Commit 4d7dd217 by Guillaume Melquiond

### Add a new transformation that instantiates the axioms marked with the

```meta "instantiate : auto" on as many terms as possible.

The transformation is rather naive, since it doesn't look for term
candidates under quantifiers, if-then-else, let-in, and so on. So it can
only appear late in the transformation pipe.

It is only enabled for Gappa and its target axioms are the ones that state
that any floating-point value is bounded. It was the last transformation
from Why2 still missing in Why3.

Thanks to this transformation, Gappa is now able to prove all the safety
obligations from the following code, including the ones about division and
downcast, which is definitely frightening.

/*@ assigns \nothing;
@ ensures \result == \abs(x);
@*/
extern double fabs(double x);

/*@ requires \valid(AB_Ptr) && \valid(CD_Ptr);
@ assigns *AB_Ptr, *CD_Ptr;
@ ensures \abs(*AB_Ptr) <= 6.111111e-2;
@ ensures \abs(*CD_Ptr) <= 6.111111e-2;
@ */
void limitValue(float *AB_Ptr, float *CD_Ptr)
{
double Fabs_AB, Fabs_CD;
double max;

Fabs_AB = fabs (*AB_Ptr);
Fabs_CD = fabs (*CD_Ptr);

max = Fabs_AB;
if (Fabs_CD > Fabs_AB)  max = Fabs_CD;

if ( max > 6.111111e-2)
{
*AB_Ptr = (float) (((*AB_Ptr) * 6.111111e-2) / max);
*CD_Ptr = (float) (((*CD_Ptr) * 6.111111e-2) / max);
}
}```
parent 06c33403
 ... ... @@ -131,7 +131,7 @@ LIB_TRANSFORM = simplify_recursive_definition simplify_formula \ encoding_explicit encoding_guard encoding_sort \ encoding_instantiate simplify_array filter_trigger \ introduction abstraction close_epsilon lift_epsilon \ eval_match eval_match instantiate_predicate LIB_PRINTER = print_number alt_ergo why3printer smtv1 smtv2 \ coq tptp simplify gappa cvc3 yices ... ...
 ... ... @@ -24,6 +24,7 @@ transformation "simplify_formula" transformation "simplify_unknown_lsymbols" transformation "simplify_trivial_quantification" transformation "introduce_premises" transformation "instantiate_predicate" transformation "abstract_unknown_lsymbols" theory BuiltIn ... ... @@ -164,12 +165,14 @@ end theory floating_point.Single syntax function round "float(%2)" meta "instantiate : auto" prop Bounded_value end theory floating_point.Double syntax function round "float(%2)" meta "instantiate : auto" prop Bounded_value end ... ...