www.delorie.com/gnu/docs/gcc/gnat_ug_43.html   search  
 
Buy the book!


Untitled Document

[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

3.2.3 Validity Checking

The Ada 95 Reference Manual has specific requirements for checking for invalid values. In particular, RM 13.9.1 requires that the evaluation of invalid values (for example from unchecked conversions), not result in erroneous execution. In GNAT, the result of such an evaluation in normal default mode is to either use the value unmodified, or to raise Constraint_Error in those cases where use of the unmodified value would cause erroneous execution. The cases where unmodified values might lead to erroneous execution are case statements (where a wild jump might result from an invalid value), and subscripts on the left hand side (where memory corruption could occur as a result of an invalid value).

The `-gnatVx' switch allows more control over the validity checking mode. The x argument here is a string of letters which control which validity checks are performed in addition to the default checks described above.

The `-gnatV' switch may be followed by a string of letters to turn on a series of validity checking options. For example, `-gnatVcr' specifies that in addition to the default validity checking, copies and function return expressions be validity checked. In order to make it easier to specify a set of options, the upper case letters CDFIMORST may be used to turn off the corresponding lower case option, so for example `-gnatVaM' turns on all validity checking options except for checking of in out procedure arguments.

The specification of additional validity checking generates extra code (and in the case of `-gnatva' the code expansion can be substantial. However, these additional checks can be very useful in smoking out cases of uninitialized variables, incorrect use of unchecked conversion, and other errors leading to invalid values. The use of pragma Initialize_Scalars is useful in conjunction with the extra validity checking, since this ensures that wherever possible uninitialized variables have invalid values.

See also the pragma Validity_Checks which allows modification of the validity checking mode at the program source level, and also allows for temporary disabling of validity checks.


[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

  webmaster     delorie software   privacy  
  Copyright 2003   by The Free Software Foundation     Updated Jun 2003