diff options
| author | Yannick Moy <moy@adacore.com> | 2022-04-04 17:38:57 +0200 |
|---|---|---|
| committer | Pierre-Marie de Rodat <derodat@adacore.com> | 2022-05-18 08:41:04 +0000 |
| commit | 3c63f73051458b24298eb82ddd109bbc6a453464 (patch) | |
| tree | d631f84ab206cb131d325cce839787f38cf4024b /gcc | |
| parent | 5b0e8d6937f7857e3dc7486a989e0c72d478c1ed (diff) | |
| download | gcc-3c63f73051458b24298eb82ddd109bbc6a453464.zip gcc-3c63f73051458b24298eb82ddd109bbc6a453464.tar.gz gcc-3c63f73051458b24298eb82ddd109bbc6a453464.tar.bz2 | |
[Ada] Fix proof of runtime units
Update to latest version of Why3 caused some proof regressions.
Fix the proof by changing ghost code.
gcc/ada/
* libgnat/s-imagei.adb (Set_Digits): Add assertion.
* libgnat/s-imgboo.adb (Image_Boolean): Add assertions.
* libgnat/s-valueu.adb (Scan_Raw_Unsigned): Add assertion.
Diffstat (limited to 'gcc')
| -rw-r--r-- | gcc/ada/libgnat/s-imagei.adb | 2 | ||||
| -rw-r--r-- | gcc/ada/libgnat/s-imgboo.adb | 6 | ||||
| -rw-r--r-- | gcc/ada/libgnat/s-valueu.adb | 1 |
3 files changed, 9 insertions, 0 deletions
diff --git a/gcc/ada/libgnat/s-imagei.adb b/gcc/ada/libgnat/s-imagei.adb index f340d13..ff853d3 100644 --- a/gcc/ada/libgnat/s-imagei.adb +++ b/gcc/ada/libgnat/s-imagei.adb @@ -388,6 +388,8 @@ package body System.Image_I is Prove_Uns_Of_Non_Positive_Value; pragma Assert (Uns_Value rem 10 = Uns_Of_Non_Positive (Value rem 10)); pragma Assert (Uns_Value rem 10 = Uns (-(Value rem 10))); + pragma Assert + (Uns_Value = From_Big (Big (Uns_T) / Big_10 ** (Nb_Digits - J))); Prev_Value := Uns_Value; Prev_S := S; diff --git a/gcc/ada/libgnat/s-imgboo.adb b/gcc/ada/libgnat/s-imgboo.adb index 221c0c6..eb2cc96 100644 --- a/gcc/ada/libgnat/s-imgboo.adb +++ b/gcc/ada/libgnat/s-imgboo.adb @@ -37,6 +37,8 @@ pragma Assertion_Policy (Ghost => Ignore, Loop_Invariant => Ignore, Assert => Ignore); +with System.Val_Util; + package body System.Img_Bool with SPARK_Mode is @@ -55,9 +57,13 @@ is if V then S (1 .. 4) := "TRUE"; P := 4; + pragma Assert + (System.Val_Util.First_Non_Space_Ghost (S, S'First, S'Last) = 1); else S (1 .. 5) := "FALSE"; P := 5; + pragma Assert + (System.Val_Util.First_Non_Space_Ghost (S, S'First, S'Last) = 1); end if; end Image_Boolean; diff --git a/gcc/ada/libgnat/s-valueu.adb b/gcc/ada/libgnat/s-valueu.adb index 461d957..b8bfd44 100644 --- a/gcc/ada/libgnat/s-valueu.adb +++ b/gcc/ada/libgnat/s-valueu.adb @@ -645,6 +645,7 @@ package body System.Value_U is Scan_Exponent (Str, Ptr, Max, Expon); + pragma Assert (Ptr.all = Raw_Unsigned_Last_Ghost (Str, Ptr_Old, Max)); pragma Assert (if Starts_As_Exponent_Format_Ghost (Str (First_Exp .. Max)) then Expon = Scan_Exponent_Ghost (Str (First_Exp .. Max))); |