./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 84cfde4a Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c -s /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 45ba8c3ee5105630bc9146965d68439e6204903aca4c5a31cd4f017e456c8589 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-84cfde4 [2024-10-11 03:01:08,344 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-11 03:01:08,416 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-11 03:01:08,423 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-11 03:01:08,424 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-11 03:01:08,451 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-11 03:01:08,452 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-11 03:01:08,452 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-11 03:01:08,453 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-11 03:01:08,454 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-11 03:01:08,454 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-11 03:01:08,455 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-11 03:01:08,455 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-11 03:01:08,459 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-11 03:01:08,459 INFO L153 SettingsManager]: * Use SBE=true [2024-10-11 03:01:08,460 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-11 03:01:08,460 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-11 03:01:08,460 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-11 03:01:08,460 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-11 03:01:08,461 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-11 03:01:08,461 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-11 03:01:08,461 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-11 03:01:08,462 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-11 03:01:08,462 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-11 03:01:08,462 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-11 03:01:08,462 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-11 03:01:08,463 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-11 03:01:08,463 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-11 03:01:08,463 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-11 03:01:08,464 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-11 03:01:08,464 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-11 03:01:08,464 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-11 03:01:08,465 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:08,465 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-11 03:01:08,465 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-11 03:01:08,465 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-11 03:01:08,466 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-11 03:01:08,466 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-11 03:01:08,466 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-11 03:01:08,467 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-11 03:01:08,467 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-11 03:01:08,467 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-11 03:01:08,467 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 45ba8c3ee5105630bc9146965d68439e6204903aca4c5a31cd4f017e456c8589 [2024-10-11 03:01:08,742 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-11 03:01:08,765 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-11 03:01:08,768 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-11 03:01:08,769 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-11 03:01:08,771 INFO L274 PluginConnector]: CDTParser initialized [2024-10-11 03:01:08,772 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c [2024-10-11 03:01:10,189 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-11 03:01:10,472 INFO L384 CDTParser]: Found 1 translation units. [2024-10-11 03:01:10,473 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c [2024-10-11 03:01:10,493 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/5dc2adeed/f5afe4e9db3c4046830c78b97fea9d23/FLAG2701d806a [2024-10-11 03:01:10,753 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/5dc2adeed/f5afe4e9db3c4046830c78b97fea9d23 [2024-10-11 03:01:10,755 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-11 03:01:10,756 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-11 03:01:10,757 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:10,758 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-11 03:01:10,766 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-11 03:01:10,767 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:10" (1/1) ... [2024-10-11 03:01:10,770 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6d325c37 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:10, skipping insertion in model container [2024-10-11 03:01:10,771 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:10" (1/1) ... [2024-10-11 03:01:10,814 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-11 03:01:11,014 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c[1605,1618] [2024-10-11 03:01:11,167 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:11,180 INFO L200 MainTranslator]: Completed pre-run [2024-10-11 03:01:11,189 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-10-11 03:01:11,191 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [58] [2024-10-11 03:01:11,191 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [164] [2024-10-11 03:01:11,191 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [530] [2024-10-11 03:01:11,191 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [565] [2024-10-11 03:01:11,191 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [633] [2024-10-11 03:01:11,192 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [732] [2024-10-11 03:01:11,192 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [907] [2024-10-11 03:01:11,196 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product35.cil.c[1605,1618] [2024-10-11 03:01:11,273 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:11,294 INFO L204 MainTranslator]: Completed translation [2024-10-11 03:01:11,295 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11 WrapperNode [2024-10-11 03:01:11,295 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:11,296 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:11,296 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-11 03:01:11,296 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-11 03:01:11,303 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,314 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,337 INFO L138 Inliner]: procedures = 55, calls = 98, calls flagged for inlining = 24, calls inlined = 20, statements flattened = 182 [2024-10-11 03:01:11,338 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:11,339 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-11 03:01:11,339 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-11 03:01:11,339 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-11 03:01:11,349 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,349 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,355 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,372 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-11 03:01:11,373 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,373 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,377 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,383 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,392 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,393 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,395 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-11 03:01:11,396 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-11 03:01:11,396 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-11 03:01:11,397 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-11 03:01:11,397 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (1/1) ... [2024-10-11 03:01:11,403 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:11,417 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:11,437 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-11 03:01:11,442 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-11 03:01:11,492 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-11 03:01:11,493 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-11 03:01:11,493 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-11 03:01:11,493 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-11 03:01:11,493 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-11 03:01:11,494 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-11 03:01:11,494 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-11 03:01:11,494 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-11 03:01:11,494 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-11 03:01:11,494 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-11 03:01:11,495 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-11 03:01:11,495 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-11 03:01:11,495 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-11 03:01:11,495 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-11 03:01:11,495 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-11 03:01:11,495 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-11 03:01:11,580 INFO L238 CfgBuilder]: Building ICFG [2024-10-11 03:01:11,583 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-11 03:01:11,852 INFO L? ?]: Removed 36 outVars from TransFormulas that were not future-live. [2024-10-11 03:01:11,852 INFO L287 CfgBuilder]: Performing block encoding [2024-10-11 03:01:11,915 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-11 03:01:11,915 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-11 03:01:11,916 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:11 BoogieIcfgContainer [2024-10-11 03:01:11,916 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-11 03:01:11,919 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-11 03:01:11,919 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-11 03:01:11,922 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-11 03:01:11,922 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.10 03:01:10" (1/3) ... [2024-10-11 03:01:11,925 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ca79d82 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:11, skipping insertion in model container [2024-10-11 03:01:11,926 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:11" (2/3) ... [2024-10-11 03:01:11,926 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ca79d82 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:11, skipping insertion in model container [2024-10-11 03:01:11,926 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:11" (3/3) ... [2024-10-11 03:01:11,927 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product35.cil.c [2024-10-11 03:01:11,945 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-11 03:01:11,945 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-11 03:01:12,016 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-11 03:01:12,024 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@29c233d0, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-11 03:01:12,025 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-11 03:01:12,029 INFO L276 IsEmpty]: Start isEmpty. Operand has 64 states, 46 states have (on average 1.5434782608695652) internal successors, (71), 52 states have internal predecessors, (71), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2024-10-11 03:01:12,038 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-11 03:01:12,039 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:12,040 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:12,042 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:12,047 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:12,047 INFO L85 PathProgramCache]: Analyzing trace with hash -1725021989, now seen corresponding path program 1 times [2024-10-11 03:01:12,057 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:12,057 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [925403121] [2024-10-11 03:01:12,058 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:12,058 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:12,181 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,263 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:12,269 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,274 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:12,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,280 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:12,281 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:12,284 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [925403121] [2024-10-11 03:01:12,285 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [925403121] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:12,285 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:12,286 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-11 03:01:12,292 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1432596742] [2024-10-11 03:01:12,293 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:12,297 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-11 03:01:12,298 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:12,330 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-11 03:01:12,331 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:12,332 INFO L87 Difference]: Start difference. First operand has 64 states, 46 states have (on average 1.5434782608695652) internal successors, (71), 52 states have internal predecessors, (71), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:12,406 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:12,406 INFO L93 Difference]: Finished difference Result 126 states and 183 transitions. [2024-10-11 03:01:12,408 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-11 03:01:12,409 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-11 03:01:12,409 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:12,416 INFO L225 Difference]: With dead ends: 126 [2024-10-11 03:01:12,416 INFO L226 Difference]: Without dead ends: 59 [2024-10-11 03:01:12,420 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:12,426 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 72 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:12,427 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 72 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:12,443 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2024-10-11 03:01:12,477 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2024-10-11 03:01:12,479 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 43 states have (on average 1.4186046511627908) internal successors, (61), 48 states have internal predecessors, (61), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-11 03:01:12,481 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 80 transitions. [2024-10-11 03:01:12,482 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 80 transitions. Word has length 22 [2024-10-11 03:01:12,482 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:12,483 INFO L471 AbstractCegarLoop]: Abstraction has 59 states and 80 transitions. [2024-10-11 03:01:12,483 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:12,483 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 80 transitions. [2024-10-11 03:01:12,485 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-11 03:01:12,485 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:12,485 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:12,486 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-11 03:01:12,486 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:12,487 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:12,487 INFO L85 PathProgramCache]: Analyzing trace with hash -2102393361, now seen corresponding path program 1 times [2024-10-11 03:01:12,487 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:12,487 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1269439155] [2024-10-11 03:01:12,487 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:12,488 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:12,509 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,616 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:12,619 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,622 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:12,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,625 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:12,625 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:12,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1269439155] [2024-10-11 03:01:12,625 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1269439155] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:12,626 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:12,626 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:12,626 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1052979620] [2024-10-11 03:01:12,626 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:12,627 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:12,627 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:12,628 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:12,628 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:12,629 INFO L87 Difference]: Start difference. First operand 59 states and 80 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:12,667 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:12,668 INFO L93 Difference]: Finished difference Result 89 states and 120 transitions. [2024-10-11 03:01:12,668 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:12,668 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-11 03:01:12,669 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:12,670 INFO L225 Difference]: With dead ends: 89 [2024-10-11 03:01:12,670 INFO L226 Difference]: Without dead ends: 51 [2024-10-11 03:01:12,671 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:12,672 INFO L432 NwaCegarLoop]: 58 mSDtfsCounter, 14 mSDsluCounter, 43 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 17 SdHoareTripleChecker+Valid, 101 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:12,673 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [17 Valid, 101 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:12,673 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 51 states. [2024-10-11 03:01:12,684 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 51 to 51. [2024-10-11 03:01:12,685 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 51 states, 38 states have (on average 1.4473684210526316) internal successors, (55), 43 states have internal predecessors, (55), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-10-11 03:01:12,686 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 51 states to 51 states and 69 transitions. [2024-10-11 03:01:12,689 INFO L78 Accepts]: Start accepts. Automaton has 51 states and 69 transitions. Word has length 23 [2024-10-11 03:01:12,690 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:12,690 INFO L471 AbstractCegarLoop]: Abstraction has 51 states and 69 transitions. [2024-10-11 03:01:12,690 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:12,690 INFO L276 IsEmpty]: Start isEmpty. Operand 51 states and 69 transitions. [2024-10-11 03:01:12,691 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-11 03:01:12,691 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:12,691 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:12,692 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-11 03:01:12,692 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:12,692 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:12,692 INFO L85 PathProgramCache]: Analyzing trace with hash 611933001, now seen corresponding path program 1 times [2024-10-11 03:01:12,693 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:12,694 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [715692999] [2024-10-11 03:01:12,694 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:12,695 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:12,714 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,801 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:12,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,806 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-11 03:01:12,808 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,809 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:12,809 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:12,809 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [715692999] [2024-10-11 03:01:12,809 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [715692999] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:12,809 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:12,810 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:12,810 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2116203183] [2024-10-11 03:01:12,810 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:12,810 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:12,810 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:12,811 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:12,811 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:12,811 INFO L87 Difference]: Start difference. First operand 51 states and 69 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:12,872 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:12,875 INFO L93 Difference]: Finished difference Result 149 states and 204 transitions. [2024-10-11 03:01:12,876 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:12,876 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-11 03:01:12,876 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:12,877 INFO L225 Difference]: With dead ends: 149 [2024-10-11 03:01:12,881 INFO L226 Difference]: Without dead ends: 100 [2024-10-11 03:01:12,882 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:12,883 INFO L432 NwaCegarLoop]: 68 mSDtfsCounter, 53 mSDsluCounter, 56 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 124 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:12,884 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [53 Valid, 124 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:12,885 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 100 states. [2024-10-11 03:01:12,900 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 100 to 96. [2024-10-11 03:01:12,900 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 71 states have (on average 1.4507042253521127) internal successors, (103), 80 states have internal predecessors, (103), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-11 03:01:12,902 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 131 transitions. [2024-10-11 03:01:12,902 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 131 transitions. Word has length 26 [2024-10-11 03:01:12,902 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:12,903 INFO L471 AbstractCegarLoop]: Abstraction has 96 states and 131 transitions. [2024-10-11 03:01:12,903 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:12,903 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 131 transitions. [2024-10-11 03:01:12,904 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-10-11 03:01:12,904 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:12,905 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:12,905 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-11 03:01:12,905 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:12,906 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:12,906 INFO L85 PathProgramCache]: Analyzing trace with hash 782732798, now seen corresponding path program 1 times [2024-10-11 03:01:12,906 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:12,906 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1151565027] [2024-10-11 03:01:12,906 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:12,907 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:12,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,957 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-11 03:01:12,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,962 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:12,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:12,965 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:12,969 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:12,969 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1151565027] [2024-10-11 03:01:12,969 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1151565027] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:12,970 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:12,970 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:12,970 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1303876985] [2024-10-11 03:01:12,970 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:12,971 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:12,971 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:12,971 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:12,971 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:12,972 INFO L87 Difference]: Start difference. First operand 96 states and 131 transitions. Second operand has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:13,018 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:13,018 INFO L93 Difference]: Finished difference Result 265 states and 366 transitions. [2024-10-11 03:01:13,019 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:13,019 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2024-10-11 03:01:13,019 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:13,020 INFO L225 Difference]: With dead ends: 265 [2024-10-11 03:01:13,021 INFO L226 Difference]: Without dead ends: 171 [2024-10-11 03:01:13,021 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:13,022 INFO L432 NwaCegarLoop]: 63 mSDtfsCounter, 51 mSDsluCounter, 45 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 28 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:13,023 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [51 Valid, 108 Invalid, 28 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:13,024 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 171 states. [2024-10-11 03:01:13,044 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 171 to 169. [2024-10-11 03:01:13,045 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 169 states, 124 states have (on average 1.4112903225806452) internal successors, (175), 135 states have internal predecessors, (175), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-10-11 03:01:13,049 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 169 states to 169 states and 227 transitions. [2024-10-11 03:01:13,051 INFO L78 Accepts]: Start accepts. Automaton has 169 states and 227 transitions. Word has length 29 [2024-10-11 03:01:13,052 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:13,052 INFO L471 AbstractCegarLoop]: Abstraction has 169 states and 227 transitions. [2024-10-11 03:01:13,052 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:13,052 INFO L276 IsEmpty]: Start isEmpty. Operand 169 states and 227 transitions. [2024-10-11 03:01:13,053 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-10-11 03:01:13,053 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:13,056 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:13,056 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-11 03:01:13,056 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:13,057 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:13,058 INFO L85 PathProgramCache]: Analyzing trace with hash -1078250247, now seen corresponding path program 1 times [2024-10-11 03:01:13,058 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:13,058 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1373771027] [2024-10-11 03:01:13,059 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:13,059 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:13,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,151 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-11 03:01:13,153 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,154 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:13,155 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,166 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-11 03:01:13,167 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:13,167 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1373771027] [2024-10-11 03:01:13,167 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1373771027] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:13,167 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:13,167 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:13,167 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1451584475] [2024-10-11 03:01:13,167 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:13,168 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:13,168 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:13,168 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:13,168 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:13,169 INFO L87 Difference]: Start difference. First operand 169 states and 227 transitions. Second operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:13,332 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:13,332 INFO L93 Difference]: Finished difference Result 334 states and 452 transitions. [2024-10-11 03:01:13,335 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:13,335 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 29 [2024-10-11 03:01:13,336 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:13,337 INFO L225 Difference]: With dead ends: 334 [2024-10-11 03:01:13,337 INFO L226 Difference]: Without dead ends: 167 [2024-10-11 03:01:13,343 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:13,344 INFO L432 NwaCegarLoop]: 57 mSDtfsCounter, 50 mSDsluCounter, 193 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 250 SdHoareTripleChecker+Invalid, 96 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:13,344 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 250 Invalid, 96 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:13,349 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2024-10-11 03:01:13,370 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 167. [2024-10-11 03:01:13,371 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 167 states, 122 states have (on average 1.3852459016393444) internal successors, (169), 133 states have internal predecessors, (169), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-10-11 03:01:13,372 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 167 states to 167 states and 221 transitions. [2024-10-11 03:01:13,376 INFO L78 Accepts]: Start accepts. Automaton has 167 states and 221 transitions. Word has length 29 [2024-10-11 03:01:13,376 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:13,377 INFO L471 AbstractCegarLoop]: Abstraction has 167 states and 221 transitions. [2024-10-11 03:01:13,377 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:13,377 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 221 transitions. [2024-10-11 03:01:13,378 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-10-11 03:01:13,378 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:13,379 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:13,379 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-11 03:01:13,379 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:13,381 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:13,382 INFO L85 PathProgramCache]: Analyzing trace with hash 465688280, now seen corresponding path program 1 times [2024-10-11 03:01:13,382 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:13,382 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2000597536] [2024-10-11 03:01:13,382 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:13,382 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:13,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,479 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:13,480 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,482 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2024-10-11 03:01:13,484 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,486 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:13,486 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:13,487 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2000597536] [2024-10-11 03:01:13,487 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2000597536] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:13,487 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:13,488 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-10-11 03:01:13,488 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1802768433] [2024-10-11 03:01:13,488 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:13,488 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-10-11 03:01:13,489 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:13,489 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-10-11 03:01:13,490 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-11 03:01:13,490 INFO L87 Difference]: Start difference. First operand 167 states and 221 transitions. Second operand has 4 states, 4 states have (on average 6.75) internal successors, (27), 4 states have internal predecessors, (27), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:13,560 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:13,561 INFO L93 Difference]: Finished difference Result 336 states and 450 transitions. [2024-10-11 03:01:13,561 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-10-11 03:01:13,562 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 6.75) internal successors, (27), 4 states have internal predecessors, (27), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 33 [2024-10-11 03:01:13,562 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:13,564 INFO L225 Difference]: With dead ends: 336 [2024-10-11 03:01:13,564 INFO L226 Difference]: Without dead ends: 171 [2024-10-11 03:01:13,565 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-11 03:01:13,566 INFO L432 NwaCegarLoop]: 57 mSDtfsCounter, 0 mSDsluCounter, 109 mSDsCounter, 0 mSdLazyCounter, 40 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 166 SdHoareTripleChecker+Invalid, 40 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 40 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:13,567 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 166 Invalid, 40 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 40 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:13,568 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 171 states. [2024-10-11 03:01:13,589 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 171 to 171. [2024-10-11 03:01:13,590 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 171 states, 126 states have (on average 1.373015873015873) internal successors, (173), 137 states have internal predecessors, (173), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-10-11 03:01:13,591 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 171 states to 171 states and 225 transitions. [2024-10-11 03:01:13,593 INFO L78 Accepts]: Start accepts. Automaton has 171 states and 225 transitions. Word has length 33 [2024-10-11 03:01:13,594 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:13,594 INFO L471 AbstractCegarLoop]: Abstraction has 171 states and 225 transitions. [2024-10-11 03:01:13,594 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 6.75) internal successors, (27), 4 states have internal predecessors, (27), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:13,595 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 225 transitions. [2024-10-11 03:01:13,596 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-10-11 03:01:13,596 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:13,596 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:13,597 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-11 03:01:13,597 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:13,597 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:13,598 INFO L85 PathProgramCache]: Analyzing trace with hash -121117734, now seen corresponding path program 1 times [2024-10-11 03:01:13,598 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:13,598 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2099177285] [2024-10-11 03:01:13,598 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:13,598 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:13,612 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,685 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:13,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,688 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2024-10-11 03:01:13,690 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,692 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:13,693 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:13,693 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2099177285] [2024-10-11 03:01:13,693 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2099177285] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:13,694 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:13,694 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-10-11 03:01:13,694 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1070413330] [2024-10-11 03:01:13,695 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:13,695 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-10-11 03:01:13,695 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:13,696 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-10-11 03:01:13,696 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-11 03:01:13,696 INFO L87 Difference]: Start difference. First operand 171 states and 225 transitions. Second operand has 4 states, 4 states have (on average 6.75) internal successors, (27), 4 states have internal predecessors, (27), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:13,763 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:13,764 INFO L93 Difference]: Finished difference Result 344 states and 462 transitions. [2024-10-11 03:01:13,764 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-10-11 03:01:13,765 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 6.75) internal successors, (27), 4 states have internal predecessors, (27), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 33 [2024-10-11 03:01:13,767 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:13,768 INFO L225 Difference]: With dead ends: 344 [2024-10-11 03:01:13,769 INFO L226 Difference]: Without dead ends: 175 [2024-10-11 03:01:13,774 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-11 03:01:13,775 INFO L432 NwaCegarLoop]: 56 mSDtfsCounter, 0 mSDsluCounter, 107 mSDsCounter, 0 mSdLazyCounter, 43 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 163 SdHoareTripleChecker+Invalid, 43 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 43 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:13,775 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 163 Invalid, 43 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 43 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:13,776 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 175 states. [2024-10-11 03:01:13,805 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 175 to 175. [2024-10-11 03:01:13,806 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 175 states, 130 states have (on average 1.3615384615384616) internal successors, (177), 141 states have internal predecessors, (177), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-10-11 03:01:13,807 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 175 states to 175 states and 229 transitions. [2024-10-11 03:01:13,808 INFO L78 Accepts]: Start accepts. Automaton has 175 states and 229 transitions. Word has length 33 [2024-10-11 03:01:13,808 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:13,808 INFO L471 AbstractCegarLoop]: Abstraction has 175 states and 229 transitions. [2024-10-11 03:01:13,809 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 6.75) internal successors, (27), 4 states have internal predecessors, (27), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:13,809 INFO L276 IsEmpty]: Start isEmpty. Operand 175 states and 229 transitions. [2024-10-11 03:01:13,811 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-10-11 03:01:13,811 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:13,813 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:13,813 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-11 03:01:13,814 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:13,814 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:13,815 INFO L85 PathProgramCache]: Analyzing trace with hash -1400981412, now seen corresponding path program 1 times [2024-10-11 03:01:13,815 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:13,817 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [869749191] [2024-10-11 03:01:13,817 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:13,817 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:13,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,892 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:13,893 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,896 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2024-10-11 03:01:13,897 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:13,899 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:13,899 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:13,900 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [869749191] [2024-10-11 03:01:13,901 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [869749191] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:13,901 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:13,901 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:13,901 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [955620632] [2024-10-11 03:01:13,901 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:13,902 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:13,905 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:13,906 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:13,906 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:13,906 INFO L87 Difference]: Start difference. First operand 175 states and 229 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:13,975 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:13,978 INFO L93 Difference]: Finished difference Result 501 states and 683 transitions. [2024-10-11 03:01:13,979 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:13,979 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 33 [2024-10-11 03:01:13,979 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:13,982 INFO L225 Difference]: With dead ends: 501 [2024-10-11 03:01:13,986 INFO L226 Difference]: Without dead ends: 328 [2024-10-11 03:01:13,987 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:13,990 INFO L432 NwaCegarLoop]: 68 mSDtfsCounter, 45 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 120 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:13,990 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 120 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:13,991 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 328 states. [2024-10-11 03:01:14,030 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 328 to 326. [2024-10-11 03:01:14,031 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 326 states, 241 states have (on average 1.3485477178423237) internal successors, (325), 256 states have internal predecessors, (325), 48 states have call successors, (48), 40 states have call predecessors, (48), 36 states have return successors, (60), 44 states have call predecessors, (60), 48 states have call successors, (60) [2024-10-11 03:01:14,033 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 326 states to 326 states and 433 transitions. [2024-10-11 03:01:14,034 INFO L78 Accepts]: Start accepts. Automaton has 326 states and 433 transitions. Word has length 33 [2024-10-11 03:01:14,034 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:14,035 INFO L471 AbstractCegarLoop]: Abstraction has 326 states and 433 transitions. [2024-10-11 03:01:14,035 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:14,035 INFO L276 IsEmpty]: Start isEmpty. Operand 326 states and 433 transitions. [2024-10-11 03:01:14,037 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-10-11 03:01:14,037 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:14,037 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:14,037 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-11 03:01:14,038 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:14,038 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:14,038 INFO L85 PathProgramCache]: Analyzing trace with hash -1367248330, now seen corresponding path program 1 times [2024-10-11 03:01:14,039 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:14,039 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1604129196] [2024-10-11 03:01:14,039 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:14,040 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:14,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,156 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:14,157 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,165 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:14,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,167 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-10-11 03:01:14,168 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,173 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:14,175 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:14,175 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1604129196] [2024-10-11 03:01:14,175 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1604129196] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:14,175 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:14,176 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:14,176 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [463671032] [2024-10-11 03:01:14,176 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:14,176 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:14,177 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:14,177 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:14,177 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:14,178 INFO L87 Difference]: Start difference. First operand 326 states and 433 transitions. Second operand has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-11 03:01:14,470 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:14,472 INFO L93 Difference]: Finished difference Result 851 states and 1174 transitions. [2024-10-11 03:01:14,473 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-10-11 03:01:14,473 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 37 [2024-10-11 03:01:14,473 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:14,478 INFO L225 Difference]: With dead ends: 851 [2024-10-11 03:01:14,478 INFO L226 Difference]: Without dead ends: 527 [2024-10-11 03:01:14,480 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=34, Invalid=56, Unknown=0, NotChecked=0, Total=90 [2024-10-11 03:01:14,482 INFO L432 NwaCegarLoop]: 80 mSDtfsCounter, 140 mSDsluCounter, 166 mSDsCounter, 0 mSdLazyCounter, 170 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 246 SdHoareTripleChecker+Invalid, 200 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 170 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:14,482 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 246 Invalid, 200 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 170 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:14,485 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 527 states. [2024-10-11 03:01:14,540 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 527 to 525. [2024-10-11 03:01:14,542 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 525 states, 393 states have (on average 1.3104325699745547) internal successors, (515), 421 states have internal predecessors, (515), 72 states have call successors, (72), 55 states have call predecessors, (72), 59 states have return successors, (113), 68 states have call predecessors, (113), 72 states have call successors, (113) [2024-10-11 03:01:14,547 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 525 states to 525 states and 700 transitions. [2024-10-11 03:01:14,548 INFO L78 Accepts]: Start accepts. Automaton has 525 states and 700 transitions. Word has length 37 [2024-10-11 03:01:14,548 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:14,548 INFO L471 AbstractCegarLoop]: Abstraction has 525 states and 700 transitions. [2024-10-11 03:01:14,549 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-11 03:01:14,549 INFO L276 IsEmpty]: Start isEmpty. Operand 525 states and 700 transitions. [2024-10-11 03:01:14,551 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2024-10-11 03:01:14,551 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:14,551 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:14,552 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-11 03:01:14,552 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:14,552 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:14,552 INFO L85 PathProgramCache]: Analyzing trace with hash 1119034255, now seen corresponding path program 1 times [2024-10-11 03:01:14,553 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:14,553 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1563983986] [2024-10-11 03:01:14,553 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:14,553 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:14,566 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,614 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:14,616 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,626 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:14,630 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,653 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:14,654 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,655 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-10-11 03:01:14,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,657 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 54 [2024-10-11 03:01:14,658 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,661 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:14,661 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:14,661 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1563983986] [2024-10-11 03:01:14,662 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1563983986] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:14,662 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:14,662 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:14,662 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [386706080] [2024-10-11 03:01:14,662 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:14,663 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:14,663 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:14,663 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:14,663 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:14,664 INFO L87 Difference]: Start difference. First operand 525 states and 700 transitions. Second operand has 6 states, 5 states have (on average 9.6) internal successors, (48), 4 states have internal predecessors, (48), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2024-10-11 03:01:14,923 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:14,923 INFO L93 Difference]: Finished difference Result 632 states and 839 transitions. [2024-10-11 03:01:14,923 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-10-11 03:01:14,924 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 9.6) internal successors, (48), 4 states have internal predecessors, (48), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 61 [2024-10-11 03:01:14,925 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:14,927 INFO L225 Difference]: With dead ends: 632 [2024-10-11 03:01:14,929 INFO L226 Difference]: Without dead ends: 256 [2024-10-11 03:01:14,930 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2024-10-11 03:01:14,931 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 138 mSDsluCounter, 148 mSDsCounter, 0 mSdLazyCounter, 182 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 145 SdHoareTripleChecker+Valid, 230 SdHoareTripleChecker+Invalid, 212 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 182 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:14,932 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [145 Valid, 230 Invalid, 212 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 182 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:14,933 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 256 states. [2024-10-11 03:01:14,961 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 256 to 254. [2024-10-11 03:01:14,962 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 254 states, 189 states have (on average 1.2592592592592593) internal successors, (238), 203 states have internal predecessors, (238), 35 states have call successors, (35), 27 states have call predecessors, (35), 29 states have return successors, (54), 33 states have call predecessors, (54), 35 states have call successors, (54) [2024-10-11 03:01:14,964 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 254 states to 254 states and 327 transitions. [2024-10-11 03:01:14,965 INFO L78 Accepts]: Start accepts. Automaton has 254 states and 327 transitions. Word has length 61 [2024-10-11 03:01:14,965 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:14,965 INFO L471 AbstractCegarLoop]: Abstraction has 254 states and 327 transitions. [2024-10-11 03:01:14,966 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 9.6) internal successors, (48), 4 states have internal predecessors, (48), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2024-10-11 03:01:14,967 INFO L276 IsEmpty]: Start isEmpty. Operand 254 states and 327 transitions. [2024-10-11 03:01:14,968 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2024-10-11 03:01:14,969 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:14,969 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:14,969 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-10-11 03:01:14,969 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:14,970 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:14,970 INFO L85 PathProgramCache]: Analyzing trace with hash 2108259256, now seen corresponding path program 1 times [2024-10-11 03:01:14,970 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:14,970 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1684731007] [2024-10-11 03:01:14,972 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:14,972 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:14,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,099 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:15,102 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,115 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:15,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,137 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:15,138 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,140 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-10-11 03:01:15,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,159 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-10-11 03:01:15,160 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,162 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2024-10-11 03:01:15,162 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,167 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 6 proven. 13 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2024-10-11 03:01:15,167 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:15,167 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1684731007] [2024-10-11 03:01:15,168 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1684731007] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 03:01:15,168 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [311155998] [2024-10-11 03:01:15,168 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:15,168 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:15,168 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:15,171 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 03:01:15,173 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-11 03:01:15,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,261 INFO L255 TraceCheckSpWp]: Trace formula consists of 246 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-11 03:01:15,267 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 03:01:15,423 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 18 proven. 5 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 03:01:15,423 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-11 03:01:15,601 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 15 proven. 4 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2024-10-11 03:01:15,602 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [311155998] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-11 03:01:15,602 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-11 03:01:15,602 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 14 [2024-10-11 03:01:15,602 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1322217016] [2024-10-11 03:01:15,602 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-11 03:01:15,603 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2024-10-11 03:01:15,603 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:15,603 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2024-10-11 03:01:15,603 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=149, Unknown=0, NotChecked=0, Total=182 [2024-10-11 03:01:15,604 INFO L87 Difference]: Start difference. First operand 254 states and 327 transitions. Second operand has 14 states, 11 states have (on average 7.636363636363637) internal successors, (84), 10 states have internal predecessors, (84), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2024-10-11 03:01:16,208 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:16,208 INFO L93 Difference]: Finished difference Result 507 states and 670 transitions. [2024-10-11 03:01:16,209 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-10-11 03:01:16,209 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 11 states have (on average 7.636363636363637) internal successors, (84), 10 states have internal predecessors, (84), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) Word has length 63 [2024-10-11 03:01:16,210 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:16,211 INFO L225 Difference]: With dead ends: 507 [2024-10-11 03:01:16,211 INFO L226 Difference]: Without dead ends: 0 [2024-10-11 03:01:16,213 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 166 GetRequests, 135 SyntacticMatches, 4 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 138 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=201, Invalid=611, Unknown=0, NotChecked=0, Total=812 [2024-10-11 03:01:16,214 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 234 mSDsluCounter, 354 mSDsCounter, 0 mSdLazyCounter, 473 mSolverCounterSat, 84 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 237 SdHoareTripleChecker+Valid, 437 SdHoareTripleChecker+Invalid, 557 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 84 IncrementalHoareTripleChecker+Valid, 473 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:16,214 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [237 Valid, 437 Invalid, 557 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [84 Valid, 473 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 03:01:16,214 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-11 03:01:16,215 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-11 03:01:16,215 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-11 03:01:16,215 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-11 03:01:16,216 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 63 [2024-10-11 03:01:16,216 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:16,216 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-11 03:01:16,216 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 11 states have (on average 7.636363636363637) internal successors, (84), 10 states have internal predecessors, (84), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2024-10-11 03:01:16,216 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-11 03:01:16,216 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-11 03:01:16,219 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-11 03:01:16,239 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-11 03:01:16,424 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-10-11 03:01:16,427 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:16,428 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-11 03:01:18,988 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-11 03:01:19,014 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:19,025 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:19,037 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.10 03:01:19 BoogieIcfgContainer [2024-10-11 03:01:19,037 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-11 03:01:19,038 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-11 03:01:19,038 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-11 03:01:19,038 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-11 03:01:19,039 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:11" (3/4) ... [2024-10-11 03:01:19,041 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-11 03:01:19,044 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-11 03:01:19,044 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-11 03:01:19,044 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-11 03:01:19,044 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-11 03:01:19,045 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-11 03:01:19,045 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-11 03:01:19,050 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 31 nodes and edges [2024-10-11 03:01:19,051 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-11 03:01:19,051 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-11 03:01:19,051 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:19,052 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:19,148 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-11 03:01:19,149 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-11 03:01:19,149 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-11 03:01:19,150 INFO L158 Benchmark]: Toolchain (without parser) took 8393.15ms. Allocated memory was 174.1MB in the beginning and 264.2MB in the end (delta: 90.2MB). Free memory was 142.3MB in the beginning and 142.2MB in the end (delta: 64.7kB). Peak memory consumption was 91.4MB. Max. memory is 16.1GB. [2024-10-11 03:01:19,150 INFO L158 Benchmark]: CDTParser took 0.16ms. Allocated memory is still 174.1MB. Free memory is still 146.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 03:01:19,150 INFO L158 Benchmark]: CACSL2BoogieTranslator took 537.83ms. Allocated memory is still 174.1MB. Free memory was 141.6MB in the beginning and 120.5MB in the end (delta: 21.1MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-11 03:01:19,150 INFO L158 Benchmark]: Boogie Procedure Inliner took 42.13ms. Allocated memory is still 174.1MB. Free memory was 120.5MB in the beginning and 118.2MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:19,151 INFO L158 Benchmark]: Boogie Preprocessor took 56.22ms. Allocated memory is still 174.1MB. Free memory was 118.2MB in the beginning and 116.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:19,151 INFO L158 Benchmark]: RCFGBuilder took 519.90ms. Allocated memory is still 174.1MB. Free memory was 115.5MB in the beginning and 93.9MB in the end (delta: 21.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-11 03:01:19,151 INFO L158 Benchmark]: TraceAbstraction took 7119.04ms. Allocated memory was 174.1MB in the beginning and 264.2MB in the end (delta: 90.2MB). Free memory was 93.2MB in the beginning and 149.5MB in the end (delta: -56.3MB). Peak memory consumption was 83.5MB. Max. memory is 16.1GB. [2024-10-11 03:01:19,152 INFO L158 Benchmark]: Witness Printer took 110.97ms. Allocated memory is still 264.2MB. Free memory was 149.5MB in the beginning and 142.2MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-11 03:01:19,154 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.16ms. Allocated memory is still 174.1MB. Free memory is still 146.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 537.83ms. Allocated memory is still 174.1MB. Free memory was 141.6MB in the beginning and 120.5MB in the end (delta: 21.1MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 42.13ms. Allocated memory is still 174.1MB. Free memory was 120.5MB in the beginning and 118.2MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 56.22ms. Allocated memory is still 174.1MB. Free memory was 118.2MB in the beginning and 116.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 519.90ms. Allocated memory is still 174.1MB. Free memory was 115.5MB in the beginning and 93.9MB in the end (delta: 21.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 7119.04ms. Allocated memory was 174.1MB in the beginning and 264.2MB in the end (delta: 90.2MB). Free memory was 93.2MB in the beginning and 149.5MB in the end (delta: -56.3MB). Peak memory consumption was 83.5MB. Max. memory is 16.1GB. * Witness Printer took 110.97ms. Allocated memory is still 264.2MB. Free memory was 149.5MB in the beginning and 142.2MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [58] - GenericResultAtLocation [Line: 164]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [164] - GenericResultAtLocation [Line: 530]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [530] - GenericResultAtLocation [Line: 565]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [565] - GenericResultAtLocation [Line: 633]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [633] - GenericResultAtLocation [Line: 732]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [732] - GenericResultAtLocation [Line: 907]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [907] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 64 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.4s, OverallIterations: 11, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 746 SdHoareTripleChecker+Valid, 1.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 725 mSDsluCounter, 2017 SdHoareTripleChecker+Invalid, 0.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1273 mSDsCounter, 158 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1108 IncrementalHoareTripleChecker+Invalid, 1266 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 158 mSolverCounterUnsat, 744 mSDtfsCounter, 1108 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 266 GetRequests, 204 SyntacticMatches, 4 SemanticMatches, 58 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 153 ImplicationChecksByTransitivity, 0.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=525occurred in iteration=9, InterpolantAutomatonStates: 63, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 11 MinimizatonAttempts, 12 StatesRemovedByMinimization, 5 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.4s InterpolantComputationTime, 452 NumberOfCodeBlocks, 452 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 502 ConstructedInterpolants, 0 QuantifiedInterpolants, 951 SizeOfPredicates, 2 NumberOfNonLiveVariables, 246 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 13 InterpolantComputations, 10 PerfectInterpolantSequences, 86/108 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 576]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 577]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - ProcedureContractResult [Line: 768]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 665]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) - ProcedureContractResult [Line: 741]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 < \old(waterLevel)) || (waterLevel < 2)) && ((\old(pumpRunning) < 1) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || (\old(waterLevel) != 2))) && ((pumpRunning == 0) || (0 != systemActive))) && (((1 < \old(waterLevel)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel)))) && ((((((\old(pumpRunning) == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 61]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 653]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((2 == waterLevel) || (\old(waterLevel) != 2)) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 828]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((pumpRunning == \result) && ((\result == 0) || (0 != systemActive))) && ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || ((waterLevel <= 2) && (0 == systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-10-11 03:01:19,199 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE