./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8be7027f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 --- Real Ultimate output --- This is Ultimate 0.2.5-wip.dk.perfect-tracechecks-8be7027-m [2024-11-11 20:55:55,093 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-11 20:55:55,143 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-11 20:55:55,148 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-11 20:55:55,149 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-11 20:55:55,171 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-11 20:55:55,173 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-11 20:55:55,174 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-11 20:55:55,174 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-11 20:55:55,178 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-11 20:55:55,178 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-11 20:55:55,178 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-11 20:55:55,179 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-11 20:55:55,179 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-11 20:55:55,180 INFO L153 SettingsManager]: * Use SBE=true [2024-11-11 20:55:55,180 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-11 20:55:55,180 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-11 20:55:55,181 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-11 20:55:55,182 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-11 20:55:55,182 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-11 20:55:55,182 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-11 20:55:55,183 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-11 20:55:55,183 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-11 20:55:55,183 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-11 20:55:55,183 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-11 20:55:55,183 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-11 20:55:55,183 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-11 20:55:55,184 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-11 20:55:55,184 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-11 20:55:55,184 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-11 20:55:55,184 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-11 20:55:55,184 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-11 20:55:55,184 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:55:55,185 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-11 20:55:55,185 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-11 20:55:55,185 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-11 20:55:55,185 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-11 20:55:55,185 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-11 20:55:55,185 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-11 20:55:55,185 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-11 20:55:55,185 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-11 20:55:55,189 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-11 20:55:55,190 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 [2024-11-11 20:55:55,418 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-11 20:55:55,435 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-11 20:55:55,437 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-11 20:55:55,438 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-11 20:55:55,439 INFO L274 PluginConnector]: CDTParser initialized [2024-11-11 20:55:55,441 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c [2024-11-11 20:55:56,690 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-11 20:55:56,881 INFO L384 CDTParser]: Found 1 translation units. [2024-11-11 20:55:56,881 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c [2024-11-11 20:55:56,897 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/82aaa16f7/7253977a3fc2403d94fe61c9f635057d/FLAGf2e005c8e [2024-11-11 20:55:57,256 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/82aaa16f7/7253977a3fc2403d94fe61c9f635057d [2024-11-11 20:55:57,260 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-11 20:55:57,261 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-11 20:55:57,262 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-11 20:55:57,263 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-11 20:55:57,266 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-11 20:55:57,267 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,267 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@69e7e1b5 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57, skipping insertion in model container [2024-11-11 20:55:57,268 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,295 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-11 20:55:57,542 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-11-11 20:55:57,555 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:55:57,563 INFO L200 MainTranslator]: Completed pre-run [2024-11-11 20:55:57,570 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-11 20:55:57,573 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] [2024-11-11 20:55:57,573 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] [2024-11-11 20:55:57,575 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] [2024-11-11 20:55:57,575 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] [2024-11-11 20:55:57,575 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] [2024-11-11 20:55:57,576 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] [2024-11-11 20:55:57,576 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] [2024-11-11 20:55:57,619 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-11-11 20:55:57,627 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:55:57,651 INFO L204 MainTranslator]: Completed translation [2024-11-11 20:55:57,651 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57 WrapperNode [2024-11-11 20:55:57,651 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-11 20:55:57,652 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-11 20:55:57,652 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-11 20:55:57,653 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-11 20:55:57,658 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,667 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,690 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 209 [2024-11-11 20:55:57,690 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-11 20:55:57,691 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-11 20:55:57,691 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-11 20:55:57,691 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-11 20:55:57,699 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,699 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,701 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,717 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-11 20:55:57,718 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,718 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,721 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,724 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,725 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,725 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,727 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-11 20:55:57,727 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-11 20:55:57,727 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-11 20:55:57,728 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-11 20:55:57,728 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (1/1) ... [2024-11-11 20:55:57,735 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:55:57,744 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:55:57,757 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-11 20:55:57,761 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-11 20:55:57,797 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-11 20:55:57,798 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-11 20:55:57,798 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-11 20:55:57,798 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-11 20:55:57,798 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-11 20:55:57,798 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-11 20:55:57,798 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-11 20:55:57,798 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:55:57,798 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:55:57,798 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-11 20:55:57,798 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-11 20:55:57,798 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-11 20:55:57,798 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-11 20:55:57,799 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-11 20:55:57,799 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-11 20:55:57,799 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-11 20:55:57,799 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-11 20:55:57,799 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-11 20:55:57,799 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-11 20:55:57,799 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-11 20:55:57,893 INFO L238 CfgBuilder]: Building ICFG [2024-11-11 20:55:57,895 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-11 20:55:58,083 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-11-11 20:55:58,084 INFO L287 CfgBuilder]: Performing block encoding [2024-11-11 20:55:58,095 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-11 20:55:58,096 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-11 20:55:58,096 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:55:58 BoogieIcfgContainer [2024-11-11 20:55:58,096 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-11 20:55:58,099 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-11 20:55:58,100 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-11 20:55:58,103 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-11 20:55:58,103 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.11 08:55:57" (1/3) ... [2024-11-11 20:55:58,104 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@522d87f9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:55:58, skipping insertion in model container [2024-11-11 20:55:58,104 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:55:57" (2/3) ... [2024-11-11 20:55:58,104 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@522d87f9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:55:58, skipping insertion in model container [2024-11-11 20:55:58,104 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:55:58" (3/3) ... [2024-11-11 20:55:58,108 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product40.cil.c [2024-11-11 20:55:58,120 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-11 20:55:58,120 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-11 20:55:58,167 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-11 20:55:58,176 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@755a9c95, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-11 20:55:58,176 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-11 20:55:58,180 INFO L276 IsEmpty]: Start isEmpty. Operand has 98 states, 74 states have (on average 1.364864864864865) internal successors, (101), 83 states have internal predecessors, (101), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-11 20:55:58,186 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-11 20:55:58,186 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:55:58,187 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:55:58,187 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:55:58,194 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:55:58,194 INFO L85 PathProgramCache]: Analyzing trace with hash 694872208, now seen corresponding path program 1 times [2024-11-11 20:55:58,202 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:55:58,202 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [981430705] [2024-11-11 20:55:58,202 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:55:58,203 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:55:58,289 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,352 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-11 20:55:58,356 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,359 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-11 20:55:58,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,364 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:55:58,364 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:55:58,364 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [981430705] [2024-11-11 20:55:58,365 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [981430705] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:55:58,365 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:55:58,365 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-11 20:55:58,366 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [809717720] [2024-11-11 20:55:58,367 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:55:58,371 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-11 20:55:58,372 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:55:58,390 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-11 20:55:58,390 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:55:58,393 INFO L87 Difference]: Start difference. First operand has 98 states, 74 states have (on average 1.364864864864865) internal successors, (101), 83 states have internal predecessors, (101), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:55:58,416 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:55:58,417 INFO L93 Difference]: Finished difference Result 187 states and 252 transitions. [2024-11-11 20:55:58,418 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-11 20:55:58,419 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-11 20:55:58,419 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:55:58,426 INFO L225 Difference]: With dead ends: 187 [2024-11-11 20:55:58,426 INFO L226 Difference]: Without dead ends: 89 [2024-11-11 20:55:58,430 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:55:58,432 INFO L435 NwaCegarLoop]: 123 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 123 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:55:58,434 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 123 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:55:58,447 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2024-11-11 20:55:58,465 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 89. [2024-11-11 20:55:58,466 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 67 states have (on average 1.2985074626865671) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-11 20:55:58,470 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 114 transitions. [2024-11-11 20:55:58,472 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 114 transitions. Word has length 32 [2024-11-11 20:55:58,472 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:55:58,472 INFO L471 AbstractCegarLoop]: Abstraction has 89 states and 114 transitions. [2024-11-11 20:55:58,472 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:55:58,473 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 114 transitions. [2024-11-11 20:55:58,474 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-11 20:55:58,475 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:55:58,475 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:55:58,475 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-11 20:55:58,475 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:55:58,476 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:55:58,476 INFO L85 PathProgramCache]: Analyzing trace with hash -778098819, now seen corresponding path program 1 times [2024-11-11 20:55:58,476 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:55:58,476 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1424109711] [2024-11-11 20:55:58,476 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:55:58,477 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:55:58,504 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,575 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-11 20:55:58,577 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,580 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-11 20:55:58,582 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,585 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:55:58,585 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:55:58,585 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1424109711] [2024-11-11 20:55:58,585 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1424109711] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:55:58,585 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:55:58,586 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:55:58,586 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [287484287] [2024-11-11 20:55:58,586 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:55:58,587 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:55:58,587 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:55:58,588 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:55:58,588 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:55:58,588 INFO L87 Difference]: Start difference. First operand 89 states and 114 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:55:58,603 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:55:58,603 INFO L93 Difference]: Finished difference Result 138 states and 176 transitions. [2024-11-11 20:55:58,604 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:55:58,604 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-11 20:55:58,605 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:55:58,605 INFO L225 Difference]: With dead ends: 138 [2024-11-11 20:55:58,606 INFO L226 Difference]: Without dead ends: 80 [2024-11-11 20:55:58,607 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:55:58,607 INFO L435 NwaCegarLoop]: 101 mSDtfsCounter, 17 mSDsluCounter, 79 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 180 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:55:58,608 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 180 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:55:58,609 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2024-11-11 20:55:58,617 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2024-11-11 20:55:58,617 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 61 states have (on average 1.3114754098360655) internal successors, (80), 69 states have internal predecessors, (80), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-11 20:55:58,619 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 102 transitions. [2024-11-11 20:55:58,620 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 102 transitions. Word has length 33 [2024-11-11 20:55:58,620 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:55:58,620 INFO L471 AbstractCegarLoop]: Abstraction has 80 states and 102 transitions. [2024-11-11 20:55:58,620 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:55:58,620 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 102 transitions. [2024-11-11 20:55:58,621 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-11 20:55:58,622 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:55:58,622 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:55:58,622 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-11 20:55:58,623 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:55:58,626 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:55:58,627 INFO L85 PathProgramCache]: Analyzing trace with hash 1811500472, now seen corresponding path program 1 times [2024-11-11 20:55:58,627 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:55:58,627 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [352039152] [2024-11-11 20:55:58,627 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:55:58,627 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:55:58,655 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,758 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:55:58,761 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,765 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-11 20:55:58,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,776 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:55:58,777 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:55:58,778 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [352039152] [2024-11-11 20:55:58,778 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [352039152] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:55:58,778 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:55:58,778 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-11 20:55:58,778 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [623291609] [2024-11-11 20:55:58,778 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:55:58,779 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-11 20:55:58,780 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:55:58,780 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-11 20:55:58,781 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:55:58,781 INFO L87 Difference]: Start difference. First operand 80 states and 102 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:55:58,871 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:55:58,872 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2024-11-11 20:55:58,873 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-11 20:55:58,874 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-11 20:55:58,874 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:55:58,875 INFO L225 Difference]: With dead ends: 199 [2024-11-11 20:55:58,876 INFO L226 Difference]: Without dead ends: 127 [2024-11-11 20:55:58,876 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:55:58,878 INFO L435 NwaCegarLoop]: 114 mSDtfsCounter, 91 mSDsluCounter, 283 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 397 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:55:58,879 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 397 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:55:58,879 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2024-11-11 20:55:58,896 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 124. [2024-11-11 20:55:58,897 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 94 states have (on average 1.3297872340425532) internal successors, (125), 105 states have internal predecessors, (125), 17 states have call successors, (17), 12 states have call predecessors, (17), 12 states have return successors, (18), 13 states have call predecessors, (18), 17 states have call successors, (18) [2024-11-11 20:55:58,898 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 160 transitions. [2024-11-11 20:55:58,898 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 160 transitions. Word has length 38 [2024-11-11 20:55:58,898 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:55:58,898 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 160 transitions. [2024-11-11 20:55:58,899 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:55:58,899 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 160 transitions. [2024-11-11 20:55:58,900 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-11 20:55:58,900 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:55:58,900 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:55:58,900 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-11 20:55:58,900 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:55:58,901 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:55:58,901 INFO L85 PathProgramCache]: Analyzing trace with hash -1858694344, now seen corresponding path program 1 times [2024-11-11 20:55:58,901 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:55:58,901 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [964604218] [2024-11-11 20:55:58,901 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:55:58,901 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:55:58,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,984 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-11 20:55:58,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:58,987 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-11 20:55:58,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,005 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-11 20:55:59,006 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:55:59,006 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [964604218] [2024-11-11 20:55:59,006 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [964604218] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:55:59,006 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:55:59,007 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:55:59,007 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1433870014] [2024-11-11 20:55:59,007 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:55:59,008 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:55:59,008 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:55:59,008 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:55:59,008 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:55:59,009 INFO L87 Difference]: Start difference. First operand 124 states and 160 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:55:59,131 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:55:59,132 INFO L93 Difference]: Finished difference Result 279 states and 370 transitions. [2024-11-11 20:55:59,132 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:55:59,132 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-11-11 20:55:59,132 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:55:59,137 INFO L225 Difference]: With dead ends: 279 [2024-11-11 20:55:59,137 INFO L226 Difference]: Without dead ends: 163 [2024-11-11 20:55:59,138 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:55:59,139 INFO L435 NwaCegarLoop]: 102 mSDtfsCounter, 72 mSDsluCounter, 334 mSDsCounter, 0 mSdLazyCounter, 68 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 436 SdHoareTripleChecker+Invalid, 77 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 68 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:55:59,139 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 436 Invalid, 77 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 68 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:55:59,140 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 163 states. [2024-11-11 20:55:59,161 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 163 to 162. [2024-11-11 20:55:59,162 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 162 states, 123 states have (on average 1.2682926829268293) internal successors, (156), 133 states have internal predecessors, (156), 21 states have call successors, (21), 17 states have call predecessors, (21), 17 states have return successors, (27), 20 states have call predecessors, (27), 21 states have call successors, (27) [2024-11-11 20:55:59,164 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 162 states to 162 states and 204 transitions. [2024-11-11 20:55:59,166 INFO L78 Accepts]: Start accepts. Automaton has 162 states and 204 transitions. Word has length 41 [2024-11-11 20:55:59,166 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:55:59,166 INFO L471 AbstractCegarLoop]: Abstraction has 162 states and 204 transitions. [2024-11-11 20:55:59,166 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:55:59,167 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 204 transitions. [2024-11-11 20:55:59,169 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-11 20:55:59,170 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:55:59,170 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:55:59,170 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-11 20:55:59,173 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:55:59,173 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:55:59,173 INFO L85 PathProgramCache]: Analyzing trace with hash -873577577, now seen corresponding path program 1 times [2024-11-11 20:55:59,173 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:55:59,173 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [276995628] [2024-11-11 20:55:59,174 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:55:59,174 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:55:59,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,216 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-11 20:55:59,217 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,223 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-11 20:55:59,225 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,228 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-11 20:55:59,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,231 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:55:59,232 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:55:59,232 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [276995628] [2024-11-11 20:55:59,232 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [276995628] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:55:59,233 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:55:59,233 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-11 20:55:59,233 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [864150443] [2024-11-11 20:55:59,234 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:55:59,234 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-11 20:55:59,234 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:55:59,235 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-11 20:55:59,235 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-11 20:55:59,235 INFO L87 Difference]: Start difference. First operand 162 states and 204 transitions. Second operand has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:55:59,341 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:55:59,342 INFO L93 Difference]: Finished difference Result 343 states and 432 transitions. [2024-11-11 20:55:59,342 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-11 20:55:59,342 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-11 20:55:59,344 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:55:59,345 INFO L225 Difference]: With dead ends: 343 [2024-11-11 20:55:59,346 INFO L226 Difference]: Without dead ends: 189 [2024-11-11 20:55:59,346 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:55:59,347 INFO L435 NwaCegarLoop]: 114 mSDtfsCounter, 90 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 75 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 97 SdHoareTripleChecker+Valid, 258 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 75 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:55:59,347 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [97 Valid, 258 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 75 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:55:59,348 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 189 states. [2024-11-11 20:55:59,370 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 189 to 185. [2024-11-11 20:55:59,372 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 185 states, 141 states have (on average 1.2553191489361701) internal successors, (177), 151 states have internal predecessors, (177), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (30), 24 states have call predecessors, (30), 23 states have call successors, (30) [2024-11-11 20:55:59,373 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 185 states to 185 states and 230 transitions. [2024-11-11 20:55:59,374 INFO L78 Accepts]: Start accepts. Automaton has 185 states and 230 transitions. Word has length 55 [2024-11-11 20:55:59,374 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:55:59,374 INFO L471 AbstractCegarLoop]: Abstraction has 185 states and 230 transitions. [2024-11-11 20:55:59,374 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:55:59,375 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 230 transitions. [2024-11-11 20:55:59,377 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-11 20:55:59,377 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:55:59,377 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:55:59,377 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-11 20:55:59,378 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:55:59,378 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:55:59,378 INFO L85 PathProgramCache]: Analyzing trace with hash 68722199, now seen corresponding path program 1 times [2024-11-11 20:55:59,378 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:55:59,378 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [831919311] [2024-11-11 20:55:59,378 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:55:59,379 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:55:59,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,457 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:55:59,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,463 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:55:59,465 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,486 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-11 20:55:59,488 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,489 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:55:59,491 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:55:59,491 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [831919311] [2024-11-11 20:55:59,491 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [831919311] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:55:59,491 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:55:59,491 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:55:59,491 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [269624926] [2024-11-11 20:55:59,491 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:55:59,492 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:55:59,492 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:55:59,492 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:55:59,493 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:55:59,493 INFO L87 Difference]: Start difference. First operand 185 states and 230 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:55:59,668 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:55:59,668 INFO L93 Difference]: Finished difference Result 501 states and 650 transitions. [2024-11-11 20:55:59,668 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:55:59,669 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-11 20:55:59,669 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:55:59,671 INFO L225 Difference]: With dead ends: 501 [2024-11-11 20:55:59,671 INFO L226 Difference]: Without dead ends: 324 [2024-11-11 20:55:59,672 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:55:59,675 INFO L435 NwaCegarLoop]: 87 mSDtfsCounter, 144 mSDsluCounter, 275 mSDsCounter, 0 mSdLazyCounter, 135 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 362 SdHoareTripleChecker+Invalid, 170 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:55:59,675 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 362 Invalid, 170 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 135 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:55:59,676 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 324 states. [2024-11-11 20:55:59,701 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 324 to 320. [2024-11-11 20:55:59,701 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 320 states, 245 states have (on average 1.2448979591836735) internal successors, (305), 259 states have internal predecessors, (305), 41 states have call successors, (41), 32 states have call predecessors, (41), 33 states have return successors, (55), 40 states have call predecessors, (55), 41 states have call successors, (55) [2024-11-11 20:55:59,703 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 320 states to 320 states and 401 transitions. [2024-11-11 20:55:59,704 INFO L78 Accepts]: Start accepts. Automaton has 320 states and 401 transitions. Word has length 52 [2024-11-11 20:55:59,704 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:55:59,704 INFO L471 AbstractCegarLoop]: Abstraction has 320 states and 401 transitions. [2024-11-11 20:55:59,704 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:55:59,704 INFO L276 IsEmpty]: Start isEmpty. Operand 320 states and 401 transitions. [2024-11-11 20:55:59,706 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-11 20:55:59,706 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:55:59,706 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:55:59,706 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-11 20:55:59,706 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:55:59,706 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:55:59,707 INFO L85 PathProgramCache]: Analyzing trace with hash -353979627, now seen corresponding path program 1 times [2024-11-11 20:55:59,707 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:55:59,707 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [67035041] [2024-11-11 20:55:59,707 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:55:59,707 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:55:59,719 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,770 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:55:59,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,777 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:55:59,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,815 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-11 20:55:59,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:55:59,819 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:55:59,819 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:55:59,819 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [67035041] [2024-11-11 20:55:59,819 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [67035041] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:55:59,819 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:55:59,820 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:55:59,820 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [278819167] [2024-11-11 20:55:59,821 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:55:59,821 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:55:59,821 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:55:59,821 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:55:59,822 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:55:59,822 INFO L87 Difference]: Start difference. First operand 320 states and 401 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:55:59,949 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:55:59,949 INFO L93 Difference]: Finished difference Result 640 states and 811 transitions. [2024-11-11 20:55:59,950 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-11 20:55:59,950 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-11 20:55:59,950 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:55:59,952 INFO L225 Difference]: With dead ends: 640 [2024-11-11 20:55:59,952 INFO L226 Difference]: Without dead ends: 328 [2024-11-11 20:55:59,953 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:55:59,954 INFO L435 NwaCegarLoop]: 88 mSDtfsCounter, 53 mSDsluCounter, 291 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 379 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:55:59,956 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [57 Valid, 379 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:55:59,957 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 328 states. [2024-11-11 20:55:59,976 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 328 to 326. [2024-11-11 20:55:59,977 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 326 states, 251 states have (on average 1.2390438247011952) internal successors, (311), 265 states have internal predecessors, (311), 41 states have call successors, (41), 32 states have call predecessors, (41), 33 states have return successors, (55), 40 states have call predecessors, (55), 41 states have call successors, (55) [2024-11-11 20:55:59,979 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 326 states to 326 states and 407 transitions. [2024-11-11 20:55:59,979 INFO L78 Accepts]: Start accepts. Automaton has 326 states and 407 transitions. Word has length 52 [2024-11-11 20:55:59,980 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:55:59,980 INFO L471 AbstractCegarLoop]: Abstraction has 326 states and 407 transitions. [2024-11-11 20:55:59,981 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:55:59,981 INFO L276 IsEmpty]: Start isEmpty. Operand 326 states and 407 transitions. [2024-11-11 20:55:59,981 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-11 20:55:59,982 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:55:59,982 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:55:59,982 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-11 20:55:59,982 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:55:59,982 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:55:59,982 INFO L85 PathProgramCache]: Analyzing trace with hash -2042923369, now seen corresponding path program 1 times [2024-11-11 20:55:59,982 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:55:59,983 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1332166737] [2024-11-11 20:55:59,983 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:55:59,983 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:55:59,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:00,024 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:00,026 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:00,029 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:56:00,031 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:00,049 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-11 20:56:00,050 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:00,051 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:00,051 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:00,052 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1332166737] [2024-11-11 20:56:00,052 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1332166737] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:00,052 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:00,052 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-11 20:56:00,052 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1214280352] [2024-11-11 20:56:00,052 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:00,052 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-11 20:56:00,052 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:00,053 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-11 20:56:00,053 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:56:00,053 INFO L87 Difference]: Start difference. First operand 326 states and 407 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:00,147 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:00,147 INFO L93 Difference]: Finished difference Result 598 states and 752 transitions. [2024-11-11 20:56:00,148 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-11 20:56:00,148 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-11 20:56:00,148 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:00,149 INFO L225 Difference]: With dead ends: 598 [2024-11-11 20:56:00,149 INFO L226 Difference]: Without dead ends: 280 [2024-11-11 20:56:00,150 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:00,151 INFO L435 NwaCegarLoop]: 86 mSDtfsCounter, 51 mSDsluCounter, 202 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 288 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:00,151 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 288 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:00,154 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 280 states. [2024-11-11 20:56:00,166 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 280 to 278. [2024-11-11 20:56:00,167 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 278 states, 214 states have (on average 1.219626168224299) internal successors, (261), 226 states have internal predecessors, (261), 35 states have call successors, (35), 27 states have call predecessors, (35), 28 states have return successors, (42), 34 states have call predecessors, (42), 35 states have call successors, (42) [2024-11-11 20:56:00,169 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 278 states to 278 states and 338 transitions. [2024-11-11 20:56:00,169 INFO L78 Accepts]: Start accepts. Automaton has 278 states and 338 transitions. Word has length 52 [2024-11-11 20:56:00,169 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:00,169 INFO L471 AbstractCegarLoop]: Abstraction has 278 states and 338 transitions. [2024-11-11 20:56:00,170 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:00,170 INFO L276 IsEmpty]: Start isEmpty. Operand 278 states and 338 transitions. [2024-11-11 20:56:00,171 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-11 20:56:00,171 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:00,171 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:00,171 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-11 20:56:00,171 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:00,172 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:00,172 INFO L85 PathProgramCache]: Analyzing trace with hash -1510613325, now seen corresponding path program 1 times [2024-11-11 20:56:00,172 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:00,172 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [129417720] [2024-11-11 20:56:00,172 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:00,172 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:00,183 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:00,318 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:00,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:00,323 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-11 20:56:00,324 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:00,330 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-11 20:56:00,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:00,343 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-11 20:56:00,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:00,345 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:00,345 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:00,345 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [129417720] [2024-11-11 20:56:00,345 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [129417720] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:00,345 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:00,346 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-11 20:56:00,346 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [882853744] [2024-11-11 20:56:00,346 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:00,346 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-11 20:56:00,346 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:00,346 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-11 20:56:00,347 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-11 20:56:00,347 INFO L87 Difference]: Start difference. First operand 278 states and 338 transitions. Second operand has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:00,865 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:00,865 INFO L93 Difference]: Finished difference Result 800 states and 1030 transitions. [2024-11-11 20:56:00,866 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-11 20:56:00,866 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2024-11-11 20:56:00,866 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:00,869 INFO L225 Difference]: With dead ends: 800 [2024-11-11 20:56:00,869 INFO L226 Difference]: Without dead ends: 618 [2024-11-11 20:56:00,870 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 148 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=170, Invalid=532, Unknown=0, NotChecked=0, Total=702 [2024-11-11 20:56:00,871 INFO L435 NwaCegarLoop]: 109 mSDtfsCounter, 531 mSDsluCounter, 450 mSDsCounter, 0 mSdLazyCounter, 455 mSolverCounterSat, 173 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 539 SdHoareTripleChecker+Valid, 559 SdHoareTripleChecker+Invalid, 628 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 173 IncrementalHoareTripleChecker+Valid, 455 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:00,871 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [539 Valid, 559 Invalid, 628 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [173 Valid, 455 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-11 20:56:00,872 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 618 states. [2024-11-11 20:56:00,899 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 618 to 590. [2024-11-11 20:56:00,900 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 590 states, 450 states have (on average 1.2066666666666668) internal successors, (543), 480 states have internal predecessors, (543), 75 states have call successors, (75), 57 states have call predecessors, (75), 64 states have return successors, (108), 73 states have call predecessors, (108), 75 states have call successors, (108) [2024-11-11 20:56:00,902 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 590 states to 590 states and 726 transitions. [2024-11-11 20:56:00,903 INFO L78 Accepts]: Start accepts. Automaton has 590 states and 726 transitions. Word has length 56 [2024-11-11 20:56:00,903 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:00,903 INFO L471 AbstractCegarLoop]: Abstraction has 590 states and 726 transitions. [2024-11-11 20:56:00,904 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:00,904 INFO L276 IsEmpty]: Start isEmpty. Operand 590 states and 726 transitions. [2024-11-11 20:56:00,905 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2024-11-11 20:56:00,905 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:00,905 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:00,905 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-11 20:56:00,905 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:00,906 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:00,906 INFO L85 PathProgramCache]: Analyzing trace with hash -1787594627, now seen corresponding path program 1 times [2024-11-11 20:56:00,906 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:00,906 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [559616280] [2024-11-11 20:56:00,906 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:00,906 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:00,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,016 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:01,017 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,029 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-11 20:56:01,032 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,045 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:01,046 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,053 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-11 20:56:01,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,058 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-11-11 20:56:01,059 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,069 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2024-11-11 20:56:01,070 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,071 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:01,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,072 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2024-11-11 20:56:01,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,074 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-11 20:56:01,074 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:01,074 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [559616280] [2024-11-11 20:56:01,074 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [559616280] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-11 20:56:01,074 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [393219365] [2024-11-11 20:56:01,074 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:01,075 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-11 20:56:01,075 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:01,076 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-11 20:56:01,077 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-11 20:56:01,149 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:01,151 INFO L256 TraceCheckSpWp]: Trace formula consists of 318 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-11 20:56:01,156 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-11 20:56:01,307 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:56:01,307 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-11 20:56:01,480 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-11 20:56:01,481 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [393219365] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-11 20:56:01,481 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-11 20:56:01,481 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-11-11 20:56:01,481 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [232102394] [2024-11-11 20:56:01,481 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-11 20:56:01,482 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-11 20:56:01,482 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:01,482 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-11 20:56:01,483 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-11-11 20:56:01,483 INFO L87 Difference]: Start difference. First operand 590 states and 726 transitions. Second operand has 16 states, 16 states have (on average 7.4375) internal successors, (119), 11 states have internal predecessors, (119), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-11 20:56:02,267 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:02,267 INFO L93 Difference]: Finished difference Result 1282 states and 1625 transitions. [2024-11-11 20:56:02,267 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2024-11-11 20:56:02,268 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.4375) internal successors, (119), 11 states have internal predecessors, (119), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 96 [2024-11-11 20:56:02,268 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:02,269 INFO L225 Difference]: With dead ends: 1282 [2024-11-11 20:56:02,269 INFO L226 Difference]: Without dead ends: 0 [2024-11-11 20:56:02,271 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 249 GetRequests, 208 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 334 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=277, Invalid=1205, Unknown=0, NotChecked=0, Total=1482 [2024-11-11 20:56:02,272 INFO L435 NwaCegarLoop]: 173 mSDtfsCounter, 339 mSDsluCounter, 1254 mSDsCounter, 0 mSdLazyCounter, 1065 mSolverCounterSat, 118 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 346 SdHoareTripleChecker+Valid, 1427 SdHoareTripleChecker+Invalid, 1183 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 118 IncrementalHoareTripleChecker+Valid, 1065 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:02,272 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [346 Valid, 1427 Invalid, 1183 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [118 Valid, 1065 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-11 20:56:02,272 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-11 20:56:02,273 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-11 20:56:02,273 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-11 20:56:02,273 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-11 20:56:02,273 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 96 [2024-11-11 20:56:02,273 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:02,273 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-11 20:56:02,274 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.4375) internal successors, (119), 11 states have internal predecessors, (119), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-11 20:56:02,274 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-11 20:56:02,274 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-11 20:56:02,276 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-11 20:56:02,290 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-11 20:56:02,476 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-11 20:56:02,479 INFO L421 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:02,481 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-11 20:56:04,936 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-11 20:56:04,948 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse0 .cse1) (and (= 2 ~waterLevel~0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse1))) [2024-11-11 20:56:04,961 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1) (and (= |old(~pumpRunning~0)| 0) .cse2))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-11 20:56:04,967 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= |old(~pumpRunning~0)| 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-11 20:56:04,972 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse2) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse1))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-11 20:56:04,982 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.11 08:56:04 BoogieIcfgContainer [2024-11-11 20:56:04,983 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-11 20:56:04,983 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-11 20:56:04,983 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-11 20:56:04,983 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-11 20:56:04,984 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:55:58" (3/4) ... [2024-11-11 20:56:04,985 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-11 20:56:04,988 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-11 20:56:04,988 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-11 20:56:04,989 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-11 20:56:04,989 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-11 20:56:04,989 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-11 20:56:04,989 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:04,989 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-11 20:56:04,989 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-11 20:56:04,993 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 20 nodes and edges [2024-11-11 20:56:04,994 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-11 20:56:04,994 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-11 20:56:04,994 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:04,994 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:05,068 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-11 20:56:05,068 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-11 20:56:05,068 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-11 20:56:05,069 INFO L158 Benchmark]: Toolchain (without parser) took 7808.36ms. Allocated memory was 169.9MB in the beginning and 205.5MB in the end (delta: 35.7MB). Free memory was 138.7MB in the beginning and 74.3MB in the end (delta: 64.3MB). Peak memory consumption was 100.9MB. Max. memory is 16.1GB. [2024-11-11 20:56:05,070 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 169.9MB. Free memory is still 137.8MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-11 20:56:05,070 INFO L158 Benchmark]: CACSL2BoogieTranslator took 389.29ms. Allocated memory is still 169.9MB. Free memory was 138.7MB in the beginning and 116.7MB in the end (delta: 21.9MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-11 20:56:05,071 INFO L158 Benchmark]: Boogie Procedure Inliner took 38.03ms. Allocated memory is still 169.9MB. Free memory was 116.7MB in the beginning and 114.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-11 20:56:05,071 INFO L158 Benchmark]: Boogie Preprocessor took 36.08ms. Allocated memory is still 169.9MB. Free memory was 114.7MB in the beginning and 112.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-11 20:56:05,071 INFO L158 Benchmark]: RCFGBuilder took 368.76ms. Allocated memory is still 169.9MB. Free memory was 112.6MB in the beginning and 125.3MB in the end (delta: -12.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-11 20:56:05,072 INFO L158 Benchmark]: TraceAbstraction took 6883.10ms. Allocated memory was 169.9MB in the beginning and 205.5MB in the end (delta: 35.7MB). Free memory was 124.2MB in the beginning and 81.7MB in the end (delta: 42.5MB). Peak memory consumption was 112.8MB. Max. memory is 16.1GB. [2024-11-11 20:56:05,072 INFO L158 Benchmark]: Witness Printer took 85.49ms. Allocated memory is still 205.5MB. Free memory was 81.7MB in the beginning and 74.3MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-11 20:56:05,073 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 169.9MB. Free memory is still 137.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 389.29ms. Allocated memory is still 169.9MB. Free memory was 138.7MB in the beginning and 116.7MB in the end (delta: 21.9MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 38.03ms. Allocated memory is still 169.9MB. Free memory was 116.7MB in the beginning and 114.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 36.08ms. Allocated memory is still 169.9MB. Free memory was 114.7MB in the beginning and 112.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 368.76ms. Allocated memory is still 169.9MB. Free memory was 112.6MB in the beginning and 125.3MB in the end (delta: -12.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * TraceAbstraction took 6883.10ms. Allocated memory was 169.9MB in the beginning and 205.5MB in the end (delta: 35.7MB). Free memory was 124.2MB in the beginning and 81.7MB in the end (delta: 42.5MB). Peak memory consumption was 112.8MB. Max. memory is 16.1GB. * Witness Printer took 85.49ms. Allocated memory is still 205.5MB. Free memory was 81.7MB in the beginning and 74.3MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 266]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] - GenericResultAtLocation [Line: 338]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] - GenericResultAtLocation [Line: 704]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] - GenericResultAtLocation [Line: 755]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] - GenericResultAtLocation [Line: 855]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] - GenericResultAtLocation [Line: 864]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] - GenericResultAtLocation [Line: 899]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 860]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 98 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.3s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1430 SdHoareTripleChecker+Valid, 1.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1388 mSDsluCounter, 4409 SdHoareTripleChecker+Invalid, 1.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3312 mSDsCounter, 381 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2020 IncrementalHoareTripleChecker+Invalid, 2401 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 381 mSolverCounterUnsat, 1097 mSDtfsCounter, 2020 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 378 GetRequests, 277 SyntacticMatches, 4 SemanticMatches, 97 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 493 ImplicationChecksByTransitivity, 0.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=590occurred in iteration=9, InterpolantAutomatonStates: 92, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 44 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 603 NumberOfCodeBlocks, 603 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 687 ConstructedInterpolants, 0 QuantifiedInterpolants, 1255 SizeOfPredicates, 2 NumberOfNonLiveVariables, 318 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 103/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 279]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 280]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) || (((((1 <= pumpRunning) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 != systemActive))) - InvariantResult [Line: 767]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 160]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((2 == waterLevel) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && ((((((systemActive == \old(systemActive)) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 926]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 757]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((1 <= \old(pumpRunning)) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && (((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) && (\old(waterLevel) == 2)))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && ((((((systemActive == \old(systemActive)) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 914]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((pumpRunning == 0) && (\old(waterLevel) <= 2))) || ((((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive))) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 179]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) || ((pumpRunning == 0) && (waterLevel <= 2))) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) && (pumpRunning == \result)) && ((\result == 0) || (0 != systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-11 20:56:05,102 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE