./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 84cfde4a Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c -s /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 62c2cf132c1af8470eae7f9b6621445fd5b91c1643db1f71bf7213022a4dec0a --- Real Ultimate output --- This is Ultimate 0.2.5-dev-84cfde4 [2024-10-11 03:01:38,908 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-11 03:01:38,958 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-11 03:01:38,962 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-11 03:01:38,963 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-11 03:01:38,982 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-11 03:01:38,982 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-11 03:01:38,983 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-11 03:01:38,983 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-11 03:01:38,983 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-11 03:01:38,984 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-11 03:01:38,984 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-11 03:01:38,987 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-11 03:01:38,987 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-11 03:01:38,989 INFO L153 SettingsManager]: * Use SBE=true [2024-10-11 03:01:38,989 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-11 03:01:38,990 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-11 03:01:38,990 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-11 03:01:38,990 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-11 03:01:38,991 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-11 03:01:38,991 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-11 03:01:38,992 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-11 03:01:38,992 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-11 03:01:38,992 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-11 03:01:38,992 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-11 03:01:38,993 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-11 03:01:38,993 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-11 03:01:38,993 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-11 03:01:38,994 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-11 03:01:38,994 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-11 03:01:38,994 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-11 03:01:38,995 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-11 03:01:38,995 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:38,995 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-11 03:01:38,996 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-11 03:01:38,996 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-11 03:01:38,996 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-11 03:01:38,997 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-11 03:01:38,997 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-11 03:01:38,997 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-11 03:01:38,997 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-11 03:01:38,998 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-11 03:01:38,998 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 62c2cf132c1af8470eae7f9b6621445fd5b91c1643db1f71bf7213022a4dec0a [2024-10-11 03:01:39,231 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-11 03:01:39,265 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-11 03:01:39,270 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-11 03:01:39,271 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-11 03:01:39,271 INFO L274 PluginConnector]: CDTParser initialized [2024-10-11 03:01:39,272 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c [2024-10-11 03:01:40,903 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-11 03:01:41,091 INFO L384 CDTParser]: Found 1 translation units. [2024-10-11 03:01:41,092 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c [2024-10-11 03:01:41,111 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/ff2c898a5/6eb40fc617f44fcfa6f0bc9e187e1266/FLAGafad78845 [2024-10-11 03:01:41,122 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/ff2c898a5/6eb40fc617f44fcfa6f0bc9e187e1266 [2024-10-11 03:01:41,124 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-11 03:01:41,125 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-11 03:01:41,126 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:41,126 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-11 03:01:41,135 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-11 03:01:41,135 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,137 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6fbd0ea2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41, skipping insertion in model container [2024-10-11 03:01:41,138 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,168 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-11 03:01:41,361 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c[5724,5737] [2024-10-11 03:01:41,452 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:41,463 INFO L200 MainTranslator]: Completed pre-run [2024-10-11 03:01:41,475 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-10-11 03:01:41,479 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [168] [2024-10-11 03:01:41,480 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [272] [2024-10-11 03:01:41,480 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [317] [2024-10-11 03:01:41,480 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [326] [2024-10-11 03:01:41,480 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [692] [2024-10-11 03:01:41,481 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [771] [2024-10-11 03:01:41,481 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [1110] [2024-10-11 03:01:41,499 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c[5724,5737] [2024-10-11 03:01:41,540 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:41,562 INFO L204 MainTranslator]: Completed translation [2024-10-11 03:01:41,563 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41 WrapperNode [2024-10-11 03:01:41,563 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:41,564 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:41,564 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-11 03:01:41,564 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-11 03:01:41,570 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,591 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,619 INFO L138 Inliner]: procedures = 65, calls = 124, calls flagged for inlining = 30, calls inlined = 27, statements flattened = 303 [2024-10-11 03:01:41,619 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:41,620 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-11 03:01:41,620 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-11 03:01:41,620 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-11 03:01:41,629 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,629 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,632 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,650 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-11 03:01:41,651 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,652 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,661 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,667 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,672 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,674 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,679 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-11 03:01:41,680 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-11 03:01:41,680 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-11 03:01:41,680 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-11 03:01:41,681 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (1/1) ... [2024-10-11 03:01:41,695 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:41,705 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:41,726 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-11 03:01:41,738 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-11 03:01:41,799 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-11 03:01:41,800 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2024-10-11 03:01:41,800 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2024-10-11 03:01:41,800 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-11 03:01:41,800 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-11 03:01:41,800 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-11 03:01:41,800 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-11 03:01:41,801 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2024-10-11 03:01:41,801 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2024-10-11 03:01:41,801 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-11 03:01:41,801 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-11 03:01:41,802 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2024-10-11 03:01:41,802 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2024-10-11 03:01:41,802 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-11 03:01:41,802 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-11 03:01:41,803 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2024-10-11 03:01:41,803 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2024-10-11 03:01:41,803 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-10-11 03:01:41,804 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-10-11 03:01:41,804 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-11 03:01:41,804 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-11 03:01:41,804 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-11 03:01:41,804 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2024-10-11 03:01:41,804 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2024-10-11 03:01:41,805 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-11 03:01:41,805 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-11 03:01:41,805 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-11 03:01:41,805 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-11 03:01:41,895 INFO L238 CfgBuilder]: Building ICFG [2024-10-11 03:01:41,897 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-11 03:01:42,175 INFO L? ?]: Removed 54 outVars from TransFormulas that were not future-live. [2024-10-11 03:01:42,175 INFO L287 CfgBuilder]: Performing block encoding [2024-10-11 03:01:42,301 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-11 03:01:42,301 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-11 03:01:42,301 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:42 BoogieIcfgContainer [2024-10-11 03:01:42,301 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-11 03:01:42,304 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-11 03:01:42,304 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-11 03:01:42,307 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-11 03:01:42,307 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.10 03:01:41" (1/3) ... [2024-10-11 03:01:42,308 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@75f89ee8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:42, skipping insertion in model container [2024-10-11 03:01:42,308 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:41" (2/3) ... [2024-10-11 03:01:42,308 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@75f89ee8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:42, skipping insertion in model container [2024-10-11 03:01:42,308 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:42" (3/3) ... [2024-10-11 03:01:42,310 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_productSimulator.cil.c [2024-10-11 03:01:42,324 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-11 03:01:42,325 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-11 03:01:42,379 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-11 03:01:42,385 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@356f508e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-11 03:01:42,385 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-11 03:01:42,390 INFO L276 IsEmpty]: Start isEmpty. Operand has 122 states, 78 states have (on average 1.4743589743589745) internal successors, (115), 94 states have internal predecessors, (115), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2024-10-11 03:01:42,399 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-10-11 03:01:42,400 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:42,401 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:42,401 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:42,406 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:42,408 INFO L85 PathProgramCache]: Analyzing trace with hash -549742903, now seen corresponding path program 1 times [2024-10-11 03:01:42,416 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:42,416 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1728528001] [2024-10-11 03:01:42,416 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:42,417 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:42,548 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,651 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:42,654 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,659 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:42,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,664 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:42,666 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,668 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:42,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,672 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:42,674 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,677 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:42,679 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,681 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:42,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,684 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-10-11 03:01:42,689 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,692 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-10-11 03:01:42,696 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:42,696 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1728528001] [2024-10-11 03:01:42,697 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1728528001] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:42,697 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:42,697 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-11 03:01:42,699 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1607547742] [2024-10-11 03:01:42,699 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:42,703 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-11 03:01:42,704 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:42,725 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-11 03:01:42,725 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:42,728 INFO L87 Difference]: Start difference. First operand has 122 states, 78 states have (on average 1.4743589743589745) internal successors, (115), 94 states have internal predecessors, (115), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 2 states, 2 states have (on average 11.0) internal successors, (22), 2 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2024-10-11 03:01:42,796 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:42,796 INFO L93 Difference]: Finished difference Result 228 states and 332 transitions. [2024-10-11 03:01:42,797 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-11 03:01:42,798 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 11.0) internal successors, (22), 2 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 46 [2024-10-11 03:01:42,799 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:42,808 INFO L225 Difference]: With dead ends: 228 [2024-10-11 03:01:42,808 INFO L226 Difference]: Without dead ends: 117 [2024-10-11 03:01:42,812 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:42,815 INFO L432 NwaCegarLoop]: 150 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 20 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 150 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 20 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:42,815 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 150 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 20 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:42,828 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 117 states. [2024-10-11 03:01:42,847 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 117 to 117. [2024-10-11 03:01:42,848 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 117 states, 75 states have (on average 1.4) internal successors, (105), 90 states have internal predecessors, (105), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2024-10-11 03:01:42,850 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 117 states to 117 states and 164 transitions. [2024-10-11 03:01:42,851 INFO L78 Accepts]: Start accepts. Automaton has 117 states and 164 transitions. Word has length 46 [2024-10-11 03:01:42,852 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:42,853 INFO L471 AbstractCegarLoop]: Abstraction has 117 states and 164 transitions. [2024-10-11 03:01:42,853 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 11.0) internal successors, (22), 2 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2024-10-11 03:01:42,853 INFO L276 IsEmpty]: Start isEmpty. Operand 117 states and 164 transitions. [2024-10-11 03:01:42,857 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-10-11 03:01:42,857 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:42,858 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:42,858 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-11 03:01:42,858 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:42,859 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:42,859 INFO L85 PathProgramCache]: Analyzing trace with hash 684594689, now seen corresponding path program 1 times [2024-10-11 03:01:42,859 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:42,859 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [263019680] [2024-10-11 03:01:42,859 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:42,859 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:42,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,965 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:42,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,975 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:42,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,981 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:42,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,985 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:42,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,993 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:42,994 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:42,999 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:43,000 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,002 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-10-11 03:01:43,002 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,007 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-10-11 03:01:43,008 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,009 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-10-11 03:01:43,013 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:43,013 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [263019680] [2024-10-11 03:01:43,013 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [263019680] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:43,013 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:43,014 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:43,014 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1576837539] [2024-10-11 03:01:43,014 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:43,015 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:43,015 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:43,015 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:43,015 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:43,016 INFO L87 Difference]: Start difference. First operand 117 states and 164 transitions. Second operand has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2024-10-11 03:01:43,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:43,085 INFO L93 Difference]: Finished difference Result 188 states and 263 transitions. [2024-10-11 03:01:43,085 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:43,085 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 47 [2024-10-11 03:01:43,085 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:43,086 INFO L225 Difference]: With dead ends: 188 [2024-10-11 03:01:43,087 INFO L226 Difference]: Without dead ends: 109 [2024-10-11 03:01:43,087 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:43,092 INFO L432 NwaCegarLoop]: 136 mSDtfsCounter, 18 mSDsluCounter, 116 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 22 SdHoareTripleChecker+Valid, 252 SdHoareTripleChecker+Invalid, 30 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:43,092 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [22 Valid, 252 Invalid, 30 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:43,093 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 109 states. [2024-10-11 03:01:43,107 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 109 to 109. [2024-10-11 03:01:43,107 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 109 states, 70 states have (on average 1.4142857142857144) internal successors, (99), 85 states have internal predecessors, (99), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2024-10-11 03:01:43,112 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 109 states to 109 states and 153 transitions. [2024-10-11 03:01:43,113 INFO L78 Accepts]: Start accepts. Automaton has 109 states and 153 transitions. Word has length 47 [2024-10-11 03:01:43,113 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:43,114 INFO L471 AbstractCegarLoop]: Abstraction has 109 states and 153 transitions. [2024-10-11 03:01:43,114 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2024-10-11 03:01:43,114 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 153 transitions. [2024-10-11 03:01:43,116 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-10-11 03:01:43,117 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:43,118 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:43,118 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-11 03:01:43,118 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:43,118 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:43,119 INFO L85 PathProgramCache]: Analyzing trace with hash -930827711, now seen corresponding path program 1 times [2024-10-11 03:01:43,119 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:43,119 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1136769791] [2024-10-11 03:01:43,119 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:43,119 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:43,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,223 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:43,224 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,225 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:43,227 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,228 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:43,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,232 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:43,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,237 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:43,238 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,239 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:43,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,243 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-11 03:01:43,244 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,251 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-10-11 03:01:43,252 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,257 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-10-11 03:01:43,257 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:43,257 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1136769791] [2024-10-11 03:01:43,257 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1136769791] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:43,257 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:43,257 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:43,257 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [586786529] [2024-10-11 03:01:43,257 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:43,258 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:43,258 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:43,258 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:43,258 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:43,259 INFO L87 Difference]: Start difference. First operand 109 states and 153 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 3 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2024-10-11 03:01:43,335 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:43,335 INFO L93 Difference]: Finished difference Result 295 states and 418 transitions. [2024-10-11 03:01:43,336 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:43,336 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 3 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) Word has length 51 [2024-10-11 03:01:43,336 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:43,338 INFO L225 Difference]: With dead ends: 295 [2024-10-11 03:01:43,338 INFO L226 Difference]: Without dead ends: 202 [2024-10-11 03:01:43,339 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:43,340 INFO L432 NwaCegarLoop]: 149 mSDtfsCounter, 144 mSDsluCounter, 117 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 266 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:43,340 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 266 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:43,341 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 202 states. [2024-10-11 03:01:43,361 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 202 to 199. [2024-10-11 03:01:43,362 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 199 states, 129 states have (on average 1.441860465116279) internal successors, (186), 158 states have internal predecessors, (186), 48 states have call successors, (48), 21 states have call predecessors, (48), 21 states have return successors, (48), 37 states have call predecessors, (48), 48 states have call successors, (48) [2024-10-11 03:01:43,363 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 199 states to 199 states and 282 transitions. [2024-10-11 03:01:43,364 INFO L78 Accepts]: Start accepts. Automaton has 199 states and 282 transitions. Word has length 51 [2024-10-11 03:01:43,364 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:43,364 INFO L471 AbstractCegarLoop]: Abstraction has 199 states and 282 transitions. [2024-10-11 03:01:43,364 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 3 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2024-10-11 03:01:43,365 INFO L276 IsEmpty]: Start isEmpty. Operand 199 states and 282 transitions. [2024-10-11 03:01:43,366 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-10-11 03:01:43,367 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:43,367 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:43,367 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-11 03:01:43,367 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:43,368 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:43,368 INFO L85 PathProgramCache]: Analyzing trace with hash 1605419551, now seen corresponding path program 1 times [2024-10-11 03:01:43,368 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:43,368 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [700430867] [2024-10-11 03:01:43,368 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:43,369 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:43,381 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,527 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:43,529 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,534 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:43,535 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,537 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:43,538 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,541 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:43,543 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,547 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:43,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,553 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:43,556 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,559 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-10-11 03:01:43,560 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,563 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-10-11 03:01:43,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,575 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2024-10-11 03:01:43,576 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:43,577 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [700430867] [2024-10-11 03:01:43,577 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [700430867] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:43,577 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:43,577 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:43,577 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1644257069] [2024-10-11 03:01:43,578 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:43,578 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:43,578 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:43,579 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:43,579 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:43,579 INFO L87 Difference]: Start difference. First operand 199 states and 282 transitions. Second operand has 6 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 1 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2024-10-11 03:01:43,767 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:43,768 INFO L93 Difference]: Finished difference Result 496 states and 730 transitions. [2024-10-11 03:01:43,768 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:43,768 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 1 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) Word has length 54 [2024-10-11 03:01:43,769 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:43,771 INFO L225 Difference]: With dead ends: 496 [2024-10-11 03:01:43,771 INFO L226 Difference]: Without dead ends: 313 [2024-10-11 03:01:43,773 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:43,774 INFO L432 NwaCegarLoop]: 136 mSDtfsCounter, 89 mSDsluCounter, 439 mSDsCounter, 0 mSdLazyCounter, 163 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 90 SdHoareTripleChecker+Valid, 575 SdHoareTripleChecker+Invalid, 174 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 163 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:43,774 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [90 Valid, 575 Invalid, 174 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 163 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:43,775 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 313 states. [2024-10-11 03:01:43,802 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 313 to 312. [2024-10-11 03:01:43,806 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 312 states, 210 states have (on average 1.3904761904761904) internal successors, (292), 243 states have internal predecessors, (292), 64 states have call successors, (64), 37 states have call predecessors, (64), 37 states have return successors, (84), 59 states have call predecessors, (84), 64 states have call successors, (84) [2024-10-11 03:01:43,808 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 312 states to 312 states and 440 transitions. [2024-10-11 03:01:43,809 INFO L78 Accepts]: Start accepts. Automaton has 312 states and 440 transitions. Word has length 54 [2024-10-11 03:01:43,809 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:43,811 INFO L471 AbstractCegarLoop]: Abstraction has 312 states and 440 transitions. [2024-10-11 03:01:43,811 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 1 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2024-10-11 03:01:43,811 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 440 transitions. [2024-10-11 03:01:43,813 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2024-10-11 03:01:43,816 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:43,816 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:43,816 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-11 03:01:43,817 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:43,817 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:43,817 INFO L85 PathProgramCache]: Analyzing trace with hash -987399212, now seen corresponding path program 1 times [2024-10-11 03:01:43,817 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:43,817 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1001092468] [2024-10-11 03:01:43,817 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:43,817 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:43,833 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,888 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:43,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,891 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:43,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,893 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:43,894 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,895 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:43,896 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,897 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:43,898 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,899 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:43,900 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,902 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-11 03:01:43,902 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,907 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-10-11 03:01:43,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,922 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:43,925 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,952 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:43,953 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,956 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-10-11 03:01:43,958 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:43,959 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-10-11 03:01:43,959 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:43,959 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1001092468] [2024-10-11 03:01:43,960 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1001092468] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:43,960 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:43,960 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:43,960 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1763453218] [2024-10-11 03:01:43,961 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:43,961 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:43,961 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:43,961 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:43,962 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:43,962 INFO L87 Difference]: Start difference. First operand 312 states and 440 transitions. Second operand has 6 states, 6 states have (on average 7.333333333333333) internal successors, (44), 5 states have internal predecessors, (44), 3 states have call successors, (12), 3 states have call predecessors, (12), 2 states have return successors, (11), 2 states have call predecessors, (11), 3 states have call successors, (11) [2024-10-11 03:01:44,293 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:44,294 INFO L93 Difference]: Finished difference Result 906 states and 1338 transitions. [2024-10-11 03:01:44,294 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:44,294 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.333333333333333) internal successors, (44), 5 states have internal predecessors, (44), 3 states have call successors, (12), 3 states have call predecessors, (12), 2 states have return successors, (11), 2 states have call predecessors, (11), 3 states have call successors, (11) Word has length 73 [2024-10-11 03:01:44,295 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:44,302 INFO L225 Difference]: With dead ends: 906 [2024-10-11 03:01:44,304 INFO L226 Difference]: Without dead ends: 610 [2024-10-11 03:01:44,306 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:44,307 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 209 mSDsluCounter, 335 mSDsCounter, 0 mSdLazyCounter, 252 mSolverCounterSat, 78 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 218 SdHoareTripleChecker+Valid, 449 SdHoareTripleChecker+Invalid, 330 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 78 IncrementalHoareTripleChecker+Valid, 252 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:44,307 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [218 Valid, 449 Invalid, 330 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [78 Valid, 252 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 03:01:44,311 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 610 states. [2024-10-11 03:01:44,379 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 610 to 602. [2024-10-11 03:01:44,382 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 602 states, 420 states have (on average 1.3428571428571427) internal successors, (564), 468 states have internal predecessors, (564), 107 states have call successors, (107), 64 states have call predecessors, (107), 74 states have return successors, (163), 120 states have call predecessors, (163), 107 states have call successors, (163) [2024-10-11 03:01:44,388 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 602 states to 602 states and 834 transitions. [2024-10-11 03:01:44,388 INFO L78 Accepts]: Start accepts. Automaton has 602 states and 834 transitions. Word has length 73 [2024-10-11 03:01:44,389 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:44,389 INFO L471 AbstractCegarLoop]: Abstraction has 602 states and 834 transitions. [2024-10-11 03:01:44,389 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.333333333333333) internal successors, (44), 5 states have internal predecessors, (44), 3 states have call successors, (12), 3 states have call predecessors, (12), 2 states have return successors, (11), 2 states have call predecessors, (11), 3 states have call successors, (11) [2024-10-11 03:01:44,390 INFO L276 IsEmpty]: Start isEmpty. Operand 602 states and 834 transitions. [2024-10-11 03:01:44,392 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2024-10-11 03:01:44,392 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:44,392 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:44,392 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-11 03:01:44,393 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:44,393 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:44,393 INFO L85 PathProgramCache]: Analyzing trace with hash -1127947822, now seen corresponding path program 1 times [2024-10-11 03:01:44,394 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:44,394 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2073688505] [2024-10-11 03:01:44,394 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:44,395 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:44,409 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,452 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:44,453 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,454 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:44,456 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,457 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:44,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,459 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:44,460 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,461 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:44,462 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,464 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:44,465 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,465 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-11 03:01:44,466 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,470 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-10-11 03:01:44,473 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,481 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:44,484 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,499 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:44,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,501 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-10-11 03:01:44,502 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,503 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-10-11 03:01:44,503 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:44,503 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2073688505] [2024-10-11 03:01:44,503 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2073688505] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:44,503 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:44,503 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:44,504 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1573740190] [2024-10-11 03:01:44,504 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:44,504 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:44,504 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:44,505 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:44,505 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:44,505 INFO L87 Difference]: Start difference. First operand 602 states and 834 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-10-11 03:01:44,708 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:44,708 INFO L93 Difference]: Finished difference Result 1198 states and 1728 transitions. [2024-10-11 03:01:44,708 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:44,709 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 73 [2024-10-11 03:01:44,709 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:44,713 INFO L225 Difference]: With dead ends: 1198 [2024-10-11 03:01:44,713 INFO L226 Difference]: Without dead ends: 612 [2024-10-11 03:01:44,716 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 25 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:44,717 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 72 mSDsluCounter, 246 mSDsCounter, 0 mSdLazyCounter, 190 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 363 SdHoareTripleChecker+Invalid, 222 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 190 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:44,717 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 363 Invalid, 222 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 190 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:44,718 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 612 states. [2024-10-11 03:01:44,755 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 612 to 610. [2024-10-11 03:01:44,756 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 610 states, 428 states have (on average 1.3364485981308412) internal successors, (572), 476 states have internal predecessors, (572), 107 states have call successors, (107), 64 states have call predecessors, (107), 74 states have return successors, (163), 120 states have call predecessors, (163), 107 states have call successors, (163) [2024-10-11 03:01:44,760 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 610 states to 610 states and 842 transitions. [2024-10-11 03:01:44,761 INFO L78 Accepts]: Start accepts. Automaton has 610 states and 842 transitions. Word has length 73 [2024-10-11 03:01:44,761 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:44,761 INFO L471 AbstractCegarLoop]: Abstraction has 610 states and 842 transitions. [2024-10-11 03:01:44,762 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-10-11 03:01:44,762 INFO L276 IsEmpty]: Start isEmpty. Operand 610 states and 842 transitions. [2024-10-11 03:01:44,763 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2024-10-11 03:01:44,764 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:44,764 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:44,764 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-11 03:01:44,764 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:44,764 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:44,765 INFO L85 PathProgramCache]: Analyzing trace with hash 1361581140, now seen corresponding path program 1 times [2024-10-11 03:01:44,765 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:44,765 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1944546219] [2024-10-11 03:01:44,765 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:44,765 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:44,777 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,804 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:44,805 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,806 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:44,806 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,807 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:44,807 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,808 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:44,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,810 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:44,810 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,811 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:44,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,812 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-11 03:01:44,813 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,815 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-10-11 03:01:44,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,823 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:44,825 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,839 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:44,840 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,841 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-10-11 03:01:44,842 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:44,842 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-10-11 03:01:44,843 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:44,843 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1944546219] [2024-10-11 03:01:44,843 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1944546219] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:44,843 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:44,843 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:44,843 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [66768400] [2024-10-11 03:01:44,843 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:44,843 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:44,844 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:44,847 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:44,847 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:44,848 INFO L87 Difference]: Start difference. First operand 610 states and 842 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-10-11 03:01:45,030 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:45,030 INFO L93 Difference]: Finished difference Result 1090 states and 1557 transitions. [2024-10-11 03:01:45,030 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:45,031 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 73 [2024-10-11 03:01:45,032 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:45,035 INFO L225 Difference]: With dead ends: 1090 [2024-10-11 03:01:45,036 INFO L226 Difference]: Without dead ends: 496 [2024-10-11 03:01:45,038 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 25 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:45,039 INFO L432 NwaCegarLoop]: 116 mSDtfsCounter, 71 mSDsluCounter, 247 mSDsCounter, 0 mSdLazyCounter, 190 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 363 SdHoareTripleChecker+Invalid, 222 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 190 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:45,039 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 363 Invalid, 222 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 190 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:45,040 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 496 states. [2024-10-11 03:01:45,067 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 496 to 494. [2024-10-11 03:01:45,068 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 494 states, 344 states have (on average 1.322674418604651) internal successors, (455), 385 states have internal predecessors, (455), 90 states have call successors, (90), 51 states have call predecessors, (90), 59 states have return successors, (126), 97 states have call predecessors, (126), 90 states have call successors, (126) [2024-10-11 03:01:45,070 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 494 states to 494 states and 671 transitions. [2024-10-11 03:01:45,095 INFO L78 Accepts]: Start accepts. Automaton has 494 states and 671 transitions. Word has length 73 [2024-10-11 03:01:45,095 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:45,095 INFO L471 AbstractCegarLoop]: Abstraction has 494 states and 671 transitions. [2024-10-11 03:01:45,096 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-10-11 03:01:45,096 INFO L276 IsEmpty]: Start isEmpty. Operand 494 states and 671 transitions. [2024-10-11 03:01:45,097 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 78 [2024-10-11 03:01:45,097 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:45,097 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:45,097 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-11 03:01:45,097 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:45,097 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:45,097 INFO L85 PathProgramCache]: Analyzing trace with hash -42339536, now seen corresponding path program 1 times [2024-10-11 03:01:45,098 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:45,098 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [525217464] [2024-10-11 03:01:45,098 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:45,098 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:45,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,204 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:45,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,207 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:45,208 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,209 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:45,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,211 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:45,212 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,213 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:45,213 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,214 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:45,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,221 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-10-11 03:01:45,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,225 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-10-11 03:01:45,226 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,233 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-10-11 03:01:45,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,246 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:45,248 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,252 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:45,253 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,254 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2024-10-11 03:01:45,255 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:45,256 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-10-11 03:01:45,256 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:45,256 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [525217464] [2024-10-11 03:01:45,256 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [525217464] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:45,256 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:45,256 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-11 03:01:45,256 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [797997021] [2024-10-11 03:01:45,256 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:45,257 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-11 03:01:45,257 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:45,257 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-11 03:01:45,257 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:45,258 INFO L87 Difference]: Start difference. First operand 494 states and 671 transitions. Second operand has 9 states, 9 states have (on average 5.111111111111111) internal successors, (46), 7 states have internal predecessors, (46), 5 states have call successors, (13), 4 states have call predecessors, (13), 3 states have return successors, (12), 5 states have call predecessors, (12), 5 states have call successors, (12) [2024-10-11 03:01:45,910 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:45,910 INFO L93 Difference]: Finished difference Result 1430 states and 2098 transitions. [2024-10-11 03:01:45,911 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-10-11 03:01:45,911 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.111111111111111) internal successors, (46), 7 states have internal predecessors, (46), 5 states have call successors, (13), 4 states have call predecessors, (13), 3 states have return successors, (12), 5 states have call predecessors, (12), 5 states have call successors, (12) Word has length 77 [2024-10-11 03:01:45,911 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:45,916 INFO L225 Difference]: With dead ends: 1430 [2024-10-11 03:01:45,916 INFO L226 Difference]: Without dead ends: 1070 [2024-10-11 03:01:45,919 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 87 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=125, Invalid=337, Unknown=0, NotChecked=0, Total=462 [2024-10-11 03:01:45,919 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 674 mSDsluCounter, 301 mSDsCounter, 0 mSdLazyCounter, 639 mSolverCounterSat, 354 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 682 SdHoareTripleChecker+Valid, 404 SdHoareTripleChecker+Invalid, 993 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 354 IncrementalHoareTripleChecker+Valid, 639 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:45,919 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [682 Valid, 404 Invalid, 993 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [354 Valid, 639 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-10-11 03:01:45,920 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1070 states. [2024-10-11 03:01:45,987 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1070 to 1022. [2024-10-11 03:01:45,989 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1022 states, 712 states have (on average 1.3174157303370786) internal successors, (938), 802 states have internal predecessors, (938), 185 states have call successors, (185), 104 states have call predecessors, (185), 124 states have return successors, (309), 197 states have call predecessors, (309), 185 states have call successors, (309) [2024-10-11 03:01:45,994 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1022 states to 1022 states and 1432 transitions. [2024-10-11 03:01:45,995 INFO L78 Accepts]: Start accepts. Automaton has 1022 states and 1432 transitions. Word has length 77 [2024-10-11 03:01:45,996 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:45,996 INFO L471 AbstractCegarLoop]: Abstraction has 1022 states and 1432 transitions. [2024-10-11 03:01:45,996 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.111111111111111) internal successors, (46), 7 states have internal predecessors, (46), 5 states have call successors, (13), 4 states have call predecessors, (13), 3 states have return successors, (12), 5 states have call predecessors, (12), 5 states have call successors, (12) [2024-10-11 03:01:45,996 INFO L276 IsEmpty]: Start isEmpty. Operand 1022 states and 1432 transitions. [2024-10-11 03:01:45,998 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2024-10-11 03:01:45,998 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:45,998 INFO L215 NwaCegarLoop]: trace histogram [6, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:45,998 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-11 03:01:45,998 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:45,999 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:45,999 INFO L85 PathProgramCache]: Analyzing trace with hash -486026201, now seen corresponding path program 1 times [2024-10-11 03:01:45,999 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:45,999 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2000570236] [2024-10-11 03:01:45,999 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:45,999 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:46,008 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,025 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:46,026 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,027 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:46,027 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,028 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:46,029 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,029 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:46,030 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,030 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:46,031 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,031 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:46,032 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,035 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-10-11 03:01:46,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,042 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-10-11 03:01:46,046 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,055 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:46,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,060 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:46,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,064 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:46,066 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,067 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:46,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,069 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 85 [2024-10-11 03:01:46,069 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,070 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 95 [2024-10-11 03:01:46,070 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,071 INFO L134 CoverageAnalysis]: Checked inductivity of 51 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2024-10-11 03:01:46,071 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:46,071 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2000570236] [2024-10-11 03:01:46,071 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2000570236] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:46,071 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:46,071 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-11 03:01:46,071 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1306675115] [2024-10-11 03:01:46,071 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:46,072 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-11 03:01:46,072 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:46,072 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-11 03:01:46,072 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:46,073 INFO L87 Difference]: Start difference. First operand 1022 states and 1432 transitions. Second operand has 7 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 4 states have call successors, (15), 5 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2024-10-11 03:01:46,458 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:46,458 INFO L93 Difference]: Finished difference Result 1685 states and 2345 transitions. [2024-10-11 03:01:46,458 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-11 03:01:46,458 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 4 states have call successors, (15), 5 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) Word has length 102 [2024-10-11 03:01:46,459 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:46,463 INFO L225 Difference]: With dead ends: 1685 [2024-10-11 03:01:46,463 INFO L226 Difference]: Without dead ends: 679 [2024-10-11 03:01:46,465 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 45 GetRequests, 33 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-10-11 03:01:46,466 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 293 mSDsluCounter, 231 mSDsCounter, 0 mSdLazyCounter, 440 mSolverCounterSat, 117 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 308 SdHoareTripleChecker+Valid, 342 SdHoareTripleChecker+Invalid, 557 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 117 IncrementalHoareTripleChecker+Valid, 440 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:46,466 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [308 Valid, 342 Invalid, 557 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [117 Valid, 440 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 03:01:46,467 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 679 states. [2024-10-11 03:01:46,498 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 679 to 651. [2024-10-11 03:01:46,499 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 651 states, 458 states have (on average 1.3100436681222707) internal successors, (600), 511 states have internal predecessors, (600), 114 states have call successors, (114), 68 states have call predecessors, (114), 78 states have return successors, (177), 120 states have call predecessors, (177), 114 states have call successors, (177) [2024-10-11 03:01:46,502 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 651 states to 651 states and 891 transitions. [2024-10-11 03:01:46,503 INFO L78 Accepts]: Start accepts. Automaton has 651 states and 891 transitions. Word has length 102 [2024-10-11 03:01:46,504 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:46,504 INFO L471 AbstractCegarLoop]: Abstraction has 651 states and 891 transitions. [2024-10-11 03:01:46,504 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 4 states have call successors, (15), 5 states have call predecessors, (15), 2 states have return successors, (14), 3 states have call predecessors, (14), 4 states have call successors, (14) [2024-10-11 03:01:46,504 INFO L276 IsEmpty]: Start isEmpty. Operand 651 states and 891 transitions. [2024-10-11 03:01:46,505 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 113 [2024-10-11 03:01:46,505 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:46,505 INFO L215 NwaCegarLoop]: trace histogram [6, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:46,506 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-11 03:01:46,506 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:46,506 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:46,506 INFO L85 PathProgramCache]: Analyzing trace with hash 385241915, now seen corresponding path program 1 times [2024-10-11 03:01:46,506 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:46,506 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [442475880] [2024-10-11 03:01:46,507 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:46,507 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:46,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,534 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:46,535 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,536 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:46,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,537 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:46,538 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,538 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:46,539 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,539 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:46,540 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,541 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:46,541 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,544 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-10-11 03:01:46,545 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,551 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-10-11 03:01:46,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,559 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:46,560 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,564 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:46,566 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,570 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:46,571 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,575 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:46,576 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,577 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2024-10-11 03:01:46,577 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,578 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 91 [2024-10-11 03:01:46,579 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,585 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:46,586 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,588 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:46,589 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,590 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 105 [2024-10-11 03:01:46,590 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,591 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 18 proven. 5 refuted. 0 times theorem prover too weak. 39 trivial. 0 not checked. [2024-10-11 03:01:46,591 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:46,591 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [442475880] [2024-10-11 03:01:46,591 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [442475880] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 03:01:46,591 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1312381778] [2024-10-11 03:01:46,592 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:46,592 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:46,592 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:46,593 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 03:01:46,594 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-11 03:01:46,698 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:46,701 INFO L255 TraceCheckSpWp]: Trace formula consists of 382 conjuncts, 3 conjuncts are in the unsatisfiable core [2024-10-11 03:01:46,710 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 03:01:46,782 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 32 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2024-10-11 03:01:46,782 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-11 03:01:46,782 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1312381778] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:46,782 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-11 03:01:46,783 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [7] total 7 [2024-10-11 03:01:46,783 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1537284204] [2024-10-11 03:01:46,783 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:46,783 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:46,783 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:46,784 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:46,784 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:46,784 INFO L87 Difference]: Start difference. First operand 651 states and 891 transitions. Second operand has 3 states, 3 states have (on average 24.0) internal successors, (72), 3 states have internal predecessors, (72), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2024-10-11 03:01:46,853 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:46,853 INFO L93 Difference]: Finished difference Result 1448 states and 2022 transitions. [2024-10-11 03:01:46,854 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:46,854 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 24.0) internal successors, (72), 3 states have internal predecessors, (72), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) Word has length 112 [2024-10-11 03:01:46,854 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:46,858 INFO L225 Difference]: With dead ends: 1448 [2024-10-11 03:01:46,858 INFO L226 Difference]: Without dead ends: 813 [2024-10-11 03:01:46,860 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 151 GetRequests, 146 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:46,861 INFO L432 NwaCegarLoop]: 194 mSDtfsCounter, 86 mSDsluCounter, 77 mSDsCounter, 0 mSdLazyCounter, 38 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 271 SdHoareTripleChecker+Invalid, 38 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 38 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:46,861 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 271 Invalid, 38 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 38 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:46,862 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 813 states. [2024-10-11 03:01:46,902 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 813 to 813. [2024-10-11 03:01:46,903 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 813 states, 576 states have (on average 1.2986111111111112) internal successors, (748), 635 states have internal predecessors, (748), 136 states have call successors, (136), 90 states have call predecessors, (136), 100 states have return successors, (214), 140 states have call predecessors, (214), 136 states have call successors, (214) [2024-10-11 03:01:46,906 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 813 states to 813 states and 1098 transitions. [2024-10-11 03:01:46,907 INFO L78 Accepts]: Start accepts. Automaton has 813 states and 1098 transitions. Word has length 112 [2024-10-11 03:01:46,907 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:46,907 INFO L471 AbstractCegarLoop]: Abstraction has 813 states and 1098 transitions. [2024-10-11 03:01:46,908 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 24.0) internal successors, (72), 3 states have internal predecessors, (72), 3 states have call successors, (18), 3 states have call predecessors, (18), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2024-10-11 03:01:46,908 INFO L276 IsEmpty]: Start isEmpty. Operand 813 states and 1098 transitions. [2024-10-11 03:01:46,909 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 115 [2024-10-11 03:01:46,909 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:46,909 INFO L215 NwaCegarLoop]: trace histogram [6, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:46,924 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-11 03:01:47,113 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-11 03:01:47,114 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:47,114 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:47,115 INFO L85 PathProgramCache]: Analyzing trace with hash 717157337, now seen corresponding path program 1 times [2024-10-11 03:01:47,115 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:47,115 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1648789274] [2024-10-11 03:01:47,115 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:47,115 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:47,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,183 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:47,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,185 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:47,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,186 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-11 03:01:47,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,187 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:47,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,188 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-11 03:01:47,189 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,189 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-11 03:01:47,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,194 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-10-11 03:01:47,195 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,204 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-10-11 03:01:47,207 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,218 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:47,219 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,225 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:47,227 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,231 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:47,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,237 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:47,238 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,240 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2024-10-11 03:01:47,241 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,249 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 91 [2024-10-11 03:01:47,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,252 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:47,252 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,253 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:47,254 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,254 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 107 [2024-10-11 03:01:47,254 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,255 INFO L134 CoverageAnalysis]: Checked inductivity of 64 backedges. 15 proven. 11 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2024-10-11 03:01:47,255 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:47,256 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1648789274] [2024-10-11 03:01:47,256 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1648789274] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 03:01:47,256 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1900634450] [2024-10-11 03:01:47,256 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:47,256 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:47,256 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:47,260 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 03:01:47,261 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-10-11 03:01:47,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:47,346 INFO L255 TraceCheckSpWp]: Trace formula consists of 383 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-11 03:01:47,352 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 03:01:47,536 INFO L134 CoverageAnalysis]: Checked inductivity of 64 backedges. 24 proven. 10 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2024-10-11 03:01:47,536 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-11 03:01:47,716 INFO L134 CoverageAnalysis]: Checked inductivity of 64 backedges. 17 proven. 9 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2024-10-11 03:01:47,717 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1900634450] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-11 03:01:47,717 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-11 03:01:47,717 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-11 03:01:47,717 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1224840592] [2024-10-11 03:01:47,717 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-11 03:01:47,718 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-11 03:01:47,718 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:47,719 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-11 03:01:47,719 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-11 03:01:47,719 INFO L87 Difference]: Start difference. First operand 813 states and 1098 transitions. Second operand has 15 states, 11 states have (on average 9.818181818181818) internal successors, (108), 10 states have internal predecessors, (108), 6 states have call successors, (31), 7 states have call predecessors, (31), 6 states have return successors, (26), 7 states have call predecessors, (26), 6 states have call successors, (26) [2024-10-11 03:01:49,113 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:49,113 INFO L93 Difference]: Finished difference Result 1569 states and 2172 transitions. [2024-10-11 03:01:49,113 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-10-11 03:01:49,114 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 11 states have (on average 9.818181818181818) internal successors, (108), 10 states have internal predecessors, (108), 6 states have call successors, (31), 7 states have call predecessors, (31), 6 states have return successors, (26), 7 states have call predecessors, (26), 6 states have call successors, (26) Word has length 114 [2024-10-11 03:01:49,114 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:49,116 INFO L225 Difference]: With dead ends: 1569 [2024-10-11 03:01:49,116 INFO L226 Difference]: Without dead ends: 0 [2024-10-11 03:01:49,120 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 317 GetRequests, 268 SyntacticMatches, 4 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 580 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=451, Invalid=1711, Unknown=0, NotChecked=0, Total=2162 [2024-10-11 03:01:49,120 INFO L432 NwaCegarLoop]: 154 mSDtfsCounter, 494 mSDsluCounter, 1017 mSDsCounter, 0 mSdLazyCounter, 1939 mSolverCounterSat, 228 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 501 SdHoareTripleChecker+Valid, 1171 SdHoareTripleChecker+Invalid, 2167 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 228 IncrementalHoareTripleChecker+Valid, 1939 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:49,120 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [501 Valid, 1171 Invalid, 2167 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [228 Valid, 1939 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2024-10-11 03:01:49,121 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-11 03:01:49,121 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-11 03:01:49,121 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-11 03:01:49,121 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-11 03:01:49,122 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 114 [2024-10-11 03:01:49,122 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:49,122 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-11 03:01:49,122 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 11 states have (on average 9.818181818181818) internal successors, (108), 10 states have internal predecessors, (108), 6 states have call successors, (31), 7 states have call predecessors, (31), 6 states have return successors, (26), 7 states have call predecessors, (26), 6 states have call successors, (26) [2024-10-11 03:01:49,122 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-11 03:01:49,123 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-11 03:01:49,125 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-11 03:01:49,139 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2024-10-11 03:01:49,329 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:49,332 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:49,334 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-11 03:01:55,723 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-11 03:01:55,740 WARN L155 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0))) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= ~waterLevel~0 2) .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= 2 ~waterLevel~0) .cse0 .cse1 .cse2)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= ~waterLevel~0 2) .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-11 03:01:55,745 WARN L155 FloydHoareUtils]: Requires clause for activatePump__before__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= 2 ~waterLevel~0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0))) Eliminated clause: (and (= ~pumpRunning~0 0) (= 2 ~waterLevel~0) (= 1 ~systemActive~0) (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0))) [2024-10-11 03:01:55,767 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__before__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse3 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= ~waterLevel~0 2)) (.cse2 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0)))) (or (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|)) (and (= 2 ~waterLevel~0) .cse0 .cse3) (and .cse0 .cse3 (= ~waterLevel~0 1)) (and .cse0 .cse3 .cse1 .cse2)))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse3 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0)))) (or (and .cse0 .cse1 (= ~waterLevel~0 1)) (and .cse0 .cse1 .cse2 .cse3) (and .cse0 (= 2 ~waterLevel~0) .cse1) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-11 03:01:55,791 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (<= 1 |old(~pumpRunning~0)|)) (.cse4 (= |old(~waterLevel~0)| 1)) (.cse6 (= 0 ~systemActive~0)) (.cse1 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0))) (.cse7 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse5 (= |old(~pumpRunning~0)| 0)) (.cse3 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse0 .cse5) (and .cse5 .cse6 .cse3) (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse7 .cse2) (and .cse5 .cse1 .cse6 .cse7) (and .cse4 .cse5 .cse6) (and .cse0 .cse5 .cse1 .cse7) (and .cse0 .cse5 .cse3))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse2 (= ~waterLevel~0 1)) (.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse6 (= 2 ~waterLevel~0)) (.cse5 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0)))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse1 .cse3 .cse4) (and .cse5 .cse6 .cse1 .cse4) (and .cse0 .cse6 .cse7) (and .cse0 .cse7 .cse2) (and .cse0 .cse3 .cse4 .cse7) (and .cse0 .cse6 .cse1) (and .cse5 .cse1 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-11 03:01:55,816 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse3 (<= |old(~waterLevel~0)| 2)) (.cse0 (= ~pumpRunning~0 0)) (.cse6 (= |old(~waterLevel~0)| 1)) (.cse4 (= 0 ~systemActive~0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0))) (.cse5 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse5) (and .cse0 .cse1 .cse5) (and .cse0 .cse6 .cse1) (and .cse0 .cse2 .cse4 .cse3) (and .cse7 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3) (and .cse0 .cse6 .cse4) (and .cse7 .cse1 .cse2 .cse5))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse2 (= ~waterLevel~0 1)) (.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse6 (= 2 ~waterLevel~0)) (.cse5 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0)))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse1 .cse3 .cse4) (and .cse5 .cse6 .cse1 .cse4) (and .cse0 .cse6 .cse7) (and .cse0 .cse7 .cse2) (and .cse0 .cse3 .cse4 .cse7) (and .cse0 .cse6 .cse1) (and .cse5 .cse1 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-11 03:01:55,831 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__before__methaneAlarm contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse3 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= ~waterLevel~0 2)) (.cse2 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0)))) (or (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|)) (and (= 2 ~waterLevel~0) .cse0 .cse3) (and .cse0 .cse3 (= ~waterLevel~0 1)) (and .cse0 .cse3 .cse1 .cse2)))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse3 (not (= 0 ~__SELECTED_FEATURE_highWaterSensor~0)))) (or (and .cse0 .cse1 (= ~waterLevel~0 1)) (and .cse0 .cse1 .cse2 .cse3) (and .cse0 (= 2 ~waterLevel~0) .cse1) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-11 03:01:55,842 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.10 03:01:55 BoogieIcfgContainer [2024-10-11 03:01:55,842 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-11 03:01:55,842 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-11 03:01:55,842 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-11 03:01:55,843 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-11 03:01:55,843 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:42" (3/4) ... [2024-10-11 03:01:55,844 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-11 03:01:55,853 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure activatePump__before__methaneQuery [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__before__lowWaterSensor [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure select_one [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__before__highWaterSensor [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__before__methaneAlarm [2024-10-11 03:01:55,854 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-10-11 03:01:55,865 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 41 nodes and edges [2024-10-11 03:01:55,865 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 9 nodes and edges [2024-10-11 03:01:55,865 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-11 03:01:55,866 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:55,868 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:55,986 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-11 03:01:55,987 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-11 03:01:55,987 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-11 03:01:55,987 INFO L158 Benchmark]: Toolchain (without parser) took 14862.22ms. Allocated memory was 192.9MB in the beginning and 358.6MB in the end (delta: 165.7MB). Free memory was 118.3MB in the beginning and 212.7MB in the end (delta: -94.4MB). Peak memory consumption was 72.9MB. Max. memory is 16.1GB. [2024-10-11 03:01:55,988 INFO L158 Benchmark]: CDTParser took 0.25ms. Allocated memory is still 192.9MB. Free memory is still 148.7MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 03:01:55,988 INFO L158 Benchmark]: CACSL2BoogieTranslator took 437.27ms. Allocated memory is still 192.9MB. Free memory was 118.0MB in the beginning and 95.5MB in the end (delta: 22.5MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:55,988 INFO L158 Benchmark]: Boogie Procedure Inliner took 55.45ms. Allocated memory is still 192.9MB. Free memory was 95.2MB in the beginning and 92.8MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:55,989 INFO L158 Benchmark]: Boogie Preprocessor took 59.77ms. Allocated memory is still 192.9MB. Free memory was 92.8MB in the beginning and 89.9MB in the end (delta: 2.9MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-10-11 03:01:55,989 INFO L158 Benchmark]: RCFGBuilder took 621.33ms. Allocated memory is still 192.9MB. Free memory was 89.9MB in the beginning and 150.6MB in the end (delta: -60.7MB). Peak memory consumption was 26.0MB. Max. memory is 16.1GB. [2024-10-11 03:01:55,989 INFO L158 Benchmark]: TraceAbstraction took 13537.91ms. Allocated memory was 192.9MB in the beginning and 358.6MB in the end (delta: 165.7MB). Free memory was 149.5MB in the beginning and 222.1MB in the end (delta: -72.6MB). Peak memory consumption was 204.8MB. Max. memory is 16.1GB. [2024-10-11 03:01:55,989 INFO L158 Benchmark]: Witness Printer took 144.47ms. Allocated memory is still 358.6MB. Free memory was 222.1MB in the beginning and 212.7MB in the end (delta: 9.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-11 03:01:55,990 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.25ms. Allocated memory is still 192.9MB. Free memory is still 148.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 437.27ms. Allocated memory is still 192.9MB. Free memory was 118.0MB in the beginning and 95.5MB in the end (delta: 22.5MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 55.45ms. Allocated memory is still 192.9MB. Free memory was 95.2MB in the beginning and 92.8MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 59.77ms. Allocated memory is still 192.9MB. Free memory was 92.8MB in the beginning and 89.9MB in the end (delta: 2.9MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 621.33ms. Allocated memory is still 192.9MB. Free memory was 89.9MB in the beginning and 150.6MB in the end (delta: -60.7MB). Peak memory consumption was 26.0MB. Max. memory is 16.1GB. * TraceAbstraction took 13537.91ms. Allocated memory was 192.9MB in the beginning and 358.6MB in the end (delta: 165.7MB). Free memory was 149.5MB in the beginning and 222.1MB in the end (delta: -72.6MB). Peak memory consumption was 204.8MB. Max. memory is 16.1GB. * Witness Printer took 144.47ms. Allocated memory is still 358.6MB. Free memory was 222.1MB in the beginning and 212.7MB in the end (delta: 9.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 168]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [168] - GenericResultAtLocation [Line: 272]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [272] - GenericResultAtLocation [Line: 317]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [317] - GenericResultAtLocation [Line: 326]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [326] - GenericResultAtLocation [Line: 692]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [692] - GenericResultAtLocation [Line: 771]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [771] - GenericResultAtLocation [Line: 1110]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [1110] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 322]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 13 procedures, 122 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.0s, OverallIterations: 11, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2208 SdHoareTripleChecker+Valid, 2.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2150 mSDsluCounter, 4606 SdHoareTripleChecker+Invalid, 2.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3126 mSDsCounter, 853 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3935 IncrementalHoareTripleChecker+Invalid, 4788 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 853 mSolverCounterUnsat, 1480 mSDtfsCounter, 3935 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 736 GetRequests, 624 SyntacticMatches, 4 SemanticMatches, 108 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 702 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1022occurred in iteration=8, InterpolantAutomatonStates: 103, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 11 MinimizatonAttempts, 92 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.7s InterpolantComputationTime, 1048 NumberOfCodeBlocks, 1048 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1148 ConstructedInterpolants, 0 QuantifiedInterpolants, 2054 SizeOfPredicates, 2 NumberOfNonLiveVariables, 765 ConjunctsInSsa, 10 ConjunctsInUnsatCore, 14 InterpolantComputations, 10 PerfectInterpolantSequences, 588/623 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 704]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 993]: Location Invariant Derived location invariant: (((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 705]: Loop Invariant Derived loop invariant: (((((((((((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 == systemActive)) || ((((pumpRunning == 0) && (splverifierCounter == 0)) && (0 == systemActive)) && (waterLevel == 1))) || (((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (0 == systemActive))) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1))) || ((((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) || (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 181]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 985]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) Ensures: ((pumpRunning == 0) && ((((((1 == systemActive) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) || ((((2 == waterLevel) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 943]: Procedure Contract for activatePump__before__methaneQuery Derived contract for procedure activatePump__before__methaneQuery. Requires: ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) Ensures: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (0 != __SELECTED_FEATURE_highWaterSensor)) - ProcedureContractResult [Line: 1004]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (0 == systemActive)) && (waterLevel == 1))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) Ensures: (((((((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (0 == systemActive)) && (waterLevel == 1))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) && (pumpRunning == \result)) - ProcedureContractResult [Line: 840]: Procedure Contract for processEnvironment__before__lowWaterSensor Derived contract for procedure processEnvironment__before__lowWaterSensor. Requires: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((1 == systemActive) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) || (((2 == waterLevel) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel == 1))) || ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (((1 <= pumpRunning) && (2 == waterLevel)) && (0 != __SELECTED_FEATURE_highWaterSensor)))) - ProcedureContractResult [Line: 274]: Procedure Contract for select_one Derived contract for procedure select_one. Requires: (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) Ensures: (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) - ProcedureContractResult [Line: 92]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (0 == systemActive)) && (waterLevel == 1))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (0 == systemActive)) && (waterLevel == 1))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) - ProcedureContractResult [Line: 780]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (0 == systemActive)) && (waterLevel == 1))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel)) || (\old(pumpRunning) != 0)) || (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (\old(waterLevel) == 2))) || (0 == systemActive)) && (((((((pumpRunning == \old(pumpRunning)) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS)))) && ((((((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2)) || ((\old(pumpRunning) == 0) && (\old(waterLevel) == 2))) || (((\old(pumpRunning) == 0) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (\old(waterLevel) <= 2))) || ((\old(waterLevel) == 1) && (\old(pumpRunning) == 0))) || (((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))))) && (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) - ProcedureContractResult [Line: 171]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 807]: Procedure Contract for processEnvironment__before__highWaterSensor Derived contract for procedure processEnvironment__before__highWaterSensor. Requires: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) - ProcedureContractResult [Line: 80]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (0 == systemActive)) && (waterLevel == 1))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((((((((pumpRunning == 0) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (\old(waterLevel) == 1)) && (1 == systemActive))) || ((((pumpRunning == 0) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (\old(waterLevel) == 1)) && (0 == systemActive))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 883]: Procedure Contract for processEnvironment__before__methaneAlarm Derived contract for procedure processEnvironment__before__methaneAlarm. Requires: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((1 == systemActive) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) || (((2 == waterLevel) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel == 1))) || ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (((1 <= pumpRunning) && (2 == waterLevel)) && (0 != __SELECTED_FEATURE_highWaterSensor)))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) - ProcedureContractResult [Line: 993]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) Ensures: (((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (0 != __SELECTED_FEATURE_highWaterSensor)) || (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (0 != __SELECTED_FEATURE_highWaterSensor)) && (1 <= switchedOnBeforeTS))) RESULT: Ultimate proved your program to be correct! [2024-10-11 03:01:56,018 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE