./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a0165632 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash bed571a327ae9eee0b2e62daa6070780d20555ec322abcda9e725c1fa87edc9c --- Real Ultimate output --- This is Ultimate 0.2.5-dev-a016563 [2024-11-08 16:57:29,300 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 16:57:29,384 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 16:57:29,390 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 16:57:29,393 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 16:57:29,429 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 16:57:29,429 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 16:57:29,430 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 16:57:29,430 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 16:57:29,431 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 16:57:29,431 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 16:57:29,432 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 16:57:29,432 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 16:57:29,433 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 16:57:29,433 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 16:57:29,434 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 16:57:29,434 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 16:57:29,434 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 16:57:29,435 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 16:57:29,435 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 16:57:29,436 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 16:57:29,436 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 16:57:29,437 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 16:57:29,437 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 16:57:29,437 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 16:57:29,438 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 16:57:29,438 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 16:57:29,438 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 16:57:29,439 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 16:57:29,439 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 16:57:29,440 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 16:57:29,440 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 16:57:29,440 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 16:57:29,441 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 16:57:29,441 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 16:57:29,441 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 16:57:29,442 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 16:57:29,442 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 16:57:29,442 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 16:57:29,442 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 16:57:29,443 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 16:57:29,443 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 16:57:29,444 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> bed571a327ae9eee0b2e62daa6070780d20555ec322abcda9e725c1fa87edc9c [2024-11-08 16:57:29,704 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 16:57:29,761 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 16:57:29,763 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 16:57:29,765 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 16:57:29,765 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 16:57:29,766 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/../../sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c Unable to find full path for "g++" [2024-11-08 16:57:31,775 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 16:57:32,017 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 16:57:32,018 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c [2024-11-08 16:57:32,042 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/data/d2f899372/5a6b7752f42b4752b3015f015fa775af/FLAGbfc4664d4 [2024-11-08 16:57:32,059 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/data/d2f899372/5a6b7752f42b4752b3015f015fa775af [2024-11-08 16:57:32,062 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 16:57:32,064 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 16:57:32,065 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 16:57:32,066 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 16:57:32,072 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 16:57:32,073 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,074 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@10d2efb1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32, skipping insertion in model container [2024-11-08 16:57:32,074 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,131 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 16:57:32,494 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c[17002,17015] [2024-11-08 16:57:32,521 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 16:57:32,541 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 16:57:32,552 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-08 16:57:32,553 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [160] [2024-11-08 16:57:32,554 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [230] [2024-11-08 16:57:32,554 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [469] [2024-11-08 16:57:32,555 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [835] [2024-11-08 16:57:32,555 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [844] [2024-11-08 16:57:32,555 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [893] [2024-11-08 16:57:32,556 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [993] [2024-11-08 16:57:32,658 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c[17002,17015] [2024-11-08 16:57:32,671 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 16:57:32,703 INFO L204 MainTranslator]: Completed translation [2024-11-08 16:57:32,703 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32 WrapperNode [2024-11-08 16:57:32,703 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 16:57:32,704 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 16:57:32,705 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 16:57:32,705 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 16:57:32,712 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,735 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,777 INFO L138 Inliner]: procedures = 59, calls = 105, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 234 [2024-11-08 16:57:32,777 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 16:57:32,781 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 16:57:32,781 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 16:57:32,781 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 16:57:32,795 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,795 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,798 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,813 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 16:57:32,813 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,813 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,819 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,823 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,824 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,826 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,830 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 16:57:32,835 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 16:57:32,836 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 16:57:32,836 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 16:57:32,837 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (1/1) ... [2024-11-08 16:57:32,845 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 16:57:32,863 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/z3 [2024-11-08 16:57:32,880 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 16:57:32,884 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 16:57:32,916 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 16:57:32,916 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 16:57:32,916 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 16:57:32,916 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 16:57:32,916 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 16:57:32,917 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 16:57:32,917 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 16:57:32,917 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 16:57:32,918 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 16:57:32,918 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 16:57:32,918 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 16:57:32,918 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-08 16:57:32,919 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-08 16:57:32,919 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 16:57:32,919 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 16:57:32,919 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 16:57:32,919 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 16:57:32,919 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 16:57:32,921 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 16:57:32,921 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 16:57:33,036 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 16:57:33,039 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 16:57:33,360 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-08 16:57:33,361 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 16:57:33,380 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 16:57:33,381 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 16:57:33,381 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 04:57:33 BoogieIcfgContainer [2024-11-08 16:57:33,381 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 16:57:33,383 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 16:57:33,384 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 16:57:33,386 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 16:57:33,386 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 04:57:32" (1/3) ... [2024-11-08 16:57:33,387 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3786840 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 04:57:33, skipping insertion in model container [2024-11-08 16:57:33,387 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 04:57:32" (2/3) ... [2024-11-08 16:57:33,388 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3786840 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 04:57:33, skipping insertion in model container [2024-11-08 16:57:33,388 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 04:57:33" (3/3) ... [2024-11-08 16:57:33,389 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product59.cil.c [2024-11-08 16:57:33,408 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 16:57:33,408 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 16:57:33,487 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 16:57:33,494 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@25e39e5a, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 16:57:33,494 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 16:57:33,499 INFO L276 IsEmpty]: Start isEmpty. Operand has 103 states, 79 states have (on average 1.3670886075949367) internal successors, (108), 88 states have internal predecessors, (108), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-08 16:57:33,510 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 16:57:33,511 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:33,511 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:33,512 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:33,520 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:33,520 INFO L85 PathProgramCache]: Analyzing trace with hash -1862652535, now seen corresponding path program 1 times [2024-11-08 16:57:33,527 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:33,528 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [572744014] [2024-11-08 16:57:33,528 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:33,528 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:33,653 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:33,736 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-08 16:57:33,739 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:33,744 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 16:57:33,747 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:33,750 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 16:57:33,751 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:33,751 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [572744014] [2024-11-08 16:57:33,752 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [572744014] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 16:57:33,752 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 16:57:33,753 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 16:57:33,754 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1758706723] [2024-11-08 16:57:33,755 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 16:57:33,760 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 16:57:33,761 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:33,786 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 16:57:33,787 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 16:57:33,789 INFO L87 Difference]: Start difference. First operand has 103 states, 79 states have (on average 1.3670886075949367) internal successors, (108), 88 states have internal predecessors, (108), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 16:57:33,827 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:33,827 INFO L93 Difference]: Finished difference Result 197 states and 266 transitions. [2024-11-08 16:57:33,828 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 16:57:33,830 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-08 16:57:33,830 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:33,840 INFO L225 Difference]: With dead ends: 197 [2024-11-08 16:57:33,840 INFO L226 Difference]: Without dead ends: 94 [2024-11-08 16:57:33,848 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 16:57:33,851 INFO L432 NwaCegarLoop]: 130 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:33,856 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 130 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 16:57:33,874 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 94 states. [2024-11-08 16:57:33,899 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 94 to 94. [2024-11-08 16:57:33,901 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 94 states, 72 states have (on average 1.3055555555555556) internal successors, (94), 80 states have internal predecessors, (94), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-08 16:57:33,904 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 94 states to 94 states and 121 transitions. [2024-11-08 16:57:33,906 INFO L78 Accepts]: Start accepts. Automaton has 94 states and 121 transitions. Word has length 32 [2024-11-08 16:57:33,906 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:33,906 INFO L471 AbstractCegarLoop]: Abstraction has 94 states and 121 transitions. [2024-11-08 16:57:33,906 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 16:57:33,907 INFO L276 IsEmpty]: Start isEmpty. Operand 94 states and 121 transitions. [2024-11-08 16:57:33,909 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-08 16:57:33,909 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:33,909 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:33,910 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 16:57:33,910 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:33,911 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:33,911 INFO L85 PathProgramCache]: Analyzing trace with hash -1475573893, now seen corresponding path program 1 times [2024-11-08 16:57:33,911 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:33,911 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1291080412] [2024-11-08 16:57:33,912 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:33,912 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:33,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:34,064 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 16:57:34,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:34,071 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-08 16:57:34,077 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:34,083 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 16:57:34,083 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:34,084 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1291080412] [2024-11-08 16:57:34,084 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1291080412] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 16:57:34,084 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 16:57:34,084 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 16:57:34,084 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [309064160] [2024-11-08 16:57:34,085 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 16:57:34,086 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 16:57:34,086 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:34,090 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 16:57:34,091 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 16:57:34,091 INFO L87 Difference]: Start difference. First operand 94 states and 121 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 16:57:34,122 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:34,122 INFO L93 Difference]: Finished difference Result 149 states and 191 transitions. [2024-11-08 16:57:34,123 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 16:57:34,123 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-08 16:57:34,124 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:34,125 INFO L225 Difference]: With dead ends: 149 [2024-11-08 16:57:34,125 INFO L226 Difference]: Without dead ends: 85 [2024-11-08 16:57:34,126 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 16:57:34,127 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 16 mSDsluCounter, 87 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 195 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:34,128 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 195 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 16:57:34,129 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-08 16:57:34,139 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-08 16:57:34,139 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 66 states have (on average 1.3181818181818181) internal successors, (87), 74 states have internal predecessors, (87), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-08 16:57:34,141 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 109 transitions. [2024-11-08 16:57:34,142 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 109 transitions. Word has length 33 [2024-11-08 16:57:34,142 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:34,142 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 109 transitions. [2024-11-08 16:57:34,143 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 16:57:34,143 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 109 transitions. [2024-11-08 16:57:34,144 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-11-08 16:57:34,144 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:34,145 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:34,145 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 16:57:34,145 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:34,146 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:34,146 INFO L85 PathProgramCache]: Analyzing trace with hash 2138281171, now seen corresponding path program 1 times [2024-11-08 16:57:34,146 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:34,147 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [817621400] [2024-11-08 16:57:34,147 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:34,147 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:34,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:34,279 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 16:57:34,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:34,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-08 16:57:34,289 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:34,291 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 16:57:34,291 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:34,291 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [817621400] [2024-11-08 16:57:34,292 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [817621400] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 16:57:34,292 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 16:57:34,292 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 16:57:34,292 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1763740443] [2024-11-08 16:57:34,293 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 16:57:34,293 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 16:57:34,293 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:34,294 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 16:57:34,294 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 16:57:34,295 INFO L87 Difference]: Start difference. First operand 85 states and 109 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 16:57:34,335 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:34,335 INFO L93 Difference]: Finished difference Result 238 states and 311 transitions. [2024-11-08 16:57:34,335 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 16:57:34,336 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2024-11-08 16:57:34,336 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:34,338 INFO L225 Difference]: With dead ends: 238 [2024-11-08 16:57:34,338 INFO L226 Difference]: Without dead ends: 161 [2024-11-08 16:57:34,339 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 16:57:34,340 INFO L432 NwaCegarLoop]: 124 mSDtfsCounter, 84 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:34,341 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [84 Valid, 222 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 16:57:34,342 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 161 states. [2024-11-08 16:57:34,363 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 161 to 158. [2024-11-08 16:57:34,364 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 158 states, 121 states have (on average 1.3388429752066116) internal successors, (162), 136 states have internal predecessors, (162), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 15 states have call predecessors, (22), 22 states have call successors, (22) [2024-11-08 16:57:34,366 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 158 states to 158 states and 206 transitions. [2024-11-08 16:57:34,366 INFO L78 Accepts]: Start accepts. Automaton has 158 states and 206 transitions. Word has length 37 [2024-11-08 16:57:34,367 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:34,367 INFO L471 AbstractCegarLoop]: Abstraction has 158 states and 206 transitions. [2024-11-08 16:57:34,367 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 16:57:34,367 INFO L276 IsEmpty]: Start isEmpty. Operand 158 states and 206 transitions. [2024-11-08 16:57:34,369 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-08 16:57:34,369 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:34,370 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:34,370 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 16:57:34,370 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:34,371 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:34,371 INFO L85 PathProgramCache]: Analyzing trace with hash 1737118601, now seen corresponding path program 1 times [2024-11-08 16:57:34,371 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:34,371 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1787587186] [2024-11-08 16:57:34,372 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:34,372 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:34,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:34,559 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 16:57:34,564 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:34,568 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-08 16:57:34,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:34,599 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 16:57:34,600 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:34,601 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1787587186] [2024-11-08 16:57:34,601 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1787587186] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 16:57:34,601 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 16:57:34,602 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 16:57:34,602 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [527658895] [2024-11-08 16:57:34,602 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 16:57:34,602 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 16:57:34,604 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:34,604 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 16:57:34,605 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 16:57:34,605 INFO L87 Difference]: Start difference. First operand 158 states and 206 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 16:57:34,863 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:34,863 INFO L93 Difference]: Finished difference Result 400 states and 533 transitions. [2024-11-08 16:57:34,864 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 16:57:34,864 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-11-08 16:57:34,864 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:34,867 INFO L225 Difference]: With dead ends: 400 [2024-11-08 16:57:34,867 INFO L226 Difference]: Without dead ends: 250 [2024-11-08 16:57:34,873 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 16:57:34,874 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 76 mSDsluCounter, 350 mSDsCounter, 0 mSdLazyCounter, 68 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 456 SdHoareTripleChecker+Invalid, 77 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 68 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:34,875 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 456 Invalid, 77 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 68 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 16:57:34,881 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 250 states. [2024-11-08 16:57:34,930 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 250 to 249. [2024-11-08 16:57:34,931 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 249 states, 190 states have (on average 1.2947368421052632) internal successors, (246), 207 states have internal predecessors, (246), 32 states have call successors, (32), 26 states have call predecessors, (32), 26 states have return successors, (40), 29 states have call predecessors, (40), 32 states have call successors, (40) [2024-11-08 16:57:34,934 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 249 states to 249 states and 318 transitions. [2024-11-08 16:57:34,934 INFO L78 Accepts]: Start accepts. Automaton has 249 states and 318 transitions. Word has length 41 [2024-11-08 16:57:34,939 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:34,939 INFO L471 AbstractCegarLoop]: Abstraction has 249 states and 318 transitions. [2024-11-08 16:57:34,939 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 16:57:34,940 INFO L276 IsEmpty]: Start isEmpty. Operand 249 states and 318 transitions. [2024-11-08 16:57:34,941 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 16:57:34,942 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:34,942 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:34,942 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 16:57:34,943 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:34,943 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:34,943 INFO L85 PathProgramCache]: Analyzing trace with hash -1242056141, now seen corresponding path program 1 times [2024-11-08 16:57:34,944 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:34,944 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2101434576] [2024-11-08 16:57:34,944 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:34,944 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:34,966 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:35,029 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 16:57:35,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:35,042 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 16:57:35,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:35,116 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 16:57:35,118 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:35,120 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 16:57:35,122 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:35,123 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2101434576] [2024-11-08 16:57:35,124 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2101434576] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 16:57:35,125 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 16:57:35,125 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 16:57:35,125 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1049407733] [2024-11-08 16:57:35,125 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 16:57:35,125 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 16:57:35,126 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:35,126 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 16:57:35,126 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 16:57:35,127 INFO L87 Difference]: Start difference. First operand 249 states and 318 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 16:57:35,353 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:35,354 INFO L93 Difference]: Finished difference Result 544 states and 711 transitions. [2024-11-08 16:57:35,355 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 16:57:35,355 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-08 16:57:35,355 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:35,362 INFO L225 Difference]: With dead ends: 544 [2024-11-08 16:57:35,362 INFO L226 Difference]: Without dead ends: 303 [2024-11-08 16:57:35,364 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 16:57:35,365 INFO L432 NwaCegarLoop]: 92 mSDtfsCounter, 61 mSDsluCounter, 303 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 395 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:35,365 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 395 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 16:57:35,370 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 303 states. [2024-11-08 16:57:35,415 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 303 to 301. [2024-11-08 16:57:35,416 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 232 states have (on average 1.2758620689655173) internal successors, (296), 249 states have internal predecessors, (296), 36 states have call successors, (36), 26 states have call predecessors, (36), 32 states have return successors, (50), 37 states have call predecessors, (50), 36 states have call successors, (50) [2024-11-08 16:57:35,422 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 382 transitions. [2024-11-08 16:57:35,423 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 382 transitions. Word has length 55 [2024-11-08 16:57:35,425 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:35,425 INFO L471 AbstractCegarLoop]: Abstraction has 301 states and 382 transitions. [2024-11-08 16:57:35,426 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 16:57:35,426 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 382 transitions. [2024-11-08 16:57:35,427 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 16:57:35,427 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:35,428 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:35,428 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 16:57:35,428 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:35,429 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:35,433 INFO L85 PathProgramCache]: Analyzing trace with hash 1247472821, now seen corresponding path program 1 times [2024-11-08 16:57:35,433 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:35,433 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [780610832] [2024-11-08 16:57:35,433 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:35,433 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:35,464 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:35,576 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 16:57:35,579 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:35,584 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 16:57:35,601 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:35,643 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 16:57:35,645 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:35,647 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 16:57:35,647 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:35,648 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [780610832] [2024-11-08 16:57:35,648 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [780610832] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 16:57:35,648 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 16:57:35,648 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 16:57:35,649 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1846775736] [2024-11-08 16:57:35,649 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 16:57:35,649 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 16:57:35,649 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:35,650 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 16:57:35,650 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 16:57:35,651 INFO L87 Difference]: Start difference. First operand 301 states and 382 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 16:57:35,824 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:35,824 INFO L93 Difference]: Finished difference Result 600 states and 779 transitions. [2024-11-08 16:57:35,824 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 16:57:35,825 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-08 16:57:35,826 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:35,829 INFO L225 Difference]: With dead ends: 600 [2024-11-08 16:57:35,832 INFO L226 Difference]: Without dead ends: 307 [2024-11-08 16:57:35,834 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 16:57:35,835 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 60 mSDsluCounter, 216 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 64 SdHoareTripleChecker+Valid, 309 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:35,835 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [64 Valid, 309 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 16:57:35,841 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 307 states. [2024-11-08 16:57:35,876 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 307 to 305. [2024-11-08 16:57:35,878 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 305 states, 236 states have (on average 1.271186440677966) internal successors, (300), 253 states have internal predecessors, (300), 36 states have call successors, (36), 26 states have call predecessors, (36), 32 states have return successors, (50), 37 states have call predecessors, (50), 36 states have call successors, (50) [2024-11-08 16:57:35,880 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 305 states to 305 states and 386 transitions. [2024-11-08 16:57:35,881 INFO L78 Accepts]: Start accepts. Automaton has 305 states and 386 transitions. Word has length 55 [2024-11-08 16:57:35,883 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:35,883 INFO L471 AbstractCegarLoop]: Abstraction has 305 states and 386 transitions. [2024-11-08 16:57:35,884 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 16:57:35,885 INFO L276 IsEmpty]: Start isEmpty. Operand 305 states and 386 transitions. [2024-11-08 16:57:35,887 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 16:57:35,887 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:35,887 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:35,887 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 16:57:35,888 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:35,889 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:35,889 INFO L85 PathProgramCache]: Analyzing trace with hash 1388021431, now seen corresponding path program 1 times [2024-11-08 16:57:35,889 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:35,890 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [345486054] [2024-11-08 16:57:35,890 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:35,890 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:35,911 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:36,016 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 16:57:36,019 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:36,028 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 16:57:36,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:36,070 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 16:57:36,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:36,074 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 16:57:36,076 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:36,076 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [345486054] [2024-11-08 16:57:36,076 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [345486054] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 16:57:36,076 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 16:57:36,076 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 16:57:36,077 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [840768991] [2024-11-08 16:57:36,077 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 16:57:36,077 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 16:57:36,079 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:36,079 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 16:57:36,080 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 16:57:36,080 INFO L87 Difference]: Start difference. First operand 305 states and 386 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 16:57:36,408 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:36,409 INFO L93 Difference]: Finished difference Result 874 states and 1145 transitions. [2024-11-08 16:57:36,409 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 16:57:36,409 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-08 16:57:36,410 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:36,413 INFO L225 Difference]: With dead ends: 874 [2024-11-08 16:57:36,413 INFO L226 Difference]: Without dead ends: 577 [2024-11-08 16:57:36,415 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 16:57:36,416 INFO L432 NwaCegarLoop]: 137 mSDtfsCounter, 231 mSDsluCounter, 189 mSDsCounter, 0 mSdLazyCounter, 133 mSolverCounterSat, 65 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 238 SdHoareTripleChecker+Valid, 326 SdHoareTripleChecker+Invalid, 198 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 65 IncrementalHoareTripleChecker+Valid, 133 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:36,416 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [238 Valid, 326 Invalid, 198 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [65 Valid, 133 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 16:57:36,418 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 577 states. [2024-11-08 16:57:36,497 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 577 to 570. [2024-11-08 16:57:36,498 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 570 states, 435 states have (on average 1.2367816091954023) internal successors, (538), 461 states have internal predecessors, (538), 73 states have call successors, (73), 59 states have call predecessors, (73), 61 states have return successors, (111), 72 states have call predecessors, (111), 73 states have call successors, (111) [2024-11-08 16:57:36,504 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 570 states to 570 states and 722 transitions. [2024-11-08 16:57:36,505 INFO L78 Accepts]: Start accepts. Automaton has 570 states and 722 transitions. Word has length 55 [2024-11-08 16:57:36,505 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:36,505 INFO L471 AbstractCegarLoop]: Abstraction has 570 states and 722 transitions. [2024-11-08 16:57:36,506 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 16:57:36,506 INFO L276 IsEmpty]: Start isEmpty. Operand 570 states and 722 transitions. [2024-11-08 16:57:36,508 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-08 16:57:36,508 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:36,508 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:36,509 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 16:57:36,509 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:36,509 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:36,510 INFO L85 PathProgramCache]: Analyzing trace with hash 1091368861, now seen corresponding path program 1 times [2024-11-08 16:57:36,510 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:36,510 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [16356014] [2024-11-08 16:57:36,510 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:36,511 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:36,530 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:36,732 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 16:57:36,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:36,740 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 16:57:36,741 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:36,752 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-08 16:57:36,756 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:36,778 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2024-11-08 16:57:36,779 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:36,781 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 16:57:36,781 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:36,781 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [16356014] [2024-11-08 16:57:36,781 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [16356014] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 16:57:36,781 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 16:57:36,782 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-08 16:57:36,782 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [210436233] [2024-11-08 16:57:36,782 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 16:57:36,782 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-08 16:57:36,782 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:36,783 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-08 16:57:36,784 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-08 16:57:36,784 INFO L87 Difference]: Start difference. First operand 570 states and 722 transitions. Second operand has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 16:57:37,645 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:37,646 INFO L93 Difference]: Finished difference Result 1515 states and 2020 transitions. [2024-11-08 16:57:37,646 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-08 16:57:37,647 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 59 [2024-11-08 16:57:37,647 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:37,653 INFO L225 Difference]: With dead ends: 1515 [2024-11-08 16:57:37,653 INFO L226 Difference]: Without dead ends: 1056 [2024-11-08 16:57:37,656 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 148 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=170, Invalid=532, Unknown=0, NotChecked=0, Total=702 [2024-11-08 16:57:37,657 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 525 mSDsluCounter, 509 mSDsCounter, 0 mSdLazyCounter, 518 mSolverCounterSat, 158 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 533 SdHoareTripleChecker+Valid, 618 SdHoareTripleChecker+Invalid, 676 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 158 IncrementalHoareTripleChecker+Valid, 518 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:37,658 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [533 Valid, 618 Invalid, 676 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [158 Valid, 518 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-08 16:57:37,661 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1056 states. [2024-11-08 16:57:37,763 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1056 to 974. [2024-11-08 16:57:37,765 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 974 states, 742 states have (on average 1.2345013477088949) internal successors, (916), 792 states have internal predecessors, (916), 124 states have call successors, (124), 94 states have call predecessors, (124), 107 states have return successors, (194), 121 states have call predecessors, (194), 124 states have call successors, (194) [2024-11-08 16:57:37,772 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 974 states to 974 states and 1234 transitions. [2024-11-08 16:57:37,773 INFO L78 Accepts]: Start accepts. Automaton has 974 states and 1234 transitions. Word has length 59 [2024-11-08 16:57:37,774 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:37,774 INFO L471 AbstractCegarLoop]: Abstraction has 974 states and 1234 transitions. [2024-11-08 16:57:37,774 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 16:57:37,774 INFO L276 IsEmpty]: Start isEmpty. Operand 974 states and 1234 transitions. [2024-11-08 16:57:37,777 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 90 [2024-11-08 16:57:37,777 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:37,777 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:37,778 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 16:57:37,778 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:37,778 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:37,778 INFO L85 PathProgramCache]: Analyzing trace with hash 622059044, now seen corresponding path program 1 times [2024-11-08 16:57:37,779 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:37,779 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [67855136] [2024-11-08 16:57:37,779 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:37,779 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:37,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:37,840 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 16:57:37,842 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:37,854 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 16:57:37,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:37,892 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 16:57:37,893 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:37,903 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 16:57:37,908 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:37,918 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 68 [2024-11-08 16:57:37,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:37,925 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2024-11-08 16:57:37,926 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:37,927 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 16:57:37,928 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:37,928 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [67855136] [2024-11-08 16:57:37,928 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [67855136] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 16:57:37,928 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 16:57:37,928 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 16:57:37,928 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1801551980] [2024-11-08 16:57:37,928 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 16:57:37,933 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 16:57:37,933 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:37,933 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 16:57:37,934 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-11-08 16:57:37,934 INFO L87 Difference]: Start difference. First operand 974 states and 1234 transitions. Second operand has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-11-08 16:57:38,409 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:38,409 INFO L93 Difference]: Finished difference Result 1203 states and 1515 transitions. [2024-11-08 16:57:38,409 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-08 16:57:38,410 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 89 [2024-11-08 16:57:38,410 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:38,413 INFO L225 Difference]: With dead ends: 1203 [2024-11-08 16:57:38,413 INFO L226 Difference]: Without dead ends: 483 [2024-11-08 16:57:38,415 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-11-08 16:57:38,416 INFO L432 NwaCegarLoop]: 115 mSDtfsCounter, 267 mSDsluCounter, 276 mSDsCounter, 0 mSdLazyCounter, 264 mSolverCounterSat, 54 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 276 SdHoareTripleChecker+Valid, 391 SdHoareTripleChecker+Invalid, 318 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 54 IncrementalHoareTripleChecker+Valid, 264 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:38,416 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [276 Valid, 391 Invalid, 318 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [54 Valid, 264 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 16:57:38,417 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 483 states. [2024-11-08 16:57:38,464 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 483 to 439. [2024-11-08 16:57:38,465 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 439 states, 336 states have (on average 1.1904761904761905) internal successors, (400), 357 states have internal predecessors, (400), 54 states have call successors, (54), 41 states have call predecessors, (54), 48 states have return successors, (86), 53 states have call predecessors, (86), 54 states have call successors, (86) [2024-11-08 16:57:38,467 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 439 states to 439 states and 540 transitions. [2024-11-08 16:57:38,468 INFO L78 Accepts]: Start accepts. Automaton has 439 states and 540 transitions. Word has length 89 [2024-11-08 16:57:38,469 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:38,469 INFO L471 AbstractCegarLoop]: Abstraction has 439 states and 540 transitions. [2024-11-08 16:57:38,469 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-11-08 16:57:38,469 INFO L276 IsEmpty]: Start isEmpty. Operand 439 states and 540 transitions. [2024-11-08 16:57:38,471 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 101 [2024-11-08 16:57:38,471 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 16:57:38,471 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:38,471 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-08 16:57:38,472 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 16:57:38,472 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 16:57:38,472 INFO L85 PathProgramCache]: Analyzing trace with hash 2033639011, now seen corresponding path program 1 times [2024-11-08 16:57:38,472 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 16:57:38,473 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2023562612] [2024-11-08 16:57:38,473 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:38,473 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 16:57:38,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,619 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 16:57:38,621 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,634 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 16:57:38,639 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,661 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 16:57:38,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,671 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 16:57:38,675 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,684 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-11-08 16:57:38,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,703 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2024-11-08 16:57:38,704 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,706 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 16:57:38,707 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,708 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 92 [2024-11-08 16:57:38,709 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,711 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 8 proven. 18 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 16:57:38,711 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 16:57:38,711 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2023562612] [2024-11-08 16:57:38,711 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2023562612] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 16:57:38,712 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [526393244] [2024-11-08 16:57:38,712 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 16:57:38,712 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 16:57:38,712 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/z3 [2024-11-08 16:57:38,714 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 16:57:38,716 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 16:57:38,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 16:57:38,834 INFO L255 TraceCheckSpWp]: Trace formula consists of 334 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-08 16:57:38,845 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 16:57:39,073 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 16:57:39,075 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 16:57:39,391 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 16:57:39,391 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [526393244] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 16:57:39,391 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 16:57:39,391 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-08 16:57:39,392 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1879349622] [2024-11-08 16:57:39,392 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 16:57:39,392 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-08 16:57:39,392 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 16:57:39,393 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-08 16:57:39,393 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-11-08 16:57:39,394 INFO L87 Difference]: Start difference. First operand 439 states and 540 transitions. Second operand has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-11-08 16:57:40,569 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 16:57:40,570 INFO L93 Difference]: Finished difference Result 901 states and 1132 transitions. [2024-11-08 16:57:40,570 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-11-08 16:57:40,571 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) Word has length 100 [2024-11-08 16:57:40,571 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 16:57:40,572 INFO L225 Difference]: With dead ends: 901 [2024-11-08 16:57:40,572 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 16:57:40,575 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 259 GetRequests, 218 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 340 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=345, Invalid=1137, Unknown=0, NotChecked=0, Total=1482 [2024-11-08 16:57:40,576 INFO L432 NwaCegarLoop]: 156 mSDtfsCounter, 401 mSDsluCounter, 783 mSDsCounter, 0 mSdLazyCounter, 804 mSolverCounterSat, 141 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 404 SdHoareTripleChecker+Valid, 939 SdHoareTripleChecker+Invalid, 945 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 141 IncrementalHoareTripleChecker+Valid, 804 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-11-08 16:57:40,576 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [404 Valid, 939 Invalid, 945 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [141 Valid, 804 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-11-08 16:57:40,576 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 16:57:40,577 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 16:57:40,577 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 16:57:40,577 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 16:57:40,578 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 100 [2024-11-08 16:57:40,578 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 16:57:40,578 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 16:57:40,578 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-11-08 16:57:40,579 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 16:57:40,579 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 16:57:40,581 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 16:57:40,603 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 16:57:40,786 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-08 16:57:40,788 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 16:57:40,790 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 16:57:45,549 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 16:57:45,570 WARN L162 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and (= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (and (= 1 ~systemActive~0) (<= ~waterLevel~0 2)))) Eliminated clause: (or (and (= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (and (= 1 ~systemActive~0) (<= ~waterLevel~0 2))) [2024-11-08 16:57:45,615 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-11-08 16:57:45,638 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-08 16:57:45,656 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-11-08 16:57:45,700 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 04:57:45 BoogieIcfgContainer [2024-11-08 16:57:45,700 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 16:57:45,701 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 16:57:45,701 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 16:57:45,701 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 16:57:45,702 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 04:57:33" (3/4) ... [2024-11-08 16:57:45,705 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 16:57:45,710 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 16:57:45,710 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 16:57:45,711 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 16:57:45,711 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 16:57:45,711 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 16:57:45,711 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 16:57:45,712 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 16:57:45,712 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-08 16:57:45,720 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 20 nodes and edges [2024-11-08 16:57:45,720 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 16:57:45,721 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 16:57:45,721 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 16:57:45,722 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 16:57:45,876 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/witness.graphml [2024-11-08 16:57:45,876 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/witness.yml [2024-11-08 16:57:45,877 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 16:57:45,877 INFO L158 Benchmark]: Toolchain (without parser) took 13813.51ms. Allocated memory was 172.0MB in the beginning and 251.7MB in the end (delta: 79.7MB). Free memory was 130.0MB in the beginning and 205.9MB in the end (delta: -75.9MB). Peak memory consumption was 5.3MB. Max. memory is 16.1GB. [2024-11-08 16:57:45,878 INFO L158 Benchmark]: CDTParser took 0.20ms. Allocated memory is still 119.5MB. Free memory was 87.6MB in the beginning and 87.5MB in the end (delta: 29.7kB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 16:57:45,878 INFO L158 Benchmark]: CACSL2BoogieTranslator took 638.17ms. Allocated memory is still 172.0MB. Free memory was 130.0MB in the beginning and 107.8MB in the end (delta: 22.2MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-08 16:57:45,878 INFO L158 Benchmark]: Boogie Procedure Inliner took 72.87ms. Allocated memory is still 172.0MB. Free memory was 107.8MB in the beginning and 105.3MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 16:57:45,879 INFO L158 Benchmark]: Boogie Preprocessor took 53.93ms. Allocated memory is still 172.0MB. Free memory was 105.3MB in the beginning and 103.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 16:57:45,879 INFO L158 Benchmark]: RCFGBuilder took 546.07ms. Allocated memory is still 172.0MB. Free memory was 102.7MB in the beginning and 128.0MB in the end (delta: -25.3MB). Peak memory consumption was 9.8MB. Max. memory is 16.1GB. [2024-11-08 16:57:45,880 INFO L158 Benchmark]: TraceAbstraction took 12316.83ms. Allocated memory was 172.0MB in the beginning and 251.7MB in the end (delta: 79.7MB). Free memory was 126.9MB in the beginning and 215.3MB in the end (delta: -88.4MB). Peak memory consumption was 134.1MB. Max. memory is 16.1GB. [2024-11-08 16:57:45,880 INFO L158 Benchmark]: Witness Printer took 175.96ms. Allocated memory is still 251.7MB. Free memory was 215.3MB in the beginning and 205.9MB in the end (delta: 9.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-08 16:57:45,882 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.20ms. Allocated memory is still 119.5MB. Free memory was 87.6MB in the beginning and 87.5MB in the end (delta: 29.7kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 638.17ms. Allocated memory is still 172.0MB. Free memory was 130.0MB in the beginning and 107.8MB in the end (delta: 22.2MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 72.87ms. Allocated memory is still 172.0MB. Free memory was 107.8MB in the beginning and 105.3MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 53.93ms. Allocated memory is still 172.0MB. Free memory was 105.3MB in the beginning and 103.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 546.07ms. Allocated memory is still 172.0MB. Free memory was 102.7MB in the beginning and 128.0MB in the end (delta: -25.3MB). Peak memory consumption was 9.8MB. Max. memory is 16.1GB. * TraceAbstraction took 12316.83ms. Allocated memory was 172.0MB in the beginning and 251.7MB in the end (delta: 79.7MB). Free memory was 126.9MB in the beginning and 215.3MB in the end (delta: -88.4MB). Peak memory consumption was 134.1MB. Max. memory is 16.1GB. * Witness Printer took 175.96ms. Allocated memory is still 251.7MB. Free memory was 215.3MB in the beginning and 205.9MB in the end (delta: 9.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [160] - GenericResultAtLocation [Line: 230]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [230] - GenericResultAtLocation [Line: 469]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [469] - GenericResultAtLocation [Line: 835]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [835] - GenericResultAtLocation [Line: 844]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [844] - GenericResultAtLocation [Line: 893]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [893] - GenericResultAtLocation [Line: 993]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [993] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 840]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 103 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.3s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1762 SdHoareTripleChecker+Valid, 2.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1721 mSDsluCounter, 3981 SdHoareTripleChecker+Invalid, 1.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2811 mSDsCounter, 453 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2002 IncrementalHoareTripleChecker+Invalid, 2455 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 453 mSolverCounterUnsat, 1170 mSDtfsCounter, 2002 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 398 GetRequests, 294 SyntacticMatches, 4 SemanticMatches, 100 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 520 ImplicationChecksByTransitivity, 1.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=974occurred in iteration=8, InterpolantAutomatonStates: 93, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 10 MinimizatonAttempts, 141 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.2s InterpolantComputationTime, 656 NumberOfCodeBlocks, 656 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 744 ConstructedInterpolants, 0 QuantifiedInterpolants, 1421 SizeOfPredicates, 2 NumberOfNonLiveVariables, 334 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 115/150 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 173]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 905]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - ProcedureContractResult [Line: 352]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((2 == waterLevel) && (0 != systemActive)) || ((1 == systemActive) && (waterLevel <= 2))) Ensures: (((pumpRunning == 0) && (((2 == waterLevel) && (0 != systemActive)) || ((1 == systemActive) && (waterLevel <= 2)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 267]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && ((((((waterLevel == \old(waterLevel)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 895]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 240]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((((\old(pumpRunning) == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 275]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 371]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && (pumpRunning == \result)) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 16:57:45,930 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e5c7da2-9ad9-4fa0-8d92-154ef767e2f6/bin/uautomizer-verify-jihMAELWvX/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE