./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4fc63b2a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 9e826f48819dedbf1a290c3ced69eb835c065ed69febc6d0054f416e73afcb1c --- Real Ultimate output --- This is Ultimate 0.2.5-dev-4fc63b2 [2024-10-31 21:59:57,689 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-31 21:59:57,782 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-31 21:59:57,789 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-31 21:59:57,790 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-31 21:59:57,826 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-31 21:59:57,826 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-31 21:59:57,827 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-31 21:59:57,827 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-31 21:59:57,828 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-31 21:59:57,829 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-31 21:59:57,829 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-31 21:59:57,831 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-31 21:59:57,831 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-31 21:59:57,832 INFO L153 SettingsManager]: * Use SBE=true [2024-10-31 21:59:57,832 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-31 21:59:57,832 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-31 21:59:57,833 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-31 21:59:57,833 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-31 21:59:57,833 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-31 21:59:57,834 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-31 21:59:57,838 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-31 21:59:57,838 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-31 21:59:57,838 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-31 21:59:57,839 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-31 21:59:57,839 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-31 21:59:57,839 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-31 21:59:57,839 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-31 21:59:57,840 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-31 21:59:57,840 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-31 21:59:57,840 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-31 21:59:57,840 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-31 21:59:57,841 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 21:59:57,842 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-31 21:59:57,842 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-31 21:59:57,843 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-31 21:59:57,843 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-31 21:59:57,843 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-31 21:59:57,843 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-31 21:59:57,843 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-31 21:59:57,844 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-31 21:59:57,844 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-31 21:59:57,844 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 9e826f48819dedbf1a290c3ced69eb835c065ed69febc6d0054f416e73afcb1c [2024-10-31 21:59:58,132 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-31 21:59:58,173 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-31 21:59:58,176 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-31 21:59:58,177 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-31 21:59:58,177 INFO L274 PluginConnector]: CDTParser initialized [2024-10-31 21:59:58,179 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/../../sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c Unable to find full path for "g++" [2024-10-31 22:00:00,215 INFO L533 CDTParser]: Created temporary CDT project at NULL Unable to find full path for "g++" [2024-10-31 22:00:01,644 INFO L384 CDTParser]: Found 1 translation units. [2024-10-31 22:00:01,644 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c [2024-10-31 22:00:01,666 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/data/12a413b8b/2adde95f2e1e499dae2f06b4a6d7f07f/FLAGda1a05456 [2024-10-31 22:00:01,963 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/data/12a413b8b/2adde95f2e1e499dae2f06b4a6d7f07f [2024-10-31 22:00:01,966 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-31 22:00:01,968 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-31 22:00:01,969 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-31 22:00:01,969 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-31 22:00:01,977 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-31 22:00:01,978 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 10:00:01" (1/1) ... [2024-10-31 22:00:01,979 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@48d99c67 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:01, skipping insertion in model container [2024-10-31 22:00:01,980 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 10:00:01" (1/1) ... [2024-10-31 22:00:02,047 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-31 22:00:02,345 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c[13125,13138] [2024-10-31 22:00:02,382 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 22:00:02,394 INFO L200 MainTranslator]: Completed pre-run [2024-10-31 22:00:02,405 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-10-31 22:00:02,407 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] [2024-10-31 22:00:02,407 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [521] [2024-10-31 22:00:02,407 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [556] [2024-10-31 22:00:02,408 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [565] [2024-10-31 22:00:02,408 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [633] [2024-10-31 22:00:02,408 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [742] [2024-10-31 22:00:02,408 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [988] [2024-10-31 22:00:02,481 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/sv-benchmarks/c/product-lines/minepump_spec5_product55.cil.c[13125,13138] [2024-10-31 22:00:02,503 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 22:00:02,528 INFO L204 MainTranslator]: Completed translation [2024-10-31 22:00:02,528 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02 WrapperNode [2024-10-31 22:00:02,528 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-31 22:00:02,530 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-31 22:00:02,530 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-31 22:00:02,530 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-31 22:00:02,537 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,550 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,587 INFO L138 Inliner]: procedures = 59, calls = 107, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 238 [2024-10-31 22:00:02,587 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-31 22:00:02,588 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-31 22:00:02,588 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-31 22:00:02,588 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-31 22:00:02,601 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,601 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,605 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,628 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-31 22:00:02,628 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,628 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,634 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,642 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,644 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,646 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,649 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-31 22:00:02,670 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-31 22:00:02,670 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-31 22:00:02,670 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-31 22:00:02,671 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (1/1) ... [2024-10-31 22:00:02,679 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 22:00:02,693 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:00:02,710 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-31 22:00:02,715 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-31 22:00:02,750 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-31 22:00:02,750 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-31 22:00:02,751 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-31 22:00:02,751 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-31 22:00:02,751 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-31 22:00:02,751 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-31 22:00:02,751 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-31 22:00:02,751 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 22:00:02,751 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 22:00:02,751 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-31 22:00:02,752 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-31 22:00:02,752 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-10-31 22:00:02,752 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-10-31 22:00:02,752 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-31 22:00:02,752 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-31 22:00:02,752 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-31 22:00:02,752 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-31 22:00:02,752 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-31 22:00:02,753 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-31 22:00:02,753 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-31 22:00:02,753 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-31 22:00:02,754 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-31 22:00:02,866 INFO L238 CfgBuilder]: Building ICFG [2024-10-31 22:00:02,871 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-31 22:00:03,237 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-10-31 22:00:03,237 INFO L287 CfgBuilder]: Performing block encoding [2024-10-31 22:00:03,256 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-31 22:00:03,257 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-31 22:00:03,257 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:00:03 BoogieIcfgContainer [2024-10-31 22:00:03,257 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-31 22:00:03,259 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-31 22:00:03,260 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-31 22:00:03,263 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-31 22:00:03,264 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 31.10 10:00:01" (1/3) ... [2024-10-31 22:00:03,264 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@e4a91d4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 10:00:03, skipping insertion in model container [2024-10-31 22:00:03,265 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:00:02" (2/3) ... [2024-10-31 22:00:03,265 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@e4a91d4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 10:00:03, skipping insertion in model container [2024-10-31 22:00:03,265 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:00:03" (3/3) ... [2024-10-31 22:00:03,267 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product55.cil.c [2024-10-31 22:00:03,287 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-31 22:00:03,287 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-31 22:00:03,395 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-31 22:00:03,403 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@1c119ac0, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-31 22:00:03,403 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-31 22:00:03,408 INFO L276 IsEmpty]: Start isEmpty. Operand has 109 states, 81 states have (on average 1.3703703703703705) internal successors, (111), 92 states have internal predecessors, (111), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-10-31 22:00:03,425 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-10-31 22:00:03,425 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:03,426 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:03,426 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:03,432 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:03,432 INFO L85 PathProgramCache]: Analyzing trace with hash 158818465, now seen corresponding path program 1 times [2024-10-31 22:00:03,444 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:03,445 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1431660576] [2024-10-31 22:00:03,445 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:03,446 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:03,599 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:03,709 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:00:03,712 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:03,720 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-31 22:00:03,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:03,731 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:00:03,732 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:03,732 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1431660576] [2024-10-31 22:00:03,733 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1431660576] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:00:03,734 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:00:03,734 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-31 22:00:03,737 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2039160690] [2024-10-31 22:00:03,737 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:00:03,743 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-31 22:00:03,743 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:03,772 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-31 22:00:03,773 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 22:00:03,777 INFO L87 Difference]: Start difference. First operand has 109 states, 81 states have (on average 1.3703703703703705) internal successors, (111), 92 states have internal predecessors, (111), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:00:03,821 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:03,822 INFO L93 Difference]: Finished difference Result 209 states and 284 transitions. [2024-10-31 22:00:03,824 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-31 22:00:03,826 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-10-31 22:00:03,826 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:03,840 INFO L225 Difference]: With dead ends: 209 [2024-10-31 22:00:03,840 INFO L226 Difference]: Without dead ends: 100 [2024-10-31 22:00:03,843 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 22:00:03,847 INFO L432 NwaCegarLoop]: 139 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 139 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:03,848 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 139 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:00:03,869 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 100 states. [2024-10-31 22:00:03,898 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 100 to 100. [2024-10-31 22:00:03,901 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 100 states, 74 states have (on average 1.3108108108108107) internal successors, (97), 84 states have internal predecessors, (97), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-10-31 22:00:03,905 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 100 states to 100 states and 130 transitions. [2024-10-31 22:00:03,911 INFO L78 Accepts]: Start accepts. Automaton has 100 states and 130 transitions. Word has length 32 [2024-10-31 22:00:03,912 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:03,912 INFO L471 AbstractCegarLoop]: Abstraction has 100 states and 130 transitions. [2024-10-31 22:00:03,913 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:00:03,913 INFO L276 IsEmpty]: Start isEmpty. Operand 100 states and 130 transitions. [2024-10-31 22:00:03,918 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-10-31 22:00:03,918 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:03,918 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:03,919 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-31 22:00:03,919 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:03,922 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:03,922 INFO L85 PathProgramCache]: Analyzing trace with hash -1314152562, now seen corresponding path program 1 times [2024-10-31 22:00:03,923 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:03,924 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1137046926] [2024-10-31 22:00:03,924 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:03,924 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:03,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:04,138 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-31 22:00:04,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:04,146 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-10-31 22:00:04,152 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:04,158 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:00:04,159 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:04,163 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1137046926] [2024-10-31 22:00:04,163 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1137046926] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:00:04,163 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:00:04,164 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 22:00:04,164 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [191819671] [2024-10-31 22:00:04,164 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:00:04,166 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:00:04,166 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:04,167 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:00:04,168 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:00:04,168 INFO L87 Difference]: Start difference. First operand 100 states and 130 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:00:04,210 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:04,210 INFO L93 Difference]: Finished difference Result 161 states and 209 transitions. [2024-10-31 22:00:04,210 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:00:04,211 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-10-31 22:00:04,211 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:04,213 INFO L225 Difference]: With dead ends: 161 [2024-10-31 22:00:04,213 INFO L226 Difference]: Without dead ends: 91 [2024-10-31 22:00:04,214 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:00:04,215 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 16 mSDsluCounter, 96 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 213 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:04,216 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 213 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:00:04,218 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2024-10-31 22:00:04,251 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2024-10-31 22:00:04,251 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 68 states have (on average 1.3235294117647058) internal successors, (90), 78 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-31 22:00:04,253 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 118 transitions. [2024-10-31 22:00:04,254 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 118 transitions. Word has length 33 [2024-10-31 22:00:04,254 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:04,254 INFO L471 AbstractCegarLoop]: Abstraction has 91 states and 118 transitions. [2024-10-31 22:00:04,254 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:00:04,255 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 118 transitions. [2024-10-31 22:00:04,256 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-10-31 22:00:04,256 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:04,256 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:04,257 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-31 22:00:04,257 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:04,257 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:04,258 INFO L85 PathProgramCache]: Analyzing trace with hash -1623741410, now seen corresponding path program 1 times [2024-10-31 22:00:04,258 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:04,258 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [394057891] [2024-10-31 22:00:04,259 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:04,259 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:04,278 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:04,382 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:00:04,385 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:04,389 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-10-31 22:00:04,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:04,394 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:00:04,394 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:04,394 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [394057891] [2024-10-31 22:00:04,395 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [394057891] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:00:04,395 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:00:04,395 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 22:00:04,395 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1013818889] [2024-10-31 22:00:04,395 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:00:04,396 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:00:04,396 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:04,397 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:00:04,397 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:00:04,397 INFO L87 Difference]: Start difference. First operand 91 states and 118 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:00:04,458 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:04,458 INFO L93 Difference]: Finished difference Result 256 states and 338 transitions. [2024-10-31 22:00:04,460 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:00:04,460 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2024-10-31 22:00:04,461 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:04,465 INFO L225 Difference]: With dead ends: 256 [2024-10-31 22:00:04,465 INFO L226 Difference]: Without dead ends: 173 [2024-10-31 22:00:04,466 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:00:04,468 INFO L432 NwaCegarLoop]: 134 mSDtfsCounter, 93 mSDsluCounter, 107 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 93 SdHoareTripleChecker+Valid, 241 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:04,468 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [93 Valid, 241 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:00:04,473 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 173 states. [2024-10-31 22:00:04,497 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 173 to 170. [2024-10-31 22:00:04,498 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 170 states, 125 states have (on average 1.344) internal successors, (168), 144 states have internal predecessors, (168), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2024-10-31 22:00:04,500 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 170 states to 170 states and 224 transitions. [2024-10-31 22:00:04,500 INFO L78 Accepts]: Start accepts. Automaton has 170 states and 224 transitions. Word has length 37 [2024-10-31 22:00:04,501 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:04,501 INFO L471 AbstractCegarLoop]: Abstraction has 170 states and 224 transitions. [2024-10-31 22:00:04,501 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:00:04,502 INFO L276 IsEmpty]: Start isEmpty. Operand 170 states and 224 transitions. [2024-10-31 22:00:04,504 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-10-31 22:00:04,504 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:04,504 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:04,504 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-31 22:00:04,505 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:04,505 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:04,505 INFO L85 PathProgramCache]: Analyzing trace with hash 1317125140, now seen corresponding path program 1 times [2024-10-31 22:00:04,506 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:04,506 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1717312139] [2024-10-31 22:00:04,506 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:04,506 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:04,525 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:04,636 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-31 22:00:04,638 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:04,640 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-31 22:00:04,643 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:04,660 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-31 22:00:04,660 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:04,660 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1717312139] [2024-10-31 22:00:04,661 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1717312139] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:00:04,661 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:00:04,661 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 22:00:04,661 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1060332223] [2024-10-31 22:00:04,661 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:00:04,662 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 22:00:04,662 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:04,662 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 22:00:04,662 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 22:00:04,663 INFO L87 Difference]: Start difference. First operand 170 states and 224 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:00:04,911 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:04,913 INFO L93 Difference]: Finished difference Result 430 states and 583 transitions. [2024-10-31 22:00:04,913 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 22:00:04,914 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-10-31 22:00:04,914 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:04,920 INFO L225 Difference]: With dead ends: 430 [2024-10-31 22:00:04,920 INFO L226 Difference]: Without dead ends: 268 [2024-10-31 22:00:04,922 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-31 22:00:04,923 INFO L432 NwaCegarLoop]: 120 mSDtfsCounter, 78 mSDsluCounter, 396 mSDsCounter, 0 mSdLazyCounter, 78 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 516 SdHoareTripleChecker+Invalid, 89 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 78 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:04,927 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 516 Invalid, 89 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 78 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 22:00:04,928 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 268 states. [2024-10-31 22:00:04,986 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 268 to 267. [2024-10-31 22:00:04,987 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 267 states, 198 states have (on average 1.292929292929293) internal successors, (256), 215 states have internal predecessors, (256), 38 states have call successors, (38), 30 states have call predecessors, (38), 30 states have return successors, (50), 33 states have call predecessors, (50), 38 states have call successors, (50) [2024-10-31 22:00:04,989 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 267 states to 267 states and 344 transitions. [2024-10-31 22:00:04,990 INFO L78 Accepts]: Start accepts. Automaton has 267 states and 344 transitions. Word has length 41 [2024-10-31 22:00:04,990 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:04,990 INFO L471 AbstractCegarLoop]: Abstraction has 267 states and 344 transitions. [2024-10-31 22:00:04,991 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:00:04,991 INFO L276 IsEmpty]: Start isEmpty. Operand 267 states and 344 transitions. [2024-10-31 22:00:04,993 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-10-31 22:00:04,993 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:04,993 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:04,993 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-31 22:00:04,994 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:04,994 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:04,995 INFO L85 PathProgramCache]: Analyzing trace with hash -1401707673, now seen corresponding path program 1 times [2024-10-31 22:00:04,995 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:04,995 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [318097352] [2024-10-31 22:00:04,995 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:04,996 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:05,023 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,140 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:00:05,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,147 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-10-31 22:00:05,152 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,167 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:05,171 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,207 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-10-31 22:00:05,209 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,211 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:00:05,211 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:05,212 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [318097352] [2024-10-31 22:00:05,212 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [318097352] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:00:05,212 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:00:05,212 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 22:00:05,213 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [757927950] [2024-10-31 22:00:05,213 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:00:05,213 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 22:00:05,214 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:05,214 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 22:00:05,214 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 22:00:05,215 INFO L87 Difference]: Start difference. First operand 267 states and 344 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 22:00:05,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:05,467 INFO L93 Difference]: Finished difference Result 588 states and 767 transitions. [2024-10-31 22:00:05,467 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-31 22:00:05,468 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 56 [2024-10-31 22:00:05,468 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:05,475 INFO L225 Difference]: With dead ends: 588 [2024-10-31 22:00:05,475 INFO L226 Difference]: Without dead ends: 329 [2024-10-31 22:00:05,476 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-31 22:00:05,477 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 64 mSDsluCounter, 333 mSDsCounter, 0 mSdLazyCounter, 139 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 435 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 139 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:05,480 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 435 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 139 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 22:00:05,482 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 329 states. [2024-10-31 22:00:05,536 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 329 to 327. [2024-10-31 22:00:05,537 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 327 states, 244 states have (on average 1.2704918032786885) internal successors, (310), 261 states have internal predecessors, (310), 42 states have call successors, (42), 30 states have call predecessors, (42), 40 states have return successors, (64), 45 states have call predecessors, (64), 42 states have call successors, (64) [2024-10-31 22:00:05,542 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 327 states to 327 states and 416 transitions. [2024-10-31 22:00:05,542 INFO L78 Accepts]: Start accepts. Automaton has 327 states and 416 transitions. Word has length 56 [2024-10-31 22:00:05,543 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:05,543 INFO L471 AbstractCegarLoop]: Abstraction has 327 states and 416 transitions. [2024-10-31 22:00:05,543 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 22:00:05,543 INFO L276 IsEmpty]: Start isEmpty. Operand 327 states and 416 transitions. [2024-10-31 22:00:05,549 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-10-31 22:00:05,549 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:05,549 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:05,550 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-31 22:00:05,550 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:05,550 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:05,550 INFO L85 PathProgramCache]: Analyzing trace with hash -979005847, now seen corresponding path program 1 times [2024-10-31 22:00:05,551 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:05,551 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [24654802] [2024-10-31 22:00:05,551 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:05,551 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:05,582 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,692 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:00:05,695 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,708 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-10-31 22:00:05,712 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,750 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:05,755 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,825 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-10-31 22:00:05,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:05,829 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:00:05,829 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:05,829 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [24654802] [2024-10-31 22:00:05,830 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [24654802] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:00:05,833 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:00:05,833 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 22:00:05,834 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [470358860] [2024-10-31 22:00:05,834 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:00:05,834 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 22:00:05,834 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:05,835 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 22:00:05,835 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 22:00:05,835 INFO L87 Difference]: Start difference. First operand 327 states and 416 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 22:00:06,253 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:06,253 INFO L93 Difference]: Finished difference Result 658 states and 859 transitions. [2024-10-31 22:00:06,257 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-10-31 22:00:06,257 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2024-10-31 22:00:06,258 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:06,260 INFO L225 Difference]: With dead ends: 658 [2024-10-31 22:00:06,261 INFO L226 Difference]: Without dead ends: 339 [2024-10-31 22:00:06,263 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-10-31 22:00:06,267 INFO L432 NwaCegarLoop]: 116 mSDtfsCounter, 198 mSDsluCounter, 352 mSDsCounter, 0 mSdLazyCounter, 157 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 205 SdHoareTripleChecker+Valid, 468 SdHoareTripleChecker+Invalid, 206 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 157 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:06,268 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [205 Valid, 468 Invalid, 206 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 157 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-31 22:00:06,269 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 339 states. [2024-10-31 22:00:06,317 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 339 to 331. [2024-10-31 22:00:06,318 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 331 states, 248 states have (on average 1.2661290322580645) internal successors, (314), 265 states have internal predecessors, (314), 42 states have call successors, (42), 30 states have call predecessors, (42), 40 states have return successors, (64), 45 states have call predecessors, (64), 42 states have call successors, (64) [2024-10-31 22:00:06,322 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 331 states to 331 states and 420 transitions. [2024-10-31 22:00:06,323 INFO L78 Accepts]: Start accepts. Automaton has 331 states and 420 transitions. Word has length 56 [2024-10-31 22:00:06,325 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:06,326 INFO L471 AbstractCegarLoop]: Abstraction has 331 states and 420 transitions. [2024-10-31 22:00:06,326 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 22:00:06,327 INFO L276 IsEmpty]: Start isEmpty. Operand 331 states and 420 transitions. [2024-10-31 22:00:06,328 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-10-31 22:00:06,331 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:06,331 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:06,331 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-31 22:00:06,332 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:06,332 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:06,332 INFO L85 PathProgramCache]: Analyzing trace with hash 1510523115, now seen corresponding path program 1 times [2024-10-31 22:00:06,332 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:06,333 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1339976732] [2024-10-31 22:00:06,333 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:06,334 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:06,352 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:06,411 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-31 22:00:06,413 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:06,421 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-10-31 22:00:06,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:06,447 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:06,450 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:06,473 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-10-31 22:00:06,475 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:06,476 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:00:06,478 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:06,478 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1339976732] [2024-10-31 22:00:06,478 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1339976732] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:00:06,478 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:00:06,479 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 22:00:06,479 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [715177936] [2024-10-31 22:00:06,479 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:00:06,479 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 22:00:06,481 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:06,481 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 22:00:06,481 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 22:00:06,482 INFO L87 Difference]: Start difference. First operand 331 states and 420 transitions. Second operand has 5 states, 5 states have (on average 9.0) internal successors, (45), 4 states have internal predecessors, (45), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 22:00:06,862 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:06,863 INFO L93 Difference]: Finished difference Result 946 states and 1245 transitions. [2024-10-31 22:00:06,867 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 22:00:06,867 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 4 states have internal predecessors, (45), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2024-10-31 22:00:06,868 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:06,873 INFO L225 Difference]: With dead ends: 946 [2024-10-31 22:00:06,873 INFO L226 Difference]: Without dead ends: 623 [2024-10-31 22:00:06,875 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 12 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-31 22:00:06,875 INFO L432 NwaCegarLoop]: 148 mSDtfsCounter, 244 mSDsluCounter, 205 mSDsCounter, 0 mSdLazyCounter, 159 mSolverCounterSat, 74 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 251 SdHoareTripleChecker+Valid, 353 SdHoareTripleChecker+Invalid, 233 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 74 IncrementalHoareTripleChecker+Valid, 159 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:06,877 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [251 Valid, 353 Invalid, 233 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [74 Valid, 159 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-31 22:00:06,878 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 623 states. [2024-10-31 22:00:06,940 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 623 to 616. [2024-10-31 22:00:06,942 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 616 states, 459 states have (on average 1.2287581699346406) internal successors, (564), 485 states have internal predecessors, (564), 83 states have call successors, (83), 67 states have call predecessors, (83), 73 states have return successors, (135), 84 states have call predecessors, (135), 83 states have call successors, (135) [2024-10-31 22:00:06,948 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 616 states to 616 states and 782 transitions. [2024-10-31 22:00:06,949 INFO L78 Accepts]: Start accepts. Automaton has 616 states and 782 transitions. Word has length 56 [2024-10-31 22:00:06,949 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:06,949 INFO L471 AbstractCegarLoop]: Abstraction has 616 states and 782 transitions. [2024-10-31 22:00:06,949 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 4 states have internal predecessors, (45), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 22:00:06,949 INFO L276 IsEmpty]: Start isEmpty. Operand 616 states and 782 transitions. [2024-10-31 22:00:06,951 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-10-31 22:00:06,951 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:06,951 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:06,951 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-31 22:00:06,952 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:06,952 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:06,952 INFO L85 PathProgramCache]: Analyzing trace with hash -193074427, now seen corresponding path program 1 times [2024-10-31 22:00:06,952 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:06,952 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1104761843] [2024-10-31 22:00:06,952 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:06,953 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:06,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:07,156 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 22:00:07,162 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:07,234 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-31 22:00:07,236 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:07,247 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-31 22:00:07,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:07,257 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:07,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:07,266 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-10-31 22:00:07,268 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:07,270 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:00:07,271 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:07,271 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1104761843] [2024-10-31 22:00:07,271 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1104761843] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:00:07,271 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:00:07,271 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-31 22:00:07,271 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [92116191] [2024-10-31 22:00:07,271 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:00:07,273 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-31 22:00:07,273 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:07,274 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-31 22:00:07,274 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-10-31 22:00:07,274 INFO L87 Difference]: Start difference. First operand 616 states and 782 transitions. Second operand has 9 states, 9 states have (on average 5.222222222222222) internal successors, (47), 7 states have internal predecessors, (47), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-31 22:00:08,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:08,195 INFO L93 Difference]: Finished difference Result 1863 states and 2470 transitions. [2024-10-31 22:00:08,196 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-10-31 22:00:08,196 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.222222222222222) internal successors, (47), 7 states have internal predecessors, (47), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 60 [2024-10-31 22:00:08,196 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:08,204 INFO L225 Difference]: With dead ends: 1863 [2024-10-31 22:00:08,205 INFO L226 Difference]: Without dead ends: 1368 [2024-10-31 22:00:08,208 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 67 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=101, Invalid=319, Unknown=0, NotChecked=0, Total=420 [2024-10-31 22:00:08,209 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 526 mSDsluCounter, 429 mSDsCounter, 0 mSdLazyCounter, 548 mSolverCounterSat, 177 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 533 SdHoareTripleChecker+Valid, 532 SdHoareTripleChecker+Invalid, 725 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 177 IncrementalHoareTripleChecker+Valid, 548 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:08,209 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [533 Valid, 532 Invalid, 725 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [177 Valid, 548 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-31 22:00:08,211 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1368 states. [2024-10-31 22:00:08,325 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1368 to 1193. [2024-10-31 22:00:08,327 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1193 states, 890 states have (on average 1.2269662921348314) internal successors, (1092), 947 states have internal predecessors, (1092), 160 states have call successors, (160), 118 states have call predecessors, (160), 142 states have return successors, (260), 162 states have call predecessors, (260), 160 states have call successors, (260) [2024-10-31 22:00:08,334 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1193 states to 1193 states and 1512 transitions. [2024-10-31 22:00:08,336 INFO L78 Accepts]: Start accepts. Automaton has 1193 states and 1512 transitions. Word has length 60 [2024-10-31 22:00:08,336 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:08,336 INFO L471 AbstractCegarLoop]: Abstraction has 1193 states and 1512 transitions. [2024-10-31 22:00:08,336 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.222222222222222) internal successors, (47), 7 states have internal predecessors, (47), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-10-31 22:00:08,337 INFO L276 IsEmpty]: Start isEmpty. Operand 1193 states and 1512 transitions. [2024-10-31 22:00:08,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 91 [2024-10-31 22:00:08,339 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:08,339 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:08,339 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-31 22:00:08,339 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:08,340 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:08,340 INFO L85 PathProgramCache]: Analyzing trace with hash -182301856, now seen corresponding path program 1 times [2024-10-31 22:00:08,340 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:08,340 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [732749793] [2024-10-31 22:00:08,340 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:08,340 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:08,370 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:08,406 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 22:00:08,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:08,418 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-31 22:00:08,423 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:08,440 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:00:08,441 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:08,449 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-31 22:00:08,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:08,457 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:08,459 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:08,462 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2024-10-31 22:00:08,464 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:08,465 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2024-10-31 22:00:08,466 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:08,468 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-10-31 22:00:08,468 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:08,468 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [732749793] [2024-10-31 22:00:08,469 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [732749793] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:00:08,469 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:00:08,469 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-31 22:00:08,469 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [427352073] [2024-10-31 22:00:08,469 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:00:08,470 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-31 22:00:08,470 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:08,470 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-31 22:00:08,471 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-31 22:00:08,471 INFO L87 Difference]: Start difference. First operand 1193 states and 1512 transitions. Second operand has 7 states, 7 states have (on average 10.142857142857142) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-10-31 22:00:09,009 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:09,009 INFO L93 Difference]: Finished difference Result 1429 states and 1801 transitions. [2024-10-31 22:00:09,009 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-31 22:00:09,010 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.142857142857142) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 90 [2024-10-31 22:00:09,010 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:09,014 INFO L225 Difference]: With dead ends: 1429 [2024-10-31 22:00:09,015 INFO L226 Difference]: Without dead ends: 611 [2024-10-31 22:00:09,017 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 19 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-10-31 22:00:09,018 INFO L432 NwaCegarLoop]: 113 mSDtfsCounter, 274 mSDsluCounter, 275 mSDsCounter, 0 mSdLazyCounter, 296 mSolverCounterSat, 70 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 283 SdHoareTripleChecker+Valid, 388 SdHoareTripleChecker+Invalid, 366 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 70 IncrementalHoareTripleChecker+Valid, 296 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:09,019 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [283 Valid, 388 Invalid, 366 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [70 Valid, 296 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-10-31 22:00:09,020 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 611 states. [2024-10-31 22:00:09,103 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 611 to 585. [2024-10-31 22:00:09,104 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 585 states, 437 states have (on average 1.194508009153318) internal successors, (522), 463 states have internal predecessors, (522), 77 states have call successors, (77), 58 states have call predecessors, (77), 70 states have return successors, (127), 79 states have call predecessors, (127), 77 states have call successors, (127) [2024-10-31 22:00:09,108 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 585 states to 585 states and 726 transitions. [2024-10-31 22:00:09,109 INFO L78 Accepts]: Start accepts. Automaton has 585 states and 726 transitions. Word has length 90 [2024-10-31 22:00:09,109 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:09,110 INFO L471 AbstractCegarLoop]: Abstraction has 585 states and 726 transitions. [2024-10-31 22:00:09,110 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.142857142857142) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-10-31 22:00:09,110 INFO L276 IsEmpty]: Start isEmpty. Operand 585 states and 726 transitions. [2024-10-31 22:00:09,113 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 110 [2024-10-31 22:00:09,113 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:09,114 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:09,114 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-31 22:00:09,114 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:09,114 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:09,115 INFO L85 PathProgramCache]: Analyzing trace with hash 1799468227, now seen corresponding path program 1 times [2024-10-31 22:00:09,115 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:09,115 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1121391201] [2024-10-31 22:00:09,115 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:09,115 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:09,138 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,268 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 22:00:09,269 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,284 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-10-31 22:00:09,289 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,312 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:00:09,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,324 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-31 22:00:09,327 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,335 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:09,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,345 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 65 [2024-10-31 22:00:09,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,361 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 79 [2024-10-31 22:00:09,365 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,369 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-31 22:00:09,370 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,372 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:09,372 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,373 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 101 [2024-10-31 22:00:09,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,377 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 8 proven. 20 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-10-31 22:00:09,377 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:09,377 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1121391201] [2024-10-31 22:00:09,377 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1121391201] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 22:00:09,378 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [516864263] [2024-10-31 22:00:09,378 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:09,378 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:00:09,378 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:00:09,380 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 22:00:09,382 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-31 22:00:09,513 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:09,516 INFO L255 TraceCheckSpWp]: Trace formula consists of 352 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-10-31 22:00:09,531 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 22:00:09,793 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 26 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 22:00:09,793 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-31 22:00:10,097 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 18 proven. 10 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-10-31 22:00:10,097 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [516864263] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-31 22:00:10,097 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-31 22:00:10,097 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-31 22:00:10,098 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1697619624] [2024-10-31 22:00:10,098 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-31 22:00:10,099 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-31 22:00:10,100 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:10,101 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-31 22:00:10,101 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-31 22:00:10,102 INFO L87 Difference]: Start difference. First operand 585 states and 726 transitions. Second operand has 15 states, 15 states have (on average 9.866666666666667) internal successors, (148), 10 states have internal predecessors, (148), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (20), 8 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-31 22:00:11,676 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:11,677 INFO L93 Difference]: Finished difference Result 1242 states and 1576 transitions. [2024-10-31 22:00:11,677 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 32 states. [2024-10-31 22:00:11,678 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.866666666666667) internal successors, (148), 10 states have internal predecessors, (148), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (20), 8 states have call predecessors, (20), 6 states have call successors, (20) Word has length 109 [2024-10-31 22:00:11,678 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:11,683 INFO L225 Difference]: With dead ends: 1242 [2024-10-31 22:00:11,683 INFO L226 Difference]: Without dead ends: 718 [2024-10-31 22:00:11,686 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 290 GetRequests, 244 SyntacticMatches, 4 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 462 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=441, Invalid=1451, Unknown=0, NotChecked=0, Total=1892 [2024-10-31 22:00:11,704 INFO L432 NwaCegarLoop]: 160 mSDtfsCounter, 488 mSDsluCounter, 784 mSDsCounter, 0 mSdLazyCounter, 868 mSolverCounterSat, 198 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 491 SdHoareTripleChecker+Valid, 944 SdHoareTripleChecker+Invalid, 1066 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 198 IncrementalHoareTripleChecker+Valid, 868 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:11,706 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [491 Valid, 944 Invalid, 1066 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [198 Valid, 868 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2024-10-31 22:00:11,711 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 718 states. [2024-10-31 22:00:11,797 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 718 to 646. [2024-10-31 22:00:11,799 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 646 states, 477 states have (on average 1.1740041928721174) internal successors, (560), 511 states have internal predecessors, (560), 87 states have call successors, (87), 72 states have call predecessors, (87), 81 states have return successors, (119), 84 states have call predecessors, (119), 87 states have call successors, (119) [2024-10-31 22:00:11,803 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 646 states to 646 states and 766 transitions. [2024-10-31 22:00:11,805 INFO L78 Accepts]: Start accepts. Automaton has 646 states and 766 transitions. Word has length 109 [2024-10-31 22:00:11,806 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:11,806 INFO L471 AbstractCegarLoop]: Abstraction has 646 states and 766 transitions. [2024-10-31 22:00:11,807 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.866666666666667) internal successors, (148), 10 states have internal predecessors, (148), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (20), 8 states have call predecessors, (20), 6 states have call successors, (20) [2024-10-31 22:00:11,807 INFO L276 IsEmpty]: Start isEmpty. Operand 646 states and 766 transitions. [2024-10-31 22:00:11,811 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 192 [2024-10-31 22:00:11,811 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:00:11,811 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:11,834 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-31 22:00:12,015 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-31 22:00:12,015 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:00:12,016 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:00:12,016 INFO L85 PathProgramCache]: Analyzing trace with hash 691174985, now seen corresponding path program 1 times [2024-10-31 22:00:12,016 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:00:12,016 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1228285554] [2024-10-31 22:00:12,016 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:12,017 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:00:12,045 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,229 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 22:00:12,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,244 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-10-31 22:00:12,247 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,252 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:00:12,253 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,262 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-31 22:00:12,264 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,267 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:12,269 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,272 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 63 [2024-10-31 22:00:12,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,282 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:00:12,283 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,284 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-31 22:00:12,286 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,290 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-31 22:00:12,291 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,292 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:12,293 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,294 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 112 [2024-10-31 22:00:12,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,363 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:00:12,365 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,366 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-31 22:00:12,367 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,369 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 143 [2024-10-31 22:00:12,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,377 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 153 [2024-10-31 22:00:12,378 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,380 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 162 [2024-10-31 22:00:12,384 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,404 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:00:12,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,409 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 183 [2024-10-31 22:00:12,410 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,412 INFO L134 CoverageAnalysis]: Checked inductivity of 201 backedges. 69 proven. 5 refuted. 0 times theorem prover too weak. 127 trivial. 0 not checked. [2024-10-31 22:00:12,412 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:00:12,412 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1228285554] [2024-10-31 22:00:12,412 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1228285554] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 22:00:12,412 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1187724664] [2024-10-31 22:00:12,412 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:00:12,413 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:00:12,413 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:00:12,415 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 22:00:12,417 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-10-31 22:00:12,562 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:00:12,565 INFO L255 TraceCheckSpWp]: Trace formula consists of 552 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-10-31 22:00:12,572 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 22:00:12,819 INFO L134 CoverageAnalysis]: Checked inductivity of 201 backedges. 147 proven. 4 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2024-10-31 22:00:12,819 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-31 22:00:13,384 INFO L134 CoverageAnalysis]: Checked inductivity of 201 backedges. 78 proven. 42 refuted. 0 times theorem prover too weak. 81 trivial. 0 not checked. [2024-10-31 22:00:13,385 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1187724664] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-31 22:00:13,385 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-31 22:00:13,385 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 11] total 25 [2024-10-31 22:00:13,385 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [108282767] [2024-10-31 22:00:13,385 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-31 22:00:13,386 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2024-10-31 22:00:13,386 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:00:13,387 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2024-10-31 22:00:13,388 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=119, Invalid=481, Unknown=0, NotChecked=0, Total=600 [2024-10-31 22:00:13,388 INFO L87 Difference]: Start difference. First operand 646 states and 766 transitions. Second operand has 25 states, 25 states have (on average 8.88) internal successors, (222), 22 states have internal predecessors, (222), 9 states have call successors, (38), 9 states have call predecessors, (38), 10 states have return successors, (37), 8 states have call predecessors, (37), 9 states have call successors, (37) [2024-10-31 22:00:14,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:00:14,985 INFO L93 Difference]: Finished difference Result 1341 states and 1641 transitions. [2024-10-31 22:00:14,986 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2024-10-31 22:00:14,986 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 8.88) internal successors, (222), 22 states have internal predecessors, (222), 9 states have call successors, (38), 9 states have call predecessors, (38), 10 states have return successors, (37), 8 states have call predecessors, (37), 9 states have call successors, (37) Word has length 191 [2024-10-31 22:00:14,986 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:00:14,988 INFO L225 Difference]: With dead ends: 1341 [2024-10-31 22:00:14,988 INFO L226 Difference]: Without dead ends: 0 [2024-10-31 22:00:14,993 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 456 GetRequests, 407 SyntacticMatches, 3 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 444 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=466, Invalid=1790, Unknown=0, NotChecked=0, Total=2256 [2024-10-31 22:00:14,994 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 513 mSDsluCounter, 720 mSDsCounter, 0 mSdLazyCounter, 1330 mSolverCounterSat, 205 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 516 SdHoareTripleChecker+Valid, 813 SdHoareTripleChecker+Invalid, 1535 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 205 IncrementalHoareTripleChecker+Valid, 1330 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:00:14,994 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [516 Valid, 813 Invalid, 1535 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [205 Valid, 1330 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2024-10-31 22:00:14,995 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-31 22:00:14,995 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-31 22:00:14,995 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-31 22:00:14,995 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-31 22:00:14,997 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 191 [2024-10-31 22:00:14,997 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:00:14,997 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-31 22:00:14,997 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 8.88) internal successors, (222), 22 states have internal predecessors, (222), 9 states have call successors, (38), 9 states have call predecessors, (38), 10 states have return successors, (37), 8 states have call predecessors, (37), 9 states have call successors, (37) [2024-10-31 22:00:14,998 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-31 22:00:14,998 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-31 22:00:15,001 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-31 22:00:15,024 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-10-31 22:00:15,202 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-10-31 22:00:15,205 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:00:15,208 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-31 22:00:23,444 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-10-31 22:00:23,465 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (= 1 ~systemActive~0))) Eliminated clause: (or (and (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (= 1 ~systemActive~0)) [2024-10-31 22:00:23,493 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse2 (<= |old(~waterLevel~0)| 1)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|)) (.cse4 (= |old(~waterLevel~0)| 2))) (or (and .cse0 (= 0 ~systemActive~0)) (and .cse1 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse3) (and .cse1 .cse0 .cse4) (and .cse1 .cse0 .cse2) (and .cse1 .cse3 .cse4))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 (= 0 ~systemActive~0)))) [2024-10-31 22:00:23,532 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-31 22:00:23,549 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (= |old(~waterLevel~0)| 2)) (.cse3 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 1)) (.cse0 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse1 .cse4) (and .cse3 .cse1 .cse4 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 (= 0 ~systemActive~0)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 (= 0 ~systemActive~0)))) [2024-10-31 22:00:23,567 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-31 22:00:23,597 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 31.10 10:00:23 BoogieIcfgContainer [2024-10-31 22:00:23,601 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-31 22:00:23,601 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-31 22:00:23,601 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-31 22:00:23,602 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-31 22:00:23,602 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:00:03" (3/4) ... [2024-10-31 22:00:23,605 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-10-31 22:00:23,616 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-31 22:00:23,619 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-31 22:00:23,620 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-31 22:00:23,620 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-31 22:00:23,620 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-31 22:00:23,620 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 22:00:23,620 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-31 22:00:23,621 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-10-31 22:00:23,621 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-31 22:00:23,628 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2024-10-31 22:00:23,629 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-10-31 22:00:23,630 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-31 22:00:23,631 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 22:00:23,631 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 22:00:23,754 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/witness.graphml [2024-10-31 22:00:23,754 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/witness.yml [2024-10-31 22:00:23,754 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-31 22:00:23,755 INFO L158 Benchmark]: Toolchain (without parser) took 21787.37ms. Allocated memory was 144.7MB in the beginning and 251.7MB in the end (delta: 107.0MB). Free memory was 104.4MB in the beginning and 203.4MB in the end (delta: -99.0MB). Peak memory consumption was 9.4MB. Max. memory is 16.1GB. [2024-10-31 22:00:23,755 INFO L158 Benchmark]: CDTParser took 0.30ms. Allocated memory is still 113.2MB. Free memory was 81.7MB in the beginning and 81.7MB in the end (delta: 26.0kB). There was no memory consumed. Max. memory is 16.1GB. [2024-10-31 22:00:23,756 INFO L158 Benchmark]: CACSL2BoogieTranslator took 559.58ms. Allocated memory is still 144.7MB. Free memory was 104.0MB in the beginning and 82.2MB in the end (delta: 21.8MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-31 22:00:23,757 INFO L158 Benchmark]: Boogie Procedure Inliner took 57.89ms. Allocated memory is still 144.7MB. Free memory was 82.2MB in the beginning and 79.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 22:00:23,758 INFO L158 Benchmark]: Boogie Preprocessor took 80.74ms. Allocated memory is still 144.7MB. Free memory was 79.7MB in the beginning and 116.3MB in the end (delta: -36.6MB). Peak memory consumption was 8.7MB. Max. memory is 16.1GB. [2024-10-31 22:00:23,758 INFO L158 Benchmark]: RCFGBuilder took 587.87ms. Allocated memory is still 144.7MB. Free memory was 116.3MB in the beginning and 96.8MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-10-31 22:00:23,758 INFO L158 Benchmark]: TraceAbstraction took 20341.54ms. Allocated memory was 144.7MB in the beginning and 251.7MB in the end (delta: 107.0MB). Free memory was 96.1MB in the beginning and 211.8MB in the end (delta: -115.7MB). Peak memory consumption was 133.7MB. Max. memory is 16.1GB. [2024-10-31 22:00:23,759 INFO L158 Benchmark]: Witness Printer took 152.83ms. Allocated memory is still 251.7MB. Free memory was 211.8MB in the beginning and 203.4MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-31 22:00:23,762 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.30ms. Allocated memory is still 113.2MB. Free memory was 81.7MB in the beginning and 81.7MB in the end (delta: 26.0kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 559.58ms. Allocated memory is still 144.7MB. Free memory was 104.0MB in the beginning and 82.2MB in the end (delta: 21.8MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 57.89ms. Allocated memory is still 144.7MB. Free memory was 82.2MB in the beginning and 79.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 80.74ms. Allocated memory is still 144.7MB. Free memory was 79.7MB in the beginning and 116.3MB in the end (delta: -36.6MB). Peak memory consumption was 8.7MB. Max. memory is 16.1GB. * RCFGBuilder took 587.87ms. Allocated memory is still 144.7MB. Free memory was 116.3MB in the beginning and 96.8MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 20341.54ms. Allocated memory was 144.7MB in the beginning and 251.7MB in the end (delta: 107.0MB). Free memory was 96.1MB in the beginning and 211.8MB in the end (delta: -115.7MB). Peak memory consumption was 133.7MB. Max. memory is 16.1GB. * Witness Printer took 152.83ms. Allocated memory is still 251.7MB. Free memory was 211.8MB in the beginning and 203.4MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] - GenericResultAtLocation [Line: 521]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [521] - GenericResultAtLocation [Line: 556]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [556] - GenericResultAtLocation [Line: 565]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [565] - GenericResultAtLocation [Line: 633]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [633] - GenericResultAtLocation [Line: 742]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [742] - GenericResultAtLocation [Line: 988]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [988] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 561]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 109 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 11.8s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 6.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2540 SdHoareTripleChecker+Valid, 3.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2494 mSDsluCounter, 5042 SdHoareTripleChecker+Invalid, 3.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3697 mSDsCounter, 801 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3580 IncrementalHoareTripleChecker+Invalid, 4381 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 801 mSolverCounterUnsat, 1345 mSDtfsCounter, 3580 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 898 GetRequests, 741 SyntacticMatches, 8 SemanticMatches, 149 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1012 ImplicationChecksByTransitivity, 1.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1193occurred in iteration=8, InterpolantAutomatonStates: 126, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 11 MinimizatonAttempts, 294 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 3.5s InterpolantComputationTime, 1061 NumberOfCodeBlocks, 1061 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1346 ConstructedInterpolants, 0 QuantifiedInterpolants, 2644 SizeOfPredicates, 2 NumberOfNonLiveVariables, 904 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 673/765 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 428]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 576]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 577]: Loop Invariant Derived loop invariant: (((((((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS)) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((pumpRunning == 0) && (splverifierCounter == 0)) && (0 == systemActive))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - ProcedureContractResult [Line: 871]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((2 <= waterLevel) && (0 != systemActive)) || (1 == systemActive)) Ensures: (((pumpRunning == 0) && (((2 <= waterLevel) && (0 != systemActive)) || (1 == systemActive))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 778]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && (((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 666]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 751]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: ((((((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (\old(pumpRunning) != 0)) || (\old(waterLevel) != 2)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (0 == systemActive)) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (((((pumpRunning == \old(pumpRunning)) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS)))) && ((((\old(waterLevel) != 1) || ((((pumpRunning == \old(pumpRunning)) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1))) && (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && ((((((\old(pumpRunning) == 0) && (\old(waterLevel) <= 1)) || ((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2))) || ((\old(pumpRunning) == 0) && (0 == systemActive))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) == 2))) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 1)) && (1 <= \old(pumpRunning))))) && ((((1 < \old(waterLevel)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (0 == systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 418]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 786]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 654]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: ((((((((long long) \old(waterLevel) + 1) <= waterLevel) && (waterLevel <= 2)) || ((2 <= waterLevel) && (\old(waterLevel) == waterLevel))) && ((0 == systemActive) || (waterLevel < ((long long) \old(waterLevel) + 2)))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS))) || ((pumpRunning == 0) && (0 == systemActive)))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 812]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 890]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) && (pumpRunning == \result)) && (((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) RESULT: Ultimate proved your program to be correct! [2024-10-31 22:00:23,811 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a194af7c-8533-4599-ac6c-7e1312eb3cb0/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE