[Ada] Improve integration of strub with type systems

Tue, 09 Nov 2021 02:05:24 -0800 

This patch brings various improvements to the integration of strub
modes into the Ada type system.  Strub modes for subprograms are
promoted to subprogram types when applied to access-to-subprogram
objects and types, and promoted from subprograms to access types'
designated types.  Matching strub modes are required for renaming,
overriding, interface implementation, and compatible strub modes are
required for conversions.

A complementary patch for the GCC interface introduces matching build
system changes, and warnings when strub modes are applied to composite
data objects or their types, and another complementary patch for GCC
does the same for C-family languages.

The GCC patch also fixes a strub callability error affecting
type-converted direct calls, and several tests to exercise the
newly-added features, and reverts strub annotations from public
subprograms, that would have caused their renamings to be rejected.

Tested on x86_64-pc-linux-gnu, committed on trunk

gcc/ada/

        * strub.adb, strub.ads: New files.
        * exp_attr.adb (Access_Cases): Copy strub mode to subprogram type.
        * exp_disp.adb (Expand_Dispatching_Call): Likewise.
        * freeze.adb (Check_Inherited_Conditions): Check that strub modes
        match overridden subprograms and interfaces.
        (Freeze_All): Renaming declarations too.
        * sem_attr.adb (Resolve_Attribute): Reject 'Access to
        strub-annotated data object.
        * sem_ch3.adb (Derive_Subprogram): Copy strub mode to
        inherited subprogram.
        * sem_prag.adb (Analyze_Pragma): Propagate Strub Machine_Attribute
        from access-to-subprogram to subprogram type when required,
        but not from access-to-data to data type.  Mark the entity that
        got the pragma as having a gigi rep item.
        * sem_res.adb (Resolve): Reject implicit conversions that
        would change strub modes.
        (Resolve_Type_Conversions): Reject checked conversions
        between incompatible strub modes.
        * doc/gnat_rm/security_hardening_features.rst: Update.
        * gnat_rm.texi: Regenerate.
        * libgnat/a-except.ads (Raise_Exception): Revert strub-callable
        annotation in public subprogram.
        * libgnat/s-arit128.ads (Multiply_With_Ovflo_Check128): Likewise.
        * libgnat/s-arit64.ads (Multiply_With_Ovflo_Check64): Likewise.
        * libgnat/s-secsta.ads (SS_Allocate): Likewise.
        (SS_Mark, SS_Release): Likewise.
        * gcc-interface/Make-lang.in (GNAT_ADA_OBJS): Add ada/strub.o.

Attachment: patch.diff.gz
Description: application/gzip

Reply via email to