./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product64.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 61a67961 Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product64.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 59d05b45c2855b02eb92cf6428285b3e4820a09d46d6a6d0a0748347de3adbb6 --- Real Ultimate output --- This is Ultimate 0.2.5-wip.fs.cvc5-61a6796-m [2024-10-14 03:08:36,070 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-14 03:08:36,156 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-14 03:08:36,162 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-14 03:08:36,162 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-14 03:08:36,192 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-14 03:08:36,193 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-14 03:08:36,194 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-14 03:08:36,195 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-14 03:08:36,196 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-14 03:08:36,196 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-14 03:08:36,197 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-14 03:08:36,197 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-14 03:08:36,198 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-14 03:08:36,200 INFO L153 SettingsManager]: * Use SBE=true [2024-10-14 03:08:36,200 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-14 03:08:36,201 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-14 03:08:36,201 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-14 03:08:36,201 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-14 03:08:36,201 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-14 03:08:36,202 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-14 03:08:36,206 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-14 03:08:36,206 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-14 03:08:36,206 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-14 03:08:36,207 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-14 03:08:36,207 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-14 03:08:36,207 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-14 03:08:36,207 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-14 03:08:36,208 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-14 03:08:36,208 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-14 03:08:36,209 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-14 03:08:36,209 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-14 03:08:36,209 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-14 03:08:36,210 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-14 03:08:36,210 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-14 03:08:36,211 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-14 03:08:36,211 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-14 03:08:36,211 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-14 03:08:36,211 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-14 03:08:36,211 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-14 03:08:36,219 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-14 03:08:36,220 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-14 03:08:36,220 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 59d05b45c2855b02eb92cf6428285b3e4820a09d46d6a6d0a0748347de3adbb6 [2024-10-14 03:08:36,510 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-14 03:08:36,546 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-14 03:08:36,550 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-14 03:08:36,551 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-14 03:08:36,552 INFO L274 PluginConnector]: CDTParser initialized [2024-10-14 03:08:36,553 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product64.cil.c [2024-10-14 03:08:38,066 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-14 03:08:38,335 INFO L384 CDTParser]: Found 1 translation units. [2024-10-14 03:08:38,336 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product64.cil.c [2024-10-14 03:08:38,348 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/bcd36ee80/39eeafe95cbd48119499f6e6cc7bf1fa/FLAG3c328840c [2024-10-14 03:08:38,655 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/bcd36ee80/39eeafe95cbd48119499f6e6cc7bf1fa [2024-10-14 03:08:38,657 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-14 03:08:38,659 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-14 03:08:38,662 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-14 03:08:38,662 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-14 03:08:38,668 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-14 03:08:38,669 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.10 03:08:38" (1/1) ... [2024-10-14 03:08:38,670 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@466307f2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:38, skipping insertion in model container [2024-10-14 03:08:38,672 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.10 03:08:38" (1/1) ... [2024-10-14 03:08:38,722 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-14 03:08:39,007 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product64.cil.c[6823,6836] [2024-10-14 03:08:39,116 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-14 03:08:39,133 INFO L200 MainTranslator]: Completed pre-run [2024-10-14 03:08:39,143 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] [2024-10-14 03:08:39,145 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [87] [2024-10-14 03:08:39,145 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [363] [2024-10-14 03:08:39,145 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [435] [2024-10-14 03:08:39,146 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [444] [2024-10-14 03:08:39,146 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [483] [2024-10-14 03:08:39,146 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [587] [2024-10-14 03:08:39,146 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [684] [2024-10-14 03:08:39,170 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product64.cil.c[6823,6836] [2024-10-14 03:08:39,208 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-14 03:08:39,236 INFO L204 MainTranslator]: Completed translation [2024-10-14 03:08:39,237 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39 WrapperNode [2024-10-14 03:08:39,237 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-14 03:08:39,238 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-14 03:08:39,239 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-14 03:08:39,239 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-14 03:08:39,246 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,260 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,284 INFO L138 Inliner]: procedures = 60, calls = 108, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 231 [2024-10-14 03:08:39,285 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-14 03:08:39,285 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-14 03:08:39,286 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-14 03:08:39,286 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-14 03:08:39,298 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,298 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,302 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,320 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-14 03:08:39,321 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,321 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,327 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,332 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,334 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,335 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,342 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-14 03:08:39,343 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-14 03:08:39,343 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-14 03:08:39,343 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-14 03:08:39,344 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (1/1) ... [2024-10-14 03:08:39,352 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-14 03:08:39,362 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-14 03:08:39,376 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-14 03:08:39,379 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-14 03:08:39,423 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-14 03:08:39,423 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-14 03:08:39,423 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-14 03:08:39,423 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-14 03:08:39,423 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-14 03:08:39,424 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-10-14 03:08:39,424 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-10-14 03:08:39,424 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-14 03:08:39,424 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-14 03:08:39,424 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-14 03:08:39,424 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-14 03:08:39,425 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-14 03:08:39,425 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-14 03:08:39,425 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-10-14 03:08:39,425 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-10-14 03:08:39,425 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-10-14 03:08:39,425 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-10-14 03:08:39,426 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-14 03:08:39,426 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-14 03:08:39,426 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-14 03:08:39,426 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-14 03:08:39,426 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-14 03:08:39,426 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-14 03:08:39,427 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-14 03:08:39,502 INFO L238 CfgBuilder]: Building ICFG [2024-10-14 03:08:39,504 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-14 03:08:39,861 INFO L? ?]: Removed 50 outVars from TransFormulas that were not future-live. [2024-10-14 03:08:39,861 INFO L287 CfgBuilder]: Performing block encoding [2024-10-14 03:08:39,944 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-14 03:08:39,946 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-14 03:08:39,947 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.10 03:08:39 BoogieIcfgContainer [2024-10-14 03:08:39,947 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-14 03:08:39,953 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-14 03:08:39,954 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-14 03:08:39,958 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-14 03:08:39,958 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.10 03:08:38" (1/3) ... [2024-10-14 03:08:39,959 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@d32d86c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.10 03:08:39, skipping insertion in model container [2024-10-14 03:08:39,959 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:08:39" (2/3) ... [2024-10-14 03:08:39,959 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@d32d86c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.10 03:08:39, skipping insertion in model container [2024-10-14 03:08:39,959 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.10 03:08:39" (3/3) ... [2024-10-14 03:08:39,961 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product64.cil.c [2024-10-14 03:08:39,980 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-14 03:08:39,980 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-14 03:08:40,057 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-14 03:08:40,067 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@1c5f4d84, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-14 03:08:40,067 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-14 03:08:40,073 INFO L276 IsEmpty]: Start isEmpty. Operand has 92 states, 61 states have (on average 1.5081967213114753) internal successors, (92), 72 states have internal predecessors, (92), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) [2024-10-14 03:08:40,084 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2024-10-14 03:08:40,084 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:40,085 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:40,086 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:40,092 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:40,093 INFO L85 PathProgramCache]: Analyzing trace with hash -835084061, now seen corresponding path program 1 times [2024-10-14 03:08:40,102 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:40,102 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2055034440] [2024-10-14 03:08:40,103 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:40,103 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:40,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:40,264 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 9 [2024-10-14 03:08:40,267 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:40,271 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-14 03:08:40,272 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:40,272 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2055034440] [2024-10-14 03:08:40,273 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2055034440] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:40,273 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:08:40,273 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-14 03:08:40,275 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [119884610] [2024-10-14 03:08:40,276 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:40,280 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-14 03:08:40,280 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:40,304 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-14 03:08:40,305 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-14 03:08:40,307 INFO L87 Difference]: Start difference. First operand has 92 states, 61 states have (on average 1.5081967213114753) internal successors, (92), 72 states have internal predecessors, (92), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-14 03:08:40,412 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:40,415 INFO L93 Difference]: Finished difference Result 182 states and 261 transitions. [2024-10-14 03:08:40,417 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-14 03:08:40,418 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2024-10-14 03:08:40,419 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:40,443 INFO L225 Difference]: With dead ends: 182 [2024-10-14 03:08:40,444 INFO L226 Difference]: Without dead ends: 87 [2024-10-14 03:08:40,449 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-14 03:08:40,452 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:40,454 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 108 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-14 03:08:40,472 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2024-10-14 03:08:40,493 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 87. [2024-10-14 03:08:40,494 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 58 states have (on average 1.4137931034482758) internal successors, (82), 68 states have internal predecessors, (82), 19 states have call successors, (19), 10 states have call predecessors, (19), 9 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-10-14 03:08:40,497 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 119 transitions. [2024-10-14 03:08:40,499 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 119 transitions. Word has length 17 [2024-10-14 03:08:40,499 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:40,500 INFO L471 AbstractCegarLoop]: Abstraction has 87 states and 119 transitions. [2024-10-14 03:08:40,500 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-14 03:08:40,500 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 119 transitions. [2024-10-14 03:08:40,502 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2024-10-14 03:08:40,502 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:40,502 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:40,502 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-14 03:08:40,503 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:40,503 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:40,504 INFO L85 PathProgramCache]: Analyzing trace with hash 1922833525, now seen corresponding path program 1 times [2024-10-14 03:08:40,504 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:40,504 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1314499218] [2024-10-14 03:08:40,504 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:40,504 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:40,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:40,636 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-14 03:08:40,638 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:40,642 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-14 03:08:40,645 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:40,646 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1314499218] [2024-10-14 03:08:40,646 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1314499218] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:40,646 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:08:40,646 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-14 03:08:40,646 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [965227336] [2024-10-14 03:08:40,646 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:40,648 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-14 03:08:40,648 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:40,650 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-14 03:08:40,650 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:08:40,651 INFO L87 Difference]: Start difference. First operand 87 states and 119 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-14 03:08:40,707 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:40,707 INFO L93 Difference]: Finished difference Result 144 states and 196 transitions. [2024-10-14 03:08:40,709 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-14 03:08:40,710 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2024-10-14 03:08:40,710 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:40,713 INFO L225 Difference]: With dead ends: 144 [2024-10-14 03:08:40,715 INFO L226 Difference]: Without dead ends: 79 [2024-10-14 03:08:40,716 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:08:40,718 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 14 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 24 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 172 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 24 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:40,719 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 172 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 24 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-14 03:08:40,720 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2024-10-14 03:08:40,737 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2024-10-14 03:08:40,738 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 53 states have (on average 1.4339622641509433) internal successors, (76), 63 states have internal predecessors, (76), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-10-14 03:08:40,739 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 108 transitions. [2024-10-14 03:08:40,741 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 108 transitions. Word has length 18 [2024-10-14 03:08:40,741 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:40,742 INFO L471 AbstractCegarLoop]: Abstraction has 79 states and 108 transitions. [2024-10-14 03:08:40,742 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-14 03:08:40,742 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 108 transitions. [2024-10-14 03:08:40,743 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2024-10-14 03:08:40,743 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:40,743 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:40,743 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-14 03:08:40,744 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:40,745 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:40,746 INFO L85 PathProgramCache]: Analyzing trace with hash 1658987680, now seen corresponding path program 1 times [2024-10-14 03:08:40,746 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:40,746 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1890206950] [2024-10-14 03:08:40,746 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:40,747 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:40,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:40,873 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-14 03:08:40,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:40,878 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-14 03:08:40,879 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:40,880 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1890206950] [2024-10-14 03:08:40,880 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1890206950] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:40,880 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:08:40,881 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-14 03:08:40,881 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1293173976] [2024-10-14 03:08:40,881 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:40,881 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-14 03:08:40,882 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:40,882 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-14 03:08:40,883 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:08:40,883 INFO L87 Difference]: Start difference. First operand 79 states and 108 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-14 03:08:40,986 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:40,986 INFO L93 Difference]: Finished difference Result 233 states and 321 transitions. [2024-10-14 03:08:40,987 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-14 03:08:40,987 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2024-10-14 03:08:40,988 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:40,990 INFO L225 Difference]: With dead ends: 233 [2024-10-14 03:08:40,990 INFO L226 Difference]: Without dead ends: 156 [2024-10-14 03:08:40,994 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:08:40,995 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 102 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 102 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:40,996 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [102 Valid, 201 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-14 03:08:40,997 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2024-10-14 03:08:41,034 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 153. [2024-10-14 03:08:41,039 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 102 states have (on average 1.4411764705882353) internal successors, (147), 121 states have internal predecessors, (147), 32 states have call successors, (32), 18 states have call predecessors, (32), 18 states have return successors, (32), 21 states have call predecessors, (32), 32 states have call successors, (32) [2024-10-14 03:08:41,041 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 211 transitions. [2024-10-14 03:08:41,044 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 211 transitions. Word has length 21 [2024-10-14 03:08:41,045 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:41,045 INFO L471 AbstractCegarLoop]: Abstraction has 153 states and 211 transitions. [2024-10-14 03:08:41,045 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-14 03:08:41,046 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 211 transitions. [2024-10-14 03:08:41,047 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-10-14 03:08:41,047 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:41,048 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:41,048 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-14 03:08:41,048 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:41,049 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:41,050 INFO L85 PathProgramCache]: Analyzing trace with hash 1945111841, now seen corresponding path program 1 times [2024-10-14 03:08:41,050 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:41,051 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [852590628] [2024-10-14 03:08:41,051 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:41,051 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:41,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:41,199 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-14 03:08:41,202 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:41,204 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-14 03:08:41,205 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:41,205 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [852590628] [2024-10-14 03:08:41,205 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [852590628] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:41,205 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:08:41,205 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-10-14 03:08:41,206 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1983836112] [2024-10-14 03:08:41,206 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:41,206 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-10-14 03:08:41,206 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:41,207 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-10-14 03:08:41,207 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-14 03:08:41,208 INFO L87 Difference]: Start difference. First operand 153 states and 211 transitions. Second operand has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-14 03:08:41,359 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:41,360 INFO L93 Difference]: Finished difference Result 396 states and 555 transitions. [2024-10-14 03:08:41,362 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-10-14 03:08:41,362 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2024-10-14 03:08:41,363 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:41,366 INFO L225 Difference]: With dead ends: 396 [2024-10-14 03:08:41,367 INFO L226 Difference]: Without dead ends: 245 [2024-10-14 03:08:41,369 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-10-14 03:08:41,370 INFO L432 NwaCegarLoop]: 91 mSDtfsCounter, 60 mSDsluCounter, 156 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 247 SdHoareTripleChecker+Invalid, 66 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:41,370 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 247 Invalid, 66 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-14 03:08:41,371 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 245 states. [2024-10-14 03:08:41,400 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 245 to 244. [2024-10-14 03:08:41,401 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 244 states, 167 states have (on average 1.3592814371257484) internal successors, (227), 186 states have internal predecessors, (227), 42 states have call successors, (42), 34 states have call predecessors, (42), 34 states have return successors, (54), 37 states have call predecessors, (54), 42 states have call successors, (54) [2024-10-14 03:08:41,403 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 244 states to 244 states and 323 transitions. [2024-10-14 03:08:41,404 INFO L78 Accepts]: Start accepts. Automaton has 244 states and 323 transitions. Word has length 24 [2024-10-14 03:08:41,404 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:41,404 INFO L471 AbstractCegarLoop]: Abstraction has 244 states and 323 transitions. [2024-10-14 03:08:41,405 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-14 03:08:41,405 INFO L276 IsEmpty]: Start isEmpty. Operand 244 states and 323 transitions. [2024-10-14 03:08:41,406 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2024-10-14 03:08:41,407 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:41,407 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:41,407 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-14 03:08:41,407 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:41,408 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:41,408 INFO L85 PathProgramCache]: Analyzing trace with hash 2086422242, now seen corresponding path program 1 times [2024-10-14 03:08:41,408 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:41,408 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1366527560] [2024-10-14 03:08:41,408 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:41,409 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:41,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:41,491 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-14 03:08:41,499 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:41,523 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:41,530 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:41,562 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:08:41,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:41,567 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:41,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:41,571 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-10-14 03:08:41,572 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:41,575 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:08:41,576 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:41,576 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1366527560] [2024-10-14 03:08:41,576 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1366527560] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:41,577 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:08:41,577 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-14 03:08:41,578 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1146176231] [2024-10-14 03:08:41,578 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:41,578 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-14 03:08:41,578 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:41,579 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-14 03:08:41,579 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-14 03:08:41,579 INFO L87 Difference]: Start difference. First operand 244 states and 323 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-14 03:08:41,783 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:41,784 INFO L93 Difference]: Finished difference Result 538 states and 733 transitions. [2024-10-14 03:08:41,784 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-14 03:08:41,784 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 48 [2024-10-14 03:08:41,784 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:41,787 INFO L225 Difference]: With dead ends: 538 [2024-10-14 03:08:41,787 INFO L226 Difference]: Without dead ends: 296 [2024-10-14 03:08:41,792 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-14 03:08:41,793 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 60 mSDsluCounter, 159 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 231 SdHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:41,797 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 231 Invalid, 169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-14 03:08:41,799 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 296 states. [2024-10-14 03:08:41,843 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 296 to 294. [2024-10-14 03:08:41,844 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 294 states, 203 states have (on average 1.3349753694581281) internal successors, (271), 222 states have internal predecessors, (271), 46 states have call successors, (46), 34 states have call predecessors, (46), 44 states have return successors, (68), 49 states have call predecessors, (68), 46 states have call successors, (68) [2024-10-14 03:08:41,847 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 294 states to 294 states and 385 transitions. [2024-10-14 03:08:41,847 INFO L78 Accepts]: Start accepts. Automaton has 294 states and 385 transitions. Word has length 48 [2024-10-14 03:08:41,848 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:41,848 INFO L471 AbstractCegarLoop]: Abstraction has 294 states and 385 transitions. [2024-10-14 03:08:41,848 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 4 states have internal predecessors, (36), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-14 03:08:41,848 INFO L276 IsEmpty]: Start isEmpty. Operand 294 states and 385 transitions. [2024-10-14 03:08:41,850 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2024-10-14 03:08:41,850 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:41,850 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:41,850 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-14 03:08:41,850 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:41,851 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:41,851 INFO L85 PathProgramCache]: Analyzing trace with hash -285317020, now seen corresponding path program 1 times [2024-10-14 03:08:41,851 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:41,851 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [590330619] [2024-10-14 03:08:41,851 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:41,851 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:41,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:41,985 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-14 03:08:41,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,032 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:42,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,075 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:08:42,077 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,079 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:42,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,082 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-10-14 03:08:42,083 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,087 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:08:42,088 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:42,088 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [590330619] [2024-10-14 03:08:42,088 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [590330619] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:42,088 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:08:42,088 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-14 03:08:42,088 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [177798910] [2024-10-14 03:08:42,088 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:42,088 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-14 03:08:42,089 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:42,089 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-14 03:08:42,089 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-14 03:08:42,089 INFO L87 Difference]: Start difference. First operand 294 states and 385 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-14 03:08:42,403 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:42,404 INFO L93 Difference]: Finished difference Result 598 states and 803 transitions. [2024-10-14 03:08:42,404 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-10-14 03:08:42,404 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 48 [2024-10-14 03:08:42,405 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:42,407 INFO L225 Difference]: With dead ends: 598 [2024-10-14 03:08:42,407 INFO L226 Difference]: Without dead ends: 306 [2024-10-14 03:08:42,408 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-10-14 03:08:42,409 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 196 mSDsluCounter, 248 mSDsCounter, 0 mSdLazyCounter, 226 mSolverCounterSat, 63 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 205 SdHoareTripleChecker+Valid, 331 SdHoareTripleChecker+Invalid, 289 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 63 IncrementalHoareTripleChecker+Valid, 226 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:42,409 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [205 Valid, 331 Invalid, 289 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [63 Valid, 226 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-14 03:08:42,410 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2024-10-14 03:08:42,437 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 298. [2024-10-14 03:08:42,438 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 298 states, 207 states have (on average 1.328502415458937) internal successors, (275), 226 states have internal predecessors, (275), 46 states have call successors, (46), 34 states have call predecessors, (46), 44 states have return successors, (68), 49 states have call predecessors, (68), 46 states have call successors, (68) [2024-10-14 03:08:42,441 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 298 states to 298 states and 389 transitions. [2024-10-14 03:08:42,442 INFO L78 Accepts]: Start accepts. Automaton has 298 states and 389 transitions. Word has length 48 [2024-10-14 03:08:42,443 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:42,443 INFO L471 AbstractCegarLoop]: Abstraction has 298 states and 389 transitions. [2024-10-14 03:08:42,444 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-14 03:08:42,444 INFO L276 IsEmpty]: Start isEmpty. Operand 298 states and 389 transitions. [2024-10-14 03:08:42,446 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2024-10-14 03:08:42,447 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:42,447 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:42,447 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-14 03:08:42,447 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:42,448 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:42,448 INFO L85 PathProgramCache]: Analyzing trace with hash 1100886374, now seen corresponding path program 1 times [2024-10-14 03:08:42,448 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:42,448 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1047120548] [2024-10-14 03:08:42,448 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:42,448 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:42,459 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,500 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-14 03:08:42,503 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,515 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:42,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,527 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:08:42,528 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,530 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:42,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,532 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-10-14 03:08:42,533 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:42,534 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:08:42,534 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:42,534 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1047120548] [2024-10-14 03:08:42,534 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1047120548] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:42,535 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:08:42,535 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-14 03:08:42,535 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [145685000] [2024-10-14 03:08:42,535 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:42,535 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-14 03:08:42,536 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:42,536 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-14 03:08:42,536 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-14 03:08:42,536 INFO L87 Difference]: Start difference. First operand 298 states and 389 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 4 states have internal predecessors, (36), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-14 03:08:42,947 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:42,948 INFO L93 Difference]: Finished difference Result 945 states and 1323 transitions. [2024-10-14 03:08:42,948 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-14 03:08:42,948 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 4 states have internal predecessors, (36), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 48 [2024-10-14 03:08:42,948 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:42,953 INFO L225 Difference]: With dead ends: 945 [2024-10-14 03:08:42,954 INFO L226 Difference]: Without dead ends: 649 [2024-10-14 03:08:42,955 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-14 03:08:42,956 INFO L432 NwaCegarLoop]: 137 mSDtfsCounter, 222 mSDsluCounter, 189 mSDsCounter, 0 mSdLazyCounter, 291 mSolverCounterSat, 82 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 230 SdHoareTripleChecker+Valid, 326 SdHoareTripleChecker+Invalid, 373 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 82 IncrementalHoareTripleChecker+Valid, 291 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:42,957 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [230 Valid, 326 Invalid, 373 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [82 Valid, 291 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-14 03:08:42,957 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 649 states. [2024-10-14 03:08:43,007 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 649 to 641. [2024-10-14 03:08:43,010 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 641 states, 446 states have (on average 1.3206278026905829) internal successors, (589), 481 states have internal predecessors, (589), 104 states have call successors, (104), 87 states have call predecessors, (104), 90 states have return successors, (172), 98 states have call predecessors, (172), 104 states have call successors, (172) [2024-10-14 03:08:43,016 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 641 states to 641 states and 865 transitions. [2024-10-14 03:08:43,017 INFO L78 Accepts]: Start accepts. Automaton has 641 states and 865 transitions. Word has length 48 [2024-10-14 03:08:43,017 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:43,017 INFO L471 AbstractCegarLoop]: Abstraction has 641 states and 865 transitions. [2024-10-14 03:08:43,018 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 4 states have internal predecessors, (36), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-14 03:08:43,018 INFO L276 IsEmpty]: Start isEmpty. Operand 641 states and 865 transitions. [2024-10-14 03:08:43,019 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-10-14 03:08:43,019 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:43,020 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:43,020 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-14 03:08:43,020 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:43,023 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:43,024 INFO L85 PathProgramCache]: Analyzing trace with hash 1890484940, now seen corresponding path program 1 times [2024-10-14 03:08:43,024 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:43,024 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [779913573] [2024-10-14 03:08:43,024 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:43,024 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:43,038 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,095 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:08:43,099 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,107 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-14 03:08:43,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,117 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:43,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,124 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:08:43,127 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,128 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:43,129 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,131 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-10-14 03:08:43,133 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,135 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:08:43,136 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:43,136 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [779913573] [2024-10-14 03:08:43,136 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [779913573] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:43,136 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:08:43,136 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-14 03:08:43,137 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1305482592] [2024-10-14 03:08:43,138 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:43,138 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-14 03:08:43,138 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:43,138 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-14 03:08:43,139 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-14 03:08:43,139 INFO L87 Difference]: Start difference. First operand 641 states and 865 transitions. Second operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (7), 4 states have call predecessors, (7), 1 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-10-14 03:08:43,602 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:43,602 INFO L93 Difference]: Finished difference Result 1363 states and 1937 transitions. [2024-10-14 03:08:43,602 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-10-14 03:08:43,603 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (7), 4 states have call predecessors, (7), 1 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) Word has length 52 [2024-10-14 03:08:43,603 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:43,612 INFO L225 Difference]: With dead ends: 1363 [2024-10-14 03:08:43,612 INFO L226 Difference]: Without dead ends: 1361 [2024-10-14 03:08:43,614 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2024-10-14 03:08:43,615 INFO L432 NwaCegarLoop]: 53 mSDtfsCounter, 326 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 215 mSolverCounterSat, 174 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 331 SdHoareTripleChecker+Valid, 146 SdHoareTripleChecker+Invalid, 389 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 174 IncrementalHoareTripleChecker+Valid, 215 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:43,615 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [331 Valid, 146 Invalid, 389 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [174 Valid, 215 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-14 03:08:43,619 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1361 states. [2024-10-14 03:08:43,723 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1361 to 1270. [2024-10-14 03:08:43,726 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1270 states, 876 states have (on average 1.3139269406392695) internal successors, (1151), 956 states have internal predecessors, (1151), 222 states have call successors, (222), 155 states have call predecessors, (222), 171 states have return successors, (443), 199 states have call predecessors, (443), 222 states have call successors, (443) [2024-10-14 03:08:43,735 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1270 states to 1270 states and 1816 transitions. [2024-10-14 03:08:43,737 INFO L78 Accepts]: Start accepts. Automaton has 1270 states and 1816 transitions. Word has length 52 [2024-10-14 03:08:43,737 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:43,737 INFO L471 AbstractCegarLoop]: Abstraction has 1270 states and 1816 transitions. [2024-10-14 03:08:43,738 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (7), 4 states have call predecessors, (7), 1 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-10-14 03:08:43,738 INFO L276 IsEmpty]: Start isEmpty. Operand 1270 states and 1816 transitions. [2024-10-14 03:08:43,741 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2024-10-14 03:08:43,741 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:43,741 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:43,741 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-14 03:08:43,741 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:43,742 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:43,742 INFO L85 PathProgramCache]: Analyzing trace with hash 1432610226, now seen corresponding path program 1 times [2024-10-14 03:08:43,742 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:43,742 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [467456630] [2024-10-14 03:08:43,742 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:43,742 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:43,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,808 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:08:43,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,824 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-14 03:08:43,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,910 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-14 03:08:43,914 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:43,941 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:43,949 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,036 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:08:44,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,079 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:44,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,093 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-10-14 03:08:44,095 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,106 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2024-10-14 03:08:44,107 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,108 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 15 proven. 2 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-14 03:08:44,108 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:44,108 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [467456630] [2024-10-14 03:08:44,108 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [467456630] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-14 03:08:44,108 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1689694915] [2024-10-14 03:08:44,108 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:44,108 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-14 03:08:44,109 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-14 03:08:44,112 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-14 03:08:44,114 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-14 03:08:44,204 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,209 INFO L255 TraceCheckSpWp]: Trace formula consists of 289 conjuncts, 3 conjuncts are in the unsatisfiable core [2024-10-14 03:08:44,215 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-14 03:08:44,237 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 11 proven. 0 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2024-10-14 03:08:44,237 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-14 03:08:44,238 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1689694915] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:44,238 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-14 03:08:44,238 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [14] total 14 [2024-10-14 03:08:44,238 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1057064785] [2024-10-14 03:08:44,238 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:44,239 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-14 03:08:44,241 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:44,241 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-14 03:08:44,241 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=153, Unknown=0, NotChecked=0, Total=182 [2024-10-14 03:08:44,242 INFO L87 Difference]: Start difference. First operand 1270 states and 1816 transitions. Second operand has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 3 states have call successors, (7) [2024-10-14 03:08:44,339 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:44,339 INFO L93 Difference]: Finished difference Result 2008 states and 2861 transitions. [2024-10-14 03:08:44,340 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-14 03:08:44,340 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 3 states have call successors, (7) Word has length 78 [2024-10-14 03:08:44,340 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:44,346 INFO L225 Difference]: With dead ends: 2008 [2024-10-14 03:08:44,346 INFO L226 Difference]: Without dead ends: 740 [2024-10-14 03:08:44,351 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 106 GetRequests, 94 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 20 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=29, Invalid=153, Unknown=0, NotChecked=0, Total=182 [2024-10-14 03:08:44,353 INFO L432 NwaCegarLoop]: 115 mSDtfsCounter, 33 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 33 SdHoareTripleChecker+Valid, 207 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:44,354 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [33 Valid, 207 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-14 03:08:44,355 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 740 states. [2024-10-14 03:08:44,405 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 740 to 714. [2024-10-14 03:08:44,407 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 714 states, 496 states have (on average 1.3024193548387097) internal successors, (646), 541 states have internal predecessors, (646), 121 states have call successors, (121), 88 states have call predecessors, (121), 96 states have return successors, (228), 110 states have call predecessors, (228), 121 states have call successors, (228) [2024-10-14 03:08:44,411 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 714 states to 714 states and 995 transitions. [2024-10-14 03:08:44,413 INFO L78 Accepts]: Start accepts. Automaton has 714 states and 995 transitions. Word has length 78 [2024-10-14 03:08:44,415 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:44,415 INFO L471 AbstractCegarLoop]: Abstraction has 714 states and 995 transitions. [2024-10-14 03:08:44,415 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 18.333333333333332) internal successors, (55), 3 states have internal predecessors, (55), 3 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 2 states have call predecessors, (7), 3 states have call successors, (7) [2024-10-14 03:08:44,415 INFO L276 IsEmpty]: Start isEmpty. Operand 714 states and 995 transitions. [2024-10-14 03:08:44,417 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2024-10-14 03:08:44,417 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:44,417 INFO L215 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:44,439 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-14 03:08:44,623 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-14 03:08:44,624 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:44,625 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:44,625 INFO L85 PathProgramCache]: Analyzing trace with hash 554833018, now seen corresponding path program 1 times [2024-10-14 03:08:44,625 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:44,625 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [441742861] [2024-10-14 03:08:44,625 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:44,626 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:44,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,731 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:08:44,733 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,742 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-14 03:08:44,747 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,770 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-14 03:08:44,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,781 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:44,784 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,791 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:08:44,792 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,793 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:44,794 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,795 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-10-14 03:08:44,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,796 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-10-14 03:08:44,797 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,799 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:44,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,800 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2024-10-14 03:08:44,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,820 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:44,823 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,827 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:08:44,828 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,829 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:44,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,831 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 102 [2024-10-14 03:08:44,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,832 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 18 proven. 7 refuted. 0 times theorem prover too weak. 43 trivial. 0 not checked. [2024-10-14 03:08:44,832 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:44,832 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [441742861] [2024-10-14 03:08:44,833 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [441742861] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-14 03:08:44,833 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [952810004] [2024-10-14 03:08:44,833 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:44,833 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-14 03:08:44,833 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-14 03:08:44,835 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-14 03:08:44,839 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-10-14 03:08:44,928 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:44,930 INFO L255 TraceCheckSpWp]: Trace formula consists of 368 conjuncts, 10 conjuncts are in the unsatisfiable core [2024-10-14 03:08:44,936 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-14 03:08:45,123 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 53 proven. 6 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-10-14 03:08:45,123 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-14 03:08:45,509 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 22 proven. 3 refuted. 0 times theorem prover too weak. 43 trivial. 0 not checked. [2024-10-14 03:08:45,510 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [952810004] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-14 03:08:45,510 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-14 03:08:45,510 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 8] total 17 [2024-10-14 03:08:45,510 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1883282879] [2024-10-14 03:08:45,511 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-14 03:08:45,511 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2024-10-14 03:08:45,512 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:45,512 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2024-10-14 03:08:45,513 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=57, Invalid=215, Unknown=0, NotChecked=0, Total=272 [2024-10-14 03:08:45,513 INFO L87 Difference]: Start difference. First operand 714 states and 995 transitions. Second operand has 17 states, 16 states have (on average 8.8125) internal successors, (141), 14 states have internal predecessors, (141), 11 states have call successors, (32), 11 states have call predecessors, (32), 10 states have return successors, (31), 10 states have call predecessors, (31), 11 states have call successors, (31) [2024-10-14 03:08:46,962 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:46,962 INFO L93 Difference]: Finished difference Result 1399 states and 1995 transitions. [2024-10-14 03:08:46,962 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 41 states. [2024-10-14 03:08:46,963 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 16 states have (on average 8.8125) internal successors, (141), 14 states have internal predecessors, (141), 11 states have call successors, (32), 11 states have call predecessors, (32), 10 states have return successors, (31), 10 states have call predecessors, (31), 11 states have call successors, (31) Word has length 110 [2024-10-14 03:08:46,963 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:46,968 INFO L225 Difference]: With dead ends: 1399 [2024-10-14 03:08:46,968 INFO L226 Difference]: Without dead ends: 687 [2024-10-14 03:08:46,972 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 312 GetRequests, 255 SyntacticMatches, 5 SemanticMatches, 52 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 737 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=683, Invalid=2179, Unknown=0, NotChecked=0, Total=2862 [2024-10-14 03:08:46,973 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 734 mSDsluCounter, 591 mSDsCounter, 0 mSdLazyCounter, 1131 mSolverCounterSat, 313 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 736 SdHoareTripleChecker+Valid, 712 SdHoareTripleChecker+Invalid, 1444 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 313 IncrementalHoareTripleChecker+Valid, 1131 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:46,974 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [736 Valid, 712 Invalid, 1444 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [313 Valid, 1131 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-10-14 03:08:46,975 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 687 states. [2024-10-14 03:08:47,043 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 687 to 610. [2024-10-14 03:08:47,044 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 610 states, 424 states have (on average 1.2712264150943395) internal successors, (539), 463 states have internal predecessors, (539), 100 states have call successors, (100), 78 states have call predecessors, (100), 85 states have return successors, (142), 92 states have call predecessors, (142), 100 states have call successors, (142) [2024-10-14 03:08:47,048 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 610 states to 610 states and 781 transitions. [2024-10-14 03:08:47,049 INFO L78 Accepts]: Start accepts. Automaton has 610 states and 781 transitions. Word has length 110 [2024-10-14 03:08:47,050 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:47,050 INFO L471 AbstractCegarLoop]: Abstraction has 610 states and 781 transitions. [2024-10-14 03:08:47,050 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 16 states have (on average 8.8125) internal successors, (141), 14 states have internal predecessors, (141), 11 states have call successors, (32), 11 states have call predecessors, (32), 10 states have return successors, (31), 10 states have call predecessors, (31), 11 states have call successors, (31) [2024-10-14 03:08:47,050 INFO L276 IsEmpty]: Start isEmpty. Operand 610 states and 781 transitions. [2024-10-14 03:08:47,053 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 102 [2024-10-14 03:08:47,054 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:47,056 INFO L215 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:47,075 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-10-14 03:08:47,259 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-14 03:08:47,260 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:47,261 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:47,261 INFO L85 PathProgramCache]: Analyzing trace with hash 2109390435, now seen corresponding path program 1 times [2024-10-14 03:08:47,261 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:47,261 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [818843388] [2024-10-14 03:08:47,262 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:47,262 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:47,283 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,383 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:08:47,385 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,395 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-14 03:08:47,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,450 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-14 03:08:47,453 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,469 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:47,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,535 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:08:47,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,564 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:47,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,577 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-10-14 03:08:47,579 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,582 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-10-14 03:08:47,584 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,585 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:47,586 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,586 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2024-10-14 03:08:47,588 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,590 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:08:47,591 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,592 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:47,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,593 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 93 [2024-10-14 03:08:47,594 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,595 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 16 proven. 10 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2024-10-14 03:08:47,595 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:47,595 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [818843388] [2024-10-14 03:08:47,595 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [818843388] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-14 03:08:47,596 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [251521268] [2024-10-14 03:08:47,596 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:47,596 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-14 03:08:47,596 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-14 03:08:47,598 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-14 03:08:47,599 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-10-14 03:08:47,689 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:47,693 INFO L255 TraceCheckSpWp]: Trace formula consists of 340 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-14 03:08:47,696 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-14 03:08:47,805 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 32 proven. 8 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:08:47,805 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-14 03:08:48,020 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 18 proven. 4 refuted. 0 times theorem prover too weak. 20 trivial. 0 not checked. [2024-10-14 03:08:48,020 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [251521268] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-14 03:08:48,020 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-14 03:08:48,021 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 5, 6] total 19 [2024-10-14 03:08:48,021 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [116393602] [2024-10-14 03:08:48,021 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-14 03:08:48,022 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2024-10-14 03:08:48,022 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:48,022 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2024-10-14 03:08:48,023 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=46, Invalid=296, Unknown=0, NotChecked=0, Total=342 [2024-10-14 03:08:48,023 INFO L87 Difference]: Start difference. First operand 610 states and 781 transitions. Second operand has 19 states, 17 states have (on average 8.235294117647058) internal successors, (140), 13 states have internal predecessors, (140), 7 states have call successors, (32), 7 states have call predecessors, (32), 8 states have return successors, (31), 10 states have call predecessors, (31), 7 states have call successors, (31) [2024-10-14 03:08:51,260 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:51,260 INFO L93 Difference]: Finished difference Result 3048 states and 4126 transitions. [2024-10-14 03:08:51,260 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 97 states. [2024-10-14 03:08:51,261 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 17 states have (on average 8.235294117647058) internal successors, (140), 13 states have internal predecessors, (140), 7 states have call successors, (32), 7 states have call predecessors, (32), 8 states have return successors, (31), 10 states have call predecessors, (31), 7 states have call successors, (31) Word has length 101 [2024-10-14 03:08:51,261 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:51,275 INFO L225 Difference]: With dead ends: 3048 [2024-10-14 03:08:51,275 INFO L226 Difference]: Without dead ends: 2440 [2024-10-14 03:08:51,282 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 345 GetRequests, 238 SyntacticMatches, 2 SemanticMatches, 105 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4031 ImplicationChecksByTransitivity, 1.4s TimeCoverageRelationStatistics Valid=1527, Invalid=9815, Unknown=0, NotChecked=0, Total=11342 [2024-10-14 03:08:51,282 INFO L432 NwaCegarLoop]: 100 mSDtfsCounter, 1264 mSDsluCounter, 1048 mSDsCounter, 0 mSdLazyCounter, 2510 mSolverCounterSat, 664 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1287 SdHoareTripleChecker+Valid, 1148 SdHoareTripleChecker+Invalid, 3174 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 664 IncrementalHoareTripleChecker+Valid, 2510 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.7s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:51,283 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [1287 Valid, 1148 Invalid, 3174 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [664 Valid, 2510 Invalid, 0 Unknown, 0 Unchecked, 1.7s Time] [2024-10-14 03:08:51,286 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2440 states. [2024-10-14 03:08:51,439 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2440 to 2058. [2024-10-14 03:08:51,442 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2058 states, 1418 states have (on average 1.225669957686883) internal successors, (1738), 1545 states have internal predecessors, (1738), 333 states have call successors, (333), 273 states have call predecessors, (333), 306 states have return successors, (509), 311 states have call predecessors, (509), 333 states have call successors, (509) [2024-10-14 03:08:51,451 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2058 states to 2058 states and 2580 transitions. [2024-10-14 03:08:51,454 INFO L78 Accepts]: Start accepts. Automaton has 2058 states and 2580 transitions. Word has length 101 [2024-10-14 03:08:51,455 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:51,455 INFO L471 AbstractCegarLoop]: Abstraction has 2058 states and 2580 transitions. [2024-10-14 03:08:51,455 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 17 states have (on average 8.235294117647058) internal successors, (140), 13 states have internal predecessors, (140), 7 states have call successors, (32), 7 states have call predecessors, (32), 8 states have return successors, (31), 10 states have call predecessors, (31), 7 states have call successors, (31) [2024-10-14 03:08:51,455 INFO L276 IsEmpty]: Start isEmpty. Operand 2058 states and 2580 transitions. [2024-10-14 03:08:51,459 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 153 [2024-10-14 03:08:51,459 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:08:51,459 INFO L215 NwaCegarLoop]: trace histogram [6, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:51,499 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2024-10-14 03:08:51,691 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-14 03:08:51,692 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:08:51,692 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:08:51,692 INFO L85 PathProgramCache]: Analyzing trace with hash 871409137, now seen corresponding path program 1 times [2024-10-14 03:08:51,692 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:08:51,693 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [855273720] [2024-10-14 03:08:51,693 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:51,693 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:08:51,709 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,819 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:08:51,820 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,830 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-14 03:08:51,833 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,844 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-14 03:08:51,847 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,850 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:51,853 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,857 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:08:51,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,860 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:51,860 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,861 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-10-14 03:08:51,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,868 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2024-10-14 03:08:51,870 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,880 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-10-14 03:08:51,885 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,898 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:08:51,899 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,900 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:51,902 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,903 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-14 03:08:51,905 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,928 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:08:51,929 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,930 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:51,931 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,932 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-10-14 03:08:51,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,933 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 117 [2024-10-14 03:08:51,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,935 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:08:51,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,937 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 126 [2024-10-14 03:08:51,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,941 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:08:51,942 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,942 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:08:51,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,944 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 144 [2024-10-14 03:08:51,944 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:51,945 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 44 proven. 6 refuted. 0 times theorem prover too weak. 81 trivial. 0 not checked. [2024-10-14 03:08:51,945 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:08:51,945 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [855273720] [2024-10-14 03:08:51,945 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [855273720] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-14 03:08:51,946 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1265354668] [2024-10-14 03:08:51,946 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:08:51,946 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-14 03:08:51,946 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-14 03:08:51,948 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-14 03:08:51,949 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-10-14 03:08:52,042 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:08:52,044 INFO L255 TraceCheckSpWp]: Trace formula consists of 464 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-14 03:08:52,048 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-14 03:08:52,152 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 95 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2024-10-14 03:08:52,152 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-14 03:08:52,152 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1265354668] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:08:52,152 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-14 03:08:52,152 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [11] total 16 [2024-10-14 03:08:52,153 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2067741966] [2024-10-14 03:08:52,153 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:08:52,153 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-14 03:08:52,153 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:08:52,154 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-14 03:08:52,154 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=42, Invalid=198, Unknown=0, NotChecked=0, Total=240 [2024-10-14 03:08:52,154 INFO L87 Difference]: Start difference. First operand 2058 states and 2580 transitions. Second operand has 8 states, 6 states have (on average 14.833333333333334) internal successors, (89), 6 states have internal predecessors, (89), 3 states have call successors, (18), 3 states have call predecessors, (18), 5 states have return successors, (17), 5 states have call predecessors, (17), 3 states have call successors, (17) [2024-10-14 03:08:52,470 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:08:52,471 INFO L93 Difference]: Finished difference Result 3709 states and 4606 transitions. [2024-10-14 03:08:52,471 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-10-14 03:08:52,472 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 6 states have (on average 14.833333333333334) internal successors, (89), 6 states have internal predecessors, (89), 3 states have call successors, (18), 3 states have call predecessors, (18), 5 states have return successors, (17), 5 states have call predecessors, (17), 3 states have call successors, (17) Word has length 152 [2024-10-14 03:08:52,473 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:08:52,476 INFO L225 Difference]: With dead ends: 3709 [2024-10-14 03:08:52,476 INFO L226 Difference]: Without dead ends: 0 [2024-10-14 03:08:52,483 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 202 GetRequests, 188 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 21 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=42, Invalid=198, Unknown=0, NotChecked=0, Total=240 [2024-10-14 03:08:52,484 INFO L432 NwaCegarLoop]: 159 mSDtfsCounter, 64 mSDsluCounter, 659 mSDsCounter, 0 mSdLazyCounter, 288 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 818 SdHoareTripleChecker+Invalid, 289 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 288 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-14 03:08:52,485 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 818 Invalid, 289 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 288 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-14 03:08:52,485 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-14 03:08:52,485 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-14 03:08:52,486 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-14 03:08:52,486 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-14 03:08:52,489 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 152 [2024-10-14 03:08:52,489 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:08:52,489 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-14 03:08:52,489 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 6 states have (on average 14.833333333333334) internal successors, (89), 6 states have internal predecessors, (89), 3 states have call successors, (18), 3 states have call predecessors, (18), 5 states have return successors, (17), 5 states have call predecessors, (17), 3 states have call successors, (17) [2024-10-14 03:08:52,489 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-14 03:08:52,489 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-14 03:08:52,492 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-14 03:08:52,510 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2024-10-14 03:08:52,693 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-14 03:08:52,695 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:08:52,697 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-14 03:09:05,365 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-14 03:09:05,387 WARN L155 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1 .cse2) (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1 .cse2) (and .cse0 (= ~methaneLevelCritical~0 0) .cse1 .cse2))) [2024-10-14 03:09:05,414 WARN L155 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse0 (= |old(~methaneLevelCritical~0)| 0))) (and (or (<= 1 ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1)) (or (not .cse0) (= ~methaneLevelCritical~0 0)) (let ((.cse4 (= 0 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~methAndRunningLastTime~0 0)) (.cse5 (<= 1 |old(~methaneLevelCritical~0)|)) (.cse6 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse1 .cse2 .cse0 .cse3 .cse4) (and .cse1 .cse2 .cse5 .cse3 .cse4) (and .cse1 .cse2 .cse0 .cse6 .cse3) (and (<= 1 ~pumpRunning~0) .cse2 .cse0 .cse6 .cse3) (and .cse1 .cse2 .cse5 .cse6 .cse3))))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse0 (= |old(~methaneLevelCritical~0)| 0))) (and (or (< |old(~methaneLevelCritical~0)| 1) (< 0 ~methaneLevelCritical~0)) (or (not .cse0) (= ~methaneLevelCritical~0 0)) (let ((.cse4 (= 0 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~methAndRunningLastTime~0 0)) (.cse5 (<= 1 |old(~methaneLevelCritical~0)|)) (.cse6 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse1 .cse2 .cse0 .cse3 .cse4) (and .cse1 .cse2 .cse5 .cse3 .cse4) (and .cse1 .cse2 .cse0 .cse6 .cse3) (and (<= 1 ~pumpRunning~0) .cse2 .cse0 .cse6 .cse3) (and .cse1 .cse2 .cse5 .cse6 .cse3)))))) [2024-10-14 03:09:05,429 WARN L953 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-10-14 03:09:05,475 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse6 (= 0 ~systemActive~0)) (.cse5 (<= 1 |old(~pumpRunning~0)|)) (.cse7 (= ~methaneLevelCritical~0 0)) (.cse1 (= |old(~methAndRunningLastTime~0)| 0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |old(~pumpRunning~0)| 0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse2 .cse4 .cse5) (and .cse0 .cse3 .cse6 .cse4) (and .cse7 .cse3 .cse6 .cse4) (and .cse7 .cse2 .cse4 .cse5) (and .cse7 .cse1 .cse2 .cse3 .cse4))) (= |old(~waterLevel~0)| ~waterLevel~0) (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0)) Eliminated clause: (let ((.cse6 (<= 1 ~pumpRunning~0)) (.cse4 (= ~methAndRunningLastTime~0 0)) (.cse1 (<= 1 ~methaneLevelCritical~0)) (.cse5 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse7 (= ~methaneLevelCritical~0 0)) (.cse2 (<= ~waterLevel~0 2)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse1 .cse5 .cse2) (and .cse6 .cse7 .cse5 .cse2) (and .cse0 .cse4 .cse7 .cse5 .cse2) (and .cse6 .cse4 .cse1 .cse5 .cse2) (and .cse0 .cse7 .cse2 .cse3))) [2024-10-14 03:09:05,496 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= ~methAndRunningLastTime~0 0)) (.cse2 (= |old(~pumpRunning~0)| 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse1 .cse2 .cse3) (and .cse4 (<= ~waterLevel~0 1) .cse1 (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~methaneLevelCritical~0) .cse2 .cse3) (and .cse0 .cse1 .cse4 .cse2 .cse3) (and (<= 1 ~pumpRunning~0) .cse4 (<= ~waterLevel~0 1) .cse2))) [2024-10-14 03:09:05,513 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse9 (<= 1 ~pumpRunning~0)) (.cse4 (<= |old(~waterLevel~0)| 1)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse8 (= |old(~waterLevel~0)| 2)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse7 (<= 1 ~methaneLevelCritical~0)) (.cse5 (= 0 ~systemActive~0)) (.cse6 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse2 .cse5 .cse6) (and .cse0 .cse1 .cse7 .cse3 .cse8) (and .cse9 .cse1 .cse2 .cse3 .cse4) (and .cse9 .cse1 .cse2 .cse3 .cse8) (and .cse0 .cse1 .cse7 .cse3 .cse4) (and .cse0 .cse1 .cse2 .cse3 .cse8) (and .cse0 .cse1 .cse7 .cse5 .cse6))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse6 (<= ~waterLevel~0 2)) (.cse7 (= 0 ~systemActive~0)) (.cse9 (<= 1 ~pumpRunning~0)) (.cse3 (<= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse8 (= 2 ~waterLevel~0)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse4 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse5 .cse6 .cse7) (and .cse0 .cse1 .cse5 .cse8 .cse4) (and .cse0 .cse1 .cse5 .cse3 .cse4) (and .cse9 .cse1 .cse8 .cse2 .cse4) (and .cse0 .cse1 .cse2 .cse6 .cse7) (and .cse9 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse8 .cse2 .cse4))) [2024-10-14 03:09:05,532 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= ~methAndRunningLastTime~0 0)) (.cse2 (= |old(~pumpRunning~0)| 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse1 .cse2 .cse3) (and .cse4 (<= ~waterLevel~0 1) .cse1 (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~methaneLevelCritical~0) .cse2 .cse3) (and .cse0 .cse1 .cse4 .cse2 .cse3) (and (<= 1 ~pumpRunning~0) .cse4 (<= ~waterLevel~0 1) .cse2))) [2024-10-14 03:09:05,550 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 14.10 03:09:05 BoogieIcfgContainer [2024-10-14 03:09:05,551 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-14 03:09:05,552 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-14 03:09:05,552 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-14 03:09:05,552 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-14 03:09:05,553 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.10 03:08:39" (3/4) ... [2024-10-14 03:09:05,555 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-14 03:09:05,558 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-14 03:09:05,558 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-14 03:09:05,558 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-14 03:09:05,558 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-14 03:09:05,559 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-10-14 03:09:05,559 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-14 03:09:05,559 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-14 03:09:05,559 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-14 03:09:05,559 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-10-14 03:09:05,559 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-10-14 03:09:05,566 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 35 nodes and edges [2024-10-14 03:09:05,567 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-14 03:09:05,567 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-14 03:09:05,568 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-14 03:09:05,568 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-14 03:09:05,686 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-14 03:09:05,687 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-14 03:09:05,687 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-14 03:09:05,688 INFO L158 Benchmark]: Toolchain (without parser) took 27029.47ms. Allocated memory was 176.2MB in the beginning and 398.5MB in the end (delta: 222.3MB). Free memory was 120.0MB in the beginning and 254.7MB in the end (delta: -134.7MB). Peak memory consumption was 90.3MB. Max. memory is 16.1GB. [2024-10-14 03:09:05,688 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 176.2MB. Free memory is still 141.4MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-14 03:09:05,688 INFO L158 Benchmark]: CACSL2BoogieTranslator took 575.54ms. Allocated memory is still 176.2MB. Free memory was 119.6MB in the beginning and 98.6MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-14 03:09:05,689 INFO L158 Benchmark]: Boogie Procedure Inliner took 46.38ms. Allocated memory is still 176.2MB. Free memory was 98.6MB in the beginning and 96.5MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-14 03:09:05,689 INFO L158 Benchmark]: Boogie Preprocessor took 57.09ms. Allocated memory is still 176.2MB. Free memory was 96.5MB in the beginning and 94.0MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-10-14 03:09:05,690 INFO L158 Benchmark]: RCFGBuilder took 607.47ms. Allocated memory is still 176.2MB. Free memory was 94.0MB in the beginning and 68.0MB in the end (delta: 26.0MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2024-10-14 03:09:05,690 INFO L158 Benchmark]: TraceAbstraction took 25598.24ms. Allocated memory was 176.2MB in the beginning and 398.5MB in the end (delta: 222.3MB). Free memory was 67.2MB in the beginning and 263.1MB in the end (delta: -195.9MB). Peak memory consumption was 172.1MB. Max. memory is 16.1GB. [2024-10-14 03:09:05,690 INFO L158 Benchmark]: Witness Printer took 135.39ms. Allocated memory is still 398.5MB. Free memory was 263.1MB in the beginning and 254.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-14 03:09:05,692 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 176.2MB. Free memory is still 141.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 575.54ms. Allocated memory is still 176.2MB. Free memory was 119.6MB in the beginning and 98.6MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 46.38ms. Allocated memory is still 176.2MB. Free memory was 98.6MB in the beginning and 96.5MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 57.09ms. Allocated memory is still 176.2MB. Free memory was 96.5MB in the beginning and 94.0MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 607.47ms. Allocated memory is still 176.2MB. Free memory was 94.0MB in the beginning and 68.0MB in the end (delta: 26.0MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 25598.24ms. Allocated memory was 176.2MB in the beginning and 398.5MB in the end (delta: 222.3MB). Free memory was 67.2MB in the beginning and 263.1MB in the end (delta: -195.9MB). Peak memory consumption was 172.1MB. Max. memory is 16.1GB. * Witness Printer took 135.39ms. Allocated memory is still 398.5MB. Free memory was 263.1MB in the beginning and 254.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [87] - GenericResultAtLocation [Line: 363]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [363] - GenericResultAtLocation [Line: 435]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [435] - GenericResultAtLocation [Line: 444]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [444] - GenericResultAtLocation [Line: 483]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [483] - GenericResultAtLocation [Line: 587]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [587] - GenericResultAtLocation [Line: 684]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [684] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 440]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 92 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 12.7s, OverallIterations: 12, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 7.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 3134 SdHoareTripleChecker+Valid, 4.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 3075 mSDsluCounter, 4647 SdHoareTripleChecker+Invalid, 3.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3405 mSDsCounter, 1327 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4972 IncrementalHoareTripleChecker+Invalid, 6299 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1327 mSolverCounterUnsat, 1242 mSDtfsCounter, 4972 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1071 GetRequests, 850 SyntacticMatches, 7 SemanticMatches, 214 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4825 ImplicationChecksByTransitivity, 2.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2058occurred in iteration=11, InterpolantAutomatonStates: 191, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 12 MinimizatonAttempts, 598 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 3.1s InterpolantComputationTime, 1158 NumberOfCodeBlocks, 1158 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1351 ConstructedInterpolants, 0 QuantifiedInterpolants, 2441 SizeOfPredicates, 2 NumberOfNonLiveVariables, 1461 ConjunctsInSsa, 27 ConjunctsInUnsatCore, 18 InterpolantComputations, 10 PerfectInterpolantSequences, 600/646 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 376]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 377]: Loop Invariant Derived loop invariant: (((((((((((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (splverifierCounter == 0)) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive))) || ((((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive))) - InvariantResult [Line: 599]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 238]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (waterLevel <= 2)) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((pumpRunning == 0) && (((methaneLevelCritical == 0) && (1 <= \old(pumpRunning))) || ((1 <= methaneLevelCritical) && (1 <= \old(pumpRunning))))) && (1 == systemActive)) && (waterLevel <= 2)) - ProcedureContractResult [Line: 128]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) Ensures: (((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) - ProcedureContractResult [Line: 511]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: ((((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical)) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (\old(methaneLevelCritical) == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= \old(methaneLevelCritical))) && (waterLevel <= 2)) && (0 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (\old(methaneLevelCritical) == 0)) && (1 == systemActive)) && (waterLevel <= 2))) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (\old(methaneLevelCritical) == 0)) && (1 == systemActive)) && (waterLevel <= 2))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= \old(methaneLevelCritical))) && (1 == systemActive)) && (waterLevel <= 2)))) - ProcedureContractResult [Line: 589]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 523]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((((((((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 == systemActive)) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (0 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 == systemActive))) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) Ensures: (((\result == methaneLevelCritical) && (((pumpRunning < 1) || (\result == 0)) || (waterLevel < 2))) && (((((((((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (1 == systemActive))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (0 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 == systemActive))) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive)))) - ProcedureContractResult [Line: 104]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 == systemActive)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel <= 2))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel <= 2))) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (waterLevel <= 2))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((\old(waterLevel) != 0) || (waterLevel == 0)) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && ((((\old(pumpRunning) != 0) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (\old(waterLevel) == 2))) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel))) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (\old(waterLevel) == 2)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((((pumpRunning == \old(pumpRunning)) && (methAndRunningLastTime == 0)) && (waterLevel <= \old(waterLevel))) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (waterLevel <= \old(waterLevel)))) || (\old(pumpRunning) < 1))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((((((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)) && (0 == systemActive)) || ((((methaneLevelCritical == 0) && (\old(methAndRunningLastTime) == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (((((1 <= methaneLevelCritical) && (\old(methAndRunningLastTime) == 0)) && (1 == systemActive)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (0 == systemActive))) || ((((1 <= methaneLevelCritical) && (\old(methAndRunningLastTime) == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || ((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 136]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (waterLevel <= 2)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: ((((((((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) || ((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= \old(pumpRunning)))) || ((((methAndRunningLastTime == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && (((1 == systemActive) && (\old(pumpRunning) == 0)) || (methaneLevelCritical < 1))) - ProcedureContractResult [Line: 499]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive))) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (0 == systemActive))) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) Ensures: ((((((0 < waterLevel) || (\old(waterLevel) != 0)) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(waterLevel) <= 1)) || (((methaneLevelCritical == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((1 <= methaneLevelCritical) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && ((\old(waterLevel) < 1) || (2 == waterLevel))) && ((0 != systemActive) || ((pumpRunning == 0) && (methAndRunningLastTime == 0)))) - ProcedureContractResult [Line: 162]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (waterLevel <= 2)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: ((((((((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) || ((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= \old(pumpRunning)))) || ((((methAndRunningLastTime == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && (((1 == systemActive) && (\old(pumpRunning) == 0)) || (methaneLevelCritical < 1))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) - ProcedureContractResult [Line: 246]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: ((((((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) Ensures: (((((((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) && (\result == methaneLevelCritical)) RESULT: Ultimate proved your program to be correct! [2024-10-14 03:09:05,725 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE