./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4fc63b2a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash df3faf2d1bbcaed92e1c2eddcb5ae1d2459730e99808e363d537a0bc5d54e347 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-4fc63b2 [2024-10-31 21:56:52,768 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-31 21:56:52,863 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-31 21:56:52,867 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-31 21:56:52,868 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-31 21:56:52,906 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-31 21:56:52,908 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-31 21:56:52,908 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-31 21:56:52,909 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-31 21:56:52,911 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-31 21:56:52,911 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-31 21:56:52,912 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-31 21:56:52,912 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-31 21:56:52,913 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-31 21:56:52,913 INFO L153 SettingsManager]: * Use SBE=true [2024-10-31 21:56:52,915 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-31 21:56:52,916 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-31 21:56:52,916 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-31 21:56:52,916 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-31 21:56:52,917 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-31 21:56:52,917 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-31 21:56:52,921 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-31 21:56:52,921 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-31 21:56:52,922 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-31 21:56:52,922 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-31 21:56:52,922 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-31 21:56:52,922 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-31 21:56:52,923 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-31 21:56:52,923 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-31 21:56:52,923 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-31 21:56:52,923 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-31 21:56:52,924 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-31 21:56:52,924 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 21:56:52,924 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-31 21:56:52,924 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-31 21:56:52,925 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-31 21:56:52,926 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-31 21:56:52,927 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-31 21:56:52,927 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-31 21:56:52,928 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-31 21:56:52,928 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-31 21:56:52,928 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-31 21:56:52,929 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> df3faf2d1bbcaed92e1c2eddcb5ae1d2459730e99808e363d537a0bc5d54e347 [2024-10-31 21:56:53,242 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-31 21:56:53,271 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-31 21:56:53,276 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-31 21:56:53,277 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-31 21:56:53,278 INFO L274 PluginConnector]: CDTParser initialized [2024-10-31 21:56:53,279 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/../../sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c Unable to find full path for "g++" [2024-10-31 21:56:55,450 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-31 21:56:55,750 INFO L384 CDTParser]: Found 1 translation units. [2024-10-31 21:56:55,751 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c [2024-10-31 21:56:55,767 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/data/cb1988b0a/9d5987d9ac9b40c5b35126002b7e8297/FLAG67493c34b [2024-10-31 21:56:55,791 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/data/cb1988b0a/9d5987d9ac9b40c5b35126002b7e8297 [2024-10-31 21:56:55,800 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-31 21:56:55,804 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-31 21:56:55,806 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-31 21:56:55,806 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-31 21:56:55,817 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-31 21:56:55,818 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 09:56:55" (1/1) ... [2024-10-31 21:56:55,819 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6c98b54e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:55, skipping insertion in model container [2024-10-31 21:56:55,819 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 09:56:55" (1/1) ... [2024-10-31 21:56:55,886 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-31 21:56:56,093 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c[1605,1618] [2024-10-31 21:56:56,279 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 21:56:56,298 INFO L200 MainTranslator]: Completed pre-run [2024-10-31 21:56:56,318 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-10-31 21:56:56,324 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] [2024-10-31 21:56:56,324 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [96] [2024-10-31 21:56:56,325 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [304] [2024-10-31 21:56:56,325 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [405] [2024-10-31 21:56:56,325 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [472] [2024-10-31 21:56:56,325 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [522] [2024-10-31 21:56:56,326 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [888] [2024-10-31 21:56:56,334 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c[1605,1618] [2024-10-31 21:56:56,450 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 21:56:56,480 INFO L204 MainTranslator]: Completed translation [2024-10-31 21:56:56,481 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56 WrapperNode [2024-10-31 21:56:56,481 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-31 21:56:56,482 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-31 21:56:56,483 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-31 21:56:56,483 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-31 21:56:56,503 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,524 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,570 INFO L138 Inliner]: procedures = 56, calls = 102, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 206 [2024-10-31 21:56:56,570 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-31 21:56:56,571 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-31 21:56:56,571 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-31 21:56:56,571 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-31 21:56:56,589 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,589 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,591 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,639 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-31 21:56:56,647 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,647 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,657 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,665 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,668 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,669 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,676 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-31 21:56:56,677 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-31 21:56:56,677 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-31 21:56:56,677 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-31 21:56:56,681 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (1/1) ... [2024-10-31 21:56:56,688 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 21:56:56,701 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 21:56:56,719 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-31 21:56:56,726 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-31 21:56:56,761 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-31 21:56:56,762 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-31 21:56:56,762 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-31 21:56:56,762 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-31 21:56:56,762 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-31 21:56:56,763 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-31 21:56:56,763 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-31 21:56:56,763 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 21:56:56,764 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 21:56:56,764 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-31 21:56:56,765 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-31 21:56:56,765 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-31 21:56:56,765 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-31 21:56:56,766 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-31 21:56:56,766 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-31 21:56:56,767 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-31 21:56:56,767 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-31 21:56:56,767 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-31 21:56:56,768 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-31 21:56:56,768 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-31 21:56:56,899 INFO L238 CfgBuilder]: Building ICFG [2024-10-31 21:56:56,905 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-31 21:56:57,281 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-10-31 21:56:57,282 INFO L287 CfgBuilder]: Performing block encoding [2024-10-31 21:56:57,306 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-31 21:56:57,306 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-31 21:56:57,307 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 09:56:57 BoogieIcfgContainer [2024-10-31 21:56:57,307 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-31 21:56:57,309 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-31 21:56:57,310 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-31 21:56:57,314 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-31 21:56:57,314 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 31.10 09:56:55" (1/3) ... [2024-10-31 21:56:57,315 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5da2e979 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 09:56:57, skipping insertion in model container [2024-10-31 21:56:57,315 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:56" (2/3) ... [2024-10-31 21:56:57,316 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5da2e979 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 09:56:57, skipping insertion in model container [2024-10-31 21:56:57,316 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 09:56:57" (3/3) ... [2024-10-31 21:56:57,317 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product39.cil.c [2024-10-31 21:56:57,350 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-31 21:56:57,351 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-31 21:56:57,443 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-31 21:56:57,450 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6ba6fa67, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-31 21:56:57,450 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-31 21:56:57,455 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 73 states have (on average 1.36986301369863) internal successors, (100), 82 states have internal predecessors, (100), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-31 21:56:57,465 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-10-31 21:56:57,466 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:57,466 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:57,467 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:57,472 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:57,472 INFO L85 PathProgramCache]: Analyzing trace with hash -1244587252, now seen corresponding path program 1 times [2024-10-31 21:56:57,483 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:57,483 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1009266802] [2024-10-31 21:56:57,483 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:57,484 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:57,625 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:57,710 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 21:56:57,713 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:57,722 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-31 21:56:57,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:57,730 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:57,730 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:57,731 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1009266802] [2024-10-31 21:56:57,731 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1009266802] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:57,732 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:57,732 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-31 21:56:57,734 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [214897526] [2024-10-31 21:56:57,734 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:57,739 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-31 21:56:57,739 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:57,766 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-31 21:56:57,767 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 21:56:57,770 INFO L87 Difference]: Start difference. First operand has 97 states, 73 states have (on average 1.36986301369863) internal successors, (100), 82 states have internal predecessors, (100), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 21:56:57,805 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:57,805 INFO L93 Difference]: Finished difference Result 185 states and 250 transitions. [2024-10-31 21:56:57,808 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-31 21:56:57,809 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-10-31 21:56:57,810 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:57,819 INFO L225 Difference]: With dead ends: 185 [2024-10-31 21:56:57,820 INFO L226 Difference]: Without dead ends: 88 [2024-10-31 21:56:57,824 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 21:56:57,827 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:57,828 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 21:56:57,848 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2024-10-31 21:56:57,869 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2024-10-31 21:56:57,871 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 66 states have (on average 1.303030303030303) internal successors, (86), 74 states have internal predecessors, (86), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-31 21:56:57,873 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2024-10-31 21:56:57,875 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 32 [2024-10-31 21:56:57,875 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:57,875 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2024-10-31 21:56:57,876 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 21:56:57,876 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2024-10-31 21:56:57,878 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-10-31 21:56:57,879 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:57,879 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:57,879 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-31 21:56:57,880 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:57,880 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:57,881 INFO L85 PathProgramCache]: Analyzing trace with hash 1563484802, now seen corresponding path program 1 times [2024-10-31 21:56:57,881 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:57,881 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1466046508] [2024-10-31 21:56:57,881 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:57,882 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:57,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,125 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 21:56:58,130 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,139 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-10-31 21:56:58,147 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,155 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:58,155 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:58,155 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1466046508] [2024-10-31 21:56:58,156 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1466046508] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:58,156 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:58,156 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 21:56:58,156 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [395771689] [2024-10-31 21:56:58,156 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:58,161 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 21:56:58,163 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:58,163 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 21:56:58,164 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:56:58,165 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 21:56:58,243 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:58,243 INFO L93 Difference]: Finished difference Result 247 states and 325 transitions. [2024-10-31 21:56:58,243 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 21:56:58,244 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2024-10-31 21:56:58,244 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:58,246 INFO L225 Difference]: With dead ends: 247 [2024-10-31 21:56:58,246 INFO L226 Difference]: Without dead ends: 167 [2024-10-31 21:56:58,247 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:56:58,250 INFO L432 NwaCegarLoop]: 128 mSDtfsCounter, 88 mSDsluCounter, 102 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 230 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:58,254 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [88 Valid, 230 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 21:56:58,256 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2024-10-31 21:56:58,301 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 164. [2024-10-31 21:56:58,302 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 164 states, 121 states have (on average 1.322314049586777) internal successors, (160), 136 states have internal predecessors, (160), 28 states have call successors, (28), 16 states have call predecessors, (28), 14 states have return successors, (26), 19 states have call predecessors, (26), 26 states have call successors, (26) [2024-10-31 21:56:58,308 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 164 states to 164 states and 214 transitions. [2024-10-31 21:56:58,312 INFO L78 Accepts]: Start accepts. Automaton has 164 states and 214 transitions. Word has length 37 [2024-10-31 21:56:58,313 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:58,313 INFO L471 AbstractCegarLoop]: Abstraction has 164 states and 214 transitions. [2024-10-31 21:56:58,313 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 21:56:58,313 INFO L276 IsEmpty]: Start isEmpty. Operand 164 states and 214 transitions. [2024-10-31 21:56:58,318 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-10-31 21:56:58,318 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:58,319 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:58,320 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-31 21:56:58,321 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:58,321 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:58,322 INFO L85 PathProgramCache]: Analyzing trace with hash -224446946, now seen corresponding path program 1 times [2024-10-31 21:56:58,322 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:58,323 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1587236102] [2024-10-31 21:56:58,323 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:58,323 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:58,342 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,396 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-31 21:56:58,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,405 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 21:56:58,409 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,413 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:56:58,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-31 21:56:58,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,421 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:58,421 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:58,422 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1587236102] [2024-10-31 21:56:58,422 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1587236102] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:58,422 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:58,422 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-10-31 21:56:58,423 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1928543458] [2024-10-31 21:56:58,423 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:58,423 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-10-31 21:56:58,424 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:58,424 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-10-31 21:56:58,425 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-31 21:56:58,425 INFO L87 Difference]: Start difference. First operand 164 states and 214 transitions. Second operand has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 21:56:58,592 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:58,592 INFO L93 Difference]: Finished difference Result 288 states and 373 transitions. [2024-10-31 21:56:58,592 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-10-31 21:56:58,593 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2024-10-31 21:56:58,593 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:58,595 INFO L225 Difference]: With dead ends: 288 [2024-10-31 21:56:58,595 INFO L226 Difference]: Without dead ends: 174 [2024-10-31 21:56:58,596 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-10-31 21:56:58,597 INFO L432 NwaCegarLoop]: 86 mSDtfsCounter, 66 mSDsluCounter, 102 mSDsCounter, 0 mSdLazyCounter, 57 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 188 SdHoareTripleChecker+Invalid, 71 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 57 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:58,598 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 188 Invalid, 71 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 57 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-31 21:56:58,599 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 174 states. [2024-10-31 21:56:58,635 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 174 to 146. [2024-10-31 21:56:58,636 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 146 states, 109 states have (on average 1.3394495412844036) internal successors, (146), 124 states have internal predecessors, (146), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 15 states have call predecessors, (22), 22 states have call successors, (22) [2024-10-31 21:56:58,641 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 146 states to 146 states and 190 transitions. [2024-10-31 21:56:58,642 INFO L78 Accepts]: Start accepts. Automaton has 146 states and 190 transitions. Word has length 43 [2024-10-31 21:56:58,642 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:58,642 INFO L471 AbstractCegarLoop]: Abstraction has 146 states and 190 transitions. [2024-10-31 21:56:58,642 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 21:56:58,642 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 190 transitions. [2024-10-31 21:56:58,647 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-10-31 21:56:58,647 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:58,647 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:58,648 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-31 21:56:58,648 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:58,648 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:58,648 INFO L85 PathProgramCache]: Analyzing trace with hash 209384056, now seen corresponding path program 1 times [2024-10-31 21:56:58,649 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:58,649 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1043015711] [2024-10-31 21:56:58,649 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:58,649 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:58,700 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,910 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-31 21:56:58,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,917 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-31 21:56:58,924 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:58,951 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-31 21:56:58,954 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:58,954 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1043015711] [2024-10-31 21:56:58,955 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1043015711] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:58,955 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:58,955 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 21:56:58,955 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2118305950] [2024-10-31 21:56:58,955 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:58,956 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 21:56:58,956 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:58,956 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 21:56:58,957 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 21:56:58,959 INFO L87 Difference]: Start difference. First operand 146 states and 190 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 21:56:59,175 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:59,176 INFO L93 Difference]: Finished difference Result 374 states and 499 transitions. [2024-10-31 21:56:59,176 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 21:56:59,177 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-10-31 21:56:59,177 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:59,180 INFO L225 Difference]: With dead ends: 374 [2024-10-31 21:56:59,180 INFO L226 Difference]: Without dead ends: 236 [2024-10-31 21:56:59,181 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-31 21:56:59,182 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 71 mSDsluCounter, 331 mSDsCounter, 0 mSdLazyCounter, 68 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 432 SdHoareTripleChecker+Invalid, 77 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 68 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:59,183 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [73 Valid, 432 Invalid, 77 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 68 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-31 21:56:59,185 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 236 states. [2024-10-31 21:56:59,245 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 236 to 235. [2024-10-31 21:56:59,246 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 235 states, 176 states have (on average 1.2954545454545454) internal successors, (228), 191 states have internal predecessors, (228), 32 states have call successors, (32), 26 states have call predecessors, (32), 26 states have return successors, (40), 29 states have call predecessors, (40), 32 states have call successors, (40) [2024-10-31 21:56:59,251 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 235 states to 235 states and 300 transitions. [2024-10-31 21:56:59,252 INFO L78 Accepts]: Start accepts. Automaton has 235 states and 300 transitions. Word has length 41 [2024-10-31 21:56:59,252 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:59,252 INFO L471 AbstractCegarLoop]: Abstraction has 235 states and 300 transitions. [2024-10-31 21:56:59,253 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 21:56:59,256 INFO L276 IsEmpty]: Start isEmpty. Operand 235 states and 300 transitions. [2024-10-31 21:56:59,257 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-10-31 21:56:59,258 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:59,258 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:59,258 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-31 21:56:59,258 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:59,263 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:59,263 INFO L85 PathProgramCache]: Analyzing trace with hash -1528927009, now seen corresponding path program 1 times [2024-10-31 21:56:59,263 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:59,264 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1582777013] [2024-10-31 21:56:59,264 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:59,264 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:59,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:59,379 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 21:56:59,380 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:59,386 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-10-31 21:56:59,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:59,434 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-10-31 21:56:59,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:59,440 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:59,441 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:59,441 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1582777013] [2024-10-31 21:56:59,442 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1582777013] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:59,442 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:59,442 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 21:56:59,442 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1698851237] [2024-10-31 21:56:59,444 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:59,444 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 21:56:59,444 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:59,445 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 21:56:59,445 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 21:56:59,445 INFO L87 Difference]: Start difference. First operand 235 states and 300 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 21:56:59,667 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:59,667 INFO L93 Difference]: Finished difference Result 516 states and 667 transitions. [2024-10-31 21:56:59,668 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-31 21:56:59,668 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2024-10-31 21:56:59,669 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:59,671 INFO L225 Difference]: With dead ends: 516 [2024-10-31 21:56:59,671 INFO L226 Difference]: Without dead ends: 289 [2024-10-31 21:56:59,673 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-31 21:56:59,676 INFO L432 NwaCegarLoop]: 87 mSDtfsCounter, 53 mSDsluCounter, 287 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 374 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:59,677 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [57 Valid, 374 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 21:56:59,679 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 289 states. [2024-10-31 21:56:59,755 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 289 to 287. [2024-10-31 21:56:59,756 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 287 states, 218 states have (on average 1.275229357798165) internal successors, (278), 233 states have internal predecessors, (278), 36 states have call successors, (36), 26 states have call predecessors, (36), 32 states have return successors, (50), 37 states have call predecessors, (50), 36 states have call successors, (50) [2024-10-31 21:56:59,759 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 287 states to 287 states and 364 transitions. [2024-10-31 21:56:59,760 INFO L78 Accepts]: Start accepts. Automaton has 287 states and 364 transitions. Word has length 51 [2024-10-31 21:56:59,760 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:59,761 INFO L471 AbstractCegarLoop]: Abstraction has 287 states and 364 transitions. [2024-10-31 21:56:59,761 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 21:56:59,761 INFO L276 IsEmpty]: Start isEmpty. Operand 287 states and 364 transitions. [2024-10-31 21:56:59,762 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-10-31 21:56:59,763 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:59,763 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:59,763 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-31 21:56:59,763 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:59,766 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:59,767 INFO L85 PathProgramCache]: Analyzing trace with hash 1077096545, now seen corresponding path program 1 times [2024-10-31 21:56:59,767 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:59,767 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [709405253] [2024-10-31 21:56:59,767 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:59,767 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:59,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:59,881 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 21:56:59,883 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:59,893 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-10-31 21:56:59,897 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:59,932 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-10-31 21:56:59,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:59,937 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:59,938 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:59,938 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [709405253] [2024-10-31 21:56:59,938 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [709405253] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:59,939 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:59,940 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 21:56:59,940 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [224154238] [2024-10-31 21:56:59,940 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:59,941 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 21:56:59,941 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:59,941 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 21:56:59,943 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 21:56:59,943 INFO L87 Difference]: Start difference. First operand 287 states and 364 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-31 21:57:00,264 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:57:00,264 INFO L93 Difference]: Finished difference Result 578 states and 747 transitions. [2024-10-31 21:57:00,265 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-10-31 21:57:00,265 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2024-10-31 21:57:00,265 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:57:00,267 INFO L225 Difference]: With dead ends: 578 [2024-10-31 21:57:00,268 INFO L226 Difference]: Without dead ends: 299 [2024-10-31 21:57:00,269 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-10-31 21:57:00,270 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 162 mSDsluCounter, 310 mSDsCounter, 0 mSdLazyCounter, 132 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 169 SdHoareTripleChecker+Valid, 413 SdHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 132 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 21:57:00,270 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [169 Valid, 413 Invalid, 169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 132 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 21:57:00,271 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 299 states. [2024-10-31 21:57:00,294 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 299 to 291. [2024-10-31 21:57:00,295 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 291 states, 222 states have (on average 1.2702702702702702) internal successors, (282), 237 states have internal predecessors, (282), 36 states have call successors, (36), 26 states have call predecessors, (36), 32 states have return successors, (50), 37 states have call predecessors, (50), 36 states have call successors, (50) [2024-10-31 21:57:00,297 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 291 states to 291 states and 368 transitions. [2024-10-31 21:57:00,298 INFO L78 Accepts]: Start accepts. Automaton has 291 states and 368 transitions. Word has length 51 [2024-10-31 21:57:00,299 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:57:00,299 INFO L471 AbstractCegarLoop]: Abstraction has 291 states and 368 transitions. [2024-10-31 21:57:00,299 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-31 21:57:00,299 INFO L276 IsEmpty]: Start isEmpty. Operand 291 states and 368 transitions. [2024-10-31 21:57:00,300 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-10-31 21:57:00,300 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:57:00,300 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:57:00,301 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-31 21:57:00,301 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:57:00,301 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:57:00,301 INFO L85 PathProgramCache]: Analyzing trace with hash 1499798371, now seen corresponding path program 1 times [2024-10-31 21:57:00,302 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:57:00,302 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [389320217] [2024-10-31 21:57:00,302 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:57:00,302 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:57:00,317 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:00,382 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 21:57:00,383 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:00,393 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-10-31 21:57:00,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:00,418 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-10-31 21:57:00,420 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:00,423 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:57:00,423 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:57:00,423 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [389320217] [2024-10-31 21:57:00,423 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [389320217] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:57:00,423 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:57:00,423 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 21:57:00,424 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2016759630] [2024-10-31 21:57:00,424 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:57:00,425 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 21:57:00,426 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:57:00,426 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 21:57:00,426 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 21:57:00,427 INFO L87 Difference]: Start difference. First operand 291 states and 368 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 21:57:00,792 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:57:00,793 INFO L93 Difference]: Finished difference Result 846 states and 1109 transitions. [2024-10-31 21:57:00,793 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 21:57:00,793 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2024-10-31 21:57:00,794 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:57:00,799 INFO L225 Difference]: With dead ends: 846 [2024-10-31 21:57:00,800 INFO L226 Difference]: Without dead ends: 563 [2024-10-31 21:57:00,801 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-31 21:57:00,803 INFO L432 NwaCegarLoop]: 131 mSDtfsCounter, 221 mSDsluCounter, 179 mSDsCounter, 0 mSdLazyCounter, 135 mSolverCounterSat, 64 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 228 SdHoareTripleChecker+Valid, 310 SdHoareTripleChecker+Invalid, 199 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 64 IncrementalHoareTripleChecker+Valid, 135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 21:57:00,803 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [228 Valid, 310 Invalid, 199 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [64 Valid, 135 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 21:57:00,805 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 563 states. [2024-10-31 21:57:00,881 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 563 to 556. [2024-10-31 21:57:00,883 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 556 states, 421 states have (on average 1.2351543942992873) internal successors, (520), 445 states have internal predecessors, (520), 73 states have call successors, (73), 59 states have call predecessors, (73), 61 states have return successors, (111), 72 states have call predecessors, (111), 73 states have call successors, (111) [2024-10-31 21:57:00,889 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 556 states to 556 states and 704 transitions. [2024-10-31 21:57:00,890 INFO L78 Accepts]: Start accepts. Automaton has 556 states and 704 transitions. Word has length 51 [2024-10-31 21:57:00,890 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:57:00,891 INFO L471 AbstractCegarLoop]: Abstraction has 556 states and 704 transitions. [2024-10-31 21:57:00,891 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 21:57:00,891 INFO L276 IsEmpty]: Start isEmpty. Operand 556 states and 704 transitions. [2024-10-31 21:57:00,892 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-10-31 21:57:00,892 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:57:00,893 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:57:00,893 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-31 21:57:00,893 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:57:00,894 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:57:00,894 INFO L85 PathProgramCache]: Analyzing trace with hash -85847159, now seen corresponding path program 1 times [2024-10-31 21:57:00,894 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:57:00,896 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [500519777] [2024-10-31 21:57:00,896 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:57:00,898 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:57:00,923 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:01,138 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 21:57:01,140 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:01,214 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-31 21:57:01,216 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:01,232 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-31 21:57:01,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:01,243 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-10-31 21:57:01,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:01,249 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:57:01,252 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:57:01,252 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [500519777] [2024-10-31 21:57:01,252 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [500519777] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:57:01,252 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:57:01,252 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-31 21:57:01,253 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [324471828] [2024-10-31 21:57:01,253 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:57:01,253 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-31 21:57:01,253 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:57:01,254 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-31 21:57:01,254 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-10-31 21:57:01,254 INFO L87 Difference]: Start difference. First operand 556 states and 704 transitions. Second operand has 9 states, 9 states have (on average 4.888888888888889) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 21:57:02,138 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:57:02,138 INFO L93 Difference]: Finished difference Result 1697 states and 2242 transitions. [2024-10-31 21:57:02,138 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-10-31 21:57:02,139 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.888888888888889) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 55 [2024-10-31 21:57:02,139 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:57:02,147 INFO L225 Difference]: With dead ends: 1697 [2024-10-31 21:57:02,147 INFO L226 Difference]: Without dead ends: 1252 [2024-10-31 21:57:02,150 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 67 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=101, Invalid=319, Unknown=0, NotChecked=0, Total=420 [2024-10-31 21:57:02,151 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 412 mSDsluCounter, 486 mSDsCounter, 0 mSdLazyCounter, 499 mSolverCounterSat, 130 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 419 SdHoareTripleChecker+Valid, 589 SdHoareTripleChecker+Invalid, 629 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 130 IncrementalHoareTripleChecker+Valid, 499 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-31 21:57:02,152 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [419 Valid, 589 Invalid, 629 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [130 Valid, 499 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-31 21:57:02,154 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1252 states. [2024-10-31 21:57:02,259 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1252 to 1083. [2024-10-31 21:57:02,261 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1083 states, 820 states have (on average 1.2317073170731707) internal successors, (1010), 873 states have internal predecessors, (1010), 142 states have call successors, (142), 104 states have call predecessors, (142), 120 states have return successors, (220), 140 states have call predecessors, (220), 142 states have call successors, (220) [2024-10-31 21:57:02,269 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1083 states to 1083 states and 1372 transitions. [2024-10-31 21:57:02,270 INFO L78 Accepts]: Start accepts. Automaton has 1083 states and 1372 transitions. Word has length 55 [2024-10-31 21:57:02,270 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:57:02,271 INFO L471 AbstractCegarLoop]: Abstraction has 1083 states and 1372 transitions. [2024-10-31 21:57:02,271 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.888888888888889) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 21:57:02,271 INFO L276 IsEmpty]: Start isEmpty. Operand 1083 states and 1372 transitions. [2024-10-31 21:57:02,273 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2024-10-31 21:57:02,273 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:57:02,273 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:57:02,274 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-31 21:57:02,274 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:57:02,274 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:57:02,274 INFO L85 PathProgramCache]: Analyzing trace with hash 1602781584, now seen corresponding path program 1 times [2024-10-31 21:57:02,275 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:57:02,275 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [853540566] [2024-10-31 21:57:02,275 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:57:02,275 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:57:02,289 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:02,332 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 21:57:02,333 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:02,345 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-31 21:57:02,350 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:02,367 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:57:02,368 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:02,377 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-31 21:57:02,380 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:02,387 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-10-31 21:57:02,389 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:02,394 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2024-10-31 21:57:02,395 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:02,399 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-10-31 21:57:02,399 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:57:02,400 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [853540566] [2024-10-31 21:57:02,400 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [853540566] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:57:02,400 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:57:02,400 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-31 21:57:02,400 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1178857648] [2024-10-31 21:57:02,402 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:57:02,402 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-31 21:57:02,402 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:57:02,403 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-31 21:57:02,403 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-31 21:57:02,403 INFO L87 Difference]: Start difference. First operand 1083 states and 1372 transitions. Second operand has 7 states, 7 states have (on average 9.714285714285714) internal successors, (68), 4 states have internal predecessors, (68), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-31 21:57:02,869 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:57:02,869 INFO L93 Difference]: Finished difference Result 1319 states and 1661 transitions. [2024-10-31 21:57:02,869 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-31 21:57:02,870 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 9.714285714285714) internal successors, (68), 4 states have internal predecessors, (68), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 85 [2024-10-31 21:57:02,870 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:57:02,873 INFO L225 Difference]: With dead ends: 1319 [2024-10-31 21:57:02,874 INFO L226 Difference]: Without dead ends: 556 [2024-10-31 21:57:02,876 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-10-31 21:57:02,876 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 254 mSDsluCounter, 269 mSDsCounter, 0 mSdLazyCounter, 252 mSolverCounterSat, 54 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 263 SdHoareTripleChecker+Valid, 378 SdHoareTripleChecker+Invalid, 306 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 54 IncrementalHoareTripleChecker+Valid, 252 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-31 21:57:02,877 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [263 Valid, 378 Invalid, 306 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [54 Valid, 252 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-31 21:57:02,878 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 556 states. [2024-10-31 21:57:02,944 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 556 to 530. [2024-10-31 21:57:02,945 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 530 states, 402 states have (on average 1.1965174129353233) internal successors, (481), 426 states have internal predecessors, (481), 68 states have call successors, (68), 51 states have call predecessors, (68), 59 states have return successors, (107), 68 states have call predecessors, (107), 68 states have call successors, (107) [2024-10-31 21:57:02,949 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 530 states to 530 states and 656 transitions. [2024-10-31 21:57:02,950 INFO L78 Accepts]: Start accepts. Automaton has 530 states and 656 transitions. Word has length 85 [2024-10-31 21:57:02,950 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:57:02,950 INFO L471 AbstractCegarLoop]: Abstraction has 530 states and 656 transitions. [2024-10-31 21:57:02,950 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 9.714285714285714) internal successors, (68), 4 states have internal predecessors, (68), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-31 21:57:02,951 INFO L276 IsEmpty]: Start isEmpty. Operand 530 states and 656 transitions. [2024-10-31 21:57:02,952 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 95 [2024-10-31 21:57:02,952 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:57:02,952 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:57:02,952 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-31 21:57:02,952 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:57:02,953 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:57:02,953 INFO L85 PathProgramCache]: Analyzing trace with hash 1627346287, now seen corresponding path program 1 times [2024-10-31 21:57:02,953 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:57:02,953 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1020738547] [2024-10-31 21:57:02,954 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:57:02,954 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:57:02,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,139 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 21:57:03,140 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,161 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-10-31 21:57:03,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,192 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:57:03,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,205 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-31 21:57:03,208 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,215 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-10-31 21:57:03,217 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,232 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 74 [2024-10-31 21:57:03,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,235 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:57:03,236 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,237 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 86 [2024-10-31 21:57:03,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,241 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 8 proven. 18 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-10-31 21:57:03,241 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:57:03,241 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1020738547] [2024-10-31 21:57:03,242 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1020738547] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 21:57:03,242 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [652404693] [2024-10-31 21:57:03,242 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:57:03,242 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 21:57:03,242 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 21:57:03,245 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 21:57:03,246 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-31 21:57:03,362 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:03,366 INFO L255 TraceCheckSpWp]: Trace formula consists of 312 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-10-31 21:57:03,380 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 21:57:03,573 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 21:57:03,573 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-31 21:57:03,857 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-10-31 21:57:03,857 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [652404693] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-31 21:57:03,857 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-31 21:57:03,858 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-31 21:57:03,858 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [732727569] [2024-10-31 21:57:03,858 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-31 21:57:03,859 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-31 21:57:03,859 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:57:03,860 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-31 21:57:03,861 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-31 21:57:03,861 INFO L87 Difference]: Start difference. First operand 530 states and 656 transitions. Second operand has 15 states, 15 states have (on average 8.6) internal successors, (129), 10 states have internal predecessors, (129), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-31 21:57:05,435 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:57:05,435 INFO L93 Difference]: Finished difference Result 1137 states and 1441 transitions. [2024-10-31 21:57:05,436 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 32 states. [2024-10-31 21:57:05,436 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 8.6) internal successors, (129), 10 states have internal predecessors, (129), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) Word has length 94 [2024-10-31 21:57:05,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:57:05,441 INFO L225 Difference]: With dead ends: 1137 [2024-10-31 21:57:05,441 INFO L226 Difference]: Without dead ends: 663 [2024-10-31 21:57:05,444 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 254 GetRequests, 208 SyntacticMatches, 4 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 463 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=441, Invalid=1451, Unknown=0, NotChecked=0, Total=1892 [2024-10-31 21:57:05,445 INFO L432 NwaCegarLoop]: 160 mSDtfsCounter, 417 mSDsluCounter, 675 mSDsCounter, 0 mSdLazyCounter, 650 mSolverCounterSat, 164 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 420 SdHoareTripleChecker+Valid, 835 SdHoareTripleChecker+Invalid, 814 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 164 IncrementalHoareTripleChecker+Valid, 650 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-10-31 21:57:05,446 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [420 Valid, 835 Invalid, 814 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [164 Valid, 650 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-10-31 21:57:05,447 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 663 states. [2024-10-31 21:57:05,539 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 663 to 591. [2024-10-31 21:57:05,541 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 591 states, 442 states have (on average 1.1787330316742082) internal successors, (521), 474 states have internal predecessors, (521), 78 states have call successors, (78), 65 states have call predecessors, (78), 70 states have return successors, (103), 73 states have call predecessors, (103), 78 states have call successors, (103) [2024-10-31 21:57:05,544 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 591 states to 591 states and 702 transitions. [2024-10-31 21:57:05,546 INFO L78 Accepts]: Start accepts. Automaton has 591 states and 702 transitions. Word has length 94 [2024-10-31 21:57:05,547 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:57:05,547 INFO L471 AbstractCegarLoop]: Abstraction has 591 states and 702 transitions. [2024-10-31 21:57:05,548 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 8.6) internal successors, (129), 10 states have internal predecessors, (129), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-31 21:57:05,548 INFO L276 IsEmpty]: Start isEmpty. Operand 591 states and 702 transitions. [2024-10-31 21:57:05,552 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 172 [2024-10-31 21:57:05,554 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:57:05,554 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:57:05,579 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-31 21:57:05,758 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-31 21:57:05,759 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:57:05,759 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:57:05,760 INFO L85 PathProgramCache]: Analyzing trace with hash -299983089, now seen corresponding path program 1 times [2024-10-31 21:57:05,760 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:57:05,760 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1330064237] [2024-10-31 21:57:05,760 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:57:05,760 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:57:05,789 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:05,990 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 21:57:05,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,012 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-10-31 21:57:06,025 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,062 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:57:06,064 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,073 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-31 21:57:06,075 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,078 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2024-10-31 21:57:06,084 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,212 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:57:06,214 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,216 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-31 21:57:06,218 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,220 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:57:06,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,223 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 97 [2024-10-31 21:57:06,228 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,234 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:57:06,236 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,237 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-31 21:57:06,238 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,240 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 128 [2024-10-31 21:57:06,241 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,243 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 138 [2024-10-31 21:57:06,244 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,246 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 147 [2024-10-31 21:57:06,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,252 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 163 [2024-10-31 21:57:06,254 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,256 INFO L134 CoverageAnalysis]: Checked inductivity of 188 backedges. 88 proven. 28 refuted. 0 times theorem prover too weak. 72 trivial. 0 not checked. [2024-10-31 21:57:06,256 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:57:06,257 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1330064237] [2024-10-31 21:57:06,257 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1330064237] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 21:57:06,257 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [721351432] [2024-10-31 21:57:06,257 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:57:06,258 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 21:57:06,258 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 21:57:06,260 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 21:57:06,261 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-10-31 21:57:06,418 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:57:06,421 INFO L255 TraceCheckSpWp]: Trace formula consists of 502 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-10-31 21:57:06,428 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 21:57:06,715 INFO L134 CoverageAnalysis]: Checked inductivity of 188 backedges. 138 proven. 4 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2024-10-31 21:57:06,715 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-31 21:57:07,281 INFO L134 CoverageAnalysis]: Checked inductivity of 188 backedges. 78 proven. 42 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2024-10-31 21:57:07,282 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [721351432] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-31 21:57:07,282 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-31 21:57:07,282 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 11] total 25 [2024-10-31 21:57:07,282 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [736049486] [2024-10-31 21:57:07,283 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-31 21:57:07,284 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2024-10-31 21:57:07,284 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:57:07,285 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2024-10-31 21:57:07,286 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=121, Invalid=479, Unknown=0, NotChecked=0, Total=600 [2024-10-31 21:57:07,286 INFO L87 Difference]: Start difference. First operand 591 states and 702 transitions. Second operand has 25 states, 25 states have (on average 8.16) internal successors, (204), 22 states have internal predecessors, (204), 10 states have call successors, (34), 8 states have call predecessors, (34), 9 states have return successors, (31), 9 states have call predecessors, (31), 10 states have call successors, (31) [2024-10-31 21:57:08,852 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:57:08,853 INFO L93 Difference]: Finished difference Result 1225 states and 1502 transitions. [2024-10-31 21:57:08,853 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2024-10-31 21:57:08,854 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 8.16) internal successors, (204), 22 states have internal predecessors, (204), 10 states have call successors, (34), 8 states have call predecessors, (34), 9 states have return successors, (31), 9 states have call predecessors, (31), 10 states have call successors, (31) Word has length 171 [2024-10-31 21:57:08,854 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:57:08,856 INFO L225 Difference]: With dead ends: 1225 [2024-10-31 21:57:08,856 INFO L226 Difference]: Without dead ends: 0 [2024-10-31 21:57:08,860 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 410 GetRequests, 360 SyntacticMatches, 4 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 447 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=458, Invalid=1798, Unknown=0, NotChecked=0, Total=2256 [2024-10-31 21:57:08,861 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 572 mSDsluCounter, 704 mSDsCounter, 0 mSdLazyCounter, 1146 mSolverCounterSat, 216 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 575 SdHoareTripleChecker+Valid, 797 SdHoareTripleChecker+Invalid, 1362 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 216 IncrementalHoareTripleChecker+Valid, 1146 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2024-10-31 21:57:08,862 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [575 Valid, 797 Invalid, 1362 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [216 Valid, 1146 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2024-10-31 21:57:08,862 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-31 21:57:08,862 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-31 21:57:08,863 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-31 21:57:08,863 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-31 21:57:08,864 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 171 [2024-10-31 21:57:08,864 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:57:08,864 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-31 21:57:08,865 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 8.16) internal successors, (204), 22 states have internal predecessors, (204), 10 states have call successors, (34), 8 states have call predecessors, (34), 9 states have return successors, (31), 9 states have call predecessors, (31), 10 states have call successors, (31) [2024-10-31 21:57:08,865 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-31 21:57:08,865 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-31 21:57:08,868 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-31 21:57:08,890 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-10-31 21:57:09,072 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 21:57:09,074 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:57:09,076 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-31 21:57:16,298 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-10-31 21:57:16,317 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (= 1 ~systemActive~0))) Eliminated clause: (or (and (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (= 1 ~systemActive~0)) [2024-10-31 21:57:16,352 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse2 (<= |old(~waterLevel~0)| 1)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|)) (.cse4 (= |old(~waterLevel~0)| 2))) (or (and .cse0 (= 0 ~systemActive~0)) (and .cse1 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse3) (and .cse1 .cse0 .cse4) (and .cse1 .cse0 .cse2) (and .cse1 .cse3 .cse4))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 (= 0 ~systemActive~0)))) [2024-10-31 21:57:16,389 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-31 21:57:16,399 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (= |old(~waterLevel~0)| 2)) (.cse3 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 1)) (.cse0 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse1 .cse4) (and .cse3 .cse1 .cse4 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 (= 0 ~systemActive~0)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 (= 0 ~systemActive~0)))) [2024-10-31 21:57:16,419 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 31.10 09:57:16 BoogieIcfgContainer [2024-10-31 21:57:16,419 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-31 21:57:16,420 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-31 21:57:16,420 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-31 21:57:16,420 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-31 21:57:16,421 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 09:56:57" (3/4) ... [2024-10-31 21:57:16,423 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-10-31 21:57:16,427 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-31 21:57:16,428 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-31 21:57:16,428 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-31 21:57:16,428 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-31 21:57:16,428 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-31 21:57:16,428 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 21:57:16,429 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-31 21:57:16,429 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-31 21:57:16,434 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-10-31 21:57:16,435 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-10-31 21:57:16,435 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-31 21:57:16,436 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 21:57:16,436 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 21:57:16,538 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/witness.graphml [2024-10-31 21:57:16,538 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/witness.yml [2024-10-31 21:57:16,539 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-31 21:57:16,539 INFO L158 Benchmark]: Toolchain (without parser) took 20737.21ms. Allocated memory was 144.7MB in the beginning and 251.7MB in the end (delta: 107.0MB). Free memory was 107.3MB in the beginning and 146.1MB in the end (delta: -38.8MB). Peak memory consumption was 70.1MB. Max. memory is 16.1GB. [2024-10-31 21:57:16,539 INFO L158 Benchmark]: CDTParser took 0.29ms. Allocated memory is still 96.5MB. Free memory is still 72.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-31 21:57:16,540 INFO L158 Benchmark]: CACSL2BoogieTranslator took 675.66ms. Allocated memory is still 144.7MB. Free memory was 107.3MB in the beginning and 85.7MB in the end (delta: 21.7MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-31 21:57:16,540 INFO L158 Benchmark]: Boogie Procedure Inliner took 88.14ms. Allocated memory is still 144.7MB. Free memory was 85.7MB in the beginning and 83.6MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 21:57:16,540 INFO L158 Benchmark]: Boogie Preprocessor took 104.99ms. Allocated memory is still 144.7MB. Free memory was 83.2MB in the beginning and 81.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 21:57:16,541 INFO L158 Benchmark]: RCFGBuilder took 630.41ms. Allocated memory is still 144.7MB. Free memory was 81.1MB in the beginning and 62.7MB in the end (delta: 18.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-10-31 21:57:16,541 INFO L158 Benchmark]: TraceAbstraction took 19109.93ms. Allocated memory was 144.7MB in the beginning and 251.7MB in the end (delta: 107.0MB). Free memory was 62.2MB in the beginning and 154.5MB in the end (delta: -92.3MB). Peak memory consumption was 74.6MB. Max. memory is 16.1GB. [2024-10-31 21:57:16,542 INFO L158 Benchmark]: Witness Printer took 118.83ms. Allocated memory is still 251.7MB. Free memory was 154.5MB in the beginning and 146.1MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-31 21:57:16,543 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.29ms. Allocated memory is still 96.5MB. Free memory is still 72.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 675.66ms. Allocated memory is still 144.7MB. Free memory was 107.3MB in the beginning and 85.7MB in the end (delta: 21.7MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 88.14ms. Allocated memory is still 144.7MB. Free memory was 85.7MB in the beginning and 83.6MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 104.99ms. Allocated memory is still 144.7MB. Free memory was 83.2MB in the beginning and 81.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 630.41ms. Allocated memory is still 144.7MB. Free memory was 81.1MB in the beginning and 62.7MB in the end (delta: 18.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 19109.93ms. Allocated memory was 144.7MB in the beginning and 251.7MB in the end (delta: 107.0MB). Free memory was 62.2MB in the beginning and 154.5MB in the end (delta: -92.3MB). Peak memory consumption was 74.6MB. Max. memory is 16.1GB. * Witness Printer took 118.83ms. Allocated memory is still 251.7MB. Free memory was 154.5MB in the beginning and 146.1MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [96] - GenericResultAtLocation [Line: 304]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [304] - GenericResultAtLocation [Line: 405]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [405] - GenericResultAtLocation [Line: 472]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [472] - GenericResultAtLocation [Line: 522]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [522] - GenericResultAtLocation [Line: 888]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [888] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 97 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 11.7s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 6.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2367 SdHoareTripleChecker+Valid, 3.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2316 mSDsluCounter, 4668 SdHoareTripleChecker+Invalid, 2.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3445 mSDsCounter, 701 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3063 IncrementalHoareTripleChecker+Invalid, 3764 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 701 mSolverCounterUnsat, 1223 mSDtfsCounter, 3063 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 806 GetRequests, 648 SyntacticMatches, 8 SemanticMatches, 150 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1016 ImplicationChecksByTransitivity, 2.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1083occurred in iteration=8, InterpolantAutomatonStates: 127, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 11 MinimizatonAttempts, 316 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 3.6s InterpolantComputationTime, 976 NumberOfCodeBlocks, 976 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1226 ConstructedInterpolants, 0 QuantifiedInterpolants, 2488 SizeOfPredicates, 2 NumberOfNonLiveVariables, 814 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 605/714 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 416]: Loop Invariant Derived loop invariant: (((((((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS)) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((pumpRunning == 0) && (splverifierCounter == 0)) && (0 == systemActive))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 415]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 316]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 206]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((2 <= waterLevel) && (0 != systemActive)) || (1 == systemActive)) Ensures: (((pumpRunning == 0) && (((2 <= waterLevel) && (0 != systemActive)) || (1 == systemActive))) && ((((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 139]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 915]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 306]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 112]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: ((((((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (\old(pumpRunning) != 0)) || (\old(waterLevel) != 2)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (0 == systemActive)) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (((((pumpRunning == \old(pumpRunning)) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS)))) && ((((\old(waterLevel) != 1) || ((((pumpRunning == \old(pumpRunning)) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1))) && (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && ((((((\old(pumpRunning) == 0) && (\old(waterLevel) <= 1)) || ((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2))) || ((\old(pumpRunning) == 0) && (0 == systemActive))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) == 2))) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 1)) && (1 <= \old(pumpRunning))))) && ((((1 < \old(waterLevel)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (0 == systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 147]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 903]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: ((((((((long long) \old(waterLevel) + 1) <= waterLevel) && (waterLevel <= 2)) || ((2 <= waterLevel) && (\old(waterLevel) == waterLevel))) && ((0 == systemActive) || (waterLevel < ((long long) \old(waterLevel) + 2)))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS))) || ((pumpRunning == 0) && (0 == systemActive)))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 225]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) && (pumpRunning == \result)) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-10-31 21:57:16,579 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9693f4c8-691f-47a9-a6a0-ad5bfaedaee8/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE