| commit | 76bbe3972ba78757abdb3bb06cccc0b461914b01 | |
| author | Yannick Moy <moy@adacore.com> | |
| Mon, 15 Nov 2021 20:36:34 +0000 (15 21:36 +0100) | ||
| committer | Pierre-Marie de Rodat <derodat@adacore.com> | |
| Thu, 2 Dec 2021 16:26:20 +0000 (2 16:26 +0000) | ||
| tree | ebef10b159d8b7902a3e2129ae1d438b6d0b9b1a | treesnapshot (tar.gz zip) |
| parent | 7e650bf84bf61e88f05ffbf39ca677a1e3d2714a | commitdiff |
[Ada] Proof of Interfaces.C with SPARK
gcc/ada/
* libgnat/i-c.adb: Add ghost code.
(C_Length_Ghost): New ghost functions to query the C length of a
string.
(To_Ada): Insert constant Count_Cst where needed to comply with
SPARK. Homogeneize code between variants for char, wchar_t,
char16_t and char32_t. Use char16_nul and char32_nul
systematically instead of their value. Fix the type of index To
to be Integer instead of Positive, to avoid a possible range
check failure on an empty Target. Insert an exit statement to
avoid a possible overflow failure when the last index in Target
is Natural'Last (possibly on a small string as well).
* libgnat/i-c.ads: Add contracts.
(C_Length_Ghost): New ghost functions to query the C length of a
string.
* libgnat/s-os_lib.adb: Remove pragma Compiler_Unit_Warning
causing a spurious error during compilation of GNAT, as this
pragma is not needed anymore now that we bootstrap (stage1) with
the base compiler runtime.
gcc/ada/
* libgnat/i-c.adb: Add ghost code.
(C_Length_Ghost): New ghost functions to query the C length of a
string.
(To_Ada): Insert constant Count_Cst where needed to comply with
SPARK. Homogeneize code between variants for char, wchar_t,
char16_t and char32_t. Use char16_nul and char32_nul
systematically instead of their value. Fix the type of index To
to be Integer instead of Positive, to avoid a possible range
check failure on an empty Target. Insert an exit statement to
avoid a possible overflow failure when the last index in Target
is Natural'Last (possibly on a small string as well).
* libgnat/i-c.ads: Add contracts.
(C_Length_Ghost): New ghost functions to query the C length of a
string.
* libgnat/s-os_lib.adb: Remove pragma Compiler_Unit_Warning
causing a spurious error during compilation of GNAT, as this
pragma is not needed anymore now that we bootstrap (stage1) with
the base compiler runtime.
| gcc/ada/libgnat/i-c.adb | diffblobblamehistory | |
| gcc/ada/libgnat/i-c.ads | diffblobblamehistory | |
| gcc/ada/libgnat/s-os_lib.adb | diffblobblamehistory |