./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:16:46,652 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:16:46,724 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:16:46,731 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:16:46,733 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:16:46,764 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:16:46,764 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:16:46,765 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:16:46,765 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:16:46,767 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:16:46,767 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:16:46,767 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:16:46,768 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:16:46,768 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:16:46,770 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:16:46,770 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:16:46,771 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:16:46,771 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:16:46,771 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:16:46,772 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:16:46,772 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:16:46,776 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:16:46,776 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:16:46,776 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:16:46,776 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:16:46,777 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:16:46,777 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:16:46,777 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:16:46,777 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:16:46,778 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:16:46,778 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:16:46,778 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:16:46,778 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:16:46,779 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:16:46,779 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:16:46,779 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:16:46,779 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:16:46,780 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:16:46,780 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:16:46,780 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:16:46,780 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:16:46,782 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:16:46,782 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 [2024-11-08 15:16:47,080 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:16:47,100 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:16:47,104 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:16:47,105 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:16:47,106 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:16:47,107 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c [2024-11-08 15:16:48,566 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:16:48,774 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:16:48,774 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c [2024-11-08 15:16:48,795 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/a240e4a3d/17160a0c829242ab9501221e0ab81289/FLAGeb8cc6a4d [2024-11-08 15:16:48,808 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/a240e4a3d/17160a0c829242ab9501221e0ab81289 [2024-11-08 15:16:48,810 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:16:48,811 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:16:48,813 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:16:48,813 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:16:48,817 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:16:48,818 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:16:48" (1/1) ... [2024-11-08 15:16:48,819 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1376fcf7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:48, skipping insertion in model container [2024-11-08 15:16:48,819 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:16:48" (1/1) ... [2024-11-08 15:16:48,864 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:16:49,227 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-11-08 15:16:49,240 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:16:49,252 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:16:49,262 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-08 15:16:49,264 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] [2024-11-08 15:16:49,264 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] [2024-11-08 15:16:49,264 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] [2024-11-08 15:16:49,264 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] [2024-11-08 15:16:49,265 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] [2024-11-08 15:16:49,265 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] [2024-11-08 15:16:49,265 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] [2024-11-08 15:16:49,329 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-11-08 15:16:49,332 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:16:49,354 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:16:49,354 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49 WrapperNode [2024-11-08 15:16:49,355 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:16:49,356 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:16:49,356 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:16:49,356 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:16:49,362 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,378 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,416 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 209 [2024-11-08 15:16:49,417 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:16:49,417 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:16:49,418 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:16:49,418 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:16:49,429 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,430 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,431 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,452 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:16:49,452 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,453 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,456 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,460 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,461 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,462 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,464 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:16:49,465 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:16:49,465 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:16:49,465 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:16:49,466 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,471 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:16:49,481 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:16:49,499 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:16:49,502 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:16:49,542 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:16:49,542 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:16:49,542 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:16:49,542 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:16:49,542 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:16:49,542 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:16:49,542 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:16:49,543 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:16:49,543 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:16:49,543 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:16:49,543 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:16:49,543 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-08 15:16:49,543 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-08 15:16:49,543 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 15:16:49,543 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 15:16:49,543 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:16:49,544 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:16:49,544 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:16:49,544 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:16:49,544 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:16:49,655 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:16:49,657 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:16:49,890 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-11-08 15:16:49,890 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:16:49,906 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:16:49,907 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:16:49,907 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:16:49 BoogieIcfgContainer [2024-11-08 15:16:49,907 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:16:49,909 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:16:49,909 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:16:49,912 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:16:49,912 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:16:48" (1/3) ... [2024-11-08 15:16:49,913 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@31ff3522 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:16:49, skipping insertion in model container [2024-11-08 15:16:49,913 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (2/3) ... [2024-11-08 15:16:49,913 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@31ff3522 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:16:49, skipping insertion in model container [2024-11-08 15:16:49,913 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:16:49" (3/3) ... [2024-11-08 15:16:49,914 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product40.cil.c [2024-11-08 15:16:49,926 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:16:49,927 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:16:49,981 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:16:49,987 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@152bcd9f, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:16:49,987 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:16:49,993 INFO L276 IsEmpty]: Start isEmpty. Operand has 98 states, 74 states have (on average 1.364864864864865) internal successors, (101), 83 states have internal predecessors, (101), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-08 15:16:50,002 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 15:16:50,003 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:50,004 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:50,005 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:50,012 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:50,013 INFO L85 PathProgramCache]: Analyzing trace with hash 694872208, now seen corresponding path program 1 times [2024-11-08 15:16:50,029 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:50,029 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1872229411] [2024-11-08 15:16:50,029 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:50,030 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,155 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,214 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-08 15:16:50,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,227 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:16:50,231 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,236 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:50,237 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:50,237 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1872229411] [2024-11-08 15:16:50,238 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1872229411] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:50,238 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:50,239 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:16:50,241 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1787864032] [2024-11-08 15:16:50,241 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:50,245 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:16:50,245 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:50,261 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:16:50,261 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:16:50,263 INFO L87 Difference]: Start difference. First operand has 98 states, 74 states have (on average 1.364864864864865) internal successors, (101), 83 states have internal predecessors, (101), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,286 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:50,286 INFO L93 Difference]: Finished difference Result 187 states and 252 transitions. [2024-11-08 15:16:50,287 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:16:50,288 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-08 15:16:50,288 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:50,294 INFO L225 Difference]: With dead ends: 187 [2024-11-08 15:16:50,295 INFO L226 Difference]: Without dead ends: 89 [2024-11-08 15:16:50,297 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:16:50,300 INFO L432 NwaCegarLoop]: 123 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 123 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:50,301 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 123 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:50,313 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2024-11-08 15:16:50,336 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 89. [2024-11-08 15:16:50,338 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 67 states have (on average 1.2985074626865671) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-08 15:16:50,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 114 transitions. [2024-11-08 15:16:50,343 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 114 transitions. Word has length 32 [2024-11-08 15:16:50,343 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:50,343 INFO L471 AbstractCegarLoop]: Abstraction has 89 states and 114 transitions. [2024-11-08 15:16:50,344 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,344 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 114 transitions. [2024-11-08 15:16:50,346 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-08 15:16:50,346 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:50,347 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:50,347 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:16:50,347 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:50,348 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:50,348 INFO L85 PathProgramCache]: Analyzing trace with hash -778098819, now seen corresponding path program 1 times [2024-11-08 15:16:50,348 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:50,349 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2134804404] [2024-11-08 15:16:50,349 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:50,349 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,368 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,462 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 15:16:50,464 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,470 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-08 15:16:50,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,478 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:50,478 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:50,478 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2134804404] [2024-11-08 15:16:50,479 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2134804404] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:50,479 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:50,479 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:16:50,479 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [119241047] [2024-11-08 15:16:50,479 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:50,480 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:16:50,481 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:50,482 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:16:50,484 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:50,484 INFO L87 Difference]: Start difference. First operand 89 states and 114 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,502 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:50,502 INFO L93 Difference]: Finished difference Result 138 states and 176 transitions. [2024-11-08 15:16:50,502 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:16:50,503 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-08 15:16:50,503 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:50,504 INFO L225 Difference]: With dead ends: 138 [2024-11-08 15:16:50,504 INFO L226 Difference]: Without dead ends: 80 [2024-11-08 15:16:50,505 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:50,506 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 17 mSDsluCounter, 79 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 180 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:50,507 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 180 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:50,507 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2024-11-08 15:16:50,515 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2024-11-08 15:16:50,516 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 61 states have (on average 1.3114754098360655) internal successors, (80), 69 states have internal predecessors, (80), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-08 15:16:50,517 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 102 transitions. [2024-11-08 15:16:50,518 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 102 transitions. Word has length 33 [2024-11-08 15:16:50,518 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:50,518 INFO L471 AbstractCegarLoop]: Abstraction has 80 states and 102 transitions. [2024-11-08 15:16:50,518 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,518 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 102 transitions. [2024-11-08 15:16:50,521 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-08 15:16:50,521 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:50,521 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:50,522 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:16:50,522 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:50,524 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:50,524 INFO L85 PathProgramCache]: Analyzing trace with hash 1811500472, now seen corresponding path program 1 times [2024-11-08 15:16:50,525 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:50,525 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1220779872] [2024-11-08 15:16:50,525 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:50,525 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,555 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,698 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:16:50,701 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,706 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-08 15:16:50,712 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,717 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:50,717 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:50,719 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1220779872] [2024-11-08 15:16:50,719 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1220779872] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:50,719 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:50,719 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:16:50,719 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1453842491] [2024-11-08 15:16:50,720 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:50,720 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:16:50,721 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:50,722 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:16:50,722 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:16:50,722 INFO L87 Difference]: Start difference. First operand 80 states and 102 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:50,803 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:50,803 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2024-11-08 15:16:50,807 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:16:50,808 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-08 15:16:50,808 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:50,810 INFO L225 Difference]: With dead ends: 199 [2024-11-08 15:16:50,812 INFO L226 Difference]: Without dead ends: 127 [2024-11-08 15:16:50,813 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:16:50,814 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 91 mSDsluCounter, 283 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 397 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:50,817 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 397 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:50,818 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2024-11-08 15:16:50,833 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 124. [2024-11-08 15:16:50,833 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 94 states have (on average 1.3297872340425532) internal successors, (125), 105 states have internal predecessors, (125), 17 states have call successors, (17), 12 states have call predecessors, (17), 12 states have return successors, (18), 13 states have call predecessors, (18), 17 states have call successors, (18) [2024-11-08 15:16:50,835 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 160 transitions. [2024-11-08 15:16:50,835 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 160 transitions. Word has length 38 [2024-11-08 15:16:50,836 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:50,836 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 160 transitions. [2024-11-08 15:16:50,836 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:50,836 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 160 transitions. [2024-11-08 15:16:50,838 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-08 15:16:50,838 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:50,838 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:50,838 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:16:50,839 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:50,839 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:50,839 INFO L85 PathProgramCache]: Analyzing trace with hash -1858694344, now seen corresponding path program 1 times [2024-11-08 15:16:50,839 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:50,840 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [108125982] [2024-11-08 15:16:50,840 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:50,840 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,965 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 15:16:50,967 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,968 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-08 15:16:50,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,989 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 15:16:50,990 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:50,990 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [108125982] [2024-11-08 15:16:50,990 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [108125982] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:50,990 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:50,990 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:16:50,990 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [867269196] [2024-11-08 15:16:50,990 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:50,991 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:16:50,991 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:50,992 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:16:50,992 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:16:50,992 INFO L87 Difference]: Start difference. First operand 124 states and 160 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:51,167 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:51,167 INFO L93 Difference]: Finished difference Result 279 states and 370 transitions. [2024-11-08 15:16:51,167 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:16:51,168 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-11-08 15:16:51,168 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:51,170 INFO L225 Difference]: With dead ends: 279 [2024-11-08 15:16:51,170 INFO L226 Difference]: Without dead ends: 163 [2024-11-08 15:16:51,171 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:16:51,174 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 72 mSDsluCounter, 334 mSDsCounter, 0 mSdLazyCounter, 68 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 436 SdHoareTripleChecker+Invalid, 77 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 68 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:51,175 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 436 Invalid, 77 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 68 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:16:51,179 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 163 states. [2024-11-08 15:16:51,206 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 163 to 162. [2024-11-08 15:16:51,209 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 162 states, 123 states have (on average 1.2682926829268293) internal successors, (156), 133 states have internal predecessors, (156), 21 states have call successors, (21), 17 states have call predecessors, (21), 17 states have return successors, (27), 20 states have call predecessors, (27), 21 states have call successors, (27) [2024-11-08 15:16:51,213 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 162 states to 162 states and 204 transitions. [2024-11-08 15:16:51,213 INFO L78 Accepts]: Start accepts. Automaton has 162 states and 204 transitions. Word has length 41 [2024-11-08 15:16:51,217 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:51,217 INFO L471 AbstractCegarLoop]: Abstraction has 162 states and 204 transitions. [2024-11-08 15:16:51,218 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:51,218 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 204 transitions. [2024-11-08 15:16:51,220 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 15:16:51,220 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:51,220 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:51,220 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:16:51,220 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:51,221 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:51,224 INFO L85 PathProgramCache]: Analyzing trace with hash -873577577, now seen corresponding path program 1 times [2024-11-08 15:16:51,224 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:51,224 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1319927815] [2024-11-08 15:16:51,225 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:51,225 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:51,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,289 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 15:16:51,291 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,301 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-08 15:16:51,304 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,307 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 15:16:51,311 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,313 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:51,313 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:51,314 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1319927815] [2024-11-08 15:16:51,314 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1319927815] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:51,315 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:51,315 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-08 15:16:51,315 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1294433087] [2024-11-08 15:16:51,315 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:51,315 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-08 15:16:51,317 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:51,318 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-08 15:16:51,318 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-08 15:16:51,318 INFO L87 Difference]: Start difference. First operand 162 states and 204 transitions. Second operand has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:16:51,457 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:51,458 INFO L93 Difference]: Finished difference Result 343 states and 432 transitions. [2024-11-08 15:16:51,459 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:16:51,459 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-08 15:16:51,459 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:51,463 INFO L225 Difference]: With dead ends: 343 [2024-11-08 15:16:51,465 INFO L226 Difference]: Without dead ends: 189 [2024-11-08 15:16:51,466 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:16:51,467 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 90 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 75 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 97 SdHoareTripleChecker+Valid, 258 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 75 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:51,467 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [97 Valid, 258 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 75 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:16:51,468 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 189 states. [2024-11-08 15:16:51,504 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 189 to 185. [2024-11-08 15:16:51,505 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 185 states, 141 states have (on average 1.2553191489361701) internal successors, (177), 151 states have internal predecessors, (177), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (30), 24 states have call predecessors, (30), 23 states have call successors, (30) [2024-11-08 15:16:51,507 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 185 states to 185 states and 230 transitions. [2024-11-08 15:16:51,510 INFO L78 Accepts]: Start accepts. Automaton has 185 states and 230 transitions. Word has length 55 [2024-11-08 15:16:51,511 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:51,511 INFO L471 AbstractCegarLoop]: Abstraction has 185 states and 230 transitions. [2024-11-08 15:16:51,511 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:16:51,511 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 230 transitions. [2024-11-08 15:16:51,513 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-08 15:16:51,513 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:51,517 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:51,517 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:16:51,518 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:51,518 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:51,518 INFO L85 PathProgramCache]: Analyzing trace with hash 68722199, now seen corresponding path program 1 times [2024-11-08 15:16:51,518 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:51,518 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [239550142] [2024-11-08 15:16:51,519 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:51,519 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:51,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,616 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:16:51,619 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,626 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-08 15:16:51,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,660 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-08 15:16:51,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,664 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:51,666 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:51,667 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [239550142] [2024-11-08 15:16:51,667 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [239550142] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:51,667 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:51,668 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:16:51,668 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1221713539] [2024-11-08 15:16:51,668 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:51,669 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:16:51,669 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:51,670 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:16:51,670 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:16:51,670 INFO L87 Difference]: Start difference. First operand 185 states and 230 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:16:51,909 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:51,909 INFO L93 Difference]: Finished difference Result 501 states and 650 transitions. [2024-11-08 15:16:51,910 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:16:51,910 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-08 15:16:51,910 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:51,913 INFO L225 Difference]: With dead ends: 501 [2024-11-08 15:16:51,913 INFO L226 Difference]: Without dead ends: 324 [2024-11-08 15:16:51,914 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:16:51,915 INFO L432 NwaCegarLoop]: 87 mSDtfsCounter, 144 mSDsluCounter, 275 mSDsCounter, 0 mSdLazyCounter, 135 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 362 SdHoareTripleChecker+Invalid, 170 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:51,916 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 362 Invalid, 170 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 135 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:16:51,916 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 324 states. [2024-11-08 15:16:51,945 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 324 to 320. [2024-11-08 15:16:51,946 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 320 states, 245 states have (on average 1.2448979591836735) internal successors, (305), 259 states have internal predecessors, (305), 41 states have call successors, (41), 32 states have call predecessors, (41), 33 states have return successors, (55), 40 states have call predecessors, (55), 41 states have call successors, (55) [2024-11-08 15:16:51,948 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 320 states to 320 states and 401 transitions. [2024-11-08 15:16:51,949 INFO L78 Accepts]: Start accepts. Automaton has 320 states and 401 transitions. Word has length 52 [2024-11-08 15:16:51,951 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:51,951 INFO L471 AbstractCegarLoop]: Abstraction has 320 states and 401 transitions. [2024-11-08 15:16:51,951 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:16:51,952 INFO L276 IsEmpty]: Start isEmpty. Operand 320 states and 401 transitions. [2024-11-08 15:16:51,953 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-08 15:16:51,955 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:51,956 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:51,956 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 15:16:51,956 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:51,957 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:51,957 INFO L85 PathProgramCache]: Analyzing trace with hash -353979627, now seen corresponding path program 1 times [2024-11-08 15:16:51,957 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:51,957 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [709035984] [2024-11-08 15:16:51,957 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:51,958 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:51,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,014 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:16:52,016 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,020 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-08 15:16:52,027 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,062 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-08 15:16:52,063 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,065 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:52,065 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:52,065 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [709035984] [2024-11-08 15:16:52,065 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [709035984] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:52,065 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:52,066 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:16:52,066 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1515334377] [2024-11-08 15:16:52,066 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:52,066 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:16:52,066 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:52,067 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:16:52,067 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:16:52,067 INFO L87 Difference]: Start difference. First operand 320 states and 401 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:16:52,234 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:52,235 INFO L93 Difference]: Finished difference Result 640 states and 811 transitions. [2024-11-08 15:16:52,235 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:16:52,236 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-08 15:16:52,236 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:52,238 INFO L225 Difference]: With dead ends: 640 [2024-11-08 15:16:52,238 INFO L226 Difference]: Without dead ends: 328 [2024-11-08 15:16:52,240 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:16:52,241 INFO L432 NwaCegarLoop]: 88 mSDtfsCounter, 53 mSDsluCounter, 291 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 379 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:52,241 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [57 Valid, 379 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:16:52,242 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 328 states. [2024-11-08 15:16:52,265 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 328 to 326. [2024-11-08 15:16:52,266 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 326 states, 251 states have (on average 1.2390438247011952) internal successors, (311), 265 states have internal predecessors, (311), 41 states have call successors, (41), 32 states have call predecessors, (41), 33 states have return successors, (55), 40 states have call predecessors, (55), 41 states have call successors, (55) [2024-11-08 15:16:52,268 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 326 states to 326 states and 407 transitions. [2024-11-08 15:16:52,269 INFO L78 Accepts]: Start accepts. Automaton has 326 states and 407 transitions. Word has length 52 [2024-11-08 15:16:52,269 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:52,269 INFO L471 AbstractCegarLoop]: Abstraction has 326 states and 407 transitions. [2024-11-08 15:16:52,269 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:16:52,269 INFO L276 IsEmpty]: Start isEmpty. Operand 326 states and 407 transitions. [2024-11-08 15:16:52,271 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-08 15:16:52,271 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:52,271 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:52,271 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 15:16:52,271 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:52,272 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:52,272 INFO L85 PathProgramCache]: Analyzing trace with hash -2042923369, now seen corresponding path program 1 times [2024-11-08 15:16:52,272 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:52,272 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1929652055] [2024-11-08 15:16:52,272 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:52,273 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:52,283 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,311 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:16:52,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,316 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-08 15:16:52,318 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,336 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-08 15:16:52,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,339 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:52,339 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:52,339 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1929652055] [2024-11-08 15:16:52,341 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1929652055] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:52,341 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:52,341 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:16:52,341 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [492374508] [2024-11-08 15:16:52,341 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:52,342 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:16:52,342 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:52,342 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:16:52,342 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:16:52,342 INFO L87 Difference]: Start difference. First operand 326 states and 407 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:16:52,476 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:52,477 INFO L93 Difference]: Finished difference Result 598 states and 752 transitions. [2024-11-08 15:16:52,477 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:16:52,477 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-08 15:16:52,478 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:52,480 INFO L225 Difference]: With dead ends: 598 [2024-11-08 15:16:52,482 INFO L226 Difference]: Without dead ends: 280 [2024-11-08 15:16:52,483 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:16:52,483 INFO L432 NwaCegarLoop]: 86 mSDtfsCounter, 51 mSDsluCounter, 202 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 288 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:52,484 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 288 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:16:52,485 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 280 states. [2024-11-08 15:16:52,504 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 280 to 278. [2024-11-08 15:16:52,504 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 278 states, 214 states have (on average 1.219626168224299) internal successors, (261), 226 states have internal predecessors, (261), 35 states have call successors, (35), 27 states have call predecessors, (35), 28 states have return successors, (42), 34 states have call predecessors, (42), 35 states have call successors, (42) [2024-11-08 15:16:52,506 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 278 states to 278 states and 338 transitions. [2024-11-08 15:16:52,508 INFO L78 Accepts]: Start accepts. Automaton has 278 states and 338 transitions. Word has length 52 [2024-11-08 15:16:52,508 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:52,508 INFO L471 AbstractCegarLoop]: Abstraction has 278 states and 338 transitions. [2024-11-08 15:16:52,508 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:16:52,508 INFO L276 IsEmpty]: Start isEmpty. Operand 278 states and 338 transitions. [2024-11-08 15:16:52,510 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-08 15:16:52,510 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:52,510 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:52,510 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 15:16:52,510 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:52,511 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:52,511 INFO L85 PathProgramCache]: Analyzing trace with hash -1510613325, now seen corresponding path program 1 times [2024-11-08 15:16:52,511 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:52,511 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1793161298] [2024-11-08 15:16:52,511 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:52,512 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:52,524 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,666 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:16:52,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,675 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:16:52,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,686 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-08 15:16:52,689 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,705 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-08 15:16:52,706 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,707 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:52,707 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:52,708 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1793161298] [2024-11-08 15:16:52,708 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1793161298] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:52,708 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:52,708 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-08 15:16:52,708 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1529822456] [2024-11-08 15:16:52,708 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:52,709 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-08 15:16:52,709 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:52,711 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-08 15:16:52,711 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-08 15:16:52,712 INFO L87 Difference]: Start difference. First operand 278 states and 338 transitions. Second operand has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 15:16:53,369 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:53,369 INFO L93 Difference]: Finished difference Result 800 states and 1030 transitions. [2024-11-08 15:16:53,370 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-08 15:16:53,370 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2024-11-08 15:16:53,370 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:53,374 INFO L225 Difference]: With dead ends: 800 [2024-11-08 15:16:53,374 INFO L226 Difference]: Without dead ends: 618 [2024-11-08 15:16:53,375 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 148 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=170, Invalid=532, Unknown=0, NotChecked=0, Total=702 [2024-11-08 15:16:53,376 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 531 mSDsluCounter, 450 mSDsCounter, 0 mSdLazyCounter, 455 mSolverCounterSat, 173 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 539 SdHoareTripleChecker+Valid, 559 SdHoareTripleChecker+Invalid, 628 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 173 IncrementalHoareTripleChecker+Valid, 455 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:53,376 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [539 Valid, 559 Invalid, 628 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [173 Valid, 455 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-08 15:16:53,377 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 618 states. [2024-11-08 15:16:53,415 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 618 to 590. [2024-11-08 15:16:53,417 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 590 states, 450 states have (on average 1.2066666666666668) internal successors, (543), 480 states have internal predecessors, (543), 75 states have call successors, (75), 57 states have call predecessors, (75), 64 states have return successors, (108), 73 states have call predecessors, (108), 75 states have call successors, (108) [2024-11-08 15:16:53,420 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 590 states to 590 states and 726 transitions. [2024-11-08 15:16:53,421 INFO L78 Accepts]: Start accepts. Automaton has 590 states and 726 transitions. Word has length 56 [2024-11-08 15:16:53,421 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:53,421 INFO L471 AbstractCegarLoop]: Abstraction has 590 states and 726 transitions. [2024-11-08 15:16:53,421 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 15:16:53,422 INFO L276 IsEmpty]: Start isEmpty. Operand 590 states and 726 transitions. [2024-11-08 15:16:53,423 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2024-11-08 15:16:53,423 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:53,423 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:53,424 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-08 15:16:53,424 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:53,424 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:53,424 INFO L85 PathProgramCache]: Analyzing trace with hash -1787594627, now seen corresponding path program 1 times [2024-11-08 15:16:53,425 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:53,425 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [707567697] [2024-11-08 15:16:53,425 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:53,425 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:53,439 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,549 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:16:53,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,564 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-08 15:16:53,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,611 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:16:53,612 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,621 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:16:53,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,637 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-11-08 15:16:53,639 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,655 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2024-11-08 15:16:53,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,658 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:16:53,659 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,660 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2024-11-08 15:16:53,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,662 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 15:16:53,663 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:53,663 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [707567697] [2024-11-08 15:16:53,663 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [707567697] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:16:53,663 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [541824599] [2024-11-08 15:16:53,663 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:53,664 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:16:53,664 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:16:53,666 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:16:53,667 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:16:53,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:53,768 INFO L255 TraceCheckSpWp]: Trace formula consists of 318 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-08 15:16:53,774 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:16:53,926 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:53,927 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:16:54,184 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 15:16:54,185 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [541824599] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:16:54,185 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:16:54,185 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-11-08 15:16:54,186 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1982455284] [2024-11-08 15:16:54,186 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:16:54,186 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-08 15:16:54,187 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:54,187 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-08 15:16:54,188 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-11-08 15:16:54,188 INFO L87 Difference]: Start difference. First operand 590 states and 726 transitions. Second operand has 16 states, 16 states have (on average 7.4375) internal successors, (119), 11 states have internal predecessors, (119), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-08 15:16:55,281 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:55,281 INFO L93 Difference]: Finished difference Result 1282 states and 1625 transitions. [2024-11-08 15:16:55,282 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2024-11-08 15:16:55,282 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.4375) internal successors, (119), 11 states have internal predecessors, (119), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 96 [2024-11-08 15:16:55,282 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:55,284 INFO L225 Difference]: With dead ends: 1282 [2024-11-08 15:16:55,284 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:16:55,287 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 249 GetRequests, 208 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 334 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=277, Invalid=1205, Unknown=0, NotChecked=0, Total=1482 [2024-11-08 15:16:55,288 INFO L432 NwaCegarLoop]: 173 mSDtfsCounter, 339 mSDsluCounter, 1254 mSDsCounter, 0 mSdLazyCounter, 1065 mSolverCounterSat, 118 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 346 SdHoareTripleChecker+Valid, 1427 SdHoareTripleChecker+Invalid, 1183 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 118 IncrementalHoareTripleChecker+Valid, 1065 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:55,288 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [346 Valid, 1427 Invalid, 1183 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [118 Valid, 1065 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-11-08 15:16:55,288 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:16:55,288 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:16:55,288 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:55,289 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:16:55,289 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 96 [2024-11-08 15:16:55,289 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:55,290 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:16:55,290 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.4375) internal successors, (119), 11 states have internal predecessors, (119), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-08 15:16:55,290 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:16:55,290 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:16:55,293 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:16:55,310 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 15:16:55,493 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-08 15:16:55,496 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:55,497 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:16:58,699 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:16:58,716 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse0 .cse1) (and (= 2 ~waterLevel~0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse1))) [2024-11-08 15:16:58,733 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1) (and (= |old(~pumpRunning~0)| 0) .cse2))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-08 15:16:58,742 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= |old(~pumpRunning~0)| 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-08 15:16:58,748 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse2) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse1))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-08 15:16:58,756 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:16:58 BoogieIcfgContainer [2024-11-08 15:16:58,756 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:16:58,757 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:16:58,757 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:16:58,757 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:16:58,760 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:16:49" (3/4) ... [2024-11-08 15:16:58,762 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:16:58,766 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 15:16:58,766 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:16:58,766 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:16:58,766 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:16:58,766 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:16:58,766 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:16:58,767 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:16:58,767 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-08 15:16:58,772 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 20 nodes and edges [2024-11-08 15:16:58,773 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:16:58,774 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:16:58,775 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:16:58,775 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:16:58,893 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:16:58,893 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:16:58,893 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:16:58,894 INFO L158 Benchmark]: Toolchain (without parser) took 10082.54ms. Allocated memory was 148.9MB in the beginning and 234.9MB in the end (delta: 86.0MB). Free memory was 72.2MB in the beginning and 169.1MB in the end (delta: -96.8MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:16:58,894 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 148.9MB. Free memory was 120.2MB in the beginning and 119.8MB in the end (delta: 325.2kB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:16:58,895 INFO L158 Benchmark]: CACSL2BoogieTranslator took 542.40ms. Allocated memory is still 148.9MB. Free memory was 72.2MB in the beginning and 112.4MB in the end (delta: -40.2MB). Peak memory consumption was 17.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:58,895 INFO L158 Benchmark]: Boogie Procedure Inliner took 61.32ms. Allocated memory is still 148.9MB. Free memory was 112.4MB in the beginning and 110.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:58,895 INFO L158 Benchmark]: Boogie Preprocessor took 46.78ms. Allocated memory is still 148.9MB. Free memory was 110.4MB in the beginning and 108.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:58,896 INFO L158 Benchmark]: RCFGBuilder took 442.13ms. Allocated memory is still 148.9MB. Free memory was 107.5MB in the beginning and 106.8MB in the end (delta: 751.3kB). Peak memory consumption was 8.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:58,896 INFO L158 Benchmark]: TraceAbstraction took 8847.63ms. Allocated memory was 148.9MB in the beginning and 234.9MB in the end (delta: 86.0MB). Free memory was 105.9MB in the beginning and 177.5MB in the end (delta: -71.6MB). Peak memory consumption was 127.2MB. Max. memory is 16.1GB. [2024-11-08 15:16:58,896 INFO L158 Benchmark]: Witness Printer took 136.58ms. Allocated memory is still 234.9MB. Free memory was 177.5MB in the beginning and 169.1MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-08 15:16:58,898 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 148.9MB. Free memory was 120.2MB in the beginning and 119.8MB in the end (delta: 325.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 542.40ms. Allocated memory is still 148.9MB. Free memory was 72.2MB in the beginning and 112.4MB in the end (delta: -40.2MB). Peak memory consumption was 17.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 61.32ms. Allocated memory is still 148.9MB. Free memory was 112.4MB in the beginning and 110.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 46.78ms. Allocated memory is still 148.9MB. Free memory was 110.4MB in the beginning and 108.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 442.13ms. Allocated memory is still 148.9MB. Free memory was 107.5MB in the beginning and 106.8MB in the end (delta: 751.3kB). Peak memory consumption was 8.1MB. Max. memory is 16.1GB. * TraceAbstraction took 8847.63ms. Allocated memory was 148.9MB in the beginning and 234.9MB in the end (delta: 86.0MB). Free memory was 105.9MB in the beginning and 177.5MB in the end (delta: -71.6MB). Peak memory consumption was 127.2MB. Max. memory is 16.1GB. * Witness Printer took 136.58ms. Allocated memory is still 234.9MB. Free memory was 177.5MB in the beginning and 169.1MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 266]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] - GenericResultAtLocation [Line: 338]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] - GenericResultAtLocation [Line: 704]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] - GenericResultAtLocation [Line: 755]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] - GenericResultAtLocation [Line: 855]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] - GenericResultAtLocation [Line: 864]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] - GenericResultAtLocation [Line: 899]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 860]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 98 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1430 SdHoareTripleChecker+Valid, 1.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1388 mSDsluCounter, 4409 SdHoareTripleChecker+Invalid, 1.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3312 mSDsCounter, 381 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2020 IncrementalHoareTripleChecker+Invalid, 2401 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 381 mSolverCounterUnsat, 1097 mSDtfsCounter, 2020 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 378 GetRequests, 277 SyntacticMatches, 4 SemanticMatches, 97 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 493 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=590occurred in iteration=9, InterpolantAutomatonStates: 92, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 44 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.6s InterpolantComputationTime, 603 NumberOfCodeBlocks, 603 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 687 ConstructedInterpolants, 0 QuantifiedInterpolants, 1255 SizeOfPredicates, 2 NumberOfNonLiveVariables, 318 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 103/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 279]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 280]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) || (((((1 <= pumpRunning) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 != systemActive))) - InvariantResult [Line: 767]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 160]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((2 == waterLevel) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && ((((((systemActive == \old(systemActive)) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 926]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 757]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((1 <= \old(pumpRunning)) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && (((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) && (\old(waterLevel) == 2)))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && ((((((systemActive == \old(systemActive)) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 914]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((pumpRunning == 0) && (\old(waterLevel) <= 2))) || ((((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive))) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 179]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) || ((pumpRunning == 0) && (waterLevel <= 2))) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) && (pumpRunning == \result)) && ((\result == 0) || (0 != systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:16:58,930 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE