LTS Termination Proof

by T2Cert

Input

Integer Transition System

Initial Location: 7

Transitions: (pre-variables and post-variables)

0	0	1:	1 − ox_0 + x_0 ≤ 0 ∧ − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0
0	1	2:	ox_0 − x_0 ≤ 0 ∧ − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0
3	2	1:	c_0 ≤ 0 ∧ − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0
3	3	1:	0 ≤ 0 ∧ 0 ≤ 0 ∧ 0 ≤ 0 ∧ 0 ≤ 0 ∧ ox_post − x_0 ≤ 0 ∧ − ox_post + x_0 ≤ 0 ∧ −1 + c_post ≤ 0 ∧ 1 − c_post ≤ 0 ∧ c_0 − c_post ≤ 0 ∧ − c_0 + c_post ≤ 0 ∧ ox_0 − ox_post ≤ 0 ∧ − ox_0 + ox_post ≤ 0 ∧ − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0
4	4	3:	c_0 ≤ 0 ∧ − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0
4	5	0:	1 − c_0 ≤ 0 ∧ − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0
5	6	4:	0 ≤ 0 ∧ 0 ≤ 0 ∧ 1 − y_0 + y_post ≤ 0 ∧ −1 + y_0 − y_post ≤ 0 ∧ y_0 − y_post ≤ 0 ∧ − y_0 + y_post ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0
5	7	4:	0 ≤ 0 ∧ 0 ≤ 0 ∧ 1 − x_0 + x_post ≤ 0 ∧ −1 + x_0 − x_post ≤ 0 ∧ x_0 − x_post ≤ 0 ∧ − x_0 + x_post ≤ 0 ∧ − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0
1	8	5:	1 − x_0 ≤ 0 ∧ 1 − y_0 ≤ 0 ∧ − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0
6	9	1:	c_0 ≤ 0 ∧ − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0
7	10	6:	− y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0

Proof

1 Invariant Updates

The following invariants are asserted.

0:	1 − c_0 ≤ 0
1:	TRUE
2:	1 − c_0 ≤ 0
3:	c_0 ≤ 0
4:	TRUE
5:	1 − x_0 ≤ 0 ∧ 1 − y_0 ≤ 0
6:	TRUE
7:	TRUE

The invariants are proved as follows.

IMPACT Invariant Proof

nodes (location) invariant:

0	(0)	1 − c_0 ≤ 0
1	(1)	TRUE
2	(2)	1 − c_0 ≤ 0
3	(3)	c_0 ≤ 0
4	(4)	TRUE
5	(5)	1 − x_0 ≤ 0 ∧ 1 − y_0 ≤ 0
6	(6)	TRUE
7	(7)	TRUE

initial node: 7
cover edges:
transition edges:

0 0 1

0 1 2

1 8 5

3 2 1

3 3 1

4 4 3

4 5 0

5 6 4

5 7 4

6 9 1

7 10 6

2 Switch to Cooperation Termination Proof

We consider the following cutpoint-transitions:

− y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0

and for every transition t, a duplicate t is considered.

3 Transition Removal

We remove transitions 1, 9, 10 using the following ranking functions, which are bounded by −13.

7:	0
6:	0
0:	0
1:	0
3:	0
4:	0
5:	0
2:	0
7:	−5
6:	−6
0:	−7
1:	−7
3:	−7
4:	−7
5:	−7
1_var_snapshot:	−7
1*:	−7
2:	−8

4 Location Addition

The following skip-transition is inserted and corresponding redirections w.r.t. the old location are performed.

1* 14 1: − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0

5 Location Addition

The following skip-transition is inserted and corresponding redirections w.r.t. the old location are performed.

1 12 1_var_snapshot: − y_post + y_post ≤ 0 ∧ y_post − y_post ≤ 0 ∧ − y_0 + y_0 ≤ 0 ∧ y_0 − y_0 ≤ 0 ∧ − x_post + x_post ≤ 0 ∧ x_post − x_post ≤ 0 ∧ − x_0 + x_0 ≤ 0 ∧ x_0 − x_0 ≤ 0 ∧ − ox_post + ox_post ≤ 0 ∧ ox_post − ox_post ≤ 0 ∧ − ox_0 + ox_0 ≤ 0 ∧ ox_0 − ox_0 ≤ 0 ∧ − c_post + c_post ≤ 0 ∧ c_post − c_post ≤ 0 ∧ − c_0 + c_0 ≤ 0 ∧ c_0 − c_0 ≤ 0

6 SCC Decomposition

We consider subproblems for each of the 1 SCC(s) of the program graph.

6.1 SCC Subproblem 1/1

Here we consider the SCC { 0, 1, 3, 4, 5, 1_var_snapshot, 1* }.

6.1.1 Transition Removal

We remove transitions 6, 7, 8 using the following ranking functions, which are bounded by 9.

0:	−1 + 9⋅x_0 + 8⋅y_0
1:	−3 + 9⋅x_0 + 8⋅y_0
3:	−1 + 9⋅x_0 + 8⋅y_0
4:	9⋅x_0 + 8⋅y_0
5:	−7 + 9⋅x_0 + 8⋅y_0
1_var_snapshot:	−3 + 9⋅x_0 + 8⋅y_0
1*:	−2 + 9⋅x_0 + 8⋅y_0

6.1.2 Transition Removal

We remove transitions 12, 14, 0, 2, 3, 4, 5 using the following ranking functions, which are bounded by −2.

0:	1
1:	−1
3:	1
4:	2
5:	0
1_var_snapshot:	−2
1*:	0

6.1.3 Splitting Cut-Point Transitions

We consider 1 subproblems corresponding to sets of cut-point transitions as follows.

6.1.3.1 Cut-Point Subproblem 1/1

Here we consider cut-point transition 11.

6.1.3.1.1 Splitting Cut-Point Transitions

There remain no cut-point transition to consider. Hence the cooperation termination is trivial.

Tool configuration

T2Cert

version: 1.0