Disable inlining of subprograms with unchecked union parameters for GNATprove
The Ada compiler now prevents inlining of subprograms with unchecked union type formal parameters when compiling for GNATprove.
To ensure GNATprove’s reliability, the Ada compiler now restricts inlining when a formal parameter has an unchecked union type. Inlining such subprograms could lead to missed checks for Unchecked Union restrictions, potentially compromising GNATprove’s ability to verify code correctness. This change prevents those missed checks.
In Details
This commit modifies inline.adb by adding a check in Can_Be_Inlined_In_GNATprove_Mode to prevent inlining of subprograms with formals of an unchecked union type. This is done because inlining such subprograms might lead to missing checks for UU restrictions in GNATprove.
For Context
In Ada, unchecked unions allow treating the same memory location as different data types. GNATprove is a formal verification tool that analyzes Ada code to prove its correctness. This commit prevents the compiler from inlining certain subprograms (subroutines) when using GNATprove. This is necessary because inlining these subprograms could bypass checks related to unchecked unions, potentially leading to incorrect verification results.