./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 61a67961 Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 73b8e020dd9d30fdd676c81009d4f1b850aa716d63ef29ce3d475a261546f853 --- Real Ultimate output --- This is Ultimate 0.2.5-wip.fs.cvc5-61a6796-m [2024-10-14 03:10:49,659 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-14 03:10:49,725 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-14 03:10:49,730 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-14 03:10:49,730 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-14 03:10:49,756 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-14 03:10:49,756 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-14 03:10:49,757 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-14 03:10:49,757 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-14 03:10:49,760 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-14 03:10:49,760 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-14 03:10:49,761 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-14 03:10:49,761 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-14 03:10:49,761 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-14 03:10:49,761 INFO L153 SettingsManager]: * Use SBE=true [2024-10-14 03:10:49,762 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-14 03:10:49,762 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-14 03:10:49,762 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-14 03:10:49,762 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-14 03:10:49,762 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-14 03:10:49,763 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-14 03:10:49,765 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-14 03:10:49,765 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-14 03:10:49,766 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-14 03:10:49,766 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-14 03:10:49,766 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-14 03:10:49,766 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-14 03:10:49,767 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-14 03:10:49,767 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-14 03:10:49,767 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-14 03:10:49,767 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-14 03:10:49,768 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-14 03:10:49,768 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-14 03:10:49,768 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-14 03:10:49,768 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-14 03:10:49,768 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-14 03:10:49,768 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-14 03:10:49,769 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-14 03:10:49,769 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-14 03:10:49,769 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-14 03:10:49,770 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-14 03:10:49,771 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-14 03:10:49,771 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 73b8e020dd9d30fdd676c81009d4f1b850aa716d63ef29ce3d475a261546f853 [2024-10-14 03:10:49,996 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-14 03:10:50,026 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-14 03:10:50,029 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-14 03:10:50,030 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-14 03:10:50,030 INFO L274 PluginConnector]: CDTParser initialized [2024-10-14 03:10:50,032 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c [2024-10-14 03:10:51,515 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-14 03:10:51,757 INFO L384 CDTParser]: Found 1 translation units. [2024-10-14 03:10:51,757 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c [2024-10-14 03:10:51,770 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/6d2742dfb/4b09a7058f90478b83bbe240430ef558/FLAG32c833780 [2024-10-14 03:10:52,091 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/6d2742dfb/4b09a7058f90478b83bbe240430ef558 [2024-10-14 03:10:52,094 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-14 03:10:52,095 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-14 03:10:52,096 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-14 03:10:52,096 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-14 03:10:52,101 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-14 03:10:52,101 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,102 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6fac2e66 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52, skipping insertion in model container [2024-10-14 03:10:52,102 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,132 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-14 03:10:52,517 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c[15211,15224] [2024-10-14 03:10:52,572 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-14 03:10:52,597 INFO L200 MainTranslator]: Completed pre-run [2024-10-14 03:10:52,617 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] [2024-10-14 03:10:52,619 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [101] [2024-10-14 03:10:52,623 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [206] [2024-10-14 03:10:52,623 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [572] [2024-10-14 03:10:52,624 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [670] [2024-10-14 03:10:52,624 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [705] [2024-10-14 03:10:52,624 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [714] [2024-10-14 03:10:52,624 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [923] [2024-10-14 03:10:52,714 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product46.cil.c[15211,15224] [2024-10-14 03:10:52,726 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-14 03:10:52,773 INFO L204 MainTranslator]: Completed translation [2024-10-14 03:10:52,776 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52 WrapperNode [2024-10-14 03:10:52,776 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-14 03:10:52,777 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-14 03:10:52,777 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-14 03:10:52,777 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-14 03:10:52,782 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,792 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,816 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 214 [2024-10-14 03:10:52,822 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-14 03:10:52,823 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-14 03:10:52,824 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-14 03:10:52,824 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-14 03:10:52,834 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,834 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,841 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,870 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-14 03:10:52,875 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,878 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,886 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,897 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,899 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,906 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,912 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-14 03:10:52,915 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-14 03:10:52,915 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-14 03:10:52,915 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-14 03:10:52,916 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (1/1) ... [2024-10-14 03:10:52,931 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-14 03:10:52,955 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-14 03:10:52,981 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-14 03:10:52,988 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-14 03:10:53,052 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-14 03:10:53,052 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-14 03:10:53,052 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-14 03:10:53,053 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-14 03:10:53,053 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-14 03:10:53,053 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-14 03:10:53,053 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-14 03:10:53,053 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-14 03:10:53,053 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-14 03:10:53,053 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-10-14 03:10:53,053 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-10-14 03:10:53,054 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-14 03:10:53,054 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-14 03:10:53,054 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-10-14 03:10:53,054 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-10-14 03:10:53,054 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-14 03:10:53,054 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-14 03:10:53,055 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-14 03:10:53,055 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-14 03:10:53,055 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-14 03:10:53,125 INFO L238 CfgBuilder]: Building ICFG [2024-10-14 03:10:53,128 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-14 03:10:53,356 INFO L? ?]: Removed 43 outVars from TransFormulas that were not future-live. [2024-10-14 03:10:53,357 INFO L287 CfgBuilder]: Performing block encoding [2024-10-14 03:10:53,410 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-14 03:10:53,410 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-14 03:10:53,411 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.10 03:10:53 BoogieIcfgContainer [2024-10-14 03:10:53,411 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-14 03:10:53,412 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-14 03:10:53,412 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-14 03:10:53,415 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-14 03:10:53,415 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.10 03:10:52" (1/3) ... [2024-10-14 03:10:53,416 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2e7a4810 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.10 03:10:53, skipping insertion in model container [2024-10-14 03:10:53,416 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:52" (2/3) ... [2024-10-14 03:10:53,416 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2e7a4810 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.10 03:10:53, skipping insertion in model container [2024-10-14 03:10:53,416 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.10 03:10:53" (3/3) ... [2024-10-14 03:10:53,417 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product46.cil.c [2024-10-14 03:10:53,431 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-14 03:10:53,431 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-14 03:10:53,485 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-14 03:10:53,493 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@682d9f7a, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-14 03:10:53,494 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-14 03:10:53,498 INFO L276 IsEmpty]: Start isEmpty. Operand has 77 states, 53 states have (on average 1.509433962264151) internal successors, (80), 61 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-14 03:10:53,506 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-14 03:10:53,506 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:53,507 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:53,508 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:53,514 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:53,514 INFO L85 PathProgramCache]: Analyzing trace with hash 1565491923, now seen corresponding path program 1 times [2024-10-14 03:10:53,522 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:53,523 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [756757049] [2024-10-14 03:10:53,523 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:53,523 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:53,627 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:53,684 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:10:53,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:53,689 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-14 03:10:53,690 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:53,693 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:53,693 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:53,693 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [756757049] [2024-10-14 03:10:53,694 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [756757049] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:53,694 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:53,694 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-14 03:10:53,695 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1498827422] [2024-10-14 03:10:53,696 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:53,702 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-14 03:10:53,702 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:53,726 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-14 03:10:53,727 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-14 03:10:53,729 INFO L87 Difference]: Start difference. First operand has 77 states, 53 states have (on average 1.509433962264151) internal successors, (80), 61 states have internal predecessors, (80), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-14 03:10:53,837 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:53,842 INFO L93 Difference]: Finished difference Result 152 states and 217 transitions. [2024-10-14 03:10:53,844 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-14 03:10:53,845 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-14 03:10:53,845 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:53,896 INFO L225 Difference]: With dead ends: 152 [2024-10-14 03:10:53,901 INFO L226 Difference]: Without dead ends: 72 [2024-10-14 03:10:53,909 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-14 03:10:53,926 INFO L432 NwaCegarLoop]: 88 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 88 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:53,927 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 88 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-14 03:10:53,993 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2024-10-14 03:10:54,020 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2024-10-14 03:10:54,021 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 50 states have (on average 1.4) internal successors, (70), 57 states have internal predecessors, (70), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 11 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-14 03:10:54,023 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 97 transitions. [2024-10-14 03:10:54,024 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 97 transitions. Word has length 22 [2024-10-14 03:10:54,024 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:54,025 INFO L471 AbstractCegarLoop]: Abstraction has 72 states and 97 transitions. [2024-10-14 03:10:54,025 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-14 03:10:54,025 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 97 transitions. [2024-10-14 03:10:54,027 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-14 03:10:54,027 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:54,027 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:54,027 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-14 03:10:54,028 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:54,030 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:54,031 INFO L85 PathProgramCache]: Analyzing trace with hash 2041970291, now seen corresponding path program 1 times [2024-10-14 03:10:54,031 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:54,031 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2125010048] [2024-10-14 03:10:54,031 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:54,031 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:54,046 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,108 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-14 03:10:54,110 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,112 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-14 03:10:54,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,122 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:54,122 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:54,122 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2125010048] [2024-10-14 03:10:54,122 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2125010048] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:54,122 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:54,122 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-14 03:10:54,122 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [355318653] [2024-10-14 03:10:54,123 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:54,131 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-14 03:10:54,131 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:54,131 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-14 03:10:54,132 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:54,132 INFO L87 Difference]: Start difference. First operand 72 states and 97 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-14 03:10:54,201 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:54,201 INFO L93 Difference]: Finished difference Result 117 states and 157 transitions. [2024-10-14 03:10:54,202 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-14 03:10:54,202 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-14 03:10:54,202 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:54,203 INFO L225 Difference]: With dead ends: 117 [2024-10-14 03:10:54,203 INFO L226 Difference]: Without dead ends: 64 [2024-10-14 03:10:54,204 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:54,204 INFO L432 NwaCegarLoop]: 74 mSDtfsCounter, 11 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 135 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:54,205 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 135 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-14 03:10:54,210 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2024-10-14 03:10:54,221 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2024-10-14 03:10:54,221 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 45 states have (on average 1.4222222222222223) internal successors, (64), 52 states have internal predecessors, (64), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-14 03:10:54,222 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 86 transitions. [2024-10-14 03:10:54,226 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 86 transitions. Word has length 23 [2024-10-14 03:10:54,226 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:54,227 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 86 transitions. [2024-10-14 03:10:54,227 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-14 03:10:54,227 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 86 transitions. [2024-10-14 03:10:54,228 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-14 03:10:54,228 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:54,228 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:54,228 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-14 03:10:54,228 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:54,229 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:54,229 INFO L85 PathProgramCache]: Analyzing trace with hash -1368287412, now seen corresponding path program 1 times [2024-10-14 03:10:54,229 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:54,234 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [87852218] [2024-10-14 03:10:54,234 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:54,234 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:54,268 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,318 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:54,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,323 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-14 03:10:54,324 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,326 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:54,326 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:54,326 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [87852218] [2024-10-14 03:10:54,326 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [87852218] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:54,326 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:54,327 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-14 03:10:54,327 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [809862595] [2024-10-14 03:10:54,327 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:54,327 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-14 03:10:54,327 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:54,328 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-14 03:10:54,328 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:54,328 INFO L87 Difference]: Start difference. First operand 64 states and 86 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-14 03:10:54,357 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:54,357 INFO L93 Difference]: Finished difference Result 126 states and 171 transitions. [2024-10-14 03:10:54,357 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-14 03:10:54,357 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-14 03:10:54,358 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:54,359 INFO L225 Difference]: With dead ends: 126 [2024-10-14 03:10:54,359 INFO L226 Difference]: Without dead ends: 64 [2024-10-14 03:10:54,359 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:54,360 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 78 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 72 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:54,361 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 72 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-14 03:10:54,361 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2024-10-14 03:10:54,369 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2024-10-14 03:10:54,370 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 45 states have (on average 1.4) internal successors, (63), 52 states have internal predecessors, (63), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-14 03:10:54,371 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 85 transitions. [2024-10-14 03:10:54,371 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 85 transitions. Word has length 26 [2024-10-14 03:10:54,372 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:54,372 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 85 transitions. [2024-10-14 03:10:54,373 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-14 03:10:54,373 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 85 transitions. [2024-10-14 03:10:54,374 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-10-14 03:10:54,374 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:54,374 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:54,374 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-14 03:10:54,375 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:54,375 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:54,375 INFO L85 PathProgramCache]: Analyzing trace with hash -1136734256, now seen corresponding path program 1 times [2024-10-14 03:10:54,375 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:54,376 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1524498303] [2024-10-14 03:10:54,376 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:54,376 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:54,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,411 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:54,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-14 03:10:54,418 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,420 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2024-10-14 03:10:54,421 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,422 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:54,422 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:54,422 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1524498303] [2024-10-14 03:10:54,423 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1524498303] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:54,423 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:54,423 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-14 03:10:54,423 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1561325516] [2024-10-14 03:10:54,423 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:54,424 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-14 03:10:54,424 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:54,424 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-14 03:10:54,424 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:54,425 INFO L87 Difference]: Start difference. First operand 64 states and 85 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-14 03:10:54,470 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:54,471 INFO L93 Difference]: Finished difference Result 171 states and 229 transitions. [2024-10-14 03:10:54,471 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-14 03:10:54,471 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 33 [2024-10-14 03:10:54,471 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:54,473 INFO L225 Difference]: With dead ends: 171 [2024-10-14 03:10:54,473 INFO L226 Difference]: Without dead ends: 109 [2024-10-14 03:10:54,473 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:54,474 INFO L432 NwaCegarLoop]: 79 mSDtfsCounter, 68 mSDsluCounter, 53 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 132 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:54,475 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 132 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-14 03:10:54,475 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 109 states. [2024-10-14 03:10:54,488 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 109 to 107. [2024-10-14 03:10:54,489 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 107 states, 76 states have (on average 1.355263157894737) internal successors, (103), 84 states have internal predecessors, (103), 16 states have call successors, (16), 14 states have call predecessors, (16), 14 states have return successors, (20), 16 states have call predecessors, (20), 16 states have call successors, (20) [2024-10-14 03:10:54,490 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 107 states to 107 states and 139 transitions. [2024-10-14 03:10:54,490 INFO L78 Accepts]: Start accepts. Automaton has 107 states and 139 transitions. Word has length 33 [2024-10-14 03:10:54,490 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:54,490 INFO L471 AbstractCegarLoop]: Abstraction has 107 states and 139 transitions. [2024-10-14 03:10:54,491 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-14 03:10:54,491 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 139 transitions. [2024-10-14 03:10:54,492 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-10-14 03:10:54,492 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:54,492 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:54,492 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-14 03:10:54,492 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:54,493 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:54,493 INFO L85 PathProgramCache]: Analyzing trace with hash -385116897, now seen corresponding path program 1 times [2024-10-14 03:10:54,493 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:54,493 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1634686326] [2024-10-14 03:10:54,493 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:54,494 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:54,508 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,590 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:54,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,598 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-14 03:10:54,601 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,609 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:10:54,610 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,611 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-10-14 03:10:54,613 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,624 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-14 03:10:54,624 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:54,624 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1634686326] [2024-10-14 03:10:54,624 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1634686326] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:54,624 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:54,625 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-14 03:10:54,625 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1050126788] [2024-10-14 03:10:54,625 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:54,625 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-14 03:10:54,625 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:54,626 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-14 03:10:54,626 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-10-14 03:10:54,626 INFO L87 Difference]: Start difference. First operand 107 states and 139 transitions. Second operand has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-14 03:10:54,875 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:54,875 INFO L93 Difference]: Finished difference Result 232 states and 303 transitions. [2024-10-14 03:10:54,875 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-14 03:10:54,876 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 41 [2024-10-14 03:10:54,876 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:54,877 INFO L225 Difference]: With dead ends: 232 [2024-10-14 03:10:54,877 INFO L226 Difference]: Without dead ends: 127 [2024-10-14 03:10:54,878 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-10-14 03:10:54,879 INFO L432 NwaCegarLoop]: 55 mSDtfsCounter, 115 mSDsluCounter, 215 mSDsCounter, 0 mSdLazyCounter, 227 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 122 SdHoareTripleChecker+Valid, 270 SdHoareTripleChecker+Invalid, 261 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 227 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:54,882 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [122 Valid, 270 Invalid, 261 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 227 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-14 03:10:54,883 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2024-10-14 03:10:54,894 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 125. [2024-10-14 03:10:54,895 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 125 states, 89 states have (on average 1.3258426966292134) internal successors, (118), 97 states have internal predecessors, (118), 18 states have call successors, (18), 14 states have call predecessors, (18), 17 states have return successors, (25), 19 states have call predecessors, (25), 18 states have call successors, (25) [2024-10-14 03:10:54,896 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 125 states to 125 states and 161 transitions. [2024-10-14 03:10:54,896 INFO L78 Accepts]: Start accepts. Automaton has 125 states and 161 transitions. Word has length 41 [2024-10-14 03:10:54,896 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:54,896 INFO L471 AbstractCegarLoop]: Abstraction has 125 states and 161 transitions. [2024-10-14 03:10:54,897 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-14 03:10:54,897 INFO L276 IsEmpty]: Start isEmpty. Operand 125 states and 161 transitions. [2024-10-14 03:10:54,898 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-10-14 03:10:54,898 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:54,898 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:54,898 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-14 03:10:54,898 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:54,899 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:54,899 INFO L85 PathProgramCache]: Analyzing trace with hash -177927491, now seen corresponding path program 1 times [2024-10-14 03:10:54,899 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:54,899 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [860251004] [2024-10-14 03:10:54,899 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:54,900 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:54,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,957 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:54,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,963 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-14 03:10:54,967 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,989 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:10:54,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,996 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-10-14 03:10:54,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:54,999 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:55,000 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:55,001 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [860251004] [2024-10-14 03:10:55,001 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [860251004] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:55,001 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:55,001 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-14 03:10:55,002 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1819042949] [2024-10-14 03:10:55,002 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:55,002 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-14 03:10:55,003 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:55,004 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-14 03:10:55,004 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-14 03:10:55,004 INFO L87 Difference]: Start difference. First operand 125 states and 161 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-14 03:10:55,139 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:55,139 INFO L93 Difference]: Finished difference Result 252 states and 332 transitions. [2024-10-14 03:10:55,139 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-14 03:10:55,140 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 44 [2024-10-14 03:10:55,140 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:55,142 INFO L225 Difference]: With dead ends: 252 [2024-10-14 03:10:55,142 INFO L226 Difference]: Without dead ends: 129 [2024-10-14 03:10:55,145 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-14 03:10:55,145 INFO L432 NwaCegarLoop]: 59 mSDtfsCounter, 49 mSDsluCounter, 129 mSDsCounter, 0 mSdLazyCounter, 125 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 188 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 125 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:55,145 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 188 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-14 03:10:55,146 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2024-10-14 03:10:55,162 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 127. [2024-10-14 03:10:55,165 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 91 states have (on average 1.3186813186813187) internal successors, (120), 99 states have internal predecessors, (120), 18 states have call successors, (18), 14 states have call predecessors, (18), 17 states have return successors, (25), 19 states have call predecessors, (25), 18 states have call successors, (25) [2024-10-14 03:10:55,166 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 163 transitions. [2024-10-14 03:10:55,166 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 163 transitions. Word has length 44 [2024-10-14 03:10:55,167 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:55,167 INFO L471 AbstractCegarLoop]: Abstraction has 127 states and 163 transitions. [2024-10-14 03:10:55,167 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-14 03:10:55,167 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 163 transitions. [2024-10-14 03:10:55,168 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-10-14 03:10:55,168 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:55,168 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:55,168 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-14 03:10:55,168 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:55,168 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:55,168 INFO L85 PathProgramCache]: Analyzing trace with hash 244774335, now seen corresponding path program 1 times [2024-10-14 03:10:55,168 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:55,168 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [347230733] [2024-10-14 03:10:55,169 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:55,169 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:55,182 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,238 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:55,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,244 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-14 03:10:55,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,276 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:10:55,277 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,279 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-10-14 03:10:55,280 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,282 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:55,283 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:55,283 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [347230733] [2024-10-14 03:10:55,283 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [347230733] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:55,283 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:55,283 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-14 03:10:55,284 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1263351402] [2024-10-14 03:10:55,284 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:55,285 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-14 03:10:55,285 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:55,285 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-14 03:10:55,285 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-14 03:10:55,285 INFO L87 Difference]: Start difference. First operand 127 states and 163 transitions. Second operand has 6 states, 6 states have (on average 5.666666666666667) internal successors, (34), 5 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-14 03:10:55,416 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:55,416 INFO L93 Difference]: Finished difference Result 256 states and 336 transitions. [2024-10-14 03:10:55,417 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-14 03:10:55,417 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.666666666666667) internal successors, (34), 5 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 44 [2024-10-14 03:10:55,417 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:55,418 INFO L225 Difference]: With dead ends: 256 [2024-10-14 03:10:55,418 INFO L226 Difference]: Without dead ends: 131 [2024-10-14 03:10:55,419 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-10-14 03:10:55,420 INFO L432 NwaCegarLoop]: 57 mSDtfsCounter, 121 mSDsluCounter, 126 mSDsCounter, 0 mSdLazyCounter, 130 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 164 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 130 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:55,421 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 183 Invalid, 164 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 130 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-14 03:10:55,422 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 131 states. [2024-10-14 03:10:55,436 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 131 to 129. [2024-10-14 03:10:55,436 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 129 states, 93 states have (on average 1.3118279569892473) internal successors, (122), 101 states have internal predecessors, (122), 18 states have call successors, (18), 14 states have call predecessors, (18), 17 states have return successors, (25), 19 states have call predecessors, (25), 18 states have call successors, (25) [2024-10-14 03:10:55,437 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 129 states to 129 states and 165 transitions. [2024-10-14 03:10:55,437 INFO L78 Accepts]: Start accepts. Automaton has 129 states and 165 transitions. Word has length 44 [2024-10-14 03:10:55,438 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:55,438 INFO L471 AbstractCegarLoop]: Abstraction has 129 states and 165 transitions. [2024-10-14 03:10:55,438 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.666666666666667) internal successors, (34), 5 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-14 03:10:55,438 INFO L276 IsEmpty]: Start isEmpty. Operand 129 states and 165 transitions. [2024-10-14 03:10:55,439 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-10-14 03:10:55,439 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:55,439 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:55,439 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-14 03:10:55,439 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:55,440 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:55,440 INFO L85 PathProgramCache]: Analyzing trace with hash -1560663999, now seen corresponding path program 1 times [2024-10-14 03:10:55,440 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:55,440 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1689181745] [2024-10-14 03:10:55,440 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:55,440 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:55,447 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,479 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:55,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,490 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-14 03:10:55,493 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,505 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:10:55,506 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,508 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-10-14 03:10:55,509 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,511 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:55,511 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:55,511 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1689181745] [2024-10-14 03:10:55,511 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1689181745] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:55,512 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:55,512 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-14 03:10:55,512 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1641852594] [2024-10-14 03:10:55,512 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:55,512 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-14 03:10:55,513 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:55,513 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-14 03:10:55,513 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-14 03:10:55,514 INFO L87 Difference]: Start difference. First operand 129 states and 165 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-14 03:10:55,822 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:55,822 INFO L93 Difference]: Finished difference Result 410 states and 562 transitions. [2024-10-14 03:10:55,823 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-14 03:10:55,823 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 44 [2024-10-14 03:10:55,823 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:55,825 INFO L225 Difference]: With dead ends: 410 [2024-10-14 03:10:55,826 INFO L226 Difference]: Without dead ends: 283 [2024-10-14 03:10:55,826 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-14 03:10:55,827 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 190 mSDsluCounter, 136 mSDsCounter, 0 mSdLazyCounter, 212 mSolverCounterSat, 68 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 198 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 280 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 68 IncrementalHoareTripleChecker+Valid, 212 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:55,827 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [198 Valid, 237 Invalid, 280 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [68 Valid, 212 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-14 03:10:55,828 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 283 states. [2024-10-14 03:10:55,853 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 283 to 279. [2024-10-14 03:10:55,853 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 279 states, 200 states have (on average 1.3) internal successors, (260), 213 states have internal predecessors, (260), 43 states have call successors, (43), 36 states have call predecessors, (43), 35 states have return successors, (67), 41 states have call predecessors, (67), 43 states have call successors, (67) [2024-10-14 03:10:55,855 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 279 states to 279 states and 370 transitions. [2024-10-14 03:10:55,856 INFO L78 Accepts]: Start accepts. Automaton has 279 states and 370 transitions. Word has length 44 [2024-10-14 03:10:55,856 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:55,856 INFO L471 AbstractCegarLoop]: Abstraction has 279 states and 370 transitions. [2024-10-14 03:10:55,856 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 4 states have internal predecessors, (34), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-14 03:10:55,856 INFO L276 IsEmpty]: Start isEmpty. Operand 279 states and 370 transitions. [2024-10-14 03:10:55,858 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2024-10-14 03:10:55,858 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:55,858 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:55,858 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-14 03:10:55,859 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:55,859 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:55,859 INFO L85 PathProgramCache]: Analyzing trace with hash 491417511, now seen corresponding path program 1 times [2024-10-14 03:10:55,859 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:55,859 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [271119321] [2024-10-14 03:10:55,860 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:55,860 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:55,870 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:55,997 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:10:55,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,010 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-14 03:10:56,012 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,025 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-14 03:10:56,029 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,062 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:10:56,064 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,070 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-10-14 03:10:56,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,073 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:56,076 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:56,076 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [271119321] [2024-10-14 03:10:56,076 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [271119321] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:56,077 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:56,077 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-14 03:10:56,077 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1482769560] [2024-10-14 03:10:56,077 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:56,078 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-14 03:10:56,078 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:56,078 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-14 03:10:56,078 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-10-14 03:10:56,082 INFO L87 Difference]: Start difference. First operand 279 states and 370 transitions. Second operand has 8 states, 8 states have (on average 4.5) internal successors, (36), 6 states have internal predecessors, (36), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-14 03:10:56,681 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:56,681 INFO L93 Difference]: Finished difference Result 595 states and 802 transitions. [2024-10-14 03:10:56,681 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2024-10-14 03:10:56,685 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 6 states have internal predecessors, (36), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) Word has length 48 [2024-10-14 03:10:56,685 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:56,687 INFO L225 Difference]: With dead ends: 595 [2024-10-14 03:10:56,687 INFO L226 Difference]: Without dead ends: 318 [2024-10-14 03:10:56,688 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 46 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=207, Unknown=0, NotChecked=0, Total=306 [2024-10-14 03:10:56,689 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 289 mSDsluCounter, 160 mSDsCounter, 0 mSdLazyCounter, 305 mSolverCounterSat, 102 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 292 SdHoareTripleChecker+Valid, 225 SdHoareTripleChecker+Invalid, 407 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 102 IncrementalHoareTripleChecker+Valid, 305 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:56,689 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [292 Valid, 225 Invalid, 407 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [102 Valid, 305 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-10-14 03:10:56,689 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 318 states. [2024-10-14 03:10:56,730 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 318 to 316. [2024-10-14 03:10:56,734 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 316 states, 227 states have (on average 1.277533039647577) internal successors, (290), 244 states have internal predecessors, (290), 48 states have call successors, (48), 36 states have call predecessors, (48), 40 states have return successors, (83), 47 states have call predecessors, (83), 48 states have call successors, (83) [2024-10-14 03:10:56,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 316 states to 316 states and 421 transitions. [2024-10-14 03:10:56,737 INFO L78 Accepts]: Start accepts. Automaton has 316 states and 421 transitions. Word has length 48 [2024-10-14 03:10:56,740 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:56,740 INFO L471 AbstractCegarLoop]: Abstraction has 316 states and 421 transitions. [2024-10-14 03:10:56,740 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.5) internal successors, (36), 6 states have internal predecessors, (36), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-14 03:10:56,741 INFO L276 IsEmpty]: Start isEmpty. Operand 316 states and 421 transitions. [2024-10-14 03:10:56,741 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2024-10-14 03:10:56,742 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:56,742 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:56,742 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-14 03:10:56,742 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:56,742 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:56,743 INFO L85 PathProgramCache]: Analyzing trace with hash -1029496718, now seen corresponding path program 1 times [2024-10-14 03:10:56,743 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:56,743 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [972789680] [2024-10-14 03:10:56,743 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:56,743 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:56,763 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,902 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:10:56,907 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,924 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-14 03:10:56,928 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,952 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:10:56,956 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,970 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-14 03:10:56,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,988 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:10:56,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:56,994 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-10-14 03:10:56,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:57,013 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2024-10-14 03:10:57,015 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:57,019 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-10-14 03:10:57,020 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:57,025 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:10:57,026 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:57,026 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2024-10-14 03:10:57,027 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:57,028 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 13 proven. 8 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-10-14 03:10:57,029 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:57,029 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [972789680] [2024-10-14 03:10:57,029 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [972789680] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-14 03:10:57,030 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1375694090] [2024-10-14 03:10:57,030 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:57,030 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-14 03:10:57,030 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-14 03:10:57,040 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-14 03:10:57,041 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-14 03:10:57,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:57,113 INFO L255 TraceCheckSpWp]: Trace formula consists of 300 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-14 03:10:57,117 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-14 03:10:57,364 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 22 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-14 03:10:57,364 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-14 03:10:57,688 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-10-14 03:10:57,689 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1375694090] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-14 03:10:57,689 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-14 03:10:57,689 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-14 03:10:57,689 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [803097133] [2024-10-14 03:10:57,689 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-14 03:10:57,690 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-14 03:10:57,690 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:57,690 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-14 03:10:57,690 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-14 03:10:57,691 INFO L87 Difference]: Start difference. First operand 316 states and 421 transitions. Second operand has 15 states, 11 states have (on average 8.545454545454545) internal successors, (94), 10 states have internal predecessors, (94), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-14 03:10:58,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:58,468 INFO L93 Difference]: Finished difference Result 708 states and 966 transitions. [2024-10-14 03:10:58,468 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-14 03:10:58,468 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 11 states have (on average 8.545454545454545) internal successors, (94), 10 states have internal predecessors, (94), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) Word has length 84 [2024-10-14 03:10:58,469 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:58,470 INFO L225 Difference]: With dead ends: 708 [2024-10-14 03:10:58,471 INFO L226 Difference]: Without dead ends: 0 [2024-10-14 03:10:58,473 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 232 GetRequests, 191 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 338 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=342, Invalid=1140, Unknown=0, NotChecked=0, Total=1482 [2024-10-14 03:10:58,473 INFO L432 NwaCegarLoop]: 105 mSDtfsCounter, 387 mSDsluCounter, 417 mSDsCounter, 0 mSdLazyCounter, 728 mSolverCounterSat, 169 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 392 SdHoareTripleChecker+Valid, 522 SdHoareTripleChecker+Invalid, 897 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 169 IncrementalHoareTripleChecker+Valid, 728 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:58,473 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [392 Valid, 522 Invalid, 897 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [169 Valid, 728 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-10-14 03:10:58,474 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-14 03:10:58,474 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-14 03:10:58,474 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-14 03:10:58,475 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-14 03:10:58,476 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 84 [2024-10-14 03:10:58,476 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:58,476 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-14 03:10:58,476 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 11 states have (on average 8.545454545454545) internal successors, (94), 10 states have internal predecessors, (94), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-14 03:10:58,476 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-14 03:10:58,476 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-14 03:10:58,478 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-14 03:10:58,492 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-14 03:10:58,679 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-14 03:10:58,682 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:58,683 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-14 03:11:01,623 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-14 03:11:01,665 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-14 03:11:01,681 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-14 03:11:01,688 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-14 03:11:01,705 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 14.10 03:11:01 BoogieIcfgContainer [2024-10-14 03:11:01,705 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-14 03:11:01,706 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-14 03:11:01,706 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-14 03:11:01,706 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-14 03:11:01,707 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.10 03:10:53" (3/4) ... [2024-10-14 03:11:01,709 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-14 03:11:01,712 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-14 03:11:01,712 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-14 03:11:01,712 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-14 03:11:01,712 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-14 03:11:01,712 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-14 03:11:01,712 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-10-14 03:11:01,713 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-14 03:11:01,713 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-10-14 03:11:01,721 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 34 nodes and edges [2024-10-14 03:11:01,721 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-14 03:11:01,722 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-14 03:11:01,722 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-14 03:11:01,722 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-14 03:11:01,822 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-14 03:11:01,823 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-14 03:11:01,823 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-14 03:11:01,824 INFO L158 Benchmark]: Toolchain (without parser) took 9728.90ms. Allocated memory was 201.3MB in the beginning and 383.8MB in the end (delta: 182.5MB). Free memory was 127.7MB in the beginning and 327.5MB in the end (delta: -199.8MB). There was no memory consumed. Max. memory is 16.1GB. [2024-10-14 03:11:01,824 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 201.3MB. Free memory is still 155.9MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-14 03:11:01,824 INFO L158 Benchmark]: CACSL2BoogieTranslator took 680.11ms. Allocated memory is still 201.3MB. Free memory was 127.5MB in the beginning and 169.8MB in the end (delta: -42.3MB). Peak memory consumption was 29.4MB. Max. memory is 16.1GB. [2024-10-14 03:11:01,824 INFO L158 Benchmark]: Boogie Procedure Inliner took 45.78ms. Allocated memory is still 201.3MB. Free memory was 169.8MB in the beginning and 166.7MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-14 03:11:01,824 INFO L158 Benchmark]: Boogie Preprocessor took 89.55ms. Allocated memory is still 201.3MB. Free memory was 166.7MB in the beginning and 164.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-14 03:11:01,824 INFO L158 Benchmark]: RCFGBuilder took 496.35ms. Allocated memory is still 201.3MB. Free memory was 164.6MB in the beginning and 139.4MB in the end (delta: 25.2MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2024-10-14 03:11:01,825 INFO L158 Benchmark]: TraceAbstraction took 8293.37ms. Allocated memory was 201.3MB in the beginning and 383.8MB in the end (delta: 182.5MB). Free memory was 139.4MB in the beginning and 334.8MB in the end (delta: -195.4MB). Peak memory consumption was 160.1MB. Max. memory is 16.1GB. [2024-10-14 03:11:01,825 INFO L158 Benchmark]: Witness Printer took 116.99ms. Allocated memory is still 383.8MB. Free memory was 334.8MB in the beginning and 327.5MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-14 03:11:01,826 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 201.3MB. Free memory is still 155.9MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 680.11ms. Allocated memory is still 201.3MB. Free memory was 127.5MB in the beginning and 169.8MB in the end (delta: -42.3MB). Peak memory consumption was 29.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 45.78ms. Allocated memory is still 201.3MB. Free memory was 169.8MB in the beginning and 166.7MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 89.55ms. Allocated memory is still 201.3MB. Free memory was 166.7MB in the beginning and 164.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 496.35ms. Allocated memory is still 201.3MB. Free memory was 164.6MB in the beginning and 139.4MB in the end (delta: 25.2MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 8293.37ms. Allocated memory was 201.3MB in the beginning and 383.8MB in the end (delta: 182.5MB). Free memory was 139.4MB in the beginning and 334.8MB in the end (delta: -195.4MB). Peak memory consumption was 160.1MB. Max. memory is 16.1GB. * Witness Printer took 116.99ms. Allocated memory is still 383.8MB. Free memory was 334.8MB in the beginning and 327.5MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] - GenericResultAtLocation [Line: 101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [101] - GenericResultAtLocation [Line: 206]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [206] - GenericResultAtLocation [Line: 572]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [572] - GenericResultAtLocation [Line: 670]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [670] - GenericResultAtLocation [Line: 705]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [705] - GenericResultAtLocation [Line: 714]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [714] - GenericResultAtLocation [Line: 923]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [923] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 710]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 77 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.2s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1344 SdHoareTripleChecker+Valid, 1.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1308 mSDsluCounter, 2052 SdHoareTripleChecker+Invalid, 1.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1297 mSDsCounter, 427 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1802 IncrementalHoareTripleChecker+Invalid, 2229 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 427 mSolverCounterUnsat, 755 mSDtfsCounter, 1802 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 363 GetRequests, 274 SyntacticMatches, 4 SemanticMatches, 85 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 405 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=316occurred in iteration=9, InterpolantAutomatonStates: 81, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 14 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.6s InterpolantComputationTime, 493 NumberOfCodeBlocks, 493 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 565 ConstructedInterpolants, 0 QuantifiedInterpolants, 1053 SizeOfPredicates, 2 NumberOfNonLiveVariables, 300 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 84/105 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 840]: Location Invariant Derived location invariant: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) - InvariantResult [Line: 933]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 114]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 934]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - ProcedureContractResult [Line: 748]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 603]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 721]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 < \old(waterLevel)) || (waterLevel < 2)) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (((pumpRunning == 0) && (2 == waterLevel)) && (\old(waterLevel) == 2)))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 104]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 591]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) - ProcedureContractResult [Line: 756]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || (((1 == systemActive) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 <= pumpRunning) && (2 == waterLevel)) || ((pumpRunning == 0) && (2 == waterLevel))) || (waterLevel < 2))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) - ProcedureContractResult [Line: 851]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) - ProcedureContractResult [Line: 840]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) RESULT: Ultimate proved your program to be correct! [2024-10-14 03:11:01,852 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE