./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8be7027f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash aba011a2dee79947f4cca7910fc4583b21e1f3cb9acd1affa050aa7677352666 --- Real Ultimate output --- This is Ultimate 0.2.5-wip.dk.perfect-tracechecks-8be7027-m [2024-11-11 20:56:15,897 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-11 20:56:15,965 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-11 20:56:15,970 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-11 20:56:15,971 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-11 20:56:15,998 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-11 20:56:16,000 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-11 20:56:16,000 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-11 20:56:16,001 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-11 20:56:16,002 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-11 20:56:16,003 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-11 20:56:16,003 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-11 20:56:16,004 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-11 20:56:16,004 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-11 20:56:16,005 INFO L153 SettingsManager]: * Use SBE=true [2024-11-11 20:56:16,008 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-11 20:56:16,008 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-11 20:56:16,008 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-11 20:56:16,009 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-11 20:56:16,009 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-11 20:56:16,009 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-11 20:56:16,010 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-11 20:56:16,010 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-11 20:56:16,010 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-11 20:56:16,010 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-11 20:56:16,010 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-11 20:56:16,011 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-11 20:56:16,011 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-11 20:56:16,011 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-11 20:56:16,011 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-11 20:56:16,011 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-11 20:56:16,012 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-11 20:56:16,012 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:56:16,012 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-11 20:56:16,012 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-11 20:56:16,013 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-11 20:56:16,013 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-11 20:56:16,014 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-11 20:56:16,014 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-11 20:56:16,014 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-11 20:56:16,015 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-11 20:56:16,015 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-11 20:56:16,015 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> aba011a2dee79947f4cca7910fc4583b21e1f3cb9acd1affa050aa7677352666 [2024-11-11 20:56:16,280 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-11 20:56:16,306 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-11 20:56:16,309 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-11 20:56:16,313 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-11 20:56:16,314 INFO L274 PluginConnector]: CDTParser initialized [2024-11-11 20:56:16,315 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c [2024-11-11 20:56:17,732 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-11 20:56:17,958 INFO L384 CDTParser]: Found 1 translation units. [2024-11-11 20:56:17,958 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c [2024-11-11 20:56:17,978 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7863be89e/9d42dbd28118451d9b845e07f50f2b76/FLAGf92d47b52 [2024-11-11 20:56:17,990 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7863be89e/9d42dbd28118451d9b845e07f50f2b76 [2024-11-11 20:56:17,993 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-11 20:56:17,994 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-11 20:56:17,996 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-11 20:56:17,996 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-11 20:56:18,001 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-11 20:56:18,002 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:56:17" (1/1) ... [2024-11-11 20:56:18,005 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4fe3624f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18, skipping insertion in model container [2024-11-11 20:56:18,005 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:56:17" (1/1) ... [2024-11-11 20:56:18,071 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-11 20:56:18,275 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c[1605,1618] [2024-11-11 20:56:18,409 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:56:18,425 INFO L200 MainTranslator]: Completed pre-run [2024-11-11 20:56:18,434 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-11-11 20:56:18,436 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] [2024-11-11 20:56:18,436 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [96] [2024-11-11 20:56:18,436 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [199] [2024-11-11 20:56:18,437 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [308] [2024-11-11 20:56:18,437 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [674] [2024-11-11 20:56:18,437 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [724] [2024-11-11 20:56:18,438 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [789] [2024-11-11 20:56:18,443 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c[1605,1618] [2024-11-11 20:56:18,518 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:56:18,547 INFO L204 MainTranslator]: Completed translation [2024-11-11 20:56:18,548 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18 WrapperNode [2024-11-11 20:56:18,548 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-11 20:56:18,549 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-11 20:56:18,549 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-11 20:56:18,549 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-11 20:56:18,556 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,571 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,611 INFO L138 Inliner]: procedures = 58, calls = 103, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 232 [2024-11-11 20:56:18,612 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-11 20:56:18,612 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-11 20:56:18,613 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-11 20:56:18,613 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-11 20:56:18,623 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,624 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,627 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,658 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-11 20:56:18,661 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,661 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,665 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,673 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,676 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,677 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,682 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-11 20:56:18,685 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-11 20:56:18,685 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-11 20:56:18,685 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-11 20:56:18,686 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (1/1) ... [2024-11-11 20:56:18,692 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:56:18,703 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:18,719 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-11 20:56:18,722 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-11 20:56:18,777 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-11 20:56:18,778 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-11 20:56:18,778 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-11 20:56:18,778 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-11 20:56:18,778 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-11 20:56:18,778 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-11 20:56:18,778 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-11 20:56:18,779 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:18,779 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:18,779 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-11 20:56:18,780 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-11 20:56:18,780 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-11 20:56:18,780 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-11 20:56:18,781 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-11 20:56:18,781 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-11 20:56:18,781 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-11 20:56:18,781 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-11 20:56:18,781 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-11 20:56:18,855 INFO L238 CfgBuilder]: Building ICFG [2024-11-11 20:56:18,857 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-11 20:56:19,175 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-11 20:56:19,176 INFO L287 CfgBuilder]: Performing block encoding [2024-11-11 20:56:19,196 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-11 20:56:19,197 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-11 20:56:19,197 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:19 BoogieIcfgContainer [2024-11-11 20:56:19,197 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-11 20:56:19,200 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-11 20:56:19,200 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-11 20:56:19,203 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-11 20:56:19,203 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.11 08:56:17" (1/3) ... [2024-11-11 20:56:19,204 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@70e2d220 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:56:19, skipping insertion in model container [2024-11-11 20:56:19,205 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:18" (2/3) ... [2024-11-11 20:56:19,205 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@70e2d220 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:56:19, skipping insertion in model container [2024-11-11 20:56:19,205 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:19" (3/3) ... [2024-11-11 20:56:19,208 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product57.cil.c [2024-11-11 20:56:19,225 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-11 20:56:19,225 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-11 20:56:19,299 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-11 20:56:19,310 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@36eede9b, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-11 20:56:19,310 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-11 20:56:19,315 INFO L276 IsEmpty]: Start isEmpty. Operand has 96 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 83 states have internal predecessors, (103), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-11 20:56:19,325 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-11 20:56:19,326 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:19,327 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:19,328 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:19,334 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:19,334 INFO L85 PathProgramCache]: Analyzing trace with hash 1773170943, now seen corresponding path program 1 times [2024-11-11 20:56:19,344 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:19,344 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [88454709] [2024-11-11 20:56:19,345 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:19,345 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:19,464 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,526 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-11 20:56:19,529 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,534 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-11 20:56:19,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,540 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:19,541 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:19,541 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [88454709] [2024-11-11 20:56:19,542 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [88454709] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:19,542 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:19,543 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-11 20:56:19,544 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2024466659] [2024-11-11 20:56:19,545 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:19,550 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-11 20:56:19,551 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:19,572 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-11 20:56:19,572 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:56:19,574 INFO L87 Difference]: Start difference. First operand has 96 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 83 states have internal predecessors, (103), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:19,603 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:19,603 INFO L93 Difference]: Finished difference Result 183 states and 248 transitions. [2024-11-11 20:56:19,605 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-11 20:56:19,606 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-11 20:56:19,607 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:19,618 INFO L225 Difference]: With dead ends: 183 [2024-11-11 20:56:19,618 INFO L226 Difference]: Without dead ends: 87 [2024-11-11 20:56:19,621 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:56:19,625 INFO L435 NwaCegarLoop]: 121 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 121 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:19,626 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:19,640 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2024-11-11 20:56:19,658 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 87. [2024-11-11 20:56:19,659 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 68 states have (on average 1.3088235294117647) internal successors, (89), 75 states have internal predecessors, (89), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-11 20:56:19,661 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 112 transitions. [2024-11-11 20:56:19,663 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 112 transitions. Word has length 32 [2024-11-11 20:56:19,664 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:19,664 INFO L471 AbstractCegarLoop]: Abstraction has 87 states and 112 transitions. [2024-11-11 20:56:19,664 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:19,664 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 112 transitions. [2024-11-11 20:56:19,667 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-11 20:56:19,667 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:19,667 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:19,667 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-11 20:56:19,668 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:19,669 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:19,669 INFO L85 PathProgramCache]: Analyzing trace with hash -1531656934, now seen corresponding path program 1 times [2024-11-11 20:56:19,669 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:19,670 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [150844857] [2024-11-11 20:56:19,670 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:19,670 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:19,693 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,781 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-11 20:56:19,784 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,791 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-11 20:56:19,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,798 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:19,798 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:19,798 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [150844857] [2024-11-11 20:56:19,799 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [150844857] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:19,799 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:19,799 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:19,799 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1701500418] [2024-11-11 20:56:19,799 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:19,803 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:19,803 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:19,804 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:19,804 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:19,804 INFO L87 Difference]: Start difference. First operand 87 states and 112 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:19,827 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:19,827 INFO L93 Difference]: Finished difference Result 139 states and 179 transitions. [2024-11-11 20:56:19,831 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:19,832 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-11 20:56:19,832 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:19,833 INFO L225 Difference]: With dead ends: 139 [2024-11-11 20:56:19,834 INFO L226 Difference]: Without dead ends: 78 [2024-11-11 20:56:19,835 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:19,837 INFO L435 NwaCegarLoop]: 99 mSDtfsCounter, 12 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 182 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:19,838 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 182 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:19,841 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2024-11-11 20:56:19,851 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 78. [2024-11-11 20:56:19,852 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 62 states have (on average 1.3225806451612903) internal successors, (82), 69 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-11 20:56:19,853 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 100 transitions. [2024-11-11 20:56:19,855 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 100 transitions. Word has length 33 [2024-11-11 20:56:19,855 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:19,856 INFO L471 AbstractCegarLoop]: Abstraction has 78 states and 100 transitions. [2024-11-11 20:56:19,856 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:19,856 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 100 transitions. [2024-11-11 20:56:19,857 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-11-11 20:56:19,857 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:19,857 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:19,857 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-11 20:56:19,858 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:19,860 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:19,861 INFO L85 PathProgramCache]: Analyzing trace with hash 840710854, now seen corresponding path program 1 times [2024-11-11 20:56:19,861 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:19,861 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1079032346] [2024-11-11 20:56:19,862 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:19,862 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:19,887 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,984 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-11 20:56:19,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:19,992 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-11 20:56:19,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,005 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:20,006 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:20,008 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1079032346] [2024-11-11 20:56:20,008 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1079032346] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:20,008 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:20,009 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:20,009 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1020923127] [2024-11-11 20:56:20,009 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:20,009 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:20,010 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:20,010 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:20,012 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:20,013 INFO L87 Difference]: Start difference. First operand 78 states and 100 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:20,041 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:20,042 INFO L93 Difference]: Finished difference Result 148 states and 193 transitions. [2024-11-11 20:56:20,042 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:20,042 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2024-11-11 20:56:20,043 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:20,044 INFO L225 Difference]: With dead ends: 148 [2024-11-11 20:56:20,044 INFO L226 Difference]: Without dead ends: 78 [2024-11-11 20:56:20,063 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:20,064 INFO L435 NwaCegarLoop]: 98 mSDtfsCounter, 77 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 98 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:20,064 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [77 Valid, 98 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:20,065 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2024-11-11 20:56:20,075 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 78. [2024-11-11 20:56:20,076 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 62 states have (on average 1.3064516129032258) internal successors, (81), 69 states have internal predecessors, (81), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-11 20:56:20,077 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 99 transitions. [2024-11-11 20:56:20,077 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 99 transitions. Word has length 37 [2024-11-11 20:56:20,079 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:20,079 INFO L471 AbstractCegarLoop]: Abstraction has 78 states and 99 transitions. [2024-11-11 20:56:20,079 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:20,079 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 99 transitions. [2024-11-11 20:56:20,081 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-11-11 20:56:20,081 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:20,081 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:20,081 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-11 20:56:20,081 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:20,082 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:20,082 INFO L85 PathProgramCache]: Analyzing trace with hash 244336530, now seen corresponding path program 1 times [2024-11-11 20:56:20,082 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:20,082 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1361709080] [2024-11-11 20:56:20,082 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:20,082 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:20,099 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,151 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-11 20:56:20,153 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,154 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-11-11 20:56:20,157 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,162 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:20,163 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:20,163 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1361709080] [2024-11-11 20:56:20,163 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1361709080] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:20,163 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:20,163 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:20,164 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1378822818] [2024-11-11 20:56:20,164 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:20,164 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:20,165 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:20,165 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:20,165 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:20,166 INFO L87 Difference]: Start difference. First operand 78 states and 99 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:20,227 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:20,227 INFO L93 Difference]: Finished difference Result 196 states and 255 transitions. [2024-11-11 20:56:20,230 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:20,230 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 45 [2024-11-11 20:56:20,230 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:20,232 INFO L225 Difference]: With dead ends: 196 [2024-11-11 20:56:20,232 INFO L226 Difference]: Without dead ends: 126 [2024-11-11 20:56:20,233 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:20,234 INFO L435 NwaCegarLoop]: 103 mSDtfsCounter, 79 mSDsluCounter, 66 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 169 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:20,234 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 169 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:20,235 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2024-11-11 20:56:20,249 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 124. [2024-11-11 20:56:20,250 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 97 states have (on average 1.288659793814433) internal successors, (125), 105 states have internal predecessors, (125), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-11-11 20:56:20,251 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 157 transitions. [2024-11-11 20:56:20,251 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 157 transitions. Word has length 45 [2024-11-11 20:56:20,252 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:20,252 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 157 transitions. [2024-11-11 20:56:20,252 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:20,252 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 157 transitions. [2024-11-11 20:56:20,254 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-11 20:56:20,254 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:20,254 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:20,254 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-11 20:56:20,254 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:20,255 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:20,255 INFO L85 PathProgramCache]: Analyzing trace with hash 816783697, now seen corresponding path program 1 times [2024-11-11 20:56:20,255 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:20,255 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1705524015] [2024-11-11 20:56:20,256 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:20,256 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:20,272 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,393 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-11 20:56:20,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,405 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-11 20:56:20,410 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,430 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-11 20:56:20,432 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,434 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-11 20:56:20,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,458 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-11 20:56:20,459 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:20,459 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1705524015] [2024-11-11 20:56:20,459 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1705524015] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:20,459 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:20,460 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-11 20:56:20,461 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1734913933] [2024-11-11 20:56:20,461 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:20,461 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-11 20:56:20,461 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:20,462 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-11 20:56:20,463 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:20,463 INFO L87 Difference]: Start difference. First operand 124 states and 157 transitions. Second operand has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-11 20:56:20,767 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:20,768 INFO L93 Difference]: Finished difference Result 264 states and 337 transitions. [2024-11-11 20:56:20,768 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-11 20:56:20,768 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 53 [2024-11-11 20:56:20,769 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:20,770 INFO L225 Difference]: With dead ends: 264 [2024-11-11 20:56:20,770 INFO L226 Difference]: Without dead ends: 148 [2024-11-11 20:56:20,771 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-11 20:56:20,773 INFO L435 NwaCegarLoop]: 80 mSDtfsCounter, 139 mSDsluCounter, 323 mSDsCounter, 0 mSdLazyCounter, 167 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 145 SdHoareTripleChecker+Valid, 403 SdHoareTripleChecker+Invalid, 196 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 167 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:20,774 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [145 Valid, 403 Invalid, 196 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 167 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-11 20:56:20,779 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 148 states. [2024-11-11 20:56:20,793 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 148 to 146. [2024-11-11 20:56:20,794 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 146 states, 114 states have (on average 1.263157894736842) internal successors, (144), 122 states have internal predecessors, (144), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-11 20:56:20,795 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 146 states to 146 states and 183 transitions. [2024-11-11 20:56:20,799 INFO L78 Accepts]: Start accepts. Automaton has 146 states and 183 transitions. Word has length 53 [2024-11-11 20:56:20,799 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:20,800 INFO L471 AbstractCegarLoop]: Abstraction has 146 states and 183 transitions. [2024-11-11 20:56:20,800 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-11 20:56:20,800 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 183 transitions. [2024-11-11 20:56:20,801 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-11 20:56:20,801 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:20,802 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:20,802 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-11 20:56:20,802 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:20,803 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:20,803 INFO L85 PathProgramCache]: Analyzing trace with hash 1305099847, now seen corresponding path program 1 times [2024-11-11 20:56:20,803 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:20,803 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [656800909] [2024-11-11 20:56:20,803 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:20,804 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:20,818 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,862 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-11 20:56:20,864 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,868 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-11 20:56:20,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,913 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-11 20:56:20,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:20,916 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:20,917 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:20,917 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [656800909] [2024-11-11 20:56:20,917 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [656800909] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:20,917 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:20,917 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:56:20,917 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1829620233] [2024-11-11 20:56:20,918 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:20,918 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:56:20,918 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:20,919 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:56:20,919 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:56:20,919 INFO L87 Difference]: Start difference. First operand 146 states and 183 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:21,077 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:21,077 INFO L93 Difference]: Finished difference Result 289 states and 371 transitions. [2024-11-11 20:56:21,078 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-11 20:56:21,078 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-11 20:56:21,079 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:21,082 INFO L225 Difference]: With dead ends: 289 [2024-11-11 20:56:21,082 INFO L226 Difference]: Without dead ends: 151 [2024-11-11 20:56:21,083 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:56:21,084 INFO L435 NwaCegarLoop]: 82 mSDtfsCounter, 59 mSDsluCounter, 270 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 63 SdHoareTripleChecker+Valid, 352 SdHoareTripleChecker+Invalid, 128 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:21,085 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [63 Valid, 352 Invalid, 128 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:21,085 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 151 states. [2024-11-11 20:56:21,104 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 151 to 149. [2024-11-11 20:56:21,105 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 117 states have (on average 1.2564102564102564) internal successors, (147), 125 states have internal predecessors, (147), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-11 20:56:21,106 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 186 transitions. [2024-11-11 20:56:21,106 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 186 transitions. Word has length 55 [2024-11-11 20:56:21,107 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:21,107 INFO L471 AbstractCegarLoop]: Abstraction has 149 states and 186 transitions. [2024-11-11 20:56:21,107 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:21,108 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 186 transitions. [2024-11-11 20:56:21,109 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-11 20:56:21,109 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:21,109 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:21,110 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-11 20:56:21,110 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:21,112 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:21,112 INFO L85 PathProgramCache]: Analyzing trace with hash -500338487, now seen corresponding path program 1 times [2024-11-11 20:56:21,112 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:21,113 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [3445477] [2024-11-11 20:56:21,113 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:21,113 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:21,140 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,215 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-11 20:56:21,217 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,222 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-11 20:56:21,228 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,271 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-11 20:56:21,277 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,279 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:21,280 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:21,280 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [3445477] [2024-11-11 20:56:21,280 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [3445477] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:21,280 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:21,281 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-11 20:56:21,281 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [677627647] [2024-11-11 20:56:21,281 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:21,282 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-11 20:56:21,282 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:21,283 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-11 20:56:21,283 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:56:21,283 INFO L87 Difference]: Start difference. First operand 149 states and 186 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:21,406 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:21,406 INFO L93 Difference]: Finished difference Result 294 states and 376 transitions. [2024-11-11 20:56:21,407 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-11 20:56:21,407 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-11 20:56:21,408 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:21,409 INFO L225 Difference]: With dead ends: 294 [2024-11-11 20:56:21,409 INFO L226 Difference]: Without dead ends: 153 [2024-11-11 20:56:21,410 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:21,411 INFO L435 NwaCegarLoop]: 83 mSDtfsCounter, 58 mSDsluCounter, 193 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 276 SdHoareTripleChecker+Invalid, 98 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:21,412 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 276 Invalid, 98 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:21,412 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2024-11-11 20:56:21,426 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 151. [2024-11-11 20:56:21,427 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-11 20:56:21,428 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2024-11-11 20:56:21,429 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 55 [2024-11-11 20:56:21,429 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:21,429 INFO L471 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2024-11-11 20:56:21,429 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:21,430 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2024-11-11 20:56:21,431 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-11 20:56:21,431 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:21,431 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:21,431 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-11 20:56:21,432 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:21,432 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:21,432 INFO L85 PathProgramCache]: Analyzing trace with hash -359789877, now seen corresponding path program 1 times [2024-11-11 20:56:21,433 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:21,433 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1082503378] [2024-11-11 20:56:21,433 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:21,433 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:21,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,501 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-11 20:56:21,503 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,513 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-11 20:56:21,517 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,535 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-11 20:56:21,536 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:21,539 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:21,539 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:21,540 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1082503378] [2024-11-11 20:56:21,543 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1082503378] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:21,543 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:21,543 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-11 20:56:21,543 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1008999744] [2024-11-11 20:56:21,543 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:21,544 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-11 20:56:21,544 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:21,544 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-11 20:56:21,545 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:56:21,545 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:21,759 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:21,759 INFO L93 Difference]: Finished difference Result 423 states and 549 transitions. [2024-11-11 20:56:21,760 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:56:21,760 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-11 20:56:21,761 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:21,764 INFO L225 Difference]: With dead ends: 423 [2024-11-11 20:56:21,766 INFO L226 Difference]: Without dead ends: 280 [2024-11-11 20:56:21,766 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:21,767 INFO L435 NwaCegarLoop]: 123 mSDtfsCounter, 214 mSDsluCounter, 166 mSDsCounter, 0 mSdLazyCounter, 127 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 221 SdHoareTripleChecker+Valid, 289 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 127 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:21,767 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [221 Valid, 289 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 127 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-11 20:56:21,770 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 280 states. [2024-11-11 20:56:21,799 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 280 to 278. [2024-11-11 20:56:21,800 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 278 states, 214 states have (on average 1.2242990654205608) internal successors, (262), 226 states have internal predecessors, (262), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-11-11 20:56:21,803 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 278 states to 278 states and 349 transitions. [2024-11-11 20:56:21,803 INFO L78 Accepts]: Start accepts. Automaton has 278 states and 349 transitions. Word has length 55 [2024-11-11 20:56:21,804 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:21,804 INFO L471 AbstractCegarLoop]: Abstraction has 278 states and 349 transitions. [2024-11-11 20:56:21,805 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:21,805 INFO L276 IsEmpty]: Start isEmpty. Operand 278 states and 349 transitions. [2024-11-11 20:56:21,806 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-11 20:56:21,808 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:21,808 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:21,808 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-11 20:56:21,808 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:21,809 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:21,809 INFO L85 PathProgramCache]: Analyzing trace with hash 1504091825, now seen corresponding path program 1 times [2024-11-11 20:56:21,809 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:21,809 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [630420874] [2024-11-11 20:56:21,810 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:21,810 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:21,823 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,019 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:22,021 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,026 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-11 20:56:22,027 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,039 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-11 20:56:22,043 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,065 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2024-11-11 20:56:22,066 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,067 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:22,069 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:22,069 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [630420874] [2024-11-11 20:56:22,070 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [630420874] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:22,070 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:22,070 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-11 20:56:22,070 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [180319562] [2024-11-11 20:56:22,070 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:22,070 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-11 20:56:22,070 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:22,071 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-11 20:56:22,071 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-11 20:56:22,072 INFO L87 Difference]: Start difference. First operand 278 states and 349 transitions. Second operand has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:22,676 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:22,676 INFO L93 Difference]: Finished difference Result 724 states and 957 transitions. [2024-11-11 20:56:22,676 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-11 20:56:22,677 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 59 [2024-11-11 20:56:22,677 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:22,681 INFO L225 Difference]: With dead ends: 724 [2024-11-11 20:56:22,681 INFO L226 Difference]: Without dead ends: 504 [2024-11-11 20:56:22,682 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 130 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=163, Invalid=487, Unknown=0, NotChecked=0, Total=650 [2024-11-11 20:56:22,683 INFO L435 NwaCegarLoop]: 100 mSDtfsCounter, 465 mSDsluCounter, 490 mSDsCounter, 0 mSdLazyCounter, 472 mSolverCounterSat, 131 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 470 SdHoareTripleChecker+Valid, 590 SdHoareTripleChecker+Invalid, 603 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 131 IncrementalHoareTripleChecker+Valid, 472 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:22,683 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [470 Valid, 590 Invalid, 603 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [131 Valid, 472 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-11 20:56:22,684 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 504 states. [2024-11-11 20:56:22,730 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 504 to 433. [2024-11-11 20:56:22,732 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 433 states, 335 states have (on average 1.2119402985074628) internal successors, (406), 356 states have internal predecessors, (406), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-11-11 20:56:22,735 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 433 states to 433 states and 540 transitions. [2024-11-11 20:56:22,736 INFO L78 Accepts]: Start accepts. Automaton has 433 states and 540 transitions. Word has length 59 [2024-11-11 20:56:22,736 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:22,737 INFO L471 AbstractCegarLoop]: Abstraction has 433 states and 540 transitions. [2024-11-11 20:56:22,737 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:22,737 INFO L276 IsEmpty]: Start isEmpty. Operand 433 states and 540 transitions. [2024-11-11 20:56:22,738 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 101 [2024-11-11 20:56:22,739 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:22,739 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:22,740 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-11 20:56:22,740 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:22,740 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:22,740 INFO L85 PathProgramCache]: Analyzing trace with hash -808581914, now seen corresponding path program 1 times [2024-11-11 20:56:22,741 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:22,741 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1253658343] [2024-11-11 20:56:22,741 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:22,741 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:22,760 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,902 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:22,904 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,919 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-11 20:56:22,929 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,957 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:22,958 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,970 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-11 20:56:22,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,980 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-11-11 20:56:22,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,993 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2024-11-11 20:56:22,994 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,996 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:22,997 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:22,997 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 92 [2024-11-11 20:56:22,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:23,000 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 8 proven. 18 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-11 20:56:23,001 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:23,001 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1253658343] [2024-11-11 20:56:23,001 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1253658343] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-11 20:56:23,001 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [874161391] [2024-11-11 20:56:23,001 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:23,001 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-11 20:56:23,002 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:23,003 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-11 20:56:23,005 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-11 20:56:23,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:23,116 INFO L256 TraceCheckSpWp]: Trace formula consists of 334 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-11 20:56:23,134 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-11 20:56:23,324 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:56:23,324 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-11 20:56:23,497 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-11 20:56:23,498 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [874161391] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-11 20:56:23,498 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-11 20:56:23,498 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-11 20:56:23,498 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [530940035] [2024-11-11 20:56:23,498 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-11 20:56:23,499 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-11 20:56:23,499 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:23,499 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-11 20:56:23,500 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-11-11 20:56:23,500 INFO L87 Difference]: Start difference. First operand 433 states and 540 transitions. Second operand has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-11-11 20:56:24,406 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:24,407 INFO L93 Difference]: Finished difference Result 889 states and 1136 transitions. [2024-11-11 20:56:24,408 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-11-11 20:56:24,408 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) Word has length 100 [2024-11-11 20:56:24,408 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:24,410 INFO L225 Difference]: With dead ends: 889 [2024-11-11 20:56:24,410 INFO L226 Difference]: Without dead ends: 0 [2024-11-11 20:56:24,413 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 259 GetRequests, 218 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 339 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=342, Invalid=1140, Unknown=0, NotChecked=0, Total=1482 [2024-11-11 20:56:24,414 INFO L435 NwaCegarLoop]: 160 mSDtfsCounter, 433 mSDsluCounter, 811 mSDsCounter, 0 mSdLazyCounter, 768 mSolverCounterSat, 143 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 436 SdHoareTripleChecker+Valid, 971 SdHoareTripleChecker+Invalid, 911 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 143 IncrementalHoareTripleChecker+Valid, 768 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:24,414 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [436 Valid, 971 Invalid, 911 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [143 Valid, 768 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-11 20:56:24,414 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-11 20:56:24,414 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-11 20:56:24,415 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-11 20:56:24,415 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-11 20:56:24,416 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 100 [2024-11-11 20:56:24,416 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:24,416 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-11 20:56:24,416 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-11-11 20:56:24,416 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-11 20:56:24,417 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-11 20:56:24,419 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-11 20:56:24,437 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-11 20:56:24,623 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-11 20:56:24,626 INFO L421 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:24,628 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-11 20:56:27,510 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-11 20:56:27,553 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-11-11 20:56:27,574 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-11 20:56:27,584 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-11-11 20:56:27,599 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.11 08:56:27 BoogieIcfgContainer [2024-11-11 20:56:27,599 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-11 20:56:27,600 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-11 20:56:27,600 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-11 20:56:27,600 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-11 20:56:27,600 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:19" (3/4) ... [2024-11-11 20:56:27,603 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-11 20:56:27,606 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-11 20:56:27,607 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-11 20:56:27,607 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-11 20:56:27,607 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-11 20:56:27,607 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:27,607 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-11 20:56:27,607 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-11 20:56:27,613 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-11 20:56:27,614 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-11 20:56:27,614 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-11 20:56:27,614 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:27,615 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:27,738 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-11 20:56:27,739 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-11 20:56:27,739 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-11 20:56:27,740 INFO L158 Benchmark]: Toolchain (without parser) took 9745.61ms. Allocated memory was 174.1MB in the beginning and 268.4MB in the end (delta: 94.4MB). Free memory was 103.3MB in the beginning and 146.4MB in the end (delta: -43.1MB). Peak memory consumption was 52.9MB. Max. memory is 16.1GB. [2024-11-11 20:56:27,740 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 174.1MB. Free memory is still 133.2MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-11 20:56:27,740 INFO L158 Benchmark]: CACSL2BoogieTranslator took 552.52ms. Allocated memory is still 174.1MB. Free memory was 103.1MB in the beginning and 127.7MB in the end (delta: -24.5MB). Peak memory consumption was 5.7MB. Max. memory is 16.1GB. [2024-11-11 20:56:27,741 INFO L158 Benchmark]: Boogie Procedure Inliner took 63.07ms. Allocated memory is still 174.1MB. Free memory was 127.7MB in the beginning and 124.6MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-11 20:56:27,741 INFO L158 Benchmark]: Boogie Preprocessor took 71.01ms. Allocated memory is still 174.1MB. Free memory was 124.6MB in the beginning and 122.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-11 20:56:27,741 INFO L158 Benchmark]: RCFGBuilder took 512.57ms. Allocated memory is still 174.1MB. Free memory was 122.4MB in the beginning and 102.5MB in the end (delta: 20.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-11 20:56:27,741 INFO L158 Benchmark]: TraceAbstraction took 8399.18ms. Allocated memory was 174.1MB in the beginning and 268.4MB in the end (delta: 94.4MB). Free memory was 101.6MB in the beginning and 154.8MB in the end (delta: -53.2MB). Peak memory consumption was 118.4MB. Max. memory is 16.1GB. [2024-11-11 20:56:27,742 INFO L158 Benchmark]: Witness Printer took 139.75ms. Allocated memory is still 268.4MB. Free memory was 154.8MB in the beginning and 146.4MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-11 20:56:27,743 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 174.1MB. Free memory is still 133.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 552.52ms. Allocated memory is still 174.1MB. Free memory was 103.1MB in the beginning and 127.7MB in the end (delta: -24.5MB). Peak memory consumption was 5.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 63.07ms. Allocated memory is still 174.1MB. Free memory was 127.7MB in the beginning and 124.6MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 71.01ms. Allocated memory is still 174.1MB. Free memory was 124.6MB in the beginning and 122.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 512.57ms. Allocated memory is still 174.1MB. Free memory was 122.4MB in the beginning and 102.5MB in the end (delta: 20.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 8399.18ms. Allocated memory was 174.1MB in the beginning and 268.4MB in the end (delta: 94.4MB). Free memory was 101.6MB in the beginning and 154.8MB in the end (delta: -53.2MB). Peak memory consumption was 118.4MB. Max. memory is 16.1GB. * Witness Printer took 139.75ms. Allocated memory is still 268.4MB. Free memory was 154.8MB in the beginning and 146.4MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [96] - GenericResultAtLocation [Line: 199]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [199] - GenericResultAtLocation [Line: 308]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [308] - GenericResultAtLocation [Line: 674]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [674] - GenericResultAtLocation [Line: 724]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [724] - GenericResultAtLocation [Line: 789]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [789] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 96 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.4s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1568 SdHoareTripleChecker+Valid, 1.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1536 mSDsluCounter, 3451 SdHoareTripleChecker+Invalid, 1.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2402 mSDsCounter, 393 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1749 IncrementalHoareTripleChecker+Invalid, 2142 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 393 mSolverCounterUnsat, 1049 mSDtfsCounter, 1749 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 386 GetRequests, 289 SyntacticMatches, 4 SemanticMatches, 93 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 492 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=433occurred in iteration=9, InterpolantAutomatonStates: 88, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 81 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.7s InterpolantComputationTime, 624 NumberOfCodeBlocks, 624 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 712 ConstructedInterpolants, 0 QuantifiedInterpolants, 1375 SizeOfPredicates, 2 NumberOfNonLiveVariables, 334 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 91/126 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 735]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 734]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 822]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 232]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 795]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 99]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 830]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 220]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 926]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) && (((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-11 20:56:27,782 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE