./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a0165632 Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 7bcd24ea8f621c8db79e853f5aaf064ffcae573e6c1e9f03eb1f84bb0c15fc3c --- Real Ultimate output --- This is Ultimate 0.2.5-dev-a016563 [2024-11-08 18:26:44,997 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 18:26:45,116 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 18:26:45,126 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 18:26:45,127 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 18:26:45,175 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 18:26:45,178 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 18:26:45,179 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 18:26:45,180 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 18:26:45,181 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 18:26:45,182 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 18:26:45,183 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 18:26:45,184 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 18:26:45,185 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 18:26:45,188 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 18:26:45,189 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 18:26:45,189 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 18:26:45,190 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 18:26:45,190 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 18:26:45,190 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 18:26:45,191 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 18:26:45,193 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 18:26:45,194 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 18:26:45,194 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 18:26:45,195 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 18:26:45,195 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 18:26:45,196 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 18:26:45,196 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 18:26:45,196 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 18:26:45,197 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 18:26:45,197 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 18:26:45,198 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 18:26:45,198 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 18:26:45,199 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 18:26:45,199 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 18:26:45,199 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 18:26:45,200 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 18:26:45,200 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 18:26:45,201 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 18:26:45,201 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 18:26:45,202 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 18:26:45,203 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 18:26:45,203 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 7bcd24ea8f621c8db79e853f5aaf064ffcae573e6c1e9f03eb1f84bb0c15fc3c [2024-11-08 18:26:45,599 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 18:26:45,639 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 18:26:45,642 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 18:26:45,644 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 18:26:45,644 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 18:26:45,646 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/../../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c Unable to find full path for "g++" [2024-11-08 18:26:47,974 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 18:26:48,305 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 18:26:48,309 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c [2024-11-08 18:26:48,331 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/data/60bd1a2da/3eb1f8787ab84a07916ca39207912b5c/FLAG204b13db3 [2024-11-08 18:26:48,348 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/data/60bd1a2da/3eb1f8787ab84a07916ca39207912b5c [2024-11-08 18:26:48,352 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 18:26:48,354 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 18:26:48,355 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 18:26:48,356 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 18:26:48,364 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 18:26:48,365 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 06:26:48" (1/1) ... [2024-11-08 18:26:48,370 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6ec36f1d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:48, skipping insertion in model container [2024-11-08 18:26:48,370 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 06:26:48" (1/1) ... [2024-11-08 18:26:48,429 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 18:26:48,836 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c[8146,8159] [2024-11-08 18:26:48,974 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 18:26:48,987 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 18:26:48,999 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-08 18:26:49,002 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [160] [2024-11-08 18:26:49,002 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [418] [2024-11-08 18:26:49,002 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [488] [2024-11-08 18:26:49,003 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [526] [2024-11-08 18:26:49,003 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [535] [2024-11-08 18:26:49,003 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [584] [2024-11-08 18:26:49,004 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [950] [2024-11-08 18:26:49,054 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c[8146,8159] [2024-11-08 18:26:49,115 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 18:26:49,146 INFO L204 MainTranslator]: Completed translation [2024-11-08 18:26:49,147 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49 WrapperNode [2024-11-08 18:26:49,147 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 18:26:49,149 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 18:26:49,149 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 18:26:49,149 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 18:26:49,160 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,183 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,243 INFO L138 Inliner]: procedures = 60, calls = 108, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 240 [2024-11-08 18:26:49,243 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 18:26:49,244 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 18:26:49,248 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 18:26:49,248 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 18:26:49,264 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,264 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,272 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,308 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 18:26:49,308 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,309 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,320 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,329 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,333 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,338 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,344 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 18:26:49,346 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 18:26:49,347 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 18:26:49,348 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 18:26:49,349 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (1/1) ... [2024-11-08 18:26:49,358 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 18:26:49,374 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 [2024-11-08 18:26:49,404 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 18:26:49,414 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 18:26:49,455 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 18:26:49,456 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 18:26:49,456 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 18:26:49,456 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 18:26:49,456 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 18:26:49,457 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 18:26:49,457 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 18:26:49,457 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 18:26:49,457 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 18:26:49,458 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 18:26:49,458 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 18:26:49,458 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-08 18:26:49,459 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-08 18:26:49,459 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-08 18:26:49,460 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-08 18:26:49,460 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 18:26:49,460 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 18:26:49,461 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 18:26:49,462 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 18:26:49,462 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 18:26:49,462 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 18:26:49,463 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 18:26:49,636 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 18:26:49,639 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 18:26:50,125 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-08 18:26:50,126 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 18:26:50,156 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 18:26:50,156 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 18:26:50,157 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 06:26:50 BoogieIcfgContainer [2024-11-08 18:26:50,157 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 18:26:50,161 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 18:26:50,161 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 18:26:50,166 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 18:26:50,166 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 06:26:48" (1/3) ... [2024-11-08 18:26:50,167 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1d5e4b5f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 06:26:50, skipping insertion in model container [2024-11-08 18:26:50,167 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 06:26:49" (2/3) ... [2024-11-08 18:26:50,168 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1d5e4b5f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 06:26:50, skipping insertion in model container [2024-11-08 18:26:50,169 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 06:26:50" (3/3) ... [2024-11-08 18:26:50,170 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product56.cil.c [2024-11-08 18:26:50,196 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 18:26:50,196 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 18:26:50,308 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 18:26:50,318 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@255a8583, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 18:26:50,318 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 18:26:50,324 INFO L276 IsEmpty]: Start isEmpty. Operand has 110 states, 82 states have (on average 1.3658536585365855) internal successors, (112), 93 states have internal predecessors, (112), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-08 18:26:50,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 18:26:50,340 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:50,341 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:50,341 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:50,348 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:50,349 INFO L85 PathProgramCache]: Analyzing trace with hash 1643325638, now seen corresponding path program 1 times [2024-11-08 18:26:50,361 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:50,361 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [376239891] [2024-11-08 18:26:50,362 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:50,362 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:50,547 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:50,629 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-08 18:26:50,636 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:50,647 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 18:26:50,653 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:50,661 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 18:26:50,666 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:50,666 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [376239891] [2024-11-08 18:26:50,667 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [376239891] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 18:26:50,667 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 18:26:50,668 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 18:26:50,674 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2023988036] [2024-11-08 18:26:50,675 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 18:26:50,687 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 18:26:50,688 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:50,739 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 18:26:50,740 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 18:26:50,744 INFO L87 Difference]: Start difference. First operand has 110 states, 82 states have (on average 1.3658536585365855) internal successors, (112), 93 states have internal predecessors, (112), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 18:26:50,794 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:26:50,795 INFO L93 Difference]: Finished difference Result 211 states and 286 transitions. [2024-11-08 18:26:50,798 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 18:26:50,800 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-08 18:26:50,800 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:26:50,813 INFO L225 Difference]: With dead ends: 211 [2024-11-08 18:26:50,814 INFO L226 Difference]: Without dead ends: 101 [2024-11-08 18:26:50,819 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 18:26:50,823 INFO L432 NwaCegarLoop]: 140 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 140 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 18:26:50,824 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 18:26:50,846 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2024-11-08 18:26:50,875 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 101. [2024-11-08 18:26:50,877 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 75 states have (on average 1.3066666666666666) internal successors, (98), 85 states have internal predecessors, (98), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-08 18:26:50,880 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 131 transitions. [2024-11-08 18:26:50,882 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 131 transitions. Word has length 32 [2024-11-08 18:26:50,883 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:26:50,883 INFO L471 AbstractCegarLoop]: Abstraction has 101 states and 131 transitions. [2024-11-08 18:26:50,883 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 18:26:50,884 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 131 transitions. [2024-11-08 18:26:50,887 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-08 18:26:50,887 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:50,887 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:50,887 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 18:26:50,888 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:50,889 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:50,889 INFO L85 PathProgramCache]: Analyzing trace with hash 136273585, now seen corresponding path program 1 times [2024-11-08 18:26:50,889 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:50,889 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [100939952] [2024-11-08 18:26:50,890 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:50,890 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:50,951 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:51,093 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 18:26:51,099 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:51,106 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-08 18:26:51,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:51,121 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 18:26:51,122 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:51,122 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [100939952] [2024-11-08 18:26:51,122 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [100939952] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 18:26:51,123 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 18:26:51,123 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 18:26:51,123 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2137920362] [2024-11-08 18:26:51,123 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 18:26:51,125 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 18:26:51,126 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:51,127 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 18:26:51,127 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 18:26:51,128 INFO L87 Difference]: Start difference. First operand 101 states and 131 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 18:26:51,166 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:26:51,167 INFO L93 Difference]: Finished difference Result 162 states and 210 transitions. [2024-11-08 18:26:51,167 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 18:26:51,168 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-08 18:26:51,168 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:26:51,170 INFO L225 Difference]: With dead ends: 162 [2024-11-08 18:26:51,170 INFO L226 Difference]: Without dead ends: 92 [2024-11-08 18:26:51,171 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 18:26:51,173 INFO L432 NwaCegarLoop]: 118 mSDtfsCounter, 17 mSDsluCounter, 96 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 18:26:51,177 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 214 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 18:26:51,179 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 92 states. [2024-11-08 18:26:51,200 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 92 to 92. [2024-11-08 18:26:51,200 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 92 states, 69 states have (on average 1.318840579710145) internal successors, (91), 79 states have internal predecessors, (91), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-08 18:26:51,202 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 92 states to 92 states and 119 transitions. [2024-11-08 18:26:51,203 INFO L78 Accepts]: Start accepts. Automaton has 92 states and 119 transitions. Word has length 33 [2024-11-08 18:26:51,203 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:26:51,204 INFO L471 AbstractCegarLoop]: Abstraction has 92 states and 119 transitions. [2024-11-08 18:26:51,204 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 18:26:51,204 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 119 transitions. [2024-11-08 18:26:51,206 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-08 18:26:51,207 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:51,207 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:51,207 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 18:26:51,208 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:51,209 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:51,210 INFO L85 PathProgramCache]: Analyzing trace with hash -1797839660, now seen corresponding path program 1 times [2024-11-08 18:26:51,210 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:51,211 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [887088405] [2024-11-08 18:26:51,211 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:51,211 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:51,246 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:51,379 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 18:26:51,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:51,387 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-08 18:26:51,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:51,393 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 18:26:51,393 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:51,394 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [887088405] [2024-11-08 18:26:51,394 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [887088405] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 18:26:51,394 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 18:26:51,394 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 18:26:51,395 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [972236254] [2024-11-08 18:26:51,395 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 18:26:51,396 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 18:26:51,396 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:51,397 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 18:26:51,401 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 18:26:51,402 INFO L87 Difference]: Start difference. First operand 92 states and 119 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 18:26:51,465 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:26:51,466 INFO L93 Difference]: Finished difference Result 258 states and 340 transitions. [2024-11-08 18:26:51,467 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 18:26:51,467 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-08 18:26:51,468 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:26:51,471 INFO L225 Difference]: With dead ends: 258 [2024-11-08 18:26:51,471 INFO L226 Difference]: Without dead ends: 174 [2024-11-08 18:26:51,472 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 18:26:51,474 INFO L432 NwaCegarLoop]: 135 mSDtfsCounter, 107 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 107 SdHoareTripleChecker+Valid, 241 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 18:26:51,475 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [107 Valid, 241 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 18:26:51,477 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 174 states. [2024-11-08 18:26:51,507 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 174 to 171. [2024-11-08 18:26:51,508 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 171 states, 126 states have (on average 1.3412698412698412) internal successors, (169), 145 states have internal predecessors, (169), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2024-11-08 18:26:51,515 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 171 states to 171 states and 225 transitions. [2024-11-08 18:26:51,517 INFO L78 Accepts]: Start accepts. Automaton has 171 states and 225 transitions. Word has length 38 [2024-11-08 18:26:51,518 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:26:51,518 INFO L471 AbstractCegarLoop]: Abstraction has 171 states and 225 transitions. [2024-11-08 18:26:51,519 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 18:26:51,519 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 225 transitions. [2024-11-08 18:26:51,526 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-08 18:26:51,526 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:51,526 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:51,526 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 18:26:51,527 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:51,527 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:51,528 INFO L85 PathProgramCache]: Analyzing trace with hash -228289774, now seen corresponding path program 1 times [2024-11-08 18:26:51,528 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:51,530 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1277837348] [2024-11-08 18:26:51,530 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:51,531 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:51,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:51,772 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 18:26:51,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:51,782 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-08 18:26:51,789 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:51,823 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 18:26:51,823 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:51,823 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1277837348] [2024-11-08 18:26:51,824 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1277837348] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 18:26:51,824 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 18:26:51,824 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 18:26:51,824 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1968366698] [2024-11-08 18:26:51,824 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 18:26:51,825 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 18:26:51,827 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:51,828 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 18:26:51,828 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 18:26:51,829 INFO L87 Difference]: Start difference. First operand 171 states and 225 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 18:26:52,143 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:26:52,143 INFO L93 Difference]: Finished difference Result 433 states and 586 transitions. [2024-11-08 18:26:52,143 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 18:26:52,144 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-11-08 18:26:52,144 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:26:52,147 INFO L225 Difference]: With dead ends: 433 [2024-11-08 18:26:52,148 INFO L226 Difference]: Without dead ends: 270 [2024-11-08 18:26:52,150 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 18:26:52,151 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 79 mSDsluCounter, 400 mSDsCounter, 0 mSdLazyCounter, 78 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 521 SdHoareTripleChecker+Invalid, 89 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 78 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 18:26:52,152 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [81 Valid, 521 Invalid, 89 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 78 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 18:26:52,154 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 270 states. [2024-11-08 18:26:52,192 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 270 to 269. [2024-11-08 18:26:52,193 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 269 states, 200 states have (on average 1.29) internal successors, (258), 217 states have internal predecessors, (258), 38 states have call successors, (38), 30 states have call predecessors, (38), 30 states have return successors, (50), 33 states have call predecessors, (50), 38 states have call successors, (50) [2024-11-08 18:26:52,196 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 269 states to 269 states and 346 transitions. [2024-11-08 18:26:52,197 INFO L78 Accepts]: Start accepts. Automaton has 269 states and 346 transitions. Word has length 41 [2024-11-08 18:26:52,197 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:26:52,198 INFO L471 AbstractCegarLoop]: Abstraction has 269 states and 346 transitions. [2024-11-08 18:26:52,198 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 18:26:52,198 INFO L276 IsEmpty]: Start isEmpty. Operand 269 states and 346 transitions. [2024-11-08 18:26:52,200 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-08 18:26:52,200 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:52,200 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:52,201 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 18:26:52,201 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:52,201 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:52,202 INFO L85 PathProgramCache]: Analyzing trace with hash 1198975961, now seen corresponding path program 1 times [2024-11-08 18:26:52,202 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:52,202 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [90742376] [2024-11-08 18:26:52,202 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:52,203 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:52,232 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:52,346 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 18:26:52,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:52,357 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-08 18:26:52,365 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:52,401 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:26:52,413 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:52,468 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-08 18:26:52,474 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:52,479 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 18:26:52,479 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:52,479 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [90742376] [2024-11-08 18:26:52,480 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [90742376] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 18:26:52,480 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 18:26:52,480 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 18:26:52,480 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1151965772] [2024-11-08 18:26:52,480 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 18:26:52,481 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 18:26:52,481 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:52,485 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 18:26:52,485 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 18:26:52,486 INFO L87 Difference]: Start difference. First operand 269 states and 346 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 18:26:52,805 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:26:52,806 INFO L93 Difference]: Finished difference Result 592 states and 771 transitions. [2024-11-08 18:26:52,806 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 18:26:52,807 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 57 [2024-11-08 18:26:52,807 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:26:52,815 INFO L225 Difference]: With dead ends: 592 [2024-11-08 18:26:52,815 INFO L226 Difference]: Without dead ends: 331 [2024-11-08 18:26:52,817 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 18:26:52,822 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 64 mSDsluCounter, 337 mSDsCounter, 0 mSdLazyCounter, 139 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 440 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 139 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 18:26:52,822 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 440 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 139 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 18:26:52,828 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 331 states. [2024-11-08 18:26:52,908 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 331 to 329. [2024-11-08 18:26:52,910 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 329 states, 246 states have (on average 1.2682926829268293) internal successors, (312), 263 states have internal predecessors, (312), 42 states have call successors, (42), 30 states have call predecessors, (42), 40 states have return successors, (64), 45 states have call predecessors, (64), 42 states have call successors, (64) [2024-11-08 18:26:52,917 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 329 states to 329 states and 418 transitions. [2024-11-08 18:26:52,918 INFO L78 Accepts]: Start accepts. Automaton has 329 states and 418 transitions. Word has length 57 [2024-11-08 18:26:52,918 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:26:52,918 INFO L471 AbstractCegarLoop]: Abstraction has 329 states and 418 transitions. [2024-11-08 18:26:52,919 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 18:26:52,919 INFO L276 IsEmpty]: Start isEmpty. Operand 329 states and 418 transitions. [2024-11-08 18:26:52,926 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-08 18:26:52,926 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:52,927 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:52,927 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 18:26:52,927 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:52,928 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:52,928 INFO L85 PathProgramCache]: Analyzing trace with hash 1621677787, now seen corresponding path program 1 times [2024-11-08 18:26:52,928 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:52,928 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1728447072] [2024-11-08 18:26:52,928 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:52,929 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:52,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,121 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 18:26:53,126 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,141 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-08 18:26:53,149 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,208 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:26:53,219 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,274 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-08 18:26:53,279 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,285 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 18:26:53,286 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:53,286 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1728447072] [2024-11-08 18:26:53,286 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1728447072] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 18:26:53,287 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 18:26:53,287 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 18:26:53,287 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1706620610] [2024-11-08 18:26:53,287 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 18:26:53,288 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 18:26:53,288 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:53,291 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 18:26:53,292 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 18:26:53,292 INFO L87 Difference]: Start difference. First operand 329 states and 418 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 18:26:53,760 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:26:53,760 INFO L93 Difference]: Finished difference Result 662 states and 863 transitions. [2024-11-08 18:26:53,761 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-08 18:26:53,761 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 57 [2024-11-08 18:26:53,761 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:26:53,769 INFO L225 Difference]: With dead ends: 662 [2024-11-08 18:26:53,769 INFO L226 Difference]: Without dead ends: 341 [2024-11-08 18:26:53,772 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-11-08 18:26:53,773 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 212 mSDsluCounter, 354 mSDsCounter, 0 mSdLazyCounter, 157 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 219 SdHoareTripleChecker+Valid, 471 SdHoareTripleChecker+Invalid, 207 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 157 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 18:26:53,774 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [219 Valid, 471 Invalid, 207 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 157 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 18:26:53,775 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 341 states. [2024-11-08 18:26:53,809 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 341 to 333. [2024-11-08 18:26:53,810 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 333 states, 250 states have (on average 1.264) internal successors, (316), 267 states have internal predecessors, (316), 42 states have call successors, (42), 30 states have call predecessors, (42), 40 states have return successors, (64), 45 states have call predecessors, (64), 42 states have call successors, (64) [2024-11-08 18:26:53,813 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 333 states to 333 states and 422 transitions. [2024-11-08 18:26:53,814 INFO L78 Accepts]: Start accepts. Automaton has 333 states and 422 transitions. Word has length 57 [2024-11-08 18:26:53,814 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:26:53,815 INFO L471 AbstractCegarLoop]: Abstraction has 333 states and 422 transitions. [2024-11-08 18:26:53,815 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 18:26:53,815 INFO L276 IsEmpty]: Start isEmpty. Operand 333 states and 422 transitions. [2024-11-08 18:26:53,816 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-08 18:26:53,817 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:53,817 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:53,817 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 18:26:53,817 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:53,818 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:53,818 INFO L85 PathProgramCache]: Analyzing trace with hash -183760547, now seen corresponding path program 1 times [2024-11-08 18:26:53,818 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:53,819 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [987984127] [2024-11-08 18:26:53,819 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:53,819 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:53,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,923 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 18:26:53,925 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,933 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-08 18:26:53,938 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,960 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:26:53,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,982 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-08 18:26:53,984 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:53,986 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 18:26:53,987 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:53,987 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [987984127] [2024-11-08 18:26:53,987 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [987984127] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 18:26:53,988 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 18:26:53,988 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 18:26:53,988 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2066315914] [2024-11-08 18:26:53,988 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 18:26:53,989 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 18:26:53,989 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:53,990 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 18:26:53,990 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 18:26:53,990 INFO L87 Difference]: Start difference. First operand 333 states and 422 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 18:26:54,418 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:26:54,418 INFO L93 Difference]: Finished difference Result 953 states and 1252 transitions. [2024-11-08 18:26:54,419 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 18:26:54,419 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 57 [2024-11-08 18:26:54,420 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:26:54,424 INFO L225 Difference]: With dead ends: 953 [2024-11-08 18:26:54,424 INFO L226 Difference]: Without dead ends: 628 [2024-11-08 18:26:54,426 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 12 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 18:26:54,427 INFO L432 NwaCegarLoop]: 150 mSDtfsCounter, 245 mSDsluCounter, 209 mSDsCounter, 0 mSdLazyCounter, 159 mSolverCounterSat, 74 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 252 SdHoareTripleChecker+Valid, 359 SdHoareTripleChecker+Invalid, 233 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 74 IncrementalHoareTripleChecker+Valid, 159 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 18:26:54,428 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [252 Valid, 359 Invalid, 233 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [74 Valid, 159 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 18:26:54,429 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 628 states. [2024-11-08 18:26:54,497 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 628 to 621. [2024-11-08 18:26:54,498 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 621 states, 464 states have (on average 1.2262931034482758) internal successors, (569), 490 states have internal predecessors, (569), 83 states have call successors, (83), 67 states have call predecessors, (83), 73 states have return successors, (135), 84 states have call predecessors, (135), 83 states have call successors, (135) [2024-11-08 18:26:54,508 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 621 states to 621 states and 787 transitions. [2024-11-08 18:26:54,509 INFO L78 Accepts]: Start accepts. Automaton has 621 states and 787 transitions. Word has length 57 [2024-11-08 18:26:54,509 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:26:54,510 INFO L471 AbstractCegarLoop]: Abstraction has 621 states and 787 transitions. [2024-11-08 18:26:54,510 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 18:26:54,511 INFO L276 IsEmpty]: Start isEmpty. Operand 621 states and 787 transitions. [2024-11-08 18:26:54,512 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2024-11-08 18:26:54,512 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:54,513 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:54,513 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 18:26:54,513 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:54,514 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:54,514 INFO L85 PathProgramCache]: Analyzing trace with hash 727949955, now seen corresponding path program 1 times [2024-11-08 18:26:54,514 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:54,515 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2131522469] [2024-11-08 18:26:54,518 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:54,519 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:54,544 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:54,758 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 18:26:54,761 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:54,852 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 18:26:54,855 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:54,873 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-08 18:26:54,878 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:54,885 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:26:54,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:54,893 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2024-11-08 18:26:54,895 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:54,897 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 18:26:54,901 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:54,901 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2131522469] [2024-11-08 18:26:54,902 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2131522469] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 18:26:54,902 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 18:26:54,902 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-08 18:26:54,902 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1414860320] [2024-11-08 18:26:54,903 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 18:26:54,903 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-08 18:26:54,903 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:54,904 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-08 18:26:54,906 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-08 18:26:54,907 INFO L87 Difference]: Start difference. First operand 621 states and 787 transitions. Second operand has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-08 18:26:56,106 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:26:56,107 INFO L93 Difference]: Finished difference Result 1878 states and 2485 transitions. [2024-11-08 18:26:56,107 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-08 18:26:56,108 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 61 [2024-11-08 18:26:56,108 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:26:56,120 INFO L225 Difference]: With dead ends: 1878 [2024-11-08 18:26:56,120 INFO L226 Difference]: Without dead ends: 1379 [2024-11-08 18:26:56,124 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 67 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=101, Invalid=319, Unknown=0, NotChecked=0, Total=420 [2024-11-08 18:26:56,125 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 519 mSDsluCounter, 472 mSDsCounter, 0 mSdLazyCounter, 561 mSolverCounterSat, 171 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 526 SdHoareTripleChecker+Valid, 583 SdHoareTripleChecker+Invalid, 732 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 171 IncrementalHoareTripleChecker+Valid, 561 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-08 18:26:56,127 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [526 Valid, 583 Invalid, 732 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [171 Valid, 561 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-08 18:26:56,131 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1379 states. [2024-11-08 18:26:56,283 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1379 to 1202. [2024-11-08 18:26:56,286 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1202 states, 899 states have (on average 1.224694104560623) internal successors, (1101), 956 states have internal predecessors, (1101), 160 states have call successors, (160), 118 states have call predecessors, (160), 142 states have return successors, (260), 162 states have call predecessors, (260), 160 states have call successors, (260) [2024-11-08 18:26:56,294 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1202 states to 1202 states and 1521 transitions. [2024-11-08 18:26:56,296 INFO L78 Accepts]: Start accepts. Automaton has 1202 states and 1521 transitions. Word has length 61 [2024-11-08 18:26:56,297 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:26:56,297 INFO L471 AbstractCegarLoop]: Abstraction has 1202 states and 1521 transitions. [2024-11-08 18:26:56,297 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-08 18:26:56,297 INFO L276 IsEmpty]: Start isEmpty. Operand 1202 states and 1521 transitions. [2024-11-08 18:26:56,301 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2024-11-08 18:26:56,301 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:56,301 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:56,302 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 18:26:56,302 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:56,302 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:56,303 INFO L85 PathProgramCache]: Analyzing trace with hash -1112750703, now seen corresponding path program 1 times [2024-11-08 18:26:56,303 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:56,303 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1174018355] [2024-11-08 18:26:56,303 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:56,304 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:56,326 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:56,394 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 18:26:56,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:56,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 18:26:56,427 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:56,457 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 18:26:56,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:56,468 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 18:26:56,473 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:56,479 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:26:56,481 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:56,485 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2024-11-08 18:26:56,487 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:56,489 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 83 [2024-11-08 18:26:56,496 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:56,498 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 18:26:56,498 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:56,498 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1174018355] [2024-11-08 18:26:56,498 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1174018355] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 18:26:56,499 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 18:26:56,499 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 18:26:56,499 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [480562439] [2024-11-08 18:26:56,499 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 18:26:56,500 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 18:26:56,500 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:56,501 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 18:26:56,501 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-11-08 18:26:56,502 INFO L87 Difference]: Start difference. First operand 1202 states and 1521 transitions. Second operand has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-08 18:26:57,209 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:26:57,209 INFO L93 Difference]: Finished difference Result 2026 states and 2553 transitions. [2024-11-08 18:26:57,210 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-08 18:26:57,210 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 91 [2024-11-08 18:26:57,211 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:26:57,218 INFO L225 Difference]: With dead ends: 2026 [2024-11-08 18:26:57,219 INFO L226 Difference]: Without dead ends: 832 [2024-11-08 18:26:57,224 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 19 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-11-08 18:26:57,227 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 351 mSDsluCounter, 228 mSDsCounter, 0 mSdLazyCounter, 260 mSolverCounterSat, 119 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 360 SdHoareTripleChecker+Valid, 342 SdHoareTripleChecker+Invalid, 379 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 119 IncrementalHoareTripleChecker+Valid, 260 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-08 18:26:57,231 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [360 Valid, 342 Invalid, 379 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [119 Valid, 260 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-08 18:26:57,232 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 832 states. [2024-11-08 18:26:57,341 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 832 to 796. [2024-11-08 18:26:57,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 796 states, 600 states have (on average 1.2133333333333334) internal successors, (728), 639 states have internal predecessors, (728), 104 states have call successors, (104), 79 states have call predecessors, (104), 91 states have return successors, (155), 105 states have call predecessors, (155), 104 states have call successors, (155) [2024-11-08 18:26:57,349 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 796 states to 796 states and 987 transitions. [2024-11-08 18:26:57,351 INFO L78 Accepts]: Start accepts. Automaton has 796 states and 987 transitions. Word has length 91 [2024-11-08 18:26:57,351 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:26:57,351 INFO L471 AbstractCegarLoop]: Abstraction has 796 states and 987 transitions. [2024-11-08 18:26:57,352 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-08 18:26:57,352 INFO L276 IsEmpty]: Start isEmpty. Operand 796 states and 987 transitions. [2024-11-08 18:26:57,356 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2024-11-08 18:26:57,357 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:26:57,360 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:26:57,360 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-08 18:26:57,360 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:26:57,361 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:26:57,361 INFO L85 PathProgramCache]: Analyzing trace with hash -1763043138, now seen corresponding path program 1 times [2024-11-08 18:26:57,361 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:26:57,361 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [833096985] [2024-11-08 18:26:57,362 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:57,362 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:26:57,402 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,585 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 18:26:57,586 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,607 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-08 18:26:57,615 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,682 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 18:26:57,683 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,699 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 18:26:57,704 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,716 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:26:57,723 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,736 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-11-08 18:26:57,739 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,763 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2024-11-08 18:26:57,770 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,778 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-08 18:26:57,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,783 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:26:57,784 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,786 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 103 [2024-11-08 18:26:57,789 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,794 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 16 proven. 13 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 18:26:57,794 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:26:57,794 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [833096985] [2024-11-08 18:26:57,795 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [833096985] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 18:26:57,795 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1135240219] [2024-11-08 18:26:57,795 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:26:57,796 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 18:26:57,796 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 [2024-11-08 18:26:57,798 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 18:26:57,802 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 18:26:57,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:26:57,969 INFO L255 TraceCheckSpWp]: Trace formula consists of 358 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-08 18:26:57,984 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 18:26:58,271 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 27 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 18:26:58,271 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 18:26:58,629 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 10 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 18:26:58,629 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1135240219] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 18:26:58,630 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 18:26:58,630 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-08 18:26:58,630 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [836411998] [2024-11-08 18:26:58,630 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 18:26:58,631 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-08 18:26:58,632 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:26:58,632 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-08 18:26:58,633 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-11-08 18:26:58,633 INFO L87 Difference]: Start difference. First operand 796 states and 987 transitions. Second operand has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) [2024-11-08 18:27:01,076 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:27:01,076 INFO L93 Difference]: Finished difference Result 1820 states and 2321 transitions. [2024-11-08 18:27:01,077 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 49 states. [2024-11-08 18:27:01,077 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) Word has length 111 [2024-11-08 18:27:01,078 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:27:01,086 INFO L225 Difference]: With dead ends: 1820 [2024-11-08 18:27:01,086 INFO L226 Difference]: Without dead ends: 1121 [2024-11-08 18:27:01,091 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 308 GetRequests, 250 SyntacticMatches, 4 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 919 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=621, Invalid=2459, Unknown=0, NotChecked=0, Total=3080 [2024-11-08 18:27:01,092 INFO L432 NwaCegarLoop]: 186 mSDtfsCounter, 513 mSDsluCounter, 1292 mSDsCounter, 0 mSdLazyCounter, 1312 mSolverCounterSat, 184 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 521 SdHoareTripleChecker+Valid, 1478 SdHoareTripleChecker+Invalid, 1496 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 184 IncrementalHoareTripleChecker+Valid, 1312 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2024-11-08 18:27:01,093 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [521 Valid, 1478 Invalid, 1496 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [184 Valid, 1312 Invalid, 0 Unknown, 0 Unchecked, 1.4s Time] [2024-11-08 18:27:01,095 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1121 states. [2024-11-08 18:27:01,205 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1121 to 893. [2024-11-08 18:27:01,208 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 893 states, 665 states have (on average 1.1894736842105262) internal successors, (791), 716 states have internal predecessors, (791), 121 states have call successors, (121), 100 states have call predecessors, (121), 106 states have return successors, (154), 111 states have call predecessors, (154), 121 states have call successors, (154) [2024-11-08 18:27:01,213 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 893 states to 893 states and 1066 transitions. [2024-11-08 18:27:01,216 INFO L78 Accepts]: Start accepts. Automaton has 893 states and 1066 transitions. Word has length 111 [2024-11-08 18:27:01,217 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:27:01,217 INFO L471 AbstractCegarLoop]: Abstraction has 893 states and 1066 transitions. [2024-11-08 18:27:01,218 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) [2024-11-08 18:27:01,218 INFO L276 IsEmpty]: Start isEmpty. Operand 893 states and 1066 transitions. [2024-11-08 18:27:01,225 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 192 [2024-11-08 18:27:01,225 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 18:27:01,226 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:27:01,252 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 18:27:01,430 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 18:27:01,431 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 18:27:01,431 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 18:27:01,431 INFO L85 PathProgramCache]: Analyzing trace with hash -930738641, now seen corresponding path program 1 times [2024-11-08 18:27:01,431 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 18:27:01,432 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1199157979] [2024-11-08 18:27:01,432 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:27:01,432 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 18:27:01,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:01,892 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 18:27:01,893 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:01,906 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-08 18:27:01,914 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:01,953 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 18:27:01,955 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:01,965 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 18:27:01,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:01,971 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:27:01,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:01,977 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 65 [2024-11-08 18:27:01,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,071 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 18:27:02,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,075 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-08 18:27:02,081 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,087 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-08 18:27:02,089 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,091 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:27:02,093 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,095 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 115 [2024-11-08 18:27:02,102 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,156 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 18:27:02,158 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,160 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-08 18:27:02,163 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,166 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 153 [2024-11-08 18:27:02,168 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,170 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 162 [2024-11-08 18:27:02,174 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,196 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 18:27:02,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,207 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 183 [2024-11-08 18:27:02,209 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,211 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 89 proven. 45 refuted. 0 times theorem prover too weak. 69 trivial. 0 not checked. [2024-11-08 18:27:02,211 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 18:27:02,212 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1199157979] [2024-11-08 18:27:02,212 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1199157979] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 18:27:02,212 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1868210500] [2024-11-08 18:27:02,212 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 18:27:02,213 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 18:27:02,213 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 [2024-11-08 18:27:02,215 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 18:27:02,219 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-08 18:27:02,386 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 18:27:02,392 INFO L255 TraceCheckSpWp]: Trace formula consists of 557 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-08 18:27:02,403 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 18:27:02,713 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 147 proven. 4 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2024-11-08 18:27:02,714 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 18:27:03,385 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 81 proven. 39 refuted. 0 times theorem prover too weak. 83 trivial. 0 not checked. [2024-11-08 18:27:03,385 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1868210500] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 18:27:03,385 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 18:27:03,386 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 11] total 24 [2024-11-08 18:27:03,386 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [163902874] [2024-11-08 18:27:03,386 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 18:27:03,387 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2024-11-08 18:27:03,387 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 18:27:03,388 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2024-11-08 18:27:03,389 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=117, Invalid=435, Unknown=0, NotChecked=0, Total=552 [2024-11-08 18:27:03,389 INFO L87 Difference]: Start difference. First operand 893 states and 1066 transitions. Second operand has 24 states, 24 states have (on average 10.0) internal successors, (240), 21 states have internal predecessors, (240), 10 states have call successors, (38), 9 states have call predecessors, (38), 11 states have return successors, (37), 11 states have call predecessors, (37), 10 states have call successors, (37) [2024-11-08 18:27:05,359 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 18:27:05,359 INFO L93 Difference]: Finished difference Result 1943 states and 2393 transitions. [2024-11-08 18:27:05,360 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2024-11-08 18:27:05,360 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 24 states have (on average 10.0) internal successors, (240), 21 states have internal predecessors, (240), 10 states have call successors, (38), 9 states have call predecessors, (38), 11 states have return successors, (37), 11 states have call predecessors, (37), 10 states have call successors, (37) Word has length 191 [2024-11-08 18:27:05,361 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 18:27:05,364 INFO L225 Difference]: With dead ends: 1943 [2024-11-08 18:27:05,364 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 18:27:05,370 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 462 GetRequests, 411 SyntacticMatches, 3 SemanticMatches, 48 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 515 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=514, Invalid=1936, Unknown=0, NotChecked=0, Total=2450 [2024-11-08 18:27:05,372 INFO L432 NwaCegarLoop]: 107 mSDtfsCounter, 726 mSDsluCounter, 682 mSDsCounter, 0 mSdLazyCounter, 1216 mSolverCounterSat, 298 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 732 SdHoareTripleChecker+Valid, 789 SdHoareTripleChecker+Invalid, 1514 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 298 IncrementalHoareTripleChecker+Valid, 1216 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2024-11-08 18:27:05,372 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [732 Valid, 789 Invalid, 1514 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [298 Valid, 1216 Invalid, 0 Unknown, 0 Unchecked, 1.2s Time] [2024-11-08 18:27:05,373 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 18:27:05,373 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 18:27:05,373 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 18:27:05,374 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 18:27:05,375 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 191 [2024-11-08 18:27:05,376 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 18:27:05,376 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 18:27:05,376 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 24 states have (on average 10.0) internal successors, (240), 21 states have internal predecessors, (240), 10 states have call successors, (38), 9 states have call predecessors, (38), 11 states have return successors, (37), 11 states have call predecessors, (37), 10 states have call successors, (37) [2024-11-08 18:27:05,376 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 18:27:05,377 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 18:27:05,380 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 18:27:05,406 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2024-11-08 18:27:05,584 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 18:27:05,588 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 18:27:05,591 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 18:27:16,932 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 18:27:16,958 WARN L162 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 |old(~pumpRunning~0)|))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (<= ~waterLevel~0 1) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 1) .cse1 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-08 18:27:17,016 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (= 0 ~systemActive~0)) (.cse0 (= |old(~pumpRunning~0)| 0)) (.cse4 (<= |old(~waterLevel~0)| 1)) (.cse3 (= 1 ~systemActive~0)) (.cse5 (<= 1 |old(~pumpRunning~0)|)) (.cse2 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2) (and .cse3 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse4 .cse5) (and .cse0 .cse1 .cse4) (and .cse3 .cse0 .cse2) (and .cse3 .cse0 .cse4) (and .cse3 .cse5 .cse2)))) Eliminated clause: (let ((.cse5 (= 0 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and .cse3 .cse1 .cse5) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-08 18:27:17,063 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-08 18:27:17,102 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse1 (= 0 ~systemActive~0)) (.cse2 (= |old(~waterLevel~0)| 2)) (.cse0 (= ~pumpRunning~0 0)) (.cse5 (<= 1 ~pumpRunning~0)) (.cse3 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 1))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse3 .cse2) (and .cse0 .cse1 .cse4) (and .cse5 .cse3 .cse2) (and .cse0 .cse3 .cse4) (and .cse5 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse5 (= 0 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and .cse3 .cse1 .cse5) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-08 18:27:17,127 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-08 18:27:17,160 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 06:27:17 BoogieIcfgContainer [2024-11-08 18:27:17,163 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 18:27:17,164 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 18:27:17,164 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 18:27:17,164 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 18:27:17,165 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 06:26:50" (3/4) ... [2024-11-08 18:27:17,172 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 18:27:17,178 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 18:27:17,179 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 18:27:17,179 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 18:27:17,179 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 18:27:17,179 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 18:27:17,180 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 18:27:17,180 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 18:27:17,180 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-08 18:27:17,180 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-08 18:27:17,192 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-08 18:27:17,193 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 18:27:17,194 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 18:27:17,194 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 18:27:17,195 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 18:27:17,386 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/witness.graphml [2024-11-08 18:27:17,387 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/witness.yml [2024-11-08 18:27:17,387 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 18:27:17,388 INFO L158 Benchmark]: Toolchain (without parser) took 29034.20ms. Allocated memory was 167.8MB in the beginning and 302.0MB in the end (delta: 134.2MB). Free memory was 124.8MB in the beginning and 243.0MB in the end (delta: -118.2MB). Peak memory consumption was 18.8MB. Max. memory is 16.1GB. [2024-11-08 18:27:17,388 INFO L158 Benchmark]: CDTParser took 0.39ms. Allocated memory is still 113.2MB. Free memory is still 65.8MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 18:27:17,389 INFO L158 Benchmark]: CACSL2BoogieTranslator took 792.44ms. Allocated memory is still 167.8MB. Free memory was 124.8MB in the beginning and 102.6MB in the end (delta: 22.2MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-08 18:27:17,390 INFO L158 Benchmark]: Boogie Procedure Inliner took 94.92ms. Allocated memory is still 167.8MB. Free memory was 102.6MB in the beginning and 100.0MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 18:27:17,390 INFO L158 Benchmark]: Boogie Preprocessor took 100.93ms. Allocated memory is still 167.8MB. Free memory was 100.0MB in the beginning and 97.6MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 18:27:17,391 INFO L158 Benchmark]: RCFGBuilder took 811.06ms. Allocated memory is still 167.8MB. Free memory was 97.6MB in the beginning and 122.1MB in the end (delta: -24.5MB). Peak memory consumption was 9.8MB. Max. memory is 16.1GB. [2024-11-08 18:27:17,392 INFO L158 Benchmark]: TraceAbstraction took 27002.11ms. Allocated memory was 167.8MB in the beginning and 302.0MB in the end (delta: 134.2MB). Free memory was 121.2MB in the beginning and 252.5MB in the end (delta: -131.3MB). Peak memory consumption was 170.5MB. Max. memory is 16.1GB. [2024-11-08 18:27:17,392 INFO L158 Benchmark]: Witness Printer took 223.07ms. Allocated memory is still 302.0MB. Free memory was 252.5MB in the beginning and 243.0MB in the end (delta: 9.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2024-11-08 18:27:17,395 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.39ms. Allocated memory is still 113.2MB. Free memory is still 65.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 792.44ms. Allocated memory is still 167.8MB. Free memory was 124.8MB in the beginning and 102.6MB in the end (delta: 22.2MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 94.92ms. Allocated memory is still 167.8MB. Free memory was 102.6MB in the beginning and 100.0MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 100.93ms. Allocated memory is still 167.8MB. Free memory was 100.0MB in the beginning and 97.6MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 811.06ms. Allocated memory is still 167.8MB. Free memory was 97.6MB in the beginning and 122.1MB in the end (delta: -24.5MB). Peak memory consumption was 9.8MB. Max. memory is 16.1GB. * TraceAbstraction took 27002.11ms. Allocated memory was 167.8MB in the beginning and 302.0MB in the end (delta: 134.2MB). Free memory was 121.2MB in the beginning and 252.5MB in the end (delta: -131.3MB). Peak memory consumption was 170.5MB. Max. memory is 16.1GB. * Witness Printer took 223.07ms. Allocated memory is still 302.0MB. Free memory was 252.5MB in the beginning and 243.0MB in the end (delta: 9.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [160] - GenericResultAtLocation [Line: 418]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [418] - GenericResultAtLocation [Line: 488]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [488] - GenericResultAtLocation [Line: 526]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [526] - GenericResultAtLocation [Line: 535]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [535] - GenericResultAtLocation [Line: 584]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [584] - GenericResultAtLocation [Line: 950]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [950] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 531]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 110 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 15.3s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 8.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2887 SdHoareTripleChecker+Valid, 5.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2833 mSDsluCounter, 5578 SdHoareTripleChecker+Invalid, 4.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4176 mSDsCounter, 925 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3887 IncrementalHoareTripleChecker+Invalid, 4812 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 925 mSolverCounterUnsat, 1402 mSDtfsCounter, 3887 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 924 GetRequests, 753 SyntacticMatches, 8 SemanticMatches, 163 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1540 ImplicationChecksByTransitivity, 2.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1202occurred in iteration=8, InterpolantAutomatonStates: 146, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.8s AutomataMinimizationTime, 11 MinimizatonAttempts, 462 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 4.7s InterpolantComputationTime, 1071 NumberOfCodeBlocks, 1071 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1358 ConstructedInterpolants, 0 QuantifiedInterpolants, 2757 SizeOfPredicates, 2 NumberOfNonLiveVariables, 915 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 653/775 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 429]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 430]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 == systemActive)) || (((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (splverifierCounter == 0)) && (0 == systemActive))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 962]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 293]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((pumpRunning == 0) && ((((1 == systemActive) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) || ((2 == waterLevel) && (1 <= \old(pumpRunning))))) && (((2 == waterLevel) && (1 == systemActive)) || (waterLevel < 2))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 200]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && ((((((waterLevel == \old(waterLevel)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 952]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 173]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((((\old(pumpRunning) == 0) && (\old(waterLevel) <= 1)) || ((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) == 2))) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 1)) && (1 <= \old(pumpRunning)))) && (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (\old(pumpRunning) != 0)) || (\old(waterLevel) != 2)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (((((pumpRunning == \old(pumpRunning)) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS)))) && ((((\old(waterLevel) != 1) || ((((pumpRunning == \old(pumpRunning)) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1))) && (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && ((((1 < \old(waterLevel)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (0 == systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 208]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 1))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS))) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((long long) \old(waterLevel) + 1) == waterLevel) || (2 == waterLevel))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 234]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 312]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((waterLevel <= 2) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (pumpRunning == \result)) && ((\result == 0) || (0 != systemActive))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 18:27:17,453 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce1efe9f-45f5-4657-8f03-9ab8230dbff6/bin/uautomizer-verify-jihMAELWvX/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE