./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/loops/sum_array-2-2.i --full-output --procedureinliner.inline.calls.to.implemented.procedures NEVER --traceabstraction.positions.where.we.compute.the.hoare.annotation All --traceabstraction.encode.modifies.clause.in.ensures.clause.of.contracts true --witnessprinter.yaml.format.version 2.1 --witnessprinter.generate.graphml.witnesses false --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version fb1cb0b9 Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/certificate-witnesses-artifact/automizer/data/config -Xmx15G -Xms4m -jar /storage/repos/certificate-witnesses-artifact/automizer/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/certificate-witnesses-artifact/automizer/data -tc /storage/repos/certificate-witnesses-artifact/automizer/config/AutomizerReach.xml -i ../sv-benchmarks/c/loops/sum_array-2-2.i -s /storage/repos/certificate-witnesses-artifact/automizer/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/certificate-witnesses-artifact/automizer --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 0cf9175e436d0e00a51b884dabf87739d3176e3315a908e56fcba99730a10796 --procedureinliner.inline.calls.to.implemented.procedures NEVER --traceabstraction.positions.where.we.compute.the.hoare.annotation All --traceabstraction.encode.modifies.clause.in.ensures.clause.of.contracts true --witnessprinter.yaml.format.version 2.1 --witnessprinter.generate.graphml.witnesses false --- Real Ultimate output --- This is Ultimate 0.2.4-tmp.dk.referee-eval-fb1cb0b-m [2024-09-25 10:17:37,701 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-09-25 10:17:37,771 INFO L114 SettingsManager]: Loading settings from /storage/repos/certificate-witnesses-artifact/automizer/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-09-25 10:17:37,778 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-09-25 10:17:37,779 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-09-25 10:17:37,821 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-09-25 10:17:37,822 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-09-25 10:17:37,822 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-09-25 10:17:37,823 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-09-25 10:17:37,823 INFO L153 SettingsManager]: * Use memory slicer=true [2024-09-25 10:17:37,824 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-09-25 10:17:37,824 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-09-25 10:17:37,825 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-09-25 10:17:37,825 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-09-25 10:17:37,825 INFO L153 SettingsManager]: * Use SBE=true [2024-09-25 10:17:37,826 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-09-25 10:17:37,826 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-09-25 10:17:37,826 INFO L153 SettingsManager]: * sizeof long=4 [2024-09-25 10:17:37,827 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-09-25 10:17:37,827 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-09-25 10:17:37,827 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-09-25 10:17:37,828 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-09-25 10:17:37,829 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-09-25 10:17:37,829 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-09-25 10:17:37,829 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-09-25 10:17:37,830 INFO L153 SettingsManager]: * sizeof long double=12 [2024-09-25 10:17:37,830 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-09-25 10:17:37,830 INFO L153 SettingsManager]: * Use constant arrays=true [2024-09-25 10:17:37,831 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-09-25 10:17:37,831 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-09-25 10:17:37,831 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-09-25 10:17:37,831 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-09-25 10:17:37,832 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-09-25 10:17:37,832 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-09-25 10:17:37,832 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-09-25 10:17:37,833 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-09-25 10:17:37,833 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-09-25 10:17:37,833 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-09-25 10:17:37,833 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-09-25 10:17:37,834 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-09-25 10:17:37,834 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-09-25 10:17:37,834 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-09-25 10:17:37,835 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/certificate-witnesses-artifact/automizer/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/certificate-witnesses-artifact/automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 0cf9175e436d0e00a51b884dabf87739d3176e3315a908e56fcba99730a10796 Applying setting for plugin de.uni_freiburg.informatik.ultimate.boogie.procedureinliner: Inline calls to implemented procedures -> NEVER Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: Positions where we compute the Hoare Annotation -> All Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: Encode 'modifies' clause in 'ensures' clause of contracts -> true Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: YAML Format version -> 2.1 Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Generate GraphML witnesses -> false [2024-09-25 10:17:38,150 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-09-25 10:17:38,172 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-09-25 10:17:38,175 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-09-25 10:17:38,176 INFO L270 PluginConnector]: Initializing CDTParser... [2024-09-25 10:17:38,176 INFO L274 PluginConnector]: CDTParser initialized [2024-09-25 10:17:38,178 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/certificate-witnesses-artifact/automizer/../sv-benchmarks/c/loops/sum_array-2-2.i [2024-09-25 10:17:39,750 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-09-25 10:17:39,947 INFO L384 CDTParser]: Found 1 translation units. [2024-09-25 10:17:39,947 INFO L180 CDTParser]: Scanning /storage/repos/certificate-witnesses-artifact/sv-benchmarks/c/loops/sum_array-2-2.i [2024-09-25 10:17:39,957 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/certificate-witnesses-artifact/automizer/data/22d051a13/456753197639480487fbe1831698e1b9/FLAGd1b33ba3e [2024-09-25 10:17:39,975 INFO L435 CDTParser]: Successfully deleted /storage/repos/certificate-witnesses-artifact/automizer/data/22d051a13/456753197639480487fbe1831698e1b9 [2024-09-25 10:17:39,979 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-09-25 10:17:39,980 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-09-25 10:17:39,984 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-09-25 10:17:39,984 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-09-25 10:17:39,989 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-09-25 10:17:39,990 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.09 10:17:39" (1/1) ... [2024-09-25 10:17:39,991 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@359c32be and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:39, skipping insertion in model container [2024-09-25 10:17:39,991 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.09 10:17:39" (1/1) ... [2024-09-25 10:17:40,013 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-09-25 10:17:40,192 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/certificate-witnesses-artifact/sv-benchmarks/c/loops/sum_array-2-2.i[940,953] [2024-09-25 10:17:40,221 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-09-25 10:17:40,234 INFO L200 MainTranslator]: Completed pre-run [2024-09-25 10:17:40,246 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/certificate-witnesses-artifact/sv-benchmarks/c/loops/sum_array-2-2.i[940,953] [2024-09-25 10:17:40,263 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-09-25 10:17:40,280 INFO L204 MainTranslator]: Completed translation [2024-09-25 10:17:40,281 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40 WrapperNode [2024-09-25 10:17:40,281 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-09-25 10:17:40,283 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-09-25 10:17:40,284 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-09-25 10:17:40,284 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-09-25 10:17:40,290 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,298 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,308 INFO L138 Inliner]: procedures = 18, calls = 37, calls flagged for inlining = 0, calls inlined = 0, statements flattened = 0 [2024-09-25 10:17:40,308 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-09-25 10:17:40,315 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-09-25 10:17:40,315 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-09-25 10:17:40,315 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-09-25 10:17:40,325 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,326 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,328 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,351 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 5, 2, 5]. 36 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2, 0, 0, 0]. The 3 writes are split as follows [0, 1, 1, 1]. [2024-09-25 10:17:40,352 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,352 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,362 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,370 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,371 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,376 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,378 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-09-25 10:17:40,379 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-09-25 10:17:40,379 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-09-25 10:17:40,379 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-09-25 10:17:40,382 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (1/1) ... [2024-09-25 10:17:40,388 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-09-25 10:17:40,399 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:17:40,414 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/certificate-witnesses-artifact/automizer/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-09-25 10:17:40,420 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-09-25 10:17:40,459 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-09-25 10:17:40,459 INFO L130 BoogieDeclarations]: Found specification of procedure main [2024-09-25 10:17:40,460 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2024-09-25 10:17:40,460 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-09-25 10:17:40,460 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2024-09-25 10:17:40,460 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2024-09-25 10:17:40,460 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2024-09-25 10:17:40,461 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnStack [2024-09-25 10:17:40,462 INFO L130 BoogieDeclarations]: Found specification of procedure write~int#0 [2024-09-25 10:17:40,462 INFO L130 BoogieDeclarations]: Found specification of procedure write~int#1 [2024-09-25 10:17:40,462 INFO L130 BoogieDeclarations]: Found specification of procedure write~int#2 [2024-09-25 10:17:40,462 INFO L130 BoogieDeclarations]: Found specification of procedure write~int#3 [2024-09-25 10:17:40,462 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2024-09-25 10:17:40,462 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2024-09-25 10:17:40,462 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-09-25 10:17:40,463 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-09-25 10:17:40,463 INFO L130 BoogieDeclarations]: Found specification of procedure read~int#0 [2024-09-25 10:17:40,463 INFO L130 BoogieDeclarations]: Found specification of procedure read~int#1 [2024-09-25 10:17:40,463 INFO L130 BoogieDeclarations]: Found specification of procedure read~int#2 [2024-09-25 10:17:40,463 INFO L130 BoogieDeclarations]: Found specification of procedure read~int#3 [2024-09-25 10:17:40,463 INFO L130 BoogieDeclarations]: Found specification of procedure __VERIFIER_assert [2024-09-25 10:17:40,463 INFO L138 BoogieDeclarations]: Found implementation of procedure __VERIFIER_assert [2024-09-25 10:17:40,463 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2024-09-25 10:17:40,556 INFO L241 CfgBuilder]: Building ICFG [2024-09-25 10:17:40,560 INFO L267 CfgBuilder]: Building CFG for each procedure with an implementation [2024-09-25 10:17:40,802 INFO L? ?]: Removed 11 outVars from TransFormulas that were not future-live. [2024-09-25 10:17:40,802 INFO L290 CfgBuilder]: Performing block encoding [2024-09-25 10:17:40,831 INFO L312 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-09-25 10:17:40,832 INFO L317 CfgBuilder]: Removed 4 assume(true) statements. [2024-09-25 10:17:40,832 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.09 10:17:40 BoogieIcfgContainer [2024-09-25 10:17:40,832 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-09-25 10:17:40,835 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-09-25 10:17:40,835 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-09-25 10:17:40,838 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-09-25 10:17:40,838 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 25.09 10:17:39" (1/3) ... [2024-09-25 10:17:40,839 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5d48619d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 25.09 10:17:40, skipping insertion in model container [2024-09-25 10:17:40,839 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.09 10:17:40" (2/3) ... [2024-09-25 10:17:40,839 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5d48619d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 25.09 10:17:40, skipping insertion in model container [2024-09-25 10:17:40,839 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.09 10:17:40" (3/3) ... [2024-09-25 10:17:40,841 INFO L112 eAbstractionObserver]: Analyzing ICFG sum_array-2-2.i [2024-09-25 10:17:40,854 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:All NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-09-25 10:17:40,855 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-09-25 10:17:40,908 INFO L335 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-09-25 10:17:40,915 INFO L336 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@127bb7aa, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-09-25 10:17:40,917 INFO L337 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-09-25 10:17:40,921 INFO L276 IsEmpty]: Start isEmpty. Operand has 30 states, 22 states have (on average 1.6818181818181819) internal successors, (37), 23 states have internal predecessors, (37), 3 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2024-09-25 10:17:40,930 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2024-09-25 10:17:40,931 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:17:40,932 INFO L216 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:17:40,933 INFO L399 AbstractCegarLoop]: === Iteration 1 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:17:40,939 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:40,940 INFO L85 PathProgramCache]: Analyzing trace with hash 868990998, now seen corresponding path program 1 times [2024-09-25 10:17:40,949 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:17:40,950 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [267158964] [2024-09-25 10:17:40,950 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:17:40,951 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:17:41,067 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:41,139 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:17:41,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:41,154 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-09-25 10:17:41,157 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:17:41,158 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [267158964] [2024-09-25 10:17:41,158 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [267158964] provided 1 perfect and 0 imperfect interpolant sequences [2024-09-25 10:17:41,159 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-09-25 10:17:41,159 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-09-25 10:17:41,160 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [363570896] [2024-09-25 10:17:41,161 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-09-25 10:17:41,168 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-09-25 10:17:41,172 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:17:41,199 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-09-25 10:17:41,200 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-09-25 10:17:41,201 INFO L87 Difference]: Start difference. First operand has 30 states, 22 states have (on average 1.6818181818181819) internal successors, (37), 23 states have internal predecessors, (37), 3 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-09-25 10:17:41,235 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:17:41,236 INFO L93 Difference]: Finished difference Result 51 states and 73 transitions. [2024-09-25 10:17:41,238 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-09-25 10:17:41,239 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2024-09-25 10:17:41,240 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:17:41,245 INFO L225 Difference]: With dead ends: 51 [2024-09-25 10:17:41,245 INFO L226 Difference]: Without dead ends: 25 [2024-09-25 10:17:41,248 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-09-25 10:17:41,251 INFO L434 NwaCegarLoop]: 34 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 34 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-09-25 10:17:41,251 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 34 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-09-25 10:17:41,265 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 25 states. [2024-09-25 10:17:41,277 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 25 to 25. [2024-09-25 10:17:41,278 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 25 states, 19 states have (on average 1.2105263157894737) internal successors, (23), 19 states have internal predecessors, (23), 3 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-09-25 10:17:41,279 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 25 states to 25 states and 28 transitions. [2024-09-25 10:17:41,280 INFO L78 Accepts]: Start accepts. Automaton has 25 states and 28 transitions. Word has length 17 [2024-09-25 10:17:41,280 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:17:41,281 INFO L474 AbstractCegarLoop]: Abstraction has 25 states and 28 transitions. [2024-09-25 10:17:41,281 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-09-25 10:17:41,281 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:41,282 INFO L276 IsEmpty]: Start isEmpty. Operand 25 states and 28 transitions. [2024-09-25 10:17:41,282 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2024-09-25 10:17:41,282 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:17:41,282 INFO L216 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:17:41,283 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-09-25 10:17:41,283 INFO L399 AbstractCegarLoop]: === Iteration 2 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:17:41,283 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:41,284 INFO L85 PathProgramCache]: Analyzing trace with hash 256506248, now seen corresponding path program 1 times [2024-09-25 10:17:41,284 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:17:41,284 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1486853232] [2024-09-25 10:17:41,284 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:17:41,284 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:17:41,348 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:41,613 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:17:41,615 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:41,619 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-09-25 10:17:41,623 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:17:41,623 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1486853232] [2024-09-25 10:17:41,624 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1486853232] provided 1 perfect and 0 imperfect interpolant sequences [2024-09-25 10:17:41,624 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-09-25 10:17:41,624 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-09-25 10:17:41,624 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1140447088] [2024-09-25 10:17:41,624 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-09-25 10:17:41,625 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-09-25 10:17:41,627 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:17:41,628 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-09-25 10:17:41,628 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-09-25 10:17:41,629 INFO L87 Difference]: Start difference. First operand 25 states and 28 transitions. Second operand has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-09-25 10:17:41,769 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:17:41,769 INFO L93 Difference]: Finished difference Result 56 states and 67 transitions. [2024-09-25 10:17:41,770 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-09-25 10:17:41,770 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2024-09-25 10:17:41,770 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:17:41,772 INFO L225 Difference]: With dead ends: 56 [2024-09-25 10:17:41,773 INFO L226 Difference]: Without dead ends: 35 [2024-09-25 10:17:41,774 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-09-25 10:17:41,775 INFO L434 NwaCegarLoop]: 15 mSDtfsCounter, 5 mSDsluCounter, 33 mSDsCounter, 0 mSdLazyCounter, 60 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 6 SdHoareTripleChecker+Valid, 48 SdHoareTripleChecker+Invalid, 69 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 60 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-09-25 10:17:41,776 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [6 Valid, 48 Invalid, 69 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 60 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-09-25 10:17:41,777 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 35 states. [2024-09-25 10:17:41,787 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 35 to 28. [2024-09-25 10:17:41,788 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 28 states, 22 states have (on average 1.1818181818181819) internal successors, (26), 22 states have internal predecessors, (26), 3 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-09-25 10:17:41,789 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 28 states to 28 states and 31 transitions. [2024-09-25 10:17:41,790 INFO L78 Accepts]: Start accepts. Automaton has 28 states and 31 transitions. Word has length 17 [2024-09-25 10:17:41,790 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:17:41,791 INFO L474 AbstractCegarLoop]: Abstraction has 28 states and 31 transitions. [2024-09-25 10:17:41,791 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 5 states have internal predecessors, (13), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-09-25 10:17:41,792 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:41,792 INFO L276 IsEmpty]: Start isEmpty. Operand 28 states and 31 transitions. [2024-09-25 10:17:41,793 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-09-25 10:17:41,794 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:17:41,794 INFO L216 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:17:41,795 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-09-25 10:17:41,795 INFO L399 AbstractCegarLoop]: === Iteration 3 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:17:41,795 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:41,795 INFO L85 PathProgramCache]: Analyzing trace with hash 1240316604, now seen corresponding path program 1 times [2024-09-25 10:17:41,795 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:17:41,796 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1218194292] [2024-09-25 10:17:41,796 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:17:41,796 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:17:41,930 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:43,103 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:17:43,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:43,110 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-09-25 10:17:43,112 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:17:43,112 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1218194292] [2024-09-25 10:17:43,112 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1218194292] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:17:43,112 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [468259174] [2024-09-25 10:17:43,113 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:17:43,114 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:17:43,114 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:17:43,141 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:17:43,143 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-09-25 10:17:43,231 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:43,234 INFO L262 TraceCheckSpWp]: Trace formula consists of 130 conjuncts, 26 conjuncts are in the unsatisfiable core [2024-09-25 10:17:43,241 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:17:43,321 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 17 [2024-09-25 10:17:43,379 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 25 treesize of output 17 [2024-09-25 10:17:43,387 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 13 [2024-09-25 10:17:43,392 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2024-09-25 10:17:43,426 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-09-25 10:17:43,427 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:17:43,682 INFO L349 Elim1Store]: treesize reduction 5, result has 50.0 percent of original size [2024-09-25 10:17:43,683 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 83 treesize of output 63 [2024-09-25 10:17:43,699 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:17:43,699 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 46 treesize of output 25 [2024-09-25 10:17:43,706 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 44 treesize of output 40 [2024-09-25 10:17:43,727 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:17:43,728 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 2 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 40 treesize of output 87 [2024-09-25 10:17:43,794 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-09-25 10:17:43,794 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [468259174] provided 0 perfect and 2 imperfect interpolant sequences [2024-09-25 10:17:43,794 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-09-25 10:17:43,794 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 8] total 17 [2024-09-25 10:17:43,795 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1604822156] [2024-09-25 10:17:43,797 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-09-25 10:17:43,799 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2024-09-25 10:17:43,801 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:17:43,802 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2024-09-25 10:17:43,804 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=55, Invalid=217, Unknown=0, NotChecked=0, Total=272 [2024-09-25 10:17:43,805 INFO L87 Difference]: Start difference. First operand 28 states and 31 transitions. Second operand has 17 states, 16 states have (on average 2.6875) internal successors, (43), 15 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-09-25 10:17:44,072 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:17:44,073 INFO L93 Difference]: Finished difference Result 42 states and 45 transitions. [2024-09-25 10:17:44,073 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2024-09-25 10:17:44,074 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 16 states have (on average 2.6875) internal successors, (43), 15 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2024-09-25 10:17:44,074 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:17:44,075 INFO L225 Difference]: With dead ends: 42 [2024-09-25 10:17:44,075 INFO L226 Difference]: Without dead ends: 40 [2024-09-25 10:17:44,076 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 61 GetRequests, 43 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 77 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=81, Invalid=299, Unknown=0, NotChecked=0, Total=380 [2024-09-25 10:17:44,077 INFO L434 NwaCegarLoop]: 12 mSDtfsCounter, 20 mSDsluCounter, 107 mSDsCounter, 0 mSdLazyCounter, 193 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 119 SdHoareTripleChecker+Invalid, 202 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 193 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-09-25 10:17:44,079 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 119 Invalid, 202 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 193 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-09-25 10:17:44,080 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 40 states. [2024-09-25 10:17:44,090 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 40 to 34. [2024-09-25 10:17:44,091 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 34 states, 26 states have (on average 1.1538461538461537) internal successors, (30), 27 states have internal predecessors, (30), 4 states have call successors, (4), 4 states have call predecessors, (4), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-09-25 10:17:44,092 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 34 states to 34 states and 37 transitions. [2024-09-25 10:17:44,093 INFO L78 Accepts]: Start accepts. Automaton has 34 states and 37 transitions. Word has length 24 [2024-09-25 10:17:44,093 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:17:44,093 INFO L474 AbstractCegarLoop]: Abstraction has 34 states and 37 transitions. [2024-09-25 10:17:44,094 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 16 states have (on average 2.6875) internal successors, (43), 15 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-09-25 10:17:44,094 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:44,094 INFO L276 IsEmpty]: Start isEmpty. Operand 34 states and 37 transitions. [2024-09-25 10:17:44,095 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-09-25 10:17:44,096 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:17:44,096 INFO L216 NwaCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:17:44,114 INFO L552 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-09-25 10:17:44,296 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,2 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:17:44,297 INFO L399 AbstractCegarLoop]: === Iteration 4 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:17:44,297 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:44,297 INFO L85 PathProgramCache]: Analyzing trace with hash 1226106264, now seen corresponding path program 1 times [2024-09-25 10:17:44,298 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:17:44,298 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [723459088] [2024-09-25 10:17:44,298 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:17:44,298 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:17:44,322 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:44,567 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:17:44,569 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:44,571 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-09-25 10:17:44,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:44,578 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 3 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-09-25 10:17:44,578 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:17:44,578 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [723459088] [2024-09-25 10:17:44,579 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [723459088] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:17:44,579 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [780862417] [2024-09-25 10:17:44,579 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:17:44,580 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:17:44,580 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:17:44,582 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:17:44,585 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-09-25 10:17:44,651 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:44,654 INFO L262 TraceCheckSpWp]: Trace formula consists of 148 conjuncts, 10 conjuncts are in the unsatisfiable core [2024-09-25 10:17:44,655 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:17:44,741 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 3 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-09-25 10:17:44,741 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:17:44,924 INFO L134 CoverageAnalysis]: Checked inductivity of 7 backedges. 3 proven. 2 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-09-25 10:17:44,924 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [780862417] provided 0 perfect and 2 imperfect interpolant sequences [2024-09-25 10:17:44,924 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-09-25 10:17:44,924 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 7, 7] total 13 [2024-09-25 10:17:44,924 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [280901267] [2024-09-25 10:17:44,925 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-09-25 10:17:44,925 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 13 states [2024-09-25 10:17:44,925 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:17:44,926 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2024-09-25 10:17:44,926 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=46, Invalid=110, Unknown=0, NotChecked=0, Total=156 [2024-09-25 10:17:44,926 INFO L87 Difference]: Start difference. First operand 34 states and 37 transitions. Second operand has 13 states, 13 states have (on average 3.0) internal successors, (39), 13 states have internal predecessors, (39), 4 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2024-09-25 10:17:45,127 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:17:45,127 INFO L93 Difference]: Finished difference Result 84 states and 96 transitions. [2024-09-25 10:17:45,128 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-09-25 10:17:45,128 INFO L78 Accepts]: Start accepts. Automaton has has 13 states, 13 states have (on average 3.0) internal successors, (39), 13 states have internal predecessors, (39), 4 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 31 [2024-09-25 10:17:45,128 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:17:45,129 INFO L225 Difference]: With dead ends: 84 [2024-09-25 10:17:45,130 INFO L226 Difference]: Without dead ends: 49 [2024-09-25 10:17:45,130 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 73 GetRequests, 60 SyntacticMatches, 2 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 44 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=46, Invalid=110, Unknown=0, NotChecked=0, Total=156 [2024-09-25 10:17:45,131 INFO L434 NwaCegarLoop]: 17 mSDtfsCounter, 31 mSDsluCounter, 58 mSDsCounter, 0 mSdLazyCounter, 185 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 33 SdHoareTripleChecker+Valid, 75 SdHoareTripleChecker+Invalid, 219 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 185 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-09-25 10:17:45,133 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [33 Valid, 75 Invalid, 219 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 185 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-09-25 10:17:45,133 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 49 states. [2024-09-25 10:17:45,147 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 49 to 41. [2024-09-25 10:17:45,148 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 41 states, 33 states have (on average 1.121212121212121) internal successors, (37), 34 states have internal predecessors, (37), 4 states have call successors, (4), 4 states have call predecessors, (4), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-09-25 10:17:45,149 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 41 states to 41 states and 44 transitions. [2024-09-25 10:17:45,150 INFO L78 Accepts]: Start accepts. Automaton has 41 states and 44 transitions. Word has length 31 [2024-09-25 10:17:45,150 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:17:45,150 INFO L474 AbstractCegarLoop]: Abstraction has 41 states and 44 transitions. [2024-09-25 10:17:45,151 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 13 states, 13 states have (on average 3.0) internal successors, (39), 13 states have internal predecessors, (39), 4 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2024-09-25 10:17:45,151 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:45,151 INFO L276 IsEmpty]: Start isEmpty. Operand 41 states and 44 transitions. [2024-09-25 10:17:45,152 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-09-25 10:17:45,152 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:17:45,152 INFO L216 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:17:45,168 INFO L552 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-09-25 10:17:45,352 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,3 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:17:45,353 INFO L399 AbstractCegarLoop]: === Iteration 5 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:17:45,353 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:45,354 INFO L85 PathProgramCache]: Analyzing trace with hash 1365597324, now seen corresponding path program 2 times [2024-09-25 10:17:45,354 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:17:45,354 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1056039941] [2024-09-25 10:17:45,354 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:17:45,354 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:17:45,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:48,074 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:17:48,075 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:48,078 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-09-25 10:17:48,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:17:48,088 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 2 proven. 15 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-09-25 10:17:48,088 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:17:48,089 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1056039941] [2024-09-25 10:17:48,089 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1056039941] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:17:48,089 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1401367534] [2024-09-25 10:17:48,089 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2024-09-25 10:17:48,089 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:17:48,090 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:17:48,092 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:17:48,093 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-09-25 10:17:48,180 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2024-09-25 10:17:48,180 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2024-09-25 10:17:48,182 INFO L262 TraceCheckSpWp]: Trace formula consists of 185 conjuncts, 34 conjuncts are in the unsatisfiable core [2024-09-25 10:17:48,184 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:17:48,315 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 23 [2024-09-25 10:17:48,618 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 33 treesize of output 21 [2024-09-25 10:17:48,622 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 15 [2024-09-25 10:17:48,624 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 9 [2024-09-25 10:17:48,686 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 0 proven. 15 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-09-25 10:17:48,686 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:17:49,078 INFO L349 Elim1Store]: treesize reduction 5, result has 50.0 percent of original size [2024-09-25 10:17:49,079 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 89 treesize of output 67 [2024-09-25 10:17:49,092 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:17:49,092 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 46 treesize of output 25 [2024-09-25 10:17:49,100 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 44 treesize of output 40 [2024-09-25 10:17:49,112 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:17:49,113 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 2 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 40 treesize of output 87 [2024-09-25 10:17:49,213 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 2 proven. 5 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2024-09-25 10:17:49,213 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1401367534] provided 0 perfect and 2 imperfect interpolant sequences [2024-09-25 10:17:49,213 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-09-25 10:17:49,214 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 12, 10] total 33 [2024-09-25 10:17:49,214 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [128855924] [2024-09-25 10:17:49,214 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-09-25 10:17:49,215 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 33 states [2024-09-25 10:17:49,215 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:17:49,217 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2024-09-25 10:17:49,218 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=137, Invalid=919, Unknown=0, NotChecked=0, Total=1056 [2024-09-25 10:17:49,219 INFO L87 Difference]: Start difference. First operand 41 states and 44 transitions. Second operand has 33 states, 32 states have (on average 2.46875) internal successors, (79), 31 states have internal predecessors, (79), 5 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2024-09-25 10:17:54,352 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 4.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2024-09-25 10:17:59,914 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:17:59,914 INFO L93 Difference]: Finished difference Result 96 states and 110 transitions. [2024-09-25 10:17:59,915 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 37 states. [2024-09-25 10:17:59,915 INFO L78 Accepts]: Start accepts. Automaton has has 33 states, 32 states have (on average 2.46875) internal successors, (79), 31 states have internal predecessors, (79), 5 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 38 [2024-09-25 10:17:59,915 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:17:59,916 INFO L225 Difference]: With dead ends: 96 [2024-09-25 10:17:59,916 INFO L226 Difference]: Without dead ends: 57 [2024-09-25 10:17:59,918 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 123 GetRequests, 69 SyntacticMatches, 1 SemanticMatches, 53 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 745 ImplicationChecksByTransitivity, 6.6s TimeCoverageRelationStatistics Valid=481, Invalid=2489, Unknown=0, NotChecked=0, Total=2970 [2024-09-25 10:17:59,918 INFO L434 NwaCegarLoop]: 16 mSDtfsCounter, 92 mSDsluCounter, 171 mSDsCounter, 0 mSdLazyCounter, 585 mSolverCounterSat, 105 mSolverCounterUnsat, 1 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 4.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 93 SdHoareTripleChecker+Valid, 187 SdHoareTripleChecker+Invalid, 691 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 105 IncrementalHoareTripleChecker+Valid, 585 IncrementalHoareTripleChecker+Invalid, 1 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 4.9s IncrementalHoareTripleChecker+Time [2024-09-25 10:17:59,919 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [93 Valid, 187 Invalid, 691 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [105 Valid, 585 Invalid, 1 Unknown, 0 Unchecked, 4.9s Time] [2024-09-25 10:17:59,923 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2024-09-25 10:17:59,938 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 51. [2024-09-25 10:17:59,938 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 51 states, 41 states have (on average 1.0975609756097562) internal successors, (45), 42 states have internal predecessors, (45), 5 states have call successors, (5), 5 states have call predecessors, (5), 4 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2024-09-25 10:17:59,939 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 51 states to 51 states and 54 transitions. [2024-09-25 10:17:59,939 INFO L78 Accepts]: Start accepts. Automaton has 51 states and 54 transitions. Word has length 38 [2024-09-25 10:17:59,939 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:17:59,939 INFO L474 AbstractCegarLoop]: Abstraction has 51 states and 54 transitions. [2024-09-25 10:17:59,940 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 33 states, 32 states have (on average 2.46875) internal successors, (79), 31 states have internal predecessors, (79), 5 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2024-09-25 10:17:59,940 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:17:59,940 INFO L276 IsEmpty]: Start isEmpty. Operand 51 states and 54 transitions. [2024-09-25 10:17:59,941 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2024-09-25 10:17:59,941 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:17:59,941 INFO L216 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:17:59,955 INFO L552 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-09-25 10:18:00,143 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,4 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:18:00,144 INFO L399 AbstractCegarLoop]: === Iteration 6 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:18:00,144 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:18:00,144 INFO L85 PathProgramCache]: Analyzing trace with hash 1196273537, now seen corresponding path program 3 times [2024-09-25 10:18:00,145 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:18:00,145 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [336361842] [2024-09-25 10:18:00,145 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:18:00,145 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:18:00,182 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:00,381 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:18:00,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:00,384 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-09-25 10:18:00,386 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:00,387 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-09-25 10:18:00,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:00,389 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 4 proven. 17 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2024-09-25 10:18:00,389 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:18:00,389 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [336361842] [2024-09-25 10:18:00,390 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [336361842] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:18:00,390 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [953465514] [2024-09-25 10:18:00,390 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2024-09-25 10:18:00,390 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:18:00,390 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:18:00,392 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:18:00,393 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-09-25 10:18:00,542 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2024-09-25 10:18:00,543 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2024-09-25 10:18:00,545 INFO L262 TraceCheckSpWp]: Trace formula consists of 155 conjuncts, 38 conjuncts are in the unsatisfiable core [2024-09-25 10:18:00,547 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:18:00,840 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 17 [2024-09-25 10:18:00,894 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 39 treesize of output 38 [2024-09-25 10:18:01,397 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:18:01,397 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 44 treesize of output 46 [2024-09-25 10:18:01,413 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:18:01,414 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 46 treesize of output 48 [2024-09-25 10:18:01,428 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:18:01,429 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 38 treesize of output 40 [2024-09-25 10:18:01,504 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 0 proven. 12 refuted. 0 times theorem prover too weak. 23 trivial. 0 not checked. [2024-09-25 10:18:01,505 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:18:01,767 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [953465514] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:18:01,767 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-09-25 10:18:01,767 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 12] total 20 [2024-09-25 10:18:01,767 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1697736032] [2024-09-25 10:18:01,767 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-09-25 10:18:01,768 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2024-09-25 10:18:01,768 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:18:01,768 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2024-09-25 10:18:01,769 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=58, Invalid=362, Unknown=0, NotChecked=0, Total=420 [2024-09-25 10:18:01,769 INFO L87 Difference]: Start difference. First operand 51 states and 54 transitions. Second operand has 20 states, 19 states have (on average 3.0) internal successors, (57), 19 states have internal predecessors, (57), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2024-09-25 10:18:02,575 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:18:02,575 INFO L93 Difference]: Finished difference Result 118 states and 127 transitions. [2024-09-25 10:18:02,575 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-09-25 10:18:02,576 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 19 states have (on average 3.0) internal successors, (57), 19 states have internal predecessors, (57), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 48 [2024-09-25 10:18:02,576 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:18:02,577 INFO L225 Difference]: With dead ends: 118 [2024-09-25 10:18:02,577 INFO L226 Difference]: Without dead ends: 91 [2024-09-25 10:18:02,578 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 87 GetRequests, 46 SyntacticMatches, 5 SemanticMatches, 36 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 310 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=243, Invalid=1163, Unknown=0, NotChecked=0, Total=1406 [2024-09-25 10:18:02,579 INFO L434 NwaCegarLoop]: 16 mSDtfsCounter, 90 mSDsluCounter, 171 mSDsCounter, 0 mSdLazyCounter, 429 mSolverCounterSat, 91 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 90 SdHoareTripleChecker+Valid, 187 SdHoareTripleChecker+Invalid, 520 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 91 IncrementalHoareTripleChecker+Valid, 429 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-09-25 10:18:02,583 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [90 Valid, 187 Invalid, 520 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [91 Valid, 429 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-09-25 10:18:02,584 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2024-09-25 10:18:02,600 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 55. [2024-09-25 10:18:02,601 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 55 states, 45 states have (on average 1.0888888888888888) internal successors, (49), 46 states have internal predecessors, (49), 5 states have call successors, (5), 5 states have call predecessors, (5), 4 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2024-09-25 10:18:02,601 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 55 states to 55 states and 58 transitions. [2024-09-25 10:18:02,601 INFO L78 Accepts]: Start accepts. Automaton has 55 states and 58 transitions. Word has length 48 [2024-09-25 10:18:02,602 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:18:02,602 INFO L474 AbstractCegarLoop]: Abstraction has 55 states and 58 transitions. [2024-09-25 10:18:02,602 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 19 states have (on average 3.0) internal successors, (57), 19 states have internal predecessors, (57), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2024-09-25 10:18:02,602 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:18:02,602 INFO L276 IsEmpty]: Start isEmpty. Operand 55 states and 58 transitions. [2024-09-25 10:18:02,603 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-09-25 10:18:02,603 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:18:02,603 INFO L216 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:18:02,617 INFO L552 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2024-09-25 10:18:02,804 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5,5 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:18:02,804 INFO L399 AbstractCegarLoop]: === Iteration 7 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:18:02,804 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:18:02,805 INFO L85 PathProgramCache]: Analyzing trace with hash 1482814844, now seen corresponding path program 4 times [2024-09-25 10:18:02,805 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:18:02,805 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [55055163] [2024-09-25 10:18:02,805 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:18:02,805 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:18:02,917 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:05,303 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:18:05,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:05,306 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-09-25 10:18:05,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:05,314 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-09-25 10:18:05,316 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:05,321 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 4 proven. 37 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2024-09-25 10:18:05,321 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:18:05,321 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [55055163] [2024-09-25 10:18:05,322 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [55055163] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:18:05,322 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1444528403] [2024-09-25 10:18:05,322 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2024-09-25 10:18:05,322 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:18:05,322 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:18:05,324 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:18:05,326 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2024-09-25 10:18:05,426 INFO L228 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2024-09-25 10:18:05,426 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2024-09-25 10:18:05,428 INFO L262 TraceCheckSpWp]: Trace formula consists of 240 conjuncts, 47 conjuncts are in the unsatisfiable core [2024-09-25 10:18:05,432 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:18:05,600 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 23 [2024-09-25 10:18:12,018 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 33 treesize of output 21 [2024-09-25 10:18:12,021 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 15 [2024-09-25 10:18:12,023 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 9 [2024-09-25 10:18:12,086 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 0 proven. 43 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-09-25 10:18:12,087 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:18:24,449 INFO L349 Elim1Store]: treesize reduction 5, result has 50.0 percent of original size [2024-09-25 10:18:24,450 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 89 treesize of output 67 [2024-09-25 10:18:24,464 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:18:24,464 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 46 treesize of output 25 [2024-09-25 10:18:24,468 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 44 treesize of output 40 [2024-09-25 10:18:24,478 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:18:24,478 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 2 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 40 treesize of output 87 [2024-09-25 10:18:24,588 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 4 proven. 13 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2024-09-25 10:18:24,589 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1444528403] provided 0 perfect and 2 imperfect interpolant sequences [2024-09-25 10:18:24,589 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-09-25 10:18:24,589 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [21, 18, 12] total 42 [2024-09-25 10:18:24,589 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1153262526] [2024-09-25 10:18:24,589 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-09-25 10:18:24,590 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 42 states [2024-09-25 10:18:24,590 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:18:24,591 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 42 interpolants. [2024-09-25 10:18:24,593 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=176, Invalid=1543, Unknown=3, NotChecked=0, Total=1722 [2024-09-25 10:18:24,593 INFO L87 Difference]: Start difference. First operand 55 states and 58 transitions. Second operand has 42 states, 41 states have (on average 2.317073170731707) internal successors, (95), 40 states have internal predecessors, (95), 8 states have call successors, (10), 4 states have call predecessors, (10), 3 states have return successors, (7), 7 states have call predecessors, (7), 7 states have call successors, (7) [2024-09-25 10:18:34,136 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 4.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2024-09-25 10:18:35,756 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 1.26s for a HTC check with result VALID. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2024-09-25 10:18:36,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:18:36,054 INFO L93 Difference]: Finished difference Result 123 states and 137 transitions. [2024-09-25 10:18:36,056 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-09-25 10:18:36,056 INFO L78 Accepts]: Start accepts. Automaton has has 42 states, 41 states have (on average 2.317073170731707) internal successors, (95), 40 states have internal predecessors, (95), 8 states have call successors, (10), 4 states have call predecessors, (10), 3 states have return successors, (7), 7 states have call predecessors, (7), 7 states have call successors, (7) Word has length 52 [2024-09-25 10:18:36,057 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:18:36,057 INFO L225 Difference]: With dead ends: 123 [2024-09-25 10:18:36,058 INFO L226 Difference]: Without dead ends: 121 [2024-09-25 10:18:36,059 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 157 GetRequests, 91 SyntacticMatches, 3 SemanticMatches, 63 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1098 ImplicationChecksByTransitivity, 24.4s TimeCoverageRelationStatistics Valid=523, Invalid=3633, Unknown=4, NotChecked=0, Total=4160 [2024-09-25 10:18:36,062 INFO L434 NwaCegarLoop]: 15 mSDtfsCounter, 149 mSDsluCounter, 223 mSDsCounter, 0 mSdLazyCounter, 837 mSolverCounterSat, 120 mSolverCounterUnsat, 1 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 6.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 238 SdHoareTripleChecker+Invalid, 958 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 120 IncrementalHoareTripleChecker+Valid, 837 IncrementalHoareTripleChecker+Invalid, 1 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 6.1s IncrementalHoareTripleChecker+Time [2024-09-25 10:18:36,062 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 238 Invalid, 958 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [120 Valid, 837 Invalid, 1 Unknown, 0 Unchecked, 6.1s Time] [2024-09-25 10:18:36,063 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 121 states. [2024-09-25 10:18:36,098 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 121 to 62. [2024-09-25 10:18:36,098 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 50 states have (on average 1.08) internal successors, (54), 51 states have internal predecessors, (54), 6 states have call successors, (6), 6 states have call predecessors, (6), 5 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2024-09-25 10:18:36,099 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 65 transitions. [2024-09-25 10:18:36,099 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 65 transitions. Word has length 52 [2024-09-25 10:18:36,100 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:18:36,100 INFO L474 AbstractCegarLoop]: Abstraction has 62 states and 65 transitions. [2024-09-25 10:18:36,101 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 42 states, 41 states have (on average 2.317073170731707) internal successors, (95), 40 states have internal predecessors, (95), 8 states have call successors, (10), 4 states have call predecessors, (10), 3 states have return successors, (7), 7 states have call predecessors, (7), 7 states have call successors, (7) [2024-09-25 10:18:36,101 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:18:36,102 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 65 transitions. [2024-09-25 10:18:36,103 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-09-25 10:18:36,104 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:18:36,104 INFO L216 NwaCegarLoop]: trace histogram [4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:18:36,120 INFO L540 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2024-09-25 10:18:36,305 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable6 [2024-09-25 10:18:36,305 INFO L399 AbstractCegarLoop]: === Iteration 8 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:18:36,305 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:18:36,305 INFO L85 PathProgramCache]: Analyzing trace with hash -1121119528, now seen corresponding path program 5 times [2024-09-25 10:18:36,306 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:18:36,306 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [134324127] [2024-09-25 10:18:36,306 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:18:36,306 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:18:36,348 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:36,609 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:18:36,611 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:36,612 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-09-25 10:18:36,614 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:36,616 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-09-25 10:18:36,618 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:36,622 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-09-25 10:18:36,624 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:18:36,626 INFO L134 CoverageAnalysis]: Checked inductivity of 63 backedges. 9 proven. 24 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2024-09-25 10:18:36,628 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:18:36,628 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [134324127] [2024-09-25 10:18:36,628 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [134324127] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:18:36,629 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1652739829] [2024-09-25 10:18:36,629 INFO L93 rtionOrderModulation]: Changing assertion order to INSIDE_LOOP_FIRST1 [2024-09-25 10:18:36,629 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:18:36,629 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:18:36,631 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:18:36,632 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2024-09-25 10:20:09,763 INFO L228 tOrderPrioritization]: Assert order INSIDE_LOOP_FIRST1 issued 4 check-sat command(s) [2024-09-25 10:20:09,764 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2024-09-25 10:20:09,768 INFO L262 TraceCheckSpWp]: Trace formula consists of 258 conjuncts, 18 conjuncts are in the unsatisfiable core [2024-09-25 10:20:09,770 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:20:09,908 INFO L134 CoverageAnalysis]: Checked inductivity of 63 backedges. 9 proven. 24 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2024-09-25 10:20:09,909 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:20:10,145 INFO L134 CoverageAnalysis]: Checked inductivity of 63 backedges. 9 proven. 24 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2024-09-25 10:20:10,146 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1652739829] provided 0 perfect and 2 imperfect interpolant sequences [2024-09-25 10:20:10,146 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-09-25 10:20:10,147 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 11, 11] total 19 [2024-09-25 10:20:10,148 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [354399536] [2024-09-25 10:20:10,149 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-09-25 10:20:10,149 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2024-09-25 10:20:10,149 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:20:10,150 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2024-09-25 10:20:10,150 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=73, Invalid=269, Unknown=0, NotChecked=0, Total=342 [2024-09-25 10:20:10,150 INFO L87 Difference]: Start difference. First operand 62 states and 65 transitions. Second operand has 19 states, 19 states have (on average 2.8947368421052633) internal successors, (55), 19 states have internal predecessors, (55), 8 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 7 states have call predecessors, (7), 7 states have call successors, (7) [2024-09-25 10:20:10,504 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:20:10,505 INFO L93 Difference]: Finished difference Result 142 states and 156 transitions. [2024-09-25 10:20:10,505 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-09-25 10:20:10,505 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 19 states have (on average 2.8947368421052633) internal successors, (55), 19 states have internal predecessors, (55), 8 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 7 states have call predecessors, (7), 7 states have call successors, (7) Word has length 59 [2024-09-25 10:20:10,505 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:20:10,506 INFO L225 Difference]: With dead ends: 142 [2024-09-25 10:20:10,506 INFO L226 Difference]: Without dead ends: 77 [2024-09-25 10:20:10,508 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 136 GetRequests, 115 SyntacticMatches, 4 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 71 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=73, Invalid=269, Unknown=0, NotChecked=0, Total=342 [2024-09-25 10:20:10,508 INFO L434 NwaCegarLoop]: 21 mSDtfsCounter, 59 mSDsluCounter, 133 mSDsCounter, 0 mSdLazyCounter, 473 mSolverCounterSat, 72 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 63 SdHoareTripleChecker+Valid, 154 SdHoareTripleChecker+Invalid, 545 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 72 IncrementalHoareTripleChecker+Valid, 473 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-09-25 10:20:10,508 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [63 Valid, 154 Invalid, 545 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [72 Valid, 473 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-09-25 10:20:10,509 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 77 states. [2024-09-25 10:20:10,535 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 77 to 69. [2024-09-25 10:20:10,535 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 57 states have (on average 1.0701754385964912) internal successors, (61), 58 states have internal predecessors, (61), 6 states have call successors, (6), 6 states have call predecessors, (6), 5 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2024-09-25 10:20:10,536 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 72 transitions. [2024-09-25 10:20:10,536 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 72 transitions. Word has length 59 [2024-09-25 10:20:10,536 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:20:10,536 INFO L474 AbstractCegarLoop]: Abstraction has 69 states and 72 transitions. [2024-09-25 10:20:10,537 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 19 states have (on average 2.8947368421052633) internal successors, (55), 19 states have internal predecessors, (55), 8 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 7 states have call predecessors, (7), 7 states have call successors, (7) [2024-09-25 10:20:10,537 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:20:10,537 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 72 transitions. [2024-09-25 10:20:10,538 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-09-25 10:20:10,538 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:20:10,538 INFO L216 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:20:10,555 INFO L540 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2024-09-25 10:20:10,739 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,7 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:20:10,739 INFO L399 AbstractCegarLoop]: === Iteration 9 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:20:10,739 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:20:10,740 INFO L85 PathProgramCache]: Analyzing trace with hash 1279452236, now seen corresponding path program 6 times [2024-09-25 10:20:10,740 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:20:10,740 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1460250682] [2024-09-25 10:20:10,740 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:20:10,740 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:20:10,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:13,550 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:20:13,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:13,552 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-09-25 10:20:13,553 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:13,557 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-09-25 10:20:13,558 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:13,562 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2024-09-25 10:20:13,563 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:13,568 INFO L134 CoverageAnalysis]: Checked inductivity of 87 backedges. 6 proven. 69 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2024-09-25 10:20:13,568 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:20:13,568 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1460250682] [2024-09-25 10:20:13,568 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1460250682] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:20:13,568 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1072776687] [2024-09-25 10:20:13,568 INFO L93 rtionOrderModulation]: Changing assertion order to MIX_INSIDE_OUTSIDE [2024-09-25 10:20:13,569 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:20:13,569 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:20:13,570 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:20:13,575 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2024-09-25 10:20:15,358 INFO L228 tOrderPrioritization]: Assert order MIX_INSIDE_OUTSIDE issued 5 check-sat command(s) [2024-09-25 10:20:15,358 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2024-09-25 10:20:15,360 INFO L262 TraceCheckSpWp]: Trace formula consists of 295 conjuncts, 41 conjuncts are in the unsatisfiable core [2024-09-25 10:20:15,363 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:20:15,617 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 17 [2024-09-25 10:20:16,162 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 25 treesize of output 17 [2024-09-25 10:20:16,164 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 13 [2024-09-25 10:20:16,166 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 9 [2024-09-25 10:20:16,206 INFO L134 CoverageAnalysis]: Checked inductivity of 87 backedges. 0 proven. 31 refuted. 0 times theorem prover too weak. 56 trivial. 0 not checked. [2024-09-25 10:20:16,206 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:20:16,693 INFO L349 Elim1Store]: treesize reduction 5, result has 50.0 percent of original size [2024-09-25 10:20:16,694 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 89 treesize of output 67 [2024-09-25 10:20:16,706 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:20:16,706 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 46 treesize of output 25 [2024-09-25 10:20:16,712 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 44 treesize of output 40 [2024-09-25 10:20:16,724 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:20:16,724 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 2 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 40 treesize of output 87 [2024-09-25 10:20:16,738 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 62 treesize of output 12 [2024-09-25 10:20:16,926 INFO L134 CoverageAnalysis]: Checked inductivity of 87 backedges. 6 proven. 25 refuted. 0 times theorem prover too weak. 56 trivial. 0 not checked. [2024-09-25 10:20:16,927 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1072776687] provided 0 perfect and 2 imperfect interpolant sequences [2024-09-25 10:20:16,927 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-09-25 10:20:16,927 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 16, 14] total 36 [2024-09-25 10:20:16,927 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1724250717] [2024-09-25 10:20:16,927 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-09-25 10:20:16,927 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 36 states [2024-09-25 10:20:16,927 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:20:16,928 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 36 interpolants. [2024-09-25 10:20:16,928 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=161, Invalid=1099, Unknown=0, NotChecked=0, Total=1260 [2024-09-25 10:20:16,929 INFO L87 Difference]: Start difference. First operand 69 states and 72 transitions. Second operand has 36 states, 35 states have (on average 2.8) internal successors, (98), 34 states have internal predecessors, (98), 11 states have call successors, (13), 4 states have call predecessors, (13), 2 states have return successors, (10), 10 states have call predecessors, (10), 10 states have call successors, (10) [2024-09-25 10:20:17,740 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:20:17,740 INFO L93 Difference]: Finished difference Result 84 states and 87 transitions. [2024-09-25 10:20:17,741 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-09-25 10:20:17,741 INFO L78 Accepts]: Start accepts. Automaton has has 36 states, 35 states have (on average 2.8) internal successors, (98), 34 states have internal predecessors, (98), 11 states have call successors, (13), 4 states have call predecessors, (13), 2 states have return successors, (10), 10 states have call predecessors, (10), 10 states have call successors, (10) Word has length 66 [2024-09-25 10:20:17,741 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:20:17,742 INFO L225 Difference]: With dead ends: 84 [2024-09-25 10:20:17,742 INFO L226 Difference]: Without dead ends: 82 [2024-09-25 10:20:17,743 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 174 GetRequests, 125 SyntacticMatches, 11 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 595 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=200, Invalid=1360, Unknown=0, NotChecked=0, Total=1560 [2024-09-25 10:20:17,744 INFO L434 NwaCegarLoop]: 18 mSDtfsCounter, 25 mSDsluCounter, 204 mSDsCounter, 0 mSdLazyCounter, 909 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 26 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 923 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 909 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-09-25 10:20:17,744 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [26 Valid, 222 Invalid, 923 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 909 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-09-25 10:20:17,744 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2024-09-25 10:20:17,773 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 76. [2024-09-25 10:20:17,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 62 states have (on average 1.064516129032258) internal successors, (66), 63 states have internal predecessors, (66), 7 states have call successors, (7), 7 states have call predecessors, (7), 6 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2024-09-25 10:20:17,774 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 79 transitions. [2024-09-25 10:20:17,774 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 79 transitions. Word has length 66 [2024-09-25 10:20:17,774 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:20:17,774 INFO L474 AbstractCegarLoop]: Abstraction has 76 states and 79 transitions. [2024-09-25 10:20:17,774 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 36 states, 35 states have (on average 2.8) internal successors, (98), 34 states have internal predecessors, (98), 11 states have call successors, (13), 4 states have call predecessors, (13), 2 states have return successors, (10), 10 states have call predecessors, (10), 10 states have call successors, (10) [2024-09-25 10:20:17,775 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:20:17,775 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 79 transitions. [2024-09-25 10:20:17,776 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2024-09-25 10:20:17,776 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:20:17,776 INFO L216 NwaCegarLoop]: trace histogram [5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:20:17,791 INFO L540 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Forceful destruction successful, exit code 0 [2024-09-25 10:20:17,977 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,8 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:20:17,977 INFO L399 AbstractCegarLoop]: === Iteration 10 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:20:17,977 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:20:17,977 INFO L85 PathProgramCache]: Analyzing trace with hash 1811470856, now seen corresponding path program 7 times [2024-09-25 10:20:17,978 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:20:17,978 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1086418098] [2024-09-25 10:20:17,978 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:20:17,978 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:20:18,028 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:18,546 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:20:18,547 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:18,548 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-09-25 10:20:18,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:18,552 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-09-25 10:20:18,553 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:18,555 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2024-09-25 10:20:18,556 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:18,557 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-09-25 10:20:18,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:18,561 INFO L134 CoverageAnalysis]: Checked inductivity of 112 backedges. 12 proven. 54 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2024-09-25 10:20:18,562 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:20:18,562 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1086418098] [2024-09-25 10:20:18,562 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1086418098] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:20:18,562 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [672994145] [2024-09-25 10:20:18,562 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2024-09-25 10:20:18,563 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:20:18,563 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:20:18,565 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:20:18,568 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Waiting until timeout for monitored process [2024-09-25 10:20:18,674 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:18,677 INFO L262 TraceCheckSpWp]: Trace formula consists of 313 conjuncts, 22 conjuncts are in the unsatisfiable core [2024-09-25 10:20:18,680 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:20:19,035 INFO L134 CoverageAnalysis]: Checked inductivity of 112 backedges. 12 proven. 44 refuted. 0 times theorem prover too weak. 56 trivial. 0 not checked. [2024-09-25 10:20:19,035 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:20:19,466 INFO L134 CoverageAnalysis]: Checked inductivity of 112 backedges. 12 proven. 44 refuted. 0 times theorem prover too weak. 56 trivial. 0 not checked. [2024-09-25 10:20:19,467 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [672994145] provided 0 perfect and 2 imperfect interpolant sequences [2024-09-25 10:20:19,467 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-09-25 10:20:19,467 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 13, 13] total 32 [2024-09-25 10:20:19,467 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [720910827] [2024-09-25 10:20:19,467 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-09-25 10:20:19,467 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 32 states [2024-09-25 10:20:19,467 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:20:19,468 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 32 interpolants. [2024-09-25 10:20:19,468 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=164, Invalid=828, Unknown=0, NotChecked=0, Total=992 [2024-09-25 10:20:19,468 INFO L87 Difference]: Start difference. First operand 76 states and 79 transitions. Second operand has 32 states, 32 states have (on average 2.78125) internal successors, (89), 32 states have internal predecessors, (89), 13 states have call successors, (14), 2 states have call predecessors, (14), 1 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-09-25 10:20:20,073 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:20:20,073 INFO L93 Difference]: Finished difference Result 171 states and 186 transitions. [2024-09-25 10:20:20,074 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-09-25 10:20:20,074 INFO L78 Accepts]: Start accepts. Automaton has has 32 states, 32 states have (on average 2.78125) internal successors, (89), 32 states have internal predecessors, (89), 13 states have call successors, (14), 2 states have call predecessors, (14), 1 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) Word has length 73 [2024-09-25 10:20:20,074 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:20:20,075 INFO L225 Difference]: With dead ends: 171 [2024-09-25 10:20:20,075 INFO L226 Difference]: Without dead ends: 91 [2024-09-25 10:20:20,075 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 172 GetRequests, 137 SyntacticMatches, 5 SemanticMatches, 30 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 245 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=164, Invalid=828, Unknown=0, NotChecked=0, Total=992 [2024-09-25 10:20:20,076 INFO L434 NwaCegarLoop]: 23 mSDtfsCounter, 92 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 928 mSolverCounterSat, 121 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 97 SdHoareTripleChecker+Valid, 219 SdHoareTripleChecker+Invalid, 1049 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 121 IncrementalHoareTripleChecker+Valid, 928 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-09-25 10:20:20,076 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [97 Valid, 219 Invalid, 1049 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [121 Valid, 928 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-09-25 10:20:20,077 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2024-09-25 10:20:20,110 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 83. [2024-09-25 10:20:20,110 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 83 states, 69 states have (on average 1.0579710144927537) internal successors, (73), 70 states have internal predecessors, (73), 7 states have call successors, (7), 7 states have call predecessors, (7), 6 states have return successors, (6), 5 states have call predecessors, (6), 6 states have call successors, (6) [2024-09-25 10:20:20,111 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 86 transitions. [2024-09-25 10:20:20,111 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 86 transitions. Word has length 73 [2024-09-25 10:20:20,111 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:20:20,111 INFO L474 AbstractCegarLoop]: Abstraction has 83 states and 86 transitions. [2024-09-25 10:20:20,111 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 32 states, 32 states have (on average 2.78125) internal successors, (89), 32 states have internal predecessors, (89), 13 states have call successors, (14), 2 states have call predecessors, (14), 1 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-09-25 10:20:20,112 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:20:20,112 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 86 transitions. [2024-09-25 10:20:20,112 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 81 [2024-09-25 10:20:20,113 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:20:20,113 INFO L216 NwaCegarLoop]: trace histogram [5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:20:20,132 INFO L540 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Forceful destruction successful, exit code 0 [2024-09-25 10:20:20,313 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,9 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:20:20,313 INFO L399 AbstractCegarLoop]: === Iteration 11 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:20:20,314 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:20:20,314 INFO L85 PathProgramCache]: Analyzing trace with hash -1570893764, now seen corresponding path program 8 times [2024-09-25 10:20:20,314 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:20:20,314 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1298885457] [2024-09-25 10:20:20,314 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:20:20,314 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:20:20,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:23,193 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:20:23,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:23,195 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-09-25 10:20:23,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:23,200 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2024-09-25 10:20:23,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:23,205 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-09-25 10:20:23,206 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:23,210 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2024-09-25 10:20:23,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:23,216 INFO L134 CoverageAnalysis]: Checked inductivity of 143 backedges. 8 proven. 111 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2024-09-25 10:20:23,216 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:20:23,216 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1298885457] [2024-09-25 10:20:23,217 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1298885457] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:20:23,217 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2120066273] [2024-09-25 10:20:23,217 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2024-09-25 10:20:23,217 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:20:23,217 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:20:23,219 INFO L229 MonitoredProcess]: Starting monitored process 10 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:20:23,221 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Waiting until timeout for monitored process [2024-09-25 10:20:23,351 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2024-09-25 10:20:23,351 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2024-09-25 10:20:23,354 INFO L262 TraceCheckSpWp]: Trace formula consists of 350 conjuncts, 63 conjuncts are in the unsatisfiable core [2024-09-25 10:20:23,357 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:20:23,590 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 23 [2024-09-25 10:20:33,188 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 33 treesize of output 21 [2024-09-25 10:20:33,190 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 27 treesize of output 15 [2024-09-25 10:20:33,192 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 9 [2024-09-25 10:20:33,236 INFO L134 CoverageAnalysis]: Checked inductivity of 143 backedges. 0 proven. 126 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2024-09-25 10:20:33,236 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:20:33,851 INFO L349 Elim1Store]: treesize reduction 5, result has 50.0 percent of original size [2024-09-25 10:20:33,851 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 89 treesize of output 67 [2024-09-25 10:20:33,861 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:20:33,862 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 46 treesize of output 25 [2024-09-25 10:20:33,867 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 44 treesize of output 40 [2024-09-25 10:20:33,878 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:20:33,878 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 2 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 40 treesize of output 87 [2024-09-25 10:20:34,071 INFO L134 CoverageAnalysis]: Checked inductivity of 143 backedges. 8 proven. 41 refuted. 0 times theorem prover too weak. 94 trivial. 0 not checked. [2024-09-25 10:20:34,071 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2120066273] provided 0 perfect and 2 imperfect interpolant sequences [2024-09-25 10:20:34,071 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-09-25 10:20:34,071 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [20, 20, 16] total 48 [2024-09-25 10:20:34,071 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [214940560] [2024-09-25 10:20:34,072 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-09-25 10:20:34,072 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 48 states [2024-09-25 10:20:34,072 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:20:34,073 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 48 interpolants. [2024-09-25 10:20:34,074 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=226, Invalid=2030, Unknown=0, NotChecked=0, Total=2256 [2024-09-25 10:20:34,074 INFO L87 Difference]: Start difference. First operand 83 states and 86 transitions. Second operand has 48 states, 47 states have (on average 3.0851063829787235) internal successors, (145), 46 states have internal predecessors, (145), 14 states have call successors, (16), 4 states have call predecessors, (16), 3 states have return successors, (13), 13 states have call predecessors, (13), 13 states have call successors, (13) [2024-09-25 10:20:40,695 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:20:40,695 INFO L93 Difference]: Finished difference Result 97 states and 100 transitions. [2024-09-25 10:20:40,695 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2024-09-25 10:20:40,696 INFO L78 Accepts]: Start accepts. Automaton has has 48 states, 47 states have (on average 3.0851063829787235) internal successors, (145), 46 states have internal predecessors, (145), 14 states have call successors, (16), 4 states have call predecessors, (16), 3 states have return successors, (13), 13 states have call predecessors, (13), 13 states have call successors, (13) Word has length 80 [2024-09-25 10:20:40,696 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:20:40,697 INFO L225 Difference]: With dead ends: 97 [2024-09-25 10:20:40,697 INFO L226 Difference]: Without dead ends: 95 [2024-09-25 10:20:40,698 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 216 GetRequests, 149 SyntacticMatches, 7 SemanticMatches, 60 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1211 ImplicationChecksByTransitivity, 15.8s TimeCoverageRelationStatistics Valid=395, Invalid=3386, Unknown=1, NotChecked=0, Total=3782 [2024-09-25 10:20:40,698 INFO L434 NwaCegarLoop]: 17 mSDtfsCounter, 40 mSDsluCounter, 269 mSDsCounter, 0 mSdLazyCounter, 1513 mSolverCounterSat, 31 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 41 SdHoareTripleChecker+Valid, 286 SdHoareTripleChecker+Invalid, 1544 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 31 IncrementalHoareTripleChecker+Valid, 1513 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2024-09-25 10:20:40,698 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [41 Valid, 286 Invalid, 1544 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [31 Valid, 1513 Invalid, 0 Unknown, 0 Unchecked, 1.1s Time] [2024-09-25 10:20:40,699 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2024-09-25 10:20:40,736 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 90. [2024-09-25 10:20:40,736 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 74 states have (on average 1.054054054054054) internal successors, (78), 75 states have internal predecessors, (78), 8 states have call successors, (8), 8 states have call predecessors, (8), 7 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-09-25 10:20:40,737 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 93 transitions. [2024-09-25 10:20:40,737 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 93 transitions. Word has length 80 [2024-09-25 10:20:40,739 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:20:40,739 INFO L474 AbstractCegarLoop]: Abstraction has 90 states and 93 transitions. [2024-09-25 10:20:40,739 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 48 states, 47 states have (on average 3.0851063829787235) internal successors, (145), 46 states have internal predecessors, (145), 14 states have call successors, (16), 4 states have call predecessors, (16), 3 states have return successors, (13), 13 states have call predecessors, (13), 13 states have call successors, (13) [2024-09-25 10:20:40,739 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:20:40,740 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 93 transitions. [2024-09-25 10:20:40,741 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2024-09-25 10:20:40,741 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:20:40,741 INFO L216 NwaCegarLoop]: trace histogram [6, 6, 6, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:20:40,760 INFO L552 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Ended with exit code 0 [2024-09-25 10:20:40,945 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-09-25 10:20:40,946 INFO L399 AbstractCegarLoop]: === Iteration 12 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:20:40,946 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:20:40,946 INFO L85 PathProgramCache]: Analyzing trace with hash 1193369624, now seen corresponding path program 9 times [2024-09-25 10:20:40,946 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:20:40,946 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1301386972] [2024-09-25 10:20:40,946 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:20:40,947 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:20:41,000 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:41,642 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 0 [2024-09-25 10:20:41,642 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:41,643 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-09-25 10:20:41,644 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:41,647 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2024-09-25 10:20:41,648 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:41,649 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-09-25 10:20:41,650 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:41,653 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2024-09-25 10:20:41,654 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:41,657 INFO L381 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2024-09-25 10:20:41,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-09-25 10:20:41,662 INFO L134 CoverageAnalysis]: Checked inductivity of 175 backedges. 15 proven. 83 refuted. 0 times theorem prover too weak. 77 trivial. 0 not checked. [2024-09-25 10:20:41,662 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-09-25 10:20:41,662 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1301386972] [2024-09-25 10:20:41,662 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1301386972] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:20:41,662 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1870059155] [2024-09-25 10:20:41,663 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2024-09-25 10:20:41,663 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-09-25 10:20:41,663 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/certificate-witnesses-artifact/automizer/z3 [2024-09-25 10:20:41,665 INFO L229 MonitoredProcess]: Starting monitored process 11 with /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-09-25 10:20:41,666 INFO L327 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Waiting until timeout for monitored process [2024-09-25 10:20:44,457 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2024-09-25 10:20:44,458 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2024-09-25 10:20:44,461 INFO L262 TraceCheckSpWp]: Trace formula consists of 272 conjuncts, 106 conjuncts are in the unsatisfiable core [2024-09-25 10:20:44,466 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2024-09-25 10:20:44,617 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 52 treesize of output 39 [2024-09-25 10:20:44,621 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 1 [2024-09-25 10:20:44,817 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 52 treesize of output 39 [2024-09-25 10:20:44,822 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 20 treesize of output 1 [2024-09-25 10:20:45,032 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 21 treesize of output 17 [2024-09-25 10:20:45,110 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 39 treesize of output 38 [2024-09-25 10:20:45,185 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:20:45,185 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 2 select indices, 2 select index equivalence classes, 3 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 56 treesize of output 58 [2024-09-25 10:20:45,257 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:20:45,258 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 3 select indices, 3 select index equivalence classes, 6 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 73 treesize of output 78 [2024-09-25 10:20:45,339 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-09-25 10:20:45,340 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 4 select indices, 4 select index equivalence classes, 10 disjoint index pairs (out of 6 index pairs), introduced 4 new quantified variables, introduced 6 case distinctions, treesize of input 90 treesize of output 98 [2024-09-25 10:20:47,730 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-09-25 10:20:47,734 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-09-25 10:20:47,810 INFO L349 Elim1Store]: treesize reduction 48, result has 61.6 percent of original size [2024-09-25 10:20:47,810 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 11 select indices, 11 select index equivalence classes, 12 disjoint index pairs (out of 55 index pairs), introduced 11 new quantified variables, introduced 55 case distinctions, treesize of input 184 treesize of output 210 [2024-09-25 10:20:47,830 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-09-25 10:20:47,834 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-09-25 10:20:47,927 INFO L349 Elim1Store]: treesize reduction 48, result has 61.6 percent of original size [2024-09-25 10:20:47,928 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 11 select indices, 11 select index equivalence classes, 12 disjoint index pairs (out of 55 index pairs), introduced 11 new quantified variables, introduced 55 case distinctions, treesize of input 220 treesize of output 234 [2024-09-25 10:20:47,942 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-09-25 10:20:47,945 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-09-25 10:20:48,034 INFO L349 Elim1Store]: treesize reduction 48, result has 61.6 percent of original size [2024-09-25 10:20:48,034 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 11 select indices, 11 select index equivalence classes, 12 disjoint index pairs (out of 55 index pairs), introduced 11 new quantified variables, introduced 55 case distinctions, treesize of input 168 treesize of output 182 [2024-09-25 10:20:48,362 INFO L134 CoverageAnalysis]: Checked inductivity of 175 backedges. 62 proven. 46 refuted. 0 times theorem prover too weak. 67 trivial. 0 not checked. [2024-09-25 10:20:48,362 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2024-09-25 10:20:55,105 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1870059155] provided 0 perfect and 1 imperfect interpolant sequences [2024-09-25 10:20:55,106 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-09-25 10:20:55,106 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 27] total 41 [2024-09-25 10:20:55,106 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [987441885] [2024-09-25 10:20:55,106 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-09-25 10:20:55,106 INFO L551 AbstractCegarLoop]: INTERPOLANT automaton has 41 states [2024-09-25 10:20:55,106 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-09-25 10:20:55,107 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 41 interpolants. [2024-09-25 10:20:55,108 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=237, Invalid=2212, Unknown=1, NotChecked=0, Total=2450 [2024-09-25 10:20:55,108 INFO L87 Difference]: Start difference. First operand 90 states and 93 transitions. Second operand has 41 states, 39 states have (on average 2.358974358974359) internal successors, (92), 39 states have internal predecessors, (92), 11 states have call successors, (12), 4 states have call predecessors, (12), 3 states have return successors, (9), 9 states have call predecessors, (9), 9 states have call successors, (9) [2024-09-25 10:21:05,334 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-09-25 10:21:05,334 INFO L93 Difference]: Finished difference Result 269 states and 282 transitions. [2024-09-25 10:21:05,334 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 76 states. [2024-09-25 10:21:05,335 INFO L78 Accepts]: Start accepts. Automaton has has 41 states, 39 states have (on average 2.358974358974359) internal successors, (92), 39 states have internal predecessors, (92), 11 states have call successors, (12), 4 states have call predecessors, (12), 3 states have return successors, (9), 9 states have call predecessors, (9), 9 states have call successors, (9) Word has length 87 [2024-09-25 10:21:05,335 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-09-25 10:21:05,336 INFO L225 Difference]: With dead ends: 269 [2024-09-25 10:21:05,336 INFO L226 Difference]: Without dead ends: 154 [2024-09-25 10:21:05,338 INFO L433 NwaCegarLoop]: 0 DeclaredPredicates, 198 GetRequests, 81 SyntacticMatches, 9 SemanticMatches, 108 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3172 ImplicationChecksByTransitivity, 14.8s TimeCoverageRelationStatistics Valid=1301, Invalid=10688, Unknown=1, NotChecked=0, Total=11990 [2024-09-25 10:21:05,339 INFO L434 NwaCegarLoop]: 16 mSDtfsCounter, 176 mSDsluCounter, 308 mSDsCounter, 0 mSdLazyCounter, 1759 mSolverCounterSat, 222 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 177 SdHoareTripleChecker+Valid, 324 SdHoareTripleChecker+Invalid, 1981 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 222 IncrementalHoareTripleChecker+Valid, 1759 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.7s IncrementalHoareTripleChecker+Time [2024-09-25 10:21:05,339 INFO L435 NwaCegarLoop]: SdHoareTripleChecker [177 Valid, 324 Invalid, 1981 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [222 Valid, 1759 Invalid, 0 Unknown, 0 Unchecked, 2.7s Time] [2024-09-25 10:21:05,340 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2024-09-25 10:21:05,384 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 97. [2024-09-25 10:21:05,385 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 81 states have (on average 1.0493827160493827) internal successors, (85), 82 states have internal predecessors, (85), 8 states have call successors, (8), 8 states have call predecessors, (8), 7 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-09-25 10:21:05,385 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 100 transitions. [2024-09-25 10:21:05,386 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 100 transitions. Word has length 87 [2024-09-25 10:21:05,386 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-09-25 10:21:05,386 INFO L474 AbstractCegarLoop]: Abstraction has 97 states and 100 transitions. [2024-09-25 10:21:05,387 INFO L475 AbstractCegarLoop]: INTERPOLANT automaton has has 41 states, 39 states have (on average 2.358974358974359) internal successors, (92), 39 states have internal predecessors, (92), 11 states have call successors, (12), 4 states have call predecessors, (12), 3 states have return successors, (9), 9 states have call predecessors, (9), 9 states have call successors, (9) [2024-09-25 10:21:05,387 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:21:05,387 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 100 transitions. [2024-09-25 10:21:05,388 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 95 [2024-09-25 10:21:05,388 INFO L208 NwaCegarLoop]: Found error trace [2024-09-25 10:21:05,388 INFO L216 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 5, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-09-25 10:21:05,406 INFO L540 MonitoredProcess]: [MP /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Forceful destruction successful, exit code 0 [2024-09-25 10:21:05,588 WARN L456 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /storage/repos/certificate-witnesses-artifact/automizer/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2024-09-25 10:21:05,589 INFO L399 AbstractCegarLoop]: === Iteration 13 === Targeting __VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION === [__VERIFIER_assertErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-09-25 10:21:05,590 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2024-09-25 10:21:05,590 INFO L85 PathProgramCache]: Analyzing trace with hash 1265552396, now seen corresponding path program 10 times [2024-09-25 10:21:05,590 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-09-25 10:21:05,590 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1880110444] [2024-09-25 10:21:05,590 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-09-25 10:21:05,591 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-09-25 10:21:05,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat