diff mbox series

[Ada] Enable checks on runtime by default

Message ID 20201130141712.GA117912@adacore.com
State New
Headers show
Series [Ada] Enable checks on runtime by default | expand

Commit Message

Pierre-Marie de Rodat Nov. 30, 2020, 2:17 p.m. UTC
These checks are not very costly these days and bring additional safety
and security guarantees built into the Ada language, so enable them by

It turns out that enabling checks on s-bitfie.adb makes a latent
visibility bug appeared on strict alignment platform (related to
alignment checks most likely). Workaround it for the time being by
suppressing checks locally.

It also makes visible a latent issue with secondary stack allocation of
0 bytes, now possible with another recent change to allocate the result
of string concatenation sometimes on the secondary stack.

Tested on x86_64-pc-linux-gnu, committed on trunk


	* gcc-interface/Makefile.in (GNATLIBFLAGS): Enable checks by
	* libgnat/s-bitfie.ads: Suppress alignment checks.
	* libgnat/s-bituti.adb: Minor reformatting.
	* libgnat/s-secsta.adb (SS_Allocate): Support Size = 0.
diff mbox series


diff --git a/gcc/ada/gcc-interface/Makefile.in b/gcc/ada/gcc-interface/Makefile.in
--- a/gcc/ada/gcc-interface/Makefile.in
+++ b/gcc/ada/gcc-interface/Makefile.in
@@ -110,7 +110,7 @@  NO_INLINE_ADAFLAGS = -fno-inline
 NO_OMIT_ADAFLAGS = -fno-omit-frame-pointer
 NO_SIBLING_ADAFLAGS = -fno-optimize-sibling-calls
 NO_REORDER_ADAFLAGS = -fno-toplevel-reorder
-GNATLIBFLAGS = -W -Wall -gnatpg -nostdinc
+GNATLIBFLAGS = -W -Wall -gnatg -nostdinc
 # Pretend that _Unwind_GetIPInfo is available for the target by default.  This
 # should be autodetected during the configuration of libada and passed down to

diff --git a/gcc/ada/libgnat/s-bitfie.ads b/gcc/ada/libgnat/s-bitfie.ads
--- a/gcc/ada/libgnat/s-bitfie.ads
+++ b/gcc/ada/libgnat/s-bitfie.ads
@@ -47,6 +47,12 @@  package System.Bitfields is
    pragma Provide_Shift_Operators (Val_2);
    type Val is mod 2**Val_Bits with Alignment => Val_Bytes;
+   --  ??? It turns out that enabling checks on the instantiation of
+   --  System.Bitfield_Utils.G makes a latent visibility bug appear on strict
+   --  alignment platforms related to alignment checks. Work around it by
+   --  suppressing these checks explicitly.
+   pragma Suppress (Alignment_Check);
    package Utils is new System.Bitfield_Utils.G (Val, Val_2);
    procedure Copy_Bitfield

diff --git a/gcc/ada/libgnat/s-bituti.adb b/gcc/ada/libgnat/s-bituti.adb
--- a/gcc/ada/libgnat/s-bituti.adb
+++ b/gcc/ada/libgnat/s-bituti.adb
@@ -317,6 +317,7 @@  package body System.Bitfield_Utils is
                  Get_Val_2 (S_Addr, S_Off, Initial_Size);
                Initial_Val : constant Val :=
                  Get_Bitfield (Initial_Val_2, S_Off, Initial_Size);
                  (Initial_Val, D_Addr, D_Off, Initial_Size);

diff --git a/gcc/ada/libgnat/s-secsta.adb b/gcc/ada/libgnat/s-secsta.adb
--- a/gcc/ada/libgnat/s-secsta.adb
+++ b/gcc/ada/libgnat/s-secsta.adb
@@ -587,15 +587,18 @@  package body System.Secondary_Stack is
    --  Start of processing for SS_Allocate
-      --  It should not be possible to request an allocation of negative or
-      --  zero size.
-      pragma Assert (Storage_Size > 0);
       --  Round the requested size up to the nearest multiple of the maximum
       --  alignment to ensure efficient access.
-      Mem_Size := Round_Up (Storage_Size);
+      if Storage_Size = 0 then
+         Mem_Size := Memory_Alignment;
+      else
+         --  It should not be possible to request an allocation of negative
+         --  size.
+         pragma Assert (Storage_Size >= 0);
+         Mem_Size := Round_Up (Storage_Size);
+      end if;
       if Sec_Stack_Dynamic then
          Allocate_Dynamic (Stack, Mem_Size, Addr);