From patchwork Wed May 18 08:43:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pierre-Marie de Rodat X-Patchwork-Id: 1632678 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.a=rsa-sha256 header.s=default header.b=pQiWF62Z; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gcc.gnu.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org; envelope-from=gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4L36XW0dJ8z9sGC for ; Wed, 18 May 2022 19:05:47 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id EFE34385741C for ; Wed, 18 May 2022 09:05:44 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org EFE34385741C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1652864745; bh=L49pcZzpkrzV+tHmtRHb7LDr5oAQde8f7zXHodtXedY=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc:From; b=pQiWF62Zy8LIugdTNwph7/IX24yyrIBTbJ3ZUlKWODkGCuGuHIfl3/+MCJLztWrv/ 2kDHmUYwBCyoFwgT/op/AHkSqIrRw9kTq3XOw4+itEly3j3pkjP7mrniM38QPZ7+zQ +KeWp0EZ/xq7H4pXu6b678hUGlHHTaOst1EOmZxo= X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) by sourceware.org (Postfix) with ESMTPS id AF1193858C53 for ; Wed, 18 May 2022 08:43:28 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org AF1193858C53 Received: by mail-wm1-x329.google.com with SMTP id m62so696742wme.5 for ; Wed, 18 May 2022 01:43:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version :content-disposition; bh=L49pcZzpkrzV+tHmtRHb7LDr5oAQde8f7zXHodtXedY=; b=Z13GOV97gcHqpFSIJuX6pG2Fi0SQPHx/Cf26tVwX+BrfUD2FBOlGveMkh6K0S+kubp goJi/XnwsSURGY7dfqkGoN/QDrfDyGE9MFouZTGUbo7Ljug1ZW9NyohJBOQwzmsLpVXr ivOreVxciD8nUjbBCjXuSAhDhIU56NZ+X/YlG3gSZvibUemDaYeVn5djS5WjVYwkNUN7 dm5A0IOZXx8aSv/fb/iv2S2+cavLZ+DY+dZ80o62zWb9B73da4QyzfxJSmHcrvo0t8EI HIkABlPqB56KD2YFJpk73Rk3JS7te9E8FQpHXSJCug/wo1XRDvoAXkJZ3Iq//i0i/ZTa w4hw== X-Gm-Message-State: AOAM532sxrPVqh5+qC6GW98h1T6FzVDHM4YpLARCftJLEbg/ehgiVBQg dZzPoL7xHkuA+H9020u563Gf62CY4kLO/A== X-Google-Smtp-Source: ABdhPJzrYKII+Kvq9UydqJ5xygI6fjQW+/+Ccmg6mjPR4gTq+/OVNt8e98NSQLZhArLocTqe7iDRbw== X-Received: by 2002:a05:600c:2210:b0:393:ffb8:2985 with SMTP id z16-20020a05600c221000b00393ffb82985mr34807477wml.167.1652863407527; Wed, 18 May 2022 01:43:27 -0700 (PDT) Received: from adacore.com ([45.147.211.82]) by smtp.gmail.com with ESMTPSA id s18-20020adfbc12000000b0020e5e906e47sm1349037wrg.75.2022.05.18.01.43.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 May 2022 01:43:26 -0700 (PDT) Date: Wed, 18 May 2022 08:43:26 +0000 To: gcc-patches@gcc.gnu.org Subject: [Ada] Fix proof of runtime unit s-valeu Message-ID: <20220518084326.GA3375040@adacore.com> MIME-Version: 1.0 Content-Disposition: inline X-Spam-Status: No, score=-13.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Pierre-Marie de Rodat via Gcc-patches From: Pierre-Marie de Rodat Reply-To: Pierre-Marie de Rodat Cc: Claire Dross Errors-To: gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org Sender: "Gcc-patches" Update to provers caused some proof regressions. Fix the proof by changing ghost code. Tested on x86_64-pc-linux-gnu, committed on trunk gcc/ada/ * libgnat/s-valueu.adb (Scan_Raw_Unsigned): Add assertions. diff --git a/gcc/ada/libgnat/s-valueu.adb b/gcc/ada/libgnat/s-valueu.adb --- a/gcc/ada/libgnat/s-valueu.adb +++ b/gcc/ada/libgnat/s-valueu.adb @@ -522,6 +522,9 @@ package body System.Value_U is Uval := Base; Base := 10; pragma Assert (Ptr.all = Last_Num_Init + 1); + pragma Assert + (if Starts_As_Based then P = Last_Num_Based + 1); + pragma Assert (not Is_Based); pragma Assert (if not Overflow then Uval = Init_Val.Value); exit; end if; @@ -569,10 +572,6 @@ package body System.Value_U is end if; end if; - Lemma_Scan_Digit - (Str, P, Last_Num_Based, Digit, Base, Old_Uval, Uval, - Based_Val, Old_Overflow, Overflow); - -- If at end of string with no base char, not a based number -- but we signal Constraint_Error and set the pointer past -- the end of the field, since this is what the ACVC tests @@ -580,6 +579,10 @@ package body System.Value_U is P := P + 1; + Lemma_Scan_Digit + (Str, P - 1, Last_Num_Based, Digit, Base, Old_Uval, Uval, + Based_Val, Old_Overflow, Overflow); + if P > Max then Ptr.all := P; Bad_Value (Str); @@ -590,6 +593,7 @@ package body System.Value_U is if Str (P) = Base_Char then Ptr.all := P + 1; pragma Assert (Ptr.all = Last_Num_Based + 2); + pragma Assert (Is_Based); pragma Assert (if not Overflow then Based_Val = Scan_Based_Number_Ghost