mirror of
https://github.com/AdaCore/why3.git
synced 2026-02-12 12:34:55 -08:00
314 lines
15 KiB
XML
314 lines
15 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE why3session PUBLIC "-//Why3//proof session v5//EN"
|
|
"http://why3.lri.fr/why3session.dtd">
|
|
<why3session shape_version="6">
|
|
<prover id="0" name="Z3" version="4.8.4" timelimit="1" steplimit="0" memlimit="1000"/>
|
|
<prover id="1" name="Z3" version="4.8.6" timelimit="1" steplimit="0" memlimit="1000"/>
|
|
<prover id="2" name="Alt-Ergo" version="2.3.0" timelimit="1" steplimit="0" memlimit="1000"/>
|
|
<file format="whyml" proved="true">
|
|
<path name=".."/><path name="string_search.mlw"/>
|
|
<theory name="Occurs" proved="true">
|
|
<goal name="occurs'vc" expl="VC for occurs" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="occurs'vc.0" expl="integer overflow" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="24"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.1" expl="loop invariant init" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.03" steps="95"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.2" expl="assertion" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.02" steps="23130"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.3" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="33"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.4" expl="integer overflow" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.03" steps="35"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.5" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="35"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.6" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.05" steps="188"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.7" expl="loop invariant preservation" proved="true">
|
|
<transf name="rewrite" proved="true" arg1="<-" arg2="concat_substring">
|
|
<goal name="occurs'vc.7.0" expl="loop invariant preservation" proved="true">
|
|
<proof prover="2" timelimit="5"><result status="valid" time="3.49" steps="5930"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.7.1" expl="rewrite premises" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="39"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.7.2" expl="rewrite premises" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="39"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.7.3" expl="rewrite premises" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="39"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.7.4" expl="rewrite premises" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="39"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.7.5" expl="rewrite premises" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="39"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
<goal name="occurs'vc.8" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.06" steps="244"/></proof>
|
|
</goal>
|
|
<goal name="occurs'vc.9" expl="VC for occurs" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.02" steps="23287"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
</theory>
|
|
<theory name="Naive" proved="true">
|
|
<goal name="search1'vc" expl="VC for search1" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="search1'vc.0" expl="integer overflow" proved="true">
|
|
<proof prover="0"><result status="valid" time="0.02" steps="14631"/></proof>
|
|
</goal>
|
|
<goal name="search1'vc.1" expl="loop invariant init" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="24"/></proof>
|
|
</goal>
|
|
<goal name="search1'vc.2" expl="precondition" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.02" steps="23418"/></proof>
|
|
</goal>
|
|
<goal name="search1'vc.3" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="30"/></proof>
|
|
</goal>
|
|
<goal name="search1'vc.4" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="32"/></proof>
|
|
</goal>
|
|
<goal name="search1'vc.5" expl="loop invariant preservation" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="118"/></proof>
|
|
</goal>
|
|
<goal name="search1'vc.6" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="22"/></proof>
|
|
</goal>
|
|
<goal name="search1'vc.7" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="70"/></proof>
|
|
</goal>
|
|
<goal name="search1'vc.8" expl="out of loop bounds" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="21"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
<goal name="search2'vc" expl="VC for search2" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="search2'vc.0" expl="integer overflow" proved="true">
|
|
<proof prover="0"><result status="valid" time="0.03" steps="14631"/></proof>
|
|
</goal>
|
|
<goal name="search2'vc.1" expl="loop invariant init" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="24"/></proof>
|
|
</goal>
|
|
<goal name="search2'vc.2" expl="precondition" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="search2'vc.2.0" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="26"/></proof>
|
|
</goal>
|
|
<goal name="search2'vc.2.1" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="26"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
<goal name="search2'vc.3" expl="precondition" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.02" steps="25151"/></proof>
|
|
</goal>
|
|
<goal name="search2'vc.4" expl="postcondition" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="search2'vc.4.0" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="30"/></proof>
|
|
</goal>
|
|
<goal name="search2'vc.4.1" expl="postcondition" proved="true">
|
|
<transf name="unfold" proved="true" arg1="matches">
|
|
<goal name="search2'vc.4.1.0" expl="postcondition" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="search2'vc.4.1.0.0" expl="postcondition" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.02" steps="27230"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
<goal name="search2'vc.5" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="169"/></proof>
|
|
</goal>
|
|
<goal name="search2'vc.6" expl="loop invariant preservation" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="36"/></proof>
|
|
</goal>
|
|
<goal name="search2'vc.7" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="22"/></proof>
|
|
</goal>
|
|
<goal name="search2'vc.8" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="70"/></proof>
|
|
</goal>
|
|
<goal name="search2'vc.9" expl="out of loop bounds" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.03" steps="23465"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
</theory>
|
|
<theory name="BadShiftTable" proved="true">
|
|
<goal name="bad_shift_table'vc" expl="VC for bad_shift_table" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.03" steps="161"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc" expl="VC for make_table" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="make_table'vc.0" expl="integer overflow" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.06" steps="18"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.1" expl="loop invariant init" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="21"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.2" expl="loop invariant init" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.03" steps="116"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.3" expl="loop invariant init" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.03" steps="27"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.4" expl="integer overflow" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="25"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.5" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="25"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.6" expl="loop invariant preservation" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="143"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.7" expl="loop invariant preservation" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.11" steps="489"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.8" expl="loop invariant preservation" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="322"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.9" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="27"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.10" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="49"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.11" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.08" steps="83"/></proof>
|
|
</goal>
|
|
<goal name="make_table'vc.12" expl="out of loop bounds" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="18"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
<goal name="shift'vc" expl="VC for shift" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="shift'vc.0" expl="assertion" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.04" steps="91"/></proof>
|
|
</goal>
|
|
<goal name="shift'vc.1" expl="assertion" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.07" steps="205"/></proof>
|
|
</goal>
|
|
<goal name="shift'vc.2" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="30"/></proof>
|
|
</goal>
|
|
<goal name="shift'vc.3" expl="postcondition" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="shift'vc.3.0" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="24"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
<goal name="no_shift'vc" expl="VC for no_shift" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.44" steps="1056"/></proof>
|
|
</goal>
|
|
<goal name="search'vc" expl="VC for search" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="search'vc.0" expl="loop invariant init" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="23"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.1" expl="loop invariant init" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.06" steps="5631"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.2" expl="integer overflow" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.03" steps="90349"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.3" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="33"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.4" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="37"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.5" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="39"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.6" expl="integer overflow" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.04" steps="117230"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.7" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="41"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.8" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="142"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.9" expl="integer overflow" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.03" steps="102210"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.10" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="45"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.11" expl="precondition" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.03" steps="91382"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.12" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="50"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.13" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="49"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.14" expl="precondition" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="search'vc.14.0" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="45"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.14.1" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="45"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
<goal name="search'vc.15" expl="precondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="50"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.16" expl="integer overflow" proved="true">
|
|
<proof prover="1"><result status="valid" time="0.03" steps="136641"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.17" expl="integer overflow" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="212"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.18" expl="loop variant decrease" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.02" steps="126"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.19" expl="loop invariant preservation" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.03" steps="167"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.20" expl="loop invariant preservation" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.37" steps="943"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.21" expl="postcondition" proved="true">
|
|
<proof prover="2" timelimit="5"><result status="valid" time="0.01" steps="33"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.22" expl="postcondition" proved="true">
|
|
<transf name="split_vc" proved="true" >
|
|
<goal name="search'vc.22.0" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="109"/></proof>
|
|
</goal>
|
|
<goal name="search'vc.22.1" expl="postcondition" proved="true">
|
|
<proof prover="2"><result status="valid" time="0.01" steps="31"/></proof>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
</transf>
|
|
</goal>
|
|
</theory>
|
|
</file>
|
|
</why3session>
|