From patchwork Tue Jan 11 13:32:24 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Pierre-Marie de Rodat <derodat@adacore.com>
X-Patchwork-Id: 49858
Return-Path: <gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id C123538A9430
	for <patchwork@sourceware.org>; Tue, 11 Jan 2022 13:59:24 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org C123538A9430
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1641909564;
	bh=kB6jbjQNN9t8WptuahhJIVQCyPvw3leknWmuZfVauLU=;
	h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:
	 List-Help:List-Subscribe:From:Reply-To:Cc:From;
	b=ApUoIhxAwEMMz7ZHmRi8cUfhCJq8/gLrSxiYWj0glc3UJTwCTeufaV/Uz6C82ou7d
	 SzdAP0qlwWuAEvM8eI4RmNlxq/8TLHCd0NWQzm8yemIDBrg144A/wOw/mOf8IRMfsw
	 /hdSWemcxX0qGnDqf4khMSPVYzGkRrZHsWL+Y2vU=
X-Original-To: gcc-patches@gcc.gnu.org
Delivered-To: gcc-patches@gcc.gnu.org
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com
 [IPv6:2a00:1450:4864:20::431])
 by sourceware.org (Postfix) with ESMTPS id ACED038A9432
 for <gcc-patches@gcc.gnu.org>; Tue, 11 Jan 2022 13:32:26 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org ACED038A9432
Received: by mail-wr1-x431.google.com with SMTP id o3so32968987wrh.10
 for <gcc-patches@gcc.gnu.org>; Tue, 11 Jan 2022 05:32:26 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version
 :content-disposition;
 bh=kB6jbjQNN9t8WptuahhJIVQCyPvw3leknWmuZfVauLU=;
 b=Wm1UyVBB44BX4/n8K6L2fCQ+hlMsZ1HhJYKcWXMKzWJcnZfhsfDC1sOH7BXYWj9ZZp
 O+fS529xw9sYf95+atsQJ4w2zVsZNSUQiSksZ8nQfdZDMq5mZUFuS5dDH0RPKlO2TMCh
 hS6V/kExQSwE2Mdmg1yq8dDt+gDxpggkmFjDI2XEKQx7v1G1tvj8HRCN1W8QoA1S8FWO
 Dud+ee/fQh9egAypRA6AjMxHYepvvJfR4ohI3mXif9IoLWUQscjy7jQGTrclHKAqpbdF
 ET6YmTWfGpJxd17vS/EdDyZRMold1u5Qg5XiJ2fswsuJGDp58MoR259FYcHLLWzsDXxx
 vNFA==
X-Gm-Message-State: AOAM532WW35bxaeeBpyolb0MMr/j3w6w/oneVk6hWtLOQst8GxoagGNF
 m2ZoKkKmhTOA6zFJMn52FWszbETmAV72HQ==
X-Google-Smtp-Source: 
 ABdhPJygMvfmNRHPahf7shIwRxu2ggDaM1gKGo8FJMOm7jnly8WhM4WtiGPa/KJ1ze/RKlyOlvEtUA==
X-Received: by 2002:adf:fdd0:: with SMTP id i16mr3866629wrs.314.1641907945714;
 Tue, 11 Jan 2022 05:32:25 -0800 (PST)
Received: from adacore.com ([45.147.211.82])
 by smtp.gmail.com with ESMTPSA id r206sm1910769wma.2.2022.01.11.05.32.24
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 11 Jan 2022 05:32:25 -0800 (PST)
Date: Tue, 11 Jan 2022 13:32:24 +0000
To: gcc-patches@gcc.gnu.org
Subject: [Ada] Recover proof of Ada.Strings.Fixed with assertions
Message-ID: <20220111133224.GA748817@adacore.com>
MIME-Version: 1.0
Content-Disposition: inline
X-Spam-Status: No, score=-13.2 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: gcc-patches@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe>
X-Patchwork-Original-From: Pierre-Marie de Rodat via Gcc-patches
 <gcc-patches@gcc.gnu.org>
From: Pierre-Marie de Rodat <derodat@adacore.com>
Reply-To: Pierre-Marie de Rodat <derodat@adacore.com>
Cc: Yannick Moy <moy@adacore.com>
Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org
Sender: "Gcc-patches"
 <gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org>

Changes in GNATprove make it necessary to add assertions here.

Tested on x86_64-pc-linux-gnu, committed on trunk

gcc/ada/

	* libgnat/a-strfix.adb (Insert, Overwrite): Add assertions.

diff --git a/gcc/ada/libgnat/a-strfix.adb b/gcc/ada/libgnat/a-strfix.adb
--- a/gcc/ada/libgnat/a-strfix.adb
+++ b/gcc/ada/libgnat/a-strfix.adb
@@ -384,6 +384,10 @@ package body Ada.Strings.Fixed with SPARK_Mode is
            Source (Source'First .. Before - 1);
          Result (Front + 1 .. Front + New_Item'Length) :=
            New_Item;
+
+         pragma Assert
+           (Result (1 .. Before - Source'First)
+            = Source (Source'First .. Before - 1));
          pragma Assert
            (Result
               (Before - Source'First + 1
@@ -558,15 +562,21 @@ package body Ada.Strings.Fixed with SPARK_Mode is
             if Position <= Source'Last - New_Item'Length then
                Result (Front + New_Item'Length + 1 .. Result'Last) :=
                  Source (Position + New_Item'Length .. Source'Last);
+
+               pragma Assert
+                 (Result
+                    (Position - Source'First + New_Item'Length + 1
+                     .. Result'Last)
+                  = Source (Position + New_Item'Length .. Source'Last));
             end if;
 
             pragma Assert
               (if Position <= Source'Last - New_Item'Length
                then
                   Result
-                 (Position - Source'First + New_Item'Length + 1
-                  .. Result'Last)
-               = Source (Position + New_Item'Length .. Source'Last));
+                    (Position - Source'First + New_Item'Length + 1
+                     .. Result'Last)
+                  = Source (Position + New_Item'Length .. Source'Last));
          end return;
       end;
    end Overwrite;