./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 023d838f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-023d838-m [2024-11-09 23:19:21,962 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 23:19:22,028 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-09 23:19:22,034 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 23:19:22,059 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 23:19:22,097 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 23:19:22,099 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 23:19:22,099 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 23:19:22,100 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-09 23:19:22,103 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-09 23:19:22,103 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 23:19:22,103 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 23:19:22,103 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-09 23:19:22,104 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-09 23:19:22,104 INFO L153 SettingsManager]: * Use SBE=true [2024-11-09 23:19:22,104 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 23:19:22,104 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-09 23:19:22,104 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 23:19:22,104 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 23:19:22,105 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 23:19:22,105 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 23:19:22,108 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-09 23:19:22,108 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 23:19:22,109 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-09 23:19:22,109 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 23:19:22,109 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 23:19:22,109 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-09 23:19:22,109 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 23:19:22,109 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-09 23:19:22,109 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-09 23:19:22,109 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 23:19:22,110 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 23:19:22,110 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:19:22,110 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 23:19:22,110 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 23:19:22,110 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-09 23:19:22,110 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-09 23:19:22,111 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 23:19:22,111 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 23:19:22,111 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-09 23:19:22,111 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-09 23:19:22,114 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 23:19:22,114 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c [2024-11-09 23:19:22,330 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 23:19:22,350 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 23:19:22,354 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 23:19:22,354 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 23:19:22,355 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 23:19:22,356 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c [2024-11-09 23:19:23,664 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 23:19:23,859 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 23:19:23,859 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c [2024-11-09 23:19:23,875 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/88556858f/69306d531ca340e680de408b3378175f/FLAG6c8b3dba9 [2024-11-09 23:19:23,888 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/88556858f/69306d531ca340e680de408b3378175f [2024-11-09 23:19:23,902 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 23:19:23,904 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 23:19:23,905 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 23:19:23,906 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 23:19:23,910 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 23:19:23,910 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:19:23" (1/1) ... [2024-11-09 23:19:23,911 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2e8515a6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:23, skipping insertion in model container [2024-11-09 23:19:23,911 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:19:23" (1/1) ... [2024-11-09 23:19:23,954 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 23:19:24,212 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2024-11-09 23:19:24,219 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:19:24,228 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 23:19:24,237 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-09 23:19:24,239 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [313] [2024-11-09 23:19:24,239 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [364] [2024-11-09 23:19:24,239 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [434] [2024-11-09 23:19:24,239 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [800] [2024-11-09 23:19:24,239 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [903] [2024-11-09 23:19:24,239 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1003] [2024-11-09 23:19:24,240 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1012] [2024-11-09 23:19:24,277 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2024-11-09 23:19:24,278 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:19:24,295 INFO L204 MainTranslator]: Completed translation [2024-11-09 23:19:24,295 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24 WrapperNode [2024-11-09 23:19:24,296 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 23:19:24,296 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 23:19:24,297 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 23:19:24,297 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 23:19:24,302 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,314 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,338 INFO L138 Inliner]: procedures = 60, calls = 108, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 243 [2024-11-09 23:19:24,338 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 23:19:24,339 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 23:19:24,339 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 23:19:24,339 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 23:19:24,348 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,348 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,350 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,360 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-09 23:19:24,361 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,361 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,365 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,365 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,366 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,367 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,369 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 23:19:24,370 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-09 23:19:24,370 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-09 23:19:24,370 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-09 23:19:24,371 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (1/1) ... [2024-11-09 23:19:24,375 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:19:24,386 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:19:24,400 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-09 23:19:24,401 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-09 23:19:24,443 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 23:19:24,443 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-09 23:19:24,443 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-09 23:19:24,443 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-09 23:19:24,443 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-09 23:19:24,444 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-09 23:19:24,444 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-09 23:19:24,444 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:19:24,444 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:19:24,444 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-09 23:19:24,444 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-09 23:19:24,444 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-09 23:19:24,444 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-09 23:19:24,444 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-09 23:19:24,444 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-09 23:19:24,444 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-09 23:19:24,444 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-09 23:19:24,444 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-09 23:19:24,445 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-09 23:19:24,445 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-09 23:19:24,445 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-09 23:19:24,445 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-09 23:19:24,445 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 23:19:24,445 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 23:19:24,519 INFO L256 CfgBuilder]: Building ICFG [2024-11-09 23:19:24,522 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 23:19:24,598 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L302-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~3#1; [2024-11-09 23:19:24,598 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L900-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~10#1; [2024-11-09 23:19:24,601 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L228: #res := ~retValue_acc~1; [2024-11-09 23:19:24,646 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L877-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~8#1; [2024-11-09 23:19:24,711 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L1000-1: main_#res#1 := main_~retValue_acc~11#1; [2024-11-09 23:19:24,711 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L1044-1: valid_product_#res#1 := valid_product_~retValue_acc~13#1; [2024-11-09 23:19:24,738 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L283-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~2#1; [2024-11-09 23:19:24,739 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L891-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~9#1; [2024-11-09 23:19:24,749 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L845-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~7#1; [2024-11-09 23:19:24,750 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L219: #res#1 := ~retValue_acc~0#1; [2024-11-09 23:19:24,768 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2024-11-09 23:19:24,768 INFO L307 CfgBuilder]: Performing block encoding [2024-11-09 23:19:24,782 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 23:19:24,782 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-09 23:19:24,782 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:19:24 BoogieIcfgContainer [2024-11-09 23:19:24,782 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-09 23:19:24,788 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 23:19:24,788 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 23:19:24,791 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 23:19:24,795 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 11:19:23" (1/3) ... [2024-11-09 23:19:24,796 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3414831e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:19:24, skipping insertion in model container [2024-11-09 23:19:24,796 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:24" (2/3) ... [2024-11-09 23:19:24,796 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3414831e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:19:24, skipping insertion in model container [2024-11-09 23:19:24,796 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:19:24" (3/3) ... [2024-11-09 23:19:24,798 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product62.cil.c [2024-11-09 23:19:24,812 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 23:19:24,813 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-09 23:19:24,858 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 23:19:24,863 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@38521ee7, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 23:19:24,863 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-09 23:19:24,866 INFO L276 IsEmpty]: Start isEmpty. Operand has 118 states, 88 states have (on average 1.3409090909090908) internal successors, (118), 98 states have internal predecessors, (118), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-09 23:19:24,874 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2024-11-09 23:19:24,874 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:24,875 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:24,875 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:24,879 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:24,880 INFO L85 PathProgramCache]: Analyzing trace with hash -664166077, now seen corresponding path program 1 times [2024-11-09 23:19:24,886 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:24,887 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [489116833] [2024-11-09 23:19:24,887 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:24,887 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:24,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,068 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-09 23:19:25,070 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,074 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-09 23:19:25,076 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,082 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:25,083 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:25,083 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [489116833] [2024-11-09 23:19:25,084 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [489116833] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:25,084 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:25,084 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 23:19:25,086 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [382998369] [2024-11-09 23:19:25,087 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:25,090 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-09 23:19:25,091 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:25,114 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-09 23:19:25,116 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:19:25,118 INFO L87 Difference]: Start difference. First operand has 118 states, 88 states have (on average 1.3409090909090908) internal successors, (118), 98 states have internal predecessors, (118), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:19:25,193 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:25,194 INFO L93 Difference]: Finished difference Result 226 states and 301 transitions. [2024-11-09 23:19:25,195 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-09 23:19:25,197 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2024-11-09 23:19:25,198 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:25,207 INFO L225 Difference]: With dead ends: 226 [2024-11-09 23:19:25,207 INFO L226 Difference]: Without dead ends: 107 [2024-11-09 23:19:25,210 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:19:25,213 INFO L432 NwaCegarLoop]: 147 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 147 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:25,213 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 147 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:19:25,225 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 107 states. [2024-11-09 23:19:25,242 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 107 to 107. [2024-11-09 23:19:25,244 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 107 states, 79 states have (on average 1.2911392405063291) internal successors, (102), 88 states have internal predecessors, (102), 18 states have call successors, (18), 10 states have call predecessors, (18), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-09 23:19:25,245 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 107 states to 107 states and 137 transitions. [2024-11-09 23:19:25,247 INFO L78 Accepts]: Start accepts. Automaton has 107 states and 137 transitions. Word has length 34 [2024-11-09 23:19:25,247 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:25,247 INFO L471 AbstractCegarLoop]: Abstraction has 107 states and 137 transitions. [2024-11-09 23:19:25,247 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:19:25,247 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 137 transitions. [2024-11-09 23:19:25,249 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2024-11-09 23:19:25,249 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:25,250 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:25,250 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 23:19:25,250 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:25,250 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:25,251 INFO L85 PathProgramCache]: Analyzing trace with hash 2099876527, now seen corresponding path program 1 times [2024-11-09 23:19:25,251 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:25,251 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1477325116] [2024-11-09 23:19:25,251 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:25,251 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:25,273 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,376 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:25,381 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,387 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-09 23:19:25,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,390 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:25,390 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:25,390 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1477325116] [2024-11-09 23:19:25,390 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1477325116] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:25,390 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:25,390 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 23:19:25,391 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1053293938] [2024-11-09 23:19:25,391 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:25,392 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 23:19:25,392 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:25,392 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 23:19:25,392 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:19:25,393 INFO L87 Difference]: Start difference. First operand 107 states and 137 transitions. Second operand has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:19:25,431 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:25,431 INFO L93 Difference]: Finished difference Result 206 states and 269 transitions. [2024-11-09 23:19:25,431 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 23:19:25,432 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 39 [2024-11-09 23:19:25,432 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:25,433 INFO L225 Difference]: With dead ends: 206 [2024-11-09 23:19:25,433 INFO L226 Difference]: Without dead ends: 107 [2024-11-09 23:19:25,434 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:19:25,435 INFO L432 NwaCegarLoop]: 135 mSDtfsCounter, 127 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 127 SdHoareTripleChecker+Valid, 135 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:25,435 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [127 Valid, 135 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:19:25,436 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 107 states. [2024-11-09 23:19:25,443 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 107 to 107. [2024-11-09 23:19:25,444 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 107 states, 79 states have (on average 1.2784810126582278) internal successors, (101), 88 states have internal predecessors, (101), 18 states have call successors, (18), 10 states have call predecessors, (18), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-09 23:19:25,445 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 107 states to 107 states and 136 transitions. [2024-11-09 23:19:25,445 INFO L78 Accepts]: Start accepts. Automaton has 107 states and 136 transitions. Word has length 39 [2024-11-09 23:19:25,446 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:25,446 INFO L471 AbstractCegarLoop]: Abstraction has 107 states and 136 transitions. [2024-11-09 23:19:25,447 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.666666666666666) internal successors, (32), 3 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:19:25,447 INFO L276 IsEmpty]: Start isEmpty. Operand 107 states and 136 transitions. [2024-11-09 23:19:25,448 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-09 23:19:25,448 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:25,448 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:25,449 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 23:19:25,449 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:25,449 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:25,449 INFO L85 PathProgramCache]: Analyzing trace with hash 862771230, now seen corresponding path program 1 times [2024-11-09 23:19:25,449 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:25,450 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [490747327] [2024-11-09 23:19:25,450 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:25,450 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:25,461 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,494 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-11-09 23:19:25,496 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,497 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-09 23:19:25,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,509 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-09 23:19:25,510 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,511 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-11-09 23:19:25,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,517 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:25,519 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:25,519 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [490747327] [2024-11-09 23:19:25,519 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [490747327] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:25,519 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:25,519 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-09 23:19:25,520 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1427410410] [2024-11-09 23:19:25,520 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:25,520 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-09 23:19:25,520 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:25,521 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-09 23:19:25,522 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-09 23:19:25,523 INFO L87 Difference]: Start difference. First operand 107 states and 136 transitions. Second operand has 4 states, 4 states have (on average 9.25) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 1 states have call predecessors, (4), 1 states have call successors, (4) [2024-11-09 23:19:25,644 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:25,644 INFO L93 Difference]: Finished difference Result 196 states and 249 transitions. [2024-11-09 23:19:25,645 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-09 23:19:25,645 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.25) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 1 states have call predecessors, (4), 1 states have call successors, (4) Word has length 49 [2024-11-09 23:19:25,645 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:25,647 INFO L225 Difference]: With dead ends: 196 [2024-11-09 23:19:25,647 INFO L226 Difference]: Without dead ends: 116 [2024-11-09 23:19:25,648 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-09 23:19:25,652 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 79 mSDsluCounter, 123 mSDsCounter, 0 mSdLazyCounter, 75 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 224 SdHoareTripleChecker+Invalid, 94 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 75 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:25,652 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [88 Valid, 224 Invalid, 94 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 75 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:19:25,653 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116 states. [2024-11-09 23:19:25,663 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116 to 97. [2024-11-09 23:19:25,663 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 72 states have (on average 1.2916666666666667) internal successors, (93), 81 states have internal predecessors, (93), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-09 23:19:25,664 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 123 transitions. [2024-11-09 23:19:25,664 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 123 transitions. Word has length 49 [2024-11-09 23:19:25,664 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:25,665 INFO L471 AbstractCegarLoop]: Abstraction has 97 states and 123 transitions. [2024-11-09 23:19:25,665 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.25) internal successors, (37), 3 states have internal predecessors, (37), 1 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 1 states have call predecessors, (4), 1 states have call successors, (4) [2024-11-09 23:19:25,665 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 123 transitions. [2024-11-09 23:19:25,669 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-09 23:19:25,669 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:25,670 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:25,670 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-09 23:19:25,670 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:25,670 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:25,670 INFO L85 PathProgramCache]: Analyzing trace with hash -295484648, now seen corresponding path program 1 times [2024-11-09 23:19:25,671 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:25,671 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1976911696] [2024-11-09 23:19:25,671 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:25,671 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:25,690 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,767 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:25,769 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,772 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-09 23:19:25,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,786 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-11-09 23:19:25,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,788 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-09 23:19:25,793 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:25,794 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:25,794 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:25,794 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1976911696] [2024-11-09 23:19:25,794 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1976911696] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:25,794 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:25,794 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-09 23:19:25,795 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1504913026] [2024-11-09 23:19:25,795 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:25,795 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-09 23:19:25,795 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:25,796 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-09 23:19:25,796 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-09 23:19:25,796 INFO L87 Difference]: Start difference. First operand 97 states and 123 transitions. Second operand has 4 states, 4 states have (on average 10.25) internal successors, (41), 3 states have internal predecessors, (41), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-09 23:19:25,948 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:25,948 INFO L93 Difference]: Finished difference Result 278 states and 356 transitions. [2024-11-09 23:19:25,949 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:19:25,949 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.25) internal successors, (41), 3 states have internal predecessors, (41), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 52 [2024-11-09 23:19:25,949 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:25,952 INFO L225 Difference]: With dead ends: 278 [2024-11-09 23:19:25,952 INFO L226 Difference]: Without dead ends: 189 [2024-11-09 23:19:25,952 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:19:25,955 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 178 mSDsluCounter, 129 mSDsCounter, 0 mSdLazyCounter, 85 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 185 SdHoareTripleChecker+Valid, 227 SdHoareTripleChecker+Invalid, 135 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 85 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:25,955 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [185 Valid, 227 Invalid, 135 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 85 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:19:25,956 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 189 states. [2024-11-09 23:19:25,983 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 189 to 180. [2024-11-09 23:19:25,983 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 180 states, 135 states have (on average 1.2666666666666666) internal successors, (171), 144 states have internal predecessors, (171), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-09 23:19:25,984 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 180 states to 180 states and 226 transitions. [2024-11-09 23:19:25,985 INFO L78 Accepts]: Start accepts. Automaton has 180 states and 226 transitions. Word has length 52 [2024-11-09 23:19:25,985 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:25,985 INFO L471 AbstractCegarLoop]: Abstraction has 180 states and 226 transitions. [2024-11-09 23:19:25,985 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.25) internal successors, (41), 3 states have internal predecessors, (41), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-09 23:19:25,985 INFO L276 IsEmpty]: Start isEmpty. Operand 180 states and 226 transitions. [2024-11-09 23:19:25,986 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-11-09 23:19:25,987 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:25,987 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:25,987 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-09 23:19:25,987 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:25,987 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:25,988 INFO L85 PathProgramCache]: Analyzing trace with hash -1789836351, now seen corresponding path program 1 times [2024-11-09 23:19:25,988 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:25,988 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [89919355] [2024-11-09 23:19:25,988 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:25,988 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:26,001 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,113 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:26,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,122 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-09 23:19:26,125 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,139 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:26,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,153 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:26,154 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,155 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2024-11-09 23:19:26,156 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,167 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-09 23:19:26,167 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:26,167 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [89919355] [2024-11-09 23:19:26,168 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [89919355] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:26,168 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:26,168 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-09 23:19:26,168 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1186961700] [2024-11-09 23:19:26,169 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:26,170 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-09 23:19:26,170 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:26,170 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-09 23:19:26,170 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:19:26,171 INFO L87 Difference]: Start difference. First operand 180 states and 226 transitions. Second operand has 7 states, 7 states have (on average 7.0) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 23:19:26,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:26,479 INFO L93 Difference]: Finished difference Result 353 states and 445 transitions. [2024-11-09 23:19:26,480 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-09 23:19:26,480 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 7.0) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 60 [2024-11-09 23:19:26,480 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:26,483 INFO L225 Difference]: With dead ends: 353 [2024-11-09 23:19:26,486 INFO L226 Difference]: Without dead ends: 181 [2024-11-09 23:19:26,487 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 26 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-09 23:19:26,488 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 144 mSDsluCounter, 378 mSDsCounter, 0 mSdLazyCounter, 230 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 151 SdHoareTripleChecker+Valid, 474 SdHoareTripleChecker+Invalid, 271 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 230 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:26,491 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [151 Valid, 474 Invalid, 271 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 230 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:19:26,492 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 181 states. [2024-11-09 23:19:26,522 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 181 to 178. [2024-11-09 23:19:26,528 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 178 states, 133 states have (on average 1.2406015037593985) internal successors, (165), 142 states have internal predecessors, (165), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-09 23:19:26,529 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 178 states to 178 states and 220 transitions. [2024-11-09 23:19:26,549 INFO L78 Accepts]: Start accepts. Automaton has 178 states and 220 transitions. Word has length 60 [2024-11-09 23:19:26,550 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:26,550 INFO L471 AbstractCegarLoop]: Abstraction has 178 states and 220 transitions. [2024-11-09 23:19:26,550 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 7.0) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 23:19:26,550 INFO L276 IsEmpty]: Start isEmpty. Operand 178 states and 220 transitions. [2024-11-09 23:19:26,551 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-11-09 23:19:26,553 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:26,553 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:26,553 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-09 23:19:26,554 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:26,554 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:26,554 INFO L85 PathProgramCache]: Analyzing trace with hash 1397409249, now seen corresponding path program 1 times [2024-11-09 23:19:26,554 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:26,554 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [147468569] [2024-11-09 23:19:26,558 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:26,558 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:26,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,628 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:26,633 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,636 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-09 23:19:26,643 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,654 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:26,658 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,685 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:26,687 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,689 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2024-11-09 23:19:26,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:26,694 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:26,694 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:26,694 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [147468569] [2024-11-09 23:19:26,694 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [147468569] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:26,694 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:26,695 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:19:26,695 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1685569678] [2024-11-09 23:19:26,695 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:26,695 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:19:26,696 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:26,696 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:19:26,696 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:19:26,696 INFO L87 Difference]: Start difference. First operand 178 states and 220 transitions. Second operand has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 23:19:26,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:26,951 INFO L93 Difference]: Finished difference Result 354 states and 450 transitions. [2024-11-09 23:19:26,952 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 23:19:26,952 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 66 [2024-11-09 23:19:26,952 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:26,953 INFO L225 Difference]: With dead ends: 354 [2024-11-09 23:19:26,953 INFO L226 Difference]: Without dead ends: 184 [2024-11-09 23:19:26,954 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:19:26,954 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 70 mSDsluCounter, 321 mSDsCounter, 0 mSdLazyCounter, 157 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 76 SdHoareTripleChecker+Valid, 419 SdHoareTripleChecker+Invalid, 175 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 157 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:26,955 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [76 Valid, 419 Invalid, 175 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 157 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:19:26,959 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 184 states. [2024-11-09 23:19:26,973 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 184 to 181. [2024-11-09 23:19:26,974 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 181 states, 136 states have (on average 1.2352941176470589) internal successors, (168), 145 states have internal predecessors, (168), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-09 23:19:26,975 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 181 states to 181 states and 223 transitions. [2024-11-09 23:19:26,975 INFO L78 Accepts]: Start accepts. Automaton has 181 states and 223 transitions. Word has length 66 [2024-11-09 23:19:26,975 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:26,975 INFO L471 AbstractCegarLoop]: Abstraction has 181 states and 223 transitions. [2024-11-09 23:19:26,975 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.833333333333334) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 23:19:26,976 INFO L276 IsEmpty]: Start isEmpty. Operand 181 states and 223 transitions. [2024-11-09 23:19:26,978 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-11-09 23:19:26,978 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:26,978 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:26,978 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-09 23:19:26,978 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:26,978 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:26,978 INFO L85 PathProgramCache]: Analyzing trace with hash 1408725376, now seen corresponding path program 1 times [2024-11-09 23:19:26,979 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:26,979 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1250611739] [2024-11-09 23:19:26,979 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:26,979 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:26,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,025 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:27,026 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,033 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-09 23:19:27,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,048 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:27,052 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,070 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:27,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,073 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2024-11-09 23:19:27,075 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,076 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:27,076 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:27,076 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1250611739] [2024-11-09 23:19:27,076 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1250611739] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:27,076 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:27,076 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:19:27,076 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [503643615] [2024-11-09 23:19:27,076 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:27,077 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:19:27,077 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:27,077 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:19:27,077 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:19:27,077 INFO L87 Difference]: Start difference. First operand 181 states and 223 transitions. Second operand has 5 states, 5 states have (on average 10.6) internal successors, (53), 4 states have internal predecessors, (53), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 23:19:27,187 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:27,188 INFO L93 Difference]: Finished difference Result 359 states and 455 transitions. [2024-11-09 23:19:27,190 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:19:27,190 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 4 states have internal predecessors, (53), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 66 [2024-11-09 23:19:27,190 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:27,191 INFO L225 Difference]: With dead ends: 359 [2024-11-09 23:19:27,192 INFO L226 Difference]: Without dead ends: 186 [2024-11-09 23:19:27,192 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:19:27,193 INFO L432 NwaCegarLoop]: 99 mSDtfsCounter, 69 mSDsluCounter, 228 mSDsCounter, 0 mSdLazyCounter, 118 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 327 SdHoareTripleChecker+Invalid, 136 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 118 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:27,193 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 327 Invalid, 136 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 118 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:19:27,197 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 186 states. [2024-11-09 23:19:27,207 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 186 to 183. [2024-11-09 23:19:27,208 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 183 states, 138 states have (on average 1.2318840579710144) internal successors, (170), 147 states have internal predecessors, (170), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-09 23:19:27,209 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 183 states to 183 states and 225 transitions. [2024-11-09 23:19:27,210 INFO L78 Accepts]: Start accepts. Automaton has 183 states and 225 transitions. Word has length 66 [2024-11-09 23:19:27,210 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:27,210 INFO L471 AbstractCegarLoop]: Abstraction has 183 states and 225 transitions. [2024-11-09 23:19:27,210 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 4 states have internal predecessors, (53), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 23:19:27,210 INFO L276 IsEmpty]: Start isEmpty. Operand 183 states and 225 transitions. [2024-11-09 23:19:27,211 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-11-09 23:19:27,211 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:27,211 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:27,211 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-09 23:19:27,211 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:27,211 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:27,211 INFO L85 PathProgramCache]: Analyzing trace with hash 1683484990, now seen corresponding path program 1 times [2024-11-09 23:19:27,211 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:27,212 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [162290206] [2024-11-09 23:19:27,212 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:27,212 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:27,220 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,260 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:27,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,266 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-09 23:19:27,269 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,280 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:27,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,297 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:27,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,300 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2024-11-09 23:19:27,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,303 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:27,303 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:27,303 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [162290206] [2024-11-09 23:19:27,303 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [162290206] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:27,303 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:27,304 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:19:27,304 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [813130380] [2024-11-09 23:19:27,304 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:27,304 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:19:27,304 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:27,304 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:19:27,304 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:19:27,305 INFO L87 Difference]: Start difference. First operand 183 states and 225 transitions. Second operand has 5 states, 5 states have (on average 10.6) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-09 23:19:27,502 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:27,502 INFO L93 Difference]: Finished difference Result 501 states and 643 transitions. [2024-11-09 23:19:27,502 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:19:27,503 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 66 [2024-11-09 23:19:27,503 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:27,504 INFO L225 Difference]: With dead ends: 501 [2024-11-09 23:19:27,504 INFO L226 Difference]: Without dead ends: 326 [2024-11-09 23:19:27,505 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 14 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:19:27,506 INFO L432 NwaCegarLoop]: 143 mSDtfsCounter, 245 mSDsluCounter, 198 mSDsCounter, 0 mSdLazyCounter, 165 mSolverCounterSat, 77 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 253 SdHoareTripleChecker+Valid, 341 SdHoareTripleChecker+Invalid, 242 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 77 IncrementalHoareTripleChecker+Valid, 165 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:27,506 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [253 Valid, 341 Invalid, 242 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [77 Valid, 165 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:19:27,506 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 326 states. [2024-11-09 23:19:27,526 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 326 to 323. [2024-11-09 23:19:27,527 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 323 states, 242 states have (on average 1.2066115702479339) internal successors, (292), 255 states have internal predecessors, (292), 42 states have call successors, (42), 35 states have call predecessors, (42), 38 states have return successors, (68), 43 states have call predecessors, (68), 42 states have call successors, (68) [2024-11-09 23:19:27,529 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 323 states to 323 states and 402 transitions. [2024-11-09 23:19:27,529 INFO L78 Accepts]: Start accepts. Automaton has 323 states and 402 transitions. Word has length 66 [2024-11-09 23:19:27,529 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:27,529 INFO L471 AbstractCegarLoop]: Abstraction has 323 states and 402 transitions. [2024-11-09 23:19:27,529 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.6) internal successors, (53), 4 states have internal predecessors, (53), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-09 23:19:27,530 INFO L276 IsEmpty]: Start isEmpty. Operand 323 states and 402 transitions. [2024-11-09 23:19:27,530 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 71 [2024-11-09 23:19:27,530 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:27,530 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:27,531 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-09 23:19:27,531 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:27,531 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:27,531 INFO L85 PathProgramCache]: Analyzing trace with hash 1566285692, now seen corresponding path program 1 times [2024-11-09 23:19:27,531 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:27,531 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [886284147] [2024-11-09 23:19:27,531 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:27,532 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:27,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,716 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-09 23:19:27,718 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,780 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-09 23:19:27,781 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,795 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-09 23:19:27,801 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,808 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:27,810 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,812 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:27,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,818 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2024-11-09 23:19:27,818 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:27,819 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:27,819 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:27,819 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [886284147] [2024-11-09 23:19:27,819 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [886284147] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:27,819 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:27,819 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-09 23:19:27,819 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2048684012] [2024-11-09 23:19:27,820 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:27,820 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-09 23:19:27,820 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:27,823 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-09 23:19:27,823 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:19:27,824 INFO L87 Difference]: Start difference. First operand 323 states and 402 transitions. Second operand has 9 states, 9 states have (on average 6.111111111111111) internal successors, (55), 7 states have internal predecessors, (55), 4 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-11-09 23:19:28,651 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:28,651 INFO L93 Difference]: Finished difference Result 965 states and 1252 transitions. [2024-11-09 23:19:28,655 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-09 23:19:28,655 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 6.111111111111111) internal successors, (55), 7 states have internal predecessors, (55), 4 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 70 [2024-11-09 23:19:28,656 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:28,659 INFO L225 Difference]: With dead ends: 965 [2024-11-09 23:19:28,659 INFO L226 Difference]: Without dead ends: 706 [2024-11-09 23:19:28,664 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 65 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=101, Invalid=319, Unknown=0, NotChecked=0, Total=420 [2024-11-09 23:19:28,664 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 497 mSDsluCounter, 497 mSDsCounter, 0 mSdLazyCounter, 676 mSolverCounterSat, 171 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 503 SdHoareTripleChecker+Valid, 599 SdHoareTripleChecker+Invalid, 847 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 171 IncrementalHoareTripleChecker+Valid, 676 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:28,665 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [503 Valid, 599 Invalid, 847 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [171 Valid, 676 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-09 23:19:28,666 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 706 states. [2024-11-09 23:19:28,699 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 706 to 621. [2024-11-09 23:19:28,699 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 621 states, 464 states have (on average 1.206896551724138) internal successors, (560), 492 states have internal predecessors, (560), 82 states have call successors, (82), 62 states have call predecessors, (82), 74 states have return successors, (132), 84 states have call predecessors, (132), 82 states have call successors, (132) [2024-11-09 23:19:28,702 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 621 states to 621 states and 774 transitions. [2024-11-09 23:19:28,702 INFO L78 Accepts]: Start accepts. Automaton has 621 states and 774 transitions. Word has length 70 [2024-11-09 23:19:28,703 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:28,703 INFO L471 AbstractCegarLoop]: Abstraction has 621 states and 774 transitions. [2024-11-09 23:19:28,703 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 6.111111111111111) internal successors, (55), 7 states have internal predecessors, (55), 4 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-11-09 23:19:28,703 INFO L276 IsEmpty]: Start isEmpty. Operand 621 states and 774 transitions. [2024-11-09 23:19:28,704 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 125 [2024-11-09 23:19:28,704 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:28,704 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:28,705 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-09 23:19:28,705 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:28,705 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:28,705 INFO L85 PathProgramCache]: Analyzing trace with hash 1905557345, now seen corresponding path program 1 times [2024-11-09 23:19:28,705 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:28,705 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [571095388] [2024-11-09 23:19:28,705 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:28,706 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:28,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,833 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-09 23:19:28,834 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,845 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-09 23:19:28,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,864 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-09 23:19:28,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,871 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-09 23:19:28,874 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,882 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:28,885 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,891 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:28,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,893 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2024-11-09 23:19:28,894 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,906 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 86 [2024-11-09 23:19:28,907 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,909 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 93 [2024-11-09 23:19:28,911 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,914 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-09 23:19:28,914 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,915 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:28,916 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,916 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 115 [2024-11-09 23:19:28,917 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:28,918 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 16 proven. 13 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-09 23:19:28,919 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:28,919 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [571095388] [2024-11-09 23:19:28,919 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [571095388] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:19:28,919 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1383356768] [2024-11-09 23:19:28,919 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:28,920 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:19:28,920 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:19:28,922 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:19:28,929 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 23:19:29,026 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:29,028 INFO L255 TraceCheckSpWp]: Trace formula consists of 390 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-09 23:19:29,036 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:19:29,162 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 31 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:19:29,162 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 23:19:29,472 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 19 proven. 10 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-09 23:19:29,472 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1383356768] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 23:19:29,472 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 23:19:29,472 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-09 23:19:29,473 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1720345151] [2024-11-09 23:19:29,473 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 23:19:29,473 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-09 23:19:29,473 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:29,474 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-09 23:19:29,474 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-11-09 23:19:29,474 INFO L87 Difference]: Start difference. First operand 621 states and 774 transitions. Second operand has 15 states, 15 states have (on average 9.666666666666666) internal successors, (145), 10 states have internal predecessors, (145), 6 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (23), 7 states have call predecessors, (23), 6 states have call successors, (23) [2024-11-09 23:19:30,721 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:30,722 INFO L93 Difference]: Finished difference Result 1321 states and 1686 transitions. [2024-11-09 23:19:30,722 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 32 states. [2024-11-09 23:19:30,722 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.666666666666666) internal successors, (145), 10 states have internal predecessors, (145), 6 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (23), 7 states have call predecessors, (23), 6 states have call successors, (23) Word has length 124 [2024-11-09 23:19:30,722 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:30,726 INFO L225 Difference]: With dead ends: 1321 [2024-11-09 23:19:30,726 INFO L226 Difference]: Without dead ends: 762 [2024-11-09 23:19:30,728 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 325 GetRequests, 279 SyntacticMatches, 4 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 462 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=441, Invalid=1451, Unknown=0, NotChecked=0, Total=1892 [2024-11-09 23:19:30,728 INFO L432 NwaCegarLoop]: 169 mSDtfsCounter, 600 mSDsluCounter, 1004 mSDsCounter, 0 mSdLazyCounter, 1143 mSolverCounterSat, 234 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 605 SdHoareTripleChecker+Valid, 1173 SdHoareTripleChecker+Invalid, 1377 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 234 IncrementalHoareTripleChecker+Valid, 1143 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:30,728 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [605 Valid, 1173 Invalid, 1377 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [234 Valid, 1143 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-09 23:19:30,729 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 762 states. [2024-11-09 23:19:30,759 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 762 to 686. [2024-11-09 23:19:30,760 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 686 states, 508 states have (on average 1.1929133858267718) internal successors, (606), 544 states have internal predecessors, (606), 92 states have call successors, (92), 76 states have call predecessors, (92), 85 states have return successors, (124), 89 states have call predecessors, (124), 92 states have call successors, (124) [2024-11-09 23:19:30,762 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 686 states to 686 states and 822 transitions. [2024-11-09 23:19:30,763 INFO L78 Accepts]: Start accepts. Automaton has 686 states and 822 transitions. Word has length 124 [2024-11-09 23:19:30,764 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:30,764 INFO L471 AbstractCegarLoop]: Abstraction has 686 states and 822 transitions. [2024-11-09 23:19:30,764 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.666666666666666) internal successors, (145), 10 states have internal predecessors, (145), 6 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (23), 7 states have call predecessors, (23), 6 states have call successors, (23) [2024-11-09 23:19:30,764 INFO L276 IsEmpty]: Start isEmpty. Operand 686 states and 822 transitions. [2024-11-09 23:19:30,766 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 221 [2024-11-09 23:19:30,766 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:30,766 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:30,790 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-09 23:19:30,967 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-09 23:19:30,967 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:30,968 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:30,968 INFO L85 PathProgramCache]: Analyzing trace with hash 967804859, now seen corresponding path program 1 times [2024-11-09 23:19:30,968 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:30,968 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [140052428] [2024-11-09 23:19:30,968 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:30,968 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:30,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,114 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-09 23:19:31,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,121 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-09 23:19:31,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,143 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-09 23:19:31,144 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,170 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-09 23:19:31,174 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,176 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:31,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,178 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:31,179 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,180 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2024-11-09 23:19:31,183 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,239 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-09 23:19:31,240 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,241 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-09 23:19:31,242 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,243 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:31,245 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,248 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-09 23:19:31,248 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,249 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:31,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,250 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 127 [2024-11-09 23:19:31,253 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,256 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-09 23:19:31,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,257 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-09 23:19:31,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,259 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:31,260 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,261 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 162 [2024-11-09 23:19:31,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,262 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 173 [2024-11-09 23:19:31,264 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,264 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 182 [2024-11-09 23:19:31,267 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,270 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:31,271 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,273 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:31,274 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,275 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 211 [2024-11-09 23:19:31,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,278 INFO L134 CoverageAnalysis]: Checked inductivity of 235 backedges. 93 proven. 28 refuted. 0 times theorem prover too weak. 114 trivial. 0 not checked. [2024-11-09 23:19:31,278 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:31,279 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [140052428] [2024-11-09 23:19:31,279 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [140052428] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:19:31,279 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [571810956] [2024-11-09 23:19:31,279 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:31,279 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:19:31,279 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:19:31,281 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:19:31,281 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-09 23:19:31,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:31,395 INFO L255 TraceCheckSpWp]: Trace formula consists of 627 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-09 23:19:31,400 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:19:31,565 INFO L134 CoverageAnalysis]: Checked inductivity of 235 backedges. 171 proven. 4 refuted. 0 times theorem prover too weak. 60 trivial. 0 not checked. [2024-11-09 23:19:31,565 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 23:19:31,951 INFO L134 CoverageAnalysis]: Checked inductivity of 235 backedges. 82 proven. 42 refuted. 0 times theorem prover too weak. 111 trivial. 0 not checked. [2024-11-09 23:19:31,951 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [571810956] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 23:19:31,951 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 23:19:31,951 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 11] total 26 [2024-11-09 23:19:31,951 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1216340528] [2024-11-09 23:19:31,952 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 23:19:31,952 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 26 states [2024-11-09 23:19:31,952 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:31,953 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2024-11-09 23:19:31,953 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=123, Invalid=527, Unknown=0, NotChecked=0, Total=650 [2024-11-09 23:19:31,954 INFO L87 Difference]: Start difference. First operand 686 states and 822 transitions. Second operand has 26 states, 26 states have (on average 8.923076923076923) internal successors, (232), 23 states have internal predecessors, (232), 10 states have call successors, (45), 8 states have call predecessors, (45), 10 states have return successors, (40), 9 states have call predecessors, (40), 10 states have call successors, (40) [2024-11-09 23:19:33,113 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:33,113 INFO L93 Difference]: Finished difference Result 1452 states and 1795 transitions. [2024-11-09 23:19:33,113 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2024-11-09 23:19:33,113 INFO L78 Accepts]: Start accepts. Automaton has has 26 states, 26 states have (on average 8.923076923076923) internal successors, (232), 23 states have internal predecessors, (232), 10 states have call successors, (45), 8 states have call predecessors, (45), 10 states have return successors, (40), 9 states have call predecessors, (40), 10 states have call successors, (40) Word has length 220 [2024-11-09 23:19:33,114 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:33,115 INFO L225 Difference]: With dead ends: 1452 [2024-11-09 23:19:33,115 INFO L226 Difference]: Without dead ends: 0 [2024-11-09 23:19:33,118 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 530 GetRequests, 474 SyntacticMatches, 3 SemanticMatches, 53 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 613 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=577, Invalid=2393, Unknown=0, NotChecked=0, Total=2970 [2024-11-09 23:19:33,118 INFO L432 NwaCegarLoop]: 116 mSDtfsCounter, 616 mSDsluCounter, 1038 mSDsCounter, 0 mSdLazyCounter, 1769 mSolverCounterSat, 270 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 619 SdHoareTripleChecker+Valid, 1154 SdHoareTripleChecker+Invalid, 2039 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 270 IncrementalHoareTripleChecker+Valid, 1769 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:33,118 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [619 Valid, 1154 Invalid, 2039 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [270 Valid, 1769 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-09 23:19:33,119 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-09 23:19:33,119 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-09 23:19:33,119 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:19:33,119 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-09 23:19:33,120 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 220 [2024-11-09 23:19:33,120 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:33,120 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-09 23:19:33,120 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 26 states, 26 states have (on average 8.923076923076923) internal successors, (232), 23 states have internal predecessors, (232), 10 states have call successors, (45), 8 states have call predecessors, (45), 10 states have return successors, (40), 9 states have call predecessors, (40), 10 states have call successors, (40) [2024-11-09 23:19:33,120 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-09 23:19:33,120 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-09 23:19:33,122 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-09 23:19:33,135 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-09 23:19:33,326 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-09 23:19:33,329 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:33,332 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-09 23:19:37,763 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-09 23:19:37,772 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|)) Eliminated clause: (and (<= 1 ~pumpRunning~0) (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (<= 1 ~switchedOnBeforeTS~0)) [2024-11-09 23:19:37,786 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-11-09 23:19:37,802 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-09 23:19:37,807 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse2 (= |old(~waterLevel~0)| 2)) (.cse0 (= ~pumpRunning~0 0)) (.cse3 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 1))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse1 .cse4) (and .cse3 .cse1 .cse4 (<= 1 ~switchedOnBeforeTS~0))))) Eliminated clause: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-09 23:19:37,811 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-09 23:19:37,819 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.11 11:19:37 BoogieIcfgContainer [2024-11-09 23:19:37,819 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-09 23:19:37,819 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-09 23:19:37,819 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-09 23:19:37,823 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-09 23:19:37,824 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:19:24" (3/4) ... [2024-11-09 23:19:37,825 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-09 23:19:37,832 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-09 23:19:37,832 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-09 23:19:37,832 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-09 23:19:37,833 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-09 23:19:37,833 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-09 23:19:37,833 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:19:37,833 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-09 23:19:37,833 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-09 23:19:37,833 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-09 23:19:37,833 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-09 23:19:37,838 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 43 nodes and edges [2024-11-09 23:19:37,838 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-09 23:19:37,838 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-09 23:19:37,839 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:19:37,839 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:19:37,935 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-09 23:19:37,935 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-09 23:19:37,935 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-09 23:19:37,935 INFO L158 Benchmark]: Toolchain (without parser) took 14031.88ms. Allocated memory was 243.3MB in the beginning and 358.6MB in the end (delta: 115.3MB). Free memory was 213.4MB in the beginning and 156.0MB in the end (delta: 57.4MB). Peak memory consumption was 170.8MB. Max. memory is 16.1GB. [2024-11-09 23:19:37,936 INFO L158 Benchmark]: CDTParser took 0.13ms. Allocated memory is still 142.6MB. Free memory was 105.5MB in the beginning and 105.5MB in the end (delta: 39.8kB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-09 23:19:37,936 INFO L158 Benchmark]: CACSL2BoogieTranslator took 390.87ms. Allocated memory is still 243.3MB. Free memory was 213.2MB in the beginning and 194.5MB in the end (delta: 18.8MB). Peak memory consumption was 21.2MB. Max. memory is 16.1GB. [2024-11-09 23:19:37,936 INFO L158 Benchmark]: Boogie Procedure Inliner took 42.06ms. Allocated memory is still 243.3MB. Free memory was 194.5MB in the beginning and 192.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:19:37,936 INFO L158 Benchmark]: Boogie Preprocessor took 30.11ms. Allocated memory is still 243.3MB. Free memory was 192.4MB in the beginning and 190.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:19:37,937 INFO L158 Benchmark]: IcfgBuilder took 412.90ms. Allocated memory is still 243.3MB. Free memory was 190.3MB in the beginning and 168.3MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-09 23:19:37,937 INFO L158 Benchmark]: TraceAbstraction took 13030.61ms. Allocated memory was 243.3MB in the beginning and 358.6MB in the end (delta: 115.3MB). Free memory was 167.2MB in the beginning and 164.4MB in the end (delta: 2.8MB). Peak memory consumption was 169.2MB. Max. memory is 16.1GB. [2024-11-09 23:19:37,937 INFO L158 Benchmark]: Witness Printer took 115.86ms. Allocated memory is still 358.6MB. Free memory was 164.4MB in the beginning and 156.0MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-09 23:19:37,938 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13ms. Allocated memory is still 142.6MB. Free memory was 105.5MB in the beginning and 105.5MB in the end (delta: 39.8kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 390.87ms. Allocated memory is still 243.3MB. Free memory was 213.2MB in the beginning and 194.5MB in the end (delta: 18.8MB). Peak memory consumption was 21.2MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 42.06ms. Allocated memory is still 243.3MB. Free memory was 194.5MB in the beginning and 192.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 30.11ms. Allocated memory is still 243.3MB. Free memory was 192.4MB in the beginning and 190.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 412.90ms. Allocated memory is still 243.3MB. Free memory was 190.3MB in the beginning and 168.3MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 13030.61ms. Allocated memory was 243.3MB in the beginning and 358.6MB in the end (delta: 115.3MB). Free memory was 167.2MB in the beginning and 164.4MB in the end (delta: 2.8MB). Peak memory consumption was 169.2MB. Max. memory is 16.1GB. * Witness Printer took 115.86ms. Allocated memory is still 358.6MB. Free memory was 164.4MB in the beginning and 156.0MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 313]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [313] - GenericResultAtLocation [Line: 364]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [364] - GenericResultAtLocation [Line: 434]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [434] - GenericResultAtLocation [Line: 800]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [800] - GenericResultAtLocation [Line: 903]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [903] - GenericResultAtLocation [Line: 1003]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1003] - GenericResultAtLocation [Line: 1012]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1012] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 1008]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 118 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 8.5s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 4.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2682 SdHoareTripleChecker+Valid, 3.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2625 mSDsluCounter, 5220 SdHoareTripleChecker+Invalid, 2.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3916 mSDsCounter, 899 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4419 IncrementalHoareTripleChecker+Invalid, 5318 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 899 mSolverCounterUnsat, 1304 mSDtfsCounter, 4419 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1011 GetRequests, 854 SyntacticMatches, 8 SemanticMatches, 149 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1163 ImplicationChecksByTransitivity, 1.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=686occurred in iteration=10, InterpolantAutomatonStates: 127, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 11 MinimizatonAttempts, 201 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.6s InterpolantComputationTime, 1190 NumberOfCodeBlocks, 1190 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1519 ConstructedInterpolants, 0 QuantifiedInterpolants, 2861 SizeOfPredicates, 2 NumberOfNonLiveVariables, 1017 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 750/858 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 378]: Location Invariant Derived location invariant: null - InvariantResult [Line: 915]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 203]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) Ensures: ((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 827]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 905]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || (\old(waterLevel) != 2)) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS))) && (((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (\old(waterLevel) == waterLevel)) || (\old(pumpRunning) != 0)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (\old(waterLevel) == 2))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (((\old(pumpRunning) == 0) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && ((((\old(waterLevel) != 1) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (((((1 <= pumpRunning) && (pumpRunning == \old(pumpRunning))) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1))) && ((((((1 < \old(waterLevel)) || (((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || ((((((1 <= pumpRunning) && (pumpRunning == \old(pumpRunning))) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 815]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((long long) \old(waterLevel) + 1) == waterLevel) || (2 == waterLevel))) && ((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 127]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 222]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((pumpRunning == \result) && (((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) || (((1 <= pumpRunning) && (2 <= waterLevel)) && (1 == systemActive))) || ((pumpRunning == 0) && (1 == systemActive)))) && ((2 == waterLevel) || (waterLevel < 2))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 211]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: (((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-09 23:19:37,963 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE