/export/starexec/sandbox/solver/bin/starexec_run_c /export/starexec/sandbox/benchmark/theBenchmark.c /export/starexec/sandbox/output/output_files -------------------------------------------------------------------------------- YES proof of /export/starexec/sandbox/benchmark/theBenchmark.c # AProVE Commit ID: 48fb2092695e11cc9f56e44b17a92a5f88ffb256 marcel 20180622 unpublished dirty Termination of the given C Problem could be proven: (0) C Problem (1) CToLLVMProof [EQUIVALENT, 179 ms] (2) LLVM problem (3) LLVMToTerminationGraphProof [EQUIVALENT, 4612 ms] (4) LLVM Symbolic Execution Graph (5) SymbolicExecutionGraphToSCCProof [SOUND, 0 ms] (6) AND (7) LLVM Symbolic Execution SCC (8) SCC2IRS [SOUND, 56 ms] (9) IntTRS (10) IntTRSCompressionProof [EQUIVALENT, 0 ms] (11) IntTRS (12) RankingReductionPairProof [EQUIVALENT, 24 ms] (13) YES (14) LLVM Symbolic Execution SCC (15) SCC2IRS [SOUND, 46 ms] (16) IntTRS (17) IntTRSCompressionProof [EQUIVALENT, 0 ms] (18) IntTRS (19) RankingReductionPairProof [EQUIVALENT, 9 ms] (20) YES ---------------------------------------- (0) Obligation: c file /export/starexec/sandbox/benchmark/theBenchmark.c ---------------------------------------- (1) CToLLVMProof (EQUIVALENT) Compiled c-file /export/starexec/sandbox/benchmark/theBenchmark.c to LLVM. ---------------------------------------- (2) Obligation: LLVM Problem Aliases: Data layout: "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128" Machine: "x86_64-pc-linux-gnu" Type definitions: Global variables: Function declarations and definitions: *BasicFunctionTypename: "__VERIFIER_nondet_int" returnParam: i32 parameters: () variableLength: false visibilityType: DEFAULT callingConvention: ccc *BasicFunctionTypename: "subxy" linkageType: EXTERNALLY_VISIBLE returnParam: i32 parameters: (x i32, y i32) variableLength: false visibilityType: DEFAULT callingConvention: ccc 0: %1 = alloca i32, align 4 %2 = alloca i32, align 4 %3 = alloca i32, align 4 %z = alloca i32, align 4 %i = alloca i32, align 4 store %x, %2 store %y, %3 store 0, %z %4 = load %2 store %4, %i %5 = load %3 %6 = icmp sle %5 0 br %6, %10, %7 7: %8 = load %2 %9 = icmp sle %8 0 br %9, %10, %11 10: store 0, %1 br %32 11: br %12 12: %13 = load %i %14 = icmp sgt %13 0 br %14, %15, %20 15: %16 = load %i %17 = add %16 -1 store %17, %i %18 = load %z %19 = add %18 1 store %19, %z br %12 20: br %21 21: %22 = load %i %23 = load %3 %24 = icmp slt %22 %23 br %24, %25, %30 25: %26 = load %i %27 = add %26 1 store %27, %i %28 = load %z %29 = add %28 -1 store %29, %z br %21 30: %31 = load %z store %31, %1 br %32 32: %33 = load %1 ret %33 *BasicFunctionTypename: "main" linkageType: EXTERNALLY_VISIBLE returnParam: i32 parameters: () variableLength: false visibilityType: DEFAULT callingConvention: ccc 0: %1 = alloca i32, align 4 %x = alloca i32, align 4 %y = alloca i32, align 4 store 0, %1 %2 = call i32 @__VERIFIER_nondet_int() store %2, %x %3 = call i32 @__VERIFIER_nondet_int() store %3, %y %4 = load %x %5 = load %y %6 = call i32 @subxy(i32 %4, i32 %5) ret 0 Analyze Termination of all function calls matching the pattern: main() ---------------------------------------- (3) LLVMToTerminationGraphProof (EQUIVALENT) Constructed symbolic execution graph for LLVM program and proved memory safety. ---------------------------------------- (4) Obligation: SE Graph ---------------------------------------- (5) SymbolicExecutionGraphToSCCProof (SOUND) Splitted symbolic execution graph to 2 SCCs. ---------------------------------------- (6) Complex Obligation (AND) ---------------------------------------- (7) Obligation: SCC ---------------------------------------- (8) SCC2IRS (SOUND) Transformed LLVM symbolic execution graph SCC into a rewrite problem. Log: Generated rules. Obtained 13 rulesP rules: f_469(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 4) -> f_470(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 4) :|: 0 = 0 f_470(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 4) -> f_471(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: v454 < v443 && 2 <= v443 f_471(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_473(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: 0 = 0 f_473(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_475(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: TRUE f_475(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_477(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: 0 = 0 f_477(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_479(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: v479 = 1 + v454 && 2 <= v479 f_479(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_481(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: TRUE f_481(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_483(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: 0 = 0 f_483(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_485(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v456, v482, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: 1 + v482 = v456 f_485(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v456, v482, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_487(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v456, v482, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: TRUE f_487(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v456, v482, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_488(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v456, v482, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) :|: TRUE f_488(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v456, v482, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 2, 4) -> f_468(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v479, v456, v482, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 4) :|: TRUE f_468(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v453, v454, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 4) -> f_469(v442, v443, v444, v445, v446, v447, v448, 0, 1, v451, v452, v454, v453, v455, v456, v457, v460, v458, v461, v459, v462, v463, v464, v465, v466, v467, 3, 4) :|: 0 = 0 Combined rules. Obtained 1 rulesP rules: f_469(v442:0, v443:0, v444:0, v445:0, v446:0, v447:0, v448:0, 0, 1, v451:0, v452:0, v454:0, v453:0, v455:0, 1 + v482:0, v457:0, v460:0, v458:0, v461:0, v459:0, v462:0, v463:0, v464:0, v465:0, v466:0, v467:0, 3, 4) -> f_469(v442:0, v443:0, v444:0, v445:0, v446:0, v447:0, v448:0, 0, 1, v451:0, v452:0, 1 + v454:0, v454:0, 1 + v482:0, v482:0, v457:0, v460:0, v458:0, v461:0, v459:0, v462:0, v463:0, v464:0, v465:0, v466:0, v467:0, 3, 4) :|: v443:0 > 1 && v454:0 > 0 && v454:0 < v443:0 Filtered unneeded arguments: f_469(x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15, x16, x17, x18, x19, x20, x21, x22, x23, x24, x25, x26, x27, x28) -> f_469(x2, x12, x15) Removed division, modulo operations, cleaned up constraints. Obtained 1 rules.P rules: f_469(v443:0, v454:0, sum~cons_1~v482:0) -> f_469(v443:0, 1 + v454:0, v482:0) :|: v454:0 > 0 && v454:0 < v443:0 && v443:0 > 1 && sum~cons_1~v482:0 = 1 + v482:0 ---------------------------------------- (9) Obligation: Rules: f_469(v443:0, v454:0, sum~cons_1~v482:0) -> f_469(v443:0, 1 + v454:0, v482:0) :|: v454:0 > 0 && v454:0 < v443:0 && v443:0 > 1 && sum~cons_1~v482:0 = 1 + v482:0 ---------------------------------------- (10) IntTRSCompressionProof (EQUIVALENT) Compressed rules. ---------------------------------------- (11) Obligation: Rules: f_469(v443:0:0, v454:0:0, sum~cons_1~v482:0:0) -> f_469(v443:0:0, 1 + v454:0:0, v482:0:0) :|: v454:0:0 > 0 && v454:0:0 < v443:0:0 && v443:0:0 > 1 && sum~cons_1~v482:0:0 = 1 + v482:0:0 ---------------------------------------- (12) RankingReductionPairProof (EQUIVALENT) Interpretation: [ f_469 ] = -1*f_469_2 + f_469_1 The following rules are decreasing: f_469(v443:0:0, v454:0:0, sum~cons_1~v482:0:0) -> f_469(v443:0:0, 1 + v454:0:0, v482:0:0) :|: v454:0:0 > 0 && v454:0:0 < v443:0:0 && v443:0:0 > 1 && sum~cons_1~v482:0:0 = 1 + v482:0:0 The following rules are bounded: f_469(v443:0:0, v454:0:0, sum~cons_1~v482:0:0) -> f_469(v443:0:0, 1 + v454:0:0, v482:0:0) :|: v454:0:0 > 0 && v454:0:0 < v443:0:0 && v443:0:0 > 1 && sum~cons_1~v482:0:0 = 1 + v482:0:0 ---------------------------------------- (13) YES ---------------------------------------- (14) Obligation: SCC ---------------------------------------- (15) SCC2IRS (SOUND) Transformed LLVM symbolic execution graph SCC into a rewrite problem. Log: Generated rules. Obtained 12 rulesP rules: f_338(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v148, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 4) -> f_339(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v148, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: 0 < v150 && 2 <= v148 && 2 <= v140 f_339(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v148, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_341(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v148, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: 0 = 0 f_341(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v148, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_343(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v148, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: TRUE f_343(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v148, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_345(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: 0 = 0 f_345(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_347(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: 1 + v164 = v150 && 0 <= v164 f_347(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_349(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: TRUE f_349(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_351(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: 0 = 0 f_351(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_353(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v152, v166, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: v166 = 1 + v152 && 2 <= v166 f_353(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v152, v166, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_355(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v152, v166, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: TRUE f_355(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v152, v166, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_357(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v152, v166, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) :|: TRUE f_357(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v152, v166, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 2, 4) -> f_337(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v164, v152, v166, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 4) :|: TRUE f_337(v140, v141, v142, v143, v144, v145, v146, 0, v148, 1, v150, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 4) -> f_338(v140, v141, v142, v143, v144, v145, v146, 0, v150, 1, v148, v151, v152, v153, v156, v154, v157, v155, v158, v159, v160, v161, v162, v163, 3, 4) :|: 0 = 0 Combined rules. Obtained 1 rulesP rules: f_338(v140:0, v141:0, v142:0, v143:0, v144:0, v145:0, v146:0, 0, 1 + v164:0, 1, v148:0, v151:0, v152:0, v153:0, v156:0, v154:0, v157:0, v155:0, v158:0, v159:0, v160:0, v161:0, v162:0, v163:0, 3, 4) -> f_338(v140:0, v141:0, v142:0, v143:0, v144:0, v145:0, v146:0, 0, v164:0, 1, 1 + v164:0, v152:0, 1 + v152:0, v153:0, v156:0, v154:0, v157:0, v155:0, v158:0, v159:0, v160:0, v161:0, v162:0, v163:0, 3, 4) :|: v148:0 > 1 && v164:0 > -1 && v140:0 > 1 && v152:0 > 0 Filtered unneeded arguments: f_338(x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15, x16, x17, x18, x19, x20, x21, x22, x23, x24, x25, x26) -> f_338(x1, x9, x11, x13) Removed division, modulo operations, cleaned up constraints. Obtained 1 rules.P rules: f_338(v140:0, sum~cons_1~v164:0, v148:0, v152:0) -> f_338(v140:0, v164:0, 1 + v164:0, 1 + v152:0) :|: v164:0 > -1 && v148:0 > 1 && v152:0 > 0 && v140:0 > 1 && sum~cons_1~v164:0 = 1 + v164:0 ---------------------------------------- (16) Obligation: Rules: f_338(v140:0, sum~cons_1~v164:0, v148:0, v152:0) -> f_338(v140:0, v164:0, 1 + v164:0, 1 + v152:0) :|: v164:0 > -1 && v148:0 > 1 && v152:0 > 0 && v140:0 > 1 && sum~cons_1~v164:0 = 1 + v164:0 ---------------------------------------- (17) IntTRSCompressionProof (EQUIVALENT) Compressed rules. ---------------------------------------- (18) Obligation: Rules: f_338(v140:0:0, sum~cons_1~v164:0:0, v148:0:0, v152:0:0) -> f_338(v140:0:0, v164:0:0, 1 + v164:0:0, 1 + v152:0:0) :|: v152:0:0 > 0 && v140:0:0 > 1 && v148:0:0 > 1 && v164:0:0 > -1 && sum~cons_1~v164:0:0 = 1 + v164:0:0 ---------------------------------------- (19) RankingReductionPairProof (EQUIVALENT) Interpretation: [ f_338 ] = f_338_2 The following rules are decreasing: f_338(v140:0:0, sum~cons_1~v164:0:0, v148:0:0, v152:0:0) -> f_338(v140:0:0, v164:0:0, 1 + v164:0:0, 1 + v152:0:0) :|: v152:0:0 > 0 && v140:0:0 > 1 && v148:0:0 > 1 && v164:0:0 > -1 && sum~cons_1~v164:0:0 = 1 + v164:0:0 The following rules are bounded: f_338(v140:0:0, sum~cons_1~v164:0:0, v148:0:0, v152:0:0) -> f_338(v140:0:0, v164:0:0, 1 + v164:0:0, 1 + v152:0:0) :|: v152:0:0 > 0 && v140:0:0 > 1 && v148:0:0 > 1 && v164:0:0 > -1 && sum~cons_1~v164:0:0 = 1 + v164:0:0 ---------------------------------------- (20) YES