./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a046e57d Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 88f09ec5af0f641c9edfe2f7047937341e46c7f8baabeed0fd38f069cd3b5278 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-mul-div-a046e57-m [2024-10-12 19:42:56,689 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-12 19:42:56,775 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-12 19:42:56,783 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-12 19:42:56,787 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-12 19:42:56,805 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-12 19:42:56,806 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-12 19:42:56,806 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-12 19:42:56,807 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-12 19:42:56,807 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-12 19:42:56,807 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-12 19:42:56,807 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-12 19:42:56,808 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-12 19:42:56,808 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-12 19:42:56,808 INFO L153 SettingsManager]: * Use SBE=true [2024-10-12 19:42:56,809 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-12 19:42:56,809 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-12 19:42:56,809 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-12 19:42:56,809 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-12 19:42:56,810 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-12 19:42:56,810 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-12 19:42:56,813 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-12 19:42:56,813 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-12 19:42:56,813 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-12 19:42:56,813 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-12 19:42:56,813 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-12 19:42:56,814 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-12 19:42:56,814 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-12 19:42:56,814 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-12 19:42:56,814 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-12 19:42:56,814 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-12 19:42:56,815 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-12 19:42:56,815 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:42:56,815 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-12 19:42:56,815 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-12 19:42:56,816 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-12 19:42:56,816 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-12 19:42:56,816 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-12 19:42:56,816 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-12 19:42:56,816 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-12 19:42:56,816 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-12 19:42:56,818 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-12 19:42:56,818 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 88f09ec5af0f641c9edfe2f7047937341e46c7f8baabeed0fd38f069cd3b5278 [2024-10-12 19:42:57,073 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-12 19:42:57,096 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-12 19:42:57,099 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-12 19:42:57,100 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-12 19:42:57,100 INFO L274 PluginConnector]: CDTParser initialized [2024-10-12 19:42:57,101 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c [2024-10-12 19:42:58,481 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-12 19:42:58,740 INFO L384 CDTParser]: Found 1 translation units. [2024-10-12 19:42:58,741 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c [2024-10-12 19:42:58,754 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2ed36ae66/e8c515b480bf42298379afb62954c7c9/FLAG071c63082 [2024-10-12 19:42:58,768 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2ed36ae66/e8c515b480bf42298379afb62954c7c9 [2024-10-12 19:42:58,771 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-12 19:42:58,772 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-12 19:42:58,776 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-12 19:42:58,776 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-12 19:42:58,781 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-12 19:42:58,781 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:42:58" (1/1) ... [2024-10-12 19:42:58,783 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5d6b49e2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:58, skipping insertion in model container [2024-10-12 19:42:58,784 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:42:58" (1/1) ... [2024-10-12 19:42:58,825 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-12 19:42:59,002 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c[3971,3984] [2024-10-12 19:42:59,099 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:42:59,110 INFO L200 MainTranslator]: Completed pre-run [2024-10-12 19:42:59,117 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] [2024-10-12 19:42:59,118 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [101] [2024-10-12 19:42:59,119 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [211] [2024-10-12 19:42:59,119 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [220] [2024-10-12 19:42:59,119 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [323] [2024-10-12 19:42:59,119 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [560] [2024-10-12 19:42:59,120 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [627] [2024-10-12 19:42:59,120 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [662] [2024-10-12 19:42:59,132 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c[3971,3984] [2024-10-12 19:42:59,184 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:42:59,203 INFO L204 MainTranslator]: Completed translation [2024-10-12 19:42:59,204 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59 WrapperNode [2024-10-12 19:42:59,204 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-12 19:42:59,205 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-12 19:42:59,205 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-12 19:42:59,205 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-12 19:42:59,211 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,224 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,261 INFO L138 Inliner]: procedures = 59, calls = 106, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 236 [2024-10-12 19:42:59,262 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-12 19:42:59,262 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-12 19:42:59,262 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-12 19:42:59,262 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-12 19:42:59,271 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,272 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,273 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,284 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-12 19:42:59,284 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,284 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,288 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,291 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,292 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,293 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,295 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-12 19:42:59,296 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-12 19:42:59,296 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-12 19:42:59,296 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-12 19:42:59,297 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (1/1) ... [2024-10-12 19:42:59,305 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:42:59,329 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:42:59,353 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-12 19:42:59,363 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-12 19:42:59,409 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-12 19:42:59,409 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-12 19:42:59,409 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-12 19:42:59,409 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-12 19:42:59,410 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-12 19:42:59,410 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-12 19:42:59,410 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-12 19:42:59,410 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:42:59,410 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:42:59,410 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-12 19:42:59,410 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-12 19:42:59,410 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-10-12 19:42:59,411 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-10-12 19:42:59,411 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-12 19:42:59,411 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-12 19:42:59,411 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-12 19:42:59,411 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-12 19:42:59,411 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-12 19:42:59,411 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-12 19:42:59,411 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-12 19:42:59,411 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-12 19:42:59,412 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-12 19:42:59,501 INFO L238 CfgBuilder]: Building ICFG [2024-10-12 19:42:59,503 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-12 19:42:59,784 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-10-12 19:42:59,784 INFO L287 CfgBuilder]: Performing block encoding [2024-10-12 19:42:59,838 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-12 19:42:59,838 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-12 19:42:59,838 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:42:59 BoogieIcfgContainer [2024-10-12 19:42:59,838 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-12 19:42:59,840 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-12 19:42:59,840 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-12 19:42:59,843 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-12 19:42:59,843 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 12.10 07:42:58" (1/3) ... [2024-10-12 19:42:59,844 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@74c76079 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:42:59, skipping insertion in model container [2024-10-12 19:42:59,844 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:59" (2/3) ... [2024-10-12 19:42:59,844 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@74c76079 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:42:59, skipping insertion in model container [2024-10-12 19:42:59,844 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:42:59" (3/3) ... [2024-10-12 19:42:59,845 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product54.cil.c [2024-10-12 19:42:59,859 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-12 19:42:59,860 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-12 19:42:59,914 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-12 19:42:59,919 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@38ffa777, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-12 19:42:59,920 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-12 19:42:59,923 INFO L276 IsEmpty]: Start isEmpty. Operand has 82 states, 55 states have (on average 1.5272727272727273) internal successors, (84), 65 states have internal predecessors, (84), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-10-12 19:42:59,930 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-12 19:42:59,930 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:59,931 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:59,931 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:59,936 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:59,936 INFO L85 PathProgramCache]: Analyzing trace with hash -1970980526, now seen corresponding path program 1 times [2024-10-12 19:42:59,972 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:59,973 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1525384090] [2024-10-12 19:42:59,973 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:59,973 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:00,090 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,131 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:43:00,133 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,136 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:43:00,138 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,143 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:00,143 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:00,143 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1525384090] [2024-10-12 19:43:00,144 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1525384090] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:00,144 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:00,144 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-12 19:43:00,145 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [325072971] [2024-10-12 19:43:00,146 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:00,149 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-12 19:43:00,149 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:00,166 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-12 19:43:00,167 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:43:00,169 INFO L87 Difference]: Start difference. First operand has 82 states, 55 states have (on average 1.5272727272727273) internal successors, (84), 65 states have internal predecessors, (84), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:00,221 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:00,221 INFO L93 Difference]: Finished difference Result 162 states and 233 transitions. [2024-10-12 19:43:00,222 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-12 19:43:00,223 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-12 19:43:00,224 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:00,232 INFO L225 Difference]: With dead ends: 162 [2024-10-12 19:43:00,232 INFO L226 Difference]: Without dead ends: 77 [2024-10-12 19:43:00,236 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:43:00,241 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 94 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:00,241 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 94 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:00,255 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 77 states. [2024-10-12 19:43:00,273 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 77 to 77. [2024-10-12 19:43:00,274 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 52 states have (on average 1.4230769230769231) internal successors, (74), 61 states have internal predecessors, (74), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-10-12 19:43:00,276 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 105 transitions. [2024-10-12 19:43:00,277 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 105 transitions. Word has length 22 [2024-10-12 19:43:00,278 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:00,278 INFO L471 AbstractCegarLoop]: Abstraction has 77 states and 105 transitions. [2024-10-12 19:43:00,278 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:00,279 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 105 transitions. [2024-10-12 19:43:00,280 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-12 19:43:00,280 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:00,281 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:00,281 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-12 19:43:00,281 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:00,281 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:00,282 INFO L85 PathProgramCache]: Analyzing trace with hash 1423974431, now seen corresponding path program 1 times [2024-10-12 19:43:00,282 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:00,282 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1280858335] [2024-10-12 19:43:00,282 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:00,283 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:00,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,394 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:43:00,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,401 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-12 19:43:00,402 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,407 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:00,409 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:00,409 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1280858335] [2024-10-12 19:43:00,409 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1280858335] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:00,409 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:00,409 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:43:00,409 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1459100153] [2024-10-12 19:43:00,410 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:00,411 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:43:00,411 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:00,411 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:43:00,411 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:00,412 INFO L87 Difference]: Start difference. First operand 77 states and 105 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:00,447 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:00,449 INFO L93 Difference]: Finished difference Result 127 states and 173 transitions. [2024-10-12 19:43:00,449 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:43:00,450 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-12 19:43:00,450 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:00,451 INFO L225 Difference]: With dead ends: 127 [2024-10-12 19:43:00,451 INFO L226 Difference]: Without dead ends: 69 [2024-10-12 19:43:00,452 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:00,454 INFO L432 NwaCegarLoop]: 80 mSDtfsCounter, 11 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 147 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:00,454 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 147 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:00,455 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2024-10-12 19:43:00,463 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 69. [2024-10-12 19:43:00,465 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 47 states have (on average 1.446808510638298) internal successors, (68), 56 states have internal predecessors, (68), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-12 19:43:00,467 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 94 transitions. [2024-10-12 19:43:00,468 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 94 transitions. Word has length 23 [2024-10-12 19:43:00,469 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:00,469 INFO L471 AbstractCegarLoop]: Abstraction has 69 states and 94 transitions. [2024-10-12 19:43:00,469 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:00,469 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 94 transitions. [2024-10-12 19:43:00,470 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-12 19:43:00,470 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:00,470 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:00,470 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-12 19:43:00,471 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:00,471 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:00,471 INFO L85 PathProgramCache]: Analyzing trace with hash 1817255720, now seen corresponding path program 1 times [2024-10-12 19:43:00,471 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:00,471 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [96208637] [2024-10-12 19:43:00,472 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:00,472 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:00,494 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,530 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:00,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,534 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-12 19:43:00,535 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,536 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:00,537 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:00,537 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [96208637] [2024-10-12 19:43:00,537 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [96208637] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:00,537 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:00,537 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:43:00,537 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [509013606] [2024-10-12 19:43:00,537 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:00,538 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:43:00,538 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:00,538 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:43:00,538 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:00,539 INFO L87 Difference]: Start difference. First operand 69 states and 94 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:00,580 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:00,581 INFO L93 Difference]: Finished difference Result 136 states and 187 transitions. [2024-10-12 19:43:00,583 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:43:00,584 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-12 19:43:00,584 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:00,585 INFO L225 Difference]: With dead ends: 136 [2024-10-12 19:43:00,585 INFO L226 Difference]: Without dead ends: 69 [2024-10-12 19:43:00,586 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:00,586 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 86 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 78 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:00,587 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 78 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:00,588 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2024-10-12 19:43:00,594 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 69. [2024-10-12 19:43:00,594 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 47 states have (on average 1.425531914893617) internal successors, (67), 56 states have internal predecessors, (67), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-12 19:43:00,595 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 93 transitions. [2024-10-12 19:43:00,595 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 93 transitions. Word has length 26 [2024-10-12 19:43:00,596 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:00,596 INFO L471 AbstractCegarLoop]: Abstraction has 69 states and 93 transitions. [2024-10-12 19:43:00,596 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:00,597 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 93 transitions. [2024-10-12 19:43:00,597 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-10-12 19:43:00,598 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:00,598 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:00,598 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-12 19:43:00,598 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:00,598 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:00,599 INFO L85 PathProgramCache]: Analyzing trace with hash -879939335, now seen corresponding path program 1 times [2024-10-12 19:43:00,599 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:00,599 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1149849177] [2024-10-12 19:43:00,599 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:00,599 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:00,612 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,680 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:00,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,690 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-12 19:43:00,691 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,692 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-10-12 19:43:00,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,698 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:00,698 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:00,699 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1149849177] [2024-10-12 19:43:00,699 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1149849177] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:00,699 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:00,699 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-10-12 19:43:00,699 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1347974926] [2024-10-12 19:43:00,700 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:00,700 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-10-12 19:43:00,700 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:00,701 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-10-12 19:43:00,701 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-12 19:43:00,701 INFO L87 Difference]: Start difference. First operand 69 states and 93 transitions. Second operand has 4 states, 4 states have (on average 6.0) internal successors, (24), 3 states have internal predecessors, (24), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:00,884 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:00,885 INFO L93 Difference]: Finished difference Result 210 states and 285 transitions. [2024-10-12 19:43:00,885 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-12 19:43:00,885 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 6.0) internal successors, (24), 3 states have internal predecessors, (24), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 32 [2024-10-12 19:43:00,885 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:00,887 INFO L225 Difference]: With dead ends: 210 [2024-10-12 19:43:00,887 INFO L226 Difference]: Without dead ends: 143 [2024-10-12 19:43:00,888 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:43:00,888 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 138 mSDsluCounter, 84 mSDsCounter, 0 mSdLazyCounter, 100 mSolverCounterSat, 43 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 156 SdHoareTripleChecker+Invalid, 143 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 43 IncrementalHoareTripleChecker+Valid, 100 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:00,889 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 156 Invalid, 143 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [43 Valid, 100 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:43:00,890 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 143 states. [2024-10-12 19:43:00,903 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 143 to 137. [2024-10-12 19:43:00,904 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 137 states, 96 states have (on average 1.3645833333333333) internal successors, (131), 104 states have internal predecessors, (131), 20 states have call successors, (20), 15 states have call predecessors, (20), 20 states have return successors, (31), 22 states have call predecessors, (31), 20 states have call successors, (31) [2024-10-12 19:43:00,905 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 137 states to 137 states and 182 transitions. [2024-10-12 19:43:00,905 INFO L78 Accepts]: Start accepts. Automaton has 137 states and 182 transitions. Word has length 32 [2024-10-12 19:43:00,905 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:00,905 INFO L471 AbstractCegarLoop]: Abstraction has 137 states and 182 transitions. [2024-10-12 19:43:00,906 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 6.0) internal successors, (24), 3 states have internal predecessors, (24), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:00,906 INFO L276 IsEmpty]: Start isEmpty. Operand 137 states and 182 transitions. [2024-10-12 19:43:00,907 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-10-12 19:43:00,907 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:00,907 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:00,907 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-12 19:43:00,907 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:00,908 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:00,908 INFO L85 PathProgramCache]: Analyzing trace with hash 485214160, now seen corresponding path program 1 times [2024-10-12 19:43:00,908 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:00,908 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [143409530] [2024-10-12 19:43:00,908 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:00,908 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:00,926 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,968 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:00,969 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,972 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:00,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:00,983 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:43:00,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,000 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-12 19:43:01,002 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,003 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:01,003 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:01,003 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [143409530] [2024-10-12 19:43:01,003 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [143409530] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:01,003 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:01,004 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:43:01,004 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [577957545] [2024-10-12 19:43:01,004 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:01,004 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:43:01,004 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:01,005 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:43:01,005 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:43:01,005 INFO L87 Difference]: Start difference. First operand 137 states and 182 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:43:01,157 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:01,157 INFO L93 Difference]: Finished difference Result 276 states and 372 transitions. [2024-10-12 19:43:01,157 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-12 19:43:01,158 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2024-10-12 19:43:01,158 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:01,159 INFO L225 Difference]: With dead ends: 276 [2024-10-12 19:43:01,159 INFO L226 Difference]: Without dead ends: 141 [2024-10-12 19:43:01,160 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:01,161 INFO L432 NwaCegarLoop]: 73 mSDtfsCounter, 53 mSDsluCounter, 159 mSDsCounter, 0 mSdLazyCounter, 140 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 232 SdHoareTripleChecker+Invalid, 155 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 140 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:01,161 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [57 Valid, 232 Invalid, 155 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:43:01,162 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 141 states. [2024-10-12 19:43:01,172 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 141 to 139. [2024-10-12 19:43:01,173 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 139 states, 98 states have (on average 1.3571428571428572) internal successors, (133), 106 states have internal predecessors, (133), 20 states have call successors, (20), 15 states have call predecessors, (20), 20 states have return successors, (31), 22 states have call predecessors, (31), 20 states have call successors, (31) [2024-10-12 19:43:01,173 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 139 states to 139 states and 184 transitions. [2024-10-12 19:43:01,174 INFO L78 Accepts]: Start accepts. Automaton has 139 states and 184 transitions. Word has length 43 [2024-10-12 19:43:01,174 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:01,174 INFO L471 AbstractCegarLoop]: Abstraction has 139 states and 184 transitions. [2024-10-12 19:43:01,174 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:43:01,174 INFO L276 IsEmpty]: Start isEmpty. Operand 139 states and 184 transitions. [2024-10-12 19:43:01,175 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-10-12 19:43:01,175 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:01,175 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:01,175 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-12 19:43:01,175 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:01,176 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:01,176 INFO L85 PathProgramCache]: Analyzing trace with hash -1103133742, now seen corresponding path program 1 times [2024-10-12 19:43:01,176 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:01,176 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1769940347] [2024-10-12 19:43:01,176 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:01,176 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:01,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,209 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:01,209 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,215 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:01,217 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,230 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:43:01,234 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,261 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-12 19:43:01,262 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,266 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:01,266 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:01,266 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1769940347] [2024-10-12 19:43:01,266 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1769940347] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:01,266 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:01,266 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:43:01,266 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [603347154] [2024-10-12 19:43:01,267 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:01,267 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:43:01,267 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:01,268 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:43:01,268 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:43:01,268 INFO L87 Difference]: Start difference. First operand 139 states and 184 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:43:01,388 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:01,388 INFO L93 Difference]: Finished difference Result 280 states and 382 transitions. [2024-10-12 19:43:01,388 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-12 19:43:01,389 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2024-10-12 19:43:01,389 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:01,390 INFO L225 Difference]: With dead ends: 280 [2024-10-12 19:43:01,390 INFO L226 Difference]: Without dead ends: 143 [2024-10-12 19:43:01,391 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:01,391 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 53 mSDsluCounter, 157 mSDsCounter, 0 mSdLazyCounter, 143 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 229 SdHoareTripleChecker+Invalid, 158 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 143 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:01,392 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [57 Valid, 229 Invalid, 158 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 143 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:43:01,392 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 143 states. [2024-10-12 19:43:01,402 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 143 to 141. [2024-10-12 19:43:01,403 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 141 states, 100 states have (on average 1.35) internal successors, (135), 108 states have internal predecessors, (135), 20 states have call successors, (20), 15 states have call predecessors, (20), 20 states have return successors, (31), 22 states have call predecessors, (31), 20 states have call successors, (31) [2024-10-12 19:43:01,403 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 141 states to 141 states and 186 transitions. [2024-10-12 19:43:01,404 INFO L78 Accepts]: Start accepts. Automaton has 141 states and 186 transitions. Word has length 43 [2024-10-12 19:43:01,404 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:01,404 INFO L471 AbstractCegarLoop]: Abstraction has 141 states and 186 transitions. [2024-10-12 19:43:01,404 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:43:01,404 INFO L276 IsEmpty]: Start isEmpty. Operand 141 states and 186 transitions. [2024-10-12 19:43:01,405 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-10-12 19:43:01,405 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:01,405 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:01,406 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-12 19:43:01,406 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:01,406 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:01,406 INFO L85 PathProgramCache]: Analyzing trace with hash 1502889812, now seen corresponding path program 1 times [2024-10-12 19:43:01,406 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:01,406 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [3033898] [2024-10-12 19:43:01,407 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:01,407 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:01,414 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,444 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:01,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,449 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:01,451 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,460 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:43:01,462 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,471 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-10-12 19:43:01,473 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,474 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:01,474 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:01,474 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [3033898] [2024-10-12 19:43:01,474 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [3033898] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:01,474 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:01,474 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:43:01,475 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [985485212] [2024-10-12 19:43:01,475 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:01,475 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:43:01,475 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:01,476 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:43:01,476 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:43:01,476 INFO L87 Difference]: Start difference. First operand 141 states and 186 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:43:01,669 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:01,670 INFO L93 Difference]: Finished difference Result 412 states and 561 transitions. [2024-10-12 19:43:01,670 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-12 19:43:01,670 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 43 [2024-10-12 19:43:01,670 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:01,672 INFO L225 Difference]: With dead ends: 412 [2024-10-12 19:43:01,672 INFO L226 Difference]: Without dead ends: 273 [2024-10-12 19:43:01,673 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 12 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:01,673 INFO L432 NwaCegarLoop]: 110 mSDtfsCounter, 206 mSDsluCounter, 130 mSDsCounter, 0 mSdLazyCounter, 195 mSolverCounterSat, 65 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 213 SdHoareTripleChecker+Valid, 240 SdHoareTripleChecker+Invalid, 260 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 65 IncrementalHoareTripleChecker+Valid, 195 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:01,674 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [213 Valid, 240 Invalid, 260 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [65 Valid, 195 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:43:01,678 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 273 states. [2024-10-12 19:43:01,739 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 273 to 265. [2024-10-12 19:43:01,744 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 265 states, 188 states have (on average 1.303191489361702) internal successors, (245), 200 states have internal predecessors, (245), 40 states have call successors, (40), 33 states have call predecessors, (40), 36 states have return successors, (66), 41 states have call predecessors, (66), 40 states have call successors, (66) [2024-10-12 19:43:01,745 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 265 states to 265 states and 351 transitions. [2024-10-12 19:43:01,745 INFO L78 Accepts]: Start accepts. Automaton has 265 states and 351 transitions. Word has length 43 [2024-10-12 19:43:01,745 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:01,745 INFO L471 AbstractCegarLoop]: Abstraction has 265 states and 351 transitions. [2024-10-12 19:43:01,746 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 4 states have internal predecessors, (33), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:43:01,746 INFO L276 IsEmpty]: Start isEmpty. Operand 265 states and 351 transitions. [2024-10-12 19:43:01,747 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-10-12 19:43:01,747 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:01,747 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:01,747 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-12 19:43:01,747 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:01,747 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:01,747 INFO L85 PathProgramCache]: Analyzing trace with hash 1138177469, now seen corresponding path program 1 times [2024-10-12 19:43:01,747 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:01,747 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [441910458] [2024-10-12 19:43:01,748 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:01,748 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:01,763 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,858 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:01,859 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,872 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:01,874 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,884 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:43:01,887 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,897 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:43:01,898 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,899 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-10-12 19:43:01,904 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:01,920 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-12 19:43:01,920 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:01,924 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [441910458] [2024-10-12 19:43:01,924 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [441910458] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:01,924 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:01,924 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-12 19:43:01,925 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1221104445] [2024-10-12 19:43:01,925 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:01,925 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-12 19:43:01,925 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:01,925 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-12 19:43:01,925 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:01,926 INFO L87 Difference]: Start difference. First operand 265 states and 351 transitions. Second operand has 7 states, 6 states have (on average 5.833333333333333) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-12 19:43:02,290 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:02,294 INFO L93 Difference]: Finished difference Result 526 states and 703 transitions. [2024-10-12 19:43:02,295 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-12 19:43:02,295 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 5.833333333333333) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 46 [2024-10-12 19:43:02,295 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:02,297 INFO L225 Difference]: With dead ends: 526 [2024-10-12 19:43:02,300 INFO L226 Difference]: Without dead ends: 263 [2024-10-12 19:43:02,301 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 26 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-10-12 19:43:02,302 INFO L432 NwaCegarLoop]: 60 mSDtfsCounter, 109 mSDsluCounter, 234 mSDsCounter, 0 mSdLazyCounter, 254 mSolverCounterSat, 36 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 115 SdHoareTripleChecker+Valid, 294 SdHoareTripleChecker+Invalid, 290 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 36 IncrementalHoareTripleChecker+Valid, 254 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:02,302 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [115 Valid, 294 Invalid, 290 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [36 Valid, 254 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-12 19:43:02,303 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 263 states. [2024-10-12 19:43:02,333 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 263 to 261. [2024-10-12 19:43:02,338 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 261 states, 184 states have (on average 1.266304347826087) internal successors, (233), 196 states have internal predecessors, (233), 40 states have call successors, (40), 33 states have call predecessors, (40), 36 states have return successors, (66), 41 states have call predecessors, (66), 40 states have call successors, (66) [2024-10-12 19:43:02,340 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 261 states to 261 states and 339 transitions. [2024-10-12 19:43:02,340 INFO L78 Accepts]: Start accepts. Automaton has 261 states and 339 transitions. Word has length 46 [2024-10-12 19:43:02,340 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:02,341 INFO L471 AbstractCegarLoop]: Abstraction has 261 states and 339 transitions. [2024-10-12 19:43:02,341 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 5.833333333333333) internal successors, (35), 5 states have internal predecessors, (35), 2 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-12 19:43:02,341 INFO L276 IsEmpty]: Start isEmpty. Operand 261 states and 339 transitions. [2024-10-12 19:43:02,342 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-10-12 19:43:02,342 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:02,342 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:02,342 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-12 19:43:02,346 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:02,347 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:02,347 INFO L85 PathProgramCache]: Analyzing trace with hash -1104519698, now seen corresponding path program 1 times [2024-10-12 19:43:02,347 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:02,347 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1161430858] [2024-10-12 19:43:02,347 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:02,347 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:02,359 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:02,442 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:43:02,444 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:02,448 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:43:02,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:02,455 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-12 19:43:02,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:02,472 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:43:02,474 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:02,479 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-10-12 19:43:02,480 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:02,481 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:02,481 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:02,481 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1161430858] [2024-10-12 19:43:02,481 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1161430858] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:02,481 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:02,482 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-12 19:43:02,482 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2080883166] [2024-10-12 19:43:02,482 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:02,483 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-12 19:43:02,483 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:02,483 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-12 19:43:02,483 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-12 19:43:02,484 INFO L87 Difference]: Start difference. First operand 261 states and 339 transitions. Second operand has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 7 states have internal predecessors, (35), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-12 19:43:03,045 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:03,045 INFO L93 Difference]: Finished difference Result 681 states and 940 transitions. [2024-10-12 19:43:03,046 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-10-12 19:43:03,046 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 7 states have internal predecessors, (35), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) Word has length 47 [2024-10-12 19:43:03,046 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:03,049 INFO L225 Difference]: With dead ends: 681 [2024-10-12 19:43:03,049 INFO L226 Difference]: Without dead ends: 471 [2024-10-12 19:43:03,050 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 85 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=125, Invalid=337, Unknown=0, NotChecked=0, Total=462 [2024-10-12 19:43:03,051 INFO L432 NwaCegarLoop]: 69 mSDtfsCounter, 541 mSDsluCounter, 212 mSDsCounter, 0 mSdLazyCounter, 481 mSolverCounterSat, 241 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 546 SdHoareTripleChecker+Valid, 281 SdHoareTripleChecker+Invalid, 722 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 241 IncrementalHoareTripleChecker+Valid, 481 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:03,051 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [546 Valid, 281 Invalid, 722 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [241 Valid, 481 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-10-12 19:43:03,054 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 471 states. [2024-10-12 19:43:03,093 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 471 to 405. [2024-10-12 19:43:03,094 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 405 states, 285 states have (on average 1.256140350877193) internal successors, (358), 307 states have internal predecessors, (358), 62 states have call successors, (62), 47 states have call predecessors, (62), 57 states have return successors, (104), 62 states have call predecessors, (104), 62 states have call successors, (104) [2024-10-12 19:43:03,097 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 405 states to 405 states and 524 transitions. [2024-10-12 19:43:03,098 INFO L78 Accepts]: Start accepts. Automaton has 405 states and 524 transitions. Word has length 47 [2024-10-12 19:43:03,098 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:03,098 INFO L471 AbstractCegarLoop]: Abstraction has 405 states and 524 transitions. [2024-10-12 19:43:03,098 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.888888888888889) internal successors, (35), 7 states have internal predecessors, (35), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-12 19:43:03,098 INFO L276 IsEmpty]: Start isEmpty. Operand 405 states and 524 transitions. [2024-10-12 19:43:03,100 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2024-10-12 19:43:03,100 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:03,101 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:03,101 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-12 19:43:03,101 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:03,101 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:03,101 INFO L85 PathProgramCache]: Analyzing trace with hash -1327993652, now seen corresponding path program 1 times [2024-10-12 19:43:03,102 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:03,102 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [506730657] [2024-10-12 19:43:03,102 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:03,102 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:03,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,200 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:43:03,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,210 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-12 19:43:03,213 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,224 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-12 19:43:03,225 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,231 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:43:03,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,237 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:43:03,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,243 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2024-10-12 19:43:03,244 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,252 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2024-10-12 19:43:03,254 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,256 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:43:03,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,258 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:43:03,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,259 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2024-10-12 19:43:03,259 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,260 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 13 proven. 10 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-10-12 19:43:03,260 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:03,261 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [506730657] [2024-10-12 19:43:03,261 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [506730657] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-12 19:43:03,261 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [962581122] [2024-10-12 19:43:03,261 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:03,261 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-12 19:43:03,261 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:43:03,263 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-12 19:43:03,269 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-12 19:43:03,336 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,339 INFO L255 TraceCheckSpWp]: Trace formula consists of 309 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-12 19:43:03,343 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-12 19:43:03,496 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 22 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:43:03,499 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-12 19:43:03,759 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 15 proven. 8 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-10-12 19:43:03,762 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [962581122] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-12 19:43:03,762 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-12 19:43:03,762 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-12 19:43:03,763 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [746857837] [2024-10-12 19:43:03,763 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-12 19:43:03,763 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-12 19:43:03,763 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:03,764 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-12 19:43:03,764 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-12 19:43:03,764 INFO L87 Difference]: Start difference. First operand 405 states and 524 transitions. Second operand has 15 states, 11 states have (on average 9.272727272727273) internal successors, (102), 10 states have internal predecessors, (102), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) [2024-10-12 19:43:05,161 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:05,161 INFO L93 Difference]: Finished difference Result 837 states and 1108 transitions. [2024-10-12 19:43:05,161 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-12 19:43:05,161 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 11 states have (on average 9.272727272727273) internal successors, (102), 10 states have internal predecessors, (102), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) Word has length 87 [2024-10-12 19:43:05,162 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:05,162 INFO L225 Difference]: With dead ends: 837 [2024-10-12 19:43:05,162 INFO L226 Difference]: Without dead ends: 0 [2024-10-12 19:43:05,164 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 240 GetRequests, 199 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 338 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=345, Invalid=1137, Unknown=0, NotChecked=0, Total=1482 [2024-10-12 19:43:05,165 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 308 mSDsluCounter, 677 mSDsCounter, 0 mSdLazyCounter, 1223 mSolverCounterSat, 126 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 312 SdHoareTripleChecker+Valid, 783 SdHoareTripleChecker+Invalid, 1349 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 126 IncrementalHoareTripleChecker+Valid, 1223 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:05,165 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [312 Valid, 783 Invalid, 1349 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [126 Valid, 1223 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2024-10-12 19:43:05,165 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-12 19:43:05,168 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-12 19:43:05,168 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-12 19:43:05,168 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-12 19:43:05,168 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 87 [2024-10-12 19:43:05,170 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:05,170 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-12 19:43:05,170 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 11 states have (on average 9.272727272727273) internal successors, (102), 10 states have internal predecessors, (102), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) [2024-10-12 19:43:05,170 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-12 19:43:05,171 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-12 19:43:05,173 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-12 19:43:05,204 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-12 19:43:05,377 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-12 19:43:05,379 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:05,382 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-12 19:43:08,218 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-12 19:43:08,232 WARN L155 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= 1 ~systemActive~0) (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|)) Eliminated clause: (and (<= 1 ~pumpRunning~0) (= 1 ~systemActive~0) (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) [2024-10-12 19:43:08,252 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-12 19:43:08,263 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-12 19:43:08,269 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-12 19:43:08,276 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-12 19:43:08,285 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 12.10 07:43:08 BoogieIcfgContainer [2024-10-12 19:43:08,285 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-12 19:43:08,286 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-12 19:43:08,286 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-12 19:43:08,286 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-12 19:43:08,286 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:42:59" (3/4) ... [2024-10-12 19:43:08,288 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-12 19:43:08,291 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-12 19:43:08,291 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-12 19:43:08,291 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-12 19:43:08,291 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-12 19:43:08,291 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-12 19:43:08,291 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:43:08,291 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-12 19:43:08,291 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-10-12 19:43:08,292 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-12 19:43:08,298 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 38 nodes and edges [2024-10-12 19:43:08,299 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-12 19:43:08,299 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-12 19:43:08,299 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:43:08,299 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:43:08,405 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-12 19:43:08,406 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-12 19:43:08,406 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-12 19:43:08,406 INFO L158 Benchmark]: Toolchain (without parser) took 9634.34ms. Allocated memory was 182.5MB in the beginning and 262.1MB in the end (delta: 79.7MB). Free memory was 111.3MB in the beginning and 182.4MB in the end (delta: -71.0MB). Peak memory consumption was 10.1MB. Max. memory is 16.1GB. [2024-10-12 19:43:08,406 INFO L158 Benchmark]: CDTParser took 0.13ms. Allocated memory is still 113.2MB. Free memory is still 76.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-12 19:43:08,407 INFO L158 Benchmark]: CACSL2BoogieTranslator took 428.33ms. Allocated memory is still 182.5MB. Free memory was 111.3MB in the beginning and 89.9MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-12 19:43:08,407 INFO L158 Benchmark]: Boogie Procedure Inliner took 56.96ms. Allocated memory is still 182.5MB. Free memory was 89.6MB in the beginning and 87.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:43:08,407 INFO L158 Benchmark]: Boogie Preprocessor took 32.91ms. Allocated memory is still 182.5MB. Free memory was 87.5MB in the beginning and 84.7MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:43:08,407 INFO L158 Benchmark]: RCFGBuilder took 542.77ms. Allocated memory is still 182.5MB. Free memory was 84.7MB in the beginning and 58.6MB in the end (delta: 26.2MB). Peak memory consumption was 27.3MB. Max. memory is 16.1GB. [2024-10-12 19:43:08,408 INFO L158 Benchmark]: TraceAbstraction took 8445.44ms. Allocated memory was 182.5MB in the beginning and 262.1MB in the end (delta: 79.7MB). Free memory was 57.8MB in the beginning and 190.7MB in the end (delta: -132.9MB). Peak memory consumption was 65.6MB. Max. memory is 16.1GB. [2024-10-12 19:43:08,408 INFO L158 Benchmark]: Witness Printer took 119.96ms. Allocated memory is still 262.1MB. Free memory was 190.7MB in the beginning and 182.4MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-12 19:43:08,409 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13ms. Allocated memory is still 113.2MB. Free memory is still 76.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 428.33ms. Allocated memory is still 182.5MB. Free memory was 111.3MB in the beginning and 89.9MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 56.96ms. Allocated memory is still 182.5MB. Free memory was 89.6MB in the beginning and 87.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 32.91ms. Allocated memory is still 182.5MB. Free memory was 87.5MB in the beginning and 84.7MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 542.77ms. Allocated memory is still 182.5MB. Free memory was 84.7MB in the beginning and 58.6MB in the end (delta: 26.2MB). Peak memory consumption was 27.3MB. Max. memory is 16.1GB. * TraceAbstraction took 8445.44ms. Allocated memory was 182.5MB in the beginning and 262.1MB in the end (delta: 79.7MB). Free memory was 57.8MB in the beginning and 190.7MB in the end (delta: -132.9MB). Peak memory consumption was 65.6MB. Max. memory is 16.1GB. * Witness Printer took 119.96ms. Allocated memory is still 262.1MB. Free memory was 190.7MB in the beginning and 182.4MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] - GenericResultAtLocation [Line: 101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [101] - GenericResultAtLocation [Line: 211]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [211] - GenericResultAtLocation [Line: 220]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [220] - GenericResultAtLocation [Line: 323]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [323] - GenericResultAtLocation [Line: 560]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [560] - GenericResultAtLocation [Line: 627]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [627] - GenericResultAtLocation [Line: 662]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [662] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 216]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 82 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1544 SdHoareTripleChecker+Valid, 2.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1505 mSDsluCounter, 2534 SdHoareTripleChecker+Invalid, 1.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1720 mSDsCounter, 542 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2593 IncrementalHoareTripleChecker+Invalid, 3135 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 542 mSolverCounterUnsat, 814 mSDtfsCounter, 2593 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 381 GetRequests, 287 SyntacticMatches, 5 SemanticMatches, 89 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 444 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=405occurred in iteration=9, InterpolantAutomatonStates: 86, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 86 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 499 NumberOfCodeBlocks, 499 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 574 ConstructedInterpolants, 0 QuantifiedInterpolants, 1126 SizeOfPredicates, 2 NumberOfNonLiveVariables, 309 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 84/111 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 571]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 570]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 233]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 450]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) Ensures: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) - ProcedureContractResult [Line: 357]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 135]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 330]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) - ProcedureContractResult [Line: 223]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 365]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 123]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) - ProcedureContractResult [Line: 391]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) - ProcedureContractResult [Line: 469]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) RESULT: Ultimate proved your program to be correct! [2024-10-12 19:43:08,432 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE