./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4fc63b2a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash fd0b8ceecda33bdad48c402c2c8ba6fe539641c6d50bf604e9c60e70c71a562b --- Real Ultimate output --- This is Ultimate 0.2.5-dev-4fc63b2 [2024-10-31 21:58:17,508 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-31 21:58:17,572 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-31 21:58:17,577 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-31 21:58:17,578 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-31 21:58:17,601 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-31 21:58:17,602 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-31 21:58:17,603 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-31 21:58:17,603 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-31 21:58:17,604 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-31 21:58:17,604 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-31 21:58:17,605 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-31 21:58:17,606 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-31 21:58:17,606 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-31 21:58:17,607 INFO L153 SettingsManager]: * Use SBE=true [2024-10-31 21:58:17,607 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-31 21:58:17,608 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-31 21:58:17,608 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-31 21:58:17,609 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-31 21:58:17,610 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-31 21:58:17,610 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-31 21:58:17,616 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-31 21:58:17,616 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-31 21:58:17,617 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-31 21:58:17,617 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-31 21:58:17,618 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-31 21:58:17,618 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-31 21:58:17,618 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-31 21:58:17,623 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-31 21:58:17,623 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-31 21:58:17,624 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-31 21:58:17,624 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-31 21:58:17,624 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 21:58:17,625 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-31 21:58:17,625 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-31 21:58:17,626 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-31 21:58:17,626 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-31 21:58:17,626 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-31 21:58:17,627 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-31 21:58:17,628 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-31 21:58:17,629 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-31 21:58:17,629 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-31 21:58:17,630 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> fd0b8ceecda33bdad48c402c2c8ba6fe539641c6d50bf604e9c60e70c71a562b [2024-10-31 21:58:17,972 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-31 21:58:18,005 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-31 21:58:18,008 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-31 21:58:18,010 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-31 21:58:18,011 INFO L274 PluginConnector]: CDTParser initialized [2024-10-31 21:58:18,012 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/../../sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c Unable to find full path for "g++" [2024-10-31 21:58:20,492 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-31 21:58:20,958 INFO L384 CDTParser]: Found 1 translation units. [2024-10-31 21:58:20,959 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c [2024-10-31 21:58:20,984 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/data/b99fa2f10/cf3b2047626c46d3a806c883e7c5a9a0/FLAG9977f0dfb [2024-10-31 21:58:21,000 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/data/b99fa2f10/cf3b2047626c46d3a806c883e7c5a9a0 [2024-10-31 21:58:21,003 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-31 21:58:21,006 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-31 21:58:21,008 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-31 21:58:21,008 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-31 21:58:21,015 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-31 21:58:21,016 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,017 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@140c2113 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21, skipping insertion in model container [2024-10-31 21:58:21,017 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,084 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-31 21:58:21,347 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c[6160,6173] [2024-10-31 21:58:21,461 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 21:58:21,483 INFO L200 MainTranslator]: Completed pre-run [2024-10-31 21:58:21,497 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-10-31 21:58:21,498 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [316] [2024-10-31 21:58:21,499 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [386] [2024-10-31 21:58:21,499 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [395] [2024-10-31 21:58:21,499 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [761] [2024-10-31 21:58:21,500 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [860] [2024-10-31 21:58:21,500 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [886] [2024-10-31 21:58:21,500 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [990] [2024-10-31 21:58:21,533 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c[6160,6173] [2024-10-31 21:58:21,611 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 21:58:21,646 INFO L204 MainTranslator]: Completed translation [2024-10-31 21:58:21,646 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21 WrapperNode [2024-10-31 21:58:21,647 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-31 21:58:21,648 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-31 21:58:21,648 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-31 21:58:21,649 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-31 21:58:21,658 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,681 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,710 INFO L138 Inliner]: procedures = 58, calls = 106, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 220 [2024-10-31 21:58:21,710 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-31 21:58:21,715 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-31 21:58:21,715 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-31 21:58:21,715 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-31 21:58:21,731 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,731 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,734 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,767 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-31 21:58:21,768 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,772 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,777 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,786 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,788 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,797 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,801 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-31 21:58:21,802 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-31 21:58:21,802 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-31 21:58:21,802 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-31 21:58:21,803 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (1/1) ... [2024-10-31 21:58:21,811 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 21:58:21,824 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 21:58:21,836 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-31 21:58:21,841 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-31 21:58:21,877 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-31 21:58:21,877 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-31 21:58:21,878 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-31 21:58:21,878 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-31 21:58:21,878 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-31 21:58:21,878 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-10-31 21:58:21,878 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-10-31 21:58:21,878 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-31 21:58:21,879 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-31 21:58:21,879 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 21:58:21,879 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 21:58:21,880 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-31 21:58:21,880 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-31 21:58:21,880 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-10-31 21:58:21,880 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-10-31 21:58:21,881 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-10-31 21:58:21,881 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-10-31 21:58:21,882 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-31 21:58:21,882 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-31 21:58:21,882 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-31 21:58:21,883 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-31 21:58:21,883 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-31 21:58:21,883 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-31 21:58:21,883 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-31 21:58:22,003 INFO L238 CfgBuilder]: Building ICFG [2024-10-31 21:58:22,007 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-31 21:58:22,457 INFO L? ?]: Removed 50 outVars from TransFormulas that were not future-live. [2024-10-31 21:58:22,457 INFO L287 CfgBuilder]: Performing block encoding [2024-10-31 21:58:22,480 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-31 21:58:22,480 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-31 21:58:22,480 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 09:58:22 BoogieIcfgContainer [2024-10-31 21:58:22,481 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-31 21:58:22,487 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-31 21:58:22,487 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-31 21:58:22,494 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-31 21:58:22,494 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 31.10 09:58:21" (1/3) ... [2024-10-31 21:58:22,495 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@673f716d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 09:58:22, skipping insertion in model container [2024-10-31 21:58:22,495 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:58:21" (2/3) ... [2024-10-31 21:58:22,497 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@673f716d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 09:58:22, skipping insertion in model container [2024-10-31 21:58:22,497 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 09:58:22" (3/3) ... [2024-10-31 21:58:22,498 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product63.cil.c [2024-10-31 21:58:22,518 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-31 21:58:22,518 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-31 21:58:22,599 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-31 21:58:22,612 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@f54f671, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-31 21:58:22,612 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-31 21:58:22,618 INFO L276 IsEmpty]: Start isEmpty. Operand has 112 states, 81 states have (on average 1.3703703703703705) internal successors, (111), 92 states have internal predecessors, (111), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) [2024-10-31 21:58:22,629 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-31 21:58:22,629 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:22,630 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:22,630 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:22,635 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:22,635 INFO L85 PathProgramCache]: Analyzing trace with hash 155128550, now seen corresponding path program 1 times [2024-10-31 21:58:22,645 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:22,645 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1817599992] [2024-10-31 21:58:22,646 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:22,646 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:22,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:22,848 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-31 21:58:22,851 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:22,856 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 21:58:22,857 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:22,857 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1817599992] [2024-10-31 21:58:22,858 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1817599992] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:22,858 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:58:22,858 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-31 21:58:22,860 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1345040634] [2024-10-31 21:58:22,861 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:22,865 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-31 21:58:22,865 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:22,904 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-31 21:58:22,905 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 21:58:22,908 INFO L87 Difference]: Start difference. First operand has 112 states, 81 states have (on average 1.3703703703703705) internal successors, (111), 92 states have internal predecessors, (111), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-31 21:58:22,962 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:22,964 INFO L93 Difference]: Finished difference Result 216 states and 293 transitions. [2024-10-31 21:58:22,965 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-31 21:58:22,966 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2024-10-31 21:58:22,967 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:22,979 INFO L225 Difference]: With dead ends: 216 [2024-10-31 21:58:22,980 INFO L226 Difference]: Without dead ends: 103 [2024-10-31 21:58:22,986 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 21:58:22,989 INFO L432 NwaCegarLoop]: 143 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 143 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:22,994 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 143 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 21:58:23,016 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2024-10-31 21:58:23,052 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 103. [2024-10-31 21:58:23,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 103 states, 74 states have (on average 1.3108108108108107) internal successors, (97), 84 states have internal predecessors, (97), 19 states have call successors, (19), 10 states have call predecessors, (19), 9 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-10-31 21:58:23,057 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 103 states to 103 states and 134 transitions. [2024-10-31 21:58:23,061 INFO L78 Accepts]: Start accepts. Automaton has 103 states and 134 transitions. Word has length 23 [2024-10-31 21:58:23,062 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:23,062 INFO L471 AbstractCegarLoop]: Abstraction has 103 states and 134 transitions. [2024-10-31 21:58:23,062 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-31 21:58:23,062 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 134 transitions. [2024-10-31 21:58:23,066 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-10-31 21:58:23,067 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:23,067 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:23,067 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-31 21:58:23,067 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:23,070 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:23,070 INFO L85 PathProgramCache]: Analyzing trace with hash -389594040, now seen corresponding path program 1 times [2024-10-31 21:58:23,071 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:23,071 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [613191440] [2024-10-31 21:58:23,071 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:23,071 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:23,113 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:23,238 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-31 21:58:23,241 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:23,245 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 21:58:23,245 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:23,245 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [613191440] [2024-10-31 21:58:23,246 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [613191440] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:23,246 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:58:23,246 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 21:58:23,246 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1737939289] [2024-10-31 21:58:23,247 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:23,248 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 21:58:23,248 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:23,249 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 21:58:23,249 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:58:23,250 INFO L87 Difference]: Start difference. First operand 103 states and 134 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-31 21:58:23,313 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:23,316 INFO L93 Difference]: Finished difference Result 168 states and 218 transitions. [2024-10-31 21:58:23,317 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 21:58:23,317 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2024-10-31 21:58:23,318 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:23,320 INFO L225 Difference]: With dead ends: 168 [2024-10-31 21:58:23,323 INFO L226 Difference]: Without dead ends: 94 [2024-10-31 21:58:23,324 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:58:23,326 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 16 mSDsluCounter, 100 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 221 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:23,326 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 221 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 21:58:23,327 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 94 states. [2024-10-31 21:58:23,337 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 94 to 94. [2024-10-31 21:58:23,338 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 94 states, 68 states have (on average 1.3235294117647058) internal successors, (90), 78 states have internal predecessors, (90), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-10-31 21:58:23,340 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 94 states to 94 states and 122 transitions. [2024-10-31 21:58:23,340 INFO L78 Accepts]: Start accepts. Automaton has 94 states and 122 transitions. Word has length 24 [2024-10-31 21:58:23,340 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:23,341 INFO L471 AbstractCegarLoop]: Abstraction has 94 states and 122 transitions. [2024-10-31 21:58:23,341 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-31 21:58:23,341 INFO L276 IsEmpty]: Start isEmpty. Operand 94 states and 122 transitions. [2024-10-31 21:58:23,342 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2024-10-31 21:58:23,343 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:23,343 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:23,343 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-31 21:58:23,344 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:23,348 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:23,348 INFO L85 PathProgramCache]: Analyzing trace with hash -2116148500, now seen corresponding path program 1 times [2024-10-31 21:58:23,349 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:23,349 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [671553155] [2024-10-31 21:58:23,349 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:23,350 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:23,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:23,554 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 21:58:23,556 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:23,581 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 21:58:23,581 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:23,582 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [671553155] [2024-10-31 21:58:23,582 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [671553155] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:23,582 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:58:23,582 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 21:58:23,583 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1015217164] [2024-10-31 21:58:23,583 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:23,583 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 21:58:23,584 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:23,584 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 21:58:23,585 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:58:23,587 INFO L87 Difference]: Start difference. First operand 94 states and 122 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-31 21:58:23,667 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:23,667 INFO L93 Difference]: Finished difference Result 267 states and 352 transitions. [2024-10-31 21:58:23,668 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 21:58:23,668 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2024-10-31 21:58:23,669 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:23,671 INFO L225 Difference]: With dead ends: 267 [2024-10-31 21:58:23,672 INFO L226 Difference]: Without dead ends: 180 [2024-10-31 21:58:23,673 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:58:23,674 INFO L432 NwaCegarLoop]: 141 mSDtfsCounter, 102 mSDsluCounter, 112 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 102 SdHoareTripleChecker+Valid, 253 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:23,675 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [102 Valid, 253 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 21:58:23,677 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 180 states. [2024-10-31 21:58:23,724 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 180 to 177. [2024-10-31 21:58:23,725 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 177 states, 126 states have (on average 1.3412698412698412) internal successors, (169), 145 states have internal predecessors, (169), 32 states have call successors, (32), 18 states have call predecessors, (32), 18 states have return successors, (32), 21 states have call predecessors, (32), 32 states have call successors, (32) [2024-10-31 21:58:23,728 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 233 transitions. [2024-10-31 21:58:23,729 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 233 transitions. Word has length 28 [2024-10-31 21:58:23,729 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:23,729 INFO L471 AbstractCegarLoop]: Abstraction has 177 states and 233 transitions. [2024-10-31 21:58:23,730 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-31 21:58:23,730 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 233 transitions. [2024-10-31 21:58:23,732 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-10-31 21:58:23,733 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:23,733 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:23,733 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-31 21:58:23,734 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:23,735 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:23,735 INFO L85 PathProgramCache]: Analyzing trace with hash -1322411102, now seen corresponding path program 1 times [2024-10-31 21:58:23,735 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:23,736 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [131655583] [2024-10-31 21:58:23,736 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:23,736 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:23,779 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:23,958 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 21:58:23,961 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:23,965 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 21:58:23,966 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:23,966 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [131655583] [2024-10-31 21:58:23,966 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [131655583] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:23,966 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:58:23,967 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 21:58:23,967 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [237740897] [2024-10-31 21:58:23,967 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:23,968 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 21:58:23,968 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:23,969 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 21:58:23,969 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 21:58:23,970 INFO L87 Difference]: Start difference. First operand 177 states and 233 transitions. Second operand has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-31 21:58:24,102 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:24,102 INFO L93 Difference]: Finished difference Result 449 states and 604 transitions. [2024-10-31 21:58:24,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-31 21:58:24,105 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2024-10-31 21:58:24,105 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:24,112 INFO L225 Difference]: With dead ends: 449 [2024-10-31 21:58:24,112 INFO L226 Difference]: Without dead ends: 279 [2024-10-31 21:58:24,114 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-31 21:58:24,119 INFO L432 NwaCegarLoop]: 115 mSDtfsCounter, 66 mSDsluCounter, 306 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 421 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:24,120 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 421 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-31 21:58:24,124 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 279 states. [2024-10-31 21:58:24,161 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 279 to 278. [2024-10-31 21:58:24,162 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 278 states, 201 states have (on average 1.2885572139303483) internal successors, (259), 220 states have internal predecessors, (259), 42 states have call successors, (42), 34 states have call predecessors, (42), 34 states have return successors, (54), 37 states have call predecessors, (54), 42 states have call successors, (54) [2024-10-31 21:58:24,165 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 278 states to 278 states and 355 transitions. [2024-10-31 21:58:24,166 INFO L78 Accepts]: Start accepts. Automaton has 278 states and 355 transitions. Word has length 32 [2024-10-31 21:58:24,166 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:24,166 INFO L471 AbstractCegarLoop]: Abstraction has 278 states and 355 transitions. [2024-10-31 21:58:24,167 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-10-31 21:58:24,167 INFO L276 IsEmpty]: Start isEmpty. Operand 278 states and 355 transitions. [2024-10-31 21:58:24,169 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-10-31 21:58:24,169 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:24,170 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:24,170 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-31 21:58:24,170 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:24,171 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:24,171 INFO L85 PathProgramCache]: Analyzing trace with hash -1980945601, now seen corresponding path program 1 times [2024-10-31 21:58:24,172 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:24,172 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1343183358] [2024-10-31 21:58:24,172 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:24,173 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:24,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:24,297 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 21:58:24,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:24,335 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:58:24,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:24,400 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:58:24,402 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:24,406 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:58:24,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:24,410 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-10-31 21:58:24,412 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:24,416 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:58:24,417 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:24,417 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1343183358] [2024-10-31 21:58:24,417 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1343183358] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:24,417 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:58:24,417 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 21:58:24,417 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [533285375] [2024-10-31 21:58:24,418 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:24,418 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 21:58:24,418 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:24,420 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 21:58:24,421 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 21:58:24,421 INFO L87 Difference]: Start difference. First operand 278 states and 355 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-31 21:58:24,741 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:24,742 INFO L93 Difference]: Finished difference Result 609 states and 798 transitions. [2024-10-31 21:58:24,743 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-31 21:58:24,743 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 59 [2024-10-31 21:58:24,744 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:24,746 INFO L225 Difference]: With dead ends: 609 [2024-10-31 21:58:24,746 INFO L226 Difference]: Without dead ends: 338 [2024-10-31 21:58:24,751 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-31 21:58:24,752 INFO L432 NwaCegarLoop]: 89 mSDtfsCounter, 66 mSDsluCounter, 294 mSDsCounter, 0 mSdLazyCounter, 165 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 72 SdHoareTripleChecker+Valid, 383 SdHoareTripleChecker+Invalid, 183 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 165 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:24,752 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [72 Valid, 383 Invalid, 183 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 165 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 21:58:24,754 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 338 states. [2024-10-31 21:58:24,805 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 338 to 336. [2024-10-31 21:58:24,806 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 336 states, 245 states have (on average 1.2612244897959184) internal successors, (309), 264 states have internal predecessors, (309), 46 states have call successors, (46), 34 states have call predecessors, (46), 44 states have return successors, (68), 49 states have call predecessors, (68), 46 states have call successors, (68) [2024-10-31 21:58:24,810 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 336 states to 336 states and 423 transitions. [2024-10-31 21:58:24,811 INFO L78 Accepts]: Start accepts. Automaton has 336 states and 423 transitions. Word has length 59 [2024-10-31 21:58:24,811 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:24,812 INFO L471 AbstractCegarLoop]: Abstraction has 336 states and 423 transitions. [2024-10-31 21:58:24,812 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-31 21:58:24,812 INFO L276 IsEmpty]: Start isEmpty. Operand 336 states and 423 transitions. [2024-10-31 21:58:24,813 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-10-31 21:58:24,813 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:24,814 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:24,814 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-31 21:58:24,814 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:24,814 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:24,814 INFO L85 PathProgramCache]: Analyzing trace with hash -1706185987, now seen corresponding path program 1 times [2024-10-31 21:58:24,815 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:24,815 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [240997191] [2024-10-31 21:58:24,819 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:24,819 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:24,842 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:24,927 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 21:58:24,937 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:24,962 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:58:24,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,031 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:58:25,034 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,038 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:58:25,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,044 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-10-31 21:58:25,045 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,050 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:58:25,051 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:25,051 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [240997191] [2024-10-31 21:58:25,051 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [240997191] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:25,051 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:58:25,051 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 21:58:25,051 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [890651687] [2024-10-31 21:58:25,052 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:25,052 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 21:58:25,052 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:25,053 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 21:58:25,053 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 21:58:25,053 INFO L87 Difference]: Start difference. First operand 336 states and 423 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-31 21:58:25,297 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:25,297 INFO L93 Difference]: Finished difference Result 671 states and 870 transitions. [2024-10-31 21:58:25,298 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-31 21:58:25,298 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 59 [2024-10-31 21:58:25,299 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:25,301 INFO L225 Difference]: With dead ends: 671 [2024-10-31 21:58:25,301 INFO L226 Difference]: Without dead ends: 342 [2024-10-31 21:58:25,303 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-31 21:58:25,304 INFO L432 NwaCegarLoop]: 90 mSDtfsCounter, 65 mSDsluCounter, 209 mSDsCounter, 0 mSdLazyCounter, 125 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 299 SdHoareTripleChecker+Invalid, 143 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 125 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:25,308 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 299 Invalid, 143 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 21:58:25,309 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 342 states. [2024-10-31 21:58:25,347 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 342 to 340. [2024-10-31 21:58:25,348 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 340 states, 249 states have (on average 1.2570281124497993) internal successors, (313), 268 states have internal predecessors, (313), 46 states have call successors, (46), 34 states have call predecessors, (46), 44 states have return successors, (68), 49 states have call predecessors, (68), 46 states have call successors, (68) [2024-10-31 21:58:25,352 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 340 states to 340 states and 427 transitions. [2024-10-31 21:58:25,353 INFO L78 Accepts]: Start accepts. Automaton has 340 states and 427 transitions. Word has length 59 [2024-10-31 21:58:25,353 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:25,353 INFO L471 AbstractCegarLoop]: Abstraction has 340 states and 427 transitions. [2024-10-31 21:58:25,354 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-10-31 21:58:25,354 INFO L276 IsEmpty]: Start isEmpty. Operand 340 states and 427 transitions. [2024-10-31 21:58:25,356 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-10-31 21:58:25,356 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:25,357 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:25,357 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-31 21:58:25,358 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:25,359 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:25,360 INFO L85 PathProgramCache]: Analyzing trace with hash 344798011, now seen corresponding path program 1 times [2024-10-31 21:58:25,360 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:25,361 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1680696473] [2024-10-31 21:58:25,361 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:25,362 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:25,383 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,475 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 21:58:25,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,513 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:58:25,518 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,541 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:58:25,544 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,548 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:58:25,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,550 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-10-31 21:58:25,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:25,555 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:58:25,556 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:25,556 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1680696473] [2024-10-31 21:58:25,556 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1680696473] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:25,556 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:58:25,556 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 21:58:25,557 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [541891894] [2024-10-31 21:58:25,557 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:25,557 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 21:58:25,557 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:25,558 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 21:58:25,558 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 21:58:25,558 INFO L87 Difference]: Start difference. First operand 340 states and 427 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-31 21:58:25,962 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:25,962 INFO L93 Difference]: Finished difference Result 941 states and 1230 transitions. [2024-10-31 21:58:25,962 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 21:58:25,963 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 59 [2024-10-31 21:58:25,963 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:25,967 INFO L225 Difference]: With dead ends: 941 [2024-10-31 21:58:25,967 INFO L226 Difference]: Without dead ends: 608 [2024-10-31 21:58:25,969 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 13 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-31 21:58:25,969 INFO L432 NwaCegarLoop]: 134 mSDtfsCounter, 245 mSDsluCounter, 189 mSDsCounter, 0 mSdLazyCounter, 169 mSolverCounterSat, 76 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 253 SdHoareTripleChecker+Valid, 323 SdHoareTripleChecker+Invalid, 245 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 76 IncrementalHoareTripleChecker+Valid, 169 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:25,970 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [253 Valid, 323 Invalid, 245 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [76 Valid, 169 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-31 21:58:25,971 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 608 states. [2024-10-31 21:58:26,034 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 608 to 601. [2024-10-31 21:58:26,036 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 601 states, 442 states have (on average 1.2330316742081449) internal successors, (545), 470 states have internal predecessors, (545), 81 states have call successors, (81), 71 states have call predecessors, (81), 77 states have return successors, (133), 82 states have call predecessors, (133), 81 states have call successors, (133) [2024-10-31 21:58:26,039 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 601 states to 601 states and 759 transitions. [2024-10-31 21:58:26,040 INFO L78 Accepts]: Start accepts. Automaton has 601 states and 759 transitions. Word has length 59 [2024-10-31 21:58:26,041 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:26,041 INFO L471 AbstractCegarLoop]: Abstraction has 601 states and 759 transitions. [2024-10-31 21:58:26,041 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-31 21:58:26,041 INFO L276 IsEmpty]: Start isEmpty. Operand 601 states and 759 transitions. [2024-10-31 21:58:26,042 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2024-10-31 21:58:26,043 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:26,043 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:26,043 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-31 21:58:26,043 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:26,044 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:26,044 INFO L85 PathProgramCache]: Analyzing trace with hash 616558741, now seen corresponding path program 1 times [2024-10-31 21:58:26,044 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:26,044 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1392401596] [2024-10-31 21:58:26,045 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:26,045 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:26,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:26,156 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-31 21:58:26,158 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:26,168 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 21:58:26,173 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:26,180 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:58:26,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:26,189 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:58:26,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:26,192 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:58:26,193 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:26,195 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 54 [2024-10-31 21:58:26,197 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:26,210 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-31 21:58:26,210 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:26,211 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1392401596] [2024-10-31 21:58:26,211 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1392401596] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:26,211 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:58:26,211 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-31 21:58:26,211 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [239050370] [2024-10-31 21:58:26,211 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:26,212 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-31 21:58:26,212 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:26,212 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-31 21:58:26,212 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-10-31 21:58:26,213 INFO L87 Difference]: Start difference. First operand 601 states and 759 transitions. Second operand has 8 states, 8 states have (on average 6.25) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-10-31 21:58:27,153 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:27,154 INFO L93 Difference]: Finished difference Result 1993 states and 2611 transitions. [2024-10-31 21:58:27,154 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-10-31 21:58:27,154 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.25) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 63 [2024-10-31 21:58:27,156 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:27,166 INFO L225 Difference]: With dead ends: 1993 [2024-10-31 21:58:27,166 INFO L226 Difference]: Without dead ends: 1399 [2024-10-31 21:58:27,169 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 84 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=112, Invalid=350, Unknown=0, NotChecked=0, Total=462 [2024-10-31 21:58:27,169 INFO L432 NwaCegarLoop]: 64 mSDtfsCounter, 360 mSDsluCounter, 286 mSDsCounter, 0 mSdLazyCounter, 467 mSolverCounterSat, 158 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 367 SdHoareTripleChecker+Valid, 350 SdHoareTripleChecker+Invalid, 625 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 158 IncrementalHoareTripleChecker+Valid, 467 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:27,170 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [367 Valid, 350 Invalid, 625 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [158 Valid, 467 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-31 21:58:27,172 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1399 states. [2024-10-31 21:58:27,312 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1399 to 1357. [2024-10-31 21:58:27,315 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1357 states, 988 states have (on average 1.2044534412955465) internal successors, (1190), 1059 states have internal predecessors, (1190), 194 states have call successors, (194), 142 states have call predecessors, (194), 174 states have return successors, (352), 200 states have call predecessors, (352), 194 states have call successors, (352) [2024-10-31 21:58:27,322 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1357 states to 1357 states and 1736 transitions. [2024-10-31 21:58:27,324 INFO L78 Accepts]: Start accepts. Automaton has 1357 states and 1736 transitions. Word has length 63 [2024-10-31 21:58:27,325 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:27,325 INFO L471 AbstractCegarLoop]: Abstraction has 1357 states and 1736 transitions. [2024-10-31 21:58:27,325 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.25) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-10-31 21:58:27,325 INFO L276 IsEmpty]: Start isEmpty. Operand 1357 states and 1736 transitions. [2024-10-31 21:58:27,328 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2024-10-31 21:58:27,328 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:27,328 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:27,329 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-31 21:58:27,329 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:27,329 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:27,330 INFO L85 PathProgramCache]: Analyzing trace with hash 1067655569, now seen corresponding path program 1 times [2024-10-31 21:58:27,330 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:27,330 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [910752181] [2024-10-31 21:58:27,330 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:27,330 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:27,345 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:27,470 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-31 21:58:27,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:27,494 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-10-31 21:58:27,496 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:27,543 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-10-31 21:58:27,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:27,630 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:58:27,636 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:27,717 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:58:27,720 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:27,786 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:58:27,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:27,811 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2024-10-31 21:58:27,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:27,814 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-31 21:58:27,814 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:27,815 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [910752181] [2024-10-31 21:58:27,815 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [910752181] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 21:58:27,815 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1837875182] [2024-10-31 21:58:27,815 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:27,815 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 21:58:27,816 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 21:58:27,818 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 21:58:27,820 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-31 21:58:27,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:27,927 INFO L255 TraceCheckSpWp]: Trace formula consists of 244 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-10-31 21:58:27,946 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 21:58:28,311 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 21:58:28,313 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-31 21:58:28,313 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1837875182] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:28,313 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-31 21:58:28,314 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [15] total 21 [2024-10-31 21:58:28,314 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1037810229] [2024-10-31 21:58:28,314 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:28,315 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-31 21:58:28,315 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:28,315 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-31 21:58:28,316 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=54, Invalid=366, Unknown=0, NotChecked=0, Total=420 [2024-10-31 21:58:28,317 INFO L87 Difference]: Start difference. First operand 1357 states and 1736 transitions. Second operand has 8 states, 8 states have (on average 6.5) internal successors, (52), 6 states have internal predecessors, (52), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) [2024-10-31 21:58:28,690 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:28,690 INFO L93 Difference]: Finished difference Result 2637 states and 3389 transitions. [2024-10-31 21:58:28,691 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-10-31 21:58:28,691 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.5) internal successors, (52), 6 states have internal predecessors, (52), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) Word has length 67 [2024-10-31 21:58:28,691 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:28,699 INFO L225 Difference]: With dead ends: 2637 [2024-10-31 21:58:28,700 INFO L226 Difference]: Without dead ends: 1287 [2024-10-31 21:58:28,704 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 90 GetRequests, 71 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=54, Invalid=366, Unknown=0, NotChecked=0, Total=420 [2024-10-31 21:58:28,705 INFO L432 NwaCegarLoop]: 222 mSDtfsCounter, 79 mSDsluCounter, 921 mSDsCounter, 0 mSdLazyCounter, 213 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 1143 SdHoareTripleChecker+Invalid, 214 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 213 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:28,705 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [81 Valid, 1143 Invalid, 214 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 213 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 21:58:28,707 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1287 states. [2024-10-31 21:58:28,896 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1287 to 1287. [2024-10-31 21:58:28,898 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1287 states, 934 states have (on average 1.1927194860813704) internal successors, (1114), 1003 states have internal predecessors, (1114), 188 states have call successors, (188), 138 states have call predecessors, (188), 164 states have return successors, (308), 188 states have call predecessors, (308), 188 states have call successors, (308) [2024-10-31 21:58:28,904 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1287 states to 1287 states and 1610 transitions. [2024-10-31 21:58:28,906 INFO L78 Accepts]: Start accepts. Automaton has 1287 states and 1610 transitions. Word has length 67 [2024-10-31 21:58:28,906 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:28,907 INFO L471 AbstractCegarLoop]: Abstraction has 1287 states and 1610 transitions. [2024-10-31 21:58:28,907 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.5) internal successors, (52), 6 states have internal predecessors, (52), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) [2024-10-31 21:58:28,907 INFO L276 IsEmpty]: Start isEmpty. Operand 1287 states and 1610 transitions. [2024-10-31 21:58:28,910 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 95 [2024-10-31 21:58:28,910 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:28,910 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:28,931 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-31 21:58:29,114 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable8 [2024-10-31 21:58:29,115 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:29,115 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:29,115 INFO L85 PathProgramCache]: Analyzing trace with hash -1513239529, now seen corresponding path program 1 times [2024-10-31 21:58:29,115 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:29,115 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [479906009] [2024-10-31 21:58:29,115 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:29,116 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:29,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,209 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-31 21:58:29,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,221 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 21:58:29,228 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,257 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 21:58:29,262 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,269 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:58:29,273 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,278 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:58:29,280 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,282 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:58:29,284 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-10-31 21:58:29,288 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,298 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2024-10-31 21:58:29,300 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,301 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 85 [2024-10-31 21:58:29,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:29,305 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-10-31 21:58:29,306 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:29,306 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [479906009] [2024-10-31 21:58:29,306 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [479906009] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:29,306 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:58:29,306 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-31 21:58:29,307 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [431818431] [2024-10-31 21:58:29,307 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:29,308 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-31 21:58:29,308 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:29,309 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-31 21:58:29,309 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-10-31 21:58:29,309 INFO L87 Difference]: Start difference. First operand 1287 states and 1610 transitions. Second operand has 8 states, 8 states have (on average 8.875) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (10), 6 states have call predecessors, (10), 2 states have return successors, (9), 3 states have call predecessors, (9), 4 states have call successors, (9) [2024-10-31 21:58:30,128 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:30,128 INFO L93 Difference]: Finished difference Result 1535 states and 1910 transitions. [2024-10-31 21:58:30,129 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-10-31 21:58:30,129 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 8.875) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (10), 6 states have call predecessors, (10), 2 states have return successors, (9), 3 states have call predecessors, (9), 4 states have call successors, (9) Word has length 94 [2024-10-31 21:58:30,129 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:30,134 INFO L225 Difference]: With dead ends: 1535 [2024-10-31 21:58:30,134 INFO L226 Difference]: Without dead ends: 650 [2024-10-31 21:58:30,136 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 35 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=68, Invalid=172, Unknown=0, NotChecked=0, Total=240 [2024-10-31 21:58:30,137 INFO L432 NwaCegarLoop]: 55 mSDtfsCounter, 335 mSDsluCounter, 182 mSDsCounter, 0 mSdLazyCounter, 439 mSolverCounterSat, 120 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 344 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 559 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 120 IncrementalHoareTripleChecker+Valid, 439 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:30,138 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [344 Valid, 237 Invalid, 559 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [120 Valid, 439 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-31 21:58:30,139 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 650 states. [2024-10-31 21:58:30,206 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 650 to 630. [2024-10-31 21:58:30,208 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 630 states, 457 states have (on average 1.1575492341356675) internal successors, (529), 489 states have internal predecessors, (529), 91 states have call successors, (91), 68 states have call predecessors, (91), 81 states have return successors, (151), 92 states have call predecessors, (151), 91 states have call successors, (151) [2024-10-31 21:58:30,211 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 630 states to 630 states and 771 transitions. [2024-10-31 21:58:30,213 INFO L78 Accepts]: Start accepts. Automaton has 630 states and 771 transitions. Word has length 94 [2024-10-31 21:58:30,213 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:30,213 INFO L471 AbstractCegarLoop]: Abstraction has 630 states and 771 transitions. [2024-10-31 21:58:30,213 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 8.875) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (10), 6 states have call predecessors, (10), 2 states have return successors, (9), 3 states have call predecessors, (9), 4 states have call successors, (9) [2024-10-31 21:58:30,214 INFO L276 IsEmpty]: Start isEmpty. Operand 630 states and 771 transitions. [2024-10-31 21:58:30,216 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2024-10-31 21:58:30,216 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:58:30,216 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:30,216 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-10-31 21:58:30,217 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:58:30,217 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:58:30,217 INFO L85 PathProgramCache]: Analyzing trace with hash 1984934984, now seen corresponding path program 1 times [2024-10-31 21:58:30,217 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:58:30,217 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [617044750] [2024-10-31 21:58:30,217 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:30,218 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:58:30,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,362 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-31 21:58:30,363 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,380 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 21:58:30,384 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,398 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-10-31 21:58:30,402 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,406 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:58:30,410 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,414 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:58:30,416 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,418 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:58:30,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,421 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-10-31 21:58:30,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,432 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2024-10-31 21:58:30,434 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,449 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2024-10-31 21:58:30,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,512 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:58:30,514 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,567 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 92 [2024-10-31 21:58:30,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,574 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-31 21:58:30,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,576 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:58:30,577 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,578 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 112 [2024-10-31 21:58:30,583 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,584 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 14 proven. 12 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2024-10-31 21:58:30,585 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:58:30,585 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [617044750] [2024-10-31 21:58:30,585 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [617044750] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 21:58:30,585 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1369527129] [2024-10-31 21:58:30,585 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:58:30,585 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 21:58:30,585 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 21:58:30,588 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 21:58:30,589 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-10-31 21:58:30,725 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:58:30,729 INFO L255 TraceCheckSpWp]: Trace formula consists of 367 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-10-31 21:58:30,735 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 21:58:30,932 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 39 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-10-31 21:58:30,932 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-10-31 21:58:30,932 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1369527129] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:58:30,933 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-10-31 21:58:30,933 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [14] total 19 [2024-10-31 21:58:30,933 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1102187023] [2024-10-31 21:58:30,933 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:58:30,934 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-31 21:58:30,934 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:58:30,935 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-31 21:58:30,935 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=49, Invalid=293, Unknown=0, NotChecked=0, Total=342 [2024-10-31 21:58:30,935 INFO L87 Difference]: Start difference. First operand 630 states and 771 transitions. Second operand has 8 states, 8 states have (on average 10.75) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2024-10-31 21:58:31,153 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:58:31,153 INFO L93 Difference]: Finished difference Result 1083 states and 1345 transitions. [2024-10-31 21:58:31,154 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-10-31 21:58:31,154 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) Word has length 121 [2024-10-31 21:58:31,154 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:58:31,156 INFO L225 Difference]: With dead ends: 1083 [2024-10-31 21:58:31,156 INFO L226 Difference]: Without dead ends: 0 [2024-10-31 21:58:31,159 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 158 GetRequests, 139 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 47 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=61, Invalid=359, Unknown=0, NotChecked=0, Total=420 [2024-10-31 21:58:31,160 INFO L432 NwaCegarLoop]: 186 mSDtfsCounter, 62 mSDsluCounter, 736 mSDsCounter, 0 mSdLazyCounter, 111 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 922 SdHoareTripleChecker+Invalid, 111 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 111 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-31 21:58:31,161 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 922 Invalid, 111 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 111 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-31 21:58:31,161 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-31 21:58:31,161 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-31 21:58:31,161 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-31 21:58:31,162 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-31 21:58:31,163 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 121 [2024-10-31 21:58:31,163 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:58:31,163 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-31 21:58:31,164 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2024-10-31 21:58:31,164 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-31 21:58:31,164 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-31 21:58:31,167 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-31 21:58:31,188 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-10-31 21:58:31,369 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 21:58:31,372 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:58:31,375 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-31 21:58:36,521 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-10-31 21:58:36,546 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse3 (<= 2 ~waterLevel~0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1) (and .cse2 .cse3 .cse4) (and .cse2 .cse1) (and .cse0 .cse3 .cse4)))) Eliminated clause: (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse3 (<= 2 ~waterLevel~0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1) (and .cse2 .cse3 .cse4) (and .cse2 .cse1) (and .cse0 .cse3 .cse4))) [2024-10-31 21:58:36,565 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (and (let ((.cse2 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= 1 |old(~methaneLevelCritical~0)|)) (.cse3 (= |old(~methaneLevelCritical~0)| 0)) (.cse4 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse3 .cse2) (and .cse0 .cse1 .cse4) (and .cse3 .cse4))) (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) Eliminated clause: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~methaneLevelCritical~0)) (.cse2 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse1 .cse3) (and .cse0 .cse4 .cse3) (and .cse0 .cse4 .cse2))) [2024-10-31 21:58:36,587 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse3 (= 0 ~systemActive~0))) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (<= 1 ~methaneLevelCritical~0))) (or (and .cse0 .cse1) (and .cse2 .cse3) (and .cse2 .cse1) (and .cse0 .cse3))) (or (= ~pumpRunning~0 0) (not .cse3)) (= |old(~waterLevel~0)| ~waterLevel~0))) Eliminated clause: (let ((.cse3 (= 0 ~systemActive~0))) (and (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (<= 1 ~methaneLevelCritical~0))) (or (and .cse0 .cse1) (and .cse2 .cse3) (and .cse2 .cse1) (and .cse0 .cse3))) (or (= ~pumpRunning~0 0) (not .cse3)))) [2024-10-31 21:58:36,609 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0)))) Eliminated clause: (and (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0)))) [2024-10-31 21:58:36,620 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~methaneLevelCritical~0)) (.cse2 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse1 .cse3) (and .cse0 .cse4 .cse3) (and .cse0 .cse4 .cse2)))) Eliminated clause: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~methaneLevelCritical~0)) (.cse2 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse1 .cse3) (and .cse0 .cse4 .cse3) (and .cse0 .cse4 .cse2))) [2024-10-31 21:58:36,629 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0)))) Eliminated clause: (and (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0)))) [2024-10-31 21:58:36,638 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 31.10 09:58:36 BoogieIcfgContainer [2024-10-31 21:58:36,638 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-31 21:58:36,639 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-31 21:58:36,639 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-31 21:58:36,639 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-31 21:58:36,640 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 09:58:22" (3/4) ... [2024-10-31 21:58:36,643 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-10-31 21:58:36,648 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-31 21:58:36,648 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-31 21:58:36,648 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-31 21:58:36,648 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-31 21:58:36,648 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-10-31 21:58:36,649 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-31 21:58:36,649 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 21:58:36,649 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-31 21:58:36,649 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-10-31 21:58:36,649 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-10-31 21:58:36,659 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-10-31 21:58:36,659 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-10-31 21:58:36,660 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-31 21:58:36,660 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 21:58:36,661 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 21:58:36,807 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/witness.graphml [2024-10-31 21:58:36,808 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/witness.yml [2024-10-31 21:58:36,808 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-31 21:58:36,809 INFO L158 Benchmark]: Toolchain (without parser) took 15802.48ms. Allocated memory was 138.4MB in the beginning and 262.1MB in the end (delta: 123.7MB). Free memory was 95.8MB in the beginning and 109.0MB in the end (delta: -13.2MB). Peak memory consumption was 113.2MB. Max. memory is 16.1GB. [2024-10-31 21:58:36,809 INFO L158 Benchmark]: CDTParser took 0.24ms. Allocated memory is still 138.4MB. Free memory is still 111.9MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-31 21:58:36,810 INFO L158 Benchmark]: CACSL2BoogieTranslator took 639.59ms. Allocated memory is still 138.4MB. Free memory was 95.8MB in the beginning and 73.9MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-31 21:58:36,810 INFO L158 Benchmark]: Boogie Procedure Inliner took 62.37ms. Allocated memory is still 138.4MB. Free memory was 73.9MB in the beginning and 71.3MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 21:58:36,810 INFO L158 Benchmark]: Boogie Preprocessor took 86.17ms. Allocated memory is still 138.4MB. Free memory was 71.3MB in the beginning and 69.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 21:58:36,811 INFO L158 Benchmark]: RCFGBuilder took 678.72ms. Allocated memory is still 138.4MB. Free memory was 69.2MB in the beginning and 97.3MB in the end (delta: -28.2MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2024-10-31 21:58:36,811 INFO L158 Benchmark]: TraceAbstraction took 14150.99ms. Allocated memory was 138.4MB in the beginning and 262.1MB in the end (delta: 123.7MB). Free memory was 96.7MB in the beginning and 117.4MB in the end (delta: -20.7MB). Peak memory consumption was 149.5MB. Max. memory is 16.1GB. [2024-10-31 21:58:36,812 INFO L158 Benchmark]: Witness Printer took 169.57ms. Allocated memory is still 262.1MB. Free memory was 117.4MB in the beginning and 109.0MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-31 21:58:36,814 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.24ms. Allocated memory is still 138.4MB. Free memory is still 111.9MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 639.59ms. Allocated memory is still 138.4MB. Free memory was 95.8MB in the beginning and 73.9MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 62.37ms. Allocated memory is still 138.4MB. Free memory was 73.9MB in the beginning and 71.3MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 86.17ms. Allocated memory is still 138.4MB. Free memory was 71.3MB in the beginning and 69.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 678.72ms. Allocated memory is still 138.4MB. Free memory was 69.2MB in the beginning and 97.3MB in the end (delta: -28.2MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 14150.99ms. Allocated memory was 138.4MB in the beginning and 262.1MB in the end (delta: 123.7MB). Free memory was 96.7MB in the beginning and 117.4MB in the end (delta: -20.7MB). Peak memory consumption was 149.5MB. Max. memory is 16.1GB. * Witness Printer took 169.57ms. Allocated memory is still 262.1MB. Free memory was 117.4MB in the beginning and 109.0MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 316]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [316] - GenericResultAtLocation [Line: 386]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [386] - GenericResultAtLocation [Line: 395]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [395] - GenericResultAtLocation [Line: 761]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [761] - GenericResultAtLocation [Line: 860]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [860] - GenericResultAtLocation [Line: 886]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [886] - GenericResultAtLocation [Line: 990]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [990] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 391]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 112 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 8.8s, OverallIterations: 11, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1441 SdHoareTripleChecker+Valid, 2.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1396 mSDsluCounter, 4695 SdHoareTripleChecker+Invalid, 1.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3335 mSDsCounter, 402 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1728 IncrementalHoareTripleChecker+Invalid, 2130 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 402 mSolverCounterUnsat, 1360 mSDtfsCounter, 1728 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 397 GetRequests, 300 SyntacticMatches, 1 SemanticMatches, 96 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 202 ImplicationChecksByTransitivity, 1.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1357occurred in iteration=8, InterpolantAutomatonStates: 78, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 11 MinimizatonAttempts, 77 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.9s InterpolantComputationTime, 817 NumberOfCodeBlocks, 817 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 804 ConstructedInterpolants, 0 QuantifiedInterpolants, 1482 SizeOfPredicates, 1 NumberOfNonLiveVariables, 611 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 13 InterpolantComputations, 11 PerfectInterpolantSequences, 124/138 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 329]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 773]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 330]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0)) && (0 == systemActive)) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (0 == systemActive))) || (((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (splverifierCounter == 0))) - ProcedureContractResult [Line: 199]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((((1 <= methaneLevelCritical) && (1 == systemActive)) || (((methaneLevelCritical == 0) && (2 <= waterLevel)) && (0 != systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && (((((1 <= methaneLevelCritical) && (1 == systemActive)) || (((methaneLevelCritical == 0) && (2 <= waterLevel)) && (0 != systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (0 != systemActive)))) && (((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 89]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 914]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive))) Ensures: (((((((((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (0 == systemActive)) || (((pumpRunning == 0) && (\old(methaneLevelCritical) == 0)) && (0 == systemActive))) || (((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (1 == systemActive))) || ((\old(methaneLevelCritical) == 0) && (1 == systemActive))) && ((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 763]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 926]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((((1 <= methaneLevelCritical) && (1 == systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive))) Ensures: (((\result == methaneLevelCritical) && (((((1 <= methaneLevelCritical) && (1 == systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive)))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 65]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (0 == systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || ((1 <= methaneLevelCritical) && (0 == systemActive))) && ((pumpRunning == 0) || (0 != systemActive))) Ensures: ((((((((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (\old(pumpRunning) == 0))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || ((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && (((\old(pumpRunning) != 0) || ((1 == systemActive) && (\old(waterLevel) == waterLevel))) || (0 == systemActive))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 97]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((pumpRunning == 0) || (methaneLevelCritical < 1)) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) Ensures: ((((((methaneLevelCritical == 0) && (1 == systemActive)) || (((1 <= methaneLevelCritical) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && ((pumpRunning == \old(pumpRunning)) || (1 < waterLevel))) && (((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 902]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive))) Ensures: ((((((pumpRunning != 0) || (\old(waterLevel) != 1)) || (1 < waterLevel)) && ((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel))) && ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive)))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 123]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((pumpRunning == 0) || (methaneLevelCritical < 1)) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) Ensures: ((((((methaneLevelCritical == 0) && (1 == systemActive)) || (((1 <= methaneLevelCritical) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && (((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 207]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) Ensures: ((((methaneLevelCritical < ((long long) \result + 1)) || (methaneLevelCritical < 1)) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-10-31 21:58:36,854 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_30a992df-d01b-4631-aabd-c5f81f4d65e7/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE