./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 84cfde4a Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c -s /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 9e826f48819dedbf1a290c3ced69eb835c065ed69febc6d0054f416e73afcb1c --- Real Ultimate output --- This is Ultimate 0.2.5-dev-84cfde4 [2024-10-11 03:01:28,312 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-11 03:01:28,389 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-11 03:01:28,395 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-11 03:01:28,396 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-11 03:01:28,429 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-11 03:01:28,430 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-11 03:01:28,430 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-11 03:01:28,431 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-11 03:01:28,433 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-11 03:01:28,433 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-11 03:01:28,433 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-11 03:01:28,434 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-11 03:01:28,435 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-11 03:01:28,437 INFO L153 SettingsManager]: * Use SBE=true [2024-10-11 03:01:28,437 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-11 03:01:28,438 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-11 03:01:28,438 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-11 03:01:28,438 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-11 03:01:28,438 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-11 03:01:28,439 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-11 03:01:28,439 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-11 03:01:28,440 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-11 03:01:28,440 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-11 03:01:28,440 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-11 03:01:28,441 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-11 03:01:28,441 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-11 03:01:28,445 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-11 03:01:28,446 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-11 03:01:28,446 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-11 03:01:28,446 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-11 03:01:28,447 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-11 03:01:28,447 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:28,447 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-11 03:01:28,447 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-11 03:01:28,447 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-11 03:01:28,448 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-11 03:01:28,448 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-11 03:01:28,448 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-11 03:01:28,448 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-11 03:01:28,448 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-11 03:01:28,449 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-11 03:01:28,449 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 9e826f48819dedbf1a290c3ced69eb835c065ed69febc6d0054f416e73afcb1c [2024-10-11 03:01:28,745 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-11 03:01:28,773 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-11 03:01:28,777 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-11 03:01:28,779 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-11 03:01:28,779 INFO L274 PluginConnector]: CDTParser initialized [2024-10-11 03:01:28,780 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c [2024-10-11 03:01:30,242 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-11 03:01:30,475 INFO L384 CDTParser]: Found 1 translation units. [2024-10-11 03:01:30,476 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c [2024-10-11 03:01:30,492 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/214bf0010/4a7f4c8559a34f4ca43f48940142de81/FLAG4f2ccfd7d [2024-10-11 03:01:30,510 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/214bf0010/4a7f4c8559a34f4ca43f48940142de81 [2024-10-11 03:01:30,512 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-11 03:01:30,514 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-11 03:01:30,515 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:30,515 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-11 03:01:30,522 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-11 03:01:30,523 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:30" (1/1) ... [2024-10-11 03:01:30,524 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2368ba35 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:30, skipping insertion in model container [2024-10-11 03:01:30,524 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:30" (1/1) ... [2024-10-11 03:01:30,572 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-11 03:01:30,863 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c[13125,13138] [2024-10-11 03:01:30,888 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:30,901 INFO L200 MainTranslator]: Completed pre-run [2024-10-11 03:01:30,913 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-10-11 03:01:30,915 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] [2024-10-11 03:01:30,915 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [521] [2024-10-11 03:01:30,915 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [556] [2024-10-11 03:01:30,915 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [565] [2024-10-11 03:01:30,916 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [633] [2024-10-11 03:01:30,916 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [742] [2024-10-11 03:01:30,916 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [988] [2024-10-11 03:01:30,990 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c[13125,13138] [2024-10-11 03:01:31,011 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:31,042 INFO L204 MainTranslator]: Completed translation [2024-10-11 03:01:31,043 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31 WrapperNode [2024-10-11 03:01:31,043 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:31,044 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:31,044 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-11 03:01:31,044 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-11 03:01:31,051 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,064 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,093 INFO L138 Inliner]: procedures = 59, calls = 107, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 238 [2024-10-11 03:01:31,094 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:31,094 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-11 03:01:31,094 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-11 03:01:31,095 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-11 03:01:31,108 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,112 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,115 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,139 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-11 03:01:31,139 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,140 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,144 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,149 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,150 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,152 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,154 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-11 03:01:31,155 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-11 03:01:31,155 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-11 03:01:31,156 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-11 03:01:31,157 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (1/1) ... [2024-10-11 03:01:31,167 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:31,178 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:31,195 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-11 03:01:31,199 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-11 03:01:31,265 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-11 03:01:31,266 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-11 03:01:31,266 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-11 03:01:31,266 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-11 03:01:31,266 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-11 03:01:31,266 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-11 03:01:31,267 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-11 03:01:31,267 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:31,267 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:31,267 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-11 03:01:31,267 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-11 03:01:31,267 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-10-11 03:01:31,267 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-10-11 03:01:31,268 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-11 03:01:31,268 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-11 03:01:31,268 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-11 03:01:31,268 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-11 03:01:31,268 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-11 03:01:31,268 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-11 03:01:31,268 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-11 03:01:31,268 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-11 03:01:31,268 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-11 03:01:31,431 INFO L238 CfgBuilder]: Building ICFG [2024-10-11 03:01:31,437 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-11 03:01:31,765 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-10-11 03:01:31,766 INFO L287 CfgBuilder]: Performing block encoding [2024-10-11 03:01:31,829 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-11 03:01:31,830 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-11 03:01:31,830 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:31 BoogieIcfgContainer [2024-10-11 03:01:31,830 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-11 03:01:31,833 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-11 03:01:31,833 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-11 03:01:31,837 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-11 03:01:31,838 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.10 03:01:30" (1/3) ... [2024-10-11 03:01:31,838 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@69f02b30 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:31, skipping insertion in model container [2024-10-11 03:01:31,838 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:31" (2/3) ... [2024-10-11 03:01:31,839 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@69f02b30 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:31, skipping insertion in model container [2024-10-11 03:01:31,839 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:31" (3/3) ... [2024-10-11 03:01:31,841 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product55.cil.c [2024-10-11 03:01:31,857 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-11 03:01:31,858 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-11 03:01:31,918 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-11 03:01:31,925 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@da5042d, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-11 03:01:31,925 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-11 03:01:31,930 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 57 states have (on average 1.5263157894736843) internal successors, (87), 68 states have internal predecessors, (87), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-10-11 03:01:31,946 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-11 03:01:31,946 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:31,947 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:31,947 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:31,952 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:31,953 INFO L85 PathProgramCache]: Analyzing trace with hash -1545796648, now seen corresponding path program 1 times [2024-10-11 03:01:31,960 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:31,960 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [48757523] [2024-10-11 03:01:31,960 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:31,961 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:32,074 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,143 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:32,145 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,149 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:32,151 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,155 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:32,156 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:32,156 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [48757523] [2024-10-11 03:01:32,157 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [48757523] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:32,157 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:32,157 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-11 03:01:32,158 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [930705079] [2024-10-11 03:01:32,159 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:32,163 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-11 03:01:32,164 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:32,193 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-11 03:01:32,194 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:32,197 INFO L87 Difference]: Start difference. First operand has 85 states, 57 states have (on average 1.5263157894736843) internal successors, (87), 68 states have internal predecessors, (87), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:32,277 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:32,277 INFO L93 Difference]: Finished difference Result 168 states and 243 transitions. [2024-10-11 03:01:32,281 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-11 03:01:32,283 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-11 03:01:32,283 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:32,297 INFO L225 Difference]: With dead ends: 168 [2024-10-11 03:01:32,298 INFO L226 Difference]: Without dead ends: 80 [2024-10-11 03:01:32,302 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:32,308 INFO L432 NwaCegarLoop]: 99 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 99 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:32,310 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 99 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:32,331 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2024-10-11 03:01:32,354 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2024-10-11 03:01:32,356 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 54 states have (on average 1.4259259259259258) internal successors, (77), 64 states have internal predecessors, (77), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-10-11 03:01:32,358 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 110 transitions. [2024-10-11 03:01:32,360 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 110 transitions. Word has length 22 [2024-10-11 03:01:32,361 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:32,361 INFO L471 AbstractCegarLoop]: Abstraction has 80 states and 110 transitions. [2024-10-11 03:01:32,361 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:32,363 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 110 transitions. [2024-10-11 03:01:32,366 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-11 03:01:32,366 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:32,366 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:32,367 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-11 03:01:32,367 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:32,368 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:32,368 INFO L85 PathProgramCache]: Analyzing trace with hash -488509057, now seen corresponding path program 1 times [2024-10-11 03:01:32,368 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:32,369 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1370843222] [2024-10-11 03:01:32,369 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:32,369 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:32,387 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,480 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:32,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,485 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:32,487 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,489 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:32,490 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:32,490 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1370843222] [2024-10-11 03:01:32,490 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1370843222] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:32,490 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:32,491 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:32,491 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [606068394] [2024-10-11 03:01:32,491 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:32,492 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:32,494 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:32,495 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:32,495 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:32,496 INFO L87 Difference]: Start difference. First operand 80 states and 110 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:32,551 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:32,551 INFO L93 Difference]: Finished difference Result 130 states and 178 transitions. [2024-10-11 03:01:32,552 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:32,552 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-11 03:01:32,552 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:32,554 INFO L225 Difference]: With dead ends: 130 [2024-10-11 03:01:32,554 INFO L226 Difference]: Without dead ends: 72 [2024-10-11 03:01:32,555 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:32,556 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 14 mSDsluCounter, 68 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 153 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:32,557 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 153 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:32,557 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2024-10-11 03:01:32,565 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2024-10-11 03:01:32,566 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 49 states have (on average 1.4489795918367347) internal successors, (71), 59 states have internal predecessors, (71), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-11 03:01:32,567 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 99 transitions. [2024-10-11 03:01:32,568 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 99 transitions. Word has length 23 [2024-10-11 03:01:32,568 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:32,568 INFO L471 AbstractCegarLoop]: Abstraction has 72 states and 99 transitions. [2024-10-11 03:01:32,568 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:32,569 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 99 transitions. [2024-10-11 03:01:32,570 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-11 03:01:32,570 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:32,570 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:32,571 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-11 03:01:32,571 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:32,571 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:32,571 INFO L85 PathProgramCache]: Analyzing trace with hash 2059506771, now seen corresponding path program 1 times [2024-10-11 03:01:32,572 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:32,572 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1960091083] [2024-10-11 03:01:32,572 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:32,572 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:32,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,689 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:32,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,699 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-11 03:01:32,700 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,702 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:32,702 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:32,702 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1960091083] [2024-10-11 03:01:32,702 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1960091083] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:32,703 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:32,703 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:32,703 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [60587522] [2024-10-11 03:01:32,703 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:32,706 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:32,706 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:32,707 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:32,708 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:32,708 INFO L87 Difference]: Start difference. First operand 72 states and 99 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:32,815 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:32,817 INFO L93 Difference]: Finished difference Result 212 states and 294 transitions. [2024-10-11 03:01:32,818 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:32,818 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-11 03:01:32,819 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:32,821 INFO L225 Difference]: With dead ends: 212 [2024-10-11 03:01:32,821 INFO L226 Difference]: Without dead ends: 142 [2024-10-11 03:01:32,822 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:32,826 INFO L432 NwaCegarLoop]: 97 mSDtfsCounter, 83 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 83 SdHoareTripleChecker+Valid, 180 SdHoareTripleChecker+Invalid, 31 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:32,827 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [83 Valid, 180 Invalid, 31 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:32,828 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 142 states. [2024-10-11 03:01:32,848 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 142 to 139. [2024-10-11 03:01:32,849 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 139 states, 94 states have (on average 1.4574468085106382) internal successors, (137), 113 states have internal predecessors, (137), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2024-10-11 03:01:32,852 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 139 states to 139 states and 193 transitions. [2024-10-11 03:01:32,852 INFO L78 Accepts]: Start accepts. Automaton has 139 states and 193 transitions. Word has length 26 [2024-10-11 03:01:32,852 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:32,853 INFO L471 AbstractCegarLoop]: Abstraction has 139 states and 193 transitions. [2024-10-11 03:01:32,853 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:32,853 INFO L276 IsEmpty]: Start isEmpty. Operand 139 states and 193 transitions. [2024-10-11 03:01:32,855 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-10-11 03:01:32,855 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:32,855 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:32,855 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-11 03:01:32,855 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:32,856 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:32,856 INFO L85 PathProgramCache]: Analyzing trace with hash -1636857358, now seen corresponding path program 1 times [2024-10-11 03:01:32,856 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:32,856 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2076758749] [2024-10-11 03:01:32,856 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:32,857 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:32,871 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,984 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-11 03:01:32,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:32,990 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:32,992 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,006 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-11 03:01:33,007 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:33,007 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2076758749] [2024-10-11 03:01:33,007 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2076758749] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:33,007 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:33,007 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:33,007 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1110412055] [2024-10-11 03:01:33,007 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:33,008 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:33,008 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:33,009 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:33,009 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:33,009 INFO L87 Difference]: Start difference. First operand 139 states and 193 transitions. Second operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:33,279 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:33,279 INFO L93 Difference]: Finished difference Result 364 states and 517 transitions. [2024-10-11 03:01:33,280 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:33,280 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2024-10-11 03:01:33,280 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:33,283 INFO L225 Difference]: With dead ends: 364 [2024-10-11 03:01:33,283 INFO L226 Difference]: Without dead ends: 227 [2024-10-11 03:01:33,287 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:33,289 INFO L432 NwaCegarLoop]: 88 mSDtfsCounter, 51 mSDsluCounter, 295 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 383 SdHoareTripleChecker+Invalid, 137 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:33,289 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 383 Invalid, 137 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:33,290 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2024-10-11 03:01:33,325 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 226. [2024-10-11 03:01:33,328 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 226 states, 157 states have (on average 1.3694267515923566) internal successors, (215), 174 states have internal predecessors, (215), 38 states have call successors, (38), 30 states have call predecessors, (38), 30 states have return successors, (50), 33 states have call predecessors, (50), 38 states have call successors, (50) [2024-10-11 03:01:33,334 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 226 states to 226 states and 303 transitions. [2024-10-11 03:01:33,334 INFO L78 Accepts]: Start accepts. Automaton has 226 states and 303 transitions. Word has length 29 [2024-10-11 03:01:33,335 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:33,335 INFO L471 AbstractCegarLoop]: Abstraction has 226 states and 303 transitions. [2024-10-11 03:01:33,335 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:33,335 INFO L276 IsEmpty]: Start isEmpty. Operand 226 states and 303 transitions. [2024-10-11 03:01:33,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-10-11 03:01:33,339 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:33,340 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:33,340 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-11 03:01:33,340 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:33,343 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:33,343 INFO L85 PathProgramCache]: Analyzing trace with hash -932361683, now seen corresponding path program 1 times [2024-10-11 03:01:33,343 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:33,343 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1632385034] [2024-10-11 03:01:33,343 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:33,344 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:33,360 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,403 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:33,404 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,410 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:33,413 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,428 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:33,433 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,461 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-11 03:01:33,463 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,465 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:33,466 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:33,466 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1632385034] [2024-10-11 03:01:33,466 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1632385034] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:33,466 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:33,467 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:33,467 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [975502213] [2024-10-11 03:01:33,467 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:33,467 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:33,467 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:33,468 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:33,468 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:33,468 INFO L87 Difference]: Start difference. First operand 226 states and 303 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 03:01:33,664 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:33,664 INFO L93 Difference]: Finished difference Result 502 states and 681 transitions. [2024-10-11 03:01:33,665 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:33,665 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2024-10-11 03:01:33,666 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:33,668 INFO L225 Difference]: With dead ends: 502 [2024-10-11 03:01:33,672 INFO L226 Difference]: Without dead ends: 278 [2024-10-11 03:01:33,674 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:33,678 INFO L432 NwaCegarLoop]: 75 mSDtfsCounter, 54 mSDsluCounter, 164 mSDsCounter, 0 mSdLazyCounter, 136 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 239 SdHoareTripleChecker+Invalid, 153 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 136 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:33,679 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [58 Valid, 239 Invalid, 153 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 136 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:33,680 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 278 states. [2024-10-11 03:01:33,729 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 278 to 276. [2024-10-11 03:01:33,730 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 276 states, 193 states have (on average 1.3419689119170986) internal successors, (259), 210 states have internal predecessors, (259), 42 states have call successors, (42), 30 states have call predecessors, (42), 40 states have return successors, (64), 45 states have call predecessors, (64), 42 states have call successors, (64) [2024-10-11 03:01:33,732 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 276 states to 276 states and 365 transitions. [2024-10-11 03:01:33,734 INFO L78 Accepts]: Start accepts. Automaton has 276 states and 365 transitions. Word has length 43 [2024-10-11 03:01:33,734 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:33,735 INFO L471 AbstractCegarLoop]: Abstraction has 276 states and 365 transitions. [2024-10-11 03:01:33,735 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 03:01:33,735 INFO L276 IsEmpty]: Start isEmpty. Operand 276 states and 365 transitions. [2024-10-11 03:01:33,736 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-10-11 03:01:33,738 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:33,740 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:33,740 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-11 03:01:33,741 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:33,741 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:33,741 INFO L85 PathProgramCache]: Analyzing trace with hash 1774257711, now seen corresponding path program 1 times [2024-10-11 03:01:33,741 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:33,741 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [734010902] [2024-10-11 03:01:33,741 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:33,742 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:33,761 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,835 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:33,839 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,848 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:33,852 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,869 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:33,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,907 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-11 03:01:33,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:33,910 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:33,910 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:33,910 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [734010902] [2024-10-11 03:01:33,911 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [734010902] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:33,911 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:33,911 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:33,911 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1493103584] [2024-10-11 03:01:33,915 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:33,915 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:33,915 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:33,916 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:33,916 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:33,916 INFO L87 Difference]: Start difference. First operand 276 states and 365 transitions. Second operand has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:34,290 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:34,292 INFO L93 Difference]: Finished difference Result 562 states and 763 transitions. [2024-10-11 03:01:34,293 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-10-11 03:01:34,293 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 43 [2024-10-11 03:01:34,294 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:34,296 INFO L225 Difference]: With dead ends: 562 [2024-10-11 03:01:34,299 INFO L226 Difference]: Without dead ends: 288 [2024-10-11 03:01:34,301 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-10-11 03:01:34,302 INFO L432 NwaCegarLoop]: 79 mSDtfsCounter, 172 mSDsluCounter, 242 mSDsCounter, 0 mSdLazyCounter, 210 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 179 SdHoareTripleChecker+Valid, 321 SdHoareTripleChecker+Invalid, 259 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 210 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:34,302 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [179 Valid, 321 Invalid, 259 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 210 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 03:01:34,303 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 288 states. [2024-10-11 03:01:34,343 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 288 to 280. [2024-10-11 03:01:34,344 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 280 states, 197 states have (on average 1.3350253807106598) internal successors, (263), 214 states have internal predecessors, (263), 42 states have call successors, (42), 30 states have call predecessors, (42), 40 states have return successors, (64), 45 states have call predecessors, (64), 42 states have call successors, (64) [2024-10-11 03:01:34,347 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 280 states to 280 states and 369 transitions. [2024-10-11 03:01:34,348 INFO L78 Accepts]: Start accepts. Automaton has 280 states and 369 transitions. Word has length 43 [2024-10-11 03:01:34,349 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:34,349 INFO L471 AbstractCegarLoop]: Abstraction has 280 states and 369 transitions. [2024-10-11 03:01:34,350 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 5 states have internal predecessors, (33), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:34,350 INFO L276 IsEmpty]: Start isEmpty. Operand 280 states and 369 transitions. [2024-10-11 03:01:34,353 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-10-11 03:01:34,354 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:34,354 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:34,354 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-11 03:01:34,354 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:34,355 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:34,355 INFO L85 PathProgramCache]: Analyzing trace with hash 85313969, now seen corresponding path program 1 times [2024-10-11 03:01:34,355 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:34,355 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [218416664] [2024-10-11 03:01:34,355 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:34,355 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:34,372 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:34,427 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:34,429 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:34,436 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:34,440 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:34,458 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:34,461 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:34,473 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-11 03:01:34,475 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:34,477 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:34,477 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:34,477 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [218416664] [2024-10-11 03:01:34,478 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [218416664] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:34,478 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:34,478 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:34,478 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [865676296] [2024-10-11 03:01:34,478 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:34,478 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:34,478 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:34,479 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:34,479 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:34,479 INFO L87 Difference]: Start difference. First operand 280 states and 369 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:34,792 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:34,793 INFO L93 Difference]: Finished difference Result 816 states and 1115 transitions. [2024-10-11 03:01:34,793 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:34,793 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 43 [2024-10-11 03:01:34,794 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:34,797 INFO L225 Difference]: With dead ends: 816 [2024-10-11 03:01:34,797 INFO L226 Difference]: Without dead ends: 538 [2024-10-11 03:01:34,799 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 12 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:34,800 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 211 mSDsluCounter, 140 mSDsCounter, 0 mSdLazyCounter, 194 mSolverCounterSat, 70 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 218 SdHoareTripleChecker+Valid, 251 SdHoareTripleChecker+Invalid, 264 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 70 IncrementalHoareTripleChecker+Valid, 194 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:34,800 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [218 Valid, 251 Invalid, 264 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [70 Valid, 194 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:34,801 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 538 states. [2024-10-11 03:01:34,837 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 538 to 532. [2024-10-11 03:01:34,839 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 532 states, 375 states have (on average 1.28) internal successors, (480), 401 states have internal predecessors, (480), 83 states have call successors, (83), 67 states have call predecessors, (83), 73 states have return successors, (135), 84 states have call predecessors, (135), 83 states have call successors, (135) [2024-10-11 03:01:34,842 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 532 states to 532 states and 698 transitions. [2024-10-11 03:01:34,843 INFO L78 Accepts]: Start accepts. Automaton has 532 states and 698 transitions. Word has length 43 [2024-10-11 03:01:34,843 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:34,844 INFO L471 AbstractCegarLoop]: Abstraction has 532 states and 698 transitions. [2024-10-11 03:01:34,844 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:34,844 INFO L276 IsEmpty]: Start isEmpty. Operand 532 states and 698 transitions. [2024-10-11 03:01:34,845 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-10-11 03:01:34,845 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:34,845 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:34,846 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-11 03:01:34,846 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:34,846 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:34,847 INFO L85 PathProgramCache]: Analyzing trace with hash -1223413813, now seen corresponding path program 1 times [2024-10-11 03:01:34,847 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:34,847 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1378406906] [2024-10-11 03:01:34,847 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:34,847 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:34,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:34,996 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:34,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,008 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:35,010 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,019 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:35,023 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,042 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:35,045 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,054 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-10-11 03:01:35,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,057 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:35,058 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:35,058 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1378406906] [2024-10-11 03:01:35,058 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1378406906] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:35,058 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:35,058 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-11 03:01:35,058 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [870052234] [2024-10-11 03:01:35,058 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:35,059 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-11 03:01:35,060 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:35,060 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-11 03:01:35,061 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:35,061 INFO L87 Difference]: Start difference. First operand 532 states and 698 transitions. Second operand has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 7 states have internal predecessors, (35), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-11 03:01:35,783 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:35,783 INFO L93 Difference]: Finished difference Result 1403 states and 1958 transitions. [2024-10-11 03:01:35,784 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-10-11 03:01:35,784 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 7 states have internal predecessors, (35), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) Word has length 47 [2024-10-11 03:01:35,784 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:35,790 INFO L225 Difference]: With dead ends: 1403 [2024-10-11 03:01:35,791 INFO L226 Difference]: Without dead ends: 973 [2024-10-11 03:01:35,794 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 86 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=125, Invalid=337, Unknown=0, NotChecked=0, Total=462 [2024-10-11 03:01:35,795 INFO L432 NwaCegarLoop]: 76 mSDtfsCounter, 556 mSDsluCounter, 223 mSDsCounter, 0 mSdLazyCounter, 467 mSolverCounterSat, 241 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 564 SdHoareTripleChecker+Valid, 299 SdHoareTripleChecker+Invalid, 708 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 241 IncrementalHoareTripleChecker+Valid, 467 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:35,795 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [564 Valid, 299 Invalid, 708 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [241 Valid, 467 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-10-11 03:01:35,796 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 973 states. [2024-10-11 03:01:35,881 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 973 to 898. [2024-10-11 03:01:35,883 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 898 states, 632 states have (on average 1.2816455696202531) internal successors, (810), 684 states have internal predecessors, (810), 140 states have call successors, (140), 106 states have call predecessors, (140), 125 states have return successors, (230), 139 states have call predecessors, (230), 140 states have call successors, (230) [2024-10-11 03:01:35,889 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 898 states to 898 states and 1180 transitions. [2024-10-11 03:01:35,891 INFO L78 Accepts]: Start accepts. Automaton has 898 states and 1180 transitions. Word has length 47 [2024-10-11 03:01:35,891 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:35,891 INFO L471 AbstractCegarLoop]: Abstraction has 898 states and 1180 transitions. [2024-10-11 03:01:35,892 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 7 states have internal predecessors, (35), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-11 03:01:35,892 INFO L276 IsEmpty]: Start isEmpty. Operand 898 states and 1180 transitions. [2024-10-11 03:01:35,894 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 72 [2024-10-11 03:01:35,894 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:35,894 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:35,894 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-11 03:01:35,894 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:35,895 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:35,895 INFO L85 PathProgramCache]: Analyzing trace with hash -802071733, now seen corresponding path program 1 times [2024-10-11 03:01:35,895 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:35,895 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [864340255] [2024-10-11 03:01:35,895 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:35,896 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:35,908 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,930 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:35,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,945 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:35,949 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,967 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:35,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,975 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:35,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,982 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:35,984 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,986 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 54 [2024-10-11 03:01:35,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,988 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-10-11 03:01:35,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:35,990 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:35,990 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:35,990 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [864340255] [2024-10-11 03:01:35,990 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [864340255] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:35,990 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:35,991 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-11 03:01:35,991 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1171081990] [2024-10-11 03:01:35,991 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:35,991 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-11 03:01:35,991 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:35,992 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-11 03:01:35,992 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:35,992 INFO L87 Difference]: Start difference. First operand 898 states and 1180 transitions. Second operand has 7 states, 6 states have (on average 9.0) internal successors, (54), 4 states have internal predecessors, (54), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-10-11 03:01:36,382 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:36,383 INFO L93 Difference]: Finished difference Result 1091 states and 1425 transitions. [2024-10-11 03:01:36,383 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-11 03:01:36,383 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 9.0) internal successors, (54), 4 states have internal predecessors, (54), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 71 [2024-10-11 03:01:36,384 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:36,388 INFO L225 Difference]: With dead ends: 1091 [2024-10-11 03:01:36,388 INFO L226 Difference]: Without dead ends: 445 [2024-10-11 03:01:36,390 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 19 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-10-11 03:01:36,391 INFO L432 NwaCegarLoop]: 80 mSDtfsCounter, 255 mSDsluCounter, 147 mSDsCounter, 0 mSdLazyCounter, 284 mSolverCounterSat, 93 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 264 SdHoareTripleChecker+Valid, 227 SdHoareTripleChecker+Invalid, 377 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 93 IncrementalHoareTripleChecker+Valid, 284 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:36,391 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [264 Valid, 227 Invalid, 377 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [93 Valid, 284 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 03:01:36,392 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 445 states. [2024-10-11 03:01:36,424 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 445 to 405. [2024-10-11 03:01:36,425 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 405 states, 285 states have (on average 1.231578947368421) internal successors, (351), 307 states have internal predecessors, (351), 62 states have call successors, (62), 47 states have call predecessors, (62), 57 states have return successors, (104), 62 states have call predecessors, (104), 62 states have call successors, (104) [2024-10-11 03:01:36,428 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 405 states to 405 states and 517 transitions. [2024-10-11 03:01:36,429 INFO L78 Accepts]: Start accepts. Automaton has 405 states and 517 transitions. Word has length 71 [2024-10-11 03:01:36,429 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:36,429 INFO L471 AbstractCegarLoop]: Abstraction has 405 states and 517 transitions. [2024-10-11 03:01:36,429 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 9.0) internal successors, (54), 4 states have internal predecessors, (54), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-10-11 03:01:36,429 INFO L276 IsEmpty]: Start isEmpty. Operand 405 states and 517 transitions. [2024-10-11 03:01:36,431 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2024-10-11 03:01:36,432 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:36,432 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:36,432 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-11 03:01:36,433 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:36,433 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:36,434 INFO L85 PathProgramCache]: Analyzing trace with hash 1447043316, now seen corresponding path program 1 times [2024-10-11 03:01:36,434 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:36,434 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [452741625] [2024-10-11 03:01:36,434 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:36,434 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:36,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,561 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:36,562 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,577 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:36,581 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,598 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:36,599 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,608 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:36,610 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,619 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:36,622 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,632 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2024-10-11 03:01:36,635 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,646 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2024-10-11 03:01:36,649 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,653 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:36,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,657 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:36,658 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,659 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2024-10-11 03:01:36,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,662 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 6 proven. 17 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-10-11 03:01:36,663 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:36,663 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [452741625] [2024-10-11 03:01:36,663 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [452741625] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 03:01:36,663 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1135113650] [2024-10-11 03:01:36,663 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:36,663 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:36,664 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:36,665 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 03:01:36,667 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-11 03:01:36,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:36,765 INFO L255 TraceCheckSpWp]: Trace formula consists of 305 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-11 03:01:36,776 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 03:01:36,966 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 22 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 03:01:36,966 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-11 03:01:37,166 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 15 proven. 8 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-10-11 03:01:37,166 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1135113650] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-11 03:01:37,167 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-11 03:01:37,167 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-11 03:01:37,167 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [279931216] [2024-10-11 03:01:37,167 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-11 03:01:37,167 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-11 03:01:37,168 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:37,168 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-11 03:01:37,168 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-11 03:01:37,169 INFO L87 Difference]: Start difference. First operand 405 states and 517 transitions. Second operand has 15 states, 12 states have (on average 9.166666666666666) internal successors, (110), 10 states have internal predecessors, (110), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (20), 8 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-11 03:01:38,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:38,196 INFO L93 Difference]: Finished difference Result 837 states and 1090 transitions. [2024-10-11 03:01:38,196 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-11 03:01:38,197 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 12 states have (on average 9.166666666666666) internal successors, (110), 10 states have internal predecessors, (110), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (20), 8 states have call predecessors, (20), 6 states have call successors, (20) Word has length 87 [2024-10-11 03:01:38,197 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:38,199 INFO L225 Difference]: With dead ends: 837 [2024-10-11 03:01:38,199 INFO L226 Difference]: Without dead ends: 0 [2024-10-11 03:01:38,202 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 239 GetRequests, 198 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 338 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=345, Invalid=1137, Unknown=0, NotChecked=0, Total=1482 [2024-10-11 03:01:38,203 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 306 mSDsluCounter, 472 mSDsCounter, 0 mSdLazyCounter, 850 mSolverCounterSat, 142 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 309 SdHoareTripleChecker+Valid, 578 SdHoareTripleChecker+Invalid, 992 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 142 IncrementalHoareTripleChecker+Valid, 850 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:38,203 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [309 Valid, 578 Invalid, 992 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [142 Valid, 850 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-11 03:01:38,204 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-11 03:01:38,204 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-11 03:01:38,204 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-11 03:01:38,204 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-11 03:01:38,205 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 87 [2024-10-11 03:01:38,206 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:38,206 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-11 03:01:38,206 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 12 states have (on average 9.166666666666666) internal successors, (110), 10 states have internal predecessors, (110), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (20), 8 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-11 03:01:38,206 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-11 03:01:38,207 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-11 03:01:38,210 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-11 03:01:38,234 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-11 03:01:38,411 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-11 03:01:38,414 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:38,415 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-11 03:01:42,322 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-11 03:01:42,339 WARN L155 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and (= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (and (= 1 ~systemActive~0) (<= ~waterLevel~0 2)))) Eliminated clause: (or (and (= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (and (= 1 ~systemActive~0) (<= ~waterLevel~0 2))) [2024-10-11 03:01:42,357 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:42,375 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-11 03:01:42,383 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:42,390 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-11 03:01:42,406 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.10 03:01:42 BoogieIcfgContainer [2024-10-11 03:01:42,407 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-11 03:01:42,408 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-11 03:01:42,408 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-11 03:01:42,408 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-11 03:01:42,409 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:31" (3/4) ... [2024-10-11 03:01:42,411 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-11 03:01:42,415 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-11 03:01:42,415 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-11 03:01:42,415 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-11 03:01:42,415 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-11 03:01:42,415 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-11 03:01:42,416 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:42,416 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-11 03:01:42,416 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-10-11 03:01:42,416 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-11 03:01:42,426 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 38 nodes and edges [2024-10-11 03:01:42,426 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-11 03:01:42,427 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-11 03:01:42,427 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:42,428 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:42,547 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-11 03:01:42,548 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-11 03:01:42,548 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-11 03:01:42,548 INFO L158 Benchmark]: Toolchain (without parser) took 12034.65ms. Allocated memory was 172.0MB in the beginning and 249.6MB in the end (delta: 77.6MB). Free memory was 131.8MB in the beginning and 118.9MB in the end (delta: 12.9MB). Peak memory consumption was 90.9MB. Max. memory is 16.1GB. [2024-10-11 03:01:42,549 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 100.7MB. Free memory is still 66.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 03:01:42,549 INFO L158 Benchmark]: CACSL2BoogieTranslator took 528.25ms. Allocated memory is still 172.0MB. Free memory was 131.3MB in the beginning and 109.7MB in the end (delta: 21.6MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:42,549 INFO L158 Benchmark]: Boogie Procedure Inliner took 50.02ms. Allocated memory is still 172.0MB. Free memory was 109.7MB in the beginning and 107.1MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:42,549 INFO L158 Benchmark]: Boogie Preprocessor took 60.03ms. Allocated memory is still 172.0MB. Free memory was 107.1MB in the beginning and 105.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:42,550 INFO L158 Benchmark]: RCFGBuilder took 675.39ms. Allocated memory is still 172.0MB. Free memory was 105.0MB in the beginning and 120.7MB in the end (delta: -15.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-11 03:01:42,551 INFO L158 Benchmark]: TraceAbstraction took 10574.23ms. Allocated memory was 172.0MB in the beginning and 249.6MB in the end (delta: 77.6MB). Free memory was 119.6MB in the beginning and 127.3MB in the end (delta: -7.7MB). Peak memory consumption was 131.9MB. Max. memory is 16.1GB. [2024-10-11 03:01:42,552 INFO L158 Benchmark]: Witness Printer took 140.05ms. Allocated memory is still 249.6MB. Free memory was 127.3MB in the beginning and 118.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-11 03:01:42,553 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 100.7MB. Free memory is still 66.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 528.25ms. Allocated memory is still 172.0MB. Free memory was 131.3MB in the beginning and 109.7MB in the end (delta: 21.6MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 50.02ms. Allocated memory is still 172.0MB. Free memory was 109.7MB in the beginning and 107.1MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 60.03ms. Allocated memory is still 172.0MB. Free memory was 107.1MB in the beginning and 105.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 675.39ms. Allocated memory is still 172.0MB. Free memory was 105.0MB in the beginning and 120.7MB in the end (delta: -15.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * TraceAbstraction took 10574.23ms. Allocated memory was 172.0MB in the beginning and 249.6MB in the end (delta: 77.6MB). Free memory was 119.6MB in the beginning and 127.3MB in the end (delta: -7.7MB). Peak memory consumption was 131.9MB. Max. memory is 16.1GB. * Witness Printer took 140.05ms. Allocated memory is still 249.6MB. Free memory was 127.3MB in the beginning and 118.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] - GenericResultAtLocation [Line: 521]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [521] - GenericResultAtLocation [Line: 556]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [556] - GenericResultAtLocation [Line: 565]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [565] - GenericResultAtLocation [Line: 633]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [633] - GenericResultAtLocation [Line: 742]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [742] - GenericResultAtLocation [Line: 988]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [988] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 561]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 85 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 6.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1745 SdHoareTripleChecker+Valid, 2.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1702 mSDsluCounter, 2730 SdHoareTripleChecker+Invalid, 1.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1834 mSDsCounter, 623 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2340 IncrementalHoareTripleChecker+Invalid, 2963 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 623 mSolverCounterUnsat, 896 mSDtfsCounter, 2340 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 390 GetRequests, 288 SyntacticMatches, 5 SemanticMatches, 97 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 461 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=898occurred in iteration=8, InterpolantAutomatonStates: 92, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 135 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.7s InterpolantComputationTime, 521 NumberOfCodeBlocks, 521 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 596 ConstructedInterpolants, 0 QuantifiedInterpolants, 1194 SizeOfPredicates, 2 NumberOfNonLiveVariables, 305 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 96/130 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 576]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 428]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 577]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - ProcedureContractResult [Line: 871]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((2 == waterLevel) && (0 != systemActive)) || ((1 == systemActive) && (waterLevel <= 2))) Ensures: ((pumpRunning == 0) && (((2 == waterLevel) && (0 != systemActive)) || ((1 == systemActive) && (waterLevel <= 2)))) - ProcedureContractResult [Line: 778]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 666]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) - ProcedureContractResult [Line: 751]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((((\old(pumpRunning) == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 418]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 786]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 654]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 812]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) - ProcedureContractResult [Line: 890]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && (pumpRunning == \result)) RESULT: Ultimate proved your program to be correct! [2024-10-11 03:01:42,586 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE