./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4f9af400 extending candidate: java ['java'] extending candidate: /usr/bin/java ['java', '/usr/bin/java'] extending candidate: /opt/oracle-jdk-bin-*/bin/java ['java', '/usr/bin/java'] extending candidate: /opt/openjdk-*/bin/java ['java', '/usr/bin/java'] extending candidate: /usr/lib/jvm/java-*-openjdk-amd64/bin/java ['java', '/usr/bin/java', '/usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java', '/usr/lib/jvm/java-17-openjdk-amd64/bin/java', '/usr/lib/jvm/java-11-openjdk-amd64/bin/java', '/usr/lib/jvm/java-1.17.0-openjdk-amd64/bin/java'] ['/root/.sdkman/candidates/java/21.0.5-tem/bin/java', '-Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config', '-Xmx15G', '-Xms4m', '-jar', '/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar', '-data', '@noDefault', '-ultimatedata', '/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data', '-tc', '/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml', '-i', '../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c', '-s', '/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf', '--cacsl2boogietranslator.entry.function', 'main', '--witnessprinter.witness.directory', '/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux', '--witnessprinter.witness.filename', 'witness', '--witnessprinter.write.witness.besides.input.file', 'false', '--witnessprinter.graph.data.specification', 'CHECK( init(main()), LTL(G ! call(reach_error())) )\n\n', '--witnessprinter.graph.data.producer', 'Automizer', '--witnessprinter.graph.data.architecture', '32bit', '--witnessprinter.graph.data.programhash', 'cbcb1e9315abec7fabb6a689d6a1c811fb94154c71589df191460c14d014c3cb'] Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c -s /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash cbcb1e9315abec7fabb6a689d6a1c811fb94154c71589df191460c14d014c3cb --- Real Ultimate output --- This is Ultimate 0.3.0-?-4f9af40 [2024-11-06 23:44:07,824 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-06 23:44:07,956 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-06 23:44:07,960 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-06 23:44:07,961 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-06 23:44:07,991 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-06 23:44:07,992 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-06 23:44:07,992 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-06 23:44:07,993 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-06 23:44:07,993 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-06 23:44:07,993 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-06 23:44:07,994 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-06 23:44:07,994 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-06 23:44:07,994 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-06 23:44:07,994 INFO L153 SettingsManager]: * Use SBE=true [2024-11-06 23:44:07,994 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-06 23:44:07,995 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-06 23:44:07,995 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-06 23:44:07,995 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-06 23:44:07,995 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-06 23:44:07,995 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-06 23:44:07,996 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-06 23:44:07,996 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-06 23:44:07,996 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-06 23:44:07,996 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-06 23:44:07,996 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-06 23:44:07,996 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-06 23:44:07,996 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-06 23:44:07,996 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-06 23:44:07,996 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-06 23:44:07,997 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-06 23:44:07,997 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-06 23:44:07,997 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-06 23:44:07,997 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-06 23:44:07,998 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-06 23:44:07,998 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-06 23:44:07,998 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-06 23:44:07,998 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-06 23:44:07,998 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-06 23:44:07,998 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-06 23:44:07,998 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-06 23:44:07,998 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-06 23:44:07,998 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> cbcb1e9315abec7fabb6a689d6a1c811fb94154c71589df191460c14d014c3cb [2024-11-06 23:44:08,272 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-06 23:44:08,279 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-06 23:44:08,281 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-06 23:44:08,282 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-06 23:44:08,282 INFO L274 PluginConnector]: CDTParser initialized [2024-11-06 23:44:08,283 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c [2024-11-06 23:44:09,617 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-06 23:44:09,914 INFO L384 CDTParser]: Found 1 translation units. [2024-11-06 23:44:09,916 INFO L180 CDTParser]: Scanning /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c [2024-11-06 23:44:09,929 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/efe0684d1/5f03806019ed443ab94be9414876e42a/FLAGe25c47296 [2024-11-06 23:44:10,184 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/data/efe0684d1/5f03806019ed443ab94be9414876e42a [2024-11-06 23:44:10,187 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-06 23:44:10,188 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-06 23:44:10,190 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-06 23:44:10,191 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-06 23:44:10,194 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-06 23:44:10,195 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,197 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6dcbe383 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10, skipping insertion in model container [2024-11-06 23:44:10,197 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,234 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-06 23:44:10,392 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c[4478,4491] [2024-11-06 23:44:10,448 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-06 23:44:10,463 INFO L200 MainTranslator]: Completed pre-run [2024-11-06 23:44:10,469 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-06 23:44:10,470 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [160] [2024-11-06 23:44:10,470 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [262] [2024-11-06 23:44:10,470 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [271] [2024-11-06 23:44:10,470 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [306] [2024-11-06 23:44:10,470 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [341] [2024-11-06 23:44:10,470 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [707] [2024-11-06 23:44:10,470 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [775] [2024-11-06 23:44:10,479 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate-jdk21/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c[4478,4491] [2024-11-06 23:44:10,512 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-06 23:44:10,527 INFO L204 MainTranslator]: Completed translation [2024-11-06 23:44:10,528 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10 WrapperNode [2024-11-06 23:44:10,528 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-06 23:44:10,529 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-06 23:44:10,529 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-06 23:44:10,529 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-06 23:44:10,534 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,547 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,571 INFO L138 Inliner]: procedures = 57, calls = 104, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 231 [2024-11-06 23:44:10,571 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-06 23:44:10,572 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-06 23:44:10,572 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-06 23:44:10,572 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-06 23:44:10,586 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,587 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,594 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,612 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-06 23:44:10,616 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,617 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,629 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,633 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,638 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,639 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,645 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-06 23:44:10,646 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-06 23:44:10,646 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-06 23:44:10,646 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-06 23:44:10,647 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (1/1) ... [2024-11-06 23:44:10,655 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-06 23:44:10,670 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2024-11-06 23:44:10,682 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-06 23:44:10,689 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-06 23:44:10,708 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-06 23:44:10,709 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-06 23:44:10,709 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-06 23:44:10,709 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-06 23:44:10,709 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-06 23:44:10,709 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-06 23:44:10,709 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-06 23:44:10,709 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-06 23:44:10,710 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-06 23:44:10,710 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-06 23:44:10,710 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-06 23:44:10,710 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-06 23:44:10,710 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-06 23:44:10,710 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-06 23:44:10,711 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-06 23:44:10,711 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-06 23:44:10,711 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-06 23:44:10,711 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-06 23:44:10,711 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-06 23:44:10,711 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-06 23:44:10,711 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-06 23:44:10,711 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-06 23:44:10,791 INFO L238 CfgBuilder]: Building ICFG [2024-11-06 23:44:10,792 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-06 23:44:11,050 INFO L? ?]: Removed 53 outVars from TransFormulas that were not future-live. [2024-11-06 23:44:11,050 INFO L287 CfgBuilder]: Performing block encoding [2024-11-06 23:44:11,062 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-06 23:44:11,064 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-06 23:44:11,064 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 11:44:11 BoogieIcfgContainer [2024-11-06 23:44:11,064 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-06 23:44:11,066 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-06 23:44:11,066 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-06 23:44:11,071 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-06 23:44:11,071 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 06.11 11:44:10" (1/3) ... [2024-11-06 23:44:11,072 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2271c22c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 11:44:11, skipping insertion in model container [2024-11-06 23:44:11,072 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:44:10" (2/3) ... [2024-11-06 23:44:11,072 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2271c22c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 11:44:11, skipping insertion in model container [2024-11-06 23:44:11,072 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 11:44:11" (3/3) ... [2024-11-06 23:44:11,074 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product54.cil.c [2024-11-06 23:44:11,085 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-06 23:44:11,085 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-06 23:44:11,123 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-06 23:44:11,131 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@319b3402, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-06 23:44:11,132 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-06 23:44:11,136 INFO L276 IsEmpty]: Start isEmpty. Operand has 103 states, 76 states have (on average 1.381578947368421) internal successors, (105), 86 states have internal predecessors, (105), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-06 23:44:11,143 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-06 23:44:11,143 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:11,143 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:11,144 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:11,147 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:11,148 INFO L85 PathProgramCache]: Analyzing trace with hash 149329663, now seen corresponding path program 1 times [2024-11-06 23:44:11,155 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:11,155 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [116225238] [2024-11-06 23:44:11,155 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:11,156 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:11,243 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,292 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-06 23:44:11,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,301 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:11,301 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:11,302 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [116225238] [2024-11-06 23:44:11,302 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [116225238] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:11,302 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:11,302 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-06 23:44:11,303 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [217814343] [2024-11-06 23:44:11,304 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:11,306 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-06 23:44:11,307 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:11,319 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-06 23:44:11,320 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-06 23:44:11,322 INFO L87 Difference]: Start difference. First operand has 103 states, 76 states have (on average 1.381578947368421) internal successors, (105), 86 states have internal predecessors, (105), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-06 23:44:11,352 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:11,352 INFO L93 Difference]: Finished difference Result 198 states and 269 transitions. [2024-11-06 23:44:11,353 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-06 23:44:11,353 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-06 23:44:11,354 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:11,358 INFO L225 Difference]: With dead ends: 198 [2024-11-06 23:44:11,358 INFO L226 Difference]: Without dead ends: 94 [2024-11-06 23:44:11,361 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-06 23:44:11,363 INFO L432 NwaCegarLoop]: 131 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:11,364 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 131 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-06 23:44:11,373 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 94 states. [2024-11-06 23:44:11,389 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 94 to 94. [2024-11-06 23:44:11,390 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 94 states, 69 states have (on average 1.318840579710145) internal successors, (91), 78 states have internal predecessors, (91), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-06 23:44:11,396 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 94 states to 94 states and 122 transitions. [2024-11-06 23:44:11,398 INFO L78 Accepts]: Start accepts. Automaton has 94 states and 122 transitions. Word has length 25 [2024-11-06 23:44:11,399 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:11,399 INFO L471 AbstractCegarLoop]: Abstraction has 94 states and 122 transitions. [2024-11-06 23:44:11,400 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-06 23:44:11,400 INFO L276 IsEmpty]: Start isEmpty. Operand 94 states and 122 transitions. [2024-11-06 23:44:11,402 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-11-06 23:44:11,404 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:11,404 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:11,404 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-06 23:44:11,404 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:11,405 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:11,406 INFO L85 PathProgramCache]: Analyzing trace with hash 67554452, now seen corresponding path program 1 times [2024-11-06 23:44:11,406 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:11,406 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [877514543] [2024-11-06 23:44:11,406 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:11,406 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:11,430 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,506 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-06 23:44:11,509 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,511 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:11,511 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:11,511 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [877514543] [2024-11-06 23:44:11,511 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [877514543] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:11,511 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:11,511 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-06 23:44:11,511 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [741647744] [2024-11-06 23:44:11,512 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:11,514 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-06 23:44:11,514 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:11,514 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-06 23:44:11,516 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-06 23:44:11,516 INFO L87 Difference]: Start difference. First operand 94 states and 122 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-06 23:44:11,539 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:11,541 INFO L93 Difference]: Finished difference Result 153 states and 199 transitions. [2024-11-06 23:44:11,541 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-06 23:44:11,542 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2024-11-06 23:44:11,542 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:11,562 INFO L225 Difference]: With dead ends: 153 [2024-11-06 23:44:11,563 INFO L226 Difference]: Without dead ends: 85 [2024-11-06 23:44:11,563 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-06 23:44:11,564 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 13 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:11,565 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 201 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-06 23:44:11,565 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-06 23:44:11,573 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-06 23:44:11,573 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3333333333333333) internal successors, (84), 72 states have internal predecessors, (84), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-06 23:44:11,575 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 110 transitions. [2024-11-06 23:44:11,575 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 110 transitions. Word has length 26 [2024-11-06 23:44:11,575 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:11,575 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 110 transitions. [2024-11-06 23:44:11,575 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-06 23:44:11,575 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 110 transitions. [2024-11-06 23:44:11,576 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-11-06 23:44:11,577 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:11,577 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:11,577 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-06 23:44:11,577 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:11,577 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:11,578 INFO L85 PathProgramCache]: Analyzing trace with hash -6965766, now seen corresponding path program 1 times [2024-11-06 23:44:11,578 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:11,578 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1960055274] [2024-11-06 23:44:11,578 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:11,578 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:11,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,677 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-06 23:44:11,679 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,680 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:11,681 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:11,681 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1960055274] [2024-11-06 23:44:11,681 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1960055274] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:11,681 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:11,681 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-06 23:44:11,681 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1159257276] [2024-11-06 23:44:11,681 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:11,682 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-06 23:44:11,682 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:11,682 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-06 23:44:11,682 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-06 23:44:11,682 INFO L87 Difference]: Start difference. First operand 85 states and 110 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-06 23:44:11,702 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:11,704 INFO L93 Difference]: Finished difference Result 163 states and 214 transitions. [2024-11-06 23:44:11,705 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-06 23:44:11,705 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2024-11-06 23:44:11,705 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:11,706 INFO L225 Difference]: With dead ends: 163 [2024-11-06 23:44:11,706 INFO L226 Difference]: Without dead ends: 85 [2024-11-06 23:44:11,708 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-06 23:44:11,709 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 104 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 104 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:11,710 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [104 Valid, 108 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-06 23:44:11,711 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-06 23:44:11,723 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-06 23:44:11,724 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 72 states have internal predecessors, (83), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-06 23:44:11,725 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 109 transitions. [2024-11-06 23:44:11,726 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 109 transitions. Word has length 31 [2024-11-06 23:44:11,726 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:11,726 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 109 transitions. [2024-11-06 23:44:11,726 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-06 23:44:11,726 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 109 transitions. [2024-11-06 23:44:11,727 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-11-06 23:44:11,731 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:11,732 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:11,732 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-06 23:44:11,732 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:11,732 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:11,732 INFO L85 PathProgramCache]: Analyzing trace with hash 1330354743, now seen corresponding path program 1 times [2024-11-06 23:44:11,732 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:11,732 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [237961895] [2024-11-06 23:44:11,733 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:11,733 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:11,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,791 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-06 23:44:11,793 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,800 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-06 23:44:11,802 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,803 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-06 23:44:11,808 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:11,809 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-06 23:44:11,809 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:11,809 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [237961895] [2024-11-06 23:44:11,810 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [237961895] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:11,810 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:11,810 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-06 23:44:11,810 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [779840709] [2024-11-06 23:44:11,810 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:11,812 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-06 23:44:11,812 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:11,813 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-06 23:44:11,813 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-06 23:44:11,813 INFO L87 Difference]: Start difference. First operand 85 states and 109 transitions. Second operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-06 23:44:12,041 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:12,042 INFO L93 Difference]: Finished difference Result 246 states and 320 transitions. [2024-11-06 23:44:12,043 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-06 23:44:12,043 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 44 [2024-11-06 23:44:12,044 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:12,045 INFO L225 Difference]: With dead ends: 246 [2024-11-06 23:44:12,047 INFO L226 Difference]: Without dead ends: 168 [2024-11-06 23:44:12,048 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-06 23:44:12,049 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 170 mSDsluCounter, 121 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 176 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 123 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:12,051 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [176 Valid, 222 Invalid, 123 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-06 23:44:12,052 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 168 states. [2024-11-06 23:44:12,076 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 168 to 162. [2024-11-06 23:44:12,079 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 162 states, 122 states have (on average 1.2868852459016393) internal successors, (157), 130 states have internal predecessors, (157), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-06 23:44:12,081 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 162 states to 162 states and 206 transitions. [2024-11-06 23:44:12,081 INFO L78 Accepts]: Start accepts. Automaton has 162 states and 206 transitions. Word has length 44 [2024-11-06 23:44:12,082 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:12,082 INFO L471 AbstractCegarLoop]: Abstraction has 162 states and 206 transitions. [2024-11-06 23:44:12,083 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-06 23:44:12,083 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 206 transitions. [2024-11-06 23:44:12,084 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-06 23:44:12,085 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:12,086 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:12,086 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-06 23:44:12,086 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:12,086 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:12,086 INFO L85 PathProgramCache]: Analyzing trace with hash 1858639799, now seen corresponding path program 1 times [2024-11-06 23:44:12,086 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:12,086 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1238040860] [2024-11-06 23:44:12,086 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:12,087 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:12,113 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:12,215 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-06 23:44:12,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:12,244 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-06 23:44:12,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:12,295 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-06 23:44:12,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:12,301 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:12,301 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:12,301 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1238040860] [2024-11-06 23:44:12,302 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1238040860] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:12,302 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:12,302 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-06 23:44:12,302 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1463404122] [2024-11-06 23:44:12,303 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:12,303 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-06 23:44:12,303 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:12,304 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-06 23:44:12,304 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-06 23:44:12,304 INFO L87 Difference]: Start difference. First operand 162 states and 206 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-06 23:44:12,509 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:12,510 INFO L93 Difference]: Finished difference Result 322 states and 416 transitions. [2024-11-06 23:44:12,510 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-06 23:44:12,511 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-06 23:44:12,511 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:12,512 INFO L225 Difference]: With dead ends: 322 [2024-11-06 23:44:12,512 INFO L226 Difference]: Without dead ends: 167 [2024-11-06 23:44:12,513 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-06 23:44:12,516 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 61 mSDsluCounter, 328 mSDsCounter, 0 mSdLazyCounter, 142 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 429 SdHoareTripleChecker+Invalid, 157 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 142 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:12,516 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 429 Invalid, 157 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 142 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-06 23:44:12,517 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2024-11-06 23:44:12,537 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 165. [2024-11-06 23:44:12,537 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 165 states, 125 states have (on average 1.28) internal successors, (160), 133 states have internal predecessors, (160), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-06 23:44:12,538 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 165 states to 165 states and 209 transitions. [2024-11-06 23:44:12,539 INFO L78 Accepts]: Start accepts. Automaton has 165 states and 209 transitions. Word has length 50 [2024-11-06 23:44:12,540 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:12,540 INFO L471 AbstractCegarLoop]: Abstraction has 165 states and 209 transitions. [2024-11-06 23:44:12,540 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-06 23:44:12,541 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 209 transitions. [2024-11-06 23:44:12,541 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-06 23:44:12,543 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:12,543 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:12,543 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-06 23:44:12,543 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:12,544 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:12,544 INFO L85 PathProgramCache]: Analyzing trace with hash 2077494517, now seen corresponding path program 1 times [2024-11-06 23:44:12,544 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:12,544 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1559391449] [2024-11-06 23:44:12,544 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:12,544 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:12,562 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:12,619 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-06 23:44:12,624 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:12,640 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-06 23:44:12,644 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:12,669 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-06 23:44:12,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:12,674 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:12,674 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:12,674 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1559391449] [2024-11-06 23:44:12,674 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1559391449] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:12,674 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:12,675 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-06 23:44:12,675 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [964247440] [2024-11-06 23:44:12,675 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:12,675 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-06 23:44:12,675 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:12,676 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-06 23:44:12,676 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-06 23:44:12,676 INFO L87 Difference]: Start difference. First operand 165 states and 209 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-06 23:44:12,853 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:12,853 INFO L93 Difference]: Finished difference Result 327 states and 427 transitions. [2024-11-06 23:44:12,854 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-06 23:44:12,854 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-06 23:44:12,854 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:12,855 INFO L225 Difference]: With dead ends: 327 [2024-11-06 23:44:12,855 INFO L226 Difference]: Without dead ends: 169 [2024-11-06 23:44:12,856 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-06 23:44:12,857 INFO L432 NwaCegarLoop]: 97 mSDtfsCounter, 151 mSDsluCounter, 222 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 154 SdHoareTripleChecker+Valid, 319 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:12,857 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [154 Valid, 319 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-06 23:44:12,858 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 169 states. [2024-11-06 23:44:12,880 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 169 to 167. [2024-11-06 23:44:12,882 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 167 states, 127 states have (on average 1.2755905511811023) internal successors, (162), 135 states have internal predecessors, (162), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-06 23:44:12,883 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 167 states to 167 states and 211 transitions. [2024-11-06 23:44:12,884 INFO L78 Accepts]: Start accepts. Automaton has 167 states and 211 transitions. Word has length 50 [2024-11-06 23:44:12,884 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:12,884 INFO L471 AbstractCegarLoop]: Abstraction has 167 states and 211 transitions. [2024-11-06 23:44:12,884 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-06 23:44:12,884 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 211 transitions. [2024-11-06 23:44:12,885 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-06 23:44:12,886 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:12,886 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:12,886 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-06 23:44:12,887 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:12,887 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:12,887 INFO L85 PathProgramCache]: Analyzing trace with hash 1943481011, now seen corresponding path program 1 times [2024-11-06 23:44:12,887 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:12,887 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [801993062] [2024-11-06 23:44:12,887 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:12,888 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:12,901 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:12,989 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-06 23:44:12,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,013 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-06 23:44:13,016 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,030 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-06 23:44:13,032 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,035 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:13,036 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:13,036 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [801993062] [2024-11-06 23:44:13,036 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [801993062] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:13,037 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:13,037 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-06 23:44:13,037 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1858639070] [2024-11-06 23:44:13,037 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:13,037 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-06 23:44:13,037 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:13,038 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-06 23:44:13,039 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-06 23:44:13,039 INFO L87 Difference]: Start difference. First operand 167 states and 211 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-06 23:44:13,308 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:13,308 INFO L93 Difference]: Finished difference Result 467 states and 611 transitions. [2024-11-06 23:44:13,308 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-06 23:44:13,309 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 50 [2024-11-06 23:44:13,309 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:13,311 INFO L225 Difference]: With dead ends: 467 [2024-11-06 23:44:13,311 INFO L226 Difference]: Without dead ends: 307 [2024-11-06 23:44:13,312 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 10 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-06 23:44:13,312 INFO L432 NwaCegarLoop]: 143 mSDtfsCounter, 228 mSDsluCounter, 193 mSDsCounter, 0 mSdLazyCounter, 160 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 235 SdHoareTripleChecker+Valid, 336 SdHoareTripleChecker+Invalid, 222 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 160 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:13,313 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [235 Valid, 336 Invalid, 222 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 160 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-06 23:44:13,314 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 307 states. [2024-11-06 23:44:13,342 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 307 to 299. [2024-11-06 23:44:13,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 299 states, 226 states have (on average 1.252212389380531) internal successors, (283), 238 states have internal predecessors, (283), 36 states have call successors, (36), 33 states have call predecessors, (36), 36 states have return successors, (62), 37 states have call predecessors, (62), 36 states have call successors, (62) [2024-11-06 23:44:13,345 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 299 states to 299 states and 381 transitions. [2024-11-06 23:44:13,345 INFO L78 Accepts]: Start accepts. Automaton has 299 states and 381 transitions. Word has length 50 [2024-11-06 23:44:13,346 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:13,346 INFO L471 AbstractCegarLoop]: Abstraction has 299 states and 381 transitions. [2024-11-06 23:44:13,346 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-06 23:44:13,346 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 381 transitions. [2024-11-06 23:44:13,347 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-06 23:44:13,347 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:13,347 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:13,347 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-06 23:44:13,347 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:13,348 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:13,348 INFO L85 PathProgramCache]: Analyzing trace with hash -432802525, now seen corresponding path program 1 times [2024-11-06 23:44:13,348 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:13,348 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [342393468] [2024-11-06 23:44:13,348 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:13,348 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:13,365 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,453 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-06 23:44:13,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,464 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-06 23:44:13,466 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,470 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-06 23:44:13,471 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,472 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-11-06 23:44:13,474 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,476 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:13,476 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:13,476 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [342393468] [2024-11-06 23:44:13,476 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [342393468] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:13,476 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:13,477 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-06 23:44:13,477 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [192698478] [2024-11-06 23:44:13,477 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:13,480 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-06 23:44:13,480 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:13,480 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-06 23:44:13,481 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-06 23:44:13,481 INFO L87 Difference]: Start difference. First operand 299 states and 381 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-06 23:44:13,716 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:13,716 INFO L93 Difference]: Finished difference Result 591 states and 754 transitions. [2024-11-06 23:44:13,716 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-06 23:44:13,717 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 52 [2024-11-06 23:44:13,717 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:13,720 INFO L225 Difference]: With dead ends: 591 [2024-11-06 23:44:13,720 INFO L226 Difference]: Without dead ends: 299 [2024-11-06 23:44:13,721 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-06 23:44:13,721 INFO L432 NwaCegarLoop]: 84 mSDtfsCounter, 120 mSDsluCounter, 286 mSDsCounter, 0 mSdLazyCounter, 148 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 370 SdHoareTripleChecker+Invalid, 180 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 148 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:13,722 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 370 Invalid, 180 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 148 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-06 23:44:13,724 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 299 states. [2024-11-06 23:44:13,751 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 299 to 297. [2024-11-06 23:44:13,752 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 297 states, 224 states have (on average 1.2455357142857142) internal successors, (279), 236 states have internal predecessors, (279), 36 states have call successors, (36), 33 states have call predecessors, (36), 36 states have return successors, (62), 37 states have call predecessors, (62), 36 states have call successors, (62) [2024-11-06 23:44:13,754 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 297 states to 297 states and 377 transitions. [2024-11-06 23:44:13,755 INFO L78 Accepts]: Start accepts. Automaton has 297 states and 377 transitions. Word has length 52 [2024-11-06 23:44:13,755 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:13,755 INFO L471 AbstractCegarLoop]: Abstraction has 297 states and 377 transitions. [2024-11-06 23:44:13,755 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-06 23:44:13,756 INFO L276 IsEmpty]: Start isEmpty. Operand 297 states and 377 transitions. [2024-11-06 23:44:13,756 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-06 23:44:13,756 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:13,756 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:13,757 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-06 23:44:13,757 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:13,757 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:13,757 INFO L85 PathProgramCache]: Analyzing trace with hash -1117904615, now seen corresponding path program 1 times [2024-11-06 23:44:13,757 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:13,757 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2032486472] [2024-11-06 23:44:13,758 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:13,758 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:13,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,851 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-06 23:44:13,853 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,861 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-06 23:44:13,864 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,870 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-06 23:44:13,873 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,879 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-06 23:44:13,881 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:13,883 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:13,883 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:13,883 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2032486472] [2024-11-06 23:44:13,883 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2032486472] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:13,883 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:13,884 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-06 23:44:13,885 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [97297274] [2024-11-06 23:44:13,885 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:13,885 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-06 23:44:13,885 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:13,885 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-06 23:44:13,885 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-06 23:44:13,886 INFO L87 Difference]: Start difference. First operand 297 states and 377 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-06 23:44:14,351 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:14,351 INFO L93 Difference]: Finished difference Result 574 states and 741 transitions. [2024-11-06 23:44:14,351 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2024-11-06 23:44:14,352 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-11-06 23:44:14,352 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:14,354 INFO L225 Difference]: With dead ends: 574 [2024-11-06 23:44:14,354 INFO L226 Difference]: Without dead ends: 336 [2024-11-06 23:44:14,355 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=79, Invalid=193, Unknown=0, NotChecked=0, Total=272 [2024-11-06 23:44:14,356 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 225 mSDsluCounter, 348 mSDsCounter, 0 mSdLazyCounter, 404 mSolverCounterSat, 67 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 229 SdHoareTripleChecker+Valid, 457 SdHoareTripleChecker+Invalid, 471 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 67 IncrementalHoareTripleChecker+Valid, 404 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:14,356 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [229 Valid, 457 Invalid, 471 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [67 Valid, 404 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-06 23:44:14,356 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 336 states. [2024-11-06 23:44:14,379 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 336 to 332. [2024-11-06 23:44:14,380 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 332 states, 251 states have (on average 1.2151394422310757) internal successors, (305), 266 states have internal predecessors, (305), 41 states have call successors, (41), 33 states have call predecessors, (41), 39 states have return successors, (58), 42 states have call predecessors, (58), 41 states have call successors, (58) [2024-11-06 23:44:14,381 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 332 states to 332 states and 404 transitions. [2024-11-06 23:44:14,382 INFO L78 Accepts]: Start accepts. Automaton has 332 states and 404 transitions. Word has length 54 [2024-11-06 23:44:14,382 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:14,382 INFO L471 AbstractCegarLoop]: Abstraction has 332 states and 404 transitions. [2024-11-06 23:44:14,383 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-06 23:44:14,383 INFO L276 IsEmpty]: Start isEmpty. Operand 332 states and 404 transitions. [2024-11-06 23:44:14,383 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-06 23:44:14,383 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:14,384 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:14,384 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-06 23:44:14,384 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:14,384 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:14,384 INFO L85 PathProgramCache]: Analyzing trace with hash -309751737, now seen corresponding path program 1 times [2024-11-06 23:44:14,384 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:14,384 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2137001601] [2024-11-06 23:44:14,385 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:14,385 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:14,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,419 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-06 23:44:14,420 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,429 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-06 23:44:14,431 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,438 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-06 23:44:14,442 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,481 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-06 23:44:14,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,483 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-06 23:44:14,484 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,485 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:14,486 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:14,486 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2137001601] [2024-11-06 23:44:14,487 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2137001601] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:14,487 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:14,487 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-06 23:44:14,487 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1556451111] [2024-11-06 23:44:14,487 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:14,487 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-06 23:44:14,488 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:14,488 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-06 23:44:14,489 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-06 23:44:14,489 INFO L87 Difference]: Start difference. First operand 332 states and 404 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-06 23:44:14,748 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:14,748 INFO L93 Difference]: Finished difference Result 604 states and 746 transitions. [2024-11-06 23:44:14,749 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-06 23:44:14,749 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 56 [2024-11-06 23:44:14,749 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:14,751 INFO L225 Difference]: With dead ends: 604 [2024-11-06 23:44:14,751 INFO L226 Difference]: Without dead ends: 333 [2024-11-06 23:44:14,756 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-06 23:44:14,756 INFO L432 NwaCegarLoop]: 63 mSDtfsCounter, 144 mSDsluCounter, 201 mSDsCounter, 0 mSdLazyCounter, 239 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 147 SdHoareTripleChecker+Valid, 264 SdHoareTripleChecker+Invalid, 285 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 239 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:14,757 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [147 Valid, 264 Invalid, 285 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 239 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-06 23:44:14,758 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 333 states. [2024-11-06 23:44:14,786 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 333 to 329. [2024-11-06 23:44:14,787 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 329 states, 248 states have (on average 1.2137096774193548) internal successors, (301), 263 states have internal predecessors, (301), 41 states have call successors, (41), 33 states have call predecessors, (41), 39 states have return successors, (58), 42 states have call predecessors, (58), 41 states have call successors, (58) [2024-11-06 23:44:14,789 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 329 states to 329 states and 400 transitions. [2024-11-06 23:44:14,791 INFO L78 Accepts]: Start accepts. Automaton has 329 states and 400 transitions. Word has length 56 [2024-11-06 23:44:14,791 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:14,791 INFO L471 AbstractCegarLoop]: Abstraction has 329 states and 400 transitions. [2024-11-06 23:44:14,791 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-06 23:44:14,791 INFO L276 IsEmpty]: Start isEmpty. Operand 329 states and 400 transitions. [2024-11-06 23:44:14,792 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-06 23:44:14,792 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:14,792 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:14,792 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-06 23:44:14,792 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:14,793 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:14,793 INFO L85 PathProgramCache]: Analyzing trace with hash -443765243, now seen corresponding path program 1 times [2024-11-06 23:44:14,793 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:14,793 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [904377244] [2024-11-06 23:44:14,793 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:14,793 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:14,805 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,854 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-06 23:44:14,855 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,862 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-06 23:44:14,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,876 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-06 23:44:14,878 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,953 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-06 23:44:14,954 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,955 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-06 23:44:14,957 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:14,958 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-06 23:44:14,958 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:14,958 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [904377244] [2024-11-06 23:44:14,959 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [904377244] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-06 23:44:14,959 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-06 23:44:14,959 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-06 23:44:14,959 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1781347580] [2024-11-06 23:44:14,959 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-06 23:44:14,959 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-06 23:44:14,959 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:14,960 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-06 23:44:14,960 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-06 23:44:14,960 INFO L87 Difference]: Start difference. First operand 329 states and 400 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-06 23:44:15,271 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:15,271 INFO L93 Difference]: Finished difference Result 573 states and 705 transitions. [2024-11-06 23:44:15,272 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-06 23:44:15,272 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 56 [2024-11-06 23:44:15,272 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:15,274 INFO L225 Difference]: With dead ends: 573 [2024-11-06 23:44:15,275 INFO L226 Difference]: Without dead ends: 305 [2024-11-06 23:44:15,276 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=77, Unknown=0, NotChecked=0, Total=110 [2024-11-06 23:44:15,276 INFO L432 NwaCegarLoop]: 67 mSDtfsCounter, 141 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 315 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 339 SdHoareTripleChecker+Invalid, 361 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 315 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:15,276 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 339 Invalid, 361 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 315 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-06 23:44:15,277 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 305 states. [2024-11-06 23:44:15,318 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 305 to 301. [2024-11-06 23:44:15,319 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 228 states have (on average 1.2105263157894737) internal successors, (276), 242 states have internal predecessors, (276), 38 states have call successors, (38), 30 states have call predecessors, (38), 34 states have return successors, (49), 37 states have call predecessors, (49), 38 states have call successors, (49) [2024-11-06 23:44:15,321 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 363 transitions. [2024-11-06 23:44:15,323 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 363 transitions. Word has length 56 [2024-11-06 23:44:15,323 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:15,323 INFO L471 AbstractCegarLoop]: Abstraction has 301 states and 363 transitions. [2024-11-06 23:44:15,324 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-06 23:44:15,324 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 363 transitions. [2024-11-06 23:44:15,325 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2024-11-06 23:44:15,325 INFO L207 NwaCegarLoop]: Found error trace [2024-11-06 23:44:15,325 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:15,325 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-11-06 23:44:15,325 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-06 23:44:15,325 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-06 23:44:15,326 INFO L85 PathProgramCache]: Analyzing trace with hash 872263225, now seen corresponding path program 1 times [2024-11-06 23:44:15,326 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-06 23:44:15,326 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1267160018] [2024-11-06 23:44:15,326 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:15,326 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-06 23:44:15,342 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,447 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-06 23:44:15,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,458 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-06 23:44:15,463 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,542 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-06 23:44:15,544 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,547 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-06 23:44:15,548 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,551 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-06 23:44:15,552 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,563 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-11-06 23:44:15,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,566 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 74 [2024-11-06 23:44:15,567 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,568 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2024-11-06 23:44:15,569 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,574 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 17 proven. 5 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-06 23:44:15,574 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-06 23:44:15,574 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1267160018] [2024-11-06 23:44:15,574 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1267160018] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-06 23:44:15,574 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1539235930] [2024-11-06 23:44:15,574 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-06 23:44:15,575 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-06 23:44:15,575 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 [2024-11-06 23:44:15,577 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-06 23:44:15,579 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-06 23:44:15,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-06 23:44:15,685 INFO L255 TraceCheckSpWp]: Trace formula consists of 301 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-06 23:44:15,692 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-06 23:44:15,934 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 6 proven. 12 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-06 23:44:15,935 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-06 23:44:16,286 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 8 proven. 4 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-06 23:44:16,286 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1539235930] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-06 23:44:16,286 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-06 23:44:16,287 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 8, 9] total 20 [2024-11-06 23:44:16,287 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [60747456] [2024-11-06 23:44:16,287 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-06 23:44:16,287 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2024-11-06 23:44:16,287 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-06 23:44:16,288 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2024-11-06 23:44:16,288 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=62, Invalid=318, Unknown=0, NotChecked=0, Total=380 [2024-11-06 23:44:16,289 INFO L87 Difference]: Start difference. First operand 301 states and 363 transitions. Second operand has 20 states, 20 states have (on average 6.75) internal successors, (135), 14 states have internal predecessors, (135), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-06 23:44:17,970 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-06 23:44:17,971 INFO L93 Difference]: Finished difference Result 913 states and 1187 transitions. [2024-11-06 23:44:17,971 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2024-11-06 23:44:17,971 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 20 states have (on average 6.75) internal successors, (135), 14 states have internal predecessors, (135), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) Word has length 91 [2024-11-06 23:44:17,972 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-06 23:44:17,972 INFO L225 Difference]: With dead ends: 913 [2024-11-06 23:44:17,972 INFO L226 Difference]: Without dead ends: 0 [2024-11-06 23:44:17,976 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 266 GetRequests, 193 SyntacticMatches, 7 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1159 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=892, Invalid=3664, Unknown=0, NotChecked=0, Total=4556 [2024-11-06 23:44:17,977 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 722 mSDsluCounter, 660 mSDsCounter, 0 mSdLazyCounter, 1190 mSolverCounterSat, 302 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 724 SdHoareTripleChecker+Valid, 732 SdHoareTripleChecker+Invalid, 1492 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 302 IncrementalHoareTripleChecker+Valid, 1190 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-06 23:44:17,977 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [724 Valid, 732 Invalid, 1492 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [302 Valid, 1190 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-06 23:44:17,978 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-06 23:44:17,978 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-06 23:44:17,978 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-06 23:44:17,978 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-06 23:44:17,979 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 91 [2024-11-06 23:44:17,979 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-06 23:44:17,979 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-06 23:44:17,979 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 20 states have (on average 6.75) internal successors, (135), 14 states have internal predecessors, (135), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-06 23:44:17,980 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-06 23:44:17,980 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-06 23:44:17,982 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-06 23:44:18,000 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-06 23:44:18,186 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2024-11-06 23:44:18,188 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-06 23:44:18,190 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-06 23:44:20,969 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-06 23:44:20,981 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 1) (= ~pumpRunning~0 1)) Eliminated clause: (and (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (= ~pumpRunning~0 1)) [2024-11-06 23:44:20,996 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (and (or (= |old(~methaneLevelCritical~0)| 0) (not (= ~methaneLevelCritical~0 0))) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-06 23:44:21,004 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse3 (= |old(~pumpRunning~0)| 1)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse4) (and .cse2 .cse0 .cse4))) (or (not .cse3) (and .cse1 (= ~pumpRunning~0 1))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse3 (= |old(~pumpRunning~0)| 1)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse4) (and .cse2 .cse0 .cse4))) (or (not .cse3) (and .cse1 (= ~pumpRunning~0 1)))))) [2024-11-06 23:44:21,013 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-06 23:44:21,022 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1))))) [2024-11-06 23:44:21,025 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-06 23:44:21,028 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (<= |old(~waterLevel~0)| 2) (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse0 (<= |old(~waterLevel~0)| 1))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (<= ~waterLevel~0 2) (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse0))) [2024-11-06 23:44:21,039 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1))))) [2024-11-06 23:44:21,042 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-06 23:44:21,043 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 06.11 11:44:21 BoogieIcfgContainer [2024-11-06 23:44:21,043 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-06 23:44:21,044 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-06 23:44:21,044 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-06 23:44:21,044 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-06 23:44:21,045 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 11:44:11" (3/4) ... [2024-11-06 23:44:21,046 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-06 23:44:21,051 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-06 23:44:21,051 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-06 23:44:21,051 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-06 23:44:21,051 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-06 23:44:21,051 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-06 23:44:21,051 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-06 23:44:21,052 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-06 23:44:21,052 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-06 23:44:21,052 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-06 23:44:21,058 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2024-11-06 23:44:21,060 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-06 23:44:21,060 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-06 23:44:21,060 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-06 23:44:21,061 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-06 23:44:21,154 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-06 23:44:21,154 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-06 23:44:21,156 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-06 23:44:21,156 INFO L158 Benchmark]: Toolchain (without parser) took 10968.54ms. Allocated memory was 142.6MB in the beginning and 218.1MB in the end (delta: 75.5MB). Free memory was 117.2MB in the beginning and 159.6MB in the end (delta: -42.3MB). Peak memory consumption was 32.4MB. Max. memory is 16.1GB. [2024-11-06 23:44:21,157 INFO L158 Benchmark]: CDTParser took 0.26ms. Allocated memory is still 117.4MB. Free memory is still 81.4MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-06 23:44:21,157 INFO L158 Benchmark]: CACSL2BoogieTranslator took 338.37ms. Allocated memory is still 142.6MB. Free memory was 117.1MB in the beginning and 98.3MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-06 23:44:21,158 INFO L158 Benchmark]: Boogie Procedure Inliner took 42.41ms. Allocated memory is still 142.6MB. Free memory was 98.3MB in the beginning and 96.3MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-06 23:44:21,158 INFO L158 Benchmark]: Boogie Preprocessor took 73.51ms. Allocated memory is still 142.6MB. Free memory was 96.3MB in the beginning and 94.5MB in the end (delta: 1.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-06 23:44:21,159 INFO L158 Benchmark]: RCFGBuilder took 418.41ms. Allocated memory is still 142.6MB. Free memory was 94.3MB in the beginning and 76.3MB in the end (delta: 18.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-06 23:44:21,159 INFO L158 Benchmark]: TraceAbstraction took 9977.21ms. Allocated memory was 142.6MB in the beginning and 218.1MB in the end (delta: 75.5MB). Free memory was 75.8MB in the beginning and 165.7MB in the end (delta: -89.9MB). Peak memory consumption was 83.5MB. Max. memory is 16.1GB. [2024-11-06 23:44:21,159 INFO L158 Benchmark]: Witness Printer took 112.11ms. Allocated memory is still 218.1MB. Free memory was 165.7MB in the beginning and 159.6MB in the end (delta: 6.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-06 23:44:21,161 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.26ms. Allocated memory is still 117.4MB. Free memory is still 81.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 338.37ms. Allocated memory is still 142.6MB. Free memory was 117.1MB in the beginning and 98.3MB in the end (delta: 18.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 42.41ms. Allocated memory is still 142.6MB. Free memory was 98.3MB in the beginning and 96.3MB in the end (delta: 2.0MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 73.51ms. Allocated memory is still 142.6MB. Free memory was 96.3MB in the beginning and 94.5MB in the end (delta: 1.8MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 418.41ms. Allocated memory is still 142.6MB. Free memory was 94.3MB in the beginning and 76.3MB in the end (delta: 18.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 9977.21ms. Allocated memory was 142.6MB in the beginning and 218.1MB in the end (delta: 75.5MB). Free memory was 75.8MB in the beginning and 165.7MB in the end (delta: -89.9MB). Peak memory consumption was 83.5MB. Max. memory is 16.1GB. * Witness Printer took 112.11ms. Allocated memory is still 218.1MB. Free memory was 165.7MB in the beginning and 159.6MB in the end (delta: 6.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [160] - GenericResultAtLocation [Line: 262]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [262] - GenericResultAtLocation [Line: 271]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [271] - GenericResultAtLocation [Line: 306]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [306] - GenericResultAtLocation [Line: 341]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [341] - GenericResultAtLocation [Line: 707]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [707] - GenericResultAtLocation [Line: 775]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [775] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 267]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 103 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.1s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 4.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2119 SdHoareTripleChecker+Valid, 2.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2079 mSDsluCounter, 3908 SdHoareTripleChecker+Invalid, 2.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2723 mSDsCounter, 646 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2804 IncrementalHoareTripleChecker+Invalid, 3450 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 646 mSolverCounterUnsat, 1185 mSDtfsCounter, 2804 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 428 GetRequests, 292 SyntacticMatches, 8 SemanticMatches, 128 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1198 ImplicationChecksByTransitivity, 1.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=332occurred in iteration=9, InterpolantAutomatonStates: 121, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 12 MinimizatonAttempts, 32 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.0s InterpolantComputationTime, 676 NumberOfCodeBlocks, 676 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 753 ConstructedInterpolants, 0 QuantifiedInterpolants, 1421 SizeOfPredicates, 2 NumberOfNonLiveVariables, 301 ConjunctsInSsa, 13 ConjunctsInUnsatCore, 14 InterpolantComputations, 11 PerfectInterpolantSequences, 63/84 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 173]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 718]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 719]: Loop Invariant Derived loop invariant: ((((((2 == waterLevel) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((waterLevel <= 1) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) - ProcedureContractResult [Line: 898]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1)) Ensures: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (\old(pumpRunning) == 1)) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 805]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) Ensures: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((waterLevel == \old(waterLevel)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 781]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: (((((((\old(pumpRunning) != 0) || ((((2 == waterLevel) && (1 == systemActive)) && (\old(waterLevel) == 2)) && (pumpRunning == 1))) || (\old(waterLevel) < 2)) && (((((waterLevel <= 1) && (waterLevel <= \old(waterLevel))) && (pumpRunning == 1)) || (\old(pumpRunning) != 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (waterLevel <= \old(waterLevel))))) && (((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || ((((2 == waterLevel) && (1 == systemActive)) && (\old(waterLevel) == 2)) && (pumpRunning == 1)))) && (((1 == systemActive) && (\old(pumpRunning) == 0)) || (((1 == systemActive) && (\old(pumpRunning) == 1)) && (\old(waterLevel) <= 2)))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 163]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 96]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((\result == methaneLevelCritical) && ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 813]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Ensures: ((((((((waterLevel <= 1) && (1 == systemActive)) && (\old(pumpRunning) == 1)) || ((1 == systemActive) && (\old(pumpRunning) == 0))) && ((\old(pumpRunning) != 1) || (pumpRunning == 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((waterLevel < 2) || ((2 == waterLevel) && (pumpRunning == 1)))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((((((pumpRunning != 0) || (2 == waterLevel)) || (\old(waterLevel) != 1)) && ((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel))) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((1 == systemActive) && (\old(waterLevel) <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1)))) && (((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 839]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Ensures: ((((((((waterLevel <= 1) && (1 == systemActive)) && (\old(pumpRunning) == 1)) || ((1 == systemActive) && (\old(pumpRunning) == 0))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((waterLevel < 2) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((pumpRunning == 0) || (pumpRunning == 1))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-06 23:44:21,191 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-jdk21/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE