./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8be7027f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 7bcd24ea8f621c8db79e853f5aaf064ffcae573e6c1e9f03eb1f84bb0c15fc3c --- Real Ultimate output --- This is Ultimate 0.2.5-wip.dk.perfect-tracechecks-8be7027-m [2024-11-11 20:56:13,950 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-11 20:56:14,029 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-11 20:56:14,035 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-11 20:56:14,035 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-11 20:56:14,065 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-11 20:56:14,066 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-11 20:56:14,066 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-11 20:56:14,067 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-11 20:56:14,067 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-11 20:56:14,067 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-11 20:56:14,068 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-11 20:56:14,068 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-11 20:56:14,069 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-11 20:56:14,069 INFO L153 SettingsManager]: * Use SBE=true [2024-11-11 20:56:14,069 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-11 20:56:14,070 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-11 20:56:14,070 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-11 20:56:14,071 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-11 20:56:14,071 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-11 20:56:14,071 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-11 20:56:14,075 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-11 20:56:14,075 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-11 20:56:14,076 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-11 20:56:14,076 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-11 20:56:14,076 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-11 20:56:14,076 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-11 20:56:14,077 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-11 20:56:14,077 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-11 20:56:14,077 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-11 20:56:14,077 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-11 20:56:14,078 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-11 20:56:14,078 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:56:14,082 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-11 20:56:14,083 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-11 20:56:14,083 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-11 20:56:14,083 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-11 20:56:14,083 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-11 20:56:14,084 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-11 20:56:14,084 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-11 20:56:14,084 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-11 20:56:14,085 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-11 20:56:14,085 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 7bcd24ea8f621c8db79e853f5aaf064ffcae573e6c1e9f03eb1f84bb0c15fc3c [2024-11-11 20:56:14,361 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-11 20:56:14,383 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-11 20:56:14,387 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-11 20:56:14,388 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-11 20:56:14,388 INFO L274 PluginConnector]: CDTParser initialized [2024-11-11 20:56:14,390 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c [2024-11-11 20:56:15,918 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-11 20:56:16,169 INFO L384 CDTParser]: Found 1 translation units. [2024-11-11 20:56:16,169 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c [2024-11-11 20:56:16,183 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/d23a91f06/5d8e0ff552ef4ad6a9949441d51afe91/FLAG0915afeb4 [2024-11-11 20:56:16,196 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/d23a91f06/5d8e0ff552ef4ad6a9949441d51afe91 [2024-11-11 20:56:16,198 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-11 20:56:16,199 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-11 20:56:16,200 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-11 20:56:16,201 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-11 20:56:16,205 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-11 20:56:16,206 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,207 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@71f72271 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16, skipping insertion in model container [2024-11-11 20:56:16,207 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,254 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-11 20:56:16,485 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c[8146,8159] [2024-11-11 20:56:16,571 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:56:16,585 INFO L200 MainTranslator]: Completed pre-run [2024-11-11 20:56:16,597 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-11 20:56:16,599 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [160] [2024-11-11 20:56:16,599 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [418] [2024-11-11 20:56:16,600 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [488] [2024-11-11 20:56:16,600 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [526] [2024-11-11 20:56:16,600 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [535] [2024-11-11 20:56:16,600 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [584] [2024-11-11 20:56:16,600 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [950] [2024-11-11 20:56:16,630 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c[8146,8159] [2024-11-11 20:56:16,665 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:56:16,695 INFO L204 MainTranslator]: Completed translation [2024-11-11 20:56:16,695 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16 WrapperNode [2024-11-11 20:56:16,695 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-11 20:56:16,697 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-11 20:56:16,697 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-11 20:56:16,697 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-11 20:56:16,704 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,720 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,753 INFO L138 Inliner]: procedures = 60, calls = 108, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 241 [2024-11-11 20:56:16,754 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-11 20:56:16,755 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-11 20:56:16,755 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-11 20:56:16,755 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-11 20:56:16,771 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,771 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,774 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,801 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-11 20:56:16,801 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,801 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,807 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,811 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,813 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,814 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,817 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-11 20:56:16,818 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-11 20:56:16,818 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-11 20:56:16,818 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-11 20:56:16,819 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (1/1) ... [2024-11-11 20:56:16,828 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:56:16,846 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:16,865 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-11 20:56:16,869 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-11 20:56:16,922 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-11 20:56:16,922 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-11 20:56:16,922 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-11 20:56:16,923 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-11 20:56:16,923 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-11 20:56:16,923 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-11 20:56:16,923 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-11 20:56:16,923 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:16,923 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:16,924 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-11 20:56:16,924 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-11 20:56:16,924 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-11 20:56:16,925 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-11 20:56:16,925 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-11 20:56:16,925 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-11 20:56:16,926 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-11 20:56:16,926 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-11 20:56:16,927 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-11 20:56:16,927 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-11 20:56:16,927 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-11 20:56:16,927 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-11 20:56:16,928 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-11 20:56:17,002 INFO L238 CfgBuilder]: Building ICFG [2024-11-11 20:56:17,004 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-11 20:56:17,376 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-11 20:56:17,377 INFO L287 CfgBuilder]: Performing block encoding [2024-11-11 20:56:17,401 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-11 20:56:17,402 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-11 20:56:17,402 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:17 BoogieIcfgContainer [2024-11-11 20:56:17,402 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-11 20:56:17,406 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-11 20:56:17,406 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-11 20:56:17,409 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-11 20:56:17,410 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.11 08:56:16" (1/3) ... [2024-11-11 20:56:17,411 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@621b88bb and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:56:17, skipping insertion in model container [2024-11-11 20:56:17,411 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:16" (2/3) ... [2024-11-11 20:56:17,412 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@621b88bb and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:56:17, skipping insertion in model container [2024-11-11 20:56:17,413 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:17" (3/3) ... [2024-11-11 20:56:17,415 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product56.cil.c [2024-11-11 20:56:17,431 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-11 20:56:17,431 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-11 20:56:17,485 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-11 20:56:17,492 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4b4be61e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-11 20:56:17,492 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-11 20:56:17,497 INFO L276 IsEmpty]: Start isEmpty. Operand has 110 states, 82 states have (on average 1.3658536585365855) internal successors, (112), 93 states have internal predecessors, (112), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-11 20:56:17,507 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-11 20:56:17,507 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:17,508 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:17,509 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:17,515 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:17,516 INFO L85 PathProgramCache]: Analyzing trace with hash 2077500872, now seen corresponding path program 1 times [2024-11-11 20:56:17,525 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:17,525 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1845175357] [2024-11-11 20:56:17,526 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:17,526 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:17,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:17,760 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-11 20:56:17,763 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:17,773 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-11 20:56:17,776 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:17,784 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:17,789 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:17,789 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1845175357] [2024-11-11 20:56:17,790 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1845175357] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:17,791 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:17,791 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-11 20:56:17,793 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1456255543] [2024-11-11 20:56:17,794 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:17,799 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-11 20:56:17,799 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:17,826 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-11 20:56:17,827 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:56:17,831 INFO L87 Difference]: Start difference. First operand has 110 states, 82 states have (on average 1.3658536585365855) internal successors, (112), 93 states have internal predecessors, (112), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:17,917 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:17,919 INFO L93 Difference]: Finished difference Result 211 states and 286 transitions. [2024-11-11 20:56:17,920 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-11 20:56:17,922 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-11 20:56:17,922 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:17,959 INFO L225 Difference]: With dead ends: 211 [2024-11-11 20:56:17,959 INFO L226 Difference]: Without dead ends: 101 [2024-11-11 20:56:17,964 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:56:17,970 INFO L435 NwaCegarLoop]: 140 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 140 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:17,971 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:17,987 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2024-11-11 20:56:18,021 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 101. [2024-11-11 20:56:18,022 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 75 states have (on average 1.3066666666666666) internal successors, (98), 85 states have internal predecessors, (98), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-11 20:56:18,025 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 131 transitions. [2024-11-11 20:56:18,027 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 131 transitions. Word has length 32 [2024-11-11 20:56:18,028 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:18,028 INFO L471 AbstractCegarLoop]: Abstraction has 101 states and 131 transitions. [2024-11-11 20:56:18,028 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:18,029 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 131 transitions. [2024-11-11 20:56:18,031 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-11 20:56:18,032 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:18,032 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:18,032 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-11 20:56:18,033 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:18,033 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:18,034 INFO L85 PathProgramCache]: Analyzing trace with hash 604529845, now seen corresponding path program 1 times [2024-11-11 20:56:18,034 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:18,035 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2039036123] [2024-11-11 20:56:18,035 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:18,035 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:18,064 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:18,186 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-11 20:56:18,191 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:18,194 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-11 20:56:18,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:18,203 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:18,204 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:18,204 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2039036123] [2024-11-11 20:56:18,208 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2039036123] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:18,209 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:18,209 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:18,209 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1262405255] [2024-11-11 20:56:18,209 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:18,210 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:18,211 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:18,211 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:18,212 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:18,212 INFO L87 Difference]: Start difference. First operand 101 states and 131 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:18,242 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:18,244 INFO L93 Difference]: Finished difference Result 162 states and 210 transitions. [2024-11-11 20:56:18,244 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:18,245 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-11 20:56:18,246 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:18,249 INFO L225 Difference]: With dead ends: 162 [2024-11-11 20:56:18,251 INFO L226 Difference]: Without dead ends: 92 [2024-11-11 20:56:18,252 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:18,253 INFO L435 NwaCegarLoop]: 118 mSDtfsCounter, 17 mSDsluCounter, 96 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:18,255 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 214 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:18,256 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 92 states. [2024-11-11 20:56:18,272 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 92 to 92. [2024-11-11 20:56:18,273 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 92 states, 69 states have (on average 1.318840579710145) internal successors, (91), 79 states have internal predecessors, (91), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-11 20:56:18,276 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 92 states to 92 states and 119 transitions. [2024-11-11 20:56:18,277 INFO L78 Accepts]: Start accepts. Automaton has 92 states and 119 transitions. Word has length 33 [2024-11-11 20:56:18,277 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:18,277 INFO L471 AbstractCegarLoop]: Abstraction has 92 states and 119 transitions. [2024-11-11 20:56:18,278 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:18,278 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 119 transitions. [2024-11-11 20:56:18,279 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-11 20:56:18,283 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:18,283 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:18,284 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-11 20:56:18,284 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:18,285 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:18,285 INFO L85 PathProgramCache]: Analyzing trace with hash -1594505260, now seen corresponding path program 1 times [2024-11-11 20:56:18,285 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:18,285 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [502492598] [2024-11-11 20:56:18,286 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:18,286 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:18,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:18,397 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:18,399 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:18,404 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-11 20:56:18,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:18,409 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:18,411 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:18,411 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [502492598] [2024-11-11 20:56:18,411 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [502492598] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:18,412 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:18,412 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:18,412 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1574219179] [2024-11-11 20:56:18,413 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:18,413 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:18,414 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:18,414 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:18,415 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:18,416 INFO L87 Difference]: Start difference. First operand 92 states and 119 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:18,458 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:18,458 INFO L93 Difference]: Finished difference Result 258 states and 340 transitions. [2024-11-11 20:56:18,459 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:18,459 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-11 20:56:18,461 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:18,463 INFO L225 Difference]: With dead ends: 258 [2024-11-11 20:56:18,463 INFO L226 Difference]: Without dead ends: 174 [2024-11-11 20:56:18,467 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:18,468 INFO L435 NwaCegarLoop]: 135 mSDtfsCounter, 107 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 107 SdHoareTripleChecker+Valid, 241 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:18,472 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [107 Valid, 241 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:18,473 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 174 states. [2024-11-11 20:56:18,498 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 174 to 171. [2024-11-11 20:56:18,499 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 171 states, 126 states have (on average 1.3412698412698412) internal successors, (169), 145 states have internal predecessors, (169), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2024-11-11 20:56:18,502 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 171 states to 171 states and 225 transitions. [2024-11-11 20:56:18,503 INFO L78 Accepts]: Start accepts. Automaton has 171 states and 225 transitions. Word has length 38 [2024-11-11 20:56:18,505 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:18,505 INFO L471 AbstractCegarLoop]: Abstraction has 171 states and 225 transitions. [2024-11-11 20:56:18,506 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:18,506 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 225 transitions. [2024-11-11 20:56:18,508 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-11 20:56:18,509 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:18,509 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:18,509 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-11 20:56:18,509 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:18,510 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:18,514 INFO L85 PathProgramCache]: Analyzing trace with hash -969732780, now seen corresponding path program 1 times [2024-11-11 20:56:18,514 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:18,515 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [71266031] [2024-11-11 20:56:18,515 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:18,515 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:18,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:18,639 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-11 20:56:18,641 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:18,645 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-11 20:56:18,647 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:18,670 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-11 20:56:18,670 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:18,671 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [71266031] [2024-11-11 20:56:18,671 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [71266031] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:18,671 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:18,671 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:56:18,671 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [874087564] [2024-11-11 20:56:18,671 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:18,672 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:56:18,672 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:18,672 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:56:18,673 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:56:18,673 INFO L87 Difference]: Start difference. First operand 171 states and 225 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:18,864 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:18,865 INFO L93 Difference]: Finished difference Result 433 states and 586 transitions. [2024-11-11 20:56:18,865 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:56:18,865 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-11-11 20:56:18,866 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:18,871 INFO L225 Difference]: With dead ends: 433 [2024-11-11 20:56:18,871 INFO L226 Difference]: Without dead ends: 270 [2024-11-11 20:56:18,873 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:56:18,874 INFO L435 NwaCegarLoop]: 120 mSDtfsCounter, 79 mSDsluCounter, 397 mSDsCounter, 0 mSdLazyCounter, 78 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 517 SdHoareTripleChecker+Invalid, 89 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 78 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:18,878 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [81 Valid, 517 Invalid, 89 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 78 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:18,879 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 270 states. [2024-11-11 20:56:18,921 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 270 to 269. [2024-11-11 20:56:18,922 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 269 states, 200 states have (on average 1.29) internal successors, (258), 217 states have internal predecessors, (258), 38 states have call successors, (38), 30 states have call predecessors, (38), 30 states have return successors, (50), 33 states have call predecessors, (50), 38 states have call successors, (50) [2024-11-11 20:56:18,927 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 269 states to 269 states and 346 transitions. [2024-11-11 20:56:18,928 INFO L78 Accepts]: Start accepts. Automaton has 269 states and 346 transitions. Word has length 41 [2024-11-11 20:56:18,928 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:18,928 INFO L471 AbstractCegarLoop]: Abstraction has 269 states and 346 transitions. [2024-11-11 20:56:18,929 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:18,929 INFO L276 IsEmpty]: Start isEmpty. Operand 269 states and 346 transitions. [2024-11-11 20:56:18,931 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-11 20:56:18,931 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:18,931 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:18,932 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-11 20:56:18,932 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:18,932 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:18,933 INFO L85 PathProgramCache]: Analyzing trace with hash -1724941251, now seen corresponding path program 1 times [2024-11-11 20:56:18,933 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:18,933 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1353678270] [2024-11-11 20:56:18,933 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:18,933 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:18,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,058 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:19,061 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,069 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:56:19,075 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,096 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:19,101 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,129 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-11 20:56:19,131 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,135 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:19,135 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:19,135 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1353678270] [2024-11-11 20:56:19,135 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1353678270] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:19,135 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:19,135 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:56:19,136 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [991350533] [2024-11-11 20:56:19,136 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:19,136 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:56:19,136 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:19,137 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:56:19,137 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:56:19,137 INFO L87 Difference]: Start difference. First operand 269 states and 346 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:19,412 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:19,412 INFO L93 Difference]: Finished difference Result 799 states and 1074 transitions. [2024-11-11 20:56:19,415 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:56:19,415 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 57 [2024-11-11 20:56:19,415 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:19,421 INFO L225 Difference]: With dead ends: 799 [2024-11-11 20:56:19,421 INFO L226 Difference]: Without dead ends: 538 [2024-11-11 20:56:19,424 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:56:19,426 INFO L435 NwaCegarLoop]: 101 mSDtfsCounter, 162 mSDsluCounter, 319 mSDsCounter, 0 mSdLazyCounter, 157 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 168 SdHoareTripleChecker+Valid, 420 SdHoareTripleChecker+Invalid, 198 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 157 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:19,429 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [168 Valid, 420 Invalid, 198 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 157 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-11 20:56:19,431 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 538 states. [2024-11-11 20:56:19,491 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 538 to 529. [2024-11-11 20:56:19,492 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 529 states, 396 states have (on average 1.2575757575757576) internal successors, (498), 418 states have internal predecessors, (498), 69 states have call successors, (69), 53 states have call predecessors, (69), 63 states have return successors, (107), 72 states have call predecessors, (107), 69 states have call successors, (107) [2024-11-11 20:56:19,496 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 529 states to 529 states and 674 transitions. [2024-11-11 20:56:19,497 INFO L78 Accepts]: Start accepts. Automaton has 529 states and 674 transitions. Word has length 57 [2024-11-11 20:56:19,497 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:19,497 INFO L471 AbstractCegarLoop]: Abstraction has 529 states and 674 transitions. [2024-11-11 20:56:19,497 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:19,498 INFO L276 IsEmpty]: Start isEmpty. Operand 529 states and 674 transitions. [2024-11-11 20:56:19,499 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-11 20:56:19,500 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:19,500 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:19,500 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-11 20:56:19,500 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:19,501 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:19,501 INFO L85 PathProgramCache]: Analyzing trace with hash 80497083, now seen corresponding path program 1 times [2024-11-11 20:56:19,501 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:19,501 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [220660742] [2024-11-11 20:56:19,501 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:19,502 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:19,514 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,557 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:19,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,567 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:56:19,571 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,580 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:19,591 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,621 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-11 20:56:19,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,625 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:19,625 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:19,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [220660742] [2024-11-11 20:56:19,625 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [220660742] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:19,626 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:19,626 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:56:19,626 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1503329688] [2024-11-11 20:56:19,626 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:19,626 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:56:19,627 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:19,627 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:56:19,627 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:56:19,627 INFO L87 Difference]: Start difference. First operand 529 states and 674 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-11 20:56:19,811 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:19,812 INFO L93 Difference]: Finished difference Result 1064 states and 1379 transitions. [2024-11-11 20:56:19,812 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-11 20:56:19,813 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 57 [2024-11-11 20:56:19,813 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:19,816 INFO L225 Difference]: With dead ends: 1064 [2024-11-11 20:56:19,816 INFO L226 Difference]: Without dead ends: 543 [2024-11-11 20:56:19,818 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:56:19,819 INFO L435 NwaCegarLoop]: 103 mSDtfsCounter, 64 mSDsluCounter, 337 mSDsCounter, 0 mSdLazyCounter, 139 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 440 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 139 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:19,819 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 440 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 139 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:19,820 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 543 states. [2024-11-11 20:56:19,855 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 543 to 541. [2024-11-11 20:56:19,856 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 541 states, 408 states have (on average 1.25) internal successors, (510), 430 states have internal predecessors, (510), 69 states have call successors, (69), 53 states have call predecessors, (69), 63 states have return successors, (107), 72 states have call predecessors, (107), 69 states have call successors, (107) [2024-11-11 20:56:19,859 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 541 states to 541 states and 686 transitions. [2024-11-11 20:56:19,860 INFO L78 Accepts]: Start accepts. Automaton has 541 states and 686 transitions. Word has length 57 [2024-11-11 20:56:19,861 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:19,861 INFO L471 AbstractCegarLoop]: Abstraction has 541 states and 686 transitions. [2024-11-11 20:56:19,861 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-11 20:56:19,861 INFO L276 IsEmpty]: Start isEmpty. Operand 541 states and 686 transitions. [2024-11-11 20:56:19,863 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-11 20:56:19,863 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:19,863 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:19,863 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-11 20:56:19,863 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:19,864 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:19,864 INFO L85 PathProgramCache]: Analyzing trace with hash 503198909, now seen corresponding path program 1 times [2024-11-11 20:56:19,864 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:19,864 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1438451604] [2024-11-11 20:56:19,864 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:19,865 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:19,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,911 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:19,913 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,918 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:56:19,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,933 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:19,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,964 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-11 20:56:19,966 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,967 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:19,968 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:19,968 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1438451604] [2024-11-11 20:56:19,968 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1438451604] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:19,968 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:19,968 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:56:19,969 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [813320966] [2024-11-11 20:56:19,969 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:19,970 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:56:19,970 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:19,971 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:56:19,971 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:56:19,972 INFO L87 Difference]: Start difference. First operand 541 states and 686 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:20,250 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:20,251 INFO L93 Difference]: Finished difference Result 990 states and 1276 transitions. [2024-11-11 20:56:20,251 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-11 20:56:20,252 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 57 [2024-11-11 20:56:20,252 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:20,255 INFO L225 Difference]: With dead ends: 990 [2024-11-11 20:56:20,255 INFO L226 Difference]: Without dead ends: 457 [2024-11-11 20:56:20,259 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-11-11 20:56:20,260 INFO L435 NwaCegarLoop]: 106 mSDtfsCounter, 217 mSDsluCounter, 326 mSDsCounter, 0 mSdLazyCounter, 154 mSolverCounterSat, 53 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 225 SdHoareTripleChecker+Valid, 432 SdHoareTripleChecker+Invalid, 207 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 53 IncrementalHoareTripleChecker+Valid, 154 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:20,260 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [225 Valid, 432 Invalid, 207 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [53 Valid, 154 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-11 20:56:20,262 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 457 states. [2024-11-11 20:56:20,291 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 457 to 447. [2024-11-11 20:56:20,292 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 447 states, 336 states have (on average 1.2291666666666667) internal successors, (413), 355 states have internal predecessors, (413), 58 states have call successors, (58), 44 states have call predecessors, (58), 52 states have return successors, (80), 59 states have call predecessors, (80), 58 states have call successors, (80) [2024-11-11 20:56:20,294 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 447 states to 447 states and 551 transitions. [2024-11-11 20:56:20,295 INFO L78 Accepts]: Start accepts. Automaton has 447 states and 551 transitions. Word has length 57 [2024-11-11 20:56:20,296 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:20,296 INFO L471 AbstractCegarLoop]: Abstraction has 447 states and 551 transitions. [2024-11-11 20:56:20,296 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:20,296 INFO L276 IsEmpty]: Start isEmpty. Operand 447 states and 551 transitions. [2024-11-11 20:56:20,297 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2024-11-11 20:56:20,297 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:20,298 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:20,299 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-11 20:56:20,300 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:20,300 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:20,300 INFO L85 PathProgramCache]: Analyzing trace with hash 924671973, now seen corresponding path program 1 times [2024-11-11 20:56:20,301 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:20,301 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [384598211] [2024-11-11 20:56:20,301 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:20,301 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:20,317 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,467 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:20,469 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,530 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-11 20:56:20,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,544 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-11 20:56:20,547 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,555 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:20,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,566 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2024-11-11 20:56:20,567 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,572 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:20,573 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:20,573 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [384598211] [2024-11-11 20:56:20,573 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [384598211] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:20,573 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:20,573 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-11 20:56:20,573 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [584666444] [2024-11-11 20:56:20,573 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:20,573 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-11 20:56:20,574 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:20,574 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-11 20:56:20,575 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:56:20,575 INFO L87 Difference]: Start difference. First operand 447 states and 551 transitions. Second operand has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-11 20:56:21,287 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:21,287 INFO L93 Difference]: Finished difference Result 1394 states and 1809 transitions. [2024-11-11 20:56:21,288 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-11 20:56:21,288 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 61 [2024-11-11 20:56:21,288 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:21,294 INFO L225 Difference]: With dead ends: 1394 [2024-11-11 20:56:21,294 INFO L226 Difference]: Without dead ends: 1069 [2024-11-11 20:56:21,296 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 67 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=101, Invalid=319, Unknown=0, NotChecked=0, Total=420 [2024-11-11 20:56:21,297 INFO L435 NwaCegarLoop]: 111 mSDtfsCounter, 515 mSDsluCounter, 472 mSDsCounter, 0 mSdLazyCounter, 558 mSolverCounterSat, 171 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 522 SdHoareTripleChecker+Valid, 583 SdHoareTripleChecker+Invalid, 729 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 171 IncrementalHoareTripleChecker+Valid, 558 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:21,297 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [522 Valid, 583 Invalid, 729 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [171 Valid, 558 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-11 20:56:21,299 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1069 states. [2024-11-11 20:56:21,363 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1069 to 982. [2024-11-11 20:56:21,365 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 982 states, 733 states have (on average 1.223738062755798) internal successors, (897), 783 states have internal predecessors, (897), 131 states have call successors, (131), 95 states have call predecessors, (131), 117 states have return successors, (187), 129 states have call predecessors, (187), 131 states have call successors, (187) [2024-11-11 20:56:21,369 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 982 states to 982 states and 1215 transitions. [2024-11-11 20:56:21,371 INFO L78 Accepts]: Start accepts. Automaton has 982 states and 1215 transitions. Word has length 61 [2024-11-11 20:56:21,372 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:21,372 INFO L471 AbstractCegarLoop]: Abstraction has 982 states and 1215 transitions. [2024-11-11 20:56:21,372 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-11 20:56:21,372 INFO L276 IsEmpty]: Start isEmpty. Operand 982 states and 1215 transitions. [2024-11-11 20:56:21,374 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2024-11-11 20:56:21,375 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:21,376 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:21,376 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-11 20:56:21,376 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:21,377 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:21,377 INFO L85 PathProgramCache]: Analyzing trace with hash 798113011, now seen corresponding path program 1 times [2024-11-11 20:56:21,377 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:21,377 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1255170454] [2024-11-11 20:56:21,377 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:21,377 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:21,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,434 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:21,435 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,444 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-11 20:56:21,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,479 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:21,481 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,488 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-11 20:56:21,490 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,494 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:21,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,500 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2024-11-11 20:56:21,504 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,505 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 83 [2024-11-11 20:56:21,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,509 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-11 20:56:21,509 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:21,509 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1255170454] [2024-11-11 20:56:21,509 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1255170454] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:21,509 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:21,509 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-11 20:56:21,509 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1847119059] [2024-11-11 20:56:21,510 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:21,511 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-11 20:56:21,511 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:21,512 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-11 20:56:21,512 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:21,512 INFO L87 Difference]: Start difference. First operand 982 states and 1215 transitions. Second operand has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-11 20:56:21,901 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:21,901 INFO L93 Difference]: Finished difference Result 1670 states and 2060 transitions. [2024-11-11 20:56:21,901 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-11 20:56:21,902 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 91 [2024-11-11 20:56:21,902 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:21,906 INFO L225 Difference]: With dead ends: 1670 [2024-11-11 20:56:21,907 INFO L226 Difference]: Without dead ends: 696 [2024-11-11 20:56:21,909 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 19 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-11-11 20:56:21,911 INFO L435 NwaCegarLoop]: 114 mSDtfsCounter, 313 mSDsluCounter, 230 mSDsCounter, 0 mSdLazyCounter, 275 mSolverCounterSat, 95 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 322 SdHoareTripleChecker+Valid, 344 SdHoareTripleChecker+Invalid, 370 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 95 IncrementalHoareTripleChecker+Valid, 275 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:21,911 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [322 Valid, 344 Invalid, 370 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [95 Valid, 275 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-11 20:56:21,913 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 696 states. [2024-11-11 20:56:21,953 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 696 to 645. [2024-11-11 20:56:21,954 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 645 states, 486 states have (on average 1.2119341563786008) internal successors, (589), 519 states have internal predecessors, (589), 84 states have call successors, (84), 63 states have call predecessors, (84), 74 states have return successors, (112), 83 states have call predecessors, (112), 84 states have call successors, (112) [2024-11-11 20:56:21,956 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 645 states to 645 states and 785 transitions. [2024-11-11 20:56:21,958 INFO L78 Accepts]: Start accepts. Automaton has 645 states and 785 transitions. Word has length 91 [2024-11-11 20:56:21,958 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:21,958 INFO L471 AbstractCegarLoop]: Abstraction has 645 states and 785 transitions. [2024-11-11 20:56:21,959 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-11 20:56:21,959 INFO L276 IsEmpty]: Start isEmpty. Operand 645 states and 785 transitions. [2024-11-11 20:56:21,960 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2024-11-11 20:56:21,960 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:21,961 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:21,961 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-11 20:56:21,961 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:21,961 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:21,962 INFO L85 PathProgramCache]: Analyzing trace with hash -726468575, now seen corresponding path program 1 times [2024-11-11 20:56:21,962 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:21,962 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1036468547] [2024-11-11 20:56:21,962 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:21,962 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:21,984 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,104 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:22,105 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,118 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-11 20:56:22,122 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,137 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:22,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,148 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-11 20:56:22,151 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,158 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:22,161 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,167 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-11-11 20:56:22,168 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,180 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2024-11-11 20:56:22,183 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,187 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-11 20:56:22,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,189 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:22,189 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,190 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 103 [2024-11-11 20:56:22,191 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,192 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 16 proven. 13 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-11 20:56:22,193 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:22,193 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1036468547] [2024-11-11 20:56:22,193 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1036468547] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-11 20:56:22,193 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1552204343] [2024-11-11 20:56:22,193 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:22,193 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-11 20:56:22,194 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:22,195 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-11 20:56:22,197 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-11 20:56:22,317 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,320 INFO L256 TraceCheckSpWp]: Trace formula consists of 358 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-11 20:56:22,327 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-11 20:56:22,504 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 27 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:56:22,505 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-11 20:56:22,740 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 10 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-11 20:56:22,741 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1552204343] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-11 20:56:22,741 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-11 20:56:22,741 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-11 20:56:22,741 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [645861584] [2024-11-11 20:56:22,741 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-11 20:56:22,742 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-11 20:56:22,742 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:22,743 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-11 20:56:22,743 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-11-11 20:56:22,743 INFO L87 Difference]: Start difference. First operand 645 states and 785 transitions. Second operand has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) [2024-11-11 20:56:24,257 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:24,257 INFO L93 Difference]: Finished difference Result 1496 states and 1879 transitions. [2024-11-11 20:56:24,258 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 51 states. [2024-11-11 20:56:24,258 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) Word has length 111 [2024-11-11 20:56:24,259 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:24,264 INFO L225 Difference]: With dead ends: 1496 [2024-11-11 20:56:24,265 INFO L226 Difference]: Without dead ends: 948 [2024-11-11 20:56:24,268 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 310 GetRequests, 250 SyntacticMatches, 4 SemanticMatches, 56 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1010 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=660, Invalid=2646, Unknown=0, NotChecked=0, Total=3306 [2024-11-11 20:56:24,269 INFO L435 NwaCegarLoop]: 186 mSDtfsCounter, 528 mSDsluCounter, 1068 mSDsCounter, 0 mSdLazyCounter, 1123 mSolverCounterSat, 186 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 536 SdHoareTripleChecker+Valid, 1254 SdHoareTripleChecker+Invalid, 1309 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 186 IncrementalHoareTripleChecker+Valid, 1123 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:24,269 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [536 Valid, 1254 Invalid, 1309 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [186 Valid, 1123 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-11 20:56:24,270 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 948 states. [2024-11-11 20:56:24,324 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 948 to 766. [2024-11-11 20:56:24,326 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 766 states, 572 states have (on average 1.1923076923076923) internal successors, (682), 615 states have internal predecessors, (682), 103 states have call successors, (103), 84 states have call predecessors, (103), 90 states have return successors, (126), 95 states have call predecessors, (126), 103 states have call successors, (126) [2024-11-11 20:56:24,329 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 766 states to 766 states and 911 transitions. [2024-11-11 20:56:24,330 INFO L78 Accepts]: Start accepts. Automaton has 766 states and 911 transitions. Word has length 111 [2024-11-11 20:56:24,330 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:24,330 INFO L471 AbstractCegarLoop]: Abstraction has 766 states and 911 transitions. [2024-11-11 20:56:24,331 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) [2024-11-11 20:56:24,331 INFO L276 IsEmpty]: Start isEmpty. Operand 766 states and 911 transitions. [2024-11-11 20:56:24,334 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 192 [2024-11-11 20:56:24,334 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:24,334 INFO L218 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:24,353 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-11 20:56:24,535 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-11 20:56:24,536 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:24,536 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:24,536 INFO L85 PathProgramCache]: Analyzing trace with hash 605285009, now seen corresponding path program 1 times [2024-11-11 20:56:24,536 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:24,536 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1390859523] [2024-11-11 20:56:24,537 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:24,537 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:24,557 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,782 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:24,783 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,791 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-11 20:56:24,813 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,836 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:24,837 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,844 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-11 20:56:24,846 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,848 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:24,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,851 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 65 [2024-11-11 20:56:24,856 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,905 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:24,907 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,908 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-11 20:56:24,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,916 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-11 20:56:24,916 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,917 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:24,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,919 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 115 [2024-11-11 20:56:24,924 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,954 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:24,956 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,957 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-11 20:56:24,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,962 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 153 [2024-11-11 20:56:24,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,964 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 162 [2024-11-11 20:56:24,967 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,980 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:24,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,987 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 183 [2024-11-11 20:56:24,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,990 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 89 proven. 45 refuted. 0 times theorem prover too weak. 69 trivial. 0 not checked. [2024-11-11 20:56:24,990 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:24,990 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1390859523] [2024-11-11 20:56:24,990 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1390859523] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-11 20:56:24,990 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [880277412] [2024-11-11 20:56:24,990 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:24,990 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-11 20:56:24,991 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:24,993 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-11 20:56:24,994 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-11 20:56:25,118 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,120 INFO L256 TraceCheckSpWp]: Trace formula consists of 557 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-11 20:56:25,125 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-11 20:56:25,289 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 147 proven. 4 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2024-11-11 20:56:25,289 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-11 20:56:25,727 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 81 proven. 39 refuted. 0 times theorem prover too weak. 83 trivial. 0 not checked. [2024-11-11 20:56:25,727 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [880277412] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-11 20:56:25,727 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-11 20:56:25,727 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 11] total 24 [2024-11-11 20:56:25,727 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1785960225] [2024-11-11 20:56:25,727 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-11 20:56:25,728 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2024-11-11 20:56:25,728 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:25,729 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2024-11-11 20:56:25,729 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=117, Invalid=435, Unknown=0, NotChecked=0, Total=552 [2024-11-11 20:56:25,729 INFO L87 Difference]: Start difference. First operand 766 states and 911 transitions. Second operand has 24 states, 24 states have (on average 10.0) internal successors, (240), 21 states have internal predecessors, (240), 10 states have call successors, (38), 9 states have call predecessors, (38), 11 states have return successors, (37), 11 states have call predecessors, (37), 10 states have call successors, (37) [2024-11-11 20:56:26,956 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:26,957 INFO L93 Difference]: Finished difference Result 1757 states and 2162 transitions. [2024-11-11 20:56:26,957 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2024-11-11 20:56:26,957 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 24 states have (on average 10.0) internal successors, (240), 21 states have internal predecessors, (240), 10 states have call successors, (38), 9 states have call predecessors, (38), 11 states have return successors, (37), 11 states have call predecessors, (37), 10 states have call successors, (37) Word has length 191 [2024-11-11 20:56:26,958 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:26,959 INFO L225 Difference]: With dead ends: 1757 [2024-11-11 20:56:26,960 INFO L226 Difference]: Without dead ends: 0 [2024-11-11 20:56:26,964 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 462 GetRequests, 411 SyntacticMatches, 3 SemanticMatches, 48 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 515 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=514, Invalid=1936, Unknown=0, NotChecked=0, Total=2450 [2024-11-11 20:56:26,964 INFO L435 NwaCegarLoop]: 107 mSDtfsCounter, 543 mSDsluCounter, 863 mSDsCounter, 0 mSdLazyCounter, 1505 mSolverCounterSat, 219 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 549 SdHoareTripleChecker+Valid, 970 SdHoareTripleChecker+Invalid, 1724 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 219 IncrementalHoareTripleChecker+Valid, 1505 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:26,965 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [549 Valid, 970 Invalid, 1724 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [219 Valid, 1505 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-11 20:56:26,965 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-11 20:56:26,965 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-11 20:56:26,966 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-11 20:56:26,966 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-11 20:56:26,967 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 191 [2024-11-11 20:56:26,967 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:26,967 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-11 20:56:26,967 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 24 states have (on average 10.0) internal successors, (240), 21 states have internal predecessors, (240), 10 states have call successors, (38), 9 states have call predecessors, (38), 11 states have return successors, (37), 11 states have call predecessors, (37), 10 states have call successors, (37) [2024-11-11 20:56:26,967 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-11 20:56:26,968 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-11 20:56:26,970 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-11 20:56:26,988 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-11 20:56:27,174 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-11 20:56:27,178 INFO L421 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:27,180 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-11 20:56:32,769 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-11 20:56:32,786 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 |old(~pumpRunning~0)|))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (<= ~waterLevel~0 1) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 1) .cse1 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-11 20:56:32,811 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (= 0 ~systemActive~0)) (.cse0 (= |old(~pumpRunning~0)| 0)) (.cse4 (<= |old(~waterLevel~0)| 1)) (.cse3 (= 1 ~systemActive~0)) (.cse5 (<= 1 |old(~pumpRunning~0)|)) (.cse2 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2) (and .cse3 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse4 .cse5) (and .cse0 .cse1 .cse4) (and .cse3 .cse0 .cse2) (and .cse3 .cse0 .cse4) (and .cse3 .cse5 .cse2)))) Eliminated clause: (let ((.cse5 (= 0 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and .cse3 .cse1 .cse5) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-11 20:56:32,851 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) (<= ~waterLevel~0 2)) (and (<= ~waterLevel~0 1) .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) .cse0 (<= ~waterLevel~0 2)) (and (<= 1 ~pumpRunning~0) (<= ~waterLevel~0 1) .cse0 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-11 20:56:32,864 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse1 (= 0 ~systemActive~0)) (.cse2 (= |old(~waterLevel~0)| 2)) (.cse0 (= ~pumpRunning~0 0)) (.cse5 (<= 1 ~pumpRunning~0)) (.cse3 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 1))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse3 .cse2) (and .cse0 .cse1 .cse4) (and .cse5 .cse3 .cse2) (and .cse0 .cse3 .cse4) (and .cse5 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse5 (= 0 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and .cse3 .cse1 .cse5) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-11 20:56:32,879 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) (<= ~waterLevel~0 2)) (and (<= ~waterLevel~0 1) .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) .cse0 (<= ~waterLevel~0 2)) (and (<= 1 ~pumpRunning~0) (<= ~waterLevel~0 1) .cse0 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-11 20:56:32,893 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.11 08:56:32 BoogieIcfgContainer [2024-11-11 20:56:32,894 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-11 20:56:32,895 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-11 20:56:32,895 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-11 20:56:32,895 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-11 20:56:32,896 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:17" (3/4) ... [2024-11-11 20:56:32,898 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-11 20:56:32,902 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-11 20:56:32,902 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-11 20:56:32,902 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-11 20:56:32,902 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-11 20:56:32,902 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-11 20:56:32,903 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:32,903 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-11 20:56:32,903 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-11 20:56:32,903 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-11 20:56:32,910 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-11 20:56:32,910 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-11 20:56:32,911 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-11 20:56:32,911 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:32,912 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:33,039 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-11 20:56:33,039 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-11 20:56:33,039 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-11 20:56:33,040 INFO L158 Benchmark]: Toolchain (without parser) took 16840.62ms. Allocated memory was 172.0MB in the beginning and 297.8MB in the end (delta: 125.8MB). Free memory was 114.8MB in the beginning and 170.5MB in the end (delta: -55.7MB). Peak memory consumption was 71.8MB. Max. memory is 16.1GB. [2024-11-11 20:56:33,040 INFO L158 Benchmark]: CDTParser took 0.27ms. Allocated memory is still 172.0MB. Free memory is still 134.6MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-11 20:56:33,040 INFO L158 Benchmark]: CACSL2BoogieTranslator took 495.33ms. Allocated memory is still 172.0MB. Free memory was 114.8MB in the beginning and 92.4MB in the end (delta: 22.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-11 20:56:33,041 INFO L158 Benchmark]: Boogie Procedure Inliner took 57.51ms. Allocated memory is still 172.0MB. Free memory was 92.4MB in the beginning and 90.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-11 20:56:33,041 INFO L158 Benchmark]: Boogie Preprocessor took 62.31ms. Allocated memory is still 172.0MB. Free memory was 90.4MB in the beginning and 87.5MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-11 20:56:33,041 INFO L158 Benchmark]: RCFGBuilder took 584.87ms. Allocated memory is still 172.0MB. Free memory was 87.5MB in the beginning and 66.6MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-11 20:56:33,041 INFO L158 Benchmark]: TraceAbstraction took 15488.73ms. Allocated memory was 172.0MB in the beginning and 297.8MB in the end (delta: 125.8MB). Free memory was 65.9MB in the beginning and 180.0MB in the end (delta: -114.1MB). Peak memory consumption was 107.5MB. Max. memory is 16.1GB. [2024-11-11 20:56:33,041 INFO L158 Benchmark]: Witness Printer took 144.62ms. Allocated memory is still 297.8MB. Free memory was 179.0MB in the beginning and 170.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-11 20:56:33,046 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.27ms. Allocated memory is still 172.0MB. Free memory is still 134.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 495.33ms. Allocated memory is still 172.0MB. Free memory was 114.8MB in the beginning and 92.4MB in the end (delta: 22.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 57.51ms. Allocated memory is still 172.0MB. Free memory was 92.4MB in the beginning and 90.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 62.31ms. Allocated memory is still 172.0MB. Free memory was 90.4MB in the beginning and 87.5MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 584.87ms. Allocated memory is still 172.0MB. Free memory was 87.5MB in the beginning and 66.6MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 15488.73ms. Allocated memory was 172.0MB in the beginning and 297.8MB in the end (delta: 125.8MB). Free memory was 65.9MB in the beginning and 180.0MB in the end (delta: -114.1MB). Peak memory consumption was 107.5MB. Max. memory is 16.1GB. * Witness Printer took 144.62ms. Allocated memory is still 297.8MB. Free memory was 179.0MB in the beginning and 170.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [160] - GenericResultAtLocation [Line: 418]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [418] - GenericResultAtLocation [Line: 488]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [488] - GenericResultAtLocation [Line: 526]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [526] - GenericResultAtLocation [Line: 535]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [535] - GenericResultAtLocation [Line: 584]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [584] - GenericResultAtLocation [Line: 950]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [950] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 531]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 110 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 9.7s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 5.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2599 SdHoareTripleChecker+Valid, 3.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2545 mSDsluCounter, 5555 SdHoareTripleChecker+Invalid, 2.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4214 mSDsCounter, 794 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3994 IncrementalHoareTripleChecker+Invalid, 4788 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 794 mSolverCounterUnsat, 1341 mSDtfsCounter, 3994 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 928 GetRequests, 754 SyntacticMatches, 7 SemanticMatches, 167 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1633 ImplicationChecksByTransitivity, 1.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=982occurred in iteration=8, InterpolantAutomatonStates: 148, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 11 MinimizatonAttempts, 345 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.9s InterpolantComputationTime, 1071 NumberOfCodeBlocks, 1071 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1358 ConstructedInterpolants, 0 QuantifiedInterpolants, 2739 SizeOfPredicates, 2 NumberOfNonLiveVariables, 915 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 653/775 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 429]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 430]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 == systemActive)) || (((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (splverifierCounter == 0)) && (0 == systemActive))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 962]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 293]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: (((pumpRunning == 0) && ((((2 == waterLevel) && (1 == systemActive)) && (1 <= \old(pumpRunning))) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 200]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && ((((((waterLevel == \old(waterLevel)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 952]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 173]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((((\old(pumpRunning) == 0) && (\old(waterLevel) <= 1)) || ((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) == 2))) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 1)) && (1 <= \old(pumpRunning)))) && (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (\old(pumpRunning) != 0)) || (\old(waterLevel) != 2)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (((((pumpRunning == \old(pumpRunning)) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS)))) && ((((\old(waterLevel) != 1) || ((((pumpRunning == \old(pumpRunning)) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1))) && (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && ((((1 < \old(waterLevel)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (0 == systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 208]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 1))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS))) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((long long) \old(waterLevel) + 1) == waterLevel) || (\old(waterLevel) == waterLevel))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 234]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 312]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((waterLevel <= 2) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (pumpRunning == \result)) && ((\result == 0) || (0 != systemActive))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-11 20:56:33,080 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE