ada: hardcfr: mark throw-expected functions

Adjust documentation to reflect the introduction of -fhardcfr-check-noreturn-calls=no-xthrow. gcc/ada/ * doc/gnat_rm/security_hardening_features.rst (Control Flow Redundancy): Add -fhardcfr-check-noreturn-calls=no-xthrow. * gnat_rm.texi: Regenerate. Tested on x86_64-pc-linux-gnu, committed on master.
plctlab · Jul 10, 2023 · 072da17 · 072da17
1 parent c2d62cd
commit 072da17
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 16 deletions.
diff --git a/gcc/ada/doc/gnat_rm/security_hardening_features.rst b/gcc/ada/doc/gnat_rm/security_hardening_features.rst
@@ -487,17 +487,18 @@ gets modified as follows:
    end;
 
 
-Verification may also be performed before No_Return calls, whether
-only nothrow ones, with
-:switch:`-fhardcfr-check-noreturn-calls=nothrow`, or all of them, with
-:switch:`-fhardcfr-check-noreturn-calls=always`.  The default is
-:switch:`-fhardcfr-check-noreturn-calls=never` for this feature, that
-disables checking before No_Return calls.
+Verification may also be performed before No_Return calls, whether all
+of them, with :switch:`-fhardcfr-check-noreturn-calls=always`; all but
+internal subprograms involved in exception-raising or -reraising, with
+:switch:`-fhardcfr-check-noreturn-calls=no-xthrow` (default); only
+nothrow ones, with :switch:`-fhardcfr-check-noreturn-calls=nothrow`;
+or none, with :switch:`-fhardcfr-check-noreturn-calls=never`.
 
 When a No_Return call returns control to its caller through an
 exception, verification may have already been performed before the
-call, if :switch:`-fhardcfr-check-noreturn-calls=always` is in effect.
-The compiler arranges for already-checked No_Return calls without a
+call, if :switch:`-fhardcfr-check-noreturn-calls=always` or
+:switch:`-fhardcfr-check-noreturn-calls=no-xthrow` is in effect.  The
+compiler arranges for already-checked No_Return calls without a
 preexisting handler to bypass the implicitly-added cleanup handler and
 thus the redundant check, but a local exception or cleanup handler, if
 present, will modify the set of visited blocks, and checking will take

diff --git a/gcc/ada/gnat_rm.texi b/gcc/ada/gnat_rm.texi
@@ -29136,17 +29136,18 @@ exception
 end;
 @end example
 
-Verification may also be performed before No_Return calls, whether
-only nothrow ones, with
-@code{-fhardcfr-check-noreturn-calls=nothrow}, or all of them, with
-@code{-fhardcfr-check-noreturn-calls=always}.  The default is
-@code{-fhardcfr-check-noreturn-calls=never} for this feature, that
-disables checking before No_Return calls.
+Verification may also be performed before No_Return calls, whether all
+of them, with @code{-fhardcfr-check-noreturn-calls=always}; all but
+internal subprograms involved in exception-raising or -reraising, with
+@code{-fhardcfr-check-noreturn-calls=no-xthrow} (default); only
+nothrow ones, with @code{-fhardcfr-check-noreturn-calls=nothrow};
+or none, with @code{-fhardcfr-check-noreturn-calls=never}.
 
 When a No_Return call returns control to its caller through an
 exception, verification may have already been performed before the
-call, if @code{-fhardcfr-check-noreturn-calls=always} is in effect.
-The compiler arranges for already-checked No_Return calls without a
+call, if @code{-fhardcfr-check-noreturn-calls=always} or
+@code{-fhardcfr-check-noreturn-calls=no-xthrow} is in effect.  The
+compiler arranges for already-checked No_Return calls without a
 preexisting handler to bypass the implicitly-added cleanup handler and
 thus the redundant check, but a local exception or cleanup handler, if
 present, will modify the set of visited blocks, and checking will take