YES proof of /export/starexec/sandbox2/benchmark/theBenchmark.c # AProVE Commit ID: 794c25de1cacf0d048858bcd21c9a779e1221865 marcel 20200619 unpublished dirty Termination of the given C Problem could be proven: (0) C Problem (1) CToLLVMProof [EQUIVALENT, 174 ms] (2) LLVM problem (3) LLVMToTerminationGraphProof [EQUIVALENT, 5442 ms] (4) LLVM Symbolic Execution Graph (5) SymbolicExecutionGraphToSCCProof [SOUND, 0 ms] (6) AND (7) LLVM Symbolic Execution SCC (8) SCC2IRS [SOUND, 60 ms] (9) IntTRS (10) IRS2T2 [EQUIVALENT, 0 ms] (11) T2IntSys (12) T2 [EQUIVALENT, 1193 ms] (13) YES (14) LLVM Symbolic Execution SCC (15) SCC2IRS [SOUND, 78 ms] (16) IntTRS (17) IRS2T2 [EQUIVALENT, 0 ms] (18) T2IntSys (19) T2 [EQUIVALENT, 1226 ms] (20) YES ---------------------------------------- (0) Obligation: c file /export/starexec/sandbox2/benchmark/theBenchmark.c ---------------------------------------- (1) CToLLVMProof (EQUIVALENT) Compiled c-file /export/starexec/sandbox2/benchmark/theBenchmark.c to LLVM. ---------------------------------------- (2) Obligation: LLVM Problem Aliases: Data layout: "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128" Machine: "x86_64-pc-linux-gnu" Type definitions: Global variables: Function declarations and definitions: *BasicFunctionTypename: "__VERIFIER_nondet_int" returnParam: i32 parameters: () variableLength: false visibilityType: DEFAULT callingConvention: ccc *BasicFunctionTypename: "f" linkageType: EXTERNALLY_VISIBLE returnParam: i32 parameters: (a i32, b i32) variableLength: false visibilityType: DEFAULT callingConvention: ccc 0: %1 = alloca i32, align 4 %2 = alloca i32, align 4 %3 = alloca i32, align 4 store %a, %2 store %b, %3 %4 = load %3 %5 = icmp eq %4 0 br %5, %6, %9 6: %7 = load %2 %8 = call i32 @g(i32 %7, i32 0) store %8, %1 br %15 9: %10 = load %2 %11 = add 1 %10 %12 = load %3 %13 = sub %12 1 %14 = call i32 @f(i32 %11, i32 %13) store %14, %1 br %15 15: %16 = load %1 ret %16 *BasicFunctionTypename: "g" linkageType: EXTERNALLY_VISIBLE returnParam: i32 parameters: (c i32, d i32) variableLength: false visibilityType: DEFAULT callingConvention: ccc 0: %1 = alloca i32, align 4 %2 = alloca i32, align 4 %3 = alloca i32, align 4 store %c, %2 store %d, %3 %4 = load %2 %5 = icmp eq %4 0 br %5, %6, %8 6: %7 = load %3 store %7, %1 br %14 8: %9 = load %2 %10 = sub %9 1 %11 = load %3 %12 = add 1 %11 %13 = call i32 @g(i32 %10, i32 %12) store %13, %1 br %14 14: %15 = load %1 ret %15 *BasicFunctionTypename: "main" linkageType: EXTERNALLY_VISIBLE returnParam: i32 parameters: () variableLength: false visibilityType: DEFAULT callingConvention: ccc 0: %1 = alloca i32, align 4 %a = alloca i32, align 4 %b = alloca i32, align 4 store 0, %1 %2 = call i32 @__VERIFIER_nondet_int() store %2, %a %3 = call i32 @__VERIFIER_nondet_int() store %3, %b %4 = load %a %5 = icmp sge %4 0 br %5, %6, %13 6: %7 = load %b %8 = icmp sge %7 0 br %8, %9, %13 9: %10 = load %a %11 = load %b %12 = call i32 @f(i32 %10, i32 %11) br %13 13: ret 0 Analyze Termination of all function calls matching the pattern: main() ---------------------------------------- (3) LLVMToTerminationGraphProof (EQUIVALENT) Constructed symbolic execution graph for LLVM program and proved memory safety. ---------------------------------------- (4) Obligation: SE Graph ---------------------------------------- (5) SymbolicExecutionGraphToSCCProof (SOUND) Splitted symbolic execution graph to 2 SCCs. ---------------------------------------- (6) Complex Obligation (AND) ---------------------------------------- (7) Obligation: SCC ---------------------------------------- (8) SCC2IRS (SOUND) Transformed LLVM symbolic execution graph SCC into a rewrite problem. Log: Generated rules. Obtained 16 rulesP rules: f_424(v319, v320, v337, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, 0, v334, v335, v336, 3, 1, 4) -> f_426(v319, v320, v337, v339, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, 0, v334, v335, v336, 3, 1, 4) :|: 1 <= v339 && v340 = 3 + v339 && 4 <= v340 f_426(v319, v320, v337, v339, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, 0, v334, v335, v336, 3, 1, 4) -> f_427(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: 1 <= v341 && v342 = 3 + v341 && 4 <= v342 f_427(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_428(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: TRUE f_428(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_429(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: TRUE f_429(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_430(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: 0 = 0 f_430(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_432(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) :|: v319 != 0 && 1 <= v336 f_432(v319, v320, v337, v339, v341, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, 0, v334, v335, v336, 3, 1, 4) -> f_434(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: 0 = 0 f_434(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_436(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: TRUE f_436(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_438(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: 0 = 0 f_438(v319, v320, v337, v339, v341, 0, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_440(v319, v320, v337, v339, v341, 0, v346, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: 1 + v346 = v319 && 0 <= v346 f_440(v319, v320, v337, v339, v341, 0, v346, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_442(v319, v320, v337, v339, v341, 0, v346, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: 0 = 0 f_442(v319, v320, v337, v339, v341, 0, v346, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_444(v319, v320, v337, v339, v341, 0, v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) :|: v347 = 1 + v320 && 1 <= v347 f_444(v319, v320, v337, v339, v341, 0, v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, v340, v342, v334, v335, v336, 3, 1, 4) -> f_446(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v337, v338, v339, v340, v341, v342, 0, v334, v335, v336, v319, v320, 3, 1, 4) :|: 0 = 0 f_446(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v337, v338, v339, v340, v341, v342, 0, v334, v335, v336, v319, v320, 3, 1, 4) -> f_448(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v337, v338, v339, v340, v341, v342, 0, v334, v335, v336, v319, v320, 3, 1, 4) :|: TRUE f_448(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v337, v338, v339, v340, v341, v342, 0, v334, v335, v336, v319, v320, 3, 1, 4) -> f_422(v346, v347, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, 0, v334, v335, v336, 3, 1, 4) :|: TRUE f_422(v319, v320, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, 0, v334, v335, v336, 3, 1, 4) -> f_424(v319, v320, v337, v321, v322, v323, v324, v325, v326, v327, v328, v329, v330, v331, v332, v338, 0, v334, v335, v336, 3, 1, 4) :|: 1 <= v337 && v338 = 3 + v337 && 4 <= v338 Combined rules. Obtained 1 rulesP rules: f_424(1 + v346:0, v320:0, v337:0, v321:0, v322:0, v323:0, v324:0, v325:0, v326:0, v327:0, v328:0, v329:0, v330:0, v331:0, v332:0, v338:0, 0, v334:0, v335:0, v336:0, 3, 1, 4) -> f_424(v346:0, 1 + v320:0, v337:1, v321:0, v322:0, v323:0, v324:0, v325:0, v326:0, v327:0, v328:0, v329:0, v330:0, v331:0, v332:0, 3 + v337:1, 0, v334:0, v335:0, v336:0, 3, 1, 4) :|: v341:0 > 0 && v339:0 > 0 && v336:0 > 0 && v346:0 > -1 && v320:0 > -1 && v337:1 > 0 Filtered unneeded arguments: f_424(x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15, x16, x17, x18, x19, x20, x21, x22, x23) -> f_424(x1, x2, x20) Removed division, modulo operations, cleaned up constraints. Obtained 1 rules.P rules: f_424(sum~cons_1~v346:0, v320:0, v336:0) -> f_424(v346:0, 1 + v320:0, v336:0) :|: v346:0 > -1 && v320:0 > -1 && v336:0 > 0 && sum~cons_1~v346:0 = 1 + v346:0 ---------------------------------------- (9) Obligation: Rules: f_424(sum~cons_1~v346:0, v320:0, v336:0) -> f_424(v346:0, 1 + v320:0, v336:0) :|: v346:0 > -1 && v320:0 > -1 && v336:0 > 0 && sum~cons_1~v346:0 = 1 + v346:0 ---------------------------------------- (10) IRS2T2 (EQUIVALENT) Transformed input IRS into an integer transition system.Used the following mapping from defined symbols to location IDs: (f_424_3,1) ---------------------------------------- (11) Obligation: START: 0; FROM: 0; TO: 1; FROM: 1; oldX0 := x0; oldX1 := x1; oldX2 := x2; oldX3 := oldX0 - 1; assume(oldX3 > -1 && oldX1 > -1 && oldX2 > 0 && oldX0 = 1 + oldX3); x0 := oldX0 - 1; x1 := 1 + oldX1; x2 := oldX2; TO: 1; ---------------------------------------- (12) T2 (EQUIVALENT) Initially, performed program simplifications using lexicographic rank functions: * Removed transitions 1, 3, 4 using the following rank functions: - Rank function 1: RF for loc. 5: 1+2*x0 RF for loc. 6: 2*x0 Bound for (chained) transitions 4: 2 - Rank function 2: RF for loc. 5: 1+2*x0 RF for loc. 6: 2*x0 Bound for (chained) transitions 3: 2 - Rank function 3: RF for loc. 5: 1 RF for loc. 6: 0 Bound for (chained) transitions 1: 1 ---------------------------------------- (13) YES ---------------------------------------- (14) Obligation: SCC ---------------------------------------- (15) SCC2IRS (SOUND) Transformed LLVM symbolic execution graph SCC into a rewrite problem. Log: Generated rules. Obtained 16 rulesP rules: f_264(v55, v56, v67, v57, v58, v59, v60, v61, v62, v68, 0, v64, v65, 3, 1, 4) -> f_265(v55, v56, v67, v69, v57, v58, v59, v60, v61, v62, v68, v70, 0, v64, v65, 3, 1, 4) :|: 1 <= v69 && v70 = 3 + v69 && 4 <= v70 f_265(v55, v56, v67, v69, v57, v58, v59, v60, v61, v62, v68, v70, 0, v64, v65, 3, 1, 4) -> f_266(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: 1 <= v71 && v72 = 3 + v71 && 4 <= v72 f_266(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_267(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: TRUE f_267(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_268(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: TRUE f_268(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_269(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: 0 = 0 f_269(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_271(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) :|: v56 != 0 && 1 <= v65 f_271(v55, v56, v67, v69, v71, v57, v58, v59, v60, v61, v62, v68, v70, v72, 0, v64, v65, 3, 1, 4) -> f_273(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: 0 = 0 f_273(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_275(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: TRUE f_275(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_277(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: 0 = 0 f_277(v55, v56, v67, v69, v71, 0, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_279(v55, v56, v67, v69, v71, 0, v75, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: v75 = 1 + v55 && 1 <= v75 f_279(v55, v56, v67, v69, v71, 0, v75, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_281(v55, v56, v67, v69, v71, 0, v75, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: 0 = 0 f_281(v55, v56, v67, v69, v71, 0, v75, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_282(v55, v56, v67, v69, v71, 0, v75, v76, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) :|: 1 + v76 = v56 && 0 <= v76 f_282(v55, v56, v67, v69, v71, 0, v75, v76, v57, v58, v59, v60, v61, v62, v68, v70, v72, v64, v65, 3, 1, 4) -> f_284(v75, v76, v57, v58, v59, v60, v61, v62, v67, v68, v69, v70, v71, v72, 0, v64, v65, v55, v56, 3, 1, 4) :|: 0 = 0 f_284(v75, v76, v57, v58, v59, v60, v61, v62, v67, v68, v69, v70, v71, v72, 0, v64, v65, v55, v56, 3, 1, 4) -> f_286(v75, v76, v57, v58, v59, v60, v61, v62, v67, v68, v69, v70, v71, v72, 0, v64, v65, v55, v56, 3, 1, 4) :|: TRUE f_286(v75, v76, v57, v58, v59, v60, v61, v62, v67, v68, v69, v70, v71, v72, 0, v64, v65, v55, v56, 3, 1, 4) -> f_262(v75, v76, v57, v58, v59, v60, v61, v62, 0, v64, v65, 3, 1, 4) :|: TRUE f_262(v55, v56, v57, v58, v59, v60, v61, v62, 0, v64, v65, 3, 1, 4) -> f_264(v55, v56, v67, v57, v58, v59, v60, v61, v62, v68, 0, v64, v65, 3, 1, 4) :|: 1 <= v67 && v68 = 3 + v67 && 4 <= v68 Combined rules. Obtained 1 rulesP rules: f_264(v55:0, 1 + v76:0, v67:0, v57:0, v58:0, v59:0, v60:0, v61:0, v62:0, v68:0, 0, v64:0, v65:0, 3, 1, 4) -> f_264(1 + v55:0, v76:0, v67:1, v57:0, v58:0, v59:0, v60:0, v61:0, v62:0, 3 + v67:1, 0, v64:0, v65:0, 3, 1, 4) :|: v71:0 > 0 && v69:0 > 0 && v65:0 > 0 && v76:0 > -1 && v55:0 > -1 && v67:1 > 0 Filtered unneeded arguments: f_264(x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15, x16) -> f_264(x1, x2, x13) Removed division, modulo operations, cleaned up constraints. Obtained 1 rules.P rules: f_264(v55:0, sum~cons_1~v76:0, v65:0) -> f_264(1 + v55:0, v76:0, v65:0) :|: v76:0 > -1 && v55:0 > -1 && v65:0 > 0 && sum~cons_1~v76:0 = 1 + v76:0 ---------------------------------------- (16) Obligation: Rules: f_264(v55:0, sum~cons_1~v76:0, v65:0) -> f_264(1 + v55:0, v76:0, v65:0) :|: v76:0 > -1 && v55:0 > -1 && v65:0 > 0 && sum~cons_1~v76:0 = 1 + v76:0 ---------------------------------------- (17) IRS2T2 (EQUIVALENT) Transformed input IRS into an integer transition system.Used the following mapping from defined symbols to location IDs: (f_264_3,1) ---------------------------------------- (18) Obligation: START: 0; FROM: 0; TO: 1; FROM: 1; oldX0 := x0; oldX1 := x1; oldX2 := x2; oldX3 := oldX1 - 1; assume(oldX3 > -1 && oldX0 > -1 && oldX2 > 0 && oldX1 = 1 + oldX3); x0 := 1 + oldX0; x1 := oldX1 - 1; x2 := oldX2; TO: 1; ---------------------------------------- (19) T2 (EQUIVALENT) Initially, performed program simplifications using lexicographic rank functions: * Removed transitions 1, 3, 4 using the following rank functions: - Rank function 1: RF for loc. 5: 1+2*x1 RF for loc. 6: 2*x1 Bound for (chained) transitions 4: 2 - Rank function 2: RF for loc. 5: 1+2*x1 RF for loc. 6: 2*x1 Bound for (chained) transitions 3: 2 - Rank function 3: RF for loc. 5: 0 RF for loc. 6: -1 Bound for (chained) transitions 1: 0 ---------------------------------------- (20) YES