(for all K in 1 .. Length (Source) =>
Element (Translate'Result, K) = Mapping (Element (Source, K))),
Global => null;
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
procedure Translate
(Source : in out Bounded_String;
(for all K in 1 .. Length (Source) =>
Element (Source, K) = Mapping (Element (Source'Old, K))),
Global => null;
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
---------------------------------------
-- String Transformation Subprograms --
do
for J in Source'Range loop
Result (J - (Source'First - 1)) := Mapping.all (Source (J));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
pragma Loop_Invariant
(for all K in Source'First .. J =>
Result (K - (Source'First - 1))'Initialized);
pragma Loop_Invariant
(for all K in Source'First .. J =>
Result (K - (Source'First - 1)) = Mapping (Source (K)));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
end loop;
end return;
end Translate;
begin
for J in Source'Range loop
Source (J) := Mapping.all (Source (J));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
pragma Loop_Invariant
(for all K in Source'First .. J =>
Source (K) = Mapping (Source'Loop_Entry (K)));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
end loop;
end Translate;
= Mapping (Source (J))),
Global => null,
Annotate => (GNATprove, Always_Return);
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
function Translate
(Source : String;
(for all J in Source'Range => Source (J) = Mapping (Source'Old (J))),
Global => null,
Annotate => (GNATprove, Always_Return);
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
procedure Translate
(Source : in out String;
Ind := Ind + 1;
for K in Pattern'Range loop
if Pattern (K) /= Mapping (Source (Ind + (K - Pattern'First))) then
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
pragma Assert (not (Match (Source, Pattern, Mapping, Ind)));
goto Cont;
end if;
pragma Loop_Invariant
(for all J in Pattern'First .. K =>
Pattern (J) = Mapping (Source (Ind + (J - Pattern'First))));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
end loop;
pragma Assert (Match (Source, Pattern, Mapping, Ind));
if Pattern (K) /= Mapping.all
(Source (Ind + (K - Pattern'First)))
then
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
goto Cont1;
end if;
pragma Loop_Invariant
(for all J in Pattern'First .. K =>
Pattern (J) = Mapping (Source (Ind + (J - Pattern'First))));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
end loop;
pragma Assert (Match (Source, Pattern, Mapping, Ind));
if Pattern (K) /= Mapping.all
(Source (Ind + (K - Pattern'First)))
then
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
goto Cont2;
end if;
pragma Loop_Invariant
(for all J in Pattern'First .. K =>
Pattern (J) = Mapping (Source (Ind + (J - Pattern'First))));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
end loop;
return Ind;
and then Source'Length > 0
and then From in Source'First .. Source'Last - (Pattern'Length - 1),
Global => null;
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
function Match
(Source : String;
(for all K in 1 .. Indx =>
Result.Data (K) =
Item (Item'First + (K - 1) mod Ilen));
+ pragma Loop_Variant (Increases => Indx);
end loop;
Result.Data (Indx + 1 .. Max_Length) := Super_String_Data
(for all K in Indx + 1 .. Max_Length =>
Result.Data (K) =
Item (Item'Last - (Max_Length - K) mod Ilen));
+ pragma Loop_Variant (Decreases => Indx);
end loop;
Result.Data (1 .. Indx) :=
begin
for J in 1 .. Source.Current_Length loop
Result.Data (J) := Mapping.all (Source.Data (J));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
pragma Loop_Invariant (Result.Data (1 .. J)'Initialized);
pragma Loop_Invariant
(for all K in 1 .. J =>
Result.Data (K) = Mapping (Source.Data (K)));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
end loop;
Result.Current_Length := Source.Current_Length;
begin
for J in 1 .. Source.Current_Length loop
Source.Data (J) := Mapping.all (Source.Data (J));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
pragma Loop_Invariant
(for all K in 1 .. J =>
Source.Data (K) = Mapping (Source'Loop_Entry.Data (K)));
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
end loop;
end Super_Translate;
package Ada.Strings.Superbounded with SPARK_Mode is
pragma Preelaborate;
+ pragma Annotate (GNATprove, Always_Return, Superbounded);
-- Type Bounded_String in Ada.Strings.Bounded.Generic_Bounded_Length is
-- derived from Super_String, with the constraint of the maximum length.
Super_Element (Super_Translate'Result, K) =
Mapping (Super_Element (Source, K))),
Global => null;
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
procedure Super_Translate
(Source : in out Super_String;
Super_Element (Source, K) =
Mapping (Super_Element (Source'Old, K))),
Global => null;
+ pragma Annotate (GNATprove, False_Positive,
+ "call via access-to-subprogram",
+ "function Mapping must always terminate");
---------------------------------------
-- String Transformation Subprograms --
projects / thirdparty / gcc.git / commitdiff
