./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4fc63b2a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-4fc63b2 [2024-10-31 22:16:57,455 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-31 22:16:57,547 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-31 22:16:57,551 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-31 22:16:57,552 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-31 22:16:57,575 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-31 22:16:57,576 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-31 22:16:57,576 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-31 22:16:57,577 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-31 22:16:57,577 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-31 22:16:57,578 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-31 22:16:57,578 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-31 22:16:57,579 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-31 22:16:57,579 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-31 22:16:57,579 INFO L153 SettingsManager]: * Use SBE=true [2024-10-31 22:16:57,580 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-31 22:16:57,580 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-31 22:16:57,581 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-31 22:16:57,581 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-31 22:16:57,581 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-31 22:16:57,583 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-31 22:16:57,584 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-31 22:16:57,587 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-31 22:16:57,588 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-31 22:16:57,588 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-31 22:16:57,589 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-31 22:16:57,589 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-31 22:16:57,589 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-31 22:16:57,589 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-31 22:16:57,590 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-31 22:16:57,590 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-31 22:16:57,590 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-31 22:16:57,591 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 22:16:57,594 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-31 22:16:57,595 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-31 22:16:57,595 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-31 22:16:57,595 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-31 22:16:57,595 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-31 22:16:57,596 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-31 22:16:57,596 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-31 22:16:57,596 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-31 22:16:57,597 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-31 22:16:57,597 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 [2024-10-31 22:16:57,983 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-31 22:16:58,041 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-31 22:16:58,044 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-31 22:16:58,045 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-31 22:16:58,046 INFO L274 PluginConnector]: CDTParser initialized [2024-10-31 22:16:58,047 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c Unable to find full path for "g++" [2024-10-31 22:17:00,330 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-31 22:17:00,657 INFO L384 CDTParser]: Found 1 translation units. [2024-10-31 22:17:00,657 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2024-10-31 22:17:00,673 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/data/19fdffa1c/7b25f9c5f93e486a988b9cd716393ef0/FLAGf879f6428 [2024-10-31 22:17:00,694 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/data/19fdffa1c/7b25f9c5f93e486a988b9cd716393ef0 [2024-10-31 22:17:00,698 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-31 22:17:00,700 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-31 22:17:00,704 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-31 22:17:00,705 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-31 22:17:00,712 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-31 22:17:00,712 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 10:17:00" (1/1) ... [2024-10-31 22:17:00,714 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@30843863 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:00, skipping insertion in model container [2024-10-31 22:17:00,714 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 31.10 10:17:00" (1/1) ... [2024-10-31 22:17:00,763 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-31 22:17:01,186 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-10-31 22:17:01,236 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 22:17:01,250 INFO L200 MainTranslator]: Completed pre-run [2024-10-31 22:17:01,262 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-10-31 22:17:01,264 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] [2024-10-31 22:17:01,264 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] [2024-10-31 22:17:01,265 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] [2024-10-31 22:17:01,265 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] [2024-10-31 22:17:01,265 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] [2024-10-31 22:17:01,269 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] [2024-10-31 22:17:01,270 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] [2024-10-31 22:17:01,348 WARN L251 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-10-31 22:17:01,375 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-31 22:17:01,406 INFO L204 MainTranslator]: Completed translation [2024-10-31 22:17:01,407 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01 WrapperNode [2024-10-31 22:17:01,407 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-31 22:17:01,409 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-31 22:17:01,409 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-31 22:17:01,409 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-31 22:17:01,417 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,432 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,468 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 235 [2024-10-31 22:17:01,469 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-31 22:17:01,469 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-31 22:17:01,470 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-31 22:17:01,470 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-31 22:17:01,482 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,483 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,485 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,504 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-31 22:17:01,505 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,505 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,515 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,523 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,531 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,532 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,537 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-31 22:17:01,541 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-31 22:17:01,542 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-31 22:17:01,542 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-31 22:17:01,543 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (1/1) ... [2024-10-31 22:17:01,549 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-31 22:17:01,563 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:17:01,579 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-31 22:17:01,582 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-31 22:17:01,608 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-31 22:17:01,608 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-31 22:17:01,609 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-31 22:17:01,609 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-31 22:17:01,609 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-31 22:17:01,609 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-31 22:17:01,609 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-31 22:17:01,609 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 22:17:01,609 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 22:17:01,609 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-31 22:17:01,609 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-31 22:17:01,610 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-31 22:17:01,610 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-31 22:17:01,610 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-31 22:17:01,610 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-31 22:17:01,610 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-31 22:17:01,610 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-31 22:17:01,611 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-31 22:17:01,696 INFO L238 CfgBuilder]: Building ICFG [2024-10-31 22:17:01,699 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-31 22:17:02,091 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-10-31 22:17:02,091 INFO L287 CfgBuilder]: Performing block encoding [2024-10-31 22:17:02,110 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-31 22:17:02,110 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-31 22:17:02,111 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:17:02 BoogieIcfgContainer [2024-10-31 22:17:02,111 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-31 22:17:02,114 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-31 22:17:02,114 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-31 22:17:02,118 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-31 22:17:02,118 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 31.10 10:17:00" (1/3) ... [2024-10-31 22:17:02,119 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@151b525 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 10:17:02, skipping insertion in model container [2024-10-31 22:17:02,120 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 31.10 10:17:01" (2/3) ... [2024-10-31 22:17:02,120 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@151b525 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 31.10 10:17:02, skipping insertion in model container [2024-10-31 22:17:02,120 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:17:02" (3/3) ... [2024-10-31 22:17:02,121 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product58.cil.c [2024-10-31 22:17:02,138 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-31 22:17:02,138 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-31 22:17:02,198 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-31 22:17:02,205 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@3fa9b59e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-31 22:17:02,205 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-31 22:17:02,210 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-10-31 22:17:02,221 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-10-31 22:17:02,222 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:02,222 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:02,223 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:02,229 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:02,229 INFO L85 PathProgramCache]: Analyzing trace with hash -716350399, now seen corresponding path program 1 times [2024-10-31 22:17:02,240 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:02,240 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1530331962] [2024-10-31 22:17:02,240 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:02,241 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:02,386 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:02,499 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-31 22:17:02,505 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:02,511 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-31 22:17:02,514 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:02,518 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:17:02,519 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:02,519 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1530331962] [2024-10-31 22:17:02,520 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1530331962] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:17:02,520 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:17:02,520 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-31 22:17:02,522 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [76401804] [2024-10-31 22:17:02,523 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:17:02,529 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-31 22:17:02,529 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:02,551 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-31 22:17:02,551 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 22:17:02,553 INFO L87 Difference]: Start difference. First operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:17:02,586 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:02,587 INFO L93 Difference]: Finished difference Result 185 states and 250 transitions. [2024-10-31 22:17:02,589 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-31 22:17:02,591 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-10-31 22:17:02,591 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:02,601 INFO L225 Difference]: With dead ends: 185 [2024-10-31 22:17:02,602 INFO L226 Difference]: Without dead ends: 88 [2024-10-31 22:17:02,606 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-31 22:17:02,610 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:02,611 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:17:02,630 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2024-10-31 22:17:02,655 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2024-10-31 22:17:02,657 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 76 states have internal predecessors, (90), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-31 22:17:02,660 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2024-10-31 22:17:02,662 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 32 [2024-10-31 22:17:02,662 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:02,662 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2024-10-31 22:17:02,663 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:17:02,663 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2024-10-31 22:17:02,666 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-10-31 22:17:02,666 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:02,666 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:02,670 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-31 22:17:02,670 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:02,672 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:02,672 INFO L85 PathProgramCache]: Analyzing trace with hash 407802526, now seen corresponding path program 1 times [2024-10-31 22:17:02,672 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:02,672 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [259507550] [2024-10-31 22:17:02,673 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:02,673 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:02,722 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:02,867 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-31 22:17:02,870 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:02,876 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-10-31 22:17:02,879 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:02,886 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:17:02,889 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:02,889 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [259507550] [2024-10-31 22:17:02,889 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [259507550] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:17:02,890 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:17:02,890 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 22:17:02,890 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [372851102] [2024-10-31 22:17:02,890 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:17:02,892 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:17:02,892 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:02,894 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:17:02,894 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:17:02,894 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:17:02,931 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:02,931 INFO L93 Difference]: Finished difference Result 140 states and 180 transitions. [2024-10-31 22:17:02,931 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:17:02,932 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-10-31 22:17:02,932 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:02,935 INFO L225 Difference]: With dead ends: 140 [2024-10-31 22:17:02,935 INFO L226 Difference]: Without dead ends: 79 [2024-10-31 22:17:02,937 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:17:02,938 INFO L432 NwaCegarLoop]: 100 mSDtfsCounter, 13 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:02,941 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 183 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:17:02,942 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2024-10-31 22:17:02,955 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2024-10-31 22:17:02,955 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 70 states have internal predecessors, (83), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-31 22:17:02,960 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2024-10-31 22:17:02,962 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 33 [2024-10-31 22:17:02,962 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:02,963 INFO L471 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2024-10-31 22:17:02,963 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-31 22:17:02,964 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2024-10-31 22:17:02,965 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-31 22:17:02,965 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:02,965 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:02,966 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-31 22:17:02,966 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:02,967 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:02,967 INFO L85 PathProgramCache]: Analyzing trace with hash -1999351370, now seen corresponding path program 1 times [2024-10-31 22:17:02,967 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:02,968 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1663062531] [2024-10-31 22:17:02,968 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:02,968 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:02,992 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,161 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 22:17:03,163 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,169 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-10-31 22:17:03,180 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,184 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:17:03,184 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:03,185 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1663062531] [2024-10-31 22:17:03,187 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1663062531] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:17:03,187 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:17:03,187 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 22:17:03,188 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [50382297] [2024-10-31 22:17:03,188 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:17:03,188 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 22:17:03,188 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:03,189 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 22:17:03,189 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 22:17:03,190 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:17:03,275 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:03,275 INFO L93 Difference]: Finished difference Result 150 states and 195 transitions. [2024-10-31 22:17:03,282 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-31 22:17:03,282 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-10-31 22:17:03,283 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:03,285 INFO L225 Difference]: With dead ends: 150 [2024-10-31 22:17:03,285 INFO L226 Difference]: Without dead ends: 79 [2024-10-31 22:17:03,286 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-31 22:17:03,287 INFO L432 NwaCegarLoop]: 97 mSDtfsCounter, 91 mSDsluCounter, 192 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 289 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:03,288 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 289 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:17:03,291 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2024-10-31 22:17:03,307 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2024-10-31 22:17:03,307 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 70 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-31 22:17:03,308 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 100 transitions. [2024-10-31 22:17:03,312 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 100 transitions. Word has length 38 [2024-10-31 22:17:03,314 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:03,315 INFO L471 AbstractCegarLoop]: Abstraction has 79 states and 100 transitions. [2024-10-31 22:17:03,315 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:17:03,315 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 100 transitions. [2024-10-31 22:17:03,316 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-10-31 22:17:03,321 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:03,321 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:03,321 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-31 22:17:03,322 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:03,322 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:03,322 INFO L85 PathProgramCache]: Analyzing trace with hash 879947394, now seen corresponding path program 1 times [2024-10-31 22:17:03,324 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:03,324 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1564352924] [2024-10-31 22:17:03,324 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:03,325 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:03,363 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,405 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 22:17:03,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,410 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-10-31 22:17:03,412 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,414 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:17:03,415 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:03,415 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1564352924] [2024-10-31 22:17:03,416 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1564352924] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:17:03,416 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:17:03,416 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-31 22:17:03,416 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [639557873] [2024-10-31 22:17:03,416 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:17:03,417 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-31 22:17:03,417 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:03,418 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-31 22:17:03,418 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:17:03,418 INFO L87 Difference]: Start difference. First operand 79 states and 100 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:17:03,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:03,467 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2024-10-31 22:17:03,467 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-31 22:17:03,468 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2024-10-31 22:17:03,468 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:03,470 INFO L225 Difference]: With dead ends: 199 [2024-10-31 22:17:03,470 INFO L226 Difference]: Without dead ends: 128 [2024-10-31 22:17:03,471 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-31 22:17:03,472 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 80 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 171 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:03,473 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 171 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-31 22:17:03,474 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2024-10-31 22:17:03,489 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 126. [2024-10-31 22:17:03,489 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 99 states have (on average 1.2828282828282829) internal successors, (127), 107 states have internal predecessors, (127), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-10-31 22:17:03,491 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 159 transitions. [2024-10-31 22:17:03,491 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 159 transitions. Word has length 46 [2024-10-31 22:17:03,491 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:03,491 INFO L471 AbstractCegarLoop]: Abstraction has 126 states and 159 transitions. [2024-10-31 22:17:03,492 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-31 22:17:03,492 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 159 transitions. [2024-10-31 22:17:03,493 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-10-31 22:17:03,494 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:03,513 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:03,513 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-31 22:17:03,514 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:03,514 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:03,514 INFO L85 PathProgramCache]: Analyzing trace with hash -2106872253, now seen corresponding path program 1 times [2024-10-31 22:17:03,514 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:03,515 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2128382498] [2024-10-31 22:17:03,515 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:03,515 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:03,543 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,682 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 22:17:03,683 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,692 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:17:03,697 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,715 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-31 22:17:03,716 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,719 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-31 22:17:03,722 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:03,741 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-31 22:17:03,742 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:03,742 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2128382498] [2024-10-31 22:17:03,743 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2128382498] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:17:03,744 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:17:03,744 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-31 22:17:03,745 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [130155409] [2024-10-31 22:17:03,745 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:17:03,745 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-31 22:17:03,745 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:03,746 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-31 22:17:03,746 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-10-31 22:17:03,746 INFO L87 Difference]: Start difference. First operand 126 states and 159 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 22:17:04,109 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:04,110 INFO L93 Difference]: Finished difference Result 268 states and 341 transitions. [2024-10-31 22:17:04,111 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-31 22:17:04,111 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-10-31 22:17:04,115 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:04,116 INFO L225 Difference]: With dead ends: 268 [2024-10-31 22:17:04,116 INFO L226 Difference]: Without dead ends: 150 [2024-10-31 22:17:04,117 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-10-31 22:17:04,118 INFO L432 NwaCegarLoop]: 81 mSDtfsCounter, 140 mSDsluCounter, 328 mSDsCounter, 0 mSdLazyCounter, 167 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 409 SdHoareTripleChecker+Invalid, 196 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 167 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:04,123 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 409 Invalid, 196 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 167 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 22:17:04,124 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2024-10-31 22:17:04,148 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 148. [2024-10-31 22:17:04,152 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 116 states have (on average 1.2586206896551724) internal successors, (146), 124 states have internal predecessors, (146), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-31 22:17:04,153 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 185 transitions. [2024-10-31 22:17:04,154 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 185 transitions. Word has length 54 [2024-10-31 22:17:04,154 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:04,154 INFO L471 AbstractCegarLoop]: Abstraction has 148 states and 185 transitions. [2024-10-31 22:17:04,154 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-31 22:17:04,155 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 185 transitions. [2024-10-31 22:17:04,155 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-10-31 22:17:04,156 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:04,156 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:04,156 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-31 22:17:04,156 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:04,157 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:04,157 INFO L85 PathProgramCache]: Analyzing trace with hash 1055316791, now seen corresponding path program 1 times [2024-10-31 22:17:04,157 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:04,157 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1356236487] [2024-10-31 22:17:04,157 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:04,157 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:04,182 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:04,231 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 22:17:04,232 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:04,240 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:17:04,245 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:04,284 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-10-31 22:17:04,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:04,290 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:17:04,290 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:04,290 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1356236487] [2024-10-31 22:17:04,291 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1356236487] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:17:04,291 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:17:04,291 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-31 22:17:04,291 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [728086730] [2024-10-31 22:17:04,291 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:17:04,292 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-31 22:17:04,295 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:04,296 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-31 22:17:04,296 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-31 22:17:04,296 INFO L87 Difference]: Start difference. First operand 148 states and 185 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 22:17:04,481 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:04,482 INFO L93 Difference]: Finished difference Result 293 states and 375 transitions. [2024-10-31 22:17:04,482 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-31 22:17:04,482 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2024-10-31 22:17:04,483 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:04,485 INFO L225 Difference]: With dead ends: 293 [2024-10-31 22:17:04,485 INFO L226 Difference]: Without dead ends: 153 [2024-10-31 22:17:04,487 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-31 22:17:04,489 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 59 mSDsluCounter, 274 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 63 SdHoareTripleChecker+Valid, 357 SdHoareTripleChecker+Invalid, 128 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:04,493 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [63 Valid, 357 Invalid, 128 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-31 22:17:04,494 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2024-10-31 22:17:04,518 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 151. [2024-10-31 22:17:04,521 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-31 22:17:04,522 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2024-10-31 22:17:04,523 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 56 [2024-10-31 22:17:04,523 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:04,523 INFO L471 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2024-10-31 22:17:04,524 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 22:17:04,524 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2024-10-31 22:17:04,525 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-10-31 22:17:04,525 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:04,525 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:04,525 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-31 22:17:04,525 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:04,526 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:04,527 INFO L85 PathProgramCache]: Analyzing trace with hash -750121543, now seen corresponding path program 1 times [2024-10-31 22:17:04,527 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:04,527 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2131985893] [2024-10-31 22:17:04,527 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:04,528 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:04,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:04,674 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 22:17:04,677 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:04,686 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:17:04,690 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:04,767 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-10-31 22:17:04,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:04,770 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:17:04,770 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:04,771 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2131985893] [2024-10-31 22:17:04,771 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2131985893] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:17:04,771 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:17:04,771 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-31 22:17:04,771 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1160957554] [2024-10-31 22:17:04,771 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:17:04,772 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-31 22:17:04,772 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:04,772 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-31 22:17:04,773 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-10-31 22:17:04,773 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 22:17:04,987 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:04,987 INFO L93 Difference]: Finished difference Result 298 states and 380 transitions. [2024-10-31 22:17:04,988 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 22:17:04,988 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2024-10-31 22:17:04,988 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:04,990 INFO L225 Difference]: With dead ends: 298 [2024-10-31 22:17:04,990 INFO L226 Difference]: Without dead ends: 155 [2024-10-31 22:17:04,991 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2024-10-31 22:17:04,997 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 58 mSDsluCounter, 346 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 428 SdHoareTripleChecker+Invalid, 162 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:04,997 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 428 Invalid, 162 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-31 22:17:04,998 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 155 states. [2024-10-31 22:17:05,024 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 155 to 153. [2024-10-31 22:17:05,029 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 121 states have (on average 1.2479338842975207) internal successors, (151), 129 states have internal predecessors, (151), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-31 22:17:05,030 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 190 transitions. [2024-10-31 22:17:05,030 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 190 transitions. Word has length 56 [2024-10-31 22:17:05,031 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:05,031 INFO L471 AbstractCegarLoop]: Abstraction has 153 states and 190 transitions. [2024-10-31 22:17:05,031 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 22:17:05,031 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 190 transitions. [2024-10-31 22:17:05,032 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-10-31 22:17:05,032 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:05,032 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:05,035 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-31 22:17:05,036 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:05,037 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:05,038 INFO L85 PathProgramCache]: Analyzing trace with hash -609572933, now seen corresponding path program 1 times [2024-10-31 22:17:05,038 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:05,038 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [117827722] [2024-10-31 22:17:05,038 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:05,038 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:05,058 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:05,123 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-31 22:17:05,127 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:05,134 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-10-31 22:17:05,138 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:05,167 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-10-31 22:17:05,168 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:05,170 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:17:05,170 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:05,170 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [117827722] [2024-10-31 22:17:05,175 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [117827722] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:17:05,175 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:17:05,175 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-31 22:17:05,175 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [24253871] [2024-10-31 22:17:05,175 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:17:05,176 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-31 22:17:05,176 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:05,177 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-31 22:17:05,177 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-31 22:17:05,177 INFO L87 Difference]: Start difference. First operand 153 states and 190 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 22:17:05,508 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:05,509 INFO L93 Difference]: Finished difference Result 430 states and 556 transitions. [2024-10-31 22:17:05,509 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-31 22:17:05,510 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2024-10-31 22:17:05,510 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:05,512 INFO L225 Difference]: With dead ends: 430 [2024-10-31 22:17:05,516 INFO L226 Difference]: Without dead ends: 285 [2024-10-31 22:17:05,517 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-31 22:17:05,518 INFO L432 NwaCegarLoop]: 125 mSDtfsCounter, 215 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 127 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 222 SdHoareTripleChecker+Valid, 295 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 127 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:05,519 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [222 Valid, 295 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 127 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-31 22:17:05,522 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2024-10-31 22:17:05,561 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 283. [2024-10-31 22:17:05,562 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 283 states, 219 states have (on average 1.2191780821917808) internal successors, (267), 231 states have internal predecessors, (267), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-10-31 22:17:05,564 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 283 states to 283 states and 354 transitions. [2024-10-31 22:17:05,565 INFO L78 Accepts]: Start accepts. Automaton has 283 states and 354 transitions. Word has length 56 [2024-10-31 22:17:05,565 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:05,565 INFO L471 AbstractCegarLoop]: Abstraction has 283 states and 354 transitions. [2024-10-31 22:17:05,565 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-31 22:17:05,566 INFO L276 IsEmpty]: Start isEmpty. Operand 283 states and 354 transitions. [2024-10-31 22:17:05,567 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-10-31 22:17:05,569 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:05,569 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:05,570 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-31 22:17:05,570 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:05,570 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:05,571 INFO L85 PathProgramCache]: Analyzing trace with hash 1449050389, now seen corresponding path program 1 times [2024-10-31 22:17:05,571 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:05,571 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [890516396] [2024-10-31 22:17:05,571 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:05,571 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:05,590 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:05,802 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 22:17:05,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:05,809 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-10-31 22:17:05,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:05,825 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-10-31 22:17:05,829 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:05,853 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-10-31 22:17:05,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:05,856 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-10-31 22:17:05,857 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:05,857 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [890516396] [2024-10-31 22:17:05,858 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [890516396] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-31 22:17:05,858 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-31 22:17:05,858 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-10-31 22:17:05,858 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1220301046] [2024-10-31 22:17:05,858 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-31 22:17:05,859 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-10-31 22:17:05,859 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:05,859 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-10-31 22:17:05,861 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-10-31 22:17:05,861 INFO L87 Difference]: Start difference. First operand 283 states and 354 transitions. Second operand has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 22:17:06,681 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:06,681 INFO L93 Difference]: Finished difference Result 737 states and 970 transitions. [2024-10-31 22:17:06,682 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-10-31 22:17:06,682 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 60 [2024-10-31 22:17:06,682 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:06,687 INFO L225 Difference]: With dead ends: 737 [2024-10-31 22:17:06,687 INFO L226 Difference]: Without dead ends: 513 [2024-10-31 22:17:06,689 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 130 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=163, Invalid=487, Unknown=0, NotChecked=0, Total=650 [2024-10-31 22:17:06,692 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 621 mSDsluCounter, 438 mSDsCounter, 0 mSdLazyCounter, 420 mSolverCounterSat, 186 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 626 SdHoareTripleChecker+Valid, 540 SdHoareTripleChecker+Invalid, 606 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 186 IncrementalHoareTripleChecker+Valid, 420 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:06,692 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [626 Valid, 540 Invalid, 606 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [186 Valid, 420 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-10-31 22:17:06,695 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 513 states. [2024-10-31 22:17:06,756 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 513 to 440. [2024-10-31 22:17:06,757 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 342 states have (on average 1.2076023391812865) internal successors, (413), 363 states have internal predecessors, (413), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-10-31 22:17:06,760 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 547 transitions. [2024-10-31 22:17:06,761 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 547 transitions. Word has length 60 [2024-10-31 22:17:06,762 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:06,762 INFO L471 AbstractCegarLoop]: Abstraction has 440 states and 547 transitions. [2024-10-31 22:17:06,762 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-31 22:17:06,762 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 547 transitions. [2024-10-31 22:17:06,764 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2024-10-31 22:17:06,764 INFO L207 NwaCegarLoop]: Found error trace [2024-10-31 22:17:06,764 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:06,764 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-31 22:17:06,765 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-31 22:17:06,765 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-31 22:17:06,765 INFO L85 PathProgramCache]: Analyzing trace with hash -1477759876, now seen corresponding path program 1 times [2024-10-31 22:17:06,765 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-31 22:17:06,765 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [495675390] [2024-10-31 22:17:06,765 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:06,766 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-31 22:17:06,789 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:06,985 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-10-31 22:17:06,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:07,003 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-10-31 22:17:07,011 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:07,041 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-31 22:17:07,043 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:07,054 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-10-31 22:17:07,059 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:07,075 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-10-31 22:17:07,077 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:07,105 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2024-10-31 22:17:07,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:07,111 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-31 22:17:07,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:07,113 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2024-10-31 22:17:07,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:07,117 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-10-31 22:17:07,118 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-31 22:17:07,118 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [495675390] [2024-10-31 22:17:07,118 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [495675390] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-31 22:17:07,118 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [240309813] [2024-10-31 22:17:07,119 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-31 22:17:07,119 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-31 22:17:07,119 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/z3 [2024-10-31 22:17:07,121 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-31 22:17:07,123 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-31 22:17:07,262 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-31 22:17:07,265 INFO L255 TraceCheckSpWp]: Trace formula consists of 340 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-10-31 22:17:07,275 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-31 22:17:07,533 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-31 22:17:07,533 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-31 22:17:07,851 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-10-31 22:17:07,852 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [240309813] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-31 22:17:07,852 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-31 22:17:07,852 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-10-31 22:17:07,855 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2572164] [2024-10-31 22:17:07,856 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-31 22:17:07,857 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-10-31 22:17:07,857 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-31 22:17:07,857 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-10-31 22:17:07,858 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-10-31 22:17:07,858 INFO L87 Difference]: Start difference. First operand 440 states and 547 transitions. Second operand has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-10-31 22:17:09,425 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-31 22:17:09,425 INFO L93 Difference]: Finished difference Result 907 states and 1154 transitions. [2024-10-31 22:17:09,426 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2024-10-31 22:17:09,426 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 102 [2024-10-31 22:17:09,427 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-31 22:17:09,428 INFO L225 Difference]: With dead ends: 907 [2024-10-31 22:17:09,428 INFO L226 Difference]: Without dead ends: 0 [2024-10-31 22:17:09,431 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 259 GetRequests, 220 SyntacticMatches, 4 SemanticMatches, 35 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 278 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=254, Invalid=1078, Unknown=0, NotChecked=0, Total=1332 [2024-10-31 22:17:09,432 INFO L432 NwaCegarLoop]: 170 mSDtfsCounter, 272 mSDsluCounter, 1437 mSDsCounter, 0 mSdLazyCounter, 1199 mSolverCounterSat, 67 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 279 SdHoareTripleChecker+Valid, 1607 SdHoareTripleChecker+Invalid, 1266 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 67 IncrementalHoareTripleChecker+Valid, 1199 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2024-10-31 22:17:09,433 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [279 Valid, 1607 Invalid, 1266 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [67 Valid, 1199 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2024-10-31 22:17:09,434 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-31 22:17:09,434 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-31 22:17:09,434 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-31 22:17:09,434 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-31 22:17:09,435 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 102 [2024-10-31 22:17:09,435 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-31 22:17:09,435 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-31 22:17:09,435 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-10-31 22:17:09,435 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-31 22:17:09,435 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-31 22:17:09,438 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-31 22:17:09,461 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-31 22:17:09,639 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-31 22:17:09,641 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-31 22:17:09,643 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-31 22:17:13,603 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-10-31 22:17:13,647 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= |old(~pumpRunning~0)| 0) .cse2 .cse1) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2 .cse1))) [2024-10-31 22:17:13,663 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= |old(~pumpRunning~0)| 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-31 22:17:13,671 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse2 .cse1) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2 .cse1))) [2024-10-31 22:17:13,684 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 31.10 10:17:13 BoogieIcfgContainer [2024-10-31 22:17:13,684 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-31 22:17:13,685 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-31 22:17:13,685 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-31 22:17:13,685 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-31 22:17:13,686 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 31.10 10:17:02" (3/4) ... [2024-10-31 22:17:13,689 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-10-31 22:17:13,693 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-31 22:17:13,693 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-31 22:17:13,693 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-31 22:17:13,693 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-31 22:17:13,694 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-31 22:17:13,694 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-31 22:17:13,694 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-31 22:17:13,701 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-10-31 22:17:13,701 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-10-31 22:17:13,702 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-31 22:17:13,702 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 22:17:13,702 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-31 22:17:13,858 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/witness.graphml [2024-10-31 22:17:13,859 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/witness.yml [2024-10-31 22:17:13,859 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-31 22:17:13,860 INFO L158 Benchmark]: Toolchain (without parser) took 13159.37ms. Allocated memory was 148.9MB in the beginning and 201.3MB in the end (delta: 52.4MB). Free memory was 108.4MB in the beginning and 170.9MB in the end (delta: -62.5MB). Peak memory consumption was 110.2MB. Max. memory is 16.1GB. [2024-10-31 22:17:13,860 INFO L158 Benchmark]: CDTParser took 0.32ms. Allocated memory is still 148.9MB. Free memory is still 121.5MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-31 22:17:13,860 INFO L158 Benchmark]: CACSL2BoogieTranslator took 703.92ms. Allocated memory is still 148.9MB. Free memory was 108.1MB in the beginning and 86.1MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-31 22:17:13,861 INFO L158 Benchmark]: Boogie Procedure Inliner took 60.22ms. Allocated memory is still 148.9MB. Free memory was 86.1MB in the beginning and 83.7MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 22:17:13,861 INFO L158 Benchmark]: Boogie Preprocessor took 71.06ms. Allocated memory is still 148.9MB. Free memory was 83.7MB in the beginning and 81.1MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-31 22:17:13,862 INFO L158 Benchmark]: RCFGBuilder took 569.81ms. Allocated memory was 148.9MB in the beginning and 201.3MB in the end (delta: 52.4MB). Free memory was 81.1MB in the beginning and 167.8MB in the end (delta: -86.7MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-31 22:17:13,862 INFO L158 Benchmark]: TraceAbstraction took 11570.67ms. Allocated memory is still 201.3MB. Free memory was 167.8MB in the beginning and 63.4MB in the end (delta: 104.4MB). Peak memory consumption was 114.9MB. Max. memory is 16.1GB. [2024-10-31 22:17:13,862 INFO L158 Benchmark]: Witness Printer took 173.83ms. Allocated memory is still 201.3MB. Free memory was 63.4MB in the beginning and 170.9MB in the end (delta: -107.5MB). Peak memory consumption was 9.9MB. Max. memory is 16.1GB. [2024-10-31 22:17:13,864 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.32ms. Allocated memory is still 148.9MB. Free memory is still 121.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 703.92ms. Allocated memory is still 148.9MB. Free memory was 108.1MB in the beginning and 86.1MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 60.22ms. Allocated memory is still 148.9MB. Free memory was 86.1MB in the beginning and 83.7MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 71.06ms. Allocated memory is still 148.9MB. Free memory was 83.7MB in the beginning and 81.1MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 569.81ms. Allocated memory was 148.9MB in the beginning and 201.3MB in the end (delta: 52.4MB). Free memory was 81.1MB in the beginning and 167.8MB in the end (delta: -86.7MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 11570.67ms. Allocated memory is still 201.3MB. Free memory was 167.8MB in the beginning and 63.4MB in the end (delta: 104.4MB). Peak memory consumption was 114.9MB. Max. memory is 16.1GB. * Witness Printer took 173.83ms. Allocated memory is still 201.3MB. Free memory was 63.4MB in the beginning and 170.9MB in the end (delta: -107.5MB). Peak memory consumption was 9.9MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] - GenericResultAtLocation [Line: 211]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] - GenericResultAtLocation [Line: 577]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] - GenericResultAtLocation [Line: 680]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] - GenericResultAtLocation [Line: 689]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] - GenericResultAtLocation [Line: 757]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] - GenericResultAtLocation [Line: 985]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 685]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 97 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1585 SdHoareTripleChecker+Valid, 2.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1549 mSDsluCounter, 4401 SdHoareTripleChecker+Invalid, 2.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3335 mSDsCounter, 373 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2200 IncrementalHoareTripleChecker+Invalid, 2573 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 373 mSolverCounterUnsat, 1066 mSDtfsCounter, 2200 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 395 GetRequests, 294 SyntacticMatches, 4 SemanticMatches, 97 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 432 ImplicationChecksByTransitivity, 1.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=440occurred in iteration=9, InterpolantAutomatonStates: 93, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 83 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.3s InterpolantComputationTime, 635 NumberOfCodeBlocks, 635 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 725 ConstructedInterpolants, 0 QuantifiedInterpolants, 1359 SizeOfPredicates, 2 NumberOfNonLiveVariables, 340 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 103/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 700]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 590]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 701]: Loop Invariant Derived loop invariant: (((((((1 <= pumpRunning) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 != systemActive))) || ((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 != systemActive))) - ProcedureContractResult [Line: 790]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && ((((((waterLevel == \old(waterLevel)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 763]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && (((((1 <= \old(pumpRunning)) && (0 != systemActive)) && (\old(waterLevel) == 2)) || (((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 580]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 798]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive)))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 894]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: (((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-10-31 22:17:13,902 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_145fe2e2-7c72-45dc-ac10-46d802c3c4b1/bin/uautomizer-verify-4GaUIPS5ZU/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE