1------------------------------------------------------------------------------
2--                                                                          --
3--                         GNAT COMPILER COMPONENTS                         --
4--                                                                          --
5--                        S Y S T E M . O S _ L I B                         --
6--                                                                          --
7--                                 S p e c                                  --
8--                                                                          --
9--          Copyright (C) 1995-2018, Free Software Foundation, Inc.         --
10--                                                                          --
11-- GNAT is free software;  you can  redistribute it  and/or modify it under --
12-- terms of the  GNU General Public License as published  by the Free Soft- --
13-- ware  Foundation;  either version 3,  or (at your option) any later ver- --
14-- sion.  GNAT is distributed in the hope that it will be useful, but WITH- --
15-- OUT ANY WARRANTY;  without even the  implied warranty of MERCHANTABILITY --
16-- or FITNESS FOR A PARTICULAR PURPOSE.                                     --
17--                                                                          --
18-- As a special exception under Section 7 of GPL version 3, you are granted --
19-- additional permissions described in the GCC Runtime Library Exception,   --
20-- version 3.1, as published by the Free Software Foundation.               --
21--                                                                          --
22-- You should have received a copy of the GNU General Public License and    --
23-- a copy of the GCC Runtime Library Exception along with this program;     --
24-- see the files COPYING3 and COPYING.RUNTIME respectively.  If not, see    --
25-- <http://www.gnu.org/licenses/>.                                          --
26--                                                                          --
27-- GNAT was originally developed  by the GNAT team at  New York University. --
28-- Extensive contributions were provided by Ada Core Technologies Inc.      --
29--                                                                          --
30------------------------------------------------------------------------------
31
32--  Operating system interface facilities
33
34--  This package contains types and procedures for interfacing to the
35--  underlying OS. It is used by the GNAT compiler and by tools associated
36--  with the GNAT compiler, and therefore works for the various operating
37--  systems to which GNAT has been ported. This package will undoubtedly grow
38--  as new services are needed by various tools.
39
40--  This package tends to use fairly low-level Ada in order to not bring in
41--  large portions of the RTL. For example, functions return access to string
42--  as part of avoiding functions returning unconstrained types.
43
44--  Except where specifically noted, these routines are portable across all
45--  GNAT implementations on all supported operating systems.
46
47--  Note: this package is in the System hierarchy so that it can be directly
48--  be used by other predefined packages. User access to this package is via
49--  a renaming of this package in GNAT.OS_Lib (file g-os_lib.ads).
50
51pragma Compiler_Unit_Warning;
52
53with System;
54with System.Strings;
55
56package System.OS_Lib is
57   pragma Preelaborate;
58
59   -----------------------
60   -- String Operations --
61   -----------------------
62
63   --  These are reexported from package Strings (which was introduced to
64   --  avoid different packages declaring different types unnecessarily).
65   --  See package System.Strings for details.
66
67   subtype String_Access is Strings.String_Access;
68
69   function "=" (Left : String_Access; Right : String_Access) return Boolean
70     renames Strings."=";
71
72   procedure Free (X : in out String_Access) renames Strings.Free;
73
74   subtype String_List is Strings.String_List;
75
76   function "=" (Left : String_List; Right : String_List) return Boolean
77     renames Strings."=";
78
79   function "&" (Left : String_Access; Right : String_Access)
80     return String_List renames Strings."&";
81   function "&" (Left : String_Access; Right : String_List)
82     return String_List renames Strings."&";
83   function "&" (Left : String_List; Right : String_Access)
84     return String_List renames Strings."&";
85   function "&" (Left : String_List; Right : String_List)
86     return String_List renames Strings."&";
87
88   subtype String_List_Access is Strings.String_List_Access;
89
90   function "="
91     (Left  : String_List_Access;
92      Right : String_List_Access) return Boolean renames Strings."=";
93
94   procedure Free (Arg : in out String_List_Access) renames Strings.Free;
95
96   ---------------------
97   -- Time/Date Stuff --
98   ---------------------
99
100   type OS_Time is private;
101   --  The OS's notion of time is represented by the private type OS_Time. This
102   --  is the type returned by the File_Time_Stamp functions to obtain the time
103   --  stamp of a specified file. Functions and a procedure (modeled after the
104   --  similar subprograms in package Calendar) are provided for extracting
105   --  information from a value of this type. Although these are called GM, the
106   --  intention in the case of time stamps is not that they provide GMT times
107   --  in all cases but rather the actual (time-zone independent) time stamp of
108   --  the file (of course in Unix systems, this *is* in GMT form).
109
110   Invalid_Time : constant OS_Time;
111   --  A special unique value used to flag an invalid time stamp value
112
113   function "<"  (X : OS_Time; Y : OS_Time) return Boolean;
114   function ">"  (X : OS_Time; Y : OS_Time) return Boolean;
115   function ">=" (X : OS_Time; Y : OS_Time) return Boolean;
116   function "<=" (X : OS_Time; Y : OS_Time) return Boolean;
117   --  Basic comparison operators on OS_Time with obvious meanings. Note that
118   --  these have Intrinsic convention, so for example it is not permissible
119   --  to create accesses to any of these functions.
120
121   subtype Year_Type   is Integer range 1900 .. 2099;
122   subtype Month_Type  is Integer range    1 ..   12;
123   subtype Day_Type    is Integer range    1 ..   31;
124   subtype Hour_Type   is Integer range    0 ..   23;
125   subtype Minute_Type is Integer range    0 ..   59;
126   subtype Second_Type is Integer range    0 ..   59;
127   --  Declarations similar to those in Calendar, breaking down the time
128
129   function Current_Time return OS_Time;
130   --  Return the system clock value as OS_Time
131
132   function Current_Time_String return String;
133   --  Returns current local time in the form YYYY-MM-DD HH:MM:SS. The result
134   --  has bounds 1 .. 19.
135
136   function GM_Year    (Date : OS_Time) return Year_Type;
137   function GM_Month   (Date : OS_Time) return Month_Type;
138   function GM_Day     (Date : OS_Time) return Day_Type;
139   function GM_Hour    (Date : OS_Time) return Hour_Type;
140   function GM_Minute  (Date : OS_Time) return Minute_Type;
141   function GM_Second  (Date : OS_Time) return Second_Type;
142   --  Functions to extract information from OS_Time value in GMT form
143
144   procedure GM_Split
145     (Date   : OS_Time;
146      Year   : out Year_Type;
147      Month  : out Month_Type;
148      Day    : out Day_Type;
149      Hour   : out Hour_Type;
150      Minute : out Minute_Type;
151      Second : out Second_Type);
152   --  Analogous to the Split routine in Ada.Calendar, takes an OS_Time and
153   --  provides a representation of it as a set of component parts, to be
154   --  interpreted as a date point in UTC.
155
156   function GM_Time_Of
157     (Year   : Year_Type;
158      Month  : Month_Type;
159      Day    : Day_Type;
160      Hour   : Hour_Type;
161      Minute : Minute_Type;
162      Second : Second_Type) return OS_Time;
163   --  Analogous to the Time_Of routine in Ada.Calendar, takes a set of time
164   --  component parts to be interpreted in the local time zone, and returns
165   --  an OS_Time. Returns Invalid_Time if the creation fails.
166
167   ----------------
168   -- File Stuff --
169   ----------------
170
171   --  These routines give access to the open/creat/close/read/write level of
172   --  I/O routines in the typical C library (these functions are not part of
173   --  the ANSI C standard, but are typically available in all systems). See
174   --  also package Interfaces.C_Streams for access to the stream level
175   --  routines.
176
177   --  Note on file names. If a file name is passed as type String in any of
178   --  the following specifications, then the name is a normal Ada string and
179   --  need not be NUL-terminated. However, a trailing NUL character is
180   --  permitted, and will be ignored (more accurately, the NUL and any
181   --  characters that follow it will be ignored).
182
183   type File_Descriptor is new Integer;
184   --  Corresponds to the int file handle values used in the C routines
185
186   Standin  : constant File_Descriptor := 0;
187   Standout : constant File_Descriptor := 1;
188   Standerr : constant File_Descriptor := 2;
189   --  File descriptors for standard input output files
190
191   Invalid_FD : constant File_Descriptor := -1;
192   --  File descriptor returned when error in opening/creating file
193
194   Null_FD : constant File_Descriptor := -2;
195   --  Uninitialized file descriptor
196
197   procedure Close (FD : File_Descriptor; Status : out Boolean);
198   --  Close file referenced by FD. Status is False if the underlying service
199   --  failed. Reasons for failure include: disk full, disk quotas exceeded
200   --  and invalid file descriptor (the file may have been closed twice).
201
202   procedure Close (FD : File_Descriptor);
203   --  Close file referenced by FD. This form is used when the caller wants to
204   --  ignore any possible error (see above for error cases).
205
206   type Copy_Mode is
207     (Copy,
208      --  Copy the file. It is an error if the target file already exists. The
209      --  time stamps and other file attributes are preserved in the copy.
210
211      Overwrite,
212      --  If the target file exists, the file is replaced otherwise the file
213      --  is just copied. The time stamps and other file attributes are
214      --  preserved in the copy.
215
216      Append);
217      --  If the target file exists, the contents of the source file is
218      --  appended at the end. Otherwise the source file is just copied. The
219      --  time stamps and other file attributes are preserved if the
220      --  destination file does not exist.
221
222   type Attribute is
223     (Time_Stamps,
224      --  Copy time stamps from source file to target file. All other
225      --  attributes are set to normal default values for file creation.
226
227      Full,
228      --  All attributes are copied from the source file to the target file.
229      --  This includes the timestamps, and for example also includes
230      --  read/write/execute attributes in Unix systems.
231
232      None);
233      --  No attributes are copied. All attributes including the time stamp
234      --  values are set to normal default values for file creation.
235
236   --  Note: The default is Time_Stamps, which corresponds to the normal
237   --  default on Windows style systems. Full corresponds to the typical
238   --  effect of "cp -p" on Unix systems, and None corresponds to the typical
239   --  effect of "cp" on Unix systems.
240
241   --  Note: Time_Stamps and Full are not supported on VxWorks 5
242
243   procedure Copy_File
244     (Name     : String;
245      Pathname : String;
246      Success  : out Boolean;
247      Mode     : Copy_Mode := Copy;
248      Preserve : Attribute := Time_Stamps);
249   --  Copy a file. Name must designate a single file (no wild cards allowed).
250   --  Pathname can be a filename or directory name. In the latter case Name
251   --  is copied into the directory preserving the same file name. Mode
252   --  defines the kind of copy, see above with the default being a normal
253   --  copy in which the target file must not already exist. Success is set to
254   --  True or False indicating if the copy is successful (depending on the
255   --  specified Mode).
256
257   procedure Copy_File_Attributes
258      (From             : String;
259       To               : String;
260       Success          : out Boolean;
261       Copy_Timestamp   : Boolean := True;
262       Copy_Permissions : Boolean := True);
263   --  Copy some of the file attributes from one file to another. Both files
264   --  must exist, or Success is set to False.
265
266   procedure Copy_Time_Stamps
267     (Source  : String;
268      Dest    : String;
269      Success : out Boolean);
270   --  Copy Source file time stamps (last modification and last access time
271   --  stamps) to Dest file. Source and Dest must be valid filenames,
272   --  furthermore Dest must be writable. Success will be set to True if the
273   --  operation was successful and False otherwise.
274   --
275   --  Note: this procedure is not supported on VxWorks 5. On this platform,
276   --  Success is always set to False.
277
278   type Mode is (Binary, Text);
279   for Mode'Size use Integer'Size;
280   for Mode use (Binary => 0, Text => 1);
281   --  Used in all the Open and Create calls to specify if the file is to be
282   --  opened in binary mode or text mode. In systems like Unix, this has no
283   --  effect, but in systems capable of text mode translation, the use of
284   --  Text as the mode parameter causes the system to do CR/LF translation
285   --  and also to recognize the DOS end of file character on input. The use
286   --  of Text where appropriate allows programs to take a portable Unix view
287   --  of DOS-format files and process them appropriately.
288
289   function Create_File
290     (Name  : String;
291      Fmode : Mode) return File_Descriptor;
292   --  Creates new file with given name for writing, returning file descriptor
293   --  for subsequent use in Write calls. If the file already exists, it is
294   --  overwritten. File descriptor returned is Invalid_FD if file cannot be
295   --  successfully created.
296
297   function Create_New_File
298     (Name  : String;
299      Fmode : Mode) return File_Descriptor;
300   --  Create new file with given name for writing, returning file descriptor
301   --  for subsequent use in Write calls. This differs from Create_File in
302   --  that it fails if the file already exists. File descriptor returned is
303   --  Invalid_FD if the file exists or cannot be created.
304
305   function Create_Output_Text_File (Name : String) return File_Descriptor;
306   --  Creates new text file with given name suitable to redirect standard
307   --  output, returning file descriptor. File descriptor returned is
308   --  Invalid_FD if file cannot be successfully created.
309
310   Temp_File_Len : constant Integer := 12;
311   --  Length of name returned by Create_Temp_File call (GNAT-XXXXXX & NUL)
312
313   subtype Temp_File_Name is String (1 .. Temp_File_Len);
314   --  String subtype set by Create_Temp_File
315
316   procedure Create_Temp_File
317     (FD   : out File_Descriptor;
318      Name : out Temp_File_Name);
319   --  Create and open for writing a temporary file in the current working
320   --  directory. The name of the file and the File Descriptor are returned.
321   --  The File Descriptor returned is Invalid_FD in the case of failure. No
322   --  mode parameter is provided. Since this is a temporary file, there is no
323   --  point in doing text translation on it.
324   --
325   --  On some operating systems, the maximum number of temp files that can be
326   --  created with this procedure may be limited. When the maximum is reached,
327   --  this procedure returns Invalid_FD. On some operating systems, there may
328   --  be a race condition between processes trying to create temp files at the
329   --  same time in the same directory using this procedure.
330
331   procedure Create_Temp_File
332     (FD   : out File_Descriptor;
333      Name : out String_Access);
334   --  Create and open for writing a temporary file in the current working
335   --  directory. The name of the file and the File Descriptor are returned.
336   --  It is the responsibility of the caller to deallocate the access value
337   --  returned in Name.
338   --
339   --  The file is opened in binary mode (no text translation).
340   --
341   --  This procedure will always succeed if the current working directory is
342   --  writable. If the current working directory is not writable, then
343   --  Invalid_FD is returned for the file descriptor and null for the Name.
344   --  There is no race condition problem between processes trying to create
345   --  temp files at the same time in the same directory.
346
347   procedure Create_Temp_Output_File
348     (FD   : out File_Descriptor;
349      Name : out String_Access);
350   --  Create and open for writing a temporary file in the current working
351   --  directory suitable to redirect standard output. The name of the file and
352   --  the File Descriptor are returned. It is the responsibility of the caller
353   --  to deallocate the access value returned in Name.
354   --
355   --  The file is opened in text mode
356   --
357   --  This procedure will always succeed if the current working directory is
358   --  writable. If the current working directory is not writable, then
359   --  Invalid_FD is returned for the file descriptor and null for the Name.
360   --  There is no race condition problem between processes trying to create
361   --  temp files at the same time in the same directory.
362
363   procedure Delete_File (Name : String; Success : out Boolean);
364   --  Deletes file. Success is set True or False indicating if the delete is
365   --  successful.
366
367   function File_Length (FD : File_Descriptor) return Long_Integer;
368   pragma Import (C, File_Length, "__gnat_file_length_long");
369
370   type Large_File_Size is range -2**63 .. 2**63 - 1;
371   --  Maximum supported size for a file (8 exabytes = 8 million terabytes,
372   --  should be enough to accommodate all possible needs for quite a while).
373
374   function File_Length64 (FD : File_Descriptor) return Large_File_Size;
375   pragma Import (C, File_Length64, "__gnat_file_length");
376   --  Get length of file from file descriptor FD
377
378   function File_Time_Stamp (Name : String) return OS_Time;
379   --  Given the name of a file or directory, Name, obtains and returns the
380   --  time stamp. This function can be used for an unopened file. Returns
381   --  Invalid_Time if Name doesn't correspond to an existing file.
382
383   function File_Time_Stamp (FD : File_Descriptor) return OS_Time;
384   --  Get time stamp of file from file descriptor FD Returns Invalid_Time is
385   --  FD doesn't correspond to an existing file.
386
387   function Get_Debuggable_Suffix return String_Access;
388   --  Return the debuggable suffix convention. Usually this is the same as
389   --  the convention for Get_Executable_Suffix. The result is allocated on
390   --  the heap and should be freed after use to avoid storage leaks.
391
392   function Get_Executable_Suffix return String_Access;
393   --  Return the executable suffix convention. The result is allocated on the
394   --  heap and should be freed after use to avoid storage leaks.
395
396   function Get_Object_Suffix return String_Access;
397   --  Return the object suffix convention. The result is allocated on the heap
398   --  and should be freed after use to avoid storage leaks.
399
400   function Get_Target_Debuggable_Suffix return String_Access;
401   --  Return the target debuggable suffix convention. Usually this is the same
402   --  as the convention for Get_Executable_Suffix. The result is allocated on
403   --  the heap and should be freed after use to avoid storage leaks.
404
405   function Get_Target_Executable_Suffix return String_Access;
406   --  Return the target executable suffix convention. The result is allocated
407   --  on the heap and should be freed after use to avoid storage leaks.
408
409   function Get_Target_Object_Suffix return String_Access;
410   --  Return the target object suffix convention. The result is allocated on
411   --  the heap and should be freed after use to avoid storage leaks.
412
413   function Is_Absolute_Path (Name : String) return Boolean;
414   --  Returns True if Name is an absolute path name, i.e. it designates a
415   --  file or directory absolutely rather than relative to another directory.
416
417   function Is_Directory (Name : String) return Boolean;
418   --  Determines if the given string, Name, is the name of a directory.
419   --  Returns True if so, False otherwise. Name may be an absolute path
420   --  name or a relative path name, including a simple file name. If it is
421   --  a relative path name, it is relative to the current working directory.
422
423   function Is_Executable_File (Name : String) return Boolean;
424   --  Determines if the given string, Name, is the name of an existing file
425   --  that is executable. Returns True if so, False otherwise. Note that this
426   --  function simply interrogates the file attributes (e.g. using the C
427   --  function stat), so it does not indicate a situation in which a file may
428   --  not actually be readable due to some other process having exclusive
429   --  access.
430
431   function Is_Owner_Readable_File (Name : String) return Boolean;
432   --  Determines if the given string, Name, is the name of an existing file
433   --  that is readable. Returns True if so, False otherwise. Note that this
434   --  function simply interrogates the file attributes (e.g. using the C
435   --  function stat), so it does not indicate a situation in which a file may
436   --  not actually be readable due to some other process having exclusive
437   --  access.
438
439   function Is_Regular_File (Name : String) return Boolean;
440   --  Determines if the given string, Name, is the name of an existing
441   --  regular file. Returns True if so, False otherwise. Name may be an
442   --  absolute path name or a relative path name, including a simple file
443   --  name. If it is a relative path name, it is relative to the current
444   --  working directory.
445
446   function Is_Symbolic_Link (Name : String) return Boolean;
447   --  Determines if the given string, Name, is the path of a symbolic link on
448   --  systems that support it. Returns True if so, False if the path is not a
449   --  symbolic link or if the system does not support symbolic links.
450   --
451   --  A symbolic link is an indirect pointer to a file; its directory entry
452   --  contains the name of the file to which it is linked. Symbolic links may
453   --  span file systems and may refer to directories.
454
455   function Is_Owner_Writable_File (Name : String) return Boolean;
456   --  Determines if the given string, Name, is the name of an existing file
457   --  that is writable. Returns True if so, False otherwise. Note that this
458   --  function simply interrogates the file attributes (e.g. using the C
459   --  function stat), so it does not indicate a situation in which a file may
460   --  not actually be writable due to some other process having exclusive
461   --  access.
462
463   function Is_Read_Accessible_File (Name : String) return Boolean;
464   --  Determines if the given string, Name, is the name of an existing file
465   --  that is readable. Returns True if so, False otherwise.
466
467   function Is_Write_Accessible_File (Name : String) return Boolean;
468   --  Determines if the given string, Name, is the name of an existing file
469   --  that is writable. Returns True if so, False otherwise.
470
471   function Is_Readable_File (Name : String) return Boolean
472     renames Is_Read_Accessible_File;
473   function Is_Writable_File (Name : String) return Boolean
474     renames Is_Write_Accessible_File;
475   --  These subprograms provided for backward compatibility and should not be
476   --  used. Use Is_Owner_Readable_File/Is_Owner_Writable_File or
477   --  Is_Read_Accessible_File/Is_Write_Accessible_File instead.
478
479   function Locate_Exec_On_Path (Exec_Name : String) return String_Access;
480   --  Try to locate an executable whose name is given by Exec_Name in the
481   --  directories listed in the environment Path. If the Exec_Name does not
482   --  have the executable suffix, it will be appended before the search.
483   --  Otherwise works like Locate_Regular_File below. If the executable is
484   --  not found, null is returned.
485   --
486   --  Note that this function allocates memory for the returned value. This
487   --  memory needs to be deallocated after use.
488
489   function Locate_Regular_File
490     (File_Name : String;
491      Path      : String) return String_Access;
492   --  Try to locate a regular file whose name is given by File_Name in the
493   --  directories listed in Path. If a file is found, its full pathname is
494   --  returned; otherwise, a null pointer is returned. If the File_Name given
495   --  is an absolute pathname, then Locate_Regular_File just checks that the
496   --  file exists and is a regular file. Otherwise, if the File_Name given
497   --  includes directory information, Locate_Regular_File first checks if the
498   --  file exists relative to the current directory. If it does not, or if
499   --  the File_Name given is a simple file name, the Path argument is parsed
500   --  according to OS conventions, and for each directory in the Path a check
501   --  is made if File_Name is a relative pathname of a regular file from that
502   --  directory.
503   --
504   --  Note that this function allocates some memory for the returned value.
505   --  This memory needs to be deallocated after use.
506
507   Seek_Cur : constant := 1;
508   Seek_End : constant := 2;
509   Seek_Set : constant := 0;
510   --  Used to indicate origin for Lseek call
511
512   procedure Lseek
513     (FD     : File_Descriptor;
514      offset : Long_Integer;
515      origin : Integer);
516   pragma Import (C, Lseek, "__gnat_lseek");
517   --  Sets the current file pointer to the indicated offset value, relative
518   --  to the current position (origin = SEEK_CUR), end of file (origin =
519   --  SEEK_END), or start of file (origin = SEEK_SET).
520
521   function Normalize_Pathname
522     (Name           : String;
523      Directory      : String  := "";
524      Resolve_Links  : Boolean := True;
525      Case_Sensitive : Boolean := True) return String;
526   --  Returns a file name as an absolute path name, resolving all relative
527   --  directories, and symbolic links. If Name is a relative path, it is
528   --  interpreted relative to Directory, or to the current directory if
529   --  Directory is the empty string (the default). The result returned is
530   --  the normalized name of the file, containing no "." or ".." components,
531   --  and no duplicated directory separators. For most cases, if two file
532   --  names designate the same file through different paths,
533   --  Normalize_Pathname will return the same canonical name in both cases.
534   --  However, there are cases when this is not true; for example, this is
535   --  not true in Unix for two hard links designating the same file.
536   --
537   --  On Windows, the returned path will start with a drive letter. If
538   --  Directory is empty (the default) and Name is a relative path or an
539   --  absolute path without drive letter, the letter of the current drive
540   --  will start the returned path. If Case_Sensitive is True (the default),
541   --  then this drive letter will be forced to upper case ("C:\...").
542   --
543   --  If Resolve_Links is set to True, then the symbolic links, on systems
544   --  that support them, will be fully converted to the name of the file or
545   --  directory pointed to. This is slightly less efficient, since it
546   --  requires system calls.
547   --
548   --  If Name cannot be resolved, is invalid (for example if it is too big) or
549   --  is null on entry (for example if there is symbolic link circularity,
550   --  e.g. A is a symbolic link for B, and B is a symbolic link for A), then
551   --  Normalize_Pathname returns an empty string.
552   --
553   --  For case-sensitive file systems, the value of Case_Sensitive parameter
554   --  is ignored. For file systems that are not case-sensitive, such as
555   --  Windows, if this parameter is set to False, then the file and directory
556   --  names are folded to lower case. This allows checking whether two files
557   --  are the same by applying this function to their names and comparing the
558   --  results. If Case_Sensitive is set to True, this function does not change
559   --  the casing of file and directory names.
560
561   function Open_Append
562     (Name  : String;
563      Fmode : Mode) return File_Descriptor;
564   --  Opens file Name for appending, returning its file descriptor. File
565   --  descriptor returned is Invalid_FD if the file cannot be successfully
566   --  opened.
567
568   function Open_Read
569     (Name  : String;
570      Fmode : Mode) return File_Descriptor;
571   --  Open file Name for reading, returning its file descriptor. File
572   --  descriptor returned is Invalid_FD if the file cannot be opened.
573
574   function Open_Read_Write
575     (Name  : String;
576      Fmode : Mode) return File_Descriptor;
577   --  Open file Name for both reading and writing, returning its file
578   --  descriptor. File descriptor returned is Invalid_FD if the file
579   --  cannot be opened.
580
581   function Read
582     (FD : File_Descriptor;
583      A  : System.Address;
584      N  : Integer) return Integer;
585   --  Read N bytes to address A from file referenced by FD. Returned value is
586   --  count of bytes actually read, which can be less than N at EOF.
587
588   procedure Rename_File
589     (Old_Name : String;
590      New_Name : String;
591      Success  : out Boolean);
592   --  Rename a file. Success is set True or False indicating if the rename is
593   --  successful or not.
594   --
595   --  WARNING: In one very important respect, this function is significantly
596   --  non-portable. If New_Name already exists then on Unix systems, the call
597   --  deletes the existing file, and the call signals success. On Windows, the
598   --  call fails, without doing the rename operation. See also the procedure
599   --  Ada.Directories.Rename, which portably provides the windows semantics,
600   --  i.e. fails if the output file already exists.
601
602   --  The following defines the mode for the Copy_File procedure below. Note
603   --  that "time stamps and other file attributes" in the descriptions below
604   --  refers to the creation and last modification times, and also the file
605   --  access (read/write/execute) status flags.
606
607   procedure Set_Close_On_Exec
608     (FD            : File_Descriptor;
609      Close_On_Exec : Boolean;
610      Status        : out Boolean);
611   --  When Close_On_Exec is True, mark FD to be closed automatically when new
612   --  program is executed by the calling process (i.e. prevent FD from being
613   --  inherited by child processes). When Close_On_Exec is False, mark FD to
614   --  not be closed on exec (i.e. allow it to be inherited). Status is False
615   --  if the operation could not be performed.
616
617   S_Owner  : constant := 1;
618   S_Group  : constant := 2;
619   S_Others : constant := 4;
620   --  Constants for use in Mode parameter to Set_Executable
621
622   procedure Set_Executable (Name : String; Mode : Positive := S_Owner);
623   --  Change permissions on the file given by Name to make it executable
624   --  for its owner, group or others, according to the setting of Mode.
625   --  As indicated, the default if no Mode parameter is given is owner.
626
627   procedure Set_File_Last_Modify_Time_Stamp (Name : String; Time : OS_Time);
628   --  Given the name of a file or directory, Name, set the last modification
629   --  time stamp. This function must be used for an unopened file.
630
631   procedure Set_Non_Readable (Name : String);
632   --  Change permissions on the named file to make it non-readable for
633   --  its owner. The writable and executable permissions are not
634   --  modified.
635
636   procedure Set_Non_Writable (Name : String);
637   --  Change permissions on the named file to make it non-writable for its
638   --  owner. The readable and executable permissions are not modified.
639
640   procedure Set_Read_Only (Name : String) renames Set_Non_Writable;
641   --  This renaming is provided for backwards compatibility with previous
642   --  versions. The use of Set_Non_Writable is preferred (clearer name).
643
644   procedure Set_Readable (Name : String);
645   --  Change permissions on the named file to make it readable for its
646   --  owner.
647
648   procedure Set_Writable (Name : String);
649   --  Change permissions on the named file to make it writable for its owner
650
651   function Write
652     (FD : File_Descriptor;
653      A  : System.Address;
654      N  : Integer) return Integer;
655   --  Write N bytes from address A to file referenced by FD. The returned
656   --  value is the number of bytes written, which can be less than N if a
657   --  disk full condition was detected.
658
659   --  The following section contains low-level routines using addresses to
660   --  pass file name and executable name. In each routine the name must be
661   --  Nul-Terminated. For complete documentation refer to the equivalent
662   --  routine (using String in place of C_File_Name) defined above.
663
664   subtype C_File_Name is System.Address;
665   --  This subtype is used to document that a parameter is the address of a
666   --  null-terminated string containing the name of a file.
667
668   procedure Copy_File
669     (Name     : C_File_Name;
670      Pathname : C_File_Name;
671      Success  : out Boolean;
672      Mode     : Copy_Mode := Copy;
673      Preserve : Attribute := Time_Stamps);
674
675   procedure Copy_Time_Stamps
676     (Source  : C_File_Name;
677      Dest    : C_File_Name;
678      Success : out Boolean);
679
680   function Create_File
681     (Name  : C_File_Name;
682      Fmode : Mode) return File_Descriptor;
683
684   function Create_New_File
685     (Name  : C_File_Name;
686      Fmode : Mode) return File_Descriptor;
687
688   procedure Delete_File (Name : C_File_Name; Success : out Boolean);
689
690   function File_Time_Stamp (Name : C_File_Name) return OS_Time;
691
692   function Is_Directory (Name : C_File_Name) return Boolean;
693   function Is_Executable_File (Name : C_File_Name) return Boolean;
694   function Is_Owner_Readable_File (Name : C_File_Name) return Boolean;
695   function Is_Regular_File (Name : C_File_Name) return Boolean;
696   function Is_Symbolic_Link (Name : C_File_Name) return Boolean;
697   function Is_Owner_Writable_File (Name : C_File_Name) return Boolean;
698
699   function Locate_Regular_File
700     (File_Name : C_File_Name;
701      Path      : C_File_Name) return String_Access;
702
703   function Open_Append
704     (Name  : C_File_Name;
705      Fmode : Mode) return File_Descriptor;
706
707   function Open_Read
708     (Name  : C_File_Name;
709      Fmode : Mode) return File_Descriptor;
710
711   function Open_Read_Write
712     (Name  : C_File_Name;
713      Fmode : Mode) return File_Descriptor;
714
715   procedure Rename_File
716     (Old_Name : C_File_Name;
717      New_Name : C_File_Name;
718      Success  : out Boolean);
719
720   ------------------
721   -- Subprocesses --
722   ------------------
723
724   subtype Argument_List is String_List;
725   --  Type used for argument list in call to Spawn. The lower bound of the
726   --  array should be 1, and the length of the array indicates the number of
727   --  arguments.
728
729   subtype Argument_List_Access is String_List_Access;
730   --  Type used to return Argument_List without dragging in secondary stack.
731   --  Note that there is a Free procedure declared for this subtype which
732   --  frees the array and all referenced strings.
733
734   type Process_Id is private;
735   --  A private type used to identify a process activated by the following
736   --  non-blocking calls. The only meaningful operation on this type is a
737   --  comparison for equality.
738
739   Invalid_Pid : constant Process_Id;
740   --  A special value used to indicate errors, as described below
741
742   function Current_Process_Id return Process_Id;
743   --  Returns the current process id or Invalid_Pid if not supported by the
744   --  runtime.
745
746   function Argument_String_To_List
747     (Arg_String : String) return Argument_List_Access;
748   --  Take a string that is a program and its arguments and parse it into an
749   --  Argument_List. Note that the result is allocated on the heap, and must
750   --  be freed by the programmer (when it is no longer needed) to avoid
751   --  memory leaks.
752   --  On Windows, backslashes are used as directory separators. On Unix,
753   --  however, they are used to escape the following character, so that for
754   --  instance "-d=name\ with\ space" is a single argument. In the result
755   --  list, the backslashes have been cleaned up when needed. The previous
756   --  example will thus result a single-element array, where the element is
757   --  "-d=name with space" (Unix) or "-d=name\ with\ space" (windows).
758
759   procedure Kill (Pid : Process_Id; Hard_Kill : Boolean := True);
760   --  Kill the process designated by Pid. Does nothing if Pid is Invalid_Pid
761   --  or on platforms where it is not supported, such as VxWorks. Hard_Kill
762   --  is True by default, and when True the process is terminated immediately.
763   --  If Hard_Kill is False, then a signal SIGINT is sent to the process on
764   --  POSIX OS or a ctrl-C event on Windows, allowing the process a chance to
765   --  terminate properly using a corresponding handler.
766
767   procedure Kill_Process_Tree (Pid : Process_Id; Hard_Kill : Boolean := True);
768   --  Kill the process designated by Pid and all it's children processes.
769   --  Does nothing if Pid is Invalid_Pid or on platforms where it is not
770   --  supported, such as VxWorks. Hard_Kill is True by default, and when True
771   --  the processes are terminated immediately. If Hard_Kill is False, then a
772   --  signal SIGINT is sent to the processes on POSIX OS or a ctrl-C event
773   --  on Windows, allowing the processes a chance to terminate properly
774   --  using a corresponding handler.
775   --
776   --  Note that this routine is not atomic and is supported only on Linux
777   --  and Windows. On other OS it will only kill the process identified by
778   --  Pid.
779
780   function Non_Blocking_Spawn
781     (Program_Name : String;
782      Args         : Argument_List) return Process_Id;
783   --  This is a non blocking call. The Process_Id of the spawned process is
784   --  returned. Parameters are to be used as in Spawn. If Invalid_Pid is
785   --  returned the program could not be spawned.
786   --
787   --  Spawning processes from tasking programs is not recommended. See
788   --  "NOTE: Spawn in tasking programs" below.
789   --
790   --  This function will always return Invalid_Pid under VxWorks, since there
791   --  is no notion of executables under this OS.
792
793   function Non_Blocking_Spawn
794     (Program_Name           : String;
795      Args                   : Argument_List;
796      Output_File_Descriptor : File_Descriptor;
797      Err_To_Out             : Boolean := True) return Process_Id;
798   --  Similar to the procedure above, but redirects the output to the file
799   --  designated by Output_File_Descriptor. If Err_To_Out is True, then the
800   --  Standard Error output is also redirected. Invalid_Pid is returned
801   --  if the program could not be spawned successfully.
802   --
803   --  Spawning processes from tasking programs is not recommended. See
804   --  "NOTE: Spawn in tasking programs" below.
805   --
806   --  This function will always return Invalid_Pid under VxWorks, since there
807   --  is no notion of executables under this OS.
808
809   function Non_Blocking_Spawn
810     (Program_Name : String;
811      Args         : Argument_List;
812      Output_File  : String;
813      Err_To_Out   : Boolean := True) return Process_Id;
814   --  Similar to the procedure above, but saves the output of the command to
815   --  a file with the name Output_File.
816   --
817   --  Invalid_Pid is returned if the output file could not be created or if
818   --  the program could not be spawned successfully.
819   --
820   --  Spawning processes from tasking programs is not recommended. See
821   --  "NOTE: Spawn in tasking programs" below.
822   --
823   --  This function will always return Invalid_Pid under VxWorks, since there
824   --  is no notion of executables under this OS.
825
826   function Non_Blocking_Spawn
827     (Program_Name : String;
828      Args         : Argument_List;
829      Stdout_File  : String;
830      Stderr_File  : String) return Process_Id;
831   --  Similar to the procedure above, but saves the standard output of the
832   --  command to a file with the name Stdout_File and the standard output
833   --  of the command to a file with the name Stderr_File.
834
835   procedure Normalize_Arguments (Args : in out Argument_List);
836   --  Normalize all arguments in the list. This ensure that the argument list
837   --  is compatible with the running OS and will works fine with Spawn and
838   --  Non_Blocking_Spawn for example. If Normalize_Arguments is called twice
839   --  on the same list it will do nothing the second time. Note that Spawn
840   --  and Non_Blocking_Spawn call Normalize_Arguments automatically, but
841   --  since there is a guarantee that a second call does nothing, this
842   --  internal call will have no effect if Normalize_Arguments is called
843   --  before calling Spawn. The call to Normalize_Arguments assumes that the
844   --  individual referenced arguments in Argument_List are on the heap, and
845   --  may free them and reallocate if they are modified.
846
847   function Pid_To_Integer (Pid : Process_Id) return Integer;
848   --  Convert a process id to an Integer. Useful for writing hash functions
849   --  for type Process_Id or to compare two Process_Id (e.g. for sorting).
850
851   procedure Spawn
852     (Program_Name : String;
853      Args         : Argument_List;
854      Success      : out Boolean);
855   --  This procedure spawns a program with a given list of arguments. The
856   --  first parameter of is the name of the executable. The second parameter
857   --  contains the arguments to be passed to this program. Success is False
858   --  if the named program could not be spawned or its execution completed
859   --  unsuccessfully. Note that the caller will be blocked until the
860   --  execution of the spawned program is complete. For maximum portability,
861   --  use a full path name for the Program_Name argument. On some systems
862   --  (notably Unix systems) a simple file name may also work (if the
863   --  executable can be located in the path).
864   --
865   --  Spawning processes from tasking programs is not recommended. See
866   --  "NOTE: Spawn in tasking programs" below.
867   --
868   --  Note: Arguments in Args that contain spaces and/or quotes such as
869   --  "--GCC=gcc -v" or "--GCC=""gcc -v""" are not portable across all
870   --  operating systems, and would not have the desired effect if they were
871   --  passed directly to the operating system. To avoid this problem, Spawn
872   --  makes an internal call to Normalize_Arguments, which ensures that such
873   --  arguments are modified in a manner that ensures that the desired effect
874   --  is obtained on all operating systems. The caller may call
875   --  Normalize_Arguments explicitly before the call (e.g. to print out the
876   --  exact form of arguments passed to the operating system). In this case
877   --  the guarantee a second call to Normalize_Arguments has no effect
878   --  ensures that the internal call will not affect the result. Note that
879   --  the implicit call to Normalize_Arguments may free and reallocate some
880   --  of the individual arguments.
881   --
882   --  This function will always set Success to False under VxWorks and other
883   --  similar operating systems which have no notion of the concept of
884   --  dynamically executable file. Otherwise Success is set True if the exit
885   --  status of the spawned process is zero.
886
887   function Spawn
888     (Program_Name : String;
889      Args         : Argument_List) return Integer;
890   --  Similar to the above procedure, but returns the actual status returned
891   --  by the operating system, or -1 under VxWorks and any other similar
892   --  operating systems which have no notion of separately spawnable programs.
893   --
894   --  Spawning processes from tasking programs is not recommended. See
895   --  "NOTE: Spawn in tasking programs" below.
896
897   procedure Spawn
898     (Program_Name           : String;
899      Args                   : Argument_List;
900      Output_File_Descriptor : File_Descriptor;
901      Return_Code            : out Integer;
902      Err_To_Out             : Boolean := True);
903   --  Similar to the procedure above, but redirects the output to the file
904   --  designated by Output_File_Descriptor. If Err_To_Out is True, then the
905   --  Standard Error output is also redirected.
906   --  Return_Code is set to the status code returned by the operating system
907   --
908   --  Spawning processes from tasking programs is not recommended. See
909   --  "NOTE: Spawn in tasking programs" below.
910
911   procedure Spawn
912     (Program_Name : String;
913      Args         : Argument_List;
914      Output_File  : String;
915      Success      : out Boolean;
916      Return_Code  : out Integer;
917      Err_To_Out   : Boolean := True);
918   --  Similar to the procedure above, but saves the output of the command to
919   --  a file with the name Output_File.
920   --
921   --  Success is set to True if the command is executed and its output
922   --  successfully written to the file. If Success is True, then Return_Code
923   --  will be set to the status code returned by the operating system.
924   --  Otherwise, Return_Code is undefined.
925   --
926   --  Spawning processes from tasking programs is not recommended. See
927   --  "NOTE: Spawn in tasking programs" below.
928
929   procedure Wait_Process (Pid : out Process_Id; Success : out Boolean);
930   --  Wait for the completion of any of the processes created by previous
931   --  calls to Non_Blocking_Spawn. The caller will be suspended until one of
932   --  these processes terminates (normally or abnormally). If any of these
933   --  subprocesses terminates prior to the call to Wait_Process (and has not
934   --  been returned by a previous call to Wait_Process), then the call to
935   --  Wait_Process is immediate. Pid identifies the process that has
936   --  terminated (matching the value returned from Non_Blocking_Spawn).
937   --  Success is set to True if this sub-process terminated successfully. If
938   --  Pid = Invalid_Pid, there were no subprocesses left to wait on.
939   --
940   --  This function will always set success to False under VxWorks, since
941   --  there is no notion of executables under this OS.
942
943   procedure Non_Blocking_Wait_Process
944     (Pid : out Process_Id; Success : out Boolean);
945   --  Same as Wait_Process, except if there are no completed child processes,
946   --  return immediately without blocking, and return Invalid_Pid in Pid.
947   --  Not supported on all platforms; Success = False if not supported.
948
949   -------------------------------------
950   -- NOTE: Spawn in Tasking Programs --
951   -------------------------------------
952
953   --  Spawning processes in tasking programs using the above Spawn and
954   --  Non_Blocking_Spawn subprograms is not recommended, because there are
955   --  subtle interactions between creating a process and signals/locks that
956   --  can cause trouble. These issues are not specific to Ada; they depend
957   --  primarily on the operating system.
958
959   --  If you need to spawn processes in a tasking program, you will need to
960   --  understand the semantics of your operating system, and you are likely to
961   --  write non-portable code, because operating systems differ in this area.
962
963   --  The Spawn and Non_Blocking_Spawn subprograms call the following
964   --  operating system functions:
965
966   --     On Windows: spawnvp (blocking) or CreateProcess (non-blocking)
967
968   --     On Solaris: fork1, followed in the child process by execv
969
970   --     On other Unix-like systems: fork, followed in the child
971   --     process by execv.
972
973   --     On vxworks, spawning of processes is not supported
974
975   --  For details, look at the functions __gnat_portable_spawn and
976   --  __gnat_portable_no_block_spawn in adaint.c.
977
978   --  You should read the operating-system-specific documentation for the
979   --  above functions, paying special attention to subtle interactions with
980   --  threading, signals, locks, and file descriptors. Most of the issues are
981   --  related to the fact that on Unix, there is a window of time between fork
982   --  and execv; Windows does not have this problem, because spawning is done
983   --  in a single operation.
984
985   --  On Posix-compliant systems, such as Linux, fork duplicates just the
986   --  calling thread. (On Solaris, fork1 is the Posix-compliant version of
987   --  fork.)
988
989   --  You should avoid using signals while spawning. This includes signals
990   --  used internally by the Ada run-time system, such as timer signals used
991   --  to implement delay statements.
992
993   --  It is best to spawn any subprocesses very early, before the parent
994   --  process creates tasks, locks, or installs signal handlers. Certainly
995   --  avoid doing simultaneous spawns from multiple threads of the same
996   --  process.
997
998   --  There is no problem spawning a subprocess that uses tasking: the
999   --  problems are caused only by tasking in the parent.
1000
1001   --  If the parent is using tasking, and needs to spawn subprocesses at
1002   --  arbitrary times, one technique is for the parent to spawn (very early)
1003   --  a particular spawn-manager subprocess whose job is to spawn other
1004   --  processes. The spawn-manager must avoid tasking. The parent sends
1005   --  messages to the spawn-manager requesting it to spawn processes, using
1006   --  whatever inter-process communication mechanism you like, such as
1007   --  sockets.
1008
1009   --  In short, mixing spawning of subprocesses with tasking is a tricky
1010   --  business, and should be avoided if possible, but if it is necessary,
1011   --  the above guidelines should be followed, and you should beware of
1012   --  portability problems.
1013
1014   -------------------
1015   -- Miscellaneous --
1016   -------------------
1017
1018   function Errno return Integer;
1019   pragma Import (C, Errno, "__get_errno");
1020   --  Return the task-safe last error number
1021
1022   function Errno_Message
1023     (Err     : Integer := Errno;
1024      Default : String  := "") return String;
1025   --  Return a message describing the given Errno value. If none is provided
1026   --  by the system, return Default if not empty, else return a generic
1027   --  message indicating the numeric errno value.
1028
1029   function Getenv (Name : String) return String_Access;
1030   --  Get the value of the environment variable. Returns an access to the
1031   --  empty string if the environment variable does not exist or has an
1032   --  explicit null value (in some operating systems these are distinct
1033   --  cases, in others they are not; this interface abstracts away that
1034   --  difference. The argument is allocated on the heap (even in the null
1035   --  case), and needs to be freed explicitly when no longer needed to avoid
1036   --  memory leaks.
1037
1038   procedure OS_Abort;
1039   pragma Import (C, OS_Abort, "abort");
1040   pragma No_Return (OS_Abort);
1041   --  Exit to OS signalling an abort (traceback or other appropriate
1042   --  diagnostic information should be given if possible, or entry made to
1043   --  the debugger if that is possible).
1044
1045   procedure OS_Exit (Status : Integer);
1046   pragma No_Return (OS_Exit);
1047   --  Exit to OS with given status code (program is terminated). Note that
1048   --  this is abrupt termination. All tasks are immediately terminated. There
1049   --  are no finalization or other Ada-specific cleanup actions performed. On
1050   --  systems with atexit handlers (such as Unix and Windows), atexit handlers
1051   --  are called.
1052
1053   type OS_Exit_Subprogram is access procedure (Status : Integer);
1054
1055   procedure OS_Exit_Default (Status : Integer);
1056   pragma No_Return (OS_Exit_Default);
1057   --  Default implementation of procedure OS_Exit
1058
1059   OS_Exit_Ptr : OS_Exit_Subprogram := OS_Exit_Default'Access;
1060   --  OS_Exit is implemented through this access value. It it then possible to
1061   --  change the implementation of OS_Exit by redirecting OS_Exit_Ptr to an
1062   --  other implementation.
1063
1064   procedure Set_Errno (Errno : Integer);
1065   pragma Import (C, Set_Errno, "__set_errno");
1066   --  Set the task-safe error number
1067
1068   procedure Setenv (Name : String; Value : String);
1069   --  Set the value of the environment variable Name to Value. This call
1070   --  modifies the current environment, but does not modify the parent
1071   --  process environment. After a call to Setenv, Getenv (Name) will always
1072   --  return a String_Access referencing the same String as Value. This is
1073   --  true also for the null string case (the actual effect may be to either
1074   --  set an explicit null as the value, or to remove the entry, this is
1075   --  operating system dependent). Note that any following calls to Spawn
1076   --  will pass an environment to the spawned process that includes the
1077   --  changes made by Setenv calls.
1078
1079   Directory_Separator : constant Character;
1080   --  The character that is used to separate parts of a pathname
1081
1082   Path_Separator : constant Character;
1083   --  The character to separate paths in an environment variable value
1084
1085private
1086   pragma Import (C, Path_Separator, "__gnat_path_separator");
1087   pragma Import (C, Directory_Separator, "__gnat_dir_separator");
1088   pragma Import (C, Current_Time, "__gnat_current_time");
1089   pragma Import (C, Current_Process_Id, "__gnat_current_process_id");
1090
1091   type OS_Time is
1092     range -(2 ** (Standard'Address_Size - Integer'(1))) ..
1093           +(2 ** (Standard'Address_Size - Integer'(1)) - 1);
1094   --  Type used for timestamps in the compiler. This type is used to hold
1095   --  time stamps, but may have a different representation than C's time_t.
1096   --  This type needs to match the declaration of OS_Time in adaint.h.
1097
1098   --  Add pragma Inline statements for comparison operations on OS_Time. It
1099   --  would actually be nice to use pragma Import (Intrinsic) here, but this
1100   --  was not properly supported till GNAT 3.15a, so that would cause
1101   --  bootstrap path problems. To be changed later ???
1102
1103   Invalid_Time : constant OS_Time := -1;
1104   --  This value should match the return value from __gnat_file_time_*
1105
1106   pragma Inline ("<");
1107   pragma Inline (">");
1108   pragma Inline ("<=");
1109   pragma Inline (">=");
1110
1111   type Process_Id is new Integer;
1112   Invalid_Pid : constant Process_Id := -1;
1113
1114end System.OS_Lib;
1115