From: Anh Vo <anhvofrcaus@gmail.com>
Subject: Re: SPARK - strange range check with array assignment
Date: Tue, 18 Aug 2015 17:11:34 -0700 (PDT)
Date: 2015-08-18T17:11:34-07:00 [thread overview]
Message-ID: <e26b0f26-2b46-459c-8030-2f13786571f6@googlegroups.com> (raw)
In-Reply-To: <6cd2abfc-63e4-4821-b8d3-143ec25f4619@googlegroups.com>
On Tuesday, August 18, 2015 at 1:06:47 PM UTC-7, Maciej Sobczak wrote:
> Consider (extracted from a bigger problem):
>
> -- p.ads:
> pragma SPARK_Mode;
>
> package P is
>
> procedure Foo (S : in out String)
> with Pre => S'Length > 3;
>
> end P;
>
> -- p.adb:
> pragma SPARK_Mode;
>
> package body P is
>
> procedure Foo (S : in out String)
> is
> begin
> S (S'First .. S'First + 2) := "abc"; -- HERE
> end Foo;
>
> end P;
>
>
> Foo is intended to overwrite the beginning of the given string.
> GNATProve (2014) says:
>
> p.adb:8:37: warning: range check might fail
>
> Curiously, the assertion added just before the failing line:
>
> pragma Assert (S'First + 2 in S'Range);
>
> passes without any warning.
>
> What value or expression above is subject to a range check that might fail?
it went through gnatprove (2015) happily. I tested it on Windows.
Anh Vo
next prev parent reply other threads:[~2015-08-19 0:11 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-18 20:06 SPARK - strange range check with array assignment Maciej Sobczak
2015-08-18 22:07 ` Georg Bauhaus
2015-08-19 0:11 ` Anh Vo [this message]
2015-08-19 10:09 ` Maciej Sobczak
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox