./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 023d838f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash bd2232848f38516f4fb4022953e113fa5008bf5804c5e85e87585cfa28da0689 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-023d838-m [2024-11-09 23:18:07,392 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 23:18:07,457 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-09 23:18:07,460 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 23:18:07,461 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 23:18:07,475 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 23:18:07,475 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 23:18:07,476 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 23:18:07,476 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-09 23:18:07,476 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-09 23:18:07,477 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 23:18:07,477 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 23:18:07,477 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-09 23:18:07,478 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-09 23:18:07,478 INFO L153 SettingsManager]: * Use SBE=true [2024-11-09 23:18:07,478 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 23:18:07,478 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-09 23:18:07,479 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 23:18:07,479 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 23:18:07,479 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 23:18:07,479 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 23:18:07,483 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-09 23:18:07,484 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 23:18:07,484 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-09 23:18:07,484 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 23:18:07,484 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 23:18:07,485 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-09 23:18:07,485 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 23:18:07,485 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-09 23:18:07,485 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-09 23:18:07,485 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 23:18:07,486 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 23:18:07,486 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:18:07,486 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 23:18:07,486 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 23:18:07,487 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-09 23:18:07,487 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-09 23:18:07,491 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 23:18:07,492 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 23:18:07,492 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-09 23:18:07,493 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-09 23:18:07,493 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 23:18:07,493 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> bd2232848f38516f4fb4022953e113fa5008bf5804c5e85e87585cfa28da0689 [2024-11-09 23:18:07,708 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 23:18:07,730 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 23:18:07,732 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 23:18:07,733 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 23:18:07,733 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 23:18:07,734 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c [2024-11-09 23:18:09,171 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 23:18:09,360 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 23:18:09,364 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c [2024-11-09 23:18:09,374 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/464077314/d707469f05cd4dbd858eec327cd680c5/FLAG03df10b7b [2024-11-09 23:18:09,388 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/464077314/d707469f05cd4dbd858eec327cd680c5 [2024-11-09 23:18:09,390 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 23:18:09,394 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 23:18:09,397 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 23:18:09,397 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 23:18:09,406 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 23:18:09,406 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:18:09" (1/1) ... [2024-11-09 23:18:09,407 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@18243e6d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:09, skipping insertion in model container [2024-11-09 23:18:09,407 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:18:09" (1/1) ... [2024-11-09 23:18:09,438 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 23:18:09,898 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c[18533,18546] [2024-11-09 23:18:09,912 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:18:09,930 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 23:18:09,949 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [49] [2024-11-09 23:18:09,951 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [121] [2024-11-09 23:18:09,951 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [362] [2024-11-09 23:18:09,951 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [390] [2024-11-09 23:18:09,951 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [489] [2024-11-09 23:18:09,951 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [855] [2024-11-09 23:18:09,951 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [958] [2024-11-09 23:18:09,951 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [967] [2024-11-09 23:18:10,050 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c[18533,18546] [2024-11-09 23:18:10,052 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:18:10,094 INFO L204 MainTranslator]: Completed translation [2024-11-09 23:18:10,095 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10 WrapperNode [2024-11-09 23:18:10,095 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 23:18:10,099 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 23:18:10,100 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 23:18:10,100 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 23:18:10,108 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,129 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,168 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 230 [2024-11-09 23:18:10,169 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 23:18:10,169 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 23:18:10,169 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 23:18:10,169 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 23:18:10,181 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,182 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,188 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,214 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-09 23:18:10,220 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,224 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,228 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,233 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,234 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,235 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,238 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 23:18:10,242 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-09 23:18:10,242 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-09 23:18:10,242 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-09 23:18:10,243 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (1/1) ... [2024-11-09 23:18:10,257 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:18:10,275 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:18:10,292 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-09 23:18:10,299 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-09 23:18:10,332 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 23:18:10,333 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-09 23:18:10,333 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-09 23:18:10,333 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-09 23:18:10,333 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-09 23:18:10,333 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-09 23:18:10,333 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-09 23:18:10,333 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:18:10,334 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:18:10,334 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-09 23:18:10,334 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-09 23:18:10,334 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-09 23:18:10,334 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-09 23:18:10,334 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-09 23:18:10,334 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-09 23:18:10,334 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-09 23:18:10,334 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-09 23:18:10,335 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-09 23:18:10,335 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 23:18:10,335 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 23:18:10,395 INFO L256 CfgBuilder]: Building ICFG [2024-11-09 23:18:10,398 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 23:18:10,528 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L277-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; [2024-11-09 23:18:10,528 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L932-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~9#1; [2024-11-09 23:18:10,528 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L268-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~0#1; [2024-11-09 23:18:10,528 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L900-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~8#1; [2024-11-09 23:18:10,593 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L486-1: main_#res#1 := main_~retValue_acc~4#1; [2024-11-09 23:18:10,593 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L999-1: valid_product_#res#1 := valid_product_~retValue_acc~13#1; [2024-11-09 23:18:10,612 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L946-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~10#1; [2024-11-09 23:18:10,612 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L332-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~2#1; [2024-11-09 23:18:10,634 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L351-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~3#1; [2024-11-09 23:18:10,635 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L955-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~11#1; [2024-11-09 23:18:10,658 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2024-11-09 23:18:10,658 INFO L307 CfgBuilder]: Performing block encoding [2024-11-09 23:18:10,675 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 23:18:10,675 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-09 23:18:10,676 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:18:10 BoogieIcfgContainer [2024-11-09 23:18:10,676 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-09 23:18:10,703 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 23:18:10,703 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 23:18:10,706 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 23:18:10,706 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 11:18:09" (1/3) ... [2024-11-09 23:18:10,707 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@413ec551 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:18:10, skipping insertion in model container [2024-11-09 23:18:10,707 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:10" (2/3) ... [2024-11-09 23:18:10,707 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@413ec551 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:18:10, skipping insertion in model container [2024-11-09 23:18:10,707 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:18:10" (3/3) ... [2024-11-09 23:18:10,709 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product54.cil.c [2024-11-09 23:18:10,745 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 23:18:10,745 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-09 23:18:10,791 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 23:18:10,796 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@27eabe7c, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 23:18:10,796 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-09 23:18:10,804 INFO L276 IsEmpty]: Start isEmpty. Operand has 100 states, 76 states have (on average 1.368421052631579) internal successors, (104), 86 states have internal predecessors, (104), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-09 23:18:10,811 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2024-11-09 23:18:10,812 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:10,812 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:10,813 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:10,817 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:10,817 INFO L85 PathProgramCache]: Analyzing trace with hash -645114185, now seen corresponding path program 1 times [2024-11-09 23:18:10,824 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:10,825 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [253938935] [2024-11-09 23:18:10,825 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:10,825 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:10,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:10,991 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:10,992 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:10,992 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [253938935] [2024-11-09 23:18:10,993 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [253938935] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:10,993 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:10,993 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 23:18:10,994 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [100686607] [2024-11-09 23:18:10,995 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:10,998 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-09 23:18:10,998 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:11,014 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-09 23:18:11,014 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:18:11,016 INFO L87 Difference]: Start difference. First operand has 100 states, 76 states have (on average 1.368421052631579) internal successors, (104), 86 states have internal predecessors, (104), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:18:11,045 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:11,045 INFO L93 Difference]: Finished difference Result 191 states and 258 transitions. [2024-11-09 23:18:11,048 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-09 23:18:11,049 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 21 [2024-11-09 23:18:11,049 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:11,056 INFO L225 Difference]: With dead ends: 191 [2024-11-09 23:18:11,056 INFO L226 Difference]: Without dead ends: 89 [2024-11-09 23:18:11,059 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:18:11,062 INFO L432 NwaCegarLoop]: 125 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:11,063 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:18:11,076 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2024-11-09 23:18:11,090 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 89. [2024-11-09 23:18:11,092 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 67 states have (on average 1.3134328358208955) internal successors, (88), 76 states have internal predecessors, (88), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-09 23:18:11,093 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 115 transitions. [2024-11-09 23:18:11,095 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 115 transitions. Word has length 21 [2024-11-09 23:18:11,095 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:11,095 INFO L471 AbstractCegarLoop]: Abstraction has 89 states and 115 transitions. [2024-11-09 23:18:11,095 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:18:11,096 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 115 transitions. [2024-11-09 23:18:11,097 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-11-09 23:18:11,097 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:11,097 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:11,098 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 23:18:11,098 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:11,099 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:11,099 INFO L85 PathProgramCache]: Analyzing trace with hash -1737692515, now seen corresponding path program 1 times [2024-11-09 23:18:11,099 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:11,099 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1649344222] [2024-11-09 23:18:11,099 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:11,100 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:11,114 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:11,196 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:11,196 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:11,197 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1649344222] [2024-11-09 23:18:11,197 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1649344222] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:11,197 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:11,197 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 23:18:11,197 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [27792149] [2024-11-09 23:18:11,198 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:11,199 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 23:18:11,200 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:11,201 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 23:18:11,201 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:18:11,202 INFO L87 Difference]: Start difference. First operand 89 states and 115 transitions. Second operand has 3 states, 3 states have (on average 7.0) internal successors, (21), 3 states have internal predecessors, (21), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:18:11,214 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:11,214 INFO L93 Difference]: Finished difference Result 142 states and 184 transitions. [2024-11-09 23:18:11,215 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 23:18:11,215 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.0) internal successors, (21), 3 states have internal predecessors, (21), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 23 [2024-11-09 23:18:11,215 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:11,216 INFO L225 Difference]: With dead ends: 142 [2024-11-09 23:18:11,216 INFO L226 Difference]: Without dead ends: 79 [2024-11-09 23:18:11,217 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:18:11,218 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 12 mSDsluCounter, 84 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 185 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:11,218 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 185 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:18:11,219 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2024-11-09 23:18:11,225 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2024-11-09 23:18:11,226 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 60 states have (on average 1.3333333333333333) internal successors, (80), 69 states have internal predecessors, (80), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 6 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-09 23:18:11,227 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 102 transitions. [2024-11-09 23:18:11,227 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 102 transitions. Word has length 23 [2024-11-09 23:18:11,227 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:11,227 INFO L471 AbstractCegarLoop]: Abstraction has 79 states and 102 transitions. [2024-11-09 23:18:11,228 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.0) internal successors, (21), 3 states have internal predecessors, (21), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:18:11,228 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 102 transitions. [2024-11-09 23:18:11,229 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-11-09 23:18:11,229 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:11,229 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:11,230 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 23:18:11,230 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:11,230 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:11,230 INFO L85 PathProgramCache]: Analyzing trace with hash 870332485, now seen corresponding path program 1 times [2024-11-09 23:18:11,231 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:11,231 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1870251044] [2024-11-09 23:18:11,231 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:11,231 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:11,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:11,325 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:11,326 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:11,326 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1870251044] [2024-11-09 23:18:11,326 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1870251044] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:11,327 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:11,327 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 23:18:11,327 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1151525968] [2024-11-09 23:18:11,327 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:11,327 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 23:18:11,327 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:11,328 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 23:18:11,328 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:18:11,328 INFO L87 Difference]: Start difference. First operand 79 states and 102 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:18:11,347 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:11,347 INFO L93 Difference]: Finished difference Result 151 states and 198 transitions. [2024-11-09 23:18:11,348 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 23:18:11,348 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 26 [2024-11-09 23:18:11,348 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:11,349 INFO L225 Difference]: With dead ends: 151 [2024-11-09 23:18:11,349 INFO L226 Difference]: Without dead ends: 79 [2024-11-09 23:18:11,350 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:18:11,351 INFO L432 NwaCegarLoop]: 100 mSDtfsCounter, 96 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 96 SdHoareTripleChecker+Valid, 100 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:11,351 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [96 Valid, 100 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:18:11,352 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2024-11-09 23:18:11,362 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2024-11-09 23:18:11,362 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 69 states have internal predecessors, (79), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 6 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-09 23:18:11,363 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2024-11-09 23:18:11,363 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 26 [2024-11-09 23:18:11,363 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:11,363 INFO L471 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2024-11-09 23:18:11,364 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:18:11,364 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2024-11-09 23:18:11,365 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2024-11-09 23:18:11,366 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:11,366 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:11,366 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-09 23:18:11,366 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:11,369 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:11,369 INFO L85 PathProgramCache]: Analyzing trace with hash -436959213, now seen corresponding path program 1 times [2024-11-09 23:18:11,369 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:11,370 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [602307571] [2024-11-09 23:18:11,370 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:11,370 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:11,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:11,443 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-09 23:18:11,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:11,447 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:11,447 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:11,447 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [602307571] [2024-11-09 23:18:11,447 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [602307571] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:11,448 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:11,448 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-09 23:18:11,448 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1137335908] [2024-11-09 23:18:11,448 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:11,448 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-09 23:18:11,449 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:11,449 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-09 23:18:11,450 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-09 23:18:11,450 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:18:11,662 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:11,662 INFO L93 Difference]: Finished difference Result 225 states and 290 transitions. [2024-11-09 23:18:11,663 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:18:11,663 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 35 [2024-11-09 23:18:11,663 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:11,664 INFO L225 Difference]: With dead ends: 225 [2024-11-09 23:18:11,665 INFO L226 Difference]: Without dead ends: 153 [2024-11-09 23:18:11,665 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:18:11,666 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 141 mSDsluCounter, 112 mSDsCounter, 0 mSdLazyCounter, 67 mSolverCounterSat, 36 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 205 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 36 IncrementalHoareTripleChecker+Valid, 67 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:11,666 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 205 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [36 Valid, 67 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:18:11,667 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2024-11-09 23:18:11,680 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 144. [2024-11-09 23:18:11,681 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 144 states, 111 states have (on average 1.2792792792792793) internal successors, (142), 119 states have internal predecessors, (142), 14 states have call successors, (14), 13 states have call predecessors, (14), 18 states have return successors, (25), 16 states have call predecessors, (25), 14 states have call successors, (25) [2024-11-09 23:18:11,682 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 144 states to 144 states and 181 transitions. [2024-11-09 23:18:11,682 INFO L78 Accepts]: Start accepts. Automaton has 144 states and 181 transitions. Word has length 35 [2024-11-09 23:18:11,682 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:11,683 INFO L471 AbstractCegarLoop]: Abstraction has 144 states and 181 transitions. [2024-11-09 23:18:11,683 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.0) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:18:11,683 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 181 transitions. [2024-11-09 23:18:11,684 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-11-09 23:18:11,684 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:11,684 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:11,684 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-09 23:18:11,684 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:11,685 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:11,685 INFO L85 PathProgramCache]: Analyzing trace with hash -1573249748, now seen corresponding path program 1 times [2024-11-09 23:18:11,685 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:11,685 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1464119400] [2024-11-09 23:18:11,685 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:11,685 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:11,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:11,812 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-09 23:18:11,819 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:11,835 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:11,846 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:11,877 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:11,879 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:11,879 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1464119400] [2024-11-09 23:18:11,879 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1464119400] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:11,879 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:11,879 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:18:11,879 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1622313684] [2024-11-09 23:18:11,880 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:11,880 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:18:11,880 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:11,880 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:18:11,882 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:18:11,882 INFO L87 Difference]: Start difference. First operand 144 states and 181 transitions. Second operand has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:18:12,060 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:12,061 INFO L93 Difference]: Finished difference Result 287 states and 367 transitions. [2024-11-09 23:18:12,062 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 23:18:12,062 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 45 [2024-11-09 23:18:12,062 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:12,063 INFO L225 Difference]: With dead ends: 287 [2024-11-09 23:18:12,063 INFO L226 Difference]: Without dead ends: 150 [2024-11-09 23:18:12,064 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:18:12,065 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 57 mSDsluCounter, 305 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 398 SdHoareTripleChecker+Invalid, 135 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:12,068 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 398 Invalid, 135 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:18:12,069 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2024-11-09 23:18:12,089 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 147. [2024-11-09 23:18:12,091 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 147 states, 114 states have (on average 1.2719298245614035) internal successors, (145), 122 states have internal predecessors, (145), 14 states have call successors, (14), 13 states have call predecessors, (14), 18 states have return successors, (25), 16 states have call predecessors, (25), 14 states have call successors, (25) [2024-11-09 23:18:12,092 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 147 states to 147 states and 184 transitions. [2024-11-09 23:18:12,094 INFO L78 Accepts]: Start accepts. Automaton has 147 states and 184 transitions. Word has length 45 [2024-11-09 23:18:12,094 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:12,094 INFO L471 AbstractCegarLoop]: Abstraction has 147 states and 184 transitions. [2024-11-09 23:18:12,094 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 5 states have internal predecessors, (40), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:18:12,094 INFO L276 IsEmpty]: Start isEmpty. Operand 147 states and 184 transitions. [2024-11-09 23:18:12,095 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-11-09 23:18:12,097 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:12,097 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:12,097 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-09 23:18:12,097 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:12,097 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:12,098 INFO L85 PathProgramCache]: Analyzing trace with hash -219940051, now seen corresponding path program 1 times [2024-11-09 23:18:12,098 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:12,098 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1904309554] [2024-11-09 23:18:12,098 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:12,098 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:12,113 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:12,158 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-09 23:18:12,161 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:12,172 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:12,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:12,199 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:12,200 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:12,200 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1904309554] [2024-11-09 23:18:12,200 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1904309554] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:12,200 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:12,200 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:18:12,200 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1827931903] [2024-11-09 23:18:12,200 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:12,200 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:18:12,200 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:12,201 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:18:12,201 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:18:12,201 INFO L87 Difference]: Start difference. First operand 147 states and 184 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:18:12,463 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:12,463 INFO L93 Difference]: Finished difference Result 292 states and 378 transitions. [2024-11-09 23:18:12,464 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:18:12,464 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 45 [2024-11-09 23:18:12,464 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:12,465 INFO L225 Difference]: With dead ends: 292 [2024-11-09 23:18:12,465 INFO L226 Difference]: Without dead ends: 152 [2024-11-09 23:18:12,466 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:18:12,466 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 56 mSDsluCounter, 216 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 310 SdHoareTripleChecker+Invalid, 105 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:12,467 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [58 Valid, 310 Invalid, 105 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:18:12,475 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 152 states. [2024-11-09 23:18:12,500 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 152 to 149. [2024-11-09 23:18:12,501 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 116 states have (on average 1.2672413793103448) internal successors, (147), 124 states have internal predecessors, (147), 14 states have call successors, (14), 13 states have call predecessors, (14), 18 states have return successors, (25), 16 states have call predecessors, (25), 14 states have call successors, (25) [2024-11-09 23:18:12,501 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 186 transitions. [2024-11-09 23:18:12,502 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 186 transitions. Word has length 45 [2024-11-09 23:18:12,502 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:12,502 INFO L471 AbstractCegarLoop]: Abstraction has 149 states and 186 transitions. [2024-11-09 23:18:12,506 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:18:12,506 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 186 transitions. [2024-11-09 23:18:12,507 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-11-09 23:18:12,507 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:12,507 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:12,507 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-09 23:18:12,507 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:12,508 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:12,508 INFO L85 PathProgramCache]: Analyzing trace with hash -1908883793, now seen corresponding path program 1 times [2024-11-09 23:18:12,508 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:12,508 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1362507106] [2024-11-09 23:18:12,508 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:12,508 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:12,528 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:12,682 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-09 23:18:12,691 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:12,709 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:12,712 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:12,730 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:12,730 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:12,730 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1362507106] [2024-11-09 23:18:12,731 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1362507106] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:12,731 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:12,731 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:18:12,731 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [847720176] [2024-11-09 23:18:12,731 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:12,731 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:18:12,731 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:12,732 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:18:12,732 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:18:12,732 INFO L87 Difference]: Start difference. First operand 149 states and 186 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:18:12,930 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:12,930 INFO L93 Difference]: Finished difference Result 420 states and 549 transitions. [2024-11-09 23:18:12,931 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:18:12,931 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 45 [2024-11-09 23:18:12,931 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:12,933 INFO L225 Difference]: With dead ends: 420 [2024-11-09 23:18:12,933 INFO L226 Difference]: Without dead ends: 278 [2024-11-09 23:18:12,933 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 8 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:18:12,934 INFO L432 NwaCegarLoop]: 132 mSDtfsCounter, 207 mSDsluCounter, 183 mSDsCounter, 0 mSdLazyCounter, 140 mSolverCounterSat, 54 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 211 SdHoareTripleChecker+Valid, 315 SdHoareTripleChecker+Invalid, 194 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 54 IncrementalHoareTripleChecker+Valid, 140 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:12,934 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [211 Valid, 315 Invalid, 194 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [54 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:18:12,935 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 278 states. [2024-11-09 23:18:12,950 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 278 to 266. [2024-11-09 23:18:12,951 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 266 states, 205 states have (on average 1.248780487804878) internal successors, (256), 217 states have internal predecessors, (256), 29 states have call successors, (29), 28 states have call predecessors, (29), 31 states have return successors, (55), 30 states have call predecessors, (55), 29 states have call successors, (55) [2024-11-09 23:18:12,952 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 266 states to 266 states and 340 transitions. [2024-11-09 23:18:12,952 INFO L78 Accepts]: Start accepts. Automaton has 266 states and 340 transitions. Word has length 45 [2024-11-09 23:18:12,953 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:12,953 INFO L471 AbstractCegarLoop]: Abstraction has 266 states and 340 transitions. [2024-11-09 23:18:12,953 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:18:12,953 INFO L276 IsEmpty]: Start isEmpty. Operand 266 states and 340 transitions. [2024-11-09 23:18:12,954 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-11-09 23:18:12,954 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:12,954 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:12,954 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-09 23:18:12,954 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:12,955 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:12,955 INFO L85 PathProgramCache]: Analyzing trace with hash 1829340580, now seen corresponding path program 1 times [2024-11-09 23:18:12,955 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:12,955 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [709465532] [2024-11-09 23:18:12,955 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:12,955 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:12,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,016 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-09 23:18:13,019 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,022 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:13,024 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,026 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:18:13,027 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,028 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:13,028 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:13,028 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [709465532] [2024-11-09 23:18:13,029 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [709465532] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:13,029 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:13,029 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:18:13,029 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [145298827] [2024-11-09 23:18:13,029 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:13,029 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:18:13,029 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:13,030 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:18:13,030 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:18:13,030 INFO L87 Difference]: Start difference. First operand 266 states and 340 transitions. Second operand has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:18:13,175 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:13,176 INFO L93 Difference]: Finished difference Result 526 states and 673 transitions. [2024-11-09 23:18:13,176 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:18:13,176 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 47 [2024-11-09 23:18:13,176 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:13,178 INFO L225 Difference]: With dead ends: 526 [2024-11-09 23:18:13,178 INFO L226 Difference]: Without dead ends: 267 [2024-11-09 23:18:13,179 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:18:13,179 INFO L432 NwaCegarLoop]: 81 mSDtfsCounter, 108 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 129 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 111 SdHoareTripleChecker+Valid, 353 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 129 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:13,180 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [111 Valid, 353 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 129 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:18:13,180 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 267 states. [2024-11-09 23:18:13,198 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 267 to 264. [2024-11-09 23:18:13,198 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 264 states, 203 states have (on average 1.2413793103448276) internal successors, (252), 215 states have internal predecessors, (252), 29 states have call successors, (29), 28 states have call predecessors, (29), 31 states have return successors, (55), 30 states have call predecessors, (55), 29 states have call successors, (55) [2024-11-09 23:18:13,200 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 264 states to 264 states and 336 transitions. [2024-11-09 23:18:13,200 INFO L78 Accepts]: Start accepts. Automaton has 264 states and 336 transitions. Word has length 47 [2024-11-09 23:18:13,200 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:13,200 INFO L471 AbstractCegarLoop]: Abstraction has 264 states and 336 transitions. [2024-11-09 23:18:13,201 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:18:13,201 INFO L276 IsEmpty]: Start isEmpty. Operand 264 states and 336 transitions. [2024-11-09 23:18:13,201 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-09 23:18:13,201 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:13,201 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:13,202 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-09 23:18:13,202 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:13,202 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:13,202 INFO L85 PathProgramCache]: Analyzing trace with hash -1698807091, now seen corresponding path program 1 times [2024-11-09 23:18:13,202 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:13,202 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1851375176] [2024-11-09 23:18:13,202 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:13,203 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:13,212 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,301 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:18:13,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,312 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-09 23:18:13,315 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,325 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:13,327 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,334 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:13,334 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:13,334 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1851375176] [2024-11-09 23:18:13,335 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1851375176] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:13,335 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:13,335 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-09 23:18:13,335 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1243294864] [2024-11-09 23:18:13,335 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:13,336 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-09 23:18:13,336 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:13,336 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-09 23:18:13,336 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:18:13,337 INFO L87 Difference]: Start difference. First operand 264 states and 336 transitions. Second operand has 7 states, 7 states have (on average 6.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-09 23:18:13,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:13,716 INFO L93 Difference]: Finished difference Result 553 states and 726 transitions. [2024-11-09 23:18:13,717 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-09 23:18:13,717 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 49 [2024-11-09 23:18:13,717 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:13,719 INFO L225 Difference]: With dead ends: 553 [2024-11-09 23:18:13,719 INFO L226 Difference]: Without dead ends: 342 [2024-11-09 23:18:13,719 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 8 SyntacticMatches, 2 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 59 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=93, Invalid=249, Unknown=0, NotChecked=0, Total=342 [2024-11-09 23:18:13,720 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 188 mSDsluCounter, 368 mSDsCounter, 0 mSdLazyCounter, 425 mSolverCounterSat, 56 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 189 SdHoareTripleChecker+Valid, 469 SdHoareTripleChecker+Invalid, 481 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 56 IncrementalHoareTripleChecker+Valid, 425 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:13,720 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [189 Valid, 469 Invalid, 481 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [56 Valid, 425 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-09 23:18:13,723 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 342 states. [2024-11-09 23:18:13,740 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 342 to 303. [2024-11-09 23:18:13,741 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 303 states, 234 states have (on average 1.2179487179487178) internal successors, (285), 250 states have internal predecessors, (285), 32 states have call successors, (32), 28 states have call predecessors, (32), 36 states have return successors, (69), 34 states have call predecessors, (69), 32 states have call successors, (69) [2024-11-09 23:18:13,743 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 303 states to 303 states and 386 transitions. [2024-11-09 23:18:13,743 INFO L78 Accepts]: Start accepts. Automaton has 303 states and 386 transitions. Word has length 49 [2024-11-09 23:18:13,743 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:13,743 INFO L471 AbstractCegarLoop]: Abstraction has 303 states and 386 transitions. [2024-11-09 23:18:13,744 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-09 23:18:13,744 INFO L276 IsEmpty]: Start isEmpty. Operand 303 states and 386 transitions. [2024-11-09 23:18:13,745 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2024-11-09 23:18:13,745 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:13,745 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:13,745 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-09 23:18:13,746 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:13,746 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:13,746 INFO L85 PathProgramCache]: Analyzing trace with hash 2072878430, now seen corresponding path program 1 times [2024-11-09 23:18:13,746 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:13,746 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [968158964] [2024-11-09 23:18:13,746 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:13,747 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:13,756 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,799 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:18:13,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,807 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-09 23:18:13,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,816 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-09 23:18:13,818 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,820 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:13,821 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,823 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-11-09 23:18:13,824 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,827 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 4 proven. 1 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2024-11-09 23:18:13,827 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:13,827 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [968158964] [2024-11-09 23:18:13,827 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [968158964] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:18:13,828 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [733958838] [2024-11-09 23:18:13,828 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:13,828 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:18:13,828 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:18:13,830 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:18:13,831 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 23:18:13,895 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:13,904 INFO L255 TraceCheckSpWp]: Trace formula consists of 273 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-09 23:18:13,909 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:18:14,003 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 13 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:14,004 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 23:18:14,116 INFO L134 CoverageAnalysis]: Checked inductivity of 17 backedges. 13 proven. 4 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:14,117 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [733958838] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 23:18:14,117 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 23:18:14,117 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 6, 6] total 12 [2024-11-09 23:18:14,117 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1890060594] [2024-11-09 23:18:14,117 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 23:18:14,121 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2024-11-09 23:18:14,122 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:14,122 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2024-11-09 23:18:14,122 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=108, Unknown=0, NotChecked=0, Total=132 [2024-11-09 23:18:14,122 INFO L87 Difference]: Start difference. First operand 303 states and 386 transitions. Second operand has 12 states, 12 states have (on average 8.666666666666666) internal successors, (104), 9 states have internal predecessors, (104), 3 states have call successors, (12), 6 states have call predecessors, (12), 4 states have return successors, (10), 4 states have call predecessors, (10), 2 states have call successors, (10) [2024-11-09 23:18:15,026 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:15,026 INFO L93 Difference]: Finished difference Result 719 states and 972 transitions. [2024-11-09 23:18:15,027 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 46 states. [2024-11-09 23:18:15,027 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 12 states have (on average 8.666666666666666) internal successors, (104), 9 states have internal predecessors, (104), 3 states have call successors, (12), 6 states have call predecessors, (12), 4 states have return successors, (10), 4 states have call predecessors, (10), 2 states have call successors, (10) Word has length 78 [2024-11-09 23:18:15,027 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:15,029 INFO L225 Difference]: With dead ends: 719 [2024-11-09 23:18:15,029 INFO L226 Difference]: Without dead ends: 471 [2024-11-09 23:18:15,030 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 222 GetRequests, 168 SyntacticMatches, 5 SemanticMatches, 49 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 768 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=421, Invalid=2129, Unknown=0, NotChecked=0, Total=2550 [2024-11-09 23:18:15,031 INFO L432 NwaCegarLoop]: 80 mSDtfsCounter, 580 mSDsluCounter, 566 mSDsCounter, 0 mSdLazyCounter, 882 mSolverCounterSat, 211 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 585 SdHoareTripleChecker+Valid, 646 SdHoareTripleChecker+Invalid, 1093 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 211 IncrementalHoareTripleChecker+Valid, 882 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:15,031 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [585 Valid, 646 Invalid, 1093 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [211 Valid, 882 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-09 23:18:15,032 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 471 states. [2024-11-09 23:18:15,048 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 471 to 418. [2024-11-09 23:18:15,049 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 418 states, 319 states have (on average 1.213166144200627) internal successors, (387), 342 states have internal predecessors, (387), 47 states have call successors, (47), 41 states have call predecessors, (47), 51 states have return successors, (107), 46 states have call predecessors, (107), 47 states have call successors, (107) [2024-11-09 23:18:15,051 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 418 states to 418 states and 541 transitions. [2024-11-09 23:18:15,052 INFO L78 Accepts]: Start accepts. Automaton has 418 states and 541 transitions. Word has length 78 [2024-11-09 23:18:15,052 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:15,052 INFO L471 AbstractCegarLoop]: Abstraction has 418 states and 541 transitions. [2024-11-09 23:18:15,052 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 12 states have (on average 8.666666666666666) internal successors, (104), 9 states have internal predecessors, (104), 3 states have call successors, (12), 6 states have call predecessors, (12), 4 states have return successors, (10), 4 states have call predecessors, (10), 2 states have call successors, (10) [2024-11-09 23:18:15,052 INFO L276 IsEmpty]: Start isEmpty. Operand 418 states and 541 transitions. [2024-11-09 23:18:15,053 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 136 [2024-11-09 23:18:15,054 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:15,054 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:15,067 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-09 23:18:15,254 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-09 23:18:15,255 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:15,255 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:15,255 INFO L85 PathProgramCache]: Analyzing trace with hash 593241005, now seen corresponding path program 1 times [2024-11-09 23:18:15,256 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:15,256 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [180238936] [2024-11-09 23:18:15,256 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:15,256 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:15,272 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,370 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:18:15,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,378 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-09 23:18:15,380 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,390 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-09 23:18:15,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,397 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:15,399 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,404 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2024-11-09 23:18:15,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,452 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:18:15,454 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,532 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-09 23:18:15,533 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,539 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:15,539 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,540 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 109 [2024-11-09 23:18:15,545 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,548 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-09 23:18:15,548 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,553 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:15,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,554 INFO L134 CoverageAnalysis]: Checked inductivity of 93 backedges. 52 proven. 23 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2024-11-09 23:18:15,555 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:15,555 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [180238936] [2024-11-09 23:18:15,555 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [180238936] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:18:15,555 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [28308676] [2024-11-09 23:18:15,555 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:15,555 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:18:15,555 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:18:15,560 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:18:15,563 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-09 23:18:15,696 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:15,697 INFO L255 TraceCheckSpWp]: Trace formula consists of 415 conjuncts, 11 conjuncts are in the unsatisfiable core [2024-11-09 23:18:15,704 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:18:15,847 INFO L134 CoverageAnalysis]: Checked inductivity of 93 backedges. 80 proven. 11 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-09 23:18:15,847 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 23:18:16,066 INFO L134 CoverageAnalysis]: Checked inductivity of 93 backedges. 53 proven. 23 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2024-11-09 23:18:16,066 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [28308676] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 23:18:16,067 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 23:18:16,067 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 9, 9] total 18 [2024-11-09 23:18:16,067 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [438526885] [2024-11-09 23:18:16,067 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 23:18:16,068 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 18 states [2024-11-09 23:18:16,068 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:16,068 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2024-11-09 23:18:16,069 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=65, Invalid=241, Unknown=0, NotChecked=0, Total=306 [2024-11-09 23:18:16,069 INFO L87 Difference]: Start difference. First operand 418 states and 541 transitions. Second operand has 18 states, 18 states have (on average 8.277777777777779) internal successors, (149), 16 states have internal predecessors, (149), 7 states have call successors, (27), 8 states have call predecessors, (27), 7 states have return successors, (19), 7 states have call predecessors, (19), 7 states have call successors, (19) [2024-11-09 23:18:17,027 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:17,027 INFO L93 Difference]: Finished difference Result 1204 states and 1665 transitions. [2024-11-09 23:18:17,027 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2024-11-09 23:18:17,028 INFO L78 Accepts]: Start accepts. Automaton has has 18 states, 18 states have (on average 8.277777777777779) internal successors, (149), 16 states have internal predecessors, (149), 7 states have call successors, (27), 8 states have call predecessors, (27), 7 states have return successors, (19), 7 states have call predecessors, (19), 7 states have call successors, (19) Word has length 135 [2024-11-09 23:18:17,028 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:17,031 INFO L225 Difference]: With dead ends: 1204 [2024-11-09 23:18:17,032 INFO L226 Difference]: Without dead ends: 840 [2024-11-09 23:18:17,033 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 327 GetRequests, 288 SyntacticMatches, 5 SemanticMatches, 34 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 219 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=317, Invalid=943, Unknown=0, NotChecked=0, Total=1260 [2024-11-09 23:18:17,034 INFO L432 NwaCegarLoop]: 157 mSDtfsCounter, 485 mSDsluCounter, 1051 mSDsCounter, 0 mSdLazyCounter, 1421 mSolverCounterSat, 187 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 490 SdHoareTripleChecker+Valid, 1208 SdHoareTripleChecker+Invalid, 1608 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 187 IncrementalHoareTripleChecker+Valid, 1421 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:17,034 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [490 Valid, 1208 Invalid, 1608 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [187 Valid, 1421 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-11-09 23:18:17,035 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 840 states. [2024-11-09 23:18:17,098 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 840 to 734. [2024-11-09 23:18:17,099 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 734 states, 560 states have (on average 1.2125) internal successors, (679), 592 states have internal predecessors, (679), 83 states have call successors, (83), 76 states have call predecessors, (83), 90 states have return successors, (177), 83 states have call predecessors, (177), 83 states have call successors, (177) [2024-11-09 23:18:17,102 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 734 states to 734 states and 939 transitions. [2024-11-09 23:18:17,103 INFO L78 Accepts]: Start accepts. Automaton has 734 states and 939 transitions. Word has length 135 [2024-11-09 23:18:17,104 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:17,104 INFO L471 AbstractCegarLoop]: Abstraction has 734 states and 939 transitions. [2024-11-09 23:18:17,104 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 18 states, 18 states have (on average 8.277777777777779) internal successors, (149), 16 states have internal predecessors, (149), 7 states have call successors, (27), 8 states have call predecessors, (27), 7 states have return successors, (19), 7 states have call predecessors, (19), 7 states have call successors, (19) [2024-11-09 23:18:17,104 INFO L276 IsEmpty]: Start isEmpty. Operand 734 states and 939 transitions. [2024-11-09 23:18:17,106 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 136 [2024-11-09 23:18:17,106 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:17,107 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:17,121 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-09 23:18:17,307 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-09 23:18:17,307 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:17,307 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:17,308 INFO L85 PathProgramCache]: Analyzing trace with hash 1897634734, now seen corresponding path program 1 times [2024-11-09 23:18:17,308 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:17,308 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1878235798] [2024-11-09 23:18:17,308 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:17,308 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:17,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,366 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:18:17,367 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,372 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-09 23:18:17,373 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,379 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-09 23:18:17,380 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,382 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:17,383 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,385 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2024-11-09 23:18:17,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,397 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:18:17,399 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,417 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-09 23:18:17,418 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,418 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:17,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,419 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 109 [2024-11-09 23:18:17,421 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,422 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-09 23:18:17,423 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,423 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:17,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,424 INFO L134 CoverageAnalysis]: Checked inductivity of 93 backedges. 45 proven. 6 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2024-11-09 23:18:17,424 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:17,425 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1878235798] [2024-11-09 23:18:17,425 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1878235798] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:18:17,425 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [104670356] [2024-11-09 23:18:17,425 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:17,425 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:18:17,425 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:18:17,426 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:18:17,431 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-09 23:18:17,517 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:17,519 INFO L255 TraceCheckSpWp]: Trace formula consists of 416 conjuncts, 5 conjuncts are in the unsatisfiable core [2024-11-09 23:18:17,521 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:18:17,535 INFO L134 CoverageAnalysis]: Checked inductivity of 93 backedges. 64 proven. 0 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2024-11-09 23:18:17,536 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-09 23:18:17,536 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [104670356] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:17,536 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-09 23:18:17,536 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 8 [2024-11-09 23:18:17,536 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2071952459] [2024-11-09 23:18:17,536 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:17,537 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:18:17,537 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:17,537 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:18:17,537 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-09 23:18:17,537 INFO L87 Difference]: Start difference. First operand 734 states and 939 transitions. Second operand has 5 states, 5 states have (on average 18.8) internal successors, (94), 5 states have internal predecessors, (94), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 23:18:17,564 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:17,564 INFO L93 Difference]: Finished difference Result 955 states and 1209 transitions. [2024-11-09 23:18:17,565 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:18:17,565 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 18.8) internal successors, (94), 5 states have internal predecessors, (94), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 135 [2024-11-09 23:18:17,565 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:17,566 INFO L225 Difference]: With dead ends: 955 [2024-11-09 23:18:17,566 INFO L226 Difference]: Without dead ends: 0 [2024-11-09 23:18:17,568 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 163 GetRequests, 157 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-09 23:18:17,569 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 0 mSDsluCounter, 270 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 364 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:17,569 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 364 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:18:17,570 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-09 23:18:17,570 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-09 23:18:17,570 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:18:17,570 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-09 23:18:17,571 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 135 [2024-11-09 23:18:17,571 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:17,571 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-09 23:18:17,571 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 18.8) internal successors, (94), 5 states have internal predecessors, (94), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 23:18:17,571 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-09 23:18:17,571 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-09 23:18:17,573 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-09 23:18:17,588 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-11-09 23:18:17,774 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:18:17,778 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:17,780 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-09 23:18:18,735 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-09 23:18:18,744 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= 1 ~systemActive~0) (<= 1 ~waterLevel~0)) Eliminated clause: (and (= 1 ~systemActive~0) (<= 1 ~waterLevel~0)) [2024-11-09 23:18:18,754 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (<= 2 |old(~waterLevel~0)|)) (and .cse0 (= |old(~pumpRunning~0)| 0) (<= 1 |old(~waterLevel~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) .cse0 (<= 1 ~waterLevel~0)) (and (<= 2 ~waterLevel~0) .cse0))) [2024-11-09 23:18:18,758 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (<= 1 ~waterLevel~0)) Eliminated clause: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (<= 1 ~waterLevel~0)) [2024-11-09 23:18:18,760 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (<= 2 |old(~waterLevel~0)|)) (and (= ~pumpRunning~0 0) .cse0 (<= 1 |old(~waterLevel~0)|)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) .cse0 (<= 1 ~waterLevel~0)) (and (<= 2 ~waterLevel~0) .cse0))) [2024-11-09 23:18:18,762 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= 1 ~systemActive~0) (<= 1 ~waterLevel~0)) Eliminated clause: (and (= 1 ~systemActive~0) (<= 1 ~waterLevel~0)) [2024-11-09 23:18:18,763 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.11 11:18:18 BoogieIcfgContainer [2024-11-09 23:18:18,763 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-09 23:18:18,763 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-09 23:18:18,763 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-09 23:18:18,763 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-09 23:18:18,764 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:18:10" (3/4) ... [2024-11-09 23:18:18,770 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-09 23:18:18,777 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-09 23:18:18,777 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-09 23:18:18,777 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-09 23:18:18,777 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-09 23:18:18,777 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-09 23:18:18,777 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:18:18,777 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-09 23:18:18,777 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-09 23:18:18,782 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 42 nodes and edges [2024-11-09 23:18:18,786 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-09 23:18:18,787 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-09 23:18:18,787 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:18:18,787 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:18:18,901 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-09 23:18:18,901 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-09 23:18:18,901 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-09 23:18:18,902 INFO L158 Benchmark]: Toolchain (without parser) took 9508.04ms. Allocated memory was 184.5MB in the beginning and 306.2MB in the end (delta: 121.6MB). Free memory was 126.5MB in the beginning and 230.1MB in the end (delta: -103.6MB). Peak memory consumption was 20.9MB. Max. memory is 16.1GB. [2024-11-09 23:18:18,902 INFO L158 Benchmark]: CDTParser took 0.38ms. Allocated memory is still 184.5MB. Free memory is still 145.7MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-09 23:18:18,902 INFO L158 Benchmark]: CACSL2BoogieTranslator took 698.37ms. Allocated memory is still 184.5MB. Free memory was 126.3MB in the beginning and 103.2MB in the end (delta: 23.1MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-09 23:18:18,903 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.26ms. Allocated memory is still 184.5MB. Free memory was 103.2MB in the beginning and 100.8MB in the end (delta: 2.4MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-09 23:18:18,903 INFO L158 Benchmark]: Boogie Preprocessor took 71.83ms. Allocated memory is still 184.5MB. Free memory was 100.8MB in the beginning and 98.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:18:18,903 INFO L158 Benchmark]: IcfgBuilder took 434.02ms. Allocated memory is still 184.5MB. Free memory was 98.7MB in the beginning and 78.1MB in the end (delta: 20.7MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-09 23:18:18,904 INFO L158 Benchmark]: TraceAbstraction took 8059.77ms. Allocated memory was 184.5MB in the beginning and 306.2MB in the end (delta: 121.6MB). Free memory was 151.6MB in the beginning and 237.5MB in the end (delta: -85.9MB). Peak memory consumption was 180.0MB. Max. memory is 16.1GB. [2024-11-09 23:18:18,904 INFO L158 Benchmark]: Witness Printer took 138.36ms. Allocated memory is still 306.2MB. Free memory was 237.5MB in the beginning and 230.1MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-09 23:18:18,905 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.38ms. Allocated memory is still 184.5MB. Free memory is still 145.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 698.37ms. Allocated memory is still 184.5MB. Free memory was 126.3MB in the beginning and 103.2MB in the end (delta: 23.1MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.26ms. Allocated memory is still 184.5MB. Free memory was 103.2MB in the beginning and 100.8MB in the end (delta: 2.4MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 71.83ms. Allocated memory is still 184.5MB. Free memory was 100.8MB in the beginning and 98.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 434.02ms. Allocated memory is still 184.5MB. Free memory was 98.7MB in the beginning and 78.1MB in the end (delta: 20.7MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 8059.77ms. Allocated memory was 184.5MB in the beginning and 306.2MB in the end (delta: 121.6MB). Free memory was 151.6MB in the beginning and 237.5MB in the end (delta: -85.9MB). Peak memory consumption was 180.0MB. Max. memory is 16.1GB. * Witness Printer took 138.36ms. Allocated memory is still 306.2MB. Free memory was 237.5MB in the beginning and 230.1MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [49] - GenericResultAtLocation [Line: 121]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [121] - GenericResultAtLocation [Line: 362]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [362] - GenericResultAtLocation [Line: 390]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [390] - GenericResultAtLocation [Line: 489]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [489] - GenericResultAtLocation [Line: 855]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [855] - GenericResultAtLocation [Line: 958]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [958] - GenericResultAtLocation [Line: 967]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [967] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 963]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 100 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.0s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1958 SdHoareTripleChecker+Valid, 2.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1930 mSDsluCounter, 4678 SdHoareTripleChecker+Invalid, 1.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3427 mSDsCounter, 598 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3301 IncrementalHoareTripleChecker+Invalid, 3899 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 598 mSolverCounterUnsat, 1251 mSDtfsCounter, 3301 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 808 GetRequests, 660 SyntacticMatches, 13 SemanticMatches, 135 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1059 ImplicationChecksByTransitivity, 1.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=734occurred in iteration=11, InterpolantAutomatonStates: 134, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 12 MinimizatonAttempts, 228 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.0s InterpolantComputationTime, 1032 NumberOfCodeBlocks, 1032 NumberOfCodeBlocksAsserted, 15 NumberOfCheckSat, 1228 ConstructedInterpolants, 0 QuantifiedInterpolants, 2187 SizeOfPredicates, 2 NumberOfNonLiveVariables, 1104 ConjunctsInSsa, 24 ConjunctsInUnsatCore, 17 InterpolantComputations, 10 PerfectInterpolantSequences, 444/516 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 402]: Location Invariant Derived location invariant: null - InvariantResult [Line: 65]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 252]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((1 == systemActive) && (1 <= waterLevel)) Ensures: ((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) && (((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 159]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || (((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive))) Ensures: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || (((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 882]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) || ((2 <= waterLevel) && (1 == systemActive))) Ensures: (((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) || ((2 <= waterLevel) && (1 == systemActive))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 392]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 135]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) || ((2 <= waterLevel) && (1 == systemActive))) Ensures: ((((((pumpRunning == 0) && (\old(waterLevel) <= ((long long) waterLevel + 1))) || ((2 <= waterLevel) && (\old(waterLevel) <= ((long long) waterLevel + 1)))) && ((\old(pumpRunning) != 0) || ((1 == systemActive) && (\old(waterLevel) == waterLevel)))) && (((1 == systemActive) && (2 <= \old(waterLevel))) || ((\old(pumpRunning) == 0) && (1 <= \old(waterLevel))))) && ((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 167]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) Ensures: (((((1 == systemActive) && (\old(pumpRunning) == 0)) && (1 <= waterLevel)) && ((pumpRunning == 0) || (1 < waterLevel))) && (((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 870]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) || ((2 <= waterLevel) && (1 == systemActive))) Ensures: (((((1 == systemActive) && ((\old(waterLevel) == 1) || (\old(waterLevel) == waterLevel))) && (1 <= \old(waterLevel))) && ((\old(waterLevel) != 1) || ((pumpRunning == 0) && (2 <= waterLevel)))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 193]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: ((1 == systemActive) && (1 <= waterLevel)) Ensures: ((((1 == systemActive) && (1 <= waterLevel)) && ((pumpRunning == 0) || (1 < waterLevel))) && (((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-09 23:18:18,932 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE