LTS Termination Proof

by T2Cert

Input

Integer Transition System

Proof

1 Invariant Updates

The following invariants are asserted.

0: −1 + y_post ≤ 0−1 + y_0 ≤ 0
1: −1 + y_post ≤ 0−1 + y_0 ≤ 0
2: TRUE
3: TRUE

The invariants are proved as follows.

IMPACT Invariant Proof

2 Switch to Cooperation Termination Proof

We consider the following cutpoint-transitions:
0 4 0: y_post + y_post ≤ 0y_posty_post ≤ 0y_0 + y_0 ≤ 0y_0y_0 ≤ 0x_post + x_post ≤ 0x_postx_post ≤ 0x_0 + x_0 ≤ 0x_0x_0 ≤ 0
and for every transition t, a duplicate t is considered.

3 Transition Removal

We remove transitions 2, 3 using the following ranking functions, which are bounded by −11.

3: 0
2: 0
0: 0
1: 0
3: −4
2: −5
0: −6
1: −6
0_var_snapshot: −6
0*: −6
Hints:
5 lexWeak[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0] ]
0 lexWeak[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] ]
1 lexWeak[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0] ]
2 lexStrict[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0] , [0, 0, 0, 0, 0, 0, 0, 0, 0, 0] ]
3 lexStrict[ [0, 0, 0, 0, 0, 0, 0, 0] , [0, 0, 0, 0, 0, 0, 0, 0] ]

4 Location Addition

The following skip-transition is inserted and corresponding redirections w.r.t. the old location are performed.

0* 7 0: y_post + y_post ≤ 0y_posty_post ≤ 0y_0 + y_0 ≤ 0y_0y_0 ≤ 0x_post + x_post ≤ 0x_postx_post ≤ 0x_0 + x_0 ≤ 0x_0x_0 ≤ 0

5 Location Addition

The following skip-transition is inserted and corresponding redirections w.r.t. the old location are performed.

0 5 0_var_snapshot: y_post + y_post ≤ 0y_posty_post ≤ 0y_0 + y_0 ≤ 0y_0y_0 ≤ 0x_post + x_post ≤ 0x_postx_post ≤ 0x_0 + x_0 ≤ 0x_0x_0 ≤ 0

6 SCC Decomposition

We consider subproblems for each of the 1 SCC(s) of the program graph.

6.1 SCC Subproblem 1/1

Here we consider the SCC { 0, 1, 0_var_snapshot, 0* }.

6.1.1 Splitting Cut-Point Transitions

We consider 1 subproblems corresponding to sets of cut-point transitions as follows.

6.1.1.1 Cut-Point Subproblem 1/1

Here we consider cut-point transition 4.

6.1.1.1.1 Fresh Variable Addition

The new variable __snapshot_0_y_post is introduced. The transition formulas are extended as follows:

5: __snapshot_0_y_posty_posty_post__snapshot_0_y_post
7: __snapshot_0_y_post__snapshot_0_y_post__snapshot_0_y_post__snapshot_0_y_post
0: __snapshot_0_y_post__snapshot_0_y_post__snapshot_0_y_post__snapshot_0_y_post
1: __snapshot_0_y_post__snapshot_0_y_post__snapshot_0_y_post__snapshot_0_y_post

6.1.1.1.2 Fresh Variable Addition

The new variable __snapshot_0_y_0 is introduced. The transition formulas are extended as follows:

5: __snapshot_0_y_0y_0y_0__snapshot_0_y_0
7: __snapshot_0_y_0__snapshot_0_y_0__snapshot_0_y_0__snapshot_0_y_0
0: __snapshot_0_y_0__snapshot_0_y_0__snapshot_0_y_0__snapshot_0_y_0
1: __snapshot_0_y_0__snapshot_0_y_0__snapshot_0_y_0__snapshot_0_y_0

6.1.1.1.3 Fresh Variable Addition

The new variable __snapshot_0_x_post is introduced. The transition formulas are extended as follows:

5: __snapshot_0_x_postx_postx_post__snapshot_0_x_post
7: __snapshot_0_x_post__snapshot_0_x_post__snapshot_0_x_post__snapshot_0_x_post
0: __snapshot_0_x_post__snapshot_0_x_post__snapshot_0_x_post__snapshot_0_x_post
1: __snapshot_0_x_post__snapshot_0_x_post__snapshot_0_x_post__snapshot_0_x_post

6.1.1.1.4 Fresh Variable Addition

The new variable __snapshot_0_x_0 is introduced. The transition formulas are extended as follows:

5: __snapshot_0_x_0x_0x_0__snapshot_0_x_0
7: __snapshot_0_x_0__snapshot_0_x_0__snapshot_0_x_0__snapshot_0_x_0
0: __snapshot_0_x_0__snapshot_0_x_0__snapshot_0_x_0__snapshot_0_x_0
1: __snapshot_0_x_0__snapshot_0_x_0__snapshot_0_x_0__snapshot_0_x_0

6.1.1.1.5 Invariant Updates

The following invariants are asserted.

0: 1 − 3⋅y_0 ≤ 0−1 + y_post ≤ 0−1 + y_0 ≤ 0
1: 1 − 3⋅y_0 ≤ 0−1 + y_post ≤ 0−1 + y_0 ≤ 0
2: TRUE
3: TRUE
0: 1 − 3⋅y_0 ≤ 0−1 + y_post ≤ 0−1 + y_0 ≤ 01 − __snapshot_0_x_0 + x_0 ≤ 01 − 3⋅y_0 ≤ 0__snapshot_0_x_0 ≤ 0−1 + y_post ≤ 0−1 + y_0 ≤ 0
1: 1 − __snapshot_0_x_0 + x_0 ≤ 01 − 3⋅y_0 ≤ 0__snapshot_0_x_0 ≤ 0−1 + y_post ≤ 0−1 + y_0 ≤ 0
0_var_snapshot: __snapshot_0_x_0 + x_0 ≤ 01 − __snapshot_0_x_0 + x_0 − 3⋅y_0 ≤ 01 − 3⋅y_0 ≤ 0−1 + y_post ≤ 0−1 + y_0 ≤ 0
0*: 1 − __snapshot_0_x_0 + x_0 ≤ 01 − 3⋅y_0 ≤ 0__snapshot_0_x_0 ≤ 0−1 + y_post ≤ 0−1 + y_0 ≤ 0

The invariants are proved as follows.

IMPACT Invariant Proof

6.1.1.1.6 Transition Removal

We remove transition 7 using the following ranking functions, which are bounded by −2.

0: x_0
1: __snapshot_0_x_0
0_var_snapshot: __snapshot_0_x_0
0*: __snapshot_0_x_0
Hints:
5 distribute assertion
lexWeak[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0] ]
lexWeak[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0] ]
7 lexStrict[ [1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0] , [0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] ]
0 lexWeak[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0] ]
1 lexWeak[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0] ]

6.1.1.1.7 Transition Removal

We remove transition 5 using the following ranking functions, which are bounded by −6.

0: −1
0_var_snapshot: −2
1: −3
0*: −4
Hints:
5 distribute assertion
lexStrict[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] , [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] ]
lexStrict[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] , [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] ]
0 lexWeak[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] ]
1 lexWeak[ [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] ]

6.1.1.1.8 Splitting Cut-Point Transitions

There remain no cut-point transition to consider. Hence the cooperation termination is trivial.

Tool configuration

T2Cert