @var{type-name} [@var{actions}]} Shows the point at which @code{type-name} is frozen, with possible associated actions to be performed at the freeze point. -@item @code{reference @emph{itype}} +@item @code{reference @var{itype}} Reference (and hence definition) to internal type @code{itype}. -@item @code{@emph{function-name}! (@emph{arg}, @emph{arg}, @emph{arg})} +@item @code{@var{function-name}! (@var{arg}, @var{arg}, @var{arg})} Intrinsic function call. -@item @code{@emph{label-name} : label} +@item @code{@var{label-name} : label} Declaration of label @code{labelname}. -@item @code{#$ @emph{subprogram-name}} +@item @code{#$ @var{subprogram-name}} An implicit call to a run-time support routine (to meet the requirement of H.3.1(9) in a convenient manner). -@item @code{@emph{expr} && @emph{expr} && @emph{expr} ... && @emph{expr}} +@item @code{@var{expr} && @var{expr} && @var{expr} ... && @var{expr}} A multiple concatenation (same effect as @code{expr} & @code{expr} & @code{expr}, but handled more efficiently). @@ -14941,15 +14939,15 @@ A multiple concatenation (same effect as @code{expr} & @code{expr} & Raise the @code{Constraint_Error} exception. -@item @code{@emph{expression}'reference} +@item @code{@var{expression}'reference} A pointer to the result of evaluating @{expression@}. -@item @code{@emph{target-type}!(@emph{source-expression})} +@item @code{@var{target-type}!(@var{source-expression})} An unchecked conversion of @code{source-expression} to @code{target-type}. -@item @code{[@emph{numerator}/@emph{denominator}]} +@item @code{[@var{numerator}/@var{denominator}]} Used to represent internal real literals (that) have no exact representation in base 2-16 (for example, the result of compile time @@ -15225,7 +15223,7 @@ through the compilation and binding steps. @table @asis -@item @code{-gnatem=@emph{path}} +@item @code{-gnatem=`path'} A mapping file is a way to communicate to the compiler two mappings: from unit names to file names (without any directory information) and from @@ -15308,7 +15306,7 @@ Linker switches can be specified after @code{-largs} builder switch. @table @asis -@item @code{-fuse-ld=@emph{name}} +@item @code{-fuse-ld=`name'} Linker to be used. The default is @code{bfd} for @code{ld.bfd}, the alternative being @code{gold} for @code{ld.gold}. The later is @@ -15519,7 +15517,7 @@ Specify directory to be searched for source file. @table @asis -@item @code{-A[=@emph{filename}]} +@item @code{-A[=`filename']} Output ALI list (to standard output or to the named file). @end table @@ -15549,7 +15547,7 @@ Check only, no generation of binder output file. @table @asis -@item @code{-d@emph{nn}[k|m]} +@item @code{-d`nn'[k|m]} This switch can be used to change the default task stack size value to a specified size @code{nn}, which is expressed in bytes by default, or @@ -15570,7 +15568,7 @@ When they do not already have such a pragma. @table @asis -@item @code{-D@emph{nn}[k|m]} +@item @code{-D`nn'[k|m]} Set the default secondary stack size to @code{nn}. The suffix indicates whether the size is in bytes (no suffix), kilobytes (@code{k} suffix) or megabytes @@ -15646,7 +15644,7 @@ Currently the same as @code{-Ea}. @table @asis -@item @code{-f@emph{elab-order}} +@item @code{-f`elab-order'} Force elaboration order. For further details see @ref{111,,Elaboration Control} and @ref{f,,Elaboration Order Handling in GNAT}. @@ -15726,6 +15724,22 @@ Do not look for sources in the current directory where @code{gnatbind} was invoked, and do not look for ALI files in the directory containing the ALI file named in the @code{gnatbind} command line. +@geindex -k (gnatbind) + +@item @code{-k} + +Disable checking of elaboration flags. When using @code{-n} +either explicitly or implicitly, @code{-F} is also implied, +unless @code{-k} is used. This switch should be used with care +and you should ensure manually that elaboration routines are not called +twice unintentionally. + +@geindex -K (gnatbind) + +@item @code{-K} + +Give list of linker options specified for link. + @geindex -l (gnatbind) @item @code{-l} @@ -15734,25 +15748,25 @@ Output chosen elaboration order. @geindex -L (gnatbind) -@item @code{-L@emph{xxx}} +@item @code{-L`xxx'} Bind the units for library building. In this case the @code{adainit} and @code{adafinal} procedures (@ref{a0,,Binding with Non-Ada Main Programs}) -are renamed to @code{@emph{xxx}init} and -@code{@emph{xxx}final}. +are renamed to @code{@var{xxx}init} and +@code{@var{xxx}final}. Implies -n. (@ref{2a,,GNAT and Libraries}, for more details.) @geindex -M (gnatbind) -@item @code{-M@emph{xyz}} +@item @code{-M`xyz'} Rename generated main program from main to xyz. This option is supported on cross environments only. @geindex -m (gnatbind) -@item @code{-m@emph{n}} +@item @code{-m`n'} Limit number of detected errors or warnings to @code{n}, where @code{n} is in the range 1..999999. The default value if no switch is @@ -15769,7 +15783,7 @@ sign is optional. Generate a binder file suitable for space-constrained applications. When active, binder-generated objects not required for program operation are no -longer generated. @strong{Warning:} this option comes with the following +longer generated. `Warning:' this option comes with the following limitations: @@ -15805,14 +15819,14 @@ Do not look for library files in the system default directory. @geindex --RTS (gnatbind) -@item @code{--RTS=@emph{rts-path}} +@item @code{--RTS=`rts-path'} Specifies the default location of the run-time library. Same meaning as the equivalent @code{gnatmake} flag (@ref{ce,,Switches for gnatmake}). @geindex -o (gnatbind) -@item @code{-o @emph{file}} +@item @code{-o `file'} Name the output file @code{file} (default is @code{b~`xxx}.adb`). Note that if this option is used, then linking must be done manually, @@ -15820,7 +15834,7 @@ gnatlink cannot be used. @geindex -O (gnatbind) -@item @code{-O[=@emph{filename}]} +@item @code{-O[=`filename']} Output object list (to standard output or to the named file). @@ -15857,7 +15871,7 @@ Require all source files to be present. @geindex -S (gnatbind) -@item @code{-S@emph{xxx}} +@item @code{-S`xxx'} Specifies the value to be used when detecting uninitialized scalar objects with pragma Initialize_Scalars. @@ -15911,8 +15925,8 @@ then a 32-bit scalar value will be set to the bit patterm @code{16#BFBFBFBF#}. In addition, you can specify @code{-Sev} to indicate that the value is to be set at run time. In this case, the program will look for an environment -variable of the form @code{GNAT_INIT_SCALARS=@emph{yy}}, where @code{yy} is one -of @code{in/lo/hi/@emph{xx}} with the same meanings as above. +variable of the form @code{GNAT_INIT_SCALARS=@var{yy}}, where @code{yy} is one +of @code{in/lo/hi/@var{xx}} with the same meanings as above. If no environment variable is found, or if it does not have a valid value, then the default is @code{in} (invalid values). @end table @@ -15940,7 +15954,7 @@ Tolerate time stamp and other consistency errors. @geindex -T (gnatbind) -@item @code{-T@emph{n}} +@item @code{-T`n'} Set the time slice value to @code{n} milliseconds. If the system supports the specification of a specific time slice value, then the indicated value @@ -15956,7 +15970,7 @@ scheduling policy to @code{FIFO_Within_Priorities}. @geindex -u (gnatbind) -@item @code{-u@emph{n}} +@item @code{-u`n'} Enable dynamic stack usage, with @code{n} results stored and displayed at program termination. A result is generated when a task @@ -15973,7 +15987,7 @@ Verbose mode. Write error messages, header, summary output to @geindex -V (gnatbind) -@item @code{-V@emph{key}=@emph{value}} +@item @code{-V`key'=`value'} Store the given association of @code{key} to @code{value} in the bind environment. Values stored this way can be retrieved at run time using @@ -15981,13 +15995,13 @@ Values stored this way can be retrieved at run time using @geindex -w (gnatbind) -@item @code{-w@emph{x}} +@item @code{-w`x'} Warning mode; @code{x} = s/e for suppress/treat as error. @geindex -Wx (gnatbind) -@item @code{-Wx@emph{e}} +@item @code{-Wx`e'} Override default wide character encoding for standard Text_IO files. @@ -16010,7 +16024,7 @@ at streaming 128-bit integer types with it. @geindex -Xnnn (gnatbind) -@item @code{-X@emph{nnn}} +@item @code{-X`nnn'} Set default exit status value, normally 0 for POSIX compliance. @@ -16069,7 +16083,7 @@ file is an error. @geindex -Wx (gnatbind) -@item @code{-Wx@emph{e}} +@item @code{-Wx`e'} Override default wide character encoding for standard Text_IO files. Normally the default wide character encoding method used for standard @@ -16128,14 +16142,14 @@ specified. This is relevant only when used with the @geindex -m (gnatbind) -@item @code{-m@emph{n}} +@item @code{-m`n'} Limits the number of error messages to @code{n}, a decimal integer in the range 1-999. The binder terminates immediately if this limit is reached. @geindex -M (gnatbind) -@item @code{-M@emph{xxx}} +@item @code{-M`xxx'} Renames the generated main program from @code{main} to @code{xxx}. This is useful in the case of some cross-building environments, where @@ -16218,7 +16232,7 @@ order. For further details see @ref{f,,Elaboration Order Handling in GNAT}. @table @asis -@item @code{-f@emph{elab-order}} +@item @code{-f`elab-order'} Force elaboration order. @@ -16353,7 +16367,7 @@ directory names for the run-time units depend on the system configuration. @geindex -o (gnatbind) -@item @code{-o @emph{file}} +@item @code{-o `file'} Set name of output file to @code{file} instead of the normal @code{b~`mainprog}.adb` default. Note that @code{file} denote the Ada @@ -16473,7 +16487,7 @@ is given, more than one ALI file may appear on the command line for @code{gnatbind}. The normal @code{closure} calculation is performed for each of the specified units. Calculating the closure means finding out the set of units involved by tracing -@emph{with} references. The reason it is necessary to be able to +`with' references. The reason it is necessary to be able to specify more than one ALI file is that a given program may invoke two or more quite separate groups of Ada units. @@ -16544,9 +16558,9 @@ char **gnat_argv; are declared in one of the GNAT library routines. These variables must be set from the actual @code{argc} and @code{argv} values passed to the -main program. With no @emph{n} present, @code{gnatbind} +main program. With no `n' present, @code{gnatbind} generates the C main program to automatically set these variables. -If the @emph{n} switch is used, there is no automatic way to +If the `n' switch is used, there is no automatic way to set these variables. If they are not set, the procedures in @code{Ada.Command_Line} will not be available, and any attempt to use them will raise @code{Constraint_Error}. If command line access is @@ -16628,9 +16642,9 @@ instead if you want to specify source paths only, and @code{-aO} if you want to specify library paths only. This means that for the binder -@code{-I@emph{dir}} is equivalent to -@code{-aI@emph{dir}} -@code{-aO`@emph{dir}}. +@code{-I`dir'} is equivalent to +@code{-aI`dir'} +@code{-aO``dir'}. The binder generates the bind file (a C language source file) in the current working directory. @@ -16881,7 +16895,7 @@ it compiles the binder file, and that the system linker run in verbose mode. @table @asis -@item @code{-o @emph{exec-name}} +@item @code{-o `exec-name'} @code{exec-name} specifies an alternate name for the generated executable program. If this switch is omitted, the executable has the same @@ -16894,7 +16908,7 @@ an executable called @code{try}. @table @asis -@item @code{-B@emph{dir}} +@item @code{-B`dir'} Load compiler executables (for example, @code{gnat1}, the Ada compiler) from @code{dir} instead of the default location. Only use this switch @@ -16920,7 +16934,7 @@ has the same name as the executable with extension “.map”. @table @asis -@item @code{-M=@emph{mapfile}} +@item @code{-M=`mapfile'} When linking an executable, create a map file. The name of the map file is @code{mapfile}. @@ -16931,7 +16945,7 @@ When linking an executable, create a map file. The name of the map file is @table @asis -@item @code{--GCC=@emph{compiler_name}} +@item @code{--GCC=`compiler_name'} Program used for compiling the binder file. The default is @code{gcc}. You need to use quotes around @code{compiler_name} if @@ -16958,7 +16972,7 @@ into account. Thus, @table @asis -@item @code{--LINK=@emph{name}} +@item @code{--LINK=`name'} @code{name} is the name of the linker to be invoked. This is especially useful in mixed language programs since languages such as C++ require @@ -17366,7 +17380,7 @@ Display copyright and version, then exit disregarding all other options. If @code{--version} was not used, display usage, then exit disregarding all other options. -@item @code{--subdirs=@emph{subdir}} +@item @code{--subdirs=`subdir'} Actual object directory of each project file is the subdirectory subdir of the object directory specified or defaulted in the project file. @@ -17395,7 +17409,7 @@ files, interface copy files, binder generated files and executable files. @table @asis -@item @code{-D @emph{dir}} +@item @code{-D `dir'} Indicate that ALI and object files should normally be found in directory @code{dir}. @end table @@ -17439,7 +17453,7 @@ that would have been deleted if this switch was not specified. @table @asis -@item @code{-P@emph{project}} +@item @code{-P`project'} Use project file @code{project}. Only one such switch can be used. When cleaning a project file, the files produced by the compilation of the @@ -17488,7 +17502,7 @@ Verbose mode. @table @asis -@item @code{-vP@emph{x}} +@item @code{-vP`x'} Indicates the verbosity of the parsing of GNAT project files. @ref{cf,,Switches Related to Project Files}. @@ -17499,7 +17513,7 @@ Indicates the verbosity of the parsing of GNAT project files. @table @asis -@item @code{-X@emph{name}=@emph{value}} +@item @code{-X`name'=`value'} Indicates that external variable @code{name} has the value @code{value}. The Project Manager will use this value for occurrences of @@ -17512,7 +17526,7 @@ See @ref{cf,,Switches Related to Project Files}. @table @asis -@item @code{-aO@emph{dir}} +@item @code{-aO`dir'} When searching for ALI and object files, look in directory @code{dir}. @end table @@ -17522,9 +17536,9 @@ When searching for ALI and object files, look in directory @code{dir}. @table @asis -@item @code{-I@emph{dir}} +@item @code{-I`dir'} -Equivalent to @code{-aO@emph{dir}}. +Equivalent to @code{-aO`dir'}. @end table @geindex -I- (gnatclean) @@ -17613,12 +17627,12 @@ qualifier which can be: @table @asis -@item @emph{OK (unchanged)} +@item `OK (unchanged)' The version of the source file used for the compilation of the specified unit corresponds exactly to the actual source file. -@item @emph{MOK (slightly modified)} +@item `MOK (slightly modified)' The version of the source file used for the compilation of the specified unit differs from the actual source file but not enough to @@ -17626,16 +17640,16 @@ require recompilation. If you use gnatmake with the option @code{-m} (minimal recompilation), a file marked MOK will not be recompiled. -@item @emph{DIF (modified)} +@item `DIF (modified)' No version of the source found on the path corresponds to the source used to build this object. -@item @emph{??? (file not found)} +@item `??? (file not found)' No source file was found for this unit. -@item @emph{HID (hidden, unchanged version not first on PATH)} +@item `HID (hidden, unchanged version not first on PATH)' The version of the source that corresponds exactly to the source used for compilation has been found on the path but it is hidden by another @@ -17736,7 +17750,7 @@ Only output information about compilation units. @table @asis -@item @code{-files=@emph{file}} +@item @code{-files=`file'} Take as arguments the files listed in text file @code{file}. Text file @code{file} may contain empty lines that are ignored. @@ -17755,7 +17769,7 @@ Several such switches may be specified simultaneously. @table @asis -@item @code{-aO@emph{dir}}, @code{-aI@emph{dir}}, @code{-I@emph{dir}}, @code{-I-}, @code{-nostdinc} +@item @code{-aO`dir'}, @code{-aI`dir'}, @code{-I`dir'}, @code{-I-}, @code{-nostdinc} Source path manipulation. Same meaning as the equivalent @code{gnatmake} flags (@ref{ce,,Switches for gnatmake}). @@ -17766,7 +17780,7 @@ flags (@ref{ce,,Switches for gnatmake}). @table @asis -@item @code{-aP@emph{dir}} +@item @code{-aP`dir'} Add @code{dir} at the beginning of the project search dir. @end table @@ -17776,7 +17790,7 @@ Add @code{dir} at the beginning of the project search dir. @table @asis -@item @code{--RTS=@emph{rts-path}} +@item @code{--RTS=`rts-path'} Specifies the default location of the runtime library. Same meaning as the equivalent @code{gnatmake} flag (@ref{ce,,Switches for gnatmake}). @@ -17798,29 +17812,29 @@ characteristics such as: @itemize * @item -@emph{Preelaborable}: The unit is preelaborable in the Ada sense. +`Preelaborable': The unit is preelaborable in the Ada sense. @item -@emph{No_Elab_Code}: No elaboration code has been produced by the compiler for this unit. +`No_Elab_Code': No elaboration code has been produced by the compiler for this unit. @item -@emph{Pure}: The unit is pure in the Ada sense. +`Pure': The unit is pure in the Ada sense. @item -@emph{Elaborate_Body}: The unit contains a pragma Elaborate_Body. +`Elaborate_Body': The unit contains a pragma Elaborate_Body. @item -@emph{Remote_Types}: The unit contains a pragma Remote_Types. +`Remote_Types': The unit contains a pragma Remote_Types. @item -@emph{Shared_Passive}: The unit contains a pragma Shared_Passive. +`Shared_Passive': The unit contains a pragma Shared_Passive. @item -@emph{Predefined}: This unit is part of the predefined environment and cannot be modified +`Predefined': This unit is part of the predefined environment and cannot be modified by the user. @item -@emph{Remote_Call_Interface}: The unit contains a pragma Remote_Call_Interface. +`Remote_Call_Interface': The unit contains a pragma Remote_Call_Interface. @end itemize @end table @@ -18101,7 +18115,7 @@ describes some of the additional commands that can be given to @code{GDB}. @code{GDB} contains a large repertoire of commands. See @cite{Debugging with GDB} for extensive documentation on the use of these commands, together with examples of their use. Furthermore, -the command @emph{help} invoked from within GDB activates a simple help +the command `help' invoked from within GDB activates a simple help facility which summarizes the available commands and their options. In this section we summarize a few of the most commonly used commands to give an idea of what @code{GDB} is about. You should create @@ -18116,9 +18130,9 @@ following section. @table @asis -@item @code{set args @emph{arguments}} +@item @code{set args @var{arguments}} -The @emph{arguments} list above is a list of arguments to be passed to +The `arguments' list above is a list of arguments to be passed to the program on a subsequent run command, just as though the arguments had been entered on a normal invocation of the program. The @code{set args} command is not needed if the program does not require arguments. @@ -18141,11 +18155,11 @@ restart. @table @asis -@item @code{breakpoint @emph{location}} +@item @code{breakpoint @var{location}} The breakpoint command sets a breakpoint, that is to say a point at which execution will halt and @code{GDB} will await further -commands. @emph{location} is +commands. `location' is either a line number within a file, given in the format @code{file:linenumber}, or it is the name of a subprogram. If you request that a breakpoint be set on a subprogram that is overloaded, a prompt will ask you to specify on which of @@ -18160,7 +18174,7 @@ printing the line of code before which the program is halted. @table @asis -@item @code{catch exception @emph{name}} +@item @code{catch exception @var{name}} This command causes the program execution to stop whenever exception @code{name} is raised. If @code{name} is omitted, then the execution is @@ -18171,7 +18185,7 @@ suspended when any exception is raised. @table @asis -@item @code{print @emph{expression}} +@item @code{print @var{expression}} This will print the value of the given expression. Most simple Ada expression formats are properly handled by @code{GDB}, so the expression @@ -18260,7 +18274,7 @@ examined to the frame of its callee (the reverse of the previous command), @table @asis -@item @code{frame @emph{n}} +@item @code{frame @var{n}} Inspect the frame with the given number. The value 0 denotes the frame of the current breakpoint, that is to say the top of the call stack. @@ -18400,7 +18414,7 @@ the elements in the desired format. @node Using the next Command in a Function,Stopping When Ada Exceptions Are Raised,Calling User-Defined Subprograms,Running and Debugging Ada Programs @anchor{gnat_ugn/gnat_and_program_execution id8}@anchor{158}@anchor{gnat_ugn/gnat_and_program_execution using-the-next-command-in-a-function}@anchor{159} -@subsection Using the @emph{next} Command in a Function +@subsection Using the `next' Command in a Function When you use the @code{next} command in a function, the current source @@ -18448,10 +18462,10 @@ raises any exception. @table @asis -@item @code{catch exception @emph{name}} +@item @code{catch exception @var{name}} Set a catchpoint that stops execution whenever (any task in the) program -raises the exception @emph{name}. +raises the exception `name'. @end table @item @@ -18468,11 +18482,11 @@ raises an exception for which there is no handler. @table @asis -@item @code{info exceptions}, @code{info exceptions @emph{regexp}} +@item @code{info exceptions}, @code{info exceptions @var{regexp}} The @code{info exceptions} command permits the user to examine all defined -exceptions within Ada programs. With a regular expression, @emph{regexp}, as -argument, prints out only those exceptions whose name matches @emph{regexp}. +exceptions within Ada programs. With a regular expression, `regexp', as +argument, prints out only those exceptions whose name matches `regexp'. @end table @end itemize @@ -18517,25 +18531,25 @@ to refer to tasks in the following commands. @itemize * @item -@code{break} @emph{linespec} @code{task} @emph{taskid}, @code{break} @emph{linespec} @code{task} @emph{taskid} @code{if} … +@code{break} `linespec' @code{task} `taskid', @code{break} `linespec' @code{task} `taskid' @code{if} … @quotation These commands are like the @code{break ... thread ...}. -@emph{linespec} specifies source lines. +`linespec' specifies source lines. -Use the qualifier @code{task @emph{taskid}} with a breakpoint command +Use the qualifier @code{task @var{taskid}} with a breakpoint command to specify that you only want @code{GDB} to stop the program when a -particular Ada task reaches this breakpoint. @emph{taskid} is one of the +particular Ada task reaches this breakpoint. `taskid' is one of the numeric task identifiers assigned by @code{GDB}, shown in the first column of the @code{info tasks} display. -If you do not specify @code{task @emph{taskid}} when you set a -breakpoint, the breakpoint applies to @emph{all} tasks of your +If you do not specify @code{task @var{taskid}} when you set a +breakpoint, the breakpoint applies to `all' tasks of your program. You can use the @code{task} qualifier on conditional breakpoints as -well; in this case, place @code{task @emph{taskid}} before the +well; in this case, place @code{task @var{taskid}} before the breakpoint condition (before the @code{if}). @end quotation @end itemize @@ -18546,11 +18560,11 @@ breakpoint condition (before the @code{if}). @itemize * @item -@code{task @emph{taskno}} +@code{task @var{taskno}} @quotation -This command allows switching to the task referred by @emph{taskno}. In +This command allows switching to the task referred by `taskno'. In particular, this allows browsing of the backtrace of the specified task. It is advisable to switch back to the original task before continuing execution otherwise the scheduling of the program may be @@ -18676,7 +18690,7 @@ It is also possible to use gdbserver to attach to an already running program, in which case the execution of that program is simply suspended until the connection between the debugger and gdbserver is established. -For more information on how to use gdbserver, see the @emph{Using the gdbserver Program} +For more information on how to use gdbserver, see the `Using the gdbserver Program' section in @cite{Debugging with GDB}. GNAT provides support for gdbserver on x86-linux, x86-windows and x86_64-linux. @@ -18863,7 +18877,7 @@ are replaced with run-time calls. Traceback is a mechanism to display the sequence of subprogram calls that leads to a specified execution point in a program. Often (but not always) the execution point is an instruction at which an exception has been raised. -This mechanism is also known as @emph{stack unwinding} because it obtains +This mechanism is also known as `stack unwinding' because it obtains its information by scanning the run-time stack and recovering the activation records of all active subprograms. Stack unwinding is one of the most important tools for program debugging. @@ -18897,12 +18911,14 @@ for a complete list of supported platforms. A runtime non-symbolic traceback is a list of addresses of call instructions. -To enable this feature you must use the @code{-E} -@code{gnatbind} option. With this option a stack traceback is stored as part -of exception information. You can retrieve this information using the -@code{addr2line} tool. +To enable this feature you must use the @code{-E} @code{gnatbind} option. With +this option a stack traceback is stored as part of exception information. -Here is a simple example: +You can translate this information using the @code{addr2line} tool, provided that +the program is compiled with debugging options (see @ref{db,,Compiler Switches}) +and linked at a fixed position with @code{-no-pie}. + +Here is a simple example with @code{gnatmake}: @quotation @@ -18925,12 +18941,12 @@ end STB; @end example @example -$ gnatmake stb -bargs -E +$ gnatmake stb -g -bargs -E -largs -no-pie $ stb -Execution terminated by unhandled exception -Exception name: CONSTRAINT_ERROR -Message: stb.adb:5 +Execution of stb terminated by unhandled exception +raised CONSTRAINT_ERROR : stb.adb:5 explicit raise +Load address: 0x400000 Call stack traceback locations: 0x401373 0x40138b 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 @end example @@ -18939,32 +18955,22 @@ Call stack traceback locations: As we see the traceback lists a sequence of addresses for the unhandled exception @code{CONSTRAINT_ERROR} raised in procedure P1. It is easy to guess that this exception come from procedure P1. To translate these -addresses into the source lines where the calls appear, the -@code{addr2line} tool, described below, is invaluable. The use of this tool -requires the program to be compiled with debug information. +addresses into the source lines where the calls appear, the @code{addr2line} +tool needs to be invoked like this: @quotation @example -$ gnatmake -g stb -bargs -E -$ stb - -Execution terminated by unhandled exception -Exception name: CONSTRAINT_ERROR -Message: stb.adb:5 -Call stack traceback locations: -0x401373 0x40138b 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 - -$ addr2line --exe=stb 0x401373 0x40138b 0x40139c 0x401335 0x4011c4 +$ addr2line -e stb 0x401373 0x40138b 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 -00401373 at d:/stb/stb.adb:5 -0040138B at d:/stb/stb.adb:10 -0040139C at d:/stb/stb.adb:14 -00401335 at d:/stb/b~stb.adb:104 -004011C4 at /build/.../crt1.c:200 -004011F1 at /build/.../crt1.c:222 -77E892A4 in ?? at ??:0 +d:/stb/stb.adb:5 +d:/stb/stb.adb:10 +d:/stb/stb.adb:14 +d:/stb/b~stb.adb:197 +crtexe.c:? +crtexe.c:? +??:0 @end example @end quotation @@ -18973,14 +18979,30 @@ The @code{addr2line} tool has several other useful options: @quotation -@multitable {xxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} +@multitable {xxxxxxxxxxxxxxxxxxxxxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} +@item + +@code{-a --addresses} + +@tab + +to show the addresses alongside the line numbers + @item -@code{--functions} +@code{-f --functions} @tab -to get the function name corresponding to any location +to get the function name corresponding to a location + +@item + +@code{-p --pretty-print} + +@tab + +to print all the information on a single line @item @@ -18988,61 +19010,82 @@ to get the function name corresponding to any location @tab -to use the gnat decoding mode for the function names. -Note that for binutils version 2.9.x the option is -simply @code{--demangle}. +to use the GNAT decoding mode for the function names @end multitable @example -$ addr2line --exe=stb --functions --demangle=gnat 0x401373 0x40138b - 0x40139c 0x401335 0x4011c4 0x4011f1 +$ addr2line -e stb -a -f -p --demangle=gnat 0x401373 0x40138b + 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 -00401373 in stb.p1 at d:/stb/stb.adb:5 -0040138B in stb.p2 at d:/stb/stb.adb:10 -0040139C in stb at d:/stb/stb.adb:14 -00401335 in main at d:/stb/b~stb.adb:104 -004011C4 in <__mingw_CRTStartup> at /build/.../crt1.c:200 -004011F1 in <mainCRTStartup> at /build/.../crt1.c:222 +0x00401373: stb.p1 at d:/stb/stb.adb:5 +0x0040138B: stb.p2 at d:/stb/stb.adb:10 +0x0040139C: stb at d:/stb/stb.adb:14 +0x00401335: main at d:/stb/b~stb.adb:197 +0x004011c4: ?? at crtexe.c:? +0x004011f1: ?? at crtexe.c:? +0x77e892a4: ?? ??:0 @end example @end quotation -From this traceback we can see that the exception was raised in -@code{stb.adb} at line 5, which was reached from a procedure call in -@code{stb.adb} at line 10, and so on. The @code{b~std.adb} is the binder file, -which contains the call to the main program. -@ref{10e,,Running gnatbind}. The remaining entries are assorted runtime routines, -and the output will vary from platform to platform. +From this traceback we can see that the exception was raised in @code{stb.adb} +at line 5, which was reached from a procedure call in @code{stb.adb} at line +10, and so on. The @code{b~std.adb} is the binder file, which contains the +call to the main program. @ref{10e,,Running gnatbind}. The remaining entries are +assorted runtime routines and the output will vary from platform to platform. It is also possible to use @code{GDB} with these traceback addresses to debug the program. For example, we can break at a given code location, as reported in the stack traceback: -@quotation - @example $ gdb -nw stb + +(gdb) break *0x401373 +Breakpoint 1 at 0x401373: file stb.adb, line 5. @end example -@end quotation -Furthermore, this feature is not implemented inside Windows DLL. Only -the non-symbolic traceback is reported in this case. +It is important to note that the stack traceback addresses do not change when +debug information is included. This is particularly useful because it makes it +possible to release software without debug information (to minimize object +size), get a field report that includes a stack traceback whenever an internal +bug occurs, and then be able to retrieve the sequence of calls with the same +program compiled with debug information. -@quotation +However the @code{addr2line} tool does not work with Position-Independent Code +(PIC), the historical example being Windows DLLs, which nowadays encompasses +Position-Independent Executables (PIE) on recent Windows versions. + +In order to translate addresses into the source lines with Position-Independent +Executables on recent Windows versions, in other words without using the switch +@code{-no-pie} during linking, you need to use the @code{gnatsymbolize} tool +with @code{--load} instead of the @code{addr2line} tool. The main difference +is that you need to copy the Load Address output in the traceback ahead of the +sequence of addresses. And the default mode of @code{gnatsymbolize} is equivalent +to that of @code{addr2line} with the above switches, so none of them is needed: @example -(gdb) break *0x401373 -Breakpoint 1 at 0x401373: file stb.adb, line 5. -@end example -@end quotation +$ gnatmake stb -g -bargs -E +$ stb + +Execution of stb terminated by unhandled exception +raised CONSTRAINT_ERROR : stb.adb:5 explicit raise +Load address: 0x400000 +Call stack traceback locations: +0x401373 0x40138b 0x40139c 0x401335 0x4011c4 0x4011f1 0x77e892a4 + +$ gnatsymbolize --load stb 0x400000 0x401373 0x40138b 0x40139c 0x401335 + 0x4011c4 0x4011f1 0x77e892a4 -It is important to note that the stack traceback addresses -do not change when debug information is included. This is particularly useful -because it makes it possible to release software without debug information (to -minimize object size), get a field report that includes a stack traceback -whenever an internal bug occurs, and then be able to retrieve the sequence -of calls with the same program compiled with debug information. +0x00401373 Stb.P1 at stb.adb:5 +0x0040138B Stb.P2 at stb.adb:10 +0x0040139C Stb at stb.adb:14 +0x00401335 Main at b~stb.adb:197 +0x004011c4 __tmainCRTStartup at ??? +0x004011f1 mainCRTStartup at ??? +0x77e892a4 ??? at ??? +@end example @subsubheading Tracebacks From Exception Occurrences @@ -19090,8 +19133,8 @@ This program will output: @example $ stb -Exception name: CONSTRAINT_ERROR -Message: stb.adb:12 +raised CONSTRAINT_ERROR : stb.adb:12 range check failed +Load address: 0x400000 Call stack traceback locations: 0x4015e4 0x401633 0x401644 0x401461 0x4011c4 0x4011f1 0x77e892a4 @end example @@ -19100,17 +19143,16 @@ Call stack traceback locations: @subsubheading Tracebacks From Anywhere in a Program -It is also possible to retrieve a stack traceback from anywhere in a -program. For this you need to -use the @code{GNAT.Traceback} API. This package includes a procedure called -@code{Call_Chain} that computes a complete stack traceback, as well as useful -display procedures described below. It is not necessary to use the -@code{-E} @code{gnatbind} option in this case, because the stack traceback mechanism -is invoked explicitly. +It is also possible to retrieve a stack traceback from anywhere in a program. +For this you need to use the @code{GNAT.Traceback} API. This package includes a +procedure called @code{Call_Chain} that computes a complete stack traceback, as +well as useful display procedures described below. It is not necessary to use +the @code{-E} @code{gnatbind} option in this case, because the stack traceback +mechanism is invoked explicitly. -In the following example we compute a traceback at a specific location in -the program, and we display it using @code{GNAT.Debug_Utilities.Image} to -convert addresses to strings: +In the following example we compute a traceback at a specific location in the +program, and we display it using @code{GNAT.Debug_Utilities.Image} to convert +addresses to strings: @quotation @@ -19154,7 +19196,7 @@ end STB; @end example @example -$ gnatmake -g stb +$ gnatmake stb -g $ stb In STB.P1 : 16#0040_F1E4# 16#0040_14F2# 16#0040_170B# 16#0040_171C# @@ -19162,9 +19204,9 @@ In STB.P1 : 16#0040_F1E4# 16#0040_14F2# 16#0040_170B# 16#0040_171C# @end example @end quotation -You can then get further information by invoking the @code{addr2line} -tool as described earlier (note that the hexadecimal addresses -need to be specified in C format, with a leading ‘0x’). +You can then get further information by invoking the @code{addr2line} tool or +the @code{gnatsymbolize} tool as described earlier (note that the hexadecimal +addresses need to be specified in C format, with a leading ‘0x’). @geindex traceback @geindex symbolic @@ -19560,7 +19602,7 @@ The following is the subset of those switches that is most relevant: @table @asis -@item @code{--demangle[=@emph{style}]}, @code{--no-demangle} +@item @code{--demangle[=@var{style}]}, @code{--no-demangle} These options control whether symbol names should be demangled when printing output. The default is to demangle C++ symbols. The @@ -19576,9 +19618,9 @@ compiler, in particular Ada symbols generated by GNAT can be demangled using @table @asis -@item @code{-e @emph{function_name}} +@item @code{-e @var{function_name}} -The @code{-e @emph{function}} option tells @code{gprof} not to print +The @code{-e @var{function}} option tells @code{gprof} not to print information about the function @code{function_name} (and its children…) in the call graph. The function will still be listed as a child of any functions that call it, but its index number will be @@ -19592,9 +19634,9 @@ option. @table @asis -@item @code{-E @emph{function_name}} +@item @code{-E @var{function_name}} -The @code{-E @emph{function}} option works like the @code{-e} option, but +The @code{-E @var{function}} option works like the @code{-e} option, but execution time spent in the function (and children who were not called from anywhere else), will not be used to compute the percentages-of-time for the call graph. More than one @code{-E} option may be given; only one @@ -19606,9 +19648,9 @@ the call graph. More than one @code{-E} option may be given; only one @table @asis -@item @code{-f @emph{function_name}} +@item @code{-f @var{function_name}} -The @code{-f @emph{function}} option causes @code{gprof} to limit the +The @code{-f @var{function}} option causes @code{gprof} to limit the call graph to the function @code{function_name} and its children (and their children…). More than one @code{-f} option may be given; only one @code{function_name} may be indicated with each @code{-f} @@ -19620,9 +19662,9 @@ option. @table @asis -@item @code{-F @emph{function_name}} +@item @code{-F @var{function_name}} -The @code{-F @emph{function}} option works like the @code{-f} option, but +The @code{-F @var{function}} option works like the @code{-f} option, but only time spent in the function and its children (and their children…) will be used to determine total-time and percentages-of-time for the call graph. More than one @code{-F} option @@ -19921,7 +19963,7 @@ You should experiment to find the best level for your application. Since the precise set of optimizations done at each level will vary from release to release (and sometime from target to target), it is best to think of the optimization settings in general terms. -See the @emph{Options That Control Optimization} section in +See the `Options That Control Optimization' section in @cite{Using the GNU Compiler Collection (GCC)} for details about the @code{-O} settings and a number of @code{-f} options that @@ -19930,7 +19972,7 @@ individually enable or disable specific optimizations. Unlike some other compilation systems, @code{gcc} has been tested extensively at all optimization levels. There are some bugs which appear only with optimization turned on, but there have also been -bugs which show up only in @emph{unoptimized} code. Selecting a lower +bugs which show up only in `unoptimized' code. Selecting a lower level of optimization does not improve the reliability of the code generator, which in practice is highly reliable at all optimization levels. @@ -19979,7 +20021,7 @@ These are the most common cases: @itemize * @item -@emph{The ‘hopping Program Counter’:} Repeated @code{step} or @code{next} +`The ‘hopping Program Counter’:' Repeated @code{step} or @code{next} commands show the PC bouncing back and forth in the code. This may result from any of the following optimizations: @@ -19988,16 +20030,16 @@ the following optimizations: @itemize - @item -@emph{Common subexpression elimination:} using a single instance of code for a +`Common subexpression elimination:' using a single instance of code for a quantity that the source computes several times. As a result you may not be able to stop on what looks like a statement. @item -@emph{Invariant code motion:} moving an expression that does not change within a +`Invariant code motion:' moving an expression that does not change within a loop, to the beginning of the loop. @item -@emph{Instruction scheduling:} moving instructions so as to +`Instruction scheduling:' moving instructions so as to overlap loads and stores (typically) with other code, or in general to move computations of values closer to their uses. Often this causes you to pass an assignment statement without the assignment @@ -20008,16 +20050,16 @@ expected side-effects. @end itemize @item -@emph{The ‘big leap’:} More commonly known as @emph{cross-jumping}, in which +`The ‘big leap’:' More commonly known as `cross-jumping', in which two identical pieces of code are merged and the program counter suddenly jumps to a statement that is not supposed to be executed, simply because it (and the code following) translates to the same thing as the code -that @emph{was} supposed to be executed. This effect is typically seen in +that `was' supposed to be executed. This effect is typically seen in sequences that end in a jump, such as a @code{goto}, a @code{return}, or a @code{break} in a C @code{switch} statement. @item -@emph{The ‘roving variable’:} The symptom is an unexpected value in a variable. +`The ‘roving variable’:' The symptom is an unexpected value in a variable. There are various reasons for this effect: @@ -20053,7 +20095,7 @@ calling subprogram to verify that the value observed is explainable from other values (one must apply the procedure recursively to those other values); or re-running the code and stopping a little earlier (perhaps before the call) and stepping to better see how the variable obtained -the value in question; or continuing to step @emph{from} the point of the +the value in question; or continuing to step `from' the point of the strange value to see if code motion had simply moved the variable’s assignments later. @end itemize @@ -20098,7 +20140,7 @@ within it; the subprogram is small and optimization level @code{-O2} is specified; optimization level @code{-O3} is specified. @end itemize -Calls to subprograms in @emph{with}ed units are normally not inlined. +Calls to subprograms in `with'ed units are normally not inlined. To achieve actual inlining (that is, replacement of the call by the code in the body of the subprogram), the following conditions must all be true: @@ -20420,7 +20462,7 @@ to work. Examples of switches in this category are @code{-funroll-loops} and the various target-specific @code{-m} options (in particular, it has been observed that @code{-march=xxx} can significantly improve performance on appropriate machines). For full details of these switches, see -the @emph{Submodel Options} section in the @emph{Hardware Models and Configurations} +the `Submodel Options' section in the `Hardware Models and Configurations' chapter of @cite{Using the GNU Compiler Collection (GCC)}. @node Optimization and Strict Aliasing,Aliased Variables and Optimization,Other Optimization Switches,Performance Considerations @@ -20863,7 +20905,7 @@ If @code{Text_IO} must be used, note that by default output to the standard output and standard error files is unbuffered (this provides better behavior when output statements are used for debugging, or if the progress of a program is observed by tracking the output, e.g. by -using the Unix @emph{tail -f} command to watch redirected output). +using the Unix `tail -f' command to watch redirected output). If you are generating large volumes of output with @code{Text_IO} and performance is an important factor, use a designated file instead @@ -21174,7 +21216,7 @@ The three modes are: @itemize * @item -@emph{Use base type for intermediate operations} (@code{STRICT}) +`Use base type for intermediate operations' (@code{STRICT}) In this mode, all intermediate results for predefined arithmetic operators are computed using the base type, and the result must @@ -21184,7 +21226,7 @@ enabled) or the execution is erroneous (if overflow checks are suppressed). This is the normal default mode. @item -@emph{Most intermediate overflows avoided} (@code{MINIMIZED}) +`Most intermediate overflows avoided' (@code{MINIMIZED}) In this mode, the compiler attempts to avoid intermediate overflows by using a larger integer type, typically @code{Long_Long_Integer}, @@ -21217,12 +21259,12 @@ out of the range of @code{Long_Long_Integer} even though the final result is in range and the precondition is True (from a mathematical point of view). In such a case, operating in this mode, an overflow occurs for the intermediate computation (which is why this mode -says @emph{most} intermediate overflows are avoided). In this case, +says `most' intermediate overflows are avoided). In this case, an exception is raised if overflow checks are enabled, and the execution is erroneous if overflow checks are suppressed. @item -@emph{All intermediate overflows avoided} (@code{ELIMINATED}) +`All intermediate overflows avoided' (@code{ELIMINATED}) In this mode, the compiler avoids all intermediate overflows by using arbitrary precision arithmetic as required. In this @@ -21509,8 +21551,8 @@ version 7.0.1 of GNAT onwards. The GNAT-specific aspect @code{Dimension_System} allows you to define a system of units; the aspect @code{Dimension} then allows the user to declare dimensioned quantities within a given system. -(These aspects are described in the @emph{Implementation Defined Aspects} -chapter of the @emph{GNAT Reference Manual}). +(These aspects are described in the `Implementation Defined Aspects' +chapter of the `GNAT Reference Manual'). The major advantage of this model is that it does not require the declaration of multiple operators for all possible combinations of types: it is only necessary @@ -21707,9 +21749,9 @@ Final velocity: 98.10 m.s**(-1) @geindex Dimensioned subtype @end quotation -The type @code{Mks_Type} is said to be a @emph{dimensionable type} since it has a +The type @code{Mks_Type} is said to be a `dimensionable type' since it has a @code{Dimension_System} aspect, and the subtypes @code{Length}, @code{Mass}, etc., -are said to be @emph{dimensioned subtypes} since each one has a @code{Dimension} +are said to be `dimensioned subtypes' since each one has a @code{Dimension} aspect. @quotation @@ -21723,8 +21765,8 @@ aspect. The @code{Dimension} aspect of a dimensioned subtype @code{S} defines a mapping from the base type’s Unit_Names to integer (or, more generally, rational) -values. This mapping is the @emph{dimension vector} (also referred to as the -@emph{dimensionality}) for that subtype, denoted by @code{DV(S)}, and thus for each +values. This mapping is the `dimension vector' (also referred to as the +`dimensionality') for that subtype, denoted by @code{DV(S)}, and thus for each object of that subtype. Intuitively, the value specified for each @code{Unit_Name} is the exponent associated with that unit; a zero value means that the unit is not used. For example: @@ -21750,34 +21792,34 @@ dimension vectors of its components, with compile-time dimensionality checks that help prevent mismatches such as using an @code{Acceleration} where a @code{Length} is required. -The dimension vector of the result of an arithmetic expression @emph{expr}, or -@code{DV(@emph{expr})}, is defined as follows, assuming conventional +The dimension vector of the result of an arithmetic expression `expr', or +@code{DV(@var{expr})}, is defined as follows, assuming conventional mathematical definitions for the vector operations that are used: @itemize * @item -If @emph{expr} is of the type @emph{universal_real}, or is not of a dimensioned subtype, -then @emph{expr} is dimensionless; @code{DV(@emph{expr})} is the empty vector. +If `expr' is of the type `universal_real', or is not of a dimensioned subtype, +then `expr' is dimensionless; @code{DV(@var{expr})} is the empty vector. @item -@code{DV(@emph{op expr})}, where @emph{op} is a unary operator, is @code{DV(@emph{expr})} +@code{DV(@var{op expr})}, where `op' is a unary operator, is @code{DV(@var{expr})} @item -@code{DV(@emph{expr1 op expr2})} where @emph{op} is “+” or “-” is @code{DV(@emph{expr1})} -provided that @code{DV(@emph{expr1})} = @code{DV(@emph{expr2})}. +@code{DV(@var{expr1 op expr2})} where `op' is “+” or “-” is @code{DV(@var{expr1})} +provided that @code{DV(@var{expr1})} = @code{DV(@var{expr2})}. If this condition is not met then the construct is illegal. @item -@code{DV(@emph{expr1} * @emph{expr2})} is @code{DV(@emph{expr1})} + @code{DV(@emph{expr2})}, -and @code{DV(@emph{expr1} / @emph{expr2})} = @code{DV(@emph{expr1})} - @code{DV(@emph{expr2})}. -In this context if one of the @emph{expr}s is dimensionless then its empty +@code{DV(@var{expr1} * @var{expr2})} is @code{DV(@var{expr1})} + @code{DV(@var{expr2})}, +and @code{DV(@var{expr1} / @var{expr2})} = @code{DV(@var{expr1})} - @code{DV(@var{expr2})}. +In this context if one of the `expr's is dimensionless then its empty dimension vector is treated as @code{(others => 0)}. @item -@code{DV(@emph{expr} ** @emph{power})} is @emph{power} * @code{DV(@emph{expr})}, -provided that @emph{power} is a static rational value. If this condition is not +@code{DV(@var{expr} ** @var{power})} is `power' * @code{DV(@var{expr})}, +provided that `power' is a static rational value. If this condition is not met then the construct is illegal. @end itemize @@ -21787,7 +21829,7 @@ combine a dimensioned and dimensionless value. Thus an expression such as @code{Acceleration}. The dimensionality checks for relationals use the same rules as -for “+” and “-“, except when comparing to a literal; thus +for “+” and “-”, except when comparing to a literal; thus @quotation @@ -21817,17 +21859,17 @@ acc > 10.0 is accepted with a warning. Analogously a conditional expression requires the same dimension vector for each branch (with no exception for literals). -The dimension vector of a type conversion @code{T(@emph{expr})} is defined +The dimension vector of a type conversion @code{T(@var{expr})} is defined as follows, based on the nature of @code{T}: @itemize * @item -If @code{T} is a dimensioned subtype then @code{DV(T(@emph{expr}))} is @code{DV(T)} -provided that either @emph{expr} is dimensionless or -@code{DV(T)} = @code{DV(@emph{expr})}. The conversion is illegal -if @emph{expr} is dimensioned and @code{DV(@emph{expr})} /= @code{DV(T)}. +If @code{T} is a dimensioned subtype then @code{DV(T(@var{expr}))} is @code{DV(T)} +provided that either `expr' is dimensionless or +@code{DV(T)} = @code{DV(@var{expr})}. The conversion is illegal +if `expr' is dimensioned and @code{DV(@var{expr})} /= @code{DV(T)}. Note that vector equality does not require that the corresponding Unit_Names be the same. @@ -21839,9 +21881,9 @@ a length in inches (with a suitable conversion factor) but cannot be converted, for example, to a mass in pounds. @item -If @code{T} is the base type for @emph{expr} (and the dimensionless root type of -the dimension system), then @code{DV(T(@emph{expr}))} is @code{DV(expr)}. -Thus, if @emph{expr} is of a dimensioned subtype of @code{T}, the conversion may +If @code{T} is the base type for `expr' (and the dimensionless root type of +the dimension system), then @code{DV(T(@var{expr}))} is @code{DV(expr)}. +Thus, if `expr' is of a dimensioned subtype of @code{T}, the conversion may be regarded as a “view conversion” that preserves dimensionality. This rule makes it possible to write generic code that can be instantiated @@ -21853,13 +21895,13 @@ dimensionality. @item Otherwise (i.e., @code{T} is neither a dimensioned subtype nor a dimensionable -base type), @code{DV(T(@emph{expr}))} is the empty vector. Thus a dimensioned +base type), @code{DV(T(@var{expr}))} is the empty vector. Thus a dimensioned value can be explicitly converted to a non-dimensioned subtype, which of course then escapes dimensionality analysis. @end itemize -The dimension vector for a type qualification @code{T'(@emph{expr})} is the same -as for the type conversion @code{T(@emph{expr})}. +The dimension vector for a type qualification @code{T'(@var{expr})} is the same +as for the type conversion @code{T(@var{expr})}. An assignment statement @@ -22033,16 +22075,16 @@ where: @itemize * @item -@emph{Index} is a number associated with each task. +`Index' is a number associated with each task. @item -@emph{Task Name} is the name of the task analyzed. +`Task Name' is the name of the task analyzed. @item -@emph{Stack Size} is the maximum size for the stack. +`Stack Size' is the maximum size for the stack. @item -@emph{Stack Usage} is the measure done by the stack analyzer. +`Stack Usage' is the measure done by the stack analyzer. In order to prevent overflow, the stack is not entirely analyzed, and it’s not possible to know exactly how much has actually been used. @@ -22373,7 +22415,7 @@ For exception handling, either or both of two models are supplied: @itemize * @item -@strong{Zero-Cost Exceptions} (“ZCX”), +`Zero-Cost Exceptions' (“ZCX”), which uses binder-generated tables that are interrogated at run time to locate a handler. @@ -22382,7 +22424,7 @@ are interrogated at run time to locate a handler. @geindex SJLJ (setjmp/longjmp Exception Model) @item -@strong{setjmp / longjmp} (‘SJLJ’), +`setjmp / longjmp' (‘SJLJ’), which uses dynamically-set data to establish the set of handlers @end itemize @@ -22528,7 +22570,7 @@ contain a complete source and binary subdirectory. The detailed description below explains the differences between the different libraries in terms of their thread support. -The default run-time library (when GNAT is installed) is @emph{rts-native}. +The default run-time library (when GNAT is installed) is `rts-native'. This default run-time is selected by the means of soft links. For example on x86-linux: @@ -22572,7 +22614,7 @@ ADAINCLUDE ADALIB rts-native rts-sjlj (Upper-case names and dotted/dashed arrows represent soft links) @end example -If the @emph{rts-sjlj} library is to be selected on a permanent basis, +If the `rts-sjlj' library is to be selected on a permanent basis, these soft links can be modified with the following commands: @quotation @@ -23232,12 +23274,12 @@ on the stack by the caller from right to left. The callee (and not the caller) is in charge of cleaning the stack on routine exit. In addition, the name of a routine with @code{Stdcall} calling convention is mangled by adding a leading underscore (as for the @code{C} calling convention) and a -trailing @code{@@@emph{nn}}, where @code{nn} is the overall size (in +trailing @code{@@@var{nn}}, where @code{nn} is the overall size (in bytes) of the parameters passed to the routine. The name to use on the Ada side when importing a C routine with a @code{Stdcall} calling convention is the name of the C routine. The leading -underscore and trailing @code{@@@emph{nn}} are added automatically by +underscore and trailing @code{@@@var{nn}} are added automatically by the compiler. For instance the Win32 function: @quotation @@ -23284,10 +23326,10 @@ pragma Import (Stdcall, Get_Val, Link_Name => "retrieve_val"); then the imported routine is @code{retrieve_val}, that is, there is no decoration at all. No leading underscore and no Stdcall suffix -@code{@@@emph{nn}}. +@code{@@@var{nn}}. This is especially important as in some special cases a DLL’s entry -point name lacks a trailing @code{@@@emph{nn}} while the exported +point name lacks a trailing @code{@@@var{nn}} while the exported name generated for a call has it. It is also possible to import variables defined in a DLL by using an @@ -23588,16 +23630,16 @@ EXPORTS @table @asis -@item @emph{LIBRARY name} +@item `LIBRARY name' This section, which is optional, gives the name of the DLL. -@item @emph{DESCRIPTION string} +@item `DESCRIPTION string' This section, which is optional, gives a description string that will be embedded in the import library. -@item @emph{EXPORTS} +@item `EXPORTS' This section gives the list of exported symbols (procedures, functions or variables). For instance in the case of @code{API.dll} the @code{EXPORTS} @@ -23610,7 +23652,7 @@ EXPORTS @end example @end table -Note that you must specify the correct suffix (@code{@@@emph{nn}}) +Note that you must specify the correct suffix (@code{@@@var{nn}}) (see @ref{1d2,,Windows Calling Conventions}) for a Stdcall calling convention function in the exported symbols list. @@ -23631,11 +23673,11 @@ $ dlltool API.dll -z API.def --export-all-symbols @end example Note that if some routines in the DLL have the @code{Stdcall} convention -(@ref{1d2,,Windows Calling Conventions}) with stripped @code{@@@emph{nn}} +(@ref{1d2,,Windows Calling Conventions}) with stripped @code{@@@var{nn}} suffix then you’ll have to edit @code{api.def} to add it, and specify @code{-k} to @code{gnatdll} when creating the import library. -Here are some hints to find the right @code{@@@emph{nn}} suffix. +Here are some hints to find the right @code{@@@var{nn}} suffix. @itemize - @@ -23717,8 +23759,8 @@ See the Microsoft documentation for further details about the usage of @geindex building There is nothing specific to Windows in the build process. -See the @emph{Library Projects} section in the @emph{GNAT Project Manager} -chapter of the @emph{GPRbuild User’s Guide}. +See the `Library Projects' section in the `GNAT Project Manager' +chapter of the `GPRbuild User’s Guide'. Due to a system limitation, it is not possible under Windows to create threads when inside the @code{DllMain} routine which is used for auto-initialization @@ -23853,8 +23895,8 @@ Note that a relocatable DLL stripped using the @code{strip} binutils tool will not be relocatable anymore. To build a DLL without debug information pass @code{-largs -s} to @code{gnatdll}. This restriction does not apply to a DLL built using a Library Project. -See the @emph{Library Projects} section in the @emph{GNAT Project Manager} -chapter of the @emph{GPRbuild User’s Guide}. +See the `Library Projects' section in the `GNAT Project Manager' +chapter of the `GPRbuild User’s Guide'. @c Limitations_When_Using_Ada_DLLs_from Ada: @@ -24169,7 +24211,7 @@ You may specify any of the following switches to @code{gnatdll}: @table @asis -@item @code{-a[@emph{address}]} +@item @code{-a[`address']} Build a non-relocatable DLL at @code{address}. If @code{address} is not specified the default address @code{0x11000000} will be used. By default, @@ -24178,20 +24220,20 @@ advise the reader to build relocatable DLL. @geindex -b (gnatdll) -@item @code{-b @emph{address}} +@item @code{-b `address'} Set the relocatable DLL base address. By default the address is @code{0x11000000}. @geindex -bargs (gnatdll) -@item @code{-bargs @emph{opts}} +@item @code{-bargs `opts'} Binder options. Pass @code{opts} to the binder. @geindex -d (gnatdll) -@item @code{-d @emph{dllfile}} +@item @code{-d `dllfile'} @code{dllfile} is the name of the DLL. This switch must be present for @code{gnatdll} to do anything. The name of the generated import library is @@ -24205,7 +24247,7 @@ file used is @code{xyz.def}. @geindex -e (gnatdll) -@item @code{-e @emph{deffile}} +@item @code{-e `deffile'} @code{deffile} is the name of the definition file. @@ -24227,7 +24269,7 @@ Help mode. Displays @code{gnatdll} switch usage information. @geindex -I (gnatdll) -@item @code{-I@emph{dir}} +@item @code{-I`dir'} Direct @code{gnatdll} to search the @code{dir} directory for source and object files needed to build the DLL. @@ -24237,16 +24279,16 @@ object files needed to build the DLL. @item @code{-k} -Removes the @code{@@@emph{nn}} suffix from the import library’s exported +Removes the @code{@@@var{nn}} suffix from the import library’s exported names, but keeps them for the link names. You must specify this option if you want to use a @code{Stdcall} function in a DLL for which -the @code{@@@emph{nn}} suffix has been removed. This is the case for most +the @code{@@@var{nn}} suffix has been removed. This is the case for most of the Windows NT DLL for example. This option has no effect when @code{-n} option is specified. @geindex -l (gnatdll) -@item @code{-l @emph{file}} +@item @code{-l `file'} The list of ALI and object files used to build the DLL are listed in @code{file}, instead of being given in the command line. Each line in @@ -24272,7 +24314,7 @@ Verbose mode. Display extra information. @geindex -largs (gnatdll) -@item @code{-largs @emph{opts}} +@item @code{-largs `opts'} Linker options. Pass @code{opts} to the linker. @end table @@ -24406,7 +24448,7 @@ $ dlltool [`switches`] @table @asis -@item @code{--base-file @emph{basefile}} +@item @code{--base-file `basefile'} Read the base file @code{basefile} generated by the linker. This switch is used to create a relocatable DLL. @@ -24417,7 +24459,7 @@ is used to create a relocatable DLL. @table @asis -@item @code{--def @emph{deffile}} +@item @code{--def `deffile'} Read the definition file. @end table @@ -24427,7 +24469,7 @@ Read the definition file. @table @asis -@item @code{--dllname @emph{name}} +@item @code{--dllname `name'} Gives the name of the DLL. This switch is used to embed the name of the DLL in the static import library generated by @code{dlltool} with switch @@ -24441,7 +24483,7 @@ DLL in the static import library generated by @code{dlltool} with switch @item @code{-k} -Kill @code{@@@emph{nn}} from exported names +Kill @code{@@@var{nn}} from exported names (@ref{1d2,,Windows Calling Conventions} for a discussion about @code{Stdcall}-style symbols). @end table @@ -24461,7 +24503,7 @@ Prints the @code{dlltool} switches with a concise description. @table @asis -@item @code{--output-exp @emph{exportfile}} +@item @code{--output-exp `exportfile'} Generate an export file @code{exportfile}. The export file contains the export table (list of symbols in the DLL) and is used to create the DLL. @@ -24472,7 +24514,7 @@ export table (list of symbols in the DLL) and is used to create the DLL. @table @asis -@item @code{--output-lib @emph{libfile}} +@item @code{--output-lib `libfile'} Generate a static import library @code{libfile}. @end table @@ -24492,7 +24534,7 @@ Verbose mode. @table @asis -@item @code{--as @emph{assembler-name}} +@item @code{--as `assembler-name'} Use @code{assembler-name} as the assembler. The default is @code{as}. @end table @@ -24967,7 +25009,7 @@ $ main @end example @item -Use the Windows @emph{Task Manager} to find the process ID. Let’s say +Use the Windows `Task Manager' to find the process ID. Let’s say that the process PID for @code{main.exe} is 208. @item @@ -25019,7 +25061,7 @@ approach to debug a program as described in It is possible to specify the program stack size at link time. On modern versions of Windows, starting with XP, this is mostly useful to set the size of the main stack (environment task). The other task stacks are set with pragma -Storage_Size or with the @emph{gnatbind -d} command. +Storage_Size or with the `gnatbind -d' command. Since older versions of Windows (2000, NT4, etc.) do not allow setting the reserve size of individual tasks, the link-time stack size applies to all @@ -25268,7 +25310,7 @@ in the Unix group @code{_developer}. @geindex Binder output (example) This Appendix displays the source code for the output file -generated by @emph{gnatbind} for a simple ‘Hello World’ program. +generated by `gnatbind' for a simple ‘Hello World’ program. Comments have been added for clarification purposes. @example @@ -26047,13 +26089,13 @@ GNAT, either automatically or with explicit programming features. @section Elaboration Code -Ada defines the term @emph{execution} as the process by which a construct achieves -its run-time effect. This process is also referred to as @strong{elaboration} for -declarations and @emph{evaluation} for expressions. +Ada defines the term `execution' as the process by which a construct achieves +its run-time effect. This process is also referred to as `elaboration' for +declarations and `evaluation' for expressions. The execution model in Ada allows for certain sections of an Ada program to be executed prior to execution of the program itself, primarily with the intent of -initializing data. These sections are referred to as @strong{elaboration code}. +initializing data. These sections are referred to as `elaboration code'. Elaboration code is executed as follows: @@ -26070,7 +26112,7 @@ partition. @item The environment task executes all elaboration code (if available) for all units within that partition. This code is said to be executed at -@strong{elaboration time}. +`elaboration time'. @item The environment task executes the Ada program (if available) for that @@ -26083,16 +26125,16 @@ In addition to the Ada terminology, this appendix defines the following terms: @itemize * @item -@emph{Invocation} +`Invocation' The act of calling a subprogram, instantiating a generic, or activating a task. @item -@emph{Scenario} +`Scenario' A construct that is elaborated or invoked by elaboration code is referred to -as an @emph{elaboration scenario} or simply a @strong{scenario}. GNAT recognizes the +as an `elaboration scenario' or simply a `scenario'. GNAT recognizes the following scenarios: @@ -26112,10 +26154,10 @@ Instantiations of generic templates @end itemize @item -@emph{Target} +`Target' -A construct elaborated by a scenario is referred to as @emph{elaboration target} -or simply @strong{target}. GNAT recognizes the following targets: +A construct elaborated by a scenario is referred to as `elaboration target' +or simply `target'. GNAT recognizes the following targets: @itemize - @@ -26143,7 +26185,7 @@ Elaboration code may appear in two distinct contexts: @itemize * @item -@emph{Library level} +`Library level' A scenario appears at the library level when it is encapsulated by a package [body] compilation unit, ignoring any other package [body] declarations in @@ -26167,7 +26209,7 @@ given above. As a result, the call to @code{Server.Func} will be invoked when the spec of unit @code{Client} is elaborated. @item -@emph{Package body statements} +`Package body statements' A scenario appears within the statement sequence of a package body when it is bounded by the region starting from the @code{begin} keyword of the package body @@ -26196,7 +26238,7 @@ elaborated. The sequence by which the elaboration code of all units within a partition is -executed is referred to as @strong{elaboration order}. +executed is referred to as `elaboration order'. Within a single unit, elaboration code is executed in sequential order. @@ -26260,7 +26302,7 @@ factors: @itemize * @item -@emph{with}ed units +`with'ed units @item parent units @@ -26313,7 +26355,7 @@ procedure Main is begin null; end Main; @end quotation The following elaboration order exhibits a fundamental problem referred to as -@emph{access-before-elaboration} or simply @strong{ABE}. +`access-before-elaboration' or simply `ABE'. @quotation @@ -26353,7 +26395,7 @@ body of Main Ada states that a total elaboration order must exist, but it does not define what this order is. A compiler is thus tasked with choosing a suitable -elaboration order which satisfies the dependencies imposed by @emph{with} clauses, +elaboration order which satisfies the dependencies imposed by `with' clauses, unit categorization, elaboration-control pragmas, and invocations performed in elaboration code. Ideally an order that avoids ABE problems should be chosen, however a compiler may not always find such an order due to complications with @@ -26371,15 +26413,15 @@ provides three lines of defense: @itemize * @item -@emph{Static semantics} +`Static semantics' Static semantic rules restrict the possible choice of elaboration order. For -instance, if unit Client @emph{with}s unit Server, then the spec of Server is +instance, if unit Client `with's unit Server, then the spec of Server is always elaborated prior to Client. The same principle applies to child units - the spec of a parent unit is always elaborated prior to the child unit. @item -@emph{Dynamic semantics} +`Dynamic semantics' Dynamic checks are performed at run time, to ensure that a target is elaborated prior to a scenario that invokes it, thus avoiding ABE problems. @@ -26390,19 +26432,19 @@ restrictions apply: @itemize - @item -@emph{Restrictions on calls} +`Restrictions on calls' An entry, operator, or subprogram can be called from elaboration code only when the corresponding body has been elaborated. @item -@emph{Restrictions on instantiations} +`Restrictions on instantiations' A generic unit can be instantiated by elaboration code only when the corresponding body has been elaborated. @item -@emph{Restrictions on task activation} +`Restrictions on task activation' A task can be activated by elaboration code only when the body of the associated task type has been elaborated. @@ -26410,11 +26452,11 @@ associated task type has been elaborated. The restrictions above can be summarized by the following rule: -@emph{If a target has a body, then this body must be elaborated prior to the -scenario that invokes the target.} +`If a target has a body, then this body must be elaborated prior to the +scenario that invokes the target.' @item -@emph{Elaboration control} +`Elaboration control' Pragmas are provided for the programmer to specify the desired elaboration order. @@ -26432,7 +26474,7 @@ the desired elaboration order and avoiding ABE problems altogether. @itemize * @item -@emph{Packages without a body} +`Packages without a body' A library package which does not require a completing body does not suffer from ABE problems. @@ -26459,7 +26501,7 @@ any ABE problems. @itemize * @item -@emph{pragma Pure} +`pragma Pure' Pragma @code{Pure} places sufficient restrictions on a unit to guarantee that no scenario within the unit can result in an ABE problem. @@ -26471,7 +26513,7 @@ scenario within the unit can result in an ABE problem. @itemize * @item -@emph{pragma Preelaborate} +`pragma Preelaborate' Pragma @code{Preelaborate} is slightly less restrictive than pragma @code{Pure}, but still strong enough to prevent ABE problems within a unit. @@ -26483,7 +26525,7 @@ but still strong enough to prevent ABE problems within a unit. @itemize * @item -@emph{pragma Elaborate_Body} +`pragma Elaborate_Body' Pragma @code{Elaborate_Body} requires that the body of a unit is elaborated immediately after its spec. This restriction guarantees that no client @@ -26524,7 +26566,7 @@ spec of Client @end example because the spec of @code{Server} must be elaborated prior to @code{Client} by -virtue of the @emph{with} clause, and in addition the body of @code{Server} must be +virtue of the `with' clause, and in addition the body of @code{Server} must be elaborated immediately after the spec of @code{Server}. Removing pragma @code{Elaborate_Body} could result in the following incorrect @@ -26555,10 +26597,10 @@ depend on. @itemize * @item -@emph{pragma Elaborate (Unit)} +`pragma Elaborate (Unit)' Pragma @code{Elaborate} can be placed in the context clauses of a unit, after a -@emph{with} clause. It guarantees that both the spec and body of its argument will +`with' clause. It guarantees that both the spec and body of its argument will be elaborated prior to the unit with the pragma. Note that other unrelated units may be elaborated in between the spec and the body. @@ -26613,12 +26655,12 @@ has not been elaborated yet. @itemize * @item -@emph{pragma Elaborate_All (Unit)} +`pragma Elaborate_All (Unit)' Pragma @code{Elaborate_All} is placed in the context clauses of a unit, after -a @emph{with} clause. It guarantees that both the spec and body of its argument +a `with' clause. It guarantees that both the spec and body of its argument will be elaborated prior to the unit with the pragma, as well as all units -@emph{with}ed by the spec and body of the argument, recursively. Note that other +`with'ed by the spec and body of the argument, recursively. Note that other unrelated units may be elaborated in between the spec and the body. @example @@ -26704,10 +26746,10 @@ elaborated yet. All pragmas shown above can be summarized by the following rule: -@emph{If a client unit elaborates a server target directly or indirectly, then if +`If a client unit elaborates a server target directly or indirectly, then if the server unit requires a body and does not have pragma Pure, Preelaborate, or Elaborate_Body, then the client unit should have pragma Elaborate or -Elaborate_All for the server unit.} +Elaborate_All for the server unit.' If the rule outlined above is not followed, then a program may fall in one of the following states: @@ -26716,19 +26758,19 @@ the following states: @itemize * @item -@emph{No elaboration order exists} +`No elaboration order exists' In this case a compiler must diagnose the situation, and refuse to build an executable program. @item -@emph{One or more incorrect elaboration orders exist} +`One or more incorrect elaboration orders exist' In this case a compiler can build an executable program, but @code{Program_Error} will be raised when the program is run. @item -@emph{Several elaboration orders exist, some correct, some incorrect} +`Several elaboration orders exist, some correct, some incorrect' In this case the programmer has not controlled the elaboration order. As a result, a compiler may or may not pick one of the correct orders, and the @@ -26737,7 +26779,7 @@ worst possible state because the program may fail on another compiler, or even another version of the same compiler. @item -@emph{One or more correct orders exist} +`One or more correct orders exist' In this case a compiler can build an executable program, and the program is run successfully. This state may be guaranteed by following the outlined @@ -26763,7 +26805,7 @@ elaboration order and to diagnose elaboration problems. @itemize * @item -@emph{Dynamic elaboration model} +`Dynamic elaboration model' This is the most permissive of the three elaboration models and emulates the behavior specified by the Ada Reference Manual. When the dynamic model is in @@ -26785,7 +26827,7 @@ GNAT performs extensive diagnostics on a unit-by-unit basis for all scenarios that invoke internal targets. In addition, GNAT generates run-time checks for all external targets and for all scenarios that may exhibit ABE problems. -The elaboration order is obtained by honoring all @emph{with} clauses, purity and +The elaboration order is obtained by honoring all `with' clauses, purity and preelaborability of units, and elaboration-control pragmas. The dynamic model attempts to take all invocations in elaboration code into account. If an invocation leads to a circularity, GNAT ignores the invocation based on the @@ -26801,7 +26843,7 @@ The dynamic model is enabled with compiler switch @code{-gnatE}. @itemize * @item -@emph{Static elaboration model} +`Static elaboration model' This is the middle ground of the three models. When the static model is in effect, GNAT makes the following assumptions: @@ -26822,7 +26864,7 @@ GNAT performs extensive diagnostics on a unit-by-unit basis for all scenarios that invoke internal targets. In addition, GNAT generates run-time checks for all external targets and for all scenarios that may exhibit ABE problems. -The elaboration order is obtained by honoring all @emph{with} clauses, purity and +The elaboration order is obtained by honoring all `with' clauses, purity and preelaborability of units, presence of elaboration-control pragmas, and all invocations in elaboration code. An order obtained using the static model is guaranteed to be ABE problem-free, excluding dispatching calls and @@ -26837,7 +26879,7 @@ The static model is the default model in GNAT. @itemize * @item -@emph{SPARK elaboration model} +`SPARK elaboration model' This is the most conservative of the three models and enforces the SPARK rules of elaboration as defined in the SPARK Reference Manual, section 7.7. @@ -26854,7 +26896,7 @@ The SPARK model is enabled with compiler switch @code{-gnatd.v}. @itemize * @item -@emph{Legacy elaboration models} +`Legacy elaboration models' In addition to the three elaboration models outlined above, GNAT provides the following legacy models: @@ -26890,7 +26932,7 @@ however the following rules must be observed: @itemize * @item -A client unit compiled with the dynamic model can only @emph{with} a server unit +A client unit compiled with the dynamic model can only `with' a server unit that meets at least one of the following criteria: @@ -26940,8 +26982,8 @@ conservative, or a particular scenario may not be invoked due conditional execution. The warnings can be suppressed selectively with @code{pragma Warnings (Off)} or globally with compiler switch @code{-gnatwL}. -A @emph{guaranteed ABE} arises when the body of a target is not elaborated early -enough, and causes @emph{all} scenarios that directly invoke the target to fail. +A `guaranteed ABE' arises when the body of a target is not elaborated early +enough, and causes `all' scenarios that directly invoke the target to fail. @quotation @@ -26973,8 +27015,8 @@ the declaration of @code{Val}. This invokes function @code{ABE}, however the bod @end example @end quotation -A @emph{conditional ABE} arises when the body of a target is not elaborated early -enough, and causes @emph{some} scenarios that directly invoke the target to fail. +A `conditional ABE' arises when the body of a target is not elaborated early +enough, and causes `some' scenarios that directly invoke the target to fail. @quotation @@ -27063,9 +27105,9 @@ rules. @section Elaboration Circularities -An @strong{elaboration circularity} occurs whenever the elaboration of a set of +An `elaboration circularity' occurs whenever the elaboration of a set of units enters a deadlocked state, where each unit is waiting for another unit -to be elaborated. This situation may be the result of improper use of @emph{with} +to be elaborated. This situation may be the result of improper use of `with' clauses, elaboration-control pragmas, or invocations in elaboration code. The following example exhibits an elaboration circularity. @@ -27173,7 +27215,7 @@ too much modification, especially in the case of complex legacy code. When faced with an elaboration circularity, the programmer should also consider the tactics given in the suggestions section of the circularity diagnostic. -Depending on the units involved in the circularity, their @emph{with} clauses, +Depending on the units involved in the circularity, their `with' clauses, purity, preelaborability, presence of elaboration-control pragmas and invocations at elaboration time, the binder may suggest one or more of the following tactics to eliminate the circularity: @@ -27226,7 +27268,7 @@ Prevents a set of units from being elaborated. @item The removal of the pragma will not eliminate the semantic effects of the -pragma. In other words, the argument of the pragma along with its @emph{with} +pragma. In other words, the argument of the pragma along with its `with' closure will still be elaborated prior to the unit containing the pragma. @item @@ -27469,20 +27511,20 @@ information depending on the elaboration model in effect. @itemize - @item -@emph{Dynamic model} +`Dynamic model' GNAT will indicate missing @code{Elaborate} and @code{Elaborate_All} pragmas for all library-level scenarios within the partition. @item -@emph{Static model} +`Static model' GNAT will indicate all scenarios invoked during elaboration. In addition, it will provide detailed traceback when an implicit @code{Elaborate} or @code{Elaborate_All} pragma is generated. @item -@emph{SPARK model} +`SPARK model' GNAT will indicate how an elaboration requirement is met by the context of a unit. This diagnostic requires compiler switch @code{-gnatd.v}. @@ -27885,7 +27927,7 @@ pre-processor) documentation for further information. @display -@emph{Register names}@w{ } +`Register names'@w{ } @display gcc / @code{as}: Prefix with ‘%’; for example @code{%eax}@w{ } Intel: No extra punctuation; for example @code{eax}@w{ } @@ -27896,7 +27938,7 @@ Intel: No extra punctuation; for example @code{eax}@w{ } @display -@emph{Immediate operand}@w{ } +`Immediate operand'@w{ } @display gcc / @code{as}: Prefix with ‘$’; for example @code{$4}@w{ } Intel: No extra punctuation; for example @code{4}@w{ } @@ -27907,7 +27949,7 @@ Intel: No extra punctuation; for example @code{4}@w{ } @display -@emph{Address}@w{ } +`Address'@w{ } @display gcc / @code{as}: Prefix with ‘$’; for example @code{$loc}@w{ } Intel: No extra punctuation; for example @code{loc}@w{ } @@ -27918,7 +27960,7 @@ Intel: No extra punctuation; for example @code{loc}@w{ } @display -@emph{Memory contents}@w{ } +`Memory contents'@w{ } @display gcc / @code{as}: No extra punctuation; for example @code{loc}@w{ } Intel: Square brackets; for example @code{[loc]}@w{ } @@ -27929,7 +27971,7 @@ Intel: Square brackets; for example @code{[loc]}@w{ } @display -@emph{Register contents}@w{ } +`Register contents'@w{ } @display gcc / @code{as}: Parentheses; for example @code{(%eax)}@w{ } Intel: Square brackets; for example @code{[eax]}@w{ } @@ -27940,7 +27982,7 @@ Intel: Square brackets; for example @code{[eax]}@w{ } @display -@emph{Hexadecimal numbers}@w{ } +`Hexadecimal numbers'@w{ } @display gcc / @code{as}: Leading ‘0x’ (C language syntax); for example @code{0xA0}@w{ } Intel: Trailing ‘h’; for example @code{A0h}@w{ } @@ -27951,7 +27993,7 @@ Intel: Trailing ‘h’; for example @code{A0h}@w{ } @display -@emph{Operand size}@w{ } +`Operand size'@w{ } @display gcc / @code{as}: Explicit in op code; for example @code{movw} to move a 16-bit word@w{ } Intel: Implicit, deduced by assembler; for example @code{mov}@w{ } @@ -27962,7 +28004,7 @@ Intel: Implicit, deduced by assembler; for example @code{mov}@w{ } @display -@emph{Instruction repetition}@w{ } +`Instruction repetition'@w{ } @display gcc / @code{as}: Split into two lines; for example@w{ } @display @@ -27977,7 +28019,7 @@ Intel: Keep on one line; for example @code{rep stosl}@w{ } @display -@emph{Order of operands}@w{ } +`Order of operands'@w{ } @display gcc / @code{as}: Source first; for example @code{movw $4, %eax}@w{ } Intel: Destination first; for example @code{mov eax, 4}@w{ } @@ -28008,7 +28050,7 @@ end Nothing; @end quotation @code{Asm} is a procedure declared in package @code{System.Machine_Code}; -here it takes one parameter, a @emph{template string} that must be a static +here it takes one parameter, a `template string' that must be a static expression and that will form the generated instruction. @code{Asm} may be regarded as a compile-time procedure that parses the template string and additional parameters (none here), @@ -28291,7 +28333,7 @@ most useful (for the Intel x86 processor) are the following: @multitable {xxxxxxxx} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} @item -@emph{=} +`=' @tab @@ -28299,7 +28341,7 @@ output constraint @item -@emph{g} +`g' @tab @@ -28307,7 +28349,7 @@ global (i.e., can be stored anywhere) @item -@emph{m} +`m' @tab @@ -28315,7 +28357,7 @@ in memory @item -@emph{I} +`I' @tab @@ -28323,7 +28365,7 @@ a constant @item -@emph{a} +`a' @tab @@ -28331,7 +28373,7 @@ use eax @item -@emph{b} +`b' @tab @@ -28339,7 +28381,7 @@ use ebx @item -@emph{c} +`c' @tab @@ -28347,7 +28389,7 @@ use ecx @item -@emph{d} +`d' @tab @@ -28355,7 +28397,7 @@ use edx @item -@emph{S} +`S' @tab @@ -28363,7 +28405,7 @@ use esi @item -@emph{D} +`D' @tab @@ -28371,7 +28413,7 @@ use edi @item -@emph{r} +`r' @tab @@ -28379,7 +28421,7 @@ use one of eax, ebx, ecx or edx @item -@emph{q} +`q' @tab @@ -28394,7 +28436,7 @@ documentation; note that it is possible to combine certain constraints in one constraint string. You specify the association of an output variable with an assembler operand -through the @code{%@emph{n}} notation, where @emph{n} is a non-negative +through the @code{%@var{n}} notation, where `n' is a non-negative integer. Thus in @quotation @@ -28725,7 +28767,7 @@ Asm ("movl %0, %%ebx" & LF & HT & @end quotation The Clobber parameter is a static string expression specifying the -register(s) you are using. Note that register names are @emph{not} prefixed +register(s) you are using. Note that register names are `not' prefixed by a percent sign. Also, if more than one register is used then their names are separated by commas; e.g., @code{"eax, ebx"} @@ -28790,7 +28832,7 @@ Copyright 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. -@strong{Preamble} +`Preamble' The purpose of this License is to make a manual, textbook, or other functional and useful document “free” in the sense of freedom: to @@ -28813,23 +28855,23 @@ it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. -@strong{1. APPLICABILITY AND DEFINITIONS} +`1. APPLICABILITY AND DEFINITIONS' This License applies to any manual or other work, in any medium, that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. Such a notice grants a world-wide, royalty-free license, unlimited in duration, to use that -work under the conditions stated herein. The @strong{Document}, below, +work under the conditions stated herein. The `Document', below, refers to any such manual or work. Any member of the public is a -licensee, and is addressed as “@strong{you}”. You accept the license if you +licensee, and is addressed as “`you'”. You accept the license if you copy, modify or distribute the work in a way requiring permission under copyright law. -A “@strong{Modified Version}” of the Document means any work containing the +A “`Modified Version'” of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. -A “@strong{Secondary Section}” is a named appendix or a front-matter section of +A “`Secondary Section'” is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document’s overall subject (or to related matters) and contains nothing that could fall directly @@ -28840,7 +28882,7 @@ connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. -The “@strong{Invariant Sections}” are certain Secondary Sections whose titles +The “`Invariant Sections'” are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. If a section does not fit the above definition of Secondary then it is not @@ -28848,12 +28890,12 @@ allowed to be designated as Invariant. The Document may contain zero Invariant Sections. If the Document does not identify any Invariant Sections then there are none. -The “@strong{Cover Texts}” are certain short passages of text that are listed, +The “`Cover Texts'” are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A Front-Cover Text may be at most 5 words, and a Back-Cover Text may be at most 25 words. -A “@strong{Transparent}” copy of the Document means a machine-readable copy, +A “`Transparent'” copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, that is suitable for revising the document straightforwardly with generic text editors or (for images composed of @@ -28864,7 +28906,7 @@ to text formatters. A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent. An image format is not Transparent if used for any substantial amount -of text. A copy that is not “Transparent” is called @strong{Opaque}. +of text. A copy that is not “Transparent” is called `Opaque'. Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML @@ -28877,22 +28919,22 @@ processing tools are not generally available, and the machine-generated HTML, PostScript or PDF produced by some word processors for output purposes only. -The “@strong{Title Page}” means, for a printed book, the title page itself, +The “`Title Page'” means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, “Title Page” means the text near the most prominent appearance of the work’s title, preceding the beginning of the body of the text. -The “@strong{publisher}” means any person or entity that distributes +The “`publisher'” means any person or entity that distributes copies of the Document to the public. -A section “@strong{Entitled XYZ}” means a named subunit of the Document whose +A section “`Entitled XYZ'” means a named subunit of the Document whose title either is precisely XYZ or contains XYZ in parentheses following text that translates XYZ in another language. (Here XYZ stands for a -specific section name mentioned below, such as “@strong{Acknowledgements}”, -“@strong{Dedications}”, “@strong{Endorsements}”, or “@strong{History}”.) -To “@strong{Preserve the Title}” +specific section name mentioned below, such as “`Acknowledgements'”, +“`Dedications'”, “`Endorsements'”, or “`History'”.) +To “`Preserve the Title'” of such a section when you modify the Document means that it remains a section “Entitled XYZ” according to this definition. @@ -28903,7 +28945,7 @@ License, but only as regards disclaiming warranties: any other implication that these Warranty Disclaimers may have is void and has no effect on the meaning of this License. -@strong{2. VERBATIM COPYING} +`2. VERBATIM COPYING' You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the @@ -28918,7 +28960,7 @@ number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. -@strong{3. COPYING IN QUANTITY} +`3. COPYING IN QUANTITY' If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the @@ -28955,7 +28997,7 @@ It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. -@strong{4. MODIFICATIONS} +`4. MODIFICATIONS' You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release @@ -29072,7 +29114,7 @@ The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. -@strong{5. COMBINING DOCUMENTS} +`5. COMBINING DOCUMENTS' You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified @@ -29096,7 +29138,7 @@ in the various original documents, forming one section Entitled and any sections Entitled “Dedications”. You must delete all sections Entitled “Endorsements”. -@strong{6. COLLECTIONS OF DOCUMENTS} +`6. COLLECTIONS OF DOCUMENTS' You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this @@ -29109,7 +29151,7 @@ it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. -@strong{7. AGGREGATION WITH INDEPENDENT WORKS} +`7. AGGREGATION WITH INDEPENDENT WORKS' A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or @@ -29128,7 +29170,7 @@ electronic equivalent of covers if the Document is in electronic form. Otherwise they must appear on printed covers that bracket the whole aggregate. -@strong{8. TRANSLATION} +`8. TRANSLATION' Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. @@ -29148,7 +29190,7 @@ If a section in the Document is Entitled “Acknowledgements”, its Title (section 1) will typically require changing the actual title. -@strong{9. TERMINATION} +`9. TERMINATION' You may not copy, modify, sublicense, or distribute the Document except as expressly provided under this License. Any attempt @@ -29175,7 +29217,7 @@ this License. If your rights have been terminated and not permanently reinstated, receipt of a copy of some or all of the same material does not give you any rights to use it. -@strong{10. FUTURE REVISIONS OF THIS LICENSE} +`10. FUTURE REVISIONS OF THIS LICENSE' The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new @@ -29196,7 +29238,7 @@ License can be used, that proxy’s public statement of acceptance of a version permanently authorizes you to choose that version for the Document. -@strong{11. RELICENSING} +`11. RELICENSING' “Massive Multiauthor Collaboration Site” (or “MMC Site”) means any World Wide Web server that publishes copyrightable works and also @@ -29225,7 +29267,7 @@ The operator of an MMC Site may republish an MMC contained in the site under CC-BY-SA on the same site at any time before August 1, 2009, provided the MMC is eligible for relicensing. -@strong{ADDENDUM: How to use this License for your documents} +`ADDENDUM: How to use this License for your documents' To use this License in a document you have written, include a copy of the License in the document and put the following copyright and @@ -29266,8 +29308,8 @@ to permit their use in free software. @printindex ge -@anchor{cf}@w{ } @anchor{gnat_ugn/gnat_utility_programs switches-related-to-project-files}@w{ } +@anchor{cf}@w{ } @c %**end of body @bye diff --git a/gcc/ada/layout.adb b/gcc/ada/layout.adb index b6cdee0..e4187dd 100644 --- a/gcc/ada/layout.adb +++ b/gcc/ada/layout.adb @@ -1053,8 +1053,6 @@ package body Layout is -- derived types. declare - FST : constant Entity_Id := First_Subtype (E); - function Has_Attribute_Clause (E : Entity_Id; Id : Attribute_Id) return Boolean; @@ -1072,7 +1070,17 @@ package body Layout is return Present (Get_Attribute_Definition_Clause (E, Id)); end Has_Attribute_Clause; + FST : Entity_Id; + begin + FST := First_Subtype (E); + + -- Deal with private types + + if Is_Private_Type (FST) then + FST := Full_View (FST); + end if; + -- If the alignment comes from a clause, then we respect it. -- Consider for example: diff --git a/gcc/ada/libgnat/a-coinve.adb b/gcc/ada/libgnat/a-coinve.adb index c84175a..46d6730 100644 --- a/gcc/ada/libgnat/a-coinve.adb +++ b/gcc/ada/libgnat/a-coinve.adb @@ -197,12 +197,29 @@ is Count : Count_Type) is begin - -- In the general case, we pass the buck to Insert, but for efficiency, - -- we check for the usual case where Count = 1 and the vector has enough - -- room for at least one more element. + -- In the general case, we take the slow path; for efficiency, + -- we check for the common case where Count = 1 . - if Count = 1 - and then Container.Elements /= null + if Count = 1 then + Append (Container, New_Item); + else + Append_Slow_Path (Container, New_Item, Count); + end if; + end Append; + + ------------ + -- Append -- + ------------ + + procedure Append (Container : in out Vector; + New_Item : Element_Type) + is + begin + -- For performance, check for the common special case where the + -- container already has room for at least one more element. + -- In the general case, pass the buck to Insert. + + if Container.Elements /= null and then Container.Last /= Container.Elements.Last then TC_Check (Container.TC); @@ -223,23 +240,11 @@ is Container.Elements.EA (New_Last) := new Element_Type'(New_Item); Container.Last := New_Last; end; - else - Append_Slow_Path (Container, New_Item, Count); + Insert (Container, Last_Index (Container) + 1, New_Item, 1); end if; end Append; - ------------ - -- Append -- - ------------ - - procedure Append (Container : in out Vector; - New_Item : Element_Type) - is - begin - Insert (Container, Last_Index (Container) + 1, New_Item, 1); - end Append; - ---------------------- -- Append_Slow_Path -- ---------------------- diff --git a/gcc/ada/libgnat/a-convec.adb b/gcc/ada/libgnat/a-convec.adb index 3a2adae..751d468 100644 --- a/gcc/ada/libgnat/a-convec.adb +++ b/gcc/ada/libgnat/a-convec.adb @@ -173,27 +173,11 @@ is Count : Count_Type) is begin - -- In the general case, we pass the buck to Insert, but for efficiency, - -- we check for the usual case where Count = 1 and the vector has enough - -- room for at least one more element. - - if Count = 1 - and then Container.Elements /= null - and then Container.Last /= Container.Elements.Last - then - TC_Check (Container.TC); - - -- Increment Container.Last after assigning the New_Item, so we - -- leave the Container unmodified in case Finalize/Adjust raises - -- an exception. - - declare - New_Last : constant Index_Type := Container.Last + 1; - begin - Container.Elements.EA (New_Last) := New_Item; - Container.Last := New_Last; - end; + -- In the general case, we take the slow path; for efficiency, + -- we check for the common case where Count = 1 . + if Count = 1 then + Append (Container, New_Item); else Append_Slow_Path (Container, New_Item, Count); end if; @@ -222,7 +206,28 @@ is New_Item : Element_Type) is begin - Insert (Container, Last_Index (Container) + 1, New_Item, 1); + -- For performance, check for the common special case where the + -- container already has room for at least one more element. + -- In the general case, pass the buck to Insert. + + if Container.Elements /= null + and then Container.Last /= Container.Elements.Last + then + TC_Check (Container.TC); + + -- Increment Container.Last after assigning the New_Item, so we + -- leave the Container unmodified in case Finalize/Adjust raises + -- an exception. + + declare + New_Last : constant Index_Type := Container.Last + 1; + begin + Container.Elements.EA (New_Last) := New_Item; + Container.Last := New_Last; + end; + else + Insert (Container, Last_Index (Container) + 1, New_Item, 1); + end if; end Append; ---------------------- diff --git a/gcc/ada/libgnat/a-nbnbig.ads b/gcc/ada/libgnat/a-nbnbig.ads index f574e78..3979f14 100644 --- a/gcc/ada/libgnat/a-nbnbig.ads +++ b/gcc/ada/libgnat/a-nbnbig.ads @@ -32,6 +32,8 @@ package Ada.Numerics.Big_Numbers.Big_Integers_Ghost with Ghost, Pure is + pragma Annotate (GNATprove, Always_Return, Big_Integers_Ghost); + type Big_Integer is private with Integer_Literal => From_Universal_Image; diff --git a/gcc/ada/libgnat/a-strmap.adb b/gcc/ada/libgnat/a-strmap.adb index 77780f9..e092db0 100644 --- a/gcc/ada/libgnat/a-strmap.adb +++ b/gcc/ada/libgnat/a-strmap.adb @@ -290,6 +290,7 @@ is loop pragma Loop_Invariant (Seq1 (Seq1'First .. J) = Seq2 (Seq2'First .. J)); + pragma Loop_Variant (Increases => J); if J = Positive'Last then return; @@ -440,6 +441,7 @@ is (Character'Pos (C) >= Character'Pos (C'Loop_Entry)); pragma Loop_Invariant (for all Char in C'Loop_Entry .. C => not Set (Char)); + pragma Loop_Variant (Increases => C); exit when C = Character'Last; C := Character'Succ (C); end loop; @@ -457,6 +459,7 @@ is pragma Loop_Invariant (for all Char in C'Loop_Entry .. C => (if Char /= C then Set (Char))); + pragma Loop_Variant (Increases => C); exit when not Set (C) or else C = Character'Last; C := Character'Succ (C); end loop; @@ -491,6 +494,7 @@ is pragma Loop_Invariant (for all Span of Max_Ranges (1 .. Range_Num) => (for all Char in Span.Low .. Span.High => Set (Char))); + pragma Loop_Variant (Increases => Range_Num); end loop; return Max_Ranges (1 .. Range_Num); diff --git a/gcc/ada/libgnat/a-strsea.adb b/gcc/ada/libgnat/a-strsea.adb index 71a415f..652c797 100644 --- a/gcc/ada/libgnat/a-strsea.adb +++ b/gcc/ada/libgnat/a-strsea.adb @@ -113,6 +113,7 @@ package body Ada.Strings.Search with SPARK_Mode is pragma Loop_Invariant (Num <= Ind - (Source'First - 1)); pragma Loop_Invariant (Ind >= Source'First); + pragma Loop_Variant (Increases => Ind); end loop; -- Mapped case @@ -142,6 +143,7 @@ package body Ada.Strings.Search with SPARK_Mode is null; pragma Loop_Invariant (Num <= Ind - (Source'First - 1)); pragma Loop_Invariant (Ind >= Source'First); + pragma Loop_Variant (Increases => Ind); end loop; end if; @@ -200,6 +202,7 @@ package body Ada.Strings.Search with SPARK_Mode is null; pragma Loop_Invariant (Num <= Ind - (Source'First - 1)); pragma Loop_Invariant (Ind >= Source'First); + pragma Loop_Variant (Increases => Ind); end loop; return Num; diff --git a/gcc/ada/libgnat/s-aridou.adb b/gcc/ada/libgnat/s-aridou.adb index b40e4c3..52f2360 100644 --- a/gcc/ada/libgnat/s-aridou.adb +++ b/gcc/ada/libgnat/s-aridou.adb @@ -126,7 +126,7 @@ is Pre => B /= 0; -- Length doubling remainder - function Big_2xx (N : Natural) return Big_Integer is + function Big_2xx (N : Natural) return Big_Positive is (Big (Double_Uns'(2 ** N))) with Ghost, @@ -141,6 +141,13 @@ is with Ghost; -- X1&X2&X3 as a big integer + function Big3 (X1, X2, X3 : Big_Integer) return Big_Integer is + (Big_2xxSingle * Big_2xxSingle * X1 + + Big_2xxSingle * X2 + + X3) + with Ghost; + -- Version of Big3 on big integers + function Le3 (X1, X2, X3, Y1, Y2, Y3 : Single_Uns) return Boolean with Post => Le3'Result = (Big3 (X1, X2, X3) <= Big3 (Y1, Y2, Y3)); @@ -234,6 +241,17 @@ is Pre => X /= Double_Uns'Last, Post => Big (X + Double_Uns'(1)) = Big (X) + 1; + procedure Lemma_Big_Of_Double_Uns (X : Double_Uns) + with + Ghost, + Post => Big (X) < Big_2xxDouble; + + procedure Lemma_Big_Of_Double_Uns_Of_Single_Uns (X : Single_Uns) + with + Ghost, + Post => Big (Double_Uns (X)) >= 0 + and then Big (Double_Uns (X)) < Big_2xxSingle; + procedure Lemma_Bounded_Powers_Of_2_Increasing (M, N : Natural) with Ghost, @@ -447,9 +465,9 @@ is procedure Lemma_Mult_Non_Negative (X, Y : Big_Integer) with Ghost, - Pre => (X >= Big_0 and then Y >= Big_0) - or else (X <= Big_0 and then Y <= Big_0), - Post => X * Y >= Big_0; + Pre => (X >= 0 and then Y >= 0) + or else (X <= 0 and then Y <= 0), + Post => X * Y >= 0; procedure Lemma_Mult_Non_Positive (X, Y : Big_Integer) with @@ -458,6 +476,13 @@ is or else (X >= Big_0 and then Y <= Big_0), Post => X * Y <= Big_0; + procedure Lemma_Mult_Positive (X, Y : Big_Integer) + with + Ghost, + Pre => (X > Big_0 and then Y > Big_0) + or else (X < Big_0 and then Y < Big_0), + Post => X * Y > Big_0; + procedure Lemma_Neg_Div (X, Y : Big_Integer) with Ghost, @@ -604,6 +629,8 @@ is procedure Lemma_Abs_Range (X : Big_Integer) is null; procedure Lemma_Add_Commutation (X : Double_Uns; Y : Single_Uns) is null; procedure Lemma_Add_One (X : Double_Uns) is null; + procedure Lemma_Big_Of_Double_Uns (X : Double_Uns) is null; + procedure Lemma_Big_Of_Double_Uns_Of_Single_Uns (X : Single_Uns) is null; procedure Lemma_Bounded_Powers_Of_2_Increasing (M, N : Natural) is null; procedure Lemma_Deep_Mult_Commutation (Factor : Big_Integer; @@ -638,6 +665,7 @@ is procedure Lemma_Mult_Distribution (X, Y, Z : Big_Integer) is null; procedure Lemma_Mult_Non_Negative (X, Y : Big_Integer) is null; procedure Lemma_Mult_Non_Positive (X, Y : Big_Integer) is null; + procedure Lemma_Mult_Positive (X, Y : Big_Integer) is null; procedure Lemma_Neg_Rem (X, Y : Big_Integer) is null; procedure Lemma_Not_In_Range_Big2xx64 is null; procedure Lemma_Powers (A : Big_Natural; B, C : Natural) is null; @@ -1888,7 +1916,7 @@ is -- Local ghost variables - Mult : constant Big_Integer := abs (Big (X) * Big (Y)) with Ghost; + Mult : constant Big_Natural := abs (Big (X) * Big (Y)) with Ghost; Quot : Big_Integer with Ghost; Big_R : Big_Integer with Ghost; Big_Q : Big_Integer with Ghost; @@ -1955,6 +1983,15 @@ is -- Proves correctness of the multiplication of divisor by quotient to -- compute amount to subtract. + procedure Prove_Mult_Decomposition_Split3 + (D1, D2, D3, D3_Hi, D3_Lo, D4 : Big_Integer) + with + Ghost, + Pre => Is_Mult_Decomposition (D1, D2, D3, D4) + and then D3 = Big_2xxSingle * D3_Hi + D3_Lo, + Post => Is_Mult_Decomposition (D1, D2 + D3_Hi, D3_Lo, D4); + -- Proves decomposition of Mult after splitting third component + procedure Prove_Negative_Dividend with Ghost, @@ -2066,6 +2103,27 @@ is else abs Quot); -- Proves correctness of the rounding of the unsigned quotient + procedure Prove_Scaled_Mult_Decomposition_Regroup24 + (D1, D2, D3, D4 : Big_Integer) + with + Ghost, + Pre => Scale < Double_Size + and then Is_Scaled_Mult_Decomposition (D1, D2, D3, D4), + Post => Is_Scaled_Mult_Decomposition + (0, Big_2xxSingle * D1 + D2, 0, Big_2xxSingle * D3 + D4); + -- Proves scaled decomposition of Mult after regrouping on second and + -- fourth component. + + procedure Prove_Scaled_Mult_Decomposition_Regroup3 + (D1, D2, D3, D4 : Big_Integer) + with + Ghost, + Pre => Scale < Double_Size + and then Is_Scaled_Mult_Decomposition (D1, D2, D3, D4), + Post => Is_Scaled_Mult_Decomposition (0, 0, Big3 (D1, D2, D3), D4); + -- Proves scaled decomposition of Mult after regrouping on third + -- component. + procedure Prove_Sign_R with Ghost, @@ -2315,6 +2373,14 @@ is + Big (Double_Uns (S3)))); end Prove_Multiplication; + ------------------------------------- + -- Prove_Mult_Decomposition_Split3 -- + ------------------------------------- + + procedure Prove_Mult_Decomposition_Split3 + (D1, D2, D3, D3_Hi, D3_Lo, D4 : Big_Integer) + is null; + ----------------------------- -- Prove_Negative_Dividend -- ----------------------------- @@ -2413,6 +2479,22 @@ is end if; end Prove_Rounding_Case; + ----------------------------------------------- + -- Prove_Scaled_Mult_Decomposition_Regroup24 -- + ----------------------------------------------- + + procedure Prove_Scaled_Mult_Decomposition_Regroup24 + (D1, D2, D3, D4 : Big_Integer) + is null; + + ---------------------------------------------- + -- Prove_Scaled_Mult_Decomposition_Regroup3 -- + ---------------------------------------------- + + procedure Prove_Scaled_Mult_Decomposition_Regroup3 + (D1, D2, D3, D4 : Big_Integer) + is null; + ------------------ -- Prove_Sign_R -- ------------------ @@ -2585,29 +2667,15 @@ is T2 := D (3) + Lo (T1); Lemma_Add_Commutation (Double_Uns (D (3)), Lo (T1)); - pragma Assert - (Is_Mult_Decomposition - (D1 => 0, - D2 => Big (Double_Uns'(Xhi * Yhi)) + Big (Double_Uns (D (2))) - + Big (Double_Uns (Hi (T1))), - D3 => Big (T2), - D4 => Big (Double_Uns (D (4))))); Lemma_Hi_Lo (T2, Hi (T2), Lo (T2)); - pragma Assert - (By (Is_Mult_Decomposition - (D1 => 0, - D2 => Big (Double_Uns'(Xhi * Yhi)) + Big (Double_Uns (D (2))) - + Big (Double_Uns (Hi (T1))) + Big (Double_Uns (Hi (T2))), - D3 => Big (Double_Uns (Lo (T2))), - D4 => Big (Double_Uns (D (4)))), - By (Big_2xxSingle * Big (T2) = - Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (Hi (T2))) - + Big_2xxSingle * Big (Double_Uns (Lo (T2))), - Big_2xxSingle * - (Big_2xxSingle * Big (Double_Uns (Hi (T2))) - + Big (Double_Uns (Lo (T2)))) - = Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (Hi (T2))) - + Big_2xxSingle * Big (Double_Uns (Lo (T2)))))); + Prove_Mult_Decomposition_Split3 + (D1 => 0, + D2 => Big (Double_Uns'(Xhi * Yhi)) + Big (Double_Uns (D (2))) + + Big (Double_Uns (Hi (T1))), + D3 => Big (T2), + D3_Hi => Big (Double_Uns (Hi (T2))), + D3_Lo => Big (Double_Uns (Lo (T2))), + D4 => Big (Double_Uns (D (4)))); D (3) := Lo (T2); T3 := D (2) + Hi (T1); @@ -2807,8 +2875,20 @@ is pragma Assert (Mult >= Big_2xxSingle * Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (1)))); + Lemma_Double_Big_2xxSingle; + Lemma_Mult_Positive (Big_2xxDouble, Big_2xxSingle); + Lemma_Ge_Mult (Big (Double_Uns (D (1))), + 1, + Big_2xxDouble * Big_2xxSingle, + Big_2xxDouble * Big_2xxSingle); + Lemma_Mult_Positive (Big_2xxSingle, Big (Double_Uns (D (1)))); + Lemma_Ge_Mult (Big_2xxSingle * Big_2xxSingle, Big_2xxDouble, + Big_2xxSingle * Big (Double_Uns (D (1))), + Big_2xxDouble * Big_2xxSingle); pragma Assert (Mult >= Big_2xxDouble * Big_2xxSingle); Lemma_Ge_Commutation (2 ** Single_Size, Zu); + Lemma_Ge_Mult (Big_2xxSingle, Big (Zu), Big_2xxDouble, + Big_2xxDouble * Big (Zu)); pragma Assert (Mult >= Big_2xxDouble * Big (Zu)); else Lemma_Ge_Commutation (Double_Uns (D (2)), Zu); @@ -2887,6 +2967,13 @@ is Post => Shift / 2 = 2 ** (Log_Single_Size - (Inter + 1)) and then (Shift = 2 or (Shift / 2) mod 2 = 0); + procedure Prove_Prev_And_Mask (Prev, Mask : Single_Uns) + with + Ghost, + Pre => Prev /= 0 + and then (Prev and Mask) = 0, + Post => (Prev and not Mask) /= 0; + procedure Prove_Shift_Progress with Ghost, @@ -2918,6 +3005,7 @@ is -- Local lemma null bodies -- ----------------------------- + procedure Prove_Prev_And_Mask (Prev, Mask : Single_Uns) is null; procedure Prove_Power is null; procedure Prove_Shifting is null; procedure Prove_Shift_Progress is null; @@ -2941,6 +3029,15 @@ is if (Hi (Zu) and Mask) = 0 then Zu := Shift_Left (Zu, Shift); + pragma Assert ((Hi (Zu_Prev) and Mask_Prev) /= 0); + pragma Assert + (By ((Hi (Zu_Prev) and Mask_Prev and Mask) = 0, + (Hi (Zu_Prev) and Mask) = 0 + and then + (Hi (Zu_Prev) and Mask_Prev and Mask) + = (Hi (Zu_Prev) and Mask and Mask_Prev) + )); + Prove_Prev_And_Mask (Hi (Zu_Prev) and Mask_Prev, Mask); Prove_Shifting; pragma Assert (Big (Zu_Prev) = Big (Double_Uns'(abs Z)) * Big_2xx (Scale)); @@ -2986,6 +3083,7 @@ is -- not change the invariant that (D (1) & D (2)) < Zu. Lemma_Lt_Commutation (D (1) & D (2), abs Z); + Lemma_Big_Of_Double_Uns (Zu); Lemma_Lt_Mult (Big (D (1) & D (2)), Big (Double_Uns'(abs Z)), Big_2xx (Scale), Big_2xxDouble); @@ -3007,82 +3105,21 @@ is * Big (Double_Uns (Hi (T1))) = Big_2xxSingle * Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (1)))); - - pragma Assert - (Is_Scaled_Mult_Decomposition - (Big (Double_Uns (D (1))), - Big (Double_Uns (D (2))), - Big (Double_Uns (D (3))), - Big (Double_Uns (D (4))))); - pragma Assert - (By (Is_Scaled_Mult_Decomposition - (0, - 0, - Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (1))) - + Big_2xxSingle * Big (Double_Uns (D (2))) - + Big (Double_Uns (D (3))), - Big (Double_Uns (D (4)))), - Big_2xxSingle * - (Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (1))) - + Big_2xxSingle * Big (Double_Uns (D (2))) - + Big (Double_Uns (D (3)))) - + Big (Double_Uns (D (4))) = - Big_2xxSingle * - Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (1))) - + Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (2))) - + Big_2xxSingle * Big (Double_Uns (D (3))) - + Big (Double_Uns (D (4))) - and then - (By (Mult * Big_2xx (Scale) = - Big_2xxSingle * - Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (1))) - + Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (2))) - + Big_2xxSingle * Big (Double_Uns (D (3))) - + Big (Double_Uns (D (4))), - Is_Scaled_Mult_Decomposition - (Big (Double_Uns (D (1))), - Big (Double_Uns (D (2))), - Big (Double_Uns (D (3))), - Big (Double_Uns (D (4)))))))); - Lemma_Substitution - (Mult * Big_2xx (Scale), Big_2xxSingle, - Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (1))) - + Big_2xxSingle * Big (Double_Uns (D (2))) - + Big (Double_Uns (D (3))), - Big3 (D (1), D (2), D (3)), - Big (Double_Uns (D (4)))); Lemma_Substitution (Big_2xxDouble * Big (Zu), Big_2xxDouble, Big (Zu), Big (Double_Uns'(abs Z)) * Big_2xx (Scale), 0); Lemma_Lt_Mult (Mult, Big_2xxDouble * Big (Double_Uns'(abs Z)), Big_2xx (Scale), Big_2xxDouble * Big (Zu)); + pragma Assert (Mult >= Big_0); + pragma Assert (Big_2xx (Scale) >= Big_0); + Lemma_Mult_Non_Negative (Mult, Big_2xx (Scale)); Lemma_Div_Lt (Mult * Big_2xx (Scale), Big (Zu), Big_2xxDouble); Lemma_Concat_Definition (D (1), D (2)); Lemma_Double_Big_2xxSingle; - pragma Assert - (Big_2xxSingle * - (Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (1))) - + Big_2xxSingle * Big (Double_Uns (D (2))) - + Big (Double_Uns (D (3)))) - + Big (Double_Uns (D (4))) - = Big_2xxSingle * Big_2xxSingle * - (Big_2xxSingle * Big (Double_Uns (D (1))) - + Big (Double_Uns (D (2)))) - + Big_2xxSingle * Big (Double_Uns (D (3))) - + Big (Double_Uns (D (4)))); - pragma Assert - (By (Is_Scaled_Mult_Decomposition - (0, - Big_2xxSingle * Big (Double_Uns (D (1))) - + Big (Double_Uns (D (2))), - 0, - Big_2xxSingle * Big (Double_Uns (D (3))) - + Big (Double_Uns (D (4)))), - Big_2xxSingle * Big_2xxSingle * - (Big_2xxSingle * Big (Double_Uns (D (1))) - + Big (Double_Uns (D (2)))) = - Big_2xxSingle * - Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (1))) - + Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (2))))); + Prove_Scaled_Mult_Decomposition_Regroup24 + (Big (Double_Uns (D (1))), + Big (Double_Uns (D (2))), + Big (Double_Uns (D (3))), + Big (Double_Uns (D (4)))); Lemma_Substitution (Mult * Big_2xx (Scale), Big_2xxSingle * Big_2xxSingle, Big_2xxSingle * Big (Double_Uns (D (1))) @@ -3115,10 +3152,20 @@ is -- Local ghost variables Qd1 : Single_Uns := 0 with Ghost; + D234 : Big_Integer := 0 with Ghost; D123 : constant Big_Integer := Big3 (D (1), D (2), D (3)) with Ghost; + D4 : constant Big_Integer := Big (Double_Uns (D (4))) + with Ghost; begin + Prove_Scaled_Mult_Decomposition_Regroup3 + (Big (Double_Uns (D (1))), + Big (Double_Uns (D (2))), + Big (Double_Uns (D (3))), + Big (Double_Uns (D (4)))); + pragma Assert (Mult * Big_2xx (Scale) = Big_2xxSingle * D123 + D4); + for J in 1 .. 2 loop Lemma_Hi_Lo (D (J) & D (J + 1), D (J), D (J + 1)); pragma Assert (Big (D (J) & D (J + 1)) < Big (Zu)); @@ -3138,6 +3185,7 @@ is Qd (J) := Single_Uns'Last; Lemma_Concat_Definition (D (J), D (J + 1)); + Lemma_Big_Of_Double_Uns_Of_Single_Uns (D (J + 2)); pragma Assert (Big_2xxSingle > Big (Double_Uns (D (J + 2)))); pragma Assert (Big3 (D (J), D (J + 1), 0) + Big_2xxSingle > Big3 (D (J), D (J + 1), D (J + 2))); @@ -3158,6 +3206,8 @@ is Lemma_Div_Lt (Big3 (D (J), D (J + 1), D (J + 2)), Big_2xxSingle, Big (Zu)); + pragma Assert (Big (Double_Uns (Qd (J))) >= + Big3 (D (J), D (J + 1), D (J + 2)) / Big (Zu)); else Qd (J) := Lo ((D (J) & D (J + 1)) / Zhi); @@ -3165,6 +3215,7 @@ is Prove_Qd_Calculation_Part_1 (J); end if; + pragma Assert (for all K in 1 .. J => Qd (K)'Initialized); Lemma_Gt_Mult (Big (Double_Uns (Qd (J))), Big3 (D (J), D (J + 1), D (J + 2)) / Big (Zu), @@ -3199,7 +3250,9 @@ is Lemma_Hi_Lo_3 (Zu, Zhi, Zlo); while not Le3 (S1, S2, S3, D (J), D (J + 1), D (J + 2)) loop - pragma Loop_Invariant (Qd (J)'Initialized); + pragma Loop_Invariant + (for all K in 1 .. J => Qd (K)'Initialized); + pragma Loop_Invariant (if J = 2 then Qd (1) = Qd1); pragma Loop_Invariant (Big3 (S1, S2, S3) = Big (Double_Uns (Qd (J))) * Big (Zu)); pragma Loop_Invariant @@ -3240,6 +3293,7 @@ is -- Now subtract S1&S2&S3 from D1&D2&D3 ready for next step + pragma Assert (for all K in 1 .. J => Qd (K)'Initialized); pragma Assert (Big3 (S1, S2, S3) = Big (Double_Uns (Qd (J))) * Big (Zu)); pragma Assert (Big3 (S1, S2, S3) > @@ -3256,19 +3310,32 @@ is * Big_2xxSingle * Big (Double_Uns (D (J))) + Big_2xxSingle * Big (Double_Uns (D (J + 1))) + Big (Double_Uns (D (J + 2)))); - pragma Assert (Big3 (D (J), D (J + 1), D (J + 2)) = - Big_2xxDouble * Big (Double_Uns (D (J))) - + Big_2xxSingle * Big (Double_Uns (D (J + 1))) - + Big (Double_Uns (D (J + 2)))); pragma Assert (Big_2xxSingle >= 0); + Lemma_Big_Of_Double_Uns_Of_Single_Uns (D (J + 1)); pragma Assert (Big (Double_Uns (D (J + 1))) >= 0); + Lemma_Mult_Non_Negative + (Big_2xxSingle, Big (Double_Uns (D (J + 1)))); pragma Assert - (Big_2xxSingle * Big (Double_Uns (D (J + 1))) >= 0); - pragma Assert - (Big_2xxSingle * Big (Double_Uns (D (J + 1))) - + Big (Double_Uns (D (J + 2))) >= 0); - pragma Assert (Big3 (D (J), D (J + 1), D (J + 2)) >= - Big_2xxDouble * Big (Double_Uns (D (J)))); + (By (Big3 (D (J), D (J + 1), D (J + 2)) >= + Big_2xxSingle * Big_2xxSingle + * Big (Double_Uns (D (J))), + By (Big3 (D (J), D (J + 1), D (J + 2)) + - Big_2xxSingle * Big_2xxSingle + * Big (Double_Uns (D (J))) + = Big_2xxSingle * Big (Double_Uns (D (J + 1))) + + Big (Double_Uns (D (J + 2))), + Big3 (D (J), D (J + 1), D (J + 2)) = + Big_2xxSingle + * Big_2xxSingle * Big (Double_Uns (D (J))) + + Big_2xxSingle * Big (Double_Uns (D (J + 1))) + + Big (Double_Uns (D (J + 2)))) + and then + By (Big_2xxSingle * Big (Double_Uns (D (J + 1))) + + Big (Double_Uns (D (J + 2))) >= 0, + Big_2xxSingle * Big (Double_Uns (D (J + 1))) >= 0 + and then + Big (Double_Uns (D (J + 2))) >= 0 + ))); Lemma_Ge_Commutation (Double_Uns (D (J)), Double_Uns'(1)); Lemma_Ge_Mult (Big (Double_Uns (D (J))), Big (Double_Uns'(1)), @@ -3283,6 +3350,8 @@ is if J = 1 then Qd1 := Qd (1); + D234 := Big3 (D (2), D (3), D (4)); + pragma Assert (D4 = Big (Double_Uns (D (4)))); Lemma_Substitution (Mult * Big_2xx (Scale), Big_2xxSingle, D123, Big3 (D (1), D (2), D (3)) + Big3 (S1, S2, S3), @@ -3291,23 +3360,38 @@ is Lemma_Substitution (Mult * Big_2xx (Scale), Big_2xxSingle, Big3 (S1, S2, S3), Big (Double_Uns (Qd1)) * Big (Zu), - Big3 (D (2), D (3), D (4))); + D234); else pragma Assert (Qd1 = Qd (1)); pragma Assert - (Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (2))) - = 0); - pragma Assert - (Mult * Big_2xx (Scale) = - Big_2xxSingle * Big (Double_Uns (Qd (1))) * Big (Zu) + (By (Mult * Big_2xx (Scale) = + Big_2xxSingle * Big (Double_Uns (Qd1)) * Big (Zu) + Big3 (S1, S2, S3) - + Big3 (D (2), D (3), D (4))); + + Big3 (D (2), D (3), D (4)), + Big3 (D (2), D (3), D (4)) = D234 - Big3 (S1, S2, S3))); pragma Assert - (Mult * Big_2xx (Scale) = + (By (Mult * Big_2xx (Scale) = Big_2xxSingle * Big (Double_Uns (Qd (1))) * Big (Zu) + Big (Double_Uns (Qd (2))) * Big (Zu) + Big_2xxSingle * Big (Double_Uns (D (3))) - + Big (Double_Uns (D (4)))); + + Big (Double_Uns (D (4))), + Big_2xxSingle * Big (Double_Uns (Qd (1))) * Big (Zu) + = Big_2xxSingle * Big (Double_Uns (Qd1)) * Big (Zu) + and then + Big3 (S1, S2, S3) = Big (Double_Uns (Qd (2))) * Big (Zu) + and then + By (Big3 (D (2), D (3), D (4)) + = Big_2xxSingle * Big (Double_Uns (D (3))) + + Big (Double_Uns (D (4))), + Big3 (D (2), D (3), D (4)) + = Big_2xxSingle * Big_2xxSingle * + Big (Double_Uns (D (2))) + + Big_2xxSingle * Big (Double_Uns (D (3))) + + Big (Double_Uns (D (4))) + and then + Big_2xxSingle * Big_2xxSingle * Big (Double_Uns (D (2))) + = 0) + )); end if; end loop; end; @@ -3319,6 +3403,7 @@ is -- We rescale the divisor as well, to make the proper comparison -- for rounding below. + pragma Assert (for all K in 1 .. 2 => Qd (K)'Initialized); Qu := Qd (1) & Qd (2); Ru := D (3) & D (4); @@ -3440,14 +3525,14 @@ is Ghost, Pre => X2 < Y2, Post => Big3 (X1, X2 - Y2, X3) - = Big3 (X1, X2, X3) + Big3 (1, 0, 0) - Big3 (0, Y2, 0); + = Big3 (X1, X2, X3) + Big3 (Single_Uns'(1), 0, 0) - Big3 (0, Y2, 0); procedure Lemma_Sub3_With_Carry3 (X1, X2, X3, Y3 : Single_Uns) with Ghost, Pre => X3 < Y3, Post => Big3 (X1, X2, X3 - Y3) - = Big3 (X1, X2, X3) + Big3 (0, 1, 0) - Big3 (0, 0, Y3); + = Big3 (X1, X2, X3) + Big3 (Single_Uns'(0), 1, 0) - Big3 (0, 0, Y3); ------------------------- -- Lemma_Add3_No_Carry -- @@ -3522,10 +3607,12 @@ is X1 := X1 - 1; pragma Assert - (Big3 (X1, X2, X3) = Big3 (XX1, XX2, XX3) - Big3 (1, 0, 0)); + (Big3 (X1, X2, X3) = + Big3 (XX1, XX2, XX3) - Big3 (Single_Uns'(1), 0, 0)); pragma Assert (Big3 (X1, X2, X3) = Big3 (XX1, XX2, XX3) - - Big3 (0, Single_Uns'Last, 0) - Big3 (0, 1, 0)); + - Big3 (Single_Uns'(0), Single_Uns'Last, 0) + - Big3 (Single_Uns'(0), 1, 0)); Lemma_Add3_No_Carry (X1, X2, X3, 0, Single_Uns'Last, 0); else Lemma_Sub3_No_Carry (X1, X2, X3, 0, 1, 0); @@ -3534,7 +3621,8 @@ is X2 := X2 - 1; pragma Assert - (Big3 (X1, X2, X3) = Big3 (XX1, XX2, XX3) - Big3 (0, 1, 0)); + (Big3 (X1, X2, X3) = + Big3 (XX1, XX2, XX3) - Big3 (Single_Uns'(0), 1, 0)); Lemma_Sub3_With_Carry3 (X1, X2, X3, Y3); else Lemma_Sub3_No_Carry (X1, X2, X3, 0, 0, Y3); @@ -3553,7 +3641,7 @@ is pragma Assert (Big3 (X1, X2, X3) = Big3 (XX1, XX2, XX3) - - Big3 (0, 0, Y3) - Big3 (1, 0, 0)); + - Big3 (0, 0, Y3) - Big3 (Single_Uns'(1), 0, 0)); Lemma_Sub3_With_Carry2 (X1, X2, X3, Y2); else Lemma_Sub3_No_Carry (X1, X2, X3, 0, Y2, 0); diff --git a/gcc/ada/libgnat/s-aridou.ads b/gcc/ada/libgnat/s-aridou.ads index 29e13a5..08af4f5 100644 --- a/gcc/ada/libgnat/s-aridou.ads +++ b/gcc/ada/libgnat/s-aridou.ads @@ -69,6 +69,7 @@ is package BI_Ghost renames Ada.Numerics.Big_Numbers.Big_Integers_Ghost; subtype Big_Integer is BI_Ghost.Big_Integer with Ghost; subtype Big_Natural is BI_Ghost.Big_Natural with Ghost; + subtype Big_Positive is BI_Ghost.Big_Positive with Ghost; use type BI_Ghost.Big_Integer; package Signed_Conversion is diff --git a/gcc/ada/libgnat/s-expmod.adb b/gcc/ada/libgnat/s-expmod.adb index 527338d..f1fdf71 100644 --- a/gcc/ada/libgnat/s-expmod.adb +++ b/gcc/ada/libgnat/s-expmod.adb @@ -106,6 +106,13 @@ is ------------------- procedure Lemma_Add_Mod (X, Y : Big_Natural; B : Big_Positive) is + + procedure Lemma_Euclidean_Mod (Q, F, R : Big_Natural) with + Pre => F /= 0, + Post => (Q * F + R) mod F = R mod F; + + procedure Lemma_Euclidean_Mod (Q, F, R : Big_Natural) is null; + Left : constant Big_Natural := (X + Y) mod B; Right : constant Big_Natural := ((X mod B) + (Y mod B)) mod B; XQuot : constant Big_Natural := X / B; @@ -119,6 +126,8 @@ is (Left = ((XQuot + YQuot) * B + X mod B + Y mod B) mod B); pragma Assert (X mod B + Y mod B = AQuot * B + Right); pragma Assert (Left = ((XQuot + YQuot + AQuot) * B + Right) mod B); + Lemma_Euclidean_Mod (XQuot + YQuot + AQuot, B, Right); + pragma Assert (Left = (Right mod B)); pragma Assert (Left = Right); end if; end Lemma_Add_Mod; @@ -259,6 +268,7 @@ is pragma Assert (Equal_Modulo ((Big (Result) * Big (Factor)) * Big (Factor) ** (Exp - 1), Big (Left) ** Right)); + pragma Assert (Big (Factor) >= 0); Lemma_Mult_Mod (Big (Result) * Big (Factor), Big (Factor) ** (Exp - 1), Big (Modulus)); diff --git a/gcc/ada/libgnat/s-imagef.adb b/gcc/ada/libgnat/s-imagef.adb index fd8e848..bfe8540 100644 --- a/gcc/ada/libgnat/s-imagef.adb +++ b/gcc/ada/libgnat/s-imagef.adb @@ -31,7 +31,8 @@ with System.Image_I; with System.Img_Util; use System.Img_Util; -with System.Val_Util; +with System.Value_I_Spec; +with System.Value_U_Spec; package body System.Image_F is @@ -69,70 +70,16 @@ package body System.Image_F is -- if the small is larger than 1, and smaller than 2**(Int'Size - 1) / 10 -- if the small is smaller than 1. - -- Define ghost subprograms without implementation (marked as Import) to - -- create a suitable package Int_Params for type Int, as instantiations - -- of System.Image_F use for this type one of the derived integer types - -- defined in Interfaces, instead of the standard signed integer types - -- which are used to define System.Img_*.Int_Params. - - type Uns_Option (Overflow : Boolean := False) is record - case Overflow is - when True => - null; - when False => - Value : Uns := 0; - end case; - end record; - Unsigned_Width_Ghost : constant Natural := Int'Width; - function Wrap_Option (Value : Uns) return Uns_Option - with Ghost, Import; - function Only_Decimal_Ghost - (Str : String; - From, To : Integer) - return Boolean - with Ghost, Import; - function Hexa_To_Unsigned_Ghost (X : Character) return Uns - with Ghost, Import; - function Scan_Based_Number_Ghost - (Str : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - return Uns_Option - with Ghost, Import; - function Is_Integer_Ghost (Str : String) return Boolean - with Ghost, Import; - procedure Prove_Iter_Scan_Based_Number_Ghost - (Str1, Str2 : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - with Ghost, Import; - procedure Prove_Scan_Only_Decimal_Ghost (Str : String; Val : Int) - with Ghost, Import; - function Abs_Uns_Of_Int (Val : Int) return Uns - with Ghost, Import; - function Value_Integer (Str : String) return Int - with Ghost, Import; - - package Int_Params is new Val_Util.Int_Params - (Int => Int, - Uns => Uns, - Uns_Option => Uns_Option, - Unsigned_Width_Ghost => Unsigned_Width_Ghost, - Wrap_Option => Wrap_Option, - Only_Decimal_Ghost => Only_Decimal_Ghost, - Hexa_To_Unsigned_Ghost => Hexa_To_Unsigned_Ghost, - Scan_Based_Number_Ghost => Scan_Based_Number_Ghost, - Is_Integer_Ghost => Is_Integer_Ghost, - Prove_Iter_Scan_Based_Number_Ghost => Prove_Iter_Scan_Based_Number_Ghost, - Prove_Scan_Only_Decimal_Ghost => Prove_Scan_Only_Decimal_Ghost, - Abs_Uns_Of_Int => Abs_Uns_Of_Int, - Value_Integer => Value_Integer); - - package Image_I is new System.Image_I (Int_Params); + package Uns_Spec is new System.Value_U_Spec (Uns); + package Int_Spec is new System.Value_I_Spec (Int, Uns, Uns_Spec.Uns_Params); + + package Image_I is new System.Image_I + (Int => Int, + Uns => Uns, + Unsigned_Width_Ghost => Unsigned_Width_Ghost, + Int_Params => Int_Spec.Int_Params); procedure Set_Image_Integer (V : Int; diff --git a/gcc/ada/libgnat/s-imagei.adb b/gcc/ada/libgnat/s-imagei.adb index ff853d3..8997e3c 100644 --- a/gcc/ada/libgnat/s-imagei.adb +++ b/gcc/ada/libgnat/s-imagei.adb @@ -46,42 +46,6 @@ package body System.Image_I is Post => Ignore, Subprogram_Variant => Ignore); - -- As a use_clause for Int_Params cannot be used for instances of this - -- generic in System specs, rename all constants and subprograms. - - Unsigned_Width_Ghost : constant Natural := Int_Params.Unsigned_Width_Ghost; - - function Wrap_Option (Value : Uns) return Uns_Option - renames Int_Params.Wrap_Option; - function Only_Decimal_Ghost - (Str : String; - From, To : Integer) - return Boolean - renames Int_Params.Only_Decimal_Ghost; - function Hexa_To_Unsigned_Ghost (X : Character) return Uns - renames Int_Params.Hexa_To_Unsigned_Ghost; - function Scan_Based_Number_Ghost - (Str : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - return Uns_Option - renames Int_Params.Scan_Based_Number_Ghost; - function Is_Integer_Ghost (Str : String) return Boolean - renames Int_Params.Is_Integer_Ghost; - procedure Prove_Iter_Scan_Based_Number_Ghost - (Str1, Str2 : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - renames Int_Params.Prove_Iter_Scan_Based_Number_Ghost; - procedure Prove_Scan_Only_Decimal_Ghost (Str : String; Val : Int) - renames Int_Params.Prove_Scan_Only_Decimal_Ghost; - function Abs_Uns_Of_Int (Val : Int) return Uns - renames Int_Params.Abs_Uns_Of_Int; - function Value_Integer (Str : String) return Int - renames Int_Params.Value_Integer; - subtype Non_Positive is Int range Int'First .. 0; function Uns_Of_Non_Positive (T : Non_Positive) return Uns is @@ -99,9 +63,9 @@ package body System.Image_I is and then P <= S'Last - Unsigned_Width_Ghost + 1, Post => S (S'First .. P'Old) = S'Old (S'First .. P'Old) and then P in P'Old + 1 .. S'Last - and then Only_Decimal_Ghost (S, From => P'Old + 1, To => P) - and then Scan_Based_Number_Ghost (S, From => P'Old + 1, To => P) - = Wrap_Option (Uns_Of_Non_Positive (T)); + and then UP.Only_Decimal_Ghost (S, From => P'Old + 1, To => P) + and then UP.Scan_Based_Number_Ghost (S, From => P'Old + 1, To => P) + = UP.Wrap_Option (Uns_Of_Non_Positive (T)); -- Set digits of absolute value of T, which is zero or negative. We work -- with the negative of the value so that the largest negative number is -- not a special case. @@ -182,11 +146,12 @@ package body System.Image_I is and then P in 2 .. S'Last and then S (1) in ' ' | '-' and then (S (1) = '-') = (V < 0) - and then Only_Decimal_Ghost (S, From => 2, To => P) - and then Scan_Based_Number_Ghost (S, From => 2, To => P) - = Wrap_Option (Abs_Uns_Of_Int (V)), - Post => Is_Integer_Ghost (S (1 .. P)) - and then Value_Integer (S (1 .. P)) = V; + and then UP.Only_Decimal_Ghost (S, From => 2, To => P) + and then UP.Scan_Based_Number_Ghost (S, From => 2, To => P) + = UP.Wrap_Option (IP.Abs_Uns_Of_Int (V)), + Post => not System.Val_Util.Only_Space_Ghost (S, 1, P) + and then IP.Is_Integer_Ghost (S (1 .. P)) + and then IP.Is_Value_Integer_Ghost (S (1 .. P), V); -- Ghost lemma to prove the value of Value_Integer from the value of -- Scan_Based_Number_Ghost and the sign on a decimal string. @@ -198,11 +163,14 @@ package body System.Image_I is Str : constant String := S (1 .. P); begin pragma Assert (Str'First = 1); - pragma Assert (Only_Decimal_Ghost (Str, From => 2, To => P)); - Prove_Iter_Scan_Based_Number_Ghost (S, Str, From => 2, To => P); - pragma Assert (Scan_Based_Number_Ghost (Str, From => 2, To => P) - = Wrap_Option (Abs_Uns_Of_Int (V))); - Prove_Scan_Only_Decimal_Ghost (Str, V); + pragma Assert (Str (2) /= ' '); + pragma Assert + (UP.Only_Decimal_Ghost (Str, From => 2, To => P)); + UP.Prove_Scan_Based_Number_Ghost_Eq (S, Str, From => 2, To => P); + pragma Assert + (UP.Scan_Based_Number_Ghost (Str, From => 2, To => P) + = UP.Wrap_Option (IP.Abs_Uns_Of_Int (V))); + IP.Prove_Scan_Only_Decimal_Ghost (Str, V); end Prove_Value_Integer; -- Start of processing for Image_Integer @@ -226,6 +194,8 @@ package body System.Image_I is pragma Assert (P_Prev + Offset = 2); end; + pragma Assert (if V >= 0 then S (1) = ' '); + pragma Assert (S (1) in ' ' | '-'); Prove_Value_Integer; end Image_Integer; @@ -248,42 +218,78 @@ package body System.Image_I is S_Init : constant String := S with Ghost; Uns_T : constant Uns := Uns_Of_Non_Positive (T) with Ghost; Uns_Value : Uns := Uns_Of_Non_Positive (Value) with Ghost; - Prev, Cur : Uns_Option with Ghost; Prev_Value : Uns with Ghost; Prev_S : String := S with Ghost; -- Local ghost lemmas - procedure Prove_Character_Val (RU : Uns; RI : Int) + procedure Prove_Character_Val (RU : Uns; RI : Non_Positive) with Ghost, - Pre => RU in 0 .. 9 - and then RI in 0 .. 9, - Post => Character'Val (48 + RU) in '0' .. '9' - and then Character'Val (48 + RI) in '0' .. '9'; + Post => RU rem 10 in 0 .. 9 + and then -(RI rem 10) in 0 .. 9 + and then Character'Val (48 + RU rem 10) in '0' .. '9' + and then Character'Val (48 - RI rem 10) in '0' .. '9'; -- Ghost lemma to prove the value of a character corresponding to the -- next figure. + procedure Prove_Euclidian (Val, Quot, Rest : Uns) + with + Ghost, + Pre => Quot = Val / 10 + and then Rest = Val rem 10, + Post => Uns'Last - Rest >= 10 * Quot and then Val = 10 * Quot + Rest; + -- Ghost lemma to prove the relation between the quotient/remainder of + -- division by 10 and the initial value. + procedure Prove_Hexa_To_Unsigned_Ghost (RU : Uns; RI : Int) with Ghost, Pre => RU in 0 .. 9 and then RI in 0 .. 9, - Post => Hexa_To_Unsigned_Ghost (Character'Val (48 + RU)) = RU - and then Hexa_To_Unsigned_Ghost (Character'Val (48 + RI)) = Uns (RI); + Post => UP.Hexa_To_Unsigned_Ghost + (Character'Val (48 + RU)) = RU + and then UP.Hexa_To_Unsigned_Ghost + (Character'Val (48 + RI)) = Uns (RI); -- Ghost lemma to prove that Hexa_To_Unsigned_Ghost returns the source -- figure when applied to the corresponding character. - procedure Prove_Unchanged - with - Ghost, - Pre => P <= S'Last - and then S_Init'First = S'First - and then S_Init'Last = S'Last - and then (for all K in S'First .. P => S (K) = S_Init (K)), - Post => S (S'First .. P) = S_Init (S'First .. P); - -- Ghost lemma to prove that the part of string S before P has not been - -- modified. + procedure Prove_Scan_Iter + (S, Prev_S : String; + V, Prev_V, Res : Uns; + P, Max : Natural) + with + Ghost, + Pre => + S'First = Prev_S'First and then S'Last = Prev_S'Last + and then S'Last < Natural'Last and then + Max in S'Range and then P in S'First .. Max and then + (for all I in P + 1 .. Max => Prev_S (I) in '0' .. '9') + and then (for all I in P + 1 .. Max => Prev_S (I) = S (I)) + and then S (P) in '0' .. '9' + and then V <= Uns'Last / 10 + and then Uns'Last - UP.Hexa_To_Unsigned_Ghost (S (P)) + >= 10 * V + and then Prev_V = + V * 10 + UP.Hexa_To_Unsigned_Ghost (S (P)) + and then + (if P = Max then Prev_V = Res + else UP.Scan_Based_Number_Ghost + (Str => Prev_S, + From => P + 1, + To => Max, + Base => 10, + Acc => Prev_V) = UP.Wrap_Option (Res)), + Post => + (for all I in P .. Max => S (I) in '0' .. '9') + and then UP.Scan_Based_Number_Ghost + (Str => S, + From => P, + To => Max, + Base => 10, + Acc => V) = UP.Wrap_Option (Res); + -- Ghost lemma to prove that Scan_Based_Number_Ghost is preserved + -- through an iteration of the loop. procedure Prove_Uns_Of_Non_Positive_Value with @@ -294,50 +300,44 @@ package body System.Image_I is -- Ghost lemma to prove that the relation between Value and its unsigned -- version is preserved. - procedure Prove_Iter_Scan - (Str1, Str2 : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - with - Ghost, - Pre => Str1'Last /= Positive'Last - and then - (From > To or else (From >= Str1'First and then To <= Str1'Last)) - and then Only_Decimal_Ghost (Str1, From, To) - and then Str1'First = Str2'First - and then Str1'Last = Str2'Last - and then (for all J in From .. To => Str1 (J) = Str2 (J)), - Post => - Scan_Based_Number_Ghost (Str1, From, To, Base, Acc) - = Scan_Based_Number_Ghost (Str2, From, To, Base, Acc); - -- Ghost lemma to prove that the result of Scan_Based_Number_Ghost only - -- depends on the value of the argument string in the (From .. To) range - -- of indexes. This is a wrapper on Prove_Iter_Scan_Based_Number_Ghost - -- so that we can call it here on ghost arguments. - ----------------------------- -- Local lemma null bodies -- ----------------------------- - procedure Prove_Character_Val (RU : Uns; RI : Int) is null; + procedure Prove_Character_Val (RU : Uns; RI : Non_Positive) is null; + procedure Prove_Euclidian (Val, Quot, Rest : Uns) is null; procedure Prove_Hexa_To_Unsigned_Ghost (RU : Uns; RI : Int) is null; - procedure Prove_Unchanged is null; procedure Prove_Uns_Of_Non_Positive_Value is null; --------------------- - -- Prove_Iter_Scan -- + -- Prove_Scan_Iter -- --------------------- - procedure Prove_Iter_Scan - (Str1, Str2 : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) + procedure Prove_Scan_Iter + (S, Prev_S : String; + V, Prev_V, Res : Uns; + P, Max : Natural) is + pragma Unreferenced (Res); begin - Prove_Iter_Scan_Based_Number_Ghost (Str1, Str2, From, To, Base, Acc); - end Prove_Iter_Scan; + UP.Lemma_Scan_Based_Number_Ghost_Step + (Str => S, + From => P, + To => Max, + Base => 10, + Acc => V); + if P < Max then + UP.Prove_Scan_Based_Number_Ghost_Eq + (Prev_S, S, P + 1, Max, 10, Prev_V); + else + UP.Lemma_Scan_Based_Number_Ghost_Base + (Str => S, + From => P + 1, + To => Max, + Base => 10, + Acc => Prev_V); + end if; + end Prove_Scan_Iter; -- Start of processing for Set_Digits @@ -383,13 +383,9 @@ package body System.Image_I is for J in reverse 1 .. Nb_Digits loop Lemma_Div_Commutation (Uns_Value, 10); Lemma_Div_Twice (Big (Uns_T), Big_10 ** (Nb_Digits - J), Big_10); - Prove_Character_Val (Uns_Value rem 10, -(Value rem 10)); + Prove_Character_Val (Uns_Value, Value); Prove_Hexa_To_Unsigned_Ghost (Uns_Value rem 10, -(Value rem 10)); Prove_Uns_Of_Non_Positive_Value; - pragma Assert (Uns_Value rem 10 = Uns_Of_Non_Positive (Value rem 10)); - pragma Assert (Uns_Value rem 10 = Uns (-(Value rem 10))); - pragma Assert - (Uns_Value = From_Big (Big (Uns_T) / Big_10 ** (Nb_Digits - J))); Prev_Value := Uns_Value; Prev_S := S; @@ -399,68 +395,44 @@ package body System.Image_I is S (P + J) := Character'Val (48 - (Value rem 10)); Value := Value / 10; - pragma Assert (S (P + J) in '0' .. '9'); - pragma Assert (Hexa_To_Unsigned_Ghost (S (P + J)) = - From_Big (Big (Uns_T) / Big_10 ** (Nb_Digits - J)) rem 10); - pragma Assert - (for all K in P + J + 1 .. P + Nb_Digits => S (K) in '0' .. '9'); + Prove_Euclidian + (Val => Prev_Value, + Quot => Uns_Value, + Rest => UP.Hexa_To_Unsigned_Ghost (S (P + J))); - Prev := Scan_Based_Number_Ghost - (Str => S, - From => P + J + 1, - To => P + Nb_Digits, - Base => 10, - Acc => Prev_Value); - Cur := Scan_Based_Number_Ghost - (Str => S, - From => P + J, - To => P + Nb_Digits, - Base => 10, - Acc => Uns_Value); - pragma Assert (Prev_Value = 10 * Uns_Value + (Prev_Value rem 10)); - pragma Assert - (Prev_Value rem 10 = Hexa_To_Unsigned_Ghost (S (P + J))); - pragma Assert - (Prev_Value = 10 * Uns_Value + Hexa_To_Unsigned_Ghost (S (P + J))); - - if J /= Nb_Digits then - Prove_Iter_Scan - (Prev_S, S, P + J + 1, P + Nb_Digits, 10, Prev_Value); - end if; - - pragma Assert (Prev = Cur); - pragma Assert (Prev = Wrap_Option (Uns_T)); + Prove_Scan_Iter + (S, Prev_S, Uns_Value, Prev_Value, Uns_T, P + J, P + Nb_Digits); pragma Loop_Invariant (Uns_Value = Uns_Of_Non_Positive (Value)); pragma Loop_Invariant (Uns_Value <= Uns'Last / 10); pragma Loop_Invariant (for all K in S'First .. P => S (K) = S_Init (K)); - pragma Loop_Invariant (Only_Decimal_Ghost (S, P + J, P + Nb_Digits)); + pragma Loop_Invariant + (UP.Only_Decimal_Ghost (S, P + J, P + Nb_Digits)); pragma Loop_Invariant (for all K in P + J .. P + Nb_Digits => S (K) in '0' .. '9'); pragma Loop_Invariant (Pow = Big_10 ** (Nb_Digits - J + 1)); pragma Loop_Invariant (Big (Uns_Value) = Big (Uns_T) / Pow); pragma Loop_Invariant - (Scan_Based_Number_Ghost + (UP.Scan_Based_Number_Ghost (Str => S, From => P + J, To => P + Nb_Digits, Base => 10, Acc => Uns_Value) - = Wrap_Option (Uns_T)); + = UP.Wrap_Option (Uns_T)); end loop; pragma Assert (Big (Uns_Value) = Big (Uns_T) / Big_10 ** (Nb_Digits)); pragma Assert (Uns_Value = 0); - Prove_Unchanged; pragma Assert - (Scan_Based_Number_Ghost + (UP.Scan_Based_Number_Ghost (Str => S, From => P + 1, To => P + Nb_Digits, Base => 10, Acc => Uns_Value) - = Wrap_Option (Uns_T)); + = UP.Wrap_Option (Uns_T)); P := P + Nb_Digits; end Set_Digits; diff --git a/gcc/ada/libgnat/s-imagei.ads b/gcc/ada/libgnat/s-imagei.ads index 10116d1..575c60a 100644 --- a/gcc/ada/libgnat/s-imagei.ads +++ b/gcc/ada/libgnat/s-imagei.ads @@ -48,19 +48,19 @@ pragma Assertion_Policy (Pre => Ignore, with System.Val_Util; generic + type Int is range <>; + type Uns is mod <>; - with package Int_Params is new System.Val_Util.Int_Params (<>); + Unsigned_Width_Ghost : Natural; -package System.Image_I is - - subtype Int is Int_Params.Int; - use type Int_Params.Int; + with package Int_Params is new System.Val_Util.Int_Params + (Int => Int, Uns => Uns, others => <>) + with Ghost; - subtype Uns is Int_Params.Uns; - use type Int_Params.Uns; - - subtype Uns_Option is Int_Params.Uns_Option; - use type Int_Params.Uns_Option; +package System.Image_I is + package IP renames Int_Params; + package UP renames IP.Uns_Params; + use type UP.Uns_Option; procedure Image_Integer (V : Int; @@ -69,9 +69,9 @@ package System.Image_I is with Pre => S'First = 1 and then S'Last < Integer'Last - and then S'Last >= Int_Params.Unsigned_Width_Ghost, + and then S'Last >= Unsigned_Width_Ghost, Post => P in S'Range - and then Int_Params.Value_Integer (S (1 .. P)) = V; + and then IP.Is_Value_Integer_Ghost (S (1 .. P), V); -- Computes Int'Image (V) and stores the result in S (1 .. P) -- setting the resulting value of P. The caller guarantees that S -- is long enough to hold the result, and that S'First is 1. @@ -87,23 +87,23 @@ package System.Image_I is and then S'First <= S'Last and then (if V >= 0 then - P <= S'Last - Int_Params.Unsigned_Width_Ghost + 1 + P <= S'Last - Unsigned_Width_Ghost + 1 else - P <= S'Last - Int_Params.Unsigned_Width_Ghost), + P <= S'Last - Unsigned_Width_Ghost), Post => S (S'First .. P'Old) = S'Old (S'First .. P'Old) and then (declare Minus : constant Boolean := S (P'Old + 1) = '-'; Offset : constant Positive := (if V >= 0 then 1 else 2); - Abs_V : constant Uns := Int_Params.Abs_Uns_Of_Int (V); + Abs_V : constant Uns := IP.Abs_Uns_Of_Int (V); begin Minus = (V < 0) and then P in P'Old + Offset .. S'Last - and then Int_Params.Only_Decimal_Ghost + and then UP.Only_Decimal_Ghost (S, From => P'Old + Offset, To => P) - and then Int_Params.Scan_Based_Number_Ghost + and then UP.Scan_Based_Number_Ghost (S, From => P'Old + Offset, To => P) - = Int_Params.Wrap_Option (Abs_V)); + = UP.Wrap_Option (Abs_V)); -- Stores the image of V in S starting at S (P + 1), P is updated to point -- to the last character stored. The value stored is identical to the value -- of Int'Image (V) except that no leading space is stored when V is diff --git a/gcc/ada/libgnat/s-imageu.adb b/gcc/ada/libgnat/s-imageu.adb index 6932487..0e1c2bb 100644 --- a/gcc/ada/libgnat/s-imageu.adb +++ b/gcc/ada/libgnat/s-imageu.adb @@ -147,11 +147,12 @@ package body System.Image_U is and then S'Last < Integer'Last and then P in 2 .. S'Last and then S (1) = ' ' - and then Only_Decimal_Ghost (S, From => 2, To => P) - and then Scan_Based_Number_Ghost (S, From => 2, To => P) - = Wrap_Option (V), - Post => Is_Unsigned_Ghost (S (1 .. P)) - and then Value_Unsigned (S (1 .. P)) = V; + and then Uns_Params.Only_Decimal_Ghost (S, From => 2, To => P) + and then Uns_Params.Scan_Based_Number_Ghost (S, From => 2, To => P) + = Uns_Params.Wrap_Option (V), + Post => not System.Val_Util.Only_Space_Ghost (S, 1, P) + and then Uns_Params.Is_Unsigned_Ghost (S (1 .. P)) + and then Uns_Params.Is_Value_Unsigned_Ghost (S (1 .. P), V); -- Ghost lemma to prove the value of Value_Unsigned from the value of -- Scan_Based_Number_Ghost on a decimal string. @@ -163,11 +164,15 @@ package body System.Image_U is Str : constant String := S (1 .. P); begin pragma Assert (Str'First = 1); - pragma Assert (Only_Decimal_Ghost (Str, From => 2, To => P)); - Prove_Iter_Scan_Based_Number_Ghost (S, Str, From => 2, To => P); - pragma Assert (Scan_Based_Number_Ghost (Str, From => 2, To => P) - = Wrap_Option (V)); - Prove_Scan_Only_Decimal_Ghost (Str, V); + pragma Assert (S (2) /= ' '); + pragma Assert + (Uns_Params.Only_Decimal_Ghost (Str, From => 2, To => P)); + Uns_Params.Prove_Scan_Based_Number_Ghost_Eq + (S, Str, From => 2, To => P); + pragma Assert + (Uns_Params.Scan_Based_Number_Ghost (Str, From => 2, To => P) + = Uns_Params.Wrap_Option (V)); + Uns_Params.Prove_Scan_Only_Decimal_Ghost (Str, V); end Prove_Value_Unsigned; -- Start of processing for Image_Unsigned @@ -196,7 +201,6 @@ package body System.Image_U is Pow : Big_Positive := 1 with Ghost; S_Init : constant String := S with Ghost; - Prev, Cur : Uns_Option with Ghost; Prev_Value : Uns with Ghost; Prev_S : String := S with Ghost; @@ -205,8 +209,8 @@ package body System.Image_U is procedure Prove_Character_Val (R : Uns) with Ghost, - Pre => R in 0 .. 9, - Post => Character'Val (48 + R) in '0' .. '9'; + Post => R rem 10 in 0 .. 9 + and then Character'Val (48 + R rem 10) in '0' .. '9'; -- Ghost lemma to prove the value of a character corresponding to the -- next figure. @@ -215,7 +219,7 @@ package body System.Image_U is Ghost, Pre => Quot = Val / 10 and then Rest = Val rem 10, - Post => Val = 10 * Quot + Rest; + Post => Uns'Last - Rest >= 10 * Quot and then Val = 10 * Quot + Rest; -- Ghost lemma to prove the relation between the quotient/remainder of -- division by 10 and the initial value. @@ -223,42 +227,46 @@ package body System.Image_U is with Ghost, Pre => R in 0 .. 9, - Post => Hexa_To_Unsigned_Ghost (Character'Val (48 + R)) = R; + Post => Uns_Params.Hexa_To_Unsigned_Ghost (Character'Val (48 + R)) = R; -- Ghost lemma to prove that Hexa_To_Unsigned_Ghost returns the source -- figure when applied to the corresponding character. - procedure Prove_Unchanged - with - Ghost, - Pre => P <= S'Last - and then S_Init'First = S'First - and then S_Init'Last = S'Last - and then (for all K in S'First .. P => S (K) = S_Init (K)), - Post => S (S'First .. P) = S_Init (S'First .. P); - -- Ghost lemma to prove that the part of string S before P has not been - -- modified. - - procedure Prove_Iter_Scan - (Str1, Str2 : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - with - Ghost, - Pre => Str1'Last /= Positive'Last - and then - (From > To or else (From >= Str1'First and then To <= Str1'Last)) - and then Only_Decimal_Ghost (Str1, From, To) - and then Str1'First = Str2'First - and then Str1'Last = Str2'Last - and then (for all J in From .. To => Str1 (J) = Str2 (J)), - Post => - Scan_Based_Number_Ghost (Str1, From, To, Base, Acc) - = Scan_Based_Number_Ghost (Str2, From, To, Base, Acc); - -- Ghost lemma to prove that the result of Scan_Based_Number_Ghost only - -- depends on the value of the argument string in the (From .. To) range - -- of indexes. This is a wrapper on Prove_Iter_Scan_Based_Number_Ghost - -- so that we can call it here on ghost arguments. + procedure Prove_Scan_Iter + (S, Prev_S : String; + V, Prev_V, Res : Uns; + P, Max : Natural) + with + Ghost, + Pre => + S'First = Prev_S'First and then S'Last = Prev_S'Last + and then S'Last < Natural'Last and then + Max in S'Range and then P in S'First .. Max and then + (for all I in P + 1 .. Max => Prev_S (I) in '0' .. '9') + and then (for all I in P + 1 .. Max => Prev_S (I) = S (I)) + and then S (P) in '0' .. '9' + and then V <= Uns'Last / 10 + and then Uns'Last - Uns_Params.Hexa_To_Unsigned_Ghost (S (P)) + >= 10 * V + and then Prev_V = + V * 10 + Uns_Params.Hexa_To_Unsigned_Ghost (S (P)) + and then + (if P = Max then Prev_V = Res + else Uns_Params.Scan_Based_Number_Ghost + (Str => Prev_S, + From => P + 1, + To => Max, + Base => 10, + Acc => Prev_V) = Uns_Params.Wrap_Option (Res)), + Post => + (for all I in P .. Max => S (I) in '0' .. '9') + and then Uns_Params.Scan_Based_Number_Ghost + (Str => S, + From => P, + To => Max, + Base => 10, + Acc => V) = Uns_Params.Wrap_Option (Res); + -- Ghost lemma to prove that Scan_Based_Number_Ghost is preserved + -- through an iteration of the loop. ----------------------------- -- Local lemma null bodies -- @@ -267,21 +275,36 @@ package body System.Image_U is procedure Prove_Character_Val (R : Uns) is null; procedure Prove_Euclidian (Val, Quot, Rest : Uns) is null; procedure Prove_Hexa_To_Unsigned_Ghost (R : Uns) is null; - procedure Prove_Unchanged is null; --------------------- - -- Prove_Iter_Scan -- + -- Prove_Scan_Iter -- --------------------- - procedure Prove_Iter_Scan - (Str1, Str2 : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) + procedure Prove_Scan_Iter + (S, Prev_S : String; + V, Prev_V, Res : Uns; + P, Max : Natural) is + pragma Unreferenced (Res); begin - Prove_Iter_Scan_Based_Number_Ghost (Str1, Str2, From, To, Base, Acc); - end Prove_Iter_Scan; + Uns_Params.Lemma_Scan_Based_Number_Ghost_Step + (Str => S, + From => P, + To => Max, + Base => 10, + Acc => V); + if P < Max then + Uns_Params.Prove_Scan_Based_Number_Ghost_Eq + (Prev_S, S, P + 1, Max, 10, Prev_V); + else + Uns_Params.Lemma_Scan_Based_Number_Ghost_Base + (Str => S, + From => P + 1, + To => Max, + Base => 10, + Acc => Prev_V); + end if; + end Prove_Scan_Iter; -- Start of processing for Set_Image_Unsigned @@ -313,6 +336,7 @@ package body System.Image_U is Lemma_Non_Zero (Value); pragma Assert (Pow <= Big (Uns'Last)); end loop; + pragma Assert (Big (V) / (Big_10 ** Nb_Digits) = 0); Value := V; Pow := 1; @@ -323,77 +347,43 @@ package body System.Image_U is for J in reverse 1 .. Nb_Digits loop Lemma_Div_Commutation (Value, 10); Lemma_Div_Twice (Big (V), Big_10 ** (Nb_Digits - J), Big_10); - Prove_Character_Val (Value rem 10); + Prove_Character_Val (Value); Prove_Hexa_To_Unsigned_Ghost (Value rem 10); Prev_Value := Value; Prev_S := S; Pow := Pow * 10; - S (P + J) := Character'Val (48 + (Value rem 10)); Value := Value / 10; - pragma Assert (S (P + J) in '0' .. '9'); - pragma Assert (Hexa_To_Unsigned_Ghost (S (P + J)) = - From_Big (Big (V) / Big_10 ** (Nb_Digits - J)) rem 10); - pragma Assert - (for all K in P + J + 1 .. P + Nb_Digits => S (K) in '0' .. '9'); - pragma Assert - (for all K in P + J + 1 .. P + Nb_Digits => - Hexa_To_Unsigned_Ghost (S (K)) = - From_Big (Big (V) / Big_10 ** (Nb_Digits - (K - P))) rem 10); - - Prev := Scan_Based_Number_Ghost - (Str => S, - From => P + J + 1, - To => P + Nb_Digits, - Base => 10, - Acc => Prev_Value); - Cur := Scan_Based_Number_Ghost - (Str => S, - From => P + J, - To => P + Nb_Digits, - Base => 10, - Acc => Value); - - if J /= Nb_Digits then - Prove_Euclidian (Val => Prev_Value, - Quot => Value, - Rest => Hexa_To_Unsigned_Ghost (S (P + J))); - pragma Assert - (Prev_Value = 10 * Value + Hexa_To_Unsigned_Ghost (S (P + J))); - Prove_Iter_Scan - (Prev_S, S, P + J + 1, P + Nb_Digits, 10, Prev_Value); - end if; + Prove_Euclidian + (Val => Prev_Value, + Quot => Value, + Rest => Uns_Params.Hexa_To_Unsigned_Ghost (S (P + J))); - pragma Assert (Prev = Cur); - pragma Assert (Prev = Wrap_Option (V)); + Prove_Scan_Iter + (S, Prev_S, Value, Prev_Value, V, P + J, P + Nb_Digits); pragma Loop_Invariant (Value <= Uns'Last / 10); pragma Loop_Invariant (for all K in S'First .. P => S (K) = S_Init (K)); - pragma Loop_Invariant (Only_Decimal_Ghost (S, P + J, P + Nb_Digits)); - pragma Loop_Invariant - (for all K in P + J .. P + Nb_Digits => S (K) in '0' .. '9'); pragma Loop_Invariant - (for all K in P + J .. P + Nb_Digits => - Hexa_To_Unsigned_Ghost (S (K)) = - From_Big (Big (V) / Big_10 ** (Nb_Digits - (K - P))) rem 10); + (Uns_Params.Only_Decimal_Ghost + (S, From => P + J, To => P + Nb_Digits)); pragma Loop_Invariant (Pow = Big_10 ** (Nb_Digits - J + 1)); pragma Loop_Invariant (Big (Value) = Big (V) / Pow); pragma Loop_Invariant - (Scan_Based_Number_Ghost + (Uns_Params.Scan_Based_Number_Ghost (Str => S, From => P + J, To => P + Nb_Digits, Base => 10, Acc => Value) - = Wrap_Option (V)); + = Uns_Params.Wrap_Option (V)); end loop; + pragma Assert (Big (Value) = Big (V) / (Big_10 ** Nb_Digits)); pragma Assert (Value = 0); - Prove_Unchanged; - P := P + Nb_Digits; end Set_Image_Unsigned; diff --git a/gcc/ada/libgnat/s-imageu.ads b/gcc/ada/libgnat/s-imageu.ads index 789cf65..3d80ea9 100644 --- a/gcc/ada/libgnat/s-imageu.ads +++ b/gcc/ada/libgnat/s-imageu.ads @@ -45,45 +45,22 @@ pragma Assertion_Policy (Pre => Ignore, Ghost => Ignore, Subprogram_Variant => Ignore); +with System.Val_Util; + generic type Uns is mod <>; - type Uns_Option is private; -- Additional parameters for ghost subprograms used inside contracts Unsigned_Width_Ghost : Natural; - with function Wrap_Option (Value : Uns) return Uns_Option - with Ghost; - with function Only_Decimal_Ghost - (Str : String; - From, To : Integer) - return Boolean - with Ghost; - with function Hexa_To_Unsigned_Ghost (X : Character) return Uns - with Ghost; - with function Scan_Based_Number_Ghost - (Str : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) return Uns_Option - with Ghost; - with function Is_Unsigned_Ghost (Str : String) return Boolean - with Ghost; - with function Value_Unsigned (Str : String) return Uns; - with procedure Prove_Iter_Scan_Based_Number_Ghost - (Str1, Str2 : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - with Ghost; - with procedure Prove_Scan_Only_Decimal_Ghost - (Str : String; - Val : Uns) - with Ghost; + with package Uns_Params is new System.Val_Util.Uns_Params + (Uns => Uns, others => <>) + with Ghost; package System.Image_U is + use all type Uns_Params.Uns_Option; procedure Image_Unsigned (V : Uns; @@ -94,7 +71,7 @@ package System.Image_U is and then S'Last < Integer'Last and then S'Last >= Unsigned_Width_Ghost, Post => P in S'Range - and then Value_Unsigned (S (1 .. P)) = V; + and then Uns_Params.Is_Value_Unsigned_Ghost (S (1 .. P), V); pragma Inline (Image_Unsigned); -- Computes Uns'Image (V) and stores the result in S (1 .. P) setting -- the resulting value of P. The caller guarantees that S is long enough to @@ -112,9 +89,10 @@ package System.Image_U is and then P <= S'Last - Unsigned_Width_Ghost + 1, Post => S (S'First .. P'Old) = S'Old (S'First .. P'Old) and then P in P'Old + 1 .. S'Last - and then Only_Decimal_Ghost (S, From => P'Old + 1, To => P) - and then Scan_Based_Number_Ghost (S, From => P'Old + 1, To => P) - = Wrap_Option (V); + and then Uns_Params.Only_Decimal_Ghost (S, From => P'Old + 1, To => P) + and then Uns_Params.Scan_Based_Number_Ghost + (S, From => P'Old + 1, To => P) + = Uns_Params.Wrap_Option (V); -- Stores the image of V in S starting at S (P + 1), P is updated to point -- to the last character stored. The value stored is identical to the value -- of Uns'Image (V) except that no leading space is stored. The caller diff --git a/gcc/ada/libgnat/s-imgint.ads b/gcc/ada/libgnat/s-imgint.ads index fd5bea3..8672e58 100644 --- a/gcc/ada/libgnat/s-imgint.ads +++ b/gcc/ada/libgnat/s-imgint.ads @@ -48,8 +48,6 @@ pragma Assertion_Policy (Pre => Ignore, with System.Image_I; with System.Unsigned_Types; with System.Val_Int; -with System.Val_Uns; -with System.Val_Util; with System.Wid_Uns; package System.Img_Int @@ -57,27 +55,12 @@ package System.Img_Int is subtype Unsigned is Unsigned_Types.Unsigned; - package Int_Params is new Val_Util.Int_Params - (Int => Integer, - Uns => Unsigned, - Uns_Option => Val_Uns.Impl.Uns_Option, - Unsigned_Width_Ghost => + package Impl is new Image_I + (Int => Integer, + Uns => Unsigned, + Unsigned_Width_Ghost => Wid_Uns.Width_Unsigned (0, Unsigned'Last), - Only_Decimal_Ghost => Val_Uns.Impl.Only_Decimal_Ghost, - Hexa_To_Unsigned_Ghost => - Val_Uns.Impl.Hexa_To_Unsigned_Ghost, - Wrap_Option => Val_Uns.Impl.Wrap_Option, - Scan_Based_Number_Ghost => - Val_Uns.Impl.Scan_Based_Number_Ghost, - Prove_Iter_Scan_Based_Number_Ghost => - Val_Uns.Impl.Prove_Iter_Scan_Based_Number_Ghost, - Is_Integer_Ghost => Val_Int.Impl.Is_Integer_Ghost, - Prove_Scan_Only_Decimal_Ghost => - Val_Int.Impl.Prove_Scan_Only_Decimal_Ghost, - Abs_Uns_Of_Int => Val_Int.Impl.Abs_Uns_Of_Int, - Value_Integer => Val_Int.Impl.Value_Integer); - - package Impl is new Image_I (Int_Params); + Int_Params => System.Val_Int.Impl.Spec.Int_Params); procedure Image_Integer (V : Integer; diff --git a/gcc/ada/libgnat/s-imglli.ads b/gcc/ada/libgnat/s-imglli.ads index 20f108c..99c1951 100644 --- a/gcc/ada/libgnat/s-imglli.ads +++ b/gcc/ada/libgnat/s-imglli.ads @@ -48,8 +48,6 @@ pragma Assertion_Policy (Pre => Ignore, with System.Image_I; with System.Unsigned_Types; with System.Val_LLI; -with System.Val_LLU; -with System.Val_Util; with System.Wid_LLU; package System.Img_LLI @@ -57,27 +55,13 @@ package System.Img_LLI is subtype Long_Long_Unsigned is Unsigned_Types.Long_Long_Unsigned; - package Int_Params is new Val_Util.Int_Params - (Int => Long_Long_Integer, - Uns => Long_Long_Unsigned, - Uns_Option => Val_LLU.Impl.Uns_Option, - Unsigned_Width_Ghost => - Wid_LLU.Width_Long_Long_Unsigned (0, Long_Long_Unsigned'Last), - Only_Decimal_Ghost => Val_LLU.Impl.Only_Decimal_Ghost, - Hexa_To_Unsigned_Ghost => - Val_LLU.Impl.Hexa_To_Unsigned_Ghost, - Wrap_Option => Val_LLU.Impl.Wrap_Option, - Scan_Based_Number_Ghost => - Val_LLU.Impl.Scan_Based_Number_Ghost, - Prove_Iter_Scan_Based_Number_Ghost => - Val_LLU.Impl.Prove_Iter_Scan_Based_Number_Ghost, - Is_Integer_Ghost => Val_LLI.Impl.Is_Integer_Ghost, - Prove_Scan_Only_Decimal_Ghost => - Val_LLI.Impl.Prove_Scan_Only_Decimal_Ghost, - Abs_Uns_Of_Int => Val_LLI.Impl.Abs_Uns_Of_Int, - Value_Integer => Val_LLI.Impl.Value_Integer); - - package Impl is new Image_I (Int_Params); + package Impl is new Image_I + (Int => Long_Long_Integer, + Uns => Long_Long_Unsigned, + Unsigned_Width_Ghost => + Wid_LLU.Width_Long_Long_Unsigned + (0, Long_Long_Unsigned'Last), + Int_Params => System.Val_LLI.Impl.Spec.Int_Params); procedure Image_Long_Long_Integer (V : Long_Long_Integer; diff --git a/gcc/ada/libgnat/s-imgllli.ads b/gcc/ada/libgnat/s-imgllli.ads index 989c296..931c288 100644 --- a/gcc/ada/libgnat/s-imgllli.ads +++ b/gcc/ada/libgnat/s-imgllli.ads @@ -48,8 +48,6 @@ pragma Assertion_Policy (Pre => Ignore, with System.Image_I; with System.Unsigned_Types; with System.Val_LLLI; -with System.Val_LLLU; -with System.Val_Util; with System.Wid_LLLU; package System.Img_LLLI @@ -57,28 +55,13 @@ package System.Img_LLLI is subtype Long_Long_Long_Unsigned is Unsigned_Types.Long_Long_Long_Unsigned; - package Int_Params is new Val_Util.Int_Params - (Int => Long_Long_Long_Integer, - Uns => Long_Long_Long_Unsigned, - Uns_Option => Val_LLLU.Impl.Uns_Option, - Unsigned_Width_Ghost => + package Impl is new Image_I + (Int => Long_Long_Long_Integer, + Uns => Long_Long_Long_Unsigned, + Unsigned_Width_Ghost => Wid_LLLU.Width_Long_Long_Long_Unsigned (0, Long_Long_Long_Unsigned'Last), - Only_Decimal_Ghost => Val_LLLU.Impl.Only_Decimal_Ghost, - Hexa_To_Unsigned_Ghost => - Val_LLLU.Impl.Hexa_To_Unsigned_Ghost, - Wrap_Option => Val_LLLU.Impl.Wrap_Option, - Scan_Based_Number_Ghost => - Val_LLLU.Impl.Scan_Based_Number_Ghost, - Prove_Iter_Scan_Based_Number_Ghost => - Val_LLLU.Impl.Prove_Iter_Scan_Based_Number_Ghost, - Is_Integer_Ghost => Val_LLLI.Impl.Is_Integer_Ghost, - Prove_Scan_Only_Decimal_Ghost => - Val_LLLI.Impl.Prove_Scan_Only_Decimal_Ghost, - Abs_Uns_Of_Int => Val_LLLI.Impl.Abs_Uns_Of_Int, - Value_Integer => Val_LLLI.Impl.Value_Integer); - - package Impl is new Image_I (Int_Params); + Int_Params => System.Val_LLLI.Impl.Spec.Int_Params); procedure Image_Long_Long_Long_Integer (V : Long_Long_Long_Integer; diff --git a/gcc/ada/libgnat/s-imglllu.ads b/gcc/ada/libgnat/s-imglllu.ads index 0116aa8..53b39a8 100644 --- a/gcc/ada/libgnat/s-imglllu.ads +++ b/gcc/ada/libgnat/s-imglllu.ads @@ -56,23 +56,11 @@ is subtype Long_Long_Long_Unsigned is Unsigned_Types.Long_Long_Long_Unsigned; package Impl is new Image_U - (Uns => Long_Long_Long_Unsigned, - Uns_Option => Val_LLLU.Impl.Uns_Option, - Unsigned_Width_Ghost => + (Uns => Long_Long_Long_Unsigned, + Unsigned_Width_Ghost => Wid_LLLU.Width_Long_Long_Long_Unsigned (0, Long_Long_Long_Unsigned'Last), - Only_Decimal_Ghost => Val_LLLU.Impl.Only_Decimal_Ghost, - Hexa_To_Unsigned_Ghost => - Val_LLLU.Impl.Hexa_To_Unsigned_Ghost, - Wrap_Option => Val_LLLU.Impl.Wrap_Option, - Scan_Based_Number_Ghost => - Val_LLLU.Impl.Scan_Based_Number_Ghost, - Is_Unsigned_Ghost => Val_LLLU.Impl.Is_Unsigned_Ghost, - Value_Unsigned => Val_LLLU.Impl.Value_Unsigned, - Prove_Iter_Scan_Based_Number_Ghost => - Val_LLLU.Impl.Prove_Iter_Scan_Based_Number_Ghost, - Prove_Scan_Only_Decimal_Ghost => - Val_LLLU.Impl.Prove_Scan_Only_Decimal_Ghost); + Uns_Params => System.Val_LLLU.Impl.Spec.Uns_Params); procedure Image_Long_Long_Long_Unsigned (V : Long_Long_Long_Unsigned; diff --git a/gcc/ada/libgnat/s-imgllu.ads b/gcc/ada/libgnat/s-imgllu.ads index 67372d7..28339cd 100644 --- a/gcc/ada/libgnat/s-imgllu.ads +++ b/gcc/ada/libgnat/s-imgllu.ads @@ -56,22 +56,10 @@ is subtype Long_Long_Unsigned is Unsigned_Types.Long_Long_Unsigned; package Impl is new Image_U - (Uns => Long_Long_Unsigned, - Uns_Option => Val_LLU.Impl.Uns_Option, - Unsigned_Width_Ghost => + (Uns => Long_Long_Unsigned, + Unsigned_Width_Ghost => Wid_LLU.Width_Long_Long_Unsigned (0, Long_Long_Unsigned'Last), - Only_Decimal_Ghost => Val_LLU.Impl.Only_Decimal_Ghost, - Hexa_To_Unsigned_Ghost => - Val_LLU.Impl.Hexa_To_Unsigned_Ghost, - Wrap_Option => Val_LLU.Impl.Wrap_Option, - Scan_Based_Number_Ghost => - Val_LLU.Impl.Scan_Based_Number_Ghost, - Is_Unsigned_Ghost => Val_LLU.Impl.Is_Unsigned_Ghost, - Value_Unsigned => Val_LLU.Impl.Value_Unsigned, - Prove_Iter_Scan_Based_Number_Ghost => - Val_LLU.Impl.Prove_Iter_Scan_Based_Number_Ghost, - Prove_Scan_Only_Decimal_Ghost => - Val_LLU.Impl.Prove_Scan_Only_Decimal_Ghost); + Uns_Params => System.Val_LLU.Impl.Spec.Uns_Params); procedure Image_Long_Long_Unsigned (V : Long_Long_Unsigned; diff --git a/gcc/ada/libgnat/s-imguns.ads b/gcc/ada/libgnat/s-imguns.ads index fa903ce..120bd5d 100644 --- a/gcc/ada/libgnat/s-imguns.ads +++ b/gcc/ada/libgnat/s-imguns.ads @@ -56,22 +56,10 @@ is subtype Unsigned is Unsigned_Types.Unsigned; package Impl is new Image_U - (Uns => Unsigned, - Uns_Option => Val_Uns.Impl.Uns_Option, - Unsigned_Width_Ghost => + (Uns => Unsigned, + Unsigned_Width_Ghost => Wid_Uns.Width_Unsigned (0, Unsigned'Last), - Only_Decimal_Ghost => Val_Uns.Impl.Only_Decimal_Ghost, - Hexa_To_Unsigned_Ghost => - Val_Uns.Impl.Hexa_To_Unsigned_Ghost, - Wrap_Option => Val_Uns.Impl.Wrap_Option, - Scan_Based_Number_Ghost => - Val_Uns.Impl.Scan_Based_Number_Ghost, - Is_Unsigned_Ghost => Val_Uns.Impl.Is_Unsigned_Ghost, - Value_Unsigned => Val_Uns.Impl.Value_Unsigned, - Prove_Iter_Scan_Based_Number_Ghost => - Val_Uns.Impl.Prove_Iter_Scan_Based_Number_Ghost, - Prove_Scan_Only_Decimal_Ghost => - Val_Uns.Impl.Prove_Scan_Only_Decimal_Ghost); + Uns_Params => System.Val_Uns.Impl.Spec.Uns_Params); procedure Image_Unsigned (V : Unsigned; diff --git a/gcc/ada/libgnat/s-vaispe.adb b/gcc/ada/libgnat/s-vaispe.adb new file mode 100644 index 0000000..dca2fd7 --- /dev/null +++ b/gcc/ada/libgnat/s-vaispe.adb @@ -0,0 +1,87 @@ +------------------------------------------------------------------------------ +-- -- +-- GNAT COMPILER COMPONENTS -- +-- -- +-- S Y S T E M . V A L U E _ I _ S P E C -- +-- -- +-- B o d y -- +-- -- +-- Copyright (C) 2022-2022, Free Software Foundation, Inc. -- +-- -- +-- GNAT is free software; you can redistribute it and/or modify it under -- +-- terms of the GNU General Public License as published by the Free Soft- -- +-- ware Foundation; either version 3, or (at your option) any later ver- -- +-- sion. GNAT is distributed in the hope that it will be useful, but WITH- -- +-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -- +-- or FITNESS FOR A PARTICULAR PURPOSE. -- +-- -- +-- As a special exception under Section 7 of GPL version 3, you are granted -- +-- additional permissions described in the GCC Runtime Library Exception, -- +-- version 3.1, as published by the Free Software Foundation. -- +-- -- +-- You should have received a copy of the GNU General Public License and -- +-- a copy of the GCC Runtime Library Exception along with this program; -- +-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see -- +-- <http://www.gnu.org/licenses/>. -- +-- -- +-- GNAT was originally developed by the GNAT team at New York University. -- +-- Extensive contributions were provided by Ada Core Technologies Inc. -- +-- -- +------------------------------------------------------------------------------ + +pragma Assertion_Policy (Pre => Ignore, + Post => Ignore, + Contract_Cases => Ignore, + Ghost => Ignore, + Subprogram_Variant => Ignore); + +package body System.Value_I_Spec is + + ----------------------------------- + -- Prove_Scan_Only_Decimal_Ghost -- + ----------------------------------- + + procedure Prove_Scan_Only_Decimal_Ghost (Str : String; Val : Int) is + Non_Blank : constant Positive := First_Non_Space_Ghost + (Str, Str'First, Str'Last); + pragma Assert (Str (Str'First + 1) /= ' '); + pragma Assert + (if Val < 0 then Non_Blank = Str'First + else + Str (Str'First) = ' ' + and then Non_Blank = Str'First + 1); + Minus : constant Boolean := Str (Non_Blank) = '-'; + Fst_Num : constant Positive := + (if Minus then Non_Blank + 1 else Non_Blank); + pragma Assert (Fst_Num = Str'First + 1); + Uval : constant Uns := Abs_Uns_Of_Int (Val); + + procedure Prove_Conversion_Is_Identity (Val : Int; Uval : Uns) + with + Pre => Minus = (Val < 0) + and then Uval = Abs_Uns_Of_Int (Val), + Post => Uns_Is_Valid_Int (Minus, Uval) + and then Is_Int_Of_Uns (Minus, Uval, Val); + -- Local proof of the unicity of the signed representation + + procedure Prove_Conversion_Is_Identity (Val : Int; Uval : Uns) is null; + + -- Start of processing for Prove_Scan_Only_Decimal_Ghost + + begin + Prove_Conversion_Is_Identity (Val, Uval); + pragma Assert + (Uns_Params.Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Str'Last))); + pragma Assert + (Uns_Params.Scan_Split_No_Overflow_Ghost (Str, Fst_Num, Str'Last)); + Uns_Params.Lemma_Exponent_Unsigned_Ghost_Base (Uval, 0, 10); + pragma Assert + (Uns_Params.Raw_Unsigned_No_Overflow_Ghost (Str, Fst_Num, Str'Last)); + pragma Assert (Only_Space_Ghost + (Str, Uns_Params.Raw_Unsigned_Last_Ghost + (Str, Fst_Num, Str'Last), Str'Last)); + pragma Assert (Is_Integer_Ghost (Str)); + pragma Assert (Is_Value_Integer_Ghost (Str, Val)); + end Prove_Scan_Only_Decimal_Ghost; + +end System.Value_I_Spec; diff --git a/gcc/ada/libgnat/s-vaispe.ads b/gcc/ada/libgnat/s-vaispe.ads new file mode 100644 index 0000000..5a5e051 --- /dev/null +++ b/gcc/ada/libgnat/s-vaispe.ads @@ -0,0 +1,199 @@ +------------------------------------------------------------------------------ +-- -- +-- GNAT COMPILER COMPONENTS -- +-- -- +-- S Y S T E M . V A L U E _ I _ S P E C -- +-- -- +-- S p e c -- +-- -- +-- Copyright (C) 2022-2022, Free Software Foundation, Inc. -- +-- -- +-- GNAT is free software; you can redistribute it and/or modify it under -- +-- terms of the GNU General Public License as published by the Free Soft- -- +-- ware Foundation; either version 3, or (at your option) any later ver- -- +-- sion. GNAT is distributed in the hope that it will be useful, but WITH- -- +-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -- +-- or FITNESS FOR A PARTICULAR PURPOSE. -- +-- -- +-- As a special exception under Section 7 of GPL version 3, you are granted -- +-- additional permissions described in the GCC Runtime Library Exception, -- +-- version 3.1, as published by the Free Software Foundation. -- +-- -- +-- You should have received a copy of the GNU General Public License and -- +-- a copy of the GCC Runtime Library Exception along with this program; -- +-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see -- +-- <http://www.gnu.org/licenses/>. -- +-- -- +-- GNAT was originally developed by the GNAT team at New York University. -- +-- Extensive contributions were provided by Ada Core Technologies Inc. -- +-- -- +------------------------------------------------------------------------------ + +-- This package contains the specification entities using for the formal +-- verification of the routines for scanning signed integer values. + +-- Preconditions in this unit are meant for analysis only, not for run-time +-- checking, so that the expected exceptions are raised. This is enforced by +-- setting the corresponding assertion policy to Ignore. Postconditions and +-- contract cases should not be executed at runtime as well, in order not to +-- slow down the execution of these functions. + +pragma Assertion_Policy (Pre => Ignore, + Post => Ignore, + Contract_Cases => Ignore, + Ghost => Ignore, + Subprogram_Variant => Ignore); + +with System.Val_Util; use System.Val_Util; + +generic + + type Int is range <>; + + type Uns is mod <>; + + -- Additional parameters for specification subprograms on modular Unsigned + -- integers. + + with package Uns_Params is new System.Val_Util.Uns_Params + (Uns => Uns, others => <>) + with Ghost; + +package System.Value_I_Spec with + Ghost, + SPARK_Mode, + Annotate => (GNATprove, Always_Return) +is + pragma Preelaborate; + use all type Uns_Params.Uns_Option; + + function Uns_Is_Valid_Int (Minus : Boolean; Uval : Uns) return Boolean is + (if Minus then Uval <= Uns (Int'Last) + 1 + else Uval <= Uns (Int'Last)) + with Post => True; + -- Return True if Uval (or -Uval when Minus is True) is a valid number of + -- type Int. + + function Is_Int_Of_Uns + (Minus : Boolean; + Uval : Uns; + Val : Int) + return Boolean + is + (if Minus and then Uval = Uns (Int'Last) + 1 then Val = Int'First + elsif Minus then Val = -(Int (Uval)) + else Val = Int (Uval)) + with + Pre => Uns_Is_Valid_Int (Minus, Uval), + Post => True; + -- Return True if Uval (or -Uval when Minus is True) is equal to Val + + function Abs_Uns_Of_Int (Val : Int) return Uns is + (if Val = Int'First then Uns (Int'Last) + 1 + elsif Val < 0 then Uns (-Val) + else Uns (Val)); + -- Return the unsigned absolute value of Val + + function Slide_To_1 (Str : String) return String + with + Post => + Only_Space_Ghost (Str, Str'First, Str'Last) = + (for all J in Str'First .. Str'Last => + Slide_To_1'Result (J - Str'First + 1) = ' '); + -- Slides Str so that it starts at 1 + + function Slide_If_Necessary (Str : String) return String is + (if Str'Last = Positive'Last then Slide_To_1 (Str) else Str); + -- If Str'Last = Positive'Last then slides Str so that it starts at 1 + + function Is_Integer_Ghost (Str : String) return Boolean is + (declare + Non_Blank : constant Positive := First_Non_Space_Ghost + (Str, Str'First, Str'Last); + Fst_Num : constant Positive := + (if Str (Non_Blank) in '+' | '-' then Non_Blank + 1 else Non_Blank); + begin + Uns_Params.Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Str'Last)) + and then Uns_Params.Raw_Unsigned_No_Overflow_Ghost + (Str, Fst_Num, Str'Last) + and then + Uns_Is_Valid_Int + (Minus => Str (Non_Blank) = '-', + Uval => Uns_Params.Scan_Raw_Unsigned_Ghost + (Str, Fst_Num, Str'Last)) + and then Only_Space_Ghost + (Str, Uns_Params.Raw_Unsigned_Last_Ghost + (Str, Fst_Num, Str'Last), Str'Last)) + with + Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) + and then Str'Last /= Positive'Last, + Post => True; + -- Ghost function that determines if Str has the correct format for a + -- signed number, consisting in some blank characters, an optional + -- sign, a raw unsigned number which does not overflow and then some + -- more blank characters. + + function Is_Value_Integer_Ghost (Str : String; Val : Int) return Boolean is + (declare + Non_Blank : constant Positive := First_Non_Space_Ghost + (Str, Str'First, Str'Last); + Fst_Num : constant Positive := + (if Str (Non_Blank) in '+' | '-' then Non_Blank + 1 else Non_Blank); + Uval : constant Uns := + Uns_Params.Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Str'Last); + begin + Is_Int_Of_Uns (Minus => Str (Non_Blank) = '-', + Uval => Uval, + Val => Val)) + with + Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) + and then Str'Last /= Positive'Last + and then Is_Integer_Ghost (Str), + Post => True; + -- Ghost function that returns True if Val is the value corresponding to + -- the signed number represented by Str. + + procedure Prove_Scan_Only_Decimal_Ghost (Str : String; Val : Int) + with + Ghost, + Pre => Str'Last /= Positive'Last + and then Str'Length >= 2 + and then Str (Str'First) in ' ' | '-' + and then (Str (Str'First) = '-') = (Val < 0) + and then Uns_Params.Only_Decimal_Ghost (Str, Str'First + 1, Str'Last) + and then Uns_Params.Scan_Based_Number_Ghost + (Str, Str'First + 1, Str'Last) + = Uns_Params.Wrap_Option (Abs_Uns_Of_Int (Val)), + Post => Is_Integer_Ghost (Slide_If_Necessary (Str)) + and then Is_Value_Integer_Ghost (Str, Val); + -- Ghost lemma used in the proof of 'Image implementation, to prove that + -- the result of Value_Integer on a decimal string is the same as the + -- signing the result of Scan_Based_Number_Ghost. + + -- Bundle Int type with other types, constants and subprograms used in + -- ghost code, so that this package can be instantiated once and used + -- multiple times as generic formal for a given Int type. + + package Int_Params is new System.Val_Util.Int_Params + (Uns => Uns, + Int => Int, + P_Uns_Params => Uns_Params, + P_Is_Integer_Ghost => Is_Integer_Ghost, + P_Is_Value_Integer_Ghost => Is_Value_Integer_Ghost, + P_Is_Int_Of_Uns => Is_Int_Of_Uns, + P_Abs_Uns_Of_Int => Abs_Uns_Of_Int, + P_Prove_Scan_Only_Decimal_Ghost => Prove_Scan_Only_Decimal_Ghost); + +private + + ---------------- + -- Slide_To_1 -- + ---------------- + + function Slide_To_1 (Str : String) return String is + (declare + Res : constant String (1 .. Str'Length) := Str; + begin + Res); + +end System.Value_I_Spec; diff --git a/gcc/ada/libgnat/s-valint.ads b/gcc/ada/libgnat/s-valint.ads index 9e47f1b..3872d7c 100644 --- a/gcc/ada/libgnat/s-valint.ads +++ b/gcc/ada/libgnat/s-valint.ads @@ -54,23 +54,10 @@ package System.Val_Int with SPARK_Mode is subtype Unsigned is Unsigned_Types.Unsigned; package Impl is new Value_I - (Int => Integer, - Uns => Unsigned, - Scan_Raw_Unsigned => Val_Uns.Scan_Raw_Unsigned, - Uns_Option => Val_Uns.Impl.Uns_Option, - Wrap_Option => Val_Uns.Impl.Wrap_Option, - Is_Raw_Unsigned_Format_Ghost => - Val_Uns.Impl.Is_Raw_Unsigned_Format_Ghost, - Raw_Unsigned_Overflows_Ghost => - Val_Uns.Impl.Raw_Unsigned_Overflows_Ghost, - Scan_Raw_Unsigned_Ghost => - Val_Uns.Impl.Scan_Raw_Unsigned_Ghost, - Raw_Unsigned_Last_Ghost => - Val_Uns.Impl.Raw_Unsigned_Last_Ghost, - Only_Decimal_Ghost => - Val_Uns.Impl.Only_Decimal_Ghost, - Scan_Based_Number_Ghost => - Val_Uns.Impl.Scan_Based_Number_Ghost); + (Int => Integer, + Uns => Unsigned, + Scan_Raw_Unsigned => Val_Uns.Scan_Raw_Unsigned, + Uns_Params => System.Val_Uns.Impl.Spec.Uns_Params); procedure Scan_Integer (Str : String; diff --git a/gcc/ada/libgnat/s-vallli.ads b/gcc/ada/libgnat/s-vallli.ads index 5bccb1a..85bf282 100644 --- a/gcc/ada/libgnat/s-vallli.ads +++ b/gcc/ada/libgnat/s-vallli.ads @@ -54,24 +54,10 @@ package System.Val_LLI with SPARK_Mode is subtype Long_Long_Unsigned is Unsigned_Types.Long_Long_Unsigned; package Impl is new Value_I - (Int => Long_Long_Integer, - Uns => Long_Long_Unsigned, - Scan_Raw_Unsigned => - Val_LLU.Scan_Raw_Long_Long_Unsigned, - Uns_Option => Val_LLU.Impl.Uns_Option, - Wrap_Option => Val_LLU.Impl.Wrap_Option, - Is_Raw_Unsigned_Format_Ghost => - Val_LLU.Impl.Is_Raw_Unsigned_Format_Ghost, - Raw_Unsigned_Overflows_Ghost => - Val_LLU.Impl.Raw_Unsigned_Overflows_Ghost, - Scan_Raw_Unsigned_Ghost => - Val_LLU.Impl.Scan_Raw_Unsigned_Ghost, - Raw_Unsigned_Last_Ghost => - Val_LLU.Impl.Raw_Unsigned_Last_Ghost, - Only_Decimal_Ghost => - Val_LLU.Impl.Only_Decimal_Ghost, - Scan_Based_Number_Ghost => - Val_LLU.Impl.Scan_Based_Number_Ghost); + (Int => Long_Long_Integer, + Uns => Long_Long_Unsigned, + Scan_Raw_Unsigned => Val_LLU.Scan_Raw_Long_Long_Unsigned, + Uns_Params => System.Val_LLU.Impl.Spec.Uns_Params); procedure Scan_Long_Long_Integer (Str : String; diff --git a/gcc/ada/libgnat/s-valllli.ads b/gcc/ada/libgnat/s-valllli.ads index 586c737..e53fb0b 100644 --- a/gcc/ada/libgnat/s-valllli.ads +++ b/gcc/ada/libgnat/s-valllli.ads @@ -54,24 +54,10 @@ package System.Val_LLLI with SPARK_Mode is subtype Long_Long_Long_Unsigned is Unsigned_Types.Long_Long_Long_Unsigned; package Impl is new Value_I - (Int => Long_Long_Long_Integer, - Uns => Long_Long_Long_Unsigned, - Scan_Raw_Unsigned => - Val_LLLU.Scan_Raw_Long_Long_Long_Unsigned, - Uns_Option => Val_LLLU.Impl.Uns_Option, - Wrap_Option => Val_LLLU.Impl.Wrap_Option, - Is_Raw_Unsigned_Format_Ghost => - Val_LLLU.Impl.Is_Raw_Unsigned_Format_Ghost, - Raw_Unsigned_Overflows_Ghost => - Val_LLLU.Impl.Raw_Unsigned_Overflows_Ghost, - Scan_Raw_Unsigned_Ghost => - Val_LLLU.Impl.Scan_Raw_Unsigned_Ghost, - Raw_Unsigned_Last_Ghost => - Val_LLLU.Impl.Raw_Unsigned_Last_Ghost, - Only_Decimal_Ghost => - Val_LLLU.Impl.Only_Decimal_Ghost, - Scan_Based_Number_Ghost => - Val_LLLU.Impl.Scan_Based_Number_Ghost); + (Int => Long_Long_Long_Integer, + Uns => Long_Long_Long_Unsigned, + Scan_Raw_Unsigned => Val_LLLU.Scan_Raw_Long_Long_Long_Unsigned, + Uns_Params => System.Val_LLLU.Impl.Spec.Uns_Params); procedure Scan_Long_Long_Long_Integer (Str : String; diff --git a/gcc/ada/libgnat/s-valuei.adb b/gcc/ada/libgnat/s-valuei.adb index b453ffc..51764b2 100644 --- a/gcc/ada/libgnat/s-valuei.adb +++ b/gcc/ada/libgnat/s-valuei.adb @@ -41,59 +41,6 @@ package body System.Value_I is Assert_And_Cut => Ignore, Subprogram_Variant => Ignore); - ----------------------------------- - -- Prove_Scan_Only_Decimal_Ghost -- - ----------------------------------- - - procedure Prove_Scan_Only_Decimal_Ghost (Str : String; Val : Int) is - Non_Blank : constant Positive := First_Non_Space_Ghost - (Str, Str'First, Str'Last); - pragma Assert - (if Val < 0 then Non_Blank = Str'First - else - Only_Space_Ghost (Str, Str'First, Str'First) - and then Non_Blank = Str'First + 1); - Minus : constant Boolean := Str (Non_Blank) = '-'; - Fst_Num : constant Positive := - (if Minus then Non_Blank + 1 else Non_Blank); - pragma Assert (Fst_Num = Str'First + 1); - Uval : constant Uns := - Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Str'Last); - - procedure Unique_Int_Of_Uns (Val1, Val2 : Int) - with - Pre => Uns_Is_Valid_Int (Minus, Uval) - and then Is_Int_Of_Uns (Minus, Uval, Val1) - and then Is_Int_Of_Uns (Minus, Uval, Val2), - Post => Val1 = Val2; - -- Local proof of the unicity of the signed representation - - procedure Unique_Int_Of_Uns (Val1, Val2 : Int) is null; - - -- Start of processing for Prove_Scan_Only_Decimal_Ghost - - begin - pragma Assert (Minus = (Val < 0)); - pragma Assert (Uval = Abs_Uns_Of_Int (Val)); - pragma Assert (if Minus then Uval <= Uns (Int'Last) + 1 - else Uval <= Uns (Int'Last)); - pragma Assert (Uns_Is_Valid_Int (Minus, Uval)); - pragma Assert - (if Minus and then Uval = Uns (Int'Last) + 1 then Val = Int'First - elsif Minus then Val = -(Int (Uval)) - else Val = Int (Uval)); - pragma Assert (Is_Int_Of_Uns (Minus, Uval, Val)); - pragma Assert - (Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Str'Last))); - pragma Assert - (not Raw_Unsigned_Overflows_Ghost (Str, Fst_Num, Str'Last)); - pragma Assert (Only_Space_Ghost - (Str, Raw_Unsigned_Last_Ghost (Str, Fst_Num, Str'Last), Str'Last)); - pragma Assert (Is_Integer_Ghost (Str)); - pragma Assert (Is_Value_Integer_Ghost (Str, Val)); - Unique_Int_Of_Uns (Val, Value_Integer (Str)); - end Prove_Scan_Only_Decimal_Ghost; - ------------------ -- Scan_Integer -- ------------------ @@ -104,6 +51,25 @@ package body System.Value_I is Max : Integer; Res : out Int) is + procedure Prove_Is_Int_Of_Uns + (Minus : Boolean; + Uval : Uns; + Val : Int) + with Ghost, + Pre => Spec.Uns_Is_Valid_Int (Minus, Uval) + and then + (if Minus and then Uval = Uns (Int'Last) + 1 then Val = Int'First + elsif Minus then Val = -(Int (Uval)) + else Val = Int (Uval)), + Post => Spec.Is_Int_Of_Uns (Minus, Uval, Val); + -- Unfold the definition of Is_Int_Of_Uns + + procedure Prove_Is_Int_Of_Uns + (Minus : Boolean; + Uval : Uns; + Val : Int) + is null; + Uval : Uns; -- Unsigned result @@ -131,7 +97,8 @@ package body System.Value_I is end if; Scan_Raw_Unsigned (Str, Ptr, Max, Uval); - pragma Assert (Uval = Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Max)); + pragma Assert + (Uval = Uns_Params.Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Max)); -- Deal with overflow cases, and also with largest negative number @@ -152,6 +119,11 @@ package body System.Value_I is else Res := Int (Uval); end if; + + Prove_Is_Int_Of_Uns + (Minus => Str (Non_Blank) = '-', + Uval => Uval, + Val => Res); end Scan_Integer; ------------------- @@ -167,7 +139,15 @@ package body System.Value_I is if Str'Last = Positive'Last then declare subtype NT is String (1 .. Str'Length); + procedure Prove_Is_Integer_Ghost with + Ghost, + Pre => Str'Length < Natural'Last + and then not Only_Space_Ghost (Str, Str'First, Str'Last) + and then Spec.Is_Integer_Ghost (Spec.Slide_To_1 (Str)), + Post => Spec.Is_Integer_Ghost (NT (Str)); + procedure Prove_Is_Integer_Ghost is null; begin + Prove_Is_Integer_Ghost; return Value_Integer (NT (Str)); end; @@ -187,8 +167,6 @@ package body System.Value_I is else Non_Blank) with Ghost; begin - pragma Assert - (Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Str'Last))); declare P_Acc : constant not null access Integer := P'Access; @@ -197,12 +175,13 @@ package body System.Value_I is end; pragma Assert - (P = Raw_Unsigned_Last_Ghost (Str, Fst_Num, Str'Last)); + (P = Uns_Params.Raw_Unsigned_Last_Ghost + (Str, Fst_Num, Str'Last)); Scan_Trailing_Blanks (Str, P); pragma Assert - (Is_Value_Integer_Ghost (Slide_If_Necessary (Str), V)); + (Spec.Is_Value_Integer_Ghost (Spec.Slide_If_Necessary (Str), V)); return V; end; end if; diff --git a/gcc/ada/libgnat/s-valuei.ads b/gcc/ada/libgnat/s-valuei.ads index 5e42773..3f78db6 100644 --- a/gcc/ada/libgnat/s-valuei.ads +++ b/gcc/ada/libgnat/s-valuei.ads @@ -39,6 +39,7 @@ pragma Assertion_Policy (Pre => Ignore, Subprogram_Variant => Ignore); with System.Val_Util; use System.Val_Util; +with System.Value_I_Spec; generic @@ -54,71 +55,15 @@ generic -- Additional parameters for ghost subprograms used inside contracts - type Uns_Option is private; - with function Wrap_Option (Value : Uns) return Uns_Option - with Ghost; - with function Is_Raw_Unsigned_Format_Ghost (Str : String) return Boolean - with Ghost; - with function Raw_Unsigned_Overflows_Ghost - (Str : String; - From, To : Integer) - return Boolean - with Ghost; - with function Scan_Raw_Unsigned_Ghost - (Str : String; - From, To : Integer) - return Uns - with Ghost; - with function Raw_Unsigned_Last_Ghost - (Str : String; - From, To : Integer) - return Positive - with Ghost; - with function Only_Decimal_Ghost - (Str : String; - From, To : Integer) - return Boolean - with Ghost; - with function Scan_Based_Number_Ghost - (Str : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - return Uns_Option - with Ghost; + with package Uns_Params is new System.Val_Util.Uns_Params + (Uns => Uns, others => <>) + with Ghost; package System.Value_I is pragma Preelaborate; + use all type Uns_Params.Uns_Option; - function Uns_Is_Valid_Int (Minus : Boolean; Uval : Uns) return Boolean is - (if Minus then Uval <= Uns (Int'Last) + 1 - else Uval <= Uns (Int'Last)) - with Ghost, - Post => True; - -- Return True if Uval (or -Uval when Minus is True) is a valid number of - -- type Int. - - function Is_Int_Of_Uns - (Minus : Boolean; - Uval : Uns; - Val : Int) - return Boolean - is - (if Minus and then Uval = Uns (Int'Last) + 1 then Val = Int'First - elsif Minus then Val = -(Int (Uval)) - else Val = Int (Uval)) - with - Ghost, - Pre => Uns_Is_Valid_Int (Minus, Uval), - Post => True; - -- Return True if Uval (or -Uval when Minus is True) is equal to Val - - function Abs_Uns_Of_Int (Val : Int) return Uns is - (if Val = Int'First then Uns (Int'Last) + 1 - elsif Val < 0 then Uns (-Val) - else Uns (Val)) - with Ghost; - -- Return the unsigned absolute value of Val + package Spec is new System.Value_I_Spec (Int, Uns, Uns_Params); procedure Scan_Integer (Str : String; @@ -139,11 +84,13 @@ package System.Value_I is (if Str (Non_Blank) in '+' | '-' then Non_Blank + 1 else Non_Blank); begin - Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Max)) - and then not Raw_Unsigned_Overflows_Ghost (Str, Fst_Num, Max) - and then Uns_Is_Valid_Int + Uns_Params.Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Max)) + and then Uns_Params.Raw_Unsigned_No_Overflow_Ghost + (Str, Fst_Num, Max) + and then Spec.Uns_Is_Valid_Int (Minus => Str (Non_Blank) = '-', - Uval => Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Max))), + Uval => Uns_Params.Scan_Raw_Unsigned_Ghost + (Str, Fst_Num, Max))), Post => (declare Non_Blank : constant Positive := First_Non_Space_Ghost @@ -152,12 +99,13 @@ package System.Value_I is (if Str (Non_Blank) in '+' | '-' then Non_Blank + 1 else Non_Blank); Uval : constant Uns := - Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Max); + Uns_Params.Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Max); begin - Is_Int_Of_Uns (Minus => Str (Non_Blank) = '-', - Uval => Uval, - Val => Res) - and then Ptr.all = Raw_Unsigned_Last_Ghost (Str, Fst_Num, Max)); + Spec.Is_Int_Of_Uns (Minus => Str (Non_Blank) = '-', + Uval => Uval, + Val => Res) + and then Ptr.all = Uns_Params.Raw_Unsigned_Last_Ghost + (Str, Fst_Num, Max)); -- This procedure scans the string starting at Str (Ptr.all) for a valid -- integer according to the syntax described in (RM 3.5(43)). The substring -- scanned extends no further than Str (Max). There are three cases for the @@ -183,111 +131,17 @@ package System.Value_I is -- special case of an all-blank string, and Ptr is unchanged, and hence -- is greater than Max as required in this case. - function Slide_To_1 (Str : String) return String - with - Ghost, - Post => - Only_Space_Ghost (Str, Str'First, Str'Last) = - (for all J in Str'First .. Str'Last => - Slide_To_1'Result (J - Str'First + 1) = ' '); - -- Slides Str so that it starts at 1 - - function Slide_If_Necessary (Str : String) return String is - (if Str'Last = Positive'Last then Slide_To_1 (Str) else Str) - with - Ghost, - Post => - Only_Space_Ghost (Str, Str'First, Str'Last) = - Only_Space_Ghost (Slide_If_Necessary'Result, - Slide_If_Necessary'Result'First, - Slide_If_Necessary'Result'Last); - -- If Str'Last = Positive'Last then slides Str so that it starts at 1 - - function Is_Integer_Ghost (Str : String) return Boolean is - (declare - Non_Blank : constant Positive := First_Non_Space_Ghost - (Str, Str'First, Str'Last); - Fst_Num : constant Positive := - (if Str (Non_Blank) in '+' | '-' then Non_Blank + 1 else Non_Blank); - begin - Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Str'Last)) - and then not Raw_Unsigned_Overflows_Ghost (Str, Fst_Num, Str'Last) - and then - Uns_Is_Valid_Int - (Minus => Str (Non_Blank) = '-', - Uval => Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Str'Last)) - and then Only_Space_Ghost - (Str, Raw_Unsigned_Last_Ghost (Str, Fst_Num, Str'Last), Str'Last)) - with - Ghost, - Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) - and then Str'Last /= Positive'Last, - Post => True; - -- Ghost function that determines if Str has the correct format for a - -- signed number, consisting in some blank characters, an optional - -- sign, a raw unsigned number which does not overflow and then some - -- more blank characters. - - function Is_Value_Integer_Ghost (Str : String; Val : Int) return Boolean is - (declare - Non_Blank : constant Positive := First_Non_Space_Ghost - (Str, Str'First, Str'Last); - Fst_Num : constant Positive := - (if Str (Non_Blank) in '+' | '-' then Non_Blank + 1 else Non_Blank); - Uval : constant Uns := - Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Str'Last); - begin - Is_Int_Of_Uns (Minus => Str (Non_Blank) = '-', - Uval => Uval, - Val => Val)) - with - Ghost, - Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) - and then Str'Last /= Positive'Last - and then Is_Integer_Ghost (Str), - Post => True; - -- Ghost function that returns True if Val is the value corresponding to - -- the signed number represented by Str. - function Value_Integer (Str : String) return Int with Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) and then Str'Length /= Positive'Last - and then Is_Integer_Ghost (Slide_If_Necessary (Str)), - Post => Is_Value_Integer_Ghost - (Slide_If_Necessary (Str), Value_Integer'Result), + and then Spec.Is_Integer_Ghost (Spec.Slide_If_Necessary (Str)), + Post => Spec.Is_Value_Integer_Ghost + (Spec.Slide_If_Necessary (Str), Value_Integer'Result), Subprogram_Variant => (Decreases => Str'First); -- Used in computing X'Value (Str) where X is a signed integer type whose -- base range does not exceed the base range of Integer. Str is the string -- argument of the attribute. Constraint_Error is raised if the string is -- malformed, or if the value is out of range. - procedure Prove_Scan_Only_Decimal_Ghost (Str : String; Val : Int) - with - Ghost, - Pre => Str'Last /= Positive'Last - and then Str'Length >= 2 - and then Str (Str'First) in ' ' | '-' - and then (Str (Str'First) = '-') = (Val < 0) - and then Only_Decimal_Ghost (Str, Str'First + 1, Str'Last) - and then Scan_Based_Number_Ghost (Str, Str'First + 1, Str'Last) - = Wrap_Option (Abs_Uns_Of_Int (Val)), - Post => Is_Integer_Ghost (Slide_If_Necessary (Str)) - and then Value_Integer (Str) = Val; - -- Ghost lemma used in the proof of 'Image implementation, to prove that - -- the result of Value_Integer on a decimal string is the same as the - -- signing the result of Scan_Based_Number_Ghost. - -private - - ---------------- - -- Slide_To_1 -- - ---------------- - - function Slide_To_1 (Str : String) return String is - (declare - Res : constant String (1 .. Str'Length) := Str; - begin - Res); - end System.Value_I; diff --git a/gcc/ada/libgnat/s-valuer.adb b/gcc/ada/libgnat/s-valuer.adb index b474f84..fc91660 100644 --- a/gcc/ada/libgnat/s-valuer.adb +++ b/gcc/ada/libgnat/s-valuer.adb @@ -184,7 +184,7 @@ package body System.Value_R is UmaxB : constant Uns := Precision_Limit / Uns (Base); -- Numbers bigger than UmaxB overflow if multiplied by base - Precision_Limit_Reached : Boolean := False; + Precision_Limit_Reached : Boolean; -- Set to True if addition of a digit will cause Value to be superior -- to Precision_Limit. @@ -198,7 +198,7 @@ package body System.Value_R is Temp : Uns; -- Temporary - Trailing_Zeros : Natural := 0; + Trailing_Zeros : Natural; -- Number of trailing zeros at a given point begin @@ -209,12 +209,17 @@ package body System.Value_R is Precision_Limit_Reached := True; else Extra := 0; + Precision_Limit_Reached := False; end if; if Round then Precision_Limit_Just_Reached := False; end if; + -- Initialize trailing zero counter + + Trailing_Zeros := 0; + -- The function precondition is that the first character is a valid -- digit. @@ -362,7 +367,7 @@ package body System.Value_R is UmaxB : constant Uns := Precision_Limit / Uns (Base); -- Numbers bigger than UmaxB overflow if multiplied by base - Precision_Limit_Reached : Boolean := False; + Precision_Limit_Reached : Boolean; -- Set to True if addition of a digit will cause Value to be superior -- to Precision_Limit. @@ -383,6 +388,8 @@ package body System.Value_R is Scale := 0; Extra := 0; + Precision_Limit_Reached := False; + if Round then Precision_Limit_Just_Reached := False; end if; @@ -494,28 +501,32 @@ package body System.Value_R is After_Point : Boolean; -- True if a decimal should be parsed - Base_Char : Character := ASCII.NUL; - -- Character used to set the base. If Nul this means that default + Base_Char : Character; + -- Character used to set the base. If it is Nul, this means that default -- base is used. - Base_Violation : Boolean := False; + Base_Violation : Boolean; -- If True some digits where not in the base. The real is still scanned -- till the end even if an error will be raised. + Expon : Integer; + -- Exponent as an Integer + Index : Integer; -- Local copy of string pointer Start : Positive; + -- Index of the first non-blank character Value : Uns; -- Mantissa as an Integer - Expon : Integer; - begin -- The default base is 10 - Base := 10; + Base := 10; + Base_Char := ASCII.NUL; + Base_Violation := False; -- We do not tolerate strings with Str'Last = Positive'Last diff --git a/gcc/ada/libgnat/s-valueu.adb b/gcc/ada/libgnat/s-valueu.adb index f5a6881..8f19086 100644 --- a/gcc/ada/libgnat/s-valueu.adb +++ b/gcc/ada/libgnat/s-valueu.adb @@ -41,9 +41,12 @@ package body System.Value_U is Assert_And_Cut => Ignore, Subprogram_Variant => Ignore); + use type Spec.Uns_Option; + use type Spec.Split_Value_Ghost; + -- Local lemmas - procedure Lemma_Digit_Is_Before_Last + procedure Lemma_Digit_Not_Last (Str : String; P : Integer; From : Integer; @@ -54,257 +57,47 @@ package body System.Value_U is and then To in From .. Str'Last and then Str (From) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' and then P in From .. To - and then Str (P) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F', - Post => P /= Last_Hexa_Ghost (Str (From .. To)) + 1; - -- If the character at position P is a digit, P cannot be the position of - -- of the first non-digit in Str. + and then P <= Spec.Last_Hexa_Ghost (Str (From .. To)) + 1 + and then Spec.Is_Based_Format_Ghost (Str (From .. To)), + Post => + (if Str (P) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' + then P <= Spec.Last_Hexa_Ghost (Str (From .. To))); - procedure Lemma_End_Of_Scan + procedure Lemma_Underscore_Not_Last (Str : String; + P : Integer; From : Integer; - To : Integer; - Base : Uns; - Acc : Uns) - with Ghost, - Pre => Str'Last /= Positive'Last and then From > To, - Post => Scan_Based_Number_Ghost (Str, From, To, Base, Acc) = - (False, Acc); - -- Unfold the definition of Scan_Based_Number_Ghost on an empty string - - procedure Lemma_Scan_Digit - (Str : String; - P : Integer; - Lst : Integer; - Digit : Uns; - Base : Uns; - Old_Acc : Uns; - Acc : Uns; - Scan_Val : Uns_Option; - Old_Overflow : Boolean; - Overflow : Boolean) - with Ghost, - Pre => Str'Last /= Positive'Last - and then Lst in Str'Range - and then P in Str'First .. Lst - and then Str (P) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' - and then Digit = Hexa_To_Unsigned_Ghost (Str (P)) - and then Only_Hexa_Ghost (Str, P, Lst) - and then Base in 2 .. 16 - and then (if Digit < Base and then Old_Acc <= Uns'Last / Base - then Acc = Base * Old_Acc + Digit) - and then (if Digit >= Base - or else Old_Acc > Uns'Last / Base - or else (Old_Acc > (Uns'Last - Base + 1) / Base - and then Acc < Uns'Last / Base) - then Overflow - else Overflow = Old_Overflow) - and then - (if not Old_Overflow then - Scan_Val = Scan_Based_Number_Ghost - (Str, P, Lst, Base, Old_Acc)), - Post => - (if not Overflow then - Scan_Val = Scan_Based_Number_Ghost - (Str, P + 1, Lst, Base, Acc)) - and then - (if Overflow then Old_Overflow or else Scan_Val.Overflow); - -- Unfold the definition of Scan_Based_Number_Ghost when the string starts - -- with a digit. - - procedure Lemma_Scan_Underscore - (Str : String; - P : Integer; - From : Integer; - To : Integer; - Lst : Integer; - Base : Uns; - Acc : Uns; - Scan_Val : Uns_Option; - Overflow : Boolean; - Ext : Boolean) + To : Integer) with Ghost, Pre => Str'Last /= Positive'Last and then From in Str'Range and then To in From .. Str'Last - and then Lst <= To - and then P in From .. Lst + 1 - and then P <= To - and then - (if Ext then - Is_Based_Format_Ghost (Str (From .. To)) - and then Lst = Last_Hexa_Ghost (Str (From .. To)) - else Is_Natural_Format_Ghost (Str (From .. To)) - and then Lst = Last_Number_Ghost (Str (From .. To))) + and then Str (From) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' + and then P in From .. To and then Str (P) = '_' - and then - (if not Overflow then - Scan_Val = Scan_Based_Number_Ghost (Str, P, Lst, Base, Acc)), - Post => P + 1 <= Lst - and then - (if Ext then Str (P + 1) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' - else Str (P + 1) in '0' .. '9') - and then - (if not Overflow then - Scan_Val = Scan_Based_Number_Ghost (Str, P + 1, Lst, Base, Acc)); - -- Unfold the definition of Scan_Based_Number_Ghost when the string starts - -- with an underscore. + and then P <= Spec.Last_Hexa_Ghost (Str (From .. To)) + 1 + and then Spec.Is_Based_Format_Ghost (Str (From .. To)), + Post => P + 1 <= Spec.Last_Hexa_Ghost (Str (From .. To)) + and then Str (P + 1) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; ----------------------------- -- Local lemma null bodies -- ----------------------------- - procedure Lemma_Digit_Is_Before_Last + procedure Lemma_Digit_Not_Last (Str : String; P : Integer; From : Integer; To : Integer) is null; - procedure Lemma_End_Of_Scan - (Str : String; - From : Integer; - To : Integer; - Base : Uns; - Acc : Uns) - is null; - - procedure Lemma_Scan_Underscore - (Str : String; - P : Integer; - From : Integer; - To : Integer; - Lst : Integer; - Base : Uns; - Acc : Uns; - Scan_Val : Uns_Option; - Overflow : Boolean; - Ext : Boolean) + procedure Lemma_Underscore_Not_Last + (Str : String; + P : Integer; + From : Integer; + To : Integer) is null; - --------------------- - -- Last_Hexa_Ghost -- - --------------------- - - function Last_Hexa_Ghost (Str : String) return Positive is - begin - for J in Str'Range loop - if Str (J) not in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' | '_' then - return J - 1; - end if; - - pragma Loop_Invariant - (for all K in Str'First .. J => - Str (K) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' | '_'); - end loop; - - return Str'Last; - end Last_Hexa_Ghost; - - ---------------------- - -- Lemma_Scan_Digit -- - ---------------------- - - procedure Lemma_Scan_Digit - (Str : String; - P : Integer; - Lst : Integer; - Digit : Uns; - Base : Uns; - Old_Acc : Uns; - Acc : Uns; - Scan_Val : Uns_Option; - Old_Overflow : Boolean; - Overflow : Boolean) - is - pragma Unreferenced (Str, P, Lst, Scan_Val, Overflow, Old_Overflow); - begin - if Digit >= Base then - null; - - elsif Old_Acc <= (Uns'Last - Base + 1) / Base then - pragma Assert (not Scan_Overflows_Ghost (Digit, Base, Old_Acc)); - - elsif Old_Acc > Uns'Last / Base then - null; - - else - pragma Assert - ((Acc < Uns'Last / Base) = - Scan_Overflows_Ghost (Digit, Base, Old_Acc)); - end if; - end Lemma_Scan_Digit; - - ---------------------------------------- - -- Prove_Iter_Scan_Based_Number_Ghost -- - ---------------------------------------- - - procedure Prove_Iter_Scan_Based_Number_Ghost - (Str1, Str2 : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - is - begin - if From > To then - null; - elsif Str1 (From) = '_' then - Prove_Iter_Scan_Based_Number_Ghost - (Str1, Str2, From + 1, To, Base, Acc); - elsif Scan_Overflows_Ghost - (Hexa_To_Unsigned_Ghost (Str1 (From)), Base, Acc) - then - null; - else - Prove_Iter_Scan_Based_Number_Ghost - (Str1, Str2, From + 1, To, Base, - Base * Acc + Hexa_To_Unsigned_Ghost (Str1 (From))); - end if; - end Prove_Iter_Scan_Based_Number_Ghost; - - ----------------------------------- - -- Prove_Scan_Only_Decimal_Ghost -- - ----------------------------------- - - procedure Prove_Scan_Only_Decimal_Ghost - (Str : String; - Val : Uns) - is - Non_Blank : constant Positive := First_Non_Space_Ghost - (Str, Str'First, Str'Last); - pragma Assert (Non_Blank = Str'First + 1); - Fst_Num : constant Positive := - (if Str (Non_Blank) = '+' then Non_Blank + 1 else Non_Blank); - pragma Assert (Fst_Num = Str'First + 1); - Last_Num_Init : constant Integer := - Last_Number_Ghost (Str (Str'First + 1 .. Str'Last)); - pragma Assert (Last_Num_Init = Str'Last); - Starts_As_Based : constant Boolean := - Last_Num_Init < Str'Last - 1 - and then Str (Last_Num_Init + 1) in '#' | ':' - and then Str (Last_Num_Init + 2) in - '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; - pragma Assert (Starts_As_Based = False); - Last_Num_Based : constant Integer := - (if Starts_As_Based - then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. Str'Last)) - else Last_Num_Init); - pragma Assert (Last_Num_Based = Str'Last); - begin - pragma Assert - (Is_Opt_Exponent_Format_Ghost (Str (Str'Last + 1 .. Str'Last))); - pragma Assert - (Is_Natural_Format_Ghost (Str (Str'First + 1 .. Str'Last))); - pragma Assert - (Is_Raw_Unsigned_Format_Ghost (Str (Str'First + 1 .. Str'Last))); - pragma Assert - (not Raw_Unsigned_Overflows_Ghost (Str, Str'First + 1, Str'Last)); - pragma Assert (Val = Exponent_Unsigned_Ghost (Val, 0, 10).Value); - pragma Assert - (Val = Scan_Raw_Unsigned_Ghost (Str, Str'First + 1, Str'Last)); - pragma Assert (Is_Unsigned_Ghost (Str)); - pragma Assert (Is_Value_Unsigned_Ghost (Str, Val)); - end Prove_Scan_Only_Decimal_Ghost; - ----------------------- -- Scan_Raw_Unsigned -- ----------------------- @@ -341,8 +134,8 @@ package body System.Value_U is Last_Num_Init : constant Integer := Last_Number_Ghost (Str (Ptr.all .. Max)) with Ghost; - Init_Val : constant Uns_Option := - Scan_Based_Number_Ghost (Str, Ptr.all, Last_Num_Init) + Init_Val : constant Spec.Uns_Option := + Spec.Scan_Based_Number_Ghost (Str, Ptr.all, Last_Num_Init) with Ghost; Starts_As_Based : constant Boolean := Last_Num_Init < Max - 1 @@ -352,7 +145,7 @@ package body System.Value_U is with Ghost; Last_Num_Based : constant Integer := (if Starts_As_Based - then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. Max)) + then Spec.Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. Max)) else Last_Num_Init) with Ghost; Is_Based : constant Boolean := @@ -360,9 +153,9 @@ package body System.Value_U is and then Last_Num_Based < Max and then Str (Last_Num_Based + 1) = Str (Last_Num_Init + 1) with Ghost; - Based_Val : constant Uns_Option := + Based_Val : constant Spec.Uns_Option := (if Starts_As_Based and then not Init_Val.Overflow - then Scan_Based_Number_Ghost + then Spec.Scan_Based_Number_Ghost (Str, Last_Num_Init + 2, Last_Num_Based, Init_Val.Value) else Init_Val) with Ghost; @@ -379,6 +172,7 @@ package body System.Value_U is end if; P := Ptr.all; + Spec.Lemma_Scan_Based_Number_Ghost_Step (Str, P, Last_Num_Init); Uval := Character'Pos (Str (P)) - Character'Pos ('0'); P := P + 1; @@ -392,9 +186,6 @@ package body System.Value_U is Umax10 : constant Uns := Uns'Last / 10; -- Numbers bigger than Umax10 overflow if multiplied by 10 - Old_Uval : Uns with Ghost; - Old_Overflow : Boolean with Ghost; - begin -- Loop through decimal digits loop @@ -403,7 +194,7 @@ package body System.Value_U is (if Overflow then Init_Val.Overflow); pragma Loop_Invariant (if not Overflow - then Init_Val = Scan_Based_Number_Ghost + then Init_Val = Spec.Scan_Based_Number_Ghost (Str, P, Last_Num_Init, Acc => Uval)); exit when P > Max; @@ -414,9 +205,8 @@ package body System.Value_U is if Digit > 9 then if Str (P) = '_' then - Lemma_Scan_Underscore - (Str, P, Ptr_Old, Max, Last_Num_Init, 10, Uval, - Init_Val, Overflow, False); + Spec.Lemma_Scan_Based_Number_Ghost_Underscore + (Str, P, Last_Num_Init, Acc => Uval); Scan_Underscore (Str, P, Ptr, Max, False); else exit; @@ -425,11 +215,19 @@ package body System.Value_U is -- Accumulate result, checking for overflow else - Old_Uval := Uval; - Old_Overflow := Overflow; + Spec.Lemma_Scan_Based_Number_Ghost_Step + (Str, P, Last_Num_Init, Acc => Uval); + Spec.Lemma_Scan_Based_Number_Ghost_Overflow + (Str, P, Last_Num_Init, Acc => Uval); if Uval <= Umax then + pragma Assert + (Spec.Hexa_To_Unsigned_Ghost (Str (P)) = Digit); Uval := 10 * Uval + Digit; + pragma Assert + (if not Overflow + then Init_Val = Spec.Scan_Based_Number_Ghost + (Str, P + 1, Last_Num_Init, Acc => Uval)); elsif Uval > Umax10 then Overflow := True; @@ -440,17 +238,17 @@ package body System.Value_U is if Uval < Umax10 then Overflow := True; end if; + pragma Assert + (if not Overflow + then Init_Val = Spec.Scan_Based_Number_Ghost + (Str, P + 1, Last_Num_Init, Acc => Uval)); end if; - Lemma_Scan_Digit - (Str, P, Last_Num_Init, Digit, 10, Old_Uval, Uval, Init_Val, - Old_Overflow, Overflow); - P := P + 1; end if; end loop; - pragma Assert (P = Last_Num_Init + 1); - pragma Assert (Init_Val.Overflow = Overflow); + Spec.Lemma_Scan_Based_Number_Ghost_Base + (Str, P, Last_Num_Init, Acc => Uval); end; pragma Assert_And_Cut @@ -488,18 +286,14 @@ package body System.Value_U is UmaxB : constant Uns := Uns'Last / Base; -- Numbers bigger than UmaxB overflow if multiplied by base - Old_Uval : Uns with Ghost; - Old_Overflow : Boolean with Ghost; - begin pragma Assert (if Str (P) in '0' .. '9' | 'A' .. 'F' | 'a' .. 'f' - then Is_Based_Format_Ghost (Str (P .. Max))); + then Spec.Is_Based_Format_Ghost (Str (P .. Max))); -- Loop to scan out based integer value loop - -- We require a digit at this stage if Str (P) in '0' .. '9' then @@ -519,6 +313,8 @@ package body System.Value_U is -- already stored in Ptr.all. else + Spec.Lemma_Scan_Based_Number_Ghost_Base + (Str, P, Last_Num_Based, Base, Uval); Uval := Base; Base := 10; pragma Assert (Ptr.all = Last_Num_Init + 1); @@ -529,25 +325,25 @@ package body System.Value_U is exit; end if; - Lemma_Digit_Is_Before_Last (Str, P, Last_Num_Init + 2, Max); - pragma Loop_Invariant (P in P'Loop_Entry .. Last_Num_Based); pragma Loop_Invariant (Str (P) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' - and then Digit = Hexa_To_Unsigned_Ghost (Str (P))); + and then Digit = Spec.Hexa_To_Unsigned_Ghost (Str (P))); pragma Loop_Invariant (if Overflow'Loop_Entry then Overflow); pragma Loop_Invariant (if Overflow then - Overflow'Loop_Entry or else Based_Val.Overflow); + (Overflow'Loop_Entry or else Based_Val.Overflow)); pragma Loop_Invariant (if not Overflow - then Based_Val = Scan_Based_Number_Ghost + then Based_Val = Spec.Scan_Based_Number_Ghost (Str, P, Last_Num_Based, Base, Uval)); pragma Loop_Invariant (Ptr.all = Last_Num_Init + 1); - Old_Uval := Uval; - Old_Overflow := Overflow; + Spec.Lemma_Scan_Based_Number_Ghost_Step + (Str, P, Last_Num_Based, Base, Uval); + Spec.Lemma_Scan_Based_Number_Ghost_Overflow + (Str, P, Last_Num_Based, Base, Uval); -- If digit is too large, just signal overflow and continue. -- The idea here is to keep scanning as long as the input is @@ -560,6 +356,10 @@ package body System.Value_U is elsif Uval <= Umax then Uval := Base * Uval + Digit; + pragma Assert + (if not Overflow + then Based_Val = Spec.Scan_Based_Number_Ghost + (Str, P + 1, Last_Num_Based, Base, Uval)); elsif Uval > UmaxB then Overflow := True; @@ -570,6 +370,10 @@ package body System.Value_U is if Uval < UmaxB then Overflow := True; end if; + pragma Assert + (if not Overflow + then Based_Val = Spec.Scan_Based_Number_Ghost + (Str, P + 1, Last_Num_Based, Base, Uval)); end if; -- If at end of string with no base char, not a based number @@ -579,10 +383,6 @@ package body System.Value_U is P := P + 1; - Lemma_Scan_Digit - (Str, P - 1, Last_Num_Based, Digit, Base, Old_Uval, Uval, - Based_Val, Old_Overflow, Overflow); - if P > Max then Ptr.all := P; Bad_Value (Str); @@ -592,48 +392,54 @@ package body System.Value_U is if Str (P) = Base_Char then Ptr.all := P + 1; + pragma Assert (P = Last_Num_Based + 1); pragma Assert (Ptr.all = Last_Num_Based + 2); + pragma Assert (Starts_As_Based); + pragma Assert (Last_Num_Based < Max); + pragma Assert (Str (Last_Num_Based + 1) = Base_Char); + pragma Assert (Base_Char = Str (Last_Num_Init + 1)); pragma Assert (Is_Based); - pragma Assert - (if not Overflow then - Based_Val = Scan_Based_Number_Ghost - (Str, P, Last_Num_Based, Base, Uval)); - Lemma_End_Of_Scan (Str, P, Last_Num_Based, Base, Uval); - pragma Assert (if not Overflow then Uval = Based_Val.Value); + Spec.Lemma_Scan_Based_Number_Ghost_Base + (Str, P, Last_Num_Based, Base, Uval); exit; -- Deal with underscore elsif Str (P) = '_' then - Lemma_Scan_Underscore - (Str, P, Last_Num_Init + 2, Max, Last_Num_Based, Base, - Uval, Based_Val, Overflow, True); + Lemma_Underscore_Not_Last (Str, P, Last_Num_Init + 2, Max); + Spec.Lemma_Scan_Based_Number_Ghost_Underscore + (Str, P, Last_Num_Based, Base, Uval); Scan_Underscore (Str, P, Ptr, Max, True); pragma Assert (if not Overflow - then Based_Val = Scan_Based_Number_Ghost + then Based_Val = Spec.Scan_Based_Number_Ghost (Str, P, Last_Num_Based, Base, Uval)); + pragma Assert (Str (P) /= '_'); + pragma Assert (Str (P) /= Base_Char); end if; + + Lemma_Digit_Not_Last (Str, P, Last_Num_Init + 2, Max); + pragma Assert (Str (P) /= '_'); + pragma Assert (Str (P) /= Base_Char); end loop; end; pragma Assert (if Starts_As_Based then P = Last_Num_Based + 1 else P = Last_Num_Init + 2); pragma Assert + (Last_Num_Init < Max - 1 + and then Str (Last_Num_Init + 1) in '#' | ':'); + pragma Assert (Overflow = (Init_Val.Overflow or else Init_Val.Value not in 2 .. 16 or else (Starts_As_Based and then Based_Val.Overflow))); + pragma Assert + (Overflow /= Spec.Scan_Split_No_Overflow_Ghost (Str, Ptr_Old, Max)); end if; pragma Assert_And_Cut - (Overflow = - (Init_Val.Overflow - or else - (Last_Num_Init < Max - 1 - and then Str (Last_Num_Init + 1) in '#' | ':' - and then Init_Val.Value not in 2 .. 16) - or else (Starts_As_Based and then Based_Val.Overflow)) + (Overflow /= Spec.Scan_Split_No_Overflow_Ghost (Str, Ptr_Old, Max) and then (if not Overflow then (if Is_Based then Uval = Based_Val.Value @@ -649,10 +455,12 @@ package body System.Value_U is Scan_Exponent (Str, Ptr, Max, Expon); - pragma Assert (Ptr.all = Raw_Unsigned_Last_Ghost (Str, Ptr_Old, Max)); pragma Assert - (if Starts_As_Exponent_Format_Ghost (Str (First_Exp .. Max)) - then Expon = Scan_Exponent_Ghost (Str (First_Exp .. Max))); + (Ptr.all = Spec.Raw_Unsigned_Last_Ghost (Str, Ptr_Old, Max)); + pragma Assert + (if not Overflow + then Spec.Scan_Split_Value_Ghost (Str, Ptr_Old, Max) = + (Uval, Base, Expon)); if Expon /= 0 and then Uval /= 0 then @@ -664,8 +472,8 @@ package body System.Value_U is UmaxB : constant Uns := Uns'Last / Base; -- Numbers bigger than UmaxB overflow if multiplied by base - Res_Val : constant Uns_Option := - Exponent_Unsigned_Ghost (Uval, Expon, Base) + Res_Val : constant Spec.Uns_Option := + Spec.Exponent_Unsigned_Ghost (Uval, Expon, Base) with Ghost; begin for J in 1 .. Expon loop @@ -674,48 +482,45 @@ package body System.Value_U is pragma Loop_Invariant (if Overflow then Overflow'Loop_Entry or else Res_Val.Overflow); + pragma Loop_Invariant (Uval /= 0); pragma Loop_Invariant (if not Overflow - then Res_Val = Exponent_Unsigned_Ghost + then Res_Val = Spec.Exponent_Unsigned_Ghost (Uval, Expon - J + 1, Base)); pragma Assert - ((Uval > UmaxB) = Scan_Overflows_Ghost (0, Base, Uval)); + ((Uval > UmaxB) = Spec.Scan_Overflows_Ghost (0, Base, Uval)); if Uval > UmaxB then + Spec.Lemma_Exponent_Unsigned_Ghost_Overflow + (Uval, Expon - J + 1, Base); Overflow := True; exit; end if; + Spec.Lemma_Exponent_Unsigned_Ghost_Step + (Uval, Expon - J + 1, Base); + Uval := Uval * Base; end loop; + Spec.Lemma_Exponent_Unsigned_Ghost_Base (Uval, 0, Base); + pragma Assert - (Overflow = (Init_Val.Overflow - or else - (Last_Num_Init < Max - 1 - and then Str (Last_Num_Init + 1) in '#' | ':' - and then Init_Val.Value not in 2 .. 16) - or else (Starts_As_Based and then Based_Val.Overflow) - or else Res_Val.Overflow)); - pragma Assert - (Overflow = Raw_Unsigned_Overflows_Ghost (Str, Ptr_Old, Max)); - pragma Assert - (Exponent_Unsigned_Ghost (Uval, 0, Base) = (False, Uval)); - pragma Assert - (if not Overflow then Uval = Res_Val.Value); - pragma Assert - (if not Overflow then - Uval = Scan_Raw_Unsigned_Ghost (Str, Ptr_Old, Max)); + (Overflow /= + Spec.Raw_Unsigned_No_Overflow_Ghost (Str, Ptr_Old, Max)); + pragma Assert (if not Overflow then Res_Val = (False, Uval)); end; end if; + Spec.Lemma_Exponent_Unsigned_Ghost_Base (Uval, Expon, Base); pragma Assert (if Expon = 0 or else Uval = 0 then - Exponent_Unsigned_Ghost (Uval, Expon, Base) = (False, Uval)); + Spec.Exponent_Unsigned_Ghost (Uval, Expon, Base) = (False, Uval)); pragma Assert - (Overflow = Raw_Unsigned_Overflows_Ghost (Str, Ptr_Old, Max)); + (Overflow /= + Spec.Raw_Unsigned_No_Overflow_Ghost (Str, Ptr_Old, Max)); pragma Assert (if not Overflow then - Uval = Scan_Raw_Unsigned_Ghost (Str, Ptr_Old, Max)); + Uval = Spec.Scan_Raw_Unsigned_Ghost (Str, Ptr_Old, Max)); -- Return result, dealing with overflow @@ -774,7 +579,15 @@ package body System.Value_U is if Str'Last = Positive'Last then declare subtype NT is String (1 .. Str'Length); + procedure Prove_Is_Unsigned_Ghost with + Ghost, + Pre => Str'Length < Natural'Last + and then not Only_Space_Ghost (Str, Str'First, Str'Last) + and then Spec.Is_Unsigned_Ghost (Spec.Slide_To_1 (Str)), + Post => Spec.Is_Unsigned_Ghost (NT (Str)); + procedure Prove_Is_Unsigned_Ghost is null; begin + Prove_Is_Unsigned_Ghost; return Value_Unsigned (NT (Str)); end; @@ -784,7 +597,6 @@ package body System.Value_U is declare V : Uns; P : aliased Integer := Str'First; - Non_Blank : constant Positive := First_Non_Space_Ghost (Str, Str'First, Str'Last) with Ghost; @@ -792,9 +604,6 @@ package body System.Value_U is (if Str (Non_Blank) = '+' then Non_Blank + 1 else Non_Blank) with Ghost; begin - pragma Assert - (Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Str'Last))); - declare P_Acc : constant not null access Integer := P'Access; begin @@ -802,14 +611,15 @@ package body System.Value_U is end; pragma Assert - (P = Raw_Unsigned_Last_Ghost (Str, Fst_Num, Str'Last)); + (P = Spec.Raw_Unsigned_Last_Ghost (Str, Fst_Num, Str'Last)); pragma Assert - (V = Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Str'Last)); + (V = Spec.Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Str'Last)); Scan_Trailing_Blanks (Str, P); pragma Assert - (Is_Value_Unsigned_Ghost (Slide_If_Necessary (Str), V)); + (Spec.Is_Value_Unsigned_Ghost + (Spec.Slide_If_Necessary (Str), V)); return V; end; end if; diff --git a/gcc/ada/libgnat/s-valueu.ads b/gcc/ada/libgnat/s-valueu.ads index 1508b6e..466b96a 100644 --- a/gcc/ada/libgnat/s-valueu.ads +++ b/gcc/ada/libgnat/s-valueu.ads @@ -44,6 +44,7 @@ pragma Assertion_Policy (Pre => Ignore, Ghost => Ignore, Subprogram_Variant => Ignore); +with System.Value_U_Spec; with System.Val_Util; use System.Val_Util; generic @@ -53,317 +54,7 @@ generic package System.Value_U is pragma Preelaborate; - type Uns_Option (Overflow : Boolean := False) is record - case Overflow is - when True => - null; - when False => - Value : Uns := 0; - end case; - end record; - - function Wrap_Option (Value : Uns) return Uns_Option is - (Overflow => False, Value => Value) - with - Ghost; - - function Only_Decimal_Ghost - (Str : String; - From, To : Integer) - return Boolean - is - (for all J in From .. To => Str (J) in '0' .. '9') - with - Ghost, - Pre => From > To or else (From >= Str'First and then To <= Str'Last); - -- Ghost function that returns True if S has only decimal characters - -- from index From to index To. - - function Only_Hexa_Ghost (Str : String; From, To : Integer) return Boolean - is - (for all J in From .. To => - Str (J) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' | '_') - with - Ghost, - Pre => From > To or else (From >= Str'First and then To <= Str'Last); - -- Ghost function that returns True if S has only hexadecimal characters - -- from index From to index To. - - function Last_Hexa_Ghost (Str : String) return Positive - with - Ghost, - Pre => Str /= "" - and then Str (Str'First) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F', - Post => Last_Hexa_Ghost'Result in Str'Range - and then (if Last_Hexa_Ghost'Result < Str'Last then - Str (Last_Hexa_Ghost'Result + 1) not in - '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' | '_') - and then Only_Hexa_Ghost (Str, Str'First, Last_Hexa_Ghost'Result); - -- Ghost function that returns the index of the last character in S that - -- is either an hexadecimal digit or an underscore, which necessarily - -- exists given the precondition on Str. - - function Is_Based_Format_Ghost (Str : String) return Boolean - is - (Str /= "" - and then Str (Str'First) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' - and then - (declare - L : constant Positive := Last_Hexa_Ghost (Str); - begin - Str (L) /= '_' - and then (for all J in Str'First .. L => - (if Str (J) = '_' then Str (J + 1) /= '_')))) - with - Ghost; - -- Ghost function that determines if Str has the correct format for a - -- based number, consisting in a sequence of hexadecimal digits possibly - -- separated by single underscores. It may be followed by other characters. - - function Hexa_To_Unsigned_Ghost (X : Character) return Uns is - (case X is - when '0' .. '9' => Character'Pos (X) - Character'Pos ('0'), - when 'a' .. 'f' => Character'Pos (X) - Character'Pos ('a') + 10, - when 'A' .. 'F' => Character'Pos (X) - Character'Pos ('A') + 10, - when others => raise Program_Error) - with - Ghost, - Pre => X in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; - -- Ghost function that computes the value corresponding to an hexadecimal - -- digit. - - function Scan_Overflows_Ghost - (Digit : Uns; - Base : Uns; - Acc : Uns) return Boolean - is - (Digit >= Base - or else Acc > Uns'Last / Base - or else Uns'Last - Digit < Base * Acc) - with Ghost; - -- Ghost function which returns True if Digit + Base * Acc overflows or - -- Digit is greater than Base, as this is used by the algorithm for the - -- test of overflow. - - function Scan_Based_Number_Ghost - (Str : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) return Uns_Option - with - Ghost, - Subprogram_Variant => (Increases => From), - Pre => Str'Last /= Positive'Last - and then - (From > To or else (From >= Str'First and then To <= Str'Last)) - and then Only_Hexa_Ghost (Str, From, To); - -- Ghost function that recursively computes the based number in Str, - -- assuming Acc has been scanned already and scanning continues at index - -- From. - - function Exponent_Unsigned_Ghost - (Value : Uns; - Exp : Natural; - Base : Uns := 10) return Uns_Option - with - Ghost, - Subprogram_Variant => (Decreases => Exp); - -- Ghost function that recursively computes Value * Base ** Exp - - function Is_Raw_Unsigned_Format_Ghost (Str : String) return Boolean is - (Is_Natural_Format_Ghost (Str) - and then - (declare - Last_Num_Init : constant Integer := Last_Number_Ghost (Str); - Starts_As_Based : constant Boolean := - Last_Num_Init < Str'Last - 1 - and then Str (Last_Num_Init + 1) in '#' | ':' - and then Str (Last_Num_Init + 2) in - '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; - Last_Num_Based : constant Integer := - (if Starts_As_Based - then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. Str'Last)) - else Last_Num_Init); - Is_Based : constant Boolean := - Starts_As_Based - and then Last_Num_Based < Str'Last - and then Str (Last_Num_Based + 1) = Str (Last_Num_Init + 1); - First_Exp : constant Integer := - (if Is_Based then Last_Num_Based + 2 else Last_Num_Init + 1); - begin - (if Starts_As_Based then - Is_Based_Format_Ghost (Str (Last_Num_Init + 2 .. Str'Last)) - and then Last_Num_Based < Str'Last) - and then Is_Opt_Exponent_Format_Ghost - (Str (First_Exp .. Str'Last)))) - with - Ghost, - Pre => Str'Last /= Positive'Last, - Post => True; - -- Ghost function that determines if Str has the correct format for an - -- unsigned number without a sign character. - -- It is a natural number in base 10, optionally followed by a based - -- number surrounded by delimiters # or :, optionally followed by an - -- exponent part. - - function Raw_Unsigned_Overflows_Ghost - (Str : String; - From, To : Integer) - return Boolean - is - (declare - Last_Num_Init : constant Integer := - Last_Number_Ghost (Str (From .. To)); - Init_Val : constant Uns_Option := - Scan_Based_Number_Ghost (Str, From, Last_Num_Init); - Starts_As_Based : constant Boolean := - Last_Num_Init < To - 1 - and then Str (Last_Num_Init + 1) in '#' | ':' - and then Str (Last_Num_Init + 2) in - '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; - Last_Num_Based : constant Integer := - (if Starts_As_Based - then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. To)) - else Last_Num_Init); - Is_Based : constant Boolean := - Starts_As_Based - and then Last_Num_Based < To - and then Str (Last_Num_Based + 1) = Str (Last_Num_Init + 1); - Based_Val : constant Uns_Option := - (if Starts_As_Based and then not Init_Val.Overflow - then Scan_Based_Number_Ghost - (Str, Last_Num_Init + 2, Last_Num_Based, Init_Val.Value) - else Init_Val); - First_Exp : constant Integer := - (if Is_Based then Last_Num_Based + 2 else Last_Num_Init + 1); - Expon : constant Natural := - (if Starts_As_Exponent_Format_Ghost (Str (First_Exp .. To)) - then Scan_Exponent_Ghost (Str (First_Exp .. To)) - else 0); - begin - Init_Val.Overflow - or else - (Last_Num_Init < To - 1 - and then Str (Last_Num_Init + 1) in '#' | ':' - and then Init_Val.Value not in 2 .. 16) - or else - (Starts_As_Based - and then Based_Val.Overflow) - or else - (Starts_As_Exponent_Format_Ghost (Str (First_Exp .. To)) - and then - (declare - Base : constant Uns := - (if Is_Based then Init_Val.Value else 10); - Value : constant Uns := - (if Is_Based then Based_Val.Value else Init_Val.Value); - begin - Exponent_Unsigned_Ghost - (Value, Expon, Base).Overflow))) - with - Ghost, - Pre => Str'Last /= Positive'Last - and then From in Str'Range - and then To in From .. Str'Last - and then Str (From) in '0' .. '9', - Post => True; - -- Ghost function that determines if the computation of the unsigned number - -- represented by Str will overflow. The computation overflows if either: - -- * The computation of the decimal part overflows, - -- * The decimal part is followed by a valid delimiter for a based - -- part, and the number corresponding to the base is not a valid base, - -- * The computation of the based part overflows, or - -- * There is an exponent and the computation of the exponentiation - -- overflows. - - function Scan_Raw_Unsigned_Ghost - (Str : String; - From, To : Integer) - return Uns - is - (declare - Last_Num_Init : constant Integer := - Last_Number_Ghost (Str (From .. To)); - Init_Val : constant Uns_Option := - Scan_Based_Number_Ghost (Str, From, Last_Num_Init); - Starts_As_Based : constant Boolean := - Last_Num_Init < To - 1 - and then Str (Last_Num_Init + 1) in '#' | ':' - and then Str (Last_Num_Init + 2) in - '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; - Last_Num_Based : constant Integer := - (if Starts_As_Based - then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. To)) - else Last_Num_Init); - Is_Based : constant Boolean := - Starts_As_Based - and then Last_Num_Based < To - and then Str (Last_Num_Based + 1) = Str (Last_Num_Init + 1); - Based_Val : constant Uns_Option := - (if Starts_As_Based and then not Init_Val.Overflow - then Scan_Based_Number_Ghost - (Str, Last_Num_Init + 2, Last_Num_Based, Init_Val.Value) - else Init_Val); - First_Exp : constant Integer := - (if Is_Based then Last_Num_Based + 2 else Last_Num_Init + 1); - Expon : constant Natural := - (if Starts_As_Exponent_Format_Ghost (Str (First_Exp .. To)) - then Scan_Exponent_Ghost (Str (First_Exp .. To)) - else 0); - Base : constant Uns := - (if Is_Based then Init_Val.Value else 10); - Value : constant Uns := - (if Is_Based then Based_Val.Value else Init_Val.Value); - begin - Exponent_Unsigned_Ghost (Value, Expon, Base).Value) - with - Ghost, - Pre => Str'Last /= Positive'Last - and then From in Str'Range - and then To in From .. Str'Last - and then Str (From) in '0' .. '9' - and then not Raw_Unsigned_Overflows_Ghost (Str, From, To), - Post => True; - -- Ghost function that scans an unsigned number without a sign character - - function Raw_Unsigned_Last_Ghost - (Str : String; - From, To : Integer) - return Positive - is - (declare - Last_Num_Init : constant Integer := - Last_Number_Ghost (Str (From .. To)); - Starts_As_Based : constant Boolean := - Last_Num_Init < To - 1 - and then Str (Last_Num_Init + 1) in '#' | ':' - and then Str (Last_Num_Init + 2) in - '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; - Last_Num_Based : constant Integer := - (if Starts_As_Based - then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. To)) - else Last_Num_Init); - Is_Based : constant Boolean := - Starts_As_Based - and then Last_Num_Based < To - and then Str (Last_Num_Based + 1) = Str (Last_Num_Init + 1); - First_Exp : constant Integer := - (if Is_Based then Last_Num_Based + 2 else Last_Num_Init + 1); - begin - (if not Starts_As_Exponent_Format_Ghost (Str (First_Exp .. To)) - then First_Exp - elsif Str (First_Exp + 1) in '-' | '+' then - Last_Number_Ghost (Str (First_Exp + 2 .. To)) + 1 - else Last_Number_Ghost (Str (First_Exp + 1 .. To)) + 1)) - with - Ghost, - Pre => Str'Last /= Positive'Last - and then From in Str'Range - and then To in From .. Str'Last - and then Str (From) in '0' .. '9', - Post => Raw_Unsigned_Last_Ghost'Result in From .. To + 1; - -- Ghost function that returns the position of the cursor once an unsigned - -- number has been seen. + package Spec is new System.Value_U_Spec (Uns); procedure Scan_Raw_Unsigned (Str : String; @@ -373,10 +64,10 @@ package System.Value_U is with Pre => Str'Last /= Positive'Last and then Ptr.all in Str'Range and then Max in Ptr.all .. Str'Last - and then Is_Raw_Unsigned_Format_Ghost (Str (Ptr.all .. Max)), - Post => not Raw_Unsigned_Overflows_Ghost (Str, Ptr.all'Old, Max) - and Res = Scan_Raw_Unsigned_Ghost (Str, Ptr.all'Old, Max) - and Ptr.all = Raw_Unsigned_Last_Ghost (Str, Ptr.all'Old, Max); + and then Spec.Is_Raw_Unsigned_Format_Ghost (Str (Ptr.all .. Max)), + Post => Spec.Raw_Unsigned_No_Overflow_Ghost (Str, Ptr.all'Old, Max) + and Res = Spec.Scan_Raw_Unsigned_Ghost (Str, Ptr.all'Old, Max) + and Ptr.all = Spec.Raw_Unsigned_Last_Ghost (Str, Ptr.all'Old, Max); -- This function scans the string starting at Str (Ptr.all) for a valid -- integer according to the syntax described in (RM 3.5(43)). The substring @@ -464,7 +155,7 @@ package System.Value_U is Fst_Num : constant Positive := (if Str (Non_Blank) = '+' then Non_Blank + 1 else Non_Blank); begin - Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Max))), + Spec.Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Max))), Post => (declare Non_Blank : constant Positive := @@ -472,9 +163,9 @@ package System.Value_U is Fst_Num : constant Positive := (if Str (Non_Blank) = '+' then Non_Blank + 1 else Non_Blank); begin - not Raw_Unsigned_Overflows_Ghost (Str, Fst_Num, Max) - and then Res = Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Max) - and then Ptr.all = Raw_Unsigned_Last_Ghost (Str, Fst_Num, Max)); + Spec.Raw_Unsigned_No_Overflow_Ghost (Str, Fst_Num, Max) + and then Res = Spec.Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Max) + and then Ptr.all = Spec.Raw_Unsigned_Last_Ghost (Str, Fst_Num, Max)); -- Same as Scan_Raw_Unsigned, except scans optional leading -- blanks, and an optional leading plus sign. @@ -482,157 +173,18 @@ package System.Value_U is -- Note: if a minus sign is present, Constraint_Error will be raised. -- Note: trailing blanks are not scanned. - function Slide_To_1 (Str : String) return String - with Ghost, - Post => - Only_Space_Ghost (Str, Str'First, Str'Last) = - (for all J in Str'First .. Str'Last => - Slide_To_1'Result (J - Str'First + 1) = ' '); - -- Slides Str so that it starts at 1 - - function Slide_If_Necessary (Str : String) return String is - (if Str'Last = Positive'Last then Slide_To_1 (Str) else Str) - with Ghost, - Post => - Only_Space_Ghost (Str, Str'First, Str'Last) = - Only_Space_Ghost (Slide_If_Necessary'Result, - Slide_If_Necessary'Result'First, - Slide_If_Necessary'Result'Last); - -- If Str'Last = Positive'Last then slides Str so that it starts at 1 - - function Is_Unsigned_Ghost (Str : String) return Boolean is - (declare - Non_Blank : constant Positive := First_Non_Space_Ghost - (Str, Str'First, Str'Last); - Fst_Num : constant Positive := - (if Str (Non_Blank) = '+' then Non_Blank + 1 else Non_Blank); - begin - Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Str'Last)) - and then not Raw_Unsigned_Overflows_Ghost (Str, Fst_Num, Str'Last) - and then Only_Space_Ghost - (Str, Raw_Unsigned_Last_Ghost (Str, Fst_Num, Str'Last), Str'Last)) - with Ghost, - Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) - and then Str'Last /= Positive'Last, - Post => True; - -- Ghost function that determines if Str has the correct format for an - -- unsigned number, consisting in some blank characters, an optional - -- + sign, a raw unsigned number which does not overflow and then some - -- more blank characters. - - function Is_Value_Unsigned_Ghost (Str : String; Val : Uns) return Boolean is - (declare - Non_Blank : constant Positive := First_Non_Space_Ghost - (Str, Str'First, Str'Last); - Fst_Num : constant Positive := - (if Str (Non_Blank) = '+' then Non_Blank + 1 else Non_Blank); - begin - Val = Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Str'Last)) - with Ghost, - Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) - and then Str'Last /= Positive'Last - and then Is_Unsigned_Ghost (Str), - Post => True; - -- Ghost function that returns True if Val is the value corresponding to - -- the unsigned number represented by Str. - function Value_Unsigned (Str : String) return Uns - with Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) - and then Str'Length /= Positive'Last - and then Is_Unsigned_Ghost (Slide_If_Necessary (Str)), + with Pre => Str'Length /= Positive'Last + and then not Only_Space_Ghost (Str, Str'First, Str'Last) + and then Spec.Is_Unsigned_Ghost (Spec.Slide_If_Necessary (Str)), Post => - Is_Value_Unsigned_Ghost - (Slide_If_Necessary (Str), Value_Unsigned'Result), + Spec.Is_Value_Unsigned_Ghost + (Spec.Slide_If_Necessary (Str), Value_Unsigned'Result), Subprogram_Variant => (Decreases => Str'First); -- Used in computing X'Value (Str) where X is a modular integer type whose -- modulus does not exceed the range of System.Unsigned_Types.Unsigned. Str -- is the string argument of the attribute. Constraint_Error is raised if -- the string is malformed, or if the value is out of range. - procedure Prove_Iter_Scan_Based_Number_Ghost - (Str1, Str2 : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) - with - Ghost, - Subprogram_Variant => (Increases => From), - Pre => Str1'Last /= Positive'Last - and then Str2'Last /= Positive'Last - and then - (From > To or else (From >= Str1'First and then To <= Str1'Last)) - and then - (From > To or else (From >= Str2'First and then To <= Str2'Last)) - and then Only_Hexa_Ghost (Str1, From, To) - and then (for all J in From .. To => Str1 (J) = Str2 (J)), - Post => - Scan_Based_Number_Ghost (Str1, From, To, Base, Acc) - = Scan_Based_Number_Ghost (Str2, From, To, Base, Acc); - -- Ghost lemma used in the proof of 'Image implementation, to prove the - -- preservation of Scan_Based_Number_Ghost across an update in the string - -- in lower indexes. - - procedure Prove_Scan_Only_Decimal_Ghost - (Str : String; - Val : Uns) - with - Ghost, - Pre => Str'Last /= Positive'Last - and then Str'Length >= 2 - and then Str (Str'First) = ' ' - and then Only_Decimal_Ghost (Str, Str'First + 1, Str'Last) - and then Scan_Based_Number_Ghost (Str, Str'First + 1, Str'Last) - = Wrap_Option (Val), - Post => Is_Unsigned_Ghost (Slide_If_Necessary (Str)) - and then Value_Unsigned (Str) = Val; - -- Ghost lemma used in the proof of 'Image implementation, to prove that - -- the result of Value_Unsigned on a decimal string is the same as the - -- result of Scan_Based_Number_Ghost. - -private - - ----------------------------- - -- Exponent_Unsigned_Ghost -- - ----------------------------- - - function Exponent_Unsigned_Ghost - (Value : Uns; - Exp : Natural; - Base : Uns := 10) return Uns_Option - is - (if Exp = 0 or Value = 0 then (Overflow => False, Value => Value) - elsif Scan_Overflows_Ghost (0, Base, Value) then (Overflow => True) - else Exponent_Unsigned_Ghost (Value * Base, Exp - 1, Base)); - - ----------------------------- - -- Scan_Based_Number_Ghost -- - ----------------------------- - - function Scan_Based_Number_Ghost - (Str : String; - From, To : Integer; - Base : Uns := 10; - Acc : Uns := 0) return Uns_Option - is - (if From > To then (Overflow => False, Value => Acc) - elsif Str (From) = '_' - then Scan_Based_Number_Ghost (Str, From + 1, To, Base, Acc) - elsif Scan_Overflows_Ghost - (Hexa_To_Unsigned_Ghost (Str (From)), Base, Acc) - then (Overflow => True) - else Scan_Based_Number_Ghost - (Str, From + 1, To, Base, - Base * Acc + Hexa_To_Unsigned_Ghost (Str (From)))); - - ---------------- - -- Slide_To_1 -- - ---------------- - - function Slide_To_1 (Str : String) return String is - (declare - Res : constant String (1 .. Str'Length) := Str; - begin - Res); - end System.Value_U; diff --git a/gcc/ada/libgnat/s-valuti.ads b/gcc/ada/libgnat/s-valuti.ads index 2b89b12..7c2da17 100644 --- a/gcc/ada/libgnat/s-valuti.ads +++ b/gcc/ada/libgnat/s-valuti.ads @@ -374,48 +374,274 @@ is -- no check for this case, the caller must ensure this condition is met. pragma Warnings (GNATprove, On, """Ptr"" is not modified"); - -- Bundle Int type with other types, constants and subprograms used in + -- Bundle Uns type with other types, constants and subprograms used in -- ghost code, so that this package can be instantiated once and used - -- multiple times as generic formal for a given Int type. + -- multiple times as generic formal for a given Uns type. generic - type Int is range <>; type Uns is mod <>; - type Uns_Option is private; + type P_Uns_Option is private with Ghost; + with function P_Wrap_Option (Value : Uns) return P_Uns_Option + with Ghost; + with function P_Hexa_To_Unsigned_Ghost (X : Character) return Uns + with Ghost; + with function P_Scan_Overflows_Ghost + (Digit : Uns; + Base : Uns; + Acc : Uns) return Boolean + with Ghost; + with function P_Is_Raw_Unsigned_Format_Ghost + (Str : String) return Boolean + with Ghost; + with function P_Scan_Split_No_Overflow_Ghost + (Str : String; + From, To : Integer) + return Boolean + with Ghost; + with function P_Raw_Unsigned_No_Overflow_Ghost + (Str : String; + From, To : Integer) + return Boolean + with Ghost; - Unsigned_Width_Ghost : Natural; + with function P_Exponent_Unsigned_Ghost + (Value : Uns; + Exp : Natural; + Base : Uns := 10) return P_Uns_Option + with Ghost; + with procedure P_Lemma_Exponent_Unsigned_Ghost_Base + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + with Ghost; + with procedure P_Lemma_Exponent_Unsigned_Ghost_Overflow + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + with Ghost; + with procedure P_Lemma_Exponent_Unsigned_Ghost_Step + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + with Ghost; - with function Wrap_Option (Value : Uns) return Uns_Option - with Ghost; - with function Only_Decimal_Ghost + with function P_Scan_Raw_Unsigned_Ghost (Str : String; From, To : Integer) - return Boolean - with Ghost; - with function Hexa_To_Unsigned_Ghost (X : Character) return Uns - with Ghost; - with function Scan_Based_Number_Ghost + return Uns + with Ghost; + with procedure P_Lemma_Scan_Based_Number_Ghost_Base (Str : String; From, To : Integer; Base : Uns := 10; Acc : Uns := 0) - return Uns_Option - with Ghost; - with function Is_Integer_Ghost (Str : String) return Boolean - with Ghost; - with procedure Prove_Iter_Scan_Based_Number_Ghost + with Ghost; + with procedure P_Lemma_Scan_Based_Number_Ghost_Underscore + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + with Ghost; + with procedure P_Lemma_Scan_Based_Number_Ghost_Overflow + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + with Ghost; + with procedure P_Lemma_Scan_Based_Number_Ghost_Step + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + with Ghost; + + with function P_Raw_Unsigned_Last_Ghost + (Str : String; + From, To : Integer) + return Positive + with Ghost; + with function P_Only_Decimal_Ghost + (Str : String; + From, To : Integer) + return Boolean + with Ghost; + with function P_Scan_Based_Number_Ghost + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + return P_Uns_Option + with Ghost; + with function P_Is_Unsigned_Ghost (Str : String) return Boolean + with Ghost; + with function P_Is_Value_Unsigned_Ghost + (Str : String; + Val : Uns) return Boolean + with Ghost; + + with procedure P_Prove_Scan_Only_Decimal_Ghost + (Str : String; + Val : Uns) + with Ghost; + with procedure P_Prove_Scan_Based_Number_Ghost_Eq (Str1, Str2 : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + with Ghost; + + package Uns_Params is + subtype Uns_Option is P_Uns_Option with Ghost; + function Wrap_Option (Value : Uns) return Uns_Option renames + P_Wrap_Option; + function Hexa_To_Unsigned_Ghost + (X : Character) return Uns + renames P_Hexa_To_Unsigned_Ghost; + function Scan_Overflows_Ghost + (Digit : Uns; + Base : Uns; + Acc : Uns) return Boolean + renames P_Scan_Overflows_Ghost; + function Is_Raw_Unsigned_Format_Ghost + (Str : String) return Boolean + renames P_Is_Raw_Unsigned_Format_Ghost; + function Scan_Split_No_Overflow_Ghost + (Str : String; + From, To : Integer) return Boolean + renames P_Scan_Split_No_Overflow_Ghost; + function Raw_Unsigned_No_Overflow_Ghost + (Str : String; + From, To : Integer) return Boolean + renames P_Raw_Unsigned_No_Overflow_Ghost; + + function Exponent_Unsigned_Ghost + (Value : Uns; + Exp : Natural; + Base : Uns := 10) return Uns_Option + renames P_Exponent_Unsigned_Ghost; + procedure Lemma_Exponent_Unsigned_Ghost_Base + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + renames P_Lemma_Exponent_Unsigned_Ghost_Base; + procedure Lemma_Exponent_Unsigned_Ghost_Overflow + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + renames P_Lemma_Exponent_Unsigned_Ghost_Overflow; + procedure Lemma_Exponent_Unsigned_Ghost_Step + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + renames P_Lemma_Exponent_Unsigned_Ghost_Step; + + function Scan_Raw_Unsigned_Ghost + (Str : String; + From, To : Integer) return Uns + renames P_Scan_Raw_Unsigned_Ghost; + procedure Lemma_Scan_Based_Number_Ghost_Base + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + renames P_Lemma_Scan_Based_Number_Ghost_Base; + procedure Lemma_Scan_Based_Number_Ghost_Underscore + (Str : String; From, To : Integer; Base : Uns := 10; Acc : Uns := 0) + renames P_Lemma_Scan_Based_Number_Ghost_Underscore; + procedure Lemma_Scan_Based_Number_Ghost_Overflow + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + renames P_Lemma_Scan_Based_Number_Ghost_Overflow; + procedure Lemma_Scan_Based_Number_Ghost_Step + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + renames P_Lemma_Scan_Based_Number_Ghost_Step; + + function Raw_Unsigned_Last_Ghost + (Str : String; + From, To : Integer) return Positive + renames P_Raw_Unsigned_Last_Ghost; + function Only_Decimal_Ghost + (Str : String; + From, To : Integer) return Boolean + renames P_Only_Decimal_Ghost; + function Scan_Based_Number_Ghost + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) return Uns_Option + renames P_Scan_Based_Number_Ghost; + function Is_Unsigned_Ghost (Str : String) return Boolean + renames P_Is_Unsigned_Ghost; + function Is_Value_Unsigned_Ghost + (Str : String; + Val : Uns) return Boolean + renames P_Is_Value_Unsigned_Ghost; + + procedure Prove_Scan_Only_Decimal_Ghost + (Str : String; + Val : Uns) + renames P_Prove_Scan_Only_Decimal_Ghost; + procedure Prove_Scan_Based_Number_Ghost_Eq + (Str1, Str2 : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + renames P_Prove_Scan_Based_Number_Ghost_Eq; + end Uns_Params; + + -- Bundle Int type with other types, constants and subprograms used in + -- ghost code, so that this package can be instantiated once and used + -- multiple times as generic formal for a given Int type. + generic + type Int is range <>; + type Uns is mod <>; + + with package P_Uns_Params is new System.Val_Util.Uns_Params + (Uns => Uns, others => <>) + with Ghost; + + with function P_Abs_Uns_Of_Int (Val : Int) return Uns + with Ghost; + with function P_Is_Int_Of_Uns + (Minus : Boolean; + Uval : Uns; + Val : Int) + return Boolean with Ghost; - with procedure Prove_Scan_Only_Decimal_Ghost (Str : String; Val : Int) + with function P_Is_Integer_Ghost (Str : String) return Boolean with Ghost; - with function Abs_Uns_Of_Int (Val : Int) return Uns + with function P_Is_Value_Integer_Ghost + (Str : String; + Val : Int) return Boolean with Ghost; - with function Value_Integer (Str : String) return Int + with procedure P_Prove_Scan_Only_Decimal_Ghost (Str : String; Val : Int) with Ghost; package Int_Params is + package Uns_Params renames P_Uns_Params; + function Abs_Uns_Of_Int (Val : Int) return Uns renames + P_Abs_Uns_Of_Int; + function Is_Int_Of_Uns + (Minus : Boolean; + Uval : Uns; + Val : Int) + return Boolean + renames P_Is_Int_Of_Uns; + function Is_Integer_Ghost (Str : String) return Boolean renames + P_Is_Integer_Ghost; + function Is_Value_Integer_Ghost + (Str : String; + Val : Int) return Boolean + renames P_Is_Value_Integer_Ghost; + procedure Prove_Scan_Only_Decimal_Ghost (Str : String; Val : Int) renames + P_Prove_Scan_Only_Decimal_Ghost; end Int_Params; private diff --git a/gcc/ada/libgnat/s-vauspe.adb b/gcc/ada/libgnat/s-vauspe.adb new file mode 100644 index 0000000..1a870b9 --- /dev/null +++ b/gcc/ada/libgnat/s-vauspe.adb @@ -0,0 +1,198 @@ +------------------------------------------------------------------------------ +-- -- +-- GNAT COMPILER COMPONENTS -- +-- -- +-- S Y S T E M . V A L U E _ U _ S P E C -- +-- -- +-- B o d y -- +-- -- +-- Copyright (C) 2022-2022, Free Software Foundation, Inc. -- +-- -- +-- GNAT is free software; you can redistribute it and/or modify it under -- +-- terms of the GNU General Public License as published by the Free Soft- -- +-- ware Foundation; either version 3, or (at your option) any later ver- -- +-- sion. GNAT is distributed in the hope that it will be useful, but WITH- -- +-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -- +-- or FITNESS FOR A PARTICULAR PURPOSE. -- +-- -- +-- As a special exception under Section 7 of GPL version 3, you are granted -- +-- additional permissions described in the GCC Runtime Library Exception, -- +-- version 3.1, as published by the Free Software Foundation. -- +-- -- +-- You should have received a copy of the GNU General Public License and -- +-- a copy of the GCC Runtime Library Exception along with this program; -- +-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see -- +-- <http://www.gnu.org/licenses/>. -- +-- -- +-- GNAT was originally developed by the GNAT team at New York University. -- +-- Extensive contributions were provided by Ada Core Technologies Inc. -- +-- -- +------------------------------------------------------------------------------ + +pragma Assertion_Policy (Pre => Ignore, + Post => Ignore, + Contract_Cases => Ignore, + Ghost => Ignore, + Subprogram_Variant => Ignore); + +package body System.Value_U_Spec with SPARK_Mode is + + ----------------------------- + -- Exponent_Unsigned_Ghost -- + ----------------------------- + + function Exponent_Unsigned_Ghost + (Value : Uns; + Exp : Natural; + Base : Uns := 10) return Uns_Option + is + (if Exp = 0 or Value = 0 then (Overflow => False, Value => Value) + elsif Scan_Overflows_Ghost (0, Base, Value) then (Overflow => True) + else Exponent_Unsigned_Ghost (Value * Base, Exp - 1, Base)); + + --------------------- + -- Last_Hexa_Ghost -- + --------------------- + + function Last_Hexa_Ghost (Str : String) return Positive is + begin + for J in Str'Range loop + if Str (J) not in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' | '_' then + return J - 1; + end if; + + pragma Loop_Invariant + (for all K in Str'First .. J => + Str (K) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' | '_'); + end loop; + + return Str'Last; + end Last_Hexa_Ghost; + + ----------------------------- + -- Lemmas with null bodies -- + ----------------------------- + + procedure Lemma_Scan_Based_Number_Ghost_Base + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + is null; + + procedure Lemma_Scan_Based_Number_Ghost_Underscore + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + is null; + + procedure Lemma_Scan_Based_Number_Ghost_Overflow + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + is null; + + procedure Lemma_Scan_Based_Number_Ghost_Step + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + is null; + + procedure Lemma_Exponent_Unsigned_Ghost_Base + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + is null; + + procedure Lemma_Exponent_Unsigned_Ghost_Overflow + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + is null; + + procedure Lemma_Exponent_Unsigned_Ghost_Step + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + is null; + + -------------------------------------- + -- Prove_Scan_Based_Number_Ghost_Eq -- + -------------------------------------- + + procedure Prove_Scan_Based_Number_Ghost_Eq + (Str1, Str2 : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + is + begin + if From > To then + null; + elsif Str1 (From) = '_' then + Prove_Scan_Based_Number_Ghost_Eq + (Str1, Str2, From + 1, To, Base, Acc); + elsif Scan_Overflows_Ghost + (Hexa_To_Unsigned_Ghost (Str1 (From)), Base, Acc) + then + null; + else + Prove_Scan_Based_Number_Ghost_Eq + (Str1, Str2, From + 1, To, Base, + Base * Acc + Hexa_To_Unsigned_Ghost (Str1 (From))); + end if; + end Prove_Scan_Based_Number_Ghost_Eq; + + ----------------------------------- + -- Prove_Scan_Only_Decimal_Ghost -- + ----------------------------------- + + procedure Prove_Scan_Only_Decimal_Ghost + (Str : String; + Val : Uns) + is + pragma Assert (Str (Str'First + 1) /= ' '); + Non_Blank : constant Positive := First_Non_Space_Ghost + (Str, Str'First, Str'Last); + pragma Assert (Non_Blank = Str'First + 1); + Fst_Num : constant Positive := + (if Str (Non_Blank) = '+' then Non_Blank + 1 else Non_Blank); + pragma Assert (Fst_Num = Str'First + 1); + begin + pragma Assert + (Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Str'Last))); + pragma Assert + (Scan_Split_No_Overflow_Ghost (Str, Str'First + 1, Str'Last)); + pragma Assert + ((Val, 10, 0) = Scan_Split_Value_Ghost (Str, Str'First + 1, Str'Last)); + pragma Assert + (Raw_Unsigned_No_Overflow_Ghost (Str, Fst_Num, Str'Last)); + pragma Assert (Val = Exponent_Unsigned_Ghost (Val, 0, 10).Value); + pragma Assert (Is_Unsigned_Ghost (Str)); + pragma Assert (Is_Value_Unsigned_Ghost (Str, Val)); + end Prove_Scan_Only_Decimal_Ghost; + + ----------------------------- + -- Scan_Based_Number_Ghost -- + ----------------------------- + + function Scan_Based_Number_Ghost + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) return Uns_Option + is + (if From > To then (Overflow => False, Value => Acc) + elsif Str (From) = '_' + then Scan_Based_Number_Ghost (Str, From + 1, To, Base, Acc) + elsif Scan_Overflows_Ghost + (Hexa_To_Unsigned_Ghost (Str (From)), Base, Acc) + then (Overflow => True) + else Scan_Based_Number_Ghost + (Str, From + 1, To, Base, + Base * Acc + Hexa_To_Unsigned_Ghost (Str (From)))); + +end System.Value_U_Spec; diff --git a/gcc/ada/libgnat/s-vauspe.ads b/gcc/ada/libgnat/s-vauspe.ads new file mode 100644 index 0000000..0d5c19e --- /dev/null +++ b/gcc/ada/libgnat/s-vauspe.ads @@ -0,0 +1,639 @@ +------------------------------------------------------------------------------ +-- -- +-- GNAT COMPILER COMPONENTS -- +-- -- +-- S Y S T E M . V A L U E _ U _ S P E C -- +-- -- +-- S p e c -- +-- -- +-- Copyright (C) 2022-2022, Free Software Foundation, Inc. -- +-- -- +-- GNAT is free software; you can redistribute it and/or modify it under -- +-- terms of the GNU General Public License as published by the Free Soft- -- +-- ware Foundation; either version 3, or (at your option) any later ver- -- +-- sion. GNAT is distributed in the hope that it will be useful, but WITH- -- +-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -- +-- or FITNESS FOR A PARTICULAR PURPOSE. -- +-- -- +-- As a special exception under Section 7 of GPL version 3, you are granted -- +-- additional permissions described in the GCC Runtime Library Exception, -- +-- version 3.1, as published by the Free Software Foundation. -- +-- -- +-- You should have received a copy of the GNU General Public License and -- +-- a copy of the GCC Runtime Library Exception along with this program; -- +-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see -- +-- <http://www.gnu.org/licenses/>. -- +-- -- +-- GNAT was originally developed by the GNAT team at New York University. -- +-- Extensive contributions were provided by Ada Core Technologies Inc. -- +-- -- +------------------------------------------------------------------------------ + +-- This package contains the specification entities using for the formal +-- verification of the routines for scanning modular Unsigned values. + +-- Preconditions in this unit are meant for analysis only, not for run-time +-- checking, so that the expected exceptions are raised. This is enforced by +-- setting the corresponding assertion policy to Ignore. Postconditions and +-- contract cases should not be executed at runtime as well, in order not to +-- slow down the execution of these functions. + +pragma Assertion_Policy (Pre => Ignore, + Post => Ignore, + Contract_Cases => Ignore, + Ghost => Ignore, + Subprogram_Variant => Ignore); + +with System.Val_Util; use System.Val_Util; + +generic + + type Uns is mod <>; + +package System.Value_U_Spec with + Ghost, + SPARK_Mode, + Annotate => (GNATprove, Always_Return) +is + pragma Preelaborate; + + type Uns_Option (Overflow : Boolean := False) is record + case Overflow is + when True => + null; + when False => + Value : Uns := 0; + end case; + end record; + + function Wrap_Option (Value : Uns) return Uns_Option is + (Overflow => False, Value => Value); + + function Only_Decimal_Ghost + (Str : String; + From, To : Integer) + return Boolean + is + (for all J in From .. To => Str (J) in '0' .. '9') + with + Pre => From > To or else (From >= Str'First and then To <= Str'Last); + -- Ghost function that returns True if S has only decimal characters + -- from index From to index To. + + function Only_Hexa_Ghost (Str : String; From, To : Integer) return Boolean + is + (for all J in From .. To => + Str (J) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' | '_') + with + Pre => From > To or else (From >= Str'First and then To <= Str'Last); + -- Ghost function that returns True if S has only hexadecimal characters + -- from index From to index To. + + function Last_Hexa_Ghost (Str : String) return Positive + with + Pre => Str /= "" + and then Str (Str'First) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F', + Post => Last_Hexa_Ghost'Result in Str'Range + and then (if Last_Hexa_Ghost'Result < Str'Last then + Str (Last_Hexa_Ghost'Result + 1) not in + '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' | '_') + and then Only_Hexa_Ghost (Str, Str'First, Last_Hexa_Ghost'Result); + -- Ghost function that returns the index of the last character in S that + -- is either an hexadecimal digit or an underscore, which necessarily + -- exists given the precondition on Str. + + function Is_Based_Format_Ghost (Str : String) return Boolean + is + (Str /= "" + and then Str (Str'First) in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F' + and then + (declare + L : constant Positive := Last_Hexa_Ghost (Str); + begin + Str (L) /= '_' + and then (for all J in Str'First .. L => + (if Str (J) = '_' then Str (J + 1) /= '_')))); + -- Ghost function that determines if Str has the correct format for a + -- based number, consisting in a sequence of hexadecimal digits possibly + -- separated by single underscores. It may be followed by other characters. + + function Hexa_To_Unsigned_Ghost (X : Character) return Uns is + (case X is + when '0' .. '9' => Character'Pos (X) - Character'Pos ('0'), + when 'a' .. 'f' => Character'Pos (X) - Character'Pos ('a') + 10, + when 'A' .. 'F' => Character'Pos (X) - Character'Pos ('A') + 10, + when others => raise Program_Error) + with + Pre => X in '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; + -- Ghost function that computes the value corresponding to an hexadecimal + -- digit. + + function Scan_Overflows_Ghost + (Digit : Uns; + Base : Uns; + Acc : Uns) return Boolean + is + (Digit >= Base + or else Acc > Uns'Last / Base + or else Uns'Last - Digit < Base * Acc); + -- Ghost function which returns True if Digit + Base * Acc overflows or + -- Digit is greater than Base, as this is used by the algorithm for the + -- test of overflow. + + function Scan_Based_Number_Ghost + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) return Uns_Option + with + Subprogram_Variant => (Increases => From), + Pre => Str'Last /= Positive'Last + and then + (From > To or else (From >= Str'First and then To <= Str'Last)) + and then Only_Hexa_Ghost (Str, From, To); + -- Ghost function that recursively computes the based number in Str, + -- assuming Acc has been scanned already and scanning continues at index + -- From. + + -- Lemmas unfolding the recursive definition of Scan_Based_Number_Ghost + + procedure Lemma_Scan_Based_Number_Ghost_Base + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + with + Global => null, + Pre => Str'Last /= Positive'Last + and then + (From > To or else (From >= Str'First and then To <= Str'Last)) + and then Only_Hexa_Ghost (Str, From, To), + Post => + (if From > To + then Scan_Based_Number_Ghost (Str, From, To, Base, Acc) = + (Overflow => False, Value => Acc)); + -- Base case: Scan_Based_Number_Ghost returns Acc if From is bigger than To + + procedure Lemma_Scan_Based_Number_Ghost_Underscore + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + with + Global => null, + Pre => Str'Last /= Positive'Last + and then + (From > To or else (From >= Str'First and then To <= Str'Last)) + and then Only_Hexa_Ghost (Str, From, To), + Post => + (if From <= To and then Str (From) = '_' + then Scan_Based_Number_Ghost (Str, From, To, Base, Acc) = + Scan_Based_Number_Ghost (Str, From + 1, To, Base, Acc)); + -- Underscore case: underscores are ignored while scanning + + procedure Lemma_Scan_Based_Number_Ghost_Overflow + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + with + Global => null, + Pre => Str'Last /= Positive'Last + and then + (From > To or else (From >= Str'First and then To <= Str'Last)) + and then Only_Hexa_Ghost (Str, From, To), + Post => + (if From <= To + and then Str (From) /= '_' + and then Scan_Overflows_Ghost + (Hexa_To_Unsigned_Ghost (Str (From)), Base, Acc) + then Scan_Based_Number_Ghost (Str, From, To, Base, Acc) = + (Overflow => True)); + -- Overflow case: scanning a digit which causes an overflow + + procedure Lemma_Scan_Based_Number_Ghost_Step + (Str : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + with + Global => null, + Pre => Str'Last /= Positive'Last + and then + (From > To or else (From >= Str'First and then To <= Str'Last)) + and then Only_Hexa_Ghost (Str, From, To), + Post => + (if From <= To + and then Str (From) /= '_' + and then not Scan_Overflows_Ghost + (Hexa_To_Unsigned_Ghost (Str (From)), Base, Acc) + then Scan_Based_Number_Ghost (Str, From, To, Base, Acc) = + Scan_Based_Number_Ghost + (Str, From + 1, To, Base, + Base * Acc + Hexa_To_Unsigned_Ghost (Str (From)))); + -- Normal case: scanning a digit without overflows + + function Exponent_Unsigned_Ghost + (Value : Uns; + Exp : Natural; + Base : Uns := 10) return Uns_Option + with + Subprogram_Variant => (Decreases => Exp); + -- Ghost function that recursively computes Value * Base ** Exp + + -- Lemmas unfolding the recursive definition of Exponent_Unsigned_Ghost + + procedure Lemma_Exponent_Unsigned_Ghost_Base + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + with + Post => + (if Exp = 0 or Value = 0 + then Exponent_Unsigned_Ghost (Value, Exp, Base) = + (Overflow => False, Value => Value)); + -- Base case: Exponent_Unsigned_Ghost returns 0 if Value or Exp is 0 + + procedure Lemma_Exponent_Unsigned_Ghost_Overflow + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + with + Post => + (if Exp /= 0 + and then Value /= 0 + and then Scan_Overflows_Ghost (0, Base, Value) + then Exponent_Unsigned_Ghost (Value, Exp, Base) = (Overflow => True)); + -- Overflow case: the next multiplication overflows + + procedure Lemma_Exponent_Unsigned_Ghost_Step + (Value : Uns; + Exp : Natural; + Base : Uns := 10) + with + Post => + (if Exp /= 0 + and then Value /= 0 + and then not Scan_Overflows_Ghost (0, Base, Value) + then Exponent_Unsigned_Ghost (Value, Exp, Base) = + Exponent_Unsigned_Ghost (Value * Base, Exp - 1, Base)); + -- Normal case: exponentiation without overflows + + function Is_Raw_Unsigned_Format_Ghost (Str : String) return Boolean is + (Is_Natural_Format_Ghost (Str) + and then + (declare + Last_Num_Init : constant Integer := Last_Number_Ghost (Str); + Starts_As_Based : constant Boolean := + Last_Num_Init < Str'Last - 1 + and then Str (Last_Num_Init + 1) in '#' | ':' + and then Str (Last_Num_Init + 2) in + '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; + Last_Num_Based : constant Integer := + (if Starts_As_Based + then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. Str'Last)) + else Last_Num_Init); + Is_Based : constant Boolean := + Starts_As_Based + and then Last_Num_Based < Str'Last + and then Str (Last_Num_Based + 1) = Str (Last_Num_Init + 1); + First_Exp : constant Integer := + (if Is_Based then Last_Num_Based + 2 else Last_Num_Init + 1); + begin + (if Starts_As_Based then + Is_Based_Format_Ghost (Str (Last_Num_Init + 2 .. Str'Last)) + and then Last_Num_Based < Str'Last) + and then Is_Opt_Exponent_Format_Ghost + (Str (First_Exp .. Str'Last)))) + with + Pre => Str'Last /= Positive'Last; + -- Ghost function that determines if Str has the correct format for an + -- unsigned number without a sign character. + -- It is a natural number in base 10, optionally followed by a based + -- number surrounded by delimiters # or :, optionally followed by an + -- exponent part. + + type Split_Value_Ghost is record + Value : Uns; + Base : Uns; + Expon : Natural; + end record; + + function Scan_Split_No_Overflow_Ghost + (Str : String; + From, To : Integer) + return Boolean + is + (declare + Last_Num_Init : constant Integer := + Last_Number_Ghost (Str (From .. To)); + Init_Val : constant Uns_Option := + Scan_Based_Number_Ghost (Str, From, Last_Num_Init); + Starts_As_Based : constant Boolean := + Last_Num_Init < To - 1 + and then Str (Last_Num_Init + 1) in '#' | ':' + and then Str (Last_Num_Init + 2) in + '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; + Last_Num_Based : constant Integer := + (if Starts_As_Based + then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. To)) + else Last_Num_Init); + Based_Val : constant Uns_Option := + (if Starts_As_Based and then not Init_Val.Overflow + then Scan_Based_Number_Ghost + (Str, Last_Num_Init + 2, Last_Num_Based, Init_Val.Value) + else Init_Val); + begin + not Init_Val.Overflow + and then + (Last_Num_Init >= To - 1 + or else Str (Last_Num_Init + 1) not in '#' | ':' + or else Init_Val.Value in 2 .. 16) + and then + (not Starts_As_Based + or else not Based_Val.Overflow)) + with + Pre => Str'Last /= Positive'Last + and then From in Str'Range + and then To in From .. Str'Last + and then Str (From) in '0' .. '9'; + -- Ghost function that determines if an overflow might occur while scanning + -- the representation of an unsigned number. The computation overflows if + -- either: + -- * The computation of the decimal part overflows, + -- * The decimal part is followed by a valid delimiter for a based + -- part, and the number corresponding to the base is not a valid base, + -- or + -- * The computation of the based part overflows. + + pragma Warnings (Off, "constant * is not referenced"); + function Scan_Split_Value_Ghost + (Str : String; + From, To : Integer) + return Split_Value_Ghost + is + (declare + Last_Num_Init : constant Integer := + Last_Number_Ghost (Str (From .. To)); + Init_Val : constant Uns_Option := + Scan_Based_Number_Ghost (Str, From, Last_Num_Init); + Starts_As_Based : constant Boolean := + Last_Num_Init < To - 1 + and then Str (Last_Num_Init + 1) in '#' | ':' + and then Str (Last_Num_Init + 2) in + '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; + Last_Num_Based : constant Integer := + (if Starts_As_Based + then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. To)) + else Last_Num_Init); + Is_Based : constant Boolean := + Starts_As_Based + and then Last_Num_Based < To + and then Str (Last_Num_Based + 1) = Str (Last_Num_Init + 1); + Based_Val : constant Uns_Option := + (if Starts_As_Based and then not Init_Val.Overflow + then Scan_Based_Number_Ghost + (Str, Last_Num_Init + 2, Last_Num_Based, Init_Val.Value) + else Init_Val); + First_Exp : constant Integer := + (if Is_Based then Last_Num_Based + 2 else Last_Num_Init + 1); + Expon : constant Natural := + (if Starts_As_Exponent_Format_Ghost (Str (First_Exp .. To)) + then Scan_Exponent_Ghost (Str (First_Exp .. To)) + else 0); + Base : constant Uns := + (if Is_Based then Init_Val.Value else 10); + Value : constant Uns := + (if Is_Based then Based_Val.Value else Init_Val.Value); + begin + (Value => Value, Base => Base, Expon => Expon)) + with + Pre => Str'Last /= Positive'Last + and then From in Str'Range + and then To in From .. Str'Last + and then Str (From) in '0' .. '9' + and then Scan_Split_No_Overflow_Ghost (Str, From, To); + -- Ghost function that scans an unsigned number without a sign character + -- and return a record containing the values scanned for its value, its + -- base, and its exponent. + pragma Warnings (On, "constant * is not referenced"); + + function Raw_Unsigned_No_Overflow_Ghost + (Str : String; + From, To : Integer) + return Boolean + is + (Scan_Split_No_Overflow_Ghost (Str, From, To) + and then + (declare + Val : constant Split_Value_Ghost := Scan_Split_Value_Ghost + (Str, From, To); + begin + not Exponent_Unsigned_Ghost + (Val.Value, Val.Expon, Val.Base).Overflow)) + with + Pre => Str'Last /= Positive'Last + and then From in Str'Range + and then To in From .. Str'Last + and then Str (From) in '0' .. '9'; + -- Ghost function that determines if the computation of the unsigned number + -- represented by Str will overflow. The computation overflows if either: + -- * The scan of the string overflows, or + -- * The computation of the exponentiation overflows. + + function Scan_Raw_Unsigned_Ghost + (Str : String; + From, To : Integer) + return Uns + is + (declare + Val : constant Split_Value_Ghost := Scan_Split_Value_Ghost + (Str, From, To); + begin + Exponent_Unsigned_Ghost (Val.Value, Val.Expon, Val.Base).Value) + with + Pre => Str'Last /= Positive'Last + and then From in Str'Range + and then To in From .. Str'Last + and then Str (From) in '0' .. '9' + and then Raw_Unsigned_No_Overflow_Ghost (Str, From, To); + -- Ghost function that scans an unsigned number without a sign character + + function Raw_Unsigned_Last_Ghost + (Str : String; + From, To : Integer) + return Positive + is + (declare + Last_Num_Init : constant Integer := + Last_Number_Ghost (Str (From .. To)); + Starts_As_Based : constant Boolean := + Last_Num_Init < To - 1 + and then Str (Last_Num_Init + 1) in '#' | ':' + and then Str (Last_Num_Init + 2) in + '0' .. '9' | 'a' .. 'f' | 'A' .. 'F'; + Last_Num_Based : constant Integer := + (if Starts_As_Based + then Last_Hexa_Ghost (Str (Last_Num_Init + 2 .. To)) + else Last_Num_Init); + Is_Based : constant Boolean := + Starts_As_Based + and then Last_Num_Based < To + and then Str (Last_Num_Based + 1) = Str (Last_Num_Init + 1); + First_Exp : constant Integer := + (if Is_Based then Last_Num_Based + 2 else Last_Num_Init + 1); + begin + (if not Starts_As_Exponent_Format_Ghost (Str (First_Exp .. To)) + then First_Exp + elsif Str (First_Exp + 1) in '-' | '+' then + Last_Number_Ghost (Str (First_Exp + 2 .. To)) + 1 + else Last_Number_Ghost (Str (First_Exp + 1 .. To)) + 1)) + with + Pre => Str'Last /= Positive'Last + and then From in Str'Range + and then To in From .. Str'Last + and then Str (From) in '0' .. '9'; + -- Ghost function that returns the position of the cursor once an unsigned + -- number has been seen. + + function Slide_To_1 (Str : String) return String + with + Post => + Only_Space_Ghost (Str, Str'First, Str'Last) = + (for all J in Str'First .. Str'Last => + Slide_To_1'Result (J - Str'First + 1) = ' '); + -- Slides Str so that it starts at 1 + + function Slide_If_Necessary (Str : String) return String is + (if Str'Last = Positive'Last then Slide_To_1 (Str) else Str); + -- If Str'Last = Positive'Last then slides Str so that it starts at 1 + + function Is_Unsigned_Ghost (Str : String) return Boolean is + (declare + Non_Blank : constant Positive := First_Non_Space_Ghost + (Str, Str'First, Str'Last); + Fst_Num : constant Positive := + (if Str (Non_Blank) = '+' then Non_Blank + 1 else Non_Blank); + begin + Is_Raw_Unsigned_Format_Ghost (Str (Fst_Num .. Str'Last)) + and then Raw_Unsigned_No_Overflow_Ghost (Str, Fst_Num, Str'Last) + and then Only_Space_Ghost + (Str, Raw_Unsigned_Last_Ghost (Str, Fst_Num, Str'Last), Str'Last)) + with + Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) + and then Str'Last /= Positive'Last; + -- Ghost function that determines if Str has the correct format for an + -- unsigned number, consisting in some blank characters, an optional + -- + sign, a raw unsigned number which does not overflow and then some + -- more blank characters. + + function Is_Value_Unsigned_Ghost (Str : String; Val : Uns) return Boolean is + (declare + Non_Blank : constant Positive := First_Non_Space_Ghost + (Str, Str'First, Str'Last); + Fst_Num : constant Positive := + (if Str (Non_Blank) = '+' then Non_Blank + 1 else Non_Blank); + begin + Val = Scan_Raw_Unsigned_Ghost (Str, Fst_Num, Str'Last)) + with + Pre => not Only_Space_Ghost (Str, Str'First, Str'Last) + and then Str'Last /= Positive'Last + and then Is_Unsigned_Ghost (Str); + -- Ghost function that returns True if Val is the value corresponding to + -- the unsigned number represented by Str. + + procedure Prove_Scan_Based_Number_Ghost_Eq + (Str1, Str2 : String; + From, To : Integer; + Base : Uns := 10; + Acc : Uns := 0) + with + Subprogram_Variant => (Increases => From), + Pre => Str1'Last /= Positive'Last + and then Str2'Last /= Positive'Last + and then + (From > To or else (From >= Str1'First and then To <= Str1'Last)) + and then + (From > To or else (From >= Str2'First and then To <= Str2'Last)) + and then Only_Hexa_Ghost (Str1, From, To) + and then (for all J in From .. To => Str1 (J) = Str2 (J)), + Post => + Scan_Based_Number_Ghost (Str1, From, To, Base, Acc) + = Scan_Based_Number_Ghost (Str2, From, To, Base, Acc); + -- Scan_Based_Number_Ghost returns the same value on two slices which are + -- equal. + + procedure Prove_Scan_Only_Decimal_Ghost + (Str : String; + Val : Uns) + with + Pre => Str'Last /= Positive'Last + and then Str'Length >= 2 + and then Str (Str'First) = ' ' + and then Only_Decimal_Ghost (Str, Str'First + 1, Str'Last) + and then Scan_Based_Number_Ghost (Str, Str'First + 1, Str'Last) + = Wrap_Option (Val), + Post => Is_Unsigned_Ghost (Slide_If_Necessary (Str)) + and then + Is_Value_Unsigned_Ghost (Slide_If_Necessary (Str), Val); + -- Ghost lemma used in the proof of 'Image implementation, to prove that + -- the result of Value_Unsigned on a decimal string is the same as the + -- result of Scan_Based_Number_Ghost. + + -- Bundle Uns type with other types, constants and subprograms used in + -- ghost code, so that this package can be instantiated once and used + -- multiple times as generic formal for a given Int type. + + package Uns_Params is new System.Val_Util.Uns_Params + (Uns => Uns, + P_Uns_Option => Uns_Option, + P_Wrap_Option => Wrap_Option, + P_Hexa_To_Unsigned_Ghost => Hexa_To_Unsigned_Ghost, + P_Scan_Overflows_Ghost => Scan_Overflows_Ghost, + P_Is_Raw_Unsigned_Format_Ghost => + Is_Raw_Unsigned_Format_Ghost, + P_Scan_Split_No_Overflow_Ghost => + Scan_Split_No_Overflow_Ghost, + P_Raw_Unsigned_No_Overflow_Ghost => + Raw_Unsigned_No_Overflow_Ghost, + P_Exponent_Unsigned_Ghost => Exponent_Unsigned_Ghost, + P_Lemma_Exponent_Unsigned_Ghost_Base => + Lemma_Exponent_Unsigned_Ghost_Base, + P_Lemma_Exponent_Unsigned_Ghost_Overflow => + Lemma_Exponent_Unsigned_Ghost_Overflow, + P_Lemma_Exponent_Unsigned_Ghost_Step => + Lemma_Exponent_Unsigned_Ghost_Step, + P_Scan_Raw_Unsigned_Ghost => Scan_Raw_Unsigned_Ghost, + P_Lemma_Scan_Based_Number_Ghost_Base => + Lemma_Scan_Based_Number_Ghost_Base, + P_Lemma_Scan_Based_Number_Ghost_Underscore => + Lemma_Scan_Based_Number_Ghost_Underscore, + P_Lemma_Scan_Based_Number_Ghost_Overflow => + Lemma_Scan_Based_Number_Ghost_Overflow, + P_Lemma_Scan_Based_Number_Ghost_Step => + Lemma_Scan_Based_Number_Ghost_Step, + P_Raw_Unsigned_Last_Ghost => Raw_Unsigned_Last_Ghost, + P_Only_Decimal_Ghost => Only_Decimal_Ghost, + P_Scan_Based_Number_Ghost => Scan_Based_Number_Ghost, + P_Is_Unsigned_Ghost => + Is_Unsigned_Ghost, + P_Is_Value_Unsigned_Ghost => + Is_Value_Unsigned_Ghost, + P_Prove_Scan_Only_Decimal_Ghost => + Prove_Scan_Only_Decimal_Ghost, + P_Prove_Scan_Based_Number_Ghost_Eq => + Prove_Scan_Based_Number_Ghost_Eq); + +private + + ---------------- + -- Slide_To_1 -- + ---------------- + + function Slide_To_1 (Str : String) return String is + (declare + Res : constant String (1 .. Str'Length) := Str; + begin + Res); + +end System.Value_U_Spec; diff --git a/gcc/ada/libgnat/s-widthu.adb b/gcc/ada/libgnat/s-widthu.adb index 390942c..df5f224 100644 --- a/gcc/ada/libgnat/s-widthu.adb +++ b/gcc/ada/libgnat/s-widthu.adb @@ -73,6 +73,14 @@ package body System.Width_U is Ghost, Post => X / Y / Z = X / (Y * Z); + procedure Lemma_Euclidian (V, Q, F, R : Big_Integer) + with + Ghost, + Pre => F > 0 and then Q = V / F and then R = V rem F, + Post => V = Q * F + R; + -- Ghost lemma to prove the relation between the quotient/remainder of + -- division by F and the value V. + ---------------------- -- Lemma_Lower_Mult -- ---------------------- @@ -104,6 +112,12 @@ package body System.Width_U is pragma Assert (X / YZ = XYZ + R / YZ); end Lemma_Div_Twice; + --------------------- + -- Lemma_Euclidian -- + --------------------- + + procedure Lemma_Euclidian (V, Q, F, R : Big_Integer) is null; + -- Local variables W : Natural; @@ -152,7 +166,7 @@ package body System.Width_U is R : constant Big_Integer := Big (T_Init) rem F with Ghost; begin pragma Assert (Q < Big_10); - pragma Assert (Big (T_Init) = Q * F + R); + Lemma_Euclidian (Big (T_Init), Q, F, R); Lemma_Lower_Mult (Q, Big (9), F); pragma Assert (Big (T_Init) <= Big (9) * F + F - 1); pragma Assert (Big (T_Init) < Big_10 * F); diff --git a/gcc/ada/opt.ads b/gcc/ada/opt.ads index 0490895..19a8b41 100644 --- a/gcc/ada/opt.ads +++ b/gcc/ada/opt.ads @@ -267,6 +267,10 @@ package Opt is -- Set to True to detect whether subprogram parameters and function results -- alias the same object(s). + Check_Elaboration_Flags : Boolean := True; + -- GNATBIND + -- Set to False if switch -k is set. + Check_Float_Overflow : Boolean := False; -- GNAT -- Set to True to check that operations on predefined unconstrained float diff --git a/gcc/ada/par-ch4.adb b/gcc/ada/par-ch4.adb index 4ab4dcb..9a00d7b 100644 --- a/gcc/ada/par-ch4.adb +++ b/gcc/ada/par-ch4.adb @@ -3554,7 +3554,6 @@ package body Ch4 is when Tok_Of => Restore_Scan_State (State); Scan; -- past OF - Set_Defining_Identifier (Assoc_Node, Id); Iter_Spec := P_Iterator_Specification (Id); Set_Iterator_Specification (Assoc_Node, Iter_Spec); diff --git a/gcc/ada/par-ch5.adb b/gcc/ada/par-ch5.adb index 3835588..1be3ef8 100644 --- a/gcc/ada/par-ch5.adb +++ b/gcc/ada/par-ch5.adb @@ -242,8 +242,8 @@ package body Ch5 is -- In Ada 2022, we allow declarative items to be mixed with -- statements. The loop below alternates between calling - -- P_Declarative_Items to parse zero or more declarative items, and - -- parsing a statement. + -- P_Declarative_Items to parse zero or more declarative items, + -- and parsing a statement. loop Ignore (Tok_Semicolon); @@ -255,26 +255,17 @@ package body Ch5 is (Statement_List, Declare_Expression => False, In_Spec => False, In_Statements => True); - -- Use the length of the list to determine whether we parsed any - -- declarative items. If so, it's an error pre-2022. ???We should - -- be calling Error_Msg_Ada_2022_Feature below, to advertise the - -- new feature, but that causes a lot of test diffs, so for now, - -- we mimic the old "...before begin" message. + -- Use the length of the list to determine whether we parsed + -- any declarative items. If so, it's an error unless language + -- extensions are enabled. if List_Length (Statement_List) > Num_Statements then if All_Errors_Mode or else No (Decl_Loc) then Decl_Loc := Sloc (Pick (Statement_List, Num_Statements + 1)); - if False then - Error_Msg_Ada_2022_Feature - ("declarations mixed with statements", - Sloc (Pick (Statement_List, Num_Statements + 1))); - else - if Ada_Version < Ada_2022 then - Error_Msg - ("declarations must come before BEGIN", Decl_Loc); - end if; - end if; + Error_Msg_GNAT_Extension + ("declarations mixed with statements", + Sloc (Pick (Statement_List, Num_Statements + 1))); end if; end if; end; diff --git a/gcc/ada/sem_aggr.adb b/gcc/ada/sem_aggr.adb index 2cd8807..258e4ad 100644 --- a/gcc/ada/sem_aggr.adb +++ b/gcc/ada/sem_aggr.adb @@ -404,10 +404,6 @@ package body Sem_Aggr is -- The bounds of the aggregate itype are cooked up to look reasonable -- (in this particular case the bounds will be 1 .. 2). - function Is_Null_Aggregate (N : Node_Id) return Boolean; - -- Returns True for a "[]" aggregate (an Ada 2022 feature), even after - -- it has been transformed by expansion. Returns False otherwise. - procedure Make_String_Into_Aggregate (N : Node_Id); -- A string literal can appear in a context in which a one dimensional -- array of characters is expected. This procedure simply rewrites the @@ -419,9 +415,6 @@ package body Sem_Aggr is -- is constrained). If the subtype is unconstrained, then the bounds -- are determined in much the same way as the bounds for a null string -- literal with no applicable index constraint. - -- Emit a check that the bounds for each dimension define a null - -- range; no check is emitted if it is statically known that the - -- check would succeed. --------------------------------- -- Delta aggregate processing -- @@ -567,7 +560,29 @@ package body Sem_Aggr is end if; Set_Parent (Index_Constraints, N); - Collect_Aggr_Bounds (N, 1); + + -- When resolving a null aggregate we created a list of aggregate bounds + -- for the consecutive dimensions. The bounds for the first dimension + -- are attached as the Aggregate_Bounds of the aggregate node. + + if Is_Null_Aggregate (N) then + declare + This_Range : Node_Id := Aggregate_Bounds (N); + begin + for J in 1 .. Aggr_Dimension loop + Aggr_Range (J) := This_Range; + Next_Index (This_Range); + + -- Remove bounds from the list, so they can be reattached as + -- the First_Index/Next_Index again by the code that also + -- handles non-null aggregates. + + Remove (Aggr_Range (J)); + end loop; + end; + else + Collect_Aggr_Bounds (N, 1); + end if; -- Build the list of constrained indexes of our aggregate itype @@ -1203,9 +1218,6 @@ package body Sem_Aggr is Aggr_Subtyp := Any_Composite; - elsif Is_Null_Aggr then - Aggr_Subtyp := Etype (N); - else Aggr_Subtyp := Array_Aggr_Subtype (N, Typ); end if; @@ -1742,17 +1754,15 @@ package body Sem_Aggr is Loc : constant Source_Ptr := Sloc (N); Id : constant Entity_Id := Defining_Identifier (N); - Id_Typ : Entity_Id := Any_Type; - ----------------------- -- Remove_References -- ----------------------- - function Remove_Ref (N : Node_Id) return Traverse_Result; - -- Remove references to the entity Id after analysis, so it can be + function Remove_Reference (N : Node_Id) return Traverse_Result; + -- Remove reference to the entity Id after analysis, so it can be -- properly reanalyzed after construct is expanded into a loop. - function Remove_Ref (N : Node_Id) return Traverse_Result is + function Remove_Reference (N : Node_Id) return Traverse_Result is begin if Nkind (N) = N_Identifier and then Present (Entity (N)) @@ -1763,15 +1773,15 @@ package body Sem_Aggr is end if; Set_Analyzed (N, False); return OK; - end Remove_Ref; + end Remove_Reference; - procedure Remove_References is new Traverse_Proc (Remove_Ref); + procedure Remove_References is new Traverse_Proc (Remove_Reference); -- Local variables Choice : Node_Id; Dummy : Boolean; - Ent : Entity_Id; + Scop : Entity_Id; Expr : Node_Id; -- Start of processing for Resolve_Iterated_Component_Association @@ -1779,37 +1789,29 @@ package body Sem_Aggr is begin Error_Msg_Ada_2022_Feature ("iterated component", Loc); - if Present (Iterator_Specification (N)) then - Analyze (Name (Iterator_Specification (N))); + -- Create a scope in which to introduce an index, to make it visible + -- for the analysis of component expression. - -- We assume that the domain of iteration cannot be overloaded. + Scop := New_Internal_Entity (E_Loop, Current_Scope, Loc, 'L'); + Set_Etype (Scop, Standard_Void_Type); + Set_Parent (Scop, Parent (N)); + Push_Scope (Scop); - declare - Domain : constant Node_Id := Name (Iterator_Specification (N)); - D_Type : constant Entity_Id := Etype (Domain); - Elt : Entity_Id; - begin - if Is_Array_Type (D_Type) then - Id_Typ := Component_Type (D_Type); + -- If there is iterator specification, then its preanalysis will make + -- the index visible. - else - if Has_Aspect (D_Type, Aspect_Iterable) then - Elt := - Get_Iterable_Type_Primitive (D_Type, Name_Element); - if No (Elt) then - Error_Msg_N - ("missing Element primitive for iteration", Domain); - else - Id_Typ := Etype (Elt); - end if; - else - Error_Msg_N ("cannot iterate over", Domain); - end if; - end if; - end; + if Present (Iterator_Specification (N)) then + Preanalyze (Iterator_Specification (N)); + + -- Otherwise, analyze discrete choices and make the index visible else - Id_Typ := Index_Typ; + -- Insert index name into current scope but don't decorate it yet, + -- so that a premature usage of this name in discrete choices will + -- be nicely diagnosed. + + Enter_Name (Id); + Choice := First (Discrete_Choices (N)); while Present (Choice) loop @@ -1835,25 +1837,13 @@ package body Sem_Aggr is Next (Choice); end loop; - end if; - - -- Create a scope in which to introduce an index, which is usually - -- visible in the expression for the component, and needed for its - -- analysis. - - Ent := New_Internal_Entity (E_Loop, Current_Scope, Loc, 'L'); - Set_Etype (Ent, Standard_Void_Type); - Set_Parent (Ent, Parent (N)); - Push_Scope (Ent); - -- Insert and decorate the index variable in the current scope. - -- The expression has to be analyzed once the index variable is - -- directly visible. + -- Decorate the index variable - Enter_Name (Id); - Set_Etype (Id, Id_Typ); - Mutate_Ekind (Id, E_Variable); - Set_Scope (Id, Ent); + Set_Etype (Id, Index_Typ); + Mutate_Ekind (Id, E_Variable); + Set_Scope (Id, Scop); + end if; -- Analyze expression without expansion, to verify legality. -- When generating code, we then remove references to the index @@ -1926,7 +1916,7 @@ package body Sem_Aggr is and then No (Component_Associations (N)) and then not Null_Record_Present (N) then - return False; + return Failure; end if; -- Disable the warning for GNAT Mode to allow for easier transition. @@ -1966,7 +1956,7 @@ package body Sem_Aggr is Error_Msg_N ("mixed iterated component association" & " (RM 4.3.3 (17.1/5))", Assoc); - return False; + return Failure; end if; Next (Assoc); @@ -1985,7 +1975,7 @@ package body Sem_Aggr is Error_Msg_N ("mixed iterated component association" & " (RM 4.3.3 (17.1/5))", Assoc); - return False; + return Failure; end if; Next (Assoc); @@ -3075,7 +3065,8 @@ package body Sem_Aggr is elsif Present (Iterator_Specification (Comp)) then Copy := Copy_Separate_Tree (Iterator_Specification (Comp)); - Id_Name := Chars (Defining_Identifier (Comp)); + Id_Name := + Chars (Defining_Identifier (Iterator_Specification (Comp))); Analyze (Copy); Typ := Etype (Defining_Identifier (Copy)); @@ -3203,7 +3194,7 @@ package body Sem_Aggr is end if; end; - elsif Present (Add_Named_Subp) then + elsif Present (Add_Named_Subp) then declare -- Retrieves types of container, key, and element from the -- specified insertion procedure. @@ -4104,14 +4095,16 @@ package body Sem_Aggr is Loc : constant Source_Ptr := Sloc (N); Typ : constant Entity_Id := Etype (N); - Check : Node_Id; - Decl : Node_Id; Index : Node_Id; Lo, Hi : Node_Id; Constr : constant List_Id := New_List; - Subt : constant Entity_Id := Make_Temporary (Loc, 'S'); begin + -- Attach the list of constraints at the location of the aggregate, so + -- the individual constraints can be analyzed. + + Set_Parent (Constr, N); + -- Create a constrained subtype with null dimensions Index := First_Index (Typ); @@ -4126,40 +4119,14 @@ package body Sem_Aggr is Attribute_Name => Name_Pred, Expressions => New_List (New_Copy_Tree (Lo))); - -- Check that high bound (i.e., low bound predecessor) exists. - -- Fail if low bound is low bound of base subtype (in all cases, - -- including modular). - - Check := - Make_If_Statement (Loc, - Condition => - Make_Op_Le (Loc, New_Copy_Tree (Lo), New_Copy_Tree (Hi)), - Then_Statements => - New_List (Make_Raise_Constraint_Error - (Loc, Reason => CE_Range_Check_Failed))); - - Insert_Action (N, Check); - - Append (Make_Range (Loc, Lo, Hi), Constr); + Append (Make_Range (Loc, New_Copy_Tree (Lo), Hi), Constr); + Analyze_And_Resolve (Last (Constr), Etype (Index)); Index := Next_Index (Index); end loop; - Decl := Make_Subtype_Declaration (Loc, - Defining_Identifier => Subt, - Subtype_Indication => - Make_Subtype_Indication (Loc, - Subtype_Mark => - New_Occurrence_Of (Base_Type (Typ), Loc), - Constraint => - Make_Index_Or_Discriminant_Constraint (Loc, Constr))); - - Insert_Action (N, Decl); - Set_Is_Internal (Subt); - Analyze (Decl); - Set_Etype (N, Subt); Set_Compile_Time_Known_Aggregate (N); - Set_Aggregate_Bounds (N, New_Copy_Tree (First_Index (Etype (N)))); + Set_Aggregate_Bounds (N, First (Constr)); return True; end Resolve_Null_Array_Aggregate; @@ -5067,9 +5034,7 @@ package body Sem_Aggr is -- OTHERS cannot be used. -- Positional and named associations cannot be mixed. - if Present (Component_Associations (N)) - and then Present (First (Component_Associations (N))) - then + if Present (Component_Associations (N)) then declare Assoc : Node_Id; diff --git a/gcc/ada/sem_aggr.ads b/gcc/ada/sem_aggr.ads index 75af8f7..0d305a8 100644 --- a/gcc/ada/sem_aggr.ads +++ b/gcc/ada/sem_aggr.ads @@ -43,6 +43,10 @@ package Sem_Aggr is -- WARNING: There is a matching C declaration of this subprogram in fe.h + function Is_Null_Aggregate (N : Node_Id) return Boolean; + -- Returns True for a "[]" aggregate (an Ada 2022 feature), even after + -- it has been transformed by expansion. Returns False otherwise. + function Is_Null_Array_Aggregate_High_Bound (N : Node_Id) return Boolean; -- Returns True for the high bound of a null array aggregate. diff --git a/gcc/ada/sem_ch13.adb b/gcc/ada/sem_ch13.adb index a64a3cd..4d1644b 100644 --- a/gcc/ada/sem_ch13.adb +++ b/gcc/ada/sem_ch13.adb @@ -944,29 +944,6 @@ package body Sem_Ch13 is -- aspect node N for the given type (entity) of the aspect does not -- appear too late according to the rules in RM 13.1(9) and 13.1(10). - procedure Inherit_Delayed_Rep_Aspects (ASN : Node_Id); - -- As discussed in the spec of Aspects (see Aspect_Delay declaration), - -- a derived type can inherit aspects from its parent which have been - -- specified at the time of the derivation using an aspect, as in: - -- - -- type A is range 1 .. 10 - -- with Size => Not_Defined_Yet; - -- .. - -- type B is new A; - -- .. - -- Not_Defined_Yet : constant := 64; - -- - -- In this example, the Size of A is considered to be specified prior - -- to the derivation, and thus inherited, even though the value is not - -- known at the time of derivation. To deal with this, we use two entity - -- flags. The flag Has_Derived_Rep_Aspects is set in the parent type (A - -- here), and then the flag May_Inherit_Delayed_Rep_Aspects is set in - -- the derived type (B here). If this flag is set when the derived type - -- is frozen, then this procedure is called to ensure proper inheritance - -- of all delayed aspects from the parent type. The derived type is E, - -- the argument to Analyze_Aspects_At_Freeze_Point. ASN is the first - -- aspect specification node in the Rep_Item chain for the parent type. - procedure Make_Pragma_From_Boolean_Aspect (ASN : Node_Id); -- Given an aspect specification node ASN whose expression is an -- optional Boolean, this routines creates the corresponding pragma @@ -1084,199 +1061,6 @@ package body Sem_Ch13 is end if; end Check_Aspect_Too_Late; - --------------------------------- - -- Inherit_Delayed_Rep_Aspects -- - --------------------------------- - - procedure Inherit_Delayed_Rep_Aspects (ASN : Node_Id) is - A_Id : constant Aspect_Id := Get_Aspect_Id (ASN); - P : constant Entity_Id := Entity (ASN); - -- Entity for parent type - - N : Node_Id; - -- Item from Rep_Item chain - - A : Aspect_Id; - - begin - -- Loop through delayed aspects for the parent type - - N := ASN; - while Present (N) loop - if Nkind (N) = N_Aspect_Specification then - exit when Entity (N) /= P; - - if Is_Delayed_Aspect (N) then - A := Get_Aspect_Id (Chars (Identifier (N))); - - -- Process delayed rep aspect. For Boolean attributes it is - -- not possible to cancel an attribute once set (the attempt - -- to use an aspect with xxx => False is an error) for a - -- derived type. So for those cases, we do not have to check - -- if a clause has been given for the derived type, since it - -- is harmless to set it again if it is already set. - - case A is - - -- Alignment - - when Aspect_Alignment => - if not Has_Alignment_Clause (E) then - Set_Alignment (E, Alignment (P)); - end if; - - -- Atomic - - when Aspect_Atomic => - if Is_Atomic (P) then - Set_Is_Atomic (E); - end if; - - -- Atomic_Components - - when Aspect_Atomic_Components => - if Has_Atomic_Components (P) then - Set_Has_Atomic_Components (Base_Type (E)); - end if; - - -- Bit_Order - - when Aspect_Bit_Order => - if Is_Record_Type (E) - and then No (Get_Attribute_Definition_Clause - (E, Attribute_Bit_Order)) - and then Reverse_Bit_Order (P) - then - Set_Reverse_Bit_Order (Base_Type (E)); - end if; - - -- Component_Size - - when Aspect_Component_Size => - if Is_Array_Type (E) - and then not Has_Component_Size_Clause (E) - then - Set_Component_Size - (Base_Type (E), Component_Size (P)); - end if; - - -- Machine_Radix - - when Aspect_Machine_Radix => - if Is_Decimal_Fixed_Point_Type (E) - and then not Has_Machine_Radix_Clause (E) - then - Set_Machine_Radix_10 (E, Machine_Radix_10 (P)); - end if; - - -- Object_Size (also Size which also sets Object_Size) - - when Aspect_Object_Size - | Aspect_Size - => - if not Has_Size_Clause (E) - and then - No (Get_Attribute_Definition_Clause - (E, Attribute_Object_Size)) - then - Set_Esize (E, Esize (P)); - end if; - - -- Pack - - when Aspect_Pack => - if not Is_Packed (E) then - Set_Is_Packed (Base_Type (E)); - - if Is_Bit_Packed_Array (P) then - Set_Is_Bit_Packed_Array (Base_Type (E)); - Set_Packed_Array_Impl_Type - (E, Packed_Array_Impl_Type (P)); - end if; - end if; - - -- Scalar_Storage_Order - - when Aspect_Scalar_Storage_Order => - if (Is_Record_Type (E) or else Is_Array_Type (E)) - and then No (Get_Attribute_Definition_Clause - (E, Attribute_Scalar_Storage_Order)) - and then Reverse_Storage_Order (P) - then - Set_Reverse_Storage_Order (Base_Type (E)); - - -- Clear default SSO indications, since the aspect - -- overrides the default. - - Set_SSO_Set_Low_By_Default (Base_Type (E), False); - Set_SSO_Set_High_By_Default (Base_Type (E), False); - end if; - - -- Small - - when Aspect_Small => - if Is_Fixed_Point_Type (E) - and then not Has_Small_Clause (E) - then - Set_Small_Value (E, Small_Value (P)); - end if; - - -- Storage_Size - - when Aspect_Storage_Size => - if (Is_Access_Type (E) or else Is_Task_Type (E)) - and then not Has_Storage_Size_Clause (E) - then - Set_Storage_Size_Variable - (Base_Type (E), Storage_Size_Variable (P)); - end if; - - -- Value_Size - - when Aspect_Value_Size => - - -- Value_Size is never inherited, it is either set by - -- default, or it is explicitly set for the derived - -- type. So nothing to do here. - - null; - - -- Volatile - - when Aspect_Volatile => - if Is_Volatile (P) then - Set_Is_Volatile (E); - end if; - - -- Volatile_Full_Access (also Full_Access_Only) - - when Aspect_Volatile_Full_Access - | Aspect_Full_Access_Only - => - if Is_Volatile_Full_Access (P) then - Set_Is_Volatile_Full_Access (E); - end if; - - -- Volatile_Components - - when Aspect_Volatile_Components => - if Has_Volatile_Components (P) then - Set_Has_Volatile_Components (Base_Type (E)); - end if; - - -- That should be all the Rep Aspects - - when others => - pragma Assert (Aspect_Delay (A_Id) /= Rep_Aspect); - null; - end case; - end if; - end if; - - Next_Rep_Item (N); - end loop; - end Inherit_Delayed_Rep_Aspects; - ------------------------------------- -- Make_Pragma_From_Boolean_Aspect -- ------------------------------------- @@ -1600,15 +1384,6 @@ package body Sem_Ch13 is Next_Rep_Item (ASN); end loop; - -- This is where we inherit delayed rep aspects from our parent. Note - -- that if we fell out of the above loop with ASN non-empty, it means - -- we hit an aspect for an entity other than E, and it must be the - -- type from which we were derived. - - if May_Inherit_Delayed_Rep_Aspects (E) then - Inherit_Delayed_Rep_Aspects (ASN); - end if; - if In_Instance and then E /= Base_Type (E) and then Is_First_Subtype (E) @@ -13126,139 +12901,6 @@ package body Sem_Ch13 is Inside_Freezing_Actions := Inside_Freezing_Actions - 1; - -- If we have a type with predicates, build predicate function. This is - -- not needed in the generic case, nor within e.g. TSS subprograms and - -- other predefined primitives. For a derived type, ensure that the - -- parent type is already frozen so that its predicate function has been - -- constructed already. This is necessary if the parent is declared - -- in a nested package and its own freeze point has not been reached. - - if Is_Type (E) - and then Nongeneric_Case - and then Has_Predicates (E) - and then Predicate_Check_In_Scope (N) - then - declare - Atyp : constant Entity_Id := Nearest_Ancestor (E); - begin - if Present (Atyp) - and then Has_Predicates (Atyp) - and then not Is_Frozen (Atyp) - then - Freeze_Before (N, Atyp); - end if; - end; - - -- Before we build a predicate function, ensure that discriminant - -- checking functions are available. The predicate function might - -- need to call these functions if the predicate references - -- any components declared in a variant part. - if Ekind (E) = E_Record_Type and then Has_Discriminants (E) then - Build_Or_Copy_Discr_Checking_Funcs (Parent (E)); - end if; - - Build_Predicate_Function (E, N); - end if; - - -- If type has delayed aspects, this is where we do the preanalysis at - -- the freeze point, as part of the consistent visibility check. Note - -- that this must be done after calling Build_Predicate_Function or - -- Build_Invariant_Procedure since these subprograms fix occurrences of - -- the subtype name in the saved expression so that they will not cause - -- trouble in the preanalysis. - - -- This is also not needed in the generic case - - if Nongeneric_Case - and then Has_Delayed_Aspects (E) - and then Scope (E) = Current_Scope - then - declare - Ritem : Node_Id; - - begin - -- Look for aspect specification entries for this entity - - Ritem := First_Rep_Item (E); - while Present (Ritem) loop - if Nkind (Ritem) = N_Aspect_Specification - and then Entity (Ritem) = E - and then Is_Delayed_Aspect (Ritem) - then - if Get_Aspect_Id (Ritem) in Aspect_CPU - | Aspect_Dynamic_Predicate - | Aspect_Predicate - | Aspect_Static_Predicate - | Aspect_Priority - then - -- Retrieve the visibility to components and discriminants - -- in order to properly analyze the aspects. - - Push_Type (E); - Check_Aspect_At_Freeze_Point (Ritem); - - -- In the case of predicate aspects, there will be - -- a corresponding Predicate pragma associated with - -- the aspect, and the expression of the pragma also - -- needs to be analyzed at this point, to ensure that - -- Save_Global_References will capture global refs in - -- expressions that occur in generic bodies, for proper - -- later resolution of the pragma in instantiations. - - if Is_Type (E) - and then Inside_A_Generic - and then Has_Predicates (E) - and then Present (Aspect_Rep_Item (Ritem)) - then - declare - Pragma_Args : constant List_Id := - Pragma_Argument_Associations - (Aspect_Rep_Item (Ritem)); - Pragma_Expr : constant Node_Id := - Expression (Next (First (Pragma_Args))); - begin - if Present (Pragma_Expr) then - Analyze_And_Resolve - (Pragma_Expr, Standard_Boolean); - end if; - end; - end if; - - Pop_Type (E); - - else - Check_Aspect_At_Freeze_Point (Ritem); - end if; - - -- A pragma Predicate should be checked like one of the - -- corresponding aspects, wrt possible misuse of ghost - -- entities. - - elsif Nkind (Ritem) = N_Pragma - and then No (Corresponding_Aspect (Ritem)) - and then - Get_Pragma_Id (Pragma_Name (Ritem)) = Pragma_Predicate - then - -- Retrieve the visibility to components and discriminants - -- in order to properly analyze the pragma. - - declare - Arg : constant Node_Id := - Next (First (Pragma_Argument_Associations (Ritem))); - begin - Push_Type (E); - Preanalyze_Spec_Expression - (Expression (Arg), Standard_Boolean); - Pop_Type (E); - end; - end if; - - Next_Rep_Item (Ritem); - end loop; - end; - - end if; - -- For a record type, deal with variant parts. This has to be delayed to -- this point, because of the issue of statically predicated subtypes, -- which we have to ensure are frozen before checking choices, since we @@ -13424,6 +13066,140 @@ package body Sem_Ch13 is end Check_Variant_Part; end if; + -- If we have a type with predicates, build predicate function. This is + -- not needed in the generic case, nor within e.g. TSS subprograms and + -- other predefined primitives. For a derived type, ensure that the + -- parent type is already frozen so that its predicate function has been + -- constructed already. This is necessary if the parent is declared + -- in a nested package and its own freeze point has not been reached. + + if Is_Type (E) + and then Nongeneric_Case + and then Has_Predicates (E) + and then Predicate_Check_In_Scope (N) + then + declare + Atyp : constant Entity_Id := Nearest_Ancestor (E); + + begin + if Present (Atyp) + and then Has_Predicates (Atyp) + and then not Is_Frozen (Atyp) + then + Freeze_Before (N, Atyp); + end if; + end; + + -- Before we build a predicate function, ensure that discriminant + -- checking functions are available. The predicate function might + -- need to call these functions if the predicate references any + -- components declared in a variant part. + + if Ekind (E) = E_Record_Type and then Has_Discriminants (E) then + Build_Or_Copy_Discr_Checking_Funcs (Parent (E)); + end if; + + Build_Predicate_Function (E, N); + end if; + + -- If type has delayed aspects, this is where we do the preanalysis at + -- the freeze point, as part of the consistent visibility check. Note + -- that this must be done after calling Build_Predicate_Function or + -- Build_Invariant_Procedure since these subprograms fix occurrences of + -- the subtype name in the saved expression so that they will not cause + -- trouble in the preanalysis. + + -- This is also not needed in the generic case + + if Nongeneric_Case + and then Has_Delayed_Aspects (E) + and then Scope (E) = Current_Scope + then + declare + Ritem : Node_Id; + + begin + -- Look for aspect specification entries for this entity + + Ritem := First_Rep_Item (E); + while Present (Ritem) loop + if Nkind (Ritem) = N_Aspect_Specification + and then Entity (Ritem) = E + and then Is_Delayed_Aspect (Ritem) + then + if Get_Aspect_Id (Ritem) in Aspect_CPU + | Aspect_Dynamic_Predicate + | Aspect_Predicate + | Aspect_Static_Predicate + | Aspect_Priority + then + -- Retrieve the visibility to components and discriminants + -- in order to properly analyze the aspects. + + Push_Type (E); + Check_Aspect_At_Freeze_Point (Ritem); + + -- In the case of predicate aspects, there will be + -- a corresponding Predicate pragma associated with + -- the aspect, and the expression of the pragma also + -- needs to be analyzed at this point, to ensure that + -- Save_Global_References will capture global refs in + -- expressions that occur in generic bodies, for proper + -- later resolution of the pragma in instantiations. + + if Is_Type (E) + and then Inside_A_Generic + and then Has_Predicates (E) + and then Present (Aspect_Rep_Item (Ritem)) + then + declare + Pragma_Args : constant List_Id := + Pragma_Argument_Associations + (Aspect_Rep_Item (Ritem)); + Pragma_Expr : constant Node_Id := + Expression (Next (First (Pragma_Args))); + begin + if Present (Pragma_Expr) then + Analyze_And_Resolve + (Pragma_Expr, Standard_Boolean); + end if; + end; + end if; + + Pop_Type (E); + + else + Check_Aspect_At_Freeze_Point (Ritem); + end if; + + -- A pragma Predicate should be checked like one of the + -- corresponding aspects, wrt possible misuse of ghost + -- entities. + + elsif Nkind (Ritem) = N_Pragma + and then No (Corresponding_Aspect (Ritem)) + and then + Get_Pragma_Id (Pragma_Name (Ritem)) = Pragma_Predicate + then + -- Retrieve the visibility to components and discriminants + -- in order to properly analyze the pragma. + + declare + Arg : constant Node_Id := + Next (First (Pragma_Argument_Associations (Ritem))); + begin + Push_Type (E); + Preanalyze_Spec_Expression + (Expression (Arg), Standard_Boolean); + Pop_Type (E); + end; + end if; + + Next_Rep_Item (Ritem); + end loop; + end; + end if; + if not In_Generic_Scope (E) and then Ekind (E) = E_Record_Type and then Is_Tagged_Type (E) @@ -13738,14 +13514,6 @@ package body Sem_Ch13 is -- representation aspect in the rep item chain of Typ, if any, isn't -- directly specified to Typ but to one of its parents. - -- ??? Note that, for now, just a limited number of representation - -- aspects have been inherited here so far. Many of them are - -- still inherited in Sem_Ch3. This will be fixed soon. Here is - -- a non- exhaustive list of aspects that likely also need to - -- be moved to this routine: Alignment, Component_Alignment, - -- Component_Size, Machine_Radix, Object_Size, Pack, Predicates, - -- Preelaborable_Initialization, RM_Size and Small. - -- In addition, Convention must be propagated from base type to subtype, -- because the subtype may have been declared on an incomplete view. @@ -13813,9 +13581,21 @@ package body Sem_Ch13 is and then not Has_Rep_Item (Typ, Name_Default_Component_Value, False) and then Has_Rep_Item (Typ, Name_Default_Component_Value) then - Set_Default_Aspect_Component_Value (Typ, - Default_Aspect_Component_Value - (Entity (Get_Rep_Item (Typ, Name_Default_Component_Value)))); + declare + E : Entity_Id; + + begin + E := Entity (Get_Rep_Item (Typ, Name_Default_Component_Value)); + + -- Deal with private types + + if Is_Private_Type (E) then + E := Full_View (E); + end if; + + Set_Default_Aspect_Component_Value (Typ, + Default_Aspect_Component_Value (E)); + end; end if; -- Default_Value @@ -13826,9 +13606,21 @@ package body Sem_Ch13 is and then Has_Rep_Item (Typ, Name_Default_Value) then Set_Has_Default_Aspect (Typ); - Set_Default_Aspect_Value (Typ, - Default_Aspect_Value - (Entity (Get_Rep_Item (Typ, Name_Default_Value)))); + + declare + E : Entity_Id; + + begin + E := Entity (Get_Rep_Item (Typ, Name_Default_Value)); + + -- Deal with private types + + if Is_Private_Type (E) then + E := Full_View (E); + end if; + + Set_Default_Aspect_Value (Typ, Default_Aspect_Value (E)); + end; end if; -- Discard_Names @@ -13956,6 +13748,209 @@ package body Sem_Ch13 is end if; end Inherit_Aspects_At_Freeze_Point; + --------------------------------- + -- Inherit_Delayed_Rep_Aspects -- + --------------------------------- + + procedure Inherit_Delayed_Rep_Aspects (Typ : Entity_Id) is + A : Aspect_Id; + N : Node_Id; + P : Entity_Id; + + begin + -- Find the first aspect that has been inherited + + N := First_Rep_Item (Typ); + while Present (N) loop + if Nkind (N) = N_Aspect_Specification then + exit when Entity (N) /= Typ; + end if; + + Next_Rep_Item (N); + end loop; + + -- There must be one if we reach here + + pragma Assert (Present (N)); + P := Entity (N); + + -- Loop through delayed aspects for the parent type + + while Present (N) loop + if Nkind (N) = N_Aspect_Specification then + exit when Entity (N) /= P; + + if Is_Delayed_Aspect (N) then + A := Get_Aspect_Id (N); + + -- Process delayed rep aspect. For Boolean attributes it is + -- not possible to cancel an attribute once set (the attempt + -- to use an aspect with xxx => False is an error) for a + -- derived type. So for those cases, we do not have to check + -- if a clause has been given for the derived type, since it + -- is harmless to set it again if it is already set. + + case A is + + -- Alignment + + when Aspect_Alignment => + if not Has_Alignment_Clause (Typ) then + Set_Alignment (Typ, Alignment (P)); + end if; + + -- Atomic + + when Aspect_Atomic => + if Is_Atomic (P) then + Set_Is_Atomic (Typ); + end if; + + -- Atomic_Components + + when Aspect_Atomic_Components => + if Has_Atomic_Components (P) then + Set_Has_Atomic_Components (Base_Type (Typ)); + end if; + + -- Bit_Order + + when Aspect_Bit_Order => + if Is_Record_Type (Typ) + and then No (Get_Attribute_Definition_Clause + (Typ, Attribute_Bit_Order)) + and then Reverse_Bit_Order (P) + then + Set_Reverse_Bit_Order (Base_Type (Typ)); + end if; + + -- Component_Size + + when Aspect_Component_Size => + if Is_Array_Type (Typ) + and then not Has_Component_Size_Clause (Typ) + then + Set_Component_Size + (Base_Type (Typ), Component_Size (P)); + end if; + + -- Machine_Radix + + when Aspect_Machine_Radix => + if Is_Decimal_Fixed_Point_Type (Typ) + and then not Has_Machine_Radix_Clause (Typ) + then + Set_Machine_Radix_10 (Typ, Machine_Radix_10 (P)); + end if; + + -- Object_Size (also Size which also sets Object_Size) + + when Aspect_Object_Size + | Aspect_Size + => + if not Has_Size_Clause (Typ) + and then + No (Get_Attribute_Definition_Clause + (Typ, Attribute_Object_Size)) + then + Set_Esize (Typ, Esize (P)); + end if; + + -- Pack + + when Aspect_Pack => + if not Is_Packed (Typ) then + Set_Is_Packed (Base_Type (Typ)); + + if Is_Bit_Packed_Array (P) then + Set_Is_Bit_Packed_Array (Base_Type (Typ)); + Set_Packed_Array_Impl_Type + (Typ, Packed_Array_Impl_Type (P)); + end if; + end if; + + -- Scalar_Storage_Order + + when Aspect_Scalar_Storage_Order => + if (Is_Record_Type (Typ) or else Is_Array_Type (Typ)) + and then No (Get_Attribute_Definition_Clause + (Typ, Attribute_Scalar_Storage_Order)) + and then Reverse_Storage_Order (P) + then + Set_Reverse_Storage_Order (Base_Type (Typ)); + + -- Clear default SSO indications, since the aspect + -- overrides the default. + + Set_SSO_Set_Low_By_Default (Base_Type (Typ), False); + Set_SSO_Set_High_By_Default (Base_Type (Typ), False); + end if; + + -- Small + + when Aspect_Small => + if Is_Fixed_Point_Type (Typ) + and then not Has_Small_Clause (Typ) + then + Set_Small_Value (Typ, Small_Value (P)); + end if; + + -- Storage_Size + + when Aspect_Storage_Size => + if (Is_Access_Type (Typ) or else Is_Task_Type (Typ)) + and then not Has_Storage_Size_Clause (Typ) + then + Set_Storage_Size_Variable + (Base_Type (Typ), Storage_Size_Variable (P)); + end if; + + -- Value_Size + + when Aspect_Value_Size => + + -- Value_Size is never inherited, it is either set by + -- default, or it is explicitly set for the derived + -- type. So nothing to do here. + + null; + + -- Volatile + + when Aspect_Volatile => + if Is_Volatile (P) then + Set_Is_Volatile (Typ); + end if; + + -- Volatile_Full_Access (also Full_Access_Only) + + when Aspect_Volatile_Full_Access + | Aspect_Full_Access_Only + => + if Is_Volatile_Full_Access (P) then + Set_Is_Volatile_Full_Access (Typ); + end if; + + -- Volatile_Components + + when Aspect_Volatile_Components => + if Has_Volatile_Components (P) then + Set_Has_Volatile_Components (Base_Type (Typ)); + end if; + + -- That should be all the Rep Aspects + + when others => + pragma Assert (Aspect_Delay (A) /= Rep_Aspect); + null; + end case; + end if; + end if; + + Next_Rep_Item (N); + end loop; + end Inherit_Delayed_Rep_Aspects; + ---------------- -- Initialize -- ---------------- @@ -17731,7 +17726,9 @@ package body Sem_Ch13 is begin -- Skip if function marked as warnings off - if Warnings_Off (Act_Unit) or else Serious_Errors_Detected > 0 then + if Has_Warnings_Off (Act_Unit) + or else Serious_Errors_Detected > 0 + then goto Continue; end if; diff --git a/gcc/ada/sem_ch13.ads b/gcc/ada/sem_ch13.ads index e0d84c9..1405f89 100644 --- a/gcc/ada/sem_ch13.ads +++ b/gcc/ada/sem_ch13.ads @@ -324,6 +324,36 @@ package Sem_Ch13 is -- Given an entity Typ that denotes a derived type or a subtype, this -- routine performs the inheritance of aspects at the freeze point. + -- ??? Note that, for now, just a limited number of representation aspects + -- have been inherited here so far. Many of them are still inherited in + -- Sem_Ch3 and need to be dealt with. Here is a non-exhaustive list of + -- aspects that likely also need to be moved to this routine: Alignment, + -- Component_Alignment, Component_Size, Machine_Radix, Object_Size, Pack, + -- Predicates, Preelaborable_Initialization, Size and Small. + + procedure Inherit_Delayed_Rep_Aspects (Typ : Entity_Id); + -- As discussed in the spec of Aspects (see Aspect_Delay declaration), + -- a derived type can inherit aspects from its parent which have been + -- specified at the time of the derivation using an aspect, as in: + -- + -- type A is range 1 .. 10 + -- with Size => Not_Defined_Yet; + -- .. + -- type B is new A; + -- .. + -- Not_Defined_Yet : constant := 64; + -- + -- In this example, the Size of A is considered to be specified prior + -- to the derivation, and thus inherited, even though the value is not + -- known at the time of derivation. To deal with this, we use two entity + -- flags. The flag Has_Derived_Rep_Aspects is set in the parent type (A + -- here), and then the flag May_Inherit_Delayed_Rep_Aspects is set in + -- the derived type (B here). If this flag is set when the derived type + -- is frozen, then this procedure is called to ensure proper inheritance + -- of all delayed aspects from the parent type. + + -- ??? Obviously we ought not to have two mechanisms to do the same thing + procedure Resolve_Aspect_Expressions (E : Entity_Id); -- Name resolution of an aspect expression happens at the end of the -- current declarative part or at the freeze point for the entity, diff --git a/gcc/ada/sem_ch3.adb b/gcc/ada/sem_ch3.adb index 790d1d1..00c2e67 100644 --- a/gcc/ada/sem_ch3.adb +++ b/gcc/ada/sem_ch3.adb @@ -4770,20 +4770,13 @@ package body Sem_Ch3 is if not Is_Entity_Name (Object_Definition (N)) then Act_T := Etype (E); Check_Compile_Time_Size (Act_T); - - if Aliased_Present (N) then - Set_Is_Constr_Subt_For_UN_Aliased (Act_T); - end if; end if; -- When the given object definition and the aggregate are specified -- independently, and their lengths might differ do a length check. -- This cannot happen if the aggregate is of the form (others =>...) - if not Is_Constrained (T) then - null; - - elsif Nkind (E) = N_Raise_Constraint_Error then + if Nkind (E) = N_Raise_Constraint_Error then -- Aggregate is statically illegal. Place back in declaration @@ -7419,12 +7412,13 @@ package body Sem_Ch3 is Analyze (High_Bound (Range_Expression (Constraint (Indic)))); end if; - -- Introduce an implicit base type for the derived type even if there + -- Create an implicit base type for the derived type even if there -- is no constraint attached to it, since this seems closer to the - -- Ada semantics. Build a full type declaration tree for the derived - -- type using the implicit base type as the defining identifier. Then - -- build a subtype declaration tree which applies the constraint (if - -- any) have it replace the derived type declaration. + -- Ada semantics. Use an Itype like for the implicit base type of + -- other kinds of derived type, but build a full type declaration + -- for it so as to analyze the new literals properly. Then build a + -- subtype declaration tree which applies the constraint (if any) + -- and have it replace the derived type declaration. Literal := First_Literal (Parent_Type); Literals_List := New_List; @@ -7457,8 +7451,7 @@ package body Sem_Ch3 is end loop; Implicit_Base := - Make_Defining_Identifier (Sloc (Derived_Type), - Chars => New_External_Name (Chars (Derived_Type), 'B')); + Create_Itype (E_Enumeration_Type, N, Derived_Type, 'B'); -- Indicate the proper nature of the derived type. This must be done -- before analysis of the literals, to recognize cases when a literal @@ -7471,12 +7464,12 @@ package body Sem_Ch3 is Type_Decl := Make_Full_Type_Declaration (Loc, Defining_Identifier => Implicit_Base, - Discriminant_Specifications => No_List, Type_Definition => Make_Enumeration_Type_Definition (Loc, Literals_List)); - Mark_Rewrite_Insertion (Type_Decl); - Insert_Before (N, Type_Decl); + -- Do not insert the declarationn, just analyze it in the context + + Set_Parent (Type_Decl, Parent (N)); Analyze (Type_Decl); -- The anonymous base now has a full declaration, but this base @@ -7777,35 +7770,6 @@ package body Sem_Ch3 is -- must be converted to the derived type. Convert_Scalar_Bounds (N, Parent_Type, Derived_Type, Loc); - - -- The implicit_base should be frozen when the derived type is frozen, - -- but note that it is used in the conversions of the bounds. For fixed - -- types we delay the determination of the bounds until the proper - -- freezing point. For other numeric types this is rejected by GCC, for - -- reasons that are currently unclear (???), so we choose to freeze the - -- implicit base now. In the case of integers and floating point types - -- this is harmless because subsequent representation clauses cannot - -- affect anything, but it is still baffling that we cannot use the - -- same mechanism for all derived numeric types. - - -- There is a further complication: actually some representation - -- clauses can affect the implicit base type. For example, attribute - -- definition clauses for stream-oriented attributes need to set the - -- corresponding TSS entries on the base type, and this normally - -- cannot be done after the base type is frozen, so the circuitry in - -- Sem_Ch13.New_Stream_Subprogram must account for this possibility - -- and not use Set_TSS in this case. - - -- There are also consequences for the case of delayed representation - -- aspects for some cases. For example, a Size aspect is delayed and - -- should not be evaluated to the freeze point. This early freezing - -- means that the size attribute evaluation happens too early??? - - if Is_Fixed_Point_Type (Parent_Type) then - Conditional_Delay (Implicit_Base, Parent_Type); - else - Freeze_Before (N, Implicit_Base); - end if; end Build_Derived_Numeric_Type; -------------------------------- @@ -14450,14 +14414,18 @@ package body Sem_Ch3 is begin Mutate_Ekind (Def_Id, E_Enumeration_Subtype); - Set_First_Literal (Def_Id, First_Literal (Base_Type (T))); + Set_First_Literal (Def_Id, First_Literal (Base_Type (T))); + Set_Etype (Def_Id, Base_Type (T)); + Set_Size_Info (Def_Id, (T)); + Set_Is_Character_Type (Def_Id, Is_Character_Type (T)); + Set_Scalar_Range_For_Subtype (Def_Id, Range_Expression (C), T); - Set_Etype (Def_Id, Base_Type (T)); - Set_Size_Info (Def_Id, (T)); - Set_First_Rep_Item (Def_Id, First_Rep_Item (T)); - Set_Is_Character_Type (Def_Id, Is_Character_Type (T)); + -- Inherit the chain of representation items instead of replacing it + -- because Build_Derived_Enumeration_Type rewrites the declaration of + -- the derived type as a subtype declaration and the former needs to + -- preserve existing representation items (see Build_Derived_Type). - Set_Scalar_Range_For_Subtype (Def_Id, Range_Expression (C), T); + Inherit_Rep_Item_Chain (Def_Id, T); Set_Discrete_RM_Size (Def_Id); end Constrain_Enumeration; @@ -16999,11 +16967,9 @@ package body Sem_Ch3 is Low_Bound => Lo, High_Bound => Hi)); - Conditional_Delay (Derived_Type, Parent_Type); - - Mutate_Ekind (Derived_Type, E_Enumeration_Subtype); - Set_Etype (Derived_Type, Implicit_Base); - Set_Size_Info (Derived_Type, Parent_Type); + Mutate_Ekind (Derived_Type, E_Enumeration_Subtype); + Set_Etype (Derived_Type, Implicit_Base); + Set_Size_Info (Derived_Type, Parent_Type); if not Known_RM_Size (Derived_Type) then Set_RM_Size (Derived_Type, RM_Size (Parent_Type)); @@ -17022,16 +16988,6 @@ package body Sem_Ch3 is end if; Convert_Scalar_Bounds (N, Parent_Type, Derived_Type, Loc); - - -- Because the implicit base is used in the conversion of the bounds, we - -- have to freeze it now. This is similar to what is done for numeric - -- types, and it equally suspicious, but otherwise a nonstatic bound - -- will have a reference to an unfrozen type, which is rejected by Gigi - -- (???). This requires specific care for definition of stream - -- attributes. For details, see comments at the end of - -- Build_Derived_Numeric_Type. - - Freeze_Before (N, Implicit_Base); end Derived_Standard_Character; ------------------------------ diff --git a/gcc/ada/sem_ch4.adb b/gcc/ada/sem_ch4.adb index 5497483..ed2f621 100644 --- a/gcc/ada/sem_ch4.adb +++ b/gcc/ada/sem_ch4.adb @@ -4394,9 +4394,8 @@ package body Sem_Ch4 is procedure Analyze_Quantified_Expression (N : Node_Id) is function Is_Empty_Range (Typ : Entity_Id) return Boolean; - -- If the iterator is part of a quantified expression, and the range is - -- known to be statically empty, emit a warning and replace expression - -- with its static value. Returns True if the replacement occurs. + -- Return True if the iterator is part of a quantified expression and + -- the range is known to be statically empty. function No_Else_Or_Trivial_True (If_Expr : Node_Id) return Boolean; -- Determine whether if expression If_Expr lacks an else part or if it @@ -4407,36 +4406,12 @@ package body Sem_Ch4 is -------------------- function Is_Empty_Range (Typ : Entity_Id) return Boolean is - Loc : constant Source_Ptr := Sloc (N); - begin - if Is_Array_Type (Typ) + return Is_Array_Type (Typ) and then Compile_Time_Known_Bounds (Typ) and then - (Expr_Value (Type_Low_Bound (Etype (First_Index (Typ)))) > - Expr_Value (Type_High_Bound (Etype (First_Index (Typ))))) - then - Preanalyze_And_Resolve (Condition (N), Standard_Boolean); - - if All_Present (N) then - Error_Msg_N - ("??quantified expression with ALL " - & "over a null range has value True", N); - Rewrite (N, New_Occurrence_Of (Standard_True, Loc)); - - else - Error_Msg_N - ("??quantified expression with SOME " - & "over a null range has value False", N); - Rewrite (N, New_Occurrence_Of (Standard_False, Loc)); - end if; - - Analyze (N); - return True; - - else - return False; - end if; + Expr_Value (Type_Low_Bound (Etype (First_Index (Typ)))) > + Expr_Value (Type_High_Bound (Etype (First_Index (Typ)))); end Is_Empty_Range; ----------------------------- @@ -4456,6 +4431,7 @@ package body Sem_Ch4 is -- Local variables Cond : constant Node_Id := Condition (N); + Loc : constant Source_Ptr := Sloc (N); Loop_Id : Entity_Id; QE_Scop : Entity_Id; @@ -4466,7 +4442,7 @@ package body Sem_Ch4 is -- expression. The scope is needed to provide proper visibility of the -- loop variable. - QE_Scop := New_Internal_Entity (E_Loop, Current_Scope, Sloc (N), 'L'); + QE_Scop := New_Internal_Entity (E_Loop, Current_Scope, Loc, 'L'); Set_Etype (QE_Scop, Standard_Void_Type); Set_Scope (QE_Scop, Current_Scope); Set_Parent (QE_Scop, N); @@ -4482,11 +4458,30 @@ package body Sem_Ch4 is Preanalyze (Iterator_Specification (N)); -- Do not proceed with the analysis when the range of iteration is - -- empty. The appropriate error is issued by Is_Empty_Range. + -- empty. if Is_Entity_Name (Name (Iterator_Specification (N))) and then Is_Empty_Range (Etype (Name (Iterator_Specification (N)))) then + Preanalyze_And_Resolve (Condition (N), Standard_Boolean); + End_Scope; + + -- Emit a warning and replace expression with its static value + + if All_Present (N) then + Error_Msg_N + ("??quantified expression with ALL " + & "over a null range has value True", N); + Rewrite (N, New_Occurrence_Of (Standard_True, Loc)); + + else + Error_Msg_N + ("??quantified expression with SOME " + & "over a null range has value False", N); + Rewrite (N, New_Occurrence_Of (Standard_False, Loc)); + end if; + + Analyze (N); return; end if; diff --git a/gcc/ada/sem_ch5.adb b/gcc/ada/sem_ch5.adb index e1b5722..17bf6d9 100644 --- a/gcc/ada/sem_ch5.adb +++ b/gcc/ada/sem_ch5.adb @@ -2211,7 +2211,7 @@ package body Sem_Ch5 is procedure Check_Subtype_Definition (Comp_Type : Entity_Id) is begin - if not Present (Subt) then + if No (Subt) then return; end if; @@ -2231,9 +2231,8 @@ package body Sem_Ch5 is Subt, Comp_Type); end if; - elsif Present (Subt) - and then (not Covers (Base_Type (Bas), Comp_Type) - or else not Subtypes_Statically_Match (Bas, Comp_Type)) + elsif not Covers (Base_Type (Bas), Comp_Type) + or else not Subtypes_Statically_Match (Bas, Comp_Type) then if Is_Array_Type (Typ) then Error_Msg_NE @@ -2330,7 +2329,7 @@ package body Sem_Ch5 is Decl := Make_Full_Type_Declaration (Loc, Defining_Identifier => S, - Type_Definition => + Type_Definition => New_Copy_Tree (Access_To_Subprogram_Definition (Subt))); end if; @@ -3365,9 +3364,7 @@ package body Sem_Ch5 is declare Flist : constant List_Id := Freeze_Entity (Id, N); begin - if Is_Non_Empty_List (Flist) then - Insert_Actions (N, Flist); - end if; + Insert_Actions (N, Flist); end; end if; diff --git a/gcc/ada/sem_ch6.adb b/gcc/ada/sem_ch6.adb index e4af71c..7240129 100644 --- a/gcc/ada/sem_ch6.adb +++ b/gcc/ada/sem_ch6.adb @@ -5409,14 +5409,20 @@ package body Sem_Ch6 is -- we have a special test to set X as apparently assigned to suppress -- the warning. - declare - Stm : Node_Id; + -- If X above is controlled, we need to use First_Real_Statement to skip + -- generated finalization-related code. Otherwise (First_Real_Statement + -- is Empty), we just get the first statement. + declare + Stm : Node_Id := First_Real_Statement (HSS); begin + if No (Stm) then + Stm := First (Statements (HSS)); + end if; + -- Skip call markers installed by the ABE mechanism, labels, and -- Push_xxx_Error_Label to find the first real statement. - Stm := First (Statements (HSS)); while Nkind (Stm) in N_Call_Marker | N_Label | N_Push_xxx_Label loop Next (Stm); end loop; diff --git a/gcc/ada/sem_elab.adb b/gcc/ada/sem_elab.adb index 077c988..b8e3fb6 100644 --- a/gcc/ada/sem_elab.adb +++ b/gcc/ada/sem_elab.adb @@ -3339,7 +3339,9 @@ package body Sem_Elab is Traverse_List (Else_Actions (Scen)); elsif Nkind (Scen) in - N_Component_Association | N_Iterated_Component_Association + N_Component_Association + | N_Iterated_Component_Association + | N_Iterated_Element_Association then Traverse_List (Loop_Actions (Scen)); @@ -18765,9 +18767,9 @@ package body Sem_Elab is T : constant Entity_Id := Etype (First_Formal (E)); begin if Is_Controlled (T) then - if Warnings_Off (T) + if Has_Warnings_Off (T) or else (Ekind (T) = E_Private_Type - and then Warnings_Off (Full_View (T))) + and then Has_Warnings_Off (Full_View (T))) then goto Output; end if; diff --git a/gcc/ada/sem_res.adb b/gcc/ada/sem_res.adb index 44fc955..f618467 100644 --- a/gcc/ada/sem_res.adb +++ b/gcc/ada/sem_res.adb @@ -3163,9 +3163,21 @@ package body Sem_Res is = N_Iterated_Component_Association and then Is_Boolean_Type (Typ) then - Error_Msg_N -- CODEFIX - ("missing ALL or SOME in quantified expression", - Defining_Identifier (First (Component_Associations (N)))); + if Present + (Iterator_Specification + (First (Component_Associations (N)))) + then + Error_Msg_N -- CODEFIX + ("missing ALL or SOME in quantified expression", + Defining_Identifier + (Iterator_Specification + (First (Component_Associations (N))))); + else + Error_Msg_N -- CODEFIX + ("missing ALL or SOME in quantified expression", + Defining_Identifier + (First (Component_Associations (N)))); + end if; -- For an operator with no interpretation, check whether -- one of its operands may be a user-defined literal. diff --git a/gcc/ada/sem_util.adb b/gcc/ada/sem_util.adb index 13ffb11..ecfb49a 100644 --- a/gcc/ada/sem_util.adb +++ b/gcc/ada/sem_util.adb @@ -22167,19 +22167,6 @@ package body Sem_Util is pragma Assert (No (Actual)); end Iterate_Call_Parameters; - --------------------------- - -- Itype_Has_Declaration -- - --------------------------- - - function Itype_Has_Declaration (Id : Entity_Id) return Boolean is - begin - pragma Assert (Is_Itype (Id)); - return Present (Parent (Id)) - and then Nkind (Parent (Id)) in - N_Full_Type_Declaration | N_Subtype_Declaration - and then Defining_Entity (Parent (Id)) = Id; - end Itype_Has_Declaration; - ------------------------- -- Kill_Current_Values -- ------------------------- @@ -29500,6 +29487,9 @@ package body Sem_Util is when N_Iterated_Component_Association => Traverse_More (Loop_Actions (Node), Result); + when N_Iterated_Element_Association => + Traverse_More (Loop_Actions (Node), Result); + when N_Iteration_Scheme => Traverse_More (Condition_Actions (Node), Result); diff --git a/gcc/ada/sem_util.ads b/gcc/ada/sem_util.ads index dde5b27..9f909e0 100644 --- a/gcc/ada/sem_util.ads +++ b/gcc/ada/sem_util.ads @@ -2561,11 +2561,6 @@ package Sem_Util is -- Calls Handle_Parameter for each pair of formal and actual parameters of -- a function, procedure, or entry call. - function Itype_Has_Declaration (Id : Entity_Id) return Boolean; - -- Applies to Itypes. True if the Itype is attached to a declaration for - -- the type through its Parent field, which may or not be present in the - -- tree. - procedure Kill_Current_Values (Last_Assignment_Only : Boolean := False); -- This procedure is called to clear all constant indications from all -- entities in the current scope and in any parent scopes if the current diff --git a/gcc/ada/sigtramp-vxworks-target.h b/gcc/ada/sigtramp-vxworks-target.h index 153426e..3c85aa2 100644 --- a/gcc/ada/sigtramp-vxworks-target.h +++ b/gcc/ada/sigtramp-vxworks-target.h @@ -149,7 +149,7 @@ In general: There is no unique numbering for the x86 architecture. It's parameterized - by DWARF_FRAME_REGNUM, which is DBX_REGISTER_NUMBER except for Windows, and + by DWARF_FRAME_REGNUM, which is DEBUGGER_REGNO except for Windows, and the latter depends on the platform. */ diff --git a/gcc/ada/sinfo.ads b/gcc/ada/sinfo.ads index ddac1c9..fddfc72 100644 --- a/gcc/ada/sinfo.ads +++ b/gcc/ada/sinfo.ads @@ -4183,11 +4183,15 @@ package Sinfo is -- ITERATED_COMPONENT_ASSOCIATION ::= -- for DEFINING_IDENTIFIER in DISCRETE_CHOICE_LIST => EXPRESSION + -- for ITERATOR_SPECIFICATION => EXPRESSION + + -- At most one of (Defining_Identifier, Iterator_Specification) + -- is present at a time, in which case the other one is empty. -- N_Iterated_Component_Association -- Sloc points to FOR -- Defining_Identifier - -- Iterator_Specification (set to Empty if no Iterator_Spec) + -- Iterator_Specification -- Expression -- Discrete_Choices -- Loop_Actions @@ -4207,9 +4211,13 @@ package Sinfo is -- Etype --------------------------------- - -- 3.4.5 Comtainer_Aggregates -- + -- 3.4.5 Container_Aggregates -- --------------------------------- + -- ITERATED_ELEMENT_ASSOCIATION ::= + -- for LOOP_PARAMETER_SPECIFICATION[ use KEY_EXPRESSION] => EXPRESSION + -- | for ITERATOR_SPECIFICATION[ use KEY_EXPRESSION] => EXPRESSION + -- N_Iterated_Element_Association -- Key_Expression -- Iterator_Specification diff --git a/gcc/ada/sprint.adb b/gcc/ada/sprint.adb index 42a6e4f..243d67a 100644 --- a/gcc/ada/sprint.adb +++ b/gcc/ada/sprint.adb @@ -1341,9 +1341,13 @@ package body Sprint is when N_Iterated_Component_Association => Set_Debug_Sloc; Write_Str (" for "); - Write_Id (Defining_Identifier (Node)); - Write_Str (" in "); - Sprint_Bar_List (Discrete_Choices (Node)); + if Present (Iterator_Specification (Node)) then + Sprint_Node (Iterator_Specification (Node)); + else + Write_Id (Defining_Identifier (Node)); + Write_Str (" in "); + Sprint_Bar_List (Discrete_Choices (Node)); + end if; Write_Str (" => "); Sprint_Node (Expression (Node)); @@ -2307,6 +2311,11 @@ package body Sprint is Sprint_Node (Name (Node)); + if Present (Iterator_Filter (Node)) then + Write_Str (" when "); + Sprint_Node (Iterator_Filter (Node)); + end if; + when N_Itype_Reference => Write_Indent_Str_Sloc ("reference "); Write_Id (Itype (Node)); diff --git a/gcc/ada/switch-b.adb b/gcc/ada/switch-b.adb index 10feb23..a543ad9 100644 --- a/gcc/ada/switch-b.adb +++ b/gcc/ada/switch-b.adb @@ -379,6 +379,12 @@ package body Switch.B is Bad_Switch (Switch_Chars); end if; + -- Processing for k switch + + when 'k' => + Ptr := Ptr + 1; + Check_Elaboration_Flags := False; + -- Processing for K switch when 'K' => diff --git a/gcc/ada/treepr.adb b/gcc/ada/treepr.adb index 32f6e81..a9f4088 100644 --- a/gcc/ada/treepr.adb +++ b/gcc/ada/treepr.adb @@ -135,10 +135,6 @@ package body Treepr is function From_Union is new Ada.Unchecked_Conversion (Union_Id, Uint); function From_Union is new Ada.Unchecked_Conversion (Union_Id, Ureal); - function To_Mixed (S : String) return String; - -- Turns an identifier into Mixed_Case. For bootstrap reasons, we cannot - -- use To_Mixed function from System.Case_Util. - function Image (F : Node_Or_Entity_Field) return String; procedure Print_Init; @@ -371,8 +367,9 @@ package body Treepr is when others => declare - Result : constant String := To_Mixed (F'Img); + Result : String := F'Img; begin + To_Mixed (Result); return Result (3 .. Result'Last); -- Remove "F_" end; end case; @@ -1671,8 +1668,10 @@ package body Treepr is -------------------------- procedure Print_Str_Mixed_Case (S : String) is + Tmp : String := S; begin - Print_Str (To_Mixed (S)); + To_Mixed (Tmp); + Print_Str (Tmp); end Print_Str_Mixed_Case; ---------------- @@ -1806,17 +1805,6 @@ package body Treepr is Next_Serial_Number := Next_Serial_Number + 1; end Set_Serial_Number; - -------------- - -- To_Mixed -- - -------------- - - function To_Mixed (S : String) return String is - begin - return Result : String (S'Range) := S do - To_Mixed (Result); - end return; - end To_Mixed; - --------------- -- Tree_Dump -- --------------- |