| blob | 713ea26306caef740cefb642a8fd778365309f17 |
1 ------------------------------------------------------------------------------
2 -- --
3 -- GNAT COMPILER COMPONENTS --
4 -- --
5 -- C H E C K S --
6 -- --
7 -- B o d y --
8 -- --
9 -- Copyright (C) 1992-2004 Free Software Foundation, Inc. --
10 -- --
11 -- GNAT is free software; you can redistribute it and/or modify it under --
12 -- terms of the GNU General Public License as published by the Free Soft- --
13 -- ware Foundation; either version 2, or (at your option) any later ver- --
14 -- sion. GNAT is distributed in the hope that it will be useful, but WITH- --
15 -- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY --
16 -- or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License --
17 -- for more details. You should have received a copy of the GNU General --
18 -- Public License distributed with GNAT; see file COPYING. If not, write --
19 -- to the Free Software Foundation, 59 Temple Place - Suite 330, Boston, --
20 -- MA 02111-1307, USA. --
21 -- --
22 -- GNAT was originally developed by the GNAT team at New York University. --
23 -- Extensive contributions were provided by Ada Core Technologies Inc. --
24 -- --
25 ------------------------------------------------------------------------------
63 -- General note: many of these routines are concerned with generating
64 -- checking code to make sure that constraint error is raised at runtime.
65 -- Clearly this code is only needed if the expander is active, since
66 -- otherwise we will not be generating code or going into the runtime
67 -- execution anyway.
69 -- We therefore disconnect most of these checks if the expander is
70 -- inactive. This has the additional benefit that we do not need to
71 -- worry about the tree being messed up by previous errors (since errors
72 -- turn off expansion anyway).
74 -- There are a few exceptions to the above rule. For instance routines
75 -- such as Apply_Scalar_Range_Check that do not insert any code can be
76 -- safely called even when the Expander is inactive (but Errors_Detected
77 -- is 0). The benefit of executing this code when expansion is off, is
78 -- the ability to emit constraint error warning for static expressions
79 -- even when we are not generating code.
81 -------------------------------------
82 -- Suppression of Redundant Checks --
83 -------------------------------------
85 -- This unit implements a limited circuit for removal of redundant
86 -- checks. The processing is based on a tracing of simple sequential
87 -- flow. For any sequence of statements, we save expressions that are
88 -- marked to be checked, and then if the same expression appears later
89 -- with the same check, then under certain circumstances, the second
90 -- check can be suppressed.
92 -- Basically, we can suppress the check if we know for certain that
93 -- the previous expression has been elaborated (together with its
94 -- check), and we know that the exception frame is the same, and that
95 -- nothing has happened to change the result of the exception.
97 -- Let us examine each of these three conditions in turn to describe
98 -- how we ensure that this condition is met.
100 -- First, we need to know for certain that the previous expression has
101 -- been executed. This is done principly by the mechanism of calling
102 -- Conditional_Statements_Begin at the start of any statement sequence
103 -- and Conditional_Statements_End at the end. The End call causes all
104 -- checks remembered since the Begin call to be discarded. This does
105 -- miss a few cases, notably the case of a nested BEGIN-END block with
106 -- no exception handlers. But the important thing is to be conservative.
107 -- The other protection is that all checks are discarded if a label
108 -- is encountered, since then the assumption of sequential execution
109 -- is violated, and we don't know enough about the flow.
111 -- Second, we need to know that the exception frame is the same. We
112 -- do this by killing all remembered checks when we enter a new frame.
113 -- Again, that's over-conservative, but generally the cases we can help
114 -- with are pretty local anyway (like the body of a loop for example).
116 -- Third, we must be sure to forget any checks which are no longer valid.
117 -- This is done by two mechanisms, first the Kill_Checks_Variable call is
118 -- used to note any changes to local variables. We only attempt to deal
119 -- with checks involving local variables, so we do not need to worry
120 -- about global variables. Second, a call to any non-global procedure
121 -- causes us to abandon all stored checks, since such a all may affect
122 -- the values of any local variables.
124 -- The following define the data structures used to deal with remembering
125 -- checks so that redundant checks can be eliminated as described above.
127 -- Right now, the only expressions that we deal with are of the form of
128 -- simple local objects (either declared locally, or IN parameters) or
129 -- such objects plus/minus a compile time known constant. We can do
130 -- more later on if it seems worthwhile, but this catches many simple
131 -- cases in practice.
133 -- The following record type reflects a single saved check. An entry
134 -- is made in the stack of saved checks if and only if the expression
135 -- has been elaborated with the indicated checks.
139 -- Set True if entry is killed by Kill_Checks
142 -- The entity involved in the expression that is checked
145 -- A compile time value indicating the result of adding or
146 -- subtracting a compile time value. This value is to be
147 -- added to the value of the Entity. A value of zero is
148 -- used for the case of a simple entity reference.
151 -- This is set to 'R' for a range check (in which case Target_Type
152 -- is set to the target type for the range check) or to 'O' for an
153 -- overflow check (in which case Target_Type is set to Empty).
156 -- Used only if Do_Range_Check is set. Records the target type for
157 -- the check. We need this, because a check is a duplicate only if
158 -- it has a the same target type (or more accurately one with a
159 -- range that is smaller or equal to the stored target type of a
160 -- saved check).
163 -- The following table keeps track of saved checks. Rather than use an
164 -- extensible table. We just use a table of fixed size, and we discard
165 -- any saved checks that do not fit. That's very unlikely to happen and
166 -- this is only an optimization in any case.
169 -- Array of saved checks
172 -- Number of saved checks
174 -- The following stack keeps track of statement ranges. It is treated
175 -- as a stack. When Conditional_Statements_Begin is called, an entry
176 -- is pushed onto this stack containing the value of Num_Saved_Checks
177 -- at the time of the call. Then when Conditional_Statements_End is
178 -- called, this value is popped off and used to reset Num_Saved_Checks.
180 -- Note: again, this is a fixed length stack with a size that should
181 -- always be fine. If the value of the stack pointer goes above the
182 -- limit, then we just forget all saved checks.
187 -----------------------
188 -- Local Subprograms --
189 -----------------------
191 procedure Apply_Float_Conversion_Check
194 -- The checks on a conversion from a floating-point type to an integer
195 -- type are delicate. They have to be performed before conversion, they
196 -- have to raise an exception when the operand is a NaN, and rounding must
197 -- be taken into account to determine the safe bounds of the operand.
199 procedure Apply_Selected_Length_Checks
204 -- This is the subprogram that does all the work for Apply_Length_Check
205 -- and Apply_Static_Length_Check. Expr, Target_Typ and Source_Typ are as
206 -- described for the above routines. The Do_Static flag indicates that
207 -- only a static check is to be done.
209 procedure Apply_Selected_Range_Checks
214 -- This is the subprogram that does all the work for Apply_Range_Check.
215 -- Expr, Target_Typ and Source_Typ are as described for the above
216 -- routine. The Do_Static flag indicates that only a static check is
217 -- to be done.
219 procedure Find_Check
227 -- This routine is used by Enable_Range_Check and Enable_Overflow_Check
228 -- to see if a check is of the form for optimization, and if so, to see
229 -- if it has already been performed. Expr is the expression to check,
230 -- and Check_Type is 'R' for a range check, 'O' for an overflow check.
231 -- Target_Type is the target type for a range check, and Empty for an
232 -- overflow check. If the entry is not of the form for optimization,
233 -- then Entry_OK is set to False, and the remaining out parameters
234 -- are undefined. If the entry is OK, then Ent/Ofs are set to the
235 -- entity and offset from the expression. Check_Num is the number of
236 -- a matching saved entry in Saved_Checks, or zero if no such entry
237 -- is located.
240 -- If a discriminal is used in constraining a prival, Return reference
241 -- to the discriminal of the protected body (which renames the parameter
242 -- of the enclosing protected operation). This clumsy transformation is
243 -- needed because privals are created too late and their actual subtypes
244 -- are not available when analysing the bodies of the protected operations.
245 -- To be cleaned up???
247 function Guard_Access
251 -- In the access type case, guard the test with a test to ensure
252 -- that the access value is non-null, since the checks do not
253 -- not apply to null access values.
256 -- Determines whether an access node requires a runtime access check and
257 -- if so inserts the appropriate run-time check
260 -- Called by Apply_{Length,Range}_Checks to rewrite the tree with the
261 -- Constraint_Error node.
263 function Selected_Length_Checks
268 -- Like Apply_Selected_Length_Checks, except it doesn't modify
269 -- anything, just returns a list of nodes as described in the spec of
270 -- this package for the Range_Check function.
272 function Selected_Range_Checks
277 -- Like Apply_Selected_Range_Checks, except it doesn't modify anything,
278 -- just returns a list of nodes as described in the spec of this package
279 -- for the Range_Check function.
281 ------------------------------
282 -- Access_Checks_Suppressed --
283 ------------------------------
286 begin
289 else
294 -------------------------------------
295 -- Accessibility_Checks_Suppressed --
296 -------------------------------------
299 begin
302 else
307 -------------------------
308 -- Append_Range_Checks --
309 -------------------------
311 procedure Append_Range_Checks
317 is
323 or else
326 begin
327 -- For now we just return if Checks_On is false, however this should
328 -- be enhanced to check for an always True value in the condition
329 -- and to generate a compilation warning???
340 then
346 else
347 Append_To
355 ------------------------
356 -- Apply_Access_Check --
357 ------------------------
362 begin
371 -- Don't need access check if prefix is known to be non-null
376 -- Don't need access checks if they are suppressed on the type
382 -- Case where P is an entity name
385 declare
388 begin
393 -- Otherwise we are going to generate an access check, and
394 -- are we have done it, the entity will now be known non null
395 -- But we have to check for safe sequential semantics here!
403 -- Access check is required
408 -------------------------------
409 -- Apply_Accessibility_Check --
410 -------------------------------
418 begin
422 -- Only apply the run-time check if the access parameter
423 -- has an associated extra access level parameter and
424 -- when the level of the type is less deep than the level
425 -- of the access parameter.
433 then
434 Param_Level :=
437 Type_Level :=
440 -- Raise Program_Error if the accessibility level of the
441 -- the access parameter is deeper than the level of the
442 -- target access type.
446 Condition =>
456 ---------------------------
457 -- Apply_Alignment_Check --
458 ---------------------------
466 -- Constant to show whether target requires alignment checks
468 begin
469 -- See if check needed. Note that we never need a check if the
470 -- maximum alignment is one, since the check will always succeed
474 or else not Alignment_Required
475 then
487 then
495 -- Here Expr is the address value. See if we know that the
496 -- value is unacceptable at compile time.
500 then
505 Error_Msg_NE
510 -- Here we do not know if the value is acceptable, generate
511 -- code to raise PE if alignment is inappropriate.
513 else
514 -- Skip generation of this code if we don't want elab code
519 Condition =>
521 Left_Opnd =>
523 Left_Opnd =>
524 Unchecked_Convert_To
527 Right_Opnd =>
539 exception
544 -------------------------------------
545 -- Apply_Arithmetic_Overflow_Check --
546 -------------------------------------
548 -- This routine is called only if the type is an integer type, and
549 -- a software arithmetic overflow check must be performed for op
550 -- (add, subtract, multiply). The check is performed only if
551 -- Software_Overflow_Checking is enabled and Do_Overflow_Check
552 -- is set. In this case we expand the operation into a more complex
553 -- sequence of tests that ensures that overflow is properly caught.
566 begin
567 -- Skip this if overflow checks are done in back end, or the overflow
568 -- flag is not set anyway, or we are not doing code expansion.
570 if Backend_Overflow_Checks_On_Target
572 or not Expander_Active
573 then
577 -- Otherwise, we generate the full general code for front end overflow
578 -- detection, which works by doing arithmetic in a larger type:
580 -- x op y
582 -- is expanded into
584 -- Typ (Checktyp (x) op Checktyp (y));
586 -- where Typ is the type of the original expression, and Checktyp is
587 -- an integer type of sufficient length to hold the largest possible
588 -- result.
590 -- In the case where check type exceeds the size of Long_Long_Integer,
591 -- we use a different approach, expanding to:
593 -- typ (xxx_With_Ovflo_Check (Integer_64 (x), Integer (y)))
595 -- where xxx is Add, Multiply or Subtract as appropriate
597 -- Find check type if one exists
605 -- No check type exists, use runtime call
607 else
614 else
631 -- If we fall through, we have the case where we do the arithmetic in
632 -- the next higher type and get the check by conversion. In these cases
633 -- Ctyp is set to the type to be used as the check type.
651 -- The type of the operation changes to the base type of the check
652 -- type, and we reset the overflow check indication, since clearly
653 -- no overflow is possible now that we are using a double length
654 -- type. We also set the Analyzed flag to avoid a recursive attempt
655 -- to expand the node.
661 -- Now build the outer conversion
667 -- In the discrete type case, we directly generate the range check
668 -- for the outer operand. This range check will implement the required
669 -- overflow check.
675 -- For other types, we enable overflow checking on the conversion,
676 -- after setting the node as analyzed to prevent recursive attempts
677 -- to expand the conversion node.
679 else
685 exception
690 ----------------------------
691 -- Apply_Array_Size_Check --
692 ----------------------------
694 -- Note: Really of course this entre check should be in the backend,
695 -- and perhaps this is not quite the right value, but it is good
696 -- enough to catch the normal cases (and the relevant ACVC tests!)
714 -- Set false if any index subtye bound is non-static
717 -- We can throw away all the Uint computations here, since they are
718 -- done only to generate boolean test results.
721 -- Size to check against
724 -- Determines if Decl is an address clause or Import/Interface pragma
725 -- that references the defining identifier of the current declaration.
727 --------------------------
728 -- Is_Address_Or_Import --
729 --------------------------
732 begin
737 return
739 and then
741 and then
746 or else
749 then
750 declare
754 begin
755 return
757 and then
759 and then
761 and then
765 else
769 else
774 -- Start of processing for Apply_Array_Size_Check
776 begin
777 if not Expander_Active
779 then
783 -- It is pointless to insert this check inside an init proc, because
784 -- that's too late, we have already built the object to be the right
785 -- size, and if it's too large, too bad!
791 -- Look head for pragma interface/import or address clause applying
792 -- to this entity. If found, we suppress the check entirely. For now
793 -- we only look ahead 20 declarations to stop this becoming too slow
794 -- Note that eventually this whole routine gets moved to gigi.
806 -- First step is to calculate the maximum number of elements. For this
807 -- calculation, we use the actual size of the subtype if it is static,
808 -- and if a bound of a subtype is non-static, we go to the bound of the
809 -- base type.
818 -- If any bound raises constraint error, we will never get this
819 -- far, so there is no need to generate any kind of check.
822 or else
824 then
829 -- Otherwise get bounds values
833 else
840 else
849 -- Compute the limit against which we want to check. For subprograms,
850 -- where the array will go on the stack, we use 8*2**24, which (in
851 -- bits) is the size of a 16 megabyte array.
855 else
859 -- If we have all static bounds and Siz is too large, then we know we
860 -- know we have a storage error right now, so generate message
871 -- Case of component size known at compile time. If the array
872 -- size is definitely in range, then we do not need a check.
876 then
881 -- Here if a dynamic check is required
883 -- What we do is to build an expression for the size of the array,
884 -- which is computed as the 'Size of the array component, times
885 -- the size of each dimension.
889 Sizx :=
901 Sizx :=
904 Right_Opnd =>
913 Code :=
915 Condition =>
918 Right_Opnd =>
926 ----------------------------
927 -- Apply_Constraint_Check --
928 ----------------------------
930 procedure Apply_Constraint_Check
934 is
937 begin
946 -- A useful optimization: an aggregate with only an Others clause
947 -- always has the right bounds.
951 and then Nkind
953 = N_Others_Choice
954 then
964 else
972 then
979 -- No checks necessary if expression statically null
984 -- No sliding possible on access to arrays
995 then
1001 then
1007 ------------------------------
1008 -- Apply_Discriminant_Check --
1009 ------------------------------
1011 procedure Apply_Discriminant_Check
1015 is
1023 -- It is possible for an aliased component to have a nominal
1024 -- unconstrained subtype (through instantiation). If this is a
1025 -- discriminated component assigned in the expansion of an aggregate
1026 -- in an initialization, the check must be suppressed. This unusual
1027 -- situation requires a predicate of its own (see 7503-008).
1029 ----------------------------------------
1030 -- Is_Aliased_Unconstrained_Component --
1031 ----------------------------------------
1037 begin
1040 else
1047 then
1052 and then In_Instance
1056 -- Start of processing for Apply_Discriminant_Check
1058 begin
1061 else
1065 -- Nothing to do if discriminant checks are suppressed or else no code
1066 -- is to be generated
1068 if not Expander_Active
1070 then
1074 -- No discriminant checks necessary for access when expression
1075 -- is statically Null. This is not only an optimization, this is
1076 -- fundamental because otherwise discriminant checks may be generated
1077 -- in init procs for types containing an access to a non-frozen yet
1078 -- record, causing a deadly forward reference.
1080 -- Also, if the expression is of an access type whose designated
1081 -- type is incomplete, then the access value must be null and
1082 -- we suppress the check.
1095 -- If an assignment target is present, then we need to generate
1096 -- the actual subtype if the target is a parameter or aliased
1097 -- object with an unconstrained nominal subtype.
1104 then
1108 -- Nothing to do if the type is unconstrained (this is the case
1109 -- where the actual subtype in the RM sense of N is unconstrained
1110 -- and no check is required).
1116 -- Suppress checks if the subtypes are the same.
1117 -- the check must be preserved in an assignment to a formal, because
1118 -- the constraint is given by the actual.
1124 then
1128 then
1132 -- We can also eliminate checks on allocators with a subtype mark
1133 -- that coincides with the context type. The context type may be a
1134 -- subtype without a constraint (common case, a generic actual).
1138 then
1139 declare
1143 begin
1150 then
1156 -- See if we have a case where the types are both constrained, and
1157 -- all the constraints are constants. In this case, we can do the
1158 -- check successfully at compile time.
1160 -- We skip this check for the case where the node is a rewritten`
1161 -- allocator, because it already carries the context subtype, and
1162 -- extracting the discriminants from the aggregate is messy.
1166 then
1167 declare
1174 begin
1175 -- S_Typ may not have discriminants in the case where it is a
1176 -- private type completed by a default discriminated type. In
1177 -- that case, we need to get the constraints from the
1178 -- underlying_type. If the underlying type is unconstrained (i.e.
1179 -- has no default discriminants) no check is needed.
1185 else
1187 DconS :=
1188 First_Elmt
1195 -- A further optimization: if T_Typ is derived from S_Typ
1196 -- without imposing a constraint, no check is needed.
1199 N_Full_Type_Declaration
1200 then
1201 declare
1203 Type_Definition
1205 begin
1209 then
1222 exit when
1224 or else
1230 else
1231 Apply_Compile_Time_Constraint_Error
1249 -- Here we need a discriminant check. First build the expression
1250 -- for the comparisons of the discriminants:
1252 -- (n.disc1 /= typ.disc1) or else
1253 -- (n.disc2 /= typ.disc2) or else
1254 -- ...
1255 -- (n.discn /= typ.discn)
1259 -- If Lhs is set and is a parameter, then the condition is
1260 -- guarded by: lhs'constrained and then (condition built above)
1263 Cond :=
1265 Left_Opnd =>
1282 ------------------------
1283 -- Apply_Divide_Check --
1284 ------------------------
1300 begin
1301 if Expander_Active
1302 and not Backend_Divide_Checks_On_Target
1303 then
1306 -- See if division by zero possible, and if so generate test. This
1307 -- part of the test is not controlled by the -gnato switch.
1314 Condition =>
1322 -- Test for extremely annoying case of xxx'First divided by -1
1328 then
1333 and then
1335 then
1338 Condition =>
1342 Left_Opnd =>
1347 Left_Opnd =>
1349 Right_Opnd =>
1358 ----------------------------------
1359 -- Apply_Float_Conversion_Check --
1360 ----------------------------------
1362 -- Let F and I be the source and target types of the conversion.
1363 -- The Ada standard specifies that a floating-point value X is rounded
1364 -- to the nearest integer, with halfway cases being rounded away from
1365 -- zero. The rounded value of X is checked against I'Range.
1367 -- The catch in the above paragraph is that there is no good way
1368 -- to know whether the round-to-integer operation resulted in
1369 -- overflow. A remedy is to perform a range check in the floating-point
1370 -- domain instead, however:
1371 -- (1) The bounds may not be known at compile time
1372 -- (2) The check must take into account possible rounding.
1373 -- (3) The range of type I may not be exactly representable in F.
1374 -- (4) The end-points I'First - 0.5 and I'Last + 0.5 may or may
1375 -- not be in range, depending on the sign of I'First and I'Last.
1376 -- (5) X may be a NaN, which will fail any comparison
1378 -- The following steps take care of these issues converting X:
1379 -- (1) If either I'First or I'Last is not known at compile time, use
1380 -- I'Base instead of I in the next three steps and perform a
1381 -- regular range check against I'Range after conversion.
1382 -- (2) If I'First - 0.5 is representable in F then let Lo be that
1383 -- value and define Lo_OK as (I'First > 0). Otherwise, let Lo be
1384 -- F'Machine (T) and let Lo_OK be (Lo >= I'First). In other words,
1385 -- take one of the closest floating-point numbers to T, and see if
1386 -- it is in range or not.
1387 -- (3) If I'Last + 0.5 is representable in F then let Hi be that value
1388 -- and define Hi_OK as (I'Last < 0). Otherwise, let Hi be
1389 -- F'Rounding (T) and let Hi_OK be (Hi <= I'Last).
1390 -- (4) Raise CE when (Lo_OK and X < Lo) or (not Lo_OK and X <= Lo)
1391 -- or (Hi_OK and X > Hi) or (not Hi_OK and X >= Hi)
1393 procedure Apply_Float_Conversion_Check
1396 is
1406 -- Largest bound, so bound plus or minus half is a machine number of F
1408 Ifirst,
1411 Lo_OK,
1414 Lo_Chk,
1419 begin
1422 then
1423 declare
1424 -- First check that the value falls in the range of the base
1425 -- type, to prevent overflow during conversion and then
1426 -- perform a regular range check against the (dynamic) bounds.
1437 begin
1450 Condition =>
1461 -- Get the bounds of the target type
1466 -- Check against lower bound
1471 else
1478 -- Lo_Chk := (X >= Lo)
1484 else
1485 -- Lo_Chk := (X > Lo)
1492 -- Check against higher bound
1497 else
1504 -- Hi_Chk := (X <= Hi)
1510 else
1511 -- Hi_Chk := (X < Hi)
1518 -- If the bounds of the target type are the same as those of the
1519 -- base type, the check is an overflow check as a range check is
1520 -- not performed in these cases.
1524 then
1526 else
1530 -- Raise CE if either conditions does not hold
1538 ------------------------
1539 -- Apply_Length_Check --
1540 ------------------------
1542 procedure Apply_Length_Check
1546 is
1547 begin
1548 Apply_Selected_Length_Checks
1552 -----------------------
1553 -- Apply_Range_Check --
1554 -----------------------
1556 procedure Apply_Range_Check
1560 is
1561 begin
1562 Apply_Selected_Range_Checks
1566 ------------------------------
1567 -- Apply_Scalar_Range_Check --
1568 ------------------------------
1570 -- Note that Apply_Scalar_Range_Check never turns the Do_Range_Check
1571 -- flag off if it is already set on.
1573 procedure Apply_Scalar_Range_Check
1578 is
1586 -- Set true if Expr is a subscript
1589 -- Set true if Expr is a subscript of an unconstrained array. In this
1590 -- case we do not attempt to do an analysis of the value against the
1591 -- range of the subscript, since we don't know the actual subtype.
1594 -- Set to True if Expr should be regarded as a real value
1595 -- even though the type of Expr might be discrete.
1598 -- Procedure called if value is determined to be out of range
1600 ---------------
1601 -- Bad_Value --
1602 ---------------
1605 begin
1606 Apply_Compile_Time_Constraint_Error
1612 -- Start of processing for Apply_Scalar_Range_Check
1614 begin
1618 -- Return if check obviously not needed. Note that we do not check
1619 -- for the expander being inactive, since this routine does not
1620 -- insert any code, but it does generate useful warnings sometimes,
1621 -- which we would like even if we are in semantics only mode.
1626 then
1630 -- Now, see if checks are suppressed
1632 Is_Subscr_Ref :=
1642 -- Subscript reference. Check for Index_Checks suppressed
1646 -- Check array type and its base type
1650 then
1653 -- Check array itself if it is an entity name
1657 then
1660 -- Check expression itself if it is an entity name
1664 then
1668 -- All other cases, check for Range_Checks suppressed
1670 else
1671 -- Check target type and its base type
1675 then
1678 -- Check expression itself if it is an entity name
1682 then
1685 -- If Expr is part of an assignment statement, then check
1686 -- left side of assignment if it is an entity name.
1691 then
1697 -- Do not set range checks if they are killed
1701 then
1705 -- Do not set range checks for any values from System.Scalar_Values
1706 -- since the whole idea of such values is to avoid checking them!
1710 then
1714 -- Now see if we need a check
1718 else
1726 Is_Unconstrained_Subscr_Ref :=
1729 -- Always do a range check if the source type includes infinities
1730 -- and the target type does not include infinities. We do not do
1731 -- this if range checks are killed.
1736 then
1740 -- Return if we know expression is definitely in the range of
1741 -- the target type as determined by Determine_Range. Right now
1742 -- we only do this for discrete types, and not fixed-point or
1743 -- floating-point types.
1745 -- The additional less-precise tests below catch these cases.
1747 -- Note: skip this if we are given a source_typ, since the point
1748 -- of supplying a Source_Typ is to stop us looking at the expression.
1749 -- could sharpen this test to be out parameters only ???
1753 and then not Is_Unconstrained_Subscr_Ref
1755 then
1756 declare
1762 begin
1765 then
1766 declare
1770 begin
1771 -- If range is null, we for sure have a constraint error
1772 -- (we don't even need to look at the value involved,
1773 -- since all possible values will raise CE).
1776 Bad_Value;
1780 -- Otherwise determine range of value
1786 -- If definitely in range, all OK
1791 -- If definitely not in range, warn
1794 Bad_Value;
1797 -- Otherwise we don't know
1799 else
1808 Int_Real :=
1812 -- Check if we can determine at compile time whether Expr is in the
1813 -- range of the target type. Note that if S_Typ is within the bounds
1814 -- of Target_Typ then this must be the case. This check is meaningful
1815 -- only if this is not a conversion between integer and real types.
1817 if not Is_Unconstrained_Subscr_Ref
1818 and then
1820 and then
1822 or else
1824 then
1828 Bad_Value;
1831 -- In the floating-point case, we only do range checks if the
1832 -- type is constrained. We definitely do NOT want range checks
1833 -- for unconstrained types, since we want to have infinities
1840 -- For all other cases we enable a range check unconditionally
1842 else
1848 ----------------------------------
1849 -- Apply_Selected_Length_Checks --
1850 ----------------------------------
1852 procedure Apply_Selected_Length_Checks
1857 is
1865 or else
1868 begin
1873 R_Result :=
1880 -- A length check may mention an Itype which is attached to a
1881 -- subsequent node. At the top level in a package this can cause
1882 -- an order-of-elaboration problem, so we make sure that the itype
1883 -- is referenced now.
1887 then
1898 -- If the item is a conditional raise of constraint error,
1899 -- then have a look at what check is being performed and
1900 -- ???
1904 then
1908 and then Checks_On
1909 then
1917 -- Output a warning if the condition is known to be True
1921 then
1922 Apply_Compile_Time_Constraint_Error
1924 CE_Length_Check_Failed,
1928 -- If we were only doing a static check, or if checks are not
1929 -- on, then we want to delete the check, since it is not needed.
1930 -- We do this by replacing the if statement by a null statement
1936 else
1944 ---------------------------------
1945 -- Apply_Selected_Range_Checks --
1946 ---------------------------------
1948 procedure Apply_Selected_Range_Checks
1953 is
1961 or else
1964 begin
1969 R_Result :=
1977 -- If the item is a conditional raise of constraint error,
1978 -- then have a look at what check is being performed and
1979 -- ???
1983 then
1994 -- Output a warning if the condition is known to be True
1998 then
1999 -- Since an N_Range is technically not an expression, we
2000 -- have to set one of the bounds to C_E and then just flag
2001 -- the N_Range. The warning message will point to the
2002 -- lower bound and complain about a range, which seems OK.
2005 Apply_Compile_Time_Constraint_Error
2007 CE_Range_Check_Failed,
2013 else
2014 Apply_Compile_Time_Constraint_Error
2016 CE_Range_Check_Failed,
2021 -- If we were only doing a static check, or if checks are not
2022 -- on, then we want to delete the check, since it is not needed.
2023 -- We do this by replacing the if statement by a null statement
2029 else
2035 -------------------------------
2036 -- Apply_Static_Length_Check --
2037 -------------------------------
2039 procedure Apply_Static_Length_Check
2043 is
2044 begin
2045 Apply_Selected_Length_Checks
2049 -------------------------------------
2050 -- Apply_Subscript_Validity_Checks --
2051 -------------------------------------
2056 begin
2059 -- Loop through subscripts
2064 -- Check one subscript. Note that we do not worry about
2065 -- enumeration type with holes, since we will convert the
2066 -- value to a Pos value for the subscript, and that convert
2067 -- will do the necessary validity check.
2071 -- Move to next subscript
2077 ----------------------------------
2078 -- Apply_Type_Conversion_Checks --
2079 ----------------------------------
2087 begin
2091 -- Skip these checks if serious errors detected, there are some nasty
2092 -- situations of incomplete trees that blow things up.
2097 -- Scalar type conversions of the form Target_Type (Expr) require
2098 -- a range check if we cannot be sure that Expr is in the base type
2099 -- of Target_Typ and also that Expr is in the range of Target_Typ.
2100 -- These are not quite the same condition from an implementation
2101 -- point of view, but clearly the second includes the first.
2104 declare
2106 -- If the Conversion_OK flag on the type conversion is set
2107 -- and no floating point type is involved in the type conversion
2108 -- then fixed point values must be read as integral values.
2114 begin
2117 and then not Float_To_Int
2118 then
2124 then
2127 else
2128 Apply_Scalar_Range_Check
2140 then
2141 -- An unconstrained derived type may have inherited discriminant
2142 -- Build an actual discriminant constraint list using the stored
2143 -- constraint, to verify that the expression of the parent type
2144 -- satisfies the constraints imposed by the (unconstrained!)
2145 -- derived type. This applies to value conversions, not to view
2146 -- conversions of tagged types.
2148 declare
2159 begin
2167 then
2172 then
2173 -- Parent is constrained by new discriminant. Obtain
2174 -- Value of original discriminant in expression. If
2175 -- the new discriminant has been used to constrain more
2176 -- than one of the stored discriminants, this will
2177 -- provide the required consistency check.
2179 Append_Elmt (
2181 Prefix =>
2182 Duplicate_Subexpr_No_Checks
2184 Selector_Name =>
2186 New_Constraints);
2188 else
2189 -- Discriminant of more remote ancestor ???
2194 -- Derived type definition has an explicit value for
2195 -- this stored discriminant.
2197 else
2198 Append_Elmt
2200 New_Constraints);
2206 -- Use the unconstrained expression type to retrieve the
2207 -- discriminants of the parent, and apply momentarily the
2208 -- discriminant constraint synthesized above.
2220 -- For arrays, conversions are applied during expansion, to take
2221 -- into accounts changes of representation. The checks become range
2222 -- checks on the base type or length checks on the subtype, depending
2223 -- on whether the target type is unconstrained or constrained.
2225 else
2230 ----------------------------------------------
2231 -- Apply_Universal_Integer_Attribute_Checks --
2232 ----------------------------------------------
2238 begin
2242 -- Nothing to do if checks are suppressed
2246 then
2249 -- Nothing to do if the attribute does not come from source. The
2250 -- internal attributes we generate of this type do not need checks,
2251 -- and furthermore the attempt to check them causes some circular
2252 -- elaboration orders when dealing with packed types.
2257 -- If the prefix is a selected component that depends on a discriminant
2258 -- the check may improperly expose a discriminant instead of using
2259 -- the bounds of the object itself. Set the type of the attribute to
2260 -- the base type of the context, so that a check will be imposed when
2261 -- needed (e.g. if the node appears as an index).
2266 then
2269 -- Otherwise, replace the attribute node with a type conversion
2270 -- node whose expression is the attribute, retyped to universal
2271 -- integer, and whose subtype mark is the target type. The call
2272 -- to analyze this conversion will set range and overflow checks
2273 -- as required for proper detection of an out of range value.
2275 else
2290 -------------------------------
2291 -- Build_Discriminant_Checks --
2292 -------------------------------
2294 function Build_Discriminant_Checks
2297 is
2305 begin
2309 -- For a fully private type, use the discriminants of the parent type
2313 then
2315 else
2324 then
2326 else
2330 Dref :=
2332 Prefix =>
2334 Selector_Name =>
2351 -----------------------------------
2352 -- Check_Valid_Lvalue_Subscripts --
2353 -----------------------------------
2356 begin
2357 -- Skip this if range checks are suppressed
2362 -- Only do this check for expressions that come from source. We
2363 -- assume that expander generated assignments explicitly include
2364 -- any necessary checks. Note that this is not just an optimization,
2365 -- it avoids infinite recursions!
2370 -- For a selected component, check the prefix
2376 -- Case of indexed component
2381 -- Prefix may itself be or contain an indexed component, and
2382 -- these subscripts need checking as well
2388 ----------------------------------
2389 -- Null_Exclusion_Static_Checks --
2390 ----------------------------------
2400 -- Used by local subprograms to generate precise error messages
2402 procedure Check_Must_Be_Access
2405 -- ??? local subprograms must have comment on spec
2407 procedure Check_Already_Null_Excluding_Type
2411 -- ??? local subprograms must have comment on spec
2413 procedure Check_Must_Be_Initialized
2416 -- ??? local subprograms must have comment on spec
2419 -- ??? local subprograms must have comment on spec
2421 -- ??? following bodies lack comments
2423 --------------------------
2424 -- Check_Must_Be_Access --
2425 --------------------------
2427 procedure Check_Must_Be_Access
2430 is
2431 begin
2432 if Has_Null_Exclusion
2434 then
2439 ---------------------------------------
2440 -- Check_Already_Null_Excluding_Type --
2441 ---------------------------------------
2443 procedure Check_Already_Null_Excluding_Type
2447 is
2448 begin
2449 if Has_Null_Exclusion
2451 then
2452 Error_Msg_N
2457 -------------------------------
2458 -- Check_Must_Be_Initialized --
2459 -------------------------------
2461 procedure Check_Must_Be_Initialized
2464 is
2467 begin
2474 Error_Msg_N
2476 Related_Nod);
2479 Error_Msg_N
2481 Related_Nod);
2484 Error_Msg_N
2486 Related_Nod);
2491 ----------------------------
2492 -- Check_Null_Not_Allowed --
2493 ----------------------------
2498 begin
2501 then
2504 Error_Msg_N
2506 Expr);
2509 Error_Msg_N
2511 Expr);
2514 Error_Msg_N
2516 Expr);
2521 -- Start of processing for Null_Exclusion_Static_Checks
2523 begin
2535 Has_Null_Exclusion := Null_Exclusion_Present
2540 Check_Already_Null_Excluding_Type
2553 Check_Already_Null_Excluding_Type
2563 Check_Already_Null_Excluding_Type
2576 Check_Already_Null_Excluding_Type
2589 else
2594 Check_Already_Null_Excluding_Type
2603 ----------------------------------
2604 -- Conditional_Statements_Begin --
2605 ----------------------------------
2608 begin
2611 -- If stack overflows, kill all checks, that way we know to
2612 -- simply reset the number of saved checks to zero on return.
2613 -- This should never occur in practice.
2616 Kill_All_Checks;
2618 -- In the normal case, we just make a new stack entry saving
2619 -- the current number of saved checks for a later restore.
2621 else
2626 Num_Saved_Checks);
2631 --------------------------------
2632 -- Conditional_Statements_End --
2633 --------------------------------
2636 begin
2639 -- If the saved checks stack overflowed, then we killed all
2640 -- checks, so setting the number of saved checks back to
2641 -- zero is correct. This should never occur in practice.
2646 -- In the normal case, restore the number of saved checks
2647 -- from the top stack entry.
2649 else
2653 Num_Saved_Checks);
2660 ---------------------
2661 -- Determine_Range --
2662 ---------------------
2666 -- Determine size of below cache (power of 2 is more efficient!)
2671 -- The above arrays are used to implement a small direct cache
2672 -- for Determine_Range calls. Because of the way Determine_Range
2673 -- recursively traces subexpressions, and because overflow checking
2674 -- calls the routine on the way up the tree, a quadratic behavior
2675 -- can otherwise be encountered in large expressions. The cache
2676 -- entry for node N is stored in the (N mod Cache_Size) entry, and
2677 -- can be validated by checking the actual node value stored there.
2679 procedure Determine_Range
2684 is
2689 -- Lo and Hi bounds of left operand
2693 -- Lo and Hi bounds of right (or only) operand
2696 -- Temp variable used to hold a bound node
2699 -- High bound of base type of expression
2703 -- Refined values for low and high bounds, after tightening
2706 -- Used in lower level calls to indicate if call succeeded
2709 -- Used to search cache
2712 -- Used for binary operators. Determines the ranges of the left and
2713 -- right operands, and if they are both OK, returns True, and puts
2714 -- the results in Lo_Right, Hi_Right, Lo_Left, Hi_Left
2716 -----------------
2717 -- OK_Operands --
2718 -----------------
2721 begin
2732 -- Start of processing for Determine_Range
2734 begin
2735 -- Prevent junk warnings by initializing range variables
2742 -- If the type is not discrete, or is undefined, then we can't
2743 -- do anything about determining the range.
2747 then
2752 -- For all other cases, we can determine the range
2756 -- If value is compile time known, then the possible range is the
2757 -- one value that we know this expression definitely has!
2765 -- Return if already in the cache
2775 -- Otherwise, start by finding the bounds of the type of the
2776 -- expression, the value cannot be outside this range (if it
2777 -- is, then we have an overflow situation, which is a separate
2778 -- check, we are talking here only about the expression value).
2780 -- We use the actual bound unless it is dynamic, in which case
2781 -- use the corresponding base type bound if possible. If we can't
2782 -- get a bound then we figure we can't determine the range (a
2783 -- peculiar case, that perhaps cannot happen, but there is no
2784 -- point in bombing in this optimization circuit.
2786 -- First the low bound
2796 else
2801 -- Now the high bound
2805 -- We need the high bound of the base type later on, and this should
2806 -- always be compile time known. Again, it is not clear that this
2807 -- can ever be false, but no point in bombing.
2813 else
2818 -- If we have a static subtype, then that may have a tighter bound
2819 -- so use the upper bound of the subtype instead in this case.
2825 -- We may be able to refine this value in certain situations. If
2826 -- refinement is possible, then Lor and Hir are set to possibly
2827 -- tighter bounds, and OK1 is set to True.
2831 -- For unary plus, result is limited by range of operand
2836 -- For unary minus, determine range of operand, and negate it
2846 -- For binary addition, get range of each operand and do the
2847 -- addition to get the result range.
2855 -- Division is tricky. The only case we consider is where the
2856 -- right operand is a positive constant, and in this case we
2857 -- simply divide the bounds of the left operand
2863 then
2867 else
2872 -- For binary subtraction, get range of each operand and do
2873 -- the worst case subtraction to get the result range.
2881 -- For MOD, if right operand is a positive constant, then
2882 -- result must be in the allowable range of mod results.
2888 then
2898 else
2903 -- For REM, if right operand is a positive constant, then
2904 -- result must be in the allowable range of mod results.
2910 then
2911 declare
2914 begin
2915 -- The sign of the result depends on the sign of the
2916 -- dividend (but not on the sign of the divisor, hence
2917 -- the abs operation above).
2921 else
2927 else
2932 else
2937 -- Attribute reference cases
2942 -- For Pos/Val attributes, we can refine the range using the
2943 -- possible range of values of the attribute expression
2948 -- For Length attribute, use the bounds of the corresponding
2949 -- index type to refine the range.
2952 declare
2960 begin
2965 -- For string literal, we know exact value
2974 -- Otherwise check for expression given
2978 else
2979 Inum :=
2988 Determine_Range
2992 Determine_Range
2997 -- The maximum value for Length is the biggest
2998 -- possible gap between the values of the bounds.
2999 -- But of course, this value cannot be negative.
3003 -- For constrained arrays, the minimum value for
3004 -- Length is taken from the actual value of the
3005 -- bounds, since the index will be exactly of
3006 -- this subtype.
3011 -- For an unconstrained array, the minimum value
3012 -- for length is always zero.
3014 else
3021 -- No special handling for other attributes
3022 -- Probably more opportunities exist here ???
3029 -- For type conversion from one discrete type to another, we
3030 -- can refine the range using the converted value.
3035 -- Nothing special to do for all other expression kinds
3043 -- At this stage, if OK1 is true, then we know that the actual
3044 -- result of the computed expression is in the range Lor .. Hir.
3045 -- We can use this to restrict the possible range of results.
3049 -- If the refined value of the low bound is greater than the
3050 -- type high bound, then reset it to the more restrictive
3051 -- value. However, we do NOT do this for the case of a modular
3052 -- type where the possible upper bound on the value is above the
3053 -- base type high bound, because that means the result could wrap.
3058 then
3062 -- Similarly, if the refined value of the high bound is less
3063 -- than the value so far, then reset it to the more restrictive
3064 -- value. Again, we do not do this if the refined low bound is
3065 -- negative for a modular type, since this would wrap.
3070 then
3075 -- Set cache entry for future call and we are all done
3082 -- If any exception occurs, it means that we have some bug in the compiler
3083 -- possibly triggered by a previous error, or by some unforseen peculiar
3084 -- occurrence. However, this is only an optimization attempt, so there is
3085 -- really no point in crashing the compiler. Instead we just decide, too
3086 -- bad, we can't figure out a range in this case after all.
3088 exception
3091 -- Debug flag K disables this behavior (useful for debugging)
3095 else
3103 ------------------------------------
3104 -- Discriminant_Checks_Suppressed --
3105 ------------------------------------
3108 begin
3120 --------------------------------
3121 -- Division_Checks_Suppressed --
3122 --------------------------------
3125 begin
3128 else
3133 -----------------------------------
3134 -- Elaboration_Checks_Suppressed --
3135 -----------------------------------
3138 begin
3150 ---------------------------
3151 -- Enable_Overflow_Check --
3152 ---------------------------
3163 begin
3171 -- Nothing to do if the range of the result is known OK. We skip
3172 -- this for conversions, since the caller already did the check,
3173 -- and in any case the condition for deleting the check for a
3174 -- type conversion is different in any case.
3179 -- Note in the test below that we assume that if a bound of the
3180 -- range is equal to that of the type. That's not quite accurate
3181 -- but we do this for the following reasons:
3183 -- a) The way that Determine_Range works, it will typically report
3184 -- the bounds of the value as being equal to the bounds of the
3185 -- type, because it either can't tell anything more precise, or
3186 -- does not think it is worth the effort to be more precise.
3188 -- b) It is very unusual to have a situation in which this would
3189 -- generate an unnecessary overflow check (an example would be
3190 -- a subtype with a range 0 .. Integer'Last - 1 to which the
3191 -- literal value one is added.
3193 -- c) The alternative is a lot of special casing in this routine
3194 -- which would partially duplicate Determine_Range processing.
3196 if OK
3199 then
3208 -- If not in optimizing mode, set flag and we are done. We are also
3209 -- done (and just set the flag) if the type is not a discrete type,
3210 -- since it is not worth the effort to eliminate checks for other
3211 -- than discrete types. In addition, we take this same path if we
3212 -- have stored the maximum number of checks possible already (a
3213 -- very unlikely situation, but we do not want to blow up!)
3218 then
3228 -- Otherwise evaluate and check the expression
3230 Find_Check
3251 -- If check is not of form to optimize, then set flag and we are done
3258 -- If check is already performed, then return without setting flag
3268 -- Here we will make a new entry for the new check
3288 -- If we get an exception, then something went wrong, probably because
3289 -- of an error in the structure of the tree due to an incorrect program.
3290 -- Or it may be a bug in the optimization circuit. In either case the
3291 -- safest thing is simply to set the check flag unconditionally.
3293 exception
3304 ------------------------
3305 -- Enable_Range_Check --
3306 ------------------------
3316 begin
3317 -- Return if unchecked type conversion with range check killed.
3318 -- In this case we never set the flag (that's what Kill_Range_Check
3319 -- is all about!)
3323 then
3327 -- Debug trace output
3336 -- If not in optimizing mode, set flag and we are done. We are also
3337 -- done (and just set the flag) if the type is not a discrete type,
3338 -- since it is not worth the effort to eliminate checks for other
3339 -- than discrete types. In addition, we take this same path if we
3340 -- have stored the maximum number of checks possible already (a
3341 -- very unlikely situation, but we do not want to blow up!)
3347 then
3357 -- Otherwise find out the target type
3361 -- For assignment, use left side subtype
3365 then
3368 -- For indexed component, use subscript subtype
3371 declare
3376 begin
3382 -- If the prefix is an access to an unconstrained array,
3383 -- perform check unconditionally: it depends on the bounds
3384 -- of an object and we cannot currently recognize whether
3385 -- the test may be redundant.
3395 loop
3406 -- For now, ignore all other cases, they are not so interesting
3408 else
3417 -- Evaluate and check the expression
3419 Find_Check
3441 -- If check is not of form to optimize, then set flag and we are done
3452 -- If check is already performed, then return without setting flag
3462 -- Here we will make a new entry for the new check
3483 -- If we get an exception, then something went wrong, probably because
3484 -- of an error in the structure of the tree due to an incorrect program.
3485 -- Or it may be a bug in the optimization circuit. In either case the
3486 -- safest thing is simply to set the check flag unconditionally.
3488 exception
3499 ------------------
3500 -- Ensure_Valid --
3501 ------------------
3506 begin
3507 -- Ignore call if we are not doing any validity checking
3512 -- Ignore call if range checks suppressed on entity in question
3516 then
3519 -- No check required if expression is from the expander, we assume
3520 -- the expander will generate whatever checks are needed. Note that
3521 -- this is not just an optimization, it avoids infinite recursions!
3523 -- Unchecked conversions must be checked, unless they are initialized
3524 -- scalar values, as in a component assignment in an init proc.
3526 -- In addition, we force a check if Force_Validity_Checks is set
3529 and then not Force_Validity_Checks
3532 then
3535 -- No check required if expression is known to have valid value
3540 -- No check required if checks off
3545 -- Ignore case of enumeration with holes where the flag is set not
3546 -- to worry about holes, since no special validity check is needed
3550 and then Holes_OK
3551 then
3554 -- No check required on the left-hand side of an assignment.
3558 then
3561 -- An annoying special case. If this is an out parameter of a scalar
3562 -- type, then the value is not going to be accessed, therefore it is
3563 -- inappropriate to do any validity check at the call site.
3565 else
3566 -- Only need to worry about scalar types
3569 declare
3577 begin
3578 -- Find actual argument (which may be a parameter association)
3579 -- and the parent of the actual argument (the call statement)
3589 -- Only need to worry if we are argument of a procedure
3590 -- call since functions don't have out parameters. If this
3591 -- is an indirect or dispatching call, get signature from
3592 -- the subprogram type.
3599 else
3604 -- Only need to worry if there are indeed actuals, and
3605 -- if this could be a procedure call, otherwise we cannot
3606 -- get a match (either we are not an argument, or the
3607 -- mode of the formal is not OUT). This test also filters
3608 -- out the generic case.
3612 then
3613 -- This is the loop through parameters, looking to
3614 -- see if there is an OUT parameter for which we are
3615 -- the argument.
3634 -- If we fall through, a validity check is required. Note that it would
3635 -- not be good to set Do_Range_Check, even in contexts where this is
3636 -- permissible, since this flag causes checking against the target type,
3637 -- not the source type in contexts such as assignments
3642 ----------------------
3643 -- Expr_Known_Valid --
3644 ----------------------
3649 begin
3650 -- Non-scalar types are always consdered valid, since they never
3651 -- give rise to the issues of erroneous or bounded error behavior
3652 -- that are the concern. In formal reference manual terms the
3653 -- notion of validity only applies to scalar types.
3658 -- If no validity checking, then everything is considered valid
3663 -- Floating-point types are considered valid unless floating-point
3664 -- validity checks have been specifically turned on.
3667 and then not Validity_Check_Floating_Point
3668 then
3671 -- If the expression is the value of an object that is known to
3672 -- be valid, then clearly the expression value itself is valid.
3676 then
3679 -- If the type is one for which all values are known valid, then
3680 -- we are sure that the value is valid except in the slightly odd
3681 -- case where the expression is a reference to a variable whose size
3682 -- has been explicitly set to a value greater than the object size.
3688 then
3690 else
3694 -- Integer and character literals always have valid values, where
3695 -- appropriate these will be range checked in any case.
3698 or else
3700 then
3703 -- If we have a type conversion or a qualification of a known valid
3704 -- value, then the result will always be valid.
3707 or else
3709 then
3712 -- The result of any function call or operator is always considered
3713 -- valid, since we assume the necessary checks are done by the call.
3716 or else
3718 or else
3720 then
3723 -- For all other cases, we do not know the expression is valid
3725 else
3730 ----------------
3731 -- Find_Check --
3732 ----------------
3734 procedure Find_Check
3742 is
3743 function Within_Range_Of
3746 -- Given a requirement for checking a range against Target_Type, and
3747 -- and a range Check_Type against which a check has already been made,
3748 -- determines if the check against check type is sufficient to ensure
3749 -- that no check against Target_Type is required.
3751 ---------------------
3752 -- Within_Range_Of --
3753 ---------------------
3755 function Within_Range_Of
3758 is
3759 begin
3763 else
3764 declare
3770 begin
3773 and then
3775 and then
3777 and then
3780 and then
3782 and then
3784 then
3786 else
3793 -- Start of processing for Find_Check
3795 begin
3796 -- Establish default, to avoid warnings from GCC.
3800 -- Case of expression is simple entity reference
3806 -- Case of expression is entity + known constant
3811 then
3815 -- Case of expression is entity - known constant
3820 then
3824 -- Any other expression is not of the right form
3826 else
3833 -- Come here with expression of appropriate form, check if
3834 -- entity is an appropriate one for our purposes.
3837 or else
3839 or else
3841 or else
3844 then
3846 else
3851 -- See if there is matching check already
3854 declare
3857 begin
3863 then
3870 -- If we fall through entry was not found
3876 ---------------------------------
3877 -- Generate_Discriminant_Check --
3878 ---------------------------------
3880 -- Note: the code for this procedure is derived from the
3881 -- emit_discriminant_check routine a-trans.c v1.659.
3890 -- The original component to be checked
3894 -- The discriminant checking function
3897 -- One discriminant to be checked in the type
3900 -- Actual discriminant in the call
3903 -- Type of relevant prefix (ignoring private/access stuff)
3906 -- List of arguments for function call
3909 -- Keep track of the formal corresponding to the actual we build
3910 -- for each discriminant, in order to be able to perform the
3911 -- necessary type conversions.
3914 -- Selected component reference for checking function argument
3916 begin
3919 -- Force evaluation of the prefix, so that it does not get evaluated
3920 -- twice (once for the check, once for the actual reference). Such a
3921 -- double evaluation is always a potential source of inefficiency,
3922 -- and is functionally incorrect in the volatile case, or when the
3923 -- prefix may have side-effects. An entity or a component of an
3924 -- entity requires no evaluation.
3936 then
3939 else
3943 -- For a tagged type, use the scope of the original component to
3944 -- obtain the type, because ???
3949 -- For an untagged derived type, use the discriminants of the
3950 -- parent which have been renamed in the derivation, possibly
3951 -- by a one-to-many discriminant constraint.
3952 -- For non-tagged type, initially get the Etype of the prefix
3954 else
3958 then
3963 -- We definitely should have a checking function, This routine should
3964 -- not be called if no discriminant checking function is present.
3968 -- Create the list of the actual parameters for the call. This list
3969 -- is the list of the discriminant fields of the record expression to
3970 -- be discriminant checked.
3977 -- If we have a corresponding discriminant field, and a parent
3978 -- subtype is present, then we want to use the corresponding
3979 -- discriminant since this is the one with the useful value.
3984 then
3986 else
3990 -- Construct the reference to the discriminant
3992 Scomp :=
3994 Prefix =>
3999 -- Manually analyze and resolve this selected component. We really
4000 -- want it just as it appears above, and do not want the expander
4001 -- playing discriminal games etc with this reference. Then we
4002 -- append the argument to the list we are gathering.
4012 -- Now build and insert the call
4016 Condition =>
4023 ----------------------------
4024 -- Generate_Index_Checks --
4025 ----------------------------
4034 begin
4041 -- Force evaluation except for the case of a simple name of
4042 -- a non-volatile entity.
4046 then
4050 -- Generate a raise of constraint error with the appropriate
4051 -- reason and a condition of the form:
4053 -- Base_Type(Sub) not in array'range (subscript)
4055 -- Note that the reason we generate the conversion to the
4056 -- base type here is that we definitely want the range check
4057 -- to take place, even if it looks like the subtype is OK.
4058 -- Optimization considerations that allow us to omit the
4059 -- check have already been taken into account in the setting
4060 -- of the Do_Range_Check flag earlier on.
4064 else
4070 Condition =>
4072 Left_Opnd =>
4075 Right_Opnd =>
4088 --------------------------
4089 -- Generate_Range_Check --
4090 --------------------------
4092 procedure Generate_Range_Check
4096 is
4102 begin
4103 -- First special case, if the source type is already within the
4104 -- range of the target type, then no check is needed (probably we
4105 -- should have stopped Do_Range_Check from being set in the first
4106 -- place, but better late than later in preventing junk code!
4108 -- We do NOT apply this if the source node is a literal, since in
4109 -- this case the literal has already been labeled as having the
4110 -- subtype of the target.
4113 and then not
4115 or else
4117 or else
4119 or else
4122 then
4126 -- We need a check, so force evaluation of the node, so that it does
4127 -- not get evaluated twice (once for the check, once for the actual
4128 -- reference). Such a double evaluation is always a potential source
4129 -- of inefficiency, and is functionally incorrect in the volatile case.
4133 then
4137 -- The easiest case is when Source_Base_Type and Target_Base_Type
4138 -- are the same since in this case we can simply do a direct
4139 -- check of the value of N against the bounds of Target_Type.
4141 -- [constraint_error when N not in Target_Type]
4143 -- Note: this is by far the most common case, for example all cases of
4144 -- checks on the RHS of assignments are in this category, but not all
4145 -- cases are like this. Notably conversions can involve two types.
4150 Condition =>
4156 -- Next test for the case where the target type is within the bounds
4157 -- of the base type of the source type, since in this case we can
4158 -- simply convert these bounds to the base type of T to do the test.
4160 -- [constraint_error when N not in
4161 -- Source_Base_Type (Target_Type'First)
4162 -- ..
4163 -- Source_Base_Type(Target_Type'Last))]
4165 -- The conversions will always work and need no check.
4170 Condition =>
4174 Right_Opnd =>
4176 Low_Bound =>
4179 Prefix =>
4183 High_Bound =>
4186 Prefix =>
4191 -- Note that at this stage we now that the Target_Base_Type is
4192 -- not in the range of the Source_Base_Type (since even the
4193 -- Target_Type itself is not in this range). It could still be
4194 -- the case that the Source_Type is in range of the target base
4195 -- type, since we have not checked that case.
4197 -- If that is the case, we can freely convert the source to the
4198 -- target, and then test the target result against the bounds.
4202 -- We make a temporary to hold the value of the converted
4203 -- value (converted to the base type), and then we will
4204 -- do the test against this temporary.
4206 -- Tnn : constant Target_Base_Type := Target_Base_Type (N);
4207 -- [constraint_error when Tnn not in Target_Type]
4209 -- Then the conversion itself is replaced by an occurrence of Tnn
4211 declare
4216 begin
4220 Object_Definition =>
4223 Expression =>
4229 Condition =>
4239 -- At this stage, we know that we have two scalar types, which are
4240 -- directly convertible, and where neither scalar type has a base
4241 -- range that is in the range of the other scalar type.
4243 -- The only way this can happen is with a signed and unsigned type.
4244 -- So test for these two cases:
4246 else
4247 -- Case of the source is unsigned and the target is signed
4251 then
4252 -- If the source is unsigned and the target is signed, then we
4253 -- know that the source is not shorter than the target (otherwise
4254 -- the source base type would be in the target base type range).
4256 -- In other words, the unsigned type is either the same size
4257 -- as the target, or it is larger. It cannot be smaller.
4259 pragma Assert
4262 -- We only need to check the low bound if the low bound of the
4263 -- target type is non-negative. If the low bound of the target
4264 -- type is negative, then we know that we will fit fine.
4266 -- If the high bound of the target type is negative, then we
4267 -- know we have a constraint error, since we can't possibly
4268 -- have a negative source.
4270 -- With these two checks out of the way, we can do the check
4271 -- using the source type safely
4273 -- This is definitely the most annoying case!
4275 -- [constraint_error
4276 -- when (Target_Type'First >= 0
4277 -- and then
4278 -- N < Source_Base_Type (Target_Type'First))
4279 -- or else Target_Type'Last < 0
4280 -- or else N > Source_Base_Type (Target_Type'Last)];
4282 -- We turn off all checks since we know that the conversions
4283 -- will work fine, given the guards for negative values.
4287 Condition =>
4290 Left_Opnd =>
4293 Left_Opnd =>
4295 Prefix =>
4300 Right_Opnd =>
4303 Right_Opnd =>
4306 Prefix =>
4310 Right_Opnd =>
4312 Left_Opnd =>
4318 Right_Opnd =>
4321 Right_Opnd =>
4330 -- Only remaining possibility is that the source is signed and
4331 -- the target is unsigned
4333 else
4337 -- If the source is signed and the target is unsigned, then
4338 -- we know that the target is not shorter than the source
4339 -- (otherwise the target base type would be in the source
4340 -- base type range).
4342 -- In other words, the unsigned type is either the same size
4343 -- as the target, or it is larger. It cannot be smaller.
4345 -- Clearly we have an error if the source value is negative
4346 -- since no unsigned type can have negative values. If the
4347 -- source type is non-negative, then the check can be done
4348 -- using the target type.
4350 -- Tnn : constant Target_Base_Type (N) := Target_Type;
4352 -- [constraint_error
4353 -- when N < 0 or else Tnn not in Target_Type];
4355 -- We turn off all checks for the conversion of N to the
4356 -- target base type, since we generate the explicit check
4357 -- to ensure that the value is non-negative
4359 declare
4364 begin
4368 Object_Definition =>
4371 Expression =>
4373 Subtype_Mark =>
4378 Condition =>
4380 Left_Opnd =>
4385 Right_Opnd =>
4388 Right_Opnd =>
4394 -- Set the Etype explicitly, because Insert_Actions may
4395 -- have placed the declaration in the freeze list for an
4396 -- enclosing construct, and thus it is not analyzed yet.
4405 ---------------------
4406 -- Get_Discriminal --
4407 ---------------------
4414 begin
4415 -- The entity E is the type of a private component of the protected
4416 -- type, or the type of a renaming of that component within a protected
4417 -- operation of that type.
4433 loop
4440 ------------------
4441 -- Guard_Access --
4442 ------------------
4444 function Guard_Access
4448 is
4449 begin
4456 else
4457 return
4459 Left_Opnd =>
4467 -----------------------------
4468 -- Index_Checks_Suppressed --
4469 -----------------------------
4472 begin
4475 else
4480 ----------------
4481 -- Initialize --
4482 ----------------
4485 begin
4491 -------------------------
4492 -- Insert_Range_Checks --
4493 -------------------------
4495 procedure Insert_Range_Checks
4502 is
4509 or else
4512 begin
4513 -- For now we just return if Checks_On is false, however this should
4514 -- be enhanced to check for an always True value in the condition
4515 -- and to generate a compilation warning???
4534 then
4541 else
4548 else
4549 Check_Node :=
4556 else
4563 ------------------------
4564 -- Insert_Valid_Check --
4565 ------------------------
4571 begin
4572 -- Do not insert if checks off, or if not checking validity
4576 then
4580 -- If we have a checked conversion, then validity check applies to
4581 -- the expression inside the conversion, not the result, since if
4582 -- the expression inside is valid, then so is the conversion result.
4589 -- Insert the validity check. Note that we do this with validity
4590 -- checks turned off, to avoid recursion, we do not want validity
4591 -- checks on the validity checking code itself!
4594 Insert_Action
4597 Condition =>
4599 Right_Opnd =>
4601 Prefix =>
4609 ----------------------------------
4610 -- Install_Null_Excluding_Check --
4611 ----------------------------------
4617 begin
4620 -- Don't need access check if: 1) we are analyzing a generic, 2) it is
4621 -- known to be non-null, or 3) the check was suppressed on the type
4623 if Inside_A_Generic
4625 then
4628 -- Otherwise install access check
4630 else
4633 Condition =>
4641 --------------------------
4642 -- Install_Static_Check --
4643 --------------------------
4649 begin
4659 ---------------------
4660 -- Kill_All_Checks --
4661 ---------------------
4664 begin
4669 -- We reset the number of saved checks to zero, and also modify
4670 -- all stack entries for statement ranges to indicate that the
4671 -- number of checks at each level is now zero.
4680 -----------------
4681 -- Kill_Checks --
4682 -----------------
4685 begin
4701 ------------------------------
4702 -- Length_Checks_Suppressed --
4703 ------------------------------
4706 begin
4709 else
4714 --------------------------------
4715 -- Overflow_Checks_Suppressed --
4716 --------------------------------
4719 begin
4722 else
4727 -----------------
4728 -- Range_Check --
4729 -----------------
4731 function Range_Check
4736 is
4737 begin
4738 return Selected_Range_Checks
4742 -----------------------------
4743 -- Range_Checks_Suppressed --
4744 -----------------------------
4747 begin
4750 -- Note: for now we always suppress range checks on Vax float types,
4751 -- since Gigi does not know how to generate these checks.
4765 -------------------
4766 -- Remove_Checks --
4767 -------------------
4774 -- Process a single node during the traversal
4777 -- The traversal function itself
4779 -------------
4780 -- Process --
4781 -------------
4784 begin
4847 -- Start of processing for Remove_Checks
4849 begin
4853 ----------------------------
4854 -- Selected_Length_Checks --
4855 ----------------------------
4857 function Selected_Length_Checks
4862 is
4875 -- Adds the action given to Ret_Result if N is non-Empty
4879 -- Comments required ???
4882 -- True for equal literals and for nodes that denote the same constant
4883 -- entity, even if its value is not a static constant. This includes the
4884 -- case of a discriminal reference within an init proc. Removes some
4885 -- obviously superfluous checks.
4887 function Length_E_Cond
4891 -- Returns expression to compute:
4892 -- Typ'Length /= Exptyp'Length
4894 function Length_N_Cond
4898 -- Returns expression to compute:
4899 -- Typ'Length /= Expr'Length
4901 ---------------
4902 -- Add_Check --
4903 ---------------
4906 begin
4909 -- For now, ignore attempt to place more than 2 checks ???
4921 ------------------
4922 -- Get_E_Length --
4923 ------------------
4930 begin
4933 then
4943 return
4950 and then not Inside_Init_Proc
4951 then
4953 -- If the type whose length is needed is a private component
4954 -- constrained by a discriminant, we must expand the 'Length
4955 -- attribute into an explicit computation, using the discriminal
4956 -- of the current protected operation. This is because the actual
4957 -- type of the prival is constructed after the protected opera-
4958 -- tion has been fully expanded.
4960 declare
4966 begin
4977 then
4984 then
4998 N :=
5000 Left_Opnd =>
5008 else
5009 N :=
5012 Prefix =>
5024 else
5025 N :=
5028 Prefix =>
5041 ------------------
5042 -- Get_N_Length --
5043 ------------------
5046 begin
5047 return
5050 Prefix =>
5057 -------------------
5058 -- Length_E_Cond --
5059 -------------------
5061 function Length_E_Cond
5065 is
5066 begin
5067 return
5074 -------------------
5075 -- Length_N_Cond --
5076 -------------------
5078 function Length_N_Cond
5082 is
5083 begin
5084 return
5092 begin
5093 return
5098 or else
5103 or else
5108 or else
5115 or else
5123 -- Start of processing for Selected_Length_Checks
5125 begin
5133 then
5145 else
5158 -- A simple optimization
5168 -- The checking code to be generated will freeze the
5169 -- corresponding array type. However, we must freeze the
5170 -- type now, so that the freeze node does not appear within
5171 -- the generated condional expression, but ahead of it.
5182 -- String_Literal case. This needs to be handled specially be-
5183 -- cause no index types are available for string literals. The
5184 -- condition is simply:
5186 -- T_Typ'Length = string-literal-length
5190 then
5191 Cond :=
5194 Right_Opnd =>
5196 Intval =>
5199 -- General array case. Here we have a usable actual subtype for
5200 -- the expression, and the condition is built from the two types
5201 -- (Do_Length):
5203 -- T_Typ'Length /= Exptyp'Length or else
5204 -- T_Typ'Length (2) /= Exptyp'Length (2) or else
5205 -- T_Typ'Length (3) /= Exptyp'Length (3) or else
5206 -- ...
5209 declare
5222 begin
5224 -- At the library level, we need to ensure that the
5225 -- type of the object is elaborated before the check
5226 -- itself is emitted. This is only done if the object
5227 -- is in the current compilation unit, otherwise the
5228 -- type is frozen and elaborated in its unit.
5231 and then
5233 and then
5236 then
5247 or else
5249 then
5253 -- Deal with compile time length check. Note that we
5254 -- skip this in the access case, because the access
5255 -- value may be null, so we cannot know statically.
5257 if not Do_Access
5262 then
5266 else
5273 else
5278 Add_Check
5279 (Compile_Time_Constraint_Error
5283 Add_Check
5284 (Compile_Time_Constraint_Error
5288 -- The comparison for an individual index subtype
5289 -- is omitted if the corresponding index subtypes
5290 -- statically match, since the result is known to
5291 -- be true. Note that this test is worth while even
5292 -- though we do static evaluation, because non-static
5293 -- subtypes can statically match.
5295 elsif not
5296 Subtypes_Statically_Match
5299 and then not
5302 then
5303 Evolve_Or_Else
5313 -- Handle cases where we do not get a usable actual subtype that
5314 -- is constrained. This happens for example in the function call
5315 -- and explicit dereference cases. In these cases, we have to get
5316 -- the length or range from the expression itself, making sure we
5317 -- do not evaluate it more than once.
5319 -- Here Ck_Node is the original expression, or more properly the
5320 -- result of applying Duplicate_Expr to the original tree,
5321 -- forcing the result to be a name.
5323 else
5324 declare
5327 begin
5328 -- Build the condition for the explicit dereference case
5331 Evolve_Or_Else
5339 -- Construct the test and insert into the tree
5346 Add_Check
5355 ---------------------------
5356 -- Selected_Range_Checks --
5357 ---------------------------
5359 function Selected_Range_Checks
5364 is
5377 -- Adds the action given to Ret_Result if N is non-Empty
5379 function Discrete_Range_Cond
5382 -- Returns expression to compute:
5383 -- Low_Bound (Expr) < Typ'First
5384 -- or else
5385 -- High_Bound (Expr) > Typ'Last
5387 function Discrete_Expr_Cond
5390 -- Returns expression to compute:
5391 -- Expr < Typ'First
5392 -- or else
5393 -- Expr > Typ'Last
5395 function Get_E_First_Or_Last
5399 -- Returns expression to compute:
5400 -- E'First or E'Last
5404 -- Returns expression to compute:
5405 -- N'First or N'Last using Duplicate_Subexpr_No_Checks
5407 function Range_E_Cond
5412 -- Returns expression to compute:
5413 -- Exptyp'First < Typ'First or else Exptyp'Last > Typ'Last
5415 function Range_Equal_E_Cond
5419 -- Returns expression to compute:
5420 -- Exptyp'First /= Typ'First or else Exptyp'Last /= Typ'Last
5422 function Range_N_Cond
5426 -- Return expression to compute:
5427 -- Expr'First < Typ'First or else Expr'Last > Typ'Last
5429 ---------------
5430 -- Add_Check --
5431 ---------------
5434 begin
5437 -- For now, ignore attempt to place more than 2 checks ???
5449 -------------------------
5450 -- Discrete_Expr_Cond --
5451 -------------------------
5453 function Discrete_Expr_Cond
5456 is
5457 begin
5458 return
5460 Left_Opnd =>
5462 Left_Opnd =>
5465 Right_Opnd =>
5469 Right_Opnd =>
5471 Left_Opnd =>
5474 Right_Opnd =>
5475 Convert_To
5480 -------------------------
5481 -- Discrete_Range_Cond --
5482 -------------------------
5484 function Discrete_Range_Cond
5487 is
5494 begin
5505 Left_Opnd :=
5507 Left_Opnd =>
5508 Convert_To
5511 Right_Opnd =>
5512 Convert_To
5519 and then
5522 then
5526 then
5530 else
5533 then
5539 Right_Opnd :=
5541 Left_Opnd =>
5542 Convert_To
5545 Right_Opnd =>
5546 Convert_To
5553 -------------------------
5554 -- Get_E_First_Or_Last --
5555 -------------------------
5557 function Get_E_First_Or_Last
5561 is
5567 begin
5575 else
5587 else
5594 else
5600 then
5601 -- If this is a task discriminant, and we are the body, we must
5602 -- retrieve the corresponding body discriminal. This is another
5603 -- consequence of the early creation of discriminals, and the
5604 -- need to generate constraint checks before their declarations
5605 -- are made visible.
5608 declare
5610 Corresponding_Concurrent_Type
5614 begin
5617 then
5618 -- Find discriminant of original task, and use its
5619 -- current discriminal, which is the renaming within
5620 -- the task body.
5632 -- That loop should always succeed in finding a matching
5633 -- entry and returning. Fatal error if not.
5637 else
5638 return
5642 else
5648 and then not Inside_Init_Proc
5649 then
5655 else
5660 -----------------
5661 -- Get_N_First --
5662 -----------------
5665 begin
5666 return
5669 Prefix =>
5675 ----------------
5676 -- Get_N_Last --
5677 ----------------
5680 begin
5681 return
5684 Prefix =>
5690 ------------------
5691 -- Range_E_Cond --
5692 ------------------
5694 function Range_E_Cond
5698 is
5699 begin
5700 return
5702 Left_Opnd =>
5707 Right_Opnd =>
5714 ------------------------
5715 -- Range_Equal_E_Cond --
5716 ------------------------
5718 function Range_Equal_E_Cond
5722 is
5723 begin
5724 return
5726 Left_Opnd =>
5730 Right_Opnd =>
5736 ------------------
5737 -- Range_N_Cond --
5738 ------------------
5740 function Range_N_Cond
5744 is
5745 begin
5746 return
5748 Left_Opnd =>
5753 Right_Opnd =>
5759 -- Start of processing for Selected_Range_Checks
5761 begin
5769 then
5781 else
5789 -- The order of evaluating T_Typ before S_Typ seems to be critical
5790 -- because S_Typ can be derived from Etype (Ck_Node), if it's not passed
5791 -- in, and since Node can be an N_Range node, it might be invalid.
5792 -- Should there be an assert check somewhere for taking the Etype of
5793 -- an N_Range node ???
5800 -- A simple optimization
5807 -- For an N_Range Node, check for a null range and then if not
5808 -- null generate a range check action.
5812 -- There's no point in checking a range against itself
5818 declare
5828 begin
5829 -- Check for case where everything is static and we can
5830 -- do the check at compile time. This is skipped if we
5831 -- have an access type, since the access value may be null.
5833 -- ??? This code can be improved since you only need to know
5834 -- that the two respective bounds (LB & T_LB or HB & T_HB)
5835 -- are known at compile time to emit pertinent messages.
5841 and then not Do_Access
5842 then
5843 -- Floating-point case
5847 Out_Of_Range_L :=
5849 or else
5852 Out_Of_Range_H :=
5854 or else
5857 -- Fixed or discrete type case
5859 else
5861 Out_Of_Range_L :=
5863 or else
5866 Out_Of_Range_H :=
5868 or else
5875 Add_Check
5876 (Compile_Time_Constraint_Error
5880 else
5881 Add_Check
5882 (Compile_Time_Constraint_Error
5890 Add_Check
5891 (Compile_Time_Constraint_Error
5895 else
5896 Add_Check
5897 (Compile_Time_Constraint_Error
5905 else
5906 declare
5910 begin
5912 -- If either bound is a discriminant and we are within
5913 -- the record declaration, it is a use of the discriminant
5914 -- in a constraint of a component, and nothing can be
5915 -- checked here. The check will be emitted within the
5916 -- init proc. Before then, the discriminal has no real
5917 -- meaning.
5921 then
5924 else
5925 LB :=
5932 then
5935 else
5936 HB :=
5944 Cond :=
5946 Left_Opnd =>
5958 -- This somewhat duplicates what Apply_Scalar_Range_Check does,
5959 -- except the above simply sets a flag in the node and lets
5960 -- gigi generate the check base on the Etype of the expression.
5961 -- Sometimes, however we want to do a dynamic check against an
5962 -- arbitrary target type, so we do that here.
5967 -- For literals, we can tell if the constraint error will be
5968 -- raised at compile time, so we never need a dynamic check, but
5969 -- if the exception will be raised, then post the usual warning,
5970 -- and replace the literal with a raise constraint error
5971 -- expression. As usual, skip this for access types
5974 and then not Do_Access
5975 then
5976 declare
5985 begin
5986 -- Following range tests should use Sem_Eval routine ???
5990 Out_Of_Range :=
5992 or else
5996 Out_Of_Range :=
5998 or else
6002 -- Bounds of the type are static and the literal is
6003 -- out of range so make a warning message.
6007 Add_Check
6008 (Compile_Time_Constraint_Error
6012 else
6013 Add_Check
6014 (Compile_Time_Constraint_Error
6020 else
6025 -- Here for the case of a non-static expression, we need a runtime
6026 -- check unless the source type range is guaranteed to be in the
6027 -- range of the target type.
6029 else
6046 -- String_Literal case. This needs to be handled specially be-
6047 -- cause no index types are available for string literals. The
6048 -- condition is simply:
6050 -- T_Typ'Length = string-literal-length
6055 -- General array case. Here we have a usable actual subtype for
6056 -- the expression, and the condition is built from the two types
6058 -- T_Typ'First < Exptyp'First or else
6059 -- T_Typ'Last > Exptyp'Last or else
6060 -- T_Typ'First(1) < Exptyp'First(1) or else
6061 -- T_Typ'Last(1) > Exptyp'Last(1) or else
6062 -- ...
6065 declare
6075 begin
6081 or else
6083 then
6087 -- Deal with compile time length check. Note that we
6088 -- skip this in the access case, because the access
6089 -- value may be null, so we cannot know statically.
6091 if not
6092 Subtypes_Statically_Match
6094 then
6095 -- If the target type is constrained then we
6096 -- have to check for exact equality of bounds
6097 -- (required for qualified expressions).
6100 Evolve_Or_Else
6104 else
6105 Evolve_Or_Else
6117 -- Handle cases where we do not get a usable actual subtype that
6118 -- is constrained. This happens for example in the function call
6119 -- and explicit dereference cases. In these cases, we have to get
6120 -- the length or range from the expression itself, making sure we
6121 -- do not evaluate it more than once.
6123 -- Here Ck_Node is the original expression, or more properly the
6124 -- result of applying Duplicate_Expr to the original tree,
6125 -- forcing the result to be a name.
6127 else
6128 declare
6131 begin
6132 -- Build the condition for the explicit dereference case
6135 Evolve_Or_Else
6142 else
6143 -- Generate an Action to check that the bounds of the
6144 -- source value are within the constraints imposed by the
6145 -- target type for a conversion to an unconstrained type.
6146 -- Rule is 4.6(38).
6149 declare
6153 begin
6154 Opnd_Index
6160 if Is_In_Range
6162 and then
6163 Is_In_Range
6165 then
6168 -- If null range, no check needed.
6169 elsif
6171 and then
6173 and then
6176 then
6179 elsif Is_Out_Of_Range
6181 or else
6182 Is_Out_Of_Range
6184 then
6185 Add_Check
6186 (Compile_Time_Constraint_Error
6189 else
6190 Evolve_Or_Else
6192 Discrete_Range_Cond
6205 -- Construct the test and insert into the tree
6212 Add_Check
6221 -------------------------------
6222 -- Storage_Checks_Suppressed --
6223 -------------------------------
6226 begin
6229 else
6234 ---------------------------
6235 -- Tag_Checks_Suppressed --
6236 ---------------------------
6239 begin