./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4fc63b2a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 96a9f4a5eb48d3a052332271e6f513d6efe176b9f027fc1b42847acbd4831cf9 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-4fc63b2 [2024-10-31 21:56:08,008 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-31 21:56:08,084 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-31 21:56:08,091 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-31 21:56:08,092 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-31 21:56:08,122 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-31 21:56:08,123 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-31 21:56:08,124 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-31 21:56:08,124 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-31 21:56:08,125 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-31 21:56:08,125 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-31 21:56:08,126 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-31 21:56:08,127 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-31 21:56:08,127 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-31 21:56:08,128 INFO L153 SettingsManager]: * Use SBE=true [2024-10-31 21:56:08,128 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-31 21:56:08,129 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-31 21:56:08,129 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-31 21:56:08,129 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-31 21:56:08,130 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-31 21:56:08,130 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-31 21:56:08,134 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-31 21:56:08,135 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-31 21:56:08,135 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-31 21:56:08,135 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-31 21:56:08,136 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-31 21:56:08,136 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-31 21:56:08,136 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-31 21:56:08,137 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-31 21:56:08,137 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-31 21:56:08,137 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-31 21:56:08,137 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-31 21:56:08,138 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 21:56:08,138 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-31 21:56:08,139 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-31 21:56:08,139 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-31 21:56:08,139 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-31 21:56:08,140 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-31 21:56:08,140 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-31 21:56:08,140 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-31 21:56:08,141 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-31 21:56:08,143 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-31 21:56:08,143 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 96a9f4a5eb48d3a052332271e6f513d6efe176b9f027fc1b42847acbd4831cf9 [2024-10-31 21:56:08,435 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-31 21:56:08,469 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-31 21:56:08,472 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-31 21:56:08,474 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-31 21:56:08,474 INFO L274 PluginConnector]: CDTParser initialized [2024-10-31 21:56:08,476 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/../../sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c Unable to find full path for "g++" [2024-10-31 21:56:10,750 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-31 21:56:11,017 INFO L384 CDTParser]: Found 1 translation units. [2024-10-31 21:56:11,019 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c [2024-10-31 21:56:11,037 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/data/5f7f9efdb/4cadacd94eeb47b984f983d87f86e46a/FLAG07aec39ec [2024-10-31 21:56:11,058 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/data/5f7f9efdb/4cadacd94eeb47b984f983d87f86e46a [2024-10-31 21:56:11,063 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-31 21:56:11,064 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-31 21:56:11,068 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-31 21:56:11,069 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-31 21:56:11,078 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-31 21:56:11,079 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,083 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@a6e8e02 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11, skipping insertion in model container [2024-10-31 21:56:11,083 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,149 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-31 21:56:11,490 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c[11292,11305] [2024-10-31 21:56:11,568 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 21:56:11,585 INFO L200 MainTranslator]: Completed pre-run [2024-10-31 21:56:11,596 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-10-31 21:56:11,598 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [415] [2024-10-31 21:56:11,598 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [424] [2024-10-31 21:56:11,598 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [499] [2024-10-31 21:56:11,598 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [730] [2024-10-31 21:56:11,598 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [825] [2024-10-31 21:56:11,599 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [926] [2024-10-31 21:56:11,599 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [975] [2024-10-31 21:56:11,663 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c[11292,11305] [2024-10-31 21:56:11,685 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 21:56:11,708 INFO L204 MainTranslator]: Completed translation [2024-10-31 21:56:11,709 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11 WrapperNode [2024-10-31 21:56:11,709 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-31 21:56:11,710 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-31 21:56:11,710 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-31 21:56:11,710 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-31 21:56:11,719 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,732 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,764 INFO L138 Inliner]: procedures = 58, calls = 105, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 217 [2024-10-31 21:56:11,765 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-31 21:56:11,766 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-31 21:56:11,766 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-31 21:56:11,766 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-31 21:56:11,778 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,779 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,781 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,799 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-31 21:56:11,799 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,800 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,810 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,815 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,820 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,824 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,830 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-31 21:56:11,831 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-31 21:56:11,832 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-31 21:56:11,832 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-31 21:56:11,833 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (1/1) ... [2024-10-31 21:56:11,839 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 21:56:11,853 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 21:56:11,874 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-31 21:56:11,881 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-31 21:56:11,911 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-31 21:56:11,912 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-31 21:56:11,912 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-31 21:56:11,912 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-31 21:56:11,912 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-31 21:56:11,913 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-31 21:56:11,913 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-31 21:56:11,913 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-31 21:56:11,913 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-31 21:56:11,913 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-10-31 21:56:11,914 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-10-31 21:56:11,914 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-31 21:56:11,915 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-31 21:56:11,915 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-10-31 21:56:11,915 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-10-31 21:56:11,915 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-31 21:56:11,916 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-31 21:56:11,917 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-31 21:56:11,917 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-31 21:56:11,917 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-31 21:56:11,917 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-31 21:56:11,918 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-31 21:56:12,047 INFO L238 CfgBuilder]: Building ICFG [2024-10-31 21:56:12,052 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-31 21:56:12,507 INFO L? ?]: Removed 43 outVars from TransFormulas that were not future-live. [2024-10-31 21:56:12,507 INFO L287 CfgBuilder]: Performing block encoding [2024-10-31 21:56:12,526 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-31 21:56:12,526 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-31 21:56:12,527 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 09:56:12 BoogieIcfgContainer [2024-10-31 21:56:12,527 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-31 21:56:12,530 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-31 21:56:12,530 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-31 21:56:12,534 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-31 21:56:12,535 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 31.10 09:56:11" (1/3) ... [2024-10-31 21:56:12,536 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@228fec4c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 09:56:12, skipping insertion in model container [2024-10-31 21:56:12,536 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 09:56:11" (2/3) ... [2024-10-31 21:56:12,537 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@228fec4c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 09:56:12, skipping insertion in model container [2024-10-31 21:56:12,537 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 09:56:12" (3/3) ... [2024-10-31 21:56:12,539 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product48.cil.c [2024-10-31 21:56:12,561 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-31 21:56:12,561 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-31 21:56:12,657 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-31 21:56:12,668 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7d4400f0, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-31 21:56:12,671 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-31 21:56:12,676 INFO L276 IsEmpty]: Start isEmpty. Operand has 106 states, 79 states have (on average 1.3544303797468353) internal successors, (107), 88 states have internal predecessors, (107), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) [2024-10-31 21:56:12,691 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-10-31 21:56:12,691 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:12,692 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:12,693 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:12,700 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:12,701 INFO L85 PathProgramCache]: Analyzing trace with hash -484637396, now seen corresponding path program 1 times [2024-10-31 21:56:12,712 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:12,713 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1113448485] [2024-10-31 21:56:12,714 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:12,714 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:12,873 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:12,982 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 21:56:12,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:12,997 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-31 21:56:13,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:13,012 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:13,013 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:13,014 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1113448485] [2024-10-31 21:56:13,014 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1113448485] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:13,019 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:13,019 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-31 21:56:13,021 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1874151154] [2024-10-31 21:56:13,022 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:13,033 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-31 21:56:13,033 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:13,086 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-31 21:56:13,087 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 21:56:13,094 INFO L87 Difference]: Start difference. First operand has 106 states, 79 states have (on average 1.3544303797468353) internal successors, (107), 88 states have internal predecessors, (107), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 21:56:13,152 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:13,153 INFO L93 Difference]: Finished difference Result 203 states and 272 transitions. [2024-10-31 21:56:13,155 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-31 21:56:13,156 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-10-31 21:56:13,157 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:13,170 INFO L225 Difference]: With dead ends: 203 [2024-10-31 21:56:13,170 INFO L226 Difference]: Without dead ends: 97 [2024-10-31 21:56:13,175 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 21:56:13,179 INFO L432 NwaCegarLoop]: 133 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 133 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:13,180 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 133 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 21:56:13,203 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2024-10-31 21:56:13,236 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 97. [2024-10-31 21:56:13,239 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 72 states have (on average 1.2916666666666667) internal successors, (93), 80 states have internal predecessors, (93), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 12 states have call predecessors, (15), 15 states have call successors, (15) [2024-10-31 21:56:13,242 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 124 transitions. [2024-10-31 21:56:13,246 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 124 transitions. Word has length 32 [2024-10-31 21:56:13,248 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:13,248 INFO L471 AbstractCegarLoop]: Abstraction has 97 states and 124 transitions. [2024-10-31 21:56:13,249 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 21:56:13,249 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 124 transitions. [2024-10-31 21:56:13,252 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-10-31 21:56:13,255 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:13,256 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:13,256 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-31 21:56:13,257 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:13,258 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:13,258 INFO L85 PathProgramCache]: Analyzing trace with hash -1885221865, now seen corresponding path program 1 times [2024-10-31 21:56:13,258 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:13,259 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1676769254] [2024-10-31 21:56:13,259 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:13,260 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:13,293 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:13,420 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-31 21:56:13,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:13,430 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-10-31 21:56:13,434 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:13,437 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:13,438 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:13,438 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1676769254] [2024-10-31 21:56:13,438 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1676769254] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:13,439 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:13,439 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 21:56:13,439 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1241318387] [2024-10-31 21:56:13,439 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:13,441 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 21:56:13,441 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:13,442 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 21:56:13,442 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:56:13,443 INFO L87 Difference]: Start difference. First operand 97 states and 124 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 21:56:13,463 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:13,463 INFO L93 Difference]: Finished difference Result 154 states and 196 transitions. [2024-10-31 21:56:13,464 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 21:56:13,464 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-10-31 21:56:13,464 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:13,466 INFO L225 Difference]: With dead ends: 154 [2024-10-31 21:56:13,466 INFO L226 Difference]: Without dead ends: 88 [2024-10-31 21:56:13,467 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:56:13,468 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 17 mSDsluCounter, 89 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 200 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:13,469 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 200 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 21:56:13,470 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2024-10-31 21:56:13,479 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2024-10-31 21:56:13,479 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 66 states have (on average 1.303030303030303) internal successors, (86), 74 states have internal predecessors, (86), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-31 21:56:13,481 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 112 transitions. [2024-10-31 21:56:13,481 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 112 transitions. Word has length 33 [2024-10-31 21:56:13,481 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:13,482 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 112 transitions. [2024-10-31 21:56:13,482 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 21:56:13,482 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 112 transitions. [2024-10-31 21:56:13,484 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-31 21:56:13,484 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:13,484 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:13,484 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-31 21:56:13,485 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:13,485 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:13,485 INFO L85 PathProgramCache]: Analyzing trace with hash 2024045384, now seen corresponding path program 1 times [2024-10-31 21:56:13,486 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:13,486 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [733791035] [2024-10-31 21:56:13,486 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:13,486 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:13,517 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:13,639 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 21:56:13,641 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:13,645 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-10-31 21:56:13,647 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:13,649 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:13,650 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:13,650 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [733791035] [2024-10-31 21:56:13,650 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [733791035] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:13,650 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:13,650 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 21:56:13,651 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1622129679] [2024-10-31 21:56:13,651 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:13,651 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 21:56:13,651 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:13,652 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 21:56:13,652 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:56:13,652 INFO L87 Difference]: Start difference. First operand 88 states and 112 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 21:56:13,721 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:13,721 INFO L93 Difference]: Finished difference Result 246 states and 319 transitions. [2024-10-31 21:56:13,729 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 21:56:13,730 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-10-31 21:56:13,730 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:13,732 INFO L225 Difference]: With dead ends: 246 [2024-10-31 21:56:13,733 INFO L226 Difference]: Without dead ends: 166 [2024-10-31 21:56:13,740 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 21:56:13,741 INFO L432 NwaCegarLoop]: 127 mSDtfsCounter, 100 mSDsluCounter, 99 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 226 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:13,742 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 226 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 21:56:13,749 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 166 states. [2024-10-31 21:56:13,816 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 166 to 163. [2024-10-31 21:56:13,817 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 163 states, 120 states have (on average 1.325) internal successors, (159), 135 states have internal predecessors, (159), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 19 states have call predecessors, (26), 26 states have call successors, (26) [2024-10-31 21:56:13,826 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 163 states to 163 states and 211 transitions. [2024-10-31 21:56:13,826 INFO L78 Accepts]: Start accepts. Automaton has 163 states and 211 transitions. Word has length 38 [2024-10-31 21:56:13,827 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:13,827 INFO L471 AbstractCegarLoop]: Abstraction has 163 states and 211 transitions. [2024-10-31 21:56:13,827 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 21:56:13,828 INFO L276 IsEmpty]: Start isEmpty. Operand 163 states and 211 transitions. [2024-10-31 21:56:13,832 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-10-31 21:56:13,833 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:13,833 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:13,833 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-31 21:56:13,833 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:13,835 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:13,835 INFO L85 PathProgramCache]: Analyzing trace with hash 1147378310, now seen corresponding path program 1 times [2024-10-31 21:56:13,835 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:13,836 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2136266510] [2024-10-31 21:56:13,836 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:13,836 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:13,873 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:14,062 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-31 21:56:14,064 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:14,069 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-31 21:56:14,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:14,105 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-31 21:56:14,106 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:14,106 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2136266510] [2024-10-31 21:56:14,106 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2136266510] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:14,106 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:14,106 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 21:56:14,107 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [246126904] [2024-10-31 21:56:14,107 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:14,107 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 21:56:14,107 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:14,110 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 21:56:14,110 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 21:56:14,110 INFO L87 Difference]: Start difference. First operand 163 states and 211 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 21:56:14,369 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:14,370 INFO L93 Difference]: Finished difference Result 419 states and 550 transitions. [2024-10-31 21:56:14,371 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 21:56:14,371 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-10-31 21:56:14,372 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:14,374 INFO L225 Difference]: With dead ends: 419 [2024-10-31 21:56:14,378 INFO L226 Difference]: Without dead ends: 264 [2024-10-31 21:56:14,380 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-31 21:56:14,383 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 81 mSDsluCounter, 359 mSDsCounter, 0 mSdLazyCounter, 70 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 83 SdHoareTripleChecker+Valid, 468 SdHoareTripleChecker+Invalid, 79 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 70 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:14,383 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [83 Valid, 468 Invalid, 79 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 70 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 21:56:14,388 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 264 states. [2024-10-31 21:56:14,426 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 264 to 263. [2024-10-31 21:56:14,429 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 263 states, 196 states have (on average 1.2755102040816326) internal successors, (250), 213 states have internal predecessors, (250), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (44), 33 states have call predecessors, (44), 36 states have call successors, (44) [2024-10-31 21:56:14,431 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 263 states to 263 states and 330 transitions. [2024-10-31 21:56:14,432 INFO L78 Accepts]: Start accepts. Automaton has 263 states and 330 transitions. Word has length 41 [2024-10-31 21:56:14,436 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:14,436 INFO L471 AbstractCegarLoop]: Abstraction has 263 states and 330 transitions. [2024-10-31 21:56:14,437 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 21:56:14,437 INFO L276 IsEmpty]: Start isEmpty. Operand 263 states and 330 transitions. [2024-10-31 21:56:14,440 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-10-31 21:56:14,440 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:14,441 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:14,441 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-31 21:56:14,442 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:14,442 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:14,442 INFO L85 PathProgramCache]: Analyzing trace with hash 1864989139, now seen corresponding path program 1 times [2024-10-31 21:56:14,443 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:14,443 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [18074975] [2024-10-31 21:56:14,443 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:14,443 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:14,469 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:14,616 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 21:56:14,618 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:14,623 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 21:56:14,629 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:14,695 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:56:14,698 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:14,703 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-10-31 21:56:14,706 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:14,710 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:14,711 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:14,712 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [18074975] [2024-10-31 21:56:14,712 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [18074975] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:14,712 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:14,712 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 21:56:14,713 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [408955144] [2024-10-31 21:56:14,714 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:14,715 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 21:56:14,715 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:14,716 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 21:56:14,716 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 21:56:14,716 INFO L87 Difference]: Start difference. First operand 263 states and 330 transitions. Second operand has 6 states, 6 states have (on average 8.166666666666666) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 21:56:14,981 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:14,981 INFO L93 Difference]: Finished difference Result 572 states and 735 transitions. [2024-10-31 21:56:14,982 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-31 21:56:14,983 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.166666666666666) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 60 [2024-10-31 21:56:14,985 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:14,988 INFO L225 Difference]: With dead ends: 572 [2024-10-31 21:56:14,990 INFO L226 Difference]: Without dead ends: 317 [2024-10-31 21:56:14,991 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-31 21:56:14,992 INFO L432 NwaCegarLoop]: 90 mSDtfsCounter, 59 mSDsluCounter, 298 mSDsCounter, 0 mSdLazyCounter, 140 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 388 SdHoareTripleChecker+Invalid, 155 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 140 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:14,996 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 388 Invalid, 155 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 21:56:14,998 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 317 states. [2024-10-31 21:56:15,066 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 317 to 315. [2024-10-31 21:56:15,067 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 315 states, 238 states have (on average 1.2605042016806722) internal successors, (300), 255 states have internal predecessors, (300), 40 states have call successors, (40), 30 states have call predecessors, (40), 36 states have return successors, (54), 41 states have call predecessors, (54), 40 states have call successors, (54) [2024-10-31 21:56:15,070 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 315 states to 315 states and 394 transitions. [2024-10-31 21:56:15,071 INFO L78 Accepts]: Start accepts. Automaton has 315 states and 394 transitions. Word has length 60 [2024-10-31 21:56:15,072 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:15,072 INFO L471 AbstractCegarLoop]: Abstraction has 315 states and 394 transitions. [2024-10-31 21:56:15,073 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.166666666666666) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 21:56:15,073 INFO L276 IsEmpty]: Start isEmpty. Operand 315 states and 394 transitions. [2024-10-31 21:56:15,079 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-10-31 21:56:15,079 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:15,079 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:15,079 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-31 21:56:15,080 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:15,080 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:15,080 INFO L85 PathProgramCache]: Analyzing trace with hash -506750123, now seen corresponding path program 1 times [2024-10-31 21:56:15,080 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:15,081 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [605358631] [2024-10-31 21:56:15,081 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:15,081 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:15,117 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,200 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 21:56:15,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,206 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 21:56:15,212 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,261 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:56:15,263 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,265 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-10-31 21:56:15,267 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,269 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:15,269 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:15,269 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [605358631] [2024-10-31 21:56:15,270 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [605358631] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:15,270 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:15,270 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 21:56:15,270 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [23275820] [2024-10-31 21:56:15,270 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:15,271 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 21:56:15,271 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:15,271 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 21:56:15,272 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 21:56:15,272 INFO L87 Difference]: Start difference. First operand 315 states and 394 transitions. Second operand has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 21:56:15,472 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:15,472 INFO L93 Difference]: Finished difference Result 628 states and 803 transitions. [2024-10-31 21:56:15,473 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-31 21:56:15,473 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 60 [2024-10-31 21:56:15,473 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:15,476 INFO L225 Difference]: With dead ends: 628 [2024-10-31 21:56:15,476 INFO L226 Difference]: Without dead ends: 321 [2024-10-31 21:56:15,480 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-31 21:56:15,481 INFO L432 NwaCegarLoop]: 91 mSDtfsCounter, 58 mSDsluCounter, 213 mSDsCounter, 0 mSdLazyCounter, 105 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 64 SdHoareTripleChecker+Valid, 304 SdHoareTripleChecker+Invalid, 120 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 105 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:15,481 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [64 Valid, 304 Invalid, 120 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 105 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-31 21:56:15,482 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 321 states. [2024-10-31 21:56:15,513 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 321 to 319. [2024-10-31 21:56:15,514 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 319 states, 242 states have (on average 1.256198347107438) internal successors, (304), 259 states have internal predecessors, (304), 40 states have call successors, (40), 30 states have call predecessors, (40), 36 states have return successors, (54), 41 states have call predecessors, (54), 40 states have call successors, (54) [2024-10-31 21:56:15,519 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 319 states to 319 states and 398 transitions. [2024-10-31 21:56:15,520 INFO L78 Accepts]: Start accepts. Automaton has 319 states and 398 transitions. Word has length 60 [2024-10-31 21:56:15,521 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:15,522 INFO L471 AbstractCegarLoop]: Abstraction has 319 states and 398 transitions. [2024-10-31 21:56:15,522 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 21:56:15,523 INFO L276 IsEmpty]: Start isEmpty. Operand 319 states and 398 transitions. [2024-10-31 21:56:15,524 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-10-31 21:56:15,524 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:15,524 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:15,526 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-31 21:56:15,526 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:15,527 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:15,527 INFO L85 PathProgramCache]: Analyzing trace with hash 879453271, now seen corresponding path program 1 times [2024-10-31 21:56:15,527 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:15,527 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1759504310] [2024-10-31 21:56:15,528 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:15,528 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:15,555 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,629 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 21:56:15,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,638 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 21:56:15,645 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,666 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:56:15,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,671 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-10-31 21:56:15,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:15,674 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:15,674 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:15,674 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1759504310] [2024-10-31 21:56:15,674 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1759504310] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:15,675 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:15,675 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 21:56:15,675 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [12924853] [2024-10-31 21:56:15,675 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:15,675 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 21:56:15,676 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:15,676 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 21:56:15,676 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 21:56:15,677 INFO L87 Difference]: Start difference. First operand 319 states and 398 transitions. Second operand has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 21:56:16,031 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:16,031 INFO L93 Difference]: Finished difference Result 905 states and 1172 transitions. [2024-10-31 21:56:16,032 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 21:56:16,032 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 60 [2024-10-31 21:56:16,033 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:16,037 INFO L225 Difference]: With dead ends: 905 [2024-10-31 21:56:16,038 INFO L226 Difference]: Without dead ends: 594 [2024-10-31 21:56:16,039 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-31 21:56:16,040 INFO L432 NwaCegarLoop]: 136 mSDtfsCounter, 236 mSDsluCounter, 186 mSDsCounter, 0 mSdLazyCounter, 148 mSolverCounterSat, 69 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 244 SdHoareTripleChecker+Valid, 322 SdHoareTripleChecker+Invalid, 217 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 69 IncrementalHoareTripleChecker+Valid, 148 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:16,042 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [244 Valid, 322 Invalid, 217 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [69 Valid, 148 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-31 21:56:16,044 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 594 states. [2024-10-31 21:56:16,100 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 594 to 587. [2024-10-31 21:56:16,101 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 587 states, 444 states have (on average 1.2274774774774775) internal successors, (545), 470 states have internal predecessors, (545), 77 states have call successors, (77), 63 states have call predecessors, (77), 65 states have return successors, (115), 76 states have call predecessors, (115), 77 states have call successors, (115) [2024-10-31 21:56:16,105 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 587 states to 587 states and 737 transitions. [2024-10-31 21:56:16,105 INFO L78 Accepts]: Start accepts. Automaton has 587 states and 737 transitions. Word has length 60 [2024-10-31 21:56:16,106 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:16,106 INFO L471 AbstractCegarLoop]: Abstraction has 587 states and 737 transitions. [2024-10-31 21:56:16,106 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 21:56:16,106 INFO L276 IsEmpty]: Start isEmpty. Operand 587 states and 737 transitions. [2024-10-31 21:56:16,108 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2024-10-31 21:56:16,108 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:16,108 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:16,108 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-31 21:56:16,109 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:16,109 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:16,109 INFO L85 PathProgramCache]: Analyzing trace with hash -269338319, now seen corresponding path program 1 times [2024-10-31 21:56:16,109 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:16,110 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1950907025] [2024-10-31 21:56:16,110 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:16,110 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:16,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:16,323 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 21:56:16,325 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:16,339 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 21:56:16,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:16,356 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-10-31 21:56:16,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:16,386 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:56:16,387 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:16,391 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2024-10-31 21:56:16,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:16,395 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 21:56:16,396 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:16,396 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1950907025] [2024-10-31 21:56:16,396 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1950907025] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:16,396 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:16,396 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-10-31 21:56:16,397 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1289090088] [2024-10-31 21:56:16,397 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:16,398 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-10-31 21:56:16,398 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:16,399 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-10-31 21:56:16,399 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-10-31 21:56:16,399 INFO L87 Difference]: Start difference. First operand 587 states and 737 transitions. Second operand has 10 states, 10 states have (on average 5.1) internal successors, (51), 8 states have internal predecessors, (51), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-31 21:56:17,522 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:17,522 INFO L93 Difference]: Finished difference Result 1552 states and 2051 transitions. [2024-10-31 21:56:17,523 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-10-31 21:56:17,523 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 5.1) internal successors, (51), 8 states have internal predecessors, (51), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) Word has length 64 [2024-10-31 21:56:17,523 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:17,529 INFO L225 Difference]: With dead ends: 1552 [2024-10-31 21:56:17,530 INFO L226 Difference]: Without dead ends: 1077 [2024-10-31 21:56:17,532 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 38 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 148 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=170, Invalid=532, Unknown=0, NotChecked=0, Total=702 [2024-10-31 21:56:17,533 INFO L432 NwaCegarLoop]: 105 mSDtfsCounter, 590 mSDsluCounter, 427 mSDsCounter, 0 mSdLazyCounter, 506 mSolverCounterSat, 193 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 598 SdHoareTripleChecker+Valid, 532 SdHoareTripleChecker+Invalid, 699 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 193 IncrementalHoareTripleChecker+Valid, 506 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:17,534 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [598 Valid, 532 Invalid, 699 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [193 Valid, 506 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-10-31 21:56:17,535 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1077 states. [2024-10-31 21:56:17,655 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1077 to 993. [2024-10-31 21:56:17,657 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 993 states, 747 states have (on average 1.2248995983935742) internal successors, (915), 797 states have internal predecessors, (915), 132 states have call successors, (132), 100 states have call predecessors, (132), 113 states have return successors, (202), 129 states have call predecessors, (202), 132 states have call successors, (202) [2024-10-31 21:56:17,663 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 993 states to 993 states and 1249 transitions. [2024-10-31 21:56:17,665 INFO L78 Accepts]: Start accepts. Automaton has 993 states and 1249 transitions. Word has length 64 [2024-10-31 21:56:17,665 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:17,665 INFO L471 AbstractCegarLoop]: Abstraction has 993 states and 1249 transitions. [2024-10-31 21:56:17,665 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 5.1) internal successors, (51), 8 states have internal predecessors, (51), 4 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-31 21:56:17,666 INFO L276 IsEmpty]: Start isEmpty. Operand 993 states and 1249 transitions. [2024-10-31 21:56:17,668 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 95 [2024-10-31 21:56:17,668 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:17,668 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:17,668 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-31 21:56:17,669 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:17,669 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:17,669 INFO L85 PathProgramCache]: Analyzing trace with hash -1122798217, now seen corresponding path program 1 times [2024-10-31 21:56:17,669 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:17,669 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1114480528] [2024-10-31 21:56:17,669 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:17,670 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:17,689 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:17,739 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 21:56:17,740 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:17,753 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-31 21:56:17,761 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:17,795 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:56:17,797 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:17,806 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-31 21:56:17,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:17,819 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:56:17,824 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:17,826 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2024-10-31 21:56:17,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:17,832 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 86 [2024-10-31 21:56:17,837 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:17,838 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-10-31 21:56:17,839 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:17,839 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1114480528] [2024-10-31 21:56:17,839 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1114480528] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 21:56:17,839 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 21:56:17,839 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-31 21:56:17,839 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [957617492] [2024-10-31 21:56:17,839 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 21:56:17,843 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-31 21:56:17,843 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:17,844 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-31 21:56:17,844 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-31 21:56:17,844 INFO L87 Difference]: Start difference. First operand 993 states and 1249 transitions. Second operand has 7 states, 7 states have (on average 10.714285714285714) internal successors, (75), 4 states have internal predecessors, (75), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-10-31 21:56:18,408 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:18,408 INFO L93 Difference]: Finished difference Result 1690 states and 2117 transitions. [2024-10-31 21:56:18,408 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-31 21:56:18,409 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.714285714285714) internal successors, (75), 4 states have internal predecessors, (75), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 94 [2024-10-31 21:56:18,409 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:18,414 INFO L225 Difference]: With dead ends: 1690 [2024-10-31 21:56:18,414 INFO L226 Difference]: Without dead ends: 705 [2024-10-31 21:56:18,417 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 19 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-10-31 21:56:18,420 INFO L432 NwaCegarLoop]: 110 mSDtfsCounter, 294 mSDsluCounter, 212 mSDsCounter, 0 mSdLazyCounter, 256 mSolverCounterSat, 87 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 303 SdHoareTripleChecker+Valid, 322 SdHoareTripleChecker+Invalid, 343 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 87 IncrementalHoareTripleChecker+Valid, 256 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:18,420 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [303 Valid, 322 Invalid, 343 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [87 Valid, 256 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-31 21:56:18,422 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 705 states. [2024-10-31 21:56:18,507 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 705 to 610. [2024-10-31 21:56:18,508 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 610 states, 463 states have (on average 1.205183585313175) internal successors, (558), 494 states have internal predecessors, (558), 79 states have call successors, (79), 60 states have call predecessors, (79), 67 states have return successors, (112), 77 states have call predecessors, (112), 79 states have call successors, (112) [2024-10-31 21:56:18,511 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 610 states to 610 states and 749 transitions. [2024-10-31 21:56:18,513 INFO L78 Accepts]: Start accepts. Automaton has 610 states and 749 transitions. Word has length 94 [2024-10-31 21:56:18,513 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:18,513 INFO L471 AbstractCegarLoop]: Abstraction has 610 states and 749 transitions. [2024-10-31 21:56:18,513 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.714285714285714) internal successors, (75), 4 states have internal predecessors, (75), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-10-31 21:56:18,514 INFO L276 IsEmpty]: Start isEmpty. Operand 610 states and 749 transitions. [2024-10-31 21:56:18,519 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 109 [2024-10-31 21:56:18,519 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 21:56:18,519 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:18,519 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-31 21:56:18,519 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 21:56:18,520 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 21:56:18,520 INFO L85 PathProgramCache]: Analyzing trace with hash 1748536662, now seen corresponding path program 1 times [2024-10-31 21:56:18,520 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 21:56:18,520 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [611145899] [2024-10-31 21:56:18,520 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:18,520 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 21:56:18,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,682 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 21:56:18,684 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,699 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-31 21:56:18,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,733 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 21:56:18,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,747 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-31 21:56:18,782 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,795 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 21:56:18,797 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,798 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2024-10-31 21:56:18,801 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,818 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2024-10-31 21:56:18,819 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,822 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2024-10-31 21:56:18,825 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,827 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 21:56:18,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,828 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 100 [2024-10-31 21:56:18,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,832 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 16 proven. 11 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2024-10-31 21:56:18,833 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 21:56:18,833 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [611145899] [2024-10-31 21:56:18,834 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [611145899] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 21:56:18,834 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1116690243] [2024-10-31 21:56:18,834 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 21:56:18,834 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 21:56:18,834 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 21:56:18,837 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 21:56:18,839 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-31 21:56:18,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 21:56:18,966 INFO L255 TraceCheckSpWp]: Trace formula consists of 347 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-10-31 21:56:18,978 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 21:56:19,270 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 29 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 21:56:19,270 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-31 21:56:19,577 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2024-10-31 21:56:19,577 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1116690243] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-31 21:56:19,577 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-31 21:56:19,578 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-31 21:56:19,578 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [878736309] [2024-10-31 21:56:19,578 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-31 21:56:19,579 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-31 21:56:19,579 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 21:56:19,579 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-31 21:56:19,579 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-31 21:56:19,581 INFO L87 Difference]: Start difference. First operand 610 states and 749 transitions. Second operand has 15 states, 15 states have (on average 8.333333333333334) internal successors, (125), 10 states have internal predecessors, (125), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-31 21:56:21,157 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 21:56:21,158 INFO L93 Difference]: Finished difference Result 1333 states and 1682 transitions. [2024-10-31 21:56:21,159 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-10-31 21:56:21,159 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 8.333333333333334) internal successors, (125), 10 states have internal predecessors, (125), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) Word has length 108 [2024-10-31 21:56:21,160 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 21:56:21,161 INFO L225 Difference]: With dead ends: 1333 [2024-10-31 21:56:21,161 INFO L226 Difference]: Without dead ends: 0 [2024-10-31 21:56:21,166 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 289 GetRequests, 240 SyntacticMatches, 4 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 583 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=451, Invalid=1711, Unknown=0, NotChecked=0, Total=2162 [2024-10-31 21:56:21,167 INFO L432 NwaCegarLoop]: 176 mSDtfsCounter, 541 mSDsluCounter, 877 mSDsCounter, 0 mSdLazyCounter, 920 mSolverCounterSat, 214 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 549 SdHoareTripleChecker+Valid, 1053 SdHoareTripleChecker+Invalid, 1134 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 214 IncrementalHoareTripleChecker+Valid, 920 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2024-10-31 21:56:21,167 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [549 Valid, 1053 Invalid, 1134 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [214 Valid, 920 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2024-10-31 21:56:21,168 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-31 21:56:21,169 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-31 21:56:21,169 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-31 21:56:21,170 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-31 21:56:21,170 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 108 [2024-10-31 21:56:21,171 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 21:56:21,171 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-31 21:56:21,171 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 8.333333333333334) internal successors, (125), 10 states have internal predecessors, (125), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-31 21:56:21,171 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-31 21:56:21,171 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-31 21:56:21,174 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-31 21:56:21,198 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-31 21:56:21,375 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-31 21:56:21,378 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 21:56:21,380 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-31 21:56:27,389 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-10-31 21:56:27,410 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 |old(~pumpRunning~0)|))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse0 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-31 21:56:27,449 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-31 21:56:27,472 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-31 21:56:27,489 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-31 21:56:27,518 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 31.10 09:56:27 BoogieIcfgContainer [2024-10-31 21:56:27,518 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-31 21:56:27,519 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-31 21:56:27,519 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-31 21:56:27,519 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-31 21:56:27,520 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 09:56:12" (3/4) ... [2024-10-31 21:56:27,525 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-10-31 21:56:27,529 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-31 21:56:27,529 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-31 21:56:27,530 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-31 21:56:27,530 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-31 21:56:27,530 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-31 21:56:27,530 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-31 21:56:27,530 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-10-31 21:56:27,530 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-31 21:56:27,530 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-10-31 21:56:27,539 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 20 nodes and edges [2024-10-31 21:56:27,540 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-10-31 21:56:27,540 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-31 21:56:27,541 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 21:56:27,541 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 21:56:27,671 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/witness.graphml [2024-10-31 21:56:27,671 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/witness.yml [2024-10-31 21:56:27,671 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-31 21:56:27,672 INFO L158 Benchmark]: Toolchain (without parser) took 16607.68ms. Allocated memory was 123.7MB in the beginning and 249.6MB in the end (delta: 125.8MB). Free memory was 85.4MB in the beginning and 105.9MB in the end (delta: -20.5MB). Peak memory consumption was 108.1MB. Max. memory is 16.1GB. [2024-10-31 21:56:27,672 INFO L158 Benchmark]: CDTParser took 0.33ms. Allocated memory is still 123.7MB. Free memory is still 67.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-31 21:56:27,673 INFO L158 Benchmark]: CACSL2BoogieTranslator took 641.72ms. Allocated memory is still 123.7MB. Free memory was 85.4MB in the beginning and 63.7MB in the end (delta: 21.7MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-31 21:56:27,673 INFO L158 Benchmark]: Boogie Procedure Inliner took 55.05ms. Allocated memory is still 123.7MB. Free memory was 63.7MB in the beginning and 61.3MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 21:56:27,674 INFO L158 Benchmark]: Boogie Preprocessor took 65.04ms. Allocated memory is still 123.7MB. Free memory was 61.3MB in the beginning and 58.9MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 21:56:27,674 INFO L158 Benchmark]: RCFGBuilder took 695.62ms. Allocated memory was 123.7MB in the beginning and 172.0MB in the end (delta: 48.2MB). Free memory was 58.9MB in the beginning and 134.8MB in the end (delta: -75.9MB). Peak memory consumption was 16.0MB. Max. memory is 16.1GB. [2024-10-31 21:56:27,674 INFO L158 Benchmark]: TraceAbstraction took 14988.11ms. Allocated memory was 172.0MB in the beginning and 249.6MB in the end (delta: 77.6MB). Free memory was 134.1MB in the beginning and 114.3MB in the end (delta: 19.8MB). Peak memory consumption was 136.8MB. Max. memory is 16.1GB. [2024-10-31 21:56:27,675 INFO L158 Benchmark]: Witness Printer took 152.67ms. Allocated memory is still 249.6MB. Free memory was 114.3MB in the beginning and 105.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-31 21:56:27,677 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.33ms. Allocated memory is still 123.7MB. Free memory is still 67.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 641.72ms. Allocated memory is still 123.7MB. Free memory was 85.4MB in the beginning and 63.7MB in the end (delta: 21.7MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 55.05ms. Allocated memory is still 123.7MB. Free memory was 63.7MB in the beginning and 61.3MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 65.04ms. Allocated memory is still 123.7MB. Free memory was 61.3MB in the beginning and 58.9MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 695.62ms. Allocated memory was 123.7MB in the beginning and 172.0MB in the end (delta: 48.2MB). Free memory was 58.9MB in the beginning and 134.8MB in the end (delta: -75.9MB). Peak memory consumption was 16.0MB. Max. memory is 16.1GB. * TraceAbstraction took 14988.11ms. Allocated memory was 172.0MB in the beginning and 249.6MB in the end (delta: 77.6MB). Free memory was 134.1MB in the beginning and 114.3MB in the end (delta: 19.8MB). Peak memory consumption was 136.8MB. Max. memory is 16.1GB. * Witness Printer took 152.67ms. Allocated memory is still 249.6MB. Free memory was 114.3MB in the beginning and 105.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [415] - GenericResultAtLocation [Line: 424]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [424] - GenericResultAtLocation [Line: 499]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [499] - GenericResultAtLocation [Line: 730]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [730] - GenericResultAtLocation [Line: 825]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [825] - GenericResultAtLocation [Line: 926]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [926] - GenericResultAtLocation [Line: 975]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [975] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 420]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 106 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 8.8s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 4.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2027 SdHoareTripleChecker+Valid, 2.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1976 mSDsluCounter, 3948 SdHoareTripleChecker+Invalid, 2.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2760 mSDsCounter, 603 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2150 IncrementalHoareTripleChecker+Invalid, 2753 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 603 mSolverCounterUnsat, 1188 mSDtfsCounter, 2150 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 439 GetRequests, 327 SyntacticMatches, 4 SemanticMatches, 108 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 763 ImplicationChecksByTransitivity, 1.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=993occurred in iteration=8, InterpolantAutomatonStates: 105, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 10 MinimizatonAttempts, 194 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.5s InterpolantComputationTime, 698 NumberOfCodeBlocks, 698 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 794 ConstructedInterpolants, 0 QuantifiedInterpolants, 1418 SizeOfPredicates, 2 NumberOfNonLiveVariables, 347 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 138/166 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 440]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 837]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 441]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - ProcedureContractResult [Line: 624]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) Ensures: (((pumpRunning == 0) && ((((2 == waterLevel) && (1 == systemActive)) && (1 <= \old(pumpRunning))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && ((((((head == \old(head)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 540]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 758]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && ((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 827]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 513]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((((\old(pumpRunning) == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && ((((head == \old(head)) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 746]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && ((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 548]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && ((((((head == \old(head)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 643]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && (pumpRunning == \result)) && (((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 632]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) RESULT: Ultimate proved your program to be correct! [2024-10-31 21:56:27,719 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3a0ffc92-c87e-4b5c-a8f6-2801015dcec8/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE