./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a046e57d Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 3cfb2febd3006e73b0e8309478193e665e2e7ddd381dfad7d5652117e74962c4 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-mul-div-a046e57-m [2024-10-12 19:41:20,757 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-12 19:41:20,816 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-12 19:41:20,821 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-12 19:41:20,821 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-12 19:41:20,861 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-12 19:41:20,861 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-12 19:41:20,862 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-12 19:41:20,862 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-12 19:41:20,862 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-12 19:41:20,863 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-12 19:41:20,863 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-12 19:41:20,864 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-12 19:41:20,865 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-12 19:41:20,865 INFO L153 SettingsManager]: * Use SBE=true [2024-10-12 19:41:20,866 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-12 19:41:20,866 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-12 19:41:20,866 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-12 19:41:20,866 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-12 19:41:20,866 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-12 19:41:20,867 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-12 19:41:20,870 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-12 19:41:20,870 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-12 19:41:20,870 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-12 19:41:20,870 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-12 19:41:20,871 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-12 19:41:20,871 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-12 19:41:20,871 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-12 19:41:20,871 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-12 19:41:20,871 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-12 19:41:20,871 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-12 19:41:20,872 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-12 19:41:20,872 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:41:20,872 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-12 19:41:20,872 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-12 19:41:20,872 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-12 19:41:20,872 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-12 19:41:20,872 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-12 19:41:20,873 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-12 19:41:20,873 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-12 19:41:20,873 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-12 19:41:20,873 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-12 19:41:20,873 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 3cfb2febd3006e73b0e8309478193e665e2e7ddd381dfad7d5652117e74962c4 [2024-10-12 19:41:21,199 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-12 19:41:21,233 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-12 19:41:21,238 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-12 19:41:21,238 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-12 19:41:21,239 INFO L274 PluginConnector]: CDTParser initialized [2024-10-12 19:41:21,240 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c [2024-10-12 19:41:22,558 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-12 19:41:22,728 INFO L384 CDTParser]: Found 1 translation units. [2024-10-12 19:41:22,729 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c [2024-10-12 19:41:22,742 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0f78a073c/846ac26c1cbc4c9380cc3072e5489307/FLAG3ba0cf25b [2024-10-12 19:41:23,107 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0f78a073c/846ac26c1cbc4c9380cc3072e5489307 [2024-10-12 19:41:23,109 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-12 19:41:23,110 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-12 19:41:23,111 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-12 19:41:23,111 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-12 19:41:23,119 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-12 19:41:23,119 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,120 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@28e62fd1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23, skipping insertion in model container [2024-10-12 19:41:23,120 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,178 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-12 19:41:23,417 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c[13989,14002] [2024-10-12 19:41:23,433 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:41:23,446 INFO L200 MainTranslator]: Completed pre-run [2024-10-12 19:41:23,453 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-10-12 19:41:23,455 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [415] [2024-10-12 19:41:23,455 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [526] [2024-10-12 19:41:23,455 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [564] [2024-10-12 19:41:23,455 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [600] [2024-10-12 19:41:23,455 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [609] [2024-10-12 19:41:23,455 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [828] [2024-10-12 19:41:23,455 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [894] [2024-10-12 19:41:23,492 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c[13989,14002] [2024-10-12 19:41:23,499 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:41:23,513 INFO L204 MainTranslator]: Completed translation [2024-10-12 19:41:23,514 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23 WrapperNode [2024-10-12 19:41:23,514 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-12 19:41:23,515 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-12 19:41:23,515 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-12 19:41:23,515 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-12 19:41:23,520 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,530 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,547 INFO L138 Inliner]: procedures = 56, calls = 101, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 227 [2024-10-12 19:41:23,547 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-12 19:41:23,548 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-12 19:41:23,548 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-12 19:41:23,548 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-12 19:41:23,559 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,559 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,561 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,579 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-12 19:41:23,579 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,580 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,587 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,594 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,599 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,600 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,601 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-12 19:41:23,602 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-12 19:41:23,602 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-12 19:41:23,602 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-12 19:41:23,606 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (1/1) ... [2024-10-12 19:41:23,612 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:41:23,621 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:41:23,633 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-12 19:41:23,638 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-12 19:41:23,676 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-12 19:41:23,676 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-12 19:41:23,676 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-12 19:41:23,676 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-12 19:41:23,677 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-12 19:41:23,677 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-12 19:41:23,677 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-12 19:41:23,677 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-10-12 19:41:23,677 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-10-12 19:41:23,677 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:41:23,677 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:41:23,678 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-12 19:41:23,678 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-12 19:41:23,678 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-12 19:41:23,678 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-12 19:41:23,678 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-12 19:41:23,678 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-12 19:41:23,679 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-12 19:41:23,754 INFO L238 CfgBuilder]: Building ICFG [2024-10-12 19:41:23,757 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-12 19:41:24,080 INFO L? ?]: Removed 53 outVars from TransFormulas that were not future-live. [2024-10-12 19:41:24,080 INFO L287 CfgBuilder]: Performing block encoding [2024-10-12 19:41:24,191 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-12 19:41:24,191 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-12 19:41:24,192 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:41:24 BoogieIcfgContainer [2024-10-12 19:41:24,192 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-12 19:41:24,197 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-12 19:41:24,197 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-12 19:41:24,205 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-12 19:41:24,205 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 12.10 07:41:23" (1/3) ... [2024-10-12 19:41:24,205 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@62fbff4a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:41:24, skipping insertion in model container [2024-10-12 19:41:24,205 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:41:23" (2/3) ... [2024-10-12 19:41:24,206 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@62fbff4a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:41:24, skipping insertion in model container [2024-10-12 19:41:24,206 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:41:24" (3/3) ... [2024-10-12 19:41:24,206 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product57.cil.c [2024-10-12 19:41:24,230 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-12 19:41:24,230 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-12 19:41:24,297 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-12 19:41:24,302 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@2c31a98f, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-12 19:41:24,303 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-12 19:41:24,306 INFO L276 IsEmpty]: Start isEmpty. Operand has 72 states, 51 states have (on average 1.5490196078431373) internal successors, (79), 59 states have internal predecessors, (79), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-10-12 19:41:24,312 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2024-10-12 19:41:24,313 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:24,313 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:24,314 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:24,318 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:24,318 INFO L85 PathProgramCache]: Analyzing trace with hash 1520007880, now seen corresponding path program 1 times [2024-10-12 19:41:24,324 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:24,327 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [833808738] [2024-10-12 19:41:24,327 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:24,327 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:24,404 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:24,484 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-12 19:41:24,489 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:24,494 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:41:24,499 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:24,499 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [833808738] [2024-10-12 19:41:24,500 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [833808738] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:24,500 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:24,500 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-12 19:41:24,505 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1032921874] [2024-10-12 19:41:24,505 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:24,508 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-12 19:41:24,510 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:24,528 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-12 19:41:24,528 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:41:24,531 INFO L87 Difference]: Start difference. First operand has 72 states, 51 states have (on average 1.5490196078431373) internal successors, (79), 59 states have internal predecessors, (79), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-12 19:41:24,608 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:24,610 INFO L93 Difference]: Finished difference Result 142 states and 207 transitions. [2024-10-12 19:41:24,614 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-12 19:41:24,615 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2024-10-12 19:41:24,615 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:24,624 INFO L225 Difference]: With dead ends: 142 [2024-10-12 19:41:24,624 INFO L226 Difference]: Without dead ends: 67 [2024-10-12 19:41:24,627 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:41:24,631 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 82 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:24,632 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 82 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:41:24,645 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2024-10-12 19:41:24,667 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2024-10-12 19:41:24,672 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 48 states have (on average 1.4375) internal successors, (69), 55 states have internal predecessors, (69), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-12 19:41:24,676 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 92 transitions. [2024-10-12 19:41:24,682 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 92 transitions. Word has length 17 [2024-10-12 19:41:24,683 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:24,683 INFO L471 AbstractCegarLoop]: Abstraction has 67 states and 92 transitions. [2024-10-12 19:41:24,683 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-12 19:41:24,683 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 92 transitions. [2024-10-12 19:41:24,684 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2024-10-12 19:41:24,684 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:24,684 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:24,685 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-12 19:41:24,685 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:24,686 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:24,686 INFO L85 PathProgramCache]: Analyzing trace with hash 2068637019, now seen corresponding path program 1 times [2024-10-12 19:41:24,686 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:24,690 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1785114942] [2024-10-12 19:41:24,690 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:24,690 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:24,718 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:24,834 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-12 19:41:24,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:24,836 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:41:24,838 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:24,838 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1785114942] [2024-10-12 19:41:24,838 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1785114942] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:24,838 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:24,838 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:41:24,839 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [741446116] [2024-10-12 19:41:24,839 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:24,839 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:41:24,840 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:24,841 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:41:24,841 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:41:24,842 INFO L87 Difference]: Start difference. First operand 67 states and 92 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-12 19:41:24,899 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:24,899 INFO L93 Difference]: Finished difference Result 107 states and 147 transitions. [2024-10-12 19:41:24,899 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:41:24,899 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2024-10-12 19:41:24,899 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:24,900 INFO L225 Difference]: With dead ends: 107 [2024-10-12 19:41:24,900 INFO L226 Difference]: Without dead ends: 59 [2024-10-12 19:41:24,901 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:41:24,902 INFO L432 NwaCegarLoop]: 68 mSDtfsCounter, 11 mSDsluCounter, 54 mSDsCounter, 0 mSdLazyCounter, 24 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 24 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:24,903 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 122 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 24 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:41:24,907 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2024-10-12 19:41:24,916 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2024-10-12 19:41:24,917 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 43 states have (on average 1.4651162790697674) internal successors, (63), 50 states have internal predecessors, (63), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-12 19:41:24,917 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 81 transitions. [2024-10-12 19:41:24,918 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 81 transitions. Word has length 18 [2024-10-12 19:41:24,918 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:24,918 INFO L471 AbstractCegarLoop]: Abstraction has 59 states and 81 transitions. [2024-10-12 19:41:24,924 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-12 19:41:24,925 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 81 transitions. [2024-10-12 19:41:24,925 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2024-10-12 19:41:24,925 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:24,925 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:24,926 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-12 19:41:24,926 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:24,926 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:24,926 INFO L85 PathProgramCache]: Analyzing trace with hash 1950639704, now seen corresponding path program 1 times [2024-10-12 19:41:24,926 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:24,927 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1770318656] [2024-10-12 19:41:24,927 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:24,927 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:24,961 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,059 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-12 19:41:25,061 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,062 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:41:25,062 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:25,062 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1770318656] [2024-10-12 19:41:25,062 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1770318656] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:25,063 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:25,063 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-10-12 19:41:25,063 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1592707449] [2024-10-12 19:41:25,063 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:25,064 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-10-12 19:41:25,064 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:25,064 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-10-12 19:41:25,064 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-12 19:41:25,065 INFO L87 Difference]: Start difference. First operand 59 states and 81 transitions. Second operand has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-12 19:41:25,155 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:25,155 INFO L93 Difference]: Finished difference Result 116 states and 161 transitions. [2024-10-12 19:41:25,156 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-10-12 19:41:25,156 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2024-10-12 19:41:25,156 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:25,157 INFO L225 Difference]: With dead ends: 116 [2024-10-12 19:41:25,158 INFO L226 Difference]: Without dead ends: 59 [2024-10-12 19:41:25,159 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:41:25,160 INFO L432 NwaCegarLoop]: 66 mSDtfsCounter, 69 mSDsluCounter, 48 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 69 SdHoareTripleChecker+Valid, 114 SdHoareTripleChecker+Invalid, 46 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:25,160 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [69 Valid, 114 Invalid, 46 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:41:25,161 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2024-10-12 19:41:25,166 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2024-10-12 19:41:25,166 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 43 states have (on average 1.441860465116279) internal successors, (62), 50 states have internal predecessors, (62), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-12 19:41:25,167 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 80 transitions. [2024-10-12 19:41:25,167 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 80 transitions. Word has length 21 [2024-10-12 19:41:25,167 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:25,167 INFO L471 AbstractCegarLoop]: Abstraction has 59 states and 80 transitions. [2024-10-12 19:41:25,168 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-12 19:41:25,168 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 80 transitions. [2024-10-12 19:41:25,169 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-12 19:41:25,169 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:25,169 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:25,169 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-12 19:41:25,169 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:25,170 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:25,170 INFO L85 PathProgramCache]: Analyzing trace with hash 1311664536, now seen corresponding path program 1 times [2024-10-12 19:41:25,170 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:25,170 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [370084933] [2024-10-12 19:41:25,170 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:25,171 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:25,181 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,223 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:41:25,224 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,226 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:41:25,228 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:25,228 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [370084933] [2024-10-12 19:41:25,228 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [370084933] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:25,228 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:25,228 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:41:25,228 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1981867006] [2024-10-12 19:41:25,229 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:25,229 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:41:25,229 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:25,230 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:41:25,230 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:41:25,230 INFO L87 Difference]: Start difference. First operand 59 states and 80 transitions. Second operand has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-12 19:41:25,270 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:25,270 INFO L93 Difference]: Finished difference Result 156 states and 214 transitions. [2024-10-12 19:41:25,270 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:41:25,271 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2024-10-12 19:41:25,271 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:25,272 INFO L225 Difference]: With dead ends: 156 [2024-10-12 19:41:25,272 INFO L226 Difference]: Without dead ends: 99 [2024-10-12 19:41:25,273 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:41:25,273 INFO L432 NwaCegarLoop]: 74 mSDtfsCounter, 54 mSDsluCounter, 49 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 123 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:25,274 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [54 Valid, 123 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:41:25,275 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 99 states. [2024-10-12 19:41:25,287 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 99 to 97. [2024-10-12 19:41:25,287 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 71 states have (on average 1.3943661971830985) internal successors, (99), 79 states have internal predecessors, (99), 13 states have call successors, (13), 12 states have call predecessors, (13), 12 states have return successors, (17), 13 states have call predecessors, (17), 13 states have call successors, (17) [2024-10-12 19:41:25,288 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 129 transitions. [2024-10-12 19:41:25,288 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 129 transitions. Word has length 26 [2024-10-12 19:41:25,289 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:25,289 INFO L471 AbstractCegarLoop]: Abstraction has 97 states and 129 transitions. [2024-10-12 19:41:25,289 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-12 19:41:25,289 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 129 transitions. [2024-10-12 19:41:25,290 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2024-10-12 19:41:25,290 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:25,290 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:25,290 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-12 19:41:25,290 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:25,291 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:25,291 INFO L85 PathProgramCache]: Analyzing trace with hash 1735456463, now seen corresponding path program 1 times [2024-10-12 19:41:25,291 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:25,291 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1731994687] [2024-10-12 19:41:25,292 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:25,292 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:25,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,428 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-12 19:41:25,432 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,443 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:41:25,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,449 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-12 19:41:25,450 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,455 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:41:25,455 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:25,455 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1731994687] [2024-10-12 19:41:25,455 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1731994687] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:25,455 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:25,455 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:41:25,456 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [540743283] [2024-10-12 19:41:25,456 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:25,456 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:41:25,458 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:25,458 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:41:25,459 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:41:25,459 INFO L87 Difference]: Start difference. First operand 97 states and 129 transitions. Second operand has 5 states, 5 states have (on average 5.8) internal successors, (29), 4 states have internal predecessors, (29), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:41:25,620 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:25,621 INFO L93 Difference]: Finished difference Result 289 states and 399 transitions. [2024-10-12 19:41:25,621 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-12 19:41:25,621 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 4 states have internal predecessors, (29), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 36 [2024-10-12 19:41:25,622 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:25,623 INFO L225 Difference]: With dead ends: 289 [2024-10-12 19:41:25,623 INFO L226 Difference]: Without dead ends: 194 [2024-10-12 19:41:25,624 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2024-10-12 19:41:25,625 INFO L432 NwaCegarLoop]: 54 mSDtfsCounter, 111 mSDsluCounter, 124 mSDsCounter, 0 mSdLazyCounter, 134 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 116 SdHoareTripleChecker+Valid, 178 SdHoareTripleChecker+Invalid, 166 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 134 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:25,625 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [116 Valid, 178 Invalid, 166 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 134 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:41:25,628 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 194 states. [2024-10-12 19:41:25,647 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 194 to 192. [2024-10-12 19:41:25,648 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 192 states, 141 states have (on average 1.3546099290780143) internal successors, (191), 152 states have internal predecessors, (191), 26 states have call successors, (26), 22 states have call predecessors, (26), 24 states have return successors, (40), 26 states have call predecessors, (40), 26 states have call successors, (40) [2024-10-12 19:41:25,650 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 192 states to 192 states and 257 transitions. [2024-10-12 19:41:25,650 INFO L78 Accepts]: Start accepts. Automaton has 192 states and 257 transitions. Word has length 36 [2024-10-12 19:41:25,650 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:25,651 INFO L471 AbstractCegarLoop]: Abstraction has 192 states and 257 transitions. [2024-10-12 19:41:25,651 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 4 states have internal predecessors, (29), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:41:25,651 INFO L276 IsEmpty]: Start isEmpty. Operand 192 states and 257 transitions. [2024-10-12 19:41:25,652 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-10-12 19:41:25,652 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:25,652 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:25,652 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-12 19:41:25,653 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:25,653 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:25,653 INFO L85 PathProgramCache]: Analyzing trace with hash -1821783627, now seen corresponding path program 1 times [2024-10-12 19:41:25,653 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:25,654 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [16584203] [2024-10-12 19:41:25,654 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:25,654 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:25,664 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,705 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:41:25,706 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,711 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-12 19:41:25,713 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,718 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:41:25,719 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,720 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-10-12 19:41:25,721 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:25,722 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:41:25,722 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:25,722 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [16584203] [2024-10-12 19:41:25,723 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [16584203] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:25,723 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:25,723 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-12 19:41:25,723 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2073410615] [2024-10-12 19:41:25,723 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:25,723 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-12 19:41:25,724 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:25,724 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-12 19:41:25,724 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-12 19:41:25,724 INFO L87 Difference]: Start difference. First operand 192 states and 257 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:25,999 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:25,999 INFO L93 Difference]: Finished difference Result 481 states and 692 transitions. [2024-10-12 19:41:26,000 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2024-10-12 19:41:26,000 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 40 [2024-10-12 19:41:26,000 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:26,003 INFO L225 Difference]: With dead ends: 481 [2024-10-12 19:41:26,003 INFO L226 Difference]: Without dead ends: 366 [2024-10-12 19:41:26,003 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=60, Invalid=122, Unknown=0, NotChecked=0, Total=182 [2024-10-12 19:41:26,004 INFO L432 NwaCegarLoop]: 41 mSDtfsCounter, 246 mSDsluCounter, 120 mSDsCounter, 0 mSdLazyCounter, 232 mSolverCounterSat, 95 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 249 SdHoareTripleChecker+Valid, 161 SdHoareTripleChecker+Invalid, 327 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 95 IncrementalHoareTripleChecker+Valid, 232 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:26,004 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [249 Valid, 161 Invalid, 327 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [95 Valid, 232 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:41:26,005 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 366 states. [2024-10-12 19:41:26,040 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 366 to 338. [2024-10-12 19:41:26,041 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 338 states, 248 states have (on average 1.3225806451612903) internal successors, (328), 270 states have internal predecessors, (328), 46 states have call successors, (46), 32 states have call predecessors, (46), 43 states have return successors, (91), 48 states have call predecessors, (91), 46 states have call successors, (91) [2024-10-12 19:41:26,043 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 338 states to 338 states and 465 transitions. [2024-10-12 19:41:26,043 INFO L78 Accepts]: Start accepts. Automaton has 338 states and 465 transitions. Word has length 40 [2024-10-12 19:41:26,043 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:26,043 INFO L471 AbstractCegarLoop]: Abstraction has 338 states and 465 transitions. [2024-10-12 19:41:26,044 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:26,044 INFO L276 IsEmpty]: Start isEmpty. Operand 338 states and 465 transitions. [2024-10-12 19:41:26,045 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-10-12 19:41:26,045 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:26,045 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:26,045 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-12 19:41:26,045 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:26,046 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:26,046 INFO L85 PathProgramCache]: Analyzing trace with hash 1655535219, now seen corresponding path program 1 times [2024-10-12 19:41:26,046 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:26,046 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1535782818] [2024-10-12 19:41:26,046 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:26,046 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:26,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,078 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:41:26,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,090 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-12 19:41:26,092 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,119 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:41:26,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,121 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-10-12 19:41:26,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,122 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:41:26,122 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:26,125 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1535782818] [2024-10-12 19:41:26,125 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1535782818] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:26,125 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:26,129 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-12 19:41:26,129 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1827013277] [2024-10-12 19:41:26,129 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:26,130 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-12 19:41:26,130 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:26,130 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-12 19:41:26,130 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-12 19:41:26,130 INFO L87 Difference]: Start difference. First operand 338 states and 465 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:26,380 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:26,380 INFO L93 Difference]: Finished difference Result 627 states and 875 transitions. [2024-10-12 19:41:26,384 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-12 19:41:26,385 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 40 [2024-10-12 19:41:26,385 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:26,387 INFO L225 Difference]: With dead ends: 627 [2024-10-12 19:41:26,387 INFO L226 Difference]: Without dead ends: 362 [2024-10-12 19:41:26,388 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-10-12 19:41:26,394 INFO L432 NwaCegarLoop]: 46 mSDtfsCounter, 108 mSDsluCounter, 138 mSDsCounter, 0 mSdLazyCounter, 225 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 184 SdHoareTripleChecker+Invalid, 260 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 225 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:26,395 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 184 Invalid, 260 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 225 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:41:26,396 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 362 states. [2024-10-12 19:41:26,450 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 362 to 338. [2024-10-12 19:41:26,451 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 338 states, 248 states have (on average 1.3185483870967742) internal successors, (327), 270 states have internal predecessors, (327), 46 states have call successors, (46), 32 states have call predecessors, (46), 43 states have return successors, (91), 48 states have call predecessors, (91), 46 states have call successors, (91) [2024-10-12 19:41:26,458 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 338 states to 338 states and 464 transitions. [2024-10-12 19:41:26,458 INFO L78 Accepts]: Start accepts. Automaton has 338 states and 464 transitions. Word has length 40 [2024-10-12 19:41:26,458 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:26,458 INFO L471 AbstractCegarLoop]: Abstraction has 338 states and 464 transitions. [2024-10-12 19:41:26,459 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:26,459 INFO L276 IsEmpty]: Start isEmpty. Operand 338 states and 464 transitions. [2024-10-12 19:41:26,464 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-10-12 19:41:26,464 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:26,464 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:26,464 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-12 19:41:26,464 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:26,465 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:26,465 INFO L85 PathProgramCache]: Analyzing trace with hash -338609487, now seen corresponding path program 1 times [2024-10-12 19:41:26,465 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:26,465 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1169782987] [2024-10-12 19:41:26,465 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:26,465 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:26,486 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,544 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:41:26,545 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,548 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-12 19:41:26,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,564 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:41:26,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,569 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-10-12 19:41:26,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,570 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:41:26,570 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:26,570 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1169782987] [2024-10-12 19:41:26,571 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1169782987] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:26,571 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:26,571 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-12 19:41:26,571 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1787821863] [2024-10-12 19:41:26,571 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:26,574 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-12 19:41:26,574 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:26,575 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-12 19:41:26,575 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-12 19:41:26,575 INFO L87 Difference]: Start difference. First operand 338 states and 464 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:26,778 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:26,778 INFO L93 Difference]: Finished difference Result 699 states and 981 transitions. [2024-10-12 19:41:26,779 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-12 19:41:26,779 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 40 [2024-10-12 19:41:26,779 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:26,781 INFO L225 Difference]: With dead ends: 699 [2024-10-12 19:41:26,782 INFO L226 Difference]: Without dead ends: 363 [2024-10-12 19:41:26,783 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-10-12 19:41:26,784 INFO L432 NwaCegarLoop]: 46 mSDtfsCounter, 108 mSDsluCounter, 138 mSDsCounter, 0 mSdLazyCounter, 225 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 184 SdHoareTripleChecker+Invalid, 260 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 225 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:26,786 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 184 Invalid, 260 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 225 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:41:26,787 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 363 states. [2024-10-12 19:41:26,810 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 363 to 339. [2024-10-12 19:41:26,811 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 339 states, 251 states have (on average 1.3107569721115537) internal successors, (329), 272 states have internal predecessors, (329), 45 states have call successors, (45), 31 states have call predecessors, (45), 42 states have return successors, (90), 47 states have call predecessors, (90), 45 states have call successors, (90) [2024-10-12 19:41:26,812 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 339 states to 339 states and 464 transitions. [2024-10-12 19:41:26,813 INFO L78 Accepts]: Start accepts. Automaton has 339 states and 464 transitions. Word has length 40 [2024-10-12 19:41:26,813 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:26,813 INFO L471 AbstractCegarLoop]: Abstraction has 339 states and 464 transitions. [2024-10-12 19:41:26,813 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 4 states have internal predecessors, (31), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:26,813 INFO L276 IsEmpty]: Start isEmpty. Operand 339 states and 464 transitions. [2024-10-12 19:41:26,814 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-10-12 19:41:26,814 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:26,814 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:26,814 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-12 19:41:26,814 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:26,815 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:26,815 INFO L85 PathProgramCache]: Analyzing trace with hash -914265781, now seen corresponding path program 1 times [2024-10-12 19:41:26,815 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:26,815 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [119472296] [2024-10-12 19:41:26,815 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:26,815 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:26,822 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,863 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:41:26,864 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,871 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-12 19:41:26,873 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,887 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:41:26,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,888 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-12 19:41:26,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:26,890 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:41:26,890 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:26,890 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [119472296] [2024-10-12 19:41:26,891 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [119472296] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:26,891 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:26,891 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-12 19:41:26,891 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1903708720] [2024-10-12 19:41:26,891 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:26,891 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-12 19:41:26,891 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:26,892 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-12 19:41:26,892 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2024-10-12 19:41:26,892 INFO L87 Difference]: Start difference. First operand 339 states and 464 transitions. Second operand has 8 states, 8 states have (on average 4.125) internal successors, (33), 6 states have internal predecessors, (33), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:27,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:27,196 INFO L93 Difference]: Finished difference Result 660 states and 903 transitions. [2024-10-12 19:41:27,196 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-10-12 19:41:27,196 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.125) internal successors, (33), 6 states have internal predecessors, (33), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2024-10-12 19:41:27,196 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:27,198 INFO L225 Difference]: With dead ends: 660 [2024-10-12 19:41:27,198 INFO L226 Difference]: Without dead ends: 323 [2024-10-12 19:41:27,199 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=51, Invalid=131, Unknown=0, NotChecked=0, Total=182 [2024-10-12 19:41:27,200 INFO L432 NwaCegarLoop]: 74 mSDtfsCounter, 218 mSDsluCounter, 232 mSDsCounter, 0 mSdLazyCounter, 357 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 221 SdHoareTripleChecker+Valid, 306 SdHoareTripleChecker+Invalid, 419 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 357 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:27,200 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [221 Valid, 306 Invalid, 419 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 357 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:41:27,200 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 323 states. [2024-10-12 19:41:27,214 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 323 to 321. [2024-10-12 19:41:27,214 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 321 states, 239 states have (on average 1.2761506276150627) internal successors, (305), 258 states have internal predecessors, (305), 41 states have call successors, (41), 31 states have call predecessors, (41), 40 states have return successors, (60), 42 states have call predecessors, (60), 41 states have call successors, (60) [2024-10-12 19:41:27,215 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 321 states to 321 states and 406 transitions. [2024-10-12 19:41:27,216 INFO L78 Accepts]: Start accepts. Automaton has 321 states and 406 transitions. Word has length 43 [2024-10-12 19:41:27,216 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:27,216 INFO L471 AbstractCegarLoop]: Abstraction has 321 states and 406 transitions. [2024-10-12 19:41:27,217 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.125) internal successors, (33), 6 states have internal predecessors, (33), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:27,217 INFO L276 IsEmpty]: Start isEmpty. Operand 321 states and 406 transitions. [2024-10-12 19:41:27,217 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-10-12 19:41:27,217 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:27,217 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:27,218 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-12 19:41:27,218 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:27,218 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:27,218 INFO L85 PathProgramCache]: Analyzing trace with hash -896017649, now seen corresponding path program 1 times [2024-10-12 19:41:27,218 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:27,218 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [877446163] [2024-10-12 19:41:27,218 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:27,219 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:27,226 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:27,281 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:41:27,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:27,287 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-12 19:41:27,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:27,333 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:41:27,334 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:27,344 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-12 19:41:27,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:27,345 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-12 19:41:27,345 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:27,346 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [877446163] [2024-10-12 19:41:27,346 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [877446163] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-12 19:41:27,346 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2002009652] [2024-10-12 19:41:27,346 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:27,346 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-12 19:41:27,346 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:41:27,352 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-12 19:41:27,358 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-12 19:41:27,409 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:27,411 INFO L255 TraceCheckSpWp]: Trace formula consists of 195 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-10-12 19:41:27,415 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-12 19:41:27,523 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:41:27,523 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-12 19:41:27,523 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2002009652] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:27,523 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-12 19:41:27,523 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [9] total 12 [2024-10-12 19:41:27,524 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1062125272] [2024-10-12 19:41:27,524 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:27,524 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-12 19:41:27,524 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:27,524 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-12 19:41:27,524 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=28, Invalid=104, Unknown=0, NotChecked=0, Total=132 [2024-10-12 19:41:27,525 INFO L87 Difference]: Start difference. First operand 321 states and 406 transitions. Second operand has 6 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:27,717 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:27,718 INFO L93 Difference]: Finished difference Result 945 states and 1216 transitions. [2024-10-12 19:41:27,721 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-12 19:41:27,722 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2024-10-12 19:41:27,722 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:27,724 INFO L225 Difference]: With dead ends: 945 [2024-10-12 19:41:27,724 INFO L226 Difference]: Without dead ends: 626 [2024-10-12 19:41:27,728 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 55 GetRequests, 45 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=28, Invalid=104, Unknown=0, NotChecked=0, Total=132 [2024-10-12 19:41:27,729 INFO L432 NwaCegarLoop]: 70 mSDtfsCounter, 47 mSDsluCounter, 215 mSDsCounter, 0 mSdLazyCounter, 128 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 285 SdHoareTripleChecker+Invalid, 130 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 128 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:27,729 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 285 Invalid, 130 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 128 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:41:27,730 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 626 states. [2024-10-12 19:41:27,787 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 626 to 624. [2024-10-12 19:41:27,791 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 624 states, 464 states have (on average 1.2586206896551724) internal successors, (584), 498 states have internal predecessors, (584), 81 states have call successors, (81), 62 states have call predecessors, (81), 78 states have return successors, (123), 82 states have call predecessors, (123), 81 states have call successors, (123) [2024-10-12 19:41:27,794 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 624 states to 624 states and 788 transitions. [2024-10-12 19:41:27,795 INFO L78 Accepts]: Start accepts. Automaton has 624 states and 788 transitions. Word has length 43 [2024-10-12 19:41:27,798 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:27,798 INFO L471 AbstractCegarLoop]: Abstraction has 624 states and 788 transitions. [2024-10-12 19:41:27,799 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:41:27,799 INFO L276 IsEmpty]: Start isEmpty. Operand 624 states and 788 transitions. [2024-10-12 19:41:27,800 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-10-12 19:41:27,800 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:27,800 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:27,819 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-12 19:41:28,003 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-12 19:41:28,004 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:28,004 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:28,004 INFO L85 PathProgramCache]: Analyzing trace with hash -1798882645, now seen corresponding path program 1 times [2024-10-12 19:41:28,005 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:28,005 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [674924979] [2024-10-12 19:41:28,005 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:28,005 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:28,013 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:28,092 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:41:28,093 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:28,110 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:41:28,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:28,138 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-12 19:41:28,140 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:28,148 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:41:28,148 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:28,150 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-10-12 19:41:28,150 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:28,162 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-12 19:41:28,162 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:28,162 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [674924979] [2024-10-12 19:41:28,162 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [674924979] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:41:28,163 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:41:28,163 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [] total 11 [2024-10-12 19:41:28,163 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [351427924] [2024-10-12 19:41:28,163 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:41:28,163 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2024-10-12 19:41:28,163 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:28,164 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2024-10-12 19:41:28,164 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=90, Unknown=0, NotChecked=0, Total=110 [2024-10-12 19:41:28,164 INFO L87 Difference]: Start difference. First operand 624 states and 788 transitions. Second operand has 11 states, 10 states have (on average 3.6) internal successors, (36), 7 states have internal predecessors, (36), 2 states have call successors, (6), 5 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-12 19:41:28,884 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:28,884 INFO L93 Difference]: Finished difference Result 1230 states and 1570 transitions. [2024-10-12 19:41:28,885 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2024-10-12 19:41:28,885 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 10 states have (on average 3.6) internal successors, (36), 7 states have internal predecessors, (36), 2 states have call successors, (6), 5 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 47 [2024-10-12 19:41:28,885 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:28,888 INFO L225 Difference]: With dead ends: 1230 [2024-10-12 19:41:28,889 INFO L226 Difference]: Without dead ends: 608 [2024-10-12 19:41:28,891 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 41 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 161 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=209, Invalid=661, Unknown=0, NotChecked=0, Total=870 [2024-10-12 19:41:28,891 INFO L432 NwaCegarLoop]: 34 mSDtfsCounter, 271 mSDsluCounter, 189 mSDsCounter, 0 mSdLazyCounter, 992 mSolverCounterSat, 88 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 275 SdHoareTripleChecker+Valid, 223 SdHoareTripleChecker+Invalid, 1080 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 88 IncrementalHoareTripleChecker+Valid, 992 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:28,892 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [275 Valid, 223 Invalid, 1080 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [88 Valid, 992 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-10-12 19:41:28,892 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 608 states. [2024-10-12 19:41:28,919 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 608 to 608. [2024-10-12 19:41:28,920 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 608 states, 448 states have (on average 1.2142857142857142) internal successors, (544), 482 states have internal predecessors, (544), 81 states have call successors, (81), 62 states have call predecessors, (81), 78 states have return successors, (117), 82 states have call predecessors, (117), 81 states have call successors, (117) [2024-10-12 19:41:28,922 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 608 states to 608 states and 742 transitions. [2024-10-12 19:41:28,923 INFO L78 Accepts]: Start accepts. Automaton has 608 states and 742 transitions. Word has length 47 [2024-10-12 19:41:28,923 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:28,923 INFO L471 AbstractCegarLoop]: Abstraction has 608 states and 742 transitions. [2024-10-12 19:41:28,923 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 10 states have (on average 3.6) internal successors, (36), 7 states have internal predecessors, (36), 2 states have call successors, (6), 5 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-12 19:41:28,924 INFO L276 IsEmpty]: Start isEmpty. Operand 608 states and 742 transitions. [2024-10-12 19:41:28,926 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 69 [2024-10-12 19:41:28,926 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:41:28,927 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:28,927 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-10-12 19:41:28,927 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:41:28,927 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:41:28,927 INFO L85 PathProgramCache]: Analyzing trace with hash 1755578374, now seen corresponding path program 1 times [2024-10-12 19:41:28,927 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:41:28,927 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [243760870] [2024-10-12 19:41:28,928 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:28,928 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:41:28,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:28,986 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:41:28,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:28,994 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-12 19:41:28,996 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:29,004 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-12 19:41:29,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:29,008 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:41:29,010 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:29,011 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-12 19:41:29,012 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:29,012 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-10-12 19:41:29,013 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:29,014 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 5 proven. 1 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2024-10-12 19:41:29,015 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:41:29,015 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [243760870] [2024-10-12 19:41:29,015 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [243760870] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-12 19:41:29,015 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [732622312] [2024-10-12 19:41:29,015 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:41:29,015 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-12 19:41:29,015 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:41:29,018 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-12 19:41:29,020 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-10-12 19:41:29,090 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:41:29,092 INFO L255 TraceCheckSpWp]: Trace formula consists of 257 conjuncts, 11 conjuncts are in the unsatisfiable core [2024-10-12 19:41:29,094 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-12 19:41:29,212 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 4 proven. 11 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-10-12 19:41:29,213 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-12 19:41:29,470 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 8 proven. 3 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2024-10-12 19:41:29,471 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [732622312] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-12 19:41:29,471 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-12 19:41:29,471 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 7, 8] total 15 [2024-10-12 19:41:29,471 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1390230854] [2024-10-12 19:41:29,472 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-12 19:41:29,472 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-12 19:41:29,472 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:41:29,476 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-12 19:41:29,477 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=52, Invalid=158, Unknown=0, NotChecked=0, Total=210 [2024-10-12 19:41:29,477 INFO L87 Difference]: Start difference. First operand 608 states and 742 transitions. Second operand has 15 states, 15 states have (on average 6.2) internal successors, (93), 11 states have internal predecessors, (93), 6 states have call successors, (18), 9 states have call predecessors, (18), 6 states have return successors, (16), 6 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-12 19:41:30,137 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:41:30,137 INFO L93 Difference]: Finished difference Result 1158 states and 1466 transitions. [2024-10-12 19:41:30,138 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-10-12 19:41:30,138 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.2) internal successors, (93), 11 states have internal predecessors, (93), 6 states have call successors, (18), 9 states have call predecessors, (18), 6 states have return successors, (16), 6 states have call predecessors, (16), 6 states have call successors, (16) Word has length 68 [2024-10-12 19:41:30,138 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:41:30,139 INFO L225 Difference]: With dead ends: 1158 [2024-10-12 19:41:30,139 INFO L226 Difference]: Without dead ends: 0 [2024-10-12 19:41:30,141 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 171 GetRequests, 137 SyntacticMatches, 6 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 150 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=266, Invalid=604, Unknown=0, NotChecked=0, Total=870 [2024-10-12 19:41:30,145 INFO L432 NwaCegarLoop]: 34 mSDtfsCounter, 436 mSDsluCounter, 167 mSDsCounter, 0 mSdLazyCounter, 381 mSolverCounterSat, 147 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 438 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 528 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 147 IncrementalHoareTripleChecker+Valid, 381 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-10-12 19:41:30,145 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [438 Valid, 201 Invalid, 528 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [147 Valid, 381 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-10-12 19:41:30,146 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-12 19:41:30,146 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-12 19:41:30,146 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-12 19:41:30,146 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-12 19:41:30,147 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 68 [2024-10-12 19:41:30,150 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:41:30,150 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-12 19:41:30,150 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.2) internal successors, (93), 11 states have internal predecessors, (93), 6 states have call successors, (18), 9 states have call predecessors, (18), 6 states have return successors, (16), 6 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-12 19:41:30,150 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-12 19:41:30,150 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-12 19:41:30,153 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-12 19:41:30,178 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-10-12 19:41:30,357 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2024-10-12 19:41:30,360 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:41:30,365 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-12 19:41:33,761 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-12 19:41:33,803 WARN L155 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (and (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0) (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= |old(~methaneLevelCritical~0)| 0)) (.cse5 (= ~pumpRunning~0 0)) (.cse4 (<= 1 |old(~methaneLevelCritical~0)|)) (.cse2 (<= ~waterLevel~0 2)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse2 .cse3) (and .cse5 .cse1 .cse2 .cse3) (and .cse5 .cse4 .cse2 .cse3)))) Eliminated clause: (let ((.cse4 (= ~pumpRunning~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3))) [2024-10-12 19:41:33,819 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse4 (<= 1 ~methaneLevelCritical~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse5 (<= 1 |old(~pumpRunning~0)|)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3) (and .cse0 .cse2 .cse5 .cse3) (and .cse4 .cse2 .cse5 .cse3))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse4 (= ~pumpRunning~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3))) [2024-10-12 19:41:33,840 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse4 (= ~methaneLevelCritical~0 0)) (.cse1 (= |old(~pumpRunning~0)| 0)) (.cse2 (<= ~waterLevel~0 2)) (.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse5 (<= ~waterLevel~0 1)) (.cse6 (<= 1 |old(~pumpRunning~0)|)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse3) (and .cse4 .cse1 .cse2 .cse3) (and .cse0 .cse5 .cse6 .cse3)))) Eliminated clause: (let ((.cse4 (= ~pumpRunning~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse6 (<= ~waterLevel~0 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse2 (<= ~waterLevel~0 1)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse3) (and .cse4 .cse1 .cse6 .cse3) (and .cse0 .cse5 .cse2 .cse3))) [2024-10-12 19:41:33,847 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= 1 ~methaneLevelCritical~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (= ~methaneLevelCritical~0 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse5 (<= |old(~waterLevel~0)| 1) .cse3)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 (<= ~waterLevel~0 1) .cse3))) [2024-10-12 19:41:33,851 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 12.10 07:41:33 BoogieIcfgContainer [2024-10-12 19:41:33,855 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-12 19:41:33,856 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-12 19:41:33,856 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-12 19:41:33,856 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-12 19:41:33,856 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:41:24" (3/4) ... [2024-10-12 19:41:33,858 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-12 19:41:33,860 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-12 19:41:33,864 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-12 19:41:33,864 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-12 19:41:33,864 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-12 19:41:33,864 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-10-12 19:41:33,865 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:41:33,865 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-12 19:41:33,874 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 33 nodes and edges [2024-10-12 19:41:33,877 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-12 19:41:33,878 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-12 19:41:33,878 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:41:33,878 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:41:34,081 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-12 19:41:34,082 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-12 19:41:34,082 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-12 19:41:34,082 INFO L158 Benchmark]: Toolchain (without parser) took 10971.82ms. Allocated memory was 201.3MB in the beginning and 295.7MB in the end (delta: 94.4MB). Free memory was 118.2MB in the beginning and 260.6MB in the end (delta: -142.4MB). Peak memory consumption was 123.7MB. Max. memory is 16.1GB. [2024-10-12 19:41:34,082 INFO L158 Benchmark]: CDTParser took 0.09ms. Allocated memory is still 201.3MB. Free memory is still 164.6MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-12 19:41:34,082 INFO L158 Benchmark]: CACSL2BoogieTranslator took 403.07ms. Allocated memory is still 201.3MB. Free memory was 118.0MB in the beginning and 154.3MB in the end (delta: -36.3MB). Peak memory consumption was 8.0MB. Max. memory is 16.1GB. [2024-10-12 19:41:34,083 INFO L158 Benchmark]: Boogie Procedure Inliner took 32.87ms. Allocated memory is still 201.3MB. Free memory was 154.2MB in the beginning and 151.1MB in the end (delta: 3.1MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-10-12 19:41:34,086 INFO L158 Benchmark]: Boogie Preprocessor took 53.16ms. Allocated memory is still 201.3MB. Free memory was 151.1MB in the beginning and 149.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:41:34,086 INFO L158 Benchmark]: RCFGBuilder took 590.20ms. Allocated memory is still 201.3MB. Free memory was 149.0MB in the beginning and 151.2MB in the end (delta: -2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-12 19:41:34,086 INFO L158 Benchmark]: TraceAbstraction took 9658.03ms. Allocated memory was 201.3MB in the beginning and 295.7MB in the end (delta: 94.4MB). Free memory was 150.1MB in the beginning and 97.4MB in the end (delta: 52.7MB). Peak memory consumption was 158.9MB. Max. memory is 16.1GB. [2024-10-12 19:41:34,087 INFO L158 Benchmark]: Witness Printer took 226.07ms. Allocated memory is still 295.7MB. Free memory was 97.4MB in the beginning and 260.6MB in the end (delta: -163.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-12 19:41:34,088 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.09ms. Allocated memory is still 201.3MB. Free memory is still 164.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 403.07ms. Allocated memory is still 201.3MB. Free memory was 118.0MB in the beginning and 154.3MB in the end (delta: -36.3MB). Peak memory consumption was 8.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 32.87ms. Allocated memory is still 201.3MB. Free memory was 154.2MB in the beginning and 151.1MB in the end (delta: 3.1MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 53.16ms. Allocated memory is still 201.3MB. Free memory was 151.1MB in the beginning and 149.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 590.20ms. Allocated memory is still 201.3MB. Free memory was 149.0MB in the beginning and 151.2MB in the end (delta: -2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * TraceAbstraction took 9658.03ms. Allocated memory was 201.3MB in the beginning and 295.7MB in the end (delta: 94.4MB). Free memory was 150.1MB in the beginning and 97.4MB in the end (delta: 52.7MB). Peak memory consumption was 158.9MB. Max. memory is 16.1GB. * Witness Printer took 226.07ms. Allocated memory is still 295.7MB. Free memory was 97.4MB in the beginning and 260.6MB in the end (delta: -163.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [415] - GenericResultAtLocation [Line: 526]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [526] - GenericResultAtLocation [Line: 564]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [564] - GenericResultAtLocation [Line: 600]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [600] - GenericResultAtLocation [Line: 609]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [609] - GenericResultAtLocation [Line: 828]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [828] - GenericResultAtLocation [Line: 894]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [894] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 605]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 72 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 6.1s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1704 SdHoareTripleChecker+Valid, 2.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1679 mSDsluCounter, 2163 SdHoareTripleChecker+Invalid, 1.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1474 mSDsCounter, 503 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2788 IncrementalHoareTripleChecker+Invalid, 3291 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 503 mSolverCounterUnsat, 689 mSDtfsCounter, 2788 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 382 GetRequests, 261 SyntacticMatches, 6 SemanticMatches, 115 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 356 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=624occurred in iteration=10, InterpolantAutomatonStates: 107, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 12 MinimizatonAttempts, 84 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.6s InterpolantComputationTime, 550 NumberOfCodeBlocks, 550 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 603 ConstructedInterpolants, 0 QuantifiedInterpolants, 1220 SizeOfPredicates, 2 NumberOfNonLiveVariables, 452 ConjunctsInSsa, 20 ConjunctsInUnsatCore, 15 InterpolantComputations, 11 PerfectInterpolantSequences, 58/74 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 906]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: ((((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 != systemActive)) || (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (splverifierCounter == 0)) && (0 != systemActive))) || (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 != systemActive))) || (((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 != systemActive))) - InvariantResult [Line: 839]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 641]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 != systemActive))) Ensures: (((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 != systemActive))) - ProcedureContractResult [Line: 450]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical)) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((((1 <= pumpRunning) && (\old(methaneLevelCritical) == 0)) && (waterLevel <= 2)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (1 <= \old(methaneLevelCritical))) && (waterLevel <= 2)) && (0 != systemActive))) || ((((pumpRunning == 0) && (\old(methaneLevelCritical) == 0)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (waterLevel <= 2)) && (0 != systemActive)))) - ProcedureContractResult [Line: 896]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 617]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((((((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2)) && (0 != systemActive)) || ((((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((((methaneLevelCritical == 0) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive))) || ((((1 <= methaneLevelCritical) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive))) && (((((pumpRunning == \old(pumpRunning)) && (waterLevel <= 1)) && (waterLevel <= \old(waterLevel))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (waterLevel <= \old(waterLevel)))) || (\old(pumpRunning) < 1))) && (((methaneLevelCritical != 0) || ((1 <= pumpRunning) && (\old(waterLevel) == waterLevel))) || (waterLevel < 2))) && (((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || ((1 <= pumpRunning) && (\old(waterLevel) == waterLevel)))) - ProcedureContractResult [Line: 462]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) && (\result == methaneLevelCritical)) - ProcedureContractResult [Line: 649]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 != systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (0 != systemActive))) Ensures: ((((((((((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) && (0 != systemActive)) || ((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 <= \old(pumpRunning))) && (0 != systemActive))) || ((((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((1 <= methaneLevelCritical) && (waterLevel <= 1)) && (1 <= \old(pumpRunning))) && (0 != systemActive))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((0 < pumpRunning) || (pumpRunning == 0))) && (((0 < pumpRunning) || (methaneLevelCritical != 0)) || (waterLevel < 2))) - ProcedureContractResult [Line: 438]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 != systemActive)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 != systemActive))) Ensures: ((((waterLevel <= ((long long) \old(waterLevel) + 1)) && ((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (\old(waterLevel) <= 2)) || (((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (\old(waterLevel) <= 1)))) && (waterLevel <= 2)) && (0 != systemActive)) RESULT: Ultimate proved your program to be correct! [2024-10-12 19:41:34,124 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE