./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product33.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4fc63b2a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product33.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash fff07e5b9817da9e6fd154070162cff001ebe527349ae31a2f1e574ef0fb9f98 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-4fc63b2 [2024-10-31 22:05:00,670 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-31 22:05:00,766 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-31 22:05:00,774 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-31 22:05:00,775 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-31 22:05:00,814 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-31 22:05:00,815 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-31 22:05:00,815 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-31 22:05:00,816 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-31 22:05:00,816 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-31 22:05:00,817 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-31 22:05:00,817 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-31 22:05:00,818 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-31 22:05:00,818 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-31 22:05:00,819 INFO L153 SettingsManager]: * Use SBE=true [2024-10-31 22:05:00,819 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-31 22:05:00,820 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-31 22:05:00,820 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-31 22:05:00,821 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-31 22:05:00,821 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-31 22:05:00,828 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-31 22:05:00,841 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-31 22:05:00,841 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-31 22:05:00,842 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-31 22:05:00,842 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-31 22:05:00,842 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-31 22:05:00,842 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-31 22:05:00,843 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-31 22:05:00,843 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-31 22:05:00,843 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-31 22:05:00,843 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-31 22:05:00,844 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-31 22:05:00,844 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 22:05:00,844 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-31 22:05:00,844 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-31 22:05:00,845 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-31 22:05:00,847 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-31 22:05:00,847 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-31 22:05:00,847 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-31 22:05:00,847 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-31 22:05:00,847 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-31 22:05:00,848 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-31 22:05:00,848 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> fff07e5b9817da9e6fd154070162cff001ebe527349ae31a2f1e574ef0fb9f98 [2024-10-31 22:05:01,110 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-31 22:05:01,143 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-31 22:05:01,147 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-31 22:05:01,148 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-31 22:05:01,149 INFO L274 PluginConnector]: CDTParser initialized [2024-10-31 22:05:01,150 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/../../sv-benchmarks/c/product-lines/minepump_spec5_product33.cil.c Unable to find full path for "g++" [2024-10-31 22:05:03,176 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-31 22:05:03,474 INFO L384 CDTParser]: Found 1 translation units. [2024-10-31 22:05:03,475 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/sv-benchmarks/c/product-lines/minepump_spec5_product33.cil.c [2024-10-31 22:05:03,497 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/data/59f829d85/06c0b6d28a3149eebc39e37f8cc7c2b9/FLAG02814ab0e [2024-10-31 22:05:03,512 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/data/59f829d85/06c0b6d28a3149eebc39e37f8cc7c2b9 [2024-10-31 22:05:03,515 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-31 22:05:03,516 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-31 22:05:03,518 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-31 22:05:03,518 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-31 22:05:03,525 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-31 22:05:03,526 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 10:05:03" (1/1) ... [2024-10-31 22:05:03,527 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@bd2dd88 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:03, skipping insertion in model container [2024-10-31 22:05:03,528 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 10:05:03" (1/1) ... [2024-10-31 22:05:03,587 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-31 22:05:03,995 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/sv-benchmarks/c/product-lines/minepump_spec5_product33.cil.c[16170,16183] [2024-10-31 22:05:04,017 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 22:05:04,027 INFO L200 MainTranslator]: Completed pre-run [2024-10-31 22:05:04,038 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-10-31 22:05:04,040 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [415] [2024-10-31 22:05:04,040 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [484] [2024-10-31 22:05:04,041 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [649] [2024-10-31 22:05:04,041 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [687] [2024-10-31 22:05:04,041 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [785] [2024-10-31 22:05:04,041 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [794] [2024-10-31 22:05:04,041 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [889] [2024-10-31 22:05:04,118 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/sv-benchmarks/c/product-lines/minepump_spec5_product33.cil.c[16170,16183] [2024-10-31 22:05:04,124 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 22:05:04,156 INFO L204 MainTranslator]: Completed translation [2024-10-31 22:05:04,157 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04 WrapperNode [2024-10-31 22:05:04,157 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-31 22:05:04,158 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-31 22:05:04,158 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-31 22:05:04,158 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-31 22:05:04,165 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,200 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,252 INFO L138 Inliner]: procedures = 54, calls = 96, calls flagged for inlining = 22, calls inlined = 18, statements flattened = 175 [2024-10-31 22:05:04,253 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-31 22:05:04,254 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-31 22:05:04,254 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-31 22:05:04,255 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-31 22:05:04,270 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,270 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,274 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,307 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-31 22:05:04,307 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,307 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,316 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,333 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,335 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,336 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,339 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-31 22:05:04,340 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-31 22:05:04,340 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-31 22:05:04,340 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-31 22:05:04,342 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (1/1) ... [2024-10-31 22:05:04,352 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 22:05:04,371 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:05:04,391 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-31 22:05:04,395 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-31 22:05:04,426 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-31 22:05:04,426 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-31 22:05:04,426 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-31 22:05:04,426 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-31 22:05:04,427 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-31 22:05:04,427 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-31 22:05:04,427 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-31 22:05:04,427 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-31 22:05:04,427 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-31 22:05:04,427 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-31 22:05:04,427 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-31 22:05:04,427 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-31 22:05:04,428 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-31 22:05:04,428 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-31 22:05:04,428 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-31 22:05:04,428 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-31 22:05:04,509 INFO L238 CfgBuilder]: Building ICFG [2024-10-31 22:05:04,513 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-31 22:05:04,935 INFO L? ?]: Removed 36 outVars from TransFormulas that were not future-live. [2024-10-31 22:05:04,936 INFO L287 CfgBuilder]: Performing block encoding [2024-10-31 22:05:04,960 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-31 22:05:04,960 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-31 22:05:04,961 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:05:04 BoogieIcfgContainer [2024-10-31 22:05:04,961 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-31 22:05:04,966 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-31 22:05:04,966 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-31 22:05:04,970 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-31 22:05:04,970 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 31.10 10:05:03" (1/3) ... [2024-10-31 22:05:04,971 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@72a6725f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 10:05:04, skipping insertion in model container [2024-10-31 22:05:04,971 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:05:04" (2/3) ... [2024-10-31 22:05:04,972 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@72a6725f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 10:05:04, skipping insertion in model container [2024-10-31 22:05:04,972 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:05:04" (3/3) ... [2024-10-31 22:05:04,974 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product33.cil.c [2024-10-31 22:05:04,992 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-31 22:05:04,992 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-31 22:05:05,068 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-31 22:05:05,077 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@1a35c396, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-31 22:05:05,081 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-31 22:05:05,089 INFO L276 IsEmpty]: Start isEmpty. Operand has 80 states, 62 states have (on average 1.3870967741935485) internal successors, (86), 68 states have internal predecessors, (86), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2024-10-31 22:05:05,105 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-10-31 22:05:05,105 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:05,106 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:05,109 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:05,115 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:05,115 INFO L85 PathProgramCache]: Analyzing trace with hash 627967517, now seen corresponding path program 1 times [2024-10-31 22:05:05,134 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:05,139 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [533669241] [2024-10-31 22:05:05,140 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:05,140 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:05,356 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:05,476 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:05:05,479 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:05,484 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-31 22:05:05,487 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:05,518 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:05:05,519 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:05,519 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [533669241] [2024-10-31 22:05:05,520 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [533669241] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:05:05,520 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:05:05,521 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-31 22:05:05,526 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [931551258] [2024-10-31 22:05:05,527 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:05:05,534 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-31 22:05:05,534 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:05,559 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-31 22:05:05,560 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 22:05:05,562 INFO L87 Difference]: Start difference. First operand has 80 states, 62 states have (on average 1.3870967741935485) internal successors, (86), 68 states have internal predecessors, (86), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:05:05,596 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:05,597 INFO L93 Difference]: Finished difference Result 151 states and 206 transitions. [2024-10-31 22:05:05,598 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-31 22:05:05,599 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-10-31 22:05:05,600 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:05,610 INFO L225 Difference]: With dead ends: 151 [2024-10-31 22:05:05,610 INFO L226 Difference]: Without dead ends: 71 [2024-10-31 22:05:05,614 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 22:05:05,618 INFO L432 NwaCegarLoop]: 100 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 100 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:05,619 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 100 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:05:05,639 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2024-10-31 22:05:05,662 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2024-10-31 22:05:05,663 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 55 states have (on average 1.309090909090909) internal successors, (72), 60 states have internal predecessors, (72), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-31 22:05:05,665 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 91 transitions. [2024-10-31 22:05:05,667 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 91 transitions. Word has length 32 [2024-10-31 22:05:05,667 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:05,668 INFO L471 AbstractCegarLoop]: Abstraction has 71 states and 91 transitions. [2024-10-31 22:05:05,668 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:05:05,668 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 91 transitions. [2024-10-31 22:05:05,671 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-10-31 22:05:05,671 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:05,671 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:05,672 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-31 22:05:05,672 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:05,673 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:05,673 INFO L85 PathProgramCache]: Analyzing trace with hash -1553895651, now seen corresponding path program 1 times [2024-10-31 22:05:05,673 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:05,673 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [854058577] [2024-10-31 22:05:05,674 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:05,674 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:05,715 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,016 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:05:06,021 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,029 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-10-31 22:05:06,032 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,036 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:05:06,036 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:06,036 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [854058577] [2024-10-31 22:05:06,037 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [854058577] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:05:06,039 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:05:06,040 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 22:05:06,040 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2103314299] [2024-10-31 22:05:06,041 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:05:06,042 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 22:05:06,043 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:06,043 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 22:05:06,044 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-10-31 22:05:06,046 INFO L87 Difference]: Start difference. First operand 71 states and 91 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:05:06,248 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:06,248 INFO L93 Difference]: Finished difference Result 134 states and 177 transitions. [2024-10-31 22:05:06,252 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-31 22:05:06,253 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2024-10-31 22:05:06,253 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:06,255 INFO L225 Difference]: With dead ends: 134 [2024-10-31 22:05:06,255 INFO L226 Difference]: Without dead ends: 71 [2024-10-31 22:05:06,256 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2024-10-31 22:05:06,257 INFO L432 NwaCegarLoop]: 87 mSDtfsCounter, 140 mSDsluCounter, 132 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 219 SdHoareTripleChecker+Invalid, 66 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:06,258 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 219 Invalid, 66 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-31 22:05:06,259 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2024-10-31 22:05:06,272 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2024-10-31 22:05:06,274 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 55 states have (on average 1.290909090909091) internal successors, (71), 60 states have internal predecessors, (71), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-31 22:05:06,277 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 90 transitions. [2024-10-31 22:05:06,278 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 90 transitions. Word has length 37 [2024-10-31 22:05:06,281 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:06,282 INFO L471 AbstractCegarLoop]: Abstraction has 71 states and 90 transitions. [2024-10-31 22:05:06,282 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:05:06,282 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2024-10-31 22:05:06,284 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-31 22:05:06,284 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:06,285 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:06,285 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-31 22:05:06,286 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:06,287 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:06,288 INFO L85 PathProgramCache]: Analyzing trace with hash 924597654, now seen corresponding path program 1 times [2024-10-31 22:05:06,288 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:06,288 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1976751059] [2024-10-31 22:05:06,288 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:06,289 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:06,321 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,412 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-31 22:05:06,414 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:05:06,417 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,418 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-10-31 22:05:06,420 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,422 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:05:06,423 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:06,423 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1976751059] [2024-10-31 22:05:06,423 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1976751059] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:05:06,423 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:05:06,423 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 22:05:06,424 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1139904238] [2024-10-31 22:05:06,424 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:05:06,424 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:05:06,424 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:06,425 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:05:06,425 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:05:06,425 INFO L87 Difference]: Start difference. First operand 71 states and 90 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 1 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-10-31 22:05:06,437 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:06,437 INFO L93 Difference]: Finished difference Result 107 states and 135 transitions. [2024-10-31 22:05:06,438 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:05:06,438 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 1 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 38 [2024-10-31 22:05:06,438 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:06,439 INFO L225 Difference]: With dead ends: 107 [2024-10-31 22:05:06,439 INFO L226 Difference]: Without dead ends: 62 [2024-10-31 22:05:06,440 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:05:06,441 INFO L432 NwaCegarLoop]: 77 mSDtfsCounter, 12 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 138 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:06,442 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 138 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:05:06,443 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2024-10-31 22:05:06,449 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2024-10-31 22:05:06,449 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 49 states have (on average 1.3061224489795917) internal successors, (64), 54 states have internal predecessors, (64), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-10-31 22:05:06,450 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 78 transitions. [2024-10-31 22:05:06,451 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 78 transitions. Word has length 38 [2024-10-31 22:05:06,451 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:06,451 INFO L471 AbstractCegarLoop]: Abstraction has 62 states and 78 transitions. [2024-10-31 22:05:06,451 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 1 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-10-31 22:05:06,451 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 78 transitions. [2024-10-31 22:05:06,452 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-10-31 22:05:06,452 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:06,453 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:06,453 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-31 22:05:06,453 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:06,453 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:06,454 INFO L85 PathProgramCache]: Analyzing trace with hash -1104761714, now seen corresponding path program 1 times [2024-10-31 22:05:06,454 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:06,454 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [940045205] [2024-10-31 22:05:06,454 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:06,454 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:06,477 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,580 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:05:06,584 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,588 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-10-31 22:05:06,590 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,593 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-10-31 22:05:06,595 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,599 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:05:06,600 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:06,600 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [940045205] [2024-10-31 22:05:06,600 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [940045205] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:05:06,600 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:05:06,601 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 22:05:06,601 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1916430004] [2024-10-31 22:05:06,601 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:05:06,602 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:05:06,603 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:06,603 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:05:06,604 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:05:06,605 INFO L87 Difference]: Start difference. First operand 62 states and 78 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 22:05:06,648 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:06,650 INFO L93 Difference]: Finished difference Result 159 states and 205 transitions. [2024-10-31 22:05:06,651 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:05:06,651 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 42 [2024-10-31 22:05:06,652 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:06,653 INFO L225 Difference]: With dead ends: 159 [2024-10-31 22:05:06,653 INFO L226 Difference]: Without dead ends: 105 [2024-10-31 22:05:06,654 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:05:06,658 INFO L432 NwaCegarLoop]: 91 mSDtfsCounter, 47 mSDsluCounter, 54 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 145 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:06,658 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 145 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:05:06,659 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 105 states. [2024-10-31 22:05:06,682 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 105 to 103. [2024-10-31 22:05:06,683 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 103 states, 80 states have (on average 1.3) internal successors, (104), 86 states have internal predecessors, (104), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2024-10-31 22:05:06,685 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 103 states to 103 states and 130 transitions. [2024-10-31 22:05:06,689 INFO L78 Accepts]: Start accepts. Automaton has 103 states and 130 transitions. Word has length 42 [2024-10-31 22:05:06,690 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:06,690 INFO L471 AbstractCegarLoop]: Abstraction has 103 states and 130 transitions. [2024-10-31 22:05:06,690 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 22:05:06,690 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 130 transitions. [2024-10-31 22:05:06,691 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-10-31 22:05:06,691 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:06,691 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:06,691 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-31 22:05:06,692 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:06,692 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:06,692 INFO L85 PathProgramCache]: Analyzing trace with hash 731559770, now seen corresponding path program 1 times [2024-10-31 22:05:06,692 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:06,693 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1134867029] [2024-10-31 22:05:06,693 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:06,695 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:06,720 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,827 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:05:06,845 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,847 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-10-31 22:05:06,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:06,853 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:05:06,853 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:06,853 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1134867029] [2024-10-31 22:05:06,853 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1134867029] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:05:06,854 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:05:06,854 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 22:05:06,854 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [279492651] [2024-10-31 22:05:06,854 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:05:06,855 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 22:05:06,855 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:06,855 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 22:05:06,855 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 22:05:06,856 INFO L87 Difference]: Start difference. First operand 103 states and 130 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:05:06,909 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:06,909 INFO L93 Difference]: Finished difference Result 201 states and 258 transitions. [2024-10-31 22:05:06,910 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-31 22:05:06,910 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2024-10-31 22:05:06,910 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:06,911 INFO L225 Difference]: With dead ends: 201 [2024-10-31 22:05:06,911 INFO L226 Difference]: Without dead ends: 106 [2024-10-31 22:05:06,912 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 22:05:06,917 INFO L432 NwaCegarLoop]: 75 mSDtfsCounter, 0 mSDsluCounter, 218 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 293 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:06,917 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 293 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:05:06,918 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 106 states. [2024-10-31 22:05:06,941 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 106 to 106. [2024-10-31 22:05:06,942 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 106 states, 83 states have (on average 1.2891566265060241) internal successors, (107), 89 states have internal predecessors, (107), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2024-10-31 22:05:06,943 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 106 states to 106 states and 133 transitions. [2024-10-31 22:05:06,944 INFO L78 Accepts]: Start accepts. Automaton has 106 states and 133 transitions. Word has length 46 [2024-10-31 22:05:06,945 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:06,945 INFO L471 AbstractCegarLoop]: Abstraction has 106 states and 133 transitions. [2024-10-31 22:05:06,945 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:05:06,946 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 133 transitions. [2024-10-31 22:05:06,946 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-10-31 22:05:06,950 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:06,950 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:06,950 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-31 22:05:06,951 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:06,951 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:06,951 INFO L85 PathProgramCache]: Analyzing trace with hash -856788132, now seen corresponding path program 1 times [2024-10-31 22:05:06,951 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:06,951 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1108170626] [2024-10-31 22:05:06,952 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:06,952 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:06,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,054 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:05:07,056 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,058 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-10-31 22:05:07,059 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,061 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:05:07,061 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:07,062 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1108170626] [2024-10-31 22:05:07,062 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1108170626] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:05:07,062 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:05:07,063 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-10-31 22:05:07,064 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1548995850] [2024-10-31 22:05:07,064 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:05:07,064 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-10-31 22:05:07,064 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:07,065 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-10-31 22:05:07,065 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-31 22:05:07,065 INFO L87 Difference]: Start difference. First operand 106 states and 133 transitions. Second operand has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:05:07,104 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:07,104 INFO L93 Difference]: Finished difference Result 206 states and 265 transitions. [2024-10-31 22:05:07,105 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-10-31 22:05:07,105 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2024-10-31 22:05:07,106 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:07,107 INFO L225 Difference]: With dead ends: 206 [2024-10-31 22:05:07,108 INFO L226 Difference]: Without dead ends: 108 [2024-10-31 22:05:07,108 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-31 22:05:07,109 INFO L432 NwaCegarLoop]: 76 mSDtfsCounter, 0 mSDsluCounter, 146 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:07,110 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 222 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:05:07,111 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 108 states. [2024-10-31 22:05:07,122 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 108 to 108. [2024-10-31 22:05:07,123 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 108 states, 85 states have (on average 1.2823529411764707) internal successors, (109), 91 states have internal predecessors, (109), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2024-10-31 22:05:07,124 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 108 states to 108 states and 135 transitions. [2024-10-31 22:05:07,124 INFO L78 Accepts]: Start accepts. Automaton has 108 states and 135 transitions. Word has length 46 [2024-10-31 22:05:07,125 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:07,125 INFO L471 AbstractCegarLoop]: Abstraction has 108 states and 135 transitions. [2024-10-31 22:05:07,125 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:05:07,125 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 135 transitions. [2024-10-31 22:05:07,126 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-10-31 22:05:07,126 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:07,126 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:07,127 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-31 22:05:07,127 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:07,127 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:07,127 INFO L85 PathProgramCache]: Analyzing trace with hash 1749235422, now seen corresponding path program 1 times [2024-10-31 22:05:07,127 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:07,128 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [148308976] [2024-10-31 22:05:07,128 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:07,128 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:07,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,245 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:05:07,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,250 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-10-31 22:05:07,252 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,254 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:05:07,254 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:07,254 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [148308976] [2024-10-31 22:05:07,254 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [148308976] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:05:07,254 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:05:07,255 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 22:05:07,255 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [31929024] [2024-10-31 22:05:07,255 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:05:07,255 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:05:07,255 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:07,256 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:05:07,256 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:05:07,256 INFO L87 Difference]: Start difference. First operand 108 states and 135 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:05:07,286 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:07,286 INFO L93 Difference]: Finished difference Result 256 states and 324 transitions. [2024-10-31 22:05:07,287 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:05:07,287 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2024-10-31 22:05:07,287 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:07,288 INFO L225 Difference]: With dead ends: 256 [2024-10-31 22:05:07,288 INFO L226 Difference]: Without dead ends: 156 [2024-10-31 22:05:07,289 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:05:07,290 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 39 mSDsluCounter, 63 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 145 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:07,290 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 145 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:05:07,291 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2024-10-31 22:05:07,305 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 154. [2024-10-31 22:05:07,305 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 154 states, 121 states have (on average 1.2644628099173554) internal successors, (153), 128 states have internal predecessors, (153), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2024-10-31 22:05:07,306 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 191 transitions. [2024-10-31 22:05:07,307 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 191 transitions. Word has length 46 [2024-10-31 22:05:07,307 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:07,307 INFO L471 AbstractCegarLoop]: Abstraction has 154 states and 191 transitions. [2024-10-31 22:05:07,308 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:05:07,308 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 191 transitions. [2024-10-31 22:05:07,309 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2024-10-31 22:05:07,309 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:07,309 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:07,309 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-31 22:05:07,309 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:07,310 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:07,310 INFO L85 PathProgramCache]: Analyzing trace with hash -2549066, now seen corresponding path program 1 times [2024-10-31 22:05:07,310 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:07,310 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [350543364] [2024-10-31 22:05:07,310 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:07,310 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:07,325 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,406 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:05:07,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,411 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-31 22:05:07,412 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,414 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-10-31 22:05:07,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,429 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-31 22:05:07,430 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:07,430 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [350543364] [2024-10-31 22:05:07,430 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [350543364] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:05:07,430 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:05:07,431 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 22:05:07,431 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1088519727] [2024-10-31 22:05:07,433 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:05:07,434 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 22:05:07,434 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:07,434 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 22:05:07,434 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 22:05:07,435 INFO L87 Difference]: Start difference. First operand 154 states and 191 transitions. Second operand has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2024-10-31 22:05:07,560 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:07,561 INFO L93 Difference]: Finished difference Result 298 states and 373 transitions. [2024-10-31 22:05:07,561 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 22:05:07,561 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 48 [2024-10-31 22:05:07,562 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:07,563 INFO L225 Difference]: With dead ends: 298 [2024-10-31 22:05:07,563 INFO L226 Difference]: Without dead ends: 152 [2024-10-31 22:05:07,564 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-31 22:05:07,564 INFO L432 NwaCegarLoop]: 77 mSDtfsCounter, 30 mSDsluCounter, 255 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 31 SdHoareTripleChecker+Valid, 332 SdHoareTripleChecker+Invalid, 52 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:07,565 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [31 Valid, 332 Invalid, 52 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-31 22:05:07,565 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 152 states. [2024-10-31 22:05:07,578 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 152 to 152. [2024-10-31 22:05:07,579 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 152 states, 119 states have (on average 1.2352941176470589) internal successors, (147), 126 states have internal predecessors, (147), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2024-10-31 22:05:07,580 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 152 states to 152 states and 185 transitions. [2024-10-31 22:05:07,580 INFO L78 Accepts]: Start accepts. Automaton has 152 states and 185 transitions. Word has length 48 [2024-10-31 22:05:07,581 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:07,581 INFO L471 AbstractCegarLoop]: Abstraction has 152 states and 185 transitions. [2024-10-31 22:05:07,581 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.833333333333333) internal successors, (41), 5 states have internal predecessors, (41), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2024-10-31 22:05:07,581 INFO L276 IsEmpty]: Start isEmpty. Operand 152 states and 185 transitions. [2024-10-31 22:05:07,582 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-10-31 22:05:07,582 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:07,583 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:07,583 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-31 22:05:07,583 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:07,583 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:07,584 INFO L85 PathProgramCache]: Analyzing trace with hash 458290680, now seen corresponding path program 1 times [2024-10-31 22:05:07,584 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:07,584 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [381901623] [2024-10-31 22:05:07,584 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:07,584 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:07,601 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,798 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 22:05:07,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,874 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-31 22:05:07,876 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,878 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2024-10-31 22:05:07,879 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:07,883 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:05:07,883 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:07,883 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [381901623] [2024-10-31 22:05:07,883 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [381901623] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:05:07,883 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:05:07,884 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-31 22:05:07,884 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1672213718] [2024-10-31 22:05:07,884 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:05:07,884 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-31 22:05:07,886 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:07,888 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-31 22:05:07,888 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2024-10-31 22:05:07,889 INFO L87 Difference]: Start difference. First operand 152 states and 185 transitions. Second operand has 8 states, 8 states have (on average 5.125) internal successors, (41), 7 states have internal predecessors, (41), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-31 22:05:08,273 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:08,273 INFO L93 Difference]: Finished difference Result 487 states and 617 transitions. [2024-10-31 22:05:08,274 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2024-10-31 22:05:08,274 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.125) internal successors, (41), 7 states have internal predecessors, (41), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 50 [2024-10-31 22:05:08,275 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:08,278 INFO L225 Difference]: With dead ends: 487 [2024-10-31 22:05:08,280 INFO L226 Difference]: Without dead ends: 388 [2024-10-31 22:05:08,281 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=37, Invalid=95, Unknown=0, NotChecked=0, Total=132 [2024-10-31 22:05:08,282 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 215 mSDsluCounter, 374 mSDsCounter, 0 mSdLazyCounter, 197 mSolverCounterSat, 52 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 224 SdHoareTripleChecker+Valid, 477 SdHoareTripleChecker+Invalid, 249 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 52 IncrementalHoareTripleChecker+Valid, 197 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:08,282 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [224 Valid, 477 Invalid, 249 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [52 Valid, 197 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-31 22:05:08,283 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 388 states. [2024-10-31 22:05:08,334 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 388 to 378. [2024-10-31 22:05:08,335 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 378 states, 297 states have (on average 1.2222222222222223) internal successors, (363), 316 states have internal predecessors, (363), 44 states have call successors, (44), 33 states have call predecessors, (44), 36 states have return successors, (54), 42 states have call predecessors, (54), 44 states have call successors, (54) [2024-10-31 22:05:08,337 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 378 states to 378 states and 461 transitions. [2024-10-31 22:05:08,338 INFO L78 Accepts]: Start accepts. Automaton has 378 states and 461 transitions. Word has length 50 [2024-10-31 22:05:08,338 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:08,338 INFO L471 AbstractCegarLoop]: Abstraction has 378 states and 461 transitions. [2024-10-31 22:05:08,339 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.125) internal successors, (41), 7 states have internal predecessors, (41), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-31 22:05:08,339 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 461 transitions. [2024-10-31 22:05:08,340 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2024-10-31 22:05:08,340 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:05:08,341 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:08,341 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-31 22:05:08,341 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:05:08,342 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:05:08,342 INFO L85 PathProgramCache]: Analyzing trace with hash -643370142, now seen corresponding path program 1 times [2024-10-31 22:05:08,342 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:05:08,342 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1226880382] [2024-10-31 22:05:08,342 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:08,343 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:05:08,364 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:08,563 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 22:05:08,564 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:08,587 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-10-31 22:05:08,594 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:08,642 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:05:08,644 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:08,645 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2024-10-31 22:05:08,649 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:08,671 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-10-31 22:05:08,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:08,675 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2024-10-31 22:05:08,678 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:08,681 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 17 proven. 7 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-10-31 22:05:08,681 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:05:08,681 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1226880382] [2024-10-31 22:05:08,681 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1226880382] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 22:05:08,682 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [762000842] [2024-10-31 22:05:08,682 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:05:08,682 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:05:08,682 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:05:08,685 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 22:05:08,686 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-31 22:05:08,801 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:05:08,803 INFO L255 TraceCheckSpWp]: Trace formula consists of 277 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-10-31 22:05:08,814 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 22:05:09,059 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 22 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 22:05:09,060 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-31 22:05:09,366 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 18 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-10-31 22:05:09,367 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [762000842] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-31 22:05:09,367 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-31 22:05:09,367 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-31 22:05:09,367 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [939749185] [2024-10-31 22:05:09,368 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-31 22:05:09,368 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-31 22:05:09,368 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:05:09,370 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-31 22:05:09,371 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=175, Unknown=0, NotChecked=0, Total=210 [2024-10-31 22:05:09,371 INFO L87 Difference]: Start difference. First operand 378 states and 461 transitions. Second operand has 15 states, 15 states have (on average 6.733333333333333) internal successors, (101), 11 states have internal predecessors, (101), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2024-10-31 22:05:10,177 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:05:10,178 INFO L93 Difference]: Finished difference Result 604 states and 762 transitions. [2024-10-31 22:05:10,178 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-10-31 22:05:10,179 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.733333333333333) internal successors, (101), 11 states have internal predecessors, (101), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) Word has length 81 [2024-10-31 22:05:10,179 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:05:10,180 INFO L225 Difference]: With dead ends: 604 [2024-10-31 22:05:10,180 INFO L226 Difference]: Without dead ends: 0 [2024-10-31 22:05:10,182 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 200 GetRequests, 170 SyntacticMatches, 4 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 119 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=151, Invalid=605, Unknown=0, NotChecked=0, Total=756 [2024-10-31 22:05:10,183 INFO L432 NwaCegarLoop]: 124 mSDtfsCounter, 170 mSDsluCounter, 823 mSDsCounter, 0 mSdLazyCounter, 504 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 175 SdHoareTripleChecker+Valid, 947 SdHoareTripleChecker+Invalid, 545 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 504 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-10-31 22:05:10,184 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [175 Valid, 947 Invalid, 545 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 504 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-10-31 22:05:10,185 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-31 22:05:10,185 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-31 22:05:10,185 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-31 22:05:10,185 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-31 22:05:10,185 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 81 [2024-10-31 22:05:10,185 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:05:10,186 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-31 22:05:10,186 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.733333333333333) internal successors, (101), 11 states have internal predecessors, (101), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2024-10-31 22:05:10,186 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-31 22:05:10,187 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-31 22:05:10,189 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-31 22:05:10,210 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-31 22:05:10,390 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:05:10,392 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:05:10,395 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-31 22:05:12,989 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-10-31 22:05:13,044 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| 2))) (or (and (= |old(~waterLevel~0)| 1) .cse0 .cse1) (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2) (and .cse0 .cse1 .cse3) (and .cse0 .cse2 .cse3)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse2 (= ~waterLevel~0 1)) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2))) [2024-10-31 22:05:13,069 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse3 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 (= |old(~waterLevel~0)| 1) .cse1) (and .cse3 .cse1 .cse2))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse2 (= ~waterLevel~0 1)) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2))) [2024-10-31 22:05:13,095 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 31.10 10:05:13 BoogieIcfgContainer [2024-10-31 22:05:13,095 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-31 22:05:13,096 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-31 22:05:13,096 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-31 22:05:13,096 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-31 22:05:13,097 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:05:04" (3/4) ... [2024-10-31 22:05:13,100 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-10-31 22:05:13,105 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-31 22:05:13,106 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-31 22:05:13,106 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-31 22:05:13,106 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-31 22:05:13,107 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-31 22:05:13,107 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-31 22:05:13,116 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 19 nodes and edges [2024-10-31 22:05:13,117 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-10-31 22:05:13,117 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-31 22:05:13,118 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 22:05:13,118 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 22:05:13,261 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/witness.graphml [2024-10-31 22:05:13,262 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/witness.yml [2024-10-31 22:05:13,262 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-31 22:05:13,263 INFO L158 Benchmark]: Toolchain (without parser) took 9746.54ms. Allocated memory was 148.9MB in the beginning and 226.5MB in the end (delta: 77.6MB). Free memory was 112.1MB in the beginning and 168.5MB in the end (delta: -56.4MB). Peak memory consumption was 22.2MB. Max. memory is 16.1GB. [2024-10-31 22:05:13,263 INFO L158 Benchmark]: CDTParser took 0.30ms. Allocated memory is still 148.9MB. Free memory is still 113.8MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-31 22:05:13,263 INFO L158 Benchmark]: CACSL2BoogieTranslator took 639.69ms. Allocated memory is still 148.9MB. Free memory was 112.1MB in the beginning and 90.7MB in the end (delta: 21.5MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-31 22:05:13,264 INFO L158 Benchmark]: Boogie Procedure Inliner took 95.81ms. Allocated memory is still 148.9MB. Free memory was 90.7MB in the beginning and 88.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 22:05:13,264 INFO L158 Benchmark]: Boogie Preprocessor took 84.93ms. Allocated memory is still 148.9MB. Free memory was 88.6MB in the beginning and 86.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 22:05:13,265 INFO L158 Benchmark]: RCFGBuilder took 620.89ms. Allocated memory is still 148.9MB. Free memory was 86.5MB in the beginning and 69.2MB in the end (delta: 17.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-10-31 22:05:13,265 INFO L158 Benchmark]: TraceAbstraction took 8129.58ms. Allocated memory was 148.9MB in the beginning and 226.5MB in the end (delta: 77.6MB). Free memory was 68.6MB in the beginning and 175.9MB in the end (delta: -107.2MB). Peak memory consumption was 66.4MB. Max. memory is 16.1GB. [2024-10-31 22:05:13,266 INFO L158 Benchmark]: Witness Printer took 166.29ms. Allocated memory is still 226.5MB. Free memory was 175.9MB in the beginning and 168.5MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-31 22:05:13,268 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.30ms. Allocated memory is still 148.9MB. Free memory is still 113.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 639.69ms. Allocated memory is still 148.9MB. Free memory was 112.1MB in the beginning and 90.7MB in the end (delta: 21.5MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 95.81ms. Allocated memory is still 148.9MB. Free memory was 90.7MB in the beginning and 88.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 84.93ms. Allocated memory is still 148.9MB. Free memory was 88.6MB in the beginning and 86.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 620.89ms. Allocated memory is still 148.9MB. Free memory was 86.5MB in the beginning and 69.2MB in the end (delta: 17.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 8129.58ms. Allocated memory was 148.9MB in the beginning and 226.5MB in the end (delta: 77.6MB). Free memory was 68.6MB in the beginning and 175.9MB in the end (delta: -107.2MB). Peak memory consumption was 66.4MB. Max. memory is 16.1GB. * Witness Printer took 166.29ms. Allocated memory is still 226.5MB. Free memory was 175.9MB in the beginning and 168.5MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [415] - GenericResultAtLocation [Line: 484]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [484] - GenericResultAtLocation [Line: 649]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [649] - GenericResultAtLocation [Line: 687]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [687] - GenericResultAtLocation [Line: 785]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [785] - GenericResultAtLocation [Line: 794]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [794] - GenericResultAtLocation [Line: 889]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [889] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 790]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 80 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.4s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 671 SdHoareTripleChecker+Valid, 1.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 653 mSDsluCounter, 3018 SdHoareTripleChecker+Invalid, 0.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2126 mSDsCounter, 116 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 847 IncrementalHoareTripleChecker+Invalid, 963 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 116 mSolverCounterUnsat, 892 mSDtfsCounter, 847 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 292 GetRequests, 231 SyntacticMatches, 4 SemanticMatches, 57 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 127 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=378occurred in iteration=9, InterpolantAutomatonStates: 61, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 14 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.3s InterpolantComputationTime, 547 NumberOfCodeBlocks, 547 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 616 ConstructedInterpolants, 0 QuantifiedInterpolants, 1247 SizeOfPredicates, 2 NumberOfNonLiveVariables, 277 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 94/114 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 430]: Loop Invariant Derived loop invariant: (((((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 429]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 699]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 525]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || (((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || (((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 822]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || (((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || (((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && ((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 689]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 498]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || (((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || ((pumpRunning == 0) && (waterLevel == 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || (\old(waterLevel) != 2))) && ((((((\old(waterLevel) == 1) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || ((1 <= \old(switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) || ((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == 2)))) && ((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((head == \old(head)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 810]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || (((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 1)) && ((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (\old(waterLevel) == 1)) && (1 == systemActive))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && ((((2 == waterLevel) || (\old(waterLevel) < waterLevel)) && (waterLevel <= 2)) || (\old(waterLevel) == waterLevel))) && ((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 585]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || (((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || (((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (pumpRunning == \result)) && (((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) RESULT: Ultimate proved your program to be correct! [2024-10-31 22:05:13,322 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_98855950-a3f5-4990-962d-5a645383d35e/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE