* gcc-interface/trans.c (node_has_volatile_full_access) <N_Identifier>:
	Consider only entities for objects.

From-SVN: r258412

The $(GNATLIBCFLAGS) are already included in $(GNATLIBCFLAGS_FOR_C).

We must call the C compiler with the right machine flags.  So, add
$(GNATLIBCFLAGS_FOR_C) to $(OSCONS_EXTRACT).  For example, on a bi-arch
compiler supporting 32-bit and 64-bit instruction sets we pick otherwise
only one variant due to a missing -m32 or -m64 flag.

gcc/ada
	* gcc-interface/Makefile.in (OSCONS_CPP): Remove redundant
	$(GNATLIBCFLAGS).
	(OSCONS_EXTRACT): Add $(GNATLIBCFLAGS_FOR_C).

From-SVN: r258334

trans.c (convert_with_check): Fix typo in the condition guarding the overflow check emitted for the upper...

	* gcc-interface/trans.c (convert_with_check): Fix typo in the condition
	guarding the overflow check emitted for the upper bound of a floating-
	point conversion.

From-SVN: r258277

From-SVN: r258276

ada/
	* libgnat/i-cexten.ads (Float_128): New type.
c-family/
	* c-ada-spec.c (dump_ada_node) <NULLPTR_TYPE>: New case.
	<REAL_TYPE>: Deal specifically with _Float128/__float128.

From-SVN: r258068

	* gcc-interface/decl.c (array_type_has_nonaliased_component): Return
	false if the component type is a pointer.

From-SVN: r257344

When an object of a type with a specified Default_Value aspect is
declared without an explicit initial value and the default value is
out of range of the objects subtype, the compiler now issues a warning
that Constraint_Error will be raised due to an out-of-range value.

The test below must output a compiler warning as follows:

$ gcc -c -gnatj70 default_warning.adb
default_warning.adb:7:08: warning: value not in range of type
                          "Subint" defined at line 5,
                          "Constraint_Error" will be raised at run
                          time

procedure Default_Warning is

   type Int_With_Default is new Integer with Default_Value => 0;

   subtype Subint is Int_With_Default range 1 .. 100;

   S : Subint;

begin
   null;
end Default_Warning;

2018-01-11  Gary Dismukes  <dismukes@adacore.com>

gcc/ada/

	* exp_ch3.adb (Default_Initialize_Object): Call New_Copy_Tree on the
	result of Get_Simple_Init_Value and pass the source location of the
	object declaration's object_definition.

From-SVN: r256524

The presence of an address clause complicates the build-in-place expansion
because the indicated address must be processed before the indirect call is
generated, including the definition of a local pointer to the object.

The address clause may come from an aspect specification or from an explicit
attribute specification appearing after the object declaration. These two
cases require different processing.

2018-01-11  Ed Schonberg  <schonberg@adacore.com>

gcc/ada/

	* exp_ch6.adb (Make_Build_In_Place_Call_In_Object_Declaration): Handle
	properly object declarations with initializations that are
	build-in-place function calls, when there is an address specification,
	either as an aspect specification or an explicit attribute
	specification clause, for the initialized object.
	* freeze.adb (Check_Address_Clause): Do not remove side-effects from
	initial expressions in the case of a build-in-place call.

gcc/testsuite/

	* gnat.dg/bip_overlay.adb, gnat.dg/bip_overlay.ads: New testcase.

From-SVN: r256523

Frontend only calls Is_Null_Range and Not_Null_Range routines on full views
of types, but backends (for example GNATprove) might call them also on
private types. This patch adapts those routines to transparently retrieve
the full type when called on a private type.

No frontend test, because only external backends are affected.

2018-01-11  Piotr Trojanek  <trojanek@adacore.com>

gcc/ada/

	* sem_eval.adb (Is_Null_Range): Retrieve the full view when called on a
	private (sub)type; refactor to avoid early return statement.
	(Not_Null_Range): Same as above.

From-SVN: r256522

This patch ensures that single concurrent type declarations are marked as Ghost
when they appear within a Ghost region. In addition, the patch verifies that no
concurrent type is declared within a Ghost region and issues an error.

------------
-- Source --
------------

--  types.ads

package Types with Ghost is
   protected Prot_Obj is                                             --  Error
   end Prot_Obj;

   protected type Prot_Typ is                                        --  Error
   end Prot_Typ;

   task Task_Obj;                                                    --  Error

   task type Task_Typ;                                               --  Error
end Types;

----------------------------
-- Compilation and output --
----------------------------

$ gcc -c types.ads
types.ads:2:14: ghost type "Prot_Obj" cannot be concurrent
types.ads:5:19: ghost type "Prot_Typ" cannot be concurrent
types.ads:8:09: ghost type "Task_Obj" cannot be concurrent
types.ads:10:14: ghost type "Task_Typ" cannot be concurrent

2018-01-11  Hristian Kirtchev  <kirtchev@adacore.com>

gcc/ada/

	* freeze.adb (Freeze_Entity): Ensure that a Ghost type is not
	concurrent, nor effectively volatile.
	* ghost.adb (Check_Ghost_Type): New routine.
	* ghost.ads (Check_Ghost_Type): New routine.
	* sem_util.adb (Is_Declaration): Reimplemented. The routine can now
	consider specific subsets of declarations.
	(Is_Declaration_Other_Than_Renaming): Removed. Its functionality is
	replicated by Is_Declaration.
	* sem_util.ads (Is_Declaration): New parameter profile. Update the
	comment on usage.
	(Is_Declaration_Other_Than_Renaming): Removed.

From-SVN: r256521

This patch modifies the analysis of assignment statements to detect an illegal
attempt to alter the value of single protected type Part_Of constituent when
inside a protected function.

2018-01-11  Hristian Kirtchev  <kirtchev@adacore.com>

gcc/ada/

	* sem_ch5.adb (Analyze_Assignment): Assignments to variables that act
	as Part_Of consituents of single protected types are illegal when they
	take place inside a protected function.
	(Diagnose_Non_Variable_Lhs): Use Within_Function to check for an
	enclosing function.
	(Is_Protected_Part_Of_Constituent): New routine.
	(Within_Function): New routine.

gcc/testsuite/

	* gnat.dg/protected_func.adb, gnat.dg/protected_func.ads: New testcase.

From-SVN: r256520

2018-01-11  Arnaud Charlet  <charlet@adacore.com>

gcc/ada/

	Bump copyright notices to 2018.

From-SVN: r256519

2018-01-11  Hristian Kirtchev  <kirtchev@adacore.com>

gcc/ada/

	* binde.adb, par-ch6.adb, par-ch9.adb, sem_ch12.adb, sem_ch13.adb:
	Minor reformatting.

From-SVN: r256518

This patch fixes an issue whereby an expression within an expression
function declaration or completion without proper parenthesization is
incorrectly accepted by the compiler.

2018-01-11  Justin Squirek  <squirek@adacore.com>

gcc/ada/

	* par-ch6.adb (Scan_Body_Or_Expression_Function): Add additional check
	to make sure a given expression function is properly parenthesized.

gcc/testsuite/

	* gnat.dg/expr_func4.adb: New testcase.

From-SVN: r256517

This patch modifies the analysis of subprogram bodies to catch a case where a
pure subprogram body unit depends on non-pure units.

2018-01-11  Hristian Kirtchev  <kirtchev@adacore.com>

gcc/ada/

	* sem_ch6.adb (Analyze_Subprogram_Body_Helper): Check the
	categorization of a subprogram body which does not complete a previous
	declaration.

gcc/testsuite/

	* gnat.dg/pure_subp_body.adb, gnat.dg/pure_subp_body_pkg.ads: New
	testcase.

From-SVN: r256516

This patch updates the detection of illegal with clauses which import private
child packages to properly detect a grandchild of Ada.

------------
-- Source --
------------

--  fake.ads

package Fake is
end Fake;

--  fake-ada.ads

package Fake.Ada is
end Fake.Ada;

--  fake-ada-text_io.ads

package Fake.Ada.Text_IO is
end Fake.Ada.Text_IO;

--  fake-ada-text_io-float_io.ads

private generic
   type Num is digits <>;

package Fake.Ada.Text_IO.Float_IO is
end Fake.Ada.Text_IO.Float_IO;

--  fake-float_io.ads

private generic
   type Num is digits <>;

package Fake.Float_IO is
end Fake.Float_IO;

--  main.ads

with Fake.Ada.Text_IO.Float_IO;
with Fake.Float_IO;

package Main is
end Main;

----------------------------
-- Compilation and output --
----------------------------

$ gcc -c main.ads
main.ads:1:06: unit in with clause is private child unit
main.ads:1:06: current unit must also have parent "Text_IO"
main.ads:2:06: unit in with clause is private child unit
main.ads:2:06: current unit must also have parent "Fake"

2018-01-11  Hristian Kirtchev  <kirtchev@adacore.com>

gcc/ada/

	* sem_ch10.adb (Check_Private_Child_Unit): Ensure that the enclosing
	scope of package Ada is Standard.

From-SVN: r256515

This patch fixes a visibility error in the expression for a dynamic predicate
of a record type, when the expression contains a reference to a subcomponent
of the record given by a selected component whose prefix is the name of the
enclosing component.

Executing

   gnatmake -q -gnata main
   ./main

must yield:

   TGV OK
   Amtrak broken, as usual

----
with Text_IO; use Text_IO;
with Recpred; use Recpred;
procedure Main is
   TGV : Train_Data;
   Amtrak : Train_Data;
begin
  TGV  := (20, (10,10));
  Put_Line ("TGV OK");

  begin
     Amtrak := (30, (40, 40));
  exception
     when Others =>
        Put_Line ("Amtrak broken, as usual");
  end;
end;
----
package Recpred is

   type Train_Position is record
      TTD : Integer;
      VSS : Integer;
   end record;

   type Train_Data is record
      MA             : Integer;
      Front_Position : Train_Position;
   end record
     with Dynamic_Predicate => MA >= Front_Position.TTD;

end Recpred;

2018-01-11  Ed Schonberg  <schonberg@adacore.com>

gcc/ada/

	* sem_ch13.adb (Replace_Type_Ref): Handle properly reference to a
	subcomponent of the current entity when building the body for a dynamic
	predicate function for a record with composite subcomponents.

From-SVN: r256514

This patch modifies the transient scope mechanism to prevent secondary stack
leaks during object initialization. The modifications are as follows:

1) Prior to this change, the secondary stack was never managed within type
initialization procedures, for reasons unknown. It is speculated that the
controlled type model used at that time may have influenced this decision.
The secondary stack is now managed within type initialization procedures
in order to recover the memory once individual components or whole objects
are initialized.

2) A transient scope now delegates the secondary stack management to an
enclosing scope if there is no suitable context to wrap. This ensures that
the requirement to manage the secondary stack is not lost when the scope was
established for that purpose in mind.

3) A previous mechanism which examined the definition of a type (recursively)
to determine whether the type will involve the secondary stack was removed
because a) the mechanism could not detect this need with certainty, and b) the
trigger for secondary stack usage is now moved to the resolution of function
calls, which is always accurate.

------------
-- Source --
------------

--  types.ads

with Ada.Finalization; use Ada.Finalization;

package Types is
   type Ctrl is new Controlled with record
      Id : Integer;
   end record;

   procedure Initialize (Obj : in out Ctrl);

   function Make_Ctrl return Ctrl;
   function Make_Ctrl_From (Obj : Ctrl) return Ctrl;

   type Constr is array (1 .. 3) of Ctrl;
   type Unconstr is array (Integer range <>) of Ctrl;

   function Make_Constr return Constr;
   function Make_Unconstr (Low : Integer; High : Integer) return Unconstr;

   type Rec_1 is new Controlled with record
      Comp : Ctrl := Make_Ctrl;
   end record;

   type Rec_2 is new Controlled with record
      Comp : Ctrl := Make_Ctrl_From (Make_Ctrl);
   end record;

   type Rec_3 is new Controlled with record
      Comp : Constr := Make_Constr;
   end record;

   type Rec_4 is new Controlled with record
      Comp : Unconstr (1 .. 3) := Make_Unconstr (1, 3);
   end record;

   type Rec_5 is record
      Comp : Integer := 1 + Make_Ctrl.Id;
   end record;

   type Rec_6 is record
      Comp : Boolean := (for all X in 1 .. Make_Ctrl.Id =>
                           X = Make_Ctrl.Id);
   end record;
end Types;

--  types.adb

package body Types is
   Id_Gen : Integer := 0;

   procedure Initialize (Obj : in out Ctrl) is
   begin
      Id_Gen := Id_Gen + 1;
      Obj.Id := Id_Gen;
   end Initialize;

   function Make_Constr return Constr is
      Result : constant Constr := (others => Make_Ctrl);
   begin
      return Result;
   end Make_Constr;

   function Make_Ctrl return Ctrl is
      Result : Ctrl;
   begin
      return Result;
   end Make_Ctrl;

   function Make_Ctrl_From (Obj : Ctrl) return Ctrl is
      Result : Ctrl;
   begin
      Result.Id := Obj.Id;
      return Result;
   end Make_Ctrl_From;

   function Make_Unconstr (Low : Integer; High : Integer) return Unconstr is
      Result : constant Unconstr (Low .. High) := (others => Make_Ctrl);
   begin
      return Result;
   end Make_Unconstr;
end Types;

--  maker.ads

generic
   type Obj_Typ is private;
procedure Maker (Count : Positive);

--  maker.adb

procedure Maker (Count : Positive) is
   procedure Create is
      Obj : Obj_Typ;
      pragma Warnings (Off, Obj);
   begin null; end Create;

begin
   for Iter in 1 .. Count loop
      Create;
   end loop;
end Maker;

--  leaks.adb

with Maker;
with Types; use Types;

with Maker;
with Types; use Types;

procedure Leaks is
   procedure Make_1 is new Maker (Rec_1);
   procedure Make_2 is new Maker (Rec_2);
   procedure Make_3 is new Maker (Rec_3);
   procedure Make_4 is new Maker (Rec_4);
   procedure Make_5 is new Maker (Rec_5);
   procedure Make_6 is new Maker (Rec_6);

begin
   Make_1 (5_000);
   Make_2 (5_000);
   Make_3 (5_000);
   Make_4 (5_000);
   Make_5 (5_000);
   Make_6 (5_000);
end Leaks;

----------------------------
-- Compilation and output --
----------------------------

$ gnatmake -q leaks.adb
$ valgrind ./leaks > leaks.txt 2>&1
$ grep -c "still reachable" leaks.txt
0

2018-01-11  Hristian Kirtchev  <kirtchev@adacore.com>

gcc/ada/

	* exp_aggr.adb (Convert_Aggr_In_Object_Decl): Update the call to
	Establish_Transient_Scope.
	(Convert_To_Assignments): Update the call to Establish_Transient_Scope.
	(Expand_Array_Aggregate): Update the call to Establish_Transient_Scope.
	* exp_ch6.adb (Expand_Call_Helper): Update the call to
	Establish_Transient_Scope.
	(Make_Build_In_Place_Call_In_Object_Declaration): Update the call to
	Establish_Transient_Scope.
	* exp_ch7.adb (Establish_Transient_Scope): Restructured. Delegate the
	management of the secondary stack to an enclosing scope if there is no
	suitable construct to wrap, and the transient scope was intended to
	manage the secondary stack.
	(Find_Node_To_Be_Wrapped): Restructured. A case_statement_alternative
	is a valid boundary for a transient expression which comes from the
	statements of the alternative, otherwise alternatives cannot be
	wrapped. Assignments of controlled objects which have controlled
	actions suppressed now stop the traversal as there is no point in
	looking for an enclosing construct. Add several N_xxx_Body choices to
	the termination conditions for completeness.
	* exp_ch7.ads (Establish_Transient_Scope): Update the parameter profile
	and the associated comment on usage.
	* exp_smem.adb (Add_Shared_Var_Lock_Procs): Update the call to
	Establish_Transient_Scope.
	(Add_Write_After): Update the call to Establish_Transient_Scope.
	* sem_res.adb (Check_Initialization_Call): Removed.
	(Resolve_Actuals): Account for additional cases where finalization
	actions are required by utilizing predicate Needs_Finalization rather
	than Is_Controlled.
	(Resolve_Call): Type initialization procedures can now utilize
	transient scopes to manage the secondary stack, thus preventing leaks
	during initialization.  Remove the previous kludgy algorithm which
	attempts to manage the secondary stack at the object creation site.

From-SVN: r256513

2018-01-11  Jerome Lambourg  <lambourg@adacore.com>

gcc/ada/

	* libgnat/g-soliop__qnx.ads: New.
	* adaint.c, adaint.h, cstreams.c, s-oscons-tmplt.c, sysdep.c: Update
	for QNX.

From-SVN: r256512

The syntax rules do not allow null procedures in protected definitions. This
patch fixes a bug that accidentally allowed them.

2018-01-11  Bob Duff  <duff@adacore.com>

gcc/ada/

	* par-ch9.adb (P_Protected_Operation_Declaration_Opt): Give an error if
	a null procedure occurs in a protected definition.

gcc/testsuite/

	* gnat.dg/protected_null.adb: New testcase.

From-SVN: r256511

2018-01-11  Bob Duff  <duff@adacore.com>

gcc/ada/

	* binderr.ads, namet.ads: Minor reformatting.

From-SVN: r256510

2018-01-11  Bob Duff  <duff@adacore.com>

gcc/ada/

	* doc/gnat_ugn/gnat_utility_programs.rst: Improve documentation of
	xml2gnat.

From-SVN: r256509

If the -felab-order.txt switch is given to gnatbind, and there are duplicate
unit names in elab-order.txt, an error will be given.

The following test should get errors:

this (spec) <-- that (body)
error: elab-order.txt:5: duplicate unit name "this (spec)" from line 1
error: elab-order.txt:7: duplicate unit name "that (body)" from line 3
gnatmake: *** bind failed.

Content of elab-order.txt (7 lines):

this%s

that%b

this (spec)

that%b

gnatmake -q -f -g -O0 -gnata that-main.adb -bargs -felab-order.txt

package body That is
end That;
package That is
   pragma Elaborate_Body;
end That;
with This, That;
procedure That.Main is
begin
   null;
end That.Main;
package body This is
end This;
package This is
   pragma Elaborate_Body;
end This;

2018-01-11  Bob Duff  <duff@adacore.com>

gcc/ada/

	* binde.adb (Force_Elab_Order): Give an error if there are duplicate
	unit names.

From-SVN: r256508

An implicit dereference freezes the corresponding designated type. Most
implicit dereferences are made explicit during expansion, but this is not the
case for a dispatching call where the the controlling parameter and the
corresponding controlling argument are access to a tagged type. In that case,
to enforce the rule that an expression function that is a completion freezes
type references within, we must locate controlling arguments of an access type
and freeze explicitly the corresponding designated type.

2018-01-11  Ed Schonberg  <schonberg@adacore.com>

gcc/ada/

	* sem_ch6.adb (Freeze_Expr_Types): If an access value is the
	controlling argument of a dispatching call. freeze the corresponding
	designated type.

gcc/testsuite/

	* gnat.dg/expr_func3.adb, gnat.dg/expr_func3.ads: New testcase.

From-SVN: r256507

2018-01-11  Ben Brosgol  <brosgol@adacore.com>

gcc/ada/

	* doc/Makefile: Add Sphinx option -W to treat warnings as errors.

From-SVN: r256506

2018-01-11  Ben Brosgol  <brosgol@adacore.com>

gcc/ada/

	* doc/gnat_rm/implementation_defined_aspects.rst: Minor type/wording
	corrections.
	* gnat_rm.texi: Regenerate.

From-SVN: r256505

The compiler warns when a generic actual is a fixed-point type, because
arithmetic operations in the instance will use the predefined operations on
it, even if the type has user-defined primitive operations (unless formsl
surprograms for these operations appear in the generic). This patch refines
this warning to exclude the case where the formsal type is private, because
in this case there can be no suspicious arithmetic operastions in the generic
unit.

2018-01-11  Ed Schonberg  <schonberg@adacore.com>

gcc/ada/

	* sem_ch12.adb (Check_Fixed_Point_Type): Do not apply check if the
	formsl type corresponding to the actual fixed point type is private,
	because in this case there can be no suspicious arithmetic operations
	in the generic unless they reference a formal subprogram.  Clarify
	warning.

gcc/testsuite/

	* gnat.dg/fixedpnt2.adb, gnat.dg/fixedpnt2.ads: New testcase.

From-SVN: r256504

exp_util.adb (Remove_Side_Effects): No action done for functions returning class-wide types since it requires...

2018-01-11  Javier Miranda  <miranda@adacore.com>

gcc/ada/

	* exp_util.adb (Remove_Side_Effects): No action done for functions
	returning class-wide types since it requires generating code using
	'reference and the CCG target has no secondary stack.
	* gnat1drv.adb: Disable building static dispatch tables when generating
	C code.

From-SVN: r256503

GNATprove was emitting spurious checks about objects of the File_Type being
uninitialized and there was no easy to fix that (those checks could only be
silenced by pragma Annotate or by hiding File_Type behind as SPARK wrapper).

Now the full view of File_Type is annotated with Default_Initial_Condition
and GNATprove knows that objects of that type are default-initialized. The
default initialization is implicitly defined in the Ada RM (as indeed
there is no procedure that would take an IN OUT parameter of that type).

Semantics of Ada programs shall not be affected by these annotations,
so no frontend test is provided. It only affects GNATprove.

2018-01-11  Piotr Trojanek  <trojanek@adacore.com>

gcc/ada/

	* libgnat/a-direio.ads, libgnat/a-sequio.ads, libgnat/a-ststio.ads,
	libgnat/a-textio.ads, libgnat/a-witeio.ads, libgnat/a-ztexio.ads
	(File_Type): Add Default_Initial_Condition aspect.

From-SVN: r256502

This implementation fixes an issue on Windows where a single drive letter
was not followed by a directory separator. On Windows the following
program:

   with Ada.Text_IO; use Ada.Text_IO;
   with GNAT.OS_Lib; use GNAT.OS_Lib;
   procedure Main is
   begin
      Put_Line (Normalize_Pathname ("c:\"));
      Put_Line (Normalize_Pathname ("c:\toto\.."));
   end Main;

Must output:

C:\
C:\

2018-01-11  Pascal Obry  <obry@adacore.com>

gcc/ada/

	* libgnat/s-os_lib.adb (Normalize_Pathname): New implementation.

From-SVN: r256501

2018-01-11  Bob Duff  <duff@adacore.com>

gcc/ada/

	* doc/gnat_ugn/gnat_utility_programs.rst: Rewrite gnatpp documentation
	to match what the Libadalang-based version does.
	* doc/gnat_ugn/about_this_guide.rst: Update reference.

From-SVN: r256500

This pach modifies the expansion related to initialization calls and secondary
stack usage to inspec the components of a type derived from Limited_Controlled
or Controlled. Previously controlled types were treated as never utilizing the
secondary stack, however this is not true because a controlled type may contain
a component initialized by a function which returns on the secondary stack.

------------
-- Source --
------------

--  pack1.ads

with Ada.Finalization; use Ada.Finalization;

package Pack1 is
   type Ctrl is new Controlled with record
      Comp : Integer;
   end record;

   function Make_Ctrl return Ctrl;
end Pack1;

--  pack1.adb

package body Pack1 is
   Empty : constant Ctrl := (Controlled with Comp => 123);

   function Make_Ctrl return Ctrl is
   begin
      return Empty;
   end Make_Ctrl;
end Pack1;

--  pack2.ads

with Ada.Finalization; use Ada.Finalization;
with Pack1;            use Pack1;

package Pack2 is
   type Ctrl_Wrap is new Controlled with record
      Comp : Ctrl := Make_Ctrl;
   end record;
end Pack2;

--  main.adb

with Pack2; use Pack2;

procedure Main is
   procedure Make_Ctrl_Wrap is
      Obj : Ctrl_Wrap;
      pragma Warnings (Off, Obj);
   begin null; end Make_Ctrl_Wrap;

begin
   for Iter in 1 .. 10_000 loop
      Make_Ctrl_Wrap;
   end loop;
end Main;

----------------------------
-- Compilation and output --
----------------------------

$ gnatmake -q main.adb
$ valgrind ./main >& valgrind.log
$ grep -c "still reachable" valgrind.log
0

2018-01-11  Hristian Kirtchev  <kirtchev@adacore.com>

gcc/ada/

	* sem_res.adb (Uses_SS): A controlled type requires the secondary stack
	if it contains at least one component declaration employing a function
	call returning on the secondary stack.

From-SVN: r256499

2018-01-11  Yannick Moy  <moy@adacore.com>

gcc/ada/

	* doc/gnat_rm/standard_and_implementation_defined_restrictions.rst:
	Update description of restriction SPARK_05 with SPARK 2014.
	* gnat_rm.texi: Regenerate.

From-SVN: r256498

2018-01-11  Vasiliy Fofanov  <fofanov@adacore.com>

gcc/ada/

	* doc/gnat_ugn/gnat_utility_programs.rst: Fix layout.

From-SVN: r256497

2018-01-11  Hristian Kirtchev  <kirtchev@adacore.com>

gcc/ada/

	* exp_aggr.adb, exp_ch9.adb, exp_util.adb, sem_aggr.adb, sem_ch3.adb,
	sem_res.adb, sem_util.adb: Minor reformatting.

From-SVN: r256496

This patch fixes an omission in the processing of pragma Predicate, which
should have the same semantics as the corresponding aspect, which is more
commonly used.

Executing
   gnatmake -q -gnata predicate
   predicate

must yield:

   Even1 violated
   Even2 violated

----
with Text_IO; use Text_IO;
procedure Predicate is
begin
   begin
      declare
         subtype Even1 is Integer;
         pragma Predicate (Even1, Even1 mod 2 = 0);
         X1 : constant Even1 := 1; --  This should fail first
      begin
         null;
      end;
   exception
      when Others => Put_Line ("Even1 violated");
   end;

   begin
      declare
         subtype Even2 is Integer with Predicate => Even2 mod 2 = 0;
         X2 : constant Even2 := 1; --  This should fail later, if reached
      begin
         null;
      end;
   exception
      when Others => Put_Line ("Even2 violated");
   end;
end;

2018-01-11  Ed Schonberg  <schonberg@adacore.com>

gcc/ada/

	* sem_prag.adb (Analyze_Pragma, case Predicate): Indicate that the type
	has a delayed aspect which must be processed at the point the type is
	frozen. This mimics what is done when the predicate is provided by a
	source aspect.

From-SVN: r256495

2018-01-11  Doug Rupp  <rupp@adacore.com>

gcc/ada/

	* init.c (vxworks): Add macro checks for __aarch64__.

From-SVN: r256494

This patch corrects the generation of predicate checks to handle the case where
Predicate_Failure appears as a pragma.

------------
-- Source --
------------

--  main.adb

with Ada.Assertions; use Ada.Assertions;
with Ada.Exceptions; use Ada.Exceptions;
with Ada.Text_IO;    use Ada.Text_IO;

procedure Main is
   subtype Even_Asp is Integer
     with Predicate => Even_Asp mod 2 = 0,
          Predicate_Failure => "Even_Asp failed";

   subtype Even_Prag is Integer
     with Predicate => Even_Prag mod 2 = 0;
   pragma Predicate_Failure (Even_Prag, "Even_Prag failed");

begin
   begin
      declare
         Val : constant Even_Asp := 1;
      begin
         Put_Line ("ERROR: Even_Asp: did not fail");
      end;
   exception
      when AE : Assertion_Error => Put_Line (Exception_Message (AE));
      when others => Put_Line ("ERROR: Even_Asp: raised unexpected error");
   end;

   begin
      declare
         Val : constant Even_Prag := 3;
      begin
         Put_Line ("ERROR: Even_Prag: did not fail");
      end;
   exception
      when AE : Assertion_Error => Put_Line (Exception_Message (AE));
      when others => Put_Line ("ERROR: Even_Prag: raised unexpected error");
   end;
end Main;

----------------------------
-- Compilation and output --
----------------------------

$ gnatmake -q main.adb
$ ./main
Even_Asp failed
Even_Prag failed

2018-01-11  Hristian Kirtchev  <kirtchev@adacore.com>

gcc/ada/

	* exp_util.adb (Add_Failure_Expression): New routine.
	(Make_Predicate_Check): Reimplement the handling of Predicate_Failure.
	* sem_util.adb (Is_Current_Instance): Code cleanup.

From-SVN: r256493

This patch imposes a new check and rewrites existing ones to ensure operations
involving SS_Ptr do not cause an Integer overflow. The Default_Sec_Stack_Size
function was removed in the process to simplify System.Parameter.

SS_Ptr was derived from the integer System.Parameters.Size_Type to ease the
creation of objects of type SS_Stack by the binder and imposes a maximum
secondary stack size of 2GB. In most cases, the user will not hit this limit as
they cannot specify task stack sizes of more than 2GB via the Storage_Size and
Secondary_Stack_Size pragmas. Additionally, most operating systems limit the
primary stack size to less than 2GB, with defaults under 10MB. Linux is the
rare exception where the user can unbound the primary stack.

Executing the following:
gnatmake -q overflow
./overflow

must yield:

raised STORAGE_ERROR : s-secsta.adb:140 explicit raise

--  overflow.adb:

with String_Pack;

procedure Overflow is
begin
   null;
end Overflow;

-- string_pack.ads:

package String_Pack is
   function Return_Big_String return String;
end String_Pack;

-- string_pack.adb:

with Ada.Strings.Fixed; use Ada.Strings.Fixed;

package body String_Pack is
   function Return_Big_String return String is
   begin
      return Integer'Last * "P";
   end Return_Big_String;

   S : String := Return_Big_String;

end String_Pack;

2018-01-11  Patrick Bernardi  <bernardi@adacore.com>

gcc/ada/

	* libgnat/s-parame*.adb, libgnat/s-parame*.ads: Remove unneeded
	Default_Sec_Stack_Size.
	* libgnat/s-secsta.adb (SS_Allocate): Handle the fixed secondary stack
	limit check so that the integer index does not overflow. Check the
	dynamic stack allocation does not cause the secondary stack pointer to
	overflow.
	(SS_Info): Align colons.
	(SS_Init): Cover the case when bootstraping with an old compiler that
	does not set Default_SS_Size.

From-SVN: r256492

AI12-0166 specifies that it is illegal for a pre/postcondition of a
protected operation to contain an internal call to a protected function.
This patch completes the implementation of this rule in the case the
condition is inherited from a classwide condition of an abstract operation
of an interface type.

Compiling inheritpo.adb must yield:

   inheritpo.ads:9:04: instantiation error at line 6
   inheritpo.ads:9:04: internal call to "F" cannot appear
      in inherited precondition of protected operation "P"
   inheritpo.ads:9:04: instantiation error at line 7
   inheritpo.ads:9:04: internal call to "F" cannot appear
      in inherited precondition of protected operation "P"

--
package InheritPO is

   type T is limited interface;
   function F (X : T) return Boolean is abstract;
   procedure P (X : in out T) is abstract with
     Pre'Class  => X.F,
     Post'Class => X.F;

   protected type PT is new T with
     overriding function F return Boolean;
     overriding procedure P;
   end PT;

end InheritPO;
----
package body InheritPO is
   protected body PT is
     function F return Boolean is begin return True; end;
     procedure P is begin null; end;
   end PT;
end InheritPO;

2018-01-11  Ed Schonberg  <schonberg@adacore.com>

gcc/ada/

	* sem_ch3.adb (Add_Internal_Interface_Entities): When checking the
	legality of an inherited operation that may require overriding, ignore
	primitive_wrappers that correspond to explicit operations that override
	an interface primitive.

	* exp_util.adb (Build_Class_Wide_Expression, Replace_Entity): If the
	operation to which the class-wide expression applies is a protected op.
	with a primitive_wrapper, verify that the updated inherited expression
	does not contain an internal call to a protected function.  This
	completes the implementation of AI12-0166.

From-SVN: r256491