2008-08-08 Thomas Quinot <quinot@adacore.com>
+ * gsocket.h:
+ On Windows, include <errno.h> and redefine only selected errno values
+ from their <winsock2.h> definitions.
+
+ * s-osinte-freebsd.ads: Minor reformatting
+
+ * s-osinte-hpux.ads, s-osinte-irix.ads: Minor reformatting
+
+ * g-soccon.ads: New file.
+
+ * g-stheme.adb, g-socthi-vms.adb, g-socthi-vxworks.adb,
+ g-socthi-mingw.adb, g-sttsne-vxworks.adb, g-socthi.adb,
+ g-stsifd-sockets.adb, g-socket.adb, g-socket.ads,
+ g-sothco.adb, g-sothco.ads: Add back GNAT.Sockets.Constants as a child
+ unit, to allow building software that depends on this internal unit
+ with both older and newer compilers.
+
+2008-08-08 Robert Dewar <dewar@adacore.com>
+
+ * s-strxdr.adb: Minor reformatting
+
+2008-08-08 Bob Duff <duff@adacore.com>
+
+ * gnat_ugn.texi: The "Run-Time Checks" section said "arithmetic overflow
+ checking for integer operations (including division by zero)", which
+ is wrong -- divide by zero is not part of overflow checking.
+ Also added misc clarification about what check-suppression means.
+
+ * gnat_rm.texi: Clarify the meaning of pragma Suppress.
+
+2008-08-08 Jerome Lambourg <lambourg@adacore.com>
+
+ * g-comlin.adb (Add_Switch): Handle addition of switches at the
+ begining of the command line.
+ (Append, Add): Renaming of Append to Add as this now allows addition
+ at the begining of the list.
+
+ * g-comlin.ads (Add_Switch): Handle addition of switches at the
+ begining of the command line.
+
+2008-08-08 Thomas Quinot <quinot@adacore.com>
+
+ * g-sercom.ads:
+ (Name): Document application scope (only legacy PC serial ports on
+ Linux and Windows).
+
+2008-08-08 Thomas Quinot <quinot@adacore.com>
+
* gcc-interface/Makefile.in, gcc-interface/Make-lang.in: Revert
previous change, not needed after all.
@item -gnato
@cindex @option{-gnato} (@command{gcc})
Enable numeric overflow checking (which is not normally enabled by
-default). Not that division by zero is a separate check that is not
+default). Note that division by zero is a separate check that is not
controlled by this switch (division by zero checking is on by default).
@item -gnatp
@cindex @option{-gnatp} (@command{gcc})
-Suppress all checks.
+Suppress all checks. See @ref{Run-Time Checks} for details.
@item -gnatP
@cindex @option{-gnatP} (@command{gcc})
@cindex Checks, stack overflow checking
@noindent
-If you compile with the default options, GNAT will insert many run-time
-checks into the compiled code, including code that performs range
-checking against constraints, but not arithmetic overflow checking for
-integer operations (including division by zero), checks for access
-before elaboration on subprogram calls, or stack overflow checking. All
-other run-time checks, as required by the Ada Reference Manual, are
-generated by default. The following @command{gcc} switches refine this
-default behavior:
+By default, the following checks are suppressed: integer overflow
+checks, stack overflow checks, and checks for access before
+elaboration on subprogram calls. All other checks, including range
+checks and array bounds checks, are turned on by default. The
+following @command{gcc} switches refine this default behavior.
@table @option
@c !sort!
@cindex Suppressing checks
@cindex Checks, suppressing
@findex Suppress
-Suppress all run-time checks as though @code{pragma Suppress (all_checks})
+Suppress all run-time checks as though @code{pragma Suppress (All_checks)}
had been present in the source. Validity checks are also suppressed (in
other words @option{-gnatp} also implies @option{-gnatVn}.
Use this switch to improve the performance
of the code at the expense of safety in the presence of invalid data or
program bugs.
+Note that when checks are suppressed, the compiler is allowed, but not
+required, to omit the checking code. If the run-time cost of the
+checking code is zero or near-zero, the compiler will generate it even
+if checks are suppressed. In particular, if the compiler can prove
+that a certain check will necessarily fail, it will generate code to
+do an unconditional ``raise'', even if checks are suppressed. The
+compiler warns in this case.
+
+Of course, run-time checks are omitted whenever the compiler can prove
+that they will not fail, whether or not checks are suppressed.
+
+Note that if you suppress a check that would have failed, program
+execution is erroneous, which means the behavior is totally
+unpredictable. The program might crash, or print wrong answers, or
+do anything else. It might even do exactly what you wanted it to do
+(and then it might start failing mysteriously next week or next
+year). The compiler will generate code based on the assumption that
+the condition being checked is true, which can result in disaster if
+that assumption is wrong.
+
@item -gnato
@cindex @option{-gnato} (@command{gcc})
@cindex Overflow checks
@end smallexample
@noindent
-Note that if explicit values are assigned at compile time, the compiler may
-be able to detect overflow at compile time, in which case no run-time check
-is required, and the setting of -gnato is irrelevant. That's why the assigned
-values in the above fragment are in quotes, the meaning is "assign a value
-not known to the compiler that happens to be equal to ...". The remaining
-discussion assumes that the compiler cannot detect the values at compile time.
+Note that if explicit values are assigned at compile time, the
+compiler may be able to detect overflow at compile time, in which case
+no actual run-time checking code is required, and Constraint_Error
+will be raised unconditionally, with or without
+@option{-gnato}. That's why the assigned values in the above fragment
+are in quotes, the meaning is "assign a value not known to the
+compiler that happens to be equal to ...". The remaining discussion
+assumes that the compiler cannot detect the values at compile time.
Here the first addition results in a value that is outside the base range
of Integer, and hence requires an overflow check for detection of the
constraint error. Thus the first assignment to @code{X1} raises a
@code{Constraint_Error} exception only if @option{-gnato} is set.
-The second increment operation results in a violation
-of the explicit range constraint, and such range checks are always
-performed (unless specifically suppressed with a pragma @code{suppress}
-or the use of @option{-gnatp}).
+The second increment operation results in a violation of the explicit
+range constraint; such range checks are performed by default, and are
+unaffected by @option{-gnato}.
The two conversions of @code{F} both result in values that are outside
the base range of type @code{Integer} and thus will raise
@cindex Check, elaboration
Enables dynamic checks for access-before-elaboration
on subprogram calls and generic instantiations.
+Note that @option{-gnatE} is not necessary for safety, because in the
+default mode, GNAT ensures statically that the checks would not fail.
For full details of the effect and use of this switch,
@xref{Compiling Using gcc}.
@subsection Controlling Run-Time Checks
@noindent
-By default, GNAT generates all run-time checks, except arithmetic overflow
-checking for integer operations and checks for access before elaboration on
+By default, GNAT generates all run-time checks, except integer overflow
+checks, stack overflow checks, and checks for access before elaboration on
subprogram calls. The latter are not required in default mode, because all
necessary checking is done at compile time.
@cindex @option{-gnatp} (@command{gcc})
projects / platform / upstream / linaro-gcc.git / commitdiff