[Ada] Avoid crash in GNATprove_Mode on allocator inside type

In the special mode for GNATprove, subtypes should be declared for
allocators when constraints are used. This was done previously but it
does not work inside spec expressions, as the declaration is not
inserted and analyzed in the AST in that case, leading to a later crash
on an incomplete entity. Thus, no declaration should be created in such
a case, letting GNATprove later reject such code due to the use of an
allocator in an interfering context.

2019-08-13  Yannick Moy  <moy@adacore.com>

gcc/ada/

	* sem_ch4.adb (Analyze_Allocator): Do not insert subtype
	declaration for allocator inside a spec expression.

gcc/testsuite/

	* gnat.dg/allocator2.adb, gnat.dg/allocator2.ads: New testcase.

From-SVN: r274345

gcc/ada/ChangeLog

 2019-08-13  Yannick Moy  <moy@adacore.com>
 
+	* sem_ch4.adb (Analyze_Allocator): Do not insert subtype
+	declaration for allocator inside a spec expression.
+
+2019-08-13  Yannick Moy  <moy@adacore.com>
+
 	* sem_res.adb (Resolve_Call): Do not inline calls inside record
 	types.
 

gcc/ada/sem_ch4.adb

@@ -676,9 +676,15 @@ package body Sem_Ch4 is
 
                --  In GNATprove mode we need to preserve the link between
                --  the original subtype indication and the anonymous subtype,
-               --  to extend proofs to constrained acccess types.
-
-               if Expander_Active or else GNATprove_Mode then
+               --  to extend proofs to constrained acccess types. We only do
+               --  that outside of spec expressions, otherwise the declaration
+               --  cannot be inserted and analyzed. In such a case, GNATprove
+               --  later rejects the allocator as it is not used here in
+               --  a non-interfering context (SPARK 4.8(2) and 7.1.3(12)).
+
+               if Expander_Active
+                 or else (GNATprove_Mode and then not In_Spec_Expression)
+               then
                   Def_Id := Make_Temporary (Loc, 'S');
 
                   Insert_Action (E,

gcc/testsuite/ChangeLog

+2019-08-13  Yannick Moy  <moy@adacore.com>
+
+	* gnat.dg/allocator2.adb, gnat.dg/allocator2.ads: New testcase.
+
 2019-08-13  Eric Botcazou  <ebotcazou@adacore.com>
 
 	* gnat.dg/generic_inst9.adb, gnat.dg/generic_inst9.ads,

gcc/testsuite/gnat.dg/allocator2.adb

+--  { dg-do compile }
+--  { dg-options "-gnatd.F" }
+
+package body Allocator2 is
+   procedure Dummy is null;
+end Allocator2;

gcc/testsuite/gnat.dg/allocator2.ads

+pragma SPARK_Mode;
+package Allocator2 is
+    type Nat_Array is array (Positive range <>) of Natural with
+      Default_Component_Value => 0;
+    type Nat_Stack (Max : Natural) is record
+       Content : Nat_Array (1 .. Max);
+    end record;
+    type Stack_Acc is access Nat_Stack;
+    type My_Rec is private;
+private
+    type My_Rec is record
+       My_Stack : Stack_Acc := new Nat_Stack (Max => 10);
+    end record;
+   procedure Dummy;
+end Allocator2;