java -ea -Xmx8000000000 -Xss4m -jar ./plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata ./data -tc ../../../trunk/examples/toolchains/AutomizerBplInline.xml -s ../../../trunk/examples/settings/ai/array-bench/reach_32bit_array_oct.epf -i ../../../trunk/examples/programs/toy/tooDifficultLoopInvariant/ArrayInit01.bpl -------------------------------------------------------------------------------- This is Ultimate 0.1.24-1377b90 [2019-01-07 14:42:02,784 INFO L170 SettingsManager]: Resetting all preferences to default values... [2019-01-07 14:42:02,787 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2019-01-07 14:42:02,805 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2019-01-07 14:42:02,805 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2019-01-07 14:42:02,807 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2019-01-07 14:42:02,810 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2019-01-07 14:42:02,812 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2019-01-07 14:42:02,821 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2019-01-07 14:42:02,822 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2019-01-07 14:42:02,823 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2019-01-07 14:42:02,823 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2019-01-07 14:42:02,829 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2019-01-07 14:42:02,830 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2019-01-07 14:42:02,831 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2019-01-07 14:42:02,834 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2019-01-07 14:42:02,835 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2019-01-07 14:42:02,839 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2019-01-07 14:42:02,842 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2019-01-07 14:42:02,846 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2019-01-07 14:42:02,849 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2019-01-07 14:42:02,852 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2019-01-07 14:42:02,856 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2019-01-07 14:42:02,857 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2019-01-07 14:42:02,857 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2019-01-07 14:42:02,858 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2019-01-07 14:42:02,859 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2019-01-07 14:42:02,861 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2019-01-07 14:42:02,862 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2019-01-07 14:42:02,864 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2019-01-07 14:42:02,865 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2019-01-07 14:42:02,865 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2019-01-07 14:42:02,867 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2019-01-07 14:42:02,868 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2019-01-07 14:42:02,869 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2019-01-07 14:42:02,870 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2019-01-07 14:42:02,870 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/ai/array-bench/reach_32bit_array_oct.epf [2019-01-07 14:42:02,892 INFO L110 SettingsManager]: Loading preferences was successful [2019-01-07 14:42:02,893 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2019-01-07 14:42:02,894 INFO L131 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2019-01-07 14:42:02,895 INFO L133 SettingsManager]: * Show backtranslation warnings=false [2019-01-07 14:42:02,895 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2019-01-07 14:42:02,895 INFO L133 SettingsManager]: * User list type=DISABLED [2019-01-07 14:42:02,895 INFO L133 SettingsManager]: * Inline calls to unimplemented procedures=true [2019-01-07 14:42:02,896 INFO L131 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2019-01-07 14:42:02,896 INFO L133 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2019-01-07 14:42:02,897 INFO L133 SettingsManager]: * Underlying domain=OctagonDomain [2019-01-07 14:42:02,897 INFO L133 SettingsManager]: * Abstract domain=ArrayDomain [2019-01-07 14:42:02,897 INFO L133 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2019-01-07 14:42:02,897 INFO L133 SettingsManager]: * Interval Domain=false [2019-01-07 14:42:02,898 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2019-01-07 14:42:02,898 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2019-01-07 14:42:02,899 INFO L133 SettingsManager]: * Use SBE=true [2019-01-07 14:42:02,899 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2019-01-07 14:42:02,899 INFO L133 SettingsManager]: * sizeof long=4 [2019-01-07 14:42:02,899 INFO L133 SettingsManager]: * Overapproximate operations on floating types=true [2019-01-07 14:42:02,899 INFO L133 SettingsManager]: * sizeof POINTER=4 [2019-01-07 14:42:02,900 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2019-01-07 14:42:02,900 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2019-01-07 14:42:02,900 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2019-01-07 14:42:02,900 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2019-01-07 14:42:02,900 INFO L133 SettingsManager]: * sizeof long double=12 [2019-01-07 14:42:02,902 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2019-01-07 14:42:02,903 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2019-01-07 14:42:02,903 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2019-01-07 14:42:02,903 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2019-01-07 14:42:02,903 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2019-01-07 14:42:02,903 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-01-07 14:42:02,904 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2019-01-07 14:42:02,904 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2019-01-07 14:42:02,904 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2019-01-07 14:42:02,904 INFO L133 SettingsManager]: * Trace refinement strategy=TAIPAN [2019-01-07 14:42:02,905 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2019-01-07 14:42:02,905 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2019-01-07 14:42:02,905 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2019-01-07 14:42:02,905 INFO L133 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2019-01-07 14:42:02,965 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2019-01-07 14:42:02,980 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2019-01-07 14:42:02,986 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2019-01-07 14:42:02,988 INFO L271 PluginConnector]: Initializing Boogie PL CUP Parser... [2019-01-07 14:42:02,989 INFO L276 PluginConnector]: Boogie PL CUP Parser initialized [2019-01-07 14:42:02,990 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/toy/tooDifficultLoopInvariant/ArrayInit01.bpl [2019-01-07 14:42:02,991 INFO L111 BoogieParser]: Parsing: '/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/toy/tooDifficultLoopInvariant/ArrayInit01.bpl' [2019-01-07 14:42:03,044 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2019-01-07 14:42:03,046 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2019-01-07 14:42:03,047 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2019-01-07 14:42:03,047 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2019-01-07 14:42:03,047 INFO L276 PluginConnector]: Boogie Procedure Inliner initialized [2019-01-07 14:42:03,071 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... [2019-01-07 14:42:03,084 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... [2019-01-07 14:42:03,094 WARN L165 Inliner]: Program contained no entry procedure! [2019-01-07 14:42:03,094 WARN L168 Inliner]: Missing entry procedures: [ULTIMATE.start] [2019-01-07 14:42:03,094 WARN L175 Inliner]: Fallback enabled. All procedures will be processed. [2019-01-07 14:42:03,097 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2019-01-07 14:42:03,099 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2019-01-07 14:42:03,099 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2019-01-07 14:42:03,099 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2019-01-07 14:42:03,112 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... [2019-01-07 14:42:03,113 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... [2019-01-07 14:42:03,114 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... [2019-01-07 14:42:03,115 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... [2019-01-07 14:42:03,122 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... [2019-01-07 14:42:03,129 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... [2019-01-07 14:42:03,130 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... [2019-01-07 14:42:03,131 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2019-01-07 14:42:03,132 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2019-01-07 14:42:03,132 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2019-01-07 14:42:03,132 INFO L276 PluginConnector]: RCFGBuilder initialized [2019-01-07 14:42:03,135 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-01-07 14:42:03,207 INFO L124 BoogieDeclarations]: Specification and implementation of procedure main given in one single declaration [2019-01-07 14:42:03,208 INFO L130 BoogieDeclarations]: Found specification of procedure main [2019-01-07 14:42:03,208 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2019-01-07 14:42:03,505 INFO L278 CfgBuilder]: Using library mode [2019-01-07 14:42:03,506 INFO L286 CfgBuilder]: Removed 0 assue(true) statements. [2019-01-07 14:42:03,507 INFO L202 PluginConnector]: Adding new model ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 07.01 02:42:03 BoogieIcfgContainer [2019-01-07 14:42:03,508 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2019-01-07 14:42:03,509 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2019-01-07 14:42:03,509 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2019-01-07 14:42:03,512 INFO L276 PluginConnector]: TraceAbstraction initialized [2019-01-07 14:42:03,513 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 02:42:03" (1/2) ... [2019-01-07 14:42:03,514 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5539e189 and model type ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 07.01 02:42:03, skipping insertion in model container [2019-01-07 14:42:03,514 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "ArrayInit01.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 07.01 02:42:03" (2/2) ... [2019-01-07 14:42:03,516 INFO L112 eAbstractionObserver]: Analyzing ICFG ArrayInit01.bpl [2019-01-07 14:42:03,528 INFO L156 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2019-01-07 14:42:03,538 INFO L168 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2019-01-07 14:42:03,582 INFO L257 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2019-01-07 14:42:03,662 INFO L382 AbstractCegarLoop]: Interprodecural is true [2019-01-07 14:42:03,665 INFO L383 AbstractCegarLoop]: Hoare is true [2019-01-07 14:42:03,665 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2019-01-07 14:42:03,665 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2019-01-07 14:42:03,665 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2019-01-07 14:42:03,665 INFO L387 AbstractCegarLoop]: Difference is false [2019-01-07 14:42:03,666 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2019-01-07 14:42:03,666 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2019-01-07 14:42:03,697 INFO L276 IsEmpty]: Start isEmpty. Operand 6 states. [2019-01-07 14:42:03,704 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 4 [2019-01-07 14:42:03,704 INFO L394 BasicCegarLoop]: Found error trace [2019-01-07 14:42:03,706 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1] [2019-01-07 14:42:03,709 INFO L423 AbstractCegarLoop]: === Iteration 1 === [mainErr0ASSERT_VIOLATIONASSERT]=== [2019-01-07 14:42:03,717 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-07 14:42:03,717 INFO L82 PathProgramCache]: Analyzing trace with hash 29984, now seen corresponding path program 1 times [2019-01-07 14:42:03,721 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-07 14:42:03,807 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:42:03,807 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-07 14:42:03,807 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:42:03,808 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-07 14:42:03,853 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:42:03,985 INFO L273 TraceCheckUtils]: 0: Hoare triple {9#true} i := 0;assume j == i; {11#(= i 0)} is VALID [2019-01-07 14:42:03,999 INFO L273 TraceCheckUtils]: 1: Hoare triple {11#(= i 0)} assume !(i < n);assume 0 <= r && r < n; {10#false} is VALID [2019-01-07 14:42:04,000 INFO L273 TraceCheckUtils]: 2: Hoare triple {10#false} assume !(a[r] == 0); {10#false} is VALID [2019-01-07 14:42:04,002 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:42:04,004 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2019-01-07 14:42:04,004 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2019-01-07 14:42:04,004 INFO L257 anRefinementStrategy]: Using the first perfect interpolant sequence [2019-01-07 14:42:04,010 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 3 [2019-01-07 14:42:04,012 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-07 14:42:04,015 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states. [2019-01-07 14:42:04,032 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 3 edges. 3 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:42:04,032 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2019-01-07 14:42:04,042 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2019-01-07 14:42:04,043 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-01-07 14:42:04,046 INFO L87 Difference]: Start difference. First operand 6 states. Second operand 3 states. [2019-01-07 14:42:04,168 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:42:04,168 INFO L93 Difference]: Finished difference Result 11 states and 11 transitions. [2019-01-07 14:42:04,168 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2019-01-07 14:42:04,169 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 3 [2019-01-07 14:42:04,169 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-07 14:42:04,170 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2019-01-07 14:42:04,176 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 11 transitions. [2019-01-07 14:42:04,177 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 3 states. [2019-01-07 14:42:04,178 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 11 transitions. [2019-01-07 14:42:04,179 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 11 transitions. [2019-01-07 14:42:04,246 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:42:04,259 INFO L225 Difference]: With dead ends: 11 [2019-01-07 14:42:04,260 INFO L226 Difference]: Without dead ends: 5 [2019-01-07 14:42:04,266 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2019-01-07 14:42:04,282 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 5 states. [2019-01-07 14:42:04,305 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 5 to 5. [2019-01-07 14:42:04,305 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-07 14:42:04,305 INFO L82 GeneralOperation]: Start isEquivalent. First operand 5 states. Second operand 5 states. [2019-01-07 14:42:04,306 INFO L74 IsIncluded]: Start isIncluded. First operand 5 states. Second operand 5 states. [2019-01-07 14:42:04,306 INFO L87 Difference]: Start difference. First operand 5 states. Second operand 5 states. [2019-01-07 14:42:04,308 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:42:04,308 INFO L93 Difference]: Finished difference Result 5 states and 5 transitions. [2019-01-07 14:42:04,308 INFO L276 IsEmpty]: Start isEmpty. Operand 5 states and 5 transitions. [2019-01-07 14:42:04,308 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:42:04,309 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:42:04,309 INFO L74 IsIncluded]: Start isIncluded. First operand 5 states. Second operand 5 states. [2019-01-07 14:42:04,309 INFO L87 Difference]: Start difference. First operand 5 states. Second operand 5 states. [2019-01-07 14:42:04,310 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:42:04,310 INFO L93 Difference]: Finished difference Result 5 states and 5 transitions. [2019-01-07 14:42:04,311 INFO L276 IsEmpty]: Start isEmpty. Operand 5 states and 5 transitions. [2019-01-07 14:42:04,311 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:42:04,311 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:42:04,311 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-07 14:42:04,312 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-07 14:42:04,312 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2019-01-07 14:42:04,313 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 5 transitions. [2019-01-07 14:42:04,315 INFO L78 Accepts]: Start accepts. Automaton has 5 states and 5 transitions. Word has length 3 [2019-01-07 14:42:04,315 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-07 14:42:04,315 INFO L480 AbstractCegarLoop]: Abstraction has 5 states and 5 transitions. [2019-01-07 14:42:04,315 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2019-01-07 14:42:04,315 INFO L276 IsEmpty]: Start isEmpty. Operand 5 states and 5 transitions. [2019-01-07 14:42:04,316 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 5 [2019-01-07 14:42:04,316 INFO L394 BasicCegarLoop]: Found error trace [2019-01-07 14:42:04,316 INFO L402 BasicCegarLoop]: trace histogram [1, 1, 1, 1] [2019-01-07 14:42:04,316 INFO L423 AbstractCegarLoop]: === Iteration 2 === [mainErr0ASSERT_VIOLATIONASSERT]=== [2019-01-07 14:42:04,317 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-07 14:42:04,317 INFO L82 PathProgramCache]: Analyzing trace with hash 927558, now seen corresponding path program 1 times [2019-01-07 14:42:04,317 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-07 14:42:04,318 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:42:04,318 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-07 14:42:04,318 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:42:04,318 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-07 14:42:04,334 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:42:04,770 WARN L181 SmtUtils]: Spent 232.00 ms on a formula simplification. DAG size of input: 17 DAG size of output: 7 [2019-01-07 14:42:04,797 INFO L273 TraceCheckUtils]: 0: Hoare triple {44#true} i := 0;assume j == i; {46#(= i 0)} is VALID [2019-01-07 14:42:04,803 INFO L273 TraceCheckUtils]: 1: Hoare triple {46#(= i 0)} assume i < n;a := a[i := 0];i := i + 1; {47#(and (<= i 1) (= 0 (select a 0)))} is VALID [2019-01-07 14:42:04,804 INFO L273 TraceCheckUtils]: 2: Hoare triple {47#(and (<= i 1) (= 0 (select a 0)))} assume !(i < n);assume 0 <= r && r < n; {48#(and (= r 0) (= 0 (select a r)))} is VALID [2019-01-07 14:42:04,808 INFO L273 TraceCheckUtils]: 3: Hoare triple {48#(and (= r 0) (= 0 (select a r)))} assume !(a[r] == 0); {45#false} is VALID [2019-01-07 14:42:04,809 INFO L134 CoverageAnalysis]: Checked inductivity of 1 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:42:04,809 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:42:04,810 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode ABSTRACT_INTERPRETATION [2019-01-07 14:42:04,812 INFO L205 CegarAbsIntRunner]: Running AI on error trace of length 5 with the following transitions: [2019-01-07 14:42:04,815 INFO L207 CegarAbsIntRunner]: [0], [4], [6], [7] [2019-01-07 14:42:04,878 INFO L148 AbstractInterpreter]: Using domain ArrayDomain [2019-01-07 14:42:04,879 INFO L101 FixpointEngine]: Starting fixpoint engine with domain ArrayDomain (maxUnwinding=3, maxParallelStates=2) [2019-01-07 14:42:23,462 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-07 14:42:23,462 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-07 14:42:23,463 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-07 14:42:23,464 WARN L223 ngHoareTripleChecker]: -- [2019-01-07 14:42:23,465 WARN L224 ngHoareTripleChecker]: Pre: {2147483635#(or (forall ((v_idx_58 Int) (v_idx_59 Int) (v_idx_57 Int) (v_idx_60 Int)) (exists ((v_b_6_1 Int) (v_b_7_1 Int) (v_v_136_1 Int) (v_v_135_1 Int) (v_v_134_1 Int) (v_v_132_1 Int)) (and (<= (- (- v_b_7_1) (- c_i)) 0) (<= (- (- v_b_6_1) v_b_6_1) 0) (<= (- v_b_6_1 v_b_7_1) 0) (<= (- (- c_i) v_v_135_1) 0) (<= (- (- v_b_7_1) (- c_j)) 0) (<= (- c_i v_v_135_1) 1) (<= (- v_b_6_1 (- v_b_7_1)) 1) (or (<= v_b_6_1 v_idx_57) (= v_v_132_1 (select c_a v_idx_57))) (<= (- v_b_7_1 (- v_b_7_1)) 2) (<= (- (- c_i) (- v_v_135_1)) 0) (<= (- (- c_i) c_j) 0) (<= (- v_b_6_1 (- c_j)) 0) (<= (- (- v_b_6_1) c_i) 0) (<= (- v_v_135_1 (- v_v_135_1)) 0) (<= (- v_b_7_1 v_v_135_1) 1) (<= (- (- v_b_6_1) v_b_7_1) 0) (<= (- v_b_7_1 c_j) 1) (<= (- v_b_6_1 (- v_v_135_1)) 0) (<= (- (- v_b_6_1) (- c_j)) 0) (= c_i v_b_7_1) (or (= (select c_a v_idx_59) v_v_134_1) (< v_idx_59 v_b_7_1)) (<= (- v_b_7_1 c_i) 0) (<= (- v_b_6_1 (- c_i)) 1) (<= (- (- v_v_135_1) v_v_135_1) 0) (<= (- (- v_b_7_1) c_j) 0) (= v_v_136_1 (select |c_old(a)| v_idx_60)) (<= (- v_b_7_1 (- c_i)) 2) (<= (- (- v_b_7_1) v_b_7_1) 0) (= (- v_v_135_1) c_j) (= c_j 0) (= c_j (- c_j)) (<= (- c_i c_j) 1) (<= (- (- c_i) (- c_j)) 0) (<= (- v_b_6_1 v_v_135_1) 0) (<= (- c_i (- c_i)) 2) (<= (- (- v_b_7_1) v_v_135_1) 0) (<= (- (- c_j) v_v_135_1) 0) (<= (- (- v_b_6_1) (- v_b_7_1)) 1) (<= (- v_b_6_1 c_j) 0) (<= (- v_b_7_1 (- v_v_135_1)) 1) (<= (- (- c_j) c_j) 0) (<= (- (- c_j) (- v_v_135_1)) 0) (<= (- c_j (- c_j)) 0) (<= (- (- v_b_7_1) (- v_v_135_1)) 0) (or (< v_idx_58 v_b_6_1) (<= v_b_7_1 v_idx_58) (= (select c_a v_idx_58) v_v_135_1)) (= c_j v_b_6_1) (<= (- v_b_7_1 (- c_j)) 1) (<= (- c_j (- v_v_135_1)) 0) (<= (- (- v_b_6_1) c_j) 0) (<= (- (- c_i) c_i) 0) (<= (- (- v_b_6_1) v_v_135_1) 0) (<= (- c_i (- c_j)) 1) (<= (- (- v_b_6_1) (- c_i)) 1) (<= (- v_b_6_1 (- v_b_6_1)) 0) (<= (- (- v_b_7_1) c_i) 0) (<= (- c_i (- v_v_135_1)) 1) (= v_v_135_1 c_j) (<= (- (- v_b_6_1) (- v_v_135_1)) 0) (<= (- c_j v_v_135_1) 0) (<= (- v_b_6_1 c_i) 0)))) (forall ((v_idx_56 Int) (v_idx_54 Int) (v_idx_55 Int) (v_idx_53 Int)) (exists ((v_v_14_1 Int) (v_b_5_1 Int) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_3_1 Int) (v_b_0_1 Int)) (and (<= (- c_i (- v_v_3_1)) 2) (<= (- v_b_5_1 c_n) 0) (= (+ v_v_3_1 2) c_i) (<= (- v_b_0_1 (- v_b_5_1)) 2) (<= (- (- v_b_0_1) c_i) (- 2)) (= 0 v_v_3_1) (<= (- (- v_b_5_1) v_b_5_1) (- 4)) (<= (- (- v_b_0_1) c_n) (- 2)) (<= (- c_i v_v_3_1) 2) (<= (- c_i c_n) 0) (= (+ (- c_i) 2) 0) (<= (- v_b_0_1 c_i) (- 2)) (<= (- (- v_b_0_1) c_j) 0) (<= (- (- c_i) v_v_3_1) (- 2)) (<= (- v_b_5_1 c_i) 0) (= (+ v_v_3_1 2) 2) (<= (- v_b_5_1 (- c_j)) 2) (<= (- v_b_0_1 (- c_i)) 2) (<= (- (- c_i) c_n) (- 4)) (<= (- v_b_0_1 (- v_v_3_1)) 0) (<= (- c_i c_j) 2) (<= (- c_j v_v_3_1) 0) (<= (- v_b_0_1 (- v_b_0_1)) 0) (<= (- v_b_0_1 (- c_j)) 0) (<= (- (- c_n) c_n) (- 4)) (= (- v_v_3_1) 0) (<= (- v_b_0_1 c_j) 0) (<= (- (- v_b_0_1) v_b_0_1) 0) (<= (- v_b_5_1 (- v_b_5_1)) 4) (= c_j 0) (<= (- (- v_b_0_1) (- c_i)) 2) (<= (- (- v_b_5_1) (- v_v_3_1)) (- 2)) (= (+ v_v_3_1 2) (+ (- c_j) 2)) (= 0 (+ v_b_5_1 (- 2))) (<= (- (- c_i) c_i) (- 4)) (<= (- (- v_b_0_1) v_v_3_1) 0) (= (select |c_old(a)| v_idx_53) v_v_1_1) (<= (- v_b_5_1 (- c_i)) 4) (<= (- c_j c_n) (- 2)) (<= (- (- c_j) c_j) 0) (= (+ v_v_3_1 2) (+ (- c_i) 4)) (<= (- c_i (- c_i)) 4) (<= (- (- v_b_5_1) (- c_j)) (- 2)) (<= (- c_j (- c_j)) 0) (= 0 v_b_0_1) (<= (- (- v_b_5_1) c_j) (- 2)) (<= (- (- v_v_3_1) v_v_3_1) 0) (= (+ v_v_3_1 2) v_b_5_1) (<= (- v_b_5_1 c_j) 2) (= (+ c_i (- 2)) 0) (<= (- v_v_3_1 (- v_v_3_1)) 0) (= 0 (- c_j)) (<= (- (- c_i) c_j) (- 2)) (<= (- v_b_5_1 (- v_v_3_1)) 2) (= (+ v_v_3_1 2) (+ (- v_v_3_1) 2)) (<= (- v_b_0_1 c_n) (- 2)) (<= (- (- v_b_5_1) c_i) (- 4)) (<= (- v_b_0_1 v_b_5_1) (- 2)) (<= (- (- c_j) c_n) (- 2)) (<= (- (- c_n) v_v_3_1) (- 2)) (= (+ v_v_3_1 2) (+ (- v_b_0_1) 2)) (or (= (select c_a v_idx_55) v_v_3_1) (< v_idx_55 v_b_0_1) (<= v_b_5_1 v_idx_55)) (<= (- (- v_b_0_1) v_b_5_1) (- 2)) (<= (- c_j (- v_v_3_1)) 0) (or (= (select c_a v_idx_56) v_v_14_1) (< v_idx_56 v_b_5_1)) (or (<= v_b_0_1 v_idx_54) (= (select c_a v_idx_54) v_v_2_1)) (= 0 (+ (- v_b_5_1) 2)) (<= (- v_b_0_1 v_v_3_1) 0) (<= (- c_i (- c_j)) 2) (<= (- (- c_i) (- v_v_3_1)) (- 2)) (<= (- (- v_b_0_1) (- v_b_5_1)) 2) (<= (- (- v_b_5_1) (- c_i)) 0) (<= (- (- v_b_0_1) (- c_j)) 0) (<= (- (- c_i) (- c_j)) (- 2)) (<= (- (- v_b_5_1) c_n) (- 4)) (= (+ v_v_3_1 2) (+ v_b_0_1 2)) (<= (- (- c_n) (- v_v_3_1)) (- 2)) (<= (- (- v_b_0_1) (- v_v_3_1)) 0) (<= (- v_b_5_1 v_v_3_1) 2) (<= (- (- v_b_5_1) v_v_3_1) (- 2)) (<= (- (- c_j) v_v_3_1) 0) (<= (- (- c_j) (- v_v_3_1)) 0) (= (+ v_v_3_1 2) (+ c_j 2))))))} [2019-01-07 14:42:23,465 WARN L228 ngHoareTripleChecker]: Action: assume !(i < n);assume 0 <= r && r < n; [2019-01-07 14:42:23,466 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (< c_r c_n) (not (< c_i c_n)) (<= 0 c_r)) [2019-01-07 14:42:23,467 WARN L230 ngHoareTripleChecker]: Post: {2147483634#(or (forall ((v_idx_63 Int) (v_idx_64 Int) (v_idx_61 Int) (v_idx_62 Int)) (exists ((v_v_14_1 Int) (v_b_5_1 Int) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_3_1 Int) (v_b_0_1 Int)) (and (<= (- c_i (- v_v_3_1)) 2) (= (+ (- c_i) 2) v_v_3_1) (= (+ c_i (- 2)) (+ (- c_i) 2)) (= c_n v_b_5_1) (<= (- (- v_b_5_1) v_b_5_1) (- 4)) (<= (- (- v_b_0_1) c_n) (- 2)) (<= (- c_i v_v_3_1) 2) (or (<= v_b_5_1 v_idx_63) (< v_idx_63 v_b_0_1) (= v_v_3_1 (select c_a v_idx_63))) (<= (- v_b_0_1 (- c_r)) 1) (= (+ (- c_i) 2) v_b_0_1) (<= (- c_r (- c_r)) 2) (= v_v_1_1 (select |c_old(a)| v_idx_61)) (<= (- v_b_0_1 c_i) (- 2)) (= (+ c_n (- 2)) (+ (- c_i) 2)) (<= (- v_b_0_1 c_r) 0) (<= (- v_b_5_1 c_i) 0) (<= (- c_i (- c_n)) 4) (<= (- c_j c_r) 0) (<= (- c_r v_v_3_1) 1) (<= (- (- c_i) c_n) (- 4)) (<= (- (- c_n) c_n) (- 4)) (<= (- (- v_b_0_1) v_b_0_1) 0) (<= (- (- v_b_0_1) (- c_n)) 2) (<= (- v_b_5_1 (- v_b_5_1)) 4) (<= (- (- v_b_0_1) (- c_i)) 2) (<= (- (- c_i) c_i) (- 4)) (= (+ (- c_i) 2) (+ v_b_5_1 (- 2))) (= c_n (+ (- c_i) 4)) (<= (- v_b_5_1 (- c_i)) 4) (<= (- c_j c_n) (- 2)) (<= (- v_b_5_1 (- c_n)) 4) (= (+ v_v_3_1 2) c_n) (<= (- (- v_b_5_1) (- c_j)) (- 2)) (<= (- c_j (- c_j)) 0) (= (+ (- c_j) 2) c_n) (<= (- c_n (- v_v_3_1)) 2) (<= (- (- v_b_5_1) c_j) (- 2)) (<= (- (- v_v_3_1) v_v_3_1) 0) (= 2 c_n) (= (+ v_b_0_1 2) c_n) (= c_n c_i) (= (+ (- c_i) 2) (+ (- v_b_5_1) 2)) (<= (- (- c_i) c_j) (- 2)) (<= (- v_b_5_1 (- v_v_3_1)) 2) (<= (- v_b_0_1 c_n) (- 2)) (<= (- c_n c_r) 2) (= c_n (+ (- v_b_0_1) 2)) (<= (- (- c_j) c_n) (- 2)) (<= (- (- c_i) (- c_r)) (- 1)) (<= (- (- c_j) c_r) 0) (<= (- c_j (- v_v_3_1)) 0) (= (+ (- c_i) 2) (+ (- c_n) 2)) (<= (- (- c_j) (- c_n)) 2) (<= (- c_i (- c_j)) 2) (<= (- (- c_n) c_r) (- 2)) (<= (- c_i (- c_r)) 3) (<= (- (- v_b_5_1) (- c_i)) 0) (= (- v_v_3_1) (+ (- c_i) 2)) (<= (- (- v_b_5_1) (- c_r)) (- 1)) (<= (- v_b_5_1 v_v_3_1) 2) (<= (- (- v_b_5_1) v_v_3_1) (- 2)) (<= (- (- v_b_5_1) (- c_n)) 0) (<= (- (- c_j) (- v_v_3_1)) 0) (<= (- c_j (- c_n)) 2) (<= (- v_b_5_1 c_n) 0) (<= (- c_j (- c_r)) 1) (<= (- (- v_b_0_1) c_r) 0) (= (+ (- c_i) 2) (- c_j)) (<= (- v_b_0_1 (- v_b_5_1)) 2) (<= (- (- v_b_0_1) c_i) (- 2)) (= c_n (+ (- v_v_3_1) 2)) (<= (- c_i c_r) 2) (<= (- (- c_j) (- c_r)) 1) (<= (- c_i c_n) 0) (= (+ (- c_i) 2) 0) (<= (- (- c_i) c_r) (- 2)) (<= (- (- v_b_0_1) c_j) 0) (<= (- (- c_i) v_v_3_1) (- 2)) (<= (- v_b_5_1 (- c_j)) 2) (<= (- v_b_0_1 (- c_i)) 2) (<= (- (- c_i) (- c_n)) 0) (<= (- v_b_0_1 (- v_v_3_1)) 0) (<= (- c_i c_j) 2) (<= (- c_j v_v_3_1) 0) (<= (- v_b_0_1 (- v_b_0_1)) 0) (<= (- v_b_0_1 (- c_j)) 0) (<= (- (- c_r) (- v_v_3_1)) 0) (or (= (select c_a v_idx_62) v_v_2_1) (<= v_b_0_1 v_idx_62)) (<= (- v_b_0_1 c_j) 0) (<= (- c_r (- v_v_3_1)) 1) (<= (- (- c_r) v_v_3_1) 0) (<= (- (- v_b_5_1) (- v_v_3_1)) (- 2)) (<= (- (- c_n) (- c_r)) (- 1)) (<= (- (- v_b_0_1) v_v_3_1) 0) (<= (- (- v_b_5_1) c_r) (- 2)) (<= (- v_b_5_1 c_r) 2) (or (= (select c_a v_idx_64) v_v_14_1) (< v_idx_64 v_b_5_1)) (<= (- (- c_j) c_j) 0) (<= (- c_i (- c_i)) 4) (<= (- v_b_0_1 (- c_n)) 2) (<= (- v_b_5_1 (- c_r)) 3) (<= (- (- v_b_0_1) (- c_r)) 1) (<= (- v_b_5_1 c_j) 2) (<= (- v_v_3_1 (- v_v_3_1)) 0) (<= (- (- v_b_5_1) c_i) (- 4)) (<= (- v_b_0_1 v_b_5_1) (- 2)) (<= (- (- c_n) v_v_3_1) (- 2)) (<= (- c_n (- c_r)) 3) (= (+ c_j 2) c_n) (= c_n (+ (- c_n) 4)) (<= (- (- v_b_0_1) v_b_5_1) (- 2)) (= (+ (- c_i) 2) c_j) (<= (- v_b_0_1 v_v_3_1) 0) (<= (- c_n (- c_n)) 4) (<= (- (- c_i) (- v_v_3_1)) (- 2)) (<= (- (- v_b_0_1) (- v_b_5_1)) 2) (<= (- (- v_b_0_1) (- c_j)) 0) (<= (- (- c_i) (- c_j)) (- 2)) (<= (- (- v_b_5_1) c_n) (- 4)) (<= (- (- c_r) c_r) 0) (<= (- c_n v_v_3_1) 2) (<= (- (- c_n) (- v_v_3_1)) (- 2)) (<= (- (- v_b_0_1) (- v_v_3_1)) 0) (<= (- (- c_j) v_v_3_1) 0)))) (forall ((v_idx_67 Int) (v_idx_68 Int) (v_idx_65 Int) (v_idx_66 Int)) (exists ((v_b_6_1 Int) (v_b_7_1 Int) (v_v_136_1 Int) (v_v_135_1 Int) (v_v_134_1 Int) (v_v_132_1 Int)) (and (<= (- v_b_6_1 c_r) 0) (= c_r (+ c_n (- 1))) (<= (- c_n (- v_v_135_1)) 1) (<= (- (- v_b_7_1) (- c_r)) (- 1)) (= (+ c_n (- 1)) (- c_r)) (<= (- v_b_7_1 (- v_b_7_1)) 2) (<= (- (- c_n) c_n) (- 2)) (= (+ (- c_r) 1) c_n) (<= (- v_b_6_1 (- c_j)) 0) (<= (- c_n v_v_135_1) 1) (= (- v_v_135_1) (+ c_n (- 1))) (<= (- c_r (- v_v_135_1)) 0) (<= (- (- c_j) c_n) (- 1)) (<= (- c_j (- c_n)) 1) (<= (- v_b_6_1 (- v_v_135_1)) 0) (<= (- (- v_b_6_1) (- c_j)) 0) (<= (- c_j c_r) 0) (<= (- c_i (- c_r)) 1) (<= (- (- v_v_135_1) v_v_135_1) 0) (<= (- (- c_n) c_r) (- 1)) (= v_v_135_1 (+ c_n (- 1))) (<= (- v_b_7_1 (- c_i)) 2) (= c_n v_b_7_1) (= c_j (+ c_n (- 1))) (<= (- c_i c_j) 1) (<= (- c_i (- c_i)) 2) (<= (- v_b_7_1 (- c_n)) 2) (or (= v_v_134_1 (select c_a v_idx_67)) (< v_idx_67 v_b_7_1)) (<= (- v_b_6_1 c_j) 0) (<= (- c_j (- c_j)) 0) (<= (- (- v_b_6_1) (- c_n)) 1) (<= (- (- c_i) v_v_135_1) (- 1)) (= 0 (+ c_n (- 1))) (<= (- v_b_7_1 (- c_j)) 1) (<= (- (- v_b_6_1) c_j) 0) (= c_n c_i) (= (+ c_n (- 1)) (+ v_b_7_1 (- 1))) (= (+ (- c_i) 1) (+ c_n (- 1))) (<= (- c_i (- c_j)) 1) (<= (- (- v_b_6_1) c_i) (- 1)) (<= (- (- v_b_6_1) (- c_i)) 1) (<= (- (- c_r) v_v_135_1) 0) (<= (- c_j c_n) (- 1)) (<= (- (- v_b_7_1) (- c_n)) 0) (<= (- v_b_7_1 (- c_r)) 1) (<= (- c_i (- v_v_135_1)) 1) (= (+ v_v_135_1 1) c_n) (<= (- (- c_i) (- c_r)) (- 1)) (<= (- (- v_b_6_1) (- v_v_135_1)) 0) (<= (- c_n (- c_r)) 1) (<= (- v_b_6_1 (- c_n)) 1) (<= (- (- c_i) c_r) (- 1)) (<= (- v_b_7_1 c_r) 1) (<= (- (- c_j) c_r) 0) (<= (- (- v_b_6_1) (- c_r)) 0) (= (select |c_old(a)| v_idx_68) v_v_136_1) (<= (- (- v_b_7_1) c_r) (- 1)) (<= (- (- v_b_7_1) c_j) (- 1)) (= c_n (+ c_j 1)) (= (+ c_i (- 1)) (+ c_n (- 1))) (<= (- (- c_i) (- v_v_135_1)) (- 1)) (<= (- (- v_b_7_1) (- c_i)) 0) (<= (- (- v_b_6_1) v_b_6_1) 0) (<= (- c_i v_v_135_1) 1) (<= (- v_b_6_1 (- v_b_7_1)) 1) (<= (- (- c_i) c_i) (- 2)) (<= (- v_v_135_1 (- v_v_135_1)) 0) (<= (- v_b_7_1 v_v_135_1) 1) (<= (- v_b_6_1 (- c_r)) 0) (<= (- c_i c_n) 0) (<= (- (- v_b_6_1) c_r) 0) (= 1 c_n) (<= (- v_b_7_1 c_j) 1) (<= (- (- c_i) c_n) (- 2)) (<= (- c_n c_r) 1) (<= (- (- c_i) (- c_n)) 0) (<= (- (- c_n) v_v_135_1) (- 1)) (= (+ (- c_j) 1) c_n) (<= (- v_b_7_1 c_i) 0) (<= (- v_b_6_1 (- c_i)) 1) (<= (- (- c_j) (- c_n)) 1) (= (+ (- v_v_135_1) 1) c_n) (<= (- (- c_i) c_j) (- 1)) (or (= (select c_a v_idx_65) v_v_132_1) (<= v_b_6_1 v_idx_65)) (<= (- v_b_6_1 c_n) (- 1)) (<= (- (- c_i) (- c_j)) (- 1)) (<= (- (- c_n) (- c_r)) (- 1)) (<= (- (- c_r) (- v_v_135_1)) 0) (<= (- v_b_6_1 v_v_135_1) 0) (<= (- (- c_j) v_v_135_1) 0) (= c_n (+ v_b_6_1 1)) (<= (- (- v_b_6_1) (- v_b_7_1)) 1) (<= (- v_b_7_1 (- v_v_135_1)) 1) (<= (- (- c_j) c_j) 0) (<= (- (- c_j) (- v_v_135_1)) 0) (= c_n (+ (- c_n) 2)) (<= (- (- c_j) (- c_r)) 0) (<= (- c_i c_r) 1) (<= (- (- v_b_7_1) v_v_135_1) (- 1)) (<= (- c_j (- v_v_135_1)) 0) (<= (- (- v_b_7_1) c_n) (- 2)) (<= (- (- v_b_6_1) v_v_135_1) 0) (= c_n (+ (- v_b_6_1) 1)) (= (+ (- c_i) 2) c_n) (or (< v_idx_66 v_b_6_1) (= v_v_135_1 (select c_a v_idx_66)) (<= v_b_7_1 v_idx_66)) (<= (- c_j (- c_r)) 0) (= (+ (- c_n) 1) (+ c_n (- 1))) (= (+ (- v_b_7_1) 1) (+ c_n (- 1))) (<= (- (- c_n) (- v_v_135_1)) (- 1)) (<= (- v_b_6_1 (- v_b_6_1)) 0) (<= (- c_n (- c_n)) 2) (<= (- (- v_b_6_1) v_b_7_1) (- 1)) (<= (- v_b_6_1 v_b_7_1) (- 1)) (<= (- v_b_6_1 c_i) (- 1)) (= (+ c_r 1) c_n) (<= (- (- v_b_7_1) c_i) (- 2)) (<= (- c_r v_v_135_1) 0) (<= (- (- v_b_7_1) (- v_v_135_1)) (- 1)) (<= (- (- v_b_6_1) c_n) (- 1)) (<= (- v_b_7_1 c_n) 0) (<= (- c_j v_v_135_1) 0) (<= (- c_r (- c_r)) 0) (= v_b_6_1 (+ c_n (- 1))) (<= (- (- v_b_7_1) v_b_7_1) (- 2)) (<= (- c_i (- c_n)) 2) (<= (- (- c_r) c_r) 0) (= (+ c_n (- 1)) (- c_j)) (<= (- (- v_b_7_1) (- c_j)) (- 1))))))} [2019-01-07 14:42:23,467 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-07 14:42:23,481 WARN L268 ngHoareTripleChecker]: -- [2019-01-07 14:42:23,481 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-07 14:42:29,612 WARN L181 SmtUtils]: Spent 6.13 s on a formula simplification that was a NOOP. DAG size: 323 [2019-01-07 14:42:29,615 WARN L270 ngHoareTripleChecker]: Pre: {2147483635#(or (forall ((v_idx_58 Int) (v_idx_59 Int) (v_idx_57 Int) (v_idx_60 Int)) (exists ((v_b_6_1 Int) (v_b_7_1 Int) (v_v_136_1 Int) (v_v_135_1 Int) (v_v_134_1 Int) (v_v_132_1 Int)) (and (<= (- (- v_b_7_1) (- i)) 0) (<= (- (- v_b_6_1) v_b_6_1) 0) (<= (- v_b_6_1 v_b_7_1) 0) (<= (- (- i) v_v_135_1) 0) (<= (- (- v_b_7_1) (- j)) 0) (<= (- i v_v_135_1) 1) (<= (- v_b_6_1 (- v_b_7_1)) 1) (or (<= v_b_6_1 v_idx_57) (= v_v_132_1 (select a v_idx_57))) (<= (- v_b_7_1 (- v_b_7_1)) 2) (<= (- (- i) (- v_v_135_1)) 0) (<= (- (- i) j) 0) (<= (- v_b_6_1 (- j)) 0) (<= (- (- v_b_6_1) i) 0) (<= (- v_v_135_1 (- v_v_135_1)) 0) (<= (- v_b_7_1 v_v_135_1) 1) (<= (- (- v_b_6_1) v_b_7_1) 0) (<= (- v_b_7_1 j) 1) (<= (- v_b_6_1 (- v_v_135_1)) 0) (<= (- (- v_b_6_1) (- j)) 0) (= i v_b_7_1) (or (= (select a v_idx_59) v_v_134_1) (< v_idx_59 v_b_7_1)) (<= (- v_b_7_1 i) 0) (<= (- v_b_6_1 (- i)) 1) (<= (- (- v_v_135_1) v_v_135_1) 0) (<= (- (- v_b_7_1) j) 0) (= v_v_136_1 (select |old(a)| v_idx_60)) (<= (- v_b_7_1 (- i)) 2) (<= (- (- v_b_7_1) v_b_7_1) 0) (= (- v_v_135_1) j) (= j 0) (= j (- j)) (<= (- i j) 1) (<= (- (- i) (- j)) 0) (<= (- v_b_6_1 v_v_135_1) 0) (<= (- i (- i)) 2) (<= (- (- v_b_7_1) v_v_135_1) 0) (<= (- (- j) v_v_135_1) 0) (<= (- (- v_b_6_1) (- v_b_7_1)) 1) (<= (- v_b_6_1 j) 0) (<= (- v_b_7_1 (- v_v_135_1)) 1) (<= (- (- j) j) 0) (<= (- (- j) (- v_v_135_1)) 0) (<= (- j (- j)) 0) (<= (- (- v_b_7_1) (- v_v_135_1)) 0) (or (< v_idx_58 v_b_6_1) (<= v_b_7_1 v_idx_58) (= (select a v_idx_58) v_v_135_1)) (= j v_b_6_1) (<= (- v_b_7_1 (- j)) 1) (<= (- j (- v_v_135_1)) 0) (<= (- (- v_b_6_1) j) 0) (<= (- (- i) i) 0) (<= (- (- v_b_6_1) v_v_135_1) 0) (<= (- i (- j)) 1) (<= (- (- v_b_6_1) (- i)) 1) (<= (- v_b_6_1 (- v_b_6_1)) 0) (<= (- (- v_b_7_1) i) 0) (<= (- i (- v_v_135_1)) 1) (= v_v_135_1 j) (<= (- (- v_b_6_1) (- v_v_135_1)) 0) (<= (- j v_v_135_1) 0) (<= (- v_b_6_1 i) 0)))) (forall ((v_idx_56 Int) (v_idx_54 Int) (v_idx_55 Int) (v_idx_53 Int)) (exists ((v_v_14_1 Int) (v_b_5_1 Int) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_3_1 Int) (v_b_0_1 Int)) (and (<= (- i (- v_v_3_1)) 2) (<= (- v_b_5_1 n) 0) (= (+ v_v_3_1 2) i) (<= (- v_b_0_1 (- v_b_5_1)) 2) (<= (- (- v_b_0_1) i) (- 2)) (= 0 v_v_3_1) (<= (- (- v_b_5_1) v_b_5_1) (- 4)) (<= (- (- v_b_0_1) n) (- 2)) (<= (- i v_v_3_1) 2) (<= (- i n) 0) (= (+ (- i) 2) 0) (<= (- v_b_0_1 i) (- 2)) (<= (- (- v_b_0_1) j) 0) (<= (- (- i) v_v_3_1) (- 2)) (<= (- v_b_5_1 i) 0) (= (+ v_v_3_1 2) 2) (<= (- v_b_5_1 (- j)) 2) (<= (- v_b_0_1 (- i)) 2) (<= (- (- i) n) (- 4)) (<= (- v_b_0_1 (- v_v_3_1)) 0) (<= (- i j) 2) (<= (- j v_v_3_1) 0) (<= (- v_b_0_1 (- v_b_0_1)) 0) (<= (- v_b_0_1 (- j)) 0) (<= (- (- n) n) (- 4)) (= (- v_v_3_1) 0) (<= (- v_b_0_1 j) 0) (<= (- (- v_b_0_1) v_b_0_1) 0) (<= (- v_b_5_1 (- v_b_5_1)) 4) (= j 0) (<= (- (- v_b_0_1) (- i)) 2) (<= (- (- v_b_5_1) (- v_v_3_1)) (- 2)) (= (+ v_v_3_1 2) (+ (- j) 2)) (= 0 (+ v_b_5_1 (- 2))) (<= (- (- i) i) (- 4)) (<= (- (- v_b_0_1) v_v_3_1) 0) (= (select |old(a)| v_idx_53) v_v_1_1) (<= (- v_b_5_1 (- i)) 4) (<= (- j n) (- 2)) (<= (- (- j) j) 0) (= (+ v_v_3_1 2) (+ (- i) 4)) (<= (- i (- i)) 4) (<= (- (- v_b_5_1) (- j)) (- 2)) (<= (- j (- j)) 0) (= 0 v_b_0_1) (<= (- (- v_b_5_1) j) (- 2)) (<= (- (- v_v_3_1) v_v_3_1) 0) (= (+ v_v_3_1 2) v_b_5_1) (<= (- v_b_5_1 j) 2) (= (+ i (- 2)) 0) (<= (- v_v_3_1 (- v_v_3_1)) 0) (= 0 (- j)) (<= (- (- i) j) (- 2)) (<= (- v_b_5_1 (- v_v_3_1)) 2) (= (+ v_v_3_1 2) (+ (- v_v_3_1) 2)) (<= (- v_b_0_1 n) (- 2)) (<= (- (- v_b_5_1) i) (- 4)) (<= (- v_b_0_1 v_b_5_1) (- 2)) (<= (- (- j) n) (- 2)) (<= (- (- n) v_v_3_1) (- 2)) (= (+ v_v_3_1 2) (+ (- v_b_0_1) 2)) (or (= (select a v_idx_55) v_v_3_1) (< v_idx_55 v_b_0_1) (<= v_b_5_1 v_idx_55)) (<= (- (- v_b_0_1) v_b_5_1) (- 2)) (<= (- j (- v_v_3_1)) 0) (or (= (select a v_idx_56) v_v_14_1) (< v_idx_56 v_b_5_1)) (or (<= v_b_0_1 v_idx_54) (= (select a v_idx_54) v_v_2_1)) (= 0 (+ (- v_b_5_1) 2)) (<= (- v_b_0_1 v_v_3_1) 0) (<= (- i (- j)) 2) (<= (- (- i) (- v_v_3_1)) (- 2)) (<= (- (- v_b_0_1) (- v_b_5_1)) 2) (<= (- (- v_b_5_1) (- i)) 0) (<= (- (- v_b_0_1) (- j)) 0) (<= (- (- i) (- j)) (- 2)) (<= (- (- v_b_5_1) n) (- 4)) (= (+ v_v_3_1 2) (+ v_b_0_1 2)) (<= (- (- n) (- v_v_3_1)) (- 2)) (<= (- (- v_b_0_1) (- v_v_3_1)) 0) (<= (- v_b_5_1 v_v_3_1) 2) (<= (- (- v_b_5_1) v_v_3_1) (- 2)) (<= (- (- j) v_v_3_1) 0) (<= (- (- j) (- v_v_3_1)) 0) (= (+ v_v_3_1 2) (+ j 2))))))} [2019-01-07 14:42:29,615 WARN L274 ngHoareTripleChecker]: Action: assume !(i < n);assume 0 <= r && r < n; [2019-01-07 14:42:29,616 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (< c_r c_n) (not (< c_i c_n)) (<= 0 c_r)) [2019-01-07 14:42:36,208 WARN L181 SmtUtils]: Spent 6.59 s on a formula simplification that was a NOOP. DAG size: 507 [2019-01-07 14:42:36,209 WARN L276 ngHoareTripleChecker]: Post: {2147483634#(or (forall ((v_idx_63 Int) (v_idx_64 Int) (v_idx_61 Int) (v_idx_62 Int)) (exists ((v_v_14_1 Int) (v_b_5_1 Int) (v_v_1_1 Int) (v_v_2_1 Int) (v_v_3_1 Int) (v_b_0_1 Int)) (and (<= (- i (- v_v_3_1)) 2) (= (+ (- i) 2) v_v_3_1) (= (+ i (- 2)) (+ (- i) 2)) (= n v_b_5_1) (<= (- (- v_b_5_1) v_b_5_1) (- 4)) (<= (- (- v_b_0_1) n) (- 2)) (<= (- i v_v_3_1) 2) (or (<= v_b_5_1 v_idx_63) (< v_idx_63 v_b_0_1) (= v_v_3_1 (select a v_idx_63))) (<= (- v_b_0_1 (- r)) 1) (= (+ (- i) 2) v_b_0_1) (<= (- r (- r)) 2) (= v_v_1_1 (select |old(a)| v_idx_61)) (<= (- v_b_0_1 i) (- 2)) (= (+ n (- 2)) (+ (- i) 2)) (<= (- v_b_0_1 r) 0) (<= (- v_b_5_1 i) 0) (<= (- i (- n)) 4) (<= (- j r) 0) (<= (- r v_v_3_1) 1) (<= (- (- i) n) (- 4)) (<= (- (- n) n) (- 4)) (<= (- (- v_b_0_1) v_b_0_1) 0) (<= (- (- v_b_0_1) (- n)) 2) (<= (- v_b_5_1 (- v_b_5_1)) 4) (<= (- (- v_b_0_1) (- i)) 2) (<= (- (- i) i) (- 4)) (= (+ (- i) 2) (+ v_b_5_1 (- 2))) (= n (+ (- i) 4)) (<= (- v_b_5_1 (- i)) 4) (<= (- j n) (- 2)) (<= (- v_b_5_1 (- n)) 4) (= (+ v_v_3_1 2) n) (<= (- (- v_b_5_1) (- j)) (- 2)) (<= (- j (- j)) 0) (= (+ (- j) 2) n) (<= (- n (- v_v_3_1)) 2) (<= (- (- v_b_5_1) j) (- 2)) (<= (- (- v_v_3_1) v_v_3_1) 0) (= 2 n) (= (+ v_b_0_1 2) n) (= n i) (= (+ (- i) 2) (+ (- v_b_5_1) 2)) (<= (- (- i) j) (- 2)) (<= (- v_b_5_1 (- v_v_3_1)) 2) (<= (- v_b_0_1 n) (- 2)) (<= (- n r) 2) (= n (+ (- v_b_0_1) 2)) (<= (- (- j) n) (- 2)) (<= (- (- i) (- r)) (- 1)) (<= (- (- j) r) 0) (<= (- j (- v_v_3_1)) 0) (= (+ (- i) 2) (+ (- n) 2)) (<= (- (- j) (- n)) 2) (<= (- i (- j)) 2) (<= (- (- n) r) (- 2)) (<= (- i (- r)) 3) (<= (- (- v_b_5_1) (- i)) 0) (= (- v_v_3_1) (+ (- i) 2)) (<= (- (- v_b_5_1) (- r)) (- 1)) (<= (- v_b_5_1 v_v_3_1) 2) (<= (- (- v_b_5_1) v_v_3_1) (- 2)) (<= (- (- v_b_5_1) (- n)) 0) (<= (- (- j) (- v_v_3_1)) 0) (<= (- j (- n)) 2) (<= (- v_b_5_1 n) 0) (<= (- j (- r)) 1) (<= (- (- v_b_0_1) r) 0) (= (+ (- i) 2) (- j)) (<= (- v_b_0_1 (- v_b_5_1)) 2) (<= (- (- v_b_0_1) i) (- 2)) (= n (+ (- v_v_3_1) 2)) (<= (- i r) 2) (<= (- (- j) (- r)) 1) (<= (- i n) 0) (= (+ (- i) 2) 0) (<= (- (- i) r) (- 2)) (<= (- (- v_b_0_1) j) 0) (<= (- (- i) v_v_3_1) (- 2)) (<= (- v_b_5_1 (- j)) 2) (<= (- v_b_0_1 (- i)) 2) (<= (- (- i) (- n)) 0) (<= (- v_b_0_1 (- v_v_3_1)) 0) (<= (- i j) 2) (<= (- j v_v_3_1) 0) (<= (- v_b_0_1 (- v_b_0_1)) 0) (<= (- v_b_0_1 (- j)) 0) (<= (- (- r) (- v_v_3_1)) 0) (or (= (select a v_idx_62) v_v_2_1) (<= v_b_0_1 v_idx_62)) (<= (- v_b_0_1 j) 0) (<= (- r (- v_v_3_1)) 1) (<= (- (- r) v_v_3_1) 0) (<= (- (- v_b_5_1) (- v_v_3_1)) (- 2)) (<= (- (- n) (- r)) (- 1)) (<= (- (- v_b_0_1) v_v_3_1) 0) (<= (- (- v_b_5_1) r) (- 2)) (<= (- v_b_5_1 r) 2) (or (= (select a v_idx_64) v_v_14_1) (< v_idx_64 v_b_5_1)) (<= (- (- j) j) 0) (<= (- i (- i)) 4) (<= (- v_b_0_1 (- n)) 2) (<= (- v_b_5_1 (- r)) 3) (<= (- (- v_b_0_1) (- r)) 1) (<= (- v_b_5_1 j) 2) (<= (- v_v_3_1 (- v_v_3_1)) 0) (<= (- (- v_b_5_1) i) (- 4)) (<= (- v_b_0_1 v_b_5_1) (- 2)) (<= (- (- n) v_v_3_1) (- 2)) (<= (- n (- r)) 3) (= (+ j 2) n) (= n (+ (- n) 4)) (<= (- (- v_b_0_1) v_b_5_1) (- 2)) (= (+ (- i) 2) j) (<= (- v_b_0_1 v_v_3_1) 0) (<= (- n (- n)) 4) (<= (- (- i) (- v_v_3_1)) (- 2)) (<= (- (- v_b_0_1) (- v_b_5_1)) 2) (<= (- (- v_b_0_1) (- j)) 0) (<= (- (- i) (- j)) (- 2)) (<= (- (- v_b_5_1) n) (- 4)) (<= (- (- r) r) 0) (<= (- n v_v_3_1) 2) (<= (- (- n) (- v_v_3_1)) (- 2)) (<= (- (- v_b_0_1) (- v_v_3_1)) 0) (<= (- (- j) v_v_3_1) 0)))) (forall ((v_idx_67 Int) (v_idx_68 Int) (v_idx_65 Int) (v_idx_66 Int)) (exists ((v_b_6_1 Int) (v_b_7_1 Int) (v_v_136_1 Int) (v_v_135_1 Int) (v_v_134_1 Int) (v_v_132_1 Int)) (and (<= (- v_b_6_1 r) 0) (= r (+ n (- 1))) (<= (- n (- v_v_135_1)) 1) (<= (- (- v_b_7_1) (- r)) (- 1)) (= (+ n (- 1)) (- r)) (<= (- v_b_7_1 (- v_b_7_1)) 2) (<= (- (- n) n) (- 2)) (= (+ (- r) 1) n) (<= (- v_b_6_1 (- j)) 0) (<= (- n v_v_135_1) 1) (= (- v_v_135_1) (+ n (- 1))) (<= (- r (- v_v_135_1)) 0) (<= (- (- j) n) (- 1)) (<= (- j (- n)) 1) (<= (- v_b_6_1 (- v_v_135_1)) 0) (<= (- (- v_b_6_1) (- j)) 0) (<= (- j r) 0) (<= (- i (- r)) 1) (<= (- (- v_v_135_1) v_v_135_1) 0) (<= (- (- n) r) (- 1)) (= v_v_135_1 (+ n (- 1))) (<= (- v_b_7_1 (- i)) 2) (= n v_b_7_1) (= j (+ n (- 1))) (<= (- i j) 1) (<= (- i (- i)) 2) (<= (- v_b_7_1 (- n)) 2) (or (= v_v_134_1 (select a v_idx_67)) (< v_idx_67 v_b_7_1)) (<= (- v_b_6_1 j) 0) (<= (- j (- j)) 0) (<= (- (- v_b_6_1) (- n)) 1) (<= (- (- i) v_v_135_1) (- 1)) (= 0 (+ n (- 1))) (<= (- v_b_7_1 (- j)) 1) (<= (- (- v_b_6_1) j) 0) (= n i) (= (+ n (- 1)) (+ v_b_7_1 (- 1))) (= (+ (- i) 1) (+ n (- 1))) (<= (- i (- j)) 1) (<= (- (- v_b_6_1) i) (- 1)) (<= (- (- v_b_6_1) (- i)) 1) (<= (- (- r) v_v_135_1) 0) (<= (- j n) (- 1)) (<= (- (- v_b_7_1) (- n)) 0) (<= (- v_b_7_1 (- r)) 1) (<= (- i (- v_v_135_1)) 1) (= (+ v_v_135_1 1) n) (<= (- (- i) (- r)) (- 1)) (<= (- (- v_b_6_1) (- v_v_135_1)) 0) (<= (- n (- r)) 1) (<= (- v_b_6_1 (- n)) 1) (<= (- (- i) r) (- 1)) (<= (- v_b_7_1 r) 1) (<= (- (- j) r) 0) (<= (- (- v_b_6_1) (- r)) 0) (= (select |old(a)| v_idx_68) v_v_136_1) (<= (- (- v_b_7_1) r) (- 1)) (<= (- (- v_b_7_1) j) (- 1)) (= n (+ j 1)) (= (+ i (- 1)) (+ n (- 1))) (<= (- (- i) (- v_v_135_1)) (- 1)) (<= (- (- v_b_7_1) (- i)) 0) (<= (- (- v_b_6_1) v_b_6_1) 0) (<= (- i v_v_135_1) 1) (<= (- v_b_6_1 (- v_b_7_1)) 1) (<= (- (- i) i) (- 2)) (<= (- v_v_135_1 (- v_v_135_1)) 0) (<= (- v_b_7_1 v_v_135_1) 1) (<= (- v_b_6_1 (- r)) 0) (<= (- i n) 0) (<= (- (- v_b_6_1) r) 0) (= 1 n) (<= (- v_b_7_1 j) 1) (<= (- (- i) n) (- 2)) (<= (- n r) 1) (<= (- (- i) (- n)) 0) (<= (- (- n) v_v_135_1) (- 1)) (= (+ (- j) 1) n) (<= (- v_b_7_1 i) 0) (<= (- v_b_6_1 (- i)) 1) (<= (- (- j) (- n)) 1) (= (+ (- v_v_135_1) 1) n) (<= (- (- i) j) (- 1)) (or (= (select a v_idx_65) v_v_132_1) (<= v_b_6_1 v_idx_65)) (<= (- v_b_6_1 n) (- 1)) (<= (- (- i) (- j)) (- 1)) (<= (- (- n) (- r)) (- 1)) (<= (- (- r) (- v_v_135_1)) 0) (<= (- v_b_6_1 v_v_135_1) 0) (<= (- (- j) v_v_135_1) 0) (= n (+ v_b_6_1 1)) (<= (- (- v_b_6_1) (- v_b_7_1)) 1) (<= (- v_b_7_1 (- v_v_135_1)) 1) (<= (- (- j) j) 0) (<= (- (- j) (- v_v_135_1)) 0) (= n (+ (- n) 2)) (<= (- (- j) (- r)) 0) (<= (- i r) 1) (<= (- (- v_b_7_1) v_v_135_1) (- 1)) (<= (- j (- v_v_135_1)) 0) (<= (- (- v_b_7_1) n) (- 2)) (<= (- (- v_b_6_1) v_v_135_1) 0) (= n (+ (- v_b_6_1) 1)) (= (+ (- i) 2) n) (or (< v_idx_66 v_b_6_1) (= v_v_135_1 (select a v_idx_66)) (<= v_b_7_1 v_idx_66)) (<= (- j (- r)) 0) (= (+ (- n) 1) (+ n (- 1))) (= (+ (- v_b_7_1) 1) (+ n (- 1))) (<= (- (- n) (- v_v_135_1)) (- 1)) (<= (- v_b_6_1 (- v_b_6_1)) 0) (<= (- n (- n)) 2) (<= (- (- v_b_6_1) v_b_7_1) (- 1)) (<= (- v_b_6_1 v_b_7_1) (- 1)) (<= (- v_b_6_1 i) (- 1)) (= (+ r 1) n) (<= (- (- v_b_7_1) i) (- 2)) (<= (- r v_v_135_1) 0) (<= (- (- v_b_7_1) (- v_v_135_1)) (- 1)) (<= (- (- v_b_6_1) n) (- 1)) (<= (- v_b_7_1 n) 0) (<= (- j v_v_135_1) 0) (<= (- r (- r)) 0) (= v_b_6_1 (+ n (- 1))) (<= (- (- v_b_7_1) v_b_7_1) (- 2)) (<= (- i (- n)) 2) (<= (- (- r) r) 0) (= (+ n (- 1)) (- j)) (<= (- (- v_b_7_1) (- j)) (- 1))))))} [2019-01-07 14:42:47,005 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-07 14:42:47,006 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-07 14:42:47,006 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-07 14:42:47,006 WARN L223 ngHoareTripleChecker]: -- [2019-01-07 14:42:47,007 WARN L224 ngHoareTripleChecker]: Pre: {2147483631#(or (forall ((v_idx_78 Int) (v_idx_79 Int) (v_idx_77 Int) (v_idx_80 Int)) (exists ((v_b_12_1 Int) (v_v_263_1 Int) (v_b_13_1 Int) (v_v_266_1 Int) (v_v_264_1 Int) (v_v_265_1 Int)) (and (<= (- v_b_12_1 (- c_i)) 3) (<= (- v_b_12_1 (- v_b_12_1)) 0) (= v_v_266_1 (select |c_old(a)| v_idx_80)) (<= (- (- c_n) (- v_v_264_1)) (- 1)) (<= (- (- v_b_13_1) (- c_j)) (- 1)) (<= (- (- v_v_264_1) v_v_264_1) 0) (<= (- (- v_b_13_1) c_j) (- 1)) (<= (- (- v_b_12_1) (- c_i)) 3) (<= (- (- c_i) c_i) (- 2)) (<= (- (- c_n) c_n) (- 2)) (= (- v_v_264_1) c_j) (<= (- c_i c_n) 0) (<= (- (- v_b_13_1) (- c_i)) 0) (<= (- v_b_12_1 (- v_b_13_1)) 3) (<= (- (- c_j) c_n) (- 1)) (or (= (select c_a v_idx_79) v_v_265_1) (< v_idx_79 v_b_13_1)) (<= (- (- v_b_13_1) v_v_264_1) (- 1)) (<= (- c_i (- v_v_264_1)) 3) (<= (- (- c_i) v_v_264_1) (- 1)) (<= (- v_b_13_1 (- v_b_13_1)) 6) (<= (- (- c_i) c_n) (- 2)) (<= (- (- v_b_12_1) c_i) (- 1)) (or (<= v_b_12_1 v_idx_77) (= v_v_263_1 (select c_a v_idx_77))) (<= (- (- v_b_13_1) (- v_v_264_1)) (- 1)) (<= (- v_b_12_1 c_n) (- 1)) (= (- v_v_264_1) (- c_j)) (<= (- c_i (- c_j)) 3) (<= (- c_i v_v_264_1) 3) (<= (- (- c_i) c_j) (- 1)) (<= (- (- v_b_12_1) c_n) (- 1)) (<= (- v_b_13_1 v_v_264_1) 3) (<= (- (- c_i) (- c_j)) (- 1)) (<= (- v_b_12_1 c_j) 0) (<= (- v_b_12_1 c_i) (- 1)) (<= (- v_b_12_1 (- v_v_264_1)) 0) (or (< v_idx_78 v_b_12_1) (= (select c_a v_idx_78) v_v_264_1) (<= v_b_13_1 v_idx_78)) (<= (- (- v_b_12_1) (- v_b_13_1)) 3) (<= (- (- c_j) c_j) 0) (<= (- (- v_b_12_1) c_j) 0) (<= (- c_j (- c_j)) 0) (<= (- v_b_13_1 c_j) 3) (<= (- (- c_j) v_v_264_1) 0) (= (- v_v_264_1) v_b_12_1) (<= (- (- v_b_13_1) c_i) (- 2)) (= c_i v_b_13_1) (<= (- (- c_j) (- v_v_264_1)) 0) (<= (- (- v_b_12_1) v_v_264_1) 0) (<= (- c_i (- c_i)) 6) (<= (- (- v_b_12_1) v_b_13_1) (- 1)) (<= (- c_j c_n) (- 1)) (<= (- (- v_b_12_1) (- v_v_264_1)) 0) (<= (- v_b_12_1 v_b_13_1) (- 1)) (<= (- v_b_12_1 (- c_j)) 0) (<= (- c_i c_j) 3) (<= (- c_j v_v_264_1) 0) (<= (- (- c_n) v_v_264_1) (- 1)) (<= (- v_b_13_1 c_n) 0) (<= (- (- v_b_13_1) c_n) (- 2)) (<= (- (- v_b_12_1) (- c_j)) 0) (<= (- v_b_12_1 v_v_264_1) 0) (<= (- c_j (- v_v_264_1)) 0) (<= (- (- v_b_13_1) v_b_13_1) (- 2)) (<= (- v_v_264_1 (- v_v_264_1)) 0) (<= (- v_b_13_1 (- v_v_264_1)) 3) (<= (- (- v_b_12_1) v_b_12_1) 0) (<= (- v_b_13_1 (- c_j)) 3) (<= (- v_b_13_1 (- c_i)) 6) (<= (- (- c_i) (- v_v_264_1)) (- 1)) (= (- v_v_264_1) 0) (= (- v_v_264_1) v_v_264_1) (<= (- v_b_13_1 c_i) 0)))) (forall ((v_idx_76 Int) (v_idx_74 Int) (v_idx_75 Int) (v_idx_73 Int)) (exists ((v_b_6_1 Int) (v_b_7_1 Int) (v_v_136_1 Int) (v_v_135_1 Int) (v_v_134_1 Int) (v_v_132_1 Int)) (and (<= (- (- v_b_7_1) (- c_i)) 0) (<= (- (- v_b_6_1) v_b_6_1) 0) (<= (- v_b_6_1 v_b_7_1) 0) (<= (- (- c_i) v_v_135_1) 0) (<= (- (- v_b_7_1) (- c_j)) 0) (<= (- c_i v_v_135_1) 1) (<= (- v_b_6_1 (- v_b_7_1)) 1) (<= (- v_b_7_1 (- v_b_7_1)) 2) (<= (- (- c_i) (- v_v_135_1)) 0) (<= (- (- c_i) c_j) 0) (<= (- v_b_6_1 (- c_j)) 0) (<= (- (- v_b_6_1) c_i) 0) (<= (- v_v_135_1 (- v_v_135_1)) 0) (or (= (select c_a v_idx_73) v_v_132_1) (<= v_b_6_1 v_idx_73)) (<= (- v_b_7_1 v_v_135_1) 1) (<= (- (- v_b_6_1) v_b_7_1) 0) (<= (- v_b_7_1 c_j) 1) (<= (- v_b_6_1 (- v_v_135_1)) 0) (<= (- (- v_b_6_1) (- c_j)) 0) (= v_v_136_1 (select |c_old(a)| v_idx_76)) (= c_i v_b_7_1) (<= (- v_b_7_1 c_i) 0) (<= (- v_b_6_1 (- c_i)) 1) (<= (- (- v_v_135_1) v_v_135_1) 0) (<= (- (- v_b_7_1) c_j) 0) (<= (- v_b_7_1 (- c_i)) 2) (<= (- (- v_b_7_1) v_b_7_1) 0) (= (- v_v_135_1) c_j) (= c_j 0) (= c_j (- c_j)) (or (< v_idx_75 v_b_7_1) (= (select c_a v_idx_75) v_v_134_1)) (<= (- c_i c_j) 1) (<= (- (- c_i) (- c_j)) 0) (<= (- v_b_6_1 v_v_135_1) 0) (<= (- c_i (- c_i)) 2) (<= (- (- v_b_7_1) v_v_135_1) 0) (<= (- (- c_j) v_v_135_1) 0) (<= (- (- v_b_6_1) (- v_b_7_1)) 1) (<= (- v_b_6_1 c_j) 0) (<= (- v_b_7_1 (- v_v_135_1)) 1) (<= (- (- c_j) c_j) 0) (<= (- (- c_j) (- v_v_135_1)) 0) (<= (- c_j (- c_j)) 0) (<= (- (- v_b_7_1) (- v_v_135_1)) 0) (= c_j v_b_6_1) (<= (- v_b_7_1 (- c_j)) 1) (<= (- c_j (- v_v_135_1)) 0) (<= (- (- v_b_6_1) c_j) 0) (<= (- (- c_i) c_i) 0) (<= (- (- v_b_6_1) v_v_135_1) 0) (<= (- c_i (- c_j)) 1) (<= (- (- v_b_6_1) (- c_i)) 1) (<= (- v_b_6_1 (- v_b_6_1)) 0) (or (= v_v_135_1 (select c_a v_idx_74)) (< v_idx_74 v_b_6_1) (<= v_b_7_1 v_idx_74)) (<= (- (- v_b_7_1) c_i) 0) (<= (- c_i (- v_v_135_1)) 1) (= v_v_135_1 c_j) (<= (- (- v_b_6_1) (- v_v_135_1)) 0) (<= (- c_j v_v_135_1) 0) (<= (- v_b_6_1 c_i) 0)))))} [2019-01-07 14:42:47,007 WARN L228 ngHoareTripleChecker]: Action: assume i < n;a := a[i := 0];i := i + 1; [2019-01-07 14:42:47,007 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= c_i_primed (+ c_i 1)) (= c_a_primed (store c_a c_i 0)) (< c_i c_n)) [2019-01-07 14:42:47,008 WARN L230 ngHoareTripleChecker]: Post: {2147483630#(or (forall ((v_idx_83 Int) (v_idx_84 Int) (v_idx_81 Int) (v_idx_82 Int)) (exists ((v_b_6_1 Int) (v_v_352_1 Int) (v_v_136_1 Int) (v_v_135_1 Int) (v_v_132_1 Int) (v_b_20_1 Int)) (and (<= (- (- c_i) (- v_v_135_1)) (- 1)) (<= (- (- v_b_6_1) v_b_6_1) 0) (= v_b_6_1 (- c_j)) (or (= (select c_a v_idx_83) v_v_135_1) (<= v_b_20_1 v_idx_83) (< v_idx_83 v_b_6_1)) (<= (- (- c_i) c_i) (- 2)) (<= (- (- c_n) c_n) (- 2)) (<= (- v_b_6_1 (- c_j)) 0) (<= (- v_v_135_1 (- v_v_135_1)) 0) (<= (- c_i c_n) 0) (<= (- (- v_b_20_1) (- c_i)) 0) (<= (- (- c_j) c_n) (- 1)) (<= (- (- v_b_20_1) (- c_j)) (- 1)) (<= (- v_b_20_1 c_i) 0) (<= (- (- v_b_20_1) (- v_b_6_1)) (- 1)) (<= (- (- c_i) c_n) (- 2)) (<= (- (- v_b_20_1) (- v_v_135_1)) (- 1)) (<= (- v_b_6_1 (- v_v_135_1)) 0) (<= (- (- v_b_6_1) (- c_j)) 0) (<= (- (- c_n) v_v_135_1) (- 1)) (<= (- c_i c_j) 2) (<= (- (- v_v_135_1) v_v_135_1) 0) (<= (- v_b_20_1 c_j) 2) (= v_v_135_1 (- c_j)) (<= (- v_b_20_1 (- v_v_135_1)) 2) (<= (- v_b_20_1 (- c_i)) 4) (<= (- (- c_i) c_j) (- 1)) (= c_j (- c_j)) (<= (- (- v_b_20_1) v_b_6_1) (- 1)) (<= (- v_b_6_1 c_n) (- 1)) (<= (- (- c_i) (- c_j)) (- 1)) (<= (- (- v_b_20_1) c_i) (- 2)) (<= (- v_b_6_1 v_v_135_1) 0) (<= (- (- v_b_20_1) v_b_20_1) (- 2)) (<= (- (- c_j) v_v_135_1) 0) (<= (- v_b_20_1 v_v_135_1) 2) (<= (- v_b_20_1 (- v_b_6_1)) 2) (<= (- (- v_b_20_1) c_j) (- 1)) (<= (- v_b_6_1 c_j) 0) (<= (- (- c_j) c_j) 0) (<= (- (- c_j) (- v_v_135_1)) 0) (or (= v_v_352_1 (select c_a v_idx_84)) (< v_idx_84 v_b_20_1)) (<= (- c_i (- c_i)) 4) (<= (- c_j (- c_j)) 0) (<= (- c_i v_v_135_1) 2) (<= (- v_b_20_1 (- v_b_20_1)) 4) (<= (- (- c_i) v_v_135_1) (- 1)) (<= (- c_j (- v_v_135_1)) 0) (<= (- v_b_6_1 (- c_i)) 2) (<= (- (- v_b_6_1) c_j) 0) (<= (- v_b_20_1 v_b_6_1) 2) (<= (- (- v_b_6_1) v_v_135_1) 0) (= (select |c_old(a)| v_idx_81) v_v_136_1) (<= (- (- v_b_6_1) c_i) (- 1)) (<= (- c_j c_n) (- 1)) (= 0 (- c_j)) (<= (- (- c_n) (- v_v_135_1)) (- 1)) (<= (- v_b_6_1 (- v_b_6_1)) 0) (<= (- v_b_20_1 (- c_j)) 2) (<= (- c_i (- v_v_135_1)) 2) (<= (- v_b_6_1 c_i) (- 1)) (<= (- (- v_b_6_1) (- c_i)) 2) (<= (- (- v_b_20_1) c_n) (- 2)) (<= (- (- v_b_6_1) (- v_v_135_1)) 0) (<= (- (- v_b_20_1) v_v_135_1) (- 1)) (<= (- c_i (- c_j)) 2) (= c_i v_b_20_1) (<= (- (- v_b_6_1) c_n) (- 1)) (<= (- c_j v_v_135_1) 0) (or (= (select c_a v_idx_82) v_v_132_1) (<= v_b_6_1 v_idx_82)) (<= (- v_b_20_1 c_n) 0) (= (- v_v_135_1) (- c_j))))) (forall ((v_idx_87 Int) (v_idx_88 Int) (v_idx_85 Int) (v_idx_86 Int)) (exists ((v_b_12_1 Int) (v_b_22_1 Int) (v_v_263_1 Int) (v_v_355_1 Int) (v_v_266_1 Int) (v_v_264_1 Int)) (and (<= (- (- v_b_22_1) c_j) (- 2)) (<= (- v_b_12_1 (- v_b_12_1)) 0) (<= (- (- v_v_264_1) v_v_264_1) 0) (<= (- (- v_b_12_1) v_b_22_1) (- 2)) (<= (- c_i (- c_j)) 4) (<= (- v_b_22_1 c_n) 0) (<= (- (- v_b_22_1) (- c_j)) (- 2)) (or (= (select c_a v_idx_87) v_v_264_1) (< v_idx_87 v_b_12_1) (<= v_b_22_1 v_idx_87)) (<= (- c_i c_n) 0) (<= (- v_b_12_1 c_n) (- 2)) (= 0 v_b_12_1) (= c_i v_b_22_1) (<= (- v_b_12_1 (- v_b_22_1)) 4) (<= (- (- v_b_12_1) (- v_b_22_1)) 4) (<= (- v_b_12_1 c_i) (- 2)) (<= (- (- v_b_12_1) c_i) (- 2)) (<= (- (- c_i) c_n) (- 4)) (<= (- v_b_12_1 (- c_i)) 4) (<= (- (- v_b_22_1) c_n) (- 4)) (<= (- v_b_22_1 (- v_b_22_1)) 8) (<= (- (- c_i) v_v_264_1) (- 2)) (<= (- v_b_22_1 c_i) 0) (<= (- (- c_n) c_n) (- 4)) (<= (- (- v_b_22_1) (- v_v_264_1)) (- 2)) (<= (- c_i (- v_v_264_1)) 4) (= c_j 0) (<= (- (- c_i) c_i) (- 4)) (<= (- v_b_12_1 c_j) 0) (<= (- v_b_22_1 (- c_i)) 8) (<= (- v_b_22_1 (- c_j)) 4) (<= (- v_b_12_1 (- v_v_264_1)) 0) (or (< v_idx_88 v_b_22_1) (= v_v_355_1 (select c_a v_idx_88))) (<= (- (- v_b_22_1) v_v_264_1) (- 2)) (<= (- c_i (- c_i)) 8) (<= (- (- v_b_22_1) v_b_22_1) (- 4)) (<= (- (- v_b_12_1) (- c_i)) 4) (<= (- c_j c_n) (- 2)) (<= (- (- c_j) c_j) 0) (<= (- (- v_b_12_1) c_j) 0) (<= (- c_j (- c_j)) 0) (<= (- c_i c_j) 4) (<= (- (- c_j) v_v_264_1) 0) (<= (- (- v_b_22_1) (- c_i)) 0) (<= (- (- c_j) (- v_v_264_1)) 0) (or (<= v_b_12_1 v_idx_86) (= (select c_a v_idx_86) v_v_263_1)) (<= (- (- v_b_12_1) v_v_264_1) 0) (= v_v_264_1 0) (<= (- (- v_b_12_1) (- v_v_264_1)) 0) (= 0 (- c_j)) (<= (- v_b_22_1 (- v_v_264_1)) 4) (<= (- v_b_12_1 v_b_22_1) (- 2)) (<= (- (- c_i) c_j) (- 2)) (<= (- v_b_12_1 (- c_j)) 0) (<= (- c_i v_v_264_1) 4) (<= (- c_j v_v_264_1) 0) (<= (- (- v_b_12_1) c_n) (- 2)) (<= (- (- c_j) c_n) (- 2)) (<= (- (- c_n) v_v_264_1) (- 2)) (<= (- (- v_b_22_1) c_i) (- 4)) (<= (- (- v_b_12_1) (- c_j)) 0) (<= (- v_b_12_1 v_v_264_1) 0) (<= (- c_j (- v_v_264_1)) 0) (<= (- v_v_264_1 (- v_v_264_1)) 0) (<= (- v_b_22_1 c_j) 4) (<= (- (- v_b_12_1) v_b_12_1) 0) (<= (- (- c_i) (- v_v_264_1)) (- 2)) (= (select |c_old(a)| v_idx_85) v_v_266_1) (= (- v_v_264_1) 0) (<= (- (- c_i) (- c_j)) (- 2)) (<= (- (- c_n) (- v_v_264_1)) (- 2)) (<= (- v_b_22_1 v_v_264_1) 4)))))} [2019-01-07 14:42:47,008 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-07 14:42:47,101 WARN L268 ngHoareTripleChecker]: -- [2019-01-07 14:42:47,102 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-07 14:42:53,303 WARN L181 SmtUtils]: Spent 6.20 s on a formula simplification that was a NOOP. DAG size: 302 [2019-01-07 14:42:53,304 WARN L270 ngHoareTripleChecker]: Pre: {2147483631#(or (forall ((v_idx_78 Int) (v_idx_79 Int) (v_idx_77 Int) (v_idx_80 Int)) (exists ((v_b_12_1 Int) (v_v_263_1 Int) (v_b_13_1 Int) (v_v_266_1 Int) (v_v_264_1 Int) (v_v_265_1 Int)) (and (<= (- v_b_12_1 (- i)) 3) (<= (- v_b_12_1 (- v_b_12_1)) 0) (= v_v_266_1 (select |old(a)| v_idx_80)) (<= (- (- n) (- v_v_264_1)) (- 1)) (<= (- (- v_b_13_1) (- j)) (- 1)) (<= (- (- v_v_264_1) v_v_264_1) 0) (<= (- (- v_b_13_1) j) (- 1)) (<= (- (- v_b_12_1) (- i)) 3) (<= (- (- i) i) (- 2)) (<= (- (- n) n) (- 2)) (= (- v_v_264_1) j) (<= (- i n) 0) (<= (- (- v_b_13_1) (- i)) 0) (<= (- v_b_12_1 (- v_b_13_1)) 3) (<= (- (- j) n) (- 1)) (or (= (select a v_idx_79) v_v_265_1) (< v_idx_79 v_b_13_1)) (<= (- (- v_b_13_1) v_v_264_1) (- 1)) (<= (- i (- v_v_264_1)) 3) (<= (- (- i) v_v_264_1) (- 1)) (<= (- v_b_13_1 (- v_b_13_1)) 6) (<= (- (- i) n) (- 2)) (<= (- (- v_b_12_1) i) (- 1)) (or (<= v_b_12_1 v_idx_77) (= v_v_263_1 (select a v_idx_77))) (<= (- (- v_b_13_1) (- v_v_264_1)) (- 1)) (<= (- v_b_12_1 n) (- 1)) (= (- v_v_264_1) (- j)) (<= (- i (- j)) 3) (<= (- i v_v_264_1) 3) (<= (- (- i) j) (- 1)) (<= (- (- v_b_12_1) n) (- 1)) (<= (- v_b_13_1 v_v_264_1) 3) (<= (- (- i) (- j)) (- 1)) (<= (- v_b_12_1 j) 0) (<= (- v_b_12_1 i) (- 1)) (<= (- v_b_12_1 (- v_v_264_1)) 0) (or (< v_idx_78 v_b_12_1) (= (select a v_idx_78) v_v_264_1) (<= v_b_13_1 v_idx_78)) (<= (- (- v_b_12_1) (- v_b_13_1)) 3) (<= (- (- j) j) 0) (<= (- (- v_b_12_1) j) 0) (<= (- j (- j)) 0) (<= (- v_b_13_1 j) 3) (<= (- (- j) v_v_264_1) 0) (= (- v_v_264_1) v_b_12_1) (<= (- (- v_b_13_1) i) (- 2)) (= i v_b_13_1) (<= (- (- j) (- v_v_264_1)) 0) (<= (- (- v_b_12_1) v_v_264_1) 0) (<= (- i (- i)) 6) (<= (- (- v_b_12_1) v_b_13_1) (- 1)) (<= (- j n) (- 1)) (<= (- (- v_b_12_1) (- v_v_264_1)) 0) (<= (- v_b_12_1 v_b_13_1) (- 1)) (<= (- v_b_12_1 (- j)) 0) (<= (- i j) 3) (<= (- j v_v_264_1) 0) (<= (- (- n) v_v_264_1) (- 1)) (<= (- v_b_13_1 n) 0) (<= (- (- v_b_13_1) n) (- 2)) (<= (- (- v_b_12_1) (- j)) 0) (<= (- v_b_12_1 v_v_264_1) 0) (<= (- j (- v_v_264_1)) 0) (<= (- (- v_b_13_1) v_b_13_1) (- 2)) (<= (- v_v_264_1 (- v_v_264_1)) 0) (<= (- v_b_13_1 (- v_v_264_1)) 3) (<= (- (- v_b_12_1) v_b_12_1) 0) (<= (- v_b_13_1 (- j)) 3) (<= (- v_b_13_1 (- i)) 6) (<= (- (- i) (- v_v_264_1)) (- 1)) (= (- v_v_264_1) 0) (= (- v_v_264_1) v_v_264_1) (<= (- v_b_13_1 i) 0)))) (forall ((v_idx_76 Int) (v_idx_74 Int) (v_idx_75 Int) (v_idx_73 Int)) (exists ((v_b_6_1 Int) (v_b_7_1 Int) (v_v_136_1 Int) (v_v_135_1 Int) (v_v_134_1 Int) (v_v_132_1 Int)) (and (<= (- (- v_b_7_1) (- i)) 0) (<= (- (- v_b_6_1) v_b_6_1) 0) (<= (- v_b_6_1 v_b_7_1) 0) (<= (- (- i) v_v_135_1) 0) (<= (- (- v_b_7_1) (- j)) 0) (<= (- i v_v_135_1) 1) (<= (- v_b_6_1 (- v_b_7_1)) 1) (<= (- v_b_7_1 (- v_b_7_1)) 2) (<= (- (- i) (- v_v_135_1)) 0) (<= (- (- i) j) 0) (<= (- v_b_6_1 (- j)) 0) (<= (- (- v_b_6_1) i) 0) (<= (- v_v_135_1 (- v_v_135_1)) 0) (or (= (select a v_idx_73) v_v_132_1) (<= v_b_6_1 v_idx_73)) (<= (- v_b_7_1 v_v_135_1) 1) (<= (- (- v_b_6_1) v_b_7_1) 0) (<= (- v_b_7_1 j) 1) (<= (- v_b_6_1 (- v_v_135_1)) 0) (<= (- (- v_b_6_1) (- j)) 0) (= v_v_136_1 (select |old(a)| v_idx_76)) (= i v_b_7_1) (<= (- v_b_7_1 i) 0) (<= (- v_b_6_1 (- i)) 1) (<= (- (- v_v_135_1) v_v_135_1) 0) (<= (- (- v_b_7_1) j) 0) (<= (- v_b_7_1 (- i)) 2) (<= (- (- v_b_7_1) v_b_7_1) 0) (= (- v_v_135_1) j) (= j 0) (= j (- j)) (or (< v_idx_75 v_b_7_1) (= (select a v_idx_75) v_v_134_1)) (<= (- i j) 1) (<= (- (- i) (- j)) 0) (<= (- v_b_6_1 v_v_135_1) 0) (<= (- i (- i)) 2) (<= (- (- v_b_7_1) v_v_135_1) 0) (<= (- (- j) v_v_135_1) 0) (<= (- (- v_b_6_1) (- v_b_7_1)) 1) (<= (- v_b_6_1 j) 0) (<= (- v_b_7_1 (- v_v_135_1)) 1) (<= (- (- j) j) 0) (<= (- (- j) (- v_v_135_1)) 0) (<= (- j (- j)) 0) (<= (- (- v_b_7_1) (- v_v_135_1)) 0) (= j v_b_6_1) (<= (- v_b_7_1 (- j)) 1) (<= (- j (- v_v_135_1)) 0) (<= (- (- v_b_6_1) j) 0) (<= (- (- i) i) 0) (<= (- (- v_b_6_1) v_v_135_1) 0) (<= (- i (- j)) 1) (<= (- (- v_b_6_1) (- i)) 1) (<= (- v_b_6_1 (- v_b_6_1)) 0) (or (= v_v_135_1 (select a v_idx_74)) (< v_idx_74 v_b_6_1) (<= v_b_7_1 v_idx_74)) (<= (- (- v_b_7_1) i) 0) (<= (- i (- v_v_135_1)) 1) (= v_v_135_1 j) (<= (- (- v_b_6_1) (- v_v_135_1)) 0) (<= (- j v_v_135_1) 0) (<= (- v_b_6_1 i) 0)))))} [2019-01-07 14:42:53,304 WARN L274 ngHoareTripleChecker]: Action: assume i < n;a := a[i := 0];i := i + 1; [2019-01-07 14:42:53,305 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= c_i_primed (+ c_i 1)) (= c_a_primed (store c_a c_i 0)) (< c_i c_n)) [2019-01-07 14:42:59,487 WARN L181 SmtUtils]: Spent 6.18 s on a formula simplification that was a NOOP. DAG size: 317 [2019-01-07 14:42:59,488 WARN L276 ngHoareTripleChecker]: Post: {2147483630#(or (forall ((v_idx_83 Int) (v_idx_84 Int) (v_idx_81 Int) (v_idx_82 Int)) (exists ((v_b_6_1 Int) (v_v_352_1 Int) (v_v_136_1 Int) (v_v_135_1 Int) (v_v_132_1 Int) (v_b_20_1 Int)) (and (<= (- (- i) (- v_v_135_1)) (- 1)) (<= (- (- v_b_6_1) v_b_6_1) 0) (= v_b_6_1 (- j)) (or (= (select a v_idx_83) v_v_135_1) (<= v_b_20_1 v_idx_83) (< v_idx_83 v_b_6_1)) (<= (- (- i) i) (- 2)) (<= (- (- n) n) (- 2)) (<= (- v_b_6_1 (- j)) 0) (<= (- v_v_135_1 (- v_v_135_1)) 0) (<= (- i n) 0) (<= (- (- v_b_20_1) (- i)) 0) (<= (- (- j) n) (- 1)) (<= (- (- v_b_20_1) (- j)) (- 1)) (<= (- v_b_20_1 i) 0) (<= (- (- v_b_20_1) (- v_b_6_1)) (- 1)) (<= (- (- i) n) (- 2)) (<= (- (- v_b_20_1) (- v_v_135_1)) (- 1)) (<= (- v_b_6_1 (- v_v_135_1)) 0) (<= (- (- v_b_6_1) (- j)) 0) (<= (- (- n) v_v_135_1) (- 1)) (<= (- i j) 2) (<= (- (- v_v_135_1) v_v_135_1) 0) (<= (- v_b_20_1 j) 2) (= v_v_135_1 (- j)) (<= (- v_b_20_1 (- v_v_135_1)) 2) (<= (- v_b_20_1 (- i)) 4) (<= (- (- i) j) (- 1)) (= j (- j)) (<= (- (- v_b_20_1) v_b_6_1) (- 1)) (<= (- v_b_6_1 n) (- 1)) (<= (- (- i) (- j)) (- 1)) (<= (- (- v_b_20_1) i) (- 2)) (<= (- v_b_6_1 v_v_135_1) 0) (<= (- (- v_b_20_1) v_b_20_1) (- 2)) (<= (- (- j) v_v_135_1) 0) (<= (- v_b_20_1 v_v_135_1) 2) (<= (- v_b_20_1 (- v_b_6_1)) 2) (<= (- (- v_b_20_1) j) (- 1)) (<= (- v_b_6_1 j) 0) (<= (- (- j) j) 0) (<= (- (- j) (- v_v_135_1)) 0) (or (= v_v_352_1 (select a v_idx_84)) (< v_idx_84 v_b_20_1)) (<= (- i (- i)) 4) (<= (- j (- j)) 0) (<= (- i v_v_135_1) 2) (<= (- v_b_20_1 (- v_b_20_1)) 4) (<= (- (- i) v_v_135_1) (- 1)) (<= (- j (- v_v_135_1)) 0) (<= (- v_b_6_1 (- i)) 2) (<= (- (- v_b_6_1) j) 0) (<= (- v_b_20_1 v_b_6_1) 2) (<= (- (- v_b_6_1) v_v_135_1) 0) (= (select |old(a)| v_idx_81) v_v_136_1) (<= (- (- v_b_6_1) i) (- 1)) (<= (- j n) (- 1)) (= 0 (- j)) (<= (- (- n) (- v_v_135_1)) (- 1)) (<= (- v_b_6_1 (- v_b_6_1)) 0) (<= (- v_b_20_1 (- j)) 2) (<= (- i (- v_v_135_1)) 2) (<= (- v_b_6_1 i) (- 1)) (<= (- (- v_b_6_1) (- i)) 2) (<= (- (- v_b_20_1) n) (- 2)) (<= (- (- v_b_6_1) (- v_v_135_1)) 0) (<= (- (- v_b_20_1) v_v_135_1) (- 1)) (<= (- i (- j)) 2) (= i v_b_20_1) (<= (- (- v_b_6_1) n) (- 1)) (<= (- j v_v_135_1) 0) (or (= (select a v_idx_82) v_v_132_1) (<= v_b_6_1 v_idx_82)) (<= (- v_b_20_1 n) 0) (= (- v_v_135_1) (- j))))) (forall ((v_idx_87 Int) (v_idx_88 Int) (v_idx_85 Int) (v_idx_86 Int)) (exists ((v_b_12_1 Int) (v_b_22_1 Int) (v_v_263_1 Int) (v_v_355_1 Int) (v_v_266_1 Int) (v_v_264_1 Int)) (and (<= (- (- v_b_22_1) j) (- 2)) (<= (- v_b_12_1 (- v_b_12_1)) 0) (<= (- (- v_v_264_1) v_v_264_1) 0) (<= (- (- v_b_12_1) v_b_22_1) (- 2)) (<= (- i (- j)) 4) (<= (- v_b_22_1 n) 0) (<= (- (- v_b_22_1) (- j)) (- 2)) (or (= (select a v_idx_87) v_v_264_1) (< v_idx_87 v_b_12_1) (<= v_b_22_1 v_idx_87)) (<= (- i n) 0) (<= (- v_b_12_1 n) (- 2)) (= 0 v_b_12_1) (= i v_b_22_1) (<= (- v_b_12_1 (- v_b_22_1)) 4) (<= (- (- v_b_12_1) (- v_b_22_1)) 4) (<= (- v_b_12_1 i) (- 2)) (<= (- (- v_b_12_1) i) (- 2)) (<= (- (- i) n) (- 4)) (<= (- v_b_12_1 (- i)) 4) (<= (- (- v_b_22_1) n) (- 4)) (<= (- v_b_22_1 (- v_b_22_1)) 8) (<= (- (- i) v_v_264_1) (- 2)) (<= (- v_b_22_1 i) 0) (<= (- (- n) n) (- 4)) (<= (- (- v_b_22_1) (- v_v_264_1)) (- 2)) (<= (- i (- v_v_264_1)) 4) (= j 0) (<= (- (- i) i) (- 4)) (<= (- v_b_12_1 j) 0) (<= (- v_b_22_1 (- i)) 8) (<= (- v_b_22_1 (- j)) 4) (<= (- v_b_12_1 (- v_v_264_1)) 0) (or (< v_idx_88 v_b_22_1) (= v_v_355_1 (select a v_idx_88))) (<= (- (- v_b_22_1) v_v_264_1) (- 2)) (<= (- i (- i)) 8) (<= (- (- v_b_22_1) v_b_22_1) (- 4)) (<= (- (- v_b_12_1) (- i)) 4) (<= (- j n) (- 2)) (<= (- (- j) j) 0) (<= (- (- v_b_12_1) j) 0) (<= (- j (- j)) 0) (<= (- i j) 4) (<= (- (- j) v_v_264_1) 0) (<= (- (- v_b_22_1) (- i)) 0) (<= (- (- j) (- v_v_264_1)) 0) (or (<= v_b_12_1 v_idx_86) (= (select a v_idx_86) v_v_263_1)) (<= (- (- v_b_12_1) v_v_264_1) 0) (= v_v_264_1 0) (<= (- (- v_b_12_1) (- v_v_264_1)) 0) (= 0 (- j)) (<= (- v_b_22_1 (- v_v_264_1)) 4) (<= (- v_b_12_1 v_b_22_1) (- 2)) (<= (- (- i) j) (- 2)) (<= (- v_b_12_1 (- j)) 0) (<= (- i v_v_264_1) 4) (<= (- j v_v_264_1) 0) (<= (- (- v_b_12_1) n) (- 2)) (<= (- (- j) n) (- 2)) (<= (- (- n) v_v_264_1) (- 2)) (<= (- (- v_b_22_1) i) (- 4)) (<= (- (- v_b_12_1) (- j)) 0) (<= (- v_b_12_1 v_v_264_1) 0) (<= (- j (- v_v_264_1)) 0) (<= (- v_v_264_1 (- v_v_264_1)) 0) (<= (- v_b_22_1 j) 4) (<= (- (- v_b_12_1) v_b_12_1) 0) (<= (- (- i) (- v_v_264_1)) (- 2)) (= (select |old(a)| v_idx_85) v_v_266_1) (= (- v_v_264_1) 0) (<= (- (- i) (- j)) (- 2)) (<= (- (- n) (- v_v_264_1)) (- 2)) (<= (- v_b_22_1 v_v_264_1) 4)))))} [2019-01-07 14:43:05,831 INFO L266 AbstractInterpreter]: Error location(s) were unreachable [2019-01-07 14:43:05,833 INFO L272 AbstractInterpreter]: Visited 4 different actions 15 times. Merged at 2 different actions 7 times. Widened at 1 different actions 1 times. Found 1 fixpoints after 1 different actions. Largest state had 0 variables. [2019-01-07 14:43:05,837 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-07 14:43:05,837 INFO L403 sIntCurrentIteration]: Generating AbsInt predicates [2019-01-07 14:43:08,534 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-07 14:43:08,534 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-07 14:43:08,534 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-07 14:43:08,535 WARN L223 ngHoareTripleChecker]: -- [2019-01-07 14:43:08,535 WARN L224 ngHoareTripleChecker]: Pre: {54#(forall ((v_idx_173 Int) (v_idx_174 Int) (v_idx_175 Int) (v_idx_176 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_v_685_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (and (<= (- v_b_25_1 (- v_v_385_1)) 0) (<= (- (- v_b_26_1) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) c_j) 0) (<= (- (- c_j) v_v_385_1) 0) (<= (- (- v_b_25_1) (- c_j)) 0) (<= (- (- v_b_26_1) v_b_26_1) 0) (<= (- (- v_b_25_1) c_i) 0) (<= (- (- c_j) c_j) 0) (<= (- (- v_b_26_1) (- c_j)) 0) (<= (- c_j (- c_j)) 0) (<= (- (- c_i) v_v_385_1) 0) (or (<= v_b_25_1 v_idx_173) (= (select c_a v_idx_173) v_v_384_1)) (<= (- (- c_i) c_j) 0) (<= (- (- v_v_385_1) v_v_385_1) 0) (<= (- (- c_i) c_i) 0) (<= (- (- c_j) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) v_v_385_1) 0) (<= (- v_b_25_1 (- c_j)) 0) (<= (- v_b_25_1 v_b_26_1) 0) (= v_v_385_1 c_j) (or (= (select c_a v_idx_174) v_v_385_1) (< v_idx_174 v_b_25_1) (<= v_b_26_1 v_idx_174)) (<= (- (- v_b_25_1) v_b_25_1) 0) (<= (- (- v_b_26_1) c_i) 0) (<= (- c_j v_v_385_1) 0) (<= (- v_v_385_1 (- v_v_385_1)) 0) (<= (- v_b_25_1 v_v_385_1) 0) (<= (- v_b_25_1 (- v_b_25_1)) 0) (<= (- v_b_25_1 c_j) 0) (or (= (select c_a v_idx_175) v_v_386_1) (< v_idx_175 v_b_26_1)) (<= (- (- v_b_25_1) v_v_385_1) 0) (<= (- (- v_b_26_1) (- c_i)) 0) (<= (- (- v_b_25_1) c_j) 0) (= (- v_v_385_1) c_j) (<= (- v_b_25_1 c_i) 0) (<= (- (- c_i) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) (- v_v_385_1)) 0) (<= (- c_j (- v_v_385_1)) 0) (= c_j 0) (= c_j (- c_j)) (= v_v_685_1 (select |c_old(a)| v_idx_176)) (= c_j v_b_25_1) (<= (- (- v_b_25_1) v_b_26_1) 0) (<= (- (- c_i) (- c_j)) 0) (<= (- v_b_26_1 c_i) 0) (= c_i v_b_26_1))))} [2019-01-07 14:43:08,535 WARN L228 ngHoareTripleChecker]: Action: assume i < n;a := a[i := 0];i := i + 1; [2019-01-07 14:43:08,535 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= c_i_primed (+ c_i 1)) (= c_a_primed (store c_a c_i 0)) (< c_i c_n)) [2019-01-07 14:43:08,536 WARN L230 ngHoareTripleChecker]: Post: {55#(forall ((v_idx_179 Int) (v_idx_177 Int) (v_idx_178 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (and (<= (- v_b_25_1 (- v_v_385_1)) 0) (<= (- (- v_b_26_1) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) c_j) 0) (<= (- (- c_j) v_v_385_1) 0) (<= (- (- v_b_25_1) (- c_j)) 0) (<= (- (- v_b_26_1) v_b_26_1) 0) (<= (- (- v_b_25_1) c_i) 0) (<= (- (- c_j) c_j) 0) (<= (- (- v_b_26_1) (- c_j)) 0) (<= (- c_j (- c_j)) 0) (<= (- (- c_i) v_v_385_1) 0) (or (= (select c_a v_idx_177) v_v_384_1) (<= v_b_25_1 v_idx_177)) (<= (- (- c_i) c_j) 0) (<= (- (- v_v_385_1) v_v_385_1) 0) (<= (- (- c_i) c_i) 0) (<= (- (- c_j) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) v_v_385_1) 0) (<= (- v_b_25_1 (- c_j)) 0) (<= (- v_b_25_1 v_b_26_1) 0) (= v_v_385_1 c_j) (<= (- (- v_b_25_1) v_b_25_1) 0) (<= (- (- v_b_26_1) c_i) 0) (<= (- c_j v_v_385_1) 0) (<= (- v_v_385_1 (- v_v_385_1)) 0) (<= (- v_b_25_1 v_v_385_1) 0) (or (< v_idx_178 v_b_25_1) (<= v_b_26_1 v_idx_178) (= (select c_a v_idx_178) v_v_385_1)) (<= (- v_b_25_1 (- v_b_25_1)) 0) (<= (- v_b_25_1 c_j) 0) (<= (- (- v_b_25_1) v_v_385_1) 0) (<= (- (- v_b_26_1) (- c_i)) 0) (<= (- (- v_b_25_1) c_j) 0) (= (- v_v_385_1) c_j) (<= (- v_b_25_1 c_i) 0) (<= (- (- c_i) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) (- v_v_385_1)) 0) (<= (- c_j (- v_v_385_1)) 0) (= c_j 0) (or (< v_idx_179 v_b_26_1) (= (select c_a v_idx_179) v_v_386_1)) (= c_j (- c_j)) (= c_j v_b_25_1) (<= (- (- v_b_25_1) v_b_26_1) 0) (<= (- (- c_i) (- c_j)) 0) (<= (- v_b_26_1 c_i) 0) (= c_i v_b_26_1))))} [2019-01-07 14:43:08,536 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-07 14:43:08,547 WARN L268 ngHoareTripleChecker]: -- [2019-01-07 14:43:08,547 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-07 14:43:08,882 WARN L270 ngHoareTripleChecker]: Pre: {54#(and (<= 0 (* 2 j)) (forall ((v_idx_174 Int)) (or (<= i v_idx_174) (< v_idx_174 j) (= (select a v_idx_174) j))) (<= 0 (* 2 i)) (<= j i) (<= 0 (+ j i)) (<= (- (- j) j) 0) (<= (- j (- j)) 0) (<= (- (- i) j) 0) (<= (- (- i) i) 0) (= j 0) (= j (- j)) (<= (* 2 j) 0) (= (* 2 j) 0) (<= (- (- i) (- j)) 0))} [2019-01-07 14:43:08,883 WARN L274 ngHoareTripleChecker]: Action: assume i < n;a := a[i := 0];i := i + 1; [2019-01-07 14:43:08,883 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= c_i_primed (+ c_i 1)) (= c_a_primed (store c_a c_i 0)) (< c_i c_n)) [2019-01-07 14:43:09,358 WARN L276 ngHoareTripleChecker]: Post: {55#(and (<= 0 (* 2 j)) (<= 0 (* 2 i)) (<= j i) (<= 0 (+ j i)) (<= (- (- j) j) 0) (<= (- j (- j)) 0) (<= (- (- i) j) 0) (<= (- (- i) i) 0) (= j 0) (= j (- j)) (<= (* 2 j) 0) (forall ((v_idx_178 Int)) (or (< v_idx_178 j) (<= i v_idx_178) (= (select a v_idx_178) j))) (= (* 2 j) 0) (<= (- (- i) (- j)) 0))} [2019-01-07 14:43:11,957 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-07 14:43:11,957 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-07 14:43:11,958 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-07 14:43:11,958 WARN L223 ngHoareTripleChecker]: -- [2019-01-07 14:43:11,958 WARN L224 ngHoareTripleChecker]: Pre: {64#(forall ((v_idx_219 Int) (v_idx_221 Int) (v_idx_222 Int) (v_idx_220 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_v_704_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (and (<= (- v_b_25_1 (- v_v_385_1)) 0) (<= (- (- v_b_26_1) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) v_b_26_1) 0) (<= (- (- v_b_25_1) c_i) 0) (or (<= v_b_25_1 v_idx_219) (= v_v_384_1 (select c_a v_idx_219))) (= v_v_704_1 (select |c_old(a)| v_idx_222)) (<= (- (- c_i) v_v_385_1) 0) (or (< v_idx_220 v_b_25_1) (<= v_b_26_1 v_idx_220) (= (select c_a v_idx_220) v_v_385_1)) (<= (- (- v_v_385_1) v_v_385_1) 0) (or (< v_idx_221 v_b_26_1) (= v_v_386_1 (select c_a v_idx_221))) (<= (- (- c_i) c_i) 0) (<= (- (- v_b_26_1) v_v_385_1) 0) (<= (- v_b_25_1 v_b_26_1) 0) (<= (- (- v_b_25_1) v_b_25_1) 0) (<= (- (- v_b_26_1) c_i) 0) (<= (- v_v_385_1 (- v_v_385_1)) 0) (<= (- v_b_25_1 v_v_385_1) 0) (<= (- v_b_25_1 (- v_b_25_1)) 0) (<= (- (- v_b_25_1) v_v_385_1) 0) (= (- v_v_385_1) v_v_385_1) (<= (- (- v_b_26_1) (- c_i)) 0) (<= (- v_b_25_1 c_i) 0) (<= (- (- c_i) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) (- v_v_385_1)) 0) (= (- v_v_385_1) v_b_25_1) (= (- v_v_385_1) 0) (<= (- (- v_b_25_1) v_b_26_1) 0) (<= (- v_b_26_1 c_i) 0) (= c_i v_b_26_1))))} [2019-01-07 14:43:11,958 WARN L228 ngHoareTripleChecker]: Action: assume !(i < n);assume 0 <= r && r < n; [2019-01-07 14:43:11,958 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (< c_r c_n) (not (< c_i c_n)) (<= 0 c_r)) [2019-01-07 14:43:11,959 WARN L230 ngHoareTripleChecker]: Post: {65#(forall ((v_idx_225 Int) (v_idx_223 Int) (v_idx_224 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (and (<= (- v_b_25_1 (- v_v_385_1)) 0) (or (< v_idx_225 v_b_26_1) (= v_v_386_1 (select c_a v_idx_225))) (<= (- (- c_r) v_v_385_1) 0) (or (= (select c_a v_idx_223) v_v_384_1) (<= v_b_25_1 v_idx_223)) (or (<= v_b_26_1 v_idx_224) (= (select c_a v_idx_224) v_v_385_1) (< v_idx_224 v_b_25_1)) (<= (- (- v_b_26_1) c_r) (- 1)) (<= (- (- v_v_385_1) v_v_385_1) 0) (= v_v_385_1 0) (<= (- (- v_b_25_1) v_b_26_1) (- 1)) (<= (- (- c_r) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) v_b_25_1) 0) (<= (- v_v_385_1 (- v_v_385_1)) 0) (= 0 v_b_25_1) (<= (- (- v_b_26_1) (- c_r)) (- 1)) (<= (- v_b_25_1 v_v_385_1) 0) (<= (- v_b_25_1 (- v_b_25_1)) 0) (<= (- (- v_b_25_1) v_v_385_1) 0) (<= (- v_b_25_1 v_b_26_1) (- 1)) (<= (- (- v_b_26_1) v_v_385_1) (- 1)) (<= (- (- v_b_26_1) (- v_v_385_1)) (- 1)) (<= (- v_b_25_1 c_r) 0) (<= (- (- v_b_25_1) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) v_b_26_1) (- 2)) (<= (- (- c_r) c_r) 0) (= (- v_v_385_1) 0) (<= (- (- v_b_25_1) c_r) 0))))} [2019-01-07 14:43:11,959 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-07 14:43:11,993 WARN L268 ngHoareTripleChecker]: -- [2019-01-07 14:43:11,993 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-07 14:43:12,042 WARN L270 ngHoareTripleChecker]: Pre: {64#(and (<= 0 i) (<= 0 (* 2 i)) (<= (- (- i) i) 0) (forall ((v_idx_220 Int)) (or (= (select a v_idx_220) 0) (<= i v_idx_220) (< v_idx_220 0))))} [2019-01-07 14:43:12,042 WARN L274 ngHoareTripleChecker]: Action: assume !(i < n);assume 0 <= r && r < n; [2019-01-07 14:43:12,043 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (< c_r c_n) (not (< c_i c_n)) (<= 0 c_r)) [2019-01-07 14:43:12,156 WARN L276 ngHoareTripleChecker]: Post: {65#(and (forall ((v_prenex_3 Int)) (or (<= 1 (+ v_prenex_3 r)) (= (select a v_prenex_3) 0) (< v_prenex_3 0))) (forall ((v_idx_224 Int)) (or (<= (+ r 1) v_idx_224) (= (select a v_idx_224) 0) (<= 1 v_idx_224) (< v_idx_224 0))) (<= 0 r) (forall ((v_prenex_4 Int)) (or (= (select a v_prenex_4) 0) (<= (+ r 1) v_prenex_4) (< v_prenex_4 0) (<= 1 (+ v_prenex_4 r)))) (<= (- (- r) r) 0) (forall ((v_prenex_1 Int)) (or (< v_prenex_1 0) (<= (+ r 1) v_prenex_1) (= (select a v_prenex_1) 0))) (forall ((v_prenex_5 Int)) (or (= (select a v_prenex_5) 0) (<= 1 v_prenex_5) (< v_prenex_5 0))) (forall ((v_prenex_2 Int)) (or (<= 1 (+ v_prenex_2 r)) (= (select a v_prenex_2) 0) (<= 1 v_prenex_2) (< v_prenex_2 0))))} [2019-01-07 14:43:14,278 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-07 14:43:14,278 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-07 14:43:14,278 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-07 14:43:14,278 WARN L223 ngHoareTripleChecker]: -- [2019-01-07 14:43:14,279 WARN L224 ngHoareTripleChecker]: Pre: {67#(forall ((v_idx_238 Int) (v_idx_239 Int) (v_idx_240 Int) (v_idx_241 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_708_1 Int) (v_v_384_1 Int)) (and (<= (- v_b_25_1 (- v_v_385_1)) 0) (<= (- (- v_b_26_1) (- v_v_385_1)) 0) (or (<= v_b_25_1 v_idx_238) (= v_v_384_1 (select c_a v_idx_238))) (<= (- (- v_b_26_1) v_b_26_1) 0) (<= (- (- v_b_25_1) c_i) 0) (<= (- (- c_i) v_v_385_1) 0) (<= (- (- v_v_385_1) v_v_385_1) 0) (<= (- (- c_i) c_i) 0) (= v_v_385_1 0) (= v_v_385_1 v_b_25_1) (or (< v_idx_239 v_b_25_1) (= v_v_385_1 (select c_a v_idx_239)) (<= v_b_26_1 v_idx_239)) (<= (- (- v_b_26_1) v_v_385_1) 0) (<= (- v_b_25_1 v_b_26_1) 0) (= (select |c_old(a)| v_idx_241) v_v_708_1) (<= (- (- v_b_25_1) v_b_25_1) 0) (<= (- (- v_b_26_1) c_i) 0) (<= (- v_v_385_1 (- v_v_385_1)) 0) (<= (- v_b_25_1 v_v_385_1) 0) (or (= (select c_a v_idx_240) v_v_386_1) (< v_idx_240 v_b_26_1)) (<= (- v_b_25_1 (- v_b_25_1)) 0) (<= (- (- v_b_25_1) v_v_385_1) 0) (= (- v_v_385_1) v_v_385_1) (<= (- (- v_b_26_1) (- c_i)) 0) (<= (- v_b_25_1 c_i) 0) (<= (- (- c_i) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) v_b_26_1) 0) (<= (- v_b_26_1 c_i) 0) (= c_i v_b_26_1))))} [2019-01-07 14:43:14,279 WARN L228 ngHoareTripleChecker]: Action: assume i < n;a := a[i := 0];i := i + 1; [2019-01-07 14:43:14,279 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= c_i_primed (+ c_i 1)) (= c_a_primed (store c_a c_i 0)) (< c_i c_n)) [2019-01-07 14:43:14,279 WARN L230 ngHoareTripleChecker]: Post: {68#(forall ((v_idx_243 Int) (v_idx_244 Int) (v_idx_242 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (and (<= (- v_b_25_1 (- v_v_385_1)) 0) (<= (- (- v_b_26_1) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) v_b_26_1) 0) (<= (- (- v_b_25_1) c_i) 0) (<= (- (- c_i) v_v_385_1) 0) (<= (- (- v_v_385_1) v_v_385_1) 0) (<= (- (- c_i) c_i) 0) (= v_v_385_1 0) (<= (- (- v_b_26_1) v_v_385_1) 0) (<= (- v_b_25_1 v_b_26_1) 0) (<= (- (- v_b_25_1) v_b_25_1) 0) (<= (- (- v_b_26_1) c_i) 0) (<= (- v_v_385_1 (- v_v_385_1)) 0) (= 0 v_b_25_1) (or (< v_idx_244 v_b_26_1) (= (select c_a v_idx_244) v_v_386_1)) (or (= (select c_a v_idx_243) v_v_385_1) (< v_idx_243 v_b_25_1) (<= v_b_26_1 v_idx_243)) (<= (- v_b_25_1 v_v_385_1) 0) (<= (- v_b_25_1 (- v_b_25_1)) 0) (or (= (select c_a v_idx_242) v_v_384_1) (<= v_b_25_1 v_idx_242)) (<= (- (- v_b_25_1) v_v_385_1) 0) (<= (- (- v_b_26_1) (- c_i)) 0) (<= (- v_b_25_1 c_i) 0) (<= (- (- c_i) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) (- v_v_385_1)) 0) (= (- v_v_385_1) 0) (<= (- (- v_b_25_1) v_b_26_1) 0) (<= (- v_b_26_1 c_i) 0) (= c_i v_b_26_1))))} [2019-01-07 14:43:14,279 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-07 14:43:14,292 WARN L268 ngHoareTripleChecker]: -- [2019-01-07 14:43:14,292 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-07 14:43:14,395 WARN L270 ngHoareTripleChecker]: Pre: {67#(and (<= 0 i) (<= 0 (* 2 i)) (<= (- (- i) i) 0) (forall ((v_idx_239 Int)) (or (< v_idx_239 0) (= 0 (select a v_idx_239)) (<= i v_idx_239))))} [2019-01-07 14:43:14,395 WARN L274 ngHoareTripleChecker]: Action: assume i < n;a := a[i := 0];i := i + 1; [2019-01-07 14:43:14,395 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= c_i_primed (+ c_i 1)) (= c_a_primed (store c_a c_i 0)) (< c_i c_n)) [2019-01-07 14:43:14,478 WARN L276 ngHoareTripleChecker]: Post: {68#(and (<= 0 i) (<= 0 (* 2 i)) (<= (- (- i) i) 0) (forall ((v_idx_243 Int)) (or (< v_idx_243 0) (= (select a v_idx_243) 0) (<= i v_idx_243))))} [2019-01-07 14:43:14,480 INFO L227 lantSequenceWeakener]: Weakened 3 states. On average, predicates are now at 42.22% of their original sizes. [2019-01-07 14:43:14,525 INFO L418 sIntCurrentIteration]: Unifying AI predicates [2019-01-07 14:43:16,635 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_idx_256 Int) (v_idx_254 Int) (v_idx_255 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (let ((.cse1 (* 2 v_b_25_1)) (.cse2 (+ v_v_385_1 v_b_25_1)) (.cse0 (* 2 v_v_385_1))) (and (= 0 .cse0) (<= 0 (* 2 c_i)) (<= 0 (+ v_b_26_1 c_i)) (<= .cse1 0) (<= 0 (* 2 v_b_26_1)) (or (= (select c_a v_idx_254) v_v_384_1) (<= v_b_25_1 v_idx_254)) (= 0 v_v_385_1) (<= 0 .cse1) (<= c_i v_b_26_1) (<= 0 (+ v_v_385_1 c_i)) (<= 0 .cse0) (<= 0 (+ v_b_25_1 c_i)) (<= 0 (+ v_b_25_1 v_b_26_1)) (<= v_b_25_1 v_v_385_1) (<= 0 .cse2) (<= v_b_25_1 v_b_26_1) (= 0 .cse2) (<= 0 (+ v_v_385_1 v_b_26_1)) (<= .cse2 0) (or (<= v_b_26_1 v_idx_255) (< v_idx_255 v_b_25_1) (= v_v_385_1 (select c_a v_idx_255))) (<= v_v_385_1 c_i) (<= .cse0 0) (<= v_b_26_1 c_i) (<= v_v_385_1 v_b_26_1) (or (< v_idx_256 v_b_26_1) (= v_v_386_1 (select c_a v_idx_256))) (<= v_b_25_1 c_i) (<= v_v_385_1 v_b_25_1) (= c_i v_b_26_1))))) is different from false [2019-01-07 14:43:18,961 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_idx_261 Int) (v_idx_262 Int) (v_idx_260 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (let ((.cse0 (* 2 v_b_25_1)) (.cse2 (+ v_v_385_1 v_b_25_1)) (.cse1 (* 2 v_v_385_1))) (and (or (<= v_b_26_1 v_idx_261) (< v_idx_261 v_b_25_1) (= (select c_a v_idx_261) v_v_385_1)) (<= 0 (* 2 c_i)) (<= 0 (+ v_b_26_1 c_i)) (<= .cse0 0) (<= 0 (* 2 v_b_26_1)) (= 0 v_v_385_1) (<= 0 .cse0) (<= c_i v_b_26_1) (<= 0 (+ v_v_385_1 c_i)) (<= 0 .cse1) (<= 0 (+ v_b_25_1 c_i)) (= v_v_385_1 0) (<= 0 (+ v_b_25_1 v_b_26_1)) (<= v_b_25_1 v_v_385_1) (<= 0 .cse2) (<= v_b_25_1 v_b_26_1) (= 0 v_b_25_1) (<= 0 (+ v_v_385_1 v_b_26_1)) (<= .cse2 0) (or (<= v_b_25_1 v_idx_260) (= (select c_a v_idx_260) v_v_384_1)) (<= v_v_385_1 c_i) (<= .cse1 0) (<= v_b_26_1 c_i) (<= v_v_385_1 v_b_26_1) (or (< v_idx_262 v_b_26_1) (= (select c_a v_idx_262) v_v_386_1)) (<= v_b_25_1 c_i) (<= v_v_385_1 v_b_25_1) (= c_i v_b_26_1))))) is different from false [2019-01-07 14:43:21,207 WARN L838 $PredicateComparison]: unable to prove that (forall ((v_idx_267 Int) (v_idx_268 Int) (v_idx_266 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (let ((.cse0 (* 2 v_b_25_1)) (.cse2 (+ v_v_385_1 v_b_25_1)) (.cse1 (* 2 v_v_385_1))) (and (<= 2 (* 2 v_b_26_1)) (<= .cse0 0) (<= 1 (+ v_b_25_1 v_b_26_1)) (= 0 v_v_385_1) (<= 0 .cse0) (<= 1 (+ v_b_26_1 c_r)) (<= (+ v_b_25_1 1) v_b_26_1) (<= 0 (+ v_v_385_1 c_r)) (<= (+ c_r 1) v_b_26_1) (<= 0 .cse1) (<= v_b_25_1 c_r) (= v_v_385_1 0) (<= v_b_25_1 v_v_385_1) (<= (+ v_v_385_1 1) v_b_26_1) (<= 0 .cse2) (<= v_v_385_1 c_r) (= 0 v_b_25_1) (or (= (select c_a v_idx_266) v_v_384_1) (<= v_b_25_1 v_idx_266)) (or (= (select c_a v_idx_268) v_v_386_1) (< v_idx_268 v_b_26_1)) (<= .cse2 0) (<= 0 (* 2 c_r)) (<= .cse1 0) (<= 0 (+ v_b_25_1 c_r)) (<= 1 (+ v_v_385_1 v_b_26_1)) (or (= v_v_385_1 (select c_a v_idx_267)) (<= v_b_26_1 v_idx_267) (< v_idx_267 v_b_25_1)) (<= v_v_385_1 v_b_25_1))))) is different from false [2019-01-07 14:43:21,263 INFO L420 sIntCurrentIteration]: We unified 3 AI predicates to 3 [2019-01-07 14:43:23,377 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-07 14:43:23,377 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-07 14:43:23,377 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-07 14:43:23,377 WARN L223 ngHoareTripleChecker]: -- [2019-01-07 14:43:23,378 WARN L224 ngHoareTripleChecker]: Pre: {79#(forall ((v_idx_289 Int) (v_idx_290 Int) (v_idx_287 Int) (v_idx_288 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_v_725_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (and (<= (- v_b_25_1 (- v_v_385_1)) 0) (<= (- (- v_b_26_1) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) v_b_26_1) 0) (<= (- (- v_b_25_1) c_i) 0) (or (= v_v_384_1 (select c_a v_idx_287)) (<= v_b_25_1 v_idx_287)) (= (select |c_old(a)| v_idx_290) v_v_725_1) (<= (- (- c_i) v_v_385_1) 0) (<= (- (- v_v_385_1) v_v_385_1) 0) (<= (- (- c_i) c_i) 0) (= v_v_385_1 0) (= v_v_385_1 v_b_25_1) (<= (- (- v_b_26_1) v_v_385_1) 0) (<= (- v_b_25_1 v_b_26_1) 0) (<= (- (- v_b_25_1) v_b_25_1) 0) (<= (- (- v_b_26_1) c_i) 0) (<= (- v_v_385_1 (- v_v_385_1)) 0) (<= (- v_b_25_1 v_v_385_1) 0) (<= (- v_b_25_1 (- v_b_25_1)) 0) (<= (- (- v_b_25_1) v_v_385_1) 0) (= (- v_v_385_1) v_v_385_1) (<= (- (- v_b_26_1) (- c_i)) 0) (or (< v_idx_289 v_b_26_1) (= v_v_386_1 (select c_a v_idx_289))) (<= (- v_b_25_1 c_i) 0) (or (< v_idx_288 v_b_25_1) (<= v_b_26_1 v_idx_288) (= (select c_a v_idx_288) v_v_385_1)) (<= (- (- c_i) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) v_b_26_1) 0) (<= (- v_b_26_1 c_i) 0) (= c_i v_b_26_1))))} [2019-01-07 14:43:23,378 WARN L228 ngHoareTripleChecker]: Action: assume i < n;a := a[i := 0];i := i + 1; [2019-01-07 14:43:23,378 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= c_i_primed (+ c_i 1)) (= c_a_primed (store c_a c_i 0)) (< c_i c_n)) [2019-01-07 14:43:23,378 WARN L230 ngHoareTripleChecker]: Post: {80#(forall ((v_idx_291 Int) (v_idx_292 Int) (v_idx_293 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (and (<= (- v_b_25_1 (- v_v_385_1)) 0) (<= (- (- v_b_26_1) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) v_b_26_1) 0) (<= (- (- v_b_25_1) c_i) 0) (or (= v_v_386_1 (select c_a v_idx_293)) (< v_idx_293 v_b_26_1)) (<= (- (- c_i) v_v_385_1) 0) (<= (- (- v_v_385_1) v_v_385_1) 0) (<= (- (- c_i) c_i) 0) (= v_v_385_1 0) (or (= (select c_a v_idx_292) v_v_385_1) (< v_idx_292 v_b_25_1) (<= v_b_26_1 v_idx_292)) (<= (- (- v_b_26_1) v_v_385_1) 0) (<= (- v_b_25_1 v_b_26_1) 0) (<= (- (- v_b_25_1) v_b_25_1) 0) (<= (- (- v_b_26_1) c_i) 0) (<= (- v_v_385_1 (- v_v_385_1)) 0) (= 0 v_b_25_1) (<= (- v_b_25_1 v_v_385_1) 0) (<= (- v_b_25_1 (- v_b_25_1)) 0) (<= (- (- v_b_25_1) v_v_385_1) 0) (<= (- (- v_b_26_1) (- c_i)) 0) (<= (- v_b_25_1 c_i) 0) (<= (- (- c_i) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) (- v_v_385_1)) 0) (= (- v_v_385_1) 0) (<= (- (- v_b_25_1) v_b_26_1) 0) (or (<= v_b_25_1 v_idx_291) (= v_v_384_1 (select c_a v_idx_291))) (<= (- v_b_26_1 c_i) 0) (= c_i v_b_26_1))))} [2019-01-07 14:43:23,378 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-07 14:43:23,387 WARN L268 ngHoareTripleChecker]: -- [2019-01-07 14:43:23,388 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-07 14:43:23,903 WARN L270 ngHoareTripleChecker]: Pre: {79#(and (forall ((v_idx_288 Int)) (or (< v_idx_288 0) (<= i v_idx_288) (= (select a v_idx_288) 0))) (<= 0 i) (<= 0 (* 2 i)) (<= (- (- i) i) 0))} [2019-01-07 14:43:23,904 WARN L274 ngHoareTripleChecker]: Action: assume i < n;a := a[i := 0];i := i + 1; [2019-01-07 14:43:23,904 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= c_i_primed (+ c_i 1)) (= c_a_primed (store c_a c_i 0)) (< c_i c_n)) [2019-01-07 14:43:24,058 WARN L276 ngHoareTripleChecker]: Post: {80#(and (forall ((v_idx_292 Int)) (or (= (select a v_idx_292) 0) (< v_idx_292 0) (<= i v_idx_292))) (<= 0 i) (<= 0 (* 2 i)) (<= (- (- i) i) 0))} [2019-01-07 14:43:24,297 INFO L429 sIntCurrentIteration]: Finished generation of AbsInt predicates [2019-01-07 14:43:24,298 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2019-01-07 14:43:24,298 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [3] total 6 [2019-01-07 14:43:24,298 INFO L257 anRefinementStrategy]: Using the first perfect interpolant sequence [2019-01-07 14:43:24,300 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 4 [2019-01-07 14:43:24,300 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-07 14:43:24,300 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states. [2019-01-07 14:43:24,347 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 4 edges. 4 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:24,347 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2019-01-07 14:43:24,348 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2019-01-07 14:43:24,348 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=4, Unknown=3, NotChecked=6, Total=20 [2019-01-07 14:43:24,348 INFO L87 Difference]: Start difference. First operand 5 states and 5 transitions. Second operand 5 states. [2019-01-07 14:43:26,640 WARN L838 $PredicateComparison]: unable to prove that (and (forall ((v_idx_256 Int) (v_idx_254 Int) (v_idx_255 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (let ((.cse1 (* 2 v_b_25_1)) (.cse2 (+ v_v_385_1 v_b_25_1)) (.cse0 (* 2 v_v_385_1))) (and (= 0 .cse0) (<= 0 (* 2 c_i)) (<= 0 (+ v_b_26_1 c_i)) (<= .cse1 0) (<= 0 (* 2 v_b_26_1)) (or (= (select c_a v_idx_254) v_v_384_1) (<= v_b_25_1 v_idx_254)) (= 0 v_v_385_1) (<= 0 .cse1) (<= c_i v_b_26_1) (<= 0 (+ v_v_385_1 c_i)) (<= 0 .cse0) (<= 0 (+ v_b_25_1 c_i)) (<= 0 (+ v_b_25_1 v_b_26_1)) (<= v_b_25_1 v_v_385_1) (<= 0 .cse2) (<= v_b_25_1 v_b_26_1) (= 0 .cse2) (<= 0 (+ v_v_385_1 v_b_26_1)) (<= .cse2 0) (or (<= v_b_26_1 v_idx_255) (< v_idx_255 v_b_25_1) (= v_v_385_1 (select c_a v_idx_255))) (<= v_v_385_1 c_i) (<= .cse0 0) (<= v_b_26_1 c_i) (<= v_v_385_1 v_b_26_1) (or (< v_idx_256 v_b_26_1) (= v_v_386_1 (select c_a v_idx_256))) (<= v_b_25_1 c_i) (<= v_v_385_1 v_b_25_1) (= c_i v_b_26_1))))) (forall ((v_idx_261 Int) (v_idx_262 Int) (v_idx_260 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (let ((.cse3 (* 2 v_b_25_1)) (.cse5 (+ v_v_385_1 v_b_25_1)) (.cse4 (* 2 v_v_385_1))) (and (or (<= v_b_26_1 v_idx_261) (< v_idx_261 v_b_25_1) (= (select c_a v_idx_261) v_v_385_1)) (<= 0 (* 2 c_i)) (<= 0 (+ v_b_26_1 c_i)) (<= .cse3 0) (<= 0 (* 2 v_b_26_1)) (= 0 v_v_385_1) (<= 0 .cse3) (<= c_i v_b_26_1) (<= 0 (+ v_v_385_1 c_i)) (<= 0 .cse4) (<= 0 (+ v_b_25_1 c_i)) (= v_v_385_1 0) (<= 0 (+ v_b_25_1 v_b_26_1)) (<= v_b_25_1 v_v_385_1) (<= 0 .cse5) (<= v_b_25_1 v_b_26_1) (= 0 v_b_25_1) (<= 0 (+ v_v_385_1 v_b_26_1)) (<= .cse5 0) (or (<= v_b_25_1 v_idx_260) (= (select c_a v_idx_260) v_v_384_1)) (<= v_v_385_1 c_i) (<= .cse4 0) (<= v_b_26_1 c_i) (<= v_v_385_1 v_b_26_1) (or (< v_idx_262 v_b_26_1) (= (select c_a v_idx_262) v_v_386_1)) (<= v_b_25_1 c_i) (<= v_v_385_1 v_b_25_1) (= c_i v_b_26_1)))))) is different from false [2019-01-07 14:43:43,376 WARN L214 ngHoareTripleChecker]: Soundness check failed for the following hoare triple [2019-01-07 14:43:43,376 WARN L217 ngHoareTripleChecker]: Expected: UNKNOWN Actual: INVALID [2019-01-07 14:43:43,376 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-07 14:43:43,377 WARN L223 ngHoareTripleChecker]: -- [2019-01-07 14:43:43,377 WARN L224 ngHoareTripleChecker]: Pre: {109#(forall ((v_idx_382 Int) (v_idx_381 Int)) (exists ((v_v_782_1 Int) (v_v_783_1 Int)) (and (= (select |c_old(a)| v_idx_382) v_v_783_1) (= v_v_782_1 (select c_a v_idx_381)))))} [2019-01-07 14:43:43,377 WARN L228 ngHoareTripleChecker]: Action: assume !(a[r] == 0); [2019-01-07 14:43:43,377 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (not (= 0 (select c_a c_r))) [2019-01-07 14:43:43,378 WARN L230 ngHoareTripleChecker]: Post: {110#(forall ((v_idx_383 Int) (v_idx_384 Int) (v_idx_385 Int)) (exists ((v_v_386_1 Int) (v_v_385_1 Int) (v_b_25_1 Int) (v_b_26_1 Int) (v_v_384_1 Int)) (and (<= (- v_b_25_1 (- v_v_385_1)) 0) (or (= (select c_a v_idx_383) v_v_384_1) (<= v_b_25_1 v_idx_383)) (<= (- (- c_r) v_v_385_1) 0) (<= (- (- v_b_26_1) c_r) (- 1)) (<= (- (- v_v_385_1) v_v_385_1) 0) (= v_v_385_1 0) (<= (- (- v_b_25_1) v_b_26_1) (- 1)) (<= (- (- c_r) (- v_v_385_1)) 0) (<= (- (- v_b_25_1) v_b_25_1) 0) (<= (- v_v_385_1 (- v_v_385_1)) 0) (= 0 v_b_25_1) (<= (- (- v_b_26_1) (- c_r)) (- 1)) (<= (- v_b_25_1 v_v_385_1) 0) (<= (- v_b_25_1 (- v_b_25_1)) 0) (or (< v_idx_385 v_b_26_1) (= (select c_a v_idx_385) v_v_386_1)) (<= (- (- v_b_25_1) v_v_385_1) 0) (<= (- v_b_25_1 v_b_26_1) (- 1)) (<= (- (- v_b_26_1) v_v_385_1) (- 1)) (<= (- (- v_b_26_1) (- v_v_385_1)) (- 1)) (<= (- v_b_25_1 c_r) 0) (<= (- (- v_b_25_1) (- v_v_385_1)) 0) (<= (- (- v_b_26_1) v_b_26_1) (- 2)) (or (< v_idx_384 v_b_25_1) (<= v_b_26_1 v_idx_384) (= v_v_385_1 (select c_a v_idx_384))) (<= (- (- c_r) c_r) 0) (= (- v_v_385_1) 0) (<= (- (- v_b_25_1) c_r) 0))))} [2019-01-07 14:43:43,378 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-07 14:43:43,378 WARN L268 ngHoareTripleChecker]: -- [2019-01-07 14:43:43,378 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-07 14:43:43,381 WARN L270 ngHoareTripleChecker]: Pre: {109#true} [2019-01-07 14:43:43,381 WARN L274 ngHoareTripleChecker]: Action: assume !(a[r] == 0); [2019-01-07 14:43:43,381 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (not (= 0 (select c_a c_r))) [2019-01-07 14:43:43,538 WARN L276 ngHoareTripleChecker]: Post: {110#(and (forall ((v_prenex_6 Int)) (or (<= (+ r 1) v_prenex_6) (< v_prenex_6 0) (= (select a v_prenex_6) 0))) (forall ((v_idx_384 Int)) (or (< v_idx_384 0) (= (select a v_idx_384) 0) (<= 1 v_idx_384) (<= (+ r 1) v_idx_384))) (<= 0 r) (forall ((v_prenex_7 Int)) (or (= (select a v_prenex_7) 0) (< v_prenex_7 0) (<= 1 (+ r v_prenex_7)) (<= (+ r 1) v_prenex_7))) (forall ((v_prenex_10 Int)) (or (<= 1 (+ r v_prenex_10)) (< v_prenex_10 0) (= (select a v_prenex_10) 0) (<= 1 v_prenex_10))) (forall ((v_prenex_9 Int)) (or (= (select a v_prenex_9) 0) (< v_prenex_9 0) (<= 1 v_prenex_9))) (forall ((v_prenex_8 Int)) (or (= (select a v_prenex_8) 0) (<= 1 (+ r v_prenex_8)) (< v_prenex_8 0))) (<= (- (- r) r) 0))} [2019-01-07 14:43:43,539 WARN L620 ntHoareTripleChecker]: -- [2019-01-07 14:43:43,539 WARN L621 ntHoareTripleChecker]: Abstract states [2019-01-07 14:43:43,540 WARN L623 ntHoareTripleChecker]: PreS: {#1{Arrays: {[a] -> [-inf_0] v_782 [inf_0], [old(a)] -> [-inf_0] v_783 [inf_0], }, Substate: {10 vars top, }}} [2019-01-07 14:43:43,540 WARN L628 ntHoareTripleChecker]: (not (= 0 (select c_a c_r))) (assume !(a[r] == 0);) [2019-01-07 14:43:43,541 WARN L629 ntHoareTripleChecker]: Post: {#1{Arrays: {[a] -> [-inf_0] v_384 [b_25] v_385 [b_26] v_386 [inf_0], }, Substate: {ints: {v_385 = [0; 0]; b_25 = [0; 0]; r = [0; inf]; b_26 = [1; inf]}, 2 vars top, relations: {b_25 + v_385 = [0; 0]; b_25 - v_385 = [0; 0]; r + v_385 = [0; inf]; r - v_385 = [0; inf]; b_26 + v_385 = [1; inf]; b_26 - v_385 = [1; inf]; b_25 + r = [0; inf]; b_25 - r = [-inf; 0]; b_26 + r = [1; inf]; b_26 - r = [1; inf]; b_25 + b_26 = [1; inf]; b_25 - b_26 = [-inf; -1]}, }}} [2019-01-07 14:43:43,541 WARN L630 ntHoareTripleChecker]: -- [2019-01-07 14:43:43,554 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:43,555 INFO L93 Difference]: Finished difference Result 8 states and 8 transitions. [2019-01-07 14:43:43,555 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2019-01-07 14:43:43,555 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 4 [2019-01-07 14:43:43,555 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-07 14:43:43,555 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2019-01-07 14:43:43,557 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 8 transitions. [2019-01-07 14:43:43,557 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 5 states. [2019-01-07 14:43:43,558 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 8 transitions. [2019-01-07 14:43:43,558 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 8 transitions. [2019-01-07 14:43:43,597 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 8 edges. 8 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:43,597 INFO L225 Difference]: With dead ends: 8 [2019-01-07 14:43:43,598 INFO L226 Difference]: Without dead ends: 6 [2019-01-07 14:43:43,599 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 0 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 4 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 8.9s TimeCoverageRelationStatistics Valid=9, Invalid=5, Unknown=4, NotChecked=12, Total=30 [2019-01-07 14:43:43,599 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 6 states. [2019-01-07 14:43:43,645 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 6 to 6. [2019-01-07 14:43:43,646 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-07 14:43:43,646 INFO L82 GeneralOperation]: Start isEquivalent. First operand 6 states. Second operand 6 states. [2019-01-07 14:43:43,646 INFO L74 IsIncluded]: Start isIncluded. First operand 6 states. Second operand 6 states. [2019-01-07 14:43:43,647 INFO L87 Difference]: Start difference. First operand 6 states. Second operand 6 states. [2019-01-07 14:43:43,649 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:43,649 INFO L93 Difference]: Finished difference Result 6 states and 6 transitions. [2019-01-07 14:43:43,649 INFO L276 IsEmpty]: Start isEmpty. Operand 6 states and 6 transitions. [2019-01-07 14:43:43,649 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:43,650 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:43,650 INFO L74 IsIncluded]: Start isIncluded. First operand 6 states. Second operand 6 states. [2019-01-07 14:43:43,650 INFO L87 Difference]: Start difference. First operand 6 states. Second operand 6 states. [2019-01-07 14:43:43,651 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:43,651 INFO L93 Difference]: Finished difference Result 6 states and 6 transitions. [2019-01-07 14:43:43,651 INFO L276 IsEmpty]: Start isEmpty. Operand 6 states and 6 transitions. [2019-01-07 14:43:43,651 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:43,652 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:43,652 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-07 14:43:43,652 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-07 14:43:43,652 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 6 states. [2019-01-07 14:43:43,653 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 6 transitions. [2019-01-07 14:43:43,653 INFO L78 Accepts]: Start accepts. Automaton has 6 states and 6 transitions. Word has length 4 [2019-01-07 14:43:43,653 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-07 14:43:43,653 INFO L480 AbstractCegarLoop]: Abstraction has 6 states and 6 transitions. [2019-01-07 14:43:43,653 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2019-01-07 14:43:43,654 INFO L276 IsEmpty]: Start isEmpty. Operand 6 states and 6 transitions. [2019-01-07 14:43:43,654 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 6 [2019-01-07 14:43:43,654 INFO L394 BasicCegarLoop]: Found error trace [2019-01-07 14:43:43,654 INFO L402 BasicCegarLoop]: trace histogram [2, 1, 1, 1] [2019-01-07 14:43:43,655 INFO L423 AbstractCegarLoop]: === Iteration 3 === [mainErr0ASSERT_VIOLATIONASSERT]=== [2019-01-07 14:43:43,655 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-07 14:43:43,655 INFO L82 PathProgramCache]: Analyzing trace with hash 28752352, now seen corresponding path program 2 times [2019-01-07 14:43:43,655 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-07 14:43:43,656 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:43,657 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-07 14:43:43,657 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:43,657 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-07 14:43:43,674 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:43,831 INFO L273 TraceCheckUtils]: 0: Hoare triple {135#true} i := 0;assume j == i; {137#(= i 0)} is VALID [2019-01-07 14:43:43,832 INFO L273 TraceCheckUtils]: 1: Hoare triple {137#(= i 0)} assume i < n;a := a[i := 0];i := i + 1; {138#(and (<= i 1) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:43,833 INFO L273 TraceCheckUtils]: 2: Hoare triple {138#(and (<= i 1) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {139#(and (<= i 2) (or (<= i 1) (= 0 (select a 1))) (= 0 (select a 0)))} is VALID [2019-01-07 14:43:43,834 INFO L273 TraceCheckUtils]: 3: Hoare triple {139#(and (<= i 2) (or (<= i 1) (= 0 (select a 1))) (= 0 (select a 0)))} assume !(i < n);assume 0 <= r && r < n; {140#(= 0 (select a r))} is VALID [2019-01-07 14:43:43,835 INFO L273 TraceCheckUtils]: 4: Hoare triple {140#(= 0 (select a r))} assume !(a[r] == 0); {136#false} is VALID [2019-01-07 14:43:43,836 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:43:43,836 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:43,836 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode ABSTRACT_INTERPRETATION [2019-01-07 14:43:43,837 INFO L189 CegarAbsIntRunner]: Skipping current iteration for AI because we have already analyzed this path program [2019-01-07 14:43:43,838 INFO L422 seRefinementStrategy]: Interpolation failed due to KNOWN_IGNORE: AbsInt can only provide a hoare triple checker if it generated fixpoints [2019-01-07 14:43:43,839 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:43,839 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode Z3_IG No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2019-01-07 14:43:43,853 INFO L103 rtionOrderModulation]: Keeping assertion order OUTSIDE_LOOP_FIRST2 [2019-01-07 14:43:43,853 INFO L289 anRefinementStrategy]: Using traceCheck mode Z3_IG with AssertCodeBlockOrder OUTSIDE_LOOP_FIRST2 (IT: FPandBP) [2019-01-07 14:43:43,864 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2019-01-07 14:43:43,864 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-01-07 14:43:43,870 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:43,874 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2019-01-07 14:43:43,944 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2019-01-07 14:43:43,949 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:43,964 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:43,964 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:14 [2019-01-07 14:43:43,967 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:43,967 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_5, v_i_5]. (and (= a (store v_a_5 v_i_5 0)) (<= i (+ v_i_5 1)) (<= v_i_5 0)) [2019-01-07 14:43:43,968 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_5]. (and (<= i (+ v_i_5 1)) (= (select a v_i_5) 0) (<= v_i_5 0)) [2019-01-07 14:43:44,030 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 11 [2019-01-07 14:43:44,032 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:44,072 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 2 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:44,073 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:25, output treesize:24 [2019-01-07 14:43:44,080 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:44,080 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_6, v_i_6, v_i_5]. (and (<= v_i_6 (+ v_i_5 1)) (= (store v_a_6 v_i_6 0) a) (= (select v_a_6 v_i_5) 0) (<= v_i_5 0) (<= i (+ v_i_6 1))) [2019-01-07 14:43:44,080 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_6, v_i_5]. (and (= (select a v_i_6) 0) (<= v_i_6 (+ v_i_5 1)) (= (select a v_i_5) 0) (<= v_i_5 0) (<= i (+ v_i_6 1))) [2019-01-07 14:43:44,264 INFO L273 TraceCheckUtils]: 0: Hoare triple {135#true} i := 0;assume j == i; {144#(<= i 0)} is VALID [2019-01-07 14:43:44,266 INFO L273 TraceCheckUtils]: 1: Hoare triple {144#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {148#(exists ((v_i_5 Int)) (and (<= i (+ v_i_5 1)) (= (select a v_i_5) 0) (<= v_i_5 0)))} is VALID [2019-01-07 14:43:44,269 INFO L273 TraceCheckUtils]: 2: Hoare triple {148#(exists ((v_i_5 Int)) (and (<= i (+ v_i_5 1)) (= (select a v_i_5) 0) (<= v_i_5 0)))} assume i < n;a := a[i := 0];i := i + 1; {152#(exists ((v_i_6 Int) (v_i_5 Int)) (and (= (select a v_i_6) 0) (<= v_i_6 (+ v_i_5 1)) (= (select a v_i_5) 0) (<= v_i_5 0) (<= i (+ v_i_6 1))))} is VALID [2019-01-07 14:43:44,270 INFO L273 TraceCheckUtils]: 3: Hoare triple {152#(exists ((v_i_6 Int) (v_i_5 Int)) (and (= (select a v_i_6) 0) (<= v_i_6 (+ v_i_5 1)) (= (select a v_i_5) 0) (<= v_i_5 0) (<= i (+ v_i_6 1))))} assume !(i < n);assume 0 <= r && r < n; {156#(and (<= 0 r) (exists ((v_i_6 Int) (v_i_5 Int)) (and (= (select a v_i_6) 0) (<= v_i_6 (+ v_i_5 1)) (<= r v_i_6) (= (select a v_i_5) 0) (<= v_i_5 0))))} is VALID [2019-01-07 14:43:44,272 INFO L273 TraceCheckUtils]: 4: Hoare triple {156#(and (<= 0 r) (exists ((v_i_6 Int) (v_i_5 Int)) (and (= (select a v_i_6) 0) (<= v_i_6 (+ v_i_5 1)) (<= r v_i_6) (= (select a v_i_5) 0) (<= v_i_5 0))))} assume !(a[r] == 0); {136#false} is VALID [2019-01-07 14:43:44,272 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:43:44,272 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2019-01-07 14:43:44,413 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2019-01-07 14:43:44,415 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:44,429 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-01-07 14:43:44,430 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:7 [2019-01-07 14:43:44,439 INFO L273 TraceCheckUtils]: 4: Hoare triple {140#(= 0 (select a r))} assume !(a[r] == 0); {136#false} is VALID [2019-01-07 14:43:44,440 INFO L273 TraceCheckUtils]: 3: Hoare triple {163#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume !(i < n);assume 0 <= r && r < n; {140#(= 0 (select a r))} is VALID [2019-01-07 14:43:44,441 INFO L273 TraceCheckUtils]: 2: Hoare triple {163#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {163#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:44,443 INFO L273 TraceCheckUtils]: 1: Hoare triple {144#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {163#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:44,443 INFO L273 TraceCheckUtils]: 0: Hoare triple {135#true} i := 0;assume j == i; {144#(<= i 0)} is VALID [2019-01-07 14:43:44,444 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2019-01-07 14:43:44,468 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 3 imperfect interpolant sequences. [2019-01-07 14:43:44,469 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 3] total 9 [2019-01-07 14:43:44,469 INFO L250 anRefinementStrategy]: Using the first two imperfect interpolant sequences [2019-01-07 14:43:44,469 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 5 [2019-01-07 14:43:44,469 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-07 14:43:44,470 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states. [2019-01-07 14:43:44,488 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 10 edges. 10 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:44,489 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2019-01-07 14:43:44,489 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2019-01-07 14:43:44,489 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=80, Unknown=0, NotChecked=0, Total=110 [2019-01-07 14:43:44,490 INFO L87 Difference]: Start difference. First operand 6 states and 6 transitions. Second operand 10 states. [2019-01-07 14:43:44,861 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:44,861 INFO L93 Difference]: Finished difference Result 9 states and 9 transitions. [2019-01-07 14:43:44,862 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2019-01-07 14:43:44,862 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 5 [2019-01-07 14:43:44,862 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-07 14:43:44,862 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2019-01-07 14:43:44,863 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 9 transitions. [2019-01-07 14:43:44,864 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2019-01-07 14:43:44,865 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 9 transitions. [2019-01-07 14:43:44,865 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 9 transitions. [2019-01-07 14:43:44,912 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 9 edges. 9 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:44,913 INFO L225 Difference]: With dead ends: 9 [2019-01-07 14:43:44,913 INFO L226 Difference]: Without dead ends: 7 [2019-01-07 14:43:44,914 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 0 SyntacticMatches, 3 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 21 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=44, Invalid=112, Unknown=0, NotChecked=0, Total=156 [2019-01-07 14:43:44,914 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 7 states. [2019-01-07 14:43:44,967 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 7 to 7. [2019-01-07 14:43:44,968 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-07 14:43:44,968 INFO L82 GeneralOperation]: Start isEquivalent. First operand 7 states. Second operand 7 states. [2019-01-07 14:43:44,968 INFO L74 IsIncluded]: Start isIncluded. First operand 7 states. Second operand 7 states. [2019-01-07 14:43:44,968 INFO L87 Difference]: Start difference. First operand 7 states. Second operand 7 states. [2019-01-07 14:43:44,969 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:44,969 INFO L93 Difference]: Finished difference Result 7 states and 7 transitions. [2019-01-07 14:43:44,970 INFO L276 IsEmpty]: Start isEmpty. Operand 7 states and 7 transitions. [2019-01-07 14:43:44,970 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:44,970 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:44,971 INFO L74 IsIncluded]: Start isIncluded. First operand 7 states. Second operand 7 states. [2019-01-07 14:43:44,971 INFO L87 Difference]: Start difference. First operand 7 states. Second operand 7 states. [2019-01-07 14:43:44,972 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:44,972 INFO L93 Difference]: Finished difference Result 7 states and 7 transitions. [2019-01-07 14:43:44,973 INFO L276 IsEmpty]: Start isEmpty. Operand 7 states and 7 transitions. [2019-01-07 14:43:44,973 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:44,973 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:44,973 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-07 14:43:44,973 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-07 14:43:44,974 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 7 states. [2019-01-07 14:43:44,974 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 7 transitions. [2019-01-07 14:43:44,975 INFO L78 Accepts]: Start accepts. Automaton has 7 states and 7 transitions. Word has length 5 [2019-01-07 14:43:44,975 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-07 14:43:44,975 INFO L480 AbstractCegarLoop]: Abstraction has 7 states and 7 transitions. [2019-01-07 14:43:44,975 INFO L481 AbstractCegarLoop]: Interpolant automaton has 10 states. [2019-01-07 14:43:44,975 INFO L276 IsEmpty]: Start isEmpty. Operand 7 states and 7 transitions. [2019-01-07 14:43:44,975 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 7 [2019-01-07 14:43:44,976 INFO L394 BasicCegarLoop]: Found error trace [2019-01-07 14:43:44,976 INFO L402 BasicCegarLoop]: trace histogram [3, 1, 1, 1] [2019-01-07 14:43:44,976 INFO L423 AbstractCegarLoop]: === Iteration 4 === [mainErr0ASSERT_VIOLATIONASSERT]=== [2019-01-07 14:43:44,976 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-07 14:43:44,976 INFO L82 PathProgramCache]: Analyzing trace with hash 891320966, now seen corresponding path program 3 times [2019-01-07 14:43:44,977 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-07 14:43:44,977 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:44,978 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2019-01-07 14:43:44,978 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:44,978 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-07 14:43:45,011 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:45,278 INFO L273 TraceCheckUtils]: 0: Hoare triple {214#true} i := 0;assume j == i; {216#(= i 0)} is VALID [2019-01-07 14:43:45,280 INFO L273 TraceCheckUtils]: 1: Hoare triple {216#(= i 0)} assume i < n;a := a[i := 0];i := i + 1; {217#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:45,282 INFO L273 TraceCheckUtils]: 2: Hoare triple {217#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {218#(and (<= i 2) (or (<= i 1) (= 0 (select (store a i 0) 1))) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:45,284 INFO L273 TraceCheckUtils]: 3: Hoare triple {218#(and (<= i 2) (or (<= i 1) (= 0 (select (store a i 0) 1))) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {219#(and (or (<= i 1) (and (<= i 3) (= 0 (select a 1)) (= 0 (select a (+ i (- 1)))))) (= 0 (select a 0)))} is VALID [2019-01-07 14:43:45,285 INFO L273 TraceCheckUtils]: 4: Hoare triple {219#(and (or (<= i 1) (and (<= i 3) (= 0 (select a 1)) (= 0 (select a (+ i (- 1)))))) (= 0 (select a 0)))} assume !(i < n);assume 0 <= r && r < n; {220#(= 0 (select a r))} is VALID [2019-01-07 14:43:45,286 INFO L273 TraceCheckUtils]: 5: Hoare triple {220#(= 0 (select a r))} assume !(a[r] == 0); {215#false} is VALID [2019-01-07 14:43:45,287 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:43:45,287 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:45,287 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode ABSTRACT_INTERPRETATION [2019-01-07 14:43:45,287 INFO L189 CegarAbsIntRunner]: Skipping current iteration for AI because we have already analyzed this path program [2019-01-07 14:43:45,287 INFO L422 seRefinementStrategy]: Interpolation failed due to KNOWN_IGNORE: AbsInt can only provide a hoare triple checker if it generated fixpoints [2019-01-07 14:43:45,288 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:45,288 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode Z3_IG No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2019-01-07 14:43:45,297 INFO L103 rtionOrderModulation]: Keeping assertion order TERMS_WITH_SMALL_CONSTANTS_FIRST [2019-01-07 14:43:45,298 INFO L289 anRefinementStrategy]: Using traceCheck mode Z3_IG with AssertCodeBlockOrder TERMS_WITH_SMALL_CONSTANTS_FIRST (IT: FPandBP) [2019-01-07 14:43:45,303 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-01-07 14:43:45,303 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-01-07 14:43:45,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:45,307 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2019-01-07 14:43:45,330 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2019-01-07 14:43:45,331 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:45,339 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:45,339 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:14 [2019-01-07 14:43:45,343 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:45,343 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_9, v_i_9]. (and (<= v_i_9 0) (= a (store v_a_9 v_i_9 0)) (<= i (+ v_i_9 1))) [2019-01-07 14:43:45,344 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_9]. (and (<= v_i_9 0) (= (select a v_i_9) 0) (<= i (+ v_i_9 1))) [2019-01-07 14:43:45,415 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 11 [2019-01-07 14:43:45,416 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:45,442 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 2 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:45,443 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:25, output treesize:24 [2019-01-07 14:43:45,448 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:45,448 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_10, v_i_10, v_i_9]. (and (<= v_i_9 0) (<= i (+ v_i_10 1)) (<= v_i_10 (+ v_i_9 1)) (= a (store v_a_10 v_i_10 0)) (= (select v_a_10 v_i_9) 0)) [2019-01-07 14:43:45,448 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_10, v_i_9]. (and (<= v_i_9 0) (<= i (+ v_i_10 1)) (<= v_i_10 (+ v_i_9 1)) (= (select a v_i_9) 0) (= 0 (select a v_i_10))) [2019-01-07 14:43:45,504 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 16 [2019-01-07 14:43:45,506 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:45,529 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-1 vars, End of recursive call: 3 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:45,529 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 4 variables, input treesize:35, output treesize:34 [2019-01-07 14:43:45,540 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:45,541 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_11, v_i_11, v_i_9, v_i_10]. (and (<= v_i_9 0) (<= v_i_10 (+ v_i_9 1)) (= (select v_a_11 v_i_10) 0) (<= v_i_11 (+ v_i_10 1)) (<= i (+ v_i_11 1)) (= a (store v_a_11 v_i_11 0)) (= (select v_a_11 v_i_9) 0)) [2019-01-07 14:43:45,541 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_11, v_i_9, v_i_10]. (and (<= v_i_9 0) (= 0 (select a v_i_11)) (<= v_i_10 (+ v_i_9 1)) (= (select a v_i_9) 0) (<= v_i_11 (+ v_i_10 1)) (<= i (+ v_i_11 1)) (= 0 (select a v_i_10))) [2019-01-07 14:43:45,663 INFO L273 TraceCheckUtils]: 0: Hoare triple {214#true} i := 0;assume j == i; {224#(<= i 0)} is VALID [2019-01-07 14:43:45,665 INFO L273 TraceCheckUtils]: 1: Hoare triple {224#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {228#(exists ((v_i_9 Int)) (and (<= v_i_9 0) (= (select a v_i_9) 0) (<= i (+ v_i_9 1))))} is VALID [2019-01-07 14:43:45,667 INFO L273 TraceCheckUtils]: 2: Hoare triple {228#(exists ((v_i_9 Int)) (and (<= v_i_9 0) (= (select a v_i_9) 0) (<= i (+ v_i_9 1))))} assume i < n;a := a[i := 0];i := i + 1; {232#(exists ((v_i_10 Int) (v_i_9 Int)) (and (<= v_i_9 0) (<= i (+ v_i_10 1)) (<= v_i_10 (+ v_i_9 1)) (= (select a v_i_9) 0) (= 0 (select a v_i_10))))} is VALID [2019-01-07 14:43:45,671 INFO L273 TraceCheckUtils]: 3: Hoare triple {232#(exists ((v_i_10 Int) (v_i_9 Int)) (and (<= v_i_9 0) (<= i (+ v_i_10 1)) (<= v_i_10 (+ v_i_9 1)) (= (select a v_i_9) 0) (= 0 (select a v_i_10))))} assume i < n;a := a[i := 0];i := i + 1; {236#(exists ((v_i_11 Int) (v_i_10 Int) (v_i_9 Int)) (and (<= v_i_9 0) (= 0 (select a v_i_11)) (<= v_i_10 (+ v_i_9 1)) (= (select a v_i_9) 0) (<= i (+ v_i_11 1)) (= 0 (select a v_i_10)) (<= v_i_11 (+ v_i_10 1))))} is VALID [2019-01-07 14:43:45,673 INFO L273 TraceCheckUtils]: 4: Hoare triple {236#(exists ((v_i_11 Int) (v_i_10 Int) (v_i_9 Int)) (and (<= v_i_9 0) (= 0 (select a v_i_11)) (<= v_i_10 (+ v_i_9 1)) (= (select a v_i_9) 0) (<= i (+ v_i_11 1)) (= 0 (select a v_i_10)) (<= v_i_11 (+ v_i_10 1))))} assume !(i < n);assume 0 <= r && r < n; {240#(and (<= 0 r) (exists ((v_i_11 Int) (v_i_10 Int) (v_i_9 Int)) (and (<= v_i_9 0) (= 0 (select a v_i_11)) (<= v_i_10 (+ v_i_9 1)) (= (select a v_i_9) 0) (<= r v_i_11) (= 0 (select a v_i_10)) (<= v_i_11 (+ v_i_10 1)))))} is VALID [2019-01-07 14:43:45,675 INFO L273 TraceCheckUtils]: 5: Hoare triple {240#(and (<= 0 r) (exists ((v_i_11 Int) (v_i_10 Int) (v_i_9 Int)) (and (<= v_i_9 0) (= 0 (select a v_i_11)) (<= v_i_10 (+ v_i_9 1)) (= (select a v_i_9) 0) (<= r v_i_11) (= 0 (select a v_i_10)) (<= v_i_11 (+ v_i_10 1)))))} assume !(a[r] == 0); {215#false} is VALID [2019-01-07 14:43:45,676 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:43:45,677 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2019-01-07 14:43:45,924 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2019-01-07 14:43:45,926 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:45,937 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-01-07 14:43:45,938 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:7 [2019-01-07 14:43:45,948 INFO L273 TraceCheckUtils]: 5: Hoare triple {220#(= 0 (select a r))} assume !(a[r] == 0); {215#false} is VALID [2019-01-07 14:43:45,949 INFO L273 TraceCheckUtils]: 4: Hoare triple {247#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume !(i < n);assume 0 <= r && r < n; {220#(= 0 (select a r))} is VALID [2019-01-07 14:43:45,951 INFO L273 TraceCheckUtils]: 3: Hoare triple {247#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {247#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:45,952 INFO L273 TraceCheckUtils]: 2: Hoare triple {247#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {247#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:45,953 INFO L273 TraceCheckUtils]: 1: Hoare triple {224#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {247#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:45,955 INFO L273 TraceCheckUtils]: 0: Hoare triple {214#true} i := 0;assume j == i; {224#(<= i 0)} is VALID [2019-01-07 14:43:45,955 INFO L134 CoverageAnalysis]: Checked inductivity of 6 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2019-01-07 14:43:45,985 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 3 imperfect interpolant sequences. [2019-01-07 14:43:45,986 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 5, 3] total 11 [2019-01-07 14:43:45,986 INFO L250 anRefinementStrategy]: Using the first two imperfect interpolant sequences [2019-01-07 14:43:45,986 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 6 [2019-01-07 14:43:45,986 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-07 14:43:45,986 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states. [2019-01-07 14:43:46,007 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:46,008 INFO L459 AbstractCegarLoop]: Interpolant automaton has 12 states [2019-01-07 14:43:46,008 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2019-01-07 14:43:46,008 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=43, Invalid=113, Unknown=0, NotChecked=0, Total=156 [2019-01-07 14:43:46,008 INFO L87 Difference]: Start difference. First operand 7 states and 7 transitions. Second operand 12 states. [2019-01-07 14:43:46,321 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:46,321 INFO L93 Difference]: Finished difference Result 10 states and 10 transitions. [2019-01-07 14:43:46,322 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2019-01-07 14:43:46,322 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 6 [2019-01-07 14:43:46,322 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-07 14:43:46,322 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2019-01-07 14:43:46,323 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 10 transitions. [2019-01-07 14:43:46,323 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 12 states. [2019-01-07 14:43:46,324 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 10 transitions. [2019-01-07 14:43:46,325 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 10 transitions. [2019-01-07 14:43:46,337 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 10 edges. 10 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:46,338 INFO L225 Difference]: With dead ends: 10 [2019-01-07 14:43:46,338 INFO L226 Difference]: Without dead ends: 8 [2019-01-07 14:43:46,338 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 0 SyntacticMatches, 4 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 37 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=58, Invalid=152, Unknown=0, NotChecked=0, Total=210 [2019-01-07 14:43:46,338 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 8 states. [2019-01-07 14:43:46,404 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 8 to 8. [2019-01-07 14:43:46,404 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-07 14:43:46,404 INFO L82 GeneralOperation]: Start isEquivalent. First operand 8 states. Second operand 8 states. [2019-01-07 14:43:46,404 INFO L74 IsIncluded]: Start isIncluded. First operand 8 states. Second operand 8 states. [2019-01-07 14:43:46,404 INFO L87 Difference]: Start difference. First operand 8 states. Second operand 8 states. [2019-01-07 14:43:46,405 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:46,406 INFO L93 Difference]: Finished difference Result 8 states and 8 transitions. [2019-01-07 14:43:46,406 INFO L276 IsEmpty]: Start isEmpty. Operand 8 states and 8 transitions. [2019-01-07 14:43:46,406 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:46,406 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:46,407 INFO L74 IsIncluded]: Start isIncluded. First operand 8 states. Second operand 8 states. [2019-01-07 14:43:46,407 INFO L87 Difference]: Start difference. First operand 8 states. Second operand 8 states. [2019-01-07 14:43:46,408 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:46,408 INFO L93 Difference]: Finished difference Result 8 states and 8 transitions. [2019-01-07 14:43:46,408 INFO L276 IsEmpty]: Start isEmpty. Operand 8 states and 8 transitions. [2019-01-07 14:43:46,408 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:46,409 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:46,409 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-07 14:43:46,409 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-07 14:43:46,409 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 8 states. [2019-01-07 14:43:46,410 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 8 transitions. [2019-01-07 14:43:46,410 INFO L78 Accepts]: Start accepts. Automaton has 8 states and 8 transitions. Word has length 6 [2019-01-07 14:43:46,410 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-07 14:43:46,410 INFO L480 AbstractCegarLoop]: Abstraction has 8 states and 8 transitions. [2019-01-07 14:43:46,410 INFO L481 AbstractCegarLoop]: Interpolant automaton has 12 states. [2019-01-07 14:43:46,410 INFO L276 IsEmpty]: Start isEmpty. Operand 8 states and 8 transitions. [2019-01-07 14:43:46,411 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 8 [2019-01-07 14:43:46,411 INFO L394 BasicCegarLoop]: Found error trace [2019-01-07 14:43:46,411 INFO L402 BasicCegarLoop]: trace histogram [4, 1, 1, 1] [2019-01-07 14:43:46,411 INFO L423 AbstractCegarLoop]: === Iteration 5 === [mainErr0ASSERT_VIOLATIONASSERT]=== [2019-01-07 14:43:46,411 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-07 14:43:46,412 INFO L82 PathProgramCache]: Analyzing trace with hash 1861144224, now seen corresponding path program 4 times [2019-01-07 14:43:46,412 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-07 14:43:46,413 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:46,413 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2019-01-07 14:43:46,413 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:46,413 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-07 14:43:46,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:46,953 WARN L181 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 38 DAG size of output: 31 [2019-01-07 14:43:47,023 INFO L273 TraceCheckUtils]: 0: Hoare triple {307#true} i := 0;assume j == i; {309#(= 0 i)} is VALID [2019-01-07 14:43:47,024 INFO L273 TraceCheckUtils]: 1: Hoare triple {309#(= 0 i)} assume i < n;a := a[i := 0];i := i + 1; {310#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:47,026 INFO L273 TraceCheckUtils]: 2: Hoare triple {310#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {311#(and (<= i 2) (or (<= i 1) (= 0 (select (store a i 0) 1))) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:47,028 INFO L273 TraceCheckUtils]: 3: Hoare triple {311#(and (<= i 2) (or (<= i 1) (= 0 (select (store a i 0) 1))) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {312#(and (or (<= i 1) (and (= 0 (select (store a i 0) 1)) (<= i 3) (= 0 (select (store a i 0) (+ i (- 1)))))) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:47,050 INFO L273 TraceCheckUtils]: 4: Hoare triple {312#(and (or (<= i 1) (and (= 0 (select (store a i 0) 1)) (<= i 3) (= 0 (select (store a i 0) (+ i (- 1)))))) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {313#(and (= 0 (select a 0)) (or (<= i 1) (and (= 0 (select a (+ (+ 1 1) (- 1)))) (<= i 3) (= 0 (select a (+ i (- 1))))) (and (= 0 (select a 1)) (= 0 (select a (+ i (- 1)))) (<= i 4) (= 0 (select a (+ (+ 2 1) (- 1)))))))} is VALID [2019-01-07 14:43:47,064 INFO L273 TraceCheckUtils]: 5: Hoare triple {313#(and (= 0 (select a 0)) (or (<= i 1) (and (= 0 (select a (+ (+ 1 1) (- 1)))) (<= i 3) (= 0 (select a (+ i (- 1))))) (and (= 0 (select a 1)) (= 0 (select a (+ i (- 1)))) (<= i 4) (= 0 (select a (+ (+ 2 1) (- 1)))))))} assume !(i < n);assume 0 <= r && r < n; {314#(= 0 (select a r))} is VALID [2019-01-07 14:43:47,071 INFO L273 TraceCheckUtils]: 6: Hoare triple {314#(= 0 (select a r))} assume !(a[r] == 0); {308#false} is VALID [2019-01-07 14:43:47,072 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 10 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:43:47,072 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:47,072 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode ABSTRACT_INTERPRETATION [2019-01-07 14:43:47,072 INFO L189 CegarAbsIntRunner]: Skipping current iteration for AI because we have already analyzed this path program [2019-01-07 14:43:47,072 INFO L422 seRefinementStrategy]: Interpolation failed due to KNOWN_IGNORE: AbsInt can only provide a hoare triple checker if it generated fixpoints [2019-01-07 14:43:47,072 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:47,073 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode Z3_IG No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2019-01-07 14:43:47,081 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-07 14:43:47,081 INFO L289 anRefinementStrategy]: Using traceCheck mode Z3_IG with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: FPandBP) [2019-01-07 14:43:47,086 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:47,092 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:47,093 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2019-01-07 14:43:47,118 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2019-01-07 14:43:47,119 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:47,131 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:47,132 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:14 [2019-01-07 14:43:47,136 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:47,136 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_15, v_i_15]. (and (= (store v_a_15 v_i_15 0) a) (<= i (+ v_i_15 1)) (<= v_i_15 0)) [2019-01-07 14:43:47,136 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_15]. (and (= (select a v_i_15) 0) (<= i (+ v_i_15 1)) (<= v_i_15 0)) [2019-01-07 14:43:47,174 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 11 [2019-01-07 14:43:47,176 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:47,189 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 2 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:47,189 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:25, output treesize:24 [2019-01-07 14:43:47,196 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:47,196 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_16, v_i_16, v_i_15]. (and (= (select v_a_16 v_i_15) 0) (= (store v_a_16 v_i_16 0) a) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (<= i (+ v_i_16 1))) [2019-01-07 14:43:47,197 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_15, v_i_16]. (and (= (select a v_i_15) 0) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (= 0 (select a v_i_16)) (<= i (+ v_i_16 1))) [2019-01-07 14:43:47,295 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 16 [2019-01-07 14:43:47,297 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:47,317 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-1 vars, End of recursive call: 3 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:47,317 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 4 variables, input treesize:35, output treesize:34 [2019-01-07 14:43:47,325 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:47,325 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_17, v_i_17, v_i_16, v_i_15]. (and (= 0 (select v_a_17 v_i_16)) (<= v_i_17 (+ v_i_16 1)) (= a (store v_a_17 v_i_17 0)) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (<= i (+ v_i_17 1)) (= 0 (select v_a_17 v_i_15))) [2019-01-07 14:43:47,325 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_17, v_i_16, v_i_15]. (and (<= v_i_17 (+ v_i_16 1)) (= (select a v_i_15) 0) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (= (select a v_i_17) 0) (= 0 (select a v_i_16)) (<= i (+ v_i_17 1))) [2019-01-07 14:43:47,401 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 22 treesize of output 21 [2019-01-07 14:43:47,408 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:47,435 INFO L267 ElimStorePlain]: Start of recursive call 1: 4 dim-0 vars, 1 dim-1 vars, End of recursive call: 4 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:47,435 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 5 variables, input treesize:45, output treesize:44 [2019-01-07 14:43:47,614 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:47,614 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_18, v_i_18, v_i_17, v_i_16, v_i_15]. (and (<= v_i_17 (+ v_i_16 1)) (= 0 (select v_a_18 v_i_17)) (<= v_i_15 0) (<= i (+ v_i_18 1)) (<= v_i_16 (+ v_i_15 1)) (= (select v_a_18 v_i_15) 0) (= 0 (select v_a_18 v_i_16)) (<= v_i_18 (+ v_i_17 1)) (= (store v_a_18 v_i_18 0) a)) [2019-01-07 14:43:47,614 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_17, v_i_16, v_i_15, v_i_18]. (and (<= v_i_17 (+ v_i_16 1)) (= (select a v_i_15) 0) (<= v_i_15 0) (<= i (+ v_i_18 1)) (<= v_i_16 (+ v_i_15 1)) (= (select a v_i_17) 0) (= 0 (select a v_i_18)) (= 0 (select a v_i_16)) (<= v_i_18 (+ v_i_17 1))) [2019-01-07 14:43:47,768 INFO L273 TraceCheckUtils]: 0: Hoare triple {307#true} i := 0;assume j == i; {318#(<= i 0)} is VALID [2019-01-07 14:43:47,769 INFO L273 TraceCheckUtils]: 1: Hoare triple {318#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {322#(exists ((v_i_15 Int)) (and (= (select a v_i_15) 0) (<= i (+ v_i_15 1)) (<= v_i_15 0)))} is VALID [2019-01-07 14:43:47,772 INFO L273 TraceCheckUtils]: 2: Hoare triple {322#(exists ((v_i_15 Int)) (and (= (select a v_i_15) 0) (<= i (+ v_i_15 1)) (<= v_i_15 0)))} assume i < n;a := a[i := 0];i := i + 1; {326#(exists ((v_i_15 Int) (v_i_16 Int)) (and (= (select a v_i_15) 0) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (= 0 (select a v_i_16)) (<= i (+ v_i_16 1))))} is VALID [2019-01-07 14:43:47,776 INFO L273 TraceCheckUtils]: 3: Hoare triple {326#(exists ((v_i_15 Int) (v_i_16 Int)) (and (= (select a v_i_15) 0) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (= 0 (select a v_i_16)) (<= i (+ v_i_16 1))))} assume i < n;a := a[i := 0];i := i + 1; {330#(exists ((v_i_15 Int) (v_i_17 Int) (v_i_16 Int)) (and (<= v_i_17 (+ v_i_16 1)) (= (select a v_i_15) 0) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (= (select a v_i_17) 0) (= 0 (select a v_i_16)) (<= i (+ v_i_17 1))))} is VALID [2019-01-07 14:43:47,786 INFO L273 TraceCheckUtils]: 4: Hoare triple {330#(exists ((v_i_15 Int) (v_i_17 Int) (v_i_16 Int)) (and (<= v_i_17 (+ v_i_16 1)) (= (select a v_i_15) 0) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (= (select a v_i_17) 0) (= 0 (select a v_i_16)) (<= i (+ v_i_17 1))))} assume i < n;a := a[i := 0];i := i + 1; {334#(exists ((v_i_15 Int) (v_i_17 Int) (v_i_16 Int) (v_i_18 Int)) (and (<= v_i_17 (+ v_i_16 1)) (= (select a v_i_15) 0) (<= v_i_15 0) (<= i (+ v_i_18 1)) (<= v_i_16 (+ v_i_15 1)) (= (select a v_i_17) 0) (= 0 (select a v_i_18)) (= 0 (select a v_i_16)) (<= v_i_18 (+ v_i_17 1))))} is VALID [2019-01-07 14:43:47,792 INFO L273 TraceCheckUtils]: 5: Hoare triple {334#(exists ((v_i_15 Int) (v_i_17 Int) (v_i_16 Int) (v_i_18 Int)) (and (<= v_i_17 (+ v_i_16 1)) (= (select a v_i_15) 0) (<= v_i_15 0) (<= i (+ v_i_18 1)) (<= v_i_16 (+ v_i_15 1)) (= (select a v_i_17) 0) (= 0 (select a v_i_18)) (= 0 (select a v_i_16)) (<= v_i_18 (+ v_i_17 1))))} assume !(i < n);assume 0 <= r && r < n; {338#(and (exists ((v_i_15 Int) (v_i_17 Int) (v_i_16 Int) (v_i_18 Int)) (and (<= v_i_17 (+ v_i_16 1)) (= (select a v_i_15) 0) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (= (select a v_i_17) 0) (= 0 (select a v_i_18)) (= 0 (select a v_i_16)) (<= r v_i_18) (<= v_i_18 (+ v_i_17 1)))) (<= 0 r))} is VALID [2019-01-07 14:43:47,793 INFO L273 TraceCheckUtils]: 6: Hoare triple {338#(and (exists ((v_i_15 Int) (v_i_17 Int) (v_i_16 Int) (v_i_18 Int)) (and (<= v_i_17 (+ v_i_16 1)) (= (select a v_i_15) 0) (<= v_i_15 0) (<= v_i_16 (+ v_i_15 1)) (= (select a v_i_17) 0) (= 0 (select a v_i_18)) (= 0 (select a v_i_16)) (<= r v_i_18) (<= v_i_18 (+ v_i_17 1)))) (<= 0 r))} assume !(a[r] == 0); {308#false} is VALID [2019-01-07 14:43:47,794 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 10 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:43:47,794 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2019-01-07 14:43:48,095 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2019-01-07 14:43:48,097 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:48,108 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-01-07 14:43:48,109 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:7 [2019-01-07 14:43:48,119 INFO L273 TraceCheckUtils]: 6: Hoare triple {314#(= 0 (select a r))} assume !(a[r] == 0); {308#false} is VALID [2019-01-07 14:43:48,120 INFO L273 TraceCheckUtils]: 5: Hoare triple {345#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume !(i < n);assume 0 <= r && r < n; {314#(= 0 (select a r))} is VALID [2019-01-07 14:43:48,122 INFO L273 TraceCheckUtils]: 4: Hoare triple {345#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {345#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:48,125 INFO L273 TraceCheckUtils]: 3: Hoare triple {345#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {345#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:48,126 INFO L273 TraceCheckUtils]: 2: Hoare triple {345#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {345#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:48,127 INFO L273 TraceCheckUtils]: 1: Hoare triple {318#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {345#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:48,128 INFO L273 TraceCheckUtils]: 0: Hoare triple {307#true} i := 0;assume j == i; {318#(<= i 0)} is VALID [2019-01-07 14:43:48,129 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 4 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2019-01-07 14:43:48,151 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 3 imperfect interpolant sequences. [2019-01-07 14:43:48,151 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 3] total 13 [2019-01-07 14:43:48,151 INFO L250 anRefinementStrategy]: Using the first two imperfect interpolant sequences [2019-01-07 14:43:48,152 INFO L78 Accepts]: Start accepts. Automaton has 14 states. Word has length 7 [2019-01-07 14:43:48,152 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-07 14:43:48,152 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 14 states. [2019-01-07 14:43:48,195 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 14 edges. 14 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:48,195 INFO L459 AbstractCegarLoop]: Interpolant automaton has 14 states [2019-01-07 14:43:48,196 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2019-01-07 14:43:48,196 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=154, Unknown=0, NotChecked=0, Total=210 [2019-01-07 14:43:48,196 INFO L87 Difference]: Start difference. First operand 8 states and 8 transitions. Second operand 14 states. [2019-01-07 14:43:48,905 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:48,905 INFO L93 Difference]: Finished difference Result 11 states and 11 transitions. [2019-01-07 14:43:48,905 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2019-01-07 14:43:48,905 INFO L78 Accepts]: Start accepts. Automaton has 14 states. Word has length 7 [2019-01-07 14:43:48,905 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-07 14:43:48,906 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 14 states. [2019-01-07 14:43:48,906 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 11 transitions. [2019-01-07 14:43:48,906 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 14 states. [2019-01-07 14:43:48,907 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 11 transitions. [2019-01-07 14:43:48,907 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 11 transitions. [2019-01-07 14:43:48,927 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:48,927 INFO L225 Difference]: With dead ends: 11 [2019-01-07 14:43:48,927 INFO L226 Difference]: Without dead ends: 9 [2019-01-07 14:43:48,928 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 0 SyntacticMatches, 5 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 56 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=82, Invalid=224, Unknown=0, NotChecked=0, Total=306 [2019-01-07 14:43:48,928 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 9 states. [2019-01-07 14:43:49,079 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 9 to 9. [2019-01-07 14:43:49,079 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-07 14:43:49,079 INFO L82 GeneralOperation]: Start isEquivalent. First operand 9 states. Second operand 9 states. [2019-01-07 14:43:49,079 INFO L74 IsIncluded]: Start isIncluded. First operand 9 states. Second operand 9 states. [2019-01-07 14:43:49,079 INFO L87 Difference]: Start difference. First operand 9 states. Second operand 9 states. [2019-01-07 14:43:49,081 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:49,081 INFO L93 Difference]: Finished difference Result 9 states and 9 transitions. [2019-01-07 14:43:49,081 INFO L276 IsEmpty]: Start isEmpty. Operand 9 states and 9 transitions. [2019-01-07 14:43:49,081 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:49,081 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:49,082 INFO L74 IsIncluded]: Start isIncluded. First operand 9 states. Second operand 9 states. [2019-01-07 14:43:49,082 INFO L87 Difference]: Start difference. First operand 9 states. Second operand 9 states. [2019-01-07 14:43:49,082 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:49,083 INFO L93 Difference]: Finished difference Result 9 states and 9 transitions. [2019-01-07 14:43:49,083 INFO L276 IsEmpty]: Start isEmpty. Operand 9 states and 9 transitions. [2019-01-07 14:43:49,083 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:49,083 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:49,083 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-07 14:43:49,083 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-07 14:43:49,084 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 9 states. [2019-01-07 14:43:49,084 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 9 transitions. [2019-01-07 14:43:49,084 INFO L78 Accepts]: Start accepts. Automaton has 9 states and 9 transitions. Word has length 7 [2019-01-07 14:43:49,085 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-07 14:43:49,085 INFO L480 AbstractCegarLoop]: Abstraction has 9 states and 9 transitions. [2019-01-07 14:43:49,085 INFO L481 AbstractCegarLoop]: Interpolant automaton has 14 states. [2019-01-07 14:43:49,085 INFO L276 IsEmpty]: Start isEmpty. Operand 9 states and 9 transitions. [2019-01-07 14:43:49,085 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 9 [2019-01-07 14:43:49,085 INFO L394 BasicCegarLoop]: Found error trace [2019-01-07 14:43:49,086 INFO L402 BasicCegarLoop]: trace histogram [5, 1, 1, 1] [2019-01-07 14:43:49,086 INFO L423 AbstractCegarLoop]: === Iteration 6 === [mainErr0ASSERT_VIOLATIONASSERT]=== [2019-01-07 14:43:49,086 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-07 14:43:49,086 INFO L82 PathProgramCache]: Analyzing trace with hash 1860894150, now seen corresponding path program 5 times [2019-01-07 14:43:49,086 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-07 14:43:49,087 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:49,087 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-07 14:43:49,087 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:49,087 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-07 14:43:49,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:49,811 WARN L181 SmtUtils]: Spent 135.00 ms on a formula simplification. DAG size of input: 61 DAG size of output: 30 [2019-01-07 14:43:49,849 INFO L273 TraceCheckUtils]: 0: Hoare triple {416#true} i := 0;assume j == i; {418#(= i 0)} is VALID [2019-01-07 14:43:49,852 INFO L273 TraceCheckUtils]: 1: Hoare triple {418#(= i 0)} assume i < n;a := a[i := 0];i := i + 1; {419#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:49,854 INFO L273 TraceCheckUtils]: 2: Hoare triple {419#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {420#(and (<= 2 i) (= 0 (select (store a i 0) 1)) (<= i 2) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:49,856 INFO L273 TraceCheckUtils]: 3: Hoare triple {420#(and (<= 2 i) (= 0 (select (store a i 0) 1)) (<= i 2) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {421#(and (<= 3 i) (= 0 (select (store a i 0) 1)) (<= i 3) (= 0 (select (store a i 0) (+ i (- 1)))) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:49,857 INFO L273 TraceCheckUtils]: 4: Hoare triple {421#(and (<= 3 i) (= 0 (select (store a i 0) 1)) (<= i 3) (= 0 (select (store a i 0) (+ i (- 1)))) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {422#(and (or (<= i 1) (and (= 0 (select (store a i 0) (+ (+ i (- 1)) (- 1)))) (= 0 (select (store a i 0) 1)) (= 0 (select (store a i 0) (+ i (- 1)))) (<= i 4))) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:49,859 INFO L273 TraceCheckUtils]: 5: Hoare triple {422#(and (or (<= i 1) (and (= 0 (select (store a i 0) (+ (+ i (- 1)) (- 1)))) (= 0 (select (store a i 0) 1)) (= 0 (select (store a i 0) (+ i (- 1)))) (<= i 4))) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {423#(and (or (<= i 1) (and (= 0 (select a (+ (+ i (- 1)) (- 1)))) (or (and (= 0 (select a 1)) (<= i 4)) (and (= 0 (select a (+ (+ (+ i (- 1)) (- 1)) (- 1)))) (= 0 (select a 1)) (<= i 5))) (= 0 (select a (+ i (- 1)))))) (= 0 (select a 0)))} is VALID [2019-01-07 14:43:49,861 INFO L273 TraceCheckUtils]: 6: Hoare triple {423#(and (or (<= i 1) (and (= 0 (select a (+ (+ i (- 1)) (- 1)))) (or (and (= 0 (select a 1)) (<= i 4)) (and (= 0 (select a (+ (+ (+ i (- 1)) (- 1)) (- 1)))) (= 0 (select a 1)) (<= i 5))) (= 0 (select a (+ i (- 1)))))) (= 0 (select a 0)))} assume !(i < n);assume 0 <= r && r < n; {424#(= 0 (select a r))} is VALID [2019-01-07 14:43:49,862 INFO L273 TraceCheckUtils]: 7: Hoare triple {424#(= 0 (select a r))} assume !(a[r] == 0); {417#false} is VALID [2019-01-07 14:43:49,863 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 0 proven. 15 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:43:49,864 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:49,864 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode ABSTRACT_INTERPRETATION [2019-01-07 14:43:49,864 INFO L189 CegarAbsIntRunner]: Skipping current iteration for AI because we have already analyzed this path program [2019-01-07 14:43:49,864 INFO L422 seRefinementStrategy]: Interpolation failed due to KNOWN_IGNORE: AbsInt can only provide a hoare triple checker if it generated fixpoints [2019-01-07 14:43:49,865 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:49,865 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode Z3_IG No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2019-01-07 14:43:49,875 INFO L103 rtionOrderModulation]: Keeping assertion order OUTSIDE_LOOP_FIRST2 [2019-01-07 14:43:49,875 INFO L289 anRefinementStrategy]: Using traceCheck mode Z3_IG with AssertCodeBlockOrder OUTSIDE_LOOP_FIRST2 (IT: FPandBP) [2019-01-07 14:43:49,882 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2019-01-07 14:43:49,883 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-01-07 14:43:49,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:49,890 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2019-01-07 14:43:49,923 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2019-01-07 14:43:49,924 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:49,932 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:49,933 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:14 [2019-01-07 14:43:49,936 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:49,937 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_23, v_i_23]. (and (<= i (+ v_i_23 1)) (<= v_i_23 0) (= a (store v_a_23 v_i_23 0))) [2019-01-07 14:43:49,937 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_23]. (and (= 0 (select a v_i_23)) (<= i (+ v_i_23 1)) (<= v_i_23 0)) [2019-01-07 14:43:49,984 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 11 [2019-01-07 14:43:49,988 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:50,007 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 2 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:50,008 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:25, output treesize:24 [2019-01-07 14:43:50,016 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:50,016 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_24, v_i_24, v_i_23]. (and (= (select v_a_24 v_i_23) 0) (<= v_i_24 (+ v_i_23 1)) (<= i (+ v_i_24 1)) (<= v_i_23 0) (= (store v_a_24 v_i_24 0) a)) [2019-01-07 14:43:50,016 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_24, v_i_23]. (and (<= v_i_24 (+ v_i_23 1)) (<= i (+ v_i_24 1)) (= 0 (select a v_i_23)) (= (select a v_i_24) 0) (<= v_i_23 0)) [2019-01-07 14:43:50,080 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 16 [2019-01-07 14:43:50,084 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:50,105 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-1 vars, End of recursive call: 3 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:50,105 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 4 variables, input treesize:35, output treesize:34 [2019-01-07 14:43:50,123 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:50,124 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_25, v_i_25, v_i_24, v_i_23]. (and (<= i (+ v_i_25 1)) (<= v_i_24 (+ v_i_23 1)) (= (select v_a_25 v_i_23) 0) (<= v_i_25 (+ v_i_24 1)) (= (store v_a_25 v_i_25 0) a) (<= v_i_23 0) (= 0 (select v_a_25 v_i_24))) [2019-01-07 14:43:50,124 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_25, v_i_24, v_i_23]. (and (<= i (+ v_i_25 1)) (= (select a v_i_25) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0)) [2019-01-07 14:43:50,204 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 22 treesize of output 21 [2019-01-07 14:43:50,208 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:50,233 INFO L267 ElimStorePlain]: Start of recursive call 1: 4 dim-0 vars, 1 dim-1 vars, End of recursive call: 4 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:50,233 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 5 variables, input treesize:45, output treesize:44 [2019-01-07 14:43:50,351 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:50,352 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_26, v_i_26, v_i_24, v_i_25, v_i_23]. (and (= 0 (select v_a_26 v_i_24)) (= (select v_a_26 v_i_25) 0) (<= v_i_24 (+ v_i_23 1)) (= (store v_a_26 v_i_26 0) a) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)) (= (select v_a_26 v_i_23) 0) (<= i (+ v_i_26 1))) [2019-01-07 14:43:50,352 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_25, v_i_26, v_i_24, v_i_23]. (and (= (select a v_i_25) 0) (= (select a v_i_26) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)) (<= i (+ v_i_26 1))) [2019-01-07 14:43:50,508 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 4 select indices, 4 select index equivalence classes, 0 disjoint index pairs (out of 6 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 26 [2019-01-07 14:43:50,511 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:50,541 INFO L267 ElimStorePlain]: Start of recursive call 1: 5 dim-0 vars, 1 dim-1 vars, End of recursive call: 5 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:50,542 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 6 variables, input treesize:55, output treesize:54 [2019-01-07 14:43:51,023 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:51,024 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_27, v_i_27, v_i_26, v_i_24, v_i_23, v_i_25]. (and (<= v_i_27 (+ v_i_26 1)) (<= v_i_24 (+ v_i_23 1)) (= (select v_a_27 v_i_26) 0) (= 0 (select v_a_27 v_i_25)) (= 0 (select v_a_27 v_i_23)) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)) (<= i (+ v_i_27 1)) (= a (store v_a_27 v_i_27 0)) (= (select v_a_27 v_i_24) 0)) [2019-01-07 14:43:51,024 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_27, v_i_26, v_i_25, v_i_24, v_i_23]. (and (<= v_i_27 (+ v_i_26 1)) (= (select a v_i_25) 0) (= (select a v_i_26) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (= 0 (select a v_i_27)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)) (<= i (+ v_i_27 1))) [2019-01-07 14:43:51,490 INFO L273 TraceCheckUtils]: 0: Hoare triple {416#true} i := 0;assume j == i; {428#(<= i 0)} is VALID [2019-01-07 14:43:51,491 INFO L273 TraceCheckUtils]: 1: Hoare triple {428#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {432#(exists ((v_i_23 Int)) (and (= 0 (select a v_i_23)) (<= i (+ v_i_23 1)) (<= v_i_23 0)))} is VALID [2019-01-07 14:43:51,494 INFO L273 TraceCheckUtils]: 2: Hoare triple {432#(exists ((v_i_23 Int)) (and (= 0 (select a v_i_23)) (<= i (+ v_i_23 1)) (<= v_i_23 0)))} assume i < n;a := a[i := 0];i := i + 1; {436#(exists ((v_i_24 Int) (v_i_23 Int)) (and (<= v_i_24 (+ v_i_23 1)) (<= i (+ v_i_24 1)) (= 0 (select a v_i_23)) (= (select a v_i_24) 0) (<= v_i_23 0)))} is VALID [2019-01-07 14:43:51,497 INFO L273 TraceCheckUtils]: 3: Hoare triple {436#(exists ((v_i_24 Int) (v_i_23 Int)) (and (<= v_i_24 (+ v_i_23 1)) (<= i (+ v_i_24 1)) (= 0 (select a v_i_23)) (= (select a v_i_24) 0) (<= v_i_23 0)))} assume i < n;a := a[i := 0];i := i + 1; {440#(exists ((v_i_24 Int) (v_i_23 Int) (v_i_25 Int)) (and (<= i (+ v_i_25 1)) (= (select a v_i_25) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0)))} is VALID [2019-01-07 14:43:51,517 INFO L273 TraceCheckUtils]: 4: Hoare triple {440#(exists ((v_i_24 Int) (v_i_23 Int) (v_i_25 Int)) (and (<= i (+ v_i_25 1)) (= (select a v_i_25) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0)))} assume i < n;a := a[i := 0];i := i + 1; {444#(exists ((v_i_24 Int) (v_i_23 Int) (v_i_26 Int) (v_i_25 Int)) (and (= (select a v_i_25) 0) (= (select a v_i_26) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)) (<= i (+ v_i_26 1))))} is VALID [2019-01-07 14:43:51,737 INFO L273 TraceCheckUtils]: 5: Hoare triple {444#(exists ((v_i_24 Int) (v_i_23 Int) (v_i_26 Int) (v_i_25 Int)) (and (= (select a v_i_25) 0) (= (select a v_i_26) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)) (<= i (+ v_i_26 1))))} assume i < n;a := a[i := 0];i := i + 1; {448#(exists ((v_i_24 Int) (v_i_23 Int) (v_i_26 Int) (v_i_25 Int) (v_i_27 Int)) (and (<= v_i_27 (+ v_i_26 1)) (= (select a v_i_25) 0) (= (select a v_i_26) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (= 0 (select a v_i_27)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)) (<= i (+ v_i_27 1))))} is VALID [2019-01-07 14:43:51,780 INFO L273 TraceCheckUtils]: 6: Hoare triple {448#(exists ((v_i_24 Int) (v_i_23 Int) (v_i_26 Int) (v_i_25 Int) (v_i_27 Int)) (and (<= v_i_27 (+ v_i_26 1)) (= (select a v_i_25) 0) (= (select a v_i_26) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (= 0 (select a v_i_27)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)) (<= i (+ v_i_27 1))))} assume !(i < n);assume 0 <= r && r < n; {452#(and (<= 0 r) (exists ((v_i_24 Int) (v_i_23 Int) (v_i_26 Int) (v_i_25 Int) (v_i_27 Int)) (and (<= v_i_27 (+ v_i_26 1)) (= (select a v_i_25) 0) (= (select a v_i_26) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (<= r v_i_27) (= 0 (select a v_i_27)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)))))} is VALID [2019-01-07 14:43:51,783 INFO L273 TraceCheckUtils]: 7: Hoare triple {452#(and (<= 0 r) (exists ((v_i_24 Int) (v_i_23 Int) (v_i_26 Int) (v_i_25 Int) (v_i_27 Int)) (and (<= v_i_27 (+ v_i_26 1)) (= (select a v_i_25) 0) (= (select a v_i_26) 0) (<= v_i_24 (+ v_i_23 1)) (= 0 (select a v_i_23)) (<= r v_i_27) (= 0 (select a v_i_27)) (= (select a v_i_24) 0) (<= v_i_25 (+ v_i_24 1)) (<= v_i_23 0) (<= v_i_26 (+ v_i_25 1)))))} assume !(a[r] == 0); {417#false} is VALID [2019-01-07 14:43:51,785 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 0 proven. 15 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:43:51,785 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2019-01-07 14:43:56,126 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2019-01-07 14:43:56,128 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:56,140 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-01-07 14:43:56,141 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:7 [2019-01-07 14:43:56,157 INFO L273 TraceCheckUtils]: 7: Hoare triple {424#(= 0 (select a r))} assume !(a[r] == 0); {417#false} is VALID [2019-01-07 14:43:56,158 INFO L273 TraceCheckUtils]: 6: Hoare triple {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume !(i < n);assume 0 <= r && r < n; {424#(= 0 (select a r))} is VALID [2019-01-07 14:43:56,159 INFO L273 TraceCheckUtils]: 5: Hoare triple {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:56,161 INFO L273 TraceCheckUtils]: 4: Hoare triple {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:56,163 INFO L273 TraceCheckUtils]: 3: Hoare triple {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:56,165 INFO L273 TraceCheckUtils]: 2: Hoare triple {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:56,167 INFO L273 TraceCheckUtils]: 1: Hoare triple {428#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {459#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:43:56,168 INFO L273 TraceCheckUtils]: 0: Hoare triple {416#true} i := 0;assume j == i; {428#(<= i 0)} is VALID [2019-01-07 14:43:56,169 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 0 proven. 5 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2019-01-07 14:43:56,191 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 3 imperfect interpolant sequences. [2019-01-07 14:43:56,191 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 7, 3] total 15 [2019-01-07 14:43:56,191 INFO L250 anRefinementStrategy]: Using the first two imperfect interpolant sequences [2019-01-07 14:43:56,192 INFO L78 Accepts]: Start accepts. Automaton has 16 states. Word has length 8 [2019-01-07 14:43:56,192 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-07 14:43:56,192 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 16 states. [2019-01-07 14:43:56,357 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 16 edges. 16 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:56,357 INFO L459 AbstractCegarLoop]: Interpolant automaton has 16 states [2019-01-07 14:43:56,357 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2019-01-07 14:43:56,357 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=75, Invalid=197, Unknown=0, NotChecked=0, Total=272 [2019-01-07 14:43:56,358 INFO L87 Difference]: Start difference. First operand 9 states and 9 transitions. Second operand 16 states. [2019-01-07 14:43:57,527 WARN L181 SmtUtils]: Spent 167.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 56 [2019-01-07 14:43:57,570 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:57,570 INFO L93 Difference]: Finished difference Result 12 states and 12 transitions. [2019-01-07 14:43:57,570 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2019-01-07 14:43:57,570 INFO L78 Accepts]: Start accepts. Automaton has 16 states. Word has length 8 [2019-01-07 14:43:57,571 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-07 14:43:57,571 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 16 states. [2019-01-07 14:43:57,572 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 12 transitions. [2019-01-07 14:43:57,573 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 16 states. [2019-01-07 14:43:57,573 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 12 transitions. [2019-01-07 14:43:57,574 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 12 transitions. [2019-01-07 14:43:57,638 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 12 edges. 12 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:43:57,639 INFO L225 Difference]: With dead ends: 12 [2019-01-07 14:43:57,639 INFO L226 Difference]: Without dead ends: 10 [2019-01-07 14:43:57,641 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 0 SyntacticMatches, 6 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 54 ImplicationChecksByTransitivity, 5.7s TimeCoverageRelationStatistics Valid=92, Invalid=250, Unknown=0, NotChecked=0, Total=342 [2019-01-07 14:43:57,641 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 10 states. [2019-01-07 14:43:57,749 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 10 to 10. [2019-01-07 14:43:57,750 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-07 14:43:57,750 INFO L82 GeneralOperation]: Start isEquivalent. First operand 10 states. Second operand 10 states. [2019-01-07 14:43:57,750 INFO L74 IsIncluded]: Start isIncluded. First operand 10 states. Second operand 10 states. [2019-01-07 14:43:57,750 INFO L87 Difference]: Start difference. First operand 10 states. Second operand 10 states. [2019-01-07 14:43:57,751 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:57,751 INFO L93 Difference]: Finished difference Result 10 states and 10 transitions. [2019-01-07 14:43:57,751 INFO L276 IsEmpty]: Start isEmpty. Operand 10 states and 10 transitions. [2019-01-07 14:43:57,752 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:57,752 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:57,752 INFO L74 IsIncluded]: Start isIncluded. First operand 10 states. Second operand 10 states. [2019-01-07 14:43:57,752 INFO L87 Difference]: Start difference. First operand 10 states. Second operand 10 states. [2019-01-07 14:43:57,753 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:43:57,753 INFO L93 Difference]: Finished difference Result 10 states and 10 transitions. [2019-01-07 14:43:57,753 INFO L276 IsEmpty]: Start isEmpty. Operand 10 states and 10 transitions. [2019-01-07 14:43:57,753 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:43:57,754 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:43:57,754 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-07 14:43:57,754 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-07 14:43:57,754 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10 states. [2019-01-07 14:43:57,755 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 10 transitions. [2019-01-07 14:43:57,755 INFO L78 Accepts]: Start accepts. Automaton has 10 states and 10 transitions. Word has length 8 [2019-01-07 14:43:57,755 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-07 14:43:57,756 INFO L480 AbstractCegarLoop]: Abstraction has 10 states and 10 transitions. [2019-01-07 14:43:57,756 INFO L481 AbstractCegarLoop]: Interpolant automaton has 16 states. [2019-01-07 14:43:57,756 INFO L276 IsEmpty]: Start isEmpty. Operand 10 states and 10 transitions. [2019-01-07 14:43:57,756 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 10 [2019-01-07 14:43:57,756 INFO L394 BasicCegarLoop]: Found error trace [2019-01-07 14:43:57,756 INFO L402 BasicCegarLoop]: trace histogram [6, 1, 1, 1] [2019-01-07 14:43:57,757 INFO L423 AbstractCegarLoop]: === Iteration 7 === [mainErr0ASSERT_VIOLATIONASSERT]=== [2019-01-07 14:43:57,757 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-07 14:43:57,757 INFO L82 PathProgramCache]: Analyzing trace with hash 1853141856, now seen corresponding path program 6 times [2019-01-07 14:43:57,757 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-07 14:43:57,758 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:57,758 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2019-01-07 14:43:57,758 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:43:57,758 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-07 14:43:57,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:58,448 WARN L181 SmtUtils]: Spent 120.00 ms on a formula simplification. DAG size of input: 74 DAG size of output: 29 [2019-01-07 14:43:58,715 WARN L181 SmtUtils]: Spent 189.00 ms on a formula simplification. DAG size of input: 88 DAG size of output: 37 [2019-01-07 14:43:58,751 INFO L273 TraceCheckUtils]: 0: Hoare triple {537#true} i := 0;assume j == i; {539#(= i 0)} is VALID [2019-01-07 14:43:58,752 INFO L273 TraceCheckUtils]: 1: Hoare triple {539#(= i 0)} assume i < n;a := a[i := 0];i := i + 1; {540#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:58,754 INFO L273 TraceCheckUtils]: 2: Hoare triple {540#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {541#(and (<= 2 i) (= 0 (select (store a i 0) 1)) (<= i 2) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:58,756 INFO L273 TraceCheckUtils]: 3: Hoare triple {541#(and (<= 2 i) (= 0 (select (store a i 0) 1)) (<= i 2) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {542#(and (<= 3 i) (= 0 (select (store a i 0) 1)) (<= i 3) (= 0 (select (store a i 0) (+ i (- 1)))) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:58,758 INFO L273 TraceCheckUtils]: 4: Hoare triple {542#(and (<= 3 i) (= 0 (select (store a i 0) 1)) (<= i 3) (= 0 (select (store a i 0) (+ i (- 1)))) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {543#(and (= 0 (select (store a i 0) (+ (+ i (- 1)) (- 1)))) (= 0 (select (store a i 0) 1)) (= 0 (select (store a i 0) (+ i (- 1)))) (<= 4 i) (<= i 4) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:58,760 INFO L273 TraceCheckUtils]: 5: Hoare triple {543#(and (= 0 (select (store a i 0) (+ (+ i (- 1)) (- 1)))) (= 0 (select (store a i 0) 1)) (= 0 (select (store a i 0) (+ i (- 1)))) (<= 4 i) (<= i 4) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {544#(and (or (and (= 0 (select (store a i 0) (+ 3 (- 1)))) (= 0 (select (store a i 0) 1)) (or (and (= 0 (select (store a i 0) (+ 3 1))) (= 0 (select (store a i 0) (+ (+ 3 1) (- 1)))) (<= i 5)) (<= i 3))) (<= i 1)) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:43:58,762 INFO L273 TraceCheckUtils]: 6: Hoare triple {544#(and (or (and (= 0 (select (store a i 0) (+ 3 (- 1)))) (= 0 (select (store a i 0) 1)) (or (and (= 0 (select (store a i 0) (+ 3 1))) (= 0 (select (store a i 0) (+ (+ 3 1) (- 1)))) (<= i 5)) (<= i 3))) (<= i 1)) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {545#(and (or (<= i 1) (and (or (and (<= i 6) (= 0 (select a (+ i (- 1)))) (= 0 (select a (+ 3 1))) (= 0 (select a (+ (+ 3 1) (- 1))))) (and (<= i 4) (= 0 (select a (+ (+ 3 1) (- 1)))))) (= 0 (select a 1)) (= 0 (select a (+ 3 (- 1))))) (and (<= i 3) (= 0 (select a 1)) (= 0 (select a (+ i (- 1)))))) (= 0 (select a 0)))} is VALID [2019-01-07 14:43:58,764 INFO L273 TraceCheckUtils]: 7: Hoare triple {545#(and (or (<= i 1) (and (or (and (<= i 6) (= 0 (select a (+ i (- 1)))) (= 0 (select a (+ 3 1))) (= 0 (select a (+ (+ 3 1) (- 1))))) (and (<= i 4) (= 0 (select a (+ (+ 3 1) (- 1)))))) (= 0 (select a 1)) (= 0 (select a (+ 3 (- 1))))) (and (<= i 3) (= 0 (select a 1)) (= 0 (select a (+ i (- 1)))))) (= 0 (select a 0)))} assume !(i < n);assume 0 <= r && r < n; {546#(= 0 (select a r))} is VALID [2019-01-07 14:43:58,765 INFO L273 TraceCheckUtils]: 8: Hoare triple {546#(= 0 (select a r))} assume !(a[r] == 0); {538#false} is VALID [2019-01-07 14:43:58,766 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 21 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:43:58,766 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:58,767 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode ABSTRACT_INTERPRETATION [2019-01-07 14:43:58,767 INFO L189 CegarAbsIntRunner]: Skipping current iteration for AI because we have already analyzed this path program [2019-01-07 14:43:58,767 INFO L422 seRefinementStrategy]: Interpolation failed due to KNOWN_IGNORE: AbsInt can only provide a hoare triple checker if it generated fixpoints [2019-01-07 14:43:58,767 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:43:58,767 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode Z3_IG No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2019-01-07 14:43:58,778 INFO L103 rtionOrderModulation]: Keeping assertion order TERMS_WITH_SMALL_CONSTANTS_FIRST [2019-01-07 14:43:58,778 INFO L289 anRefinementStrategy]: Using traceCheck mode Z3_IG with AssertCodeBlockOrder TERMS_WITH_SMALL_CONSTANTS_FIRST (IT: FPandBP) [2019-01-07 14:43:58,798 INFO L249 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2019-01-07 14:43:58,798 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2019-01-07 14:43:58,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:43:58,810 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2019-01-07 14:43:58,861 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2019-01-07 14:43:58,862 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:58,871 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:58,871 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:14 [2019-01-07 14:43:58,874 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:58,874 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_33, v_i_33]. (and (<= i (+ v_i_33 1)) (<= v_i_33 0) (= a (store v_a_33 v_i_33 0))) [2019-01-07 14:43:58,875 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_33]. (and (<= i (+ v_i_33 1)) (<= v_i_33 0) (= (select a v_i_33) 0)) [2019-01-07 14:43:58,923 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 11 [2019-01-07 14:43:58,925 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:58,939 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 2 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:58,940 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:25, output treesize:24 [2019-01-07 14:43:58,946 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:58,947 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_34, v_i_34, v_i_33]. (and (<= v_i_34 (+ v_i_33 1)) (<= v_i_33 0) (= (store v_a_34 v_i_34 0) a) (<= i (+ v_i_34 1)) (= (select v_a_34 v_i_33) 0)) [2019-01-07 14:43:58,947 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_34, v_i_33]. (and (<= v_i_34 (+ v_i_33 1)) (= (select a v_i_34) 0) (<= v_i_33 0) (= (select a v_i_33) 0) (<= i (+ v_i_34 1))) [2019-01-07 14:43:59,006 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 16 [2019-01-07 14:43:59,008 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:59,028 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-1 vars, End of recursive call: 3 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:59,028 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 4 variables, input treesize:35, output treesize:34 [2019-01-07 14:43:59,042 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:59,042 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_35, v_i_35, v_i_34, v_i_33]. (and (<= v_i_34 (+ v_i_33 1)) (= (select v_a_35 v_i_33) 0) (<= i (+ v_i_35 1)) (= 0 (select v_a_35 v_i_34)) (<= v_i_33 0) (= (store v_a_35 v_i_35 0) a) (<= v_i_35 (+ v_i_34 1))) [2019-01-07 14:43:59,042 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_34, v_i_33, v_i_35]. (and (<= v_i_34 (+ v_i_33 1)) (<= i (+ v_i_35 1)) (= (select a v_i_34) 0) (= (select a v_i_35) 0) (<= v_i_33 0) (= (select a v_i_33) 0) (<= v_i_35 (+ v_i_34 1))) [2019-01-07 14:43:59,123 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 22 treesize of output 21 [2019-01-07 14:43:59,132 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:59,154 INFO L267 ElimStorePlain]: Start of recursive call 1: 4 dim-0 vars, 1 dim-1 vars, End of recursive call: 4 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:59,155 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 5 variables, input treesize:45, output treesize:44 [2019-01-07 14:43:59,263 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:43:59,263 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_36, v_i_36, v_i_34, v_i_33, v_i_35]. (and (<= v_i_34 (+ v_i_33 1)) (<= v_i_36 (+ v_i_35 1)) (= (select v_a_36 v_i_34) 0) (= a (store v_a_36 v_i_36 0)) (= (select v_a_36 v_i_35) 0) (= (select v_a_36 v_i_33) 0) (<= v_i_33 0) (<= v_i_35 (+ v_i_34 1)) (<= i (+ v_i_36 1))) [2019-01-07 14:43:59,264 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_34, v_i_33, v_i_36, v_i_35]. (and (<= v_i_34 (+ v_i_33 1)) (<= v_i_36 (+ v_i_35 1)) (= (select a v_i_34) 0) (= (select a v_i_35) 0) (<= v_i_33 0) (= (select a v_i_33) 0) (<= v_i_35 (+ v_i_34 1)) (<= i (+ v_i_36 1)) (= (select a v_i_36) 0)) [2019-01-07 14:43:59,428 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 4 select indices, 4 select index equivalence classes, 0 disjoint index pairs (out of 6 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 26 [2019-01-07 14:43:59,432 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:43:59,473 INFO L267 ElimStorePlain]: Start of recursive call 1: 5 dim-0 vars, 1 dim-1 vars, End of recursive call: 5 dim-0 vars, and 1 xjuncts. [2019-01-07 14:43:59,474 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 6 variables, input treesize:55, output treesize:54 [2019-01-07 14:44:00,728 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:44:00,729 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_37, v_i_37, v_i_35, v_i_33, v_i_36, v_i_34]. (and (= (select v_a_37 v_i_35) 0) (= (select v_a_37 v_i_33) 0) (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (<= v_i_33 0) (= (select v_a_37 v_i_36) 0) (<= i (+ v_i_37 1)) (<= v_i_37 (+ v_i_36 1)) (= (select v_a_37 v_i_34) 0) (<= v_i_35 (+ v_i_34 1)) (= a (store v_a_37 v_i_37 0))) [2019-01-07 14:44:00,729 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_36, v_i_35, v_i_34, v_i_33, v_i_37]. (and (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (= (select a v_i_34) 0) (= (select a v_i_35) 0) (= (select a v_i_37) 0) (<= v_i_33 0) (= (select a v_i_33) 0) (<= i (+ v_i_37 1)) (<= v_i_37 (+ v_i_36 1)) (<= v_i_35 (+ v_i_34 1)) (= (select a v_i_36) 0)) [2019-01-07 14:44:01,091 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 5 select indices, 5 select index equivalence classes, 0 disjoint index pairs (out of 10 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 32 treesize of output 31 [2019-01-07 14:44:01,093 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:44:01,138 INFO L267 ElimStorePlain]: Start of recursive call 1: 6 dim-0 vars, 1 dim-1 vars, End of recursive call: 6 dim-0 vars, and 1 xjuncts. [2019-01-07 14:44:01,138 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 7 variables, input treesize:65, output treesize:64 [2019-01-07 14:44:03,194 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:44:03,195 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_38, v_i_38, v_i_34, v_i_37, v_i_35, v_i_33, v_i_36]. (and (= (select v_a_38 v_i_34) 0) (= (select v_a_38 v_i_37) 0) (<= v_i_35 (+ v_i_34 1)) (= 0 (select v_a_38 v_i_33)) (<= i (+ v_i_38 1)) (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (= (select v_a_38 v_i_36) 0) (<= v_i_38 (+ v_i_37 1)) (= (select v_a_38 v_i_35) 0) (<= v_i_33 0) (<= v_i_37 (+ v_i_36 1)) (= a (store v_a_38 v_i_38 0))) [2019-01-07 14:44:03,195 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_34, v_i_35, v_i_38, v_i_36, v_i_33, v_i_37]. (and (= (select a v_i_34) 0) (<= v_i_35 (+ v_i_34 1)) (<= i (+ v_i_38 1)) (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (<= v_i_38 (+ v_i_37 1)) (= (select a v_i_35) 0) (= (select a v_i_37) 0) (<= v_i_33 0) (= (select a v_i_33) 0) (<= v_i_37 (+ v_i_36 1)) (= (select a v_i_38) 0) (= (select a v_i_36) 0)) [2019-01-07 14:44:09,535 INFO L273 TraceCheckUtils]: 0: Hoare triple {537#true} i := 0;assume j == i; {550#(<= i 0)} is VALID [2019-01-07 14:44:09,536 INFO L273 TraceCheckUtils]: 1: Hoare triple {550#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {554#(exists ((v_i_33 Int)) (and (<= i (+ v_i_33 1)) (= (select a v_i_33) 0) (<= v_i_33 0)))} is VALID [2019-01-07 14:44:09,538 INFO L273 TraceCheckUtils]: 2: Hoare triple {554#(exists ((v_i_33 Int)) (and (<= i (+ v_i_33 1)) (= (select a v_i_33) 0) (<= v_i_33 0)))} assume i < n;a := a[i := 0];i := i + 1; {558#(exists ((v_i_33 Int) (v_i_34 Int)) (and (<= v_i_34 (+ v_i_33 1)) (= (select a v_i_34) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= i (+ v_i_34 1))))} is VALID [2019-01-07 14:44:09,541 INFO L273 TraceCheckUtils]: 3: Hoare triple {558#(exists ((v_i_33 Int) (v_i_34 Int)) (and (<= v_i_34 (+ v_i_33 1)) (= (select a v_i_34) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= i (+ v_i_34 1))))} assume i < n;a := a[i := 0];i := i + 1; {562#(exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int)) (and (<= v_i_34 (+ v_i_33 1)) (<= i (+ v_i_35 1)) (= (select a v_i_34) 0) (= (select a v_i_35) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= v_i_35 (+ v_i_34 1))))} is VALID [2019-01-07 14:44:09,557 INFO L273 TraceCheckUtils]: 4: Hoare triple {562#(exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int)) (and (<= v_i_34 (+ v_i_33 1)) (<= i (+ v_i_35 1)) (= (select a v_i_34) 0) (= (select a v_i_35) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= v_i_35 (+ v_i_34 1))))} assume i < n;a := a[i := 0];i := i + 1; {566#(exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int) (v_i_36 Int)) (and (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (= (select a v_i_34) 0) (= (select a v_i_35) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= v_i_35 (+ v_i_34 1)) (= (select a v_i_36) 0) (<= i (+ v_i_36 1))))} is VALID [2019-01-07 14:44:09,621 INFO L273 TraceCheckUtils]: 5: Hoare triple {566#(exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int) (v_i_36 Int)) (and (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (= (select a v_i_34) 0) (= (select a v_i_35) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= v_i_35 (+ v_i_34 1)) (= (select a v_i_36) 0) (<= i (+ v_i_36 1))))} assume i < n;a := a[i := 0];i := i + 1; {570#(exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int) (v_i_37 Int) (v_i_36 Int)) (and (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (= (select a v_i_34) 0) (= (select a v_i_35) 0) (= (select a v_i_37) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= i (+ v_i_37 1)) (<= v_i_37 (+ v_i_36 1)) (<= v_i_35 (+ v_i_34 1)) (= (select a v_i_36) 0)))} is VALID [2019-01-07 14:44:11,633 INFO L273 TraceCheckUtils]: 6: Hoare triple {570#(exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int) (v_i_37 Int) (v_i_36 Int)) (and (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (= (select a v_i_34) 0) (= (select a v_i_35) 0) (= (select a v_i_37) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= i (+ v_i_37 1)) (<= v_i_37 (+ v_i_36 1)) (<= v_i_35 (+ v_i_34 1)) (= (select a v_i_36) 0)))} assume i < n;a := a[i := 0];i := i + 1; {574#(exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int) (v_i_37 Int) (v_i_36 Int) (v_i_38 Int)) (and (= (select a v_i_34) 0) (<= v_i_35 (+ v_i_34 1)) (<= i (+ v_i_38 1)) (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (<= v_i_38 (+ v_i_37 1)) (= (select a v_i_35) 0) (= (select a v_i_37) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (= (select a v_i_38) 0) (<= v_i_37 (+ v_i_36 1)) (= (select a v_i_36) 0)))} is UNKNOWN [2019-01-07 14:44:12,316 INFO L273 TraceCheckUtils]: 7: Hoare triple {574#(exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int) (v_i_37 Int) (v_i_36 Int) (v_i_38 Int)) (and (= (select a v_i_34) 0) (<= v_i_35 (+ v_i_34 1)) (<= i (+ v_i_38 1)) (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (<= v_i_38 (+ v_i_37 1)) (= (select a v_i_35) 0) (= (select a v_i_37) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (= (select a v_i_38) 0) (<= v_i_37 (+ v_i_36 1)) (= (select a v_i_36) 0)))} assume !(i < n);assume 0 <= r && r < n; {578#(and (<= 0 r) (exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int) (v_i_37 Int) (v_i_36 Int) (v_i_38 Int)) (and (= (select a v_i_34) 0) (<= v_i_35 (+ v_i_34 1)) (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (<= v_i_38 (+ v_i_37 1)) (= (select a v_i_35) 0) (= (select a v_i_37) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= r v_i_38) (= (select a v_i_38) 0) (<= v_i_37 (+ v_i_36 1)) (= (select a v_i_36) 0))))} is VALID [2019-01-07 14:44:12,329 INFO L273 TraceCheckUtils]: 8: Hoare triple {578#(and (<= 0 r) (exists ((v_i_33 Int) (v_i_35 Int) (v_i_34 Int) (v_i_37 Int) (v_i_36 Int) (v_i_38 Int)) (and (= (select a v_i_34) 0) (<= v_i_35 (+ v_i_34 1)) (<= v_i_36 (+ v_i_35 1)) (<= v_i_34 (+ v_i_33 1)) (<= v_i_38 (+ v_i_37 1)) (= (select a v_i_35) 0) (= (select a v_i_37) 0) (= (select a v_i_33) 0) (<= v_i_33 0) (<= r v_i_38) (= (select a v_i_38) 0) (<= v_i_37 (+ v_i_36 1)) (= (select a v_i_36) 0))))} assume !(a[r] == 0); {538#false} is VALID [2019-01-07 14:44:12,330 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 21 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:44:12,330 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2019-01-07 14:44:17,158 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2019-01-07 14:44:17,159 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:44:17,171 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-01-07 14:44:17,171 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:7 [2019-01-07 14:44:17,185 INFO L273 TraceCheckUtils]: 8: Hoare triple {546#(= 0 (select a r))} assume !(a[r] == 0); {538#false} is VALID [2019-01-07 14:44:17,186 INFO L273 TraceCheckUtils]: 7: Hoare triple {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume !(i < n);assume 0 <= r && r < n; {546#(= 0 (select a r))} is VALID [2019-01-07 14:44:17,187 INFO L273 TraceCheckUtils]: 6: Hoare triple {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:44:17,189 INFO L273 TraceCheckUtils]: 5: Hoare triple {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:44:17,191 INFO L273 TraceCheckUtils]: 4: Hoare triple {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:44:17,192 INFO L273 TraceCheckUtils]: 3: Hoare triple {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:44:17,193 INFO L273 TraceCheckUtils]: 2: Hoare triple {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:44:17,195 INFO L273 TraceCheckUtils]: 1: Hoare triple {550#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {585#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:44:17,195 INFO L273 TraceCheckUtils]: 0: Hoare triple {537#true} i := 0;assume j == i; {550#(<= i 0)} is VALID [2019-01-07 14:44:17,196 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 6 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2019-01-07 14:44:17,218 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 3 imperfect interpolant sequences. [2019-01-07 14:44:17,218 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8, 3] total 17 [2019-01-07 14:44:17,218 INFO L250 anRefinementStrategy]: Using the first two imperfect interpolant sequences [2019-01-07 14:44:17,218 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 9 [2019-01-07 14:44:17,219 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-07 14:44:17,219 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 18 states. [2019-01-07 14:44:20,143 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 18 edges. 17 inductive. 0 not inductive. 1 times theorem prover too weak to decide inductivity. [2019-01-07 14:44:20,143 INFO L459 AbstractCegarLoop]: Interpolant automaton has 18 states [2019-01-07 14:44:20,144 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2019-01-07 14:44:20,144 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=94, Invalid=248, Unknown=0, NotChecked=0, Total=342 [2019-01-07 14:44:20,144 INFO L87 Difference]: Start difference. First operand 10 states and 10 transitions. Second operand 18 states. [2019-01-07 14:44:20,877 WARN L181 SmtUtils]: Spent 235.00 ms on a formula simplification. DAG size of input: 80 DAG size of output: 29 [2019-01-07 14:44:28,714 WARN L181 SmtUtils]: Spent 860.00 ms on a formula simplification. DAG size of input: 69 DAG size of output: 67 [2019-01-07 14:44:28,794 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:44:28,794 INFO L93 Difference]: Finished difference Result 13 states and 13 transitions. [2019-01-07 14:44:28,794 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2019-01-07 14:44:28,795 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 9 [2019-01-07 14:44:28,795 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2019-01-07 14:44:28,795 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 18 states. [2019-01-07 14:44:28,796 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 13 transitions. [2019-01-07 14:44:28,796 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 18 states. [2019-01-07 14:44:28,797 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 13 transitions. [2019-01-07 14:44:28,797 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 13 transitions. [2019-01-07 14:44:29,443 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 13 edges. 13 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2019-01-07 14:44:29,444 INFO L225 Difference]: With dead ends: 13 [2019-01-07 14:44:29,444 INFO L226 Difference]: Without dead ends: 11 [2019-01-07 14:44:29,445 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 26 GetRequests, 0 SyntacticMatches, 7 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 61 ImplicationChecksByTransitivity, 15.8s TimeCoverageRelationStatistics Valid=112, Invalid=307, Unknown=1, NotChecked=0, Total=420 [2019-01-07 14:44:29,445 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11 states. [2019-01-07 14:44:29,537 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11 to 11. [2019-01-07 14:44:29,537 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2019-01-07 14:44:29,537 INFO L82 GeneralOperation]: Start isEquivalent. First operand 11 states. Second operand 11 states. [2019-01-07 14:44:29,538 INFO L74 IsIncluded]: Start isIncluded. First operand 11 states. Second operand 11 states. [2019-01-07 14:44:29,538 INFO L87 Difference]: Start difference. First operand 11 states. Second operand 11 states. [2019-01-07 14:44:29,539 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:44:29,539 INFO L93 Difference]: Finished difference Result 11 states and 11 transitions. [2019-01-07 14:44:29,539 INFO L276 IsEmpty]: Start isEmpty. Operand 11 states and 11 transitions. [2019-01-07 14:44:29,540 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:44:29,540 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:44:29,540 INFO L74 IsIncluded]: Start isIncluded. First operand 11 states. Second operand 11 states. [2019-01-07 14:44:29,540 INFO L87 Difference]: Start difference. First operand 11 states. Second operand 11 states. [2019-01-07 14:44:29,541 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2019-01-07 14:44:29,541 INFO L93 Difference]: Finished difference Result 11 states and 11 transitions. [2019-01-07 14:44:29,541 INFO L276 IsEmpty]: Start isEmpty. Operand 11 states and 11 transitions. [2019-01-07 14:44:29,541 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2019-01-07 14:44:29,541 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2019-01-07 14:44:29,541 INFO L88 GeneralOperation]: Finished isEquivalent. [2019-01-07 14:44:29,542 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2019-01-07 14:44:29,542 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 11 states. [2019-01-07 14:44:29,542 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 11 transitions. [2019-01-07 14:44:29,542 INFO L78 Accepts]: Start accepts. Automaton has 11 states and 11 transitions. Word has length 9 [2019-01-07 14:44:29,543 INFO L84 Accepts]: Finished accepts. word is rejected. [2019-01-07 14:44:29,543 INFO L480 AbstractCegarLoop]: Abstraction has 11 states and 11 transitions. [2019-01-07 14:44:29,543 INFO L481 AbstractCegarLoop]: Interpolant automaton has 18 states. [2019-01-07 14:44:29,543 INFO L276 IsEmpty]: Start isEmpty. Operand 11 states and 11 transitions. [2019-01-07 14:44:29,543 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 11 [2019-01-07 14:44:29,543 INFO L394 BasicCegarLoop]: Found error trace [2019-01-07 14:44:29,544 INFO L402 BasicCegarLoop]: trace histogram [7, 1, 1, 1] [2019-01-07 14:44:29,544 INFO L423 AbstractCegarLoop]: === Iteration 8 === [mainErr0ASSERT_VIOLATIONASSERT]=== [2019-01-07 14:44:29,544 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2019-01-07 14:44:29,544 INFO L82 PathProgramCache]: Analyzing trace with hash 1612820742, now seen corresponding path program 7 times [2019-01-07 14:44:29,544 INFO L69 tionRefinementEngine]: Using refinement strategy TaipanRefinementStrategy [2019-01-07 14:44:29,545 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:44:29,545 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2019-01-07 14:44:29,545 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2019-01-07 14:44:29,545 INFO L289 anRefinementStrategy]: Using traceCheck mode SMTINTERPOL with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: Craig_TreeInterpolation) [2019-01-07 14:44:29,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:44:30,169 WARN L181 SmtUtils]: Spent 151.00 ms on a formula simplification. DAG size of input: 45 DAG size of output: 25 [2019-01-07 14:44:30,431 WARN L181 SmtUtils]: Spent 136.00 ms on a formula simplification. DAG size of input: 58 DAG size of output: 30 [2019-01-07 14:44:30,753 WARN L181 SmtUtils]: Spent 216.00 ms on a formula simplification. DAG size of input: 103 DAG size of output: 49 [2019-01-07 14:44:31,159 WARN L181 SmtUtils]: Spent 277.00 ms on a formula simplification. DAG size of input: 131 DAG size of output: 52 [2019-01-07 14:44:31,207 INFO L273 TraceCheckUtils]: 0: Hoare triple {672#true} i := 0;assume j == i; {674#(= 0 i)} is VALID [2019-01-07 14:44:31,208 INFO L273 TraceCheckUtils]: 1: Hoare triple {674#(= 0 i)} assume i < n;a := a[i := 0];i := i + 1; {675#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:44:31,210 INFO L273 TraceCheckUtils]: 2: Hoare triple {675#(and (<= i 1) (<= 1 i) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {676#(and (<= i 2) (or (and (<= 2 i) (= 0 (select (store a i 0) 0))) (= i 0)) (or (<= i 1) (= 0 (select (store a i 0) 1))))} is VALID [2019-01-07 14:44:31,212 INFO L273 TraceCheckUtils]: 3: Hoare triple {676#(and (<= i 2) (or (and (<= 2 i) (= 0 (select (store a i 0) 0))) (= i 0)) (or (<= i 1) (= 0 (select (store a i 0) 1))))} assume i < n;a := a[i := 0];i := i + 1; {677#(and (<= 1 i) (= 0 (select (store a i 0) 1)) (<= i 3) (= 0 (select (store a i 0) (+ i (- 1)))) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:44:31,214 INFO L273 TraceCheckUtils]: 4: Hoare triple {677#(and (<= 1 i) (= 0 (select (store a i 0) 1)) (<= i 3) (= 0 (select (store a i 0) (+ i (- 1)))) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {678#(and (<= 2 i) (= 0 (select (store a i 0) 1)) (= 0 (select (store a i 0) (+ (+ 2 1) (- 1)))) (= 0 (select (store a i 0) (+ i (- 1)))) (<= i 4) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:44:31,216 INFO L273 TraceCheckUtils]: 5: Hoare triple {678#(and (<= 2 i) (= 0 (select (store a i 0) 1)) (= 0 (select (store a i 0) (+ (+ 2 1) (- 1)))) (= 0 (select (store a i 0) (+ i (- 1)))) (<= i 4) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {679#(and (= 0 (select (store a i 0) (+ (+ i (- 1)) (- 1)))) (<= 3 i) (= 0 (select (store a i 0) 1)) (= 0 (select (store a i 0) (+ i (- 1)))) (= 0 (select (store a i 0) (+ (+ 2 1) (- 1)))) (<= i 5) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:44:31,220 INFO L273 TraceCheckUtils]: 6: Hoare triple {679#(and (= 0 (select (store a i 0) (+ (+ i (- 1)) (- 1)))) (<= 3 i) (= 0 (select (store a i 0) 1)) (= 0 (select (store a i 0) (+ i (- 1)))) (= 0 (select (store a i 0) (+ (+ 2 1) (- 1)))) (<= i 5) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {680#(and (or (<= i 1) (and (= 0 (select (store a i 0) (+ 2 2))) (= 0 (select (store a i 0) 1)) (<= i 6) (= 0 (select (store a i 0) (+ (+ 2 2) (- 1)))) (= 0 (select (store a i 0) (+ (+ 2 1) (- 1)))) (= 0 (select (store a i 0) (+ (+ 2 2) 1)))) (and (or (<= i 3) (and (= 0 (select (store a i 0) (+ 1 2))) (<= i 4))) (= 0 (select (store a i 0) (+ (+ 1 1) (- 1)))) (= 0 (select (store a i 0) (+ (+ 1 2) (- 1)))))) (= 0 (select (store a i 0) 0)))} is VALID [2019-01-07 14:44:31,223 INFO L273 TraceCheckUtils]: 7: Hoare triple {680#(and (or (<= i 1) (and (= 0 (select (store a i 0) (+ 2 2))) (= 0 (select (store a i 0) 1)) (<= i 6) (= 0 (select (store a i 0) (+ (+ 2 2) (- 1)))) (= 0 (select (store a i 0) (+ (+ 2 1) (- 1)))) (= 0 (select (store a i 0) (+ (+ 2 2) 1)))) (and (or (<= i 3) (and (= 0 (select (store a i 0) (+ 1 2))) (<= i 4))) (= 0 (select (store a i 0) (+ (+ 1 1) (- 1)))) (= 0 (select (store a i 0) (+ (+ 1 2) (- 1)))))) (= 0 (select (store a i 0) 0)))} assume i < n;a := a[i := 0];i := i + 1; {681#(and (= 0 (select a 0)) (or (<= i 1) (and (= 0 (select a (+ (+ 1 1) (- 1)))) (or (and (= 0 (select a (+ 1 1))) (= 0 (select a (+ (+ 1 1) 1))) (<= i 5)) (<= i 3)) (= 0 (select a (+ i (- 1))))) (and (<= i 7) (= 0 (select a (+ 2 2))) (= 0 (select a (+ (+ 2 2) (- 1)))) (= 0 (select a 1)) (= 0 (select a (+ i (- 1)))) (= 0 (select a (+ (+ 2 2) 1))) (= 0 (select a (+ (+ 2 1) (- 1)))))))} is VALID [2019-01-07 14:44:31,226 INFO L273 TraceCheckUtils]: 8: Hoare triple {681#(and (= 0 (select a 0)) (or (<= i 1) (and (= 0 (select a (+ (+ 1 1) (- 1)))) (or (and (= 0 (select a (+ 1 1))) (= 0 (select a (+ (+ 1 1) 1))) (<= i 5)) (<= i 3)) (= 0 (select a (+ i (- 1))))) (and (<= i 7) (= 0 (select a (+ 2 2))) (= 0 (select a (+ (+ 2 2) (- 1)))) (= 0 (select a 1)) (= 0 (select a (+ i (- 1)))) (= 0 (select a (+ (+ 2 2) 1))) (= 0 (select a (+ (+ 2 1) (- 1)))))))} assume !(i < n);assume 0 <= r && r < n; {682#(= 0 (select a r))} is VALID [2019-01-07 14:44:31,242 INFO L273 TraceCheckUtils]: 9: Hoare triple {682#(= 0 (select a r))} assume !(a[r] == 0); {673#false} is VALID [2019-01-07 14:44:31,243 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 28 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:44:31,243 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:44:31,244 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode ABSTRACT_INTERPRETATION [2019-01-07 14:44:31,244 INFO L189 CegarAbsIntRunner]: Skipping current iteration for AI because we have already analyzed this path program [2019-01-07 14:44:31,244 INFO L422 seRefinementStrategy]: Interpolation failed due to KNOWN_IGNORE: AbsInt can only provide a hoare triple checker if it generated fixpoints [2019-01-07 14:44:31,244 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2019-01-07 14:44:31,244 INFO L193 anRefinementStrategy]: Switched to InterpolantGenerator mode Z3_IG No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 7 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2019-01-07 14:44:31,253 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2019-01-07 14:44:31,254 INFO L289 anRefinementStrategy]: Using traceCheck mode Z3_IG with AssertCodeBlockOrder NOT_INCREMENTALLY (IT: FPandBP) [2019-01-07 14:44:31,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:44:31,266 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2019-01-07 14:44:31,266 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2019-01-07 14:44:31,294 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2019-01-07 14:44:31,300 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:44:31,310 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: 1 dim-0 vars, and 1 xjuncts. [2019-01-07 14:44:31,310 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:14 [2019-01-07 14:44:31,314 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:44:31,314 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_45, v_i_45]. (and (<= i (+ v_i_45 1)) (= a (store v_a_45 v_i_45 0)) (<= v_i_45 0)) [2019-01-07 14:44:31,314 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_45]. (and (<= i (+ v_i_45 1)) (= 0 (select a v_i_45)) (<= v_i_45 0)) [2019-01-07 14:44:31,395 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 11 [2019-01-07 14:44:31,397 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:44:31,411 INFO L267 ElimStorePlain]: Start of recursive call 1: 2 dim-0 vars, 1 dim-1 vars, End of recursive call: 2 dim-0 vars, and 1 xjuncts. [2019-01-07 14:44:31,411 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 3 variables, input treesize:25, output treesize:24 [2019-01-07 14:44:31,417 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:44:31,417 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_46, v_i_46, v_i_45]. (and (<= v_i_46 (+ v_i_45 1)) (= a (store v_a_46 v_i_46 0)) (= (select v_a_46 v_i_45) 0) (<= v_i_45 0) (<= i (+ v_i_46 1))) [2019-01-07 14:44:31,417 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_46, v_i_45]. (and (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (= 0 (select a v_i_45)) (<= v_i_45 0) (<= i (+ v_i_46 1))) [2019-01-07 14:44:31,500 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 16 [2019-01-07 14:44:31,502 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:44:31,526 INFO L267 ElimStorePlain]: Start of recursive call 1: 3 dim-0 vars, 1 dim-1 vars, End of recursive call: 3 dim-0 vars, and 1 xjuncts. [2019-01-07 14:44:31,526 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 4 variables, input treesize:35, output treesize:34 [2019-01-07 14:44:31,535 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:44:31,535 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_47, v_i_47, v_i_46, v_i_45]. (and (= (store v_a_47 v_i_47 0) a) (<= v_i_46 (+ v_i_45 1)) (<= i (+ v_i_47 1)) (= 0 (select v_a_47 v_i_45)) (= (select v_a_47 v_i_46) 0) (<= v_i_47 (+ v_i_46 1)) (<= v_i_45 0)) [2019-01-07 14:44:31,535 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_46, v_i_45, v_i_47]. (and (<= v_i_46 (+ v_i_45 1)) (<= i (+ v_i_47 1)) (= 0 (select a v_i_46)) (= 0 (select a v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_45)) (<= v_i_45 0)) [2019-01-07 14:44:31,624 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 22 treesize of output 21 [2019-01-07 14:44:31,628 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:44:31,654 INFO L267 ElimStorePlain]: Start of recursive call 1: 4 dim-0 vars, 1 dim-1 vars, End of recursive call: 4 dim-0 vars, and 1 xjuncts. [2019-01-07 14:44:31,655 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 5 variables, input treesize:45, output treesize:44 [2019-01-07 14:44:31,797 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:44:31,797 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_48, v_i_48, v_i_45, v_i_46, v_i_47]. (and (= (select v_a_48 v_i_45) 0) (<= v_i_46 (+ v_i_45 1)) (<= v_i_48 (+ v_i_47 1)) (<= v_i_47 (+ v_i_46 1)) (= (store v_a_48 v_i_48 0) a) (= 0 (select v_a_48 v_i_46)) (<= v_i_45 0) (<= i (+ v_i_48 1)) (= (select v_a_48 v_i_47) 0)) [2019-01-07 14:44:31,798 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_46, v_i_45, v_i_48, v_i_47]. (and (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_45)) (<= v_i_45 0) (<= i (+ v_i_48 1))) [2019-01-07 14:44:31,925 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 4 select indices, 4 select index equivalence classes, 0 disjoint index pairs (out of 6 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 26 [2019-01-07 14:44:31,928 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:44:31,962 INFO L267 ElimStorePlain]: Start of recursive call 1: 5 dim-0 vars, 1 dim-1 vars, End of recursive call: 5 dim-0 vars, and 1 xjuncts. [2019-01-07 14:44:31,963 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 6 variables, input treesize:55, output treesize:54 [2019-01-07 14:44:32,334 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:44:32,334 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_49, v_i_49, v_i_45, v_i_46, v_i_48, v_i_47]. (and (= (store v_a_49 v_i_49 0) a) (= 0 (select v_a_49 v_i_45)) (<= v_i_46 (+ v_i_45 1)) (<= i (+ v_i_49 1)) (= (select v_a_49 v_i_46) 0) (<= v_i_48 (+ v_i_47 1)) (<= v_i_49 (+ v_i_48 1)) (= 0 (select v_a_49 v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= (select v_a_49 v_i_48) 0) (<= v_i_45 0)) [2019-01-07 14:44:32,335 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_49, v_i_46, v_i_45, v_i_48, v_i_47]. (and (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (<= i (+ v_i_49 1)) (= 0 (select a v_i_46)) (<= v_i_48 (+ v_i_47 1)) (<= v_i_49 (+ v_i_48 1)) (= 0 (select a v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_45)) (<= v_i_45 0)) [2019-01-07 14:44:33,022 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 5 select indices, 5 select index equivalence classes, 0 disjoint index pairs (out of 10 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 32 treesize of output 31 [2019-01-07 14:44:33,025 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:44:33,065 INFO L267 ElimStorePlain]: Start of recursive call 1: 6 dim-0 vars, 1 dim-1 vars, End of recursive call: 6 dim-0 vars, and 1 xjuncts. [2019-01-07 14:44:33,066 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 7 variables, input treesize:65, output treesize:64 [2019-01-07 14:44:35,122 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:44:35,123 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_50, v_i_50, v_i_49, v_i_45, v_i_47, v_i_46, v_i_48]. (and (<= i (+ v_i_50 1)) (<= v_i_50 (+ v_i_49 1)) (= (select v_a_50 v_i_45) 0) (= (store v_a_50 v_i_50 0) a) (<= v_i_47 (+ v_i_46 1)) (<= v_i_45 0) (<= v_i_46 (+ v_i_45 1)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select v_a_50 v_i_48)) (= 0 (select v_a_50 v_i_49)) (= (select v_a_50 v_i_46) 0) (= 0 (select v_a_50 v_i_47))) [2019-01-07 14:44:35,123 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_50, v_i_49, v_i_47, v_i_46, v_i_48, v_i_45]. (and (<= i (+ v_i_50 1)) (<= v_i_50 (+ v_i_49 1)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_50)) (= 0 (select a v_i_45)) (<= v_i_45 0) (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47))) [2019-01-07 14:44:37,472 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 1 stores, 6 select indices, 6 select index equivalence classes, 0 disjoint index pairs (out of 15 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 37 treesize of output 36 [2019-01-07 14:44:37,475 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:44:37,521 INFO L267 ElimStorePlain]: Start of recursive call 1: 7 dim-0 vars, 1 dim-1 vars, End of recursive call: 7 dim-0 vars, and 1 xjuncts. [2019-01-07 14:44:37,522 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 8 variables, input treesize:75, output treesize:74 [2019-01-07 14:44:39,698 WARN L384 uantifierElimination]: Trying to double check SDD result, but SMT solver's response was UNKNOWN. [2019-01-07 14:44:39,698 WARN L385 uantifierElimination]: Input elimination task: ∃ [v_a_51, v_i_51, v_i_50, v_i_49, v_i_46, v_i_47, v_i_48, v_i_45]. (and (<= v_i_50 (+ v_i_49 1)) (= (select v_a_51 v_i_46) 0) (= 0 (select v_a_51 v_i_50)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select v_a_51 v_i_48)) (<= v_i_45 0) (= a (store v_a_51 v_i_51 0)) (<= v_i_46 (+ v_i_45 1)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select v_a_51 v_i_47)) (<= i (+ v_i_51 1)) (<= v_i_51 (+ v_i_50 1)) (= (select v_a_51 v_i_45) 0) (= (select v_a_51 v_i_49) 0)) [2019-01-07 14:44:39,699 WARN L386 uantifierElimination]: ElimStorePlain result: ∃ [v_i_50, v_i_49, v_i_47, v_i_46, v_i_48, v_i_45, v_i_51]. (and (<= v_i_50 (+ v_i_49 1)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_50)) (= 0 (select a v_i_45)) (<= v_i_45 0) (= 0 (select a v_i_51)) (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= i (+ v_i_51 1)) (<= v_i_51 (+ v_i_50 1))) [2019-01-07 14:44:55,472 INFO L273 TraceCheckUtils]: 0: Hoare triple {672#true} i := 0;assume j == i; {686#(<= i 0)} is VALID [2019-01-07 14:44:55,473 INFO L273 TraceCheckUtils]: 1: Hoare triple {686#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {690#(exists ((v_i_45 Int)) (and (<= i (+ v_i_45 1)) (= 0 (select a v_i_45)) (<= v_i_45 0)))} is VALID [2019-01-07 14:44:55,476 INFO L273 TraceCheckUtils]: 2: Hoare triple {690#(exists ((v_i_45 Int)) (and (<= i (+ v_i_45 1)) (= 0 (select a v_i_45)) (<= v_i_45 0)))} assume i < n;a := a[i := 0];i := i + 1; {694#(exists ((v_i_46 Int) (v_i_45 Int)) (and (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (= 0 (select a v_i_45)) (<= v_i_45 0) (<= i (+ v_i_46 1))))} is VALID [2019-01-07 14:44:55,480 INFO L273 TraceCheckUtils]: 3: Hoare triple {694#(exists ((v_i_46 Int) (v_i_45 Int)) (and (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (= 0 (select a v_i_45)) (<= v_i_45 0) (<= i (+ v_i_46 1))))} assume i < n;a := a[i := 0];i := i + 1; {698#(exists ((v_i_46 Int) (v_i_45 Int) (v_i_47 Int)) (and (<= v_i_46 (+ v_i_45 1)) (<= i (+ v_i_47 1)) (= 0 (select a v_i_46)) (= 0 (select a v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_45)) (<= v_i_45 0)))} is VALID [2019-01-07 14:44:55,493 INFO L273 TraceCheckUtils]: 4: Hoare triple {698#(exists ((v_i_46 Int) (v_i_45 Int) (v_i_47 Int)) (and (<= v_i_46 (+ v_i_45 1)) (<= i (+ v_i_47 1)) (= 0 (select a v_i_46)) (= 0 (select a v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_45)) (<= v_i_45 0)))} assume i < n;a := a[i := 0];i := i + 1; {702#(exists ((v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int)) (and (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_45)) (<= v_i_45 0) (<= i (+ v_i_48 1))))} is VALID [2019-01-07 14:44:55,639 INFO L273 TraceCheckUtils]: 5: Hoare triple {702#(exists ((v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int)) (and (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_45)) (<= v_i_45 0) (<= i (+ v_i_48 1))))} assume i < n;a := a[i := 0];i := i + 1; {706#(exists ((v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int) (v_i_49 Int)) (and (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (<= i (+ v_i_49 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_45)) (<= v_i_45 0)))} is VALID [2019-01-07 14:44:57,671 INFO L273 TraceCheckUtils]: 6: Hoare triple {706#(exists ((v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int) (v_i_49 Int)) (and (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (<= i (+ v_i_49 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_45)) (<= v_i_45 0)))} assume i < n;a := a[i := 0];i := i + 1; {710#(exists ((v_i_50 Int) (v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int) (v_i_49 Int)) (and (<= i (+ v_i_50 1)) (<= v_i_50 (+ v_i_49 1)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_50)) (= 0 (select a v_i_45)) (<= v_i_45 0) (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47))))} is UNKNOWN [2019-01-07 14:44:59,704 INFO L273 TraceCheckUtils]: 7: Hoare triple {710#(exists ((v_i_50 Int) (v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int) (v_i_49 Int)) (and (<= i (+ v_i_50 1)) (<= v_i_50 (+ v_i_49 1)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_50)) (= 0 (select a v_i_45)) (<= v_i_45 0) (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47))))} assume i < n;a := a[i := 0];i := i + 1; {714#(exists ((v_i_51 Int) (v_i_50 Int) (v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int) (v_i_49 Int)) (and (<= v_i_50 (+ v_i_49 1)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_50)) (= 0 (select a v_i_45)) (<= v_i_45 0) (= 0 (select a v_i_51)) (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= i (+ v_i_51 1)) (<= v_i_51 (+ v_i_50 1))))} is UNKNOWN [2019-01-07 14:45:02,078 INFO L273 TraceCheckUtils]: 8: Hoare triple {714#(exists ((v_i_51 Int) (v_i_50 Int) (v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int) (v_i_49 Int)) (and (<= v_i_50 (+ v_i_49 1)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_50)) (= 0 (select a v_i_45)) (<= v_i_45 0) (= 0 (select a v_i_51)) (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= i (+ v_i_51 1)) (<= v_i_51 (+ v_i_50 1))))} assume !(i < n);assume 0 <= r && r < n; {718#(and (<= 0 r) (exists ((v_i_51 Int) (v_i_50 Int) (v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int) (v_i_49 Int)) (and (<= v_i_50 (+ v_i_49 1)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_50)) (= 0 (select a v_i_45)) (<= v_i_45 0) (<= r v_i_51) (= 0 (select a v_i_51)) (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= v_i_51 (+ v_i_50 1)))))} is UNKNOWN [2019-01-07 14:45:02,104 INFO L273 TraceCheckUtils]: 9: Hoare triple {718#(and (<= 0 r) (exists ((v_i_51 Int) (v_i_50 Int) (v_i_46 Int) (v_i_45 Int) (v_i_48 Int) (v_i_47 Int) (v_i_49 Int)) (and (<= v_i_50 (+ v_i_49 1)) (<= v_i_47 (+ v_i_46 1)) (= 0 (select a v_i_48)) (= 0 (select a v_i_50)) (= 0 (select a v_i_45)) (<= v_i_45 0) (<= r v_i_51) (= 0 (select a v_i_51)) (= 0 (select a v_i_49)) (<= v_i_46 (+ v_i_45 1)) (= 0 (select a v_i_46)) (<= v_i_49 (+ v_i_48 1)) (<= v_i_48 (+ v_i_47 1)) (= 0 (select a v_i_47)) (<= v_i_51 (+ v_i_50 1)))))} assume !(a[r] == 0); {673#false} is VALID [2019-01-07 14:45:02,106 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 28 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2019-01-07 14:45:02,106 INFO L316 TraceCheckSpWp]: Computing backward predicates... [2019-01-07 14:45:12,457 INFO L478 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2019-01-07 14:45:12,459 INFO L267 ElimStorePlain]: Start of recursive call 2: End of recursive call: and 1 xjuncts. [2019-01-07 14:45:12,471 INFO L267 ElimStorePlain]: Start of recursive call 1: 1 dim-0 vars, 1 dim-1 vars, End of recursive call: and 1 xjuncts. [2019-01-07 14:45:12,471 INFO L202 ElimStorePlain]: Needed 2 recursive calls to eliminate 2 variables, input treesize:15, output treesize:7 [2019-01-07 14:45:12,486 INFO L273 TraceCheckUtils]: 9: Hoare triple {682#(= 0 (select a r))} assume !(a[r] == 0); {673#false} is VALID [2019-01-07 14:45:12,487 INFO L273 TraceCheckUtils]: 8: Hoare triple {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume !(i < n);assume 0 <= r && r < n; {682#(= 0 (select a r))} is VALID [2019-01-07 14:45:12,489 INFO L273 TraceCheckUtils]: 7: Hoare triple {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:45:12,490 INFO L273 TraceCheckUtils]: 6: Hoare triple {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:45:12,492 INFO L273 TraceCheckUtils]: 5: Hoare triple {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:45:12,494 INFO L273 TraceCheckUtils]: 4: Hoare triple {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:45:12,496 INFO L273 TraceCheckUtils]: 3: Hoare triple {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:45:12,497 INFO L273 TraceCheckUtils]: 2: Hoare triple {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} assume i < n;a := a[i := 0];i := i + 1; {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:45:12,498 INFO L273 TraceCheckUtils]: 1: Hoare triple {686#(<= i 0)} assume i < n;a := a[i := 0];i := i + 1; {725#(forall ((r Int)) (or (< i (+ r 1)) (< r 0) (= 0 (select a r))))} is VALID [2019-01-07 14:45:12,499 INFO L273 TraceCheckUtils]: 0: Hoare triple {672#true} i := 0;assume j == i; {686#(<= i 0)} is VALID [2019-01-07 14:45:12,500 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 7 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2019-01-07 14:45:12,521 INFO L312 seRefinementStrategy]: Constructing automaton from 0 perfect and 3 imperfect interpolant sequences. [2019-01-07 14:45:12,522 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 3] total 19 [2019-01-07 14:45:12,522 INFO L250 anRefinementStrategy]: Using the first two imperfect interpolant sequences [2019-01-07 14:45:12,522 INFO L78 Accepts]: Start accepts. Automaton has 20 states. Word has length 10 [2019-01-07 14:45:12,523 INFO L84 Accepts]: Finished accepts. word is accepted. [2019-01-07 14:45:12,523 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 20 states. [2019-01-07 14:45:19,243 INFO L119 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 17 inductive. 0 not inductive. 3 times theorem prover too weak to decide inductivity. [2019-01-07 14:45:19,243 INFO L459 AbstractCegarLoop]: Interpolant automaton has 20 states [2019-01-07 14:45:19,243 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2019-01-07 14:45:19,244 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=108, Invalid=309, Unknown=3, NotChecked=0, Total=420 [2019-01-07 14:45:19,244 INFO L87 Difference]: Start difference. First operand 11 states and 11 transitions. Second operand 20 states. [2019-01-07 14:45:27,849 WARN L194 Executor]: External (z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000) stderr output: (error "out of memory") [2019-01-07 14:45:27,849 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2019-01-07 14:45:27,850 FATAL L265 ToolchainWalker]: An unrecoverable error occured during an interaction with an SMT solver: de.uni_freiburg.informatik.ultimate.logic.SMTLIBException: External (z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000)Received EOF on stdin. stderr output: (error "out of memory") at de.uni_freiburg.informatik.ultimate.smtsolver.external.Executor.parse(Executor.java:208) at de.uni_freiburg.informatik.ultimate.smtsolver.external.Executor.parseSuccess(Executor.java:221) at de.uni_freiburg.informatik.ultimate.smtsolver.external.Scriptor.pop(Scriptor.java:140) at de.uni_freiburg.informatik.ultimate.modelcheckerutils.smt.arrays.DiffWrapperScript.pop(DiffWrapperScript.java:102) at de.uni_freiburg.informatik.ultimate.modelcheckerutils.smt.managedscript.ManagedScript.pop(ManagedScript.java:131) at de.uni_freiburg.informatik.ultimate.modelcheckerutils.smt.MonolithicImplicationChecker.checkImplication(MonolithicImplicationChecker.java:85) at de.uni_freiburg.informatik.ultimate.modelcheckerutils.smt.predicates.PredicateUnifier$PredicateComparison.compare(PredicateUnifier.java:899) at de.uni_freiburg.informatik.ultimate.modelcheckerutils.smt.predicates.PredicateUnifier$PredicateComparison.(PredicateUnifier.java:773) at de.uni_freiburg.informatik.ultimate.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate(PredicateUnifier.java:345) at de.uni_freiburg.informatik.ultimate.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicateForConjunction(PredicateUnifier.java:388) at de.uni_freiburg.informatik.ultimate.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicateForConjunction(PredicateUnifier.java:229) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.interpolantautomata.transitionappender.DeterministicInterpolantAutomaton.getOrConstructPredicate(DeterministicInterpolantAutomaton.java:281) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.interpolantautomata.transitionappender.DeterministicInterpolantAutomaton.constructSuccessorsAndTransitions(DeterministicInterpolantAutomaton.java:303) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.interpolantautomata.transitionappender.BasicAbstractInterpolantAutomaton.computeSuccs(BasicAbstractInterpolantAutomaton.java:78) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.interpolantautomata.transitionappender.BasicAbstractInterpolantAutomaton.computeSuccs(BasicAbstractInterpolantAutomaton.java:1) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.interpolantautomata.transitionappender.AbstractInterpolantAutomaton.internalSuccessors(AbstractInterpolantAutomaton.java:234) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.interpolantautomata.transitionappender.AbstractInterpolantAutomaton.internalSuccessors(AbstractInterpolantAutomaton.java:1) at de.uni_freiburg.informatik.ultimate.automata.nestedword.operations.TotalizeNwa.internalSuccessors(TotalizeNwa.java:213) at de.uni_freiburg.informatik.ultimate.automata.nestedword.operations.ComplementDeterministicNwa.internalSuccessors(ComplementDeterministicNwa.java:121) at de.uni_freiburg.informatik.ultimate.automata.nestedword.operations.ProductNwa.internalSuccessors(ProductNwa.java:216) at de.uni_freiburg.informatik.ultimate.automata.nestedword.operations.ProductNwa.internalSuccessors(ProductNwa.java:208) at de.uni_freiburg.informatik.ultimate.automata.nestedword.reachablestates.NestedWordAutomatonReachableStates$ReachableStatesComputation.addInternalsAndSuccessors(NestedWordAutomatonReachableStates.java:1066) at de.uni_freiburg.informatik.ultimate.automata.nestedword.reachablestates.NestedWordAutomatonReachableStates$ReachableStatesComputation.(NestedWordAutomatonReachableStates.java:968) at de.uni_freiburg.informatik.ultimate.automata.nestedword.reachablestates.NestedWordAutomatonReachableStates.(NestedWordAutomatonReachableStates.java:188) at de.uni_freiburg.informatik.ultimate.automata.nestedword.operations.Difference.computeDifference(Difference.java:137) at de.uni_freiburg.informatik.ultimate.automata.nestedword.operations.Difference.(Difference.java:90) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.BasicCegarLoop.computeAutomataDifference(BasicCegarLoop.java:699) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.BasicCegarLoop.refineAbstraction(BasicCegarLoop.java:628) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.AbstractCegarLoop.iterateInternal(AbstractCegarLoop.java:472) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.AbstractCegarLoop.iterate(AbstractCegarLoop.java:376) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.iterate(TraceAbstractionStarter.java:334) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.runCegarLoops(TraceAbstractionStarter.java:174) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionStarter.(TraceAbstractionStarter.java:126) at de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver.finish(TraceAbstractionObserver.java:123) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runObserver(PluginConnector.java:168) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.runTool(PluginConnector.java:151) at de.uni_freiburg.informatik.ultimate.core.coreplugin.PluginConnector.run(PluginConnector.java:128) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.executePluginConnector(ToolchainWalker.java:232) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.processPlugin(ToolchainWalker.java:226) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walkUnprotected(ToolchainWalker.java:142) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainWalker.walk(ToolchainWalker.java:104) at de.uni_freiburg.informatik.ultimate.core.coreplugin.ToolchainManager$Toolchain.processToolchain(ToolchainManager.java:316) at de.uni_freiburg.informatik.ultimate.core.coreplugin.toolchain.DefaultToolchainJob.run(DefaultToolchainJob.java:145) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55) Caused by: de.uni_freiburg.informatik.ultimate.logic.SMTLIBException: EOF at de.uni_freiburg.informatik.ultimate.smtsolver.external.Parser$Action$.CUP$do_action(Parser.java:1427) at de.uni_freiburg.informatik.ultimate.smtsolver.external.Parser.do_action(Parser.java:630) at com.github.jhoenicke.javacup.runtime.LRParser.parse(LRParser.java:419) at de.uni_freiburg.informatik.ultimate.smtsolver.external.Executor.parse(Executor.java:205) ... 43 more [2019-01-07 14:45:27,855 INFO L168 Benchmark]: Toolchain (without parser) took 204810.31 ms. Allocated memory was 1.5 GB in the beginning and 2.7 GB in the end (delta: 1.1 GB). Free memory was 1.5 GB in the beginning and 1.6 GB in the end (delta: -174.9 MB). Peak memory consumption was 946.1 MB. Max. memory is 7.1 GB. [2019-01-07 14:45:27,856 INFO L168 Benchmark]: Boogie PL CUP Parser took 0.25 ms. Allocated memory is still 1.5 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 7.1 GB. [2019-01-07 14:45:27,857 INFO L168 Benchmark]: Boogie Procedure Inliner took 51.27 ms. Allocated memory is still 1.5 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 7.1 GB. [2019-01-07 14:45:27,857 INFO L168 Benchmark]: Boogie Preprocessor took 32.99 ms. Allocated memory is still 1.5 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 7.1 GB. [2019-01-07 14:45:27,858 INFO L168 Benchmark]: RCFGBuilder took 375.61 ms. Allocated memory is still 1.5 GB. Free memory was 1.5 GB in the beginning and 1.4 GB in the end (delta: 21.1 MB). Peak memory consumption was 21.1 MB. Max. memory is 7.1 GB. [2019-01-07 14:45:27,859 INFO L168 Benchmark]: TraceAbstraction took 204345.55 ms. Allocated memory was 1.5 GB in the beginning and 2.7 GB in the end (delta: 1.1 GB). Free memory was 1.4 GB in the beginning and 1.6 GB in the end (delta: -196.0 MB). Peak memory consumption was 924.9 MB. Max. memory is 7.1 GB. [2019-01-07 14:45:27,862 INFO L336 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - GenericResult: Assertions are enabled Assertions are enabled - StatisticsResult: Toolchain Benchmarks Benchmark results are: * Boogie PL CUP Parser took 0.25 ms. Allocated memory is still 1.5 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 7.1 GB. * Boogie Procedure Inliner took 51.27 ms. Allocated memory is still 1.5 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 7.1 GB. * Boogie Preprocessor took 32.99 ms. Allocated memory is still 1.5 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 7.1 GB. * RCFGBuilder took 375.61 ms. Allocated memory is still 1.5 GB. Free memory was 1.5 GB in the beginning and 1.4 GB in the end (delta: 21.1 MB). Peak memory consumption was 21.1 MB. Max. memory is 7.1 GB. * TraceAbstraction took 204345.55 ms. Allocated memory was 1.5 GB in the beginning and 2.7 GB in the end (delta: 1.1 GB). Free memory was 1.4 GB in the beginning and 1.6 GB in the end (delta: -196.0 MB). Peak memory consumption was 924.9 MB. Max. memory is 7.1 GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - ExceptionOrErrorResult: SMTLIBException: External (z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000)Received EOF on stdin. stderr output: (error "out of memory") de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: SMTLIBException: External (z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000)Received EOF on stdin. stderr output: (error "out of memory") : de.uni_freiburg.informatik.ultimate.smtsolver.external.Executor.parse(Executor.java:208) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request...