[Ada] fix handling of 'unchecked_access

[Arnaud Charlet <charlet at adacore dot com>]

Tested on i686-linux, committed on trunk.

The attribute Unchecked_Access can only be applied to objects, not to
subprograms. The test on the legality of this attribute did not include
the case of protected operations.
--
The following compilation must yield the error:
--
p1.adb:10:20: attribute "Unchecked_Access" cannot be applied to a subprogram
--
procedure P1 is
   type Ptr is access protected procedure;
   procedure Register (It : Ptr) is begin null; end;
   protected Prot is
      procedure Set_Up;
   end prot;
   protected body prot is
      procedure Set_Up is
      begin
         Register (Set_Up'Unchecked_Access);
      end;
   end prot;
begin
   null;
end;

This also corrects the implementation of Ada 2005 AI-195 item 2:
 2 - For the purposes of checking legality rules, it is necessary to determine
 whether a stream-oriented attribute has been specified for a limited type
 (13.13.2(9/1) and 13.13.2(36/1)). This is done by applying the normal
 visibility rules to the attribute_definition_clause.
by applying proper visibility rules to attribute definition clauses for
stream-oritented attributes.

This also fixes a longstanding regression in the front-end. In general, it is
illegal to dereference a value of a remote access-to-classwide type, except
in the context of a dispatching call where the dereference is a controlling
argument. However, we must still allow expanded code to obtain the tag of
the physical designated object pointed to by the value (in the case of a
remote object, this physical object is the stub for the actual remote
object): this tag value is used for tag checks, and also for dispatching on
stub operations. This involves dereferencing the RACW and accessing the
tag component of the designated object.

The circuitry that is used to detect and allow such dereferences made
assumptions about the structure of the tree that had become incorrect,
resulting in incorrectly rejecting valid
code. This change corrects the predicate to identify permitted dereferences
correctly again.

Finally, fixes AI-403:
a formal object must be considered non-static, because the actual may
involve function calls and other non-preelaborable constructs. AI-403
specifies that use of a formal object that are made illegal by a Pure
or Preelaborate pragma must be diagnosed in the generic itself.
Compilation of pak2.adb in Ada 2005 mode must produce the output:
--
pak2.adb:2:20: non-static object name in preelaborated unit
pak2.adb:2:20: "x1" is not static constant or named number (RM 4.9(5))
pak2.adb:3:20: non-static object name in preelaborated unit
pak2.adb:3:20: "x1" is not static constant or named number (RM 4.9(5))
pak2.adb:3:25: non-static object name in preelaborated unit
pak2.adb:3:25: "x1" is not static constant or named number (RM 4.9(5))
pak2.adb:4:46: non-static object name in preelaborated unit
pak2.adb:4:46: static expression must have scalar or string type (RM 4.9(2))
--
generic
   type T is private;
   Zero : T;
   x1 : integer;
package Pak2 is
   pragma Preelaborate;
   pragma Elaborate_Body;
   type table is Array (integer range <>) of T;
end Pak2;
--
package body Pak2 is
   x2 : integer := x1;           --  ERROR
   x3 : integer := x1 * x1;      --  ERROR
   Empty_Table : Table (1..10) := (others => Zero);   -- ERROR
end Pak2;

2006-10-31  Ed Schonberg  <schonberg@adacore.com>
	    Thomas Quinot  <quinot@adacore.com>
	    Javier Miranda  <miranda@adacore.com>
	    Gary Dismukes  <dismukes@adacore.com>

	* sem_attr.ads, sem_attr.adb (Analyze_Access_Attribute): Diagnose
	properly an attempt to apply Unchecked_Access to a protected operation.
	(OK_Self_Reference): New subprogram to check the legality of an access
	attribute whose prefix is the type of an enclosing aggregate.
	Generalizes previous mechanism to handle attribute references nested
	arbitrarily deep within the aggregate.
	(Analyze_Access_Attribute): An access attribute whose prefix is a type
	can appear in an aggregate if this is a default-initialized aggregate
	for a self-referential type.
	(Resolve_Attribute, case Access): Ditto.
	Add support for new implementation defined attribute Stub_Type.
	(Eval_Attribute, case Attribute_Stub_Type): New case.
	(Analyze_Attribute, case Attribute_Stub_Type): New case.
	(Stream_Attribute_Available): Implement using new subprogram from
	sem_cat, Has_Stream_Attribute_Definition, instead of incorrect
	Has_Specified_Stream_Attribute flag.
	Disallow Storage_Size and Storage_Pool for access to subprogram
	(Resolve_Attribute, case 'Access et al): Take into account anonymous
	access types of return subtypes in extended return statements. Remove
	accessibility checks on anonymous access types when Unchecked_Access is
	used.
	(Analyze_Attribute): Add support for the use of 'Class to convert
	a class-wide interface to a tagged type.
	Add support for the attribute Priority.
	(Resolve_Attribute, case Attribute_Access): For Ada_05, add test for
	whether the designated type is discriminated with a constrained partial
	view and require static matching in that case.
	Add local variable Des_Btyp. The Designated_Type
	of an access to incomplete subtype is either its non-limited view if
	coming from a limited with or its etype if regular incomplete subtype.

	* sem_cat.ads, sem_cat.adb (Validate_Remote_Access_To_Class_Wide_Type):
	Fix predicate to identify and allow cases of (expander-generated)
	references to tag of designated object of a RACW.
	(Validate_Static_Object_Name): In Ada 2005, a formal object is
	non-static, and therefore cannot appear as a primary in a preelaborable
	package.
	(Has_Stream_Attribute_Definition): New subprogram, abstracted from
	Has_Read_Write_Attributes.
	(Has_Read_Write_Attributes): Reimplement in termes of
	Has_Stream_Attribute_Definition.
	(Missing_Read_Write_Attributes): When checking component types in a
	record, unconditionally call Missing_Read_Write_Attributes recursively
	(remove guard checking for Is_Record_Type / Is_Access_Type).

Attachment: difs
Description: Text document