./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 84cfde4a Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c -s /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 73b8e020dd9d30fdd676c81009d4f1b850aa716d63ef29ce3d475a261546f853 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-84cfde4 [2024-10-11 03:01:16,806 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-11 03:01:16,877 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-11 03:01:16,884 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-11 03:01:16,885 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-11 03:01:16,910 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-11 03:01:16,910 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-11 03:01:16,911 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-11 03:01:16,911 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-11 03:01:16,912 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-11 03:01:16,912 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-11 03:01:16,913 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-11 03:01:16,913 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-11 03:01:16,913 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-11 03:01:16,915 INFO L153 SettingsManager]: * Use SBE=true [2024-10-11 03:01:16,915 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-11 03:01:16,915 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-11 03:01:16,916 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-11 03:01:16,916 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-11 03:01:16,916 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-11 03:01:16,919 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-11 03:01:16,920 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-11 03:01:16,920 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-11 03:01:16,920 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-11 03:01:16,920 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-11 03:01:16,920 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-11 03:01:16,921 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-11 03:01:16,921 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-11 03:01:16,921 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-11 03:01:16,921 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-11 03:01:16,921 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-11 03:01:16,922 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-11 03:01:16,922 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:16,922 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-11 03:01:16,922 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-11 03:01:16,922 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-11 03:01:16,922 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-11 03:01:16,923 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-11 03:01:16,923 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-11 03:01:16,923 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-11 03:01:16,923 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-11 03:01:16,924 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-11 03:01:16,925 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 73b8e020dd9d30fdd676c81009d4f1b850aa716d63ef29ce3d475a261546f853 [2024-10-11 03:01:17,151 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-11 03:01:17,187 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-11 03:01:17,189 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-11 03:01:17,190 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-11 03:01:17,191 INFO L274 PluginConnector]: CDTParser initialized [2024-10-11 03:01:17,192 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c [2024-10-11 03:01:18,718 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-11 03:01:19,119 INFO L384 CDTParser]: Found 1 translation units. [2024-10-11 03:01:19,120 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c [2024-10-11 03:01:19,136 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/d2220c699/a3e4c837f6a74df78ec1dad131426fce/FLAG5256fbae0 [2024-10-11 03:01:19,171 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/d2220c699/a3e4c837f6a74df78ec1dad131426fce [2024-10-11 03:01:19,180 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-11 03:01:19,182 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-11 03:01:19,187 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:19,187 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-11 03:01:19,200 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-11 03:01:19,201 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:19" (1/1) ... [2024-10-11 03:01:19,202 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1eac2749 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:19, skipping insertion in model container [2024-10-11 03:01:19,202 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:19" (1/1) ... [2024-10-11 03:01:19,300 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-11 03:01:19,799 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c[15211,15224] [2024-10-11 03:01:19,840 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:19,868 INFO L200 MainTranslator]: Completed pre-run [2024-10-11 03:01:19,895 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] [2024-10-11 03:01:19,897 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [101] [2024-10-11 03:01:19,897 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [206] [2024-10-11 03:01:19,897 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [572] [2024-10-11 03:01:19,898 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [670] [2024-10-11 03:01:19,898 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [705] [2024-10-11 03:01:19,898 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [714] [2024-10-11 03:01:19,898 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [923] [2024-10-11 03:01:20,025 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c[15211,15224] [2024-10-11 03:01:20,059 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:20,111 INFO L204 MainTranslator]: Completed translation [2024-10-11 03:01:20,113 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20 WrapperNode [2024-10-11 03:01:20,114 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:20,116 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:20,116 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-11 03:01:20,117 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-11 03:01:20,130 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,155 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,212 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 214 [2024-10-11 03:01:20,216 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:20,217 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-11 03:01:20,218 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-11 03:01:20,218 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-11 03:01:20,236 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,237 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,243 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,279 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-11 03:01:20,280 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,280 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,288 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,299 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,301 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,307 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,309 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-11 03:01:20,314 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-11 03:01:20,315 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-11 03:01:20,315 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-11 03:01:20,316 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (1/1) ... [2024-10-11 03:01:20,329 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:20,345 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:20,366 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-11 03:01:20,371 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-11 03:01:20,453 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-11 03:01:20,453 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-11 03:01:20,454 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-11 03:01:20,454 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-11 03:01:20,454 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-11 03:01:20,454 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-11 03:01:20,454 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-11 03:01:20,454 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-11 03:01:20,455 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-11 03:01:20,455 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-10-11 03:01:20,455 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-10-11 03:01:20,455 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-11 03:01:20,455 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-11 03:01:20,455 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-10-11 03:01:20,455 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-10-11 03:01:20,456 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-11 03:01:20,456 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-11 03:01:20,457 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-11 03:01:20,457 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-11 03:01:20,458 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-11 03:01:20,560 INFO L238 CfgBuilder]: Building ICFG [2024-10-11 03:01:20,564 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-11 03:01:20,901 INFO L? ?]: Removed 43 outVars from TransFormulas that were not future-live. [2024-10-11 03:01:20,901 INFO L287 CfgBuilder]: Performing block encoding [2024-10-11 03:01:20,958 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-11 03:01:20,958 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-11 03:01:20,958 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:20 BoogieIcfgContainer [2024-10-11 03:01:20,958 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-11 03:01:20,960 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-11 03:01:20,960 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-11 03:01:20,963 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-11 03:01:20,963 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.10 03:01:19" (1/3) ... [2024-10-11 03:01:20,964 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@594f2ac5 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:20, skipping insertion in model container [2024-10-11 03:01:20,964 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:20" (2/3) ... [2024-10-11 03:01:20,964 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@594f2ac5 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:20, skipping insertion in model container [2024-10-11 03:01:20,965 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:20" (3/3) ... [2024-10-11 03:01:20,966 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product46.cil.c [2024-10-11 03:01:20,980 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-11 03:01:20,980 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-11 03:01:21,043 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-11 03:01:21,053 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@417d064e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-11 03:01:21,054 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-11 03:01:21,059 INFO L276 IsEmpty]: Start isEmpty. Operand has 77 states, 53 states have (on average 1.509433962264151) internal successors, (80), 61 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-11 03:01:21,070 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-11 03:01:21,071 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:21,072 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:21,072 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:21,077 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:21,077 INFO L85 PathProgramCache]: Analyzing trace with hash 1565491923, now seen corresponding path program 1 times [2024-10-11 03:01:21,085 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:21,085 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1905327356] [2024-10-11 03:01:21,085 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:21,086 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:21,191 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,246 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:21,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,259 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:21,265 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,268 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:21,272 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:21,273 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1905327356] [2024-10-11 03:01:21,273 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1905327356] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:21,274 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:21,274 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-11 03:01:21,275 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2046530397] [2024-10-11 03:01:21,275 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:21,288 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-11 03:01:21,288 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:21,310 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-11 03:01:21,311 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:21,313 INFO L87 Difference]: Start difference. First operand has 77 states, 53 states have (on average 1.509433962264151) internal successors, (80), 61 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:21,455 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:21,456 INFO L93 Difference]: Finished difference Result 152 states and 217 transitions. [2024-10-11 03:01:21,458 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-11 03:01:21,459 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-11 03:01:21,459 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:21,468 INFO L225 Difference]: With dead ends: 152 [2024-10-11 03:01:21,468 INFO L226 Difference]: Without dead ends: 72 [2024-10-11 03:01:21,473 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:21,478 INFO L432 NwaCegarLoop]: 88 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 88 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:21,479 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 88 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:21,496 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2024-10-11 03:01:21,514 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2024-10-11 03:01:21,516 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 50 states have (on average 1.4) internal successors, (70), 57 states have internal predecessors, (70), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 11 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-11 03:01:21,519 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 97 transitions. [2024-10-11 03:01:21,520 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 97 transitions. Word has length 22 [2024-10-11 03:01:21,520 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:21,521 INFO L471 AbstractCegarLoop]: Abstraction has 72 states and 97 transitions. [2024-10-11 03:01:21,526 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:21,527 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 97 transitions. [2024-10-11 03:01:21,528 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-11 03:01:21,528 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:21,528 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:21,529 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-11 03:01:21,529 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:21,529 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:21,530 INFO L85 PathProgramCache]: Analyzing trace with hash 2041970291, now seen corresponding path program 1 times [2024-10-11 03:01:21,530 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:21,530 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1039489079] [2024-10-11 03:01:21,530 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:21,530 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:21,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,629 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:21,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,636 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:21,638 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,643 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:21,643 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:21,644 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1039489079] [2024-10-11 03:01:21,644 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1039489079] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:21,644 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:21,644 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:21,644 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [686684365] [2024-10-11 03:01:21,644 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:21,646 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:21,647 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:21,648 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:21,648 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:21,648 INFO L87 Difference]: Start difference. First operand 72 states and 97 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:21,696 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:21,697 INFO L93 Difference]: Finished difference Result 117 states and 157 transitions. [2024-10-11 03:01:21,697 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:21,698 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-11 03:01:21,698 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:21,699 INFO L225 Difference]: With dead ends: 117 [2024-10-11 03:01:21,699 INFO L226 Difference]: Without dead ends: 64 [2024-10-11 03:01:21,700 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:21,700 INFO L432 NwaCegarLoop]: 74 mSDtfsCounter, 11 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 135 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:21,701 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 135 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:21,701 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2024-10-11 03:01:21,706 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2024-10-11 03:01:21,707 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 45 states have (on average 1.4222222222222223) internal successors, (64), 52 states have internal predecessors, (64), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-11 03:01:21,708 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 86 transitions. [2024-10-11 03:01:21,708 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 86 transitions. Word has length 23 [2024-10-11 03:01:21,708 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:21,708 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 86 transitions. [2024-10-11 03:01:21,709 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:21,709 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 86 transitions. [2024-10-11 03:01:21,710 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-11 03:01:21,710 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:21,710 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:21,710 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-11 03:01:21,710 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:21,711 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:21,711 INFO L85 PathProgramCache]: Analyzing trace with hash -1368287412, now seen corresponding path program 1 times [2024-10-11 03:01:21,711 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:21,711 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [492140467] [2024-10-11 03:01:21,711 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:21,712 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:21,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,766 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:21,767 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,770 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-11 03:01:21,771 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,772 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:21,772 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:21,773 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [492140467] [2024-10-11 03:01:21,773 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [492140467] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:21,773 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:21,773 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:21,773 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [696486932] [2024-10-11 03:01:21,773 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:21,774 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:21,774 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:21,774 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:21,774 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:21,775 INFO L87 Difference]: Start difference. First operand 64 states and 86 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:21,800 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:21,800 INFO L93 Difference]: Finished difference Result 126 states and 171 transitions. [2024-10-11 03:01:21,800 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:21,801 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-11 03:01:21,801 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:21,802 INFO L225 Difference]: With dead ends: 126 [2024-10-11 03:01:21,802 INFO L226 Difference]: Without dead ends: 64 [2024-10-11 03:01:21,802 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:21,803 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 78 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 72 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:21,804 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 72 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:21,804 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2024-10-11 03:01:21,809 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2024-10-11 03:01:21,810 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 45 states have (on average 1.4) internal successors, (63), 52 states have internal predecessors, (63), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-11 03:01:21,811 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 85 transitions. [2024-10-11 03:01:21,811 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 85 transitions. Word has length 26 [2024-10-11 03:01:21,812 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:21,812 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 85 transitions. [2024-10-11 03:01:21,812 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:21,813 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 85 transitions. [2024-10-11 03:01:21,813 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-10-11 03:01:21,813 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:21,814 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:21,814 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-11 03:01:21,814 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:21,814 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:21,815 INFO L85 PathProgramCache]: Analyzing trace with hash -1136734256, now seen corresponding path program 1 times [2024-10-11 03:01:21,815 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:21,815 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1617851369] [2024-10-11 03:01:21,815 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:21,815 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:21,826 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,850 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:21,852 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,853 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:21,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,856 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2024-10-11 03:01:21,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:21,858 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:21,859 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:21,859 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1617851369] [2024-10-11 03:01:21,859 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1617851369] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:21,859 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:21,859 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:21,859 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [938247113] [2024-10-11 03:01:21,859 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:21,860 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:21,860 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:21,860 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:21,860 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:21,860 INFO L87 Difference]: Start difference. First operand 64 states and 85 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:21,921 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:21,921 INFO L93 Difference]: Finished difference Result 171 states and 229 transitions. [2024-10-11 03:01:21,923 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:21,924 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 33 [2024-10-11 03:01:21,924 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:21,925 INFO L225 Difference]: With dead ends: 171 [2024-10-11 03:01:21,925 INFO L226 Difference]: Without dead ends: 109 [2024-10-11 03:01:21,926 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:21,926 INFO L432 NwaCegarLoop]: 79 mSDtfsCounter, 68 mSDsluCounter, 53 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 132 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:21,927 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 132 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:21,931 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 109 states. [2024-10-11 03:01:21,951 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 109 to 107. [2024-10-11 03:01:21,952 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 107 states, 76 states have (on average 1.355263157894737) internal successors, (103), 84 states have internal predecessors, (103), 16 states have call successors, (16), 14 states have call predecessors, (16), 14 states have return successors, (20), 16 states have call predecessors, (20), 16 states have call successors, (20) [2024-10-11 03:01:21,953 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 107 states to 107 states and 139 transitions. [2024-10-11 03:01:21,954 INFO L78 Accepts]: Start accepts. Automaton has 107 states and 139 transitions. Word has length 33 [2024-10-11 03:01:21,954 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:21,954 INFO L471 AbstractCegarLoop]: Abstraction has 107 states and 139 transitions. [2024-10-11 03:01:21,954 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:21,955 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 139 transitions. [2024-10-11 03:01:21,962 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-10-11 03:01:21,962 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:21,962 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:21,962 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-11 03:01:21,963 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:21,963 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:21,963 INFO L85 PathProgramCache]: Analyzing trace with hash -385116897, now seen corresponding path program 1 times [2024-10-11 03:01:21,963 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:21,963 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1288927320] [2024-10-11 03:01:21,963 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:21,964 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:21,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,094 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:22,095 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,104 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:22,107 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,117 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:22,118 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,120 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-10-11 03:01:22,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,132 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-11 03:01:22,132 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:22,132 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1288927320] [2024-10-11 03:01:22,133 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1288927320] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:22,133 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:22,133 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-11 03:01:22,133 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1882580317] [2024-10-11 03:01:22,134 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:22,134 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-11 03:01:22,134 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:22,135 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-11 03:01:22,136 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:22,136 INFO L87 Difference]: Start difference. First operand 107 states and 139 transitions. Second operand has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 03:01:22,430 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:22,431 INFO L93 Difference]: Finished difference Result 232 states and 303 transitions. [2024-10-11 03:01:22,431 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-11 03:01:22,432 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 41 [2024-10-11 03:01:22,432 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:22,437 INFO L225 Difference]: With dead ends: 232 [2024-10-11 03:01:22,437 INFO L226 Difference]: Without dead ends: 127 [2024-10-11 03:01:22,438 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-10-11 03:01:22,439 INFO L432 NwaCegarLoop]: 55 mSDtfsCounter, 115 mSDsluCounter, 215 mSDsCounter, 0 mSdLazyCounter, 227 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 122 SdHoareTripleChecker+Valid, 270 SdHoareTripleChecker+Invalid, 261 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 227 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:22,439 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [122 Valid, 270 Invalid, 261 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 227 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:22,443 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2024-10-11 03:01:22,485 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 125. [2024-10-11 03:01:22,488 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 125 states, 89 states have (on average 1.3258426966292134) internal successors, (118), 97 states have internal predecessors, (118), 18 states have call successors, (18), 14 states have call predecessors, (18), 17 states have return successors, (25), 19 states have call predecessors, (25), 18 states have call successors, (25) [2024-10-11 03:01:22,489 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 125 states to 125 states and 161 transitions. [2024-10-11 03:01:22,492 INFO L78 Accepts]: Start accepts. Automaton has 125 states and 161 transitions. Word has length 41 [2024-10-11 03:01:22,492 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:22,492 INFO L471 AbstractCegarLoop]: Abstraction has 125 states and 161 transitions. [2024-10-11 03:01:22,493 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 03:01:22,493 INFO L276 IsEmpty]: Start isEmpty. Operand 125 states and 161 transitions. [2024-10-11 03:01:22,493 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-10-11 03:01:22,494 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:22,494 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:22,494 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-11 03:01:22,494 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:22,494 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:22,494 INFO L85 PathProgramCache]: Analyzing trace with hash -177927491, now seen corresponding path program 1 times [2024-10-11 03:01:22,494 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:22,494 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [449786542] [2024-10-11 03:01:22,495 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:22,495 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:22,522 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,593 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:22,595 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,608 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:22,612 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,661 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:22,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,665 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-10-11 03:01:22,666 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,667 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:22,667 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:22,667 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [449786542] [2024-10-11 03:01:22,667 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [449786542] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:22,668 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:22,668 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:22,668 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1319736552] [2024-10-11 03:01:22,668 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:22,669 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:22,669 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:22,669 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:22,670 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:22,670 INFO L87 Difference]: Start difference. First operand 125 states and 161 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 03:01:22,814 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:22,814 INFO L93 Difference]: Finished difference Result 252 states and 332 transitions. [2024-10-11 03:01:22,815 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:22,815 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 44 [2024-10-11 03:01:22,815 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:22,817 INFO L225 Difference]: With dead ends: 252 [2024-10-11 03:01:22,817 INFO L226 Difference]: Without dead ends: 129 [2024-10-11 03:01:22,818 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:22,819 INFO L432 NwaCegarLoop]: 59 mSDtfsCounter, 49 mSDsluCounter, 129 mSDsCounter, 0 mSdLazyCounter, 125 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 188 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 125 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:22,819 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 188 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:22,820 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2024-10-11 03:01:22,837 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 127. [2024-10-11 03:01:22,840 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 91 states have (on average 1.3186813186813187) internal successors, (120), 99 states have internal predecessors, (120), 18 states have call successors, (18), 14 states have call predecessors, (18), 17 states have return successors, (25), 19 states have call predecessors, (25), 18 states have call successors, (25) [2024-10-11 03:01:22,841 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 163 transitions. [2024-10-11 03:01:22,842 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 163 transitions. Word has length 44 [2024-10-11 03:01:22,842 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:22,842 INFO L471 AbstractCegarLoop]: Abstraction has 127 states and 163 transitions. [2024-10-11 03:01:22,842 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 03:01:22,843 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 163 transitions. [2024-10-11 03:01:22,843 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-10-11 03:01:22,844 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:22,847 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:22,847 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-11 03:01:22,847 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:22,848 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:22,848 INFO L85 PathProgramCache]: Analyzing trace with hash 244774335, now seen corresponding path program 1 times [2024-10-11 03:01:22,848 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:22,848 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1383404745] [2024-10-11 03:01:22,848 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:22,848 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:22,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,909 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:22,911 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,917 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:22,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,954 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:22,955 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,957 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-10-11 03:01:22,958 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:22,959 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:22,961 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:22,961 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1383404745] [2024-10-11 03:01:22,961 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1383404745] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:22,962 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:22,962 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:22,962 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [937281684] [2024-10-11 03:01:22,962 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:22,962 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:22,963 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:22,963 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:22,963 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:22,964 INFO L87 Difference]: Start difference. First operand 127 states and 163 transitions. Second operand has 6 states, 6 states have (on average 5.666666666666667) internal successors, (34), 5 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:23,133 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:23,134 INFO L93 Difference]: Finished difference Result 256 states and 336 transitions. [2024-10-11 03:01:23,135 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-11 03:01:23,135 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.666666666666667) internal successors, (34), 5 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 44 [2024-10-11 03:01:23,136 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:23,137 INFO L225 Difference]: With dead ends: 256 [2024-10-11 03:01:23,138 INFO L226 Difference]: Without dead ends: 131 [2024-10-11 03:01:23,139 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:23,140 INFO L432 NwaCegarLoop]: 57 mSDtfsCounter, 121 mSDsluCounter, 126 mSDsCounter, 0 mSdLazyCounter, 130 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 164 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 130 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:23,144 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 183 Invalid, 164 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 130 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:23,145 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 131 states. [2024-10-11 03:01:23,164 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 131 to 129. [2024-10-11 03:01:23,164 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 129 states, 93 states have (on average 1.3118279569892473) internal successors, (122), 101 states have internal predecessors, (122), 18 states have call successors, (18), 14 states have call predecessors, (18), 17 states have return successors, (25), 19 states have call predecessors, (25), 18 states have call successors, (25) [2024-10-11 03:01:23,165 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 129 states to 129 states and 165 transitions. [2024-10-11 03:01:23,166 INFO L78 Accepts]: Start accepts. Automaton has 129 states and 165 transitions. Word has length 44 [2024-10-11 03:01:23,166 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:23,166 INFO L471 AbstractCegarLoop]: Abstraction has 129 states and 165 transitions. [2024-10-11 03:01:23,166 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.666666666666667) internal successors, (34), 5 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:23,167 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 165 transitions. [2024-10-11 03:01:23,168 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-10-11 03:01:23,168 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:23,168 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:23,170 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-11 03:01:23,170 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:23,170 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:23,171 INFO L85 PathProgramCache]: Analyzing trace with hash -1560663999, now seen corresponding path program 1 times [2024-10-11 03:01:23,173 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:23,173 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [216373373] [2024-10-11 03:01:23,173 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:23,174 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:23,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,236 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:23,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,248 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:23,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,265 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:23,266 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,269 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-10-11 03:01:23,270 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,273 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:23,273 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:23,273 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [216373373] [2024-10-11 03:01:23,273 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [216373373] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:23,273 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:23,273 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:23,274 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [189752976] [2024-10-11 03:01:23,274 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:23,274 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:23,275 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:23,276 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:23,276 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:23,277 INFO L87 Difference]: Start difference. First operand 129 states and 165 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:23,569 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:23,570 INFO L93 Difference]: Finished difference Result 410 states and 562 transitions. [2024-10-11 03:01:23,571 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:23,573 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 44 [2024-10-11 03:01:23,573 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:23,575 INFO L225 Difference]: With dead ends: 410 [2024-10-11 03:01:23,578 INFO L226 Difference]: Without dead ends: 283 [2024-10-11 03:01:23,579 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:23,580 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 190 mSDsluCounter, 137 mSDsCounter, 0 mSdLazyCounter, 213 mSolverCounterSat, 68 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 198 SdHoareTripleChecker+Valid, 239 SdHoareTripleChecker+Invalid, 281 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 68 IncrementalHoareTripleChecker+Valid, 213 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:23,580 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [198 Valid, 239 Invalid, 281 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [68 Valid, 213 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:23,581 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 283 states. [2024-10-11 03:01:23,609 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 283 to 279. [2024-10-11 03:01:23,610 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 279 states, 200 states have (on average 1.3) internal successors, (260), 213 states have internal predecessors, (260), 43 states have call successors, (43), 36 states have call predecessors, (43), 35 states have return successors, (67), 41 states have call predecessors, (67), 43 states have call successors, (67) [2024-10-11 03:01:23,612 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 279 states to 279 states and 370 transitions. [2024-10-11 03:01:23,613 INFO L78 Accepts]: Start accepts. Automaton has 279 states and 370 transitions. Word has length 44 [2024-10-11 03:01:23,613 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:23,613 INFO L471 AbstractCegarLoop]: Abstraction has 279 states and 370 transitions. [2024-10-11 03:01:23,613 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:23,613 INFO L276 IsEmpty]: Start isEmpty. Operand 279 states and 370 transitions. [2024-10-11 03:01:23,615 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2024-10-11 03:01:23,615 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:23,615 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:23,615 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-11 03:01:23,615 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:23,616 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:23,616 INFO L85 PathProgramCache]: Analyzing trace with hash 491417511, now seen corresponding path program 1 times [2024-10-11 03:01:23,616 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:23,616 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1565486831] [2024-10-11 03:01:23,616 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:23,617 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:23,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,706 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:23,709 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,717 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:23,718 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,731 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:23,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,759 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:23,761 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,764 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-10-11 03:01:23,765 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:23,767 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:23,767 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:23,767 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1565486831] [2024-10-11 03:01:23,767 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1565486831] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:23,767 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:23,767 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-11 03:01:23,768 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [820346429] [2024-10-11 03:01:23,768 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:23,768 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-11 03:01:23,769 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:23,769 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-11 03:01:23,770 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-10-11 03:01:23,770 INFO L87 Difference]: Start difference. First operand 279 states and 370 transitions. Second operand has 8 states, 8 states have (on average 4.5) internal successors, (36), 6 states have internal predecessors, (36), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-11 03:01:24,124 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:24,126 INFO L93 Difference]: Finished difference Result 595 states and 802 transitions. [2024-10-11 03:01:24,127 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2024-10-11 03:01:24,127 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 6 states have internal predecessors, (36), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) Word has length 48 [2024-10-11 03:01:24,127 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:24,129 INFO L225 Difference]: With dead ends: 595 [2024-10-11 03:01:24,130 INFO L226 Difference]: Without dead ends: 318 [2024-10-11 03:01:24,132 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 46 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=207, Unknown=0, NotChecked=0, Total=306 [2024-10-11 03:01:24,133 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 289 mSDsluCounter, 160 mSDsCounter, 0 mSdLazyCounter, 305 mSolverCounterSat, 102 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 292 SdHoareTripleChecker+Valid, 225 SdHoareTripleChecker+Invalid, 407 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 102 IncrementalHoareTripleChecker+Valid, 305 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:24,133 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [292 Valid, 225 Invalid, 407 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [102 Valid, 305 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:24,134 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 318 states. [2024-10-11 03:01:24,167 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 318 to 316. [2024-10-11 03:01:24,168 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 316 states, 227 states have (on average 1.277533039647577) internal successors, (290), 244 states have internal predecessors, (290), 48 states have call successors, (48), 36 states have call predecessors, (48), 40 states have return successors, (83), 47 states have call predecessors, (83), 48 states have call successors, (83) [2024-10-11 03:01:24,170 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 316 states to 316 states and 421 transitions. [2024-10-11 03:01:24,171 INFO L78 Accepts]: Start accepts. Automaton has 316 states and 421 transitions. Word has length 48 [2024-10-11 03:01:24,171 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:24,171 INFO L471 AbstractCegarLoop]: Abstraction has 316 states and 421 transitions. [2024-10-11 03:01:24,171 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 6 states have internal predecessors, (36), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-11 03:01:24,172 INFO L276 IsEmpty]: Start isEmpty. Operand 316 states and 421 transitions. [2024-10-11 03:01:24,174 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2024-10-11 03:01:24,174 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:24,174 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:24,174 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-11 03:01:24,174 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:24,175 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:24,175 INFO L85 PathProgramCache]: Analyzing trace with hash -1029496718, now seen corresponding path program 1 times [2024-10-11 03:01:24,175 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:24,175 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1592651094] [2024-10-11 03:01:24,175 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:24,175 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:24,189 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,311 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:24,312 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,321 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:24,325 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,340 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:24,341 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,352 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:24,355 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,362 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:24,364 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,365 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-10-11 03:01:24,366 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,381 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2024-10-11 03:01:24,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,386 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-10-11 03:01:24,387 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,390 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:24,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,392 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2024-10-11 03:01:24,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,395 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 13 proven. 8 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-10-11 03:01:24,398 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:24,398 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1592651094] [2024-10-11 03:01:24,398 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1592651094] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 03:01:24,398 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [850047956] [2024-10-11 03:01:24,398 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:24,399 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:24,399 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:24,401 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 03:01:24,403 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-11 03:01:24,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:24,488 INFO L255 TraceCheckSpWp]: Trace formula consists of 300 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-11 03:01:24,498 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 03:01:24,630 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 22 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 03:01:24,630 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-11 03:01:24,883 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-10-11 03:01:24,883 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [850047956] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-11 03:01:24,884 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-11 03:01:24,884 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-11 03:01:24,884 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2017110808] [2024-10-11 03:01:24,884 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-11 03:01:24,884 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-11 03:01:24,884 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:24,885 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-11 03:01:24,885 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-11 03:01:24,885 INFO L87 Difference]: Start difference. First operand 316 states and 421 transitions. Second operand has 15 states, 11 states have (on average 8.545454545454545) internal successors, (94), 10 states have internal predecessors, (94), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-11 03:01:26,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,129 INFO L93 Difference]: Finished difference Result 708 states and 966 transitions. [2024-10-11 03:01:26,132 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-11 03:01:26,133 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 11 states have (on average 8.545454545454545) internal successors, (94), 10 states have internal predecessors, (94), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) Word has length 84 [2024-10-11 03:01:26,133 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,134 INFO L225 Difference]: With dead ends: 708 [2024-10-11 03:01:26,134 INFO L226 Difference]: Without dead ends: 0 [2024-10-11 03:01:26,140 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 232 GetRequests, 191 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 338 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=342, Invalid=1140, Unknown=0, NotChecked=0, Total=1482 [2024-10-11 03:01:26,141 INFO L432 NwaCegarLoop]: 105 mSDtfsCounter, 387 mSDsluCounter, 417 mSDsCounter, 0 mSdLazyCounter, 728 mSolverCounterSat, 169 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 392 SdHoareTripleChecker+Valid, 522 SdHoareTripleChecker+Invalid, 897 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 169 IncrementalHoareTripleChecker+Valid, 728 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,141 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [392 Valid, 522 Invalid, 897 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [169 Valid, 728 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-10-11 03:01:26,142 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-11 03:01:26,142 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-11 03:01:26,146 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-11 03:01:26,146 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-11 03:01:26,147 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 84 [2024-10-11 03:01:26,147 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,147 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-11 03:01:26,147 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 11 states have (on average 8.545454545454545) internal successors, (94), 10 states have internal predecessors, (94), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-11 03:01:26,147 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-11 03:01:26,147 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-11 03:01:26,150 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-11 03:01:26,193 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-11 03:01:26,355 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-11 03:01:26,358 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,360 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-11 03:01:29,381 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-11 03:01:29,433 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-11 03:01:29,449 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-11 03:01:29,458 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-11 03:01:29,475 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.10 03:01:29 BoogieIcfgContainer [2024-10-11 03:01:29,475 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-11 03:01:29,476 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-11 03:01:29,476 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-11 03:01:29,476 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-11 03:01:29,477 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:20" (3/4) ... [2024-10-11 03:01:29,479 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-11 03:01:29,482 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-11 03:01:29,482 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-11 03:01:29,482 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-11 03:01:29,482 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-11 03:01:29,483 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-11 03:01:29,483 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-10-11 03:01:29,483 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-11 03:01:29,483 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-10-11 03:01:29,492 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 34 nodes and edges [2024-10-11 03:01:29,493 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-11 03:01:29,493 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-11 03:01:29,493 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:29,494 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:29,619 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-11 03:01:29,619 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-11 03:01:29,619 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-11 03:01:29,620 INFO L158 Benchmark]: Toolchain (without parser) took 10438.46ms. Allocated memory was 178.3MB in the beginning and 310.4MB in the end (delta: 132.1MB). Free memory was 145.8MB in the beginning and 252.6MB in the end (delta: -106.7MB). Peak memory consumption was 26.4MB. Max. memory is 16.1GB. [2024-10-11 03:01:29,620 INFO L158 Benchmark]: CDTParser took 0.12ms. Allocated memory is still 121.6MB. Free memory was 82.0MB in the beginning and 81.8MB in the end (delta: 118.9kB). There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 03:01:29,621 INFO L158 Benchmark]: CACSL2BoogieTranslator took 927.19ms. Allocated memory is still 178.3MB. Free memory was 145.8MB in the beginning and 124.9MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-11 03:01:29,621 INFO L158 Benchmark]: Boogie Procedure Inliner took 100.56ms. Allocated memory is still 178.3MB. Free memory was 124.9MB in the beginning and 121.7MB in the end (delta: 3.1MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-10-11 03:01:29,621 INFO L158 Benchmark]: Boogie Preprocessor took 95.66ms. Allocated memory is still 178.3MB. Free memory was 121.7MB in the beginning and 119.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:29,621 INFO L158 Benchmark]: RCFGBuilder took 644.81ms. Allocated memory is still 178.3MB. Free memory was 119.6MB in the beginning and 95.5MB in the end (delta: 24.1MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:29,621 INFO L158 Benchmark]: TraceAbstraction took 8515.21ms. Allocated memory was 178.3MB in the beginning and 310.4MB in the end (delta: 132.1MB). Free memory was 94.4MB in the beginning and 259.9MB in the end (delta: -165.5MB). Peak memory consumption was 95.7MB. Max. memory is 16.1GB. [2024-10-11 03:01:29,622 INFO L158 Benchmark]: Witness Printer took 143.64ms. Allocated memory is still 310.4MB. Free memory was 259.9MB in the beginning and 252.6MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-11 03:01:29,623 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.12ms. Allocated memory is still 121.6MB. Free memory was 82.0MB in the beginning and 81.8MB in the end (delta: 118.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 927.19ms. Allocated memory is still 178.3MB. Free memory was 145.8MB in the beginning and 124.9MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 100.56ms. Allocated memory is still 178.3MB. Free memory was 124.9MB in the beginning and 121.7MB in the end (delta: 3.1MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 95.66ms. Allocated memory is still 178.3MB. Free memory was 121.7MB in the beginning and 119.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 644.81ms. Allocated memory is still 178.3MB. Free memory was 119.6MB in the beginning and 95.5MB in the end (delta: 24.1MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 8515.21ms. Allocated memory was 178.3MB in the beginning and 310.4MB in the end (delta: 132.1MB). Free memory was 94.4MB in the beginning and 259.9MB in the end (delta: -165.5MB). Peak memory consumption was 95.7MB. Max. memory is 16.1GB. * Witness Printer took 143.64ms. Allocated memory is still 310.4MB. Free memory was 259.9MB in the beginning and 252.6MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] - GenericResultAtLocation [Line: 101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [101] - GenericResultAtLocation [Line: 206]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [206] - GenericResultAtLocation [Line: 572]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [572] - GenericResultAtLocation [Line: 670]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [670] - GenericResultAtLocation [Line: 705]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [705] - GenericResultAtLocation [Line: 714]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [714] - GenericResultAtLocation [Line: 923]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [923] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 710]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 77 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.3s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1344 SdHoareTripleChecker+Valid, 1.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1308 mSDsluCounter, 2054 SdHoareTripleChecker+Invalid, 1.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1298 mSDsCounter, 427 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1803 IncrementalHoareTripleChecker+Invalid, 2230 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 427 mSolverCounterUnsat, 756 mSDtfsCounter, 1803 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 363 GetRequests, 274 SyntacticMatches, 4 SemanticMatches, 85 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 405 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=316occurred in iteration=9, InterpolantAutomatonStates: 81, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 14 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.4s InterpolantComputationTime, 493 NumberOfCodeBlocks, 493 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 565 ConstructedInterpolants, 0 QuantifiedInterpolants, 1053 SizeOfPredicates, 2 NumberOfNonLiveVariables, 300 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 84/105 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 840]: Location Invariant Derived location invariant: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) - InvariantResult [Line: 933]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 114]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 934]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - ProcedureContractResult [Line: 748]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 603]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 721]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 < \old(waterLevel)) || (waterLevel < 2)) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (((pumpRunning == 0) && (2 == waterLevel)) && (\old(waterLevel) == 2)))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 104]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 591]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) - ProcedureContractResult [Line: 756]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || (((1 == systemActive) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 <= pumpRunning) && (2 == waterLevel)) || ((pumpRunning == 0) && (2 == waterLevel))) || (waterLevel < 2))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) - ProcedureContractResult [Line: 851]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) - ProcedureContractResult [Line: 840]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) RESULT: Ultimate proved your program to be correct! [2024-10-11 03:01:29,658 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE