[Ada] Adapt ghost code to maintain proof

Message ID	20220111133212.GA748677@adacore.com
State	New
Headers	show Return-Path: <gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org> DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org D846338A9439 Date: Tue, 11 Jan 2022 13:32:12 +0000 To: gcc-patches@gcc.gnu.org Subject: [Ada] Adapt ghost code to maintain proof Message-ID: <20220111133212.GA748677@adacore.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="EeQfGwPcQSOJBaQU" Content-Disposition: inline Precedence: list From: Pierre-Marie de Rodat via Gcc-patches <gcc-patches@gcc.gnu.org> Reply-To: Pierre-Marie de Rodat <derodat@adacore.com> Cc: Yannick Moy <moy@adacore.com> Errors-To: gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org Sender: "Gcc-patches" <gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org>
Series	[Ada] Adapt ghost code to maintain proof \| expand [Ada] Adapt ghost code to maintain proof

Message ID

20220111133212.GA748677@adacore.com

State

New

Headers

DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org D846338A9439
Date: Tue, 11 Jan 2022 13:32:12 +0000
To: gcc-patches@gcc.gnu.org
Subject: [Ada] Adapt ghost code to maintain proof
Message-ID: <20220111133212.GA748677@adacore.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="EeQfGwPcQSOJBaQU"
Content-Disposition: inline
Precedence: list
From: Pierre-Marie de Rodat via Gcc-patches <gcc-patches@gcc.gnu.org>
Reply-To: Pierre-Marie de Rodat <derodat@adacore.com>
Cc: Yannick Moy <moy@adacore.com>
Errors-To: gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org
Sender: "Gcc-patches"
 <gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org>

Series

[Ada] Adapt ghost code to maintain proof | expand

Commit Message

Pierre-Marie de Rodat Jan. 11, 2022, 1:32 p.m. UTC

Add two assertions that are now required for the proof of System.Exp_Mod
to go through.

Tested on x86_64-pc-linux-gnu, committed on trunk

gcc/ada/

	* libgnat/s-expmod.adb (Exp_Modular): Add assertions.

diff --git a/gcc/ada/libgnat/s-expmod.adb b/gcc/ada/libgnat/s-expmod.adb
--- a/gcc/ada/libgnat/s-expmod.adb
+++ b/gcc/ada/libgnat/s-expmod.adb
@@ -278,6 +278,7 @@  is
                  (Big (Result) * Big (Factor) ** (Exp - 1),
                   Big (Left) ** Right));
                Lemma_Exp_Expand (Big (Factor), Exp - 1);
+               pragma Assert (Exp / 2 = (Exp - 1) / 2);
             end if;
 
             Lemma_Exp_Expand (Big (Factor), Exp);
@@ -286,6 +287,8 @@  is
             exit when Exp = 0;
 
             Rest := Big (Factor) ** Exp;
+            pragma Assert (Equal_Modulo
+              (Big (Result) * (Rest * Rest), Big (Left) ** Right));
             Lemma_Exp_Mod (Big (Factor) * Big (Factor), Exp, Big (Modulus));
             pragma Assert
               ((Big (Factor) * Big (Factor)) ** Exp = Rest * Rest);

[Ada] Adapt ghost code to maintain proof

Commit Message

Patch