./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 84cfde4a Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c -s /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash d0f26fc8ab0bdaf05de905c05e583bc491c727ef99c3d3df87bba160b541b55a --- Real Ultimate output --- This is Ultimate 0.2.5-dev-84cfde4 [2024-10-11 02:58:00,342 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-11 02:58:00,405 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-11 02:58:00,410 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-11 02:58:00,412 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-11 02:58:00,435 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-11 02:58:00,436 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-11 02:58:00,437 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-11 02:58:00,437 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-11 02:58:00,438 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-11 02:58:00,439 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-11 02:58:00,439 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-11 02:58:00,439 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-11 02:58:00,440 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-11 02:58:00,441 INFO L153 SettingsManager]: * Use SBE=true [2024-10-11 02:58:00,442 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-11 02:58:00,442 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-11 02:58:00,442 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-11 02:58:00,442 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-11 02:58:00,443 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-11 02:58:00,443 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-11 02:58:00,446 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-11 02:58:00,446 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-11 02:58:00,446 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-11 02:58:00,446 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-11 02:58:00,447 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-11 02:58:00,447 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-11 02:58:00,447 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-11 02:58:00,447 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-11 02:58:00,447 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-11 02:58:00,448 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-11 02:58:00,448 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-11 02:58:00,448 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 02:58:00,448 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-11 02:58:00,448 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-11 02:58:00,448 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-11 02:58:00,449 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-11 02:58:00,449 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-11 02:58:00,449 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-11 02:58:00,449 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-11 02:58:00,449 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-11 02:58:00,450 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-11 02:58:00,451 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> d0f26fc8ab0bdaf05de905c05e583bc491c727ef99c3d3df87bba160b541b55a [2024-10-11 02:58:00,667 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-11 02:58:00,691 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-11 02:58:00,693 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-11 02:58:00,694 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-11 02:58:00,695 INFO L274 PluginConnector]: CDTParser initialized [2024-10-11 02:58:00,696 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c [2024-10-11 02:58:02,155 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-11 02:58:02,420 INFO L384 CDTParser]: Found 1 translation units. [2024-10-11 02:58:02,421 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c [2024-10-11 02:58:02,437 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/a050c4304/96cab21a2ccc4fd991cc21422a63e856/FLAG5457fe236 [2024-10-11 02:58:02,450 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/a050c4304/96cab21a2ccc4fd991cc21422a63e856 [2024-10-11 02:58:02,452 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-11 02:58:02,453 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-11 02:58:02,454 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-11 02:58:02,455 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-11 02:58:02,459 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-11 02:58:02,460 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:02,461 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6d20cf and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02, skipping insertion in model container [2024-10-11 02:58:02,461 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:02,502 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-11 02:58:02,807 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c[18661,18674] [2024-10-11 02:58:02,819 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 02:58:02,848 INFO L200 MainTranslator]: Completed pre-run [2024-10-11 02:58:02,858 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [49] [2024-10-11 02:58:02,859 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [78] [2024-10-11 02:58:02,860 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [116] [2024-10-11 02:58:02,860 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [482] [2024-10-11 02:58:02,860 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [551] [2024-10-11 02:58:02,860 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [773] [2024-10-11 02:58:02,861 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [869] [2024-10-11 02:58:02,861 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [973] [2024-10-11 02:58:02,905 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c[18661,18674] [2024-10-11 02:58:02,905 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 02:58:02,923 INFO L204 MainTranslator]: Completed translation [2024-10-11 02:58:02,924 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02 WrapperNode [2024-10-11 02:58:02,924 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-11 02:58:02,925 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-11 02:58:02,925 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-11 02:58:02,925 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-11 02:58:02,931 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:02,942 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:02,971 INFO L138 Inliner]: procedures = 56, calls = 100, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 215 [2024-10-11 02:58:02,971 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-11 02:58:02,972 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-11 02:58:02,972 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-11 02:58:02,972 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-11 02:58:02,982 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:02,982 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:02,985 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:03,006 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-11 02:58:03,010 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:03,010 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:03,014 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:03,025 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:03,029 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:03,030 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:03,031 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-11 02:58:03,036 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-11 02:58:03,036 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-11 02:58:03,036 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-11 02:58:03,036 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (1/1) ... [2024-10-11 02:58:03,042 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 02:58:03,050 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 02:58:03,062 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-11 02:58:03,065 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-11 02:58:03,096 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-11 02:58:03,097 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-11 02:58:03,097 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-11 02:58:03,097 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-11 02:58:03,097 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-11 02:58:03,097 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-11 02:58:03,097 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-11 02:58:03,097 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-10-11 02:58:03,097 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-10-11 02:58:03,098 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 02:58:03,098 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 02:58:03,098 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-11 02:58:03,098 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-11 02:58:03,098 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-11 02:58:03,098 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-11 02:58:03,098 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-11 02:58:03,098 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-11 02:58:03,098 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-11 02:58:03,165 INFO L238 CfgBuilder]: Building ICFG [2024-10-11 02:58:03,166 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-11 02:58:03,391 INFO L? ?]: Removed 49 outVars from TransFormulas that were not future-live. [2024-10-11 02:58:03,392 INFO L287 CfgBuilder]: Performing block encoding [2024-10-11 02:58:03,469 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-11 02:58:03,470 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-11 02:58:03,470 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 02:58:03 BoogieIcfgContainer [2024-10-11 02:58:03,470 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-11 02:58:03,473 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-11 02:58:03,474 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-11 02:58:03,476 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-11 02:58:03,477 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.10 02:58:02" (1/3) ... [2024-10-11 02:58:03,477 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@60d1d6a4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 02:58:03, skipping insertion in model container [2024-10-11 02:58:03,477 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 02:58:02" (2/3) ... [2024-10-11 02:58:03,477 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@60d1d6a4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 02:58:03, skipping insertion in model container [2024-10-11 02:58:03,478 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 02:58:03" (3/3) ... [2024-10-11 02:58:03,479 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product57.cil.c [2024-10-11 02:58:03,493 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-11 02:58:03,493 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-11 02:58:03,545 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-11 02:58:03,550 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@9a36ab2, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-11 02:58:03,550 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-11 02:58:03,554 INFO L276 IsEmpty]: Start isEmpty. Operand has 71 states, 50 states have (on average 1.54) internal successors, (77), 58 states have internal predecessors, (77), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-10-11 02:58:03,559 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2024-10-11 02:58:03,560 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:03,560 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:03,561 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:03,565 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:03,566 INFO L85 PathProgramCache]: Analyzing trace with hash 1573926470, now seen corresponding path program 1 times [2024-10-11 02:58:03,573 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:03,573 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2013962150] [2024-10-11 02:58:03,574 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:03,574 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:03,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:03,732 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 02:58:03,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:03,742 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 02:58:03,746 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:03,746 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2013962150] [2024-10-11 02:58:03,747 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2013962150] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:03,747 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 02:58:03,747 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-11 02:58:03,749 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [657724557] [2024-10-11 02:58:03,749 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:03,755 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-11 02:58:03,756 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:03,773 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-11 02:58:03,773 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 02:58:03,775 INFO L87 Difference]: Start difference. First operand has 71 states, 50 states have (on average 1.54) internal successors, (77), 58 states have internal predecessors, (77), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-11 02:58:03,826 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:03,826 INFO L93 Difference]: Finished difference Result 140 states and 203 transitions. [2024-10-11 02:58:03,833 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-11 02:58:03,834 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 16 [2024-10-11 02:58:03,834 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:03,841 INFO L225 Difference]: With dead ends: 140 [2024-10-11 02:58:03,842 INFO L226 Difference]: Without dead ends: 66 [2024-10-11 02:58:03,844 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 02:58:03,847 INFO L432 NwaCegarLoop]: 81 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 81 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:03,847 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 81 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 02:58:03,861 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2024-10-11 02:58:03,876 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 66. [2024-10-11 02:58:03,877 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 47 states have (on average 1.425531914893617) internal successors, (67), 54 states have internal predecessors, (67), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-11 02:58:03,879 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 90 transitions. [2024-10-11 02:58:03,880 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 90 transitions. Word has length 16 [2024-10-11 02:58:03,880 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:03,880 INFO L471 AbstractCegarLoop]: Abstraction has 66 states and 90 transitions. [2024-10-11 02:58:03,880 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-11 02:58:03,881 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 90 transitions. [2024-10-11 02:58:03,883 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2024-10-11 02:58:03,883 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:03,883 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:03,884 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-11 02:58:03,884 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:03,884 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:03,884 INFO L85 PathProgramCache]: Analyzing trace with hash 868198500, now seen corresponding path program 1 times [2024-10-11 02:58:03,885 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:03,885 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [550316751] [2024-10-11 02:58:03,885 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:03,885 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:03,897 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:03,948 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-11 02:58:03,949 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:03,951 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 02:58:03,951 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:03,951 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [550316751] [2024-10-11 02:58:03,952 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [550316751] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:03,952 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 02:58:03,952 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 02:58:03,952 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [264175066] [2024-10-11 02:58:03,952 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:03,953 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 02:58:03,953 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:03,954 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 02:58:03,954 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 02:58:03,954 INFO L87 Difference]: Start difference. First operand 66 states and 90 transitions. Second operand has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-11 02:58:03,997 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:03,997 INFO L93 Difference]: Finished difference Result 105 states and 143 transitions. [2024-10-11 02:58:03,999 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 02:58:03,999 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2024-10-11 02:58:03,999 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:04,000 INFO L225 Difference]: With dead ends: 105 [2024-10-11 02:58:04,000 INFO L226 Difference]: Without dead ends: 58 [2024-10-11 02:58:04,001 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 02:58:04,002 INFO L432 NwaCegarLoop]: 67 mSDtfsCounter, 11 mSDsluCounter, 53 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 120 SdHoareTripleChecker+Invalid, 22 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:04,002 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 120 Invalid, 22 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 02:58:04,005 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 58 states. [2024-10-11 02:58:04,012 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 58 to 58. [2024-10-11 02:58:04,012 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 58 states, 42 states have (on average 1.4523809523809523) internal successors, (61), 49 states have internal predecessors, (61), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-11 02:58:04,013 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 79 transitions. [2024-10-11 02:58:04,014 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 79 transitions. Word has length 17 [2024-10-11 02:58:04,014 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:04,014 INFO L471 AbstractCegarLoop]: Abstraction has 58 states and 79 transitions. [2024-10-11 02:58:04,014 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-11 02:58:04,015 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 79 transitions. [2024-10-11 02:58:04,015 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2024-10-11 02:58:04,016 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:04,016 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:04,016 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-11 02:58:04,017 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:04,019 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:04,019 INFO L85 PathProgramCache]: Analyzing trace with hash -723715020, now seen corresponding path program 1 times [2024-10-11 02:58:04,019 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:04,019 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [638977040] [2024-10-11 02:58:04,019 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:04,019 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:04,056 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:04,151 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 02:58:04,153 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:04,154 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 02:58:04,154 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:04,154 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [638977040] [2024-10-11 02:58:04,155 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [638977040] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:04,155 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 02:58:04,155 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 02:58:04,155 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2136377817] [2024-10-11 02:58:04,155 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:04,156 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 02:58:04,156 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:04,156 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 02:58:04,156 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 02:58:04,157 INFO L87 Difference]: Start difference. First operand 58 states and 79 transitions. Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-11 02:58:04,189 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:04,189 INFO L93 Difference]: Finished difference Result 114 states and 157 transitions. [2024-10-11 02:58:04,190 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 02:58:04,190 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2024-10-11 02:58:04,190 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:04,194 INFO L225 Difference]: With dead ends: 114 [2024-10-11 02:58:04,194 INFO L226 Difference]: Without dead ends: 58 [2024-10-11 02:58:04,194 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 02:58:04,195 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 67 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 65 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:04,196 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [67 Valid, 65 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 02:58:04,196 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 58 states. [2024-10-11 02:58:04,201 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 58 to 58. [2024-10-11 02:58:04,201 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 58 states, 42 states have (on average 1.4285714285714286) internal successors, (60), 49 states have internal predecessors, (60), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-11 02:58:04,202 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 78 transitions. [2024-10-11 02:58:04,202 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 78 transitions. Word has length 20 [2024-10-11 02:58:04,202 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:04,202 INFO L471 AbstractCegarLoop]: Abstraction has 58 states and 78 transitions. [2024-10-11 02:58:04,203 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-11 02:58:04,203 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 78 transitions. [2024-10-11 02:58:04,203 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-10-11 02:58:04,203 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:04,204 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:04,204 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-11 02:58:04,204 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:04,204 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:04,204 INFO L85 PathProgramCache]: Analyzing trace with hash 1903214799, now seen corresponding path program 1 times [2024-10-11 02:58:04,205 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:04,205 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1747768199] [2024-10-11 02:58:04,205 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:04,205 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:04,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:04,255 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 02:58:04,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:04,258 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 02:58:04,259 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:04,259 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1747768199] [2024-10-11 02:58:04,259 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1747768199] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:04,259 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 02:58:04,259 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 02:58:04,259 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1262297353] [2024-10-11 02:58:04,260 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:04,260 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 02:58:04,260 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:04,261 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 02:58:04,261 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 02:58:04,261 INFO L87 Difference]: Start difference. First operand 58 states and 78 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-11 02:58:04,428 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:04,429 INFO L93 Difference]: Finished difference Result 153 states and 208 transitions. [2024-10-11 02:58:04,431 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 02:58:04,431 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-10-11 02:58:04,432 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:04,433 INFO L225 Difference]: With dead ends: 153 [2024-10-11 02:58:04,433 INFO L226 Difference]: Without dead ends: 97 [2024-10-11 02:58:04,434 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 02:58:04,440 INFO L432 NwaCegarLoop]: 71 mSDtfsCounter, 52 mSDsluCounter, 48 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 119 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:04,440 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 119 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 02:58:04,441 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2024-10-11 02:58:04,481 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 95. [2024-10-11 02:58:04,482 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 95 states, 69 states have (on average 1.3768115942028984) internal successors, (95), 77 states have internal predecessors, (95), 13 states have call successors, (13), 12 states have call predecessors, (13), 12 states have return successors, (17), 13 states have call predecessors, (17), 13 states have call successors, (17) [2024-10-11 02:58:04,483 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 95 states to 95 states and 125 transitions. [2024-10-11 02:58:04,483 INFO L78 Accepts]: Start accepts. Automaton has 95 states and 125 transitions. Word has length 25 [2024-10-11 02:58:04,483 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:04,483 INFO L471 AbstractCegarLoop]: Abstraction has 95 states and 125 transitions. [2024-10-11 02:58:04,484 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-11 02:58:04,484 INFO L276 IsEmpty]: Start isEmpty. Operand 95 states and 125 transitions. [2024-10-11 02:58:04,491 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2024-10-11 02:58:04,491 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:04,491 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:04,491 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-11 02:58:04,491 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:04,492 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:04,492 INFO L85 PathProgramCache]: Analyzing trace with hash -1621842416, now seen corresponding path program 1 times [2024-10-11 02:58:04,492 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:04,492 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [48523053] [2024-10-11 02:58:04,492 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:04,493 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:04,530 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:04,656 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 02:58:04,658 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:04,710 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 02:58:04,711 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:04,712 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-11 02:58:04,713 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:04,722 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 02:58:04,722 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:04,722 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [48523053] [2024-10-11 02:58:04,727 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [48523053] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:04,727 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 02:58:04,727 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 02:58:04,727 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1188873535] [2024-10-11 02:58:04,727 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:04,727 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 02:58:04,728 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:04,728 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 02:58:04,728 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 02:58:04,728 INFO L87 Difference]: Start difference. First operand 95 states and 125 transitions. Second operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 02:58:05,050 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:05,050 INFO L93 Difference]: Finished difference Result 317 states and 447 transitions. [2024-10-11 02:58:05,051 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 02:58:05,051 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 35 [2024-10-11 02:58:05,051 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:05,054 INFO L225 Difference]: With dead ends: 317 [2024-10-11 02:58:05,054 INFO L226 Difference]: Without dead ends: 224 [2024-10-11 02:58:05,055 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-11 02:58:05,056 INFO L432 NwaCegarLoop]: 52 mSDtfsCounter, 140 mSDsluCounter, 159 mSDsCounter, 0 mSdLazyCounter, 170 mSolverCounterSat, 45 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 211 SdHoareTripleChecker+Invalid, 215 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 45 IncrementalHoareTripleChecker+Valid, 170 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:05,056 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 211 Invalid, 215 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [45 Valid, 170 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 02:58:05,059 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 224 states. [2024-10-11 02:58:05,091 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 224 to 218. [2024-10-11 02:58:05,093 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 218 states, 159 states have (on average 1.3522012578616351) internal successors, (215), 172 states have internal predecessors, (215), 30 states have call successors, (30), 24 states have call predecessors, (30), 28 states have return successors, (54), 30 states have call predecessors, (54), 30 states have call successors, (54) [2024-10-11 02:58:05,095 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 218 states to 218 states and 299 transitions. [2024-10-11 02:58:05,096 INFO L78 Accepts]: Start accepts. Automaton has 218 states and 299 transitions. Word has length 35 [2024-10-11 02:58:05,100 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:05,100 INFO L471 AbstractCegarLoop]: Abstraction has 218 states and 299 transitions. [2024-10-11 02:58:05,100 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 02:58:05,101 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 299 transitions. [2024-10-11 02:58:05,102 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2024-10-11 02:58:05,102 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:05,102 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:05,102 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-11 02:58:05,102 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:05,103 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:05,103 INFO L85 PathProgramCache]: Analyzing trace with hash 67101326, now seen corresponding path program 1 times [2024-10-11 02:58:05,106 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:05,106 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [980082568] [2024-10-11 02:58:05,106 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:05,106 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:05,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,206 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 02:58:05,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,221 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 02:58:05,223 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,224 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-11 02:58:05,228 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,233 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 02:58:05,233 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:05,233 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [980082568] [2024-10-11 02:58:05,234 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [980082568] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:05,234 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 02:58:05,234 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 02:58:05,234 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1749162357] [2024-10-11 02:58:05,237 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:05,237 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 02:58:05,237 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:05,238 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 02:58:05,238 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 02:58:05,238 INFO L87 Difference]: Start difference. First operand 218 states and 299 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-10-11 02:58:05,410 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:05,410 INFO L93 Difference]: Finished difference Result 222 states and 301 transitions. [2024-10-11 02:58:05,411 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 02:58:05,411 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 35 [2024-10-11 02:58:05,411 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:05,413 INFO L225 Difference]: With dead ends: 222 [2024-10-11 02:58:05,413 INFO L226 Difference]: Without dead ends: 220 [2024-10-11 02:58:05,413 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2024-10-11 02:58:05,415 INFO L432 NwaCegarLoop]: 54 mSDtfsCounter, 92 mSDsluCounter, 116 mSDsCounter, 0 mSdLazyCounter, 134 mSolverCounterSat, 26 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 96 SdHoareTripleChecker+Valid, 170 SdHoareTripleChecker+Invalid, 160 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 26 IncrementalHoareTripleChecker+Valid, 134 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:05,416 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [96 Valid, 170 Invalid, 160 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [26 Valid, 134 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 02:58:05,416 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 220 states. [2024-10-11 02:58:05,465 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 220 to 218. [2024-10-11 02:58:05,466 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 218 states, 159 states have (on average 1.3270440251572326) internal successors, (211), 172 states have internal predecessors, (211), 30 states have call successors, (30), 24 states have call predecessors, (30), 28 states have return successors, (54), 30 states have call predecessors, (54), 30 states have call successors, (54) [2024-10-11 02:58:05,472 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 218 states to 218 states and 295 transitions. [2024-10-11 02:58:05,473 INFO L78 Accepts]: Start accepts. Automaton has 218 states and 295 transitions. Word has length 35 [2024-10-11 02:58:05,473 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:05,473 INFO L471 AbstractCegarLoop]: Abstraction has 218 states and 295 transitions. [2024-10-11 02:58:05,474 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-10-11 02:58:05,474 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 295 transitions. [2024-10-11 02:58:05,479 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 02:58:05,479 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:05,479 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:05,480 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-11 02:58:05,480 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:05,480 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:05,480 INFO L85 PathProgramCache]: Analyzing trace with hash 1325641983, now seen corresponding path program 1 times [2024-10-11 02:58:05,481 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:05,481 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [847250437] [2024-10-11 02:58:05,481 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:05,481 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:05,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,553 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 02:58:05,557 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,584 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 02:58:05,586 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,587 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 02:58:05,587 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,589 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 02:58:05,589 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:05,590 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [847250437] [2024-10-11 02:58:05,590 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [847250437] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:05,590 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 02:58:05,590 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 02:58:05,590 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2023770326] [2024-10-11 02:58:05,590 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:05,591 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 02:58:05,591 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:05,592 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 02:58:05,592 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 02:58:05,593 INFO L87 Difference]: Start difference. First operand 218 states and 295 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 02:58:05,730 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:05,730 INFO L93 Difference]: Finished difference Result 438 states and 608 transitions. [2024-10-11 02:58:05,731 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 02:58:05,731 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 02:58:05,731 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:05,733 INFO L225 Difference]: With dead ends: 438 [2024-10-11 02:58:05,733 INFO L226 Difference]: Without dead ends: 222 [2024-10-11 02:58:05,734 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 02:58:05,735 INFO L432 NwaCegarLoop]: 54 mSDtfsCounter, 46 mSDsluCounter, 119 mSDsCounter, 0 mSdLazyCounter, 121 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 50 SdHoareTripleChecker+Valid, 173 SdHoareTripleChecker+Invalid, 132 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 121 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:05,735 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [50 Valid, 173 Invalid, 132 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 02:58:05,736 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 222 states. [2024-10-11 02:58:05,757 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 222 to 220. [2024-10-11 02:58:05,757 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 220 states, 161 states have (on average 1.3229813664596273) internal successors, (213), 174 states have internal predecessors, (213), 30 states have call successors, (30), 24 states have call predecessors, (30), 28 states have return successors, (54), 30 states have call predecessors, (54), 30 states have call successors, (54) [2024-10-11 02:58:05,759 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 220 states to 220 states and 297 transitions. [2024-10-11 02:58:05,759 INFO L78 Accepts]: Start accepts. Automaton has 220 states and 297 transitions. Word has length 38 [2024-10-11 02:58:05,761 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:05,761 INFO L471 AbstractCegarLoop]: Abstraction has 220 states and 297 transitions. [2024-10-11 02:58:05,761 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 02:58:05,761 INFO L276 IsEmpty]: Start isEmpty. Operand 220 states and 297 transitions. [2024-10-11 02:58:05,768 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 02:58:05,768 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:05,768 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:05,768 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-11 02:58:05,769 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:05,769 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:05,770 INFO L85 PathProgramCache]: Analyzing trace with hash 507993533, now seen corresponding path program 1 times [2024-10-11 02:58:05,770 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:05,770 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1459060386] [2024-10-11 02:58:05,770 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:05,770 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:05,784 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,827 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 02:58:05,832 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,852 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 02:58:05,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,856 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 02:58:05,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:05,858 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 02:58:05,860 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:05,861 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1459060386] [2024-10-11 02:58:05,861 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1459060386] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:05,861 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 02:58:05,861 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 02:58:05,861 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [264968313] [2024-10-11 02:58:05,861 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:05,861 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 02:58:05,861 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:05,862 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 02:58:05,862 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 02:58:05,866 INFO L87 Difference]: Start difference. First operand 220 states and 297 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 02:58:06,000 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:06,000 INFO L93 Difference]: Finished difference Result 423 states and 580 transitions. [2024-10-11 02:58:06,001 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-11 02:58:06,001 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 02:58:06,001 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:06,002 INFO L225 Difference]: With dead ends: 423 [2024-10-11 02:58:06,002 INFO L226 Difference]: Without dead ends: 205 [2024-10-11 02:58:06,003 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-10-11 02:58:06,004 INFO L432 NwaCegarLoop]: 47 mSDtfsCounter, 111 mSDsluCounter, 107 mSDsCounter, 0 mSdLazyCounter, 118 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 115 SdHoareTripleChecker+Valid, 154 SdHoareTripleChecker+Invalid, 145 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 118 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:06,004 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [115 Valid, 154 Invalid, 145 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 118 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 02:58:06,004 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 205 states. [2024-10-11 02:58:06,014 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 205 to 203. [2024-10-11 02:58:06,014 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 203 states, 148 states have (on average 1.3175675675675675) internal successors, (195), 159 states have internal predecessors, (195), 28 states have call successors, (28), 24 states have call predecessors, (28), 26 states have return successors, (44), 27 states have call predecessors, (44), 28 states have call successors, (44) [2024-10-11 02:58:06,015 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 203 states to 203 states and 267 transitions. [2024-10-11 02:58:06,015 INFO L78 Accepts]: Start accepts. Automaton has 203 states and 267 transitions. Word has length 38 [2024-10-11 02:58:06,016 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:06,016 INFO L471 AbstractCegarLoop]: Abstraction has 203 states and 267 transitions. [2024-10-11 02:58:06,016 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 02:58:06,016 INFO L276 IsEmpty]: Start isEmpty. Operand 203 states and 267 transitions. [2024-10-11 02:58:06,016 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-10-11 02:58:06,016 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:06,017 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:06,017 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-11 02:58:06,017 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:06,017 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:06,017 INFO L85 PathProgramCache]: Analyzing trace with hash -835624159, now seen corresponding path program 1 times [2024-10-11 02:58:06,017 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:06,017 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1206411035] [2024-10-11 02:58:06,017 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:06,018 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:06,027 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,109 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 02:58:06,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,122 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 02:58:06,126 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,131 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 02:58:06,132 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,134 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-11 02:58:06,135 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,147 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-11 02:58:06,148 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:06,148 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1206411035] [2024-10-11 02:58:06,148 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1206411035] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:06,148 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 02:58:06,148 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-11 02:58:06,149 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1757176220] [2024-10-11 02:58:06,149 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:06,150 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-11 02:58:06,150 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:06,151 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-11 02:58:06,151 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-10-11 02:58:06,152 INFO L87 Difference]: Start difference. First operand 203 states and 267 transitions. Second operand has 8 states, 7 states have (on average 4.714285714285714) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 02:58:06,605 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:06,606 INFO L93 Difference]: Finished difference Result 703 states and 954 transitions. [2024-10-11 02:58:06,606 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-10-11 02:58:06,606 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.714285714285714) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 42 [2024-10-11 02:58:06,606 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:06,610 INFO L225 Difference]: With dead ends: 703 [2024-10-11 02:58:06,610 INFO L226 Difference]: Without dead ends: 502 [2024-10-11 02:58:06,611 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 82 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=112, Invalid=350, Unknown=0, NotChecked=0, Total=462 [2024-10-11 02:58:06,611 INFO L432 NwaCegarLoop]: 39 mSDtfsCounter, 250 mSDsluCounter, 172 mSDsCounter, 0 mSdLazyCounter, 335 mSolverCounterSat, 93 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 255 SdHoareTripleChecker+Valid, 211 SdHoareTripleChecker+Invalid, 428 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 93 IncrementalHoareTripleChecker+Valid, 335 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:06,611 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [255 Valid, 211 Invalid, 428 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [93 Valid, 335 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 02:58:06,614 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 502 states. [2024-10-11 02:58:06,645 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 502 to 451. [2024-10-11 02:58:06,646 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 451 states, 324 states have (on average 1.2746913580246915) internal successors, (413), 357 states have internal predecessors, (413), 66 states have call successors, (66), 48 states have call predecessors, (66), 60 states have return successors, (116), 64 states have call predecessors, (116), 66 states have call successors, (116) [2024-10-11 02:58:06,649 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 451 states to 451 states and 595 transitions. [2024-10-11 02:58:06,649 INFO L78 Accepts]: Start accepts. Automaton has 451 states and 595 transitions. Word has length 42 [2024-10-11 02:58:06,650 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:06,650 INFO L471 AbstractCegarLoop]: Abstraction has 451 states and 595 transitions. [2024-10-11 02:58:06,650 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.714285714285714) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 02:58:06,650 INFO L276 IsEmpty]: Start isEmpty. Operand 451 states and 595 transitions. [2024-10-11 02:58:06,651 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-10-11 02:58:06,651 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:06,651 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:06,652 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-11 02:58:06,652 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:06,652 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:06,652 INFO L85 PathProgramCache]: Analyzing trace with hash 2039455653, now seen corresponding path program 1 times [2024-10-11 02:58:06,652 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:06,653 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [384643333] [2024-10-11 02:58:06,653 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:06,653 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:06,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,698 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 02:58:06,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,704 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 02:58:06,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,719 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 02:58:06,723 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,806 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 02:58:06,808 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,829 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-10-11 02:58:06,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,835 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-11 02:58:06,835 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:06,835 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [384643333] [2024-10-11 02:58:06,835 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [384643333] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 02:58:06,835 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2139463262] [2024-10-11 02:58:06,835 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:06,835 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 02:58:06,836 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 02:58:06,837 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 02:58:06,844 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-11 02:58:06,966 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:06,973 INFO L255 TraceCheckSpWp]: Trace formula consists of 202 conjuncts, 5 conjuncts are in the unsatisfiable core [2024-10-11 02:58:06,982 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 02:58:07,147 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 02:58:07,147 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-11 02:58:07,148 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2139463262] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:07,169 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-11 02:58:07,170 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [10] total 14 [2024-10-11 02:58:07,170 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1877682089] [2024-10-11 02:58:07,171 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:07,171 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 02:58:07,171 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:07,172 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 02:58:07,172 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=31, Invalid=151, Unknown=0, NotChecked=0, Total=182 [2024-10-11 02:58:07,172 INFO L87 Difference]: Start difference. First operand 451 states and 595 transitions. Second operand has 6 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 3 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2024-10-11 02:58:07,295 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:07,295 INFO L93 Difference]: Finished difference Result 889 states and 1177 transitions. [2024-10-11 02:58:07,296 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-11 02:58:07,296 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 3 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 46 [2024-10-11 02:58:07,296 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:07,299 INFO L225 Difference]: With dead ends: 889 [2024-10-11 02:58:07,299 INFO L226 Difference]: Without dead ends: 440 [2024-10-11 02:58:07,301 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 61 GetRequests, 49 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=31, Invalid=151, Unknown=0, NotChecked=0, Total=182 [2024-10-11 02:58:07,301 INFO L432 NwaCegarLoop]: 124 mSDtfsCounter, 52 mSDsluCounter, 250 mSDsCounter, 0 mSdLazyCounter, 136 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 374 SdHoareTripleChecker+Invalid, 137 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 136 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:07,302 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [53 Valid, 374 Invalid, 137 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 136 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 02:58:07,302 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 440 states. [2024-10-11 02:58:07,335 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 440 to 440. [2024-10-11 02:58:07,336 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 316 states have (on average 1.259493670886076) internal successors, (398), 348 states have internal predecessors, (398), 65 states have call successors, (65), 48 states have call predecessors, (65), 58 states have return successors, (106), 62 states have call predecessors, (106), 65 states have call successors, (106) [2024-10-11 02:58:07,338 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 569 transitions. [2024-10-11 02:58:07,339 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 569 transitions. Word has length 46 [2024-10-11 02:58:07,339 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:07,339 INFO L471 AbstractCegarLoop]: Abstraction has 440 states and 569 transitions. [2024-10-11 02:58:07,340 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 7.0) internal successors, (35), 5 states have internal predecessors, (35), 3 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2024-10-11 02:58:07,340 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 569 transitions. [2024-10-11 02:58:07,341 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 80 [2024-10-11 02:58:07,342 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:07,342 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:07,361 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-11 02:58:07,546 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-11 02:58:07,547 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:07,548 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:07,548 INFO L85 PathProgramCache]: Analyzing trace with hash 1180691550, now seen corresponding path program 1 times [2024-10-11 02:58:07,548 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:07,548 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [448722285] [2024-10-11 02:58:07,548 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:07,549 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:07,562 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,643 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 02:58:07,644 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,655 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 02:58:07,659 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,674 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-11 02:58:07,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,684 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 02:58:07,685 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,686 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 02:58:07,687 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,694 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-10-11 02:58:07,695 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,697 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-10-11 02:58:07,697 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,698 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 02:58:07,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,699 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2024-10-11 02:58:07,700 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,701 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 15 proven. 3 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-10-11 02:58:07,701 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:07,701 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [448722285] [2024-10-11 02:58:07,701 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [448722285] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 02:58:07,701 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1862183620] [2024-10-11 02:58:07,701 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:07,702 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 02:58:07,702 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 02:58:07,706 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 02:58:07,707 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-10-11 02:58:07,793 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:07,796 INFO L255 TraceCheckSpWp]: Trace formula consists of 275 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-11 02:58:07,799 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 02:58:07,874 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 02:58:07,875 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-11 02:58:07,875 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1862183620] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:07,875 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-11 02:58:07,875 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [9] total 9 [2024-10-11 02:58:07,875 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1758012156] [2024-10-11 02:58:07,875 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:07,876 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 02:58:07,876 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:07,876 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 02:58:07,877 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-11 02:58:07,877 INFO L87 Difference]: Start difference. First operand 440 states and 569 transitions. Second operand has 5 states, 5 states have (on average 11.8) internal successors, (59), 5 states have internal predecessors, (59), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2024-10-11 02:58:08,063 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:08,064 INFO L93 Difference]: Finished difference Result 1231 states and 1640 transitions. [2024-10-11 02:58:08,065 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 02:58:08,065 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 11.8) internal successors, (59), 5 states have internal predecessors, (59), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) Word has length 79 [2024-10-11 02:58:08,066 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:08,072 INFO L225 Difference]: With dead ends: 1231 [2024-10-11 02:58:08,072 INFO L226 Difference]: Without dead ends: 793 [2024-10-11 02:58:08,074 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 105 GetRequests, 95 SyntacticMatches, 2 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=68, Unknown=0, NotChecked=0, Total=90 [2024-10-11 02:58:08,075 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 88 mSDsluCounter, 190 mSDsCounter, 0 mSdLazyCounter, 86 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 292 SdHoareTripleChecker+Invalid, 99 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 86 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:08,075 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [88 Valid, 292 Invalid, 99 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 86 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 02:58:08,076 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 793 states. [2024-10-11 02:58:08,141 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 793 to 791. [2024-10-11 02:58:08,143 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 791 states, 571 states have (on average 1.2504378283712785) internal successors, (714), 615 states have internal predecessors, (714), 119 states have call successors, (119), 98 states have call predecessors, (119), 100 states have return successors, (205), 107 states have call predecessors, (205), 119 states have call successors, (205) [2024-10-11 02:58:08,147 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 791 states to 791 states and 1038 transitions. [2024-10-11 02:58:08,149 INFO L78 Accepts]: Start accepts. Automaton has 791 states and 1038 transitions. Word has length 79 [2024-10-11 02:58:08,150 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:08,151 INFO L471 AbstractCegarLoop]: Abstraction has 791 states and 1038 transitions. [2024-10-11 02:58:08,151 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 11.8) internal successors, (59), 5 states have internal predecessors, (59), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2024-10-11 02:58:08,151 INFO L276 IsEmpty]: Start isEmpty. Operand 791 states and 1038 transitions. [2024-10-11 02:58:08,153 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 80 [2024-10-11 02:58:08,153 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 02:58:08,153 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:08,174 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-10-11 02:58:08,357 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 02:58:08,358 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 02:58:08,359 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 02:58:08,359 INFO L85 PathProgramCache]: Analyzing trace with hash 363043100, now seen corresponding path program 1 times [2024-10-11 02:58:08,359 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 02:58:08,359 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [612168911] [2024-10-11 02:58:08,359 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:08,359 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 02:58:08,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,419 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 02:58:08,421 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,428 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 02:58:08,430 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,443 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-11 02:58:08,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,449 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 02:58:08,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,450 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 02:58:08,450 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,456 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-10-11 02:58:08,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,457 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-10-11 02:58:08,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,459 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 02:58:08,460 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,460 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2024-10-11 02:58:08,461 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,461 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 5 proven. 1 refuted. 0 times theorem prover too weak. 20 trivial. 0 not checked. [2024-10-11 02:58:08,462 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 02:58:08,462 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [612168911] [2024-10-11 02:58:08,462 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [612168911] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 02:58:08,462 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [21921377] [2024-10-11 02:58:08,462 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 02:58:08,462 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 02:58:08,463 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 02:58:08,464 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 02:58:08,465 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-10-11 02:58:08,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 02:58:08,533 INFO L255 TraceCheckSpWp]: Trace formula consists of 276 conjuncts, 3 conjuncts are in the unsatisfiable core [2024-10-11 02:58:08,535 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 02:58:08,555 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-10-11 02:58:08,555 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-11 02:58:08,555 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [21921377] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 02:58:08,555 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-11 02:58:08,555 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [8] total 10 [2024-10-11 02:58:08,556 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [89978450] [2024-10-11 02:58:08,556 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 02:58:08,556 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-10-11 02:58:08,556 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 02:58:08,556 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-10-11 02:58:08,556 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2024-10-11 02:58:08,557 INFO L87 Difference]: Start difference. First operand 791 states and 1038 transitions. Second operand has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-10-11 02:58:08,596 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 02:58:08,596 INFO L93 Difference]: Finished difference Result 1120 states and 1451 transitions. [2024-10-11 02:58:08,596 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-10-11 02:58:08,597 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 79 [2024-10-11 02:58:08,597 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 02:58:08,598 INFO L225 Difference]: With dead ends: 1120 [2024-10-11 02:58:08,598 INFO L226 Difference]: Without dead ends: 0 [2024-10-11 02:58:08,600 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 100 GetRequests, 92 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2024-10-11 02:58:08,600 INFO L432 NwaCegarLoop]: 56 mSDtfsCounter, 0 mSDsluCounter, 109 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 165 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 02:58:08,600 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 165 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 02:58:08,601 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-11 02:58:08,601 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-11 02:58:08,601 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-11 02:58:08,601 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-11 02:58:08,624 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 79 [2024-10-11 02:58:08,625 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 02:58:08,625 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-11 02:58:08,625 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 13.25) internal successors, (53), 4 states have internal predecessors, (53), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-10-11 02:58:08,625 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-11 02:58:08,625 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-11 02:58:08,628 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-11 02:58:08,644 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-10-11 02:58:08,828 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,4 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 02:58:08,831 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 02:58:08,833 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-11 02:58:11,829 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-11 02:58:11,865 WARN L155 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse3 (= |old(~methaneLevelCritical~0)| 0))) (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= 1 ~waterLevel~0))) (or (and .cse0 (<= 1 |old(~methaneLevelCritical~0)|) .cse1 .cse2) (and .cse3 (<= 2 ~waterLevel~0) .cse1) (and .cse0 .cse3 .cse1 .cse2))) (or (<= 1 ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1)) (or (not .cse3) (= ~methaneLevelCritical~0 0)))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse3 (= |old(~methaneLevelCritical~0)| 0))) (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= 1 ~waterLevel~0))) (or (and .cse0 (<= 1 |old(~methaneLevelCritical~0)|) .cse1 .cse2) (and .cse3 (<= 2 ~waterLevel~0) .cse1) (and .cse0 .cse3 .cse1 .cse2))) (or (< |old(~methaneLevelCritical~0)| 1) (< 0 ~methaneLevelCritical~0)) (or (not .cse3) (= ~methaneLevelCritical~0 0))))) [2024-10-11 02:58:11,871 WARN L953 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-10-11 02:58:11,876 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse3 (<= 1 |old(~waterLevel~0)|)) (.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse5 (<= 2 |old(~waterLevel~0)|))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse5) (and .cse4 .cse1 .cse5))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse4 (<= 1 ~methaneLevelCritical~0)) (.cse1 (<= 2 ~waterLevel~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse5 (<= 1 ~waterLevel~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse2 .cse5) (and .cse4 .cse1 .cse2) (and .cse3 .cse0 .cse2 .cse5))) [2024-10-11 02:58:11,909 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |old(~pumpRunning~0)| 0)) (.cse2 (<= 1 ~waterLevel~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1 .cse2) (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2)))) Eliminated clause: (and (= ~pumpRunning~0 0) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~waterLevel~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1) (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1)))) [2024-10-11 02:58:11,915 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (<= 1 |old(~waterLevel~0)|)) (.cse3 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1 .cse2) (and .cse0 .cse3 .cse1 .cse2) (and .cse3 .cse1 (<= 2 |old(~waterLevel~0)|))))) Eliminated clause: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~waterLevel~0))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1) (and .cse2 (<= 1 ~methaneLevelCritical~0) .cse1 .cse3) (and .cse2 .cse0 .cse1 .cse3))) [2024-10-11 02:58:11,921 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.10 02:58:11 BoogieIcfgContainer [2024-10-11 02:58:11,921 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-11 02:58:11,922 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-11 02:58:11,922 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-11 02:58:11,922 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-11 02:58:11,922 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 02:58:03" (3/4) ... [2024-10-11 02:58:11,924 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-11 02:58:11,926 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-11 02:58:11,926 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-11 02:58:11,926 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-11 02:58:11,926 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-11 02:58:11,926 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-10-11 02:58:11,927 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 02:58:11,927 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-11 02:58:11,932 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 32 nodes and edges [2024-10-11 02:58:11,932 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-11 02:58:11,932 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-11 02:58:11,933 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 02:58:11,933 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 02:58:12,011 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-11 02:58:12,011 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-11 02:58:12,011 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-11 02:58:12,011 INFO L158 Benchmark]: Toolchain (without parser) took 9558.48ms. Allocated memory was 167.8MB in the beginning and 247.5MB in the end (delta: 79.7MB). Free memory was 99.0MB in the beginning and 201.9MB in the end (delta: -102.9MB). There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 02:58:12,012 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 109.1MB. Free memory is still 71.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 02:58:12,012 INFO L158 Benchmark]: CACSL2BoogieTranslator took 469.99ms. Allocated memory is still 167.8MB. Free memory was 98.9MB in the beginning and 134.3MB in the end (delta: -35.4MB). Peak memory consumption was 18.2MB. Max. memory is 16.1GB. [2024-10-11 02:58:12,012 INFO L158 Benchmark]: Boogie Procedure Inliner took 46.52ms. Allocated memory is still 167.8MB. Free memory was 134.3MB in the beginning and 132.1MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 02:58:12,012 INFO L158 Benchmark]: Boogie Preprocessor took 63.15ms. Allocated memory is still 167.8MB. Free memory was 132.1MB in the beginning and 129.4MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 02:58:12,012 INFO L158 Benchmark]: RCFGBuilder took 434.68ms. Allocated memory is still 167.8MB. Free memory was 129.4MB in the beginning and 105.6MB in the end (delta: 23.9MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2024-10-11 02:58:12,012 INFO L158 Benchmark]: TraceAbstraction took 8447.93ms. Allocated memory was 167.8MB in the beginning and 247.5MB in the end (delta: 79.7MB). Free memory was 104.9MB in the beginning and 209.3MB in the end (delta: -104.3MB). Peak memory consumption was 114.0MB. Max. memory is 16.1GB. [2024-10-11 02:58:12,013 INFO L158 Benchmark]: Witness Printer took 89.55ms. Allocated memory is still 247.5MB. Free memory was 209.3MB in the beginning and 201.9MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-11 02:58:12,013 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 109.1MB. Free memory is still 71.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 469.99ms. Allocated memory is still 167.8MB. Free memory was 98.9MB in the beginning and 134.3MB in the end (delta: -35.4MB). Peak memory consumption was 18.2MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 46.52ms. Allocated memory is still 167.8MB. Free memory was 134.3MB in the beginning and 132.1MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 63.15ms. Allocated memory is still 167.8MB. Free memory was 132.1MB in the beginning and 129.4MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 434.68ms. Allocated memory is still 167.8MB. Free memory was 129.4MB in the beginning and 105.6MB in the end (delta: 23.9MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 8447.93ms. Allocated memory was 167.8MB in the beginning and 247.5MB in the end (delta: 79.7MB). Free memory was 104.9MB in the beginning and 209.3MB in the end (delta: -104.3MB). Peak memory consumption was 114.0MB. Max. memory is 16.1GB. * Witness Printer took 89.55ms. Allocated memory is still 247.5MB. Free memory was 209.3MB in the beginning and 201.9MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [49] - GenericResultAtLocation [Line: 78]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [78] - GenericResultAtLocation [Line: 116]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [116] - GenericResultAtLocation [Line: 482]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [482] - GenericResultAtLocation [Line: 551]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [551] - GenericResultAtLocation [Line: 773]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [773] - GenericResultAtLocation [Line: 869]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [869] - GenericResultAtLocation [Line: 973]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [973] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 978]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 71 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.3s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 936 SdHoareTripleChecker+Valid, 1.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 909 mSDsluCounter, 2135 SdHoareTripleChecker+Invalid, 1.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1323 mSDsCounter, 222 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1213 IncrementalHoareTripleChecker+Invalid, 1435 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 222 mSolverCounterUnsat, 812 mSDtfsCounter, 1213 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 375 GetRequests, 297 SyntacticMatches, 2 SemanticMatches, 76 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 114 ImplicationChecksByTransitivity, 0.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=791occurred in iteration=11, InterpolantAutomatonStates: 70, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 12 MinimizatonAttempts, 67 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 674 NumberOfCodeBlocks, 674 NumberOfCodeBlocksAsserted, 15 NumberOfCheckSat, 659 ConstructedInterpolants, 0 QuantifiedInterpolants, 1155 SizeOfPredicates, 2 NumberOfNonLiveVariables, 753 ConjunctsInSsa, 15 ConjunctsInUnsatCore, 15 InterpolantComputations, 12 PerfectInterpolantSequences, 109/114 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 497]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= waterLevel)) || (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= waterLevel))) || ((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 496]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 785]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 586]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (1 <= waterLevel)) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (1 <= waterLevel))) Ensures: (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (1 <= waterLevel)) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (1 <= waterLevel))) - ProcedureContractResult [Line: 897]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: ((((((((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (1 == systemActive)) && (1 <= waterLevel)) || (((\old(methaneLevelCritical) == 0) && (2 <= waterLevel)) && (1 == systemActive))) || ((((pumpRunning == 0) && (\old(methaneLevelCritical) == 0)) && (1 == systemActive)) && (1 <= waterLevel))) && ((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) - ProcedureContractResult [Line: 775]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 562]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (1 <= waterLevel))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (1 == systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (1 <= waterLevel))) Ensures: (((((1 == systemActive) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && ((1 < waterLevel) || ((pumpRunning == 0) && (waterLevel == 1)))) && (((((1 <= methaneLevelCritical) && (2 <= \old(waterLevel))) || ((methaneLevelCritical == 0) && (\old(pumpRunning) == 0))) || ((methaneLevelCritical == 0) && (2 <= \old(waterLevel)))) || ((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)))) && ((\old(pumpRunning) != 0) || (\old(waterLevel) == waterLevel))) - ProcedureContractResult [Line: 909]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (1 <= waterLevel))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (1 <= waterLevel))) Ensures: ((\result == methaneLevelCritical) && (((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (1 <= waterLevel))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (1 <= waterLevel)))) - ProcedureContractResult [Line: 594]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: ((pumpRunning == 0) && ((((methaneLevelCritical == 0) && (1 == systemActive)) && (1 <= waterLevel)) || (((1 <= methaneLevelCritical) && (1 == systemActive)) && (1 <= waterLevel)))) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || (methaneLevelCritical < 1)) && ((1 < waterLevel) || ((pumpRunning == 0) && (waterLevel == 1)))) && ((0 < methaneLevelCritical) || (((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)))) - ProcedureContractResult [Line: 885]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (1 <= waterLevel))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (1 <= waterLevel))) Ensures: ((((((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel)) && (2 <= waterLevel)) && (1 == systemActive)) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 <= \old(waterLevel))) || ((methaneLevelCritical == 0) && (2 <= \old(waterLevel)))) || ((1 <= methaneLevelCritical) && (1 <= \old(waterLevel))))) RESULT: Ultimate proved your program to be correct! [2024-10-11 02:58:12,041 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE