/export/starexec/sandbox/solver/bin/starexec_run_c /export/starexec/sandbox/benchmark/theBenchmark.c /export/starexec/sandbox/output/output_files -------------------------------------------------------------------------------- YES proof of /export/starexec/sandbox/benchmark/theBenchmark.c # AProVE Commit ID: 48fb2092695e11cc9f56e44b17a92a5f88ffb256 marcel 20180622 unpublished dirty Termination of the given C Problem could be proven: (0) C Problem (1) CToLLVMProof [EQUIVALENT, 179 ms] (2) LLVM problem (3) LLVMToTerminationGraphProof [EQUIVALENT, 6389 ms] (4) LLVM Symbolic Execution Graph (5) SymbolicExecutionGraphToSCCProof [SOUND, 0 ms] (6) AND (7) LLVM Symbolic Execution SCC (8) SCC2IRS [SOUND, 49 ms] (9) IntTRS (10) IntTRSCompressionProof [EQUIVALENT, 0 ms] (11) IntTRS (12) RankingReductionPairProof [EQUIVALENT, 18 ms] (13) YES (14) LLVM Symbolic Execution SCC (15) SCC2IRS [SOUND, 98 ms] (16) IntTRS (17) IntTRSCompressionProof [EQUIVALENT, 0 ms] (18) IntTRS (19) RankingReductionPairProof [EQUIVALENT, 5 ms] (20) YES ---------------------------------------- (0) Obligation: c file /export/starexec/sandbox/benchmark/theBenchmark.c ---------------------------------------- (1) CToLLVMProof (EQUIVALENT) Compiled c-file /export/starexec/sandbox/benchmark/theBenchmark.c to LLVM. ---------------------------------------- (2) Obligation: LLVM Problem Aliases: Data layout: "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128" Machine: "x86_64-pc-linux-gnu" Type definitions: Global variables: Function declarations and definitions: *BasicFunctionTypename: "__VERIFIER_nondet_int" returnParam: i32 parameters: () variableLength: false visibilityType: DEFAULT callingConvention: ccc *BasicFunctionTypename: "f" linkageType: EXTERNALLY_VISIBLE returnParam: i32 parameters: (a i32, b i32) variableLength: false visibilityType: DEFAULT callingConvention: ccc 0: %1 = alloca i32, align 4 %2 = alloca i32, align 4 %3 = alloca i32, align 4 store %a, %2 store %b, %3 %4 = load %3 %5 = icmp eq %4 0 br %5, %6, %9 6: %7 = load %2 %8 = call i32 @g(i32 %7, i32 0) store %8, %1 br %15 9: %10 = load %2 %11 = add 1 %10 %12 = load %3 %13 = sub %12 1 %14 = call i32 @f(i32 %11, i32 %13) store %14, %1 br %15 15: %16 = load %1 ret %16 *BasicFunctionTypename: "g" linkageType: EXTERNALLY_VISIBLE returnParam: i32 parameters: (c i32, d i32) variableLength: false visibilityType: DEFAULT callingConvention: ccc 0: %1 = alloca i32, align 4 %2 = alloca i32, align 4 %3 = alloca i32, align 4 store %c, %2 store %d, %3 %4 = load %2 %5 = icmp eq %4 0 br %5, %6, %8 6: %7 = load %3 store %7, %1 br %14 8: %9 = load %2 %10 = sub %9 1 %11 = load %3 %12 = add 1 %11 %13 = call i32 @g(i32 %10, i32 %12) store %13, %1 br %14 14: %15 = load %1 ret %15 *BasicFunctionTypename: "main" linkageType: EXTERNALLY_VISIBLE returnParam: i32 parameters: () variableLength: false visibilityType: DEFAULT callingConvention: ccc 0: %1 = alloca i32, align 4 %a = alloca i32, align 4 %b = alloca i32, align 4 store 0, %1 %2 = call i32 @__VERIFIER_nondet_int() store %2, %a %3 = call i32 @__VERIFIER_nondet_int() store %3, %b %4 = load %a %5 = icmp sge %4 0 br %5, %6, %13 6: %7 = load %b %8 = icmp sge %7 0 br %8, %9, %13 9: %10 = load %a %11 = load %b %12 = call i32 @f(i32 %10, i32 %11) br %13 13: ret 0 Analyze Termination of all function calls matching the pattern: main() ---------------------------------------- (3) LLVMToTerminationGraphProof (EQUIVALENT) Constructed symbolic execution graph for LLVM program and proved memory safety. ---------------------------------------- (4) Obligation: SE Graph ---------------------------------------- (5) SymbolicExecutionGraphToSCCProof (SOUND) Splitted symbolic execution graph to 2 SCCs. ---------------------------------------- (6) Complex Obligation (AND) ---------------------------------------- (7) Obligation: SCC ---------------------------------------- (8) SCC2IRS (SOUND) Transformed LLVM symbolic execution graph SCC into a rewrite problem. Log: Generated rules. Obtained 16 rulesP rules: f_424(v319, v320, v337, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, 0, v334, v335, v336, 3, 1, 4) -> f_426(v319, v320, v337, v339, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, 0, v334, v335, v336, 3, 1, 4) :|: 1 <= v339 && v340 = 3 + v339 && 4 <= v340 f_426(v319, v320, v337, v339, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, 0, v334, v335, v336, 3, 1, 4) -> f_427(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: 1 <= v341 && v342 = 3 + v341 && 4 <= v342 f_427(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_428(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: TRUE f_428(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_429(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: TRUE f_429(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_430(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: 0 = 0 f_430(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_432(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: v319 != 0 && 1 <= v336 f_432(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_434(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: 0 = 0 f_434(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_436(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: TRUE f_436(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_438(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: 0 = 0 f_438(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_440(v319, v320, v337, v339, v341, 0, v346, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: 1 + v346 = v319 && 0 <= v346 f_440(v319, v320, v337, v339, v341, 0, v346, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_442(v319, v320, v337, v339, v341, 0, v346, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: 0 = 0 f_442(v319, v320, v337, v339, v341, 0, v346, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_444(v319, v320, v337, v339, v341, 0, v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: v347 = 1 + v320 && 1 <= v347 f_444(v319, v320, v337, v339, v341, 0, v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_446(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v337, v338, v339, v340, v341, v342, 0, v334, v335, v336, v319, v320, 3, 1, 4) :|: 0 = 0 f_446(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v337, v338, v339, v340, v341, v342, 0, v334, v335, v336, v319, v320, 3, 1, 4) -> f_448(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v337, v338, v339, v340, v341, v342, 0, v334, v335, v336, v319, v320, 3, 1, 4) :|: TRUE f_448(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v337, v338, v339, v340, v341, v342, 0, v334, v335, v336, v319, v320, 3, 1, 4) -> f_422(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, 0, v334, v335, v336, 3, 1, 4) :|: TRUE f_422(v319, v320, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, 0, v334, v335, v336, 3, 1, 4) -> f_424(v319, v320, v337, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, 0, v334, v335, v336, 3, 1, 4) :|: 1 <= v337 && v338 = 3 + v337 && 4 <= v338 Combined rules. Obtained 1 rulesP rules: f_424(1 + v346:0, v320:0, v337:0, v321:0, v322:0, v323:0, v324:0, v325:0, v326:0, v327:0, v328:0, v329:0, v330:0, v331:0, v332:0, v338:0, 0, v334:0, v335:0, v336:0, 3, 1, 4) -> f_424(v346:0, 1 + v320:0, v337:1, v321:0, v322:0, v323:0, v324:0, v325:0, v326:0, v327:0, v328:0, v329:0, v330:0, v331:0, v332:0, 3 + v337:1, 0, v334:0, v335:0, v336:0, 3, 1, 4) :|: v341:0 > 0 && v339:0 > 0 && v336:0 > 0 && v346:0 > -1 && v320:0 > -1 && v337:1 > 0 Filtered unneeded arguments: f_424(x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15, x16, x17, x18, x19, x20, x21, x22, x23) -> f_424(x1, x2, x20) Removed division, modulo operations, cleaned up constraints. Obtained 1 rules.P rules: f_424(sum~cons_1~v346:0, v320:0, v336:0) -> f_424(v346:0, 1 + v320:0, v336:0) :|: v346:0 > -1 && v320:0 > -1 && v336:0 > 0 && sum~cons_1~v346:0 = 1 + v346:0 ---------------------------------------- (9) Obligation: Rules: f_424(sum~cons_1~v346:0, v320:0, v336:0) -> f_424(v346:0, 1 + v320:0, v336:0) :|: v346:0 > -1 && v320:0 > -1 && v336:0 > 0 && sum~cons_1~v346:0 = 1 + v346:0 ---------------------------------------- (10) IntTRSCompressionProof (EQUIVALENT) Compressed rules. ---------------------------------------- (11) Obligation: Rules: f_424(sum~cons_1~v346:0:0, v320:0:0, v336:0:0) -> f_424(v346:0:0, 1 + v320:0:0, v336:0:0) :|: v346:0:0 > -1 && v320:0:0 > -1 && v336:0:0 > 0 && sum~cons_1~v346:0:0 = 1 + v346:0:0 ---------------------------------------- (12) RankingReductionPairProof (EQUIVALENT) Interpretation: [ f_424 ] = f_424_1 The following rules are decreasing: f_424(sum~cons_1~v346:0:0, v320:0:0, v336:0:0) -> f_424(v346:0:0, 1 + v320:0:0, v336:0:0) :|: v346:0:0 > -1 && v320:0:0 > -1 && v336:0:0 > 0 && sum~cons_1~v346:0:0 = 1 + v346:0:0 The following rules are bounded: f_424(sum~cons_1~v346:0:0, v320:0:0, v336:0:0) -> f_424(v346:0:0, 1 + v320:0:0, v336:0:0) :|: v346:0:0 > -1 && v320:0:0 > -1 && v336:0:0 > 0 && sum~cons_1~v346:0:0 = 1 + v346:0:0 ---------------------------------------- (13) YES ---------------------------------------- (14) Obligation: SCC ---------------------------------------- (15) SCC2IRS (SOUND) Transformed LLVM symbolic execution graph SCC into a rewrite problem. Log: Generated rules. Obtained 16 rulesP rules: f_264(v55, v56, v67, v57, v58, v59, v60, v61, v62, v68, 0, v64, v65, 3, 1, 4) -> f_265(v55, v56, v67, v69, v57, v58, v59, v60, v61, v62, v68, v70, 0, v64, v65, 3, 1, 4) :|: 1 <= v69 && v70 = 3 + v69 && 4 <= v70 f_265(v55, v56, v67, v69, v57, v58, v59, v60, v61, v62, v68, v70, 0, v64, v65, 3, 1, 4) -> f_266(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: 1 <= v71 && v72 = 3 + v71 && 4 <= v72 f_266(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_267(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: TRUE f_267(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_268(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: TRUE f_268(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_269(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: 0 = 0 f_269(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_271(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: v56 != 0 && 1 <= v65 f_271(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_273(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: 0 = 0 f_273(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_275(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: TRUE f_275(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_277(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: 0 = 0 f_277(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_279(v55, v56, v67, v69, v71, 0, v75, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: v75 = 1 + v55 && 1 <= v75 f_279(v55, v56, v67, v69, v71, 0, v75, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_281(v55, v56, v67, v69, v71, 0, v75, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: 0 = 0 f_281(v55, v56, v67, v69, v71, 0, v75, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_282(v55, v56, v67, v69, v71, 0, v75, v76, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: 1 + v76 = v56 && 0 <= v76 f_282(v55, v56, v67, v69, v71, 0, v75, v76, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_284(v75, v76, v57, v58, v59, v60, v61, v62, v67, v68, v69, v70, v71, v72, 0, v64, v65, v55, v56, 3, 1, 4) :|: 0 = 0 f_284(v75, v76, v57, v58, v59, v60, v61, v62, v67, v68, v69, v70, v71, v72, 0, v64, v65, v55, v56, 3, 1, 4) -> f_286(v75, v76, v57, v58, v59, v60, v61, v62, v67, v68, v69, v70, v71, v72, 0, v64, v65, v55, v56, 3, 1, 4) :|: TRUE f_286(v75, v76, v57, v58, v59, v60, v61, v62, v67, v68, v69, v70, v71, v72, 0, v64, v65, v55, v56, 3, 1, 4) -> f_262(v75, v76, v57, v58, v59, v60, v61, v62, 0, v64, v65, 3, 1, 4) :|: TRUE f_262(v55, v56, v57, v58, v59, v60, v61, v62, 0, v64, v65, 3, 1, 4) -> f_264(v55, v56, v67, v57, v58, v59, v60, v61, v62, v68, 0, v64, v65, 3, 1, 4) :|: 1 <= v67 && v68 = 3 + v67 && 4 <= v68 Combined rules. Obtained 1 rulesP rules: f_264(v55:0, 1 + v76:0, v67:0, v57:0, v58:0, v59:0, v60:0, v61:0, v62:0, v68:0, 0, v64:0, v65:0, 3, 1, 4) -> f_264(1 + v55:0, v76:0, v67:1, v57:0, v58:0, v59:0, v60:0, v61:0, v62:0, 3 + v67:1, 0, v64:0, v65:0, 3, 1, 4) :|: v71:0 > 0 && v69:0 > 0 && v65:0 > 0 && v76:0 > -1 && v55:0 > -1 && v67:1 > 0 Filtered unneeded arguments: f_264(x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15, x16) -> f_264(x1, x2, x13) Removed division, modulo operations, cleaned up constraints. Obtained 1 rules.P rules: f_264(v55:0, sum~cons_1~v76:0, v65:0) -> f_264(1 + v55:0, v76:0, v65:0) :|: v76:0 > -1 && v55:0 > -1 && v65:0 > 0 && sum~cons_1~v76:0 = 1 + v76:0 ---------------------------------------- (16) Obligation: Rules: f_264(v55:0, sum~cons_1~v76:0, v65:0) -> f_264(1 + v55:0, v76:0, v65:0) :|: v76:0 > -1 && v55:0 > -1 && v65:0 > 0 && sum~cons_1~v76:0 = 1 + v76:0 ---------------------------------------- (17) IntTRSCompressionProof (EQUIVALENT) Compressed rules. ---------------------------------------- (18) Obligation: Rules: f_264(v55:0:0, sum~cons_1~v76:0:0, v65:0:0) -> f_264(1 + v55:0:0, v76:0:0, v65:0:0) :|: v76:0:0 > -1 && v55:0:0 > -1 && v65:0:0 > 0 && sum~cons_1~v76:0:0 = 1 + v76:0:0 ---------------------------------------- (19) RankingReductionPairProof (EQUIVALENT) Interpretation: [ f_264 ] = f_264_2 The following rules are decreasing: f_264(v55:0:0, sum~cons_1~v76:0:0, v65:0:0) -> f_264(1 + v55:0:0, v76:0:0, v65:0:0) :|: v76:0:0 > -1 && v55:0:0 > -1 && v65:0:0 > 0 && sum~cons_1~v76:0:0 = 1 + v76:0:0 The following rules are bounded: f_264(v55:0:0, sum~cons_1~v76:0:0, v65:0:0) -> f_264(1 + v55:0:0, v76:0:0, v65:0:0) :|: v76:0:0 > -1 && v55:0:0 > -1 && v65:0:0 > 0 && sum~cons_1~v76:0:0 = 1 + v76:0:0 ---------------------------------------- (20) YES