[multiple changes]
2012-11-06 Robert Dewar <dewar@adacore.com> * exp_ch4.adb: Minor comment change. 2012-11-06 Robert Dewar <dewar@adacore.com> * gnat_ugn.texi: Extensive revision of documentation of overflow checking. * vms_data.ads: Overflow check numbers must be in range 1-3, not 0-3. 2012-11-06 Tristan Gingold <gingold@adacore.com> * sem_ch9.adb (Analyze_Protected_Type_Declaration): Emit a warning if pragma Priority is used in presence of an interrupt handler. From-SVN: r193234
This commit is contained in:
parent
a7f1b24f81
commit
d8192289b5
|
@ -1,3 +1,20 @@
|
|||
2012-11-06 Robert Dewar <dewar@adacore.com>
|
||||
|
||||
* exp_ch4.adb: Minor comment change.
|
||||
|
||||
2012-11-06 Robert Dewar <dewar@adacore.com>
|
||||
|
||||
* gnat_ugn.texi: Extensive revision of documentation of overflow
|
||||
checking.
|
||||
* vms_data.ads: Overflow check numbers must be in range 1-3,
|
||||
not 0-3.
|
||||
|
||||
2012-11-06 Tristan Gingold <gingold@adacore.com>
|
||||
|
||||
* sem_ch9.adb (Analyze_Protected_Type_Declaration): Emit a
|
||||
warning if pragma Priority is used in presence of an interrupt
|
||||
handler.
|
||||
|
||||
2012-11-06 Robert Dewar <dewar@adacore.com>
|
||||
|
||||
* checks.ads, checks.adb, exp_ch4.adb: Minor changes throughout for
|
||||
|
|
|
@ -3715,7 +3715,7 @@ package body Exp_Ch4 is
|
|||
-- Save result type
|
||||
|
||||
Lo, Hi : Uint;
|
||||
-- Bounds in Minimize calls, not used yet ???
|
||||
-- Bounds in Minimize calls, not used currently
|
||||
|
||||
LLIB : constant Entity_Id := Base_Type (Standard_Long_Long_Integer);
|
||||
-- Entity for Long_Long_Integer'Base (Standard should export this???)
|
||||
|
|
|
@ -4339,15 +4339,14 @@ inlining, but that is no longer the case.
|
|||
|
||||
@item -gnato??
|
||||
@cindex @option{-gnato??} (@command{gcc})
|
||||
Set default overflow checking mode. Here `@code{??}' is two digits, a
|
||||
single digit, or nothing. Each digit is one of the digits `@code{0}'
|
||||
Set default mode for handling generation of code to avoid intermediate
|
||||
arithmetic overflow. Here `@code{??}' is two digits, a
|
||||
single digit, or nothing. Each digit is one of the digits `@code{1}'
|
||||
through `@code{3}':
|
||||
|
||||
@itemize @bullet
|
||||
@item @code{0}:
|
||||
suppress overflow checks (@code{SUPPRESSED})
|
||||
@item @code{1}:
|
||||
all intermediate overflows checked (@code{CHECKED})
|
||||
all intermediate overflows checked against base type (@code{STRICT})
|
||||
@item @code{2}:
|
||||
minimize intermediate overflows (@code{MINIMIZED})
|
||||
@item @code{3}:
|
||||
|
@ -4360,10 +4359,15 @@ assertions, and the second within assertions.
|
|||
|
||||
If no digits follow the @option{-gnato}, then it is equivalent to
|
||||
@option{-gnato11},
|
||||
causing all intermediate overflows to be checked.
|
||||
causing all intermediate overflows to be handled in strict mode.
|
||||
|
||||
This switch also causes arithmetic overflow checking to be performed
|
||||
(as though pragma @code{Unsuppress (Overflow_Check)} has been specified.
|
||||
|
||||
The default if no option @option{-gnato} is given is that overflow handling
|
||||
is in @code{STRICT} mode (computations done using the base type), and that
|
||||
overflow is not enabled.
|
||||
|
||||
The default if no option @option{-gnato} is given is that overflows are not
|
||||
checked, which is equivalent to @option{-gnato00}.
|
||||
Note that division by zero is a separate check that is not
|
||||
controlled by this switch (division by zero checking is on by default).
|
||||
|
||||
|
@ -25619,7 +25623,8 @@ intermediate addition of @code{(A + 1)} raises an overflow error.
|
|||
|
||||
The (perhaps surprising) answer is that the Ada language
|
||||
definition does not answer this question. Instead it leaves
|
||||
it up to the implementation to do one of two things:
|
||||
it up to the implementation to do one of two things if overflow
|
||||
checks are enabled.
|
||||
|
||||
@itemize @bullet
|
||||
@item
|
||||
|
@ -25632,10 +25637,14 @@ subsequent operations.
|
|||
|
||||
@noindent
|
||||
If the compiler chooses the first approach, then the assignment of this
|
||||
example will indeed raise @code{Constraint_Error}. But if the compiler
|
||||
example will indeed raise @code{Constraint_Error} if overflow checking is
|
||||
enabled, or result in erroneous execution if overflow checks are suppressed.
|
||||
|
||||
But if the compiler
|
||||
chooses the second approach, then it can perform both additions yielding
|
||||
the correct mathematical result, which is in range, so no exception
|
||||
will be raised.
|
||||
will be raised, and the right result is obtained, regardless of whether
|
||||
overflow checks are suppressed.
|
||||
|
||||
Note that in the first example an
|
||||
exception will be raised in either case, since if the compiler
|
||||
|
@ -25700,30 +25709,22 @@ would prefer this precondition to be considered True at run time).
|
|||
To deal with the portability issue, and with the problem of
|
||||
mathematical versus run-time intepretation of the expressions in
|
||||
assertions, GNAT provides comprehensive control over the handling
|
||||
of intermediate overflow. GNAT can operate in four modes, and
|
||||
of intermediate overflow. GNAT can operate in three modes, and
|
||||
furthemore, permits separate selection of operating modes for
|
||||
the expressions within assertions (here the term ``assertions''
|
||||
is used in the technical sense, which includes preconditions and so forth)
|
||||
and for expressions appearing outside assertions.
|
||||
|
||||
The four modes are:
|
||||
The three modes are:
|
||||
|
||||
@itemize @bullet
|
||||
@item @i{Checks suppressed} (@code{SUPPRESSED})
|
||||
|
||||
This is the normal defined language mode, as specified by a pragma
|
||||
@code{Suppress (Overflow_Check)}. If any intermediate overflow occurs,
|
||||
then the program execution is erroneous, which means that anything
|
||||
could happen. Note in particular, that the result of evaluating
|
||||
a precondition may be plain wrong if there is an intermediate
|
||||
overflow, as in our examples above.
|
||||
|
||||
@item @i{All intermediate overflows checked} (@code{CHECKED})
|
||||
@item @i{All intermediate overflows checked} (@code{STRICT})
|
||||
|
||||
In this mode, all intermediate results for predefined arithmetic
|
||||
operators must be in range of the base type. If this is not the
|
||||
case a constraint error is raised. This is the normal default mode
|
||||
specified by use of the pragma @code{Unsuppress (Overflow_Check)}.
|
||||
case then either an exception is raised (if overflow checks are
|
||||
enabled) or the execution is erroneous (if overflow checks are suppressed).
|
||||
This is the normal default mode.
|
||||
|
||||
@item @i{Most intermediate overflows avoided} (@code{MINIMIZED})
|
||||
|
||||
|
@ -25732,7 +25733,7 @@ The four modes are:
|
|||
performed for predefined arithmetic operators. This is slightly more
|
||||
expensive at
|
||||
run time (compared to suppressing intermediate overflow checks), though
|
||||
the cost is minimal on modern 64-bit machines. For the examples given
|
||||
the cost is negligible on modern 64-bit machines. For the examples given
|
||||
earlier, no intermediate overflows would have resulted in exceptions,
|
||||
since the intermediate results are all in the range of
|
||||
@code{Long_Long_Integer} (typically 64-bits on nearly all implementations
|
||||
|
@ -25750,9 +25751,11 @@ The four modes are:
|
|||
Now the intermediate results are
|
||||
out of the range of @code{Long_Long_Integer} even though the final result
|
||||
is in range and the precondition is True (from a mathematical point
|
||||
of view). In such a case, operating in this mode, an exception will
|
||||
be raised for the intermediate overflow (which is why this mode
|
||||
says @i{most} intermediate overflows are avoided).
|
||||
of view). In such a case, operating in this mode, an overflow occurs
|
||||
for the intermediate computation (which is why this mode
|
||||
says @i{most} intermediate overflows are avoided). In this case,
|
||||
an exception is raised if overflow checks are enabled, and the
|
||||
execution is erroneous if overflow checks are suppressed.
|
||||
|
||||
@item @i{All intermediate overflows avoided} (@code{ELIMINATED})
|
||||
|
||||
|
@ -25773,6 +25776,15 @@ The four modes are:
|
|||
predefined arithmetic operators, meaning that there is never a
|
||||
conflict between the mathematical view of the assertion, and its
|
||||
run-time behavior.
|
||||
|
||||
Note that in this mode, the behavior is unaffected by whether or
|
||||
not overflow checks are suppressed, since overflow does not occur.
|
||||
It is possible for gigantic intermediate expressions to raise
|
||||
@code{Storage_Error} as a result of attempting to compute the
|
||||
results of such expressions (e.g. @code{Integer'Last ** Integer'Last})
|
||||
but overflow is impossible.
|
||||
|
||||
|
||||
@end itemize
|
||||
|
||||
@noindent
|
||||
|
@ -25781,9 +25793,10 @@ The four modes are:
|
|||
aritmetic.
|
||||
|
||||
For fixed-point arithmetic, checks can be suppressed. But if checks
|
||||
are enabled (any of the three non-suppress modes will enable checks),
|
||||
are enabled
|
||||
then fixed-point values are always checked for overflow against the
|
||||
base type for intermediate expressions.
|
||||
base type for intermediate expressions (that is such checks always
|
||||
operate in the equivalent of @code{STRICT} mode).
|
||||
|
||||
For floating-point, on nearly all architectures, @code{Machine_Overflows}
|
||||
is False, and IEEE infinities are generated, so overflow exceptions
|
||||
|
@ -25799,7 +25812,7 @@ The four modes are:
|
|||
@section Specifying the Desired Mode
|
||||
|
||||
@noindent
|
||||
The desired mode of overflow checking can be specified using
|
||||
The desired mode of for handling intermediate overflow can be specified using
|
||||
either the @code{Overflow_Checks} pragma or an equivalent compiler switch.
|
||||
The pragma has the form
|
||||
@cindex pragma @code{Overflow_Checks}
|
||||
|
@ -25812,8 +25825,7 @@ The pragma has the form
|
|||
where @code{MODE} is one of
|
||||
|
||||
@itemize @bullet
|
||||
@item @code{SUPPRESSED}: suppress overflow checks
|
||||
@item @code{CHECKED}: all intermediate overflows checked
|
||||
@item @code{STRICT}: intermediate overflows checked (using base type)
|
||||
@item @code{MINIMIZED}: minimize intermediate overflows
|
||||
@item @code{ELIMINATED}: eliminate intermediate overflows
|
||||
@end itemize
|
||||
|
@ -25850,17 +25862,21 @@ configuration pragma, specifying a default for the whole
|
|||
program, or in a declarative scope, where it applies to the
|
||||
remaining declarations and statements in that scope.
|
||||
|
||||
Note that pragma @code{Overflow_Checks} does not affect whether
|
||||
overflow checks are enabled or suppressed. It only controls the
|
||||
method used to compute intermediate values. To control whether
|
||||
overflow checking is enabled or suppressed, use pragma @code{Suppress}
|
||||
or @code{Unsuppress} in the usual manner
|
||||
|
||||
Additionally, a compiler switch @option{-gnato?} or @option{-gnato??}
|
||||
can be used to control the checking mode default (which can be subsequently
|
||||
overridden using the pragma form).
|
||||
overridden using pragmas).
|
||||
@cindex @option{-gnato?} (gcc)
|
||||
@cindex @option{-gnato??} (gcc)
|
||||
|
||||
Here `@code{?}' is one of the digits `@code{0}' through `@code{3}':
|
||||
Here `@code{?}' is one of the digits `@code{1}' through `@code{3}':
|
||||
|
||||
@itemize @bullet
|
||||
@item @code{0}:
|
||||
suppress overflow checks (@code{SUPPRESSED})
|
||||
@item @code{1}:
|
||||
all intermediate overflows checked (@code{CHECKED})
|
||||
@item @code{2}:
|
||||
|
@ -25879,6 +25895,11 @@ If no digits follow the @option{-gnato}, then it is equivalent to
|
|||
@option{-gnato11},
|
||||
causing all intermediate overflows to be checked.
|
||||
|
||||
In addition to setting the mode used for computation of intermediate
|
||||
results, the @code{-gnato} switch also enables overflow checking (which
|
||||
is suppressed by default). It thus combines the effect of using
|
||||
a pragma @code{Overflow_Checks} and pragma @code{Unsuppress}.
|
||||
|
||||
|
||||
@c -------------------------
|
||||
@node Default Settings
|
||||
|
@ -25887,48 +25908,37 @@ causing all intermediate overflows to be checked.
|
|||
The default mode for overflow checks is
|
||||
|
||||
@smallexample
|
||||
General => Suppressed
|
||||
General => Strict
|
||||
@end smallexample
|
||||
|
||||
@noindent
|
||||
which suppresses checks inside and outside assertions,
|
||||
which causes all computations both inside and outside assertions to use
|
||||
the base type. In addition overflow checks are suppressed.
|
||||
|
||||
This retains compatibility with previous versions of
|
||||
GNAT which suppressed overflow checks by default.
|
||||
GNAT which suppressed overflow checks by default and always
|
||||
used the base type for computation of intermediate results.
|
||||
|
||||
The switch @option{-gnato} (with no digits following) is equivalent to
|
||||
@cindex @option{-gnato} (gcc)
|
||||
|
||||
@smallexample
|
||||
General => Checked
|
||||
General => Strict
|
||||
@end smallexample
|
||||
|
||||
@noindent
|
||||
which causes overflow checking of all intermediate overflows
|
||||
both inside and outside assertions. This provides compatibility
|
||||
both inside and outside assertions against the base type.
|
||||
This provides compatibility
|
||||
with this switch as implemented in previous versions of GNAT.
|
||||
|
||||
The pragma @code{Suppress (Overflow_Check)} sets mode
|
||||
|
||||
@smallexample
|
||||
General => Suppressed
|
||||
@end smallexample
|
||||
|
||||
@noindent
|
||||
suppressing all overflow checking within and outside
|
||||
assertions.
|
||||
@cindex @code{Overflow_Check} (argument to pragma Suppress)
|
||||
|
||||
The pragam @code{Unsuppress (Overflow_Check)} sets mode
|
||||
|
||||
@smallexample
|
||||
General => Checked
|
||||
@end smallexample
|
||||
|
||||
@noindent
|
||||
which causes overflow checking of all intermediate overflows.
|
||||
This applies both inside and outside assertions.
|
||||
@cindex @code{Overflow_Check} (argument to pragma Unsuppress)
|
||||
The pragma @code{Suppress (Overflow_Check)} disables overflow
|
||||
checking, but it has no effect on the method used for computing
|
||||
intermediate results.
|
||||
|
||||
The pragam @code{Unsuppress (Overflow_Check)} enables overflow
|
||||
checking, but it has no effect on the method used for computing
|
||||
intermediate results.
|
||||
|
||||
@c -------------------------
|
||||
@node Implementation Notes
|
||||
|
@ -25944,12 +25954,7 @@ makes sense if you want to
|
|||
make sure that your code is compatible with any other possible
|
||||
Ada implementation. This may be useful in ensuring portability
|
||||
for code that is to be exported to some other compiler than GNAT.
|
||||
It is also appropriate if you intend to turn off checks for
|
||||
the final delivered software, since in @code{SUPPRESSED} mode, the
|
||||
assumption is that all intermediate results are in range. In
|
||||
this situation, it is likely that you are also suppressing
|
||||
assertions in the final executable, so in that case it does not
|
||||
matter which mode is selected for assertions during development.
|
||||
|
||||
|
||||
The Ada standard allows the reassociation of expressions at
|
||||
the same precedence level if no parentheses are present. For
|
||||
|
|
|
@ -2036,16 +2036,12 @@ package body Sem_Ch9 is
|
|||
-- by an aspect/pragma.
|
||||
|
||||
declare
|
||||
Id : constant Entity_Id :=
|
||||
Defining_Identifier (Original_Node (N));
|
||||
Id : constant Entity_Id := Defining_Identifier (Original_Node (N));
|
||||
-- The warning must be issued on the original identifier in order
|
||||
-- to deal properly with the case of a single protected object.
|
||||
|
||||
Prio_Item : constant Node_Id :=
|
||||
Get_Rep_Item
|
||||
(Defining_Identifier (N),
|
||||
Name_Priority,
|
||||
Check_Parents => False);
|
||||
Get_Rep_Item (Def_Id, Name_Priority, False);
|
||||
|
||||
begin
|
||||
if Present (Prio_Item) then
|
||||
|
@ -2074,11 +2070,42 @@ package body Sem_Ch9 is
|
|||
end if;
|
||||
end if;
|
||||
|
||||
-- If the Attach_Handler aspect is specified or the Interrupt_Handler
|
||||
-- aspect is True, then the initial ceiling priority must be in the
|
||||
-- range of System.Interrupt_Priority. It is therefore recommanded
|
||||
-- to use the Interrupt_Priority aspect instead of the Priority aspect.
|
||||
|
||||
if Has_Interrupt_Handler (T) or else Has_Attach_Handler (T) then
|
||||
declare
|
||||
Prio_Item : constant Node_Id :=
|
||||
Get_Rep_Item (Def_Id, Name_Priority, False);
|
||||
|
||||
begin
|
||||
if Present (Prio_Item) then
|
||||
|
||||
-- Aspect case
|
||||
|
||||
if (Nkind (Prio_Item) = N_Aspect_Specification
|
||||
or else From_Aspect_Specification (Prio_Item))
|
||||
and then Chars (Identifier (Prio_Item)) = Name_Priority
|
||||
then
|
||||
Error_Msg_N ("?aspect Interrupt_Priority is preferred "
|
||||
& "in presence of handlers", Prio_Item);
|
||||
|
||||
-- Pragma case
|
||||
|
||||
elsif Pragma_Name (Prio_Item) = Name_Priority then
|
||||
Error_Msg_N ("?pragma Interrupt_Priority is preferred "
|
||||
& "in presence of handlers", Prio_Item);
|
||||
end if;
|
||||
end if;
|
||||
end;
|
||||
end if;
|
||||
|
||||
-- Case of a completion of a private declaration
|
||||
|
||||
if T /= Def_Id
|
||||
and then Is_Private_Type (Def_Id)
|
||||
then
|
||||
if T /= Def_Id and then Is_Private_Type (Def_Id) then
|
||||
|
||||
-- Deal with preelaborable initialization. Note that this processing
|
||||
-- is done by Process_Full_View, but as can be seen below, in this
|
||||
-- case the call to Process_Full_View is skipped if any serious
|
||||
|
@ -2326,9 +2353,7 @@ package body Sem_Ch9 is
|
|||
-- the first parameter of Entry_Id since it is the interface
|
||||
-- controlling formal.
|
||||
|
||||
if Ada_Version >= Ada_2012
|
||||
and then Is_Disp_Req
|
||||
then
|
||||
if Ada_Version >= Ada_2012 and then Is_Disp_Req then
|
||||
declare
|
||||
Enclosing_Formal : Entity_Id;
|
||||
Target_Formal : Entity_Id;
|
||||
|
@ -2668,7 +2693,7 @@ package body Sem_Ch9 is
|
|||
Ref_Id : Entity_Id;
|
||||
-- This is the entity of the task or task type, and is the entity used
|
||||
-- for cross-reference purposes (it differs from Spec_Id in the case of
|
||||
-- a single task, since Spec_Id is set to the task type)
|
||||
-- a single task, since Spec_Id is set to the task type).
|
||||
|
||||
begin
|
||||
Tasking_Used := True;
|
||||
|
|
|
@ -2117,12 +2117,11 @@ package VMS_Data is
|
|||
-- range 0-3, it sets the overflow checking mode for all expressions,
|
||||
-- including those outside and within assertions. The meaning of nnn is:
|
||||
--
|
||||
-- 0 suppress overflow checks (SUPPRESSED)
|
||||
-- 1 all intermediate overflows checked (CHECKED)
|
||||
-- 1 all intermediate computations done using base type (STRICT)
|
||||
-- 2 minimize intermediate overflows (MINIMIZED)
|
||||
-- 3 eliminate intermediate overflows (ELIMINATED)
|
||||
--
|
||||
-- Otherwise nn can be two digits, both 0-3, and in this case the first
|
||||
-- Otherwise nn can be two digits, both 1-3, and in this case the first
|
||||
-- digit sets the mode (using the above code) for expressions outside an
|
||||
-- assertion, and the second digit sets the mode for expressions within
|
||||
-- an assertion.
|
||||
|
|
Loading…
Reference in New Issue