./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 023d838f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e1c4d106eb612b91999bdca4bb49f57df1223b70f35ecd881d6daa6062cb1b0b --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-023d838-m [2024-11-09 23:17:19,956 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 23:17:20,050 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-09 23:17:20,055 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 23:17:20,056 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 23:17:20,093 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 23:17:20,094 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 23:17:20,095 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 23:17:20,096 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-09 23:17:20,096 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-09 23:17:20,097 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 23:17:20,097 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 23:17:20,098 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-09 23:17:20,099 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-09 23:17:20,100 INFO L153 SettingsManager]: * Use SBE=true [2024-11-09 23:17:20,100 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 23:17:20,100 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-09 23:17:20,101 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 23:17:20,101 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 23:17:20,101 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 23:17:20,101 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 23:17:20,105 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-09 23:17:20,106 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 23:17:20,106 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-09 23:17:20,106 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 23:17:20,106 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 23:17:20,107 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-09 23:17:20,107 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 23:17:20,107 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-09 23:17:20,107 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-09 23:17:20,107 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 23:17:20,108 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 23:17:20,108 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:17:20,108 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 23:17:20,108 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 23:17:20,108 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-09 23:17:20,109 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-09 23:17:20,109 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 23:17:20,111 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 23:17:20,111 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-09 23:17:20,111 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-09 23:17:20,111 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 23:17:20,112 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e1c4d106eb612b91999bdca4bb49f57df1223b70f35ecd881d6daa6062cb1b0b [2024-11-09 23:17:20,368 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 23:17:20,391 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 23:17:20,394 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 23:17:20,396 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 23:17:20,396 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 23:17:20,398 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c [2024-11-09 23:17:21,903 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 23:17:22,163 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 23:17:22,167 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c [2024-11-09 23:17:22,192 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/d71b95fc6/85453f33ecc94868a463c0e25fa22226/FLAG17e0034c5 [2024-11-09 23:17:22,478 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/d71b95fc6/85453f33ecc94868a463c0e25fa22226 [2024-11-09 23:17:22,482 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 23:17:22,485 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 23:17:22,486 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 23:17:22,486 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 23:17:22,493 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 23:17:22,494 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:22,495 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@54c35410 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22, skipping insertion in model container [2024-11-09 23:17:22,495 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:22,538 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 23:17:22,708 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c[1605,1618] [2024-11-09 23:17:22,867 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:17:22,879 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 23:17:22,890 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-11-09 23:17:22,892 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] [2024-11-09 23:17:22,892 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [96] [2024-11-09 23:17:22,892 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [165] [2024-11-09 23:17:22,893 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [398] [2024-11-09 23:17:22,893 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [502] [2024-11-09 23:17:22,893 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [536] [2024-11-09 23:17:22,894 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [902] [2024-11-09 23:17:22,897 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c[1605,1618] [2024-11-09 23:17:22,963 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:17:22,983 INFO L204 MainTranslator]: Completed translation [2024-11-09 23:17:22,983 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22 WrapperNode [2024-11-09 23:17:22,984 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 23:17:22,985 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 23:17:22,985 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 23:17:22,985 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 23:17:22,991 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,006 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,036 INFO L138 Inliner]: procedures = 56, calls = 103, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 227 [2024-11-09 23:17:23,037 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 23:17:23,037 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 23:17:23,038 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 23:17:23,038 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 23:17:23,047 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,047 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,049 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,072 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-09 23:17:23,073 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,073 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,081 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,084 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,086 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,089 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,091 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 23:17:23,096 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-09 23:17:23,096 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-09 23:17:23,096 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-09 23:17:23,097 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (1/1) ... [2024-11-09 23:17:23,102 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:17:23,118 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:17:23,143 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-09 23:17:23,146 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-09 23:17:23,198 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 23:17:23,198 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-09 23:17:23,198 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-09 23:17:23,198 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-09 23:17:23,199 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-09 23:17:23,199 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-09 23:17:23,199 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-09 23:17:23,199 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-09 23:17:23,199 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-09 23:17:23,199 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:17:23,200 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:17:23,200 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-09 23:17:23,200 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-09 23:17:23,200 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-09 23:17:23,200 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-09 23:17:23,201 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-09 23:17:23,201 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-09 23:17:23,201 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-09 23:17:23,202 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-09 23:17:23,202 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-09 23:17:23,202 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 23:17:23,203 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 23:17:23,289 INFO L256 CfgBuilder]: Building ICFG [2024-11-09 23:17:23,292 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 23:17:23,353 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L444: #res := ~retValue_acc~6; [2024-11-09 23:17:23,467 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L312-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~2#1; [2024-11-09 23:17:23,467 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L321-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~3#1; [2024-11-09 23:17:23,468 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L476-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; [2024-11-09 23:17:23,534 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L93-1: valid_product_#res#1 := valid_product_~retValue_acc~1#1; [2024-11-09 23:17:23,534 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L995-1: main_#res#1 := main_~retValue_acc~13#1; [2024-11-09 23:17:23,570 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L376-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~4#1; [2024-11-09 23:17:23,570 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L490-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~8#1; [2024-11-09 23:17:23,610 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L499-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~9#1; [2024-11-09 23:17:23,611 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L395-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~5#1; [2024-11-09 23:17:23,635 INFO L? ?]: Removed 53 outVars from TransFormulas that were not future-live. [2024-11-09 23:17:23,635 INFO L307 CfgBuilder]: Performing block encoding [2024-11-09 23:17:23,648 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 23:17:23,648 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-09 23:17:23,649 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:17:23 BoogieIcfgContainer [2024-11-09 23:17:23,649 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-09 23:17:23,651 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 23:17:23,651 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 23:17:23,653 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 23:17:23,654 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 11:17:22" (1/3) ... [2024-11-09 23:17:23,654 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5287b7ef and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:17:23, skipping insertion in model container [2024-11-09 23:17:23,654 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:17:22" (2/3) ... [2024-11-09 23:17:23,654 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5287b7ef and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:17:23, skipping insertion in model container [2024-11-09 23:17:23,654 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:17:23" (3/3) ... [2024-11-09 23:17:23,655 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product53.cil.c [2024-11-09 23:17:23,669 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 23:17:23,669 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-09 23:17:23,717 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 23:17:23,722 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@52541589, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 23:17:23,722 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-09 23:17:23,726 INFO L276 IsEmpty]: Start isEmpty. Operand has 106 states, 79 states have (on average 1.3670886075949367) internal successors, (108), 89 states have internal predecessors, (108), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-09 23:17:23,734 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2024-11-09 23:17:23,734 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:23,735 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:23,735 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:23,738 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:23,738 INFO L85 PathProgramCache]: Analyzing trace with hash -691763782, now seen corresponding path program 1 times [2024-11-09 23:17:23,745 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:23,745 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1761086674] [2024-11-09 23:17:23,745 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:23,745 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:23,849 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:23,914 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-09 23:17:23,917 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:23,921 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:23,921 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:23,922 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1761086674] [2024-11-09 23:17:23,922 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1761086674] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:23,922 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:23,922 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 23:17:23,923 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [870476059] [2024-11-09 23:17:23,924 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:23,927 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-09 23:17:23,927 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:23,945 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-09 23:17:23,946 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:17:23,948 INFO L87 Difference]: Start difference. First operand has 106 states, 79 states have (on average 1.3670886075949367) internal successors, (108), 89 states have internal predecessors, (108), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 11.5) internal successors, (23), 2 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:17:24,001 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:24,002 INFO L93 Difference]: Finished difference Result 203 states and 274 transitions. [2024-11-09 23:17:24,004 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-09 23:17:24,008 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 11.5) internal successors, (23), 2 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2024-11-09 23:17:24,009 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:24,021 INFO L225 Difference]: With dead ends: 203 [2024-11-09 23:17:24,022 INFO L226 Difference]: Without dead ends: 95 [2024-11-09 23:17:24,026 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:17:24,044 INFO L432 NwaCegarLoop]: 133 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 133 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:24,045 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 133 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:17:24,065 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2024-11-09 23:17:24,084 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 95. [2024-11-09 23:17:24,085 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 95 states, 70 states have (on average 1.3142857142857143) internal successors, (92), 79 states have internal predecessors, (92), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-09 23:17:24,087 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 95 states to 95 states and 123 transitions. [2024-11-09 23:17:24,089 INFO L78 Accepts]: Start accepts. Automaton has 95 states and 123 transitions. Word has length 27 [2024-11-09 23:17:24,089 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:24,089 INFO L471 AbstractCegarLoop]: Abstraction has 95 states and 123 transitions. [2024-11-09 23:17:24,090 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 11.5) internal successors, (23), 2 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:17:24,090 INFO L276 IsEmpty]: Start isEmpty. Operand 95 states and 123 transitions. [2024-11-09 23:17:24,092 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-11-09 23:17:24,092 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:24,093 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:24,093 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 23:17:24,093 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:24,094 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:24,094 INFO L85 PathProgramCache]: Analyzing trace with hash -152643392, now seen corresponding path program 1 times [2024-11-09 23:17:24,094 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:24,094 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2100346242] [2024-11-09 23:17:24,094 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:24,095 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:24,117 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:24,207 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-09 23:17:24,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:24,212 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:24,213 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:24,213 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2100346242] [2024-11-09 23:17:24,213 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2100346242] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:24,213 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:24,214 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 23:17:24,214 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1091359577] [2024-11-09 23:17:24,214 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:24,215 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 23:17:24,215 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:24,216 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 23:17:24,216 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:17:24,217 INFO L87 Difference]: Start difference. First operand 95 states and 123 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:17:24,245 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:24,247 INFO L93 Difference]: Finished difference Result 155 states and 201 transitions. [2024-11-09 23:17:24,250 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 23:17:24,250 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2024-11-09 23:17:24,250 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:24,251 INFO L225 Difference]: With dead ends: 155 [2024-11-09 23:17:24,253 INFO L226 Difference]: Without dead ends: 85 [2024-11-09 23:17:24,254 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:17:24,256 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 11 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 202 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:24,256 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 202 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:17:24,258 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-09 23:17:24,270 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-09 23:17:24,274 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3333333333333333) internal successors, (84), 72 states have internal predecessors, (84), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-09 23:17:24,276 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 110 transitions. [2024-11-09 23:17:24,276 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 110 transitions. Word has length 29 [2024-11-09 23:17:24,277 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:24,277 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 110 transitions. [2024-11-09 23:17:24,277 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:17:24,278 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 110 transitions. [2024-11-09 23:17:24,279 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-11-09 23:17:24,279 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:24,279 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:24,279 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 23:17:24,279 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:24,280 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:24,280 INFO L85 PathProgramCache]: Analyzing trace with hash 1218338334, now seen corresponding path program 1 times [2024-11-09 23:17:24,280 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:24,280 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1526761400] [2024-11-09 23:17:24,280 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:24,281 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:24,311 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:24,380 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:17:24,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:24,384 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:24,384 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:24,384 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1526761400] [2024-11-09 23:17:24,384 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1526761400] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:24,385 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:24,385 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 23:17:24,385 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [54523424] [2024-11-09 23:17:24,385 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:24,385 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 23:17:24,386 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:24,386 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 23:17:24,386 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:17:24,387 INFO L87 Difference]: Start difference. First operand 85 states and 110 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:17:24,407 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:24,408 INFO L93 Difference]: Finished difference Result 163 states and 214 transitions. [2024-11-09 23:17:24,408 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 23:17:24,408 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2024-11-09 23:17:24,408 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:24,410 INFO L225 Difference]: With dead ends: 163 [2024-11-09 23:17:24,411 INFO L226 Difference]: Without dead ends: 85 [2024-11-09 23:17:24,411 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:17:24,413 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 92 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 92 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:24,413 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [92 Valid, 108 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:17:24,414 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-09 23:17:24,431 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-09 23:17:24,431 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 72 states have internal predecessors, (83), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-09 23:17:24,432 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 109 transitions. [2024-11-09 23:17:24,432 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 109 transitions. Word has length 31 [2024-11-09 23:17:24,432 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:24,433 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 109 transitions. [2024-11-09 23:17:24,433 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:17:24,433 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 109 transitions. [2024-11-09 23:17:24,438 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-11-09 23:17:24,438 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:24,438 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:24,438 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-09 23:17:24,438 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:24,439 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:24,439 INFO L85 PathProgramCache]: Analyzing trace with hash 744798495, now seen corresponding path program 1 times [2024-11-09 23:17:24,439 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:24,439 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [783129973] [2024-11-09 23:17:24,439 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:24,439 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:24,468 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:24,575 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:17:24,577 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:24,586 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2024-11-09 23:17:24,587 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:24,589 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-09 23:17:24,594 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:24,598 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:17:24,598 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:24,598 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [783129973] [2024-11-09 23:17:24,599 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [783129973] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:24,599 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:24,599 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-09 23:17:24,599 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2108950339] [2024-11-09 23:17:24,599 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:24,600 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-09 23:17:24,600 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:24,601 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-09 23:17:24,602 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-09 23:17:24,602 INFO L87 Difference]: Start difference. First operand 85 states and 109 transitions. Second operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-09 23:17:24,830 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:24,830 INFO L93 Difference]: Finished difference Result 248 states and 322 transitions. [2024-11-09 23:17:24,833 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:17:24,834 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 44 [2024-11-09 23:17:24,835 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:24,837 INFO L225 Difference]: With dead ends: 248 [2024-11-09 23:17:24,840 INFO L226 Difference]: Without dead ends: 170 [2024-11-09 23:17:24,841 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:17:24,842 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 158 mSDsluCounter, 123 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 164 SdHoareTripleChecker+Valid, 225 SdHoareTripleChecker+Invalid, 123 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:24,843 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [164 Valid, 225 Invalid, 123 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:17:24,846 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 170 states. [2024-11-09 23:17:24,871 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 170 to 161. [2024-11-09 23:17:24,872 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 161 states, 121 states have (on average 1.2892561983471074) internal successors, (156), 129 states have internal predecessors, (156), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-09 23:17:24,877 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 161 states to 161 states and 205 transitions. [2024-11-09 23:17:24,878 INFO L78 Accepts]: Start accepts. Automaton has 161 states and 205 transitions. Word has length 44 [2024-11-09 23:17:24,878 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:24,878 INFO L471 AbstractCegarLoop]: Abstraction has 161 states and 205 transitions. [2024-11-09 23:17:24,878 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-09 23:17:24,878 INFO L276 IsEmpty]: Start isEmpty. Operand 161 states and 205 transitions. [2024-11-09 23:17:24,884 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-09 23:17:24,884 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:24,884 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:24,884 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-09 23:17:24,885 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:24,885 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:24,885 INFO L85 PathProgramCache]: Analyzing trace with hash -910152100, now seen corresponding path program 1 times [2024-11-09 23:17:24,885 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:24,885 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1187245196] [2024-11-09 23:17:24,886 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:24,886 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:24,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:24,980 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:17:24,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,011 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:17:25,017 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,066 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-11-09 23:17:25,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,071 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:25,073 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:25,073 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1187245196] [2024-11-09 23:17:25,073 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1187245196] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:25,073 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:25,073 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:17:25,073 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1770200596] [2024-11-09 23:17:25,075 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:25,075 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:17:25,075 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:25,076 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:17:25,076 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:17:25,076 INFO L87 Difference]: Start difference. First operand 161 states and 205 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:17:25,290 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:25,290 INFO L93 Difference]: Finished difference Result 321 states and 415 transitions. [2024-11-09 23:17:25,290 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 23:17:25,291 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-09 23:17:25,291 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:25,293 INFO L225 Difference]: With dead ends: 321 [2024-11-09 23:17:25,293 INFO L226 Difference]: Without dead ends: 167 [2024-11-09 23:17:25,294 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:17:25,299 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 62 mSDsluCounter, 331 mSDsCounter, 0 mSdLazyCounter, 142 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 433 SdHoareTripleChecker+Invalid, 157 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 142 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:25,299 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 433 Invalid, 157 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 142 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:17:25,300 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2024-11-09 23:17:25,332 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 164. [2024-11-09 23:17:25,333 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 164 states, 124 states have (on average 1.282258064516129) internal successors, (159), 132 states have internal predecessors, (159), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-09 23:17:25,334 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 164 states to 164 states and 208 transitions. [2024-11-09 23:17:25,334 INFO L78 Accepts]: Start accepts. Automaton has 164 states and 208 transitions. Word has length 50 [2024-11-09 23:17:25,335 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:25,335 INFO L471 AbstractCegarLoop]: Abstraction has 164 states and 208 transitions. [2024-11-09 23:17:25,336 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:17:25,336 INFO L276 IsEmpty]: Start isEmpty. Operand 164 states and 208 transitions. [2024-11-09 23:17:25,337 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-09 23:17:25,340 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:25,340 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:25,340 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-09 23:17:25,340 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:25,341 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:25,341 INFO L85 PathProgramCache]: Analyzing trace with hash 334612381, now seen corresponding path program 1 times [2024-11-09 23:17:25,341 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:25,341 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1689551115] [2024-11-09 23:17:25,341 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:25,341 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:25,366 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,444 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:17:25,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,473 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:17:25,477 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,510 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-11-09 23:17:25,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,513 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:25,513 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:25,513 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1689551115] [2024-11-09 23:17:25,513 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1689551115] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:25,513 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:25,514 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:17:25,514 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1486160066] [2024-11-09 23:17:25,514 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:25,514 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:17:25,514 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:25,515 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:17:25,515 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:17:25,515 INFO L87 Difference]: Start difference. First operand 164 states and 208 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:17:25,700 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:25,700 INFO L93 Difference]: Finished difference Result 326 states and 426 transitions. [2024-11-09 23:17:25,701 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 23:17:25,701 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-09 23:17:25,701 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:25,703 INFO L225 Difference]: With dead ends: 326 [2024-11-09 23:17:25,703 INFO L226 Difference]: Without dead ends: 169 [2024-11-09 23:17:25,704 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:17:25,708 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 140 mSDsluCounter, 224 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 143 SdHoareTripleChecker+Valid, 322 SdHoareTripleChecker+Invalid, 155 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:25,708 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [143 Valid, 322 Invalid, 155 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:17:25,709 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 169 states. [2024-11-09 23:17:25,735 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 169 to 166. [2024-11-09 23:17:25,736 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 166 states, 126 states have (on average 1.2777777777777777) internal successors, (161), 134 states have internal predecessors, (161), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-09 23:17:25,737 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 166 states to 166 states and 210 transitions. [2024-11-09 23:17:25,738 INFO L78 Accepts]: Start accepts. Automaton has 166 states and 210 transitions. Word has length 50 [2024-11-09 23:17:25,738 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:25,739 INFO L471 AbstractCegarLoop]: Abstraction has 166 states and 210 transitions. [2024-11-09 23:17:25,739 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:17:25,739 INFO L276 IsEmpty]: Start isEmpty. Operand 166 states and 210 transitions. [2024-11-09 23:17:25,741 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-09 23:17:25,741 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:25,742 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:25,742 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-09 23:17:25,742 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:25,743 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:25,743 INFO L85 PathProgramCache]: Analyzing trace with hash 475160991, now seen corresponding path program 1 times [2024-11-09 23:17:25,743 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:25,743 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1292852741] [2024-11-09 23:17:25,743 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:25,743 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:25,756 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,812 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:17:25,816 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,836 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:17:25,841 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,864 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-11-09 23:17:25,866 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:25,871 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:25,872 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:25,872 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1292852741] [2024-11-09 23:17:25,873 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1292852741] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:25,873 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:25,873 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:17:25,873 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [940593969] [2024-11-09 23:17:25,873 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:25,873 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:17:25,874 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:25,874 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:17:25,874 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:17:25,874 INFO L87 Difference]: Start difference. First operand 166 states and 210 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-09 23:17:26,136 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:26,136 INFO L93 Difference]: Finished difference Result 466 states and 610 transitions. [2024-11-09 23:17:26,137 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:17:26,137 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 50 [2024-11-09 23:17:26,137 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:26,139 INFO L225 Difference]: With dead ends: 466 [2024-11-09 23:17:26,139 INFO L226 Difference]: Without dead ends: 307 [2024-11-09 23:17:26,139 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 10 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:17:26,140 INFO L432 NwaCegarLoop]: 144 mSDtfsCounter, 232 mSDsluCounter, 193 mSDsCounter, 0 mSdLazyCounter, 160 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 239 SdHoareTripleChecker+Valid, 337 SdHoareTripleChecker+Invalid, 222 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 160 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:26,140 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [239 Valid, 337 Invalid, 222 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 160 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:17:26,141 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 307 states. [2024-11-09 23:17:26,178 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 307 to 295. [2024-11-09 23:17:26,179 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 295 states, 222 states have (on average 1.2567567567567568) internal successors, (279), 234 states have internal predecessors, (279), 36 states have call successors, (36), 33 states have call predecessors, (36), 36 states have return successors, (62), 37 states have call predecessors, (62), 36 states have call successors, (62) [2024-11-09 23:17:26,181 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 295 states to 295 states and 377 transitions. [2024-11-09 23:17:26,182 INFO L78 Accepts]: Start accepts. Automaton has 295 states and 377 transitions. Word has length 50 [2024-11-09 23:17:26,182 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:26,183 INFO L471 AbstractCegarLoop]: Abstraction has 295 states and 377 transitions. [2024-11-09 23:17:26,185 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-09 23:17:26,185 INFO L276 IsEmpty]: Start isEmpty. Operand 295 states and 377 transitions. [2024-11-09 23:17:26,186 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-09 23:17:26,186 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:26,186 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:26,186 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-09 23:17:26,186 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:26,187 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:26,187 INFO L85 PathProgramCache]: Analyzing trace with hash 1070730399, now seen corresponding path program 1 times [2024-11-09 23:17:26,187 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:26,187 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [999391260] [2024-11-09 23:17:26,187 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:26,187 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:26,204 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,306 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:17:26,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,317 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:17:26,319 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,322 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:17:26,322 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,323 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-11-09 23:17:26,324 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,327 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:26,327 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:26,327 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [999391260] [2024-11-09 23:17:26,327 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [999391260] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:26,327 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:26,327 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:17:26,327 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1352836864] [2024-11-09 23:17:26,327 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:26,328 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:17:26,328 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:26,329 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:17:26,330 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:17:26,330 INFO L87 Difference]: Start difference. First operand 295 states and 377 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-09 23:17:26,545 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:26,546 INFO L93 Difference]: Finished difference Result 584 states and 747 transitions. [2024-11-09 23:17:26,546 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:17:26,546 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 52 [2024-11-09 23:17:26,547 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:26,549 INFO L225 Difference]: With dead ends: 584 [2024-11-09 23:17:26,551 INFO L226 Difference]: Without dead ends: 296 [2024-11-09 23:17:26,552 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:17:26,553 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 121 mSDsluCounter, 289 mSDsCounter, 0 mSdLazyCounter, 148 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 374 SdHoareTripleChecker+Invalid, 180 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 148 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:26,553 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 374 Invalid, 180 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 148 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:17:26,554 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 296 states. [2024-11-09 23:17:26,585 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 296 to 293. [2024-11-09 23:17:26,586 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 293 states, 220 states have (on average 1.25) internal successors, (275), 232 states have internal predecessors, (275), 36 states have call successors, (36), 33 states have call predecessors, (36), 36 states have return successors, (62), 37 states have call predecessors, (62), 36 states have call successors, (62) [2024-11-09 23:17:26,588 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 293 states to 293 states and 373 transitions. [2024-11-09 23:17:26,589 INFO L78 Accepts]: Start accepts. Automaton has 293 states and 373 transitions. Word has length 52 [2024-11-09 23:17:26,589 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:26,589 INFO L471 AbstractCegarLoop]: Abstraction has 293 states and 373 transitions. [2024-11-09 23:17:26,590 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-09 23:17:26,590 INFO L276 IsEmpty]: Start isEmpty. Operand 293 states and 373 transitions. [2024-11-09 23:17:26,590 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-09 23:17:26,590 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:26,590 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:26,590 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-09 23:17:26,590 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:26,591 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:26,591 INFO L85 PathProgramCache]: Analyzing trace with hash -914622591, now seen corresponding path program 1 times [2024-11-09 23:17:26,591 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:26,591 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [224416976] [2024-11-09 23:17:26,591 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:26,591 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:26,602 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,664 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:17:26,665 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,674 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-09 23:17:26,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,691 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:17:26,694 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,700 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2024-11-09 23:17:26,702 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:26,703 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:26,704 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:26,704 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [224416976] [2024-11-09 23:17:26,704 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [224416976] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:26,704 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:26,704 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-09 23:17:26,704 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1044924137] [2024-11-09 23:17:26,704 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:26,705 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-09 23:17:26,705 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:26,705 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-09 23:17:26,705 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:17:26,706 INFO L87 Difference]: Start difference. First operand 293 states and 373 transitions. Second operand has 9 states, 9 states have (on average 5.0) internal successors, (45), 7 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-09 23:17:27,240 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:27,241 INFO L93 Difference]: Finished difference Result 569 states and 736 transitions. [2024-11-09 23:17:27,241 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2024-11-09 23:17:27,242 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.0) internal successors, (45), 7 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 54 [2024-11-09 23:17:27,242 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:27,244 INFO L225 Difference]: With dead ends: 569 [2024-11-09 23:17:27,244 INFO L226 Difference]: Without dead ends: 334 [2024-11-09 23:17:27,246 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 65 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=139, Invalid=323, Unknown=0, NotChecked=0, Total=462 [2024-11-09 23:17:27,246 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 337 mSDsluCounter, 363 mSDsCounter, 0 mSdLazyCounter, 478 mSolverCounterSat, 102 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 341 SdHoareTripleChecker+Valid, 465 SdHoareTripleChecker+Invalid, 580 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 102 IncrementalHoareTripleChecker+Valid, 478 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:27,247 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [341 Valid, 465 Invalid, 580 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [102 Valid, 478 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-09 23:17:27,247 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 334 states. [2024-11-09 23:17:27,271 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 334 to 328. [2024-11-09 23:17:27,272 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 328 states, 247 states have (on average 1.2186234817813766) internal successors, (301), 262 states have internal predecessors, (301), 41 states have call successors, (41), 33 states have call predecessors, (41), 39 states have return successors, (58), 42 states have call predecessors, (58), 41 states have call successors, (58) [2024-11-09 23:17:27,274 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 328 states to 328 states and 400 transitions. [2024-11-09 23:17:27,274 INFO L78 Accepts]: Start accepts. Automaton has 328 states and 400 transitions. Word has length 54 [2024-11-09 23:17:27,275 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:27,275 INFO L471 AbstractCegarLoop]: Abstraction has 328 states and 400 transitions. [2024-11-09 23:17:27,275 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.0) internal successors, (45), 7 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-09 23:17:27,275 INFO L276 IsEmpty]: Start isEmpty. Operand 328 states and 400 transitions. [2024-11-09 23:17:27,276 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-09 23:17:27,276 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:27,276 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:27,276 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-09 23:17:27,277 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:27,277 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:27,277 INFO L85 PathProgramCache]: Analyzing trace with hash -1148202109, now seen corresponding path program 1 times [2024-11-09 23:17:27,277 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:27,277 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [547948315] [2024-11-09 23:17:27,278 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:27,278 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:27,287 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,319 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:17:27,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,326 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-09 23:17:27,341 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,347 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:17:27,350 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,367 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:17:27,367 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,368 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-09 23:17:27,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,370 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:27,370 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:27,370 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [547948315] [2024-11-09 23:17:27,370 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [547948315] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:27,370 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:27,370 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:17:27,371 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [960490358] [2024-11-09 23:17:27,371 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:27,371 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:17:27,371 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:27,372 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:17:27,372 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:17:27,372 INFO L87 Difference]: Start difference. First operand 328 states and 400 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 23:17:27,608 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:27,608 INFO L93 Difference]: Finished difference Result 599 states and 741 transitions. [2024-11-09 23:17:27,608 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:17:27,608 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 56 [2024-11-09 23:17:27,608 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:27,610 INFO L225 Difference]: With dead ends: 599 [2024-11-09 23:17:27,610 INFO L226 Difference]: Without dead ends: 331 [2024-11-09 23:17:27,611 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:17:27,612 INFO L432 NwaCegarLoop]: 63 mSDtfsCounter, 147 mSDsluCounter, 202 mSDsCounter, 0 mSdLazyCounter, 239 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 265 SdHoareTripleChecker+Invalid, 285 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 239 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:27,612 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 265 Invalid, 285 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 239 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:17:27,613 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 331 states. [2024-11-09 23:17:27,635 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 331 to 325. [2024-11-09 23:17:27,635 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 325 states, 244 states have (on average 1.2172131147540983) internal successors, (297), 259 states have internal predecessors, (297), 41 states have call successors, (41), 33 states have call predecessors, (41), 39 states have return successors, (58), 42 states have call predecessors, (58), 41 states have call successors, (58) [2024-11-09 23:17:27,637 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 325 states to 325 states and 396 transitions. [2024-11-09 23:17:27,637 INFO L78 Accepts]: Start accepts. Automaton has 325 states and 396 transitions. Word has length 56 [2024-11-09 23:17:27,637 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:27,638 INFO L471 AbstractCegarLoop]: Abstraction has 325 states and 396 transitions. [2024-11-09 23:17:27,638 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 23:17:27,638 INFO L276 IsEmpty]: Start isEmpty. Operand 325 states and 396 transitions. [2024-11-09 23:17:27,638 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-09 23:17:27,638 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:27,638 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:27,639 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-09 23:17:27,639 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:27,639 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:27,639 INFO L85 PathProgramCache]: Analyzing trace with hash 1069555844, now seen corresponding path program 1 times [2024-11-09 23:17:27,639 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:27,639 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [14423182] [2024-11-09 23:17:27,639 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:27,640 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:27,648 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,692 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:17:27,694 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,699 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-09 23:17:27,702 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,712 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:17:27,715 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,751 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:17:27,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,755 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-09 23:17:27,755 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:27,757 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:17:27,757 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:27,757 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [14423182] [2024-11-09 23:17:27,758 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [14423182] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:17:27,758 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:17:27,758 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-09 23:17:27,758 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [108496839] [2024-11-09 23:17:27,758 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:17:27,758 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-09 23:17:27,758 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:27,759 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-09 23:17:27,759 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-11-09 23:17:27,759 INFO L87 Difference]: Start difference. First operand 325 states and 396 transitions. Second operand has 8 states, 8 states have (on average 5.625) internal successors, (45), 6 states have internal predecessors, (45), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-09 23:17:28,068 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:28,068 INFO L93 Difference]: Finished difference Result 568 states and 700 transitions. [2024-11-09 23:17:28,069 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-09 23:17:28,069 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.625) internal successors, (45), 6 states have internal predecessors, (45), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 56 [2024-11-09 23:17:28,069 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:28,072 INFO L225 Difference]: With dead ends: 568 [2024-11-09 23:17:28,072 INFO L226 Difference]: Without dead ends: 303 [2024-11-09 23:17:28,073 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 26 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-11-09 23:17:28,074 INFO L432 NwaCegarLoop]: 66 mSDtfsCounter, 239 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 321 mSolverCounterSat, 74 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 243 SdHoareTripleChecker+Valid, 338 SdHoareTripleChecker+Invalid, 395 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 74 IncrementalHoareTripleChecker+Valid, 321 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:28,074 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [243 Valid, 338 Invalid, 395 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [74 Valid, 321 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:17:28,074 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 303 states. [2024-11-09 23:17:28,093 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 303 to 297. [2024-11-09 23:17:28,094 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 297 states, 224 states have (on average 1.2142857142857142) internal successors, (272), 238 states have internal predecessors, (272), 38 states have call successors, (38), 30 states have call predecessors, (38), 34 states have return successors, (49), 37 states have call predecessors, (49), 38 states have call successors, (49) [2024-11-09 23:17:28,095 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 297 states to 297 states and 359 transitions. [2024-11-09 23:17:28,096 INFO L78 Accepts]: Start accepts. Automaton has 297 states and 359 transitions. Word has length 56 [2024-11-09 23:17:28,096 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:28,096 INFO L471 AbstractCegarLoop]: Abstraction has 297 states and 359 transitions. [2024-11-09 23:17:28,097 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.625) internal successors, (45), 6 states have internal predecessors, (45), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-09 23:17:28,097 INFO L276 IsEmpty]: Start isEmpty. Operand 297 states and 359 transitions. [2024-11-09 23:17:28,098 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 91 [2024-11-09 23:17:28,098 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:17:28,098 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:28,098 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-11-09 23:17:28,098 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:17:28,098 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:17:28,098 INFO L85 PathProgramCache]: Analyzing trace with hash -1175648370, now seen corresponding path program 1 times [2024-11-09 23:17:28,098 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:17:28,099 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [850267151] [2024-11-09 23:17:28,099 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:28,099 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:17:28,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,196 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:17:28,197 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,206 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:17:28,212 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,294 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-09 23:17:28,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,299 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:17:28,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,307 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-09 23:17:28,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,322 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 65 [2024-11-09 23:17:28,323 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,325 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2024-11-09 23:17:28,325 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,329 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2024-11-09 23:17:28,331 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,336 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 16 proven. 5 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-09 23:17:28,337 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:17:28,337 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [850267151] [2024-11-09 23:17:28,337 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [850267151] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:17:28,337 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [7958519] [2024-11-09 23:17:28,337 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:17:28,337 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:17:28,337 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:17:28,339 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:17:28,340 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 23:17:28,427 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:17:28,433 INFO L255 TraceCheckSpWp]: Trace formula consists of 298 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-09 23:17:28,440 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:17:28,702 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 6 proven. 12 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-11-09 23:17:28,703 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 23:17:29,050 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 8 proven. 4 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2024-11-09 23:17:29,050 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [7958519] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 23:17:29,051 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 23:17:29,051 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 8, 9] total 20 [2024-11-09 23:17:29,051 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [797618212] [2024-11-09 23:17:29,051 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 23:17:29,052 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2024-11-09 23:17:29,052 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:17:29,052 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2024-11-09 23:17:29,053 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=62, Invalid=318, Unknown=0, NotChecked=0, Total=380 [2024-11-09 23:17:29,053 INFO L87 Difference]: Start difference. First operand 297 states and 359 transitions. Second operand has 20 states, 20 states have (on average 6.65) internal successors, (133), 14 states have internal predecessors, (133), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-09 23:17:30,734 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:17:30,734 INFO L93 Difference]: Finished difference Result 895 states and 1169 transitions. [2024-11-09 23:17:30,735 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2024-11-09 23:17:30,735 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 20 states have (on average 6.65) internal successors, (133), 14 states have internal predecessors, (133), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) Word has length 90 [2024-11-09 23:17:30,735 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:17:30,736 INFO L225 Difference]: With dead ends: 895 [2024-11-09 23:17:30,736 INFO L226 Difference]: Without dead ends: 0 [2024-11-09 23:17:30,740 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 264 GetRequests, 191 SyntacticMatches, 7 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1159 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=892, Invalid=3664, Unknown=0, NotChecked=0, Total=4556 [2024-11-09 23:17:30,741 INFO L432 NwaCegarLoop]: 70 mSDtfsCounter, 694 mSDsluCounter, 648 mSDsCounter, 0 mSdLazyCounter, 1185 mSolverCounterSat, 295 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 696 SdHoareTripleChecker+Valid, 718 SdHoareTripleChecker+Invalid, 1480 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 295 IncrementalHoareTripleChecker+Valid, 1185 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-09 23:17:30,742 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [696 Valid, 718 Invalid, 1480 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [295 Valid, 1185 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-09 23:17:30,742 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-09 23:17:30,742 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-09 23:17:30,742 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:17:30,742 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-09 23:17:30,743 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 90 [2024-11-09 23:17:30,743 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:17:30,743 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-09 23:17:30,744 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 20 states have (on average 6.65) internal successors, (133), 14 states have internal predecessors, (133), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-09 23:17:30,744 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-09 23:17:30,744 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-09 23:17:30,746 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-09 23:17:30,764 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-09 23:17:30,950 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2024-11-09 23:17:30,953 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:17:30,955 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-09 23:17:33,778 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-09 23:17:33,790 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (<= 1 |old(~pumpRunning~0)|)) Eliminated clause: (and (<= 1 ~pumpRunning~0) (<= ~waterLevel~0 1) (= 1 ~systemActive~0)) [2024-11-09 23:17:33,803 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (and (or (= |old(~methaneLevelCritical~0)| 0) (not (= ~methaneLevelCritical~0 0))) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (and (<= 1 ~pumpRunning~0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (and (<= 1 ~pumpRunning~0) .cse0 .cse1))) [2024-11-09 23:17:33,819 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 (<= 1 |old(~pumpRunning~0)|)) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1)))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (and (<= 1 ~pumpRunning~0) .cse0 .cse1))) [2024-11-09 23:17:33,828 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) (<= ~waterLevel~0 2)) (and (<= ~waterLevel~0 1) .cse0 (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) .cse0 (<= ~waterLevel~0 2)) (and (<= 1 ~pumpRunning~0) (<= ~waterLevel~0 1) .cse0))) [2024-11-09 23:17:33,834 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse0 (<= |old(~waterLevel~0)| 1)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 2)) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse0))) [2024-11-09 23:17:33,847 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) (<= ~waterLevel~0 2)) (and (<= ~waterLevel~0 1) .cse0 (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) .cse0 (<= ~waterLevel~0 2)) (and (<= 1 ~pumpRunning~0) (<= ~waterLevel~0 1) .cse0))) [2024-11-09 23:17:33,852 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.11 11:17:33 BoogieIcfgContainer [2024-11-09 23:17:33,853 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-09 23:17:33,853 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-09 23:17:33,853 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-09 23:17:33,854 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-09 23:17:33,854 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:17:23" (3/4) ... [2024-11-09 23:17:33,857 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-09 23:17:33,861 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-09 23:17:33,861 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-09 23:17:33,861 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-09 23:17:33,862 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-09 23:17:33,862 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-09 23:17:33,862 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-09 23:17:33,862 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:17:33,865 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-09 23:17:33,865 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-09 23:17:33,871 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 40 nodes and edges [2024-11-09 23:17:33,872 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-09 23:17:33,872 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-09 23:17:33,872 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:17:33,872 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:17:33,987 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-09 23:17:33,988 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-09 23:17:33,988 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-09 23:17:33,988 INFO L158 Benchmark]: Toolchain (without parser) took 11503.48ms. Allocated memory was 174.1MB in the beginning and 306.2MB in the end (delta: 132.1MB). Free memory was 118.3MB in the beginning and 195.7MB in the end (delta: -77.4MB). Peak memory consumption was 55.4MB. Max. memory is 16.1GB. [2024-11-09 23:17:33,988 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 174.1MB. Free memory was 139.1MB in the beginning and 138.9MB in the end (delta: 188.8kB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-09 23:17:33,989 INFO L158 Benchmark]: CACSL2BoogieTranslator took 497.82ms. Allocated memory is still 174.1MB. Free memory was 118.3MB in the beginning and 95.3MB in the end (delta: 23.1MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-09 23:17:33,989 INFO L158 Benchmark]: Boogie Procedure Inliner took 52.08ms. Allocated memory is still 174.1MB. Free memory was 95.3MB in the beginning and 93.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:17:33,989 INFO L158 Benchmark]: Boogie Preprocessor took 57.87ms. Allocated memory is still 174.1MB. Free memory was 93.2MB in the beginning and 91.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:17:33,990 INFO L158 Benchmark]: IcfgBuilder took 553.11ms. Allocated memory is still 174.1MB. Free memory was 91.1MB in the beginning and 70.1MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-09 23:17:33,990 INFO L158 Benchmark]: TraceAbstraction took 10201.98ms. Allocated memory was 174.1MB in the beginning and 306.2MB in the end (delta: 132.1MB). Free memory was 69.5MB in the beginning and 204.1MB in the end (delta: -134.7MB). Peak memory consumption was 106.3MB. Max. memory is 16.1GB. [2024-11-09 23:17:33,990 INFO L158 Benchmark]: Witness Printer took 134.62ms. Allocated memory is still 306.2MB. Free memory was 204.1MB in the beginning and 195.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-09 23:17:33,992 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 174.1MB. Free memory was 139.1MB in the beginning and 138.9MB in the end (delta: 188.8kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 497.82ms. Allocated memory is still 174.1MB. Free memory was 118.3MB in the beginning and 95.3MB in the end (delta: 23.1MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 52.08ms. Allocated memory is still 174.1MB. Free memory was 95.3MB in the beginning and 93.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 57.87ms. Allocated memory is still 174.1MB. Free memory was 93.2MB in the beginning and 91.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 553.11ms. Allocated memory is still 174.1MB. Free memory was 91.1MB in the beginning and 70.1MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 10201.98ms. Allocated memory was 174.1MB in the beginning and 306.2MB in the end (delta: 132.1MB). Free memory was 69.5MB in the beginning and 204.1MB in the end (delta: -134.7MB). Peak memory consumption was 106.3MB. Max. memory is 16.1GB. * Witness Printer took 134.62ms. Allocated memory is still 306.2MB. Free memory was 204.1MB in the beginning and 195.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [96] - GenericResultAtLocation [Line: 165]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [165] - GenericResultAtLocation [Line: 398]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [398] - GenericResultAtLocation [Line: 502]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [502] - GenericResultAtLocation [Line: 536]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [536] - GenericResultAtLocation [Line: 902]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [902] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 106 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.3s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 4.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2274 SdHoareTripleChecker+Valid, 2.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2233 mSDsluCounter, 3920 SdHoareTripleChecker+Invalid, 2.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2738 mSDsCounter, 700 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2879 IncrementalHoareTripleChecker+Invalid, 3579 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 700 mSolverCounterUnsat, 1182 mSDtfsCounter, 2879 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 432 GetRequests, 288 SyntacticMatches, 8 SemanticMatches, 136 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1246 ImplicationChecksByTransitivity, 1.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=328occurred in iteration=9, InterpolantAutomatonStates: 123, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 12 MinimizatonAttempts, 48 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.0s InterpolantComputationTime, 679 NumberOfCodeBlocks, 679 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 755 ConstructedInterpolants, 0 QuantifiedInterpolants, 1577 SizeOfPredicates, 2 NumberOfNonLiveVariables, 298 ConjunctsInSsa, 13 ConjunctsInUnsatCore, 14 InterpolantComputations, 11 PerfectInterpolantSequences, 60/81 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 111]: Location Invariant Derived location invariant: null - InvariantResult [Line: 914]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 296]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) Ensures: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= \old(pumpRunning))) && (((((systemActive == \old(systemActive)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 203]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 426]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 438]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((\result == methaneLevelCritical) && ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 904]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 179]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((((((pumpRunning == \old(pumpRunning)) && (waterLevel <= 1)) && (1 == systemActive)) && (waterLevel <= \old(waterLevel))) || (\old(pumpRunning) < 1)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (waterLevel <= \old(waterLevel)))) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel)))) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || (\old(waterLevel) < 2))) && (((1 == systemActive) && (\old(pumpRunning) == 0)) || ((\old(waterLevel) <= 2) && (1 <= \old(pumpRunning))))) && ((((systemActive == \old(systemActive)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 211]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((1 == systemActive) && (\old(pumpRunning) == 0)) || (((waterLevel <= 1) && (1 == systemActive)) && (1 <= \old(pumpRunning))))) && (((1 <= pumpRunning) && (2 == waterLevel)) || (waterLevel < 2))) && (((((systemActive == \old(systemActive)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 414]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((((((pumpRunning != 0) || (2 == waterLevel)) || (\old(waterLevel) != 1)) && ((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel))) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1)))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 237]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && (((1 == systemActive) && (\old(pumpRunning) == 0)) || (((waterLevel <= 1) && (1 == systemActive)) && (1 <= \old(pumpRunning))))) && (((1 <= pumpRunning) && (2 == waterLevel)) || (waterLevel < 2))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) && (((((systemActive == \old(systemActive)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-09 23:17:34,021 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE