1. 20 Dec, 2011 1 commit
    • Guillaume Melquiond's avatar
      Move Coq realizations from a .ml file to a driver file. · cc79baa8
      Guillaume Melquiond authored
      Note that the file is still generated at compilation time.
      
      The "realized" meta takes two arguments. The first one is the path+name of
      the theory, the second one is the translation of it for the target prover.
      The meta is supposed to be put into a printer file, so there is no
      ambiguity on the target. The second argument can be left empty if it can be
      inferred from the first one.
      
      Note that the first argument is not really satisfactory, since it is
      redundant with the theory part of the driver. Moreover, its handling is a
      bit crude: it does not take into account rich qualifiers and it does not
      generate proper error messages if it does not match the theory.
      cc79baa8
  2. 14 Dec, 2011 1 commit
  3. 06 Dec, 2011 1 commit
  4. 01 Dec, 2011 1 commit
  5. 30 Nov, 2011 1 commit
  6. 24 Nov, 2011 1 commit
  7. 23 Nov, 2011 1 commit
  8. 19 Nov, 2011 4 commits
  9. 18 Nov, 2011 1 commit
  10. 16 Nov, 2011 1 commit
  11. 12 Nov, 2011 1 commit
  12. 11 Nov, 2011 4 commits
  13. 09 Nov, 2011 1 commit
  14. 02 Nov, 2011 1 commit
  15. 31 Oct, 2011 2 commits
  16. 20 Oct, 2011 1 commit
  17. 13 Oct, 2011 1 commit
  18. 29 Sep, 2011 1 commit
  19. 20 Sep, 2011 1 commit
  20. 18 Sep, 2011 1 commit
  21. 04 Sep, 2011 1 commit
  22. 02 Sep, 2011 2 commits
  23. 23 Aug, 2011 1 commit
    • Guillaume Melquiond's avatar
      Add a new transformation that instantiates the axioms marked with the · 4d7dd217
      Guillaume Melquiond authored
      meta "instantiate : auto" on as many terms as possible.
      
      The transformation is rather naive, since it doesn't look for term
      candidates under quantifiers, if-then-else, let-in, and so on. So it can
      only appear late in the transformation pipe.
      
      It is only enabled for Gappa and its target axioms are the ones that state
      that any floating-point value is bounded. It was the last transformation
      from Why2 still missing in Why3.
      
      Thanks to this transformation, Gappa is now able to prove all the safety
      obligations from the following code, including the ones about division and
      downcast, which is definitely frightening.
      
      /*@ assigns \nothing;
        @ ensures \result == \abs(x);
        @*/
      extern double fabs(double x);
      
      /*@ requires \valid(AB_Ptr) && \valid(CD_Ptr);
        @ assigns *AB_Ptr, *CD_Ptr;
        @ ensures \abs(*AB_Ptr) <= 6.111111e-2;
        @ ensures \abs(*CD_Ptr) <= 6.111111e-2;
        @ */
      void limitValue(float *AB_Ptr, float *CD_Ptr)
      {
         double Fabs_AB, Fabs_CD;
         double max;
      
         Fabs_AB = fabs (*AB_Ptr);
         Fabs_CD = fabs (*CD_Ptr);
      
         max = Fabs_AB;
         if (Fabs_CD > Fabs_AB)  max = Fabs_CD;
      
         if ( max > 6.111111e-2)
         {
            *AB_Ptr = (float) (((*AB_Ptr) * 6.111111e-2) / max);
            *CD_Ptr = (float) (((*CD_Ptr) * 6.111111e-2) / max);
         }
      }
      4d7dd217
  24. 11 Aug, 2011 1 commit
  25. 28 Jul, 2011 1 commit
  26. 13 Jul, 2011 1 commit
    • Guillaume Melquiond's avatar
      Add support for generic printing of integers and reals. · 1ba8f1a6
      Guillaume Melquiond authored
      Prover capabilities are now represented by a record enumerating each case and which syntax to use then.
      This fixes output of nondecimal integers to provers (bug #12981).
      
      TODO: check whether some provers support more than just decimal representations.
      1ba8f1a6
  27. 11 Jul, 2011 1 commit
  28. 07 Jul, 2011 5 commits