From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pmderodat@sourceware.org>
Received: by sourceware.org (Postfix, from userid 1914)
 id 33EB43857C50; Wed, 18 May 2022 08:44:08 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 33EB43857C50
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
From: Pierre-Marie de Rodat <pmderodat@gcc.gnu.org>
To: gcc-cvs@gcc.gnu.org
Subject: [gcc r13-599] [Ada] Fix proof of runtime units
X-Act-Checkin: gcc
X-Git-Author: Yannick Moy <moy@adacore.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 5b0e8d6937f7857e3dc7486a989e0c72d478c1ed
X-Git-Newrev: 3c63f73051458b24298eb82ddd109bbc6a453464
Message-Id: <20220518084408.33EB43857C50@sourceware.org>
Date: Wed, 18 May 2022 08:44:08 +0000 (GMT)
X-BeenThere: gcc-cvs@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-cvs mailing list <gcc-cvs.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-cvs>,
 <mailto:gcc-cvs-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-cvs/>
List-Help: <mailto:gcc-cvs-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-cvs>,
 <mailto:gcc-cvs-request@gcc.gnu.org?subject=subscribe>
X-List-Received-Date: Wed, 18 May 2022 08:44:08 -0000

https://gcc.gnu.org/g:3c63f73051458b24298eb82ddd109bbc6a453464

commit r13-599-g3c63f73051458b24298eb82ddd109bbc6a453464
Author: Yannick Moy <moy@adacore.com>
Date:   Mon Apr 4 17:38:57 2022 +0200

    [Ada] Fix proof of runtime units
    
    Update to latest version of Why3 caused some proof regressions.
    Fix the proof by changing ghost code.
    
    gcc/ada/
    
            * libgnat/s-imagei.adb (Set_Digits): Add assertion.
            * libgnat/s-imgboo.adb (Image_Boolean): Add assertions.
            * libgnat/s-valueu.adb (Scan_Raw_Unsigned): Add assertion.

Diff:
---
 gcc/ada/libgnat/s-imagei.adb | 2 ++
 gcc/ada/libgnat/s-imgboo.adb | 6 ++++++
 gcc/ada/libgnat/s-valueu.adb | 1 +
 3 files changed, 9 insertions(+)

diff --git a/gcc/ada/libgnat/s-imagei.adb b/gcc/ada/libgnat/s-imagei.adb
index f340d139e26..ff853d3ac6b 100644
--- a/gcc/ada/libgnat/s-imagei.adb
+++ b/gcc/ada/libgnat/s-imagei.adb
@@ -388,6 +388,8 @@ package body System.Image_I is
          Prove_Uns_Of_Non_Positive_Value;
          pragma Assert (Uns_Value rem 10 = Uns_Of_Non_Positive (Value rem 10));
          pragma Assert (Uns_Value rem 10 = Uns (-(Value rem 10)));
+         pragma Assert
+           (Uns_Value = From_Big (Big (Uns_T) / Big_10 ** (Nb_Digits - J)));
 
          Prev_Value := Uns_Value;
          Prev_S := S;
diff --git a/gcc/ada/libgnat/s-imgboo.adb b/gcc/ada/libgnat/s-imgboo.adb
index 221c0c6c87f..eb2cc96a638 100644
--- a/gcc/ada/libgnat/s-imgboo.adb
+++ b/gcc/ada/libgnat/s-imgboo.adb
@@ -37,6 +37,8 @@ pragma Assertion_Policy (Ghost          => Ignore,
                          Loop_Invariant => Ignore,
                          Assert         => Ignore);
 
+with System.Val_Util;
+
 package body System.Img_Bool
   with SPARK_Mode
 is
@@ -55,9 +57,13 @@ is
       if V then
          S (1 .. 4) := "TRUE";
          P := 4;
+         pragma Assert
+           (System.Val_Util.First_Non_Space_Ghost (S, S'First, S'Last) = 1);
       else
          S (1 .. 5) := "FALSE";
          P := 5;
+         pragma Assert
+           (System.Val_Util.First_Non_Space_Ghost (S, S'First, S'Last) = 1);
       end if;
    end Image_Boolean;
 
diff --git a/gcc/ada/libgnat/s-valueu.adb b/gcc/ada/libgnat/s-valueu.adb
index 461d957b1cb..b8bfd447237 100644
--- a/gcc/ada/libgnat/s-valueu.adb
+++ b/gcc/ada/libgnat/s-valueu.adb
@@ -645,6 +645,7 @@ package body System.Value_U is
 
       Scan_Exponent (Str, Ptr, Max, Expon);
 
+      pragma Assert (Ptr.all = Raw_Unsigned_Last_Ghost (Str, Ptr_Old, Max));
       pragma Assert
         (if Starts_As_Exponent_Format_Ghost (Str (First_Exp .. Max))
          then Expon = Scan_Exponent_Ghost (Str (First_Exp .. Max)));